Comment 19 for bug 1725351

We manually enable systemd-resolved.service on xenial. It's installed though it is not the default. Does that mean we are not going to get the fix for this?

I'm also not an expert on NSEC/DNSSEC. Is this something that any random app that uses DNS can be vulnerable too, or does it require a program to specifically be trying to invoke DNSSEC somehow?