2023-10-25 08:29:20 |
Bryce Harrington |
bug |
|
|
added bug |
2023-10-25 08:29:22 |
Bryce Harrington |
bind9 (Ubuntu): milestone |
|
ubuntu-24.02 |
|
2023-10-25 08:29:23 |
Bryce Harrington |
nominated for series |
|
Ubuntu Noble |
|
2023-10-25 08:29:25 |
Bryce Harrington |
bug task added |
|
bind9 (Ubuntu Noble) |
|
2023-10-25 08:29:26 |
Bryce Harrington |
bug |
|
|
added subscriber Canonical Server |
2024-02-21 16:24:09 |
Lena Voytek |
bind9 (Ubuntu Noble): assignee |
|
Lena Voytek (lvoytek) |
|
2024-04-09 20:42:18 |
Lena Voytek |
nominated for series |
|
Ubuntu Jammy |
|
2024-04-09 20:42:18 |
Lena Voytek |
bug task added |
|
bind9 (Ubuntu Jammy) |
|
2024-04-09 20:42:18 |
Lena Voytek |
nominated for series |
|
Ubuntu Mantic |
|
2024-04-09 20:42:18 |
Lena Voytek |
bug task added |
|
bind9 (Ubuntu Mantic) |
|
2024-04-09 20:42:25 |
Lena Voytek |
bind9 (Ubuntu Mantic): status |
New |
In Progress |
|
2024-04-09 20:42:30 |
Lena Voytek |
bind9 (Ubuntu Noble): status |
New |
In Progress |
|
2024-04-09 20:42:36 |
Lena Voytek |
bind9 (Ubuntu Jammy): status |
New |
In Progress |
|
2024-04-09 20:42:39 |
Lena Voytek |
bind9 (Ubuntu Noble): status |
In Progress |
Fix Released |
|
2024-04-09 20:43:17 |
Lena Voytek |
bind9 (Ubuntu Noble): milestone |
ubuntu-24.02 |
ubuntu-24.04 |
|
2024-04-09 20:43:22 |
Lena Voytek |
bind9 (Ubuntu Jammy): assignee |
|
Lena Voytek (lvoytek) |
|
2024-04-09 20:43:24 |
Lena Voytek |
bind9 (Ubuntu Mantic): assignee |
|
Lena Voytek (lvoytek) |
|
2024-04-09 20:56:57 |
Lena Voytek |
description |
Backport bind9 as MRE to noble once the update for noble has been completed.
<List exact versions being upgraded from and to for each release>
[Impact]
TBD
<List bug links to former cases of MREs for this package>[Major Changes]
TBD
[Test Plan]
<Link to wiki SRU page>TBD
[Regression Potential]
Upstream has an extensive build and integration test suite. So regressions would likely arise from a change in interaction with Ubuntu-specific integrations, such as in relation to the versions of dependencies available and other packaging-specific matters.
<Also, ...>
|
This bug tracks an update for the bind9 package, moving to versions:
* Mantic (23.10): bind9 9.18.24
* Jammy (22.04): bind9 9.18.24
These updates include bug fixes following the SRU policy exception defined at https://wiki.ubuntu.com/Bind9Updates.
[Upstream changes]
[Test Plan]
DEP-8 Tests:
simpletest - Confirms bind9 daemon starts successfully and dig can find 127.0.0.1 through the default setup of bind9
zonetest - Added in this update, currently in lunar. Confirms the functionality of named and bind9 by creating a local DNS zone and domain, and having dig look it up
validation - This test is provided by Debian and consistently fails both before and after the update due to several issues. It is marked as flaky, and does not block autopkgtest passing overall
[Regression Potential]
Upstream has an extensive build and integration test suite. So regressions would likely arise from a change in interaction with Ubuntu-specific integrations. Alternatively, regressions may arise for users due to behavior changes from the many bug fixes and minor feature updates.
In Focal, there were major changes in how documentation is handled too, requiring packaging updates to handle it. So regressions could arise here too. |
|
2024-04-11 21:33:25 |
Lena Voytek |
description |
This bug tracks an update for the bind9 package, moving to versions:
* Mantic (23.10): bind9 9.18.24
* Jammy (22.04): bind9 9.18.24
These updates include bug fixes following the SRU policy exception defined at https://wiki.ubuntu.com/Bind9Updates.
[Upstream changes]
[Test Plan]
DEP-8 Tests:
simpletest - Confirms bind9 daemon starts successfully and dig can find 127.0.0.1 through the default setup of bind9
zonetest - Added in this update, currently in lunar. Confirms the functionality of named and bind9 by creating a local DNS zone and domain, and having dig look it up
validation - This test is provided by Debian and consistently fails both before and after the update due to several issues. It is marked as flaky, and does not block autopkgtest passing overall
[Regression Potential]
Upstream has an extensive build and integration test suite. So regressions would likely arise from a change in interaction with Ubuntu-specific integrations. Alternatively, regressions may arise for users due to behavior changes from the many bug fixes and minor feature updates.
In Focal, there were major changes in how documentation is handled too, requiring packaging updates to handle it. So regressions could arise here too. |
This bug tracks an update for the bind9 package, moving to versions:
* Mantic (23.10): bind9 9.18.24
* Jammy (22.04): bind9 9.18.24
These updates include bug fixes following the SRU policy exception defined at https://wiki.ubuntu.com/Bind9Updates.
[Upstream changes]
Changes from 9.18.18 - 9.18.24 include:
CVE fixes (These already existed as patches but are now included as part of upstream):
CVE-2023-3341
CVE-2023-4236
CVE-2023-4408
CVE-2023-5517
CVE-2023-5679
CVE-2023-50387
CVE-2023-50868
Deprecations:
Use of AES as the DNS COOKIE algorithm
resolver-nonbackoff-tries and resolver-retry-interval statements
dnssec-must-be-secure option
Updates:
Update IP addresses for B.ROOT-SERVERS.NET to 170.247.170.2 and 2801:1b8:10::b.
Honor nsupdate -v option for SOA queries by sending both the UPDATE request and the initial query over TCP.
Reduce memory consumption through dedicated jemalloc memory arenas.
Bug fixes:
https://gitlab.isc.org/isc-projects/bind9/-/issues/4467 - Fix accidental truncation to 32 bit of statistics channel counters.
https://gitlab.isc.org/isc-projects/bind9/-/issues/4350 - Do not schedule unsigned versions of inline-signed zones containing DNSSEC records for resigning.
https://gitlab.isc.org/isc-projects/bind9/-/issues/4355 - Take local authoritive data into account when looking up stale data from the cache.
https://gitlab.isc.org/isc-projects/bind9/-/issues/4386 - Fix assertion failure when lock-file used at the same time as named -X.
https://gitlab.isc.org/isc-projects/bind9/-/issues/4387 - Fix lockfile removal issue when starting named 3+ times.
https://gitlab.isc.org/isc-projects/bind9/-/issues/4124 - Fix validation of If-Modified-Since header in statistics channel for its length.
https://gitlab.isc.org/isc-projects/bind9/-/issues/4125 - Add Content-Length header bounds check to avoid integer overflow.
https://gitlab.isc.org/isc-projects/bind9/-/issues/4159 - Fix memory leaks from OpenSSL error stack.
https://gitlab.isc.org/isc-projects/bind9/-/issues/4280 - Fix SERVFAIL responses after introduction of krb5-subdomain-self-rhs and ms-subdomain-self-rhs UPDATE policies.
https://gitlab.isc.org/isc-projects/bind9/-/issues/4278 - Fix accidental disable of stale-refresh-time feature on rndc flush.
https://gitlab.isc.org/isc-projects/bind9/-/issues/4255 - Fix possible DNS message corruption from partial writes in TLS DNS.
Full release notes available here - https://bind9.readthedocs.io/en/v9.18.24/notes.html
[Test Plan]
DEP-8 Tests:
simpletest - Confirms bind9 daemon starts successfully and dig can find 127.0.0.1 through the default setup of bind9
zonetest - Added in this update, currently in lunar. Confirms the functionality of named and bind9 by creating a local DNS zone and domain, and having dig look it up
dyndb-ldap - Verifies functionality of bind-dyndb-ldap against the updated bind9 package with a basic setup. This also fails intentionally prior to bind-dyndb-ldap being rebuilt against the package, as this is a necessary step for bind9 updates.
validation - This test is provided by Debian and consistently fails both before and after the update due to several issues. It is marked as flaky, and does not block autopkgtest passing overall
[Regression Potential]
Upstream has an extensive build and integration test suite. So regressions would likely arise from a change in interaction with Ubuntu-specific integrations. Alternatively, regressions may arise for users due to behavior changes from the many bug fixes and minor feature updates. |
|
2024-04-12 14:46:39 |
Launchpad Janitor |
merge proposal linked |
|
https://code.launchpad.net/~lvoytek/ubuntu/+source/bind9/+git/bind9/+merge/464213 |
|
2024-04-12 14:51:48 |
Launchpad Janitor |
merge proposal linked |
|
https://code.launchpad.net/~lvoytek/ubuntu/+source/bind9/+git/bind9/+merge/464214 |
|
2024-04-19 13:11:45 |
Timo Aaltonen |
bind9 (Ubuntu Mantic): status |
In Progress |
Fix Committed |
|
2024-04-19 13:11:46 |
Timo Aaltonen |
bug |
|
|
added subscriber Ubuntu Stable Release Updates Team |
2024-04-19 13:11:52 |
Timo Aaltonen |
bug |
|
|
added subscriber SRU Verification |
2024-04-19 13:11:55 |
Timo Aaltonen |
tags |
needs-mre-backport |
needs-mre-backport verification-needed verification-needed-mantic |
|
2024-04-19 13:13:50 |
Timo Aaltonen |
bind9 (Ubuntu Jammy): status |
In Progress |
Fix Committed |
|
2024-04-19 13:13:54 |
Timo Aaltonen |
tags |
needs-mre-backport verification-needed verification-needed-mantic |
needs-mre-backport verification-needed verification-needed-jammy verification-needed-mantic |
|
2024-04-19 17:46:09 |
Lena Voytek |
bug task added |
|
bind-dyndb-ldap (Ubuntu) |
|
2024-04-19 17:46:16 |
Lena Voytek |
bind-dyndb-ldap (Ubuntu Noble): status |
New |
Fix Released |
|
2024-04-19 17:46:19 |
Lena Voytek |
bind-dyndb-ldap (Ubuntu Mantic): assignee |
|
Lena Voytek (lvoytek) |
|
2024-04-19 17:46:21 |
Lena Voytek |
bind-dyndb-ldap (Ubuntu Jammy): assignee |
|
Lena Voytek (lvoytek) |
|
2024-04-19 17:46:23 |
Lena Voytek |
bind-dyndb-ldap (Ubuntu Jammy): status |
New |
In Progress |
|
2024-04-19 17:46:25 |
Lena Voytek |
bind-dyndb-ldap (Ubuntu Mantic): status |
New |
In Progress |
|
2024-04-19 18:35:48 |
Simon Déziel |
bug |
|
|
added subscriber Simon Déziel |
2024-04-26 06:48:48 |
Timo Aaltonen |
bind-dyndb-ldap (Ubuntu Mantic): status |
In Progress |
Fix Committed |
|
2024-05-01 06:16:35 |
Bryce Harrington |
bind-dyndb-ldap (Ubuntu Jammy): milestone |
|
jammy-updates |
|
2024-05-01 06:16:38 |
Bryce Harrington |
bind-dyndb-ldap (Ubuntu Mantic): milestone |
|
mantic-updates |
|
2024-05-01 06:16:41 |
Bryce Harrington |
bind-dyndb-ldap (Ubuntu Noble): milestone |
|
noble-updates |
|
2024-05-01 06:16:44 |
Bryce Harrington |
bind9 (Ubuntu Jammy): milestone |
|
jammy-updates |
|
2024-05-01 06:16:45 |
Bryce Harrington |
bind9 (Ubuntu Mantic): milestone |
|
mantic-updates |
|
2024-05-01 06:17:23 |
Bryce Harrington |
bind-dyndb-ldap (Ubuntu): milestone |
|
ubuntu-24.04-feature-freeze |
|
2024-05-02 18:45:53 |
Andreas Hasenack |
bind-dyndb-ldap (Ubuntu Jammy): status |
In Progress |
Fix Committed |
|
2024-05-02 19:09:44 |
Lena Voytek |
tags |
needs-mre-backport verification-needed verification-needed-jammy verification-needed-mantic |
needs-mre-backport verification-done verification-done-jammy verification-done-mantic |
|