Ubuntu
dns-root-data package

  1. Xenial (16.04)
  2. Bug #2045297
  3. Activity log

Activity log for bug #2045297

Date Who What changed Old value New value Message
2023-11-30 17:31:15 Andreas Ott bug added bug
2023-12-02 02:23:22 Launchpad Janitor dns-root-data (Ubuntu): status New Confirmed
2023-12-02 02:23:40 Matt Nordhoff bug added subscriber Matt Nordhoff
2023-12-02 02:32:55 Matt Nordhoff bug watch added https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1054393
2023-12-02 02:32:55 Matt Nordhoff bug task added dns-root-data (Debian)
2023-12-02 20:44:07 Bug Watch Updater dns-root-data (Debian): status Unknown New
2023-12-17 21:37:16 Sergio Durigan Junior dns-root-data (Ubuntu): status Confirmed Triaged
2023-12-17 21:37:22 Sergio Durigan Junior bug added subscriber Ubuntu Server
2023-12-17 21:37:26 Sergio Durigan Junior tags server-todo
2024-01-10 16:20:25 Robie Basak bug task added ubuntu-docker-images
2024-01-25 09:48:14 Christian Ehrhardt  tags server-todo bitesize server-todo
2024-01-25 09:49:51 Christian Ehrhardt  nominated for series Ubuntu Jammy
2024-01-25 09:49:51 Christian Ehrhardt  bug task added dns-root-data (Ubuntu Jammy)
2024-01-25 09:49:51 Christian Ehrhardt  nominated for series Ubuntu Mantic
2024-01-25 09:49:51 Christian Ehrhardt  bug task added dns-root-data (Ubuntu Mantic)
2024-01-25 09:49:51 Christian Ehrhardt  nominated for series Ubuntu Focal
2024-01-25 09:49:51 Christian Ehrhardt  bug task added dns-root-data (Ubuntu Focal)
2024-01-25 09:49:51 Christian Ehrhardt  nominated for series Ubuntu Noble
2024-01-25 09:49:51 Christian Ehrhardt  bug task added dns-root-data (Ubuntu Noble)
2024-01-25 10:03:44 Christian Ehrhardt  description $ lsb_release -rd Description: Ubuntu 22.04.3 LTS Release: 22.04 $apt-cache policy dns-root-data dns-root-data: Installed: 2021011101 Candidate: 2021011101 Version table: *** 2021011101 500 500 http://us-west1.gce.archive.ubuntu.com/ubuntu jammy/main amd64 Packages 100 /var/lib/dpkg/status --- There was a change of IP addresses for B Root DNS servers, see https://b.root-servers.org/news/2023/05/16/new-addresses.html The current root.hints file has version ; last update: January 11, 2021 ; related version of root zone: 2021011101 and it should be replaced with something newer from ftp://ftp.internic.net/domain/named.cache ; last update: November 27, 2023 ; related version of root zone: 2023112702 [ Impact ] * There was a renumbering of USC/ISI's DNS Root Servers, due to that Ubuntu users * On one hand it is annoyance as e.g. named uses them as hints and will on start check those hints. That does, since the change, * On the other hand this will break. Mid term the old addresses will stop to work (by 2024-11-27) that is the strong deadline until this has to be updated everywhere. [ Test Plan ] * Gladly the self check on hints of named can be quite useful here $ apt install bind9 $ systemctl restart named $ systemctl status named Bad case (right now): Jan 25 09:45:16 j systemd[1]: Started BIND Domain Name Server. Jan 25 09:45:16 j named[4136]: running Jan 25 09:45:16 j named[4136]: resolver priming query complete: success Jan 25 09:45:16 j named[4136]: checkhints: b.root-servers.net/A (170.247.170.2) missing from hints Jan 25 09:45:16 j named[4136]: checkhints: b.root-servers.net/A (199.9.14.201) extra record in hints Jan 25 09:45:16 j named[4136]: checkhints: b.root-servers.net/AAAA (2801:1b8:10::b) missing from hints Jan 25 09:45:16 j named[4136]: checkhints: b.root-servers.net/AAAA (2001:500:200::b) extra record in hints Good case (once data files are fixed): ... Jan 25 09:47:50 n systemd[1]: Started named.service - BIND Domain Name Server. Jan 25 09:47:51 n named[1731]: managed-keys-zone: Key 20326 for zone . is now trusted (acceptance timer complete) Jan 25 09:47:51 n named[1731]: resolver priming query complete: success [ Where problems could occur ] * This isn't code, purely a data file for services that need to know about dns root servers. Thereby there is no code in the package itself that would fail, but potential regressions would be in the dependencies. Those are (and we can more consciously look out for those): Reverse-Recommends ================== * dnsmasq-base [amd64 arm64 armhf ppc64el s390x] * dnsmasq-base-lua [amd64 arm64 armhf ppc64el s390x] * ldnsutils [amd64 arm64 armhf ppc64el s390x] * libbellesip2 [amd64 arm64 armhf ppc64el s390x] * unbound * unbound-host Reverse-Depends =============== * bind9 * dnsviz * hash-slinger [amd64 arm64 armhf ppc64el s390x] * knot-resolver [amd64 arm64 armhf] * libgetdns10 [amd64 arm64 armhf ppc64el s390x] * libreswan [amd64 arm64 armhf ppc64el s390x] * opendkim [amd64 arm64 armhf ppc64el s390x] * pdns-recursor [amd64 arm64 ppc64el s390x] * At the same time I think we'd not need to do super advanced tests with custom setups of each of them. Those that are reverse dependencies and have tests will be ran by autopkgtest and given the change, that should be sufficient. [ Other Info ] * This is a native package and we are not doing anything special There also is a Debian PR [1] proposing the same just based on a different date. While we could pick the data of "today" it would not help more. By chosing the same data as proposed in Debian as well as going with backport-style versions even for the current release we - intentionally - allow this to be synced over once the Debian upload happens. If their upload races ours we can just sync that in noble, and only do the SRUs with backport-style versions. [1]: https://salsa.debian.org/dns-team/dns-root-data/-/merge_requests/2/diffs#1acc4dbeefe4bd3ebaef82f869677cc1a3b20306 --- original report --- $ lsb_release -rd Description: Ubuntu 22.04.3 LTS Release: 22.04 $apt-cache policy dns-root-data dns-root-data:   Installed: 2021011101   Candidate: 2021011101   Version table:  *** 2021011101 500         500 http://us-west1.gce.archive.ubuntu.com/ubuntu jammy/main amd64 Packages         100 /var/lib/dpkg/status --- There was a change of IP addresses for B Root DNS servers, see https://b.root-servers.org/news/2023/05/16/new-addresses.html The current root.hints file has version ; last update: January 11, 2021 ; related version of root zone: 2021011101 and it should be replaced with something newer from ftp://ftp.internic.net/domain/named.cache ; last update: November 27, 2023 ; related version of root zone: 2023112702
2024-01-25 10:03:48 Christian Ehrhardt  dns-root-data (Ubuntu Mantic): status New Triaged
2024-01-25 10:03:50 Christian Ehrhardt  dns-root-data (Ubuntu Jammy): status New Triaged
2024-01-25 10:03:51 Christian Ehrhardt  dns-root-data (Ubuntu Focal): status New Triaged
2024-01-25 10:04:48 Christian Ehrhardt  description [ Impact ] * There was a renumbering of USC/ISI's DNS Root Servers, due to that Ubuntu users * On one hand it is annoyance as e.g. named uses them as hints and will on start check those hints. That does, since the change, * On the other hand this will break. Mid term the old addresses will stop to work (by 2024-11-27) that is the strong deadline until this has to be updated everywhere. [ Test Plan ] * Gladly the self check on hints of named can be quite useful here $ apt install bind9 $ systemctl restart named $ systemctl status named Bad case (right now): Jan 25 09:45:16 j systemd[1]: Started BIND Domain Name Server. Jan 25 09:45:16 j named[4136]: running Jan 25 09:45:16 j named[4136]: resolver priming query complete: success Jan 25 09:45:16 j named[4136]: checkhints: b.root-servers.net/A (170.247.170.2) missing from hints Jan 25 09:45:16 j named[4136]: checkhints: b.root-servers.net/A (199.9.14.201) extra record in hints Jan 25 09:45:16 j named[4136]: checkhints: b.root-servers.net/AAAA (2801:1b8:10::b) missing from hints Jan 25 09:45:16 j named[4136]: checkhints: b.root-servers.net/AAAA (2001:500:200::b) extra record in hints Good case (once data files are fixed): ... Jan 25 09:47:50 n systemd[1]: Started named.service - BIND Domain Name Server. Jan 25 09:47:51 n named[1731]: managed-keys-zone: Key 20326 for zone . is now trusted (acceptance timer complete) Jan 25 09:47:51 n named[1731]: resolver priming query complete: success [ Where problems could occur ] * This isn't code, purely a data file for services that need to know about dns root servers. Thereby there is no code in the package itself that would fail, but potential regressions would be in the dependencies. Those are (and we can more consciously look out for those): Reverse-Recommends ================== * dnsmasq-base [amd64 arm64 armhf ppc64el s390x] * dnsmasq-base-lua [amd64 arm64 armhf ppc64el s390x] * ldnsutils [amd64 arm64 armhf ppc64el s390x] * libbellesip2 [amd64 arm64 armhf ppc64el s390x] * unbound * unbound-host Reverse-Depends =============== * bind9 * dnsviz * hash-slinger [amd64 arm64 armhf ppc64el s390x] * knot-resolver [amd64 arm64 armhf] * libgetdns10 [amd64 arm64 armhf ppc64el s390x] * libreswan [amd64 arm64 armhf ppc64el s390x] * opendkim [amd64 arm64 armhf ppc64el s390x] * pdns-recursor [amd64 arm64 ppc64el s390x] * At the same time I think we'd not need to do super advanced tests with custom setups of each of them. Those that are reverse dependencies and have tests will be ran by autopkgtest and given the change, that should be sufficient. [ Other Info ] * This is a native package and we are not doing anything special There also is a Debian PR [1] proposing the same just based on a different date. While we could pick the data of "today" it would not help more. By chosing the same data as proposed in Debian as well as going with backport-style versions even for the current release we - intentionally - allow this to be synced over once the Debian upload happens. If their upload races ours we can just sync that in noble, and only do the SRUs with backport-style versions. [1]: https://salsa.debian.org/dns-team/dns-root-data/-/merge_requests/2/diffs#1acc4dbeefe4bd3ebaef82f869677cc1a3b20306 --- original report --- $ lsb_release -rd Description: Ubuntu 22.04.3 LTS Release: 22.04 $apt-cache policy dns-root-data dns-root-data:   Installed: 2021011101   Candidate: 2021011101   Version table:  *** 2021011101 500         500 http://us-west1.gce.archive.ubuntu.com/ubuntu jammy/main amd64 Packages         100 /var/lib/dpkg/status --- There was a change of IP addresses for B Root DNS servers, see https://b.root-servers.org/news/2023/05/16/new-addresses.html The current root.hints file has version ; last update: January 11, 2021 ; related version of root zone: 2021011101 and it should be replaced with something newer from ftp://ftp.internic.net/domain/named.cache ; last update: November 27, 2023 ; related version of root zone: 2023112702 [ Impact ]  * There was a renumbering of USC/ISI's DNS Root Servers,    due to that Ubuntu users now are using servers that will go away.  * On one hand it is annoyance as e.g. named uses them as    hints and will on start check those hints.    That does, since the change,  * On the other hand this will break. Mid term the old addresses    will stop to work (by 2024-11-27) that is the strong    deadline until this has to be updated everywhere. [ Test Plan ]  * Gladly the self check on hints of named can be quite useful here $ apt install bind9 $ systemctl restart named $ systemctl status named Bad case (right now): Jan 25 09:45:16 j systemd[1]: Started BIND Domain Name Server. Jan 25 09:45:16 j named[4136]: running Jan 25 09:45:16 j named[4136]: resolver priming query complete: success Jan 25 09:45:16 j named[4136]: checkhints: b.root-servers.net/A (170.247.170.2) missing from hints Jan 25 09:45:16 j named[4136]: checkhints: b.root-servers.net/A (199.9.14.201) extra record in hints Jan 25 09:45:16 j named[4136]: checkhints: b.root-servers.net/AAAA (2801:1b8:10::b) missing from hints Jan 25 09:45:16 j named[4136]: checkhints: b.root-servers.net/AAAA (2001:500:200::b) extra record in hints Good case (once data files are fixed): ... Jan 25 09:47:50 n systemd[1]: Started named.service - BIND Domain Name Server. Jan 25 09:47:51 n named[1731]: managed-keys-zone: Key 20326 for zone . is now trusted (acceptance timer complete) Jan 25 09:47:51 n named[1731]: resolver priming query complete: success [ Where problems could occur ]  * This isn't code, purely a data file for services that need to know    about dns root servers. Thereby there is no code in the package itself    that would fail, but potential regressions would be in the dependencies.    Those are (and we can more consciously look out for those): Reverse-Recommends ================== * dnsmasq-base [amd64 arm64 armhf ppc64el s390x] * dnsmasq-base-lua [amd64 arm64 armhf ppc64el s390x] * ldnsutils [amd64 arm64 armhf ppc64el s390x] * libbellesip2 [amd64 arm64 armhf ppc64el s390x] * unbound * unbound-host Reverse-Depends =============== * bind9 * dnsviz * hash-slinger [amd64 arm64 armhf ppc64el s390x] * knot-resolver [amd64 arm64 armhf] * libgetdns10 [amd64 arm64 armhf ppc64el s390x] * libreswan [amd64 arm64 armhf ppc64el s390x] * opendkim [amd64 arm64 armhf ppc64el s390x] * pdns-recursor [amd64 arm64 ppc64el s390x]  * At the same time I think we'd not need to do super advanced tests with    custom setups of each of them. Those that are reverse dependencies and    have tests will be ran by autopkgtest and given the change, that    should be sufficient. [ Other Info ]  * This is a native package and we are not doing anything special    There also is a Debian PR [1] proposing the same just based on a    different date. While we could pick the data of "today" it would    not help more. By chosing the same data as proposed in Debian as    well as going with backport-style versions even for the current    release we - intentionally - allow this to be synced over once    the Debian upload happens.    If their upload races ours we can just sync that in noble, and    only do the SRUs with backport-style versions. [1]: https://salsa.debian.org/dns-team/dns-root-data/-/merge_requests/2/diffs#1acc4dbeefe4bd3ebaef82f869677cc1a3b20306 --- original report --- $ lsb_release -rd Description: Ubuntu 22.04.3 LTS Release: 22.04 $apt-cache policy dns-root-data dns-root-data:   Installed: 2021011101   Candidate: 2021011101   Version table:  *** 2021011101 500         500 http://us-west1.gce.archive.ubuntu.com/ubuntu jammy/main amd64 Packages         100 /var/lib/dpkg/status --- There was a change of IP addresses for B Root DNS servers, see https://b.root-servers.org/news/2023/05/16/new-addresses.html The current root.hints file has version ; last update: January 11, 2021 ; related version of root zone: 2021011101 and it should be replaced with something newer from ftp://ftp.internic.net/domain/named.cache ; last update: November 27, 2023 ; related version of root zone: 2023112702
2024-01-25 10:06:07 Christian Ehrhardt  description [ Impact ]  * There was a renumbering of USC/ISI's DNS Root Servers,    due to that Ubuntu users now are using servers that will go away.  * On one hand it is annoyance as e.g. named uses them as    hints and will on start check those hints.    That does, since the change,  * On the other hand this will break. Mid term the old addresses    will stop to work (by 2024-11-27) that is the strong    deadline until this has to be updated everywhere. [ Test Plan ]  * Gladly the self check on hints of named can be quite useful here $ apt install bind9 $ systemctl restart named $ systemctl status named Bad case (right now): Jan 25 09:45:16 j systemd[1]: Started BIND Domain Name Server. Jan 25 09:45:16 j named[4136]: running Jan 25 09:45:16 j named[4136]: resolver priming query complete: success Jan 25 09:45:16 j named[4136]: checkhints: b.root-servers.net/A (170.247.170.2) missing from hints Jan 25 09:45:16 j named[4136]: checkhints: b.root-servers.net/A (199.9.14.201) extra record in hints Jan 25 09:45:16 j named[4136]: checkhints: b.root-servers.net/AAAA (2801:1b8:10::b) missing from hints Jan 25 09:45:16 j named[4136]: checkhints: b.root-servers.net/AAAA (2001:500:200::b) extra record in hints Good case (once data files are fixed): ... Jan 25 09:47:50 n systemd[1]: Started named.service - BIND Domain Name Server. Jan 25 09:47:51 n named[1731]: managed-keys-zone: Key 20326 for zone . is now trusted (acceptance timer complete) Jan 25 09:47:51 n named[1731]: resolver priming query complete: success [ Where problems could occur ]  * This isn't code, purely a data file for services that need to know    about dns root servers. Thereby there is no code in the package itself    that would fail, but potential regressions would be in the dependencies.    Those are (and we can more consciously look out for those): Reverse-Recommends ================== * dnsmasq-base [amd64 arm64 armhf ppc64el s390x] * dnsmasq-base-lua [amd64 arm64 armhf ppc64el s390x] * ldnsutils [amd64 arm64 armhf ppc64el s390x] * libbellesip2 [amd64 arm64 armhf ppc64el s390x] * unbound * unbound-host Reverse-Depends =============== * bind9 * dnsviz * hash-slinger [amd64 arm64 armhf ppc64el s390x] * knot-resolver [amd64 arm64 armhf] * libgetdns10 [amd64 arm64 armhf ppc64el s390x] * libreswan [amd64 arm64 armhf ppc64el s390x] * opendkim [amd64 arm64 armhf ppc64el s390x] * pdns-recursor [amd64 arm64 ppc64el s390x]  * At the same time I think we'd not need to do super advanced tests with    custom setups of each of them. Those that are reverse dependencies and    have tests will be ran by autopkgtest and given the change, that    should be sufficient. [ Other Info ]  * This is a native package and we are not doing anything special    There also is a Debian PR [1] proposing the same just based on a    different date. While we could pick the data of "today" it would    not help more. By chosing the same data as proposed in Debian as    well as going with backport-style versions even for the current    release we - intentionally - allow this to be synced over once    the Debian upload happens.    If their upload races ours we can just sync that in noble, and    only do the SRUs with backport-style versions. [1]: https://salsa.debian.org/dns-team/dns-root-data/-/merge_requests/2/diffs#1acc4dbeefe4bd3ebaef82f869677cc1a3b20306 --- original report --- $ lsb_release -rd Description: Ubuntu 22.04.3 LTS Release: 22.04 $apt-cache policy dns-root-data dns-root-data:   Installed: 2021011101   Candidate: 2021011101   Version table:  *** 2021011101 500         500 http://us-west1.gce.archive.ubuntu.com/ubuntu jammy/main amd64 Packages         100 /var/lib/dpkg/status --- There was a change of IP addresses for B Root DNS servers, see https://b.root-servers.org/news/2023/05/16/new-addresses.html The current root.hints file has version ; last update: January 11, 2021 ; related version of root zone: 2021011101 and it should be replaced with something newer from ftp://ftp.internic.net/domain/named.cache ; last update: November 27, 2023 ; related version of root zone: 2023112702 [ Impact ]  * There was a renumbering of USC/ISI's DNS Root Servers,    due to that Ubuntu users now are using servers that will    go away. - https://b.root-servers.org/news/2023/05/16/new-addresses.html - https://www.lacnic.net/6868/1/lacnic/lacnic-asigna-recursos-de-numeracion-al-servidor-raiz-de-usc_isi  * On one hand it is annoyance as e.g. named uses them as    hints and will on start check those hints.    That does, since the change,  * On the other hand this will break. Mid term the old addresses    will stop to work (by 2024-11-27) that is the strong    deadline until this has to be updated everywhere. [ Test Plan ]  * Gladly the self check on hints of named can be quite useful here $ apt install bind9 $ systemctl restart named $ systemctl status named Bad case (right now): Jan 25 09:45:16 j systemd[1]: Started BIND Domain Name Server. Jan 25 09:45:16 j named[4136]: running Jan 25 09:45:16 j named[4136]: resolver priming query complete: success Jan 25 09:45:16 j named[4136]: checkhints: b.root-servers.net/A (170.247.170.2) missing from hints Jan 25 09:45:16 j named[4136]: checkhints: b.root-servers.net/A (199.9.14.201) extra record in hints Jan 25 09:45:16 j named[4136]: checkhints: b.root-servers.net/AAAA (2801:1b8:10::b) missing from hints Jan 25 09:45:16 j named[4136]: checkhints: b.root-servers.net/AAAA (2001:500:200::b) extra record in hints Good case (once data files are fixed): ... Jan 25 09:47:50 n systemd[1]: Started named.service - BIND Domain Name Server. Jan 25 09:47:51 n named[1731]: managed-keys-zone: Key 20326 for zone . is now trusted (acceptance timer complete) Jan 25 09:47:51 n named[1731]: resolver priming query complete: success [ Where problems could occur ]  * This isn't code, purely a data file for services that need to know    about dns root servers. Thereby there is no code in the package itself    that would fail, but potential regressions would be in the dependencies.    Those are (and we can more consciously look out for those): Reverse-Recommends ================== * dnsmasq-base [amd64 arm64 armhf ppc64el s390x] * dnsmasq-base-lua [amd64 arm64 armhf ppc64el s390x] * ldnsutils [amd64 arm64 armhf ppc64el s390x] * libbellesip2 [amd64 arm64 armhf ppc64el s390x] * unbound * unbound-host Reverse-Depends =============== * bind9 * dnsviz * hash-slinger [amd64 arm64 armhf ppc64el s390x] * knot-resolver [amd64 arm64 armhf] * libgetdns10 [amd64 arm64 armhf ppc64el s390x] * libreswan [amd64 arm64 armhf ppc64el s390x] * opendkim [amd64 arm64 armhf ppc64el s390x] * pdns-recursor [amd64 arm64 ppc64el s390x]  * At the same time I think we'd not need to do super advanced tests with    custom setups of each of them. Those that are reverse dependencies and    have tests (bind9, libreswan) will be ran by autopkgtest and given the change, that should IMHO be sufficient. [ Other Info ]  * This is a native package and we are not doing anything special    There also is a Debian PR [1] proposing the same just based on a    different date. While we could pick the data of "today" it would    not help more. By chosing the same data as proposed in Debian as    well as going with backport-style versions even for the current    release we - intentionally - allow this to be synced over once    the Debian upload happens.    If their upload races ours we can just sync that in noble, and    only do the SRUs with backport-style versions. [1]: https://salsa.debian.org/dns-team/dns-root-data/-/merge_requests/2/diffs#1acc4dbeefe4bd3ebaef82f869677cc1a3b20306 --- original report --- $ lsb_release -rd Description: Ubuntu 22.04.3 LTS Release: 22.04 $apt-cache policy dns-root-data dns-root-data:   Installed: 2021011101   Candidate: 2021011101   Version table:  *** 2021011101 500         500 http://us-west1.gce.archive.ubuntu.com/ubuntu jammy/main amd64 Packages         100 /var/lib/dpkg/status --- There was a change of IP addresses for B Root DNS servers, see https://b.root-servers.org/news/2023/05/16/new-addresses.html The current root.hints file has version ; last update: January 11, 2021 ; related version of root zone: 2021011101 and it should be replaced with something newer from ftp://ftp.internic.net/domain/named.cache ; last update: November 27, 2023 ; related version of root zone: 2023112702
2024-01-25 10:21:44 Launchpad Janitor merge proposal linked https://code.launchpad.net/~paelzer/ubuntu/+source/dns-root-data/+git/dns-root-data/+merge/459421
2024-01-25 10:25:01 Christian Ehrhardt  dns-root-data (Ubuntu Noble): status Triaged In Progress
2024-01-25 10:25:04 Christian Ehrhardt  dns-root-data (Ubuntu Noble): assignee Christian Ehrhardt  (paelzer)
2024-01-29 07:34:44 Launchpad Janitor merge proposal linked https://code.launchpad.net/~paelzer/ubuntu/+source/dns-root-data/+git/dns-root-data/+merge/459560
2024-01-29 07:35:13 Launchpad Janitor merge proposal linked https://code.launchpad.net/~paelzer/ubuntu/+source/dns-root-data/+git/dns-root-data/+merge/459561
2024-01-29 07:38:57 Launchpad Janitor merge proposal linked https://code.launchpad.net/~paelzer/ubuntu/+source/dns-root-data/+git/dns-root-data/+merge/459562
2024-01-29 07:39:40 Launchpad Janitor merge proposal linked https://code.launchpad.net/~paelzer/ubuntu/+source/dns-root-data/+git/dns-root-data/+merge/459563
2024-01-29 07:40:26 Launchpad Janitor merge proposal linked https://code.launchpad.net/~paelzer/ubuntu/+source/dns-root-data/+git/dns-root-data/+merge/459564
2024-01-29 09:59:23 Launchpad Janitor dns-root-data (Ubuntu Noble): status In Progress Fix Released
2024-01-29 10:47:22 Christian Ehrhardt  dns-root-data (Ubuntu Mantic): assignee Christian Ehrhardt  (paelzer)
2024-01-29 10:47:24 Christian Ehrhardt  dns-root-data (Ubuntu Jammy): assignee Christian Ehrhardt  (paelzer)
2024-01-29 10:47:25 Christian Ehrhardt  dns-root-data (Ubuntu Focal): assignee Christian Ehrhardt  (paelzer)
2024-01-30 09:38:56 Christian Ehrhardt  description [ Impact ]  * There was a renumbering of USC/ISI's DNS Root Servers,    due to that Ubuntu users now are using servers that will    go away. - https://b.root-servers.org/news/2023/05/16/new-addresses.html - https://www.lacnic.net/6868/1/lacnic/lacnic-asigna-recursos-de-numeracion-al-servidor-raiz-de-usc_isi  * On one hand it is annoyance as e.g. named uses them as    hints and will on start check those hints.    That does, since the change,  * On the other hand this will break. Mid term the old addresses    will stop to work (by 2024-11-27) that is the strong    deadline until this has to be updated everywhere. [ Test Plan ]  * Gladly the self check on hints of named can be quite useful here $ apt install bind9 $ systemctl restart named $ systemctl status named Bad case (right now): Jan 25 09:45:16 j systemd[1]: Started BIND Domain Name Server. Jan 25 09:45:16 j named[4136]: running Jan 25 09:45:16 j named[4136]: resolver priming query complete: success Jan 25 09:45:16 j named[4136]: checkhints: b.root-servers.net/A (170.247.170.2) missing from hints Jan 25 09:45:16 j named[4136]: checkhints: b.root-servers.net/A (199.9.14.201) extra record in hints Jan 25 09:45:16 j named[4136]: checkhints: b.root-servers.net/AAAA (2801:1b8:10::b) missing from hints Jan 25 09:45:16 j named[4136]: checkhints: b.root-servers.net/AAAA (2001:500:200::b) extra record in hints Good case (once data files are fixed): ... Jan 25 09:47:50 n systemd[1]: Started named.service - BIND Domain Name Server. Jan 25 09:47:51 n named[1731]: managed-keys-zone: Key 20326 for zone . is now trusted (acceptance timer complete) Jan 25 09:47:51 n named[1731]: resolver priming query complete: success [ Where problems could occur ]  * This isn't code, purely a data file for services that need to know    about dns root servers. Thereby there is no code in the package itself    that would fail, but potential regressions would be in the dependencies.    Those are (and we can more consciously look out for those): Reverse-Recommends ================== * dnsmasq-base [amd64 arm64 armhf ppc64el s390x] * dnsmasq-base-lua [amd64 arm64 armhf ppc64el s390x] * ldnsutils [amd64 arm64 armhf ppc64el s390x] * libbellesip2 [amd64 arm64 armhf ppc64el s390x] * unbound * unbound-host Reverse-Depends =============== * bind9 * dnsviz * hash-slinger [amd64 arm64 armhf ppc64el s390x] * knot-resolver [amd64 arm64 armhf] * libgetdns10 [amd64 arm64 armhf ppc64el s390x] * libreswan [amd64 arm64 armhf ppc64el s390x] * opendkim [amd64 arm64 armhf ppc64el s390x] * pdns-recursor [amd64 arm64 ppc64el s390x]  * At the same time I think we'd not need to do super advanced tests with    custom setups of each of them. Those that are reverse dependencies and    have tests (bind9, libreswan) will be ran by autopkgtest and given the change, that should IMHO be sufficient. [ Other Info ]  * This is a native package and we are not doing anything special    There also is a Debian PR [1] proposing the same just based on a    different date. While we could pick the data of "today" it would    not help more. By chosing the same data as proposed in Debian as    well as going with backport-style versions even for the current    release we - intentionally - allow this to be synced over once    the Debian upload happens.    If their upload races ours we can just sync that in noble, and    only do the SRUs with backport-style versions. [1]: https://salsa.debian.org/dns-team/dns-root-data/-/merge_requests/2/diffs#1acc4dbeefe4bd3ebaef82f869677cc1a3b20306 --- original report --- $ lsb_release -rd Description: Ubuntu 22.04.3 LTS Release: 22.04 $apt-cache policy dns-root-data dns-root-data:   Installed: 2021011101   Candidate: 2021011101   Version table:  *** 2021011101 500         500 http://us-west1.gce.archive.ubuntu.com/ubuntu jammy/main amd64 Packages         100 /var/lib/dpkg/status --- There was a change of IP addresses for B Root DNS servers, see https://b.root-servers.org/news/2023/05/16/new-addresses.html The current root.hints file has version ; last update: January 11, 2021 ; related version of root zone: 2021011101 and it should be replaced with something newer from ftp://ftp.internic.net/domain/named.cache ; last update: November 27, 2023 ; related version of root zone: 2023112702 [ Impact ]  * There was a renumbering of USC/ISI's DNS Root Servers,    due to that Ubuntu users now are using servers that will    go away.    - https://b.root-servers.org/news/2023/05/16/new-addresses.html    - https://www.lacnic.net/6868/1/lacnic/lacnic-asigna-recursos-de-numeracion-al-servidor-raiz-de-usc_isi  * On one hand it is annoyance as e.g. named uses them as    hints and will on start check those hints and spam you warnings to the logs.  * On the other hand this will break. Mid term the old addresses    will stop to work (by 2024-11-27) that is the strong    deadline until this has to be updated everywhere. [ Test Plan ]  * Gladly the self check on hints of named can be quite useful here $ apt install bind9 $ systemctl restart named $ systemctl status named Bad case (right now): Jan 25 09:45:16 j systemd[1]: Started BIND Domain Name Server. Jan 25 09:45:16 j named[4136]: running Jan 25 09:45:16 j named[4136]: resolver priming query complete: success Jan 25 09:45:16 j named[4136]: checkhints: b.root-servers.net/A (170.247.170.2) missing from hints Jan 25 09:45:16 j named[4136]: checkhints: b.root-servers.net/A (199.9.14.201) extra record in hints Jan 25 09:45:16 j named[4136]: checkhints: b.root-servers.net/AAAA (2801:1b8:10::b) missing from hints Jan 25 09:45:16 j named[4136]: checkhints: b.root-servers.net/AAAA (2001:500:200::b) extra record in hints Good case (once data files are fixed): ... Jan 25 09:47:50 n systemd[1]: Started named.service - BIND Domain Name Server. Jan 25 09:47:51 n named[1731]: managed-keys-zone: Key 20326 for zone . is now trusted (acceptance timer complete) Jan 25 09:47:51 n named[1731]: resolver priming query complete: success [ Where problems could occur ]  * This isn't code, purely a data file for services that need to know    about dns root servers. Thereby there is no code in the package itself    that would fail, but potential regressions would be in the dependencies.    Those are (and we can more consciously look out for those): Reverse-Recommends ================== * dnsmasq-base [amd64 arm64 armhf ppc64el s390x] * dnsmasq-base-lua [amd64 arm64 armhf ppc64el s390x] * ldnsutils [amd64 arm64 armhf ppc64el s390x] * libbellesip2 [amd64 arm64 armhf ppc64el s390x] * unbound * unbound-host Reverse-Depends =============== * bind9 * dnsviz * hash-slinger [amd64 arm64 armhf ppc64el s390x] * knot-resolver [amd64 arm64 armhf] * libgetdns10 [amd64 arm64 armhf ppc64el s390x] * libreswan [amd64 arm64 armhf ppc64el s390x] * opendkim [amd64 arm64 armhf ppc64el s390x] * pdns-recursor [amd64 arm64 ppc64el s390x]  * At the same time I think we'd not need to do super advanced tests with    custom setups of each of them. Those that are reverse dependencies and    have tests (bind9, libreswan) will be ran by autopkgtest and given the    change, that should IMHO be sufficient. [ Other Info ]  * This is a native package and we are not doing anything special    There also is a Debian PR [1] proposing the same just based on a    different date. While we could pick the data of "today" it would    not help more. By chosing the same data as proposed in Debian as    well as going with backport-style versions even for the current    release we - intentionally - allow this to be synced over once    the Debian upload happens.    If their upload races ours we can just sync that in noble, and    only do the SRUs with backport-style versions. [1]: https://salsa.debian.org/dns-team/dns-root-data/-/merge_requests/2/diffs#1acc4dbeefe4bd3ebaef82f869677cc1a3b20306 --- original report --- $ lsb_release -rd Description: Ubuntu 22.04.3 LTS Release: 22.04 $apt-cache policy dns-root-data dns-root-data:   Installed: 2021011101   Candidate: 2021011101   Version table:  *** 2021011101 500         500 http://us-west1.gce.archive.ubuntu.com/ubuntu jammy/main amd64 Packages         100 /var/lib/dpkg/status --- There was a change of IP addresses for B Root DNS servers, see https://b.root-servers.org/news/2023/05/16/new-addresses.html The current root.hints file has version ; last update: January 11, 2021 ; related version of root zone: 2021011101 and it should be replaced with something newer from ftp://ftp.internic.net/domain/named.cache ; last update: November 27, 2023 ; related version of root zone: 2023112702
2024-01-30 09:51:50 Christian Ehrhardt  description [ Impact ]  * There was a renumbering of USC/ISI's DNS Root Servers,    due to that Ubuntu users now are using servers that will    go away.    - https://b.root-servers.org/news/2023/05/16/new-addresses.html    - https://www.lacnic.net/6868/1/lacnic/lacnic-asigna-recursos-de-numeracion-al-servidor-raiz-de-usc_isi  * On one hand it is annoyance as e.g. named uses them as    hints and will on start check those hints and spam you warnings to the logs.  * On the other hand this will break. Mid term the old addresses    will stop to work (by 2024-11-27) that is the strong    deadline until this has to be updated everywhere. [ Test Plan ]  * Gladly the self check on hints of named can be quite useful here $ apt install bind9 $ systemctl restart named $ systemctl status named Bad case (right now): Jan 25 09:45:16 j systemd[1]: Started BIND Domain Name Server. Jan 25 09:45:16 j named[4136]: running Jan 25 09:45:16 j named[4136]: resolver priming query complete: success Jan 25 09:45:16 j named[4136]: checkhints: b.root-servers.net/A (170.247.170.2) missing from hints Jan 25 09:45:16 j named[4136]: checkhints: b.root-servers.net/A (199.9.14.201) extra record in hints Jan 25 09:45:16 j named[4136]: checkhints: b.root-servers.net/AAAA (2801:1b8:10::b) missing from hints Jan 25 09:45:16 j named[4136]: checkhints: b.root-servers.net/AAAA (2001:500:200::b) extra record in hints Good case (once data files are fixed): ... Jan 25 09:47:50 n systemd[1]: Started named.service - BIND Domain Name Server. Jan 25 09:47:51 n named[1731]: managed-keys-zone: Key 20326 for zone . is now trusted (acceptance timer complete) Jan 25 09:47:51 n named[1731]: resolver priming query complete: success [ Where problems could occur ]  * This isn't code, purely a data file for services that need to know    about dns root servers. Thereby there is no code in the package itself    that would fail, but potential regressions would be in the dependencies.    Those are (and we can more consciously look out for those): Reverse-Recommends ================== * dnsmasq-base [amd64 arm64 armhf ppc64el s390x] * dnsmasq-base-lua [amd64 arm64 armhf ppc64el s390x] * ldnsutils [amd64 arm64 armhf ppc64el s390x] * libbellesip2 [amd64 arm64 armhf ppc64el s390x] * unbound * unbound-host Reverse-Depends =============== * bind9 * dnsviz * hash-slinger [amd64 arm64 armhf ppc64el s390x] * knot-resolver [amd64 arm64 armhf] * libgetdns10 [amd64 arm64 armhf ppc64el s390x] * libreswan [amd64 arm64 armhf ppc64el s390x] * opendkim [amd64 arm64 armhf ppc64el s390x] * pdns-recursor [amd64 arm64 ppc64el s390x]  * At the same time I think we'd not need to do super advanced tests with    custom setups of each of them. Those that are reverse dependencies and    have tests (bind9, libreswan) will be ran by autopkgtest and given the    change, that should IMHO be sufficient. [ Other Info ]  * This is a native package and we are not doing anything special    There also is a Debian PR [1] proposing the same just based on a    different date. While we could pick the data of "today" it would    not help more. By chosing the same data as proposed in Debian as    well as going with backport-style versions even for the current    release we - intentionally - allow this to be synced over once    the Debian upload happens.    If their upload races ours we can just sync that in noble, and    only do the SRUs with backport-style versions. [1]: https://salsa.debian.org/dns-team/dns-root-data/-/merge_requests/2/diffs#1acc4dbeefe4bd3ebaef82f869677cc1a3b20306 --- original report --- $ lsb_release -rd Description: Ubuntu 22.04.3 LTS Release: 22.04 $apt-cache policy dns-root-data dns-root-data:   Installed: 2021011101   Candidate: 2021011101   Version table:  *** 2021011101 500         500 http://us-west1.gce.archive.ubuntu.com/ubuntu jammy/main amd64 Packages         100 /var/lib/dpkg/status --- There was a change of IP addresses for B Root DNS servers, see https://b.root-servers.org/news/2023/05/16/new-addresses.html The current root.hints file has version ; last update: January 11, 2021 ; related version of root zone: 2021011101 and it should be replaced with something newer from ftp://ftp.internic.net/domain/named.cache ; last update: November 27, 2023 ; related version of root zone: 2023112702 [ Impact ]  * There was a renumbering of USC/ISI's DNS Root Servers,    due to that Ubuntu users now are using servers that will    go away.    - https://b.root-servers.org/news/2023/05/16/new-addresses.html    - https://www.lacnic.net/6868/1/lacnic/lacnic-asigna-recursos-de-numeracion-al-servidor-raiz-de-usc_isi  * On one hand it is annoyance as e.g. named uses them as    hints and will on start check those hints and spam you    warnings to the logs.  * On the other hand this will break. Mid term the old addresses    will stop to work (by 2024-11-27) that is the strong    deadline until this has to be updated everywhere. [ Test Plan ]  * Gladly the self check on hints of named can be quite useful here $ apt install bind9 $ systemctl restart named $ systemctl status named Bad case (right now): Jan 25 09:45:16 j systemd[1]: Started BIND Domain Name Server. Jan 25 09:45:16 j named[4136]: running Jan 25 09:45:16 j named[4136]: resolver priming query complete: success Jan 25 09:45:16 j named[4136]: checkhints: b.root-servers.net/A (170.247.170.2) missing from hints Jan 25 09:45:16 j named[4136]: checkhints: b.root-servers.net/A (199.9.14.201) extra record in hints Jan 25 09:45:16 j named[4136]: checkhints: b.root-servers.net/AAAA (2801:1b8:10::b) missing from hints Jan 25 09:45:16 j named[4136]: checkhints: b.root-servers.net/AAAA (2001:500:200::b) extra record in hints Good case (once data files are fixed): ... Jan 25 09:47:50 n systemd[1]: Started named.service - BIND Domain Name Server. Jan 25 09:47:51 n named[1731]: managed-keys-zone: Key 20326 for zone . is now trusted (acceptance timer complete) Jan 25 09:47:51 n named[1731]: resolver priming query complete: success Warning, if your system can't connect to the root DNS info (e.g. firewall or weird things) then you will see the check fail to fetch the data for coparison and due to that the comparison can not warn you. That would look like this (or similar depending on the release): named[1659]: managed-keys-zone: Unable to fetch DNSKEY set '.': timed out [ Where problems could occur ]  * This isn't code, purely a data file for services that need to know    about dns root servers. Thereby there is no code in the package itself    that would fail, but potential regressions would be in the dependencies.    Those are (and we can more consciously look out for those): Reverse-Recommends ================== * dnsmasq-base [amd64 arm64 armhf ppc64el s390x] * dnsmasq-base-lua [amd64 arm64 armhf ppc64el s390x] * ldnsutils [amd64 arm64 armhf ppc64el s390x] * libbellesip2 [amd64 arm64 armhf ppc64el s390x] * unbound * unbound-host Reverse-Depends =============== * bind9 * dnsviz * hash-slinger [amd64 arm64 armhf ppc64el s390x] * knot-resolver [amd64 arm64 armhf] * libgetdns10 [amd64 arm64 armhf ppc64el s390x] * libreswan [amd64 arm64 armhf ppc64el s390x] * opendkim [amd64 arm64 armhf ppc64el s390x] * pdns-recursor [amd64 arm64 ppc64el s390x]  * At the same time I think we'd not need to do super advanced tests with    custom setups of each of them. Those that are reverse dependencies and    have tests (bind9, libreswan) will be ran by autopkgtest and given the    change, that should IMHO be sufficient. [ Other Info ]  * This is a native package and we are not doing anything special    There also is a Debian PR [1] proposing the same just based on a    different date. While we could pick the data of "today" it would    not help more. By chosing the same data as proposed in Debian as    well as going with backport-style versions even for the current    release we - intentionally - allow this to be synced over once    the Debian upload happens.    If their upload races ours we can just sync that in noble, and    only do the SRUs with backport-style versions. [1]: https://salsa.debian.org/dns-team/dns-root-data/-/merge_requests/2/diffs#1acc4dbeefe4bd3ebaef82f869677cc1a3b20306 --- original report --- $ lsb_release -rd Description: Ubuntu 22.04.3 LTS Release: 22.04 $apt-cache policy dns-root-data dns-root-data:   Installed: 2021011101   Candidate: 2021011101   Version table:  *** 2021011101 500         500 http://us-west1.gce.archive.ubuntu.com/ubuntu jammy/main amd64 Packages         100 /var/lib/dpkg/status --- There was a change of IP addresses for B Root DNS servers, see https://b.root-servers.org/news/2023/05/16/new-addresses.html The current root.hints file has version ; last update: January 11, 2021 ; related version of root zone: 2021011101 and it should be replaced with something newer from ftp://ftp.internic.net/domain/named.cache ; last update: November 27, 2023 ; related version of root zone: 2023112702
2024-01-30 10:06:34 Miriam España Acebal nominated for series Ubuntu Xenial
2024-01-30 10:06:34 Miriam España Acebal bug task added dns-root-data (Ubuntu Xenial)
2024-01-30 10:06:34 Miriam España Acebal nominated for series Ubuntu Bionic
2024-01-30 10:06:34 Miriam España Acebal bug task added dns-root-data (Ubuntu Bionic)
2024-01-30 10:07:26 Miriam España Acebal dns-root-data (Ubuntu Bionic): assignee Christian Ehrhardt  (paelzer)
2024-01-30 10:07:31 Miriam España Acebal dns-root-data (Ubuntu Bionic): status New Triaged
2024-01-30 10:07:43 Miriam España Acebal dns-root-data (Ubuntu Xenial): assignee Christian Ehrhardt  (paelzer)
2024-01-30 10:07:45 Miriam España Acebal dns-root-data (Ubuntu Xenial): status New Triaged
2024-01-30 14:49:54 Christian Ehrhardt  dns-root-data (Ubuntu Focal): status Triaged In Progress
2024-01-30 14:49:55 Christian Ehrhardt  dns-root-data (Ubuntu Jammy): status Triaged In Progress
2024-01-30 14:49:56 Christian Ehrhardt  dns-root-data (Ubuntu Mantic): status Triaged In Progress
2024-01-30 15:43:20 Ubuntu Archive Robot bug added subscriber Christian Ehrhardt 
2024-02-02 08:40:15 Timo Aaltonen dns-root-data (Ubuntu Mantic): status In Progress Fix Committed
2024-02-02 08:40:16 Timo Aaltonen bug added subscriber Ubuntu Stable Release Updates Team
2024-02-02 08:40:19 Timo Aaltonen bug added subscriber SRU Verification
2024-02-02 08:40:23 Timo Aaltonen tags bitesize server-todo bitesize server-todo verification-needed verification-needed-mantic
2024-02-02 08:41:33 Timo Aaltonen dns-root-data (Ubuntu Jammy): status In Progress Fix Committed
2024-02-02 08:41:37 Timo Aaltonen tags bitesize server-todo verification-needed verification-needed-mantic bitesize server-todo verification-needed verification-needed-jammy verification-needed-mantic
2024-02-02 08:42:38 Timo Aaltonen dns-root-data (Ubuntu Focal): status In Progress Fix Committed
2024-02-02 08:42:44 Timo Aaltonen tags bitesize server-todo verification-needed verification-needed-jammy verification-needed-mantic bitesize server-todo verification-needed verification-needed-focal verification-needed-jammy verification-needed-mantic
2024-02-05 10:20:05 Christian Ehrhardt  tags bitesize server-todo verification-needed verification-needed-focal verification-needed-jammy verification-needed-mantic bitesize server-todo verification-done-focal verification-needed verification-needed-jammy verification-needed-mantic
2024-02-05 10:20:35 Christian Ehrhardt  tags bitesize server-todo verification-done-focal verification-needed verification-needed-jammy verification-needed-mantic bitesize server-todo verification-done-focal verification-done-jammy verification-needed verification-needed-mantic
2024-02-05 10:21:04 Christian Ehrhardt  tags bitesize server-todo verification-done-focal verification-done-jammy verification-needed verification-needed-mantic bitesize server-todo verification-done verification-done-focal verification-done-jammy verification-done-mantic
2024-02-12 10:36:14 Launchpad Janitor dns-root-data (Ubuntu Mantic): status Fix Committed Fix Released
2024-02-12 10:36:17 Łukasz Zemczak removed subscriber Ubuntu Stable Release Updates Team
2024-02-12 10:47:56 Launchpad Janitor dns-root-data (Ubuntu Jammy): status Fix Committed Fix Released
2024-02-12 11:01:07 Launchpad Janitor dns-root-data (Ubuntu Focal): status Fix Committed Fix Released