[Bug 1857639] [NEW] DNS server capability detection is broken and has critical consequences when DNSSEC is enabled
Avamander
avamander at gmail.com
Thu Dec 26 20:13:31 UTC 2019
Public bug reported:
I'm running Ubuntu 19.10
I'm on latest version available from repositories, systemd 242
I'm expecting upstream DNS server capabilities being detected correctly
and DNSSEC to keep working. Alternatively I'd expect a method of
disabling capability checks instead of DNSSEC.
Currently instead resolved misdetect features suddenly, stops resolving
all together (fails closed, which is somewhat good). Capability reset is
a very temporary fix.
** Affects: systemd
Importance: Unknown
Status: Unknown
** Affects: systemd (Ubuntu)
Importance: Undecided
Status: New
** Bug watch added: github.com/systemd/systemd/issues #14435
https://github.com/systemd/systemd/issues/14435
** Also affects: systemd via
https://github.com/systemd/systemd/issues/14435
Importance: Unknown
Status: Unknown
--
You received this bug notification because you are a member of Ubuntu
Foundations Bugs, which is subscribed to systemd in Ubuntu.
https://bugs.launchpad.net/bugs/1857639
Title:
DNS server capability detection is broken and has critical
consequences when DNSSEC is enabled
Status in systemd:
Unknown
Status in systemd package in Ubuntu:
New
Bug description:
I'm running Ubuntu 19.10
I'm on latest version available from repositories, systemd 242
I'm expecting upstream DNS server capabilities being detected
correctly and DNSSEC to keep working. Alternatively I'd expect a
method of disabling capability checks instead of DNSSEC.
Currently instead resolved misdetect features suddenly, stops
resolving all together (fails closed, which is somewhat good).
Capability reset is a very temporary fix.
To manage notifications about this bug go to:
https://bugs.launchpad.net/systemd/+bug/1857639/+subscriptions
More information about the foundations-bugs
mailing list