[Bug 1843352] [NEW] systemd package version 237-3ubuntu10.28 breaks local network DNS resolution

Denis Rut'kov 1843352 at bugs.launchpad.net
Mon Sep 9 23:18:59 UTC 2019 

Public bug reported:

After upgrading to the latest package the systemd-resolved service fails
to resolve names for local network.Manually invoking nslookup works
fine.

The only suspicious output from journalctl seems:
systemd-resolved[858]: Server returned error NXDOMAIN, mitigating potential DNS violation DVE-2018-0001, retrying transaction with reduced feature level UDP.

The latest change in that package is:
 * SECURITY UPDATE: Unprivileged users are granted access to privileged
    systemd-resolved D-Bus methods
    - d/p/0001-shared-but-util-drop-trusted-annotation-from-bus_ope.patch:
      drop trusted annotation from bus_open_system_watch_bind()
    - CVE-2019-15718

 -- Chris Coulson <chris.coulson at canonical.com>  Thu, 29 Aug 2019
23:30:33 +0100

Please revert this.

** Affects: systemd (Ubuntu)
     Importance: Undecided
         Status: New

** Attachment added: "This is output of dig command for a locally available resource (the name has been replaced)"
   https://bugs.launchpad.net/bugs/1843352/+attachment/5287638/+files/dig.txt

-- 
You received this bug notification because you are a member of Ubuntu
Foundations Bugs, which is subscribed to systemd in Ubuntu.
https://bugs.launchpad.net/bugs/1843352

Title:
  systemd package version 237-3ubuntu10.28 breaks local network DNS
  resolution

Status in systemd package in Ubuntu:
  New

Bug description:
  After upgrading to the latest package the systemd-resolved service
  fails to resolve names for local network.Manually invoking nslookup
  works fine.

  The only suspicious output from journalctl seems:
  systemd-resolved[858]: Server returned error NXDOMAIN, mitigating potential DNS violation DVE-2018-0001, retrying transaction with reduced feature level UDP.

  The latest change in that package is:
   * SECURITY UPDATE: Unprivileged users are granted access to privileged
      systemd-resolved D-Bus methods
      - d/p/0001-shared-but-util-drop-trusted-annotation-from-bus_ope.patch:
        drop trusted annotation from bus_open_system_watch_bind()
      - CVE-2019-15718

   -- Chris Coulson <chris.coulson at canonical.com>  Thu, 29 Aug 2019
  23:30:33 +0100

  Please revert this.

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/systemd/+bug/1843352/+subscriptions

More information about the foundations-bugs mailing list