Your message dated Sun, 24 Dec 2006 19:47:02 +0000
with message-id <[EMAIL PROTECTED]>
and subject line Bug#392590: fixed in nss-mdns 0.8-6.1
has caused the attached Bug report to be marked as done.
This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.
(NB: If you are a system administrator and have no idea what I am
talking about this indicates a serious mail system misconfiguration
somewhere. Please contact me immediately.)
Debian bug tracking system administrator
(administrator, Debian Bugs database)
--- Begin Message ---
Package: zeroconf
Version: 0.9-1
Severity: critical
Justification: breaks unrelated software
on recent updates to testing of some of my systems zeroconf
was installed because of recommends of other packages (kde etc.)
Like other users have already reported this resulted in an *additional*
IP-address assigned to the primary network interface as a link local
address.
Since the user never directed the update to reconfigure the network
setting, this is a policy violation. The default of the zeroconf
settings should be, either "do never configure the add hoc ip address"
or "only configure the add hoc ip address if no ip address is configured
for this interface".
The problem with the additional ip address is unexpected behaviour of
unrelated software.
With the two ip addresses the machine broadcasts with two different
addresses. This might result in alarms in the network, because a machine
comunicates with the wrong address. This might also result in the
disabling of the machine on a switch which sees the wrong address (cisco
catalyst dhcp-snooping).
Some programs rely on the configured and allowed ip address to operate.
If now one machine responds on a different address because it can also
reach the other machine with it, we get a problem. We have one report
that ssh reports a security warning, because a key is recorded with a
different ip address.
Services using tcpwrappers get configured with ip addresses. These
services will sometimes fail because they use the wrong addresses.
Some programs will not bind to the wildcard any address but to all ip
addresses they find (like ntp, sendmail, bind etc.). This will result in
at least additional warnings in syslog etc. if not in malfunction. if
the program only configures the first address for one interface it will
probably break.
These are only some of the problems I have detected.
In short: I never told the system to install this particular package nor
did I authorize it to change my configuration. So it should not change
my network configuration in any way.
You could introduce debconf questions or just make the default
configuration disabled or fallback.
Christoph
-- System Information:
Debian Release: 3.1
APT prefers testing
APT policy: (99, 'testing'), (50, 'unstable')
Architecture: i386 (i686)
Kernel: Linux 2.6.17-2-k7
Locale: LANG=C, LC_CTYPE=C (charmap=ANSI_X3.4-1968)
Versions of packages zeroconf depends on:
ii ifupdown 0.6.7 high level tools to configure netw
ii iproute 20041019-3 Professional tools to control the
ii libc6 2.3.6.ds1-4 GNU C Library: Shared libraries
-- no debconf information
--- End Message ---
--- Begin Message ---
Source: nss-mdns
Source-Version: 0.8-6.1
We believe that the bug you reported is fixed in the latest version of
nss-mdns, which is due to be installed in the Debian FTP archive:
libnss-mdns_0.8-6.1_i386.deb
to pool/main/n/nss-mdns/libnss-mdns_0.8-6.1_i386.deb
nss-mdns_0.8-6.1.diff.gz
to pool/main/n/nss-mdns/nss-mdns_0.8-6.1.diff.gz
nss-mdns_0.8-6.1.dsc
to pool/main/n/nss-mdns/nss-mdns_0.8-6.1.dsc
A summary of the changes between this version and the previous one is
attached.
Thank you for reporting the bug, which will now be closed. If you
have further comments please address them to [EMAIL PROTECTED],
and the maintainer will reopen the bug report if appropriate.
Debian distribution maintenance software
pp.
Loic Minier <[EMAIL PROTECTED]> (supplier of updated nss-mdns package)
(This message was generated automatically at their request; if you
believe that there is a problem with it please contact the archive
administrators by mailing [EMAIL PROTECTED])
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
Format: 1.7
Date: Sun, 24 Dec 2006 20:27:30 +0100
Source: nss-mdns
Binary: libnss-mdns
Architecture: source i386
Version: 0.8-6.1
Distribution: unstable
Urgency: low
Maintainer: Anand Kumria <[EMAIL PROTECTED]>
Changed-By: Loic Minier <[EMAIL PROTECTED]>
Description:
libnss-mdns - NSS module for Multicast DNS name resolution
Closes: 353131 392590 393608 393711 399297
Changes:
nss-mdns (0.8-6.1) unstable; urgency=low
.
* Non-maintainer upload to fix a long-standing RC bug and to beat the
package into shape before etch with suggestions from upstream; thanks
Lennart Poettering.
* Configure with --disable-legacy, as recommended by upstream for security
reasons; the legacy mode might be offered in a separate binary package for
the corner cases where it can be useful; see full discussion in #393711;
depend on avahi-daemon as nss-mdns will not work without avahi when
compiled like this; closes: #399297.
* Only suggest zeroconf instead of Recommending it: even if it can act as a
nice complement to nss-mdns, it is intrusive and orthogonal to nss-mdns
and conflicts with avahi-autoipd; closes: #353131, #392590.
* Suggest avahi-autoipd as an alternative to zeroconf.
* Remove offensive comments in postinst and README.Debian.
* Document the history of postinst snippets in debian/NOTES.Debian to permit
handling all upgrade paths.
* Depend on Perl for the postinst snippets using the perl interpreter.
* Rewrite postinst to handle all upgrade paths.
- Does not wipe NSS configuration which matches the upstream recommended
configuration during upgrades from versions 0.8-4.2 or 0.8-5;
closes: #393608.
- Install the upstream recommended configuration for first installs and
upgrades from versions which did not automatically insert mdns in the
NSS setup (unless mdns is already setup); closes: #393711.
- Keep configuration intact when upgrading from versions which installed
the upstream recommended configuration.
- Remove whitespaces added in upgrades from version 0.8-4.2 or 0.8-5 to
0.8-6.
- For upgrades from 0.8-6, attempt to revert the problematic "mdns_minimal
dns mdns" configuration and to install the upstream recommended
configuration.
* Update README.Debian to match the above changes and a planned changes in
avahi-daemon which should disable itself if a .local SOA is found after a
change in the DNS settings.
Files:
676fab86e111748f7ea0c7927b085233 574 admin optional nss-mdns_0.8-6.1.dsc
fc9e3817375219563584d1f76ff0f4a4 7400 admin optional nss-mdns_0.8-6.1.diff.gz
03debe5c7f40fe87e555cf1bc427a121 23354 admin optional
libnss-mdns_0.8-6.1_i386.deb
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.6 (GNU/Linux)
iD8DBQFFjtUe4VUX8isJIMARAtq7AKCcyb//ChjA/rvPzaIqIR7KxPOGGwCdGvPE
46sy3rf4FKqb4JcHrSr3sY4=
=m3lf
-----END PGP SIGNATURE-----
--- End Message ---
