Your message dated Fri, 19 Dec 2014 20:20:05 -0500
with message-id
<CANTw=mmyo4b3rb36zjbqqzfi2snsrc9ynr9p4xaujk5mlia...@mail.gmail.com>
and subject line Re: [Pkg-chromium-maint] Bug#694477: chromium - Ignores AD bit
(DNSSEC result) if resolver is not only 127.0.0.1
has caused the Debian Bug report #694477,
regarding chromium - Ignores AD bit (DNSSEC result) if resolver is not only
127.0.0.1
to be marked as done.
This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.
(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact [email protected]
immediately.)
--
694477: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=694477
Debian Bug Tracking System
Contact [email protected] with problems
--- Begin Message ---
Package: chromium
Version: 22.0.1229.94~r161065-3
Severity: normal
chromium ignores the AD bit in DNS responses if
- more then one resolver,
- resolver not 127.0.0.1.
This makes the DNSSEC and DANE TLSA support pretty useless. Also it is
the task for the user to make sure the responses are correct, not any
tool in different ways.
Bastian
-- System Information:
Debian Release: wheezy/sid
APT prefers testing
APT policy: (990, 'testing'), (500, 'unstable'), (1, 'experimental')
Architecture: amd64 (x86_64)
Foreign Architectures: i386
Kernel: Linux 3.5-trunk-amd64 (SMP w/4 CPU cores)
Locale: LANG=de_DE.UTF-8, LC_CTYPE=de_DE.UTF-8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/dash
Versions of packages chromium depends on:
ii chromium-inspector 22.0.1229.94~r161065-3
ii gconf-service 3.2.5-1+build1
ii libasound2 1.0.25-4
ii libatk1.0-0 2.4.0-2
ii libbz2-1.0 1.0.6-4
ii libc6 2.13-35
ii libcairo2 1.12.2-2
ii libcups2 1.5.3-2.4
ii libdbus-1-3 1.6.8-1
ii libevent-2.0-5 2.0.19-stable-3
ii libexpat1 2.1.0-1
ii libflac8 1.2.1-6
ii libfontconfig1 2.9.0-7
ii libfreetype6 2.4.9-1
ii libgcc1 1:4.7.2-4
ii libgconf-2-4 3.2.5-1+build1
ii libgcrypt11 1.5.0-3
ii libgdk-pixbuf2.0-0 2.26.1-1
ii libglib2.0-0 2.33.12+really2.32.4-3
ii libgnome-keyring0 3.4.1-1
ii libgtk2.0-0 2.24.10-2
ii libjpeg8 8d-1
ii libnspr4 2:4.9.2-1
ii libnss3 2:3.13.6-1
ii libnss3-1d 2:3.13.6-1
ii libpango1.0-0 1.30.0-1
ii libpng12-0 1.2.49-1
ii libpulse0 2.0-6
ii libspeex1 1.2~rc1-7
ii libstdc++6 4.7.2-4
ii libudev0 175-7
ii libvpx1 1.1.0-1
ii libx11-6 2:1.5.0-1
ii libxext6 2:1.3.1-2
ii libxfixes3 1:5.0-4
ii libxml2 2.8.0+dfsg1-6
ii libxrender1 1:0.9.7-1
ii libxslt1.1 1.1.26-14
ii libxss1 1:1.2.2-1
ii xdg-utils 1.1.0~rc1+git20111210-6
chromium recommends no packages.
Versions of packages chromium suggests:
pn chromium-l10n <none>
-- no debconf information
--- End Message ---
--- Begin Message ---
On Mon, Nov 26, 2012 at 1:56 PM, Bastian Blank wrote:
> This makes the DNSSEC and DANE TLSA support pretty useless. Also it is
> the task for the user to make sure the responses are correct, not any
> tool in different ways.
Unfortunately upstream decided not to implement support for DNSSEC.
If you can get them to change their mind, please reopen.
Best wishes,
Mike
--- End Message ---
