Your message dated Sun, 22 Oct 2017 13:19:11 +0200
with message-id
<1508671151.815349.1146906880.773a8...@webmail.messagingengine.com>
and subject line Closing bugs in old-old-stable bind9 versions
has caused the Debian Bug report #563851,
regarding bind9: dnssec missing RSASHA1-NSEC3-SHA1 support (used by ch.
registry).
to be marked as done.
This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.
(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact [email protected]
immediately.)
--
563851: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=563851
Debian Bug Tracking System
Contact [email protected] with problems
--- Begin Message ---
Package: bind9
Version: 1:9.5.1.dfsg.P2-1+lenny1
Severity: wishlist
Switzerlands ccTLD is signed with RSASHA1-NSEC3-SHA1.
But bind 9.5.1.dfsg.P2-1+lenny1 is not able to handle zones signed by algo 7:
Jan 5 21:28:29 magma named[7305]: /etc/bind/trusted.keys:14: configuring
trusted key for 'CH.': algorithm is unsupported
Jan 5 21:28:29 magma named[7305]: loading configuration: failure
Jan 5 21:28:29 magma named[7305]: exiting (due to fatal error)
Same applies to gov. and a couple of other signed TLD:
https://lists.dns-oarc.net/pipermail/dns-operations/2009-March/003640.html
Is there a chance this could be backported to etch, or do we have to wait for
sqeeze?
-Benoit-
-- System Information:
Debian Release: 5.0.2
APT prefers stable
APT policy: (500, 'stable')
Architecture: i386 (i686)
Kernel: Linux 2.6.29.2
Locale: LANG=de_CH, LC_CTYPE=de_CH (charmap=ISO-8859-1)
Shell: /bin/sh linked to /bin/bash
Versions of packages bind9 depends on:
ii adduser 3.110 add and remove users and groups
ii bind9utils 1:9.5.1.dfsg.P2-1+lenny1 Utilities for BIND
ii debconf [debcon 1.5.24 Debian configuration management sy
ii libbind9-40 1:9.5.1.dfsg.P2-1+lenny1 BIND9 Shared Library used by BIND
ii libc6 2.7-18 GNU C Library: Shared libraries
ii libcap2 2.11-2 support for getting/setting POSIX.
ii libdb4.6 4.6.21-11 Berkeley v4.6 Database Libraries [
ii libdns45 1:9.5.1.dfsg.P2-1+lenny1 DNS Shared Library used by BIND
ii libisc45 1:9.5.1.dfsg.P2-1+lenny1 ISC Shared Library used by BIND
ii libisccc40 1:9.5.1.dfsg.P2-1+lenny1 Command Channel Library used by BI
ii libisccfg40 1:9.5.1.dfsg.P2-1+lenny1 Config File Handling Library used
ii libkrb53 1.6.dfsg.4~beta1-5lenny1 MIT Kerberos runtime libraries
ii libldap-2.4-2 2.4.11-1 OpenLDAP libraries
ii liblwres40 1:9.5.1.dfsg.P2-1+lenny1 Lightweight Resolver Library used
ii libssl0.9.8 0.9.8g-15+lenny1 SSL shared libraries
ii libxml2 2.6.32.dfsg-5 GNOME XML library
ii lsb-base 3.2-20 Linux Standard Base 3.2 init scrip
ii net-tools 1.60-22 The NET-3 networking toolkit
ii netbase 4.34 Basic TCP/IP networking system
bind9 recommends no packages.
Versions of packages bind9 suggests:
ii bind9-doc 1:9.5.1.dfsg.P2-1+lenny1 Documentation for BIND
ii dnsutils 1:9.5.1.dfsg.P2-1+lenny1 Clients provided with BIND
pn resolvconf <none> (no description available)
pn ufw <none> (no description available)
-- debconf information:
bind9/different-configuration-file:
bind9/run-resolvconf: true
bind9/start-as-user: bind
--- End Message ---
--- Begin Message ---
Version: 1:9.10.3.dfsg.P4-12.3
Hi,
the bind9 bug list grew too much and the Debian BIND team cannot
simply test all the reported bugs against versions not in stable, so
this is mass bug close, as either the version is no longer relevant
(because of old-old-stable 9.8.x or old-stable 9.9.5 or even older
version of bind9) or the bug was already fixed.
However, if you can reproduce the bug with a current version in stable,
please use Debian BTS 'found <bug> <version_you_reproduced_the_issue>'
command to retag the bug and reopen it.
Cheers,
Ondrej
signature.asc
Description: PGP signature
--- End Message ---
