Package: opendnssec Version: 1:2.0.4-3 Severity: important Dear Maintainer,
there is an error in the actual version of the package (or opendnssec itself maybe?) which prevents the usage of hmac-sha256 (and i think any other cipher) for tsig. I reported the bug within the opendnssec bugtracking system https://issues.opendnssec.org/browse/SUPPORT-216 It resulted in this bug report https://issues.opendnssec.org/browse/OPENDNSSEC-904 So actually there is a fix for this available. But it seems to be fixed in the newer 2.1.x version and not in 2.0.x -- System Information: Debian Release: 9.0 APT prefers stable APT policy: (500, 'stable') Architecture: amd64 (x86_64) Kernel: Linux 4.9.0-3-amd64 (SMP w/8 CPU cores) Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8), LANGUAGE=en_US:en (charmap=UTF-8) Shell: /bin/sh linked to /bin/dash Init: systemd (via /run/systemd/system) Versions of packages opendnssec depends on: ii libhsm-bin 1:2.0.4-3 ii opendnssec-enforcer 1:2.0.4-3 ii opendnssec-signer 1:2.0.4-3 Versions of packages opendnssec recommends: ii softhsm2 2.2.0-3 Versions of packages opendnssec suggests: pn opendnssec-doc <none> -- no debconf information
