Package: unbound Version: 1.0.2-1 Severity: normal Unbound seems to trust (and pass on to clients) extra/glue data in responses from authoritative servers, even when this extra data contradicts that held locally for a transparent zone.
Example: Authoritative server has records: foo.example.com A 192.168.1.1 bar.example.com CNAME a.example.com. Unbound has the following in a transparent zone: foo.example.com A 10.1.1.1 A query to unbound, `dig -t a bar.example.com @<unbound ip>` receives the answer given by the authoritative server: bar.example.com CNAME a.example.com. foo.example.com A 192.168.1.1 This is at the very least counter-intuitive, at worst - who knows? -- System Information: Debian Release: 4.0 APT prefers stable APT policy: (500, 'stable') Architecture: powerpc (ppc64) Shell: /bin/sh linked to /bin/bash Kernel: Linux 2.6.24-etchnhalf.1-powerpc64 Locale: LANG=en_NZ.UTF-8, LC_CTYPE=en_NZ.UTF-8 (charmap=UTF-8) -- To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org