Xenial and Trusty have reached end of standard support. ** Changed in: unbound (Ubuntu Trusty) Status: Triaged => Won't Fix
** Changed in: unbound (Ubuntu Xenial) Status: Triaged => Won't Fix -- You received this bug notification because you are a member of नेपाली भाषा समायोजकहरुको समूह, which is subscribed to Xenial. Matching subscriptions: Ubuntu 16.04 Bugs https://bugs.launchpad.net/bugs/1732150 Title: Unbound behaviour changes (wrong) when domain-insecure is set for a stub zone with multiple stub-addr(s) Status in Unbound - Caching DNS Resolver: Unknown Status in unbound package in Ubuntu: Fix Released Status in unbound source package in Trusty: Won't Fix Status in unbound source package in Xenial: Won't Fix Status in unbound source package in Bionic: Incomplete Bug description: [Impact] * DNSSEC setup with domain-insecure set fail to work. The lookup will process all available servers leading to a very long lookup time. * Backport upstream fix to stop checking for further trust points in that case. [Test Case] * TBD: Waiting for the bug reporter to provide the initial steps that we migth refine [Regression Potential] * The change will make it stop iterating for further DNSSEC records in certain configuration cases (domain-insecure). But this is just what the respective configuration is meant to do (see http://manpages.ubuntu.com/manpages/bionic/man5/unbound.conf.5.html) So it should speed up certain cases were so far it still iterated through servers, but giving that up early is just what it shoudl be per config. I can think of a slight behavior change due to being faster now, but the end result should not change due to this. With that background I could think of two regressions: a) the faster lookup makes automation wonder b) there would be a condition we (and upstream) missed which would change the actual lookup return Given that the code was not reverted upstream for quite a while I'd think the latter is only theoretical, and the former should be of low risk. [Other Info] * n/a --- Unbound contains a bug when domain-insecure is set for a (stub) zone. This bug is fixed, see https://www.nlnetlabs.nl/bugs- script/show_bug.cgi?id=2882. Can you please backport this to the Trusty package? With regards, Richard Arends To manage notifications about this bug go to: https://bugs.launchpad.net/unbound/+bug/1732150/+subscriptions _______________________________________________ Mailing list: https://launchpad.net/~group.of.nepali.translators Post to : group.of.nepali.translators@lists.launchpad.net Unsubscribe : https://launchpad.net/~group.of.nepali.translators More help : https://help.launchpad.net/ListHelp