[Bug 1822416] Re: resolve: do not hit CNAME or DNAME entry in NODATA cache
> Server returned error NXDOMAIN, mitigating potential DNS violation DVE-2018-0001, retrying transaction with reduced feature level UDP. the 'NXDOMAIN' messages are not related to this bug, a bit more detail is in this comment https://bugs.launchpad.net/ubuntu/bionic/+source/systemd/+bug/1785383/comments/12 -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1822416 Title: resolve: do not hit CNAME or DNAME entry in NODATA cache To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/systemd/+bug/1822416/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 1822416] Re: resolve: do not hit CNAME or DNAME entry in NODATA cache
I have the same problem in 237-3ubuntu10.41 amd64 May 30 12:55:59 cerberus systemd-resolved[1595]: Server returned error NXDOMAIN, mitigating potential DNS violation DVE-2018-0001, retrying transaction with reduced feature level UDP. -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1822416 Title: resolve: do not hit CNAME or DNAME entry in NODATA cache To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/systemd/+bug/1822416/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 1822416] Re: resolve: do not hit CNAME or DNAME entry in NODATA cache
I have the same problem with 237-3ubuntu10.39 amd64 ``` systemd-resolved[2198]: message repeated 3 times: [ Server returned error NXDOMAIN, mitigating potential DNS violation DVE-2018-0001, retrying transaction with reduced feature level UDP.] % lsb_release -a No LSB modules are available. Distributor ID: Ubuntu Description:Ubuntu 18.04.4 LTS Release:18.04 Codename: bionic % apt list systemd Listing... Done systemd/bionic-updates,now 237-3ubuntu10.39 amd64 [installed,automatic] N: There are 2 additional versions. Please use the '-a' switch to see them. ``` -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1822416 Title: resolve: do not hit CNAME or DNAME entry in NODATA cache To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/systemd/+bug/1822416/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 1822416] Re: resolve: do not hit CNAME or DNAME entry in NODATA cache
You can find it here: https://www.ubuntuupdates.org/package/core/bionic/universe/updates/systemd?id=1401429=2 - Version: 237-3ubuntu10.23 2019-06-21 00:06:25 UTC systemd (237-3ubuntu10.23) bionic; urgency=medium * d/p/resolved-do-not-hit-CNAME-in-NODATA.patch: - fix stub resolver cache (LP: #1818527) -- Heitor Alves de Siqueira Tue, 04 Jun 2019 15:54:24 -0300 Source diff to previous version 1818527 Stub resolver cache is corrupted - The fix has been first introduced in "237-3ubuntu10.23" so "237-3ubuntu10.38" definitely should have it still, yes. -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1822416 Title: resolve: do not hit CNAME or DNAME entry in NODATA cache To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/systemd/+bug/1822416/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 1822416] Re: resolve: do not hit CNAME or DNAME entry in NODATA cache
hi, Eric: Could you please confirm that this bug had been fixed on ubuntu bionic with version 237-3ubuntu10.38? I am confusing about your comment as I found nothing when go through the update changes https://www.ubuntuupdates.org/package/core/bionic/universe/updates/systemd. -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1822416 Title: resolve: do not hit CNAME or DNAME entry in NODATA cache To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/systemd/+bug/1822416/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 1822416] Re: resolve: do not hit CNAME or DNAME entry in NODATA cache
Bionic has been applied via LP: #1818527 introduced in version: systemd (237-3ubuntu10.23) bionic; urgency=medium * d/p/resolved-do-not-hit-CNAME-in-NODATA.patch: - fix stub resolver cache (LP: #1818527) ** Changed in: systemd (Ubuntu Bionic) Status: Confirmed => Fix Released ** Changed in: systemd (Ubuntu Bionic) Assignee: Eric Desrochers (slashd) => (unassigned) -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1822416 Title: resolve: do not hit CNAME or DNAME entry in NODATA cache To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/systemd/+bug/1822416/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 1822416] Re: resolve: do not hit CNAME or DNAME entry in NODATA cache
** Changed in: systemd (Ubuntu Bionic) Status: New => Confirmed ** Changed in: systemd (Ubuntu Bionic) Assignee: (unassigned) => Eric Desrochers (slashd) ** Tags added: st ** Tags removed: st ** Tags added: sts -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1822416 Title: resolve: do not hit CNAME or DNAME entry in NODATA cache To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/systemd/+bug/1822416/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 1822416] Re: resolve: do not hit CNAME or DNAME entry in NODATA cache
Seems like Disco and late already have the requested fix. $ git describe --contains 3740146a4cbd99883af79e375ee4836206dcea4e v240 $ rmadison systemd systemd | 204-5ubuntu20| trusty | source systemd | 204-5ubuntu20.31 | trusty-security | source, amd64, arm64, armhf, i386, powerpc, ppc64el systemd | 204-5ubuntu20.31 | trusty-updates | source, amd64, arm64, armhf, i386, powerpc, ppc64el systemd | 229-4ubuntu4 | xenial | source, amd64, arm64, armhf, i386, powerpc, ppc64el, s390x systemd | 229-4ubuntu21.21 | xenial-security | source, amd64, arm64, armhf, i386, powerpc, ppc64el, s390x systemd | 229-4ubuntu21.23 | xenial-updates | source, amd64, arm64, armhf, i386, powerpc, ppc64el, s390x systemd | 237-3ubuntu10| bionic | source, amd64, arm64, armhf, i386, ppc64el, s390x systemd | 237-3ubuntu10.29 | bionic-security | source, amd64, arm64, armhf, i386, ppc64el, s390x systemd | 237-3ubuntu10.33 | bionic-updates | source, amd64, arm64, armhf, i386, ppc64el, s390x # Not affected: systemd | 240-6ubuntu5 | disco | source, amd64, arm64, armhf, i386, ppc64el, s390x systemd | 240-6ubuntu5.7 | disco-security | source, amd64, arm64, armhf, i386, ppc64el, s390x systemd | 240-6ubuntu5.8 | disco-updates | source, amd64, arm64, armhf, i386, ppc64el, s390x systemd | 242-7ubuntu3 | eoan| source, amd64, arm64, armhf, i386, ppc64el, s390x systemd | 242-7ubuntu3.2 | eoan-updates| source, amd64, arm64, armhf, i386, ppc64el, s390x systemd | 244-3ubuntu1 | focal | source, amd64, arm64, armhf, i386, ppc64el, s390x systemd | 244-3ubuntu5 | focal-proposed | source, amd64, arm64, armhf, i386, ppc64el, s390x ** Changed in: systemd (Ubuntu Focal) Status: Confirmed => Fix Released ** Changed in: systemd (Ubuntu Eoan) Status: New => Fix Released ** Changed in: systemd (Ubuntu Disco) Status: New => Fix Released -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1822416 Title: resolve: do not hit CNAME or DNAME entry in NODATA cache To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/systemd/+bug/1822416/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 1822416] Re: resolve: do not hit CNAME or DNAME entry in NODATA cache
** Also affects: systemd (Ubuntu Eoan) Importance: Undecided Status: New ** Also affects: systemd (Ubuntu Bionic) Importance: Undecided Status: New ** Also affects: systemd (Ubuntu Focal) Importance: Undecided Status: Confirmed ** Also affects: systemd (Ubuntu Disco) Importance: Undecided Status: New ** This bug is no longer a duplicate of bug 1818527 Stub resolver cache is corrupted -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1822416 Title: resolve: do not hit CNAME or DNAME entry in NODATA cache To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/systemd/+bug/1822416/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 1822416] Re: resolve: do not hit CNAME or DNAME entry in NODATA cache
*** This bug is a duplicate of bug 1818527 *** https://bugs.launchpad.net/bugs/1818527 Status changed to 'Confirmed' because the bug affects multiple users. ** Changed in: systemd (Ubuntu) Status: New => Confirmed -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1822416 Title: resolve: do not hit CNAME or DNAME entry in NODATA cache To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/systemd/+bug/1822416/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 1822416] Re: resolve: do not hit CNAME or DNAME entry in NODATA cache
*** This bug is a duplicate of bug 1818527 *** https://bugs.launchpad.net/bugs/1818527 ** This bug has been marked a duplicate of bug 1818527 Stub resolver cache is corrupted -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1822416 Title: resolve: do not hit CNAME or DNAME entry in NODATA cache To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/systemd/+bug/1822416/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 1822416] Re: resolve: do not hit CNAME or DNAME entry in NODATA cache
I stopped using resolve because of this bug so unfortunately, I can't say whether or not that error appeared in the log at the same time. -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1822416 Title: resolve: do not hit CNAME or DNAME entry in NODATA cache To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/systemd/+bug/1822416/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 1822416] Re: resolve: do not hit CNAME or DNAME entry in NODATA cache
Extra question: is Server returned error NXDOMAIN, mitigating potential DNS violation DVE-2018-0001, retrying transaction with reduced feature level UDP, as pointed related? https://www.linode.com/community/questions/17384/error-server-returned- error-nxdomain-mitigating-potential-dns-violation-dve-2018 -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1822416 Title: resolve: do not hit CNAME or DNAME entry in NODATA cache To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/systemd/+bug/1822416/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs