Public bug reported:
bind9 (1:9.10.3.dfsg.P4-12.6) unstable; urgency=medium
* Non-maintainer upload.
* Import upcoming DNSSEC KSK-2017 from 9.10.5 (Closes: #860794)
-- Bernhard Schmidt <be...@debian.org> Fri, 11 Aug 2017 19:10:07 +0200
>From the bug:
"""
Hi,
ICANN will roll the DNSSEC root zone KSK in October 2017. DNSSEC-enabled
resolvers will then stop working unless they have the new key configured
to be trusted (note that in the default configuration a running BIND will
learn and store the new key using RFC5011 (managed-keys), but a new
installation will be broken).
The patch attached is generated by diffing ./bind.keys{.h} from BIND 9.10.3-P4
to BIND 9.10.5, where the changelog reads
4564. [maint] Update the built in managed keys to include the
upcoming root KSK. [RT #44579]
Another way would be Bug#760459, but this will probably be too intrusive for
jessie and stretch.
"""
** Affects: bind9 (Ubuntu)
Importance: Undecided
Assignee: Andreas Hasenack (ahasenack)
Status: In Progress
--
You received this bug notification because you are a member of Ubuntu
Server Team, which is subscribed to bind9 in Ubuntu.
https://bugs.launchpad.net/bugs/1712920
Title:
bind9: merge with debian's 9.10.3.dfsg.P4-12.6
To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/bind9/+bug/1712920/+subscriptions
--
Ubuntu-server-bugs mailing list
Ubuntu-server-bugs@lists.ubuntu.com
Modify settings or unsubscribe at:
https://lists.ubuntu.com/mailman/listinfo/ubuntu-server-bugs
