Your message dated Sun, 17 May 2020 17:51:17 +0000
with message-id <[email protected]>
and subject line Bug#959996: fixed in systemd 245.5-3
has caused the Debian Bug report #959996,
regarding src:systemd: d/rules disables resolved DNSSEC on "stable Debian", but
checks for stretch
to be marked as done.
This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.
(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact [email protected]
immediately.)
--
959996: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=959996
Debian Bug Tracking System
Contact [email protected] with problems
--- Begin Message ---
Package: src:systemd
Version: 245.5-2
Severity: normal
Dear Maintainer,
Around line 88, d/rules says this (also present on Salsa @ b9498a5):
-- >8 --
# resolved's DNSSEC support is still not mature enough, don't enable it by
# default on stable Debian or any Ubuntu releases
CONFFLAGS += $(shell grep -qE 'stretch|ubuntu' /etc/os-release && echo
-Ddefault-dnssec=no)
-- >8 --
I don't know if DNSSEC support matured and this isn't needed anymore
anyway, but going by the comment this was probably overlooked
at some point; but now I looked at it, and here we are.
Best,
наб
-- System Information:
Debian Release: 10.3
APT prefers stable-updates
APT policy: (500, 'stable-updates'), (500, 'stable')
Architecture: amd64 (x86_64)
Foreign Architectures: i386
Kernel: Linux 4.19.0-8-amd64 (SMP w/24 CPU cores)
Kernel taint flags: TAINT_PROPRIETARY_MODULE, TAINT_WARN,
TAINT_FIRMWARE_WORKAROUND, TAINT_OOT_MODULE, TAINT_UNSIGNED_MODULE
Locale: LANG=en_GB.UTF-8, LC_CTYPE=en_GB.UTF-8 (charmap=UTF-8),
LANGUAGE=en_GB:en (charmap=UTF-8)
Shell: /bin/sh linked to /usr/bin/dash
Init: systemd (via /run/systemd/system)
LSM: AppArmor: enabled
signature.asc
Description: PGP signature
--- End Message ---
--- Begin Message ---
Source: systemd
Source-Version: 245.5-3
Done: Michael Biebl <[email protected]>
We believe that the bug you reported is fixed in the latest version of
systemd, which is due to be installed in the Debian FTP archive.
A summary of the changes between this version and the previous one is
attached.
Thank you for reporting the bug, which will now be closed. If you
have further comments please address them to [email protected],
and the maintainer will reopen the bug report if appropriate.
Debian distribution maintenance software
pp.
Michael Biebl <[email protected]> (supplier of updated systemd package)
(This message was generated automatically at their request; if you
believe that there is a problem with it please contact the archive
administrators by mailing [email protected])
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256
Format: 1.8
Date: Sun, 17 May 2020 19:28:49 +0200
Source: systemd
Architecture: source
Version: 245.5-3
Distribution: unstable
Urgency: medium
Maintainer: Debian systemd Maintainers
<[email protected]>
Changed-By: Michael Biebl <[email protected]>
Closes: 959996
Changes:
systemd (245.5-3) unstable; urgency=medium
.
[ Michael Biebl ]
* Bump priority of libnss-systemd to standard
* logind: avoid shadow lookups when doing userdb client side
* Disable DNSSEC support by default in resolved.
The upstream default, DNSSEC=allow-downgrade can lead to compatibility
issues with certain network access points. Previously, DNSSEC support
was only turned off when built for a stable Debian release, but it is
safer and more consistent to just generally change the default to
DNSSEC=no. (Closes: #959996)
* Bump debhelper compatibility level to 13.
Use the debhelper-compat package to declare the compatibility level and
drop debian/compat.
* Convert to dh_installsystemd and disable dh_installsystemduser
* Drop custom initramfs update code.
Now handled by dh_installinitramfs which is enabled by default in compat
level 12 and above.
.
[ Dan Streetman ]
* Cherry-pick fix from upstream master to adjust UseGateway= default
- network: change UseGateway= default to UseRoutes= setting
- network: honor SetDNSRoutes= even if UseGateway=False
(LP: #1867375)
.
[ Topi Miettinen ]
* Delete empty lines at end of file.
Upstream commit hooks don't allow empty lines and of course they serve no
purpose.
Checksums-Sha1:
288103b79eee2fa1ab00c60f57365535b725b7a9 5096 systemd_245.5-3.dsc
214ff03eb50772c1d9f819e13236802dfe8e8b4b 165476 systemd_245.5-3.debian.tar.xz
6189d33b8229abaa50d91baab5b3dd1b1c1ba465 9477 systemd_245.5-3_source.buildinfo
Checksums-Sha256:
fb7506929b3bd1b36e124d911aeb688ededad372e699cc3919313a3c3c65a527 5096
systemd_245.5-3.dsc
227e4c6b13cc360fa93f0447d1b505eed5b17e1562ad9f4a8953ac66b611f8e3 165476
systemd_245.5-3.debian.tar.xz
39ccde1a0fe3ea0c619e0f01c970423bf2874328b800487510d55c71e3121716 9477
systemd_245.5-3_source.buildinfo
Files:
d26e1dce0cc5a25bf43793317d02d99e 5096 admin optional systemd_245.5-3.dsc
6a89608f034cf9de865e86637a4933d7 165476 admin optional
systemd_245.5-3.debian.tar.xz
1e0bd956a5ada6be0a952f9d6fe534b4 9477 admin optional
systemd_245.5-3_source.buildinfo
-----BEGIN PGP SIGNATURE-----
iQIzBAEBCAAdFiEECbOsLssWnJBDRcxUauHfDWCPItwFAl7BdSkACgkQauHfDWCP
ItzreQ//buvzd2DNNS+FFl2hb1OLnccyqainQj7l9obPQIp94UHhFhIrzB+i6Nj3
SVMAlyzf9M9d5AF+qMuvn/yNNYYbWBlD2z23BILuJn8qu3WQk/DkD4+bL4l1XRDn
/5Qq3bKzr/14+muwcRG6nZeHR7Ra9ONjvsFWLMHKhBodRDMIw4Pz3PLWAiMNDWdx
Yi78SZ6YYqeLSEpcSouqevkEDXjo/JqG6gKL+JyhCPwyXHyfmXTZD2HCEKea3gO+
gB+cfAshTY9E9tEXhyHZafkkvUYAiEeMDCh052ThewyHoy2uUDgXZQ6F9VWC4TyN
Xcw8XlkcPJitrGgMXNsLi1tKWlqjbCZgRP3GjxloKS0TIS/UDWr/fKUgn5H5zJvb
X2xlco0r172pbgS1S86Mo4IUlVaOrRzWn0GzQTv72DjZ8+2SYrdMK4eCtloozBy8
Pwjii6x/KXcP/K9n1WhqY1hkmZIzCr02qbMXpuCWX9XnEIjHRcl5n22yy4m/a5G6
wLX0HQBBbSX0UqD2sSJvOHEqHOnrKmPcFaTRnz7U/9vPdhI/NC6wwM1eKZlaMBcu
JMFkK210L9HXM1ti5h8Wg8kSLgZz0Hb69DVbyYaudStVvKB0IDO14mm+LHlHUlCS
pwcUnQFq35DW7b+3NQiwqx3DhvdkfNU5WrdXPl4/TyIGcl03xNU=
=iLw5
-----END PGP SIGNATURE-----
--- End Message ---
