This bug was fixed in the package bind-dyndb-ldap -
11.9-5ubuntu0.22.04.3
---------------
bind-dyndb-ldap (11.9-5ubuntu0.22.04.3) jammy-security; urgency=medium
* No-change rebuild for bind9 security update.
-- Marc Deslauriers <marc.deslauri...@ubuntu.com> Wed, 20 Sep 2023
15:58:12 -0400
** Changed in: bind-dyndb-ldap (Ubuntu Jammy)
Status: Fix Committed => Fix Released
--
You received this bug notification because you are a member of FreeIPA,
which is subscribed to bind-dyndb-ldap in Ubuntu.
https://bugs.launchpad.net/bugs/1978849
Title:
bind9-dyndb-ldap has unmet dependencies
Status in bind-dyndb-ldap package in Ubuntu:
Fix Released
Status in bind9 package in Ubuntu:
Invalid
Status in bind-dyndb-ldap source package in Focal:
Won't Fix
Status in bind-dyndb-ldap source package in Jammy:
Fix Released
Status in bind-dyndb-ldap source package in Lunar:
Fix Committed
Status in bind-dyndb-ldap source package in Mantic:
Fix Released
Status in bind9 source package in Mantic:
Invalid
Bug description:
[ Impact ]
There is a tight coupling between src:bind-dyndb-ldap and src:bind9,
such that everytime bind9 is updated, even if it's a simple no-change
rebuild, src:bind-dyndb-ldap has to be rebuilt too.
This is often forgotten, leading to multiple repeated bugs against
src:bind-dyndb-ldap.
The fix for now is to rebuild src:bind-dyndb-ldap, and to avoid it
from happening again, add a DEP8 test to it so that a src:bind9 update
won't be released without this rebuild.
Ideally this coupling shouldn't be that tight, and some ideas are
floating around (see [1], [2], and [3]). But for now, I think this is
the quickest way to avoid hitting this problem again in the near
future.
1. https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1014503
2. https://pagure.io/bind-dyndb-ldap/issue/225
3. https://salsa.debian.org/dns-team/bind9/-/merge_requests/21
[ Test Plan ]
The fix is to rebuild the src:bind-dyndb-ldap package with the current
src:bind9 in the archive for the affected ubuntu release.
With the build succeeding, and the dyndb-ldap DEP8 test also passing,
the verification can be considered successfull.
[ Where problems could occur ]
With this new DEP8 change, a bind9 update can be blocked by a bind-
dyndb-ldap failure to build or run with it.
While this is exactly the intent (not leave a broken bind-dyndb-ldap
package in the release), there is a history indicating that bind-
dyndb-ldap can be late in catching up to bind9 changes. We may reach a
situation where an important bind9 security update, for example, will
be blocked by a failing dyndb-ldap test, and it may be difficult to
fix bind-dyndb-ldap in time, specially if the security update is under
embargo and the bind-dyndb-ldap developers do not yet have details of
the changes.
[ Other Info ]
See also bug
https://bugs.launchpad.net/ubuntu/+source/bind-dyndb-ldap/+bug/2032650 which
adds the same test to the src:bind9 package.
[Original Description]
bind9-dyndb-ldap cannot be installed on Ubuntu 22.04. It appears the
bind0 package has been updated, but not bind9-dyndb-ldap:
~# apt install bind9 bind9-dyndb-ldap
Reading package lists... Done
Building dependency tree... Done
Reading state information... Done
Some packages could not be installed. This may mean that you have
requested an impossible situation or if you are using the unstable
distribution that some required packages have not yet been created
or been moved out of Incoming.
The following information may help to resolve the situation:
The following packages have unmet dependencies:
bind9-dyndb-ldap : Depends: bind9-libs (= 1:9.18.1-1ubuntu1) but
1:9.18.1-1ubuntu1.1 is to be installed
E: Unable to correct problems, you have held broken packages.
~# apt-cache policy bind9
bind9:
Installed: (none)
Candidate: 1:9.18.1-1ubuntu1.1
Version table:
1:9.18.1-1ubuntu1.1 500
500 http://archive.ubuntu.com/ubuntu jammy-updates/main amd64
Packages
500 http://security.ubuntu.com/ubuntu jammy-security/main amd64
Packages
1:9.18.1-1ubuntu1 500
500 http://archive.ubuntu.com/ubuntu jammy/main amd64 Packages
~# apt-cache policy bind9-dyndb-ldap
bind9-dyndb-ldap:
Installed: (none)
Candidate: 11.9-5build2
Version table:
11.9-5build2 500
500 http://archive.ubuntu.com/ubuntu jammy/universe amd64 Packages
To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/bind-dyndb-ldap/+bug/1978849/+subscriptions
_______________________________________________
Mailing list: https://launchpad.net/~freeipa
Post to : freeipa@lists.launchpad.net
Unsubscribe : https://launchpad.net/~freeipa
More help : https://help.launchpad.net/ListHelp
