Public bug reported: Binary package hint: bind9
Ubuntu 10.04 LTS still uses Bind 9.7.0-P1, which has a serious validation bug. When turning on DNSSEC, NXdomains are reported as SERVFAILS: ; <<>> DiG 9.7.0-P1 <<>> www.bbc.net.uk aaaa ;; global options: +cmd ;; Got answer: ;; ->>HEADER<<- opcode: QUERY, status: SERVFAIL, id: 46074 See also the discussion on the Bind User list: http://www.mail- archive.com/[email protected]/msg05701.html There was a proposed patch, but it was never released because Bind 9.7.0 is no longer supported by ISC, and should be upgraded to Bind 9.7.1-P2 at least. Since DNSSEC is gaining momentum, and more and more TLD's and domains are DNSSEC signed, this bug is starting to annoy more and more people that rely on log errors for Bind when introducing DNSSEC. ** Affects: bind9 (Ubuntu) Importance: Undecided Status: New -- Bind 9.7.0-P1 validation errors https://bugs.launchpad.net/bugs/651875 You received this bug notification because you are a member of Ubuntu Server Team, which is subscribed to bind9 in ubuntu. -- Ubuntu-server-bugs mailing list [email protected] Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-server-bugs
