[Pkg-dns-devel] Bug#877683: jessie version of dns-root-data lacks new ksk in root.ds
Sergio Gelato
Sergio.Gelato at astro.su.se
Wed Oct 4 09:26:02 UTC 2017
Package: dns-root-data
Version: 2017072601~deb8u1
Severity: serious
The version of this package that is currently in jessie-updates still only
lists the old key 19036 in /usr/share/dns/root.ds. If I understood correctly,
starting a week from now the root zone will only be signed with the new key
20326.
/etc/init.d/dnsmasq in jessie relies on the contents of /usr/share/dns/root.ds
to set the --trust-anchor argument to the daemon.
The corresponding package in stretch-updates looks OK. Could it be that the
one in jessie-updates needs to be built with a newer version of bind9utils?
More information about the pkg-dns-devel
mailing list