[Pkg-dns-devel] bind9: proposed handling of several open bugs
Bernhard Schmidt
berni at debian.org
Mon Dec 11 22:35:07 UTC 2017
Hi,
looking through the few remaining bugs of bind9 I'd like to propose a
solution for several of them
#741674 [i|+| ] [bind9] Include DNS Dampening to mitigate effects of
DDoS using DNS Amplification
wontfix + close: heavy diversion from upstream, might be in security
related code, git repo for maintaining this patch has not been updated
for four years
#820056 [i| | ] [bind9] same file in multiple views breaks in 9.10 --
writable file 'foo': already in use
wontfix + upstream + close: upstream has changed that by design (because
it will wreck havoc in journals, among others), won't diverge from that
#593940 [n|+| ] [bind9utils] bind9utils: dnssec-{keygen,signzone}
should not be in /usr/sbin
wontfix + close: users can always directly call /usr/sbin/something,
changing that would probably break tons of scripts
#598434 [n|+| ] [bind9] bind9: Improve detection and handling of
recursive 'include' statements in configuration files
ask submitter to submit code upstream, only cherry-pick if the code is there
Any objections?
Bernhard
More information about the pkg-dns-devel
mailing list