ldns - Debian Package Tracker

general

source: ldns (main)
version: 1.8.1-1
maintainer: Debian DNS Team (DMD)
uploaders: Ondřej Surý [DMD] – Daniel Kahn Gillmor [DMD] – Michael Tokarev [DMD]
arch: any
std-ver: 4.6.0.1
VCS: Git (Browse, QA)

versions [more versions can be listed by madison] [old versions available from snapshot.debian.org]

[pool directory]

o-o-stable: 1.7.0-1
o-o-sec: 1.7.0-1+deb9u1
oldstable: 1.7.0-4
stable: 1.7.1-2
testing: 1.8.1-1
unstable: 1.8.1-1

versioned links

1.7.0-1: [.dsc, use dget on this link to retrieve source package] [changelog] [copyright] [rules] [control]
1.7.0-1+deb9u1: [.dsc, use dget on this link to retrieve source package] [changelog] [copyright] [rules] [control]
1.7.0-4: [.dsc, use dget on this link to retrieve source package] [changelog] [copyright] [rules] [control]
1.7.1-2: [.dsc, use dget on this link to retrieve source package] [changelog] [copyright] [rules] [control]
1.8.1-1: [.dsc, use dget on this link to retrieve source package] [changelog] [copyright] [rules] [control]

binaries

ldnsutils (8 bugs: 0, 3, 5, 0)
libldns-dev
libldns3
python3-ldns

action needed

Marked for autoremoval on 30 June due to nvidia-graphics-drivers-tesla-470: #1011146 high

Version 1.8.1-1 of ldns is marked for autoremoval from testing on Thu 30 Jun 2022. It depends (transitively) on nvidia-graphics-drivers-tesla-470, affected by #1011146. You should try to prevent the removal by fixing these RC bugs.

Created: 2022-05-24 Last update: 2022-05-24 18:38

Multiarch hinter reports 1 issue(s) high

There are issues with the multiarch metadata for this package.

libldns-dev conflicts on 300 files starting with /usr/share/doc/libldns-dev/ on any two of amd64, arm64, armel, armhf, and 5 more

Created: 2021-12-27 Last update: 2022-05-24 17:34

1 bug tagged patch in the BTS normal

The BTS contains patches fixing 1 bug, consider including or untagging them.

Created: 2021-12-03 Last update: 2022-05-24 20:03

5 new commits since last upload, is it time to release? normal

vcswatch reports that this package seems to have new commits in its VCS but has not yet updated debian/changelog. You should consider updating the Debian changelog and uploading this new version into the archive.

Here are the relevant commit logs:

commit 4f1f77c429a1dc8833f11d4a47ba3385693725be
Author: Michael Tokarev <mjt@tls.msk.ru>
Date:   Thu Apr 28 19:36:41 2022 +0300

    disable GOST algorithm (#862207)
    
    GOST R 34.10-2001 is an obsolete algorithm which should not be used
    in production.  It is not provided by openssl too, a special plugin
    is required to be installed.
    
    Let's disable it entirely.
    
    This removes 4 symbols out of libldns3.so:
    
     ldns_gost2pkey_raw
     ldns_gost_engine
     ldns_key_EVP_load_gost_id
     ldns_key_EVP_unload_gost
    
    Technicallly we should bump soname when removing symbols from a
    shared library.  Or alternatively, we can provide stubs which just
    return failure.  But in this case there should be no problems, since
    the symbols aren't used by any of rdepends, and they should not be
    used by anything either, given the context.
    
    If lack of one of these symbols will be problematic we can solve
    it down the line.
    
    Thank you Ondřej Surý for clarifications.

commit 96ecf1f00f0071694fde3df22858d41edf671f34
Author: Michael Tokarev <mjt@tls.msk.ru>
Date:   Wed Apr 27 14:13:37 2022 +0300

    d/rules: mark all build/install targets as .PHONY (makes build target work with build subdir)

commit f0f265368d06be3290fe1683977e0b678a292747
Author: Michael Tokarev <mjt@tls.msk.ru>
Date:   Wed Apr 27 14:12:13 2022 +0300

    always build in a subdir (build/main for the main build), - no need to hack clean anymore

commit 4e7d3a984bc1f8be9219eacd4a903fca08db390a
Author: Michael Tokarev <mjt@tls.msk.ru>
Date:   Wed Apr 27 14:11:18 2022 +0300

    d/libldns-dev.install: do not install libldns.pc it is already installed by upstream as ldns.pc

commit 06bb8909a81015d107d207799bfa7cfd3c7d110a
Author: Michael Tokarev <mjt@tls.msk.ru>
Date:   Wed Apr 27 13:20:37 2022 +0300

    d/changelog: fix typo

Created: 2022-04-27 Last update: 2022-05-24 13:38

lintian reports 1 warning normal

Lintian reports 1 warning about this package. You should make the package lintian clean getting rid of them.

Created: 2021-01-27 Last update: 2021-01-27 03:02

2 low-priority security issues in buster low

There are 2 open security issues in buster.

2 issues left for the package maintainer to handle:

CVE-2020-19860: (needs triaging) When ldns version 1.7.1 verifies a zone file, the ldns_rr_new_frm_str_internal function has a heap out of bounds read vulnerability. An attacker can leak information on the heap by constructing a zone file payload.
CVE-2020-19861: (needs triaging) When a zone file in ldns 1.7.1 is parsed, the function ldns_nsec3_salt_data is too trusted for the length value obtained from the zone file. When the memcpy is copied, the 0xfe - ldns_rdf_size(salt_rdf) byte data can be copied, causing heap overflow information leakage.

You can find information about how to handle these issues in the security team's documentation.

Created: 2022-01-23 Last update: 2022-05-01 05:35

2 low-priority security issues in bullseye low

There are 2 open security issues in bullseye.

2 issues left for the package maintainer to handle:

CVE-2020-19860: (needs triaging) When ldns version 1.7.1 verifies a zone file, the ldns_rr_new_frm_str_internal function has a heap out of bounds read vulnerability. An attacker can leak information on the heap by constructing a zone file payload.
CVE-2020-19861: (needs triaging) When a zone file in ldns 1.7.1 is parsed, the function ldns_nsec3_salt_data is too trusted for the length value obtained from the zone file. When the memcpy is copied, the 0xfe - ldns_rdf_size(salt_rdf) byte data can be copied, causing heap overflow information leakage.

You can find information about how to handle these issues in the security team's documentation.

Created: 2022-01-23 Last update: 2022-05-01 05:35

Standards version of the package is outdated. wishlist

The package should be updated to follow the last version of Debian Policy (Standards-Version 4.6.1 instead of 4.6.0.1).

Created: 2022-05-11 Last update: 2022-05-11 23:25

testing migrations

This package is part of the ongoing testing transition known as auto-openssl. Please avoid uploads unrelated to this transition, they would likely delay it and require supplementary work from the release managers. On the other hand, if your package has problems preventing it to migrate to testing, please fix them as soon as possible. You can probably find supplementary information in the debian-release archives or in the corresponding release.debian.org bug.

news

[rss feed]

[2022-05-01] ldns 1.8.1-1 MIGRATED to testing (Debian testing watch)
[2022-04-26] Accepted ldns 1.8.1-1 (source) into unstable (Michael Tokarev)
[2022-04-20] ldns 1.7.1-3 MIGRATED to testing (Debian testing watch)
[2022-04-13] Accepted ldns 1.7.1-3 (source) into unstable (Daniel Kahn Gillmor) (signed by: dkg@debian.org)
[2022-04-09] Accepted ldns 1.7.1-2.1 (source) into unstable (Michael Tokarev)
[2022-02-04] Accepted ldns 1.7.0-1+deb9u1 (source amd64) into oldoldstable (Chris Lamb)
[2020-07-01] ldns 1.7.1-2 MIGRATED to testing (Debian testing watch)
[2020-06-24] Accepted ldns 1.7.1-2 (source) into unstable (Santiago Ruano Rincón)
[2020-06-11] Accepted ldns 1.7.1-1 (source amd64) into experimental, experimental (Debian FTP Masters) (signed by: Santiago Ruano Rincón)
[2020-03-28] ldns 1.7.0-4.1 MIGRATED to testing (Debian testing watch)
[2020-03-20] Accepted ldns 1.7.0-4.1 (source) into unstable (Ivo De Decker)
[2019-03-13] ldns 1.7.0-4 MIGRATED to testing (Debian testing watch)
[2019-03-10] Accepted ldns 1.7.0-4 (source) into unstable (Ondřej Surý)
[2018-10-28] ldns 1.7.0-3.1 MIGRATED to testing (Debian testing watch)
[2018-09-29] Accepted ldns 1.7.0-3.1 (source) into unstable (Mattia Rizzolo)
[2017-11-21] Accepted ldns 1.6.13-1+deb7u2 (source amd64) into oldoldstable (Roberto C. Sanchez)
[2017-07-18] ldns 1.7.0-3 MIGRATED to testing (Debian testing watch)
[2017-07-13] Accepted ldns 1.7.0-2 (source amd64) into unstable, unstable (Ondřej Surý)
[2017-07-13] Accepted ldns 1.7.0-3 (source amd64) into unstable, unstable (Ondřej Surý)
[2016-12-28] ldns 1.7.0-1 MIGRATED to testing (Debian testing watch)
[2016-12-21] Accepted ldns 1.7.0-1 (source) into unstable (Ondřej Surý)
[2016-12-17] Accepted ldns 1.7.0~rc3-1 (source amd64) into unstable (Ondřej Surý)
[2016-12-05] Accepted ldns 1.7.0~rc1-0~exp1 (source amd64) into experimental, experimental (Ondřej Surý)
[2016-11-06] ldns 1.6.17-10 MIGRATED to testing (Debian testing watch)
[2016-10-31] Accepted ldns 1.6.17-10 (source) into unstable (Ondřej Surý)
[2016-07-05] ldns 1.6.17-9 MIGRATED to testing (Debian testing watch)
[2016-06-28] Accepted ldns 1.6.17-9 (source amd64) into unstable (Ondřej Surý)
[2016-02-21] ldns 1.6.17-8 MIGRATED to testing (Debian testing watch)
[2016-02-15] Accepted ldns 1.6.17-8 (source amd64) into unstable (Ondřej Surý)
[2015-12-29] ldns 1.6.17-7 MIGRATED to testing (Debian testing watch)

bugs [bug history graph]

all: 8 10
RC: 0
I&N: 2 4
M&W: 5
F&P: 1
patch: 1

links

homepage
lintian (0, 1)
buildd: logs, checks, clang, reproducibility, cross
popcon
browse source code
edit tags
other distros
security tracker

ubuntu

[Information about Ubuntu for Debian Developers]

version: 1.7.1-2ubuntu4
3 bugs
patches for 1.7.1-2ubuntu4