Thanks for this. I just checked, and the bug is fixed in later versions of dnsmasq. (I didn't determine exactly which one, but I expect it was around 2.67, when DNSSEC validation was added, and the whole code handling DNSSEC flag bits was re-written.)
Therefore in the next release of Debian, this bug will be fixed. That leaves only the question of the current Debian release. This bug would only be fixed there if classified as a security bug. You didn't file the bug as a security bug, and my feeling is that it isn't. Since dnsmasq 2.62 can't do DNSSEC validation, the value of the AD bit in replies is pretty minimal anyway. Cheers, Simon. -- To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
