** Summary changed: - bind9 1:9.18.28-0ubuntu0.20.04.1 brakes local system + bind9 1:9.18.28-0ubuntu0.20.04.1 breakes local system
** Description changed: Using ubuntu 20.04 LTS 5.4.0-190-generic #210-Ubuntu SMP Fri Jul 5 17:03:38 UTC 2024 x86_64 x86_64 x86_64 GNU/Linux - I installed today an update for bind9 + I installed today an update for bind9 (1:9.18.28-0ubuntu0.20.04.1) over (1:9.16.48-0ubuntu0.20.04.1) which killed my existing configuration. The following binaries: - named-checkconf - named-checkzone - named-journalprint and some more disappeared from /usr/sbin (they reside now in /usr/bin) without leaving at least symlinks in those positions. That crashed several scripts for administration and monitoring! Such scripts run with a very limited environment and have hardcoded full paths. Furthermore the new bind version brought a bunch of new configuration options and checks, rendering the current dnssec configuration invalid. - error messages where: + error messages where: - signatures-jitter cannot be larger than signatures-validity-dnskey - signatures-jitter cannot be larger than signatures-validity - signatures-refresh must be at most 90% of the signatures-validity-dnskey - - signatures-refresh must be at most 90% of the signatures-validity - - key lifetime is shorter than 30 days - - key lifetime is shorter than the time it takes to do a rollover + - signatures-refresh must be at most 90% of the signatures-validity + - key lifetime is shorter than 30 days + - key lifetime is shorter than the time it takes to do a rollover and several more. When I tried to move back to the previous working bind9 package, bind9 1:9.16.48-0ubuntu0.20.04.1 was not longer available on four tested mirrors. I would have not expected, that I get updates, with so many function changes in a LTS version. At least, I would have expected some warnings, to confirm with yes, when applying this update. + + After reading: https://kb.isc.org/docs/changes-to-be-aware-of-when- + moving-from-bind-916-to-918 + + I really cannot understand, why this version jump was needed. 9.16 and 9.18 are bot ESV versions, so security issues can't be the the problem. + And when isc.org releases a document, named: + "Changes to be aware of when moving from BIND 9.16 to 9.18" + it should be clear, that this update will kill current installations. -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/2075542 Title: bind9 1:9.18.28-0ubuntu0.20.04.1 breakes local system To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/bind9/+bug/2075542/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
