Bug#1053482: systemd-resolved: resolved can intermittingly fail AF_UNSPEC queries to CNAMEd domains
benjamin at locrian.net
benjamin at locrian.net
Thu Oct 5 01:18:23 BST 2023
Package: systemd-resolved
Version: 252.12-1~deb12u1
Severity: important
Dear Maintainer,
When systemd-resolved simultaneously does A and AAAA queries, it fails if one of the queries returns a CNAME with a zero ttl and the other query returns a CNAME with a nonzero ttl. This happens in practice with several DNS providers. A fix for the problem was recently merged upstream at https://github.com/systemd/systemd/commit/8ec951e8d5cdd3ad632b1cbd8bcbe21d68b17512. See that commit for further details about the issue.
Please consider backporting this fix to bookworm.
-- System Information:
Debian Release: 12.1
APT prefers stable-updates
APT policy: (500, 'stable-updates'), (500, 'stable-security'), (500, 'stable')
Architecture: amd64 (x86_64)
Kernel: Linux 6.1.0-12-cloud-amd64 (SMP w/16 CPU threads; PREEMPT)
Locale: LANG=C.UTF-8, LC_CTYPE=C.UTF-8 (charmap=UTF-8), LANGUAGE not set
Shell: /bin/sh linked to /usr/bin/dash
Init: systemd (via /run/systemd/system)
LSM: AppArmor: enabled
Versions of packages systemd-resolved depends on:
ii dbus [default-dbus-system-bus] 1.14.8-2~deb12u1
ii libc6 2.36-9+deb12u3
ii libssl3 3.0.9-1
ii libsystemd-shared 252.12-1~deb12u1
ii systemd 252.12-1~deb12u1
Versions of packages systemd-resolved recommends:
pn libnss-myhostname <none>
ii libnss-resolve 252.12-1~deb12u1
Versions of packages systemd-resolved suggests:
ii polkitd 122-3
-- no debconf information
More information about the Pkg-systemd-maintainers
mailing list