Your message dated Mon, 20 Feb 2017 21:42:00 +0000 with message-id <8bb27882-5e4f-d19b-4c6b-193aa1fadd8c@thykier.net> and subject line Re: Bug#855635: unblock: unbound/1.6.0-3 has caused the Debian Bug report #855635, regarding unblock: unbound/1.6.0-3 to be marked as done. This means that you claim that the problem has been dealt with. If this is not the case it is now your responsibility to reopen the Bug report if necessary, and/or fix the problem forthwith. (NB: If you are a system administrator and have no idea what this message is talking about, this may indicate a serious mail system misconfiguration somewhere. Please contact owner@bugs.debian.org immediately.) -- 855635: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=855635 Debian Bug Tracking System Contact owner@bugs.debian.org with problems
--- Begin Message ---
- To: submit@bugs.debian.org
- Subject: unblock: unbound/1.6.0-3
- From: Robert Edmonds <edmonds@debian.org>
- Date: Mon, 20 Feb 2017 16:25:42 -0500
- Message-id: <[🔎] 20170220212542.cbw4s6dfmmcyyhkd@mycre.ws>
Package: release.debian.org User: release.debian.org@packages.debian.org Usertags: unblock Severity: normal Hi, I'd like to request a freeze unblock for unbound 1.6.0-3. The only difference between 1.6.0-2 (testing) and 1.6.0-3 (unstable) is that I've cherry-picked an update from upstream that adds the DNSSEC trust anchor for the new key-signing key generated for the root. See bug #855484 for more details. See https://www.icann.org/resources/pages/ksk-rollover for details about the root DNSSEC key-signing key rollover. (If this change is approved, you should verify that the debdiff matches what is in the source package in the archive, and that the trust anchors in the package match what is published by IANA at https://data.iana.org/root-anchors/root-anchors.xml.) unblock unbound/1.6.0-3 Thanks! -- Robert Edmonds edmonds@debian.orgdiff -Nru unbound-1.6.0/debian/changelog unbound-1.6.0/debian/changelog --- unbound-1.6.0/debian/changelog 2016-12-18 15:00:12.000000000 -0500 +++ unbound-1.6.0/debian/changelog 2017-02-19 20:04:34.000000000 -0500 @@ -1,3 +1,10 @@ +unbound (1.6.0-3) unstable; urgency=medium + + * Cherry-pick upstream commit svn r4000, "Include root trust anchor id + 20326 in unbound-anchor". (Closes: #855484) + + -- Robert Edmonds <edmonds@debian.org> Sun, 19 Feb 2017 20:04:34 -0500 + unbound (1.6.0-2) unstable; urgency=high [ Helmut Grohne ] diff -Nru unbound-1.6.0/debian/patches/debian-changes unbound-1.6.0/debian/patches/debian-changes --- unbound-1.6.0/debian/patches/debian-changes 2016-12-18 15:00:12.000000000 -0500 +++ unbound-1.6.0/debian/patches/debian-changes 2017-02-19 20:04:34.000000000 -0500 @@ -5,12 +5,12 @@ information below has been extracted from the changelog. Adjust it or drop it. . - unbound (1.6.0-2) unstable; urgency=high + unbound (1.6.0-3) unstable; urgency=medium . - [ Helmut Grohne ] - * Only use fake_dsa when HAVE_SSL is defined (Closes: #848339) + * Cherry-pick upstream commit svn r4000, "Include root trust anchor id + 20326 in unbound-anchor". (Closes: #855484) Author: Robert Edmonds <edmonds@debian.org> -Bug-Debian: https://bugs.debian.org/848339 +Bug-Debian: https://bugs.debian.org/855484 --- The information above should follow the Patch Tagging Guidelines, please @@ -23,7 +23,7 @@ Bug-Ubuntu: https://launchpad.net/bugs/<bugnumber> Forwarded: <no|not-needed|url proving that it has been forwarded> Reviewed-By: <name and email of someone who approved the patch> -Last-Update: 2016-12-18 +Last-Update: 2017-02-20 --- unbound-1.6.0.orig/acx_python.m4 +++ unbound-1.6.0/acx_python.m4 @@ -52,6 +52,20 @@ If turned off, the server does not listen for control commands. .TP 5 .B control\-interface: \fI<ip address or path> +--- unbound-1.6.0.orig/smallapp/unbound-anchor.c ++++ unbound-1.6.0/smallapp/unbound-anchor.c +@@ -241,7 +241,10 @@ static const char* + get_builtin_ds(void) + { + return +-". IN DS 19036 8 2 49AAC11D7B6F6446702E54A1607371607A1A41855200FD2CE1CDDE32F24E8FB5\n"; ++/* anchor 19036 is from 2010 */ ++/* anchor 20326 is from 2017 */ ++". IN DS 19036 8 2 49AAC11D7B6F6446702E54A1607371607A1A41855200FD2CE1CDDE32F24E8FB5\n" ++". IN DS 20326 8 2 E06D44B80B8F1D39A95C0B0D7C65D08458E880409BBC683457104237C7F8EC8D\n"; + } + + /** print hex data */ --- unbound-1.6.0.orig/smallapp/unbound-control-setup.sh.in +++ unbound-1.6.0/smallapp/unbound-control-setup.sh.in @@ -155,6 +155,6 @@ chmod o-rw $SVR_BASE.pem $SVR_BASE.key $Attachment: signature.asc
Description: PGP signature
--- End Message ---
--- Begin Message ---
- To: Robert Edmonds <edmonds@debian.org>, 855635-done@bugs.debian.org
- Subject: Re: Bug#855635: unblock: unbound/1.6.0-3
- From: Niels Thykier <niels@thykier.net>
- Date: Mon, 20 Feb 2017 21:42:00 +0000
- Message-id: <8bb27882-5e4f-d19b-4c6b-193aa1fadd8c@thykier.net>
- In-reply-to: <[🔎] 20170220212542.cbw4s6dfmmcyyhkd@mycre.ws>
- References: <[🔎] 20170220212542.cbw4s6dfmmcyyhkd@mycre.ws>
Robert Edmonds: > Package: release.debian.org > User: release.debian.org@packages.debian.org > Usertags: unblock > Severity: normal > > Hi, > > I'd like to request a freeze unblock for unbound 1.6.0-3. The only > difference between 1.6.0-2 (testing) and 1.6.0-3 (unstable) is that I've > cherry-picked an update from upstream that adds the DNSSEC trust anchor > for the new key-signing key generated for the root. See bug #855484 for > more details. > > See https://www.icann.org/resources/pages/ksk-rollover for details about > the root DNSSEC key-signing key rollover. > > (If this change is approved, you should verify that the debdiff matches > what is in the source package in the archive, and that the trust anchors > in the package match what is published by IANA at > https://data.iana.org/root-anchors/root-anchors.xml.) > > unblock unbound/1.6.0-3 > > Thanks! > Unblocked, thanks. ~Niels
--- End Message ---