Bug 2253461

Summary: unbound: Update of b.root-servers.net
Product: [Fedora] Fedora Reporter: Petr Menšík <pemensik>
Component: unboundAssignee: Petr Menšík <pemensik>
Status: CLOSED ERRATA QA Contact: Fedora Extras Quality Assurance <extras-qa>
Severity: medium Docs Contact:
Priority: unspecified    
Version: rawhideCC: amoloney, dns-sig, extras-qa, kevin, paul.wouters, pemensik, pj.pandit
Target Milestone: ---   
Target Release: ---   
Hardware: Unspecified   
OS: Linux   
URL: https://b.root-servers.org/news/2023/05/16/new-addresses.html
Whiteboard:
Fixed In Version: unbound-1.19.0-7.fc39 Doc Type: If docs needed, set a value
Doc Text:
Story Points: ---
Clone Of: 2253459 Environment:
Last Closed: 2024-02-05 01:25:37 UTC Type: ---
Regression: --- Mount Type: ---
Documentation: --- CRM:
Verified Versions: Category: ---
oVirt Team: --- RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: --- Target Upstream Version:
Embargoed:
Bug Depends On: 2253459, 2253462, 2253463    
Bug Blocks: 2253460    

Description Petr Menšík 2023-12-07 14:42:35 UTC 
+++ This bug was initially created as a clone of Bug #2253459 +++

Several tools inside distribution works with DNS global servers. It contains list of root-servers.net, where one address recently has changed. It should be updated in all software using such list. Either built-in or explicit in configuration files, address of b.root-servers.net has changed.



Reproducible: Always

Steps to Reproduce:
1. check used hint address of b.root-servers.net
2. dig +short -x 199.9.14.201 -x 2001:500:200::b | grep -i ^b.root-servers.net
3. dig +short -x 170.247.170.2 -x 2801:1b8:10::b | grep -i ^b.root-servers.net
Actual Results:  
b.root-servers.net.	518400	IN	A	199.9.14.201
b.root-servers.net.	518400	IN	AAAA	2001:500:200::b


Expected Results:  
b.root-servers.net.	518400	IN	A	170.247.170.2
b.root-servers.net.	518400	IN	AAAA	2801:1b8:10::b


Authoritative servers list can be obtained from:
https://www.internic.net/domain/named.root

Or using command:
dig +tcp +norec @d.root-servers.net

Reverse addresses of old leads to: b-2017.b.root-servers.org.

$ dig +short -x 199.9.14.201 -x 2001:500:200::b 
b-2017.b.root-servers.org.
b-2017.b.root-servers.org.

$ dig +short -x 170.247.170.2 -x 2801:1b8:10::b | grep -i ^b.root-servers.net 
b.root-servers.net.
b.root-servers.net.
Comment 1 Petr Menšík 2024-01-16 16:02:31 UTC 
Upstream has updated addresses in the code, but configuration example config were not updated:
https://github.com/NLnetLabs/unbound/pull/993

Addresses used in the code were updated by commit:
https://github.com/NLnetLabs/unbound/commit/a8739bad76d4d179290627e989c7ef236345bda6
Comment 2 Fedora Update System 2024-01-30 10:35:34 UTC 
FEDORA-2024-5a9bb78b04 has been submitted as an update to Fedora 39. https://bodhi.fedoraproject.org/updates/FEDORA-2024-5a9bb78b04
Comment 3 Fedora Update System 2024-01-31 00:52:20 UTC 
FEDORA-2024-5a9bb78b04 has been pushed to the Fedora 39 testing repository.
Soon you'll be able to install the update with the following command:
`sudo dnf upgrade --enablerepo=updates-testing --refresh --advisory=FEDORA-2024-5a9bb78b04`
You can provide feedback for this update here: https://bodhi.fedoraproject.org/updates/FEDORA-2024-5a9bb78b04

See also https://fedoraproject.org/wiki/QA:Updates_Testing for more information on how to test updates.
Comment 4 Fedora Update System 2024-02-05 01:25:37 UTC 
FEDORA-2024-5a9bb78b04 has been pushed to the Fedora 39 stable repository.
If problem still persists, please make note of it in this bug report.