Bug #45806 for bind9-public: dnssec-settime incorrectly calculates dates for a successor key

RT for ISC-Bugs

Report information

The Basics

Id:	45806
Status:	resolved
Priority:	0/
Queue:	bind9-public

People

Owner:	Michał Kępień <michal@isc.org>
Requestors:	Michał Kępień <michal@isc.org>
Cc:
AdminCc:

Bug Information

Version Fixed:	9.9.12, 9.10.7, 9.11.3, 9.12.0
Version Found:	9.9.3
Versions Affected:	(no value)
Versions Planned:	(no value)
Priority:	P2 Normal
Severity:	S2 Normal
CVSS Score:	(no value)
CVE ID:	(no value)
Component:	BIND Utilities
Area:	bug

Dates

Created:	Fri, 18 Aug 2017 07:22:21 -0400
Updated:	Mon, 21 Aug 2017 04:15:55 -0400
Closed:	Mon, 21 Aug 2017 04:15:55 -0400

This bug tracker is no longer active.

Please go to our Gitlab to submit issues (both feature requests and bug reports) for active projects maintained by Internet Systems Consortium (ISC).

Due to security and confidentiality requirements, full access is limited to the primary maintainers.

History Show full headers

# Fri, 18 Aug 2017 07:22:22 -0400 Michał Kępień <michal@isc.org> - Ticket created [Reply] [Comment]

To:	bind9-public@isc.org
From:	michal@isc.org
Subject:	dnssec-settime incorrectly calculates dates for a successor key
Date:	Fri, 18 Aug 2017 11:22:20 +0000

Download (untitled) / with headers
text/plain 305B

Commit c8803902d6e (included in BIND 9.9.3 and all further releases) broke calculation of publication and activation dates for a successor key (-S). Depending on dates set for the predecessor key, this may either cause a bogus fatal error to be reported or invalid dates to be set for the successor key.

# Fri, 18 Aug 2017 07:28:16 -0400 Michał Kępień <michal@isc.org> - Correspondence added [Reply] [Comment]

Download (untitled) / with headers
text/plain 114B

Proposed fix is in rt45806, along with a minor documentation addendum and an error message tweak. Please review.

# Fri, 18 Aug 2017 07:28:17 -0400 Michał Kępień <michal@isc.org> - Status changed from 'open' to 'review'

# Fri, 18 Aug 2017 07:28:17 -0400 Michał Kępień <michal@isc.org> - Untaken

# Sat, 19 Aug 2017 20:22:16 -0400 Evan Hunt <Evan_Hunt@isc.org> - Correspondence added [Reply] [Comment]

Download (untitled) / with headers
text/plain 11B

Looks good.

# Sat, 19 Aug 2017 20:22:17 -0400 Evan Hunt <Evan_Hunt@isc.org> - Given to Michał Kępień <michal@isc.org>

# Mon, 21 Aug 2017 04:15:54 -0400 Michał Kępień <michal@isc.org> - Correspondence added [Reply] [Comment]

Download (untitled) / with headers
text/plain 151B

4685. [bug] dnssec-settime incorrectly calculated publication and activation dates for a successor key. [RT #45806] 9.9.12, 9.10.7, 9.11.3, 9.12.0

# Mon, 21 Aug 2017 04:15:55 -0400 Michał Kępień <michal@isc.org> - Status changed from 'review' to 'resolved'

# Mon, 21 Aug 2017 04:15:55 -0400 Michał Kępień <michal@isc.org> - Version Fixed 9.9.12, 9.10.7, 9.11.3, 9.12.0 added