libnss-resolve treats two trailing dots on a domain name incorrectly

Forwarded to https://github.com/systemd/systemd/issues/3978

Fix sent upstream: https://github.com/systemd/systemd/issues/3978

Adam asked to fix that in Xenial too; we don't enable resolved there by default, but folks can manually enable it. It's not a bug that realistically breaks stuff in practice, but it's simple to fix.

Landed upstream, cherry-picked into debian packaging: https://anonscm.debian.org/cgit/pkg-systemd/systemd.git/commit/?id=061c04b

We'll land that, double-check that glibc is happy, and then SRU.

This bug was fixed in the package systemd - 231-6

---------------
systemd (231-6) unstable; urgency=medium

  [ Martin Pitt ]
  * Add alternative iptables-dev build dependencies
    libiptc-dev is very new and not yet present in stable Debian/Ubuntu releases.
    Add it as a fallback build dependency for backports and upstream tests.
  * Detect if seccomp is enabled but seccomp filtering is disabled
    (Closes: #832713)
  * resolved: recognize DNS names with more than one trailing dot as invalid
    (LP: #1600000)
  * debian/tests/smoke: Store udev db dump artifact on failure
  * networkd: limit the number of routes to the kernel limit
  * systemctl: consider service running only when it is in active or reloading state
  * networkd: remove route if carrier is lost
  * Add Ref()/Unref() bus calls for units

  [ Felipe Sateler ]
  * git-cherry-pick: always recreate the patch-queue branch.

  [ Dimitri John Ledkov ]
  * Use idiomatic variables from dpkg include.

 -- Martin Pitt <email address hidden> Sun, 11 Sep 2016 15:00:55 +0200

Thanks for uploading the fix for this bug report to -proposed. However, when reviewing the package in -proposed and the details of this bug report I noticed that the bug description is missing information required for the SRU process. You can find full details at http://wiki.ubuntu.com/StableReleaseUpdates#Procedure but essentially this bug is missing some of the following: a statement of impact, a test case and details regarding the regression potential. Thanks in advance!

Hello Adam, or anyone else affected,

Accepted systemd into xenial-proposed. The package will build now and be available at https://launchpad.net/ubuntu/+source/systemd/229-4ubuntu20 in a few hours, and then in the -proposed repository.

Please help us by testing this new package. See https://wiki.ubuntu.com/Testing/EnableProposed for documentation on how to enable and use -proposed.Your feedback will aid us getting this update out to other Ubuntu users.

If this package fixes the bug for you, please add a comment to this bug, mentioning the version of the package you tested and change the tag from verification-needed-xenial to verification-done-xenial. If it does not fix the bug for you, please add a comment stating that, and change the tag to verification-failed-xenial. In either case, details of your testing will help us make a better decision.

Further information regarding the verification process can be found at https://wiki.ubuntu.com/QATeam/PerformingSRUVerification . Thank you in advance!

229-4ubuntu19
# systemd-resolve www.gnu.org..
www.gnu.org..: 208.118.235.148
               2001:4830:134:3::a
               (www.gnu.org)

-- Information acquired via protocol DNS in 1.8ms.
-- Data is authenticated: no

Which is BAD.

229-4ubuntu20
# systemd-resolve www.gnu.org..
www.gnu.org..: resolve call failed: Invalid hostname 'www.gnu.org..'

Which is GOOD and standards compliant.

This bug was fixed in the package systemd - 229-4ubuntu20

---------------
systemd (229-4ubuntu20) xenial; urgency=medium

  * resolved: recognize DNS names with more than one trailing dot as invalid
    (LP: #1600000)
  * Ignore failures to set Nice priority on services in containers.
    (LP: #1709536)
  * networkd: accept `:' in ifnames in systemd/networkd. (LP: #1714933)
  * initramfs-tools: trigger udevadm add actions with subsystems first.
    (LP: #1713536)
  * networkd: Add support to set STP value on a bridge. (LP: #1665088)
  * networkd: add support for AgeingTImeSec, Priority and DefaultPVID settings.
    (LP: #1715131)
    - Drop cherrypick of uint16 config parser, superseeded by above commit.
  * networkd: add support to set ActiveSlave and PrimarySlave. (LP: #1709135)
    - networkd: add support to configure ARP, depedency of Primary/ActiveSlave.

 -- Dimitri John Ledkov <email address hidden> Tue, 05 Sep 2017 14:01:51 +0100

The verification of the Stable Release Update for systemd has completed successfully and the package has now been released to -updates. Subsequently, the Ubuntu Stable Release Updates Team is being unsubscribed and will not receive messages about this bug report. In the event that you encounter a regression using the package from -updates please report a new bug using ubuntu-bug and tag the bug report regression-update so we can easily find any regressions.