Please read this before reporting a bug:
https://wiki.archlinux.org/title/Bug_reporting_guidelines
Do NOT report bugs when a package is just outdated, or it is in the AUR. Use the 'flag out of date' link on the package page, or the Mailing List.
REPEAT: Do NOT report bugs for outdated packages!
https://wiki.archlinux.org/title/Bug_reporting_guidelines
Do NOT report bugs when a package is just outdated, or it is in the AUR. Use the 'flag out of date' link on the package page, or the Mailing List.
REPEAT: Do NOT report bugs for outdated packages!
FS#65791 - [systemd] apply patch for DNS over TLS hostname checking
Attached to Project:
Arch Linux
Opened by Christian Rebischke (Shibumi) - Wednesday, 11 March 2020, 16:50 GMT
Last edited by Christian Hesse (eworm) - Thursday, 19 March 2020, 16:16 GMT
Opened by Christian Rebischke (Shibumi) - Wednesday, 11 March 2020, 16:50 GMT
Last edited by Christian Hesse (eworm) - Thursday, 19 March 2020, 16:16 GMT
|
DetailsSystemd is able to do hostname checking for DNS over TLS now: https://github.com/systemd/systemd/pull/15012
but sadly the patch didn't land in v245. Can you apply it? this would fix the security problem as described here: https://blog.cloudflare.com/dns-encryption-explained/ https://nvd.nist.gov/vuln/detail/CVE-2018-21029 |
This task depends upon
Closed by Christian Hesse (eworm)
Thursday, 19 March 2020, 16:16 GMT
Reason for closing: Fixed
Additional comments about closing: systemd 245.2-2
Thursday, 19 March 2020, 16:16 GMT
Reason for closing: Fixed
Additional comments about closing: systemd 245.2-2