FS#65791 : [systemd] apply patch for DNS over TLS hostname checking

FS#65791 - [systemd] apply patch for DNS over TLS hostname checking

Attached to Project: Arch Linux
Opened by Christian Rebischke (Shibumi) - Wednesday, 11 March 2020, 16:50 GMT
Last edited by Christian Hesse (eworm) - Thursday, 19 March 2020, 16:16 GMT

Task Type	Bug Report
Category	Packages: Extra
Status	Closed
Assigned To	Dave Reisner (falconindy) Christian Hesse (eworm)
Architecture	All
Severity	Low
Priority	Normal
Reported Version
Due in Version	Undecided
Due Date	Undecided
Percent Complete
Votes	0
Private	No

Details

Systemd is able to do hostname checking for DNS over TLS now: https://github.com/systemd/systemd/pull/15012

but sadly the patch didn't land in v245. Can you apply it? this would fix the security problem as described here:

https://blog.cloudflare.com/dns-encryption-explained/

https://nvd.nist.gov/vuln/detail/CVE-2018-21029

This task depends upon

Closed by Christian Hesse (eworm)
Thursday, 19 March 2020, 16:16 GMT
Reason for closing: Fixed
Additional comments about closing: systemd 245.2-2

	Tasks related to this task (0)

Duplicate tasks of this task (0)

Arch Linux

FS#65791 - [systemd] apply patch for DNS over TLS hostname checking

Details

Loading...