[Bug 1125306] New: c-ares: backport rfc7686 support regarding .onion domains
http://bugzilla.suse.com/show_bug.cgi?id=1125306 Bug ID: 1125306 Summary: c-ares: backport rfc7686 support regarding .onion domains Classification: openSUSE Product: openSUSE Distribution Version: Leap 15.0 Hardware: Other OS: Other Status: NEW Severity: Normal Priority: P5 - None Component: Other Assignee: tchvatal@suse.com Reporter: amajer@suse.com QA Contact: qa-bugs@suse.de Found By: --- Blocker: --- Apparently .onion domains are special and should not be leaked via DNS. c-ares has recently implemented this RFC. Please consider backporting this to c-ares library in Leap. https://github.com/c-ares/c-ares/pull/228 https://github.com/c-ares/c-ares/pull/241 https://tools.ietf.org/html/rfc7686 3. Name Resolution APIs and Libraries: Resolvers MUST either respond to requests for .onion names by resolving them according to [tor-rendezvous] or by responding with NXDOMAIN -- You are receiving this mail because: You are on the CC list for the bug.
http://bugzilla.suse.com/show_bug.cgi?id=1125306 http://bugzilla.suse.com/show_bug.cgi?id=1125306#c1 --- Comment #1 from Adam Majer <amajer@suse.com> --- Created attachment 796718 --> http://bugzilla.suse.com/attachment.cgi?id=796718&action=edit backport of upstream changes -- You are receiving this mail because: You are on the CC list for the bug.
http://bugzilla.suse.com/show_bug.cgi?id=1125306 http://bugzilla.suse.com/show_bug.cgi?id=1125306#c2 --- Comment #2 from Tomáš Chvátal <tchvatal@suse.com> --- Feel free to submit it to SLE as c-ares is from there. It is trivial enough as a patch to not be dangerous :) -- You are receiving this mail because: You are on the CC list for the bug.
http://bugzilla.suse.com/show_bug.cgi?id=1125306 http://bugzilla.suse.com/show_bug.cgi?id=1125306#c3 --- Comment #3 from Adam Majer <amajer@suse.com> --- (In reply to Tomáš Chvátal from comment #2)
Feel free to submit it to SLE as c-ares is from there. It is trivial enough as a patch to not be dangerous :)
Ok, I will submit this to devel project first :) -- You are receiving this mail because: You are on the CC list for the bug.
http://bugzilla.suse.com/show_bug.cgi?id=1125306 Adam Majer <amajer@suse.com> changed: What |Removed |Added ---------------------------------------------------------------------------- Status|NEW |IN_PROGRESS Assignee|tchvatal@suse.com |amajer@suse.com -- You are receiving this mail because: You are on the CC list for the bug.
http://bugzilla.suse.com/show_bug.cgi?id=1125306 Swamp Workflow Management <swamp@suse.de> changed: What |Removed |Added ---------------------------------------------------------------------------- Whiteboard| |ibs:running:13633:moderate -- You are receiving this mail because: You are on the CC list for the bug.
http://bugzilla.suse.com/show_bug.cgi?id=1125306 Maintenance Robot <maint-coord+maintenance_robot@suse.de> changed: What |Removed |Added ---------------------------------------------------------------------------- Whiteboard|ibs:running:13633:moderate | -- You are receiving this mail because: You are on the CC list for the bug.
http://bugzilla.suse.com/show_bug.cgi?id=1125306 http://bugzilla.suse.com/show_bug.cgi?id=1125306#c7 --- Comment #7 from Swamp Workflow Management <swamp@suse.de> --- SUSE-RU-2020:0521-1: An update that has two recommended fixes can now be installed. Category: recommended (moderate) Bug References: 1125306,1159006 CVE References: Sources used: SUSE Linux Enterprise Module for Open Buildservice Development Tools 15-SP1 (src): c-ares-1.15.0+20200117-3.5.1 SUSE Linux Enterprise Module for Basesystem 15-SP1 (src): c-ares-1.15.0+20200117-3.5.1 SUSE Linux Enterprise Module for Basesystem 15 (src): c-ares-1.15.0+20200117-3.5.1 NOTE: This line indicates an update has been released for the listed product(s). At times this might be only a partial fix. If you have questions please reach out to maintenance coordination. -- You are receiving this mail because: You are on the CC list for the bug.
http://bugzilla.suse.com/show_bug.cgi?id=1125306 http://bugzilla.suse.com/show_bug.cgi?id=1125306#c8 --- Comment #8 from Swamp Workflow Management <swamp@suse.de> --- openSUSE-RU-2020:0296-1: An update that has two recommended fixes can now be installed. Category: recommended (moderate) Bug References: 1125306,1159006 CVE References: Sources used: openSUSE Leap 15.1 (src): c-ares-1.15.0+20200117-lp151.3.3.1 -- You are receiving this mail because: You are on the CC list for the bug.
http://bugzilla.suse.com/show_bug.cgi?id=1125306 http://bugzilla.suse.com/show_bug.cgi?id=1125306#c9 Adam Majer <amajer@suse.com> changed: What |Removed |Added ---------------------------------------------------------------------------- Status|IN_PROGRESS |RESOLVED Resolution|--- |FIXED --- Comment #9 from Adam Majer <amajer@suse.com> --- Finally, fix released and problem is resolved. -- You are receiving this mail because: You are on the CC list for the bug.
http://bugzilla.suse.com/show_bug.cgi?id=1125306 http://bugzilla.suse.com/show_bug.cgi?id=1125306#c10 Adam Majer <amajer@suse.com> changed: What |Removed |Added ---------------------------------------------------------------------------- Status|RESOLVED |VERIFIED --- Comment #10 from Adam Majer <amajer@suse.com> --- Verified by NodeJS unit tests for NodeJS 13.x vs. SLE15 SP2 -- You are receiving this mail because: You are on the CC list for the bug.
participants (1)
-
bugzilla_noreply@novell.com