| 2016-09-16 10:37:17 |
Anders Kaseorg |
bug |
|
|
added bug |
| 2016-09-16 15:18:33 |
Martin Pitt |
bug watch added |
|
https://github.com/systemd/systemd/issues/3421 |
|
| 2016-09-16 15:18:52 |
Martin Pitt |
bug task added |
|
systemd |
|
| 2016-09-16 15:19:13 |
Martin Pitt |
systemd (Ubuntu): status |
New |
Incomplete |
|
| 2016-09-17 02:22:07 |
Bug Watch Updater |
systemd: status |
Unknown |
New |
|
| 2016-09-18 00:53:59 |
Anders Kaseorg |
systemd (Ubuntu): status |
Incomplete |
New |
|
| 2016-09-19 06:39:43 |
Martin Pitt |
systemd (Ubuntu): status |
New |
Triaged |
|
| 2016-09-19 06:39:50 |
Martin Pitt |
systemd (Ubuntu): importance |
Undecided |
Medium |
|
| 2016-09-29 06:04:47 |
Anders Kaseorg |
tags |
|
regression-release |
|
| 2016-09-29 06:05:13 |
Anders Kaseorg |
tags |
regression-release |
regression-release yakkety |
|
| 2016-09-29 06:21:37 |
Anders Kaseorg |
tags |
regression-release yakkety |
yakkety |
|
| 2016-10-06 05:52:28 |
Martin Pitt |
systemd: importance |
Unknown |
Undecided |
|
| 2016-10-06 05:52:28 |
Martin Pitt |
systemd: remote watch |
github.com/systemd/systemd/issues #3421 |
|
|
| 2016-10-06 05:52:38 |
Martin Pitt |
systemd (Ubuntu): status |
Triaged |
Incomplete |
|
| 2016-10-17 14:26:10 |
Ognjen |
bug |
|
|
added subscriber Ognjen |
| 2016-10-26 14:45:37 |
Dennis |
systemd (Ubuntu): status |
Incomplete |
Confirmed |
|
| 2016-11-04 02:34:01 |
Matt Moeller |
bug |
|
|
added subscriber Matt Moeller |
| 2016-11-08 02:50:54 |
Michael Migdol |
bug |
|
|
added subscriber Michael Migdol |
| 2016-11-21 16:07:54 |
superfav |
bug |
|
|
added subscriber superfav |
| 2016-12-01 19:40:46 |
Valient Gough |
bug |
|
|
added subscriber Valient Gough |
| 2016-12-02 00:57:50 |
mxCoder |
bug |
|
|
added subscriber mxCoder |
| 2016-12-07 10:01:16 |
Martin Pitt |
tags |
yakkety |
resolved yakkety |
|
| 2016-12-18 15:53:23 |
Vincent Gerris |
bug |
|
|
added subscriber Vincent Gerris |
| 2016-12-22 17:08:57 |
Mike Vincent |
bug |
|
|
added subscriber Mike Vincent |
| 2017-01-11 09:03:24 |
Johan Tol |
bug |
|
|
added subscriber Johan Tol |
| 2017-02-24 16:16:04 |
Dennis Straffin |
bug |
|
|
added subscriber Dennis Straffin |
| 2017-03-05 22:13:57 |
Winckler |
bug |
|
|
added subscriber Winckler |
| 2017-03-11 14:50:49 |
Markus J Schmidt |
tags |
resolved yakkety |
resolved xenial yakkety |
|
| 2017-03-12 18:54:27 |
Ognjen |
bug watch added |
|
https://bugzilla.redhat.com/show_bug.cgi?id=1151544 |
|
| 2017-03-20 10:24:00 |
Markus J Schmidt |
bug |
|
|
added subscriber Markus J Schmidt |
| 2017-03-20 13:52:23 |
superfav |
removed subscriber superfav |
|
|
|
| 2017-03-20 17:35:08 |
mamoch |
bug |
|
|
added subscriber mamoch |
| 2017-03-25 21:49:29 |
Anton Blanchard |
bug |
|
|
added subscriber Anton Blanchard |
| 2017-03-30 10:07:57 |
Neon |
bug |
|
|
added subscriber Neon |
| 2017-04-17 19:12:13 |
Piotr Piastucki |
bug |
|
|
added subscriber Piotr Piastucki |
| 2017-04-18 08:58:32 |
E. Papegaaij |
bug |
|
|
added subscriber E. Papegaaij |
| 2017-04-24 18:58:32 |
Stephan |
bug |
|
|
added subscriber Stephan |
| 2017-04-26 12:27:51 |
Christian Ehrhardt |
systemd (Ubuntu): importance |
Medium |
High |
|
| 2017-04-26 12:27:56 |
Christian Ehrhardt |
tags |
resolved xenial yakkety |
resolved xenial yakkety zesty |
|
| 2017-04-26 14:52:37 |
Simon Déziel |
bug |
|
|
added subscriber Simon Déziel |
| 2017-04-26 14:59:55 |
Christian Ehrhardt |
bug |
|
|
added subscriber ChristianEhrhardt |
| 2017-04-28 10:31:55 |
Neon |
removed subscriber Neon |
|
|
|
| 2017-04-28 18:58:38 |
Chuck Burt |
bug |
|
|
added subscriber Chuck Burt |
| 2017-05-01 11:24:56 |
Felix Eckhofer |
bug |
|
|
added subscriber Felix Eckhofer |
| 2017-05-04 14:50:27 |
Tim Shannon |
bug |
|
|
added subscriber Tim Shannon |
| 2017-05-08 10:44:31 |
Jordi Miralles |
bug |
|
|
added subscriber Jordi Miralles |
| 2017-05-08 15:19:34 |
Stefan K. |
bug |
|
|
added subscriber Stefan K. |
| 2017-05-28 16:29:59 |
Andreas Steffan |
bug |
|
|
added subscriber Andreas Steffan |
| 2017-05-29 17:16:56 |
Mathieu Trudel-Lapierre |
bug |
|
|
added subscriber Mathieu Trudel-Lapierre |
| 2017-06-02 20:59:13 |
Brian Murray |
tags |
resolved xenial yakkety zesty |
resolved rls-aa-incoming xenial yakkety zesty |
|
| 2017-06-04 09:01:35 |
Nicholas Stommel |
bug task added |
|
network-manager (Ubuntu) |
|
| 2017-06-04 09:02:01 |
Nicholas Stommel |
network-manager (Ubuntu): status |
New |
Confirmed |
|
| 2017-06-04 21:25:15 |
Nicholas Stommel |
bug |
|
|
added subscriber Nicholas Stommel |
| 2017-06-06 04:00:40 |
Nicholas Stommel |
attachment added |
|
patch for network-manager source https://bugs.launchpad.net/ubuntu/+source/systemd/+bug/1624317/+attachment/4889747/+files/resolved-vpn-dns-leak-fix.patch |
|
| 2017-06-06 04:02:43 |
Nicholas Stommel |
attachment added |
|
patched network manager .deb for easy fix installation on Ubuntu 17.04 https://bugs.launchpad.net/ubuntu/+source/systemd/+bug/1624317/+attachment/4889755/+files/network-manager_1.4.4-1ubuntu3_amd64.deb |
|
| 2017-06-06 04:25:32 |
Ubuntu Foundations Team Bug Bot |
tags |
resolved rls-aa-incoming xenial yakkety zesty |
patch resolved rls-aa-incoming xenial yakkety zesty |
|
| 2017-06-06 04:25:41 |
Ubuntu Foundations Team Bug Bot |
bug |
|
|
added subscriber Ubuntu Review Team |
| 2017-06-06 10:59:22 |
Stefan K. |
removed subscriber Stefan K. |
|
|
|
| 2017-06-06 20:40:20 |
Nicholas Stommel |
attachment added |
|
possible cisco network-manager-openconnect-fix https://bugs.launchpad.net/ubuntu/+source/systemd/+bug/1624317/+attachment/4890352/+files/resolved-vpn-dns-leak-fix.patch |
|
| 2017-06-06 21:17:48 |
Nicholas Stommel |
attachment added |
|
updated patched .deb packaged network-manager for easy testing https://bugs.launchpad.net/ubuntu/+source/systemd/+bug/1624317/+attachment/4890421/+files/network-manager_1.4.4-1ubuntu3_amd64.deb |
|
| 2017-06-08 00:01:22 |
Nicholas Stommel |
attachment removed |
patch for network-manager source https://bugs.launchpad.net/ubuntu/+source/network-manager/+bug/1624317/+attachment/4889747/+files/resolved-vpn-dns-leak-fix.patch |
|
|
| 2017-06-08 00:01:33 |
Nicholas Stommel |
attachment removed |
possible cisco network-manager-openconnect-fix https://bugs.launchpad.net/ubuntu/+source/network-manager/+bug/1624317/+attachment/4890352/+files/resolved-vpn-dns-leak-fix.patch |
|
|
| 2017-06-08 00:01:48 |
Nicholas Stommel |
attachment removed |
patched network manager .deb for easy fix installation on Ubuntu 17.04 https://bugs.launchpad.net/ubuntu/+source/network-manager/+bug/1624317/+attachment/4889755/+files/network-manager_1.4.4-1ubuntu3_amd64.deb |
|
|
| 2017-06-08 00:02:01 |
Nicholas Stommel |
attachment removed |
updated patched .deb packaged network-manager for easy testing https://bugs.launchpad.net/ubuntu/+source/network-manager/+bug/1624317/+attachment/4890421/+files/network-manager_1.4.4-1ubuntu3_amd64.deb |
|
|
| 2017-06-08 00:14:59 |
Nicholas Stommel |
attachment added |
|
resolved-vpn-dns-leak-fix.patch https://bugs.launchpad.net/ubuntu/+source/network-manager/+bug/1624317/+attachment/4891740/+files/resolved-vpn-dns-leak-fix.patch |
|
| 2017-06-08 00:16:35 |
Nicholas Stommel |
attachment added |
|
patched network-manager .deb for easy testing on Ubuntu 17.04 https://bugs.launchpad.net/ubuntu/+source/network-manager/+bug/1624317/+attachment/4891741/+files/network-manager_1.4.4-1ubuntu4_amd64.deb |
|
| 2017-06-08 19:19:18 |
Nicholas Stommel |
bug watch added |
|
https://bugzilla.gnome.org/show_bug.cgi?id=783569 |
|
| 2017-06-09 19:08:46 |
Brian Murray |
systemd (Ubuntu): assignee |
|
Dimitri John Ledkov (xnox) |
|
| 2017-06-09 19:09:09 |
Brian Murray |
nominated for series |
|
Ubuntu Artful |
|
| 2017-06-09 19:09:09 |
Brian Murray |
bug task added |
|
network-manager (Ubuntu Artful) |
|
| 2017-06-09 19:09:09 |
Brian Murray |
bug task added |
|
systemd (Ubuntu Artful) |
|
| 2017-06-09 19:09:37 |
Brian Murray |
tags |
patch resolved rls-aa-incoming xenial yakkety zesty |
patch resolved xenial yakkety zesty |
|
| 2017-06-21 08:06:04 |
bagl0312 |
bug |
|
|
added subscriber bagl0312 |
| 2017-06-22 00:50:51 |
Nicholas Stommel |
bug watch added |
|
https://bugzilla.gnome.org/show_bug.cgi?id=746422 |
|
| 2017-06-22 00:50:51 |
Nicholas Stommel |
attachment added |
|
systemd-resolved-dns-priority-fix.patch https://bugs.launchpad.net/ubuntu/+source/network-manager/+bug/1624317/+attachment/4900587/+files/systemd-resolved-dns-priority-fix.patch |
|
| 2017-06-22 01:18:07 |
Nicholas Stommel |
attachment added |
|
network-manager_1.4.4-1ubuntu4_amd64.deb https://bugs.launchpad.net/ubuntu/+source/network-manager/+bug/1624317/+attachment/4900613/+files/network-manager_1.4.4-1ubuntu4_amd64.deb |
|
| 2017-07-06 12:21:23 |
Dimitri John Ledkov |
bug task deleted |
systemd (Ubuntu) |
|
|
| 2017-07-06 12:21:43 |
Dimitri John Ledkov |
bug task deleted |
systemd (Ubuntu Artful) |
|
|
| 2017-07-06 12:23:06 |
Dimitri John Ledkov |
affects |
systemd |
network-manager |
|
| 2017-07-06 12:23:21 |
Dimitri John Ledkov |
network-manager: importance |
Undecided |
Unknown |
|
| 2017-07-06 12:23:21 |
Dimitri John Ledkov |
network-manager: status |
New |
Unknown |
|
| 2017-07-06 12:23:21 |
Dimitri John Ledkov |
network-manager: remote watch |
|
GNOME Bug Tracker #783569 |
|
| 2017-07-06 12:23:39 |
Dimitri John Ledkov |
nominated for series |
|
Ubuntu Zesty |
|
| 2017-07-06 12:23:39 |
Dimitri John Ledkov |
bug task added |
|
network-manager (Ubuntu Zesty) |
|
| 2017-07-06 12:29:19 |
Dimitri John Ledkov |
description |
I use a VPN configured with network-manager-openconnect-gnome in which a split-horizon DNS setup assigns different addresses to some names inside the remote network than the addresses seen for those names from outside the remote network. However, systemd-resolved often decides to ignore the VPN’s DNS servers and use the local network’s DNS servers to resolve names (whether in the remote domain or not), breaking the split-horizon DNS.
This related bug, reported by Lennart Poettering himself, was closed with the current Fedora release at the time reaching EOL:
https://bugzilla.redhat.com/show_bug.cgi?id=1151544 |
[Impact]
* NetworkManager incorrectly handles dns-priority of the VPN-like connections, which leads to leaking DNS queries outside of the VPN into the general internet.
* Upstream has resolved this issue in master and 1.8 to correctly configure any dns backends with negative dns-priority settings.
[Test Case]
#FIXME#
* detailed instructions how to reproduce the bug
* these should allow someone who is not familiar with the affected
package to reproduce the bug and verify that the updated package fixes
the problem.
#FIXME#
[Regression Potential]
* If this issue is changed DNS resolution will change, for certain queries, to go via VPN rather than general internet. And therefore, one may get new/different results or even loose access to resolve/access certain parts of the interent depending on what the DNS server on VPN chooses to respond to.
[Other Info]
* Original bug report
I use a VPN configured with network-manager-openconnect-gnome in which a split-horizon DNS setup assigns different addresses to some names inside the remote network than the addresses seen for those names from outside the remote network. However, systemd-resolved often decides to ignore the VPN’s DNS servers and use the local network’s DNS servers to resolve names (whether in the remote domain or not), breaking the split-horizon DNS.
This related bug, reported by Lennart Poettering himself, was closed with the current Fedora release at the time reaching EOL:
https://bugzilla.redhat.com/show_bug.cgi?id=1151544 |
|
| 2017-07-06 12:33:11 |
Dimitri John Ledkov |
network-manager (Ubuntu Zesty): status |
New |
Confirmed |
|
| 2017-07-13 14:11:55 |
Arik Kfir |
bug |
|
|
added subscriber Arik Kfir |
| 2017-07-18 09:35:12 |
Michael Winsauer |
bug |
|
|
added subscriber Michael Winsauer |
| 2017-08-01 21:51:32 |
Starchy |
bug |
|
|
added subscriber Starchy |
| 2017-08-30 10:59:46 |
amano |
bug |
|
|
added subscriber amano |
| 2017-09-02 05:14:16 |
mark burdett |
bug |
|
|
added subscriber mark burdett |
| 2017-09-04 11:50:35 |
mkurz |
bug |
|
|
added subscriber mkurz |
| 2017-10-04 21:39:53 |
Boris Malkov |
bug |
|
|
added subscriber Boris Malkov |
| 2017-10-05 19:25:13 |
Felix Eckhofer |
removed subscriber Felix Eckhofer |
|
|
|
| 2017-10-25 05:01:51 |
Sebastien Bacher |
network-manager (Ubuntu): importance |
Undecided |
High |
|
| 2017-10-25 05:01:56 |
Sebastien Bacher |
network-manager (Ubuntu Artful): importance |
Undecided |
High |
|
| 2017-10-25 05:01:59 |
Sebastien Bacher |
network-manager (Ubuntu Zesty): importance |
Undecided |
High |
|
| 2017-11-03 09:46:10 |
Christian Ehrhardt |
network-manager (Ubuntu Artful): status |
Confirmed |
Fix Released |
|
| 2017-11-03 09:46:13 |
Christian Ehrhardt |
network-manager (Ubuntu): status |
Confirmed |
Fix Released |
|
| 2019-02-10 02:06:40 |
Richard Laager |
bug |
|
|
added subscriber Richard Laager |
| 2019-05-25 18:25:53 |
Mathew Hodson |
network-manager (Ubuntu Zesty): status |
Confirmed |
Won't Fix |
|
| 2019-07-21 00:55:17 |
Mathew Hodson |
bug watch removed |
https://bugzilla.redhat.com/show_bug.cgi?id=1151544 |
|
|
| 2019-07-21 00:55:34 |
Mathew Hodson |
bug watch removed |
https://github.com/systemd/systemd/issues/3421 |
|
|
| 2019-07-21 00:58:17 |
Mathew Hodson |
bug watch removed |
https://gitlab.gnome.org/746422 |
|
|
| 2019-09-01 01:20:38 |
Mathew Hodson |
bug watch added |
|
https://bugzilla.gnome.org/show_bug.cgi?id=783569 |
|
| 2019-09-01 01:20:38 |
Mathew Hodson |
network-manager: remote watch |
GNOME Bug Tracker #783569 |
bugzilla.gnome.org/ #783569 |
|
| 2019-09-01 01:22:01 |
Mathew Hodson |
bug watch removed |
https://gitlab.gnome.org/783569 |
|
|
| 2019-09-01 01:48:01 |
Mathew Hodson |
description |
[Impact]
* NetworkManager incorrectly handles dns-priority of the VPN-like connections, which leads to leaking DNS queries outside of the VPN into the general internet.
* Upstream has resolved this issue in master and 1.8 to correctly configure any dns backends with negative dns-priority settings.
[Test Case]
#FIXME#
* detailed instructions how to reproduce the bug
* these should allow someone who is not familiar with the affected
package to reproduce the bug and verify that the updated package fixes
the problem.
#FIXME#
[Regression Potential]
* If this issue is changed DNS resolution will change, for certain queries, to go via VPN rather than general internet. And therefore, one may get new/different results or even loose access to resolve/access certain parts of the interent depending on what the DNS server on VPN chooses to respond to.
[Other Info]
* Original bug report
I use a VPN configured with network-manager-openconnect-gnome in which a split-horizon DNS setup assigns different addresses to some names inside the remote network than the addresses seen for those names from outside the remote network. However, systemd-resolved often decides to ignore the VPN’s DNS servers and use the local network’s DNS servers to resolve names (whether in the remote domain or not), breaking the split-horizon DNS.
This related bug, reported by Lennart Poettering himself, was closed with the current Fedora release at the time reaching EOL:
https://bugzilla.redhat.com/show_bug.cgi?id=1151544 |
[Impact]
* NetworkManager incorrectly handles dns-priority of the VPN-like connections, which leads to leaking DNS queries outside of the VPN into the general internet.
* Upstream has resolved this issue in master and 1.8 to correctly configure any dns backends with negative dns-priority settings.
[Regression Potential]
* If this issue is changed DNS resolution will change, for certain queries, to go via VPN rather than general internet. And therefore, one may get new/different results or even loose access to resolve/access certain parts of the interent depending on what the DNS server on VPN chooses to respond to.
[Other Info]
* Original bug report
I use a VPN configured with network-manager-openconnect-gnome in which a split-horizon DNS setup assigns different addresses to some names inside the remote network than the addresses seen for those names from outside the remote network. However, systemd-resolved often decides to ignore the VPN’s DNS servers and use the local network’s DNS servers to resolve names (whether in the remote domain or not), breaking the split-horizon DNS.
This related bug, reported by Lennart Poettering himself, was closed with the current Fedora release at the time reaching EOL:
https://bugzilla.redhat.com/show_bug.cgi?id=1151544 |
|
| 2019-09-02 13:03:04 |
Bug Watch Updater |
network-manager: status |
Unknown |
Fix Released |
|
| 2019-09-02 13:03:04 |
Bug Watch Updater |
network-manager: importance |
Unknown |
Critical |
|
| 2020-11-02 14:44:23 |
Mauro |
bug |
|
|
added subscriber Mauro |
