Bug#923316: marked as done (apt leaks SRV requests for _socks._tcp.localhost for tor proxy)

To: David Kalnischkies <david@kalnischkies.de>
Subject: Bug#923316: marked as done (apt leaks SRV requests for _socks._tcp.localhost for tor proxy)
From: "Debian Bug Tracking System" <owner@bugs.debian.org>
Date: Sat, 21 Mar 2020 08:57:04 +0000
Message-id: <[🔎] handler.923316.D923316.158478076931381.ackdone@bugs.debian.org>
Reply-to: 923316@bugs.debian.org
References: <20200321085243.v6455x36bfubzosk@crossbow> <20190226101648.GA26022@debian.org>

Your message dated Sat, 21 Mar 2020 09:52:43 +0100
with message-id <20200321085243.v6455x36bfubzosk@crossbow>
and subject line Re: apt leaks SRV requests for _socks._tcp.localhost for tor proxy
has caused the Debian Bug report #923316,
regarding apt leaks SRV requests for _socks._tcp.localhost for tor proxy
to be marked as done.

This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.

(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact owner@bugs.debian.org
immediately.)


-- 
923316: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=923316
Debian Bug Tracking System
Contact owner@bugs.debian.org with problems

--- Begin Message ---

To: Debian Bug Tracking System <submit@bugs.debian.org>

Subject: apt leaks SRV requests for _socks._tcp.localhost for tor proxy

From: Julian Andres Klode <jak@debian.org>

Date: Tue, 26 Feb 2019 10:19:52 +0100

Message-id: <20190226101648.GA26022@debian.org>
Package: apt
Version: 1.3~rc1
Severity: important
Tags: security
Control: fixed -1 1.7.0~alpha1

apt, starting with 1.3~rc1, and prior to 1.7.0~alpha1, generates a
SRV request when trying to use the Tor proxy, asking the DNS server
SRV _socks._tcp.localhost.

This might cause information to be leaked that the user is about to
use tor for Debian package installation, as no other tool is likely to perform
such queries.

-- 
debian developer - deb.li/jak | jak-linux.org - free software dev
ubuntu core developer                              i speak de, en
--- End Message ---

--- Begin Message ---

To: 923316-done@bugs.debian.org

Subject: Re: apt leaks SRV requests for _socks._tcp.localhost for tor proxy

From: David Kalnischkies <david@kalnischkies.de>

Date: Sat, 21 Mar 2020 09:52:43 +0100

Message-id: <20200321085243.v6455x36bfubzosk@crossbow>
Version: 1.7.0~alpha1

This was reported as already fixed in our main branch to have a record
of it for backporting to older branches. As supposedly all the
backporting that will be done for this has happened and our BTS has
version tracking we can confidently close this report for good as it has
served its purpose.


Best regards

David Kalnischkies
Attachment: signature.asc
Description: PGP signature

--- End Message ---

Reply to:

Prev by Date: Bug#180322: marked as done ("reinstall" rather than "--reinstall install")
Next by Date: Bug#954343: Error message 'Unable to parse package file (1)' unhelpful
Previous by thread: Bug#180322: marked as done ("reinstall" rather than "--reinstall install")
Next by thread: Good News
Index(es):
- Date
- Thread