Bug 2129005

Summary: glibc: Do not fail name resolution if CNAMEs involve aliases which are not host names [rhel-9.2.0]
Product: Red Hat Enterprise Linux 9 Reporter: Florian Weimer <fweimer>
Component: glibcAssignee: Arjun Shankar <ashankar>
Status: CLOSED ERRATA QA Contact: Sergey Kolosov <skolosov>
Severity: medium Docs Contact: Petr Hybl <phybl>
Priority: unspecified    
Version: 9.2CC: ashankar, codonell, dj, fweimer, markobri, mnewsome, pfrankli, phybl, sipoyare, skolosov
Target Milestone: rcKeywords: Bugfix, Triaged
Target Release: ---   
Hardware: All   
OS: All   
Whiteboard:
Fixed In Version: glibc-2.34-48.el9 Doc Type: Bug Fix
Doc Text:
.DNS lookup can now succeed even when some CNAME records are invalid Previously, the `glibc` DNS stub resolver treated CNAME records with owner names that are not host names as DNS packet errors. Consequently, the DNS query failed because of the DNS packet errors. With this update, the `glibc` stub resolver now skips invalid CNAME records and the corresponding alias information is not extracted. Therefore, DNS lookups can now succeed even if the server response includes a CNAME chain that contains a domain name that is not a host name.
 Story Points: ---
Clone Of: Environment:
Last Closed: 2023-05-09 08:16:01 UTC Type: Bug
Regression: --- Mount Type: ---
Documentation: --- CRM:
Verified Versions: Category: ---
oVirt Team: --- RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: --- Target Upstream Version:
Embargoed:

Description Florian Weimer 2022-09-22 09:26:21 UTC 
This bug has already been fixed on the upstream release/2.34/master branch, but we backported the noaaaa separately under bug 2096191. This will cause conflicts in the upstream import for bug 2116960. For the affected patches (I believe it will be glibc-upstream-2.34-327.patch, 480c820493add16e8dda6f3189d834223e1f4f39 backporting 9caf782276ecea4bc86fc94fbb52779736f3106d), we should take the corresponding commit from the master branch instead. It has noaaaa support in it, so it should apply cleanly.

This bug serves as a reference point for this alternative patch.
Comment 10 errata-xmlrpc 2023-05-09 08:16:01 UTC 
Since the problem described in this bug report should be
resolved in a recent advisory, it has been closed with a
resolution of ERRATA.

For information on the advisory (glibc bug fix and enhancement update), and where to find the updated
files, follow the link below.

If the solution does not work for you, open a new bug report.

https://access.redhat.com/errata/RHBA-2023:2481