Description of problem: Internationalized domain names exist for quite some time (IDNA2003), although the protocols describing them have evolved in an incompatible way (IDNA2008). These incompatibilities will prevent applications written for IDNA2003 to access certain problematic domain names defined with IDNA2008, e.g., faß.de is translated to domain xn--fa-hia.de with IDNA2008, while in IDNA2003 it is translated to fass.de domain. That not only causes incompatibility problems, but may be used as an attack vector to redirect users to different web sites. The change is about deprecating libidn, which supports IDNA2003, and switch all applications using libidn, to libidn2 2.0.0, which supports IDNA2008. The switch should be transparent as the libidn2 library is API compatible. See instructions at: https://libidn.gitlab.io/libidn2/manual/libidn2.html#Converting-from-libidn This is part of the IDNA2008 change: https://fedoraproject.org/wiki/Changes/IDNA2008 If upstream is not aware of that change please involve them on the process.
https://github.com/systemd/systemd/pull/5928
Will be fixed by systemd 234.
I reverted the switch to libidn2 for now — we need to figure out the handling of "forbidden characters".
https://gitlab.com/libidn/libidn2/issues/30
Hi Zbigniew, Do you think this will be included in F27?
Yes. I'll backport the patch. We recently noticed that there's an issue with the related tests in systemd, which will need to fixed. But it's all simple stuff, so there shouldn't be any problem.
Thank you.
This bug appears to have been reported against 'rawhide' during the Fedora 27 development cycle. Changing version to '27'.
Hi Zbigniew, Was there any issue with backporting? Is fedora28 is feasible target?