Overview Repositories Revisions Requests Users Attributes Meta

Revisions of c-ares

Ana Guerrero's avatar Ana Guerrero (anag+factory) accepted request 1179976 from Adam Majer's avatar Adam Majer (adamm) (revision 24) 
- c-ares 1.30.0
Features:
* Basic support for SIG RR record (RFC 2931 / RFC 2535) [PR #773]
Changes:
* Validation that DNS strings can only consist of printable ascii characters
  otherwise will trigger a parse failure. [75de16c] and [40fb125]
Bugfixes:
* QueryCache: Fix issue where purging on server changes wasn't working. [a6c8fe6]
- updated dowload URLs to point to github
- updated keyring to include Brad House DA7D64E4C82C6294CB73A20E22E3D13B5411B7CA
Ana Guerrero's avatar Ana Guerrero (anag+factory) accepted request 1164057 from Adam Majer's avatar Adam Majer (adamm) (revision 22) 
- c-ares 1.28.1
Features:
  * Emit warnings when deprecated c-ares functions are used.
    This can be disabled by passing a compiler definition of
    `CARES_NO_DEPRECATED`. [PR #732]
  * Add function `ares_search_dnsrec()` to search for records
    using the new DNS record data structures. [PR #719]
  * Rework internals to pass around `ares_dns_record_t` instead of
    binary data, this introduces new public functions of
    `ares_query_dnsrec()` and `ares_send_dnsrec()`. [PR #730]
Changes:
  * tests: when performing simulated queries, reduce timeouts
    to make tests run faster
  * Replace configuration file parsers with memory-safe parser. [PR #725]
  * Remove `acountry` completely, the manpage might still get
    installed otherwise. [Issue #718]
Bugfixes:
  * CMake: don't overwrite global required libraries/definitions/includes
    which could cause build errors for projects chain building c-ares.
    [Issue #729]
  * On some platforms, `netinet6/in6.h` is not included by `netinet/in.h`
    and needs to be included separately. [PR #728]
  * Fix a potential memory leak in `ares_init()`. [Issue #724]
  * Some platforms don't have the `isascii()` function.
    Implement as a macro. [PR #721]
  * CMake: Fix Chain building if CMAKE runtime paths not set
  * NDots configuration should allow a value of zero. [PR #735]
Ana Guerrero's avatar Ana Guerrero (anag+factory) accepted request 1151588 from Adam Majer's avatar Adam Majer (adamm) (revision 21) 
- c-ares 1.27.0
  Security:
  * Moderate. CVE-2024-25629. Reading malformatted /etc/resolv.conf,
    /etc/nsswitch.conf or the HOSTALIASES file could result in a crash.
    GHSA-mg26-v6qh-x48q (CVE-2024-25629, bsc#1220279)
  Features:
  * New function ares_queue_active_queries() to retrieve number of in-flight
    queries. PR #712
  * New function ares_queue_wait_empty() to wait for the number of in-flight
    queries to reach zero. PR #710
  * New ARES_FLAG_NO_DEFLT_SVR for ares_init_options() to return a failure if
    no DNS servers can be found rather than attempting to use 127.0.0.1. This
    also introduces a new ares status code of ARES_ENOSERVER. PR #713
  Changes:
  * EDNS Packet size should be 1232 as per DNS Flag Day. PR #705
  Bugfixes:
  * Fix warning due to ignoring return code of write(). PR #709
  * CMake: don't override target output locations if not top-level. Issue #708
  * Fix building c-ares without thread support. PR #700
Ana Guerrero's avatar Ana Guerrero (anag+factory) accepted request 1145395 from Adam Majer's avatar Adam Majer (adamm) (revision 20) 
- Ensure multibuild flavors result in different src names.

- c-ares 1.26.0:
  * Event Thread support. Integrators are no longer required to
    monitor the file descriptors registered by c-ares for events
    and call ares_process() when enabling the event thread feature
    via ARES_OPT_EVENT_THREAD passed to ares_init_options().
  * Added flags to are_dns_parse() to force RAW packet parsing
  * Mark ares_fds() as deprecated
  * Bug fixes
- move tests into a build flavor to avoid gtest/gmock build loop

- Update to version 1.25
Changes:
 o Rewrite ares_strsplit() as a wrapper for ares__buf_split() for memory
   safety reasons.
 o The ahost utility now uses ares_getaddrinfo() and returns both IPv4 and
   IPv6 addresses by default.
Bug Fixes:
 o Tests: Live reverse lookups for Google's public DNS servers no longer
   return results, replace with CloudFlare pubic DNS servers.
 o Connection failures should increment the server failure count first or a
   retry might be enqueued to the same server
 o On systems that don't implement the ability to enumerate network interfaces
   the stubs used the wrong prototype.
 o Fix minor warnings and documentation typos
 o Fix support for older GoogleTest versions
 o getrandom() may require sys/random.h on some systems.
 o Fix building tests with symbol hiding enabled.
- 0001-Use-RPM-compiler-options.patch: dropped, obsolete
Ana Guerrero's avatar Ana Guerrero (anag+factory) accepted request 1116650 from Adam Majer's avatar Adam Majer (adamm) (revision 19) 
- Update to version 1.20.1
  * Remove bin/acountry from built tools as nerd.dk is gone
  * Default per-query timeout has been reduced to 2s with a 3x retry count
  * rand: add support for getrandom()
  Bug fixes:
  * TCP back to back queries were broken
  * Ensure queries for ares_getaddrinfo() are not requeued during
    destruction
  * ares_getaddrinfo() should not retry other address classes if
    one address class has already been returned
  * Avoid production ill-formed result when qualifying a name
    with the root domain
  * Fix missing prefix for CMake generated libcares.pc
  * DNS server ports can now be read from system configuration
    instead of defaulting to port 53, aka openBSD resolv.conf format
  * Replace usages of sprintf with snprintf
Dominique Leuenberger's avatar Dominique Leuenberger (dimstar_suse) accepted request 1088407 from Adam Majer's avatar Adam Majer (adamm) (revision 18) 
- Update to version 1.19.1
  Security:
  * CVE-2023-32067. High. 0-byte UDP payload causes Denial of Service
    (bsc#1211604)
  * CVE-2023-31147 Moderate. Insufficient randomness in generation
    of DNS query IDs (bsc#1211605)
  * CVE-2023-31130. Moderate. Buffer Underwrite in
    ares_inet_net_pton() (bsc#1211606)
  * CVE-2023-31124. Low. AutoTools does not set CARES_RANDOM_FILE
    during cross compilation (bsc#1211607)
  Bug fixes:
  * Fix uninitialized memory warning in test
  * ares_getaddrinfo() should allow a port of 0
  * Fix memory leak in ares_send() on error
  * Fix comment style in ares_data.h
  * Fix typo in ares_init_options.3
  * Sync ax_pthread.m4 with upstream
  * Sync ax_cxx_compile_stdcxx_11.m4 with upstream to fix uclibc support
Dominique Leuenberger's avatar Dominique Leuenberger (dimstar_suse) accepted request 1064045 from Adam Majer's avatar Adam Majer (adamm) (revision 17) 
Bug reference change only

    (bsc#1208067, CVE-2022-4904)
Dominique Leuenberger's avatar Dominique Leuenberger (dimstar_suse) accepted request 937232 from Adam Majer's avatar Adam Majer (adamm) (revision 15) 
- update to 1.18.1. Changes since 1.17.2:
  * Allow '/' as a valid character for a returned name for
    CNAME in-addr.arpa delegation
  * no longer forwards requests for localhost resolution per RFC6761
  * During a domain search, treat ARES_ENODATA as ARES_NXDOMAIN so
    that the search process will continue to the next domain
    in the search.
  * Provide ares_nameser.h as a public interface as needed by NodeJS
  * Add support for URI(Uniform Resource Identifier) records via
    ares_parse_uri_reply()
- disable unit tests for SLE12 since GCC compiler too old to build
  unit tests
- 5c995d5.patch: upstreamed
- disable-live-tests.patch: refreshed
Dominique Leuenberger's avatar Dominique Leuenberger (dimstar_suse) accepted request 917731 from Adam Majer's avatar Adam Majer (adamm) (revision 14) 
- new upstream website
- drop multibuild - tests do not require static library anymore
- spec file cleanup
- drop sources that were re-added to upstream distibution
  (c-ares-config.cmake.in ares_dns.h libcares.pc.cmake) 

- 5c995d5.patch: augment input validation on hostnames to allow _
  as part of DNS response (bsc#1190225)
Richard Brown's avatar Richard Brown (RBrownSUSE) accepted request 911845 from Adam Majer's avatar Adam Majer (adamm) (revision 13) 
- update to 1.17.2:
  Security:
  * When building c-ares with CMake, the RANDOM_FILE would not be set
    and therefore downgrade to the less secure random number generator
  * If ares_getaddrinfo() was terminated by an ares_destroy(),
    it would cause a crash
  * Crash in sortaddrinfo() if the list size equals 0 due to
    an unexpected DNS response
  * Expand number of escaped characters in DNS replies as per
    RFC1035 5.1 to prevent spoofing follow-up
    (bsc#1188881, CVE-2021-3672)
  * Perform validation on hostnames to prevent possible XSS
    due to applications not performing valiation themselves 
  Changes:
  * ares_malloc(0) is now defined behavior (returns NULL) rather than system-specific to catch edge cases 
  Bug fixes:
  * Building tests should not force building of static libraries except on Windows
  * Relative headers must use double quotes to prevent pulling in a system library
for details see,
https://c-ares.haxx.se/changelog.html#1_17_2
Dominique Leuenberger's avatar Dominique Leuenberger (dimstar_suse) accepted request 849356 from Adam Majer's avatar Adam Majer (adamm) (revision 10) 
- ares_dns.h, missing_header.patch: re-add missing header in last release

- Version update to 1.17.0
  Security:
  * avoid read-heap-buffer-overflow in ares_parse_soa_reply found during
    fuzzing
  * Avoid theoretical buffer overflow in RC4 loop comparison
  * Empty hquery->name could lead to invalid memory access
  * ares_parse_{a,aaaa}_reply() could return a larger *naddrttls than was
    passed in (bsc#1178882, CVE-2020-8277)
  Changes:
  * Update help information for adig, acountry, and ahost
  * Test Suite now uses dynamic system-assigned ports rather than hardcoded
    ports to prevent failures in containers
  * Detect remote DNS server does not support EDNS using rules from RFC 6891
  * Source tree has been reorganized to use a more modern layout
  * Allow parsing of CAA Resource Record
  Bug fixes:
  * readaddrinfo bad sizeof()
  * Test cases should honor HAVE_WRITEV flag, not depend on WIN32
  * FQDN with trailing period should be queried first
  * ares_getaddrinfo() was returning members of the struct as garbage values if
    unset, and was not honoring ai_socktype and ai_protocol hints.
  * ares_gethostbyname() with AF_UNSPEC and an ip address would fail
  * Properly document ares_set_local_ip4() uses host byte order
For details, see https://c-ares.haxx.se/changelog.html
- add missing upstream sources, to be removed for next release
- remove unnecessary BuildRequires
- fix building on SLE12 systems
Dominique Leuenberger's avatar Dominique Leuenberger (dimstar_suse) accepted request 833686 from Tomáš Chvátal's avatar Tomáš Chvátal (scarabeus_iv) (revision 9) 
- simplify conditions bit to make it tad more readable

- Implement multibuild specfile to split out tests into its own
  flavor; this way we can build and run tests, which require
  static lib, as well as avoid packaging the latter without issues
  with the installed cmake file..
Oliver Kurz's avatar Oliver Kurz (okurz-factory) accepted request 770034 from Michał Rostecki's avatar Michał Rostecki (mrostecki) (revision 7) 
- Upgrade to latest snapshot from 2020-01-17
- disable-live-tests.patch: refreshed
- regression.patch: fix a regression in DNS results that contain
  both A and AAAA answers.

- Add netcfg as the build requirement and runtime requirement.
  ares_getaddrinfo function uses the getservbyport_r function which
  requires the /etc/services file to function properly. That config
  file is provided by the netcfg package. Unit tests rely on it
  too, hence it has to be a build dependency as well.

- Switch to cmake-based build.
  Some packages need the cmake build files.
Dominique Leuenberger's avatar Dominique Leuenberger (dimstar_suse) accepted request 748803 from Tomáš Chvátal's avatar Tomáš Chvátal (scarabeus_iv) (revision 6) 
- Fix version number of the snapshot to not be downgrade:
  bsc#1156601
Displaying revisions 1 - 20 of 24
openSUSE Build Service is sponsored by
Places