commit c-ares for openSUSE:Factory

Tue, 23 May 2023 05:53:51 -0700 

Script 'mail_helper' called by obssrc
Hello community,

here is the log from the commit of package c-ares for openSUSE:Factory checked 
in at 2023-05-23 14:53:27
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Comparing /work/SRC/openSUSE:Factory/c-ares (Old)
 and      /work/SRC/openSUSE:Factory/.c-ares.new.1533 (New)
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++

Package is "c-ares"

Tue May 23 14:53:27 2023 rev:18 rq:1088407 version:1.19.1

Changes:
--------
--- /work/SRC/openSUSE:Factory/c-ares/c-ares.changes    2023-02-10 
14:33:54.777415944 +0100
+++ /work/SRC/openSUSE:Factory/.c-ares.new.1533/c-ares.changes  2023-05-23 
14:53:37.334156123 +0200
@@ -1,0 +2,23 @@
+Mon May 22 13:56:59 UTC 2023 - Adam Majer <[email protected]>
+
+- Update to version 1.19.1
+  Security:
+  * CVE-2023-32067. High. 0-byte UDP payload causes Denial of Service
+    (bsc#1211604)
+  * CVE-2023-31147 Moderate. Insufficient randomness in generation
+    of DNS query IDs (bsc#1211605)
+  * CVE-2023-31130. Moderate. Buffer Underwrite in
+    ares_inet_net_pton() (bsc#1211606)
+  * CVE-2023-31124. Low. AutoTools does not set CARES_RANDOM_FILE
+    during cross compilation (bsc#1211607)
+
+  Bug fixes:
+  * Fix uninitialized memory warning in test
+  * ares_getaddrinfo() should allow a port of 0
+  * Fix memory leak in ares_send() on error
+  * Fix comment style in ares_data.h
+  * Fix typo in ares_init_options.3
+  * Sync ax_pthread.m4 with upstream
+  * Sync ax_cxx_compile_stdcxx_11.m4 with upstream to fix uclibc support 
+
+-------------------------------------------------------------------

Old:
----
  c-ares-1.19.0.tar.gz
  c-ares-1.19.0.tar.gz.asc

New:
----
  c-ares-1.19.1.tar.gz
  c-ares-1.19.1.tar.gz.asc

++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++

Other differences:
------------------
++++++ c-ares.spec ++++++
--- /var/tmp/diff_new_pack.Yoz8cw/_old  2023-05-23 14:53:38.298161828 +0200
+++ /var/tmp/diff_new_pack.Yoz8cw/_new  2023-05-23 14:53:38.306161875 +0200
@@ -22,7 +22,7 @@
 %define cmake_build make -O VERBOSE=1 %{?_smp_mflags}
 %endif
 Name:           c-ares
-Version:        1.19.0
+Version:        1.19.1
 Release:        0
 Summary:        Library for asynchronous name resolves
 License:        MIT

++++++ c-ares-1.19.0.tar.gz -> c-ares-1.19.1.tar.gz ++++++
++++ 6322 lines of diff (skipped)

Reply via email to