commit c-ares for openSUSE:Factory
Script 'mail_helper' called by obssrc
Hello community,
here is the log from the commit of package c-ares for openSUSE:Factory checked
in at 2024-04-03 17:18:32
Comparing /work/SRC/openSUSE:Factory/c-ares (Old)
and /work/SRC/openSUSE:Factory/.c-ares.new.1905 (New)
Package is "c-ares"
Wed Apr 3 17:18:32 2024 rev:22 rq:1164057 version:1.28.1
Changes:
--- /work/SRC/openSUSE:Factory/c-ares/c-ares.changes2024-02-27
22:44:34.358323798 +0100
+++ /work/SRC/openSUSE:Factory/.c-ares.new.1905/c-ares.changes 2024-04-03
17:18:48.733950742 +0200
@@ -1,0 +2,34 @@
+Tue Apr 2 08:42:30 UTC 2024 - Adam Majer
+
+- c-ares 1.28.1
+
+Features:
+ * Emit warnings when deprecated c-ares functions are used.
+This can be disabled by passing a compiler definition of
+`CARES_NO_DEPRECATED`. [PR #732]
+ * Add function `ares_search_dnsrec()` to search for records
+using the new DNS record data structures. [PR #719]
+ * Rework internals to pass around `ares_dns_record_t` instead of
+binary data, this introduces new public functions of
+`ares_query_dnsrec()` and `ares_send_dnsrec()`. [PR #730]
+
+Changes:
+ * tests: when performing simulated queries, reduce timeouts
+to make tests run faster
+ * Replace configuration file parsers with memory-safe parser. [PR #725]
+ * Remove `acountry` completely, the manpage might still get
+installed otherwise. [Issue #718]
+
+Bugfixes:
+ * CMake: don't overwrite global required libraries/definitions/includes
+which could cause build errors for projects chain building c-ares.
+[Issue #729]
+ * On some platforms, `netinet6/in6.h` is not included by `netinet/in.h`
+and needs to be included separately. [PR #728]
+ * Fix a potential memory leak in `ares_init()`. [Issue #724]
+ * Some platforms don't have the `isascii()` function.
+Implement as a macro. [PR #721]
+ * CMake: Fix Chain building if CMAKE runtime paths not set
+ * NDots configuration should allow a value of zero. [PR #735]
+
+---
Old:
c-ares-1.27.0.tar.gz
c-ares-1.27.0.tar.gz.asc
New:
c-ares-1.28.1.tar.gz
c-ares-1.28.1.tar.gz.asc
Other differences:
--
++ c-ares.spec ++
--- /var/tmp/diff_new_pack.ZvMwtK/_old 2024-04-03 17:18:49.513979484 +0200
+++ /var/tmp/diff_new_pack.ZvMwtK/_new 2024-04-03 17:18:49.513979484 +0200
@@ -26,7 +26,7 @@
%endif
Name: c-ares%pkg_suffix
-Version:1.27.0
+Version:1.28.1
Release:0
Summary:Library for asynchronous name resolves
License:MIT
@@ -91,7 +91,7 @@
%endif
%prep
-%autosetup -p1 -n c-ares-%{version}
+%autosetup -n c-ares-%{version}
%build
%cmake \
++ c-ares-1.27.0.tar.gz -> c-ares-1.28.1.tar.gz ++
7807 lines of diff (skipped)
commit c-ares for openSUSE:Factory
Script 'mail_helper' called by obssrc Hello community, here is the log from the commit of package c-ares for openSUSE:Factory checked in at 2024-02-09 23:51:58 Comparing /work/SRC/openSUSE:Factory/c-ares (Old) and /work/SRC/openSUSE:Factory/.c-ares.new.1815 (New) Package is "c-ares" Fri Feb 9 23:51:58 2024 rev:20 rq:1145395 version:1.26.0 Changes: --- /work/SRC/openSUSE:Factory/c-ares/c-ares.changes2023-10-12 11:37:29.238992567 +0200 +++ /work/SRC/openSUSE:Factory/.c-ares.new.1815/c-ares.changes 2024-02-09 23:52:15.838842975 +0100 @@ -1,0 +2,128 @@ +Fri Feb 9 07:35:39 UTC 2024 - Dominique Leuenberger + +- Ensure multibuild flavors result in different src names. + +--- +Sat Feb 3 09:40:16 UTC 2024 - Andreas Stieger + +- c-ares 1.26.0: + * Event Thread support. Integrators are no longer required to +monitor the file descriptors registered by c-ares for events +and call ares_process() when enabling the event thread feature +via ARES_OPT_EVENT_THREAD passed to ares_init_options(). + * Added flags to are_dns_parse() to force RAW packet parsing + * Mark ares_fds() as deprecated + * Bug fixes +- move tests into a build flavor to avoid gtest/gmock build loop + +--- +Mon Jan 8 10:16:54 UTC 2024 - Adam Majer - 1.25 + +- Update to version 1.25 +Changes: + o Rewrite ares_strsplit() as a wrapper for ares__buf_split() for memory + safety reasons. + o The ahost utility now uses ares_getaddrinfo() and returns both IPv4 and + IPv6 addresses by default. + +Bug Fixes: + o Tests: Live reverse lookups for Google's public DNS servers no longer + return results, replace with CloudFlare pubic DNS servers. + o Connection failures should increment the server failure count first or a + retry might be enqueued to the same server + o On systems that don't implement the ability to enumerate network interfaces + the stubs used the wrong prototype. + o Fix minor warnings and documentation typos + o Fix support for older GoogleTest versions + o getrandom() may require sys/random.h on some systems. + o Fix building tests with symbol hiding enabled. + +- 0001-Use-RPM-compiler-options.patch: dropped, obsolete + +--- +Tue Jan 2 11:35:57 UTC 2024 - Adam Majer - 1.24 + +- Update to version 1.24 +Features: + * Add support for IPv6 link-local DNS servers. Nameserver formats +can now accept the 0face suffix, and a new ares_get_servers_csv() +function was added to return servers that can contain the link-local +interface name. + +Changes: + * Unbundle GoogleTest for test cases. Package maintainers will now +need torequire GoogleTest (GMock) as a build dependency if +building tests. New GoogleTest versions require C++14 or later. + * Replace nameserver parsing code to use new memory-safe functions. + * Replace the sortlist parser with new memory-safe functions. + * Various warning fixes and dead code removal. + +Bugfixes: + * Old Linux versions require POSIX_C_SOURCE or _GNU_SOURCE to + compile with thread safety support + * A non-responsive DNS server that caused timeouts wouldn't + increment thefailure count, this would lead to other servers + not being tried. Regression introduced in 1.22.0 + * Some projects that depend on c-ares expect invalid parameter + option valuespassed into ares_init_options() to simply be + ignored. This behavior has been restored + * getrandom() can fail if the kernel doesn't support + the syscall, fall back to another random source + * ares_cancel() when performing ares_gethostbyname() or + ares_getaddrinfo()with AF_UNSPEC, if called after one address + class was returned but before the other address class, it + would return ARES_SUCCESS rather than ARES_ECANCELLED + +- disable-live-tests.patch: dropped, not needed + +--- +Fri Dec 1 13:04:38 UTC 2023 - Adam Majer - 1.23 + +- Update to version 1.23 + Features: +Introduce optional (but on by default) thread-safety for the c-ares library. This has no API nor ABI implications. +resolv.conf in modern systems uses attempts and timeouts options instead of the old retrans and retry options. +Query caching support based on TTL of responses. Can be enabled via ares_init_options() with ARES_OPT_QUERY_CACHE. + Bugfixes: +ares_init_options() for ARES_OPT_UDP_PORT and ARES_OPT_TCP_PORT accept theport in host byte order, but it was reading it as network byte order. Regression introduced in 1.20.0. +ares_init_options() for ARES_FLAG_NOSEARCH was not being honored forares_getaddrinfo() or ares_gethostbyname(). Regression introduced in 1.16.0. +Autotools
commit c-ares for openSUSE:Factory
Script 'mail_helper' called by obssrc
Hello community,
here is the log from the commit of package c-ares for openSUSE:Factory checked
in at 2023-10-11 23:53:59
Comparing /work/SRC/openSUSE:Factory/c-ares (Old)
and /work/SRC/openSUSE:Factory/.c-ares.new.1807 (New)
Package is "c-ares"
Wed Oct 11 23:53:59 2023 rev:19 rq:1116650 version:1.20.1
Changes:
--- /work/SRC/openSUSE:Factory/c-ares/c-ares.changes2023-05-23
14:53:37.334156123 +0200
+++ /work/SRC/openSUSE:Factory/.c-ares.new.1807/c-ares.changes 2023-10-12
11:37:29.238992567 +0200
@@ -1,0 +2,21 @@
+Tue Oct 10 09:31:38 UTC 2023 - Adam Majer - 1.20.1
+
+- Update to version 1.20.1
+ * Remove bin/acountry from built tools as nerd.dk is gone
+ * Default per-query timeout has been reduced to 2s with a 3x retry count
+ * rand: add support for getrandom()
+
+ Bug fixes:
+ * TCP back to back queries were broken
+ * Ensure queries for ares_getaddrinfo() are not requeued during
+destruction
+ * ares_getaddrinfo() should not retry other address classes if
+one address class has already been returned
+ * Avoid production ill-formed result when qualifying a name
+with the root domain
+ * Fix missing prefix for CMake generated libcares.pc
+ * DNS server ports can now be read from system configuration
+instead of defaulting to port 53, aka openBSD resolv.conf format
+ * Replace usages of sprintf with snprintf
+
+---
Old:
c-ares-1.19.1.tar.gz
c-ares-1.19.1.tar.gz.asc
New:
c-ares-1.20.1.tar.gz
c-ares-1.20.1.tar.gz.asc
Other differences:
--
++ c-ares.spec ++
--- /var/tmp/diff_new_pack.sbuaYW/_old 2023-10-12 11:37:29.819013532 +0200
+++ /var/tmp/diff_new_pack.sbuaYW/_new 2023-10-12 11:37:29.819013532 +0200
@@ -22,7 +22,7 @@
%define cmake_build make -O VERBOSE=1 %{?_smp_mflags}
%endif
Name: c-ares
-Version:1.19.1
+Version:1.20.1
Release:0
Summary:Library for asynchronous name resolves
License:MIT
@@ -67,7 +67,7 @@
This package provides the shared libraries for c-ares.
%package devel
-Summary:Development files for %{name}
+Summary:Development files for c-ares
Requires: %{libname} = %{version}
Requires: glibc-devel
Provides: libcares-devel = %{version}
@@ -108,10 +108,8 @@
%files utils
%license LICENSE.md
-%{_bindir}/acountry
%{_bindir}/adig
%{_bindir}/ahost
-%{_mandir}/man1/acountry.1%{?ext_man}
%{_mandir}/man1/adig.1%{?ext_man}
%{_mandir}/man1/ahost.1%{?ext_man}
++ c-ares-1.19.1.tar.gz -> c-ares-1.20.1.tar.gz ++
16994 lines of diff (skipped)
commit c-ares for openSUSE:Factory
Script 'mail_helper' called by obssrc
Hello community,
here is the log from the commit of package c-ares for openSUSE:Factory checked
in at 2023-05-23 14:53:27
Comparing /work/SRC/openSUSE:Factory/c-ares (Old)
and /work/SRC/openSUSE:Factory/.c-ares.new.1533 (New)
Package is "c-ares"
Tue May 23 14:53:27 2023 rev:18 rq:1088407 version:1.19.1
Changes:
--- /work/SRC/openSUSE:Factory/c-ares/c-ares.changes2023-02-10
14:33:54.777415944 +0100
+++ /work/SRC/openSUSE:Factory/.c-ares.new.1533/c-ares.changes 2023-05-23
14:53:37.334156123 +0200
@@ -1,0 +2,23 @@
+Mon May 22 13:56:59 UTC 2023 - Adam Majer
+
+- Update to version 1.19.1
+ Security:
+ * CVE-2023-32067. High. 0-byte UDP payload causes Denial of Service
+(bsc#1211604)
+ * CVE-2023-31147 Moderate. Insufficient randomness in generation
+of DNS query IDs (bsc#1211605)
+ * CVE-2023-31130. Moderate. Buffer Underwrite in
+ares_inet_net_pton() (bsc#1211606)
+ * CVE-2023-31124. Low. AutoTools does not set CARES_RANDOM_FILE
+during cross compilation (bsc#1211607)
+
+ Bug fixes:
+ * Fix uninitialized memory warning in test
+ * ares_getaddrinfo() should allow a port of 0
+ * Fix memory leak in ares_send() on error
+ * Fix comment style in ares_data.h
+ * Fix typo in ares_init_options.3
+ * Sync ax_pthread.m4 with upstream
+ * Sync ax_cxx_compile_stdcxx_11.m4 with upstream to fix uclibc support
+
+---
Old:
c-ares-1.19.0.tar.gz
c-ares-1.19.0.tar.gz.asc
New:
c-ares-1.19.1.tar.gz
c-ares-1.19.1.tar.gz.asc
Other differences:
--
++ c-ares.spec ++
--- /var/tmp/diff_new_pack.Yoz8cw/_old 2023-05-23 14:53:38.298161828 +0200
+++ /var/tmp/diff_new_pack.Yoz8cw/_new 2023-05-23 14:53:38.306161875 +0200
@@ -22,7 +22,7 @@
%define cmake_build make -O VERBOSE=1 %{?_smp_mflags}
%endif
Name: c-ares
-Version:1.19.0
+Version:1.19.1
Release:0
Summary:Library for asynchronous name resolves
License:MIT
++ c-ares-1.19.0.tar.gz -> c-ares-1.19.1.tar.gz ++
6322 lines of diff (skipped)
commit c-ares for openSUSE:Factory
Script 'mail_helper' called by obssrc Hello community, here is the log from the commit of package c-ares for openSUSE:Factory checked in at 2023-02-10 14:33:48 Comparing /work/SRC/openSUSE:Factory/c-ares (Old) and /work/SRC/openSUSE:Factory/.c-ares.new.1848 (New) Package is "c-ares" Fri Feb 10 14:33:48 2023 rev:17 rq:1064045 version:1.19.0 Changes: --- /work/SRC/openSUSE:Factory/c-ares/c-ares.changes2023-01-31 16:25:09.563764637 +0100 +++ /work/SRC/openSUSE:Factory/.c-ares.new.1848/c-ares.changes 2023-02-10 14:33:54.777415944 +0100 @@ -8,0 +9 @@ +(bsc#1208067, CVE-2022-4904) Other differences: --
commit c-ares for openSUSE:Factory
Script 'mail_helper' called by obssrc
Hello community,
here is the log from the commit of package c-ares for openSUSE:Factory checked
in at 2023-01-31 16:08:43
Comparing /work/SRC/openSUSE:Factory/c-ares (Old)
and /work/SRC/openSUSE:Factory/.c-ares.new.32243 (New)
Package is "c-ares"
Tue Jan 31 16:08:43 2023 rev:16 rq:1062054 version:1.19.0
Changes:
--- /work/SRC/openSUSE:Factory/c-ares/c-ares.changes2021-12-13
20:46:43.528502197 +0100
+++ /work/SRC/openSUSE:Factory/.c-ares.new.32243/c-ares.changes 2023-01-31
16:25:09.563764637 +0100
@@ -1,0 +2,32 @@
+Sun Jan 29 09:31:00 UTC 2023 - Martin Hauke
+
+- Update to version 1.19.0
+ Security:
+ * Low. Stack overflow in ares_set_sortlist() which is used
+during c-ares initialization and typically provided by an
+administrator and not an end user.
+ Changes:
+ * Add ARES_OPT_HOSTS_FILE similar to ARES_OPT_RESOLVCONF for
+specifying a custom hosts file location.
+ Bug fixes:
+ * Fix memory leak in reading /etc/hosts when using localhost
+fallback.
+ * Fix chain building c-ares when libresolv is already included by
+another project.
+ * File lookup should not immediately abort as there may be other
+tries due to search criteria.
+ * Asterisks should be allowed in host validation as CNAMEs may
+reference wildcard domains.
+ * AutoTools build system referenced bad STDC_HEADERS macro.
+ * Even if one address class returns a failure for
+ares_getaddrinfo() we should still return the results we have.
+ * Fix ares_getaddrinfo() numerical address resolution with
+AF_UNSPEC
+ * Fix tools and help information.
+ * Various documentation fixes and cleanups.
+ * Add include guards to ares_data.h
+ * c-ares could try to exceed maximum number of iovec entries
+supported by system.
+ * The RFC6761 6.3 states localhost subdomains must be offline too
+
+---
Old:
c-ares-1.18.1.tar.gz
c-ares-1.18.1.tar.gz.asc
New:
c-ares-1.19.0.tar.gz
c-ares-1.19.0.tar.gz.asc
Other differences:
--
++ c-ares.spec ++
--- /var/tmp/diff_new_pack.M8BR7Y/_old 2023-01-31 16:25:09.979767030 +0100
+++ /var/tmp/diff_new_pack.M8BR7Y/_new 2023-01-31 16:25:09.983767053 +0100
@@ -1,7 +1,7 @@
#
# spec file for package c-ares
#
-# Copyright (c) 2021 SUSE LLC
+# Copyright (c) 2023 SUSE LLC
#
# All modifications and additions to the file contributed by third parties
# remain the property of their copyright owners, unless otherwise agreed
@@ -18,13 +18,11 @@
%define sonum 2
%define libname libcares%{sonum}
-
%if 0%{!?cmake_build:1}
%define cmake_build make -O VERBOSE=1 %{?_smp_mflags}
%endif
-
Name: c-ares
-Version:1.18.1
+Version:1.19.0
Release:0
Summary:Library for asynchronous name resolves
License:MIT
@@ -37,9 +35,9 @@
Patch1: disable-live-tests.patch
BuildRequires: cmake
BuildRequires: gcc-c++
-BuildRequires: pkg-config
# Needed for getservbyport_r function to work properly.
BuildRequires: netcfg
+BuildRequires: pkgconfig
%description
c-ares is a C library that performs DNS requests and name resolves
++ c-ares-1.18.1.tar.gz -> c-ares-1.19.0.tar.gz ++
20273 lines of diff (skipped)
commit c-ares for openSUSE:Factory
Script 'mail_helper' called by obssrc
Hello community,
here is the log from the commit of package c-ares for openSUSE:Factory checked
in at 2021-12-13 20:42:02
Comparing /work/SRC/openSUSE:Factory/c-ares (Old)
and /work/SRC/openSUSE:Factory/.c-ares.new.2520 (New)
Package is "c-ares"
Mon Dec 13 20:42:02 2021 rev:15 rq:937232 version:1.18.1
Changes:
--- /work/SRC/openSUSE:Factory/c-ares/c-ares.changes2021-09-13
16:24:53.326769517 +0200
+++ /work/SRC/openSUSE:Factory/.c-ares.new.2520/c-ares.changes 2021-12-13
20:46:43.528502197 +0100
@@ -1,0 +2,19 @@
+Tue Dec 7 16:57:20 UTC 2021 - Adam Majer
+
+- update to 1.18.1. Changes since 1.17.2:
+ * Allow '/' as a valid character for a returned name for
+CNAME in-addr.arpa delegation
+ * no longer forwards requests for localhost resolution per RFC6761
+ * During a domain search, treat ARES_ENODATA as ARES_NXDOMAIN so
+that the search process will continue to the next domain
+in the search.
+ * Provide ares_nameser.h as a public interface as needed by NodeJS
+ * Add support for URI(Uniform Resource Identifier) records via
+ares_parse_uri_reply()
+
+- disable unit tests for SLE12 since GCC compiler too old to build
+ unit tests
+- 5c995d5.patch: upstreamed
+- disable-live-tests.patch: refreshed
+
+---
Old:
5c995d5.patch
c-ares-1.17.2.tar.gz
c-ares-1.17.2.tar.gz.asc
New:
c-ares-1.18.1.tar.gz
c-ares-1.18.1.tar.gz.asc
Other differences:
--
++ c-ares.spec ++
--- /var/tmp/diff_new_pack.Th1xIO/_old 2021-12-13 20:46:44.060502262 +0100
+++ /var/tmp/diff_new_pack.Th1xIO/_new 2021-12-13 20:46:44.064502262 +0100
@@ -24,7 +24,7 @@
%endif
Name: c-ares
-Version:1.17.2
+Version:1.18.1
Release:0
Summary:Library for asynchronous name resolves
License:MIT
@@ -35,7 +35,6 @@
Source4:baselibs.conf
Patch0: 0001-Use-RPM-compiler-options.patch
Patch1: disable-live-tests.patch
-Patch2: https://github.com/c-ares/c-ares/commit/5c995d5.patch
BuildRequires: cmake
BuildRequires: gcc-c++
BuildRequires: pkg-config
@@ -88,16 +87,23 @@
%autosetup -p1 -n c-ares-%{version}
%build
-%cmake -DCARES_BUILD_TESTS:BOOL=ON
+%cmake \
+%if 0%{?suse_version} >= 1500
+-DCARES_BUILD_TESTS:BOOL=ON \
+%endif
+ %nil
+
%cmake_build
%install
%cmake_install
%check
+%if 0%{?suse_version} >= 1500
pushd build
%cmake_build -C test
LD_LIBRARY_PATH=.%_libdir:./%_lib ./bin/arestest
+%endif
%post -n %{libname} -p /sbin/ldconfig
%postun -n %{libname} -p /sbin/ldconfig
++ c-ares-1.17.2.tar.gz -> c-ares-1.18.1.tar.gz ++
134670 lines of diff (skipped)
++ disable-live-tests.patch ++
--- /var/tmp/diff_new_pack.Th1xIO/_old 2021-12-13 20:46:44.464502312 +0100
+++ /var/tmp/diff_new_pack.Th1xIO/_new 2021-12-13 20:46:44.468502312 +0100
@@ -1,9 +1,10 @@
-diff -Naur c-ares-1.16.1.orig/test/Makefile.inc c-ares-1.16.1/test/Makefile.inc
c-ares-1.16.1.orig/test/Makefile.inc 2020-07-08 22:15:36.667605939
+0200
-+++ c-ares-1.16.1/test/Makefile.inc2020-07-08 22:16:25.407171729 +0200
-@@ -14,7 +14,6 @@
- ares-test-parse-srv.cc \
+Index: c-ares-1.18.1/test/Makefile.inc
+===
+--- c-ares-1.18.1.orig/test/Makefile.inc
c-ares-1.18.1/test/Makefile.inc
+@@ -16,7 +16,6 @@ TESTSOURCES = ares-test-main.cc \
ares-test-parse-txt.cc \
+ ares-test-parse-uri.cc \
ares-test-misc.cc \
- ares-test-live.cc \
ares-test-mock.cc \
commit c-ares for openSUSE:Factory
Script 'mail_helper' called by obssrc
Hello community,
here is the log from the commit of package c-ares for openSUSE:Factory checked
in at 2021-09-13 16:24:22
Comparing /work/SRC/openSUSE:Factory/c-ares (Old)
and /work/SRC/openSUSE:Factory/.c-ares.new.1899 (New)
Package is "c-ares"
Mon Sep 13 16:24:22 2021 rev:14 rq:917731 version:1.17.2
Changes:
--- /work/SRC/openSUSE:Factory/c-ares/c-ares.changes2021-08-16
10:13:53.234933252 +0200
+++ /work/SRC/openSUSE:Factory/.c-ares.new.1899/c-ares.changes 2021-09-13
16:24:53.326769517 +0200
@@ -1,0 +2,15 @@
+Thu Sep 9 12:15:01 UTC 2021 - Adam Majer
+
+- new upstream website
+- drop multibuild - tests do not require static library anymore
+- spec file cleanup
+- drop sources that were re-added to upstream distibution
+ (c-ares-config.cmake.in ares_dns.h libcares.pc.cmake)
+
+---
+Wed Sep 8 14:07:34 UTC 2021 - Adam Majer
+
+- 5c995d5.patch: augment input validation on hostnames to allow _
+ as part of DNS response (bsc#1190225)
+
+---
Old:
_multibuild
ares_dns.h
c-ares-config.cmake.in
libcares.pc.cmake
New:
5c995d5.patch
Other differences:
--
++ c-ares.spec ++
--- /var/tmp/diff_new_pack.SrENBB/_old 2021-09-13 16:24:53.830770100 +0200
+++ /var/tmp/diff_new_pack.SrENBB/_new 2021-09-13 16:24:53.834770105 +0200
@@ -16,23 +16,6 @@
#
-%global flavor @BUILD_FLAVOR@%{nil}
-
-%if "%{flavor}" == "%{nil}"
-ExclusiveArch: do_not_build
-%define pname c-ares
-%endif
-
-%if "%{flavor}" == "tests"
-%define pname c-ares-tests
-%bcond_without tests
-%endif
-
-%if "%{flavor}" == "main"
-%define pname c-ares
-%bcond_with tests
-%endif
-
%define sonum 2
%define libname libcares%{sonum}
@@ -40,29 +23,24 @@
%define cmake_build make -O VERBOSE=1 %{?_smp_mflags}
%endif
-Name: %{pname}
+Name: c-ares
Version:1.17.2
Release:0
Summary:Library for asynchronous name resolves
License:MIT
-URL:https://c-ares.haxx.se/
-Source0:http://c-ares.haxx.se/download/c-ares-%{version}.tar.gz
-Source1:http://c-ares.haxx.se/download/c-ares-%{version}.tar.gz.asc
+URL:https://c-ares.org/
+Source0:https://c-ares.org/download/c-ares-%{version}.tar.gz
+Source1:https://c-ares.org/download/c-ares-%{version}.tar.gz.asc
Source3:c-ares.keyring
Source4:baselibs.conf
-### REMOVE when upstream fixes https://github.com/c-ares/c-ares/issues/373
-Source5:libcares.pc.cmake
-Source6:c-ares-config.cmake.in
-Source7:ares_dns.h
Patch0: 0001-Use-RPM-compiler-options.patch
Patch1: disable-live-tests.patch
+Patch2: https://github.com/c-ares/c-ares/commit/5c995d5.patch
BuildRequires: cmake
BuildRequires: gcc-c++
-%if %{with tests}
+BuildRequires: pkg-config
# Needed for getservbyport_r function to work properly.
BuildRequires: netcfg
-%endif
-BuildRequires: pkg-config
%description
c-ares is a C library that performs DNS requests and name resolves
@@ -106,35 +84,20 @@
This package provides the development libraries and headers needed
to build packages that depend on c-ares.
-
%prep
%autosetup -p1 -n c-ares-%{version}
-cp %{S:5} %{S:6} .
-cp %{S:7} include
-
%build
-
-%cmake \
-%if %{with tests}
--DCARES_BUILD_TESTS:BOOL=ON \
-%endif
-%{nil}
+%cmake -DCARES_BUILD_TESTS:BOOL=ON
%cmake_build
%install
-%if !%{with tests}
%cmake_install
-%endif
-%if %{with tests}
%check
pushd build
%cmake_build -C test
LD_LIBRARY_PATH=.%_libdir:./%_lib ./bin/arestest
-%endif
-
-%if !%{with tests}
%post -n %{libname} -p /sbin/ldconfig
%postun -n %{libname} -p /sbin/ldconfig
@@ -160,6 +123,4 @@
%{_libdir}/pkgconfig/libcares.pc
%{_libdir}/cmake/c-ares/
-%endif
-
%changelog
++ 5c995d5.patch ++
>From 5c995d50b05a2c374ae021012afa6f8f4cf2957e Mon Sep 17 00:00:00 2001
From: bradh352
Date: Wed, 8 Sep 2021 07:38:44 -0400
Subject: [PATCH] ares_expand_name should allow underscores (_) as SRV records
legitimately use them
c-ares 1.17.2 introduced response validation to prevent a security issue,
however
it did not have (_) listed as a valid character for domain name responses which
caused issues when a CNAME referenced a SRV record which contained underscores.
While RFC2181 section 11 does explicitly state not to do validation, that
applies
to servers not clients.
Fixes: #424
Fix By: Brad House (@bradh352)
---
src/lib/ares_expand_name.c | 12 +---
1 file changed, 9 insertions(+), 3 deletions(-)
diff --git a/src/lib/ares_expand_name.c b/src/lib/ares_expand_name.c
index a62
commit c-ares for openSUSE:Factory
Script 'mail_helper' called by obssrc
Hello community,
here is the log from the commit of package c-ares for openSUSE:Factory checked
in at 2021-08-16 10:08:59
Comparing /work/SRC/openSUSE:Factory/c-ares (Old)
and /work/SRC/openSUSE:Factory/.c-ares.new.1899 (New)
Package is "c-ares"
Mon Aug 16 10:08:59 2021 rev:13 rq:911845 version:1.17.2
Changes:
--- /work/SRC/openSUSE:Factory/c-ares/c-ares.changes2021-01-19
16:00:39.955241349 +0100
+++ /work/SRC/openSUSE:Factory/.c-ares.new.1899/c-ares.changes 2021-08-16
10:13:53.234933252 +0200
@@ -1,0 +2,27 @@
+Thu Aug 12 13:59:07 UTC 2021 - Adam Majer
+
+- update to 1.17.2:
+ Security:
+ * When building c-ares with CMake, the RANDOM_FILE would not be set
+and therefore downgrade to the less secure random number generator
+ * If ares_getaddrinfo() was terminated by an ares_destroy(),
+it would cause a crash
+ * Crash in sortaddrinfo() if the list size equals 0 due to
+an unexpected DNS response
+ * Expand number of escaped characters in DNS replies as per
+RFC1035 5.1 to prevent spoofing follow-up
+(bsc#111, CVE-2021-3672)
+ * Perform validation on hostnames to prevent possible XSS
+due to applications not performing valiation themselves
+
+ Changes:
+ * ares_malloc(0) is now defined behavior (returns NULL) rather than
system-specific to catch edge cases
+
+ Bug fixes:
+ * Building tests should not force building of static libraries except on
Windows
+ * Relative headers must use double quotes to prevent pulling in a system
library
+
+for details see,
+https://c-ares.haxx.se/changelog.html#1_17_2
+
+---
Old:
c-ares-1.17.1.tar.gz
c-ares-1.17.1.tar.gz.asc
New:
c-ares-1.17.2.tar.gz
c-ares-1.17.2.tar.gz.asc
Other differences:
--
++ c-ares.spec ++
--- /var/tmp/diff_new_pack.vM9Ga3/_old 2021-08-16 10:13:53.662932706 +0200
+++ /var/tmp/diff_new_pack.vM9Ga3/_new 2021-08-16 10:13:53.666932701 +0200
@@ -41,7 +41,7 @@
%endif
Name: %{pname}
-Version:1.17.1
+Version:1.17.2
Release:0
Summary:Library for asynchronous name resolves
License:MIT
@@ -131,7 +131,7 @@
%check
pushd build
%cmake_build -C test
-./bin/arestest
+LD_LIBRARY_PATH=.%_libdir:./%_lib ./bin/arestest
%endif
%if !%{with tests}
++ c-ares-1.17.1.tar.gz -> c-ares-1.17.2.tar.gz ++
6952 lines of diff (skipped)
commit c-ares for openSUSE:Factory
Script 'mail_helper' called by obssrc
Hello community,
here is the log from the commit of package c-ares for openSUSE:Factory checked
in at 2021-01-19 16:00:32
Comparing /work/SRC/openSUSE:Factory/c-ares (Old)
and /work/SRC/openSUSE:Factory/.c-ares.new.28504 (New)
Package is "c-ares"
Tue Jan 19 16:00:32 2021 rev:12 rq:863715 version:1.17.1
Changes:
--- /work/SRC/openSUSE:Factory/c-ares/c-ares.changes2020-11-26
23:12:14.772939137 +0100
+++ /work/SRC/openSUSE:Factory/.c-ares.new.28504/c-ares.changes 2021-01-19
16:00:39.955241349 +0100
@@ -1,0 +2,19 @@
+Sat Jan 16 15:05:28 UTC 2021 - Dirk M??ller
+
+- update to 1.17.1:
+Travis: add iOS target built with CMake (#378)
+Issue #377 suggested that CMake builds for iOS with c-ares were broken.
This PR adds an automatic Travis build for iOS CMake.
+ - fix build
+External projects were using non-public header ares_dns.h, make public
again (#376)
+It appears some outside projects were relying on macros in ares_dns.h, even
+though it doesn't appear that header was ever meant to be public. That
said,
+we don't want to break external integrators so we should distribute this
header
+again.
+ - note that so versioning has moved to configure.ac
+ - note about 1.17.1
+ - fix sed gone wrong
+autotools cleanup (#372)
+* buildconf: remove custom logic with autoreconf
+- remove missing_header.patch (upstream)
+
+---
Old:
c-ares-1.17.0.tar.gz
c-ares-1.17.0.tar.gz.asc
missing_header.patch
New:
c-ares-1.17.1.tar.gz
c-ares-1.17.1.tar.gz.asc
Other differences:
--
++ c-ares.spec ++
--- /var/tmp/diff_new_pack.vGWFIa/_old 2021-01-19 16:00:40.583242298 +0100
+++ /var/tmp/diff_new_pack.vGWFIa/_new 2021-01-19 16:00:40.587242303 +0100
@@ -1,7 +1,7 @@
#
# spec file for package c-ares
#
-# Copyright (c) 2020 SUSE LLC
+# Copyright (c) 2021 SUSE LLC
#
# All modifications and additions to the file contributed by third parties
# remain the property of their copyright owners, unless otherwise agreed
@@ -41,7 +41,7 @@
%endif
Name: %{pname}
-Version:1.17.0
+Version:1.17.1
Release:0
Summary:Library for asynchronous name resolves
License:MIT
@@ -56,7 +56,6 @@
Source7:ares_dns.h
Patch0: 0001-Use-RPM-compiler-options.patch
Patch1: disable-live-tests.patch
-Patch2: missing_header.patch
BuildRequires: cmake
BuildRequires: gcc-c++
%if %{with tests}
++ c-ares-1.17.0.tar.gz -> c-ares-1.17.1.tar.gz ++
18973 lines of diff (skipped)
[opensuse-commit] commit c-ares for openSUSE:Factory
Hello community, here is the log from the commit of package c-ares for openSUSE:Factory checked in at 2020-11-26 23:10:39 Comparing /work/SRC/openSUSE:Factory/c-ares (Old) and /work/SRC/openSUSE:Factory/.c-ares.new.5913 (New) Package is "c-ares" Thu Nov 26 23:10:39 2020 rev:11 rq:849957 version:1.17.0 Changes: --- /work/SRC/openSUSE:Factory/c-ares/c-ares.changes2020-11-23 10:24:01.252924653 +0100 +++ /work/SRC/openSUSE:Factory/.c-ares.new.5913/c-ares.changes 2020-11-26 23:12:14.772939137 +0100 @@ -1,0 +2,5 @@ +Sat Nov 21 23:16:21 UTC 2020 - Marcus Rueckert + +- add BR for pkg-config to get the provides in the devel package + +--- Other differences: -- ++ c-ares.spec ++ --- /var/tmp/diff_new_pack.U5Tnb3/_old 2020-11-26 23:12:16.240939441 +0100 +++ /var/tmp/diff_new_pack.U5Tnb3/_new 2020-11-26 23:12:16.244939441 +0100 @@ -63,6 +63,7 @@ # Needed for getservbyport_r function to work properly. BuildRequires: netcfg %endif +BuildRequires: pkg-config %description c-ares is a C library that performs DNS requests and name resolves ___ openSUSE Commits mailing list -- commit@lists.opensuse.org To unsubscribe, email commit-le...@lists.opensuse.org List Netiquette: https://en.opensuse.org/openSUSE:Mailing_list_netiquette List Archives: https://lists.opensuse.org/archives/list/commit@lists.opensuse.org
[opensuse-commit] commit c-ares for openSUSE:Factory
Hello community,
here is the log from the commit of package c-ares for openSUSE:Factory checked
in at 2020-11-21 12:40:21
Comparing /work/SRC/openSUSE:Factory/c-ares (Old)
and /work/SRC/openSUSE:Factory/.c-ares.new.5913 (New)
Package is "c-ares"
Sat Nov 21 12:40:21 2020 rev:10 rq:849356 version:1.17.0
Changes:
--- /work/SRC/openSUSE:Factory/c-ares/c-ares.changes2020-09-14
12:13:44.052265716 +0200
+++ /work/SRC/openSUSE:Factory/.c-ares.new.5913/c-ares.changes 2020-11-23
10:24:01.252924653 +0100
@@ -1,0 +2,40 @@
+Thu Nov 19 09:51:18 UTC 2020 - Adam Majer
+
+- ares_dns.h, missing_header.patch: re-add missing header in last release
+
+---
+Tue Nov 17 12:07:22 UTC 2020 - Adam Majer
+
+- Version update to 1.17.0
+ Security:
+ * avoid read-heap-buffer-overflow in ares_parse_soa_reply found during
+fuzzing
+ * Avoid theoretical buffer overflow in RC4 loop comparison
+ * Empty hquery->name could lead to invalid memory access
+ * ares_parse_{a,}_reply() could return a larger *naddrttls than was
+passed in (bsc#1178882, CVE-2020-8277)
+
+ Changes:
+ * Update help information for adig, acountry, and ahost
+ * Test Suite now uses dynamic system-assigned ports rather than hardcoded
+ports to prevent failures in containers
+ * Detect remote DNS server does not support EDNS using rules from RFC 6891
+ * Source tree has been reorganized to use a more modern layout
+ * Allow parsing of CAA Resource Record
+
+ Bug fixes:
+ * readaddrinfo bad sizeof()
+ * Test cases should honor HAVE_WRITEV flag, not depend on WIN32
+ * FQDN with trailing period should be queried first
+ * ares_getaddrinfo() was returning members of the struct as garbage values if
+unset, and was not honoring ai_socktype and ai_protocol hints.
+ * ares_gethostbyname() with AF_UNSPEC and an ip address would fail
+ * Properly document ares_set_local_ip4() uses host byte order
+
+For details, see https://c-ares.haxx.se/changelog.html
+
+- add missing upstream sources, to be removed for next release
+- remove unnecessary BuildRequires
+- fix building on SLE12 systems
+
+---
Old:
c-ares-1.16.1.tar.gz
c-ares-1.16.1.tar.gz.asc
New:
ares_dns.h
c-ares-1.17.0.tar.gz
c-ares-1.17.0.tar.gz.asc
c-ares-config.cmake.in
libcares.pc.cmake
missing_header.patch
Other differences:
--
++ c-ares.spec ++
--- /var/tmp/diff_new_pack.1PrHuc/_old 2020-11-23 10:24:01.824925299 +0100
+++ /var/tmp/diff_new_pack.1PrHuc/_new 2020-11-23 10:24:01.828925304 +0100
@@ -17,33 +17,52 @@
%global flavor @BUILD_FLAVOR@%{nil}
+
+%if "%{flavor}" == "%{nil}"
+ExclusiveArch: do_not_build
+%define pname c-ares
+%endif
+
%if "%{flavor}" == "tests"
-%define psuffix -tests
+%define pname c-ares-tests
%bcond_without tests
-%else
-%bcond_with tests
%endif
+
+%if "%{flavor}" == "main"
%define pname c-ares
+%bcond_with tests
+%endif
+
%define sonum 2
%define libname libcares%{sonum}
-Name: %{pname}%{?psuffix}
-Version:1.16.1
+
+%if 0%{!?cmake_build:1}
+%define cmake_build make -O VERBOSE=1 %{?_smp_mflags}
+%endif
+
+Name: %{pname}
+Version:1.17.0
Release:0
Summary:Library for asynchronous name resolves
License:MIT
URL:https://c-ares.haxx.se/
-Source0:http://c-ares.haxx.se/download/%{pname}-%{version}.tar.gz
-Source1:http://c-ares.haxx.se/download/%{pname}-%{version}.tar.gz.asc
-Source3:%{pname}.keyring
+Source0:http://c-ares.haxx.se/download/c-ares-%{version}.tar.gz
+Source1:http://c-ares.haxx.se/download/c-ares-%{version}.tar.gz.asc
+Source3:c-ares.keyring
Source4:baselibs.conf
+### REMOVE when upstream fixes https://github.com/c-ares/c-ares/issues/373
+Source5:libcares.pc.cmake
+Source6:c-ares-config.cmake.in
+Source7:ares_dns.h
Patch0: 0001-Use-RPM-compiler-options.patch
Patch1: disable-live-tests.patch
+Patch2: missing_header.patch
BuildRequires: cmake
BuildRequires: gcc-c++
-BuildRequires: libtool
+%if %{with tests}
# Needed for getservbyport_r function to work properly.
BuildRequires: netcfg
-BuildRequires: pkgconfig
+%endif
%description
c-ares is a C library that performs DNS requests and name resolves
@@ -87,21 +106,17 @@
This package provides the development libraries and headers needed
to build packages that depend on c-ares.
+
%prep
-%autosetup -p1 -n %{pname}-%{version}
+%autosetup -p1 -n c-ares-%{version}
-# Remove bogus cflags checking
-sed -i -e '/XC_CHECK_BUILD_FLAGS/d' configure.ac
-sed -i -e '/XC_CHECK_USER_FLAGS/
