commit c-ares for openSUSE:Factory
Script 'mail_helper' called by obssrc Hello community, here is the log from the commit of package c-ares for openSUSE:Factory checked in at 2024-04-03 17:18:32 Comparing /work/SRC/openSUSE:Factory/c-ares (Old) and /work/SRC/openSUSE:Factory/.c-ares.new.1905 (New) Package is "c-ares" Wed Apr 3 17:18:32 2024 rev:22 rq:1164057 version:1.28.1 Changes: --- /work/SRC/openSUSE:Factory/c-ares/c-ares.changes2024-02-27 22:44:34.358323798 +0100 +++ /work/SRC/openSUSE:Factory/.c-ares.new.1905/c-ares.changes 2024-04-03 17:18:48.733950742 +0200 @@ -1,0 +2,34 @@ +Tue Apr 2 08:42:30 UTC 2024 - Adam Majer + +- c-ares 1.28.1 + +Features: + * Emit warnings when deprecated c-ares functions are used. +This can be disabled by passing a compiler definition of +`CARES_NO_DEPRECATED`. [PR #732] + * Add function `ares_search_dnsrec()` to search for records +using the new DNS record data structures. [PR #719] + * Rework internals to pass around `ares_dns_record_t` instead of +binary data, this introduces new public functions of +`ares_query_dnsrec()` and `ares_send_dnsrec()`. [PR #730] + +Changes: + * tests: when performing simulated queries, reduce timeouts +to make tests run faster + * Replace configuration file parsers with memory-safe parser. [PR #725] + * Remove `acountry` completely, the manpage might still get +installed otherwise. [Issue #718] + +Bugfixes: + * CMake: don't overwrite global required libraries/definitions/includes +which could cause build errors for projects chain building c-ares. +[Issue #729] + * On some platforms, `netinet6/in6.h` is not included by `netinet/in.h` +and needs to be included separately. [PR #728] + * Fix a potential memory leak in `ares_init()`. [Issue #724] + * Some platforms don't have the `isascii()` function. +Implement as a macro. [PR #721] + * CMake: Fix Chain building if CMAKE runtime paths not set + * NDots configuration should allow a value of zero. [PR #735] + +--- Old: c-ares-1.27.0.tar.gz c-ares-1.27.0.tar.gz.asc New: c-ares-1.28.1.tar.gz c-ares-1.28.1.tar.gz.asc Other differences: -- ++ c-ares.spec ++ --- /var/tmp/diff_new_pack.ZvMwtK/_old 2024-04-03 17:18:49.513979484 +0200 +++ /var/tmp/diff_new_pack.ZvMwtK/_new 2024-04-03 17:18:49.513979484 +0200 @@ -26,7 +26,7 @@ %endif Name: c-ares%pkg_suffix -Version:1.27.0 +Version:1.28.1 Release:0 Summary:Library for asynchronous name resolves License:MIT @@ -91,7 +91,7 @@ %endif %prep -%autosetup -p1 -n c-ares-%{version} +%autosetup -n c-ares-%{version} %build %cmake \ ++ c-ares-1.27.0.tar.gz -> c-ares-1.28.1.tar.gz ++ 7807 lines of diff (skipped)
commit c-ares for openSUSE:Factory
Script 'mail_helper' called by obssrc Hello community, here is the log from the commit of package c-ares for openSUSE:Factory checked in at 2024-02-09 23:51:58 Comparing /work/SRC/openSUSE:Factory/c-ares (Old) and /work/SRC/openSUSE:Factory/.c-ares.new.1815 (New) Package is "c-ares" Fri Feb 9 23:51:58 2024 rev:20 rq:1145395 version:1.26.0 Changes: --- /work/SRC/openSUSE:Factory/c-ares/c-ares.changes2023-10-12 11:37:29.238992567 +0200 +++ /work/SRC/openSUSE:Factory/.c-ares.new.1815/c-ares.changes 2024-02-09 23:52:15.838842975 +0100 @@ -1,0 +2,128 @@ +Fri Feb 9 07:35:39 UTC 2024 - Dominique Leuenberger + +- Ensure multibuild flavors result in different src names. + +--- +Sat Feb 3 09:40:16 UTC 2024 - Andreas Stieger + +- c-ares 1.26.0: + * Event Thread support. Integrators are no longer required to +monitor the file descriptors registered by c-ares for events +and call ares_process() when enabling the event thread feature +via ARES_OPT_EVENT_THREAD passed to ares_init_options(). + * Added flags to are_dns_parse() to force RAW packet parsing + * Mark ares_fds() as deprecated + * Bug fixes +- move tests into a build flavor to avoid gtest/gmock build loop + +--- +Mon Jan 8 10:16:54 UTC 2024 - Adam Majer - 1.25 + +- Update to version 1.25 +Changes: + o Rewrite ares_strsplit() as a wrapper for ares__buf_split() for memory + safety reasons. + o The ahost utility now uses ares_getaddrinfo() and returns both IPv4 and + IPv6 addresses by default. + +Bug Fixes: + o Tests: Live reverse lookups for Google's public DNS servers no longer + return results, replace with CloudFlare pubic DNS servers. + o Connection failures should increment the server failure count first or a + retry might be enqueued to the same server + o On systems that don't implement the ability to enumerate network interfaces + the stubs used the wrong prototype. + o Fix minor warnings and documentation typos + o Fix support for older GoogleTest versions + o getrandom() may require sys/random.h on some systems. + o Fix building tests with symbol hiding enabled. + +- 0001-Use-RPM-compiler-options.patch: dropped, obsolete + +--- +Tue Jan 2 11:35:57 UTC 2024 - Adam Majer - 1.24 + +- Update to version 1.24 +Features: + * Add support for IPv6 link-local DNS servers. Nameserver formats +can now accept the 0face suffix, and a new ares_get_servers_csv() +function was added to return servers that can contain the link-local +interface name. + +Changes: + * Unbundle GoogleTest for test cases. Package maintainers will now +need torequire GoogleTest (GMock) as a build dependency if +building tests. New GoogleTest versions require C++14 or later. + * Replace nameserver parsing code to use new memory-safe functions. + * Replace the sortlist parser with new memory-safe functions. + * Various warning fixes and dead code removal. + +Bugfixes: + * Old Linux versions require POSIX_C_SOURCE or _GNU_SOURCE to + compile with thread safety support + * A non-responsive DNS server that caused timeouts wouldn't + increment thefailure count, this would lead to other servers + not being tried. Regression introduced in 1.22.0 + * Some projects that depend on c-ares expect invalid parameter + option valuespassed into ares_init_options() to simply be + ignored. This behavior has been restored + * getrandom() can fail if the kernel doesn't support + the syscall, fall back to another random source + * ares_cancel() when performing ares_gethostbyname() or + ares_getaddrinfo()with AF_UNSPEC, if called after one address + class was returned but before the other address class, it + would return ARES_SUCCESS rather than ARES_ECANCELLED + +- disable-live-tests.patch: dropped, not needed + +--- +Fri Dec 1 13:04:38 UTC 2023 - Adam Majer - 1.23 + +- Update to version 1.23 + Features: +Introduce optional (but on by default) thread-safety for the c-ares library. This has no API nor ABI implications. +resolv.conf in modern systems uses attempts and timeouts options instead of the old retrans and retry options. +Query caching support based on TTL of responses. Can be enabled via ares_init_options() with ARES_OPT_QUERY_CACHE. + Bugfixes: +ares_init_options() for ARES_OPT_UDP_PORT and ARES_OPT_TCP_PORT accept theport in host byte order, but it was reading it as network byte order. Regression introduced in 1.20.0. +ares_init_options() for ARES_FLAG_NOSEARCH was not being honored forares_getaddrinfo() or ares_gethostbyname(). Regression introduced in 1.16.0. +Autotools
commit c-ares for openSUSE:Factory
Script 'mail_helper' called by obssrc Hello community, here is the log from the commit of package c-ares for openSUSE:Factory checked in at 2023-10-11 23:53:59 Comparing /work/SRC/openSUSE:Factory/c-ares (Old) and /work/SRC/openSUSE:Factory/.c-ares.new.1807 (New) Package is "c-ares" Wed Oct 11 23:53:59 2023 rev:19 rq:1116650 version:1.20.1 Changes: --- /work/SRC/openSUSE:Factory/c-ares/c-ares.changes2023-05-23 14:53:37.334156123 +0200 +++ /work/SRC/openSUSE:Factory/.c-ares.new.1807/c-ares.changes 2023-10-12 11:37:29.238992567 +0200 @@ -1,0 +2,21 @@ +Tue Oct 10 09:31:38 UTC 2023 - Adam Majer - 1.20.1 + +- Update to version 1.20.1 + * Remove bin/acountry from built tools as nerd.dk is gone + * Default per-query timeout has been reduced to 2s with a 3x retry count + * rand: add support for getrandom() + + Bug fixes: + * TCP back to back queries were broken + * Ensure queries for ares_getaddrinfo() are not requeued during +destruction + * ares_getaddrinfo() should not retry other address classes if +one address class has already been returned + * Avoid production ill-formed result when qualifying a name +with the root domain + * Fix missing prefix for CMake generated libcares.pc + * DNS server ports can now be read from system configuration +instead of defaulting to port 53, aka openBSD resolv.conf format + * Replace usages of sprintf with snprintf + +--- Old: c-ares-1.19.1.tar.gz c-ares-1.19.1.tar.gz.asc New: c-ares-1.20.1.tar.gz c-ares-1.20.1.tar.gz.asc Other differences: -- ++ c-ares.spec ++ --- /var/tmp/diff_new_pack.sbuaYW/_old 2023-10-12 11:37:29.819013532 +0200 +++ /var/tmp/diff_new_pack.sbuaYW/_new 2023-10-12 11:37:29.819013532 +0200 @@ -22,7 +22,7 @@ %define cmake_build make -O VERBOSE=1 %{?_smp_mflags} %endif Name: c-ares -Version:1.19.1 +Version:1.20.1 Release:0 Summary:Library for asynchronous name resolves License:MIT @@ -67,7 +67,7 @@ This package provides the shared libraries for c-ares. %package devel -Summary:Development files for %{name} +Summary:Development files for c-ares Requires: %{libname} = %{version} Requires: glibc-devel Provides: libcares-devel = %{version} @@ -108,10 +108,8 @@ %files utils %license LICENSE.md -%{_bindir}/acountry %{_bindir}/adig %{_bindir}/ahost -%{_mandir}/man1/acountry.1%{?ext_man} %{_mandir}/man1/adig.1%{?ext_man} %{_mandir}/man1/ahost.1%{?ext_man} ++ c-ares-1.19.1.tar.gz -> c-ares-1.20.1.tar.gz ++ 16994 lines of diff (skipped)
commit c-ares for openSUSE:Factory
Script 'mail_helper' called by obssrc Hello community, here is the log from the commit of package c-ares for openSUSE:Factory checked in at 2023-05-23 14:53:27 Comparing /work/SRC/openSUSE:Factory/c-ares (Old) and /work/SRC/openSUSE:Factory/.c-ares.new.1533 (New) Package is "c-ares" Tue May 23 14:53:27 2023 rev:18 rq:1088407 version:1.19.1 Changes: --- /work/SRC/openSUSE:Factory/c-ares/c-ares.changes2023-02-10 14:33:54.777415944 +0100 +++ /work/SRC/openSUSE:Factory/.c-ares.new.1533/c-ares.changes 2023-05-23 14:53:37.334156123 +0200 @@ -1,0 +2,23 @@ +Mon May 22 13:56:59 UTC 2023 - Adam Majer + +- Update to version 1.19.1 + Security: + * CVE-2023-32067. High. 0-byte UDP payload causes Denial of Service +(bsc#1211604) + * CVE-2023-31147 Moderate. Insufficient randomness in generation +of DNS query IDs (bsc#1211605) + * CVE-2023-31130. Moderate. Buffer Underwrite in +ares_inet_net_pton() (bsc#1211606) + * CVE-2023-31124. Low. AutoTools does not set CARES_RANDOM_FILE +during cross compilation (bsc#1211607) + + Bug fixes: + * Fix uninitialized memory warning in test + * ares_getaddrinfo() should allow a port of 0 + * Fix memory leak in ares_send() on error + * Fix comment style in ares_data.h + * Fix typo in ares_init_options.3 + * Sync ax_pthread.m4 with upstream + * Sync ax_cxx_compile_stdcxx_11.m4 with upstream to fix uclibc support + +--- Old: c-ares-1.19.0.tar.gz c-ares-1.19.0.tar.gz.asc New: c-ares-1.19.1.tar.gz c-ares-1.19.1.tar.gz.asc Other differences: -- ++ c-ares.spec ++ --- /var/tmp/diff_new_pack.Yoz8cw/_old 2023-05-23 14:53:38.298161828 +0200 +++ /var/tmp/diff_new_pack.Yoz8cw/_new 2023-05-23 14:53:38.306161875 +0200 @@ -22,7 +22,7 @@ %define cmake_build make -O VERBOSE=1 %{?_smp_mflags} %endif Name: c-ares -Version:1.19.0 +Version:1.19.1 Release:0 Summary:Library for asynchronous name resolves License:MIT ++ c-ares-1.19.0.tar.gz -> c-ares-1.19.1.tar.gz ++ 6322 lines of diff (skipped)
commit c-ares for openSUSE:Factory
Script 'mail_helper' called by obssrc Hello community, here is the log from the commit of package c-ares for openSUSE:Factory checked in at 2023-02-10 14:33:48 Comparing /work/SRC/openSUSE:Factory/c-ares (Old) and /work/SRC/openSUSE:Factory/.c-ares.new.1848 (New) Package is "c-ares" Fri Feb 10 14:33:48 2023 rev:17 rq:1064045 version:1.19.0 Changes: --- /work/SRC/openSUSE:Factory/c-ares/c-ares.changes2023-01-31 16:25:09.563764637 +0100 +++ /work/SRC/openSUSE:Factory/.c-ares.new.1848/c-ares.changes 2023-02-10 14:33:54.777415944 +0100 @@ -8,0 +9 @@ +(bsc#1208067, CVE-2022-4904) Other differences: --
commit c-ares for openSUSE:Factory
Script 'mail_helper' called by obssrc Hello community, here is the log from the commit of package c-ares for openSUSE:Factory checked in at 2023-01-31 16:08:43 Comparing /work/SRC/openSUSE:Factory/c-ares (Old) and /work/SRC/openSUSE:Factory/.c-ares.new.32243 (New) Package is "c-ares" Tue Jan 31 16:08:43 2023 rev:16 rq:1062054 version:1.19.0 Changes: --- /work/SRC/openSUSE:Factory/c-ares/c-ares.changes2021-12-13 20:46:43.528502197 +0100 +++ /work/SRC/openSUSE:Factory/.c-ares.new.32243/c-ares.changes 2023-01-31 16:25:09.563764637 +0100 @@ -1,0 +2,32 @@ +Sun Jan 29 09:31:00 UTC 2023 - Martin Hauke + +- Update to version 1.19.0 + Security: + * Low. Stack overflow in ares_set_sortlist() which is used +during c-ares initialization and typically provided by an +administrator and not an end user. + Changes: + * Add ARES_OPT_HOSTS_FILE similar to ARES_OPT_RESOLVCONF for +specifying a custom hosts file location. + Bug fixes: + * Fix memory leak in reading /etc/hosts when using localhost +fallback. + * Fix chain building c-ares when libresolv is already included by +another project. + * File lookup should not immediately abort as there may be other +tries due to search criteria. + * Asterisks should be allowed in host validation as CNAMEs may +reference wildcard domains. + * AutoTools build system referenced bad STDC_HEADERS macro. + * Even if one address class returns a failure for +ares_getaddrinfo() we should still return the results we have. + * Fix ares_getaddrinfo() numerical address resolution with +AF_UNSPEC + * Fix tools and help information. + * Various documentation fixes and cleanups. + * Add include guards to ares_data.h + * c-ares could try to exceed maximum number of iovec entries +supported by system. + * The RFC6761 6.3 states localhost subdomains must be offline too + +--- Old: c-ares-1.18.1.tar.gz c-ares-1.18.1.tar.gz.asc New: c-ares-1.19.0.tar.gz c-ares-1.19.0.tar.gz.asc Other differences: -- ++ c-ares.spec ++ --- /var/tmp/diff_new_pack.M8BR7Y/_old 2023-01-31 16:25:09.979767030 +0100 +++ /var/tmp/diff_new_pack.M8BR7Y/_new 2023-01-31 16:25:09.983767053 +0100 @@ -1,7 +1,7 @@ # # spec file for package c-ares # -# Copyright (c) 2021 SUSE LLC +# Copyright (c) 2023 SUSE LLC # # All modifications and additions to the file contributed by third parties # remain the property of their copyright owners, unless otherwise agreed @@ -18,13 +18,11 @@ %define sonum 2 %define libname libcares%{sonum} - %if 0%{!?cmake_build:1} %define cmake_build make -O VERBOSE=1 %{?_smp_mflags} %endif - Name: c-ares -Version:1.18.1 +Version:1.19.0 Release:0 Summary:Library for asynchronous name resolves License:MIT @@ -37,9 +35,9 @@ Patch1: disable-live-tests.patch BuildRequires: cmake BuildRequires: gcc-c++ -BuildRequires: pkg-config # Needed for getservbyport_r function to work properly. BuildRequires: netcfg +BuildRequires: pkgconfig %description c-ares is a C library that performs DNS requests and name resolves ++ c-ares-1.18.1.tar.gz -> c-ares-1.19.0.tar.gz ++ 20273 lines of diff (skipped)
commit c-ares for openSUSE:Factory
Script 'mail_helper' called by obssrc Hello community, here is the log from the commit of package c-ares for openSUSE:Factory checked in at 2021-12-13 20:42:02 Comparing /work/SRC/openSUSE:Factory/c-ares (Old) and /work/SRC/openSUSE:Factory/.c-ares.new.2520 (New) Package is "c-ares" Mon Dec 13 20:42:02 2021 rev:15 rq:937232 version:1.18.1 Changes: --- /work/SRC/openSUSE:Factory/c-ares/c-ares.changes2021-09-13 16:24:53.326769517 +0200 +++ /work/SRC/openSUSE:Factory/.c-ares.new.2520/c-ares.changes 2021-12-13 20:46:43.528502197 +0100 @@ -1,0 +2,19 @@ +Tue Dec 7 16:57:20 UTC 2021 - Adam Majer + +- update to 1.18.1. Changes since 1.17.2: + * Allow '/' as a valid character for a returned name for +CNAME in-addr.arpa delegation + * no longer forwards requests for localhost resolution per RFC6761 + * During a domain search, treat ARES_ENODATA as ARES_NXDOMAIN so +that the search process will continue to the next domain +in the search. + * Provide ares_nameser.h as a public interface as needed by NodeJS + * Add support for URI(Uniform Resource Identifier) records via +ares_parse_uri_reply() + +- disable unit tests for SLE12 since GCC compiler too old to build + unit tests +- 5c995d5.patch: upstreamed +- disable-live-tests.patch: refreshed + +--- Old: 5c995d5.patch c-ares-1.17.2.tar.gz c-ares-1.17.2.tar.gz.asc New: c-ares-1.18.1.tar.gz c-ares-1.18.1.tar.gz.asc Other differences: -- ++ c-ares.spec ++ --- /var/tmp/diff_new_pack.Th1xIO/_old 2021-12-13 20:46:44.060502262 +0100 +++ /var/tmp/diff_new_pack.Th1xIO/_new 2021-12-13 20:46:44.064502262 +0100 @@ -24,7 +24,7 @@ %endif Name: c-ares -Version:1.17.2 +Version:1.18.1 Release:0 Summary:Library for asynchronous name resolves License:MIT @@ -35,7 +35,6 @@ Source4:baselibs.conf Patch0: 0001-Use-RPM-compiler-options.patch Patch1: disable-live-tests.patch -Patch2: https://github.com/c-ares/c-ares/commit/5c995d5.patch BuildRequires: cmake BuildRequires: gcc-c++ BuildRequires: pkg-config @@ -88,16 +87,23 @@ %autosetup -p1 -n c-ares-%{version} %build -%cmake -DCARES_BUILD_TESTS:BOOL=ON +%cmake \ +%if 0%{?suse_version} >= 1500 +-DCARES_BUILD_TESTS:BOOL=ON \ +%endif + %nil + %cmake_build %install %cmake_install %check +%if 0%{?suse_version} >= 1500 pushd build %cmake_build -C test LD_LIBRARY_PATH=.%_libdir:./%_lib ./bin/arestest +%endif %post -n %{libname} -p /sbin/ldconfig %postun -n %{libname} -p /sbin/ldconfig ++ c-ares-1.17.2.tar.gz -> c-ares-1.18.1.tar.gz ++ 134670 lines of diff (skipped) ++ disable-live-tests.patch ++ --- /var/tmp/diff_new_pack.Th1xIO/_old 2021-12-13 20:46:44.464502312 +0100 +++ /var/tmp/diff_new_pack.Th1xIO/_new 2021-12-13 20:46:44.468502312 +0100 @@ -1,9 +1,10 @@ -diff -Naur c-ares-1.16.1.orig/test/Makefile.inc c-ares-1.16.1/test/Makefile.inc c-ares-1.16.1.orig/test/Makefile.inc 2020-07-08 22:15:36.667605939 +0200 -+++ c-ares-1.16.1/test/Makefile.inc2020-07-08 22:16:25.407171729 +0200 -@@ -14,7 +14,6 @@ - ares-test-parse-srv.cc \ +Index: c-ares-1.18.1/test/Makefile.inc +=== +--- c-ares-1.18.1.orig/test/Makefile.inc c-ares-1.18.1/test/Makefile.inc +@@ -16,7 +16,6 @@ TESTSOURCES = ares-test-main.cc \ ares-test-parse-txt.cc \ + ares-test-parse-uri.cc \ ares-test-misc.cc \ - ares-test-live.cc \ ares-test-mock.cc \
commit c-ares for openSUSE:Factory
Script 'mail_helper' called by obssrc Hello community, here is the log from the commit of package c-ares for openSUSE:Factory checked in at 2021-09-13 16:24:22 Comparing /work/SRC/openSUSE:Factory/c-ares (Old) and /work/SRC/openSUSE:Factory/.c-ares.new.1899 (New) Package is "c-ares" Mon Sep 13 16:24:22 2021 rev:14 rq:917731 version:1.17.2 Changes: --- /work/SRC/openSUSE:Factory/c-ares/c-ares.changes2021-08-16 10:13:53.234933252 +0200 +++ /work/SRC/openSUSE:Factory/.c-ares.new.1899/c-ares.changes 2021-09-13 16:24:53.326769517 +0200 @@ -1,0 +2,15 @@ +Thu Sep 9 12:15:01 UTC 2021 - Adam Majer + +- new upstream website +- drop multibuild - tests do not require static library anymore +- spec file cleanup +- drop sources that were re-added to upstream distibution + (c-ares-config.cmake.in ares_dns.h libcares.pc.cmake) + +--- +Wed Sep 8 14:07:34 UTC 2021 - Adam Majer + +- 5c995d5.patch: augment input validation on hostnames to allow _ + as part of DNS response (bsc#1190225) + +--- Old: _multibuild ares_dns.h c-ares-config.cmake.in libcares.pc.cmake New: 5c995d5.patch Other differences: -- ++ c-ares.spec ++ --- /var/tmp/diff_new_pack.SrENBB/_old 2021-09-13 16:24:53.830770100 +0200 +++ /var/tmp/diff_new_pack.SrENBB/_new 2021-09-13 16:24:53.834770105 +0200 @@ -16,23 +16,6 @@ # -%global flavor @BUILD_FLAVOR@%{nil} - -%if "%{flavor}" == "%{nil}" -ExclusiveArch: do_not_build -%define pname c-ares -%endif - -%if "%{flavor}" == "tests" -%define pname c-ares-tests -%bcond_without tests -%endif - -%if "%{flavor}" == "main" -%define pname c-ares -%bcond_with tests -%endif - %define sonum 2 %define libname libcares%{sonum} @@ -40,29 +23,24 @@ %define cmake_build make -O VERBOSE=1 %{?_smp_mflags} %endif -Name: %{pname} +Name: c-ares Version:1.17.2 Release:0 Summary:Library for asynchronous name resolves License:MIT -URL:https://c-ares.haxx.se/ -Source0:http://c-ares.haxx.se/download/c-ares-%{version}.tar.gz -Source1:http://c-ares.haxx.se/download/c-ares-%{version}.tar.gz.asc +URL:https://c-ares.org/ +Source0:https://c-ares.org/download/c-ares-%{version}.tar.gz +Source1:https://c-ares.org/download/c-ares-%{version}.tar.gz.asc Source3:c-ares.keyring Source4:baselibs.conf -### REMOVE when upstream fixes https://github.com/c-ares/c-ares/issues/373 -Source5:libcares.pc.cmake -Source6:c-ares-config.cmake.in -Source7:ares_dns.h Patch0: 0001-Use-RPM-compiler-options.patch Patch1: disable-live-tests.patch +Patch2: https://github.com/c-ares/c-ares/commit/5c995d5.patch BuildRequires: cmake BuildRequires: gcc-c++ -%if %{with tests} +BuildRequires: pkg-config # Needed for getservbyport_r function to work properly. BuildRequires: netcfg -%endif -BuildRequires: pkg-config %description c-ares is a C library that performs DNS requests and name resolves @@ -106,35 +84,20 @@ This package provides the development libraries and headers needed to build packages that depend on c-ares. - %prep %autosetup -p1 -n c-ares-%{version} -cp %{S:5} %{S:6} . -cp %{S:7} include - %build - -%cmake \ -%if %{with tests} --DCARES_BUILD_TESTS:BOOL=ON \ -%endif -%{nil} +%cmake -DCARES_BUILD_TESTS:BOOL=ON %cmake_build %install -%if !%{with tests} %cmake_install -%endif -%if %{with tests} %check pushd build %cmake_build -C test LD_LIBRARY_PATH=.%_libdir:./%_lib ./bin/arestest -%endif - -%if !%{with tests} %post -n %{libname} -p /sbin/ldconfig %postun -n %{libname} -p /sbin/ldconfig @@ -160,6 +123,4 @@ %{_libdir}/pkgconfig/libcares.pc %{_libdir}/cmake/c-ares/ -%endif - %changelog ++ 5c995d5.patch ++ >From 5c995d50b05a2c374ae021012afa6f8f4cf2957e Mon Sep 17 00:00:00 2001 From: bradh352 Date: Wed, 8 Sep 2021 07:38:44 -0400 Subject: [PATCH] ares_expand_name should allow underscores (_) as SRV records legitimately use them c-ares 1.17.2 introduced response validation to prevent a security issue, however it did not have (_) listed as a valid character for domain name responses which caused issues when a CNAME referenced a SRV record which contained underscores. While RFC2181 section 11 does explicitly state not to do validation, that applies to servers not clients. Fixes: #424 Fix By: Brad House (@bradh352) --- src/lib/ares_expand_name.c | 12 +--- 1 file changed, 9 insertions(+), 3 deletions(-) diff --git a/src/lib/ares_expand_name.c b/src/lib/ares_expand_name.c index a62
commit c-ares for openSUSE:Factory
Script 'mail_helper' called by obssrc Hello community, here is the log from the commit of package c-ares for openSUSE:Factory checked in at 2021-08-16 10:08:59 Comparing /work/SRC/openSUSE:Factory/c-ares (Old) and /work/SRC/openSUSE:Factory/.c-ares.new.1899 (New) Package is "c-ares" Mon Aug 16 10:08:59 2021 rev:13 rq:911845 version:1.17.2 Changes: --- /work/SRC/openSUSE:Factory/c-ares/c-ares.changes2021-01-19 16:00:39.955241349 +0100 +++ /work/SRC/openSUSE:Factory/.c-ares.new.1899/c-ares.changes 2021-08-16 10:13:53.234933252 +0200 @@ -1,0 +2,27 @@ +Thu Aug 12 13:59:07 UTC 2021 - Adam Majer + +- update to 1.17.2: + Security: + * When building c-ares with CMake, the RANDOM_FILE would not be set +and therefore downgrade to the less secure random number generator + * If ares_getaddrinfo() was terminated by an ares_destroy(), +it would cause a crash + * Crash in sortaddrinfo() if the list size equals 0 due to +an unexpected DNS response + * Expand number of escaped characters in DNS replies as per +RFC1035 5.1 to prevent spoofing follow-up +(bsc#111, CVE-2021-3672) + * Perform validation on hostnames to prevent possible XSS +due to applications not performing valiation themselves + + Changes: + * ares_malloc(0) is now defined behavior (returns NULL) rather than system-specific to catch edge cases + + Bug fixes: + * Building tests should not force building of static libraries except on Windows + * Relative headers must use double quotes to prevent pulling in a system library + +for details see, +https://c-ares.haxx.se/changelog.html#1_17_2 + +--- Old: c-ares-1.17.1.tar.gz c-ares-1.17.1.tar.gz.asc New: c-ares-1.17.2.tar.gz c-ares-1.17.2.tar.gz.asc Other differences: -- ++ c-ares.spec ++ --- /var/tmp/diff_new_pack.vM9Ga3/_old 2021-08-16 10:13:53.662932706 +0200 +++ /var/tmp/diff_new_pack.vM9Ga3/_new 2021-08-16 10:13:53.666932701 +0200 @@ -41,7 +41,7 @@ %endif Name: %{pname} -Version:1.17.1 +Version:1.17.2 Release:0 Summary:Library for asynchronous name resolves License:MIT @@ -131,7 +131,7 @@ %check pushd build %cmake_build -C test -./bin/arestest +LD_LIBRARY_PATH=.%_libdir:./%_lib ./bin/arestest %endif %if !%{with tests} ++ c-ares-1.17.1.tar.gz -> c-ares-1.17.2.tar.gz ++ 6952 lines of diff (skipped)
commit c-ares for openSUSE:Factory
Script 'mail_helper' called by obssrc Hello community, here is the log from the commit of package c-ares for openSUSE:Factory checked in at 2021-01-19 16:00:32 Comparing /work/SRC/openSUSE:Factory/c-ares (Old) and /work/SRC/openSUSE:Factory/.c-ares.new.28504 (New) Package is "c-ares" Tue Jan 19 16:00:32 2021 rev:12 rq:863715 version:1.17.1 Changes: --- /work/SRC/openSUSE:Factory/c-ares/c-ares.changes2020-11-26 23:12:14.772939137 +0100 +++ /work/SRC/openSUSE:Factory/.c-ares.new.28504/c-ares.changes 2021-01-19 16:00:39.955241349 +0100 @@ -1,0 +2,19 @@ +Sat Jan 16 15:05:28 UTC 2021 - Dirk M??ller + +- update to 1.17.1: +Travis: add iOS target built with CMake (#378) +Issue #377 suggested that CMake builds for iOS with c-ares were broken. This PR adds an automatic Travis build for iOS CMake. + - fix build +External projects were using non-public header ares_dns.h, make public again (#376) +It appears some outside projects were relying on macros in ares_dns.h, even +though it doesn't appear that header was ever meant to be public. That said, +we don't want to break external integrators so we should distribute this header +again. + - note that so versioning has moved to configure.ac + - note about 1.17.1 + - fix sed gone wrong +autotools cleanup (#372) +* buildconf: remove custom logic with autoreconf +- remove missing_header.patch (upstream) + +--- Old: c-ares-1.17.0.tar.gz c-ares-1.17.0.tar.gz.asc missing_header.patch New: c-ares-1.17.1.tar.gz c-ares-1.17.1.tar.gz.asc Other differences: -- ++ c-ares.spec ++ --- /var/tmp/diff_new_pack.vGWFIa/_old 2021-01-19 16:00:40.583242298 +0100 +++ /var/tmp/diff_new_pack.vGWFIa/_new 2021-01-19 16:00:40.587242303 +0100 @@ -1,7 +1,7 @@ # # spec file for package c-ares # -# Copyright (c) 2020 SUSE LLC +# Copyright (c) 2021 SUSE LLC # # All modifications and additions to the file contributed by third parties # remain the property of their copyright owners, unless otherwise agreed @@ -41,7 +41,7 @@ %endif Name: %{pname} -Version:1.17.0 +Version:1.17.1 Release:0 Summary:Library for asynchronous name resolves License:MIT @@ -56,7 +56,6 @@ Source7:ares_dns.h Patch0: 0001-Use-RPM-compiler-options.patch Patch1: disable-live-tests.patch -Patch2: missing_header.patch BuildRequires: cmake BuildRequires: gcc-c++ %if %{with tests} ++ c-ares-1.17.0.tar.gz -> c-ares-1.17.1.tar.gz ++ 18973 lines of diff (skipped)
[opensuse-commit] commit c-ares for openSUSE:Factory
Hello community, here is the log from the commit of package c-ares for openSUSE:Factory checked in at 2020-11-26 23:10:39 Comparing /work/SRC/openSUSE:Factory/c-ares (Old) and /work/SRC/openSUSE:Factory/.c-ares.new.5913 (New) Package is "c-ares" Thu Nov 26 23:10:39 2020 rev:11 rq:849957 version:1.17.0 Changes: --- /work/SRC/openSUSE:Factory/c-ares/c-ares.changes2020-11-23 10:24:01.252924653 +0100 +++ /work/SRC/openSUSE:Factory/.c-ares.new.5913/c-ares.changes 2020-11-26 23:12:14.772939137 +0100 @@ -1,0 +2,5 @@ +Sat Nov 21 23:16:21 UTC 2020 - Marcus Rueckert + +- add BR for pkg-config to get the provides in the devel package + +--- Other differences: -- ++ c-ares.spec ++ --- /var/tmp/diff_new_pack.U5Tnb3/_old 2020-11-26 23:12:16.240939441 +0100 +++ /var/tmp/diff_new_pack.U5Tnb3/_new 2020-11-26 23:12:16.244939441 +0100 @@ -63,6 +63,7 @@ # Needed for getservbyport_r function to work properly. BuildRequires: netcfg %endif +BuildRequires: pkg-config %description c-ares is a C library that performs DNS requests and name resolves ___ openSUSE Commits mailing list -- commit@lists.opensuse.org To unsubscribe, email commit-le...@lists.opensuse.org List Netiquette: https://en.opensuse.org/openSUSE:Mailing_list_netiquette List Archives: https://lists.opensuse.org/archives/list/commit@lists.opensuse.org
[opensuse-commit] commit c-ares for openSUSE:Factory
Hello community, here is the log from the commit of package c-ares for openSUSE:Factory checked in at 2020-11-21 12:40:21 Comparing /work/SRC/openSUSE:Factory/c-ares (Old) and /work/SRC/openSUSE:Factory/.c-ares.new.5913 (New) Package is "c-ares" Sat Nov 21 12:40:21 2020 rev:10 rq:849356 version:1.17.0 Changes: --- /work/SRC/openSUSE:Factory/c-ares/c-ares.changes2020-09-14 12:13:44.052265716 +0200 +++ /work/SRC/openSUSE:Factory/.c-ares.new.5913/c-ares.changes 2020-11-23 10:24:01.252924653 +0100 @@ -1,0 +2,40 @@ +Thu Nov 19 09:51:18 UTC 2020 - Adam Majer + +- ares_dns.h, missing_header.patch: re-add missing header in last release + +--- +Tue Nov 17 12:07:22 UTC 2020 - Adam Majer + +- Version update to 1.17.0 + Security: + * avoid read-heap-buffer-overflow in ares_parse_soa_reply found during +fuzzing + * Avoid theoretical buffer overflow in RC4 loop comparison + * Empty hquery->name could lead to invalid memory access + * ares_parse_{a,}_reply() could return a larger *naddrttls than was +passed in (bsc#1178882, CVE-2020-8277) + + Changes: + * Update help information for adig, acountry, and ahost + * Test Suite now uses dynamic system-assigned ports rather than hardcoded +ports to prevent failures in containers + * Detect remote DNS server does not support EDNS using rules from RFC 6891 + * Source tree has been reorganized to use a more modern layout + * Allow parsing of CAA Resource Record + + Bug fixes: + * readaddrinfo bad sizeof() + * Test cases should honor HAVE_WRITEV flag, not depend on WIN32 + * FQDN with trailing period should be queried first + * ares_getaddrinfo() was returning members of the struct as garbage values if +unset, and was not honoring ai_socktype and ai_protocol hints. + * ares_gethostbyname() with AF_UNSPEC and an ip address would fail + * Properly document ares_set_local_ip4() uses host byte order + +For details, see https://c-ares.haxx.se/changelog.html + +- add missing upstream sources, to be removed for next release +- remove unnecessary BuildRequires +- fix building on SLE12 systems + +--- Old: c-ares-1.16.1.tar.gz c-ares-1.16.1.tar.gz.asc New: ares_dns.h c-ares-1.17.0.tar.gz c-ares-1.17.0.tar.gz.asc c-ares-config.cmake.in libcares.pc.cmake missing_header.patch Other differences: -- ++ c-ares.spec ++ --- /var/tmp/diff_new_pack.1PrHuc/_old 2020-11-23 10:24:01.824925299 +0100 +++ /var/tmp/diff_new_pack.1PrHuc/_new 2020-11-23 10:24:01.828925304 +0100 @@ -17,33 +17,52 @@ %global flavor @BUILD_FLAVOR@%{nil} + +%if "%{flavor}" == "%{nil}" +ExclusiveArch: do_not_build +%define pname c-ares +%endif + %if "%{flavor}" == "tests" -%define psuffix -tests +%define pname c-ares-tests %bcond_without tests -%else -%bcond_with tests %endif + +%if "%{flavor}" == "main" %define pname c-ares +%bcond_with tests +%endif + %define sonum 2 %define libname libcares%{sonum} -Name: %{pname}%{?psuffix} -Version:1.16.1 + +%if 0%{!?cmake_build:1} +%define cmake_build make -O VERBOSE=1 %{?_smp_mflags} +%endif + +Name: %{pname} +Version:1.17.0 Release:0 Summary:Library for asynchronous name resolves License:MIT URL:https://c-ares.haxx.se/ -Source0:http://c-ares.haxx.se/download/%{pname}-%{version}.tar.gz -Source1:http://c-ares.haxx.se/download/%{pname}-%{version}.tar.gz.asc -Source3:%{pname}.keyring +Source0:http://c-ares.haxx.se/download/c-ares-%{version}.tar.gz +Source1:http://c-ares.haxx.se/download/c-ares-%{version}.tar.gz.asc +Source3:c-ares.keyring Source4:baselibs.conf +### REMOVE when upstream fixes https://github.com/c-ares/c-ares/issues/373 +Source5:libcares.pc.cmake +Source6:c-ares-config.cmake.in +Source7:ares_dns.h Patch0: 0001-Use-RPM-compiler-options.patch Patch1: disable-live-tests.patch +Patch2: missing_header.patch BuildRequires: cmake BuildRequires: gcc-c++ -BuildRequires: libtool +%if %{with tests} # Needed for getservbyport_r function to work properly. BuildRequires: netcfg -BuildRequires: pkgconfig +%endif %description c-ares is a C library that performs DNS requests and name resolves @@ -87,21 +106,17 @@ This package provides the development libraries and headers needed to build packages that depend on c-ares. + %prep -%autosetup -p1 -n %{pname}-%{version} +%autosetup -p1 -n c-ares-%{version} -# Remove bogus cflags checking -sed -i -e '/XC_CHECK_BUILD_FLAGS/d' configure.ac -sed -i -e '/XC_CHECK_USER_FLAGS/