- Version update to 1.17.0

Security: * avoid read-heap-buffer-overflow in ares_parse_soa_reply found during fuzzing * Avoid theoretical buffer overflow in RC4 loop comparison * Empty hquery->name could lead to invalid memory access * ares_parse_{a,aaaa}_reply() could return a larger *naddrttls than was passed in (bsc#1178882, CVE-2020-8277) Changes: * Update help information for adig, acountry, and ahost * Test Suite now uses dynamic system-assigned ports rather than hardcoded ports to prevent failures in containers * Detect remote DNS server does not support EDNS using rules from RFC 6891 * Source tree has been reorganized to use a more modern layout * Allow parsing of CAA Resource Record Bug fixes: * readaddrinfo bad sizeof() * Test cases should honor HAVE_WRITEV flag, not depend on WIN32 * FQDN with trailing period should be queried first * ares_getaddrinfo() was returning members of the struct as garbage values if unset, and was not honoring ai_socktype and ai_protocol hints. * ares_gethostbyname() with AF_UNSPEC and an ip address would fail * Properly document ares_set_local_ip4() uses host byte order For details, see https://c-ares.haxx.se/changelog.html OBS-URL: https://build.opensuse.org/package/show/devel:libraries:c_c++/c-ares?expand=0&rev=24
2020-11-17 12:35:56 +00:00 · 2020-11-17 12:35:56 +00:00 · 6810ec45ff
commit 6810ec45ff
parent 958dddd2da
8 changed files with 96 additions and 29 deletions
--- a/c-ares-1.16.1.tar.gz
+++ b/c-ares-1.16.1.tar.gz
@ -1,3 +0,0 @@
-version https://git-lfs.github.com/spec/v1
-oid sha256:d08312d0ecc3bd48eee0a4cc0d2137c9f194e0a28de2028928c0f6cae85f86ce
-size 1374637
--- a/c-ares-1.16.1.tar.gz.asc
+++ b/c-ares-1.16.1.tar.gz.asc
@ -1,11 +0,0 @@
-----BEGIN PGP SIGNATURE-----
-
-iQEzBAABCgAdFiEEJ+3q8i86vOtQ25oSXMkI/bceEsIFAl65kRoACgkQXMkI/bce
-EsLoxwgAkIUACrGgrcLwqPUt6+JZoqWgTMjQTuGyZ+5kB8O93U40GSHH8YDm5Ntj
-iTADAQMNo8EJfRBwH+tpQ7VFXDIAz/8dNuwx4VmnadaqoQU7j7v2u5IhltBmtof1
-SkRwwdpma4FoteF91cPDoFH/sdaUGlhFo/fS4gJPeWJqqqCok78j5mS9ZIwzyc4B
-JKP2PMEt1XX1hmLOc+4jI7Mv0N0egN6cvCTiyW8jq0maEALiUBm3U9T+g6yDLp5J
-KnbtLkcwTU+lj4BdMcJ+ADrW4ELFIY1Jd1qOWhLOLEwyvbDFiJ1x53+U3Vzht7n0
-Yv/3aL0xtfcRXkILjnNlNCSgO34PTg==
-=LOfS
-----END PGP SIGNATURE-----
--- a/c-ares-1.17.0.tar.gz
+++ b/c-ares-1.17.0.tar.gz
@ -0,0 +1,3 @@
+version https://git-lfs.github.com/spec/v1
+oid sha256:1cecd5dbe21306c7263f8649aa6e9a37aecb985995a3489f487d98df2b40757d
+size 1396682
--- a/c-ares-1.17.0.tar.gz.asc
+++ b/c-ares-1.17.0.tar.gz.asc
@ -0,0 +1,11 @@
+-----BEGIN PGP SIGNATURE-----
+
+iQEzBAABCgAdFiEEJ+3q8i86vOtQ25oSXMkI/bceEsIFAl+y9H8ACgkQXMkI/bce
+EsKfbAgAhqNNHmxmcHf8i5BqHMDpJwlnBxeX2A0VFJU5iBm5v3MF1NI6LOKlzJb1
+4xfJ4XcqwZQTK7bmcyX28/Rl71uG+0AhKy9X20fAUdWfzOr2rfmdzv7KDm3FimlN
+8k1iAvcwSoRg/YOmiZrkefKMx0TrE7MjFfds4FtL54Y+qFkYCvdRlHpCtzBkQLjd
+8JCD8dTKd0zrLVcoSVaAgOvKp67e5aOkhLsxpQNm7IFldzzePK4Go77toPKGZ8Q4
+VQ97iFyvop5eN7+ItnR+8CC1/7d/1p1J5k62lygiYVK7M5uD+4ioj/mW4h9ykFha
+b47/5W/AER3PRTgD3cLWcj0gb9AOAw==
+=jz6s
+-----END PGP SIGNATURE-----
--- a/c-ares-config.cmake.in
+++ b/c-ares-config.cmake.in
@ -0,0 +1,21 @@
+@PACKAGE_INIT@
+
+set_and_check(c-ares_INCLUDE_DIR "@PACKAGE_CMAKE_INSTALL_INCLUDEDIR@")
+
+include("${CMAKE_CURRENT_LIST_DIR}/c-ares-config-version.cmake")
+include("${CMAKE_CURRENT_LIST_DIR}/c-ares-targets.cmake")
+
+set(c-ares_LIBRARY c-ares::cares)
+
+if(@CARES_SHARED@)
+	add_library(c-ares::cares_shared INTERFACE IMPORTED)
+	set_target_properties(c-ares::cares_shared PROPERTIES INTERFACE_LINK_LIBRARIES "c-ares::cares")
+	set(c-ares_SHARED_LIBRARY c-ares::cares_shared)
+elseif(@CARES_STATIC@)
+	add_library(c-ares::cares_static INTERFACE IMPORTED)
+	set_target_properties(c-ares::cares_static PROPERTIES INTERFACE_LINK_LIBRARIES "c-ares::cares")
+endif()
+
+if(@CARES_STATIC@)
+	set(c-ares_STATIC_LIBRARY c-ares::cares_static)
+endif()
--- a/c-ares.changes
+++ b/c-ares.changes
@ -1,3 +1,34 @@
+-------------------------------------------------------------------
+Tue Nov 17 12:07:22 UTC 2020 - Adam Majer <adam.majer@suse.de>
+
+- Version update to 1.17.0
+  Security:
+  * avoid read-heap-buffer-overflow in ares_parse_soa_reply found during
+    fuzzing
+  * Avoid theoretical buffer overflow in RC4 loop comparison
+  * Empty hquery->name could lead to invalid memory access
+  * ares_parse_{a,aaaa}_reply() could return a larger *naddrttls than was
+    passed in (bsc#1178882, CVE-2020-8277)
+
+  Changes:
+  * Update help information for adig, acountry, and ahost
+  * Test Suite now uses dynamic system-assigned ports rather than hardcoded
+    ports to prevent failures in containers
+  * Detect remote DNS server does not support EDNS using rules from RFC 6891
+  * Source tree has been reorganized to use a more modern layout
+  * Allow parsing of CAA Resource Record
+
+  Bug fixes:
+  * readaddrinfo bad sizeof()
+  * Test cases should honor HAVE_WRITEV flag, not depend on WIN32
+  * FQDN with trailing period should be queried first
+  * ares_getaddrinfo() was returning members of the struct as garbage values if
+    unset, and was not honoring ai_socktype and ai_protocol hints.
+  * ares_gethostbyname() with AF_UNSPEC and an ip address would fail
+  * Properly document ares_set_local_ip4() uses host byte order
+
+For details, see https://c-ares.haxx.se/changelog.html
+
 -------------------------------------------------------------------
 Fri Sep 11 07:54:10 UTC 2020 - Tomáš Chvátal <tchvatal@suse.com>

--- a/c-ares.spec
+++ b/c-ares.spec
@ -1,5 +1,5 @@
 #
-# spec file for package c-ares
+# spec file for package c
 #
 # Copyright (c) 2020 SUSE LLC
 #
@ -27,7 +27,7 @@
 %define sonum   2
 %define libname libcares%{sonum}
 Name:           %{pname}%{?psuffix}
-Version:        1.16.1
+Version:        1.17.0
 Release:        0
 Summary:        Library for asynchronous name resolves
 License:        MIT
@ -36,6 +36,8 @@ Source0:        http://c-ares.haxx.se/download/%{pname}-%{version}.tar.gz
 Source1:        http://c-ares.haxx.se/download/%{pname}-%{version}.tar.gz.asc
 Source3:        %{pname}.keyring
 Source4:        baselibs.conf
+Source5:        libcares.pc.cmake
+Source6:        c-ares-config.cmake.in
 Patch0:         0001-Use-RPM-compiler-options.patch
 Patch1:         disable-live-tests.patch
 BuildRequires:  cmake
@ -89,19 +91,15 @@ to build packages that depend on c-ares.

 %prep
 %autosetup -p1 -n %{pname}-%{version}
+cp %{S:5} %{S:6} .

 # Remove bogus cflags checking
-sed -i -e '/XC_CHECK_BUILD_FLAGS/d' configure.ac
-sed -i -e '/XC_CHECK_USER_FLAGS/d' m4/xc-cc-check.m4
+# sed -i -e '/XC_CHECK_BUILD_FLAGS/d' configure.ac
+# sed -i -e '/XC_CHECK_USER_FLAGS/d' m4/xc-cc-check.m4

 %build
 %cmake \
-    -DCARES_STATIC:BOOL=OFF \
-    -DCARES_SHARED:BOOL=ON \
-    -DCARES_INSTALL:BOOL=ON \
-    -DCARES_BUILD_TOOLS:BOOL=ON \
 %if %{with tests}
-    -DCARES_STATIC:BOOL=ON \
    -DCARES_BUILD_TESTS:BOOL=ON \
 %endif
    %{nil}
@ -110,21 +108,17 @@ sed -i -e '/XC_CHECK_USER_FLAGS/d' m4/xc-cc-check.m4
 %install
 %if !%{with tests}
 %cmake_install
-install -m 644 -Dt %{buildroot}%{_mandir}/man1/ *.1
-install -m 644 -Dt %{buildroot}%{_mandir}/man3/ *.3
-# Tests require static lib so lets remove it so it does not get in package
-find %{buildroot} -type f \( -name "*.la" -o -name "*.a" \) -delete -print
 %endif

 %if %{with tests}
 %check
 pushd build
 %make_build -C test
-export LD_LIBRARY_PATH=$LD_LIBRARY_PATH:./lib
 ./bin/arestest
 %endif

 %if !%{with tests}
+
 %post   -n %{libname} -p /sbin/ldconfig
 %postun -n %{libname} -p /sbin/ldconfig

@ -139,7 +133,7 @@ export LD_LIBRARY_PATH=$LD_LIBRARY_PATH:./lib

 %files -n %{libname}
 %license LICENSE.md
-%{_libdir}/libcares.so.2*
+%{_libdir}/libcares.so.%{sonum}*

 %files devel
 %license LICENSE.md
@ -148,6 +142,7 @@ export LD_LIBRARY_PATH=$LD_LIBRARY_PATH:./lib
 %{_mandir}/man3/ares_*.3%{?ext_man}
 %{_libdir}/pkgconfig/libcares.pc
 %{_libdir}/cmake/c-ares/
+
 %endif

 %changelog
--- a/libcares.pc.cmake
+++ b/libcares.pc.cmake
@ -0,0 +1,20 @@
+#***************************************************************************
+# Project        ___       __ _ _ __ ___  ___ 
+#               / __|____ / _` | '__/ _ \/ __|
+#              | (_|_____| (_| | | |  __/\__ \
+#               \___|     \__,_|_|  \___||___/
+#
+prefix=@CMAKE_INSTALL_PREFIX@
+exec_prefix=${prefix}/@CMAKE_INSTALL_BINDIR@
+libdir=${prefix}/@CMAKE_INSTALL_LIBDIR@
+includedir=${prefix}/@CMAKE_INSTALL_INCLUDEDIR@
+
+Name: c-ares
+URL: https://c-ares.haxx.se/
+Description: asynchronous DNS lookup library
+Version: @CARES_VERSION@
+Requires: 
+Requires.private: 
+Cflags: -I${includedir} @CPPFLAG_CARES_STATICLIB@
+Libs: -L${libdir} -lcares
+Libs.private: @CARES_PRIVATE_LIBS@