forked from pool/c-ares
Adam Majer
6810ec45ff
Security:
* avoid read-heap-buffer-overflow in ares_parse_soa_reply found during
fuzzing
* Avoid theoretical buffer overflow in RC4 loop comparison
* Empty hquery->name could lead to invalid memory access
* ares_parse_{a,aaaa}_reply() could return a larger *naddrttls than was
passed in (bsc#1178882, CVE-2020-8277)
Changes:
* Update help information for adig, acountry, and ahost
* Test Suite now uses dynamic system-assigned ports rather than hardcoded
ports to prevent failures in containers
* Detect remote DNS server does not support EDNS using rules from RFC 6891
* Source tree has been reorganized to use a more modern layout
* Allow parsing of CAA Resource Record
Bug fixes:
* readaddrinfo bad sizeof()
* Test cases should honor HAVE_WRITEV flag, not depend on WIN32
* FQDN with trailing period should be queried first
* ares_getaddrinfo() was returning members of the struct as garbage values if
unset, and was not honoring ai_socktype and ai_protocol hints.
* ares_gethostbyname() with AF_UNSPEC and an ip address would fail
* Properly document ares_set_local_ip4() uses host byte order
For details, see https://c-ares.haxx.se/changelog.html
OBS-URL: https://build.opensuse.org/package/show/devel:libraries:c_c++/c-ares?expand=0&rev=24
4 lines
132 B
Plaintext
4 lines
132 B
Plaintext
version https://git-lfs.github.com/spec/v1
|
|
oid sha256:1cecd5dbe21306c7263f8649aa6e9a37aecb985995a3489f487d98df2b40757d
|
|
size 1396682
|