forked from pool/c-ares
f7d4aff1a8
- update to 1.17.2:
Security:
* When building c-ares with CMake, the RANDOM_FILE would not be set
and therefore downgrade to the less secure random number generator
* If ares_getaddrinfo() was terminated by an ares_destroy(),
it would cause a crash
* Crash in sortaddrinfo() if the list size equals 0 due to
an unexpected DNS response
* Expand number of escaped characters in DNS replies as per
RFC1035 5.1 to prevent spoofing follow-up
(bsc#1188881, CVE-2021-3672)
* Perform validation on hostnames to prevent possible XSS
due to applications not performing valiation themselves
Changes:
* ares_malloc(0) is now defined behavior (returns NULL) rather than system-specific to catch edge cases
Bug fixes:
* Building tests should not force building of static libraries except on Windows
* Relative headers must use double quotes to prevent pulling in a system library
for details see,
https://c-ares.haxx.se/changelog.html#1_17_2
OBS-URL: https://build.opensuse.org/request/show/911845
OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/c-ares?expand=0&rev=13
|
||
|---|---|---|
| _multibuild | ||
| .gitattributes | ||
| .gitignore | ||
| 0001-Use-RPM-compiler-options.patch | ||
| ares_dns.h | ||
| baselibs.conf | ||
| c-ares-1.17.2.tar.gz | ||
| c-ares-1.17.2.tar.gz.asc | ||
| c-ares-config.cmake.in | ||
| c-ares.changes | ||
| c-ares.keyring | ||
| c-ares.spec | ||
| disable-live-tests.patch | ||
| libcares.pc.cmake | ||