From 037df42bc1b2afa0458cfd00d72ea7747003ccc0011e49fbe570546094ec6ad5 Mon Sep 17 00:00:00 2001
From: Adam Majer <amajer@suse.com>
Date: Mon, 15 Jun 2020 15:25:03 +0000
Subject: [PATCH] Accepting request 814724 from
 home:kstreitova:branches:devel:libraries:c_c++

- Update to 1.6.0
- Changes in 1.6.0:
  * Bugfixes
    * adnshost: Support --reverse in -f mode input stream
    * timeout robustness against clock skew: track query start time and
      duration.  Clock instability may now only cause spurious timeouts
      rather than indefinite hangs or even assertion failures.
  * New features:
    * adnshost: Offer ability to set adns checkc flags
    * adnslogres: Honour --checkc-freq (if it comes first)
    * adnsresfilter: Honour --checkc-freq and --checkc-entex
    * time handling: Support use of CLOCK_MONOTONIC via an init flag.
    * adns_str* etc.: Improve robustness; more allowable inputs values.
  * Internal changes:
    * adnshost: adh-opts.c: Whitespace adjustments to option table
  * Build system and tests improvements
- Changes in 1.5.2
  * Important security fixes:
    CVE-2017-9103 CVE-2017-9104 CVE-2017-9105 CVE-2017-9109:
      Vulnerable applications: all adns callers.
      Exploitable by: the local recursive resolver.
      Likely worst case: Remote code execution.
    CVE-2017-9106:
      Vulnerable applications: those that make SOA queries.
      Exploitable by: upstream DNS data sources.
      Likely worst case: DoS (crash of the adns-using application)
    CVE-2017-9107:
      Vulnerable applications: those that use adns_qf_quoteok_query.
      Exploitable by: sources of query domain names.
      Likely worst case: DoS (crash of the adns-using application)

OBS-URL: https://build.opensuse.org/request/show/814724
OBS-URL: https://build.opensuse.org/package/show/devel:libraries:c_c++/adns?expand=0&rev=29
---
 adns-1.5.1-gcc10.patch |  15 -----------
 adns-1.5.1.tar.gz      |   3 ---
 adns-1.5.1.tar.gz.sig  | Bin 287 -> 0 bytes
 adns-1.6.0.tar.gz      |   3 +++
 adns-1.6.0.tar.gz.sig  | Bin 0 -> 310 bytes
 adns-visibility.patch  |   4 +--
 adns.changes           |  58 +++++++++++++++++++++++++++++++++++++++++
 adns.spec              |  11 +++++---
 8 files changed, 70 insertions(+), 24 deletions(-)
 delete mode 100644 adns-1.5.1-gcc10.patch
 delete mode 100644 adns-1.5.1.tar.gz
 delete mode 100644 adns-1.5.1.tar.gz.sig
 create mode 100644 adns-1.6.0.tar.gz
 create mode 100644 adns-1.6.0.tar.gz.sig

diff --git a/adns-1.5.1-gcc10.patch b/adns-1.5.1-gcc10.patch
deleted file mode 100644
index 465149a..0000000
--- a/adns-1.5.1-gcc10.patch
+++ /dev/null
@@ -1,15 +0,0 @@
-diff -up adns-1.5.1/src/event.c.me adns-1.5.1/src/event.c
-diff -up adns-1.5.1/src/internal.h.me adns-1.5.1/src/internal.h
---- adns-1.5.1/src/internal.h.me	2020-02-18 13:54:38.578415675 +0100
-+++ adns-1.5.1/src/internal.h	2020-02-18 14:00:26.398198338 +0100
-@@ -246,7 +246,9 @@ union maxalign {
-   void *p;
-   void (*fp)(void);
-   union maxalign *up;
--} data;
-+};
-+
-+extern union maxalign data;
- 
- struct adns__query {
-   adns_state ads;
diff --git a/adns-1.5.1.tar.gz b/adns-1.5.1.tar.gz
deleted file mode 100644
index 064fc2b..0000000
--- a/adns-1.5.1.tar.gz
+++ /dev/null
@@ -1,3 +0,0 @@
-version https://git-lfs.github.com/spec/v1
-oid sha256:5b1026f18b8274be869245ed63427bf8ddac0739c67be12c4a769ac948824eeb
-size 319774
diff --git a/adns-1.5.1.tar.gz.sig b/adns-1.5.1.tar.gz.sig
deleted file mode 100644
index 02b8ba801b66e4d2ad6b2b712e0a3ec4f80ea69d371f28084ae58bb7fbc4c119..0000000000000000000000000000000000000000000000000000000000000000
GIT binary patch
literal 0
HcmV?d00001

literal 287
zcmV+)0pR|L0UQJX0SEvF1p-&DMmYcq2@vDsIU`854LPh@2mpe&+6w(03OFmiUDc(5
zZw}w~pPd3fu7j;ug{zc`yuiB=bd9Kdj=DzbEgV~A4?cLZc?P1bkO9|f#L+cnVw`+T
zdlrtal2N~{J9YLroQ&Rt=dV+zx#;I)7Kf>sA4knfitI1O^h(W9se%hJDvL1?%AZ>R
z&z0vUmCAp|Oy5<D_{j*VkRx)1x&1>ZO9=Wpvdyu1%9pO!2nL}UFm7HKOmCQ@z^lJF
ziWhWK4fW&^8K!JGZNvpX@Y*J%069^xVA@tU6wTH-0~m;Wj?2e8f@~Kpz#792awX;(
laL*_pYGfE5N9RPC?baziI$u3N$aMiznpF&Fe~bpOB9}fNe!Bnw

diff --git a/adns-1.6.0.tar.gz b/adns-1.6.0.tar.gz
new file mode 100644
index 0000000..3458103
--- /dev/null
+++ b/adns-1.6.0.tar.gz
@@ -0,0 +1,3 @@
+version https://git-lfs.github.com/spec/v1
+oid sha256:fb427265a981e033d1548f2b117cc021073dc8be2eaf2c45fd64ab7b00ed20de
+size 323474
diff --git a/adns-1.6.0.tar.gz.sig b/adns-1.6.0.tar.gz.sig
new file mode 100644
index 0000000000000000000000000000000000000000000000000000000000000000..abe529f2f628092f11b4fb9785a0d4c6e4b43c3947a1c016a2c23a16e8b98470
GIT binary patch
literal 310
zcmV-60m=S}0W$;u0SEvc79j*xn&fOPYi%-R=gXnv<2fTpwGBB10$$=#KmZB}5aZ)H
zBS^IkIdskk{y%jl#k{HmS2cK0m8zV&T%aZ%W@UCN;ur|G53`%=lj&1BJusI*B0n-w
z4C#RDK;9N5Zh3ePkv1Z>jD%|&&+@=46Y-b_+9!)?nEQwAAlG0;VTKg=L`0QfWt;E#
zdE7GU<fpA&<~Wj#P=$;tD7w7kUKEpGY5|%JcrD&2s(PB+69j9V0rGtzqbdLMov6>G
zy4+xxU38Yb#X~bg1CG9_d9%Ml)3c>(5-I@kJT?WY1y-{k*=g{s71Bx5!yqa)l|Wo)
zit_;XMpOg;#cz?vLmrhc<0f#{1m+izRGI_#fO)Q!^p(`7gzB*kjsfMX^|O`?>zpwE
ISQJ~6{9bL2eE<Le

literal 0
HcmV?d00001

diff --git a/adns-visibility.patch b/adns-visibility.patch
index b8d9ed1..c20ca94 100644
--- a/adns-visibility.patch
+++ b/adns-visibility.patch
@@ -24,8 +24,8 @@ Index: src/internal.h
 +#pragma GCC visibility push(hidden)
  /* Configuration and constants */
  
- #define MAXSERVERS 5
-@@ -944,4 +945,5 @@ static inline int errno_resources(int e)
+ #define MAXSERVERS 5 /* do not increase beyond no. of bits in `unsigned'! */
+@@ -960,4 +961,5 @@ static inline int errno_resources(int e)
  		       (tv)|=GETIL_B(cb),		\
  		       (tv) )
  
diff --git a/adns.changes b/adns.changes
index b628755..b35e5e9 100644
--- a/adns.changes
+++ b/adns.changes
@@ -1,3 +1,61 @@
+-------------------------------------------------------------------
+Mon Jun 15 12:40:37 UTC 2020 - Kristyna Streitova <kstreitova@suse.com>
+
+- Update to 1.6.0
+- Changes in 1.6.0:
+  * Bugfixes
+    * adnshost: Support --reverse in -f mode input stream
+    * timeout robustness against clock skew: track query start time and
+      duration.  Clock instability may now only cause spurious timeouts
+      rather than indefinite hangs or even assertion failures.
+  * New features:
+    * adnshost: Offer ability to set adns checkc flags
+    * adnslogres: Honour --checkc-freq (if it comes first)
+    * adnsresfilter: Honour --checkc-freq and --checkc-entex
+    * time handling: Support use of CLOCK_MONOTONIC via an init flag.
+    * adns_str* etc.: Improve robustness; more allowable inputs values.
+  * Internal changes:
+    * adnshost: adh-opts.c: Whitespace adjustments to option table
+  * Build system and tests improvements
+- Changes in 1.5.2
+  * Important security fixes:
+    CVE-2017-9103 CVE-2017-9104 CVE-2017-9105 CVE-2017-9109:
+      Vulnerable applications: all adns callers.
+      Exploitable by: the local recursive resolver.
+      Likely worst case: Remote code execution.
+    CVE-2017-9106:
+      Vulnerable applications: those that make SOA queries.
+      Exploitable by: upstream DNS data sources.
+      Likely worst case: DoS (crash of the adns-using application)
+    CVE-2017-9107:
+      Vulnerable applications: those that use adns_qf_quoteok_query.
+      Exploitable by: sources of query domain names.
+      Likely worst case: DoS (crash of the adns-using application)
+    CVE-2017-9108:
+      Vulnerable applications: adnshost.
+      Exploitable by: code responsible for framing the input.
+      Likely worst case: DoS (adnshost crashes at EOF).
+  * Bugfixes:
+    * Do not include spurious external symbol `data' (fixes GCC10 build).
+    * If server sends TC flag over TCP, bail rather than retrying.
+    * Do not crash on certain strange resolv.conf contents.
+    * Fix various crashes if a global system failure occurs, or
+      adns_finish is called with outstanding queries.
+    * Correct a parsing error message very slightly.
+    * DNS packet parsing: Slight fix when packet is truncated.
+    * Fix ABI compatibility in string conversion of certain RR types.
+    * internal.h: Use `unsigned' for nextid; fixes theoretical C UB.
+  * Portability fix:
+    * common.make.in: add -Wno-unused-value.  Fixes build with GCC9.
+  * Internal changes:
+    * Additional comments describing some internal code restrions.
+    * Robustness assert() against malfunctioning write() system call.
+- It fixes the following CVEs [bsc#1172265]
+  CVE-2017-9103, CVE-2017-9104, CVE-2017-9105, CVE-2017-9106,
+  CVE-2017-9107, CVE-2017-9108, CVE-2017-9109
+- refresh adns-visibility.patch
+- drop adns-1.5.1-gcc10.patch that is no longer needed 
+
 -------------------------------------------------------------------
 Tue Jun  2 12:48:11 UTC 2020 - Kristyna Streitova <kstreitova@suse.com>
 
diff --git a/adns.spec b/adns.spec
index c2bf5d0..97739b8 100644
--- a/adns.spec
+++ b/adns.spec
@@ -18,7 +18,7 @@
 
 %define lname	libadns1
 Name:           adns
-Version:        1.5.1
+Version:        1.6.0
 Release:        0
 Summary:        Advanced Easy-to-Use Asynchronous-Capable DNS Utilities
 License:        GPL-2.0-or-later
@@ -32,7 +32,6 @@ Source4:        baselibs.conf
 Patch0:         adns-1.4-destdir.patch
 Patch1:         adns-1.4-configure.patch
 Patch2:         adns-visibility.patch
-Patch3:         adns-1.5.1-gcc10.patch
 BuildRequires:  autoconf
 
 %description
@@ -64,7 +63,6 @@ programs with libads support.
 %patch0
 %patch1
 %patch2
-%patch3 -p1
 cp %{SOURCE3} .
 
 %build
@@ -73,7 +71,12 @@ autoreconf -fiv
 %make_build all
 
 %install
-%make_install
+make install \
+    prefix=%{buildroot}%{_prefix} \
+    bindir=%{buildroot}%{_bindir} \
+    includedir=%{buildroot}%{_includedir} \
+    libdir=%{buildroot}%{_libdir} \
+
 # FIXME: --disable-static not available
 rm %{buildroot}%{_libdir}/*.a