- Update to version 1.6.1:
+ Minor bugfix:
* Suppress warning about `trust-ad` in resolv.conf.
+ Build system:
* Honour DESTDIR, avoiding need for prefix= workaround.
* regression tests: Add missing dependency on hsyscalls.i.
GNU #51329. [Report from Sergei Trofimovich]
* regression tests: build with 64-bit time_t on 32-bit systems.
+ Documentation:
* Fix all http: URLs in docs to be https: instead.
- Drop: fixed upstream.
OBS-URL: https://build.opensuse.org/request/show/1174011
OBS-URL: https://build.opensuse.org/package/show/devel:libraries:c_c++/adns?expand=0&rev=33
- Update to 1.6.0
- Changes in 1.6.0:
* Bugfixes
* adnshost: Support --reverse in -f mode input stream
* timeout robustness against clock skew: track query start time and
duration. Clock instability may now only cause spurious timeouts
rather than indefinite hangs or even assertion failures.
* New features:
* adnshost: Offer ability to set adns checkc flags
* adnslogres: Honour --checkc-freq (if it comes first)
* adnsresfilter: Honour --checkc-freq and --checkc-entex
* time handling: Support use of CLOCK_MONOTONIC via an init flag.
* adns_str* etc.: Improve robustness; more allowable inputs values.
* Internal changes:
* adnshost: adh-opts.c: Whitespace adjustments to option table
* Build system and tests improvements
- Changes in 1.5.2
* Important security fixes:
CVE-2017-9103 CVE-2017-9104 CVE-2017-9105 CVE-2017-9109:
Vulnerable applications: all adns callers.
Exploitable by: the local recursive resolver.
Likely worst case: Remote code execution.
CVE-2017-9106:
Vulnerable applications: those that make SOA queries.
Exploitable by: upstream DNS data sources.
Likely worst case: DoS (crash of the adns-using application)
CVE-2017-9107:
Vulnerable applications: those that use adns_qf_quoteok_query.
Exploitable by: sources of query domain names.
Likely worst case: DoS (crash of the adns-using application)
OBS-URL: https://build.opensuse.org/request/show/814724
OBS-URL: https://build.opensuse.org/package/show/devel:libraries:c_c++/adns?expand=0&rev=29
- Update to 1.5.1
* Fix addr queries (including subqueries, ie including deferencing MX
lookups etc.) not to crash when one of the address queries returns
tempfail. Also, do not return a spurious pointer to the application
when one of the address queries returns a permanent error (although,
the application almost certainly won't use this pointer because the
associated count is zero).
* Portability fix for systems where socklen_t is bigger than int.
* Fix for malicious optimisation of memcpy in test suite, which
causes failure with gcc-4.1.9 -O3.
* Fix TCP async connect handling. The bug is hidden on Linux and on most
systems where the nameserver is on localhost. If it is not hidden,
adns's TCP support is broken unless adns_if_noautosys is used.
* adnsresfilter: Fix addrtextbuf buffer size. This is not actually a
problem in real compiled code but should be corrected.
* Properly include harness.h in adnstest.c in regress/. Suppresses
a couple of compiler warnings (implicit declaration of Texit, etc.)
- cleanup with spec-cleaner
OBS-URL: https://build.opensuse.org/request/show/539006
OBS-URL: https://build.opensuse.org/package/show/devel:libraries:c_c++/adns?expand=0&rev=25
