diff --git a/c-ares-1.17.1.tar.gz b/c-ares-1.17.1.tar.gz deleted file mode 100644 index a3de7d8..0000000 --- a/c-ares-1.17.1.tar.gz +++ /dev/null @@ -1,3 +0,0 @@ -version https://git-lfs.github.com/spec/v1 -oid sha256:d73dd0f6de824afd407ce10750ea081af47eba52b8a6cb307d220131ad93fc40 -size 1518701 diff --git a/c-ares-1.17.1.tar.gz.asc b/c-ares-1.17.1.tar.gz.asc deleted file mode 100644 index 527e1fb..0000000 --- a/c-ares-1.17.1.tar.gz.asc +++ /dev/null @@ -1,11 +0,0 @@ ------BEGIN PGP SIGNATURE----- - -iQEzBAABCgAdFiEEJ+3q8i86vOtQ25oSXMkI/bceEsIFAl+2n+oACgkQXMkI/bce -EsIMuQf/aWfEbS3LtGc7BhK2o/YGkrF29sgort4oANMMrvbF9eKezYER2FOG+UW4 -4MGhAORCPNZF5arF/6ctEOSgWFuKIPD+tdirX+zX+io6yCIARGAqXQrjUA7TbwUu -9jb8ose5PXUfkh8zeU3xLjcWeq4GUKp4HRypP94EbkzzpHOfgJulJPd6QzSpn7Gd -uNNw9dRwhyM4N47QXdCLZyJzuOqcLX7SDbMbRNH7Li093ReqYhxOY9qzJITvfmfq -NMHvshlsdnK/Rw+v6TQS5PbHdx7y4bTQjYwgENxC+EIPLJ2lYRAaHFKlgFdgfX5x -UkNOhAMltsnTjfIz8RGDk12Wd0Vssw== -=iWz7 ------END PGP SIGNATURE----- diff --git a/c-ares-1.17.2.tar.gz b/c-ares-1.17.2.tar.gz new file mode 100644 index 0000000..554acec --- /dev/null +++ b/c-ares-1.17.2.tar.gz @@ -0,0 +1,3 @@ +version https://git-lfs.github.com/spec/v1 +oid sha256:4803c844ce20ce510ef0eb83f8ea41fa24ecaae9d280c468c582d2bb25b3913d +size 1538276 diff --git a/c-ares-1.17.2.tar.gz.asc b/c-ares-1.17.2.tar.gz.asc new file mode 100644 index 0000000..0779797 --- /dev/null +++ b/c-ares-1.17.2.tar.gz.asc @@ -0,0 +1,11 @@ +-----BEGIN PGP SIGNATURE----- + +iQEzBAABCgAdFiEEJ+3q8i86vOtQ25oSXMkI/bceEsIFAmESGOwACgkQXMkI/bce +EsIyCwf/aKIZjd/ziFBwGNwLpk5DH62e5tr1sL7BwW8F7TiGjKnvglScxxauraM8 +qCVYP6rkCV3aeSg2yEfYI8slrllek6J8iciIN0Y7a7Vd9epVWfSMLq1GNeR+NPB/ +aAFak21vIk2QaLYZk+z4s4pmWN2bvwWJxGG3Tdohr9/W5f3kdbYVrdCE3nWFgCQ6 +/vqG0SACZufgjiEG6vYf2Mhmit9MY+I1LmuR3LrGO2iLMfS69z7GzBS6d015mAHP +Gm2qLdNBdWyfoMBi7vEMef0/C336UQ1mNyxThw9vHVXr/Fao+ZSL0NJgiZ0ggtKi +ojAIChIOwOGMcTy8TBmEyNxf7OIsFA== +=/P5j +-----END PGP SIGNATURE----- diff --git a/c-ares.changes b/c-ares.changes index 3cfebcc..2cd86bf 100644 --- a/c-ares.changes +++ b/c-ares.changes @@ -1,3 +1,30 @@ +------------------------------------------------------------------- +Thu Aug 12 13:59:07 UTC 2021 - Adam Majer + +- update to 1.17.2: + Security: + * When building c-ares with CMake, the RANDOM_FILE would not be set + and therefore downgrade to the less secure random number generator + * If ares_getaddrinfo() was terminated by an ares_destroy(), + it would cause a crash + * Crash in sortaddrinfo() if the list size equals 0 due to + an unexpected DNS response + * Expand number of escaped characters in DNS replies as per + RFC1035 5.1 to prevent spoofing follow-up + (bsc#1188881, CVE-2021-3672) + * Perform validation on hostnames to prevent possible XSS + due to applications not performing valiation themselves + + Changes: + * ares_malloc(0) is now defined behavior (returns NULL) rather than system-specific to catch edge cases + + Bug fixes: + * Building tests should not force building of static libraries except on Windows + * Relative headers must use double quotes to prevent pulling in a system library + +for details see, +https://c-ares.haxx.se/changelog.html#1_17_2 + ------------------------------------------------------------------- Sat Jan 16 15:05:28 UTC 2021 - Dirk Müller diff --git a/c-ares.spec b/c-ares.spec index 66321a0..0ad16f1 100644 --- a/c-ares.spec +++ b/c-ares.spec @@ -41,7 +41,7 @@ ExclusiveArch: do_not_build %endif Name: %{pname} -Version: 1.17.1 +Version: 1.17.2 Release: 0 Summary: Library for asynchronous name resolves License: MIT @@ -131,7 +131,7 @@ cp %{S:7} include %check pushd build %cmake_build -C test -./bin/arestest +LD_LIBRARY_PATH=.%_libdir:./%_lib ./bin/arestest %endif %if !%{with tests}