SEARCH
NEW RPMS
DIRECTORIES
ABOUT
FAQ
VARIOUS
BLOG

 
 
Changelog for c-ares-debugsource-1.26.0-1.1.i586.rpm :

* Fri Feb 09 2024 Dominique Leuenberger - Ensure multibuild flavors result in different src names.
* Sat Feb 03 2024 Andreas Stieger - c-ares 1.26.0:
* Event Thread support. Integrators are no longer required to monitor the file descriptors registered by c-ares for events and call ares_process() when enabling the event thread feature via ARES_OPT_EVENT_THREAD passed to ares_init_options().
* Added flags to are_dns_parse() to force RAW packet parsing
* Mark ares_fds() as deprecated
* Bug fixes- move tests into a build flavor to avoid gtest/gmock build loop
* Mon Jan 08 2024 Adam Majer - 1.25- Update to version 1.25 Changes: o Rewrite ares_strsplit() as a wrapper for ares__buf_split() for memory safety reasons. o The ahost utility now uses ares_getaddrinfo() and returns both IPv4 and IPv6 addresses by default. Bug Fixes: o Tests: Live reverse lookups for Google\'s public DNS servers no longer return results, replace with CloudFlare pubic DNS servers. o Connection failures should increment the server failure count first or a retry might be enqueued to the same server o On systems that don\'t implement the ability to enumerate network interfaces the stubs used the wrong prototype. o Fix minor warnings and documentation typos o Fix support for older GoogleTest versions o getrandom() may require sys/random.h on some systems. o Fix building tests with symbol hiding enabled.- 0001-Use-RPM-compiler-options.patch: dropped, obsolete
* Tue Jan 02 2024 Adam Majer - 1.24- Update to version 1.24 Features:
* Add support for IPv6 link-local DNS servers. Nameserver formats can now accept the 0face suffix, and a new ares_get_servers_csv() function was added to return servers that can contain the link-local interface name. Changes:
* Unbundle GoogleTest for test cases. Package maintainers will now need torequire GoogleTest (GMock) as a build dependency if building tests. New GoogleTest versions require C++14 or later.
* Replace nameserver parsing code to use new memory-safe functions.
* Replace the sortlist parser with new memory-safe functions.
* Various warning fixes and dead code removal. Bugfixes:
* Old Linux versions require POSIX_C_SOURCE or _GNU_SOURCE to compile with thread safety support
* A non-responsive DNS server that caused timeouts wouldn\'t increment thefailure count, this would lead to other servers not being tried. Regression introduced in 1.22.0
* Some projects that depend on c-ares expect invalid parameter option valuespassed into ares_init_options() to simply be ignored. This behavior has been restored
* getrandom() can fail if the kernel doesn\'t support the syscall, fall back to another random source
* ares_cancel() when performing ares_gethostbyname() or ares_getaddrinfo()with AF_UNSPEC, if called after one address class was returned but before the other address class, it would return ARES_SUCCESS rather than ARES_ECANCELLED- disable-live-tests.patch: dropped, not needed
* Fri Dec 01 2023 Adam Majer - 1.23- Update to version 1.23 Features: Introduce optional (but on by default) thread-safety for the c-ares library. This has no API nor ABI implications. resolv.conf in modern systems uses attempts and timeouts options instead of the old retrans and retry options. Query caching support based on TTL of responses. Can be enabled via ares_init_options() with ARES_OPT_QUERY_CACHE. Bugfixes: ares_init_options() for ARES_OPT_UDP_PORT and ARES_OPT_TCP_PORT accept theport in host byte order, but it was reading it as network byte order. Regression introduced in 1.20.0. ares_init_options() for ARES_FLAG_NOSEARCH was not being honored forares_getaddrinfo() or ares_gethostbyname(). Regression introduced in 1.16.0. Autotools MacOS and iOS version check was failing Environment variables passed to c-ares are meant to be an override for system configuration. Regression introduced in 1.22.0. Spelling fixes as detected by codespell. The timeout returned by ares_timeout() was truncated to milliseconds butvalidated to microseconds which could cause a user to attempt to process timeouts prior to the timeout actually expiring. CMake was not honoring CXXFLAGS passed in via the environment which couldcause compile and link errors with distribution hardening flags during packaging. Fix Windows UWP and Cygwin compilation. ares_set_servers_
*() for legacy reasons needs to accept an empty server listand zero out all servers. This results in an inoperable channel and thus is only used in simulation testing, but we don\'t want to break users. Regression introduced in 1.21.0. Changes in version 1.22.1 Bugfixes: Fix /etc/hosts processing performance with all entries using same IPaddress. Large hosts files using the same IP address for all entries could use exponential time. Fix typos in manpages Fix OpenWatcom building Changes in version 1.22.0 Features: ares_reinit() is now implemented to re-read any system configuration and immediately apply to an existing ares channel The adig command line program has been rewritten and its format now more closely matches that of BIND\'s dig utility The new DNS message parser and writer functions have now been made public RFC9460 HTTPS and SVCB records are now supported RFC6698 TLSA records are now supported The server list is now internally dynamic and can be changed without impacting existing queries Hosts file processing is now cached until the file is detected to be changed to speed up repetitive lookups of large hosts files Changes: Internally all DNS messages are now written using the new DNS writing functions EDNS is now enabled by default Internal cleanups in function prototypes Bugfixes: Randomize retry penalties to prevent thundering herd issues when dns servers throttle requests Fix Windows build error for missing if_indextoname()
* Sat Oct 28 2023 Andreas Stieger - update to 1.21.0:
* Replace multiple DNS hand-made parsers with new memory-safe DNS message parser
* developer visible changes and bug fixes
* Tue Oct 10 2023 Adam Majer - 1.20.1- Update to version 1.20.1
* Remove bin/acountry from built tools as nerd.dk is gone
* Default per-query timeout has been reduced to 2s with a 3x retry count
* rand: add support for getrandom() Bug fixes:
* TCP back to back queries were broken
* Ensure queries for ares_getaddrinfo() are not requeued during destruction
* ares_getaddrinfo() should not retry other address classes if one address class has already been returned
* Avoid production ill-formed result when qualifying a name with the root domain
* Fix missing prefix for CMake generated libcares.pc
* DNS server ports can now be read from system configuration instead of defaulting to port 53, aka openBSD resolv.conf format
* Replace usages of sprintf with snprintf
* Mon May 22 2023 Adam Majer - Update to version 1.19.1 Security:
* CVE-2023-32067. High. 0-byte UDP payload causes Denial of Service (bsc#1211604)
* CVE-2023-31147 Moderate. Insufficient randomness in generation of DNS query IDs (bsc#1211605)
* CVE-2023-31130. Moderate. Buffer Underwrite in ares_inet_net_pton() (bsc#1211606)
* CVE-2023-31124. Low. AutoTools does not set CARES_RANDOM_FILE during cross compilation (bsc#1211607) Bug fixes:
* Fix uninitialized memory warning in test
* ares_getaddrinfo() should allow a port of 0
* Fix memory leak in ares_send() on error
* Fix comment style in ares_data.h
* Fix typo in ares_init_options.3
* Sync ax_pthread.m4 with upstream
* Sync ax_cxx_compile_stdcxx_11.m4 with upstream to fix uclibc support
* Sun Jan 29 2023 Martin Hauke - Update to version 1.19.0 Security:
* Low. Stack overflow in ares_set_sortlist() which is used during c-ares initialization and typically provided by an administrator and not an end user. (bsc#1208067, CVE-2022-4904) Changes:
* Add ARES_OPT_HOSTS_FILE similar to ARES_OPT_RESOLVCONF for specifying a custom hosts file location. Bug fixes:
* Fix memory leak in reading /etc/hosts when using localhost fallback.
* Fix chain building c-ares when libresolv is already included by another project.
* File lookup should not immediately abort as there may be other tries due to search criteria.
* Asterisks should be allowed in host validation as CNAMEs may reference wildcard domains.
* AutoTools build system referenced bad STDC_HEADERS macro.
* Even if one address class returns a failure for ares_getaddrinfo() we should still return the results we have.
* Fix ares_getaddrinfo() numerical address resolution with AF_UNSPEC
* Fix tools and help information.
* Various documentation fixes and cleanups.
* Add include guards to ares_data.h
* c-ares could try to exceed maximum number of iovec entries supported by system.
* The RFC6761 6.3 states localhost subdomains must be offline too
* Tue Dec 07 2021 Adam Majer - update to 1.18.1. Changes since 1.17.2:
* Allow \'/\' as a valid character for a returned name for CNAME in-addr.arpa delegation
* no longer forwards requests for localhost resolution per RFC6761
* During a domain search, treat ARES_ENODATA as ARES_NXDOMAIN so that the search process will continue to the next domain in the search.
* Provide ares_nameser.h as a public interface as needed by NodeJS
* Add support for URI(Uniform Resource Identifier) records via ares_parse_uri_reply()- disable unit tests for SLE12 since GCC compiler too old to build unit tests- 5c995d5.patch: upstreamed- disable-live-tests.patch: refreshed
* Thu Sep 09 2021 Adam Majer - new upstream website- drop multibuild - tests do not require static library anymore- spec file cleanup- drop sources that were re-added to upstream distibution (c-ares-config.cmake.in ares_dns.h libcares.pc.cmake)
* Wed Sep 08 2021 Adam Majer - 5c995d5.patch: augment input validation on hostnames to allow _ as part of DNS response (bsc#1190225)
* Thu Aug 12 2021 Adam Majer - update to 1.17.2: Security:
* When building c-ares with CMake, the RANDOM_FILE would not be set and therefore downgrade to the less secure random number generator
* If ares_getaddrinfo() was terminated by an ares_destroy(), it would cause a crash
* Crash in sortaddrinfo() if the list size equals 0 due to an unexpected DNS response
* Expand number of escaped characters in DNS replies as per RFC1035 5.1 to prevent spoofing follow-up (bsc#1188881, CVE-2021-3672)
* Perform validation on hostnames to prevent possible XSS due to applications not performing valiation themselves Changes:
* ares_malloc(0) is now defined behavior (returns NULL) rather than system-specific to catch edge cases Bug fixes:
* Building tests should not force building of static libraries except on Windows
* Relative headers must use double quotes to prevent pulling in a system library for details see, https://c-ares.haxx.se/changelog.html#1_17_2
* Sat Jan 16 2021 Dirk Müller - update to 1.17.1: Travis: add iOS target built with CMake (#378) Issue #377 suggested that CMake builds for iOS with c-ares were broken. This PR adds an automatic Travis build for iOS CMake. - fix build External projects were using non-public header ares_dns.h, make public again (#376) It appears some outside projects were relying on macros in ares_dns.h, even though it doesn\'t appear that header was ever meant to be public. That said, we don\'t want to break external integrators so we should distribute this header again. - note that so versioning has moved to configure.ac - note about 1.17.1 - fix sed gone wrong autotools cleanup (#372)
* buildconf: remove custom logic with autoreconf- remove missing_header.patch (upstream)
  
ICM