| Index | index by Group | index by Distribution | index by Vendor | index by creation date | index by Name | Mirrors | Help | Search |
| Name: libcares2 | Distribution: openSUSE Tumbleweed |
| Version: 1.30.0 | Vendor: openSUSE |
| Release: 1.1 | Build date: Mon Jun 10 13:36:09 2024 |
| Group: Unspecified | Build host: reproducible |
| Size: 207467 | Source RPM: c-ares-1.30.0-1.1.src.rpm |
| Packager: http://bugs.opensuse.org | |
| Url: https://c-ares.org/ | |
| Summary: Library for asynchronous name resolves | |
c-ares is a C library that performs DNS requests and name resolves asynchronously. c-ares is a fork of the library named 'ares', written by Greg Hudson at MIT. This package provides the shared libraries for c-ares.
MIT
* Mon Jun 10 2024 Adam Majer <adam.majer@suse.de>
- c-ares 1.30.0
Features:
* Basic support for SIG RR record (RFC 2931 / RFC 2535) [PR #773]
Changes:
* Validation that DNS strings can only consist of printable ascii characters
otherwise will trigger a parse failure. [75de16c] and [40fb125]
Bugfixes:
* QueryCache: Fix issue where purging on server changes wasn't working. [a6c8fe6]
- updated dowload URLs to point to github
- updated keyring to include Brad House DA7D64E4C82C6294CB73A20E22E3D13B5411B7CA
* Sun Jun 02 2024 jun wang <jgwang@suse.com>
- c-ares 1.29.0
Features:
* When using ARES_OPT_EVENT_THREAD, automatically reload
system configuration when network conditions change.
[PR #759]
* Apple: reimplement DNS configuration reading to more
accurately pull DNS settings. [PR #750]
* Add observability into DNS server health via a server state
callback, invoked whenever a query finishes. [PR #744]
* Add server failover retry behavior, where failed servers are
retried with small probability after a minimum delay.
[PR #731]
Changes:
* Mark ares_channel_t * as const in more places in the public
API. [PR #758]
Bugfixes:
* Due to a logic flaw dns name compression writing was not
properly implemented which would result in the name prefix not
being written for a partial match. This could cause issues in
various record types such as MX records when using the
deprecated API. Regression introduced in 1.28.0. [Issue #757]
* Revert OpenBSD SOCK_DNS flag, it doesn't do what the docs say
it does and causes c-ares to become non-functional. [PR #754]
* ares_getnameinfo(): loosen validation on salen parameter.
[Issue #752]
* cmake: Android requires C99. [PR #748]
* ares_queue_wait_empty() does not honor timeout_ms >= 0.
[Issue #742]
* Tue Apr 02 2024 Adam Majer <adam.majer@suse.de>
- c-ares 1.28.1
Features:
* Emit warnings when deprecated c-ares functions are used.
This can be disabled by passing a compiler definition of
`CARES_NO_DEPRECATED`. [PR #732]
* Add function `ares_search_dnsrec()` to search for records
using the new DNS record data structures. [PR #719]
* Rework internals to pass around `ares_dns_record_t` instead of
binary data, this introduces new public functions of
`ares_query_dnsrec()` and `ares_send_dnsrec()`. [PR #730]
Changes:
* tests: when performing simulated queries, reduce timeouts
to make tests run faster
* Replace configuration file parsers with memory-safe parser. [PR #725]
* Remove `acountry` completely, the manpage might still get
installed otherwise. [Issue #718]
Bugfixes:
* CMake: don't overwrite global required libraries/definitions/includes
which could cause build errors for projects chain building c-ares.
[Issue #729]
* On some platforms, `netinet6/in6.h` is not included by `netinet/in.h`
and needs to be included separately. [PR #728]
* Fix a potential memory leak in `ares_init()`. [Issue #724]
* Some platforms don't have the `isascii()` function.
Implement as a macro. [PR #721]
* CMake: Fix Chain building if CMAKE runtime paths not set
* NDots configuration should allow a value of zero. [PR #735]
* Mon Feb 26 2024 Adam Majer <adam.majer@suse.de>
- c-ares 1.27.0
Security:
* Moderate. CVE-2024-25629. Reading malformatted /etc/resolv.conf,
/etc/nsswitch.conf or the HOSTALIASES file could result in a crash.
GHSA-mg26-v6qh-x48q (CVE-2024-25629, bsc#1220279)
Features:
* New function ares_queue_active_queries() to retrieve number of in-flight
queries. PR #712
* New function ares_queue_wait_empty() to wait for the number of in-flight
queries to reach zero. PR #710
* New ARES_FLAG_NO_DEFLT_SVR for ares_init_options() to return a failure if
no DNS servers can be found rather than attempting to use 127.0.0.1. This
also introduces a new ares status code of ARES_ENOSERVER. PR #713
Changes:
* EDNS Packet size should be 1232 as per DNS Flag Day. PR #705
Bugfixes:
* Fix warning due to ignoring return code of write(). PR #709
* CMake: don't override target output locations if not top-level. Issue #708
* Fix building c-ares without thread support. PR #700
* Fri Feb 09 2024 Dominique Leuenberger <dimstar@opensuse.org>
- Ensure multibuild flavors result in different src names.
* Sat Feb 03 2024 Andreas Stieger <andreas.stieger@gmx.de>
- c-ares 1.26.0:
* Event Thread support. Integrators are no longer required to
monitor the file descriptors registered by c-ares for events
and call ares_process() when enabling the event thread feature
via ARES_OPT_EVENT_THREAD passed to ares_init_options().
* Added flags to are_dns_parse() to force RAW packet parsing
* Mark ares_fds() as deprecated
* Bug fixes
- move tests into a build flavor to avoid gtest/gmock build loop
* Mon Jan 08 2024 Adam Majer <adam.majer@suse.de> - 1.25
- Update to version 1.25
Changes:
o Rewrite ares_strsplit() as a wrapper for ares__buf_split() for memory
safety reasons.
o The ahost utility now uses ares_getaddrinfo() and returns both IPv4 and
IPv6 addresses by default.
Bug Fixes:
o Tests: Live reverse lookups for Google's public DNS servers no longer
return results, replace with CloudFlare pubic DNS servers.
o Connection failures should increment the server failure count first or a
retry might be enqueued to the same server
o On systems that don't implement the ability to enumerate network interfaces
the stubs used the wrong prototype.
o Fix minor warnings and documentation typos
o Fix support for older GoogleTest versions
o getrandom() may require sys/random.h on some systems.
o Fix building tests with symbol hiding enabled.
- 0001-Use-RPM-compiler-options.patch: dropped, obsolete
* Tue Jan 02 2024 Adam Majer <adam.majer@suse.de> - 1.24
- Update to version 1.24
Features:
* Add support for IPv6 link-local DNS servers. Nameserver formats
can now accept the 0face suffix, and a new ares_get_servers_csv()
function was added to return servers that can contain the link-local
interface name.
Changes:
* Unbundle GoogleTest for test cases. Package maintainers will now
need torequire GoogleTest (GMock) as a build dependency if
building tests. New GoogleTest versions require C++14 or later.
* Replace nameserver parsing code to use new memory-safe functions.
* Replace the sortlist parser with new memory-safe functions.
* Various warning fixes and dead code removal.
Bugfixes:
* Old Linux versions require POSIX_C_SOURCE or _GNU_SOURCE to
compile with thread safety support
* A non-responsive DNS server that caused timeouts wouldn't
increment thefailure count, this would lead to other servers
not being tried. Regression introduced in 1.22.0
* Some projects that depend on c-ares expect invalid parameter
option valuespassed into ares_init_options() to simply be
ignored. This behavior has been restored
* getrandom() can fail if the kernel doesn't support
the syscall, fall back to another random source
* ares_cancel() when performing ares_gethostbyname() or
ares_getaddrinfo()with AF_UNSPEC, if called after one address
class was returned but before the other address class, it
would return ARES_SUCCESS rather than ARES_ECANCELLED
- disable-live-tests.patch: dropped, not needed
* Fri Dec 01 2023 Adam Majer <adam.majer@suse.de> - 1.23
- Update to version 1.23
Features:
Introduce optional (but on by default) thread-safety for the c-ares library. This has no API nor ABI implications.
resolv.conf in modern systems uses attempts and timeouts options instead of the old retrans and retry options.
Query caching support based on TTL of responses. Can be enabled via ares_init_options() with ARES_OPT_QUERY_CACHE.
Bugfixes:
ares_init_options() for ARES_OPT_UDP_PORT and ARES_OPT_TCP_PORT accept theport in host byte order, but it was reading it as network byte order. Regression introduced in 1.20.0.
ares_init_options() for ARES_FLAG_NOSEARCH was not being honored forares_getaddrinfo() or ares_gethostbyname(). Regression introduced in 1.16.0.
Autotools MacOS and iOS version check was failing
Environment variables passed to c-ares are meant to be an override for system configuration. Regression introduced in 1.22.0.
Spelling fixes as detected by codespell.
The timeout returned by ares_timeout() was truncated to milliseconds butvalidated to microseconds which could cause a user to attempt to process timeouts prior to the timeout actually expiring.
CMake was not honoring CXXFLAGS passed in via the environment which couldcause compile and link errors with distribution hardening flags during packaging.
Fix Windows UWP and Cygwin compilation.
ares_set_servers_*() for legacy reasons needs to accept an empty server listand zero out all servers. This results in an inoperable channel and thus is only used in simulation testing, but we don't want to break users. Regression introduced in 1.21.0.
Changes in version 1.22.1
Bugfixes:
Fix /etc/hosts processing performance with all entries using same IPaddress. Large hosts files using the same IP address for all entries could use exponential time.
Fix typos in manpages
Fix OpenWatcom building
Changes in version 1.22.0
Features:
ares_reinit() is now implemented to re-read any system configuration and immediately apply to an existing ares channel
The adig command line program has been rewritten and its format now more closely matches that of BIND's dig utility
The new DNS message parser and writer functions have now been made public
RFC9460 HTTPS and SVCB records are now supported
RFC6698 TLSA records are now supported
The server list is now internally dynamic and can be changed without impacting existing queries
Hosts file processing is now cached until the file is detected to be changed to speed up repetitive lookups of large hosts files
Changes:
Internally all DNS messages are now written using the new DNS writing functions
EDNS is now enabled by default
Internal cleanups in function prototypes
Bugfixes:
Randomize retry penalties to prevent thundering herd issues when dns servers throttle requests
Fix Windows build error for missing if_indextoname()
* Sat Oct 28 2023 Andreas Stieger <andreas.stieger@gmx.de>
- update to 1.21.0:
* Replace multiple DNS hand-made parsers with new memory-safe DNS
message parser
* developer visible changes and bug fixes
* Tue Oct 10 2023 Adam Majer <adam.majer@suse.de> - 1.20.1
- Update to version 1.20.1
* Remove bin/acountry from built tools as nerd.dk is gone
* Default per-query timeout has been reduced to 2s with a 3x retry count
* rand: add support for getrandom()
Bug fixes:
* TCP back to back queries were broken
* Ensure queries for ares_getaddrinfo() are not requeued during
destruction
* ares_getaddrinfo() should not retry other address classes if
one address class has already been returned
* Avoid production ill-formed result when qualifying a name
with the root domain
* Fix missing prefix for CMake generated libcares.pc
* DNS server ports can now be read from system configuration
instead of defaulting to port 53, aka openBSD resolv.conf format
* Replace usages of sprintf with snprintf
* Mon May 22 2023 Adam Majer <adam.majer@suse.de>
- Update to version 1.19.1
Security:
* CVE-2023-32067. High. 0-byte UDP payload causes Denial of Service
(bsc#1211604)
* CVE-2023-31147 Moderate. Insufficient randomness in generation
of DNS query IDs (bsc#1211605)
* CVE-2023-31130. Moderate. Buffer Underwrite in
ares_inet_net_pton() (bsc#1211606)
* CVE-2023-31124. Low. AutoTools does not set CARES_RANDOM_FILE
during cross compilation (bsc#1211607)
Bug fixes:
* Fix uninitialized memory warning in test
* ares_getaddrinfo() should allow a port of 0
* Fix memory leak in ares_send() on error
* Fix comment style in ares_data.h
* Fix typo in ares_init_options.3
* Sync ax_pthread.m4 with upstream
* Sync ax_cxx_compile_stdcxx_11.m4 with upstream to fix uclibc support
* Sun Jan 29 2023 Martin Hauke <mardnh@gmx.de>
- Update to version 1.19.0
Security:
* Low. Stack overflow in ares_set_sortlist() which is used
during c-ares initialization and typically provided by an
administrator and not an end user.
(bsc#1208067, CVE-2022-4904)
Changes:
* Add ARES_OPT_HOSTS_FILE similar to ARES_OPT_RESOLVCONF for
specifying a custom hosts file location.
Bug fixes:
* Fix memory leak in reading /etc/hosts when using localhost
fallback.
* Fix chain building c-ares when libresolv is already included by
another project.
* File lookup should not immediately abort as there may be other
tries due to search criteria.
* Asterisks should be allowed in host validation as CNAMEs may
reference wildcard domains.
* AutoTools build system referenced bad STDC_HEADERS macro.
* Even if one address class returns a failure for
ares_getaddrinfo() we should still return the results we have.
* Fix ares_getaddrinfo() numerical address resolution with
AF_UNSPEC
* Fix tools and help information.
* Various documentation fixes and cleanups.
* Add include guards to ares_data.h
* c-ares could try to exceed maximum number of iovec entries
supported by system.
* The RFC6761 6.3 states localhost subdomains must be offline too
* Tue Dec 07 2021 Adam Majer <adam.majer@suse.de>
- update to 1.18.1. Changes since 1.17.2:
* Allow '/' as a valid character for a returned name for
CNAME in-addr.arpa delegation
* no longer forwards requests for localhost resolution per RFC6761
* During a domain search, treat ARES_ENODATA as ARES_NXDOMAIN so
that the search process will continue to the next domain
in the search.
* Provide ares_nameser.h as a public interface as needed by NodeJS
* Add support for URI(Uniform Resource Identifier) records via
ares_parse_uri_reply()
- disable unit tests for SLE12 since GCC compiler too old to build
unit tests
- 5c995d5.patch: upstreamed
- disable-live-tests.patch: refreshed
* Thu Sep 09 2021 Adam Majer <adam.majer@suse.de>
- new upstream website
- drop multibuild - tests do not require static library anymore
- spec file cleanup
- drop sources that were re-added to upstream distibution
(c-ares-config.cmake.in ares_dns.h libcares.pc.cmake)
* Wed Sep 08 2021 Adam Majer <adam.majer@suse.de>
- 5c995d5.patch: augment input validation on hostnames to allow _
as part of DNS response (bsc#1190225)
* Thu Aug 12 2021 Adam Majer <adam.majer@suse.de>
- update to 1.17.2:
Security:
* When building c-ares with CMake, the RANDOM_FILE would not be set
and therefore downgrade to the less secure random number generator
* If ares_getaddrinfo() was terminated by an ares_destroy(),
it would cause a crash
* Crash in sortaddrinfo() if the list size equals 0 due to
an unexpected DNS response
* Expand number of escaped characters in DNS replies as per
RFC1035 5.1 to prevent spoofing follow-up
(bsc#1188881, CVE-2021-3672)
* Perform validation on hostnames to prevent possible XSS
due to applications not performing valiation themselves
Changes:
* ares_malloc(0) is now defined behavior (returns NULL) rather than system-specific to catch edge cases
Bug fixes:
* Building tests should not force building of static libraries except on Windows
* Relative headers must use double quotes to prevent pulling in a system library
for details see,
https://c-ares.haxx.se/changelog.html#1_17_2
* Sat Jan 16 2021 Dirk Müller <dmueller@suse.com>
- update to 1.17.1:
Travis: add iOS target built with CMake (#378)
Issue #377 suggested that CMake builds for iOS with c-ares were broken. This PR adds an automatic Travis build for iOS CMake.
- fix build
External projects were using non-public header ares_dns.h, make public again (#376)
It appears some outside projects were relying on macros in ares_dns.h, even
though it doesn't appear that header was ever meant to be public. That said,
we don't want to break external integrators so we should distribute this header
again.
- note that so versioning has moved to configure.ac
- note about 1.17.1
- fix sed gone wrong
autotools cleanup (#372)
* buildconf: remove custom logic with autoreconf
- remove missing_header.patch (upstream)
/usr/lib/libcares.so.2 /usr/lib/libcares.so.2.15.0 /usr/share/licenses/libcares2 /usr/share/licenses/libcares2/LICENSE.md
Generated by rpm2html 1.8.1
Fabrice Bellet, Wed Oct 30 00:56:19 2024