CVS commit: pkgsrc/net/libcares

To: pkgsrc-changes%NetBSD.org@localhost
Subject: CVS commit: pkgsrc/net/libcares
From: "Thomas Klausner" <wiz%netbsd.org@localhost>
Date: Tue, 10 Aug 2021 07:27:23 +0000

Module Name:    pkgsrc
Committed By:   wiz
Date:           Tue Aug 10 07:27:23 UTC 2021

Modified Files:
        pkgsrc/net/libcares: Makefile PLIST distinfo

Log Message:
libcares: update to 1.17.2.

c-ares version 1.17.2

This is a security and bugfix release.  It addresses a few security related
issues along with various bugfixes mostly related to portability.

Security:
 o NodeJS passes NULL for addr and 0 for addrlen to ares_parse_ptr_reply() on
   systems where malloc(0) returns NULL.  This would cause a crash. [8]
 o When building c-ares with CMake, the RANDOM_FILE would not be set and
   therefore downgrade to the less secure random number generator [12]
 o If ares_getaddrinfo() was terminated by an ares_destroy(), it would cause
   a crash [13]
 o Crash in sortaddrinfo() if the list size equals 0 due to an unexpected
   DNS response [14]
 o Expand number of escaped characters in DNS replies as per RFC1035 5.1 to
   prevent spoofing [16], [17]
 o Perform validation on hostnames to prevent possible XSS due to applications
   not performing valiation themselves [18]

Changes:
 o Use non-blocking /dev/urandom for random data to prevent early startup
   performance issues [5]
 o z/OS port [6]
 o ares_malloc(0) is now defined behavior (returns NULL) rather than
   system-specific to catch edge cases [7]

Bug fixes:
 o Fuzz testing files were not distributed with official archives [1]
 o Building tests should not force building of static libraries except on
   Windows [2]
 o Windows builds of the tools would fail if built as static due to a missing
   CARES_STATICLIB definition [3]
 o Relative headers must use double quotes to prevent pulling in a system
   library [4]
 o Fix OpenBSD building by implementing portability updates for including
   arpa/nameser.h [9]
 o Fix building out-of-tree for autotools [10]
 o Make install on MacOS/iOS with CMake was missing the bundle destination so
   libraries weren't actually installed [11]
 o Fix retrieving DNS server configuration on MacOS and iOS if the configuration
   did not include search domains [15]
 o ares_parse_a_reply and ares_parse_aaa_reply were erroneously using strdup()
   instead of ares_strdup() [19]


To generate a diff of this commit:
cvs rdiff -u -r1.29 -r1.30 pkgsrc/net/libcares/Makefile
cvs rdiff -u -r1.14 -r1.15 pkgsrc/net/libcares/PLIST
cvs rdiff -u -r1.22 -r1.23 pkgsrc/net/libcares/distinfo

Please note that diffs are not public domain; they are subject to the
copyright notices on the relevant files.

Modified files:

Index: pkgsrc/net/libcares/Makefile
diff -u pkgsrc/net/libcares/Makefile:1.29 pkgsrc/net/libcares/Makefile:1.30
--- pkgsrc/net/libcares/Makefile:1.29   Mon Nov 23 15:47:19 2020
+++ pkgsrc/net/libcares/Makefile        Tue Aug 10 07:27:23 2021
@@ -1,6 +1,6 @@
-# $NetBSD: Makefile,v 1.29 2020/11/23 15:47:19 wiz Exp $
+# $NetBSD: Makefile,v 1.30 2021/08/10 07:27:23 wiz Exp $
 
-DISTNAME=      c-ares-1.17.1
+DISTNAME=      c-ares-1.17.2
 PKGNAME=       ${DISTNAME:S/c-/libc/1}
 CATEGORIES=    net
 MASTER_SITES=  https://c-ares.haxx.se/download/

Index: pkgsrc/net/libcares/PLIST
diff -u pkgsrc/net/libcares/PLIST:1.14 pkgsrc/net/libcares/PLIST:1.15
--- pkgsrc/net/libcares/PLIST:1.14      Mon Nov 23 15:47:19 2020
+++ pkgsrc/net/libcares/PLIST   Tue Aug 10 07:27:23 2021
@@ -1,4 +1,4 @@
-@comment $NetBSD: PLIST,v 1.14 2020/11/23 15:47:19 wiz Exp $
+@comment $NetBSD: PLIST,v 1.15 2021/08/10 07:27:23 wiz Exp $
 bin/acountry
 bin/adig
 bin/ahost
@@ -13,7 +13,7 @@ lib/cmake/c-ares/c-ares-targets-noconfig
 lib/cmake/c-ares/c-ares-targets.cmake
 lib/libcares.so
 lib/libcares.so.2
-lib/libcares.so.2.4.2
+lib/libcares.so.2.4.3
 lib/libcares_static.a
 lib/pkgconfig/libcares.pc
 man/man1/acountry.1

Index: pkgsrc/net/libcares/distinfo
diff -u pkgsrc/net/libcares/distinfo:1.22 pkgsrc/net/libcares/distinfo:1.23
--- pkgsrc/net/libcares/distinfo:1.22   Mon Nov 23 15:47:19 2020
+++ pkgsrc/net/libcares/distinfo        Tue Aug 10 07:27:23 2021
@@ -1,6 +1,6 @@
-$NetBSD: distinfo,v 1.22 2020/11/23 15:47:19 wiz Exp $
+$NetBSD: distinfo,v 1.23 2021/08/10 07:27:23 wiz Exp $
 
-SHA1 (c-ares-1.17.1.tar.gz) = 431d5ff705db752f5d25e610827b7cb3653fc7ff
-RMD160 (c-ares-1.17.1.tar.gz) = 4e7f83785735951f2c22145743c238d78332f4cf
-SHA512 (c-ares-1.17.1.tar.gz) = b11887bcc9274d368088e1a8b6aca62414f20675cf0bc58e948f54fa04c327c39dd23cefe7509eec6397db14b550a3f6b77f5c18b3d735b3eef48ce2da1dcd00
-Size (c-ares-1.17.1.tar.gz) = 1518701 bytes
+SHA1 (c-ares-1.17.2.tar.gz) = 933d862f5877625003a212a7f825309af6517dea
+RMD160 (c-ares-1.17.2.tar.gz) = facbdff9395ab01e313d21565c87ee5e06aed1ab
+SHA512 (c-ares-1.17.2.tar.gz) = f625e0ef8508af6475d3e83b51ab29be8a4878e2a87e7f518bea046b76a74bfde7043ca6ec2a9e714c898ab9e5d4a5a678c3347a9f9eb68980438f7ca8ae3fc8
+Size (c-ares-1.17.2.tar.gz) = 1538276 bytes

Prev by Date: CVS commit: pkgsrc/doc
Next by Date: CVS commit: pkgsrc/doc
Previous by Thread: CVS commit: pkgsrc/doc
Next by Thread: CVS commit: pkgsrc/doc
Indexes:

Home | Main Index | Thread Index | Old Index