Index index by Group index by Distribution index by Vendor index by creation date index by Name Mirrors Help Search

libcares2-1.19.1-150000.3.26.1 RPM for s390x

From OpenSuSE Leap 15.6 for s390x

Name: libcares2 Distribution: SUSE Linux Enterprise 15
Version: 1.19.1 Vendor: SUSE LLC <https://www.suse.com/>
Release: 150000.3.26.1 Build date: Mon Feb 26 15:46:49 2024
Group: Unspecified Build host: s390zl34
Size: 105278 Source RPM: c-ares-1.19.1-150000.3.26.1.src.rpm
Packager: https://www.suse.com/
Url: https://c-ares.org/
Summary: Library for asynchronous name resolves
c-ares is a C library that performs DNS requests and name resolves
asynchronously. c-ares is a fork of the library named 'ares', written
by Greg Hudson at MIT.

This package provides the shared libraries for c-ares.

Provides

Requires

License

MIT

Changelog

* Mon Feb 26 2024 adam.majer@suse.de
  - CVE-2024-25629.patch: fix out of bounds read in ares__read_line()
    (bsc#1220279, CVE-2024-25629)
* Mon May 22 2023 adam.majer@suse.de
  - Update to version 1.19.1
    Security:
    * CVE-2023-32067. High. 0-byte UDP payload causes Denial of Service
      (bsc#1211604)
    * CVE-2023-31147 Moderate. Insufficient randomness in generation
      of DNS query IDs (bsc#1211605)
    * CVE-2023-31130. Moderate. Buffer Underwrite in
      ares_inet_net_pton() (bsc#1211606)
    * CVE-2023-31124. Low. AutoTools does not set CARES_RANDOM_FILE
      during cross compilation (bsc#1211607)
    Bug fixes:
    * Fix uninitialized memory warning in test
    * ares_getaddrinfo() should allow a port of 0
    * Fix memory leak in ares_send() on error
    * Fix comment style in ares_data.h
    * Fix typo in ares_init_options.3
    * Sync ax_pthread.m4 with upstream
    * Sync ax_cxx_compile_stdcxx_11.m4 with upstream to fix uclibc support
* Sun Jan 29 2023 mardnh@gmx.de
  - Update to version 1.19.0
    Security:
    * Low. Stack overflow in ares_set_sortlist() which is used
      during c-ares initialization and typically provided by an
      administrator and not an end user.
      (bsc#1208067, CVE-2022-4904)
    Changes:
    * Add ARES_OPT_HOSTS_FILE similar to ARES_OPT_RESOLVCONF for
      specifying a custom hosts file location.
    Bug fixes:
    * Fix memory leak in reading /etc/hosts when using localhost
      fallback.
    * Fix chain building c-ares when libresolv is already included by
      another project.
    * File lookup should not immediately abort as there may be other
      tries due to search criteria.
    * Asterisks should be allowed in host validation as CNAMEs may
      reference wildcard domains.
    * AutoTools build system referenced bad STDC_HEADERS macro.
    * Even if one address class returns a failure for
      ares_getaddrinfo() we should still return the results we have.
    * Fix ares_getaddrinfo() numerical address resolution with
      AF_UNSPEC
    * Fix tools and help information.
    * Various documentation fixes and cleanups.
    * Add include guards to ares_data.h
    * c-ares could try to exceed maximum number of iovec entries
      supported by system.
    * The RFC6761 6.3 states localhost subdomains must be offline too
* Tue Dec 07 2021 adam.majer@suse.de
  - update to 1.18.1. Changes since 1.17.2:
    * Allow '/' as a valid character for a returned name for
      CNAME in-addr.arpa delegation
    * no longer forwards requests for localhost resolution per RFC6761
    * During a domain search, treat ARES_ENODATA as ARES_NXDOMAIN so
      that the search process will continue to the next domain
      in the search.
    * Provide ares_nameser.h as a public interface as needed by NodeJS
    * Add support for URI(Uniform Resource Identifier) records via
      ares_parse_uri_reply()
  - disable unit tests for SLE12 since GCC compiler too old to build
    unit tests
  - 5c995d5.patch: upstreamed
  - disable-live-tests.patch: refreshed
* Thu Sep 09 2021 adam.majer@suse.de
  - new upstream website
  - drop multibuild - tests do not require static library anymore
  - spec file cleanup
  - drop sources that were re-added to upstream distibution
    (c-ares-config.cmake.in ares_dns.h libcares.pc.cmake)
* Wed Sep 08 2021 adam.majer@suse.de
  - 5c995d5.patch: augment input validation on hostnames to allow _
    as part of DNS response (bsc#1190225)
* Thu Aug 12 2021 adam.majer@suse.de
  - update to 1.17.2:
    Security:
    * When building c-ares with CMake, the RANDOM_FILE would not be set
      and therefore downgrade to the less secure random number generator
    * If ares_getaddrinfo() was terminated by an ares_destroy(),
      it would cause a crash
    * Crash in sortaddrinfo() if the list size equals 0 due to
      an unexpected DNS response
    * Expand number of escaped characters in DNS replies as per
      RFC1035 5.1 to prevent spoofing follow-up
      (bsc#1188881, CVE-2021-3672)
    * Perform validation on hostnames to prevent possible XSS
      due to applications not performing valiation themselves
    Changes:
    * ares_malloc(0) is now defined behavior (returns NULL) rather than system-specific to catch edge cases
    Bug fixes:
    * Building tests should not force building of static libraries except on Windows
    * Relative headers must use double quotes to prevent pulling in a system library
    for details see,
    https://c-ares.haxx.se/changelog.html#1_17_2
* Sat Jan 16 2021 dmueller@suse.com
  - update to 1.17.1:
      Travis: add iOS target built with CMake (#378)
      Issue #377 suggested that CMake builds for iOS with c-ares were broken. This PR adds an automatic Travis build for iOS CMake.
    - fix build
      External projects were using non-public header ares_dns.h, make public again (#376)
      It appears some outside projects were relying on macros in ares_dns.h, even
      though it doesn't appear that header was ever meant to be public.  That said,
      we don't want to break external integrators so we should distribute this header
      again.
    - note that so versioning has moved to configure.ac
    - note about 1.17.1
    - fix sed gone wrong
      autotools cleanup (#372)
    * buildconf: remove custom logic with autoreconf
  - remove missing_header.patch (upstream)
* Sat Nov 21 2020 mrueckert@suse.de
  - add BR for pkg-config to get the provides in the devel package
* Thu Nov 19 2020 adam.majer@suse.de
  - ares_dns.h, missing_header.patch: re-add missing header in last release
* Tue Nov 17 2020 adam.majer@suse.de
  - Version update to 1.17.0
    Security:
    * avoid read-heap-buffer-overflow in ares_parse_soa_reply found during
      fuzzing
    * Avoid theoretical buffer overflow in RC4 loop comparison
    * Empty hquery->name could lead to invalid memory access
    * ares_parse_{a,aaaa}_reply() could return a larger *naddrttls than was
      passed in (bsc#1178882, CVE-2020-8277)
    Changes:
    * Update help information for adig, acountry, and ahost
    * Test Suite now uses dynamic system-assigned ports rather than hardcoded
      ports to prevent failures in containers
    * Detect remote DNS server does not support EDNS using rules from RFC 6891
    * Source tree has been reorganized to use a more modern layout
    * Allow parsing of CAA Resource Record
    Bug fixes:
    * readaddrinfo bad sizeof()
    * Test cases should honor HAVE_WRITEV flag, not depend on WIN32
    * FQDN with trailing period should be queried first
    * ares_getaddrinfo() was returning members of the struct as garbage values if
      unset, and was not honoring ai_socktype and ai_protocol hints.
    * ares_gethostbyname() with AF_UNSPEC and an ip address would fail
    * Properly document ares_set_local_ip4() uses host byte order
    For details, see https://c-ares.haxx.se/changelog.html
  - add missing upstream sources, to be removed for next release
  - remove unnecessary BuildRequires
  - fix building on SLE12 systems
* Fri Sep 11 2020 tchvatal@suse.com
  - simplify conditions bit to make it tad more readable
* Thu Sep 10 2020 badshah400@gmail.com
  - Implement multibuild specfile to split out tests into its own
    flavor; this way we can build and run tests, which require
    static lib, as well as avoid packaging the latter without issues
    with the installed cmake file..
* Wed Jul 08 2020 elimat@opensuse.org
  - Version update to 1.16.1
    Security:
    * Prevent possible use-after-free and double-free in ares_getaddrinfo() if
      ares_destroy() is called prior to ares_getaddrinfo() completing.
    Reported by Jann Horn at Google Project Zero.
    Changes:
    * Allow TXT records on CHAOS qclass. Used for retriving things like
      version.bind, version.server, authoris.bind, hostname.bind, and id.server. [3]
    Bug fixes:
    * Fix Windows Unicode incompatibilities with ares_getaddrinfo() [1]
    * Silence false cast-align compiler warnings due to valid casts of struct
      sockaddr to struct sockaddr_in and struct sockaddr_in6.
    * MacOS should use libresolv for retrieving DNS servers, like iOS
    * CMake build system should populate the INCLUDE_DIRECTORIES property of
      installed targets [2]
    * Correct macros in use for the ares_getaddrinfo.3 man page
  - Changes in version 1.16.0
    Changes:
    * Introduction of ares_getaddrinfo() API which provides similar output
      (including proper sorting as per RFC 6724) to the system native API, but
    utilizes different data structures in order to provide additional
    information such as TTLs and all aliases. Please reference the respective
    man pages for usage details.
    * Parse SOA records from ns_t_any response
    * CMake: Provide c-ares version in package export file
    * CMake: Add CPACK functionality for DEB and RPM
    * CMake: Generate PDB files during build
    * CMake: Support manpage installation
    Bug fixes:
    * Fix bad expectation in IPv6 localhost test.
    * AutoTools: use XC_CHECK_BUILD_FLAGS instead of XC_CHECK_USER_FLAGS to
      prevent complaints about CPPFLAGS in CFLAGS.
    * Fix .onion handling
    * Command line usage was out of date for adig and ahost.
    * Typos in manpages
    * If ares_getenv is defined, it must return a value on all platforms
    * If /etc/resolv.conf has invalid lookup values, use the defaults.
    * Tests: Separate live tests from SetServers* tests as only live tests
      should require internet access.
    * ares_gethostbyname() should return ENODATA if no valid A or AAAA record
      is found, but a CNAME was found.
    * CMake: Rework library function checking to prevent unintended linking
      with system libraries that aren't needed.
    * Due to use of inet_addr() it was not possible to return 255.255.255.255
      from ares_gethostbyname().
    * CMake: Fix building of tests on Windows
  - Drop regression.patch which have been fixed upstream
  - Refresh disable-live-tests.patch
  - Remove static lib since its required when doing tests and we dont want it
    included in package
  - Run spec-cleaner
* Mon Feb 03 2020 adam.majer@suse.de
  - Upgrade to latest snapshot from 2020-01-17
  - disable-live-tests.patch: refreshed
  - regression.patch: fix a regression in DNS results that contain
    both A and AAAA answers.
* Tue Jan 28 2020 mrostecki@opensuse.org
  - Add netcfg as the build requirement and runtime requirement.
    ares_getaddrinfo function uses the getservbyport_r function which
    requires the /etc/services file to function properly. That config
    file is provided by the netcfg package. Unit tests rely on it
    too, hence it has to be a build dependency as well.
* Mon Jan 06 2020 toddrme2178@gmail.com
  - Switch to cmake-based build.
    Some packages need the cmake build files.
* Fri Nov 15 2019 tchvatal@suse.com
  - Fix version number of the snapshot to not be downgrade:
    bsc#1156601
* Fri Nov 08 2019 adam.majer@suse.de
  - Update to upstream snapshot 20191108
    * getaddrinfo - avoid infinite loop in case of NXDOMAIN
    * ares_getenv - return NULL in all cases
    * implement ares_getaddrinfo
  - onion-crash.patch: removed, upstreamed.
  - removed upstream patches that are part of the snapshot:
    0001-Add-initial-implementation-for-ares_getaddrinfo-112.patch
    0002-Remaining-queries-counter-fix-additional-unit-tests-.patch
    0003-Bugfix-for-ares_getaddrinfo-and-additional-unit-test.patch
    0004-Add-ares__sortaddrinfo-to-support-getaddrinfo-sorted.patch
    0005-getaddrinfo-avoid-infinite-loop-in-case-of-NXDOMAIN-.patch
    0006-getaddrinfo-callback-must-be-called-on-bad-domain-24.patch
    0007-getaddrinfo-enhancements-257.patch
    0008-Add-missing-limits.h-include-from-ares_getaddrinfo.c.patch
    0009-Increase-portability-of-ares-test-mock-ai.cc-235.patch
    0010-Disable-failing-test.patch
  - disable-live-tests.patch - updated
* Wed Oct 23 2019 mrostecki@opensuse.org
  - Add upstream patches with the ares_getaddrinfo function:
    * 0001-Add-initial-implementation-for-ares_getaddrinfo-112.patch
    * 0002-Remaining-queries-counter-fix-additional-unit-tests-.patch
    * 0003-Bugfix-for-ares_getaddrinfo-and-additional-unit-test.patch
    * 0004-Add-ares__sortaddrinfo-to-support-getaddrinfo-sorted.patch
    * 0005-getaddrinfo-avoid-infinite-loop-in-case-of-NXDOMAIN-.patch
    * 0006-getaddrinfo-callback-must-be-called-on-bad-domain-24.patch
    * 0007-getaddrinfo-enhancements-257.patch
    * 0008-Add-missing-limits.h-include-from-ares_getaddrinfo.c.patch
    * 0009-Increase-portability-of-ares-test-mock-ai.cc-235.patch
  - Add a patch which disables test failing on OBS (but passing in
    local environment):
    * 0010-Disable-failing-test.patch
* Wed Feb 13 2019 adam.majer@suse.de
  - Version update to 1.15.0:
    * Add ares_init_options() configurability for path to resolv.conf file
    * Ability to exclude building of tools (adig, ahost, acountry) in CMake
    * Report ARES_ENOTFOUND for .onion domain names as per RFC7686
      (bsc#1125306)
    * Apply the IPv6 server blacklist to all nameserver sources
    * Prevent changing name servers while queries are outstanding
    * ares_set_servers_csv() on failure should not leave channel in a
      bad state
  - enable unit tests
  - disable-live-tests.patch: disable tests to live servers
  - onion-crash.patch: backport fix for a crash affecting .onion TLD
* Tue Feb 20 2018 jengelh@inai.de
  - Remove ineffective --with-pic.
* Tue Feb 20 2018 tchvatal@suse.com
  - Version update to 1.14.0:
    * Fix patch for CVE-2017-1000381 to not be overly aggressive
    * gethostbyaddr should fail with ECANCELLED not ENOTFOUND when ares_cancel is called
    * ares_gethostbyname.3: fix callback status values
    * docs: Document WSAStartup requirement
    * Fix a typo in init_by_resolv_conf
* Tue Feb 20 2018 tchvatal@suse.com
  - Rename everything to c-ares
* Tue Jun 20 2017 tchvatal@suse.com
  - Version update to 1.13.0:
    * Fixes bsc#1044946 CVE-2017-1000381
    * Bunch of bugfixes
  - Drop cares-1.9.1-ocloexec.patch as it broke again and it is
    not really worth all the fwdporting
  - Drop check phase there is only return 0
* Mon Oct 31 2016 tchvatal@suse.com
  - Version update to 1.12.0:
    * Fixes bsc#1007728 CVE-2016-5180
    * api: add ARES_OPT_NOROTATE optmask value
    * Collection of bugfixes
* Thu Jun 09 2016 astieger@suse.com
  - update to 1.11.0:
    * Allow multiple -s options to the ahost command
    * api: Expose the ares_library_initialized() function
    * api: Add ares_set_sortlist(3) entrypoint
    * api: Add entrypoints to allow use of per-server ports
    * api: introduce `ares_parse_txt_reply_ext`
    * api: Add ares_set_socket_configure_callback()
    * Add -t u option to ahost
    * collection of bug fixes
* Fri Nov 14 2014 dimstar@opensuse.org
  - No longer perform gpg validation; osc source_validator does it
    implicit:
    + Drop gpg-offline BuildRequires.
    + No longer execute gpg_verify.

Files

/usr/lib64/libcares.so.2
/usr/lib64/libcares.so.2.6.1
/usr/share/licenses/libcares2
/usr/share/licenses/libcares2/LICENSE.md


Generated by rpm2html 1.8.1

Fabrice Bellet, Tue Jul 9 20:22:04 2024