| Commit message (Collapse) | Author | Age | Files | Lines | |
|---|---|---|---|---|---|
| * | c-ares: upgrade 1.19.0 -> 1.19.1 | Wang Mingyu | 2023-05-25 | 1 | -21/+0 |
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Changelog: ========== Security --------- - CVE-2023-32067. High. 0-byte UDP payload causes Denial of Service [12] - CVE-2023-31147. Moderate. Insufficient randomness in generation of DNS query IDs [13] - CVE-2023-31130. Moderate. Buffer Underwrite in ares_inet_net_pton() [14] - CVE-2023-31124. Low. AutoTools does not set CARES_RANDOM_FILE during cross compilation [15] Bug fixes ---------- - Fix uninitialized memory warning in test [1] - Turn off IPV6_V6ONLY on Windows to allow IPv4-mapped IPv6 addresses [2] - ares_getaddrinfo() should allow a port of 0 [3] - Fix memory leak in ares_send() on error [4] - Fix comment style in ares_data.h [5] - Remove unneeded ifdef for Windows [6] - Fix typo in ares_init_options.3 [7] - Re-add support for Watcom compiler [8] - Sync ax_pthread.m4 with upstream [9] - Windows: Invalid stack variable used out of scope for HOSTS path [10] - Sync ax_cxx_compile_stdcxx_11.m4 with upstream to fix uclibc support [11] Signed-off-by: Wang Mingyu <wangmy@fujitsu.com> Signed-off-by: Khem Raj <raj.khem@gmail.com> | ||||
| * | c-ares: upgrade 1.18.1 -> 1.19.0 | Wang Mingyu | 2023-03-04 | 1 | -0/+21 |
| Changelog: ========= Security: ---------- Low. Stack overflow in ares_set_sortlist() which is used during c-ares initialization and typically provided by an administrator and not an end user. Changes: ---------- Windows: Drop support for XP and derivatives which greatly cleans up initialization code. Add ARES_OPT_HOSTS_FILE similar to ARES_OPT_RESOLVCONF for specifying a custom hosts file location. Add vcpkg installation instructions Bug fixes: ------------ Fix cross-compilation from Windows to Linux due to CPACK logic. Fix memory leak in reading /etc/hosts when using localhost fallback. Fix chain building c-ares when libresolv is already included by another project File lookup should not immediately abort as there may be other tries due to search criteria. Asterisks should be allowed in host validation as CNAMEs may reference wildcard domains AutoTools build system referenced bad STDC_HEADERS macro Even if one address class returns a failure for ares_getaddrinfo() we should still return the results we have CMake Windows: DLLs did not include resource file to include versions CMake: Guard target creation in exported config Fix ares_getaddrinfo() numerical address resolution with AF_UNSPEC Apple: fix libresolv configured query times. Fix tools and help information Various documentation fixes and cleanups Add include guards to ares_data.h c-ares could try to exceed maximum number of iovec entries supported by system CMake package config generation allow for absolute install paths Intel compiler fixes ares_strsplit bugs The RFC6761 6.3 states localhost subdomains must be offline too. Signed-off-by: Wang Mingyu <wangmy@fujitsu.com> Signed-off-by: Khem Raj <raj.khem@gmail.com> | |||||
 |
index : linux/meta-openembedded.git | |
| Mirror of git.openembedded.org/meta-openembedded | N/A |
| summaryrefslogtreecommitdiffstats |