Upgrade c-ares to 1.19.1#39
Merged
chaitu236 merged 5 commits intoni:nilrt/master/kirkstonefrom Jun 30, 2023
Merged
Conversation
gratian
approved these changes
Jun 30, 2023
gratian
left a comment
gratian
left a comment
There was a problem hiding this comment.
Ship It!
Small nitpick: I think the convention for adding comments about resolved conflicts is to use square brackets '[' instead of '('.
I think it may also be exempt from line wrapping rules but I'm not 100% sure on this part.
mike-petersen-ni
force-pushed
the
pick-cve-fix/c-ares
branch
from
8962c33 to
fe603dc
Compare
Author
|
Patch v2: reformat conflict resolution text |
gratian
approved these changes
Jun 30, 2023
chaitu236
reviewed
Jun 30, 2023
This reverts commit 5adcef0. Signed-off-by: Mike Petersen <mike.petersen@ni.com>
This reverts commit c34b8aa. Signed-off-by: Mike Petersen <mike.petersen@ni.com>
This reverts commit 092e125. Signed-off-by: Mike Petersen <mike.petersen@ni.com>
Changelog: ========= Security: ---------- Low. Stack overflow in ares_set_sortlist() which is used during c-ares initialization and typically provided by an administrator and not an end user. Changes: ---------- Windows: Drop support for XP and derivatives which greatly cleans up initialization code. Add ARES_OPT_HOSTS_FILE similar to ARES_OPT_RESOLVCONF for specifying a custom hosts file location. Add vcpkg installation instructions Bug fixes: ------------ Fix cross-compilation from Windows to Linux due to CPACK logic. Fix memory leak in reading /etc/hosts when using localhost fallback. Fix chain building c-ares when libresolv is already included by another project File lookup should not immediately abort as there may be other tries due to search criteria. Asterisks should be allowed in host validation as CNAMEs may reference wildcard domains AutoTools build system referenced bad STDC_HEADERS macro Even if one address class returns a failure for ares_getaddrinfo() we should still return the results we have CMake Windows: DLLs did not include resource file to include versions CMake: Guard target creation in exported config Fix ares_getaddrinfo() numerical address resolution with AF_UNSPEC Apple: fix libresolv configured query times. Fix tools and help information Various documentation fixes and cleanups Add include guards to ares_data.h c-ares could try to exceed maximum number of iovec entries supported by system CMake package config generation allow for absolute install paths Intel compiler fixes ares_strsplit bugs The RFC6761 6.3 states localhost subdomains must be offline too. Signed-off-by: Wang Mingyu <wangmy@fujitsu.com> Signed-off-by: Khem Raj <raj.khem@gmail.com> (cherry picked from commit 4e35ff8) Signed-off-by: Mike Petersen <mike.petersen@ni.com>
Changelog: ========== Security --------- - CVE-2023-32067. High. 0-byte UDP payload causes Denial of Service [12] - CVE-2023-31147. Moderate. Insufficient randomness in generation of DNS query IDs [13] - CVE-2023-31130. Moderate. Buffer Underwrite in ares_inet_net_pton() [14] - CVE-2023-31124. Low. AutoTools does not set CARES_RANDOM_FILE during cross compilation [15] Bug fixes ---------- - Fix uninitialized memory warning in test [1] - Turn off IPV6_V6ONLY on Windows to allow IPv4-mapped IPv6 addresses [2] - ares_getaddrinfo() should allow a port of 0 [3] - Fix memory leak in ares_send() on error [4] - Fix comment style in ares_data.h [5] - Remove unneeded ifdef for Windows [6] - Fix typo in ares_init_options.3 [7] - Re-add support for Watcom compiler [8] - Sync ax_pthread.m4 with upstream [9] - Windows: Invalid stack variable used out of scope for HOSTS path [10] - Sync ax_cxx_compile_stdcxx_11.m4 with upstream to fix uclibc support [11] Signed-off-by: Wang Mingyu <wangmy@fujitsu.com> Signed-off-by: Khem Raj <raj.khem@gmail.com> (cherry picked from commit 85c7e7b) Signed-off-by: Mike Petersen <mike.petersen@ni.com>
mike-petersen-ni
force-pushed
the
pick-cve-fix/c-ares
branch
from
a805a08 to
428474d
Compare
Author
|
Patch v3: restructure commits to first revert CVE patch commits, then cherry-pick upgrades |
chaitu236
approved these changes
Jun 30, 2023
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
4 participants
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Testing
AB#2435273