Hello community, here is the log from the commit of package adns for openSUSE:Factory checked in at 2020-06-16 13:45:15 ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Comparing /work/SRC/openSUSE:Factory/adns (Old) and /work/SRC/openSUSE:Factory/.adns.new.3606 (New) ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Package is "adns" Tue Jun 16 13:45:15 2020 rev:30 rq:814744 version:1.6.0 Changes: -------- --- /work/SRC/openSUSE:Factory/adns/adns.changes 2020-06-06 23:40:21.389095132 +0200 +++ /work/SRC/openSUSE:Factory/.adns.new.3606/adns.changes 2020-06-16 13:45:47.681824444 +0200 @@ -1,0 +2,58 @@ +Mon Jun 15 12:40:37 UTC 2020 - Kristyna Streitova <[email protected]> + +- Update to 1.6.0 +- Changes in 1.6.0: + * Bugfixes + * adnshost: Support --reverse in -f mode input stream + * timeout robustness against clock skew: track query start time and + duration. Clock instability may now only cause spurious timeouts + rather than indefinite hangs or even assertion failures. + * New features: + * adnshost: Offer ability to set adns checkc flags + * adnslogres: Honour --checkc-freq (if it comes first) + * adnsresfilter: Honour --checkc-freq and --checkc-entex + * time handling: Support use of CLOCK_MONOTONIC via an init flag. + * adns_str* etc.: Improve robustness; more allowable inputs values. + * Internal changes: + * adnshost: adh-opts.c: Whitespace adjustments to option table + * Build system and tests improvements +- Changes in 1.5.2 + * Important security fixes: + CVE-2017-9103 CVE-2017-9104 CVE-2017-9105 CVE-2017-9109: + Vulnerable applications: all adns callers. + Exploitable by: the local recursive resolver. + Likely worst case: Remote code execution. + CVE-2017-9106: + Vulnerable applications: those that make SOA queries. + Exploitable by: upstream DNS data sources. + Likely worst case: DoS (crash of the adns-using application) + CVE-2017-9107: + Vulnerable applications: those that use adns_qf_quoteok_query. + Exploitable by: sources of query domain names. + Likely worst case: DoS (crash of the adns-using application) + CVE-2017-9108: + Vulnerable applications: adnshost. + Exploitable by: code responsible for framing the input. + Likely worst case: DoS (adnshost crashes at EOF). + * Bugfixes: + * Do not include spurious external symbol `data' (fixes GCC10 build). + * If server sends TC flag over TCP, bail rather than retrying. + * Do not crash on certain strange resolv.conf contents. + * Fix various crashes if a global system failure occurs, or + adns_finish is called with outstanding queries. + * Correct a parsing error message very slightly. + * DNS packet parsing: Slight fix when packet is truncated. + * Fix ABI compatibility in string conversion of certain RR types. + * internal.h: Use `unsigned' for nextid; fixes theoretical C UB. + * Portability fix: + * common.make.in: add -Wno-unused-value. Fixes build with GCC9. + * Internal changes: + * Additional comments describing some internal code restrions. + * Robustness assert() against malfunctioning write() system call. +- It fixes the following CVEs [bsc#1172265] + CVE-2017-9103, CVE-2017-9104, CVE-2017-9105, CVE-2017-9106, + CVE-2017-9107, CVE-2017-9108, CVE-2017-9109 +- refresh adns-visibility.patch +- drop adns-1.5.1-gcc10.patch that is no longer needed + +------------------------------------------------------------------- Old: ---- adns-1.5.1-gcc10.patch adns-1.5.1.tar.gz adns-1.5.1.tar.gz.sig New: ---- adns-1.6.0.tar.gz adns-1.6.0.tar.gz.sig ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Other differences: ------------------ ++++++ adns.spec ++++++ --- /var/tmp/diff_new_pack.iP78nF/_old 2020-06-16 13:45:48.601831843 +0200 +++ /var/tmp/diff_new_pack.iP78nF/_new 2020-06-16 13:45:48.605831875 +0200 @@ -18,7 +18,7 @@ %define lname libadns1 Name: adns -Version: 1.5.1 +Version: 1.6.0 Release: 0 Summary: Advanced Easy-to-Use Asynchronous-Capable DNS Utilities License: GPL-2.0-or-later @@ -32,7 +32,6 @@ Patch0: adns-1.4-destdir.patch Patch1: adns-1.4-configure.patch Patch2: adns-visibility.patch -Patch3: adns-1.5.1-gcc10.patch BuildRequires: autoconf %description @@ -64,7 +63,6 @@ %patch0 %patch1 %patch2 -%patch3 -p1 cp %{SOURCE3} . %build @@ -73,7 +71,12 @@ %make_build all %install -%make_install +make install \ + prefix=%{buildroot}%{_prefix} \ + bindir=%{buildroot}%{_bindir} \ + includedir=%{buildroot}%{_includedir} \ + libdir=%{buildroot}%{_libdir} \ + # FIXME: --disable-static not available rm %{buildroot}%{_libdir}/*.a ++++++ adns-1.5.1.tar.gz -> adns-1.6.0.tar.gz ++++++ ++++ 5649 lines of diff (skipped) ++++++ adns-visibility.patch ++++++ --- /var/tmp/diff_new_pack.iP78nF/_old 2020-06-16 13:45:48.825833644 +0200 +++ /var/tmp/diff_new_pack.iP78nF/_new 2020-06-16 13:45:48.829833676 +0200 @@ -24,8 +24,8 @@ +#pragma GCC visibility push(hidden) /* Configuration and constants */ - #define MAXSERVERS 5 -@@ -944,4 +945,5 @@ static inline int errno_resources(int e) + #define MAXSERVERS 5 /* do not increase beyond no. of bits in `unsigned'! */ +@@ -960,4 +961,5 @@ static inline int errno_resources(int e) (tv)|=GETIL_B(cb), \ (tv) )
