Hello community, here is the log from the commit of package c-ares for openSUSE:Factory checked in at 2020-07-15 11:12:37 ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Comparing /work/SRC/openSUSE:Factory/c-ares (Old) and /work/SRC/openSUSE:Factory/.c-ares.new.3060 (New) ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Package is "c-ares" Wed Jul 15 11:12:37 2020 rev:8 rq:819671 version:1.16.1 Changes: -------- --- /work/SRC/openSUSE:Factory/c-ares/c-ares.changes 2020-02-14 16:36:01.419540570 +0100 +++ /work/SRC/openSUSE:Factory/.c-ares.new.3060/c-ares.changes 2020-07-15 11:12:43.752865830 +0200 @@ -1,0 +2,55 @@ +Wed Jul 8 20:35:17 UTC 2020 - Matthias Eliasson <[email protected]> + +- Version update to 1.16.1 + Security: + * Prevent possible use-after-free and double-free in ares_getaddrinfo() if + ares_destroy() is called prior to ares_getaddrinfo() completing. + Reported by Jann Horn at Google Project Zero. + Changes: + * Allow TXT records on CHAOS qclass. Used for retriving things like + version.bind, version.server, authoris.bind, hostname.bind, and id.server. [3] + Bug fixes: + * Fix Windows Unicode incompatibilities with ares_getaddrinfo() [1] + * Silence false cast-align compiler warnings due to valid casts of struct + sockaddr to struct sockaddr_in and struct sockaddr_in6. + * MacOS should use libresolv for retrieving DNS servers, like iOS + * CMake build system should populate the INCLUDE_DIRECTORIES property of + installed targets [2] + * Correct macros in use for the ares_getaddrinfo.3 man page +- Changes in version 1.16.0 + Changes: + * Introduction of ares_getaddrinfo() API which provides similar output + (including proper sorting as per RFC 6724) to the system native API, but + utilizes different data structures in order to provide additional + information such as TTLs and all aliases. Please reference the respective + man pages for usage details. + * Parse SOA records from ns_t_any response + * CMake: Provide c-ares version in package export file + * CMake: Add CPACK functionality for DEB and RPM + * CMake: Generate PDB files during build + * CMake: Support manpage installation + Bug fixes: + * Fix bad expectation in IPv6 localhost test. + * AutoTools: use XC_CHECK_BUILD_FLAGS instead of XC_CHECK_USER_FLAGS to + prevent complaints about CPPFLAGS in CFLAGS. + * Fix .onion handling + * Command line usage was out of date for adig and ahost. + * Typos in manpages + * If ares_getenv is defined, it must return a value on all platforms + * If /etc/resolv.conf has invalid lookup values, use the defaults. + * Tests: Separate live tests from SetServers* tests as only live tests + should require internet access. + * ares_gethostbyname() should return ENODATA if no valid A or AAAA record + is found, but a CNAME was found. + * CMake: Rework library function checking to prevent unintended linking + with system libraries that aren't needed. + * Due to use of inet_addr() it was not possible to return 255.255.255.255 + from ares_gethostbyname(). + * CMake: Fix building of tests on Windows +- Drop regression.patch which have been fixed upstream +- Refresh disable-live-tests.patch +- Remove static lib since its required when doing tests and we dont want it + included in package +- Run spec-cleaner + +------------------------------------------------------------------- Old: ---- c-ares-1.15.0-20200117.tar.gz regression.patch New: ---- c-ares-1.16.1.tar.gz c-ares-1.16.1.tar.gz.asc ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Other differences: ------------------ ++++++ c-ares.spec ++++++ --- /var/tmp/diff_new_pack.h0IqXv/_old 2020-07-15 11:12:45.360867494 +0200 +++ /var/tmp/diff_new_pack.h0IqXv/_new 2020-07-15 11:12:45.360867494 +0200 @@ -1,7 +1,7 @@ # # spec file for package c-ares # -# Copyright (c) 2020 SUSE LINUX GmbH, Nuernberg, Germany. +# Copyright (c) 2020 SUSE LLC # # All modifications and additions to the file contributed by third parties # remain the property of their copyright owners, unless otherwise agreed @@ -18,22 +18,18 @@ %define sonum 2 %define libname libcares%{sonum} -%define realver 1.15.0-20200117 Name: c-ares -Version: 1.15.0+20200117 +Version: 1.16.1 Release: 0 Summary: Library for asynchronous name resolves License: MIT URL: https://c-ares.haxx.se/ -#Source0: https://c-ares.haxx.se/daily-snapshot/c-ares-%{realver}.tar.gz -Source0: c-ares-%{realver}.tar.gz -#Source0: http://c-ares.haxx.se/download/%{name}-%{version}.tar.gz -#Source1: http://c-ares.haxx.se/download/%{name}-%{version}.tar.gz.asc +Source0: http://c-ares.haxx.se/download/%{name}-%{version}.tar.gz +Source1: http://c-ares.haxx.se/download/%{name}-%{version}.tar.gz.asc Source3: %{name}.keyring Source4: baselibs.conf Patch0: 0001-Use-RPM-compiler-options.patch Patch1: disable-live-tests.patch -Patch2: regression.patch BuildRequires: cmake BuildRequires: gcc-c++ BuildRequires: libtool @@ -56,7 +52,6 @@ This package provides some tools that make use of c-ares. - %package -n %{libname} Summary: Library for asynchronous name resolves # Needed for getservbyport_r function to work properly. @@ -69,7 +64,6 @@ This package provides the shared libraries for c-ares. - %package devel Summary: Development files for %{name} Requires: %{libname} = %{version} @@ -85,9 +79,8 @@ This package provides the development libraries and headers needed to build packages that depend on c-ares. - %prep -%autosetup -p1 -n %{name}-%{realver} +%autosetup -p1 -n %{name}-%{version} # Remove bogus cflags checking sed -i -e '/XC_CHECK_BUILD_FLAGS/d' configure.ac @@ -100,17 +93,18 @@ -DCARES_INSTALL:BOOL=ON \ -DCARES_BUILD_TESTS:BOOL=ON \ -DCARES_BUILD_TOOLS:BOOL=ON -make %{?_smp_mflags} +%make_build %install %cmake_install install -m 644 -Dt %{buildroot}%{_mandir}/man1/ *.1 install -m 644 -Dt %{buildroot}%{_mandir}/man3/ *.3 -find %{buildroot} -type f -name "*.la" -delete -print +# Tests require static lib so lets remove it so it does not get in package +find %{buildroot} -type f \( -name "*.la" -o -name "*.a" \) -delete -print %check pushd build -make -C test %{?_smp_mflags} +%make_build -C test export LD_LIBRARY_PATH=$LD_LIBRARY_PATH:./lib ./bin/arestest @@ -122,9 +116,9 @@ %{_bindir}/acountry %{_bindir}/adig %{_bindir}/ahost -%{_mandir}/man1/acountry.1%{ext_man} -%{_mandir}/man1/adig.1%{ext_man} -%{_mandir}/man1/ahost.1%{ext_man} +%{_mandir}/man1/acountry.1%{?ext_man} +%{_mandir}/man1/adig.1%{?ext_man} +%{_mandir}/man1/ahost.1%{?ext_man} %files -n %{libname} %license LICENSE.md @@ -134,7 +128,7 @@ %license LICENSE.md %{_libdir}/libcares.so %{_includedir}/*.h -%{_mandir}/man3/ares_*.3%{ext_man} +%{_mandir}/man3/ares_*.3%{?ext_man} %{_libdir}/pkgconfig/libcares.pc %{_libdir}/cmake/c-ares/ ++++++ c-ares-1.15.0-20200117.tar.gz -> c-ares-1.16.1.tar.gz ++++++ ++++ 7768 lines of diff (skipped) ++++++ disable-live-tests.patch ++++++ --- /var/tmp/diff_new_pack.h0IqXv/_old 2020-07-15 11:12:45.648867792 +0200 +++ /var/tmp/diff_new_pack.h0IqXv/_new 2020-07-15 11:12:45.648867792 +0200 @@ -1,8 +1,7 @@ -Index: c-ares-1.15.0-20200117/test/Makefile.inc -=================================================================== ---- c-ares-1.15.0-20200117.orig/test/Makefile.inc -+++ c-ares-1.15.0-20200117/test/Makefile.inc -@@ -13,7 +13,6 @@ TESTSOURCES = ares-test-main.cc \ +diff -Naur c-ares-1.16.1.orig/test/Makefile.inc c-ares-1.16.1/test/Makefile.inc +--- c-ares-1.16.1.orig/test/Makefile.inc 2020-07-08 22:15:36.667605939 +0200 ++++ c-ares-1.16.1/test/Makefile.inc 2020-07-08 22:16:25.407171729 +0200 +@@ -14,7 +14,6 @@ ares-test-parse-srv.cc \ ares-test-parse-txt.cc \ ares-test-misc.cc \ @@ -10,47 +9,3 @@ ares-test-mock.cc \ ares-test-mock-ai.cc \ ares-test-internal.cc \ -Index: c-ares-1.15.0-20200117/test/ares-test-misc.cc -=================================================================== ---- c-ares-1.15.0-20200117.orig/test/ares-test-misc.cc -+++ c-ares-1.15.0-20200117/test/ares-test-misc.cc -@@ -47,10 +47,12 @@ TEST_F(DefaultChannelTest, SetServers) { - EXPECT_EQ(expected, GetNameServers(channel_)); - - // Change not allowed while request is pending -+ /* - HostResult result; - ares_gethostbyname(channel_, "www.google.com.", AF_INET, HostCallback, &result); - EXPECT_EQ(ARES_ENOTIMP, ares_set_servers(channel_, &server1)); - ares_cancel(channel_); -+ */ - } - - TEST_F(DefaultChannelTest, SetServersPorts) { -@@ -77,10 +79,12 @@ TEST_F(DefaultChannelTest, SetServersPor - EXPECT_EQ(expected, GetNameServers(channel_)); - - // Change not allowed while request is pending -+ /* - HostResult result; - ares_gethostbyname(channel_, "www.google.com.", AF_INET, HostCallback, &result); - EXPECT_EQ(ARES_ENOTIMP, ares_set_servers_ports(channel_, &server1)); - ares_cancel(channel_); -+ */ - } - - TEST_F(DefaultChannelTest, SetServersCSV) { -@@ -109,11 +113,13 @@ TEST_F(DefaultChannelTest, SetServersCSV - EXPECT_EQ(expected2, GetNameServers(channel_)); - - // Change not allowed while request is pending -+ /* - HostResult result; - ares_gethostbyname(channel_, "www.google.com.", AF_INET, HostCallback, &result); - EXPECT_EQ(ARES_ENOTIMP, ares_set_servers_csv(channel_, "1.2.3.4,2.3.4.5")); - EXPECT_EQ(ARES_ENOTIMP, ares_set_servers_ports_csv(channel_, "1.2.3.4:56,2.3.4.5:67")); - ares_cancel(channel_); -+ */ - - // Should survive duplication - ares_channel channel2;
