Also keep in mind that if RHEL decides to fix the CVE(s) in question in version 8 of their OS, they would likely apply the fix for the CVE to the version of CARES that they are already shipping (i.e., they'd create a version like 1.13.0.<whatever> rather than upgrading to 1.14.x). They work hard to avoid changing version numbers for compatibility reasons.
On Thu, Sep 29, 2022 at 6:59 AM Anders Broman <a.broma...@gmail.com> wrote: > Hi, > Well a choice to make if we want to support CentOS8/RHEL8 or not. One > could argue that CVE:s in support libraries might not be for us to > decide on but rather the OS maintainers. > Best regards > Anders > > Den tors 29 sep. 2022 kl 08:19 skrev Roland Knall <rkn...@gmail.com>: > >> The reason for 1.14 was a CVE that was fixed. I would vote strongly >> against reducing the Version just to support an older version. >> >> Regards, Roland >> >> Am 28.09.2022 um 18:48 schrieb John Thacker <johnthac...@gmail.com>: >> >> >> On Wed, Sep 28, 2022, 10:47 AM Anders Broman <a.broma...@gmail.com> >> wrote: >> >>> Hi, >>> Is there a workaround for >>> CMake Error at >>> /usr/share/cmake/Modules/FindPackageHandleStandardArgs.cmake:230 (message): >>> Could NOT find CARES: Found unsuitable version "1.13.0", but required >>> is at >>> least "1.14.0" (found /usr/lib64/libcares.so)? >>> I would like to build for CentOS8... >>> >> >> It doesn't actually need anything from 1.14.0, so changing the line in >> CMakeLists.txt that sets the minimum version should be fine. Look at the >> commit below and change one line to 1.13.0 >> >> >> https://gitlab.com/wireshark/wireshark/-/commit/5991a75d78a31ba61de6c162c79c2928da19c302 >> >> John >> >>> >> ___________________________________________________________________________ >> Sent via: Wireshark-dev mailing list <wireshark-dev@wireshark.org> >> Archives: https://www.wireshark.org/lists/wireshark-dev >> Unsubscribe: https://www.wireshark.org/mailman/options/wireshark-dev >> mailto:wireshark-dev-requ...@wireshark.org >> ?subject=unsubscribe >> >> >> ___________________________________________________________________________ >> Sent via: Wireshark-dev mailing list <wireshark-dev@wireshark.org> >> Archives: https://www.wireshark.org/lists/wireshark-dev >> Unsubscribe: https://www.wireshark.org/mailman/options/wireshark-dev >> mailto:wireshark-dev-requ...@wireshark.org >> ?subject=unsubscribe >> > ___________________________________________________________________________ > Sent via: Wireshark-dev mailing list <wireshark-dev@wireshark.org> > Archives: https://www.wireshark.org/lists/wireshark-dev > Unsubscribe: https://www.wireshark.org/mailman/options/wireshark-dev > mailto:wireshark-dev-requ...@wireshark.org > ?subject=unsubscribe >
___________________________________________________________________________ Sent via: Wireshark-dev mailing list <wireshark-dev@wireshark.org> Archives: https://www.wireshark.org/lists/wireshark-dev Unsubscribe: https://www.wireshark.org/mailman/options/wireshark-dev mailto:wireshark-dev-requ...@wireshark.org?subject=unsubscribe