- Update from version 1.17.1 to 1.32.1 - Update of rootfile - There have been 22 version updates that are now being applied. 4 of these releases had security issues being addressed and there have been 5 CVE's and fixes - Changelog 1.32.1 Bugfixes: Channel lock needs to be recursive to ensure calls into c-ares functions can be made from callbacks otherwise deadlocks will occur. This regression was introduced in 1.32.0 1.32.0 Features: Add support for DNS 0x20 to help prevent cache poisoning attacks, enabled by specifying ARES_FLAG_DNS0x20. Disabled by default. PR #800 Rework query timeout logic to automatically adjust timeouts based on network conditions. The timeout specified now is only used as a hint until there is enough history to calculate a more valid timeout. PR #794 Changes: DNS RR TXT strings should not be automatically concatenated as there are use cases outside of RFC 7208. In order to maintain ABI compliance, the ability to retrieve TXT strings concatenated is retained as well as a new API to retrieve the individual strings. This restores behavior from c-ares 1.20.0. PR #801 Clean up header inclusion logic to make hacking on code easier. PR #797 GCC/Clang: Enable even more strict warnings to catch more coding flaws. 253bdee MSVC: Enable /W4 warning level. PR #792 Bugfixes: Tests: Fix thread race condition in test cases for EventThread. PR #803 Windows: Fix building with UNICODE. PR #802 Thread Saftey: ares_timeout() was missing lock. 74a64e4 Fix building with DJGPP (32bit protected mode DOS). PR #789 1.31.0 Changes: Enable Query Cache by default. PR #786 Bugfixes: Enhance Windows DNS configuration change detection to also detect manual DNS configuration changes. PR #785 Various legacy MacOS Build fixes. Issue #782 Ndots value of zero in resolv.conf was not being honored. 852a60a Watt-32 build support had been broken for some time. PR #781 Distribute ares_dns_rec_type_tostr manpage. PR #778 1.30.0 Features: Basic support for SIG RR record (RFC 2931 / RFC 2535) PR #773 Changes: Validation that DNS strings can only consist of printable ascii characters otherwise will trigger a parse failure. 75de16c and 40fb125 Windows: use GetTickCount64() for a monotonic timer that does not wrap. 1dff8f6 Bugfixes: QueryCache: Fix issue where purging on server changes wasn’t working. a6c8fe6 Windows: Fix Y2K38 issue by creating our own ares_timeval_t datatype. PR #772 Fix packaging issue affecting MacOS due to a missing header. 55afad6 MacOS: Fix UBSAN warnings that are likely meaningless due to alignment issues in new MacOS config reader. Android: arm 32bit build failure due to missing symbol. d1722e6 1.29.0 Features: When using ARES_OPT_EVENT_THREAD, automatically reload system configuration when network conditions change. PR #759 Apple: reimplement DNS configuration reading to more accurately pull DNS settings. PR #750 Add observability into DNS server health via a server state callback, invoked whenever a query finishes. PR #744 Add server failover retry behavior, where failed servers are retried with small probability after a minimum delay. PR #731 Changes: Mark ares_channel_t * as const in more places in the public API. PR #758 Bugfixes: Due to a logic flaw dns name compression writing was not properly implemented which would result in the name prefix not being written for a partial match. This could cause issues in various record types such as MX records when using the deprecated API. Regression introduced in 1.28.0. Issue #757 Revert OpenBSD SOCK_DNS flag, it doesn’t do what the docs say it does and causes c-ares to become non-functional. PR #754 ares_getnameinfo(): loosen validation on salen parameter. Issue #752 cmake: Android requires C99. PR #748 ares_queue_wait_empty() does not honor timeout_ms >= 0. Issue #742 1.28.1 This release contains a fix for a single significant regression introduced in c-ares 1.28.0. ares_search() and ares_getaddrinfo() resolution fails if no search domains are specified. Issue #737 1.28.0 Features: Emit warnings when deprecated c-ares functions are used. This can be disabled by passing a compiler definition of CARES_NO_DEPRECATED. PR #732 Add function ares_search_dnsrec() to search for records using the new DNS record data structures. PR #719 Rework internals to pass around ares_dns_record_t instead of binary data, this introduces new public functions of ares_query_dnsrec() and ares_send_dnsrec(). PR #730 Changes: tests: when performing simulated queries, reduce timeouts to make tests run faster Replace configuration file parsers with memory-safe parser. PR #725 Remove acountry completely, the manpage might still get installed otherwise. Issue #718 Bugfixes: CMake: don’t overwrite global required libraries/definitions/includes which could cause build errors for projects chain building c-ares. Issue #729 On some platforms, netinet6/in6.h is not included by netinet/in.h and needs to be included separately. PR #728 Fix a potential memory leak in ares_init(). Issue #724 Some platforms don’t have the isascii() function. Implement as a macro. PR #721 CMake: Fix Chain building if CMAKE runtime paths not set NDots configuration should allow a value of zero. PR #735 1.27.0 Security: Moderate. CVE-2024-25629. Reading malformatted /etc/resolv.conf, /etc/nsswitch.conf or the HOSTALIASES file could result in a crash. GHSA-mg26-v6qh-x48q Features: New function ares_queue_active_queries() to retrieve number of in-flight queries. PR #712 New function ares_queue_wait_empty() to wait for the number of in-flight queries to reach zero. PR #710 New ARES_FLAG_NO_DEFLT_SVR for ares_init_options() to return a failure if no DNS servers can be found rather than attempting to use 127.0.0.1. This also introduces a new ares status code of ARES_ENOSERVER. PR #713 Changes: EDNS Packet size should be 1232 as per DNS Flag Day. PR #705 Bugfixes: Windows DNS suffix search list memory leak. PR #711 Fix warning due to ignoring return code of write(). PR #709 CMake: don’t override target output locations if not top-level. Issue #708 Fix building c-ares without thread support. PR #700 1.26.0 Features: Event Thread support. Integrators are no longer required to monitor the file descriptors registered by c-ares for events and call ares_process() when enabling the event thread feature via ARES_OPT_EVENT_THREAD passed to ares_init_options(). PR #696 Added flags to are_dns_parse() to force RAW packet parsing. PR #693 Changes: Mark ares_fds() as deprecated. PR #691 Bugfixes: adig: Differentiate between internal and server errors. e10b16a Autotools allow make to override CFLAGS/CPPFLAGS/CXXFLAGS. PR #695 Autotools: fix building for 32bit windows due to stdcall symbol mangling. PR #689 RR Name should not be sanity checked against the Question. PR #685 1.25.0 Changes: AutoTools: rewrite build system to be lighter weight and fix issues in some semi-modern systems. It is likely this has broken building on some less common and legacy OSs, please report issues. PR #674 Rewrite ares_strsplit() as a wrapper for ares__buf_split() for memory safety reasons. 88c444d The ahost utility now uses ares_getaddrinfo() and returns both IPv4 and IPv6 addresses by default. PR #669 OpenBSD: Add SOCK_DNS flag when creating socket. PR #659 Bugfixes: Tests: Live reverse lookups for Google’s public DNS servers no longer return results, replace with CloudFlare pubic DNS servers. 1231aa7 MacOS legacy SDKs require sys/socket.h before net/if.h PR #673 Connection failures should increment the server failure count first or a retry might be enqueued to the same server. 05181a6 On systems that don’t implement the ability to enumerate network interfaces the stubs used the wrong prototype. eebfe0c Fix minor warnings and documentation typos. PR #666 Fix support for older GoogleTest versions. d186f11 getrandom() may require sys/random.h on some systems. Issue #665 Fix building tests with symbol hiding enabled. Issue #664 1.24.0 Features: Add support for IPv6 link-local DNS servers. Nameserver formats can now accept the %iface suffix, and a new ares_get_servers_csv() function was added to return servers that can contain the link-local interface name. Changes: Unbundle GoogleTest for test cases. Package maintainers will now need to require GoogleTest (GMock) as a build dependency if building tests. New GoogleTest versions require C++14 or later. Replace nameserver parsing code to use new memory-safe functions. Replace the sortlist parser with new memory-safe functions. Various warning fixes and dead code removal. Bugfixes: Old Linux versions require POSIX_C_SOURCE or _GNU_SOURCE to compile with thread safety support. A non-responsive DNS server that caused timeouts wouldn’t increment the failure count, this would lead to other servers not being tried. Regression introduced in 1.22.0. Some projects that depend on c-ares expect invalid parameter option values passed into ares_init_options() to simply be ignored. This behavior has been restored. On linux getrandom() can fail if the kernel doesn’t support the syscall, fall back to another random source. ares_cancel() when performing ares_gethostbyname() or ares_getaddrinfo() with AF_UNSPEC, if called after one address class was returned but before the other address class, it would return ARES_SUCCESS rather than ARES_ECANCELLED. 1.23.0 Features: Introduce optional (but on by default) thread-safety for the c-ares library. This has no API nor ABI implications. resolv.conf in modern systems uses attempts and timeouts options instead of the old retrans and retry options. Query caching support based on TTL of responses. Can be enabled via ares_init_options() with ARES_OPT_QUERY_CACHE. Bugfixes: ares_init_options() for ARES_OPT_UDP_PORT and ARES_OPT_TCP_PORT accept the port in host byte order, but it was reading it as network byte order. Regression introduced in 1.20.0. ares_init_options() for ARES_FLAG_NOSEARCH was not being honored for ares_getaddrinfo() or ares_gethostbyname(). Regression introduced in 1.16.0. Autotools MacOS and iOS version check was failing Environment variables passed to c-ares are meant to be an override for system configuration. Regression introduced in 1.22.0. Spelling fixes as detected by codespell. The timeout returned by ares_timeout() was truncated to milliseconds but validated to microseconds which could cause a user to attempt to process timeouts prior to the timeout actually expiring. CMake was not honoring CXXFLAGS passed in via the environment which could cause compile and link errors with distribution hardening flags during packaging. Fix Windows UWP and Cygwin compilation. ares_set_servers_*() for legacy reasons needs to accept an empty server list and zero out all servers. This results in an inoperable channel and thus is only used in simulation testing, but we don’t want to break users. Regression introduced in 1.21.0. 1.22.1 Bugfixes: Fix /etc/hosts processing performance with all entries using same IPaddress. Large hosts files using the same IP address for all entries could use exponential time. Fix typos in manpages Fix OpenWatcom building 1.22.0 Features: ares_reinit() is now implemented to re-read any system configuration and immediately apply to an existing ares channel The adig command line program has been rewritten and its format now more closely matches that of BIND’s dig utility The new DNS message parser and writer functions have now been made public RFC9460 HTTPS and SVCB records are now supported RFC6698 TLSA records are now supported The server list is now internally dynamic and can be changed without impacting existing queries Hosts file processing is now cached until the file is detected to be changed to speed up repetitive lookups of large hosts files Changes: Internally all DNS messages are now written using the new DNS writing functions EDNS is now enabled by default Internal cleanups in function prototypes Bugfixes: Randomize retry penalties to prevent thundering herd issues when dns servers throttle requests Fix Windows build error for missing if_indextoname() 1.21.0 Changes: Provide better man page cross-links. Introduce ares_status_t as an enum rather than using #define list and integer data type for internal functions. Introduce ares_bool_t datatype rather than using an integer with 0/1 so it is clear based on the function prototype what it returns. Increase compiler warning levels by default. Use size_t and other more proper datatypes internally (rather than int). Many developers have used different code styles over the years, standardize on one and use clang-format to enforce the style. CMake can now control symbol visibility Replace multiple DNS hand-made parsers with new memory-safe DNS message parser. Bugfixes: Tools: STAYOPEN flag could make tools not terminate. Socket callbacks were passed SOCK_STREAM instead of SOCK_DGRAM on udp. 1.20.1 Bugfixes: Resolve use-after-free issue when TCP connection is terminated before a response is returned Reduce number of queries for a load test case to prevent overloading some build systems Fix fuzz test build target 1.20.0 Changes: Update from 1989 MIT license text to modern MIT license text Remove acountry from built tools as nerd.dk is gone Add new ARES_OPT_UDP_MAX_QUERIES configuration option to limit the number of queries that can be made from a single ephemeral port Default per-query timeout has been reduced to 2s with a 3x retry count Modernization: start implementing some common data structures that are easy to use and hard to misuse. This will make code refactoring easier and remove some varied implementations in use. This change also makes ares_timeout() more efficient Use SPDX identifiers and a REUSE CI job to verify rand: add support for getrandom() Bug fixes: TCP back to back queries were broken Ensure queries for ares_getaddrinfo() are not requeued during destruction ares_getaddrinfo() should not retry other address classes if one address class has already been returned Avoid production ill-formed result when qualifying a name with the root domain Fix missing prefix for CMake generated libcares.pc DNS server ports will now be read from system configuration instead of defaulting to port 53 Remove some unreachable code Replace usages of sprintf with snprintf Fix Watcom instructions and update Windows URLs 1.19.1 Security: CVE-2023-32067. High. 0-byte UDP payload causes Denial of Service CVE-2023-31147 Moderate. Insufficient randomness in generation of DNS query IDs CVE-2023-31130. Moderate. Buffer Underwrite in ares_inet_net_pton() CVE-2023-31124. Low. AutoTools does not set CARES_RANDOM_FILE during cross compilation Bug fixes: Fix uninitialized memory warning in test Turn off IPV6_V6ONLY on Windows to allow IPv4-mapped IPv6 addresses ares_getaddrinfo() should allow a port of 0 Fix memory leak in ares_send() on error Fix comment style in ares_data.h Remove unneeded ifdef for Windows Fix typo in ares_init_options.3 Re-add support for Watcom compiler Sync ax_pthread.m4 with upstream Windows: Invalid stack variable used out of scope for HOSTS path Sync ax_cxx_compile_stdcxx_11.m4 with upstream to fix uclibc support 1.19.0 Security: Low. Stack overflow in ares_set_sortlist() which is used during c-ares initialization and typically provided by an administrator and not an end user. Changes: Windows: Drop support for XP and derivatives which greatly cleans up initialization code. Add ARES_OPT_HOSTS_FILE similar to ARES_OPT_RESOLVCONF for specifying a custom hosts file location. Add vcpkg installation instructions Bug fixes: Fix cross-compilation from Windows to Linux due to CPACK logic. Fix memory leak in reading /etc/hosts when using localhost fallback. Fix chain building c-ares when libresolv is already included by another project File lookup should not immediately abort as there may be other tries due to search criteria. Asterisks should be allowed in host validation as CNAMEs may reference wildcard domains AutoTools build system referenced bad STDC_HEADERS macro Even if one address class returns a failure for ares_getaddrinfo() we should still return the results we have CMake Windows: DLLs did not include resource file to include versions CMake: Guard target creation in exported config Fix ares_getaddrinfo() numerical address resolution with AF_UNSPEC Apple: fix libresolv configured query times. Fix tools and help information Various documentation fixes and cleanups Add include guards to ares_data.h c-ares could try to exceed maximum number of iovec entries supported by system CMake package config generation allow for absolute install paths Intel compiler fixes ares_strsplit bugs The RFC6761 6.3 states localhost subdomains must be offline too. 1.18.1 Bug fixes: ares_getaddrinfo() would return ai_addrlen of 16 for ipv6 adddresses rather than the sizeof(struct sockaddr_in6) 1.18.0 Changes: Add support for URI(Uniform Resource Identifier) records via ares_parse_uri_reply() Provide ares_nameser.h as a public interface as needed by NodeJS Update URLs from c-ares.haxx.se to c-ares.org During a domain search, treat ARES_ENODATA as ARES_NXDOMAIN so that the search process will continue to the next domain in the search. Turn ares_gethostbyname() into a wrapper for ares_getaddrinfo() as they followed very similar code paths and ares_gethostbyaddr() has some more desirable features such as priority sorting and parallel queries for AF_UNSPEC. ares_getaddrinfo() now contains a name element in the address info structure as the last element. This is not an API or ABI break due to the structure always being internally allocated and it being the last element. ares_parse_a_reply() and ares_parse_aaaa_reply() were nearly identical, those now use the same helper functions for parsing rather than having their own code. RFC6761 Section 6.3 says “localhost” lookups need to be special cased to return loopback addresses, and not forward queries to recursive dns servers. On Windows this now returns all loopback addresses, on other systems it returns 127.0.0.1 or ::1 always, and will never forward a request for “localhost” to outside DNS servers. Haiku: port Bug fixes: add build to .gitignore z/OS minor update, add missing semicolon in ares_init.c Fix building when latest ax_code_coverage.m4 is imported Work around autotools ‘error: too many loops’ and other newer autotools import related bugs. MinGW cross builds need advapi32 link as lower case Cygwin build fix due to containing both socket.h and winsock2.h ares_expand_name should allow underscores (_) as SRV records legitimately use them Allow ‘/’ as a valid character for a returned name for CNAME in-addr.arpa delegation ares_getaddrinfo() was not honoring HOSTALIASES ares_getaddrinfo() had some test cases disabled due to a bug in the test framework itself which has now been resolved 1.17.2 Security: NodeJS passes NULL for addr and 0 for addrlen to ares_parse_ptr_reply() on systems where malloc(0) returns NULL. This would cause a crash. When building c-ares with CMake, the RANDOM_FILE would not be set and therefore downgrade to the less secure random number generator If ares_getaddrinfo() was terminated by an ares_destroy(), it would cause a crash Crash in sortaddrinfo() if the list size equals 0 due to an unexpected DNS response Expand number of escaped characters in DNS replies as per RFC1035 5.1 to prevent spoofing follow-up Perform validation on hostnames to prevent possible XSS due to applications not performing valiation themselves Changes: Use non-blocking /dev/urandom for random data to prevent early startup performance issues z/OS port ares_malloc(0) is now defined behavior (returns NULL) rather than system-specific to catch edge cases Bug fixes: Fuzz testing files were not distributed with official archives Building tests should not force building of static libraries except on Windows Windows builds of the tools would fail if built as static due to a missing CARES_STATICLIB definition Relative headers must use double quotes to prevent pulling in a system library Fix OpenBSD building by implementing portability updates for including arpa/nameser.h Fix building out-of-tree for autotools Make install on MacOS/iOS with CMake was missing the bundle destination so libraries weren’t actually installed Fix retrieving DNS server configuration on MacOS and iOS if the configuration did not include search domains ares_parse_a_reply and ares_parse_aaa_reply were erroneously using strdup() instead of ares_strdup()
Signed-off-by: Adolf Belka adolf.belka@ipfire.org --- config/rootfiles/packages/c-ares | 91 +++++++++++++++++++++++++++++++- lfs/c-ares | 15 +++--- 2 files changed, 96 insertions(+), 10 deletions(-)
diff --git a/config/rootfiles/packages/c-ares b/config/rootfiles/packages/c-ares index 6027768f3..df5000f22 100644 --- a/config/rootfiles/packages/c-ares +++ b/config/rootfiles/packages/c-ares @@ -1,17 +1,88 @@ #usr/include/ares.h #usr/include/ares_build.h #usr/include/ares_dns.h -#usr/include/ares_rules.h +#usr/include/ares_dns_record.h +#usr/include/ares_nameser.h #usr/include/ares_version.h #usr/lib/libcares.la #usr/lib/libcares.so usr/lib/libcares.so.2 -usr/lib/libcares.so.2.4.2 +usr/lib/libcares.so.2.17.1 #usr/lib/pkgconfig/libcares.pc #usr/share/man/man3/ares_cancel.3 #usr/share/man/man3/ares_create_query.3 #usr/share/man/man3/ares_destroy.3 #usr/share/man/man3/ares_destroy_options.3 +#usr/share/man/man3/ares_dns_class_fromstr.3 +#usr/share/man/man3/ares_dns_class_t.3 +#usr/share/man/man3/ares_dns_class_tostr.3 +#usr/share/man/man3/ares_dns_datatype_t.3 +#usr/share/man/man3/ares_dns_flags_t.3 +#usr/share/man/man3/ares_dns_mapping.3 +#usr/share/man/man3/ares_dns_opcode_t.3 +#usr/share/man/man3/ares_dns_opcode_tostr.3 +#usr/share/man/man3/ares_dns_opt_datatype_t.3 +#usr/share/man/man3/ares_dns_opt_get_datatype.3 +#usr/share/man/man3/ares_dns_opt_get_name.3 +#usr/share/man/man3/ares_dns_parse.3 +#usr/share/man/man3/ares_dns_rcode_t.3 +#usr/share/man/man3/ares_dns_rcode_tostr.3 +#usr/share/man/man3/ares_dns_rec_type_fromstr.3 +#usr/share/man/man3/ares_dns_rec_type_t.3 +#usr/share/man/man3/ares_dns_rec_type_tostr.3 +#usr/share/man/man3/ares_dns_record.3 +#usr/share/man/man3/ares_dns_record_create.3 +#usr/share/man/man3/ares_dns_record_destroy.3 +#usr/share/man/man3/ares_dns_record_duplicate.3 +#usr/share/man/man3/ares_dns_record_get_flags.3 +#usr/share/man/man3/ares_dns_record_get_id.3 +#usr/share/man/man3/ares_dns_record_get_opcode.3 +#usr/share/man/man3/ares_dns_record_get_rcode.3 +#usr/share/man/man3/ares_dns_record_query_add.3 +#usr/share/man/man3/ares_dns_record_query_cnt.3 +#usr/share/man/man3/ares_dns_record_query_get.3 +#usr/share/man/man3/ares_dns_record_query_set_name.3 +#usr/share/man/man3/ares_dns_record_query_set_type.3 +#usr/share/man/man3/ares_dns_record_rr_add.3 +#usr/share/man/man3/ares_dns_record_rr_cnt.3 +#usr/share/man/man3/ares_dns_record_rr_del.3 +#usr/share/man/man3/ares_dns_record_rr_get.3 +#usr/share/man/man3/ares_dns_record_rr_get_const.3 +#usr/share/man/man3/ares_dns_rr.3 +#usr/share/man/man3/ares_dns_rr_add_abin.3 +#usr/share/man/man3/ares_dns_rr_del_abin.3 +#usr/share/man/man3/ares_dns_rr_get_abin.3 +#usr/share/man/man3/ares_dns_rr_get_abin_cnt.3 +#usr/share/man/man3/ares_dns_rr_get_addr.3 +#usr/share/man/man3/ares_dns_rr_get_addr6.3 +#usr/share/man/man3/ares_dns_rr_get_bin.3 +#usr/share/man/man3/ares_dns_rr_get_class.3 +#usr/share/man/man3/ares_dns_rr_get_keys.3 +#usr/share/man/man3/ares_dns_rr_get_name.3 +#usr/share/man/man3/ares_dns_rr_get_opt.3 +#usr/share/man/man3/ares_dns_rr_get_opt_byid.3 +#usr/share/man/man3/ares_dns_rr_get_opt_cnt.3 +#usr/share/man/man3/ares_dns_rr_get_str.3 +#usr/share/man/man3/ares_dns_rr_get_ttl.3 +#usr/share/man/man3/ares_dns_rr_get_type.3 +#usr/share/man/man3/ares_dns_rr_get_u16.3 +#usr/share/man/man3/ares_dns_rr_get_u32.3 +#usr/share/man/man3/ares_dns_rr_get_u8.3 +#usr/share/man/man3/ares_dns_rr_key_datatype.3 +#usr/share/man/man3/ares_dns_rr_key_t.3 +#usr/share/man/man3/ares_dns_rr_key_to_rec_type.3 +#usr/share/man/man3/ares_dns_rr_key_tostr.3 +#usr/share/man/man3/ares_dns_rr_set_addr.3 +#usr/share/man/man3/ares_dns_rr_set_addr6.3 +#usr/share/man/man3/ares_dns_rr_set_bin.3 +#usr/share/man/man3/ares_dns_rr_set_opt.3 +#usr/share/man/man3/ares_dns_rr_set_str.3 +#usr/share/man/man3/ares_dns_rr_set_u16.3 +#usr/share/man/man3/ares_dns_rr_set_u32.3 +#usr/share/man/man3/ares_dns_rr_set_u8.3 +#usr/share/man/man3/ares_dns_section_t.3 +#usr/share/man/man3/ares_dns_section_tostr.3 +#usr/share/man/man3/ares_dns_write.3 #usr/share/man/man3/ares_dup.3 #usr/share/man/man3/ares_expand_name.3 #usr/share/man/man3/ares_expand_string.3 @@ -21,6 +92,7 @@ usr/lib/libcares.so.2.4.2 #usr/share/man/man3/ares_free_string.3 #usr/share/man/man3/ares_freeaddrinfo.3 #usr/share/man/man3/ares_get_servers.3 +#usr/share/man/man3/ares_get_servers_csv.3 #usr/share/man/man3/ares_get_servers_ports.3 #usr/share/man/man3/ares_getaddrinfo.3 #usr/share/man/man3/ares_gethostbyaddr.3 @@ -37,6 +109,7 @@ usr/lib/libcares.so.2.4.2 #usr/share/man/man3/ares_library_init_android.3 #usr/share/man/man3/ares_library_initialized.3 #usr/share/man/man3/ares_mkquery.3 +#usr/share/man/man3/ares_opt_param_t.3 #usr/share/man/man3/ares_parse_a_reply.3 #usr/share/man/man3/ares_parse_aaaa_reply.3 #usr/share/man/man3/ares_parse_caa_reply.3 @@ -47,14 +120,23 @@ usr/lib/libcares.so.2.4.2 #usr/share/man/man3/ares_parse_soa_reply.3 #usr/share/man/man3/ares_parse_srv_reply.3 #usr/share/man/man3/ares_parse_txt_reply.3 +#usr/share/man/man3/ares_parse_uri_reply.3 #usr/share/man/man3/ares_process.3 #usr/share/man/man3/ares_query.3 +#usr/share/man/man3/ares_query_dnsrec.3 +#usr/share/man/man3/ares_queue.3 +#usr/share/man/man3/ares_queue_active_queries.3 +#usr/share/man/man3/ares_queue_wait_empty.3 +#usr/share/man/man3/ares_reinit.3 #usr/share/man/man3/ares_save_options.3 #usr/share/man/man3/ares_search.3 +#usr/share/man/man3/ares_search_dnsrec.3 #usr/share/man/man3/ares_send.3 +#usr/share/man/man3/ares_send_dnsrec.3 #usr/share/man/man3/ares_set_local_dev.3 #usr/share/man/man3/ares_set_local_ip4.3 #usr/share/man/man3/ares_set_local_ip6.3 +#usr/share/man/man3/ares_set_server_state_callback.3 #usr/share/man/man3/ares_set_servers.3 #usr/share/man/man3/ares_set_servers_csv.3 #usr/share/man/man3/ares_set_servers_ports.3 @@ -64,5 +146,10 @@ usr/lib/libcares.so.2.4.2 #usr/share/man/man3/ares_set_socket_functions.3 #usr/share/man/man3/ares_set_sortlist.3 #usr/share/man/man3/ares_strerror.3 +#usr/share/man/man3/ares_svcb_param_t.3 +#usr/share/man/man3/ares_threadsafety.3 #usr/share/man/man3/ares_timeout.3 +#usr/share/man/man3/ares_tlsa_match_t.3 +#usr/share/man/man3/ares_tlsa_selector_t.3 +#usr/share/man/man3/ares_tlsa_usage_t.3 #usr/share/man/man3/ares_version.3 diff --git a/lfs/c-ares b/lfs/c-ares index fbf971bc1..6da5810e4 100644 --- a/lfs/c-ares +++ b/lfs/c-ares @@ -1,7 +1,7 @@ ############################################################################### # # # IPFire.org - A linux based firewall # -# Copyright (C) 2007-2023 IPFire Team info@ipfire.org # +# Copyright (C) 2007-2024 IPFire Team info@ipfire.org # # # # This program is free software: you can redistribute it and/or modify # # it under the terms of the GNU General Public License as published by # @@ -26,7 +26,7 @@ include Config
SUMMARY = Tools for asynchronous name resolves
-VER = 1.17.1 +VER = 1.32.1
THISAPP = c-ares-$(VER) DL_FILE = $(THISAPP).tar.gz @@ -34,7 +34,7 @@ DL_FROM = $(URL_IPFIRE) DIR_APP = $(DIR_SRC)/$(THISAPP) TARGET = $(DIR_INFO)/$(THISAPP) PROG = c-ares -PAK_VER = 2 +PAK_VER = 3
DEPS =
@@ -48,7 +48,7 @@ objects = $(DL_FILE)
$(DL_FILE) = $(DL_FROM)/$(DL_FILE)
-$(DL_FILE)_BLAKE2 = 31dac21ecae231e2a201dc1ba954c1a0663a06f93eb8e7e033ca3c6d385f53e07af0b04854739f1ee8a7f0693f67f620143e152ef092b49342c62279a0480905 +$(DL_FILE)_BLAKE2 = 662f15e7f1ae39614f0212745fe7883bbf831da667905e4595e011922b37c95b2037423dde96b0a62122a304d6edd04d36e99e428bdbf8f89d6ff9ecb4cfd712
install : $(TARGET)
@@ -81,10 +81,9 @@ $(subst %,%_BLAKE2,$(objects)) : $(TARGET) : $(patsubst %,$(DIR_DL)/%,$(objects)) @$(PREBUILD) @rm -rf $(DIR_APP) && cd $(DIR_SRC) && tar zxf $(DIR_DL)/$(DL_FILE) - cd $(DIR_APP) && ./configure \ - --prefix=/usr \ - --enable-static=no - + cd $(DIR_APP) && ./configure \ + --prefix=/usr \ + --enable-static=no cd $(DIR_APP) && make $(MAKETUNING) cd $(DIR_APP) && make install
- Update from version 4.2.5 to 4.2.6 - Update of rootfile - Changelog 4.2.6 Bug Fixes A regression in the TCP Stream Graph "Time Sequence (tcptrace)" receive window line behavior introduced in 4.2.5 and 4.0.15 has been fixed. Issue 19846[3] The following vulnerability has been fixed: • wnpa-sec-2024-10[4] SPRT dissector crash. Issue 19559[5]. The following bugs have been fixed: • RADIUS dissector’s dictionary loading broken in many ways. Issue 6466[6]. • 3.4 → 3.6.5 ASCII display is broken on CentOS 7. Issue 18096[7]. • Funnel/Lua: Closing child window disconnects buttons of parent. Issue 18386[8]. • Lua detection fails with Alpine Linux: missing: LUA_LIBRARIES. Issue 19841[9]. • vnd.3gpp.5gnas payloads of type SMS not decoded inside HTTP2 5GC. Issue 19845[10]. • TCP Stream Graphs green sliding window line not displayed correctly. Issue 19846[11]. • Wireshark window doesn’t fully fit on screen on small resolutions and can’t be resized properly on Russian language. Issue 19861[12]. • Wireshark started from command line doesn’t set gui.fileopen_remembered_dir correctly on Windows. Issue 19891[13]. • Wireshark expects wrong length for DHCP Relay Agent Information Source Port Suboption. Issue 19909[14]. • SIP P-Access-Network-Info header not correctly decoded. Issue 19917[15]. Updated Protocol Support DHCP, E.212, MySQL, NAS-5GS, PKT CCC, ProtoBuf, RADIUS, RLC-LTE, RTP, SIP, SPRT, Thrift, and Wi-SUN New and Updated Capture File Support log3gpp
Signed-off-by: Adolf Belka adolf.belka@ipfire.org --- config/rootfiles/packages/tshark | 4 ++-- lfs/tshark | 6 +++--- 2 files changed, 5 insertions(+), 5 deletions(-)
diff --git a/config/rootfiles/packages/tshark b/config/rootfiles/packages/tshark index b3a75924d..9f40dbc2e 100644 --- a/config/rootfiles/packages/tshark +++ b/config/rootfiles/packages/tshark @@ -12,10 +12,10 @@ usr/bin/dumpcap usr/bin/tshark #usr/lib/libwireshark.so usr/lib/libwireshark.so.17 -usr/lib/libwireshark.so.17.0.5 +usr/lib/libwireshark.so.17.0.6 #usr/lib/libwiretap.so usr/lib/libwiretap.so.14 -usr/lib/libwiretap.so.14.1.5 +usr/lib/libwiretap.so.14.1.6 #usr/lib/libwsutil.so usr/lib/libwsutil.so.15 usr/lib/libwsutil.so.15.0.0 diff --git a/lfs/tshark b/lfs/tshark index 3d3411eb3..7156476d1 100644 --- a/lfs/tshark +++ b/lfs/tshark @@ -26,7 +26,7 @@ include Config
SUMMARY = A Network Traffic Analyser
-VER = 4.2.5 +VER = 4.2.6
THISAPP = wireshark-$(VER) DL_FILE = $(THISAPP).tar.xz @@ -35,7 +35,7 @@ DIR_APP = $(DIR_SRC)/$(THISAPP) TARGET = $(DIR_INFO)/$(THISAPP) PROG = tshark DEPS = c-ares -PAK_VER = 16 +PAK_VER = 17
SERVICES =
@@ -47,7 +47,7 @@ objects = $(DL_FILE)
$(DL_FILE) = $(DL_FROM)/$(DL_FILE)
-$(DL_FILE)_BLAKE2 = 536743a7e402f7a511d7612454d9770f0e67a0f2ebc1ab49912b12965e605f2082eff37f41f7642b89859257926ce13d88728194b79cbe5dcf6b15d72516c5fc +$(DL_FILE)_BLAKE2 = 880acf82c7e535b89ce8b41293c90197825ffe1132720337e77b3dcee0eaf476cb3faa6f9b42d3864e9f6892e624d0b286afdaf6bbe7e6b60483296d087a4bc3
install : $(TARGET)