This is a security and bugfix release.
Security
o CVE-2023-32067. High. 0-byte UDP payload causes Denial of Service
o CVE-2023-31147. Moderate. Insufficient randomness in generation of DNS query IDs
o CVE-2023-31130. Moderate. Buffer Underwrite in ares_inet_net_pton()
o CVE-2023-31124. Low. AutoTools does not set CARES_RANDOM_FILE during cross compilation
Fixing libcares.pc
The pkg-config file libcares.pc in version 1.19.1 has been changed to be unsuitable for OpenWrt
and causes build errors with Openwrt packages that use libcares.
For this reason, libcares.pc was replaced.
Signed-off-by: Hirokazu MORIKAWA <morikw2@gmail.com>
Missing input validation of host names returned by Domain Name Servers
in the c-ares library can lead to output of wrong hostnames (leading to
Domain Hijacking).
The Common Vulnerabilities and Exposures (CVE) project has assigned the
name CVE-2021-3672 to this issue.
References: https://c-ares.haxx.se/adv_20210810.html
Signed-off-by: Petr Štetiar <ynezz@true.cz>
faster to compile.
A small selection of packages was tested going from:
Executed in 696.30 secs fish external
usr time 82.98 mins 395.00 micros 82.98 mins
sys time 9.02 mins 0.00 micros 9.02 mins
to:
Executed in 592.20 secs fish external
usr time 84.84 mins 361.00 micros 84.84 mins
sys time 8.85 mins 57.00 micros 8.85 mins
Tested by running make -j 12 and wiping staging/build_dir/target_x
Signed-off-by: Rosen Penev <rosenp@gmail.com>
Various fixes, nothing particularly standout as of particular interest
to OpenWrt. Full changelog at https://c-ares.haxx.se/changelog.html
Signed-off-by: Karl Palsson <karlp@etactica.com>
Full changelog at https://c-ares.haxx.se/changelog.html
Of interest:
* fixes warnings with modern gcc
* reports not found for onion addresses per RFC7686
Signed-off-by: Karl Palsson <karlp@etactica.com>
Changelog at: https://c-ares.haxx.se/changelog.html
mostly android and windows fixes, but some minor fixes for all systems.
Signed-off-by: Karl Palsson <karlp@tweak.net.au>
Full changelog available at:
https://c-ares.haxx.se/changelog.html#1_12_0
Mostly minor bugfixes and documentation improvements
Signed-off-by: Karl Palsson <karlp@etactica.com>
Signed-off-by: Karl Palsson <karlp@remake.is>
When fortify source is enabled, the c-ares configure script will abort with:
configure: CFLAGS error: CFLAGS may only be used to specify C compiler flags, not macro definitions. Use CPPFLAGS for: -D_FORTIFY_SOURCE=1
Change the OpenWrt Makefile to move any -D flags from TARGET_CFLAGS to
TARGET_CPPFLAGS in order to satisfy `configure`.
Signed-off-by: Jo-Philipp Wich <jow@openwrt.org>
libcares is a dependency of mosquitto, at least.
Imported existing packages makefile, updated from 1.7.4 to 1.10.0
Added License and Maintainer information
Signed-off-by: Karl Palsson <karlp@remake.is>
