PaulHowarth/Blog/2020-11-21

Saturday 21st November 2020

Fedora Project

  • Updated python-crypto (2.6.1) in Rawhide to fix Python 3.10 compatibility (Bug #1897544)

Local Packages

  • Updated c-ares to 1.17.1:

  • Security:
    • Avoid read-heap-buffer-overflow in ares_parse_soa_reply found during fuzzing (GH#332, GH#333)

    • Avoid theoretical buffer overflow in RC4 loop comparison (GH#336)

    • Empty hquery->name could lead to invalid memory access (GH#367)

    • ares_parse_{a,aaaa}_reply() could return a larger *naddrttls than was passed in (GH#371)

  • Changes:
    • Update help information for adig, acountry, and ahost (GH#334)

    • Test Suite now uses dynamic system-assigned ports rather than hardcoded ports to prevent failures in containers (GH#346)

    • Detect remote DNS server does not support EDNS using rules from RFC 6891 (GH#244)

    • Source tree has been reorganized to use a more modern layout (GH#349)

    • Allow parsing of CAA Resource Record (GH#360)

  • Bug fixes:
    • readaddrinfo bad sizeof() (GH#331)

    • Test cases should honour HAVE_WRITEV flag, not depend on WIN32 (GH#344)

    • FQDN with trailing period should be queried first (GH#345)

    • ares_getaddrinfo() was returning members of the struct as garbage values if unset, and was not honouring ai_socktype and ai_protocol hints (GH#343, GH#317)

    • ares_gethostbyname() with AF_UNSPEC and an IP address would fail (GH#204)

    • Properly document ares_set_local_ip4() uses host byte order (GH#368)

  • Updated perl-Net-DNS to 1.29:

    • Include test number in summary of failed non-fatal tests
    • Remove Net::DNS::SEC specific tests

    • Fix faulty test plan in t/08-recurse.t


Recent