packages/c-ares
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
c-ares/c-ares.spec
lwg 8495d333c2 fix CVE-2024-25629 
Signed-off-by: lwg <liweiganga@uniontech.com>
2024-02-27 11:19:40 +08:00

140 lines
3.8 KiB
RPMSpec
Raw Permalink Blame History

Name: c-ares
Version: 1.16.1
Release: 9
Summary: A C library for asynchronous DNS requests
License: MIT
URL: https://github.com/c-ares/c-ares
Source0: https://c-ares.org/download/%{name}-%{version}.tar.gz
BuildRequires: gcc autoconf automake libtool
# Patch0 from Redhat is applied for stopping overriding AC_CONFIG_MACRO_DIR
Patch0: 0000-Use-RPM-compiler-options.patch
Patch1: 0001-Fix-invalid-read-in-ares_parse_soa_reply.patch
Patch2: 0002-Fix-sizeof-sizeof-addr.saX-sizeof-addr.saX-in-readad.patch
Patch3: 0003-Avoid-buffer-overflow-in-RC4-loop-comparison-336.patch
Patch4: CVE-2020-8277.patch
Patch5: backport-001-CVE-2021-3672.patch
Patch6: backport-002-CVE-2021-3672.patch
Patch7: backport-add-str-len-check-in-config_sortlist-to-avoid-stack-overflow.patch
Patch8: backport-disable-live-tests.patch
Patch9: backport-CVE-2023-32067.patch
Patch10: backport-001-CVE-2023-31130.patch
Patch11: backport-002-CVE-2023-31130.patch
Patch12: backport-003-CVE-2023-31130.patch
Patch13: backport-001-CVE-2023-31147.patch
Patch14: backport-002-CVE-2023-31124_CVE-2023-31147.patch
Patch15: backport-003-CVE-2023-31147.patch
Patch16: backport-004-CVE-2023-31147.patch
Patch17: backport-CVE-2023-31124.patch
Patch18: backport-CVE-2024-25629.patch
%description
This is c-ares, an asynchronous resolver library. It is intended for applications
which need to perform DNS queries without blocking, or need to perform multiple
%package devel
Summary: C-ares development files
Requires: %{name} = %{version}-%{release} pkgconfig
%description devel
The headers and libraries files that c-ares required to compile applications or
shared objects are contained in %{name}-devel package.
%package_help
%prep
%autosetup -n %{name}-%{version} -p1
%build
autoreconf -if
%configure --enable-shared --disable-dependency-tracking
make %{?_smp_mflags}
%install
%make_install
%delete_la
%ldconfig_scriptlets
%check
%make_build -C test
./test/arestest
%files
%doc CHANGES LICENSE.md
%{_libdir}/*.so.*
%files devel
%{_libdir}/pkgconfig/*.pc
%{_libdir}/libcares.so
%{_libdir}/libcares.a
%{_includedir}/*.h
%files help
%doc NEWS README.cares README.md
%{_mandir}/man3/*
%changelog
* Tue Feb 27 2024 liweigang <izmirvii@gmail.com> - 1.16.1-9
- Type: cve
- CVE: CVE-2024-25629
- SUG: NA
- DESC: fix CVE-2024-25629
* Wed Jan 31 2024 lifeifei<lifeifei@kylinos.cn> - 1.16.1-8
- Type:bugfix
- ID:NA
- SUG:NA
- DESC:fix source0 url
* Thu Jun 08 2023 xinghe <xinghe2@h-partners.com> - 1.16.1-7
- Type:cves
- CVE:CVE-2023-31130 CVE-2023-31124 CVE-2023-31147
- SUG:NA
- DESC:fix CVE-2023-31130 CVE-2023-31124 CVE-2023-31147
* Mon May 29 2023 xinghe <xinghe2@h-partners.com> - 1.16.1-6
- Type:cves
- CVE:CVE-2023-32067
- SUG:NA
- DESC:fix CVE-2023-32067
* Wed Mar 08 2023 xinghe <xinghe2@h-partners.com> - 1.16.1-5
- Type:bugfix
- CVE:NA
- SUG:NA
- DESC:enable test
* Fri Feb 10 2023 xingwei <xingwei14@h-partners.com> - 1.16.1-4
- Type:cves
- CVE:CVE-2022-4904
- SUG:NA
- DESC:fix CVE-2022-4904
* Thu Aug 12 2021 gaihuiying <gaihuiying1@huawei.com> - 1.16.1-3
- fix CVE-2021-3672
* Thu Mar 11 2021 openEuler Buildteam <buildteam@openeuler.org> - 1.16.1-2
- fix CVE-2020-8277
* Tue Aug 25 2020 gaihuiying <gaihuiying1@huawei.com> - 1.16.1-1
- Type:requirement
- ID:NA
- SUG:NA
- DESC:update c-ares version to 1.16.1
* Sat May 23 2020 lutianxiong<lutianxiong@huawei.com> - 1.16.0-2
- Type:bugfix
- ID:NA
- SUG:NA
- DESC: Fix invalid read in ares_parse_soa_reply.c found during fuzzing
* Fri Apr 17 2020 liaichun<liaichun@huawei.com> - 1.16.0-1
- Type:bugfix
- ID:NA
- SUG:NA
- DESC:update to 1.16.0
* Mon Sep 09 2019 openEuler Buildteam <buildteam@openeuler.org> - 1.15.0-1
- Package Init
Reference in New Issue View Git Blame Copy Permalink