diff options
author | Chee Yang Lee <chee.yang.lee@intel.com> | 2023-07-12 16:03:31 +0800 |
---|---|---|
committer | Armin Kuster <akuster808@gmail.com> | 2023-07-16 15:15:41 -0400 |
commit | 7d4883e0a037a68dd0ed6676cb81238afe38561d (patch) | |
tree | 5fca3738ba6543ddc8a54828cbe38370e19aa707 | |
parent | 6c46f263d55b484d935873b088117d2107cc45ea (diff) | |
download | meta-openembedded-7d4883e0a037a68dd0ed6676cb81238afe38561d.tar.gz |
c-ares: upgrade 1.19.0 -> 1.19.1
https://c-ares.org/changelog.html
c-ares version 1.19.1 - May 22 2023
Security:
CVE-2023-32067. High. 0-byte UDP payload causes Denial of Service
CVE-2023-31147 Moderate. Insufficient randomness in generation of DNS
query IDs
CVE-2023-31130. Moderate. Buffer Underwrite in ares_inet_net_pton()
CVE-2023-31124. Low. AutoTools does not set CARES_RANDOM_FILE during
cross compilation
Bug fixes:
Fix uninitialized memory warning in test
Turn off IPV6_V6ONLY on Windows to allow IPv4-mapped IPv6 addresses
ares_getaddrinfo() should allow a port of 0
Fix memory leak in ares_send() on error
Fix comment style in ares_data.h
Remove unneeded ifdef for Windows
Fix typo in ares_init_options.3
Re-add support for Watcom compiler
Sync ax_pthread.m4 with upstream
Windows: Invalid stack variable used out of scope for HOSTS path
Sync ax_cxx_compile_stdcxx_11.m4 with upstream to fix uclibc support
Signed-off-by: Chee Yang Lee <chee.yang.lee@intel.com>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
-rw-r--r-- | meta-oe/recipes-support/c-ares/c-ares/CVE-2023-32067.patch | 87 | ||||
-rw-r--r-- | meta-oe/recipes-support/c-ares/c-ares_1.19.1.bb (renamed from meta-oe/recipes-support/c-ares/c-ares_1.19.0.bb) | 6 |
2 files changed, 2 insertions, 91 deletions
diff --git a/meta-oe/recipes-support/c-ares/c-ares/CVE-2023-32067.patch b/meta-oe/recipes-support/c-ares/c-ares/CVE-2023-32067.patch deleted file mode 100644 index cd13e7d9e5..0000000000 --- a/meta-oe/recipes-support/c-ares/c-ares/CVE-2023-32067.patch +++ /dev/null @@ -1,87 +0,0 @@ -From b9b8413cfdb70a3f99e1573333b23052d57ec1ae Mon Sep 17 00:00:00 2001 -From: Brad House <brad@brad-house.com> -Date: Mon, 22 May 2023 06:51:49 -0400 -Subject: [PATCH] Merge pull request from GHSA-9g78-jv2r-p7vc - -CVE: CVE-2023-32067 - -Upstream Status: Backport -[https://github.com/c-ares/c-ares/commit/b9b8413cfdb70a3f99e1573333b23052d57ec1ae] - -Signed-off-by: Yogita Urade <yogita.urade@windriver.com> ---- - src/lib/ares_process.c | 41 +++++++++++++++++++++++++---------------- - 1 file changed, 25 insertions(+), 16 deletions(-) - -diff --git a/src/lib/ares_process.c b/src/lib/ares_process.c -index bf0cde4..6cac0a9 100644 ---- a/src/lib/ares_process.c -+++ b/src/lib/ares_process.c -@@ -470,7 +470,7 @@ static void read_udp_packets(ares_channel channel, fd_set *read_fds, - { - struct server_state *server; - int i; -- ares_ssize_t count; -+ ares_ssize_t read_len; - unsigned char buf[MAXENDSSZ + 1]; - #ifdef HAVE_RECVFROM - ares_socklen_t fromlen; -@@ -513,32 +513,41 @@ static void read_udp_packets(ares_channel channel, fd_set *read_fds, - /* To reduce event loop overhead, read and process as many - * packets as we can. */ - do { -- if (server->udp_socket == ARES_SOCKET_BAD) -- count = 0; -- -- else { -- if (server->addr.family == AF_INET) -+ if (server->udp_socket == ARES_SOCKET_BAD) { -+ read_len = -1; -+ } else { -+ if (server->addr.family == AF_INET) { - fromlen = sizeof(from.sa4); -- else -+ } else { - fromlen = sizeof(from.sa6); -- count = socket_recvfrom(channel, server->udp_socket, (void *)buf, -- sizeof(buf), 0, &from.sa, &fromlen); -+ } -+ read_len = socket_recvfrom(channel, server->udp_socket, (void *)buf, -+ sizeof(buf), 0, &from.sa, &fromlen); - } - -- if (count == -1 && try_again(SOCKERRNO)) -+ if (read_len == 0) { -+ /* UDP is connectionless, so result code of 0 is a 0-length UDP -+ * packet, and not an indication the connection is closed like on -+ * tcp */ - continue; -- else if (count <= 0) -+ } else if (read_len < 0) { -+ if (try_again(SOCKERRNO)) -+ continue; -+ - handle_error(channel, i, now); -+ - #ifdef HAVE_RECVFROM -- else if (!same_address(&from.sa, &server->addr)) -+ } else if (!same_address(&from.sa, &server->addr)) { - /* The address the response comes from does not match the address we - * sent the request to. Someone may be attempting to perform a cache - * poisoning attack. */ -- break; -+ continue; - #endif -- else -- process_answer(channel, buf, (int)count, i, 0, now); -- } while (count > 0); -+ -+ } else { -+ process_answer(channel, buf, (int)read_len, i, 0, now); -+ } -+ } while (read_len >= 0); - } - } - --- -2.40.0 diff --git a/meta-oe/recipes-support/c-ares/c-ares_1.19.0.bb b/meta-oe/recipes-support/c-ares/c-ares_1.19.1.bb index 997f27a895..1440d72711 100644 --- a/meta-oe/recipes-support/c-ares/c-ares_1.19.0.bb +++ b/meta-oe/recipes-support/c-ares/c-ares_1.19.1.bb @@ -5,10 +5,8 @@ SECTION = "libs" LICENSE = "MIT" LIC_FILES_CHKSUM = "file://LICENSE.md;md5=fb997454c8d62aa6a47f07a8cd48b006" -SRC_URI = "git://github.com/c-ares/c-ares.git;branch=main;protocol=https \ - file://CVE-2023-32067.patch \ - " -SRCREV = "fddf01938d3789e06cc1c3774e4cd0c7d2a89976" +SRC_URI = "git://github.com/c-ares/c-ares.git;branch=main;protocol=https" +SRCREV = "6360e96b5cf8e5980c887ce58ef727e53d77243a" UPSTREAM_CHECK_GITTAGREGEX = "cares-(?P<pver>\d+_(\d_?)+)" |