From patchwork Thu Jul 9 15:08:43 2026 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Adolf Belka X-Patchwork-Id: 10023 Return-Path: Received: from mail01.ipfire.org (mail01.haj.ipfire.org [172.28.1.202]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange x25519 server-signature ECDSA (secp384r1 raw public key) server-digest SHA384 client-signature RSA-PSS (4096 bits) client-digest SHA256) (Client CN "mail01.haj.ipfire.org", Issuer "YR2" (not verified)) by web04.haj.ipfire.org (Postfix) with ESMTPS id 4gwyzH6qKVz3wfB for ; Thu, 09 Jul 2026 15:08:59 +0000 (UTC) Received: from mail02.haj.ipfire.org (mail02.haj.ipfire.org [IPv6:2001:678:b28::201]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange x25519) (Client CN "mail02.haj.ipfire.org", Issuer "YE1" (not verified)) by mail01.ipfire.org (Postfix) with ESMTPS id 4gwyzG63gKz7Hf for ; Thu, 09 Jul 2026 15:08:58 +0000 (UTC) Received: from mail02.haj.ipfire.org (localhost [IPv6:::1]) by mail02.haj.ipfire.org (Postfix) with ESMTP id 4gwyzF62hfz340j for ; Thu, 09 Jul 2026 15:08:57 +0000 (UTC) X-Original-To: development@lists.ipfire.org Received: from mail01.ipfire.org (mail01.haj.ipfire.org [172.28.1.202]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange x25519 server-signature ECDSA (secp384r1 raw public key) server-digest SHA384 client-signature RSA-PSS (4096 bits) client-digest SHA256) (Client CN "mail01.haj.ipfire.org", Issuer "YR2" (not verified)) by mail02.haj.ipfire.org (Postfix) with ESMTPS id 4gwyzC0kpJz2xLm for ; Thu, 09 Jul 2026 15:08:55 +0000 (UTC) Received: from [127.0.0.1] (localhost [127.0.0.1]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange x25519 server-signature RSA-PSS (4096 bits) server-digest SHA256) (No client certificate requested) by mail01.ipfire.org (Postfix) with ESMTPSA id 4gwyzB3m4fz1k9; Thu, 09 Jul 2026 15:08:54 +0000 (UTC) DKIM-Signature: v=1; a=ed25519-sha256; c=relaxed/relaxed; d=ipfire.org; s=202003ed25519; t=1783609734; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:cc:mime-version:mime-version: content-transfer-encoding:content-transfer-encoding; bh=OCrrmBq7//om3cZrADwoWyzEgJHGjBDxoxTVfOxzhp4=; b=0D5cHie2jokmhf3sx1fJ5JGd5DNOlAsPSzR5tOzm9JqlsP/kJH6WLHjfrG6dBrJShpt6wx 9S8QyzVEq/RxbdCA== DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=ipfire.org; s=202003rsa; t=1783609734; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:cc:mime-version:mime-version: content-transfer-encoding:content-transfer-encoding; bh=OCrrmBq7//om3cZrADwoWyzEgJHGjBDxoxTVfOxzhp4=; b=WxQdDcKfW8IOtaUhnaS8Xb8A3bqorrJkSDfKJWpD4ErFPlZRjopIxlSdm+6AqozyMU0pmS vA4qGP8efBFw6GYYoR2vllX1jzXNlBdBTzFslNI1mE5AcZJPduniNgXZIEQw4MPJN4pRTz xJOVXU10W95JXAfBvQ1s6PZhJ0ww3KInTD5jumyC8CZ5WG8Kwor/9daI9arJhIJEFkxCzS k50etTHzYFtlI80Wk7GRvu+rVhZr8h96eaNPCd+9wAOOeR2grOV3g6K/59S11nuzTdOHDv UK8mlTvVSfjaVwV7tYHbrZX1FuxU4e5hpc9zq4Kams2XxYZFgN18AnZbx1sAYQ== From: Adolf Belka To: development@lists.ipfire.org Cc: Adolf Belka Subject: [PATCH] c-ares: Update to version 1.34.8 Date: Thu, 9 Jul 2026 17:08:43 +0200 Message-ID: <20260709150851.3632942-1-adolf.belka@ipfire.org> Precedence: list List-Id: List-Subscribe: , List-Unsubscribe: , List-Post: List-Help: Sender: Mail-Followup-To: MIME-Version: 1.0 - Update from version 1.34.5 to 1.34.8 - Update of rootfile - 1 CVE fix in 1.34.7 and 1 in 1.34.6 - Changelog 1.34.8 Bugfixes: * Revert "Mark parameters in callbacks as const" which shipped in 1.34.7. Changing the parameter types of the `ares_callback`, `ares_host_callback`, and `ares_nameinfo_callback` function pointer typedefs was an unintended API break: existing applications with the historical non-const callback signatures no longer compiled, particularly in C++ where function pointer types must match exactly. The read-only nature of the callback parameters is now documented instead. [PR #1244](https://github.com/c-ares/c-ares/pull/1244) 1.34.7 Security: * CVE-2026-33630. Use-after-free / double-free in c-ares' query-completion handling, remotely triggerable via ares_getaddrinfo() over TCP. Please see https://github.com/c-ares/c-ares/security/advisories/GHSA-6wfj-rwm7-3542 * CPU-exhaustion denial of service via unbounded DNS name compression pointer chains. Please see https://github.com/c-ares/c-ares/security/advisories/GHSA-pjmc-gx33-gc76 * Memory-amplification denial of service via unvalidated DNS header record counts. Please see https://github.com/c-ares/c-ares/security/advisories/GHSA-jv8r-gqr9-68wj Changes: * `ares_getaddrinfo()`: handle a NULL node per POSIX and implement `ARES_AI_PASSIVE`. [PR #1186](https://github.com/c-ares/c-ares/pull/1186) * Mark parameters in callbacks as const. [PR #1060](https://github.com/c-ares/c-ares/pull/1060) * Correct `ARES_CLASS_HESOID` misspelling to `ARES_CLASS_HESIOD`. [PR #1092](https://github.com/c-ares/c-ares/pull/1092) Bugfixes: * Fix sticky server recovery when all servers have failures. [PR #1192] (https://github.com/c-ares/c-ares/pull/1192) * Fix UDP socket exhaustion regression: retire connections per-connection, not via server failure count. [PR #1197] (https://github.com/c-ares/c-ares/pull/1197) * Guard DNS record binary length overflow. [PR #1168] (https://github.com/c-ares/c-ares/pull/1168) * Prevent integer overflow in allocation size calculations. [PR #1147] (https://github.com/c-ares/c-ares/pull/1147) * Prevent overflow in ares_array allocation size calculations. [PR #1117] (https://github.com/c-ares/c-ares/pull/1117) * Prevent integer overflow in buffer size calculation. [PR #1116] (https://github.com/c-ares/c-ares/pull/1116) * Add overflow checks to ares_buf_ensure_space(). [PR #1094] (https://github.com/c-ares/c-ares/pull/1094) * Skip name compression offsets beyond the 14-bit pointer limit. [PR #1159] (https://github.com/c-ares/c-ares/pull/1159) * ares_dns_parse: reject name compression in RDATA where not permitted (RFC 3597). [PR #1190](https://github.com/c-ares/c-ares/pull/1190) * ares_dns_parse: reject responses with more than one OPT record (RFC 6891). [PR #1189](https://github.com/c-ares/c-ares/pull/1189) * Discard oversized UDP datagrams instead of truncating the length frame. [PR #1161](https://github.com/c-ares/c-ares/pull/1161) * Route numeric config parsing through range-checked ares_str_parse_uint. [PR #1158](https://github.com/c-ares/c-ares/pull/1158) * Replace atoi-based port parsing with validated helper. [PR #1097] (https://github.com/c-ares/c-ares/pull/1097) * Defer TCP connection error handling until DNS responses are parsed. [PR #1138](https://github.com/c-ares/c-ares/pull/1138) * Prevent undefined-behavior left shift in ares_calc_query_timeout(). [PR #1151](https://github.com/c-ares/c-ares/pull/1151) * Use unsigned type for ares_round_up_pow2_u64 to avoid undefined behavior. [PR #1107](https://github.com/c-ares/c-ares/pull/1107) * Fix undefined behavior in ares_buf_replace() pointer arithmetic. [PR #1099] (https://github.com/c-ares/c-ares/pull/1099) * ares_array: reset offset when array becomes empty. [PR #1165] (https://github.com/c-ares/c-ares/pull/1165) * ares_iface_ips: add ARES_IFACE_IP_NONE zero enum value. [PR #1187] (https://github.com/c-ares/c-ares/pull/1187) * ares_sysconfig_files: recognize AIX netsvc.conf bind4/local4 tokens. [PR #1188](https://github.com/c-ares/c-ares/pull/1188) * Use safe string construction in Windows sysconfig join path. [PR #1143] (https://github.com/c-ares/c-ares/pull/1143) * Fix zero-length RAW_RR losing type metadata during parsing. [PR #1129] (https://github.com/c-ares/c-ares/pull/1129) * Fix RAW_RR type tostr/fromstr roundtrip mismatch. [PR #1123] (https://github.com/c-ares/c-ares/pull/1123) * Fix NULL dereference for ifa netmask. [PR #1120] (https://github.com/c-ares/c-ares/pull/1120) * adig: fix negated option prefix parsing. [PR #1135] (https://github.com/c-ares/c-ares/pull/1135) * Use UnregisterWaitEx to prevent use-after-free on Win32. [PR #1111] (https://github.com/c-ares/c-ares/pull/1111) * Add NULL check after ares_malloc_zero in Windows UTF8 conversion. [PR #1121] (https://github.com/c-ares/c-ares/pull/1121) * Fix NULL dereference after ares_malloc_zero in Win32 IOCP event add. [PR #1132](https://github.com/c-ares/c-ares/pull/1132) * Fix microsecond overflow in ares_queue_wait_empty timeout. [PR #1122] (https://github.com/c-ares/c-ares/pull/1122) * Fix NULL dereference in ares_buf_replace() on NULL buf. [PR #1124] (https://github.com/c-ares/c-ares/pull/1124) * Initialize *read_bytes in ares_socket_recvfrom(). [PR #1125] (https://github.com/c-ares/c-ares/pull/1125) * Fix memory leak of binbuf in ares_buf_parse_dns_binstr_int. [PR #1126] (https://github.com/c-ares/c-ares/pull/1126) * Fix memory leak of qcache entry on key allocation failure. [PR #1127] (https://github.com/c-ares/c-ares/pull/1127) * Fix memory leak of buf in ares_dns_multistring_combined() on OOM. [PR #1110] (https://github.com/c-ares/c-ares/pull/1110) * Fix memory leaks on error paths in two functions. [PR #1109] (https://github.com/c-ares/c-ares/pull/1109) * Fix memory leak of buckets in ares_htable_dict_keys() error path. [PR #1108] (https://github.com/c-ares/c-ares/pull/1108) * Fix memory leak of bucket->key in ares_htable_dict_insert error path. [PR #1105](https://github.com/c-ares/c-ares/pull/1105) * Fix additional memory leaks. [PR #1091](https://github.com/c-ares/c-ares/pull/1091) [PR #1078](https://github.com/c-ares/c-ares/pull/1078) * Prevent corrupt addrinfo nodes on sockaddr allocation failure. [PR #1112] (https://github.com/c-ares/c-ares/pull/1112) * Fix two logic bugs in DNS cookie handling. [PR #1103] (https://github.com/c-ares/c-ares/pull/1103) * Fix linked list INSERT_BEFORE corruption and array insertdata_first ordering. [PR #1101](https://github.com/c-ares/c-ares/pull/1101) * Fix HASH_IDX macro missing parentheses. [PR #1128] (https://github.com/c-ares/c-ares/pull/1128) * Fix malloc(0) in ares_htable_all_buckets on empty table. [PR #1131] (https://github.com/c-ares/c-ares/pull/1131) * Fix wrong sizeof in QNX confstr() call truncating domain names. [PR #1130] (https://github.com/c-ares/c-ares/pull/1130) * Clear probe pending flag after timeout. [PR #1059] (https://github.com/c-ares/c-ares/pull/1059) * Fix incorrect check for empty wide string. [PR #1064] (https://github.com/c-ares/c-ares/pull/1064) * Handle strdup failure. [PR #1077] (https://github.com/c-ares/c-ares/pull/1077) * doc: reference ares_free_string(), not ares_free(). [PR #1084] (https://github.com/c-ares/c-ares/pull/1084) 1.34.6 Security: * CVE-2025-62408. A use-after-free bug has been uncovered in read_answers() that was introduced in v1.32.3. Please see https://github.com/c-ares/c-ares/security/advisories/GHSA-jq53-42q6-pqr5 Changes: * Ignore Windows IDN Search Domains until proper IDN support is added. [PR #1034](https://github.com/c-ares/c-ares/pull/1034) Bugfixes: * Event Thread could stall when not notified of new queries on existing connections that are in a bad state [PR #1032](https://github.com/c-ares/c-ares/pull/1032) * fix conversion of invalid service to port number in ares_getaddrinfo() [PR #1029](https://github.com/c-ares/c-ares/pull/1029) * fix memory leak in ares_uri [PR #1012](https://github.com/c-ares/c-ares/pull/1012) * Ignore ares_event_configchg_init failures [PR #1009](https://github.com/c-ares/c-ares/pull/1009) * Use XOR for random seed generation on fallback logic. [PR #994](https://github.com/c-ares/c-ares/pull/994) * Fix clang build on windows. [PR #996](https://github.com/c-ares/c-ares/pull/996) * Fix IPv6 link-local nameservers in /etc/resolv.conf [PR #996](https://github.com/c-ares/c-ares/pull/997) * Fix a few build issues on MidnightBSD. [PR #983](https://github.com/c-ares/c-ares/pull/983) Signed-off-by: Adolf Belka --- config/rootfiles/packages/c-ares | 2 +- lfs/c-ares | 8 ++++---- 2 files changed, 5 insertions(+), 5 deletions(-) diff --git a/config/rootfiles/packages/c-ares b/config/rootfiles/packages/c-ares index 38891e2b5..12a246147 100644 --- a/config/rootfiles/packages/c-ares +++ b/config/rootfiles/packages/c-ares @@ -7,7 +7,7 @@ #usr/lib/libcares.la #usr/lib/libcares.so usr/lib/libcares.so.2 -usr/lib/libcares.so.2.19.4 +usr/lib/libcares.so.2.19.7 #usr/lib/pkgconfig/libcares.pc #usr/share/man/man3/ares_cancel.3 #usr/share/man/man3/ares_create_query.3 diff --git a/lfs/c-ares b/lfs/c-ares index 612fb54a7..db68a8787 100644 --- a/lfs/c-ares +++ b/lfs/c-ares @@ -1,7 +1,7 @@ ############################################################################### # # # IPFire.org - A linux based firewall # -# Copyright (C) 2007-2025 IPFire Team # +# Copyright (C) 2007-2026 IPFire Team # # # # This program is free software: you can redistribute it and/or modify # # it under the terms of the GNU General Public License as published by # @@ -26,7 +26,7 @@ include Config SUMMARY = Tools for asynchronous name resolves -VER = 1.34.5 +VER = 1.34.8 THISAPP = c-ares-$(VER) DL_FILE = $(THISAPP).tar.gz @@ -34,7 +34,7 @@ DL_FROM = $(URL_IPFIRE) DIR_APP = $(DIR_SRC)/$(THISAPP) TARGET = $(DIR_INFO)/$(THISAPP) PROG = c-ares -PAK_VER = 5 +PAK_VER = 6 DEPS = @@ -48,7 +48,7 @@ objects = $(DL_FILE) $(DL_FILE) = $(DL_FROM)/$(DL_FILE) -$(DL_FILE)_BLAKE2 = 5e8c262acf07cb387294170bba53618db1768436a3f7bf800eb31cf7b02ef8afc737122126c742424d4675f8c4944c730b8ba84028e6cee6bf65026cd2eeb56c +$(DL_FILE)_BLAKE2 = b5a88811d8ee6a0c06737746a356bc1fc7c13416b11a0af3a2e6cab092d97adebb93234cf73b97a12b06b764f8562272a793961dc3367024c4322d923ac43f9f install : $(TARGET)