diff options
| author | Daniel Baumann <daniel.baumann@progress-linux.org> | 2024-03-09 13:19:22 +0000 |
|---|---|---|
| committer | Daniel Baumann <daniel.baumann@progress-linux.org> | 2024-03-09 13:19:22 +0000 |
| commit | c21c3b0befeb46a51b6bf3758ffa30813bea0ff0 (patch) | |
| tree | 9754ff1ca740f6346cf8483ec915d4054bc5da2d /fluent-bit/lib/c-ares-1.19.1/RELEASE-NOTES | |
| parent | Adding upstream version 1.43.2. (diff) | |
| download | netdata-c21c3b0befeb46a51b6bf3758ffa30813bea0ff0.tar.xz netdata-c21c3b0befeb46a51b6bf3758ffa30813bea0ff0.zip | |
Adding upstream version 1.44.3.upstream/1.44.3
Signed-off-by: Daniel Baumann <daniel.baumann@progress-linux.org>
Diffstat (limited to 'fluent-bit/lib/c-ares-1.19.1/RELEASE-NOTES')
| -rw-r--r-- | fluent-bit/lib/c-ares-1.19.1/RELEASE-NOTES | 57 |
1 files changed, 57 insertions, 0 deletions
diff --git a/fluent-bit/lib/c-ares-1.19.1/RELEASE-NOTES b/fluent-bit/lib/c-ares-1.19.1/RELEASE-NOTES new file mode 100644 index 000000000..2524f3ccf --- /dev/null +++ b/fluent-bit/lib/c-ares-1.19.1/RELEASE-NOTES @@ -0,0 +1,57 @@ +c-ares version 1.19.1 + +This is a security and bugfix release. + +A special thanks goes out to the Open Source Technology Improvement Fund +(https://ostif.org) for sponsoring a security audit of c-ares performed by X41 +(https://x41-dsec.de). + +Security: + o CVE-2023-32067. High. 0-byte UDP payload causes Denial of Service [12] + o CVE-2023-31147. Moderate. Insufficient randomness in generation of DNS + query IDs [13] + o CVE-2023-31130. Moderate. Buffer Underwrite in ares_inet_net_pton() [14] + o CVE-2023-31124. Low. AutoTools does not set CARES_RANDOM_FILE during cross + compilation [15] + +Bug fixes: + o Fix uninitialized memory warning in test [1] + o Turn off IPV6_V6ONLY on Windows to allow IPv4-mapped IPv6 addresses [2] + o ares_getaddrinfo() should allow a port of 0 [3] + o Fix memory leak in ares_send() on error [4] + o Fix comment style in ares_data.h [5] + o Remove unneeded ifdef for Windows [6] + o Fix typo in ares_init_options.3 [7] + o Re-add support for Watcom compiler [8] + o Sync ax_pthread.m4 with upstream [9] + o Windows: Invalid stack variable used out of scope for HOSTS path [10] + o Sync ax_cxx_compile_stdcxx_11.m4 with upstream to fix uclibc support [11] + +Thanks go to these friendly people for their efforts and contributions: + Brad House (@bradh352) + @Chilledheart + Daniel Stenberg (@bagder) + Douglas R. Reno (@renodr) + Gregor Jasny (@gjasny) + Jay Freeman (@saurik) + @lifenjoiner + Nikolaos Chatzikonstantinou (@createyourpersonalaccount) + Yijie Ma (@yijiem) +(9 contributors) + +References to bug reports and discussions on issues: + [1] = https://github.com/c-ares/c-ares/pull/515 + [2] = https://github.com/c-ares/c-ares/pull/520 + [3] = https://github.com/c-ares/c-ares/issues/517 + [4] = https://github.com/c-ares/c-ares/pull/511 + [5] = https://github.com/c-ares/c-ares/pull/513 + [6] = https://github.com/c-ares/c-ares/pull/512 + [7] = https://github.com/c-ares/c-ares/pull/510 + [8] = https://github.com/c-ares/c-ares/pull/509 + [9] = https://github.com/c-ares/c-ares/pull/507 + [10] = https://github.com/c-ares/c-ares/pull/502 + [11] = https://github.com/c-ares/c-ares/pull/505 + [12] = https://github.com/c-ares/c-ares/security/advisories/GHSA-9g78-jv2r-p7vc + [13] = https://github.com/c-ares/c-ares/security/advisories/GHSA-8r8p-23f3-64c2 + [14] = https://github.com/c-ares/c-ares/security/advisories/GHSA-x6mf-cxr9-8q6v + [15] = https://github.com/c-ares/c-ares/security/advisories/GHSA-54xr-f67r-4pc4 |