summaryrefslogtreecommitdiffstats
path: root/fluent-bit/lib/c-ares-1.19.1/RELEASE-NOTES
diff options
context:
space:
mode:
authorDaniel Baumann <daniel.baumann@progress-linux.org>2024-03-09 13:19:48 +0000
committerDaniel Baumann <daniel.baumann@progress-linux.org>2024-03-09 13:20:02 +0000
commit58daab21cd043e1dc37024a7f99b396788372918 (patch)
tree96771e43bb69f7c1c2b0b4f7374cb74d7866d0cb /fluent-bit/lib/c-ares-1.19.1/RELEASE-NOTES
parentReleasing debian version 1.43.2-1. (diff)
downloadnetdata-58daab21cd043e1dc37024a7f99b396788372918.tar.xz
netdata-58daab21cd043e1dc37024a7f99b396788372918.zip
Merging upstream version 1.44.3.
Signed-off-by: Daniel Baumann <daniel.baumann@progress-linux.org>
Diffstat (limited to 'fluent-bit/lib/c-ares-1.19.1/RELEASE-NOTES')
-rw-r--r--fluent-bit/lib/c-ares-1.19.1/RELEASE-NOTES57
1 files changed, 57 insertions, 0 deletions
diff --git a/fluent-bit/lib/c-ares-1.19.1/RELEASE-NOTES b/fluent-bit/lib/c-ares-1.19.1/RELEASE-NOTES
new file mode 100644
index 000000000..2524f3ccf
--- /dev/null
+++ b/fluent-bit/lib/c-ares-1.19.1/RELEASE-NOTES
@@ -0,0 +1,57 @@
+c-ares version 1.19.1
+
+This is a security and bugfix release.
+
+A special thanks goes out to the Open Source Technology Improvement Fund
+(https://ostif.org) for sponsoring a security audit of c-ares performed by X41
+(https://x41-dsec.de).
+
+Security:
+ o CVE-2023-32067. High. 0-byte UDP payload causes Denial of Service [12]
+ o CVE-2023-31147. Moderate. Insufficient randomness in generation of DNS
+ query IDs [13]
+ o CVE-2023-31130. Moderate. Buffer Underwrite in ares_inet_net_pton() [14]
+ o CVE-2023-31124. Low. AutoTools does not set CARES_RANDOM_FILE during cross
+ compilation [15]
+
+Bug fixes:
+ o Fix uninitialized memory warning in test [1]
+ o Turn off IPV6_V6ONLY on Windows to allow IPv4-mapped IPv6 addresses [2]
+ o ares_getaddrinfo() should allow a port of 0 [3]
+ o Fix memory leak in ares_send() on error [4]
+ o Fix comment style in ares_data.h [5]
+ o Remove unneeded ifdef for Windows [6]
+ o Fix typo in ares_init_options.3 [7]
+ o Re-add support for Watcom compiler [8]
+ o Sync ax_pthread.m4 with upstream [9]
+ o Windows: Invalid stack variable used out of scope for HOSTS path [10]
+ o Sync ax_cxx_compile_stdcxx_11.m4 with upstream to fix uclibc support [11]
+
+Thanks go to these friendly people for their efforts and contributions:
+ Brad House (@bradh352)
+ @Chilledheart
+ Daniel Stenberg (@bagder)
+ Douglas R. Reno (@renodr)
+ Gregor Jasny (@gjasny)
+ Jay Freeman (@saurik)
+ @lifenjoiner
+ Nikolaos Chatzikonstantinou (@createyourpersonalaccount)
+ Yijie Ma (@yijiem)
+(9 contributors)
+
+References to bug reports and discussions on issues:
+ [1] = https://github.com/c-ares/c-ares/pull/515
+ [2] = https://github.com/c-ares/c-ares/pull/520
+ [3] = https://github.com/c-ares/c-ares/issues/517
+ [4] = https://github.com/c-ares/c-ares/pull/511
+ [5] = https://github.com/c-ares/c-ares/pull/513
+ [6] = https://github.com/c-ares/c-ares/pull/512
+ [7] = https://github.com/c-ares/c-ares/pull/510
+ [8] = https://github.com/c-ares/c-ares/pull/509
+ [9] = https://github.com/c-ares/c-ares/pull/507
+ [10] = https://github.com/c-ares/c-ares/pull/502
+ [11] = https://github.com/c-ares/c-ares/pull/505
+ [12] = https://github.com/c-ares/c-ares/security/advisories/GHSA-9g78-jv2r-p7vc
+ [13] = https://github.com/c-ares/c-ares/security/advisories/GHSA-8r8p-23f3-64c2
+ [14] = https://github.com/c-ares/c-ares/security/advisories/GHSA-x6mf-cxr9-8q6v
+ [15] = https://github.com/c-ares/c-ares/security/advisories/GHSA-54xr-f67r-4pc4