regress: Move case-*.in opening to shlib playback_prepare

[adns.git] / changelog

diff --git a/changelog b/changelog
index 3449f335fcadf2a4b8590abed9c5a7b7ecac0d90..a0cfb25bafbb354691971a4d17ae042a4f21d3f7 100644 (file)
--- a/changelog
+++ b/changelog
@@ -1,4 +1,46 @@
-adns (1.5.1~~) UPSTREAM; urgency=low
+adns (1.5.2) UPSTREAM; urgency=medium
+
+  * Important security fixes:
+     CVE-2017-9103 CVE-2017-9104 CVE-2017-9105 CVE-2017-9109:
+       Vulnerable applications: all adns callers.
+        Exploitable by: the local recursive resolver.
+       Likely worst case: Remote code execution.
+     CVE-2017-9106:
+       Vulnerable applications: those that make SOA queries.
+        Exploitable by: upstream DNS data sources.
+       Likely worst case: DoS (crash of the adns-using application)
+     CVE-2017-9107:
+       Vulnerable applications: those that use adns_qf_quoteok_query.
+        Exploitable by: sources of query domain names.
+       Likely worst case: DoS (crash of the adns-using application)
+     CVE-2017-9108:
+       Vulnerable applications: adnshost.
+        Exploitable by: code responsible for framing the input.
+        Likely worst case: DoS (adnshost crashes at EOF).
+    All found by AFL 2.35b.  Thanks to the University of Cambridge
+    Department of Applied Mathematics for computing facilities.
+
+  Bugfixes:
+  * Do not include spurious external symbol `data' (fixes GCC10 build).
+  * If server sends TC flag over TCP, bail rather than retrying.
+  * Do not crash on certain strange resolv.conf contents.
+  * Fix various crashes if a global system failure occurs, or
+    adns_finish is called with outstanding queries.
+  * Correct a parsing error message very slightly.
+  * DNS packet parsing: Slight fix when packet is truncated.
+  * Fix ABI compatibility in string conversion of certain RR types.
+  * internal.h: Use `unsigned' for nextid; fixes theoretical C UB.
+
+  Portability fix:
+  * common.make.in: add -Wno-unused-value.  Fixes build with GCC9.
+
+  Internal changes:
+  * Additional comments describing some internal code restrions.
+  * Robustness assert() against malfunctioning write() system call.
+
+ -- Ian Jackson <ijackson@chiark.greenend.org.uk>  Thu, 11 Jun 2020 15:48:12 +0100
+
+adns (1.5.1) UPSTREAM; urgency=medium
 
   * Portability fix for systems where socklen_t is bigger than int.
   * Fix for malicious optimisation of memcpy in test suite, which
@@ -12,8 +54,12 @@ adns (1.5.1~~) UPSTREAM; urgency=low
     when one of the address queries returns a permanent error (although,
     the application almost certainly won't use this pointer because the
     associated count is zero).
+  * adnsresfilter: Fix addrtextbuf buffer size.  This is not actually a
+    problem in real compiled code but should be corrected.
+  * Properly include harness.h in adnstest.c in regress/.  Suppresses
+    a couple of compiler warnings (implicit declaration of Texit, etc.)
 
- --
+ -- Ian Jackson <ijackson@chiark.greenend.org.uk>  Fri, 12 Aug 2016 22:53:59 +0100
 
 adns (1.5.0) UPSTREAM; urgency=low