-adns (1.5.1~~) unstable; urgency=low
+adns (1.5.2) UPSTREAM; urgency=medium
+
+ * Important security fixes:
+ CVE-2017-9103 CVE-2017-9104 CVE-2017-9105 CVE-2017-9109:
+ Vulnerable applications: all adns callers.
+ Exploitable by: the local recursive resolver.
+ Likely worst case: Remote code execution.
+ CVE-2017-9106:
+ Vulnerable applications: those that make SOA queries.
+ Exploitable by: upstream DNS data sources.
+ Likely worst case: DoS (crash of the adns-using application)
+ CVE-2017-9107:
+ Vulnerable applications: those that use adns_qf_quoteok_query.
+ Exploitable by: sources of query domain names.
+ Likely worst case: DoS (crash of the adns-using application)
+ CVE-2017-9108:
+ Vulnerable applications: adnshost.
+ Exploitable by: code responsible for framing the input.
+ Likely worst case: DoS (adnshost crashes at EOF).
+ All found by AFL 2.35b. Thanks to the University of Cambridge
+ Department of Applied Mathematics for computing facilities.
+
+ Bugfixes:
+ * Do not include spurious external symbol `data' (fixes GCC10 build).
+ * If server sends TC flag over TCP, bail rather than retrying.
+ * Do not crash on certain strange resolv.conf contents.
+ * Fix various crashes if a global system failure occurs, or
+ adns_finish is called with outstanding queries.
+ * Correct a parsing error message very slightly.
+ * DNS packet parsing: Slight fix when packet is truncated.
+ * Fix ABI compatibility in string conversion of certain RR types.
+ * internal.h: Use `unsigned' for nextid; fixes theoretical C UB.
+
+ Portability fix:
+ * common.make.in: add -Wno-unused-value. Fixes build with GCC9.
+
+ Internal changes:
+ * Additional comments describing some internal code restrions.
+ * Robustness assert() against malfunctioning write() system call.
+
+ -- Ian Jackson <ijackson@chiark.greenend.org.uk> Thu, 11 Jun 2020 15:48:12 +0100
+
+adns (1.5.1) UPSTREAM; urgency=medium
* Portability fix for systems where socklen_t is bigger than int.
* Fix for malicious optimisation of memcpy in test suite, which
* Fix TCP async connect handling. The bug is hidden on Linux and on most
systems where the nameserver is on localhost. If it is not hidden,
adns's TCP support is broken unless adns_if_noautosys is used.
-
- --
+ * Fix addr queries (including subqueries, ie including deferencing MX
+ lookups etc.) not to crash when one of the address queries returns
+ tempfail. Also, do not return a spurious pointer to the application
+ when one of the address queries returns a permanent error (although,
+ the application almost certainly won't use this pointer because the
+ associated count is zero).
+ * adnsresfilter: Fix addrtextbuf buffer size. This is not actually a
+ problem in real compiled code but should be corrected.
+ * Properly include harness.h in adnstest.c in regress/. Suppresses
+ a couple of compiler warnings (implicit declaration of Texit, etc.)
+
+ -- Ian Jackson <ijackson@chiark.greenend.org.uk> Fri, 12 Aug 2016 22:53:59 +0100
adns (1.5.0) UPSTREAM; urgency=low
~ianmdlvl / adns.git / blobdiff