761927a49b
adns (1.6.0) UPSTREAM; urgency=medium Bugfixes: * adnshost: Support --reverse in -f mode input stream * timeout robustness against clock skew: track query start time and duration. Clock instability may now only cause spurious timeouts rather than indefinite hangs or even assertion failures. New features: * adnshost: Offer ability to set adns checkc flags * adnslogres: Honour --checkc-freq (if it comes first) * adnsresfilter: Honour --checkc-freq and --checkc-entex * time handling: Support use of CLOCK_MONOTONIC via an init flag. * adns_str* etc.: Improve robustness; more allowable inputs values. Build system improvements: * clean targets: Delete $(TARGETS) too! * Remove all m4 output files from the distributed source tree. * Support DESTDIR=/some/absolute/path on `make install'. * Provide autogen.sh. * Rerun autoheader and autoconf (2.69). Internal changes: * adnshost: adh-opts.c: Whitespace adjustments to option table Tests: * New tests for fixes in 1.5.3. * Fixes to test harness to avoid false positives during fuzzing. * Other changes to support use with AFL. * Many supporting improvements and refactorings. * Fix skipped tests ($$ reference in Makefile) -- Ian Jackson <ijackson@chiark.greenend.org.uk> Thu, 11 Jun 2020 15:49:39 +0100 adns (1.5.2) UPSTREAM; urgency=medium * Important security fixes: CVE-2017-9103 CVE-2017-9104 CVE-2017-9105 CVE-2017-9109: Vulnerable applications: all adns callers. Exploitable by: the local recursive resolver. Likely worst case: Remote code execution. CVE-2017-9106: Vulnerable applications: those that make SOA queries. Exploitable by: upstream DNS data sources. Likely worst case: DoS (crash of the adns-using application) CVE-2017-9107: Vulnerable applications: those that use adns_qf_quoteok_query. Exploitable by: sources of query domain names. Likely worst case: DoS (crash of the adns-using application) CVE-2017-9108: Vulnerable applications: adnshost. Exploitable by: code responsible for framing the input. Likely worst case: DoS (adnshost crashes at EOF). All found by AFL 2.35b. Thanks to the University of Cambridge Department of Applied Mathematics for computing facilities. Bugfixes: * Do not include spurious external symbol `data' (fixes GCC10 build). * If server sends TC flag over TCP, bail rather than retrying. * Do not crash on certain strange resolv.conf contents. * Fix various crashes if a global system failure occurs, or adns_finish is called with outstanding queries. * Correct a parsing error message very slightly. * DNS packet parsing: Slight fix when packet is truncated. * Fix ABI compatibility in string conversion of certain RR types. * internal.h: Use `unsigned' for nextid; fixes theoretical C UB. Portability fix: * common.make.in: add -Wno-unused-value. Fixes build with GCC9. Internal changes: * Additional comments describing some internal code restrions. * Robustness assert() against malfunctioning write() system call. -- Ian Jackson <ijackson@chiark.greenend.org.uk> Thu, 11 Jun 2020 15:48:12 +0100
25 lines
638 B
Makefile
25 lines
638 B
Makefile
# $NetBSD: Makefile,v 1.26 2021/02/11 11:25:51 nia Exp $
|
|
#
|
|
|
|
DISTNAME= adns-1.6.0
|
|
CATEGORIES= net
|
|
MASTER_SITES= https://www.chiark.greenend.org.uk/~ian/adns/ftp/
|
|
|
|
MAINTAINER= pkgsrc-users@NetBSD.org
|
|
HOMEPAGE= https://www.chiark.greenend.org.uk/~ian/adns/
|
|
COMMENT= Asynchronous-capable DNS client library and utilities
|
|
LICENSE= gnu-gpl-v2
|
|
|
|
USE_TOOLS+= gmake gm4
|
|
USE_LIBTOOL= YES
|
|
|
|
GNU_CONFIGURE= YES
|
|
# libtoolize patch to static library target.
|
|
CONFIGURE_ARGS+= --disable-dynamic
|
|
|
|
INSTALL_MAKE_FLAGS+= bindir=${DESTDIR}${PREFIX}/bin
|
|
INSTALL_MAKE_FLAGS+= libdir=${DESTDIR}${PREFIX}/lib
|
|
|
|
TEST_TARGET= check
|
|
|
|
.include "../../mk/bsd.pkg.mk"
|