Daniel Jakots <danj+o...@chown.me> writes:
> Hi,
>
> This fixes CVE-2016-5180.
>
> ChangeLog is available: https://c-ares.haxx.se/changelog.html
>
> $ diff -up libcares-10 libcares-12
> --- libcares-10 Mon Oct 10 21:07:50 2016
> +++ libcares-12 Mon Oct 10 21:07:58 2016
> @@ -12,6 +12,7 @@ T ares_free_data
> T ares_free_hostent
> T ares_free_string
> T ares_get_servers
> +T ares_get_servers_ports
> T ares_gethostbyaddr
> T ares_gethostbyname
> T ares_gethostbyname_file
> @@ -23,6 +24,8 @@ T ares_init
> T ares_init_options
> T ares_library_cleanup
> T ares_library_init
> +T ares_library_init_mem
> +T ares_library_initialized
> T ares_mkquery
> T ares_parse_a_reply
> T ares_parse_aaaa_reply
> @@ -33,6 +36,7 @@ T ares_parse_ptr_reply
> T ares_parse_soa_reply
> T ares_parse_srv_reply
> T ares_parse_txt_reply
> +T ares_parse_txt_reply_ext
> T ares_process
> T ares_process_fd
> T ares_query
> @@ -44,7 +48,11 @@ T ares_set_local_ip4
> T ares_set_local_ip6
> T ares_set_servers
> T ares_set_servers_csv
> +T ares_set_servers_ports
> +T ares_set_servers_ports_csv
> T ares_set_socket_callback
> +T ares_set_socket_configure_callback
> +T ares_set_sortlist
> T ares_strerror
> T ares_timeout
> T ares_version
>
>
> So I just bumped the minor.
Upstream bumped the major. Looking at the headers, some structs have
additional members, so it might be a true ABI break.
> LIB_DEPENDS are:
> /usr/ports/devel/py-gevent
> /usr/ports/games/bzflag
> /usr/ports/net/sipsak
> /usr/ports/net/wireshark,-text
> /usr/ports/www/aria2
> /usr/ports/x11/e17/ecore
>
> I did make package for py-gevent, sipsak and aria2, no problem.
The others build fine here, except for wireshark but it looks like an
unrelated error.
> Comments? OK?
>
> Cheers,
> Daniel
>
> Index: Makefile
> ===================================================================
> RCS file: /cvs/ports/net/libcares/Makefile,v
> retrieving revision 1.17
> diff -u -p -r1.17 Makefile
> --- Makefile 10 Sep 2016 13:03:40 -0000 1.17
> +++ Makefile 10 Oct 2016 19:36:29 -0000
> @@ -2,14 +2,13 @@
>
> COMMENT= asynchronous resolver library
>
> -V= 1.10.0
> +V= 1.12.0
> DISTNAME= c-ares-${V}
> PKGNAME= libcares-${V}
> CATEGORIES= net devel
> MASTER_SITES= ${HOMEPAGE}download/
> -REVISION= 1
>
> -SHARED_LIBS= cares 2.5
> +SHARED_LIBS += cares 2.6 # 4.0
>
> HOMEPAGE= http://c-ares.haxx.se/
>
> Index: distinfo
> ===================================================================
> RCS file: /cvs/ports/net/libcares/distinfo,v
> retrieving revision 1.8
> diff -u -p -r1.8 distinfo
> --- distinfo 11 Sep 2013 18:05:34 -0000 1.8
> +++ distinfo 10 Oct 2016 19:36:29 -0000
> @@ -1,2 +1,2 @@
> -SHA256 (c-ares-1.10.0.tar.gz) = PXAWdGFdEVjlalmq7eeJHy3ePaD0am08aE4K5w9S09s=
> -SIZE (c-ares-1.10.0.tar.gz) = 809073
> +SHA256 (c-ares-1.12.0.tar.gz) = hpL5QDzc35NhMOBFyEAhZlEY7pv+qQXRp28E1ObzZfs=
> +SIZE (c-ares-1.12.0.tar.gz) = 1769879
> Index: pkg/PLIST
> ===================================================================
> RCS file: /cvs/ports/net/libcares/pkg/PLIST,v
> retrieving revision 1.8
> diff -u -p -r1.8 PLIST
> --- pkg/PLIST 22 May 2015 11:31:17 -0000 1.8
> +++ pkg/PLIST 10 Oct 2016 19:36:29 -0000
> @@ -20,6 +20,7 @@ lib/pkgconfig/libcares.pc
> @man man/man3/ares_free_hostent.3
> @man man/man3/ares_free_string.3
> @man man/man3/ares_get_servers.3
> +@man man/man3/ares_get_servers_ports.3
> @man man/man3/ares_gethostbyaddr.3
> @man man/man3/ares_gethostbyname.3
> @man man/man3/ares_gethostbyname_file.3
> @@ -46,8 +47,16 @@ lib/pkgconfig/libcares.pc
> @man man/man3/ares_save_options.3
> @man man/man3/ares_search.3
> @man man/man3/ares_send.3
> +@man man/man3/ares_set_local_dev.3
> +@man man/man3/ares_set_local_ip4.3
> +@man man/man3/ares_set_local_ip6.3
> @man man/man3/ares_set_servers.3
> +@man man/man3/ares_set_servers_csv.3
> +@man man/man3/ares_set_servers_ports.3
> +@man man/man3/ares_set_servers_ports_csv.3
> @man man/man3/ares_set_socket_callback.3
> +@man man/man3/ares_set_socket_configure_callback.3
> +@man man/man3/ares_set_sortlist.3
> @man man/man3/ares_strerror.3
> @man man/man3/ares_timeout.3
> @man man/man3/ares_version.3
>
--
jca | PGP : 0x1524E7EE / 5135 92C1 AD36 5293 2BDF DDCC 0DFA 74AE 1524 E7EE
