Fixes the following security issues:
CVE-2017-1000381: The c-ares function `ares_parse_naptr_reply()`, which is
used for parsing NAPTR responses, could be triggered to read memory outside
of the given input buffer if the passed in DNS response packet was crafted
in a particular way.
https://c-ares.haxx.se/adv_20170620.html
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
Fixes:
CVE-2016-5180 - ares_create_query single byte out of buffer write
Signed-off-by: Gustavo Zacarias <gustavo@zacarias.com.ar>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
When cross-compiling it assumes there's none, however that's not true.
Specify the usual /dev/urandom for this usage, it's used for random key
generation on startup.
Signed-off-by: Gustavo Zacarias <gustavo.zacarias@free-electrons.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Autogenerated from rename-patch.py (http://patchwork.ozlabs.org/patch/403345)
Signed-off-by: Samuel Martin <s.martin49@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Add c-ares library from bug #6482.
Most of the credit goes to Gennady Proskurin <gpq@mail.ru>
[Thomas: fix comment explaining why we need autoreconf.]
Signed-off-by: Gustavo Zacarias <gustavo@zacarias.com.ar>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>