d1481fe474
Fixes the following security issues: CVE-2017-1000381: The c-ares function `ares_parse_naptr_reply()`, which is used for parsing NAPTR responses, could be triggered to read memory outside of the given input buffer if the passed in DNS response packet was crafted in a particular way. https://c-ares.haxx.se/adv_20170620.html Signed-off-by: Peter Korsgaard <peter@korsgaard.com> Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
18 lines
521 B
Makefile
18 lines
521 B
Makefile
################################################################################
|
|
#
|
|
# c-ares
|
|
#
|
|
################################################################################
|
|
|
|
C_ARES_VERSION = 1.13.0
|
|
C_ARES_SITE = http://c-ares.haxx.se/download
|
|
C_ARES_INSTALL_STAGING = YES
|
|
C_ARES_CONF_OPTS = --with-random=/dev/urandom
|
|
# Rebuild configure to avoid XC_CHECK_USER_CFLAGS
|
|
C_ARES_AUTORECONF = YES
|
|
C_ARES_LICENSE = MIT
|
|
# No standalone, use some source file
|
|
C_ARES_LICENSE_FILES = ares_mkquery.c
|
|
|
|
$(eval $(autotools-package))
|