Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Meta python merge #530

Closed
wants to merge 8 commits into from
Closed

Meta python merge #530

wants to merge 8 commits into from

Conversation

threexc
Copy link
Contributor

@threexc threexc commented Feb 11, 2022

No description provided.

Xu Huan and others added 8 commits February 11, 2022 08:03
changelog:
===============================================================================
Add initial support for OAuth Mutual TLS (draft-ietf-oauth-mtls)
Add eBay compliance fix
Add Spotify OAuth 2 Tutorial
Add support for python 3.8, 3.9
Fixed LinkedIn Compliance Fixes
Fixed ReadTheDocs Documentation and sphinx errors
Moved pipeline to GitHub Actions

Signed-off-by: Xu Huan <xuhuan.fnst@fujitsu.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
Signed-off-by: Trevor Gamblin <trevor.gamblin@windriver.com>
License-Update:
year updated to 2022

changelog:
===============================================================================
-orm
Fixed issue in Session.bulk_save_objects() where the sorting that takes place
when the preserve_order parameter is set to False would sort partially on
Mapper objects, which is rejected in Python 3.11.

-postgresql
Fixed regression where the change in #7148 to repair ENUM handling in
PostgreSQL broke the use case of an empty ARRAY of ENUM, preventing rows
that contained an empty array from being handled correctly when fetching results.

-mysql
Fixed regression in asyncmy dialect caused by #7567 where removal of the
PyMySQL dependency broke binary columns, due to the asyncmy dialect not being
properly included within CI tests.

-mssql
Added support for FILESTREAM when using VARBINARY(max) in MSSQL.

Signed-off-by: Xu Huan <xuhuan.fnst@fujitsu.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
Signed-off-by: Trevor Gamblin <trevor.gamblin@windriver.com>
changelog:
===============================================================================

OAuth2.0 Client:
Add Device Authorization Flow for Web Application
Add PKCE support for Client
Fallback to none in case of wrong expires_at format.

OAuth2.0 Provider:
Add support for CORS to metadata endpoint.
Add support for CORS to token endpoint.
Remove comma after Bearer in WWW-Authenticate

OAuth2.0 Provider - OIDC:
Call save_token in Hybrid code flow
OIDC add support of refreshing ID Tokens with refresh_id_token
The RefreshTokenGrant modifiers now take the same arguments as the
AuthorizationCodeGrant modifiers (token, token_handler, request).

General:
Added Python 3.9, 3.10, 3.11
Improve Travis & Coverage

Signed-off-by: Xu Huan <xuhuan.fnst@fujitsu.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
Signed-off-by: Trevor Gamblin <trevor.gamblin@windriver.com>
Signed-off-by: Xu Huan <xuhuan.fnst@fujitsu.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
Signed-off-by: Trevor Gamblin <trevor.gamblin@windriver.com>
changelog:
Drop support for Python 2.7. #1047
The minimum cryptography version is now 35.0.

Signed-off-by: Xu Huan <xuhuan.fnst@fujitsu.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
Signed-off-by: Trevor Gamblin <trevor.gamblin@windriver.com>
Upgrade to release 2.15.0:

- Fix webcam FPS settings on MacOS
- Add format_hint to v3 API
- Make tifffile read resolution metadata
- Make RTD fail on warnings during CI
- Remove link to download tracker
- Type annotations for pillow
- Contribution guidelines
- Deprecate python 3.6 support

Signed-off-by: Leon Anavi <leon.anavi@konsulko.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
Signed-off-by: Trevor Gamblin <trevor.gamblin@windriver.com>
Upgrade to release 3.14.0:

- Don't deprecate time.Unit enumeration
- Use humanize.intcomma to format years in time module

Signed-off-by: Leon Anavi <leon.anavi@konsulko.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
Signed-off-by: Trevor Gamblin <trevor.gamblin@windriver.com>
Upgrade to release 2.3.6:

- add optional value parameter to `util.count_n()`
- determine machine endianness at build time when possible, by
  using the `PY_LITTLE_ENDIAN` macro, in order to optimize
  `shift_r8()`
- add official Python 3.11 support

Signed-off-by: Leon Anavi <leon.anavi@konsulko.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
Signed-off-by: Trevor Gamblin <trevor.gamblin@windriver.com>
@kraj
Copy link
Contributor

kraj commented Feb 11, 2022

merged thanks.

@kraj kraj closed this Feb 11, 2022
@threexc threexc deleted the meta-python-merge branch February 16, 2022 14:31
kraj pushed a commit to YoeDistro/meta-openembedded that referenced this pull request Apr 15, 2022
Changelog:
=========
Features
- Fix openembedded#596: unset the RA bit when a query is blocked by an unbound
  RPZ nxdomain reply. The option rpz-signal-nxdomain-ra allows to
  signal that a domain is externally blocked to clients when it
  is blocked with NXDOMAIN by unsetting RA.
- Add rpz: for-downstream: yesno option, where the RPZ zone is
  authoritatively answered for, so the RPZ zone contents can be
  checked with DNS queries directed at the RPZ zone.
- Merge PR openembedded#616: Update ratelimit logic. It also introduces
  ratelimit-backoff and ip-ratelimit-backoff configuration options.
- Change aggressive-nsec default to yes.
- Merge openembedded#401: RPZ triggers. This add additional RPZ triggers,
  unbound supports a full set of rpz triggers, and this now
  includes nsdname, nsip and clientip triggers. Also actions
  are fully supported, and this now includes the tcp-only action.
- Merge openembedded#519: Support for selective enabling tcp-upstream for
  stub/forward zones.
- Merge PR openembedded#514, from ziollek: Docker environment for run tests.
- Support using system-wide crypto policies.
- Fix that --with-ssl can use "/usr/include/openssl11" to pass the
  location of a different openssl version.
- Merged openembedded#41 from Moritz Schneider: made outbound-msg-retry
  configurable.
- Implement RFC8375: Special-Use Domain 'home.arpa.'.
- Merge PR openembedded#555 from fobser: Allow interface names as scop

Bug Fixes
- Fix compile warning for if_nametoindex on windows 64bit.
- Merge PR openembedded#581 from fobser: Fix -Wmissing-prototypes and -Wshadow
  warnings in rpz.
- Fix validator debug output about DS support, print correct algorithm.
- Add code similar to fix for ldns for tab between strings, for
  consistency, the test case was not broken.
- Allow local-data for classes other than IN to inherit a configured
  local-zone's type if possible, instead of defaulting to type
  transparent as per the implicit rule.
- Fix to pick up other class local zone information before unlock.
- Add missing configure flags for optional features in the
  documentation.
- Fix Unbound capitalization in the documentation.
- Fix openembedded#591: Unbound-anchor manpage links to non-existent license file.
- contrib/aaaa-filter-iterator.patch file renewed diff content to
  apply cleanly to the current coderepo for the current code version.
- Fix to add test for rpz-signal-nxdomain-ra.
- Fix openembedded#596: only unset RA when NXDOMAIN is signalled.
- Fix that RPZ does not set RD flag on replies, it should be copied
  from the query.
- Fix for openembedded#596: fix that rpz return message is returned and not just
  the rcode from the iterator return path. This fixes signal unset RA
  after a CNAME.
- Fix unit tests for rpz now that the AA flag returns successfully from
  the iterator loop.
- Fix for openembedded#596: add unit test for nsdname trigger and signal unset RA.
- Fix for openembedded#596: add unit test for nsip trigger and signal unset RA.
- Fix openembedded#598: Fix unbound-checkconf fatal error: module conf
  'respip dns64 validator iterator' is not known to work.
- Fix for openembedded#596: Fix rpz-signal-nxdomain-ra to work for clientip
  triggered operation.
- Merge openembedded#600 from pemensik: Change file mode before changing file
  owner.
- Fix prematurely terminated TCP queries when a reply has the same ID.
- For openembedded#602: Allow the module-config "subnetcache validator cachedb
  iterator".
- Fix EDNS to upstream where the same option could be attached
  more than once.
- Add a region to serviced_query for allocations.
- For dnstap, do not wakeupnow right there. Instead zero the timer to
  force the wakeup callback asap.
- Fix openembedded#610: Undefine-shift in sldns_str2wire_hip_buf.
- Fix openembedded#588: Unbound 1.13.2 crashes due to p->pc is NULL in
  serviced_udp_callback.
- Merge PR openembedded#612: TCP race condition.
- Test for NSID in SERVFAIL response due to DNSSEC bogus.
- Fix openembedded#599: [FR] RFC 9156 (obsoletes RFC 7816), by noting the new RFC
  document.
- Fix tls-* and ssl-* documented alternate syntax to also be available
  through remote-control and unbound-checkconf.
- Better cleanup on failed DoT/DoH listening socket creation.
- iana portlist update.
- Fix review comment for use-after-free when failing to send UDP out.
- Merge PR openembedded#603 from fobser: Use OpenSSL 1.1 API to access DSA and RSA
  internals.
- Merge PR openembedded#532 from Shchelk: Fix: buffer overflow bug.
- Merge PR openembedded#617: Update stub/forward-host notation to accept port and
  tls-auth-name.
- Update stream_ssl.tdir test to also use the new forward-host
  notation.
- Fix header comment for doxygen for authextstrtoaddr.
- please clang analyzer for loop in test code.
- Fix docker splint test to use more portable uname.
- Update contrib/aaaa-filter-iterator.patch with diff for current
  software version.
- Fix for openembedded#611: Integer overflow in sldns_wire2str_pkt_scan.
- Add test tool readzone to .gitignore.
- Merge openembedded#521: Update mini_event.c.
- Merge openembedded#523: fix: free() call more than once with the same pointer.
- For openembedded#519: note stub-tcp-upstream and forward-tcp-upstream in
  the example configuration file.
- For openembedded#519: yacc and lex. And fix python bindings, and test program
  unbound-dnstap-socket.
- For openembedded#519: fix comments for doxygen.
- Fix to print error from unbound-anchor for writing to the key
  file, also when not verbose.
- For openembedded#514: generate configure.
- Fix for openembedded#431: Squelch permission denied errors for udp connect,
  and udp send, they are visible at higher verbosity settings.
- Fix zonemd verification of key that is not in DNS but in the zone
  and needs a chain of trust.
- zonemd, fix order of bogus printout string manipulation.
- Fix to support harden-algo-downgrade for ZONEMD dnssec checks.
- Merge PR openembedded#528 from fobser: Make sldns_str2wire_svcparam_buf()
  static.
- Fix openembedded#527: not sending quad9 cert to syslog (and may be more).
- Fix sed script in ssldir split handling.
- Fix openembedded#529: Fix: log_assert does nothing if UNBOUND_DEBUG is
  undefined.
- Fix openembedded#531: Fix: passed to proc after free.
- Fix openembedded#536: error: RPZ: name of record (drop.spamhaus.org.rpz.local.)
  to insert into RPZ.
- Fix the stream wait stream_wait_count_lock and http2 buffer locks
  setup and desetup from race condition.
- Fix RPZ locks. Do not unlock zones lock if requested and rpz find
  zone does not find the zone. Readlock the clientip that is found
  for ipbased triggers. Unlock the nsdname zone lock when done.
  Unlock zone and ip in rpz nsip and nsdname callback. Unlock
  authzone and localzone if clientip found in rpz worker call.
- Fix compile warning in libunbound for listen desetup routine.
- Fix asynclook unit test for setup of lockchecks before log.
- Fix openembedded#533: Negative responses get cached even when setting
  cache-max-negative-ttl: 1
- Fix tcp fastopen failure when disabled, try normal connect instead.
- Fix openembedded#538: Fix subnetcache statistics.
- Small fixes for openembedded#41: changelog, conflicts resolved,
  processQueryResponse takes an iterator env argument like other
  functions in the iterator, no colon in string for set_option,
  and some whitespace style, to make it similar to the rest.
- Fix for openembedded#41: change outbound retry to int to fix signed comparison
  warnings.
- Fix root_anchor test to check with new icannbundle date.
- Fix initialisation errors reported by gcc sanitizer.
- Fix lock debug code for gcc sanitizer reports.
- Fix more initialisation errors reported by gcc sanitizer.
- Fix crosscompile on windows to work with openssl 3.0.0 the
  link with ws2_32 needs -l:libssp.a for __strcpy_chk.
  Also copy results from lib64 directory if needed.
- For crosscompile on windows, detect 64bit stackprotector library.
- Fix crosscompile shell syntax.
- Fix crosscompile windows to use libssp when it exists.
- For the windows compile script disable gost.
- Fix that on windows, use BIO_set_callback_ex instead of deprecated
  BIO_set_callback.
- Fix crosscompile script for the shared build flags.
- Fix to add example.conf note for outbound-msg-retry.
- Fix chaos replies to have truncation for short message lengths,
  or long reply strings.
- Fix to protect custom regional create against small values.
- Fix openembedded#552: Unbound assumes index.html exists on RPZ host.
- Fix that forward-zone name is documented as the full name of the
  zone. It is not relative but a fully qualified domain name.
- Fix analyzer review failure in rpz action override code to not
  crash on unlocking the local zone lock.
- Fix to remove unused code from rpz resolve client and action
  function.
- Merge openembedded#565: unbound.service.in: Disable ProtectKernelTunables again.
- Fix for openembedded#558: fix loop in comm_point->tcp_free when a comm_point is
  reclaimed more than once during callbacks.
- Fix for openembedded#558: clear the UB_EV_TIMEOUT bit before adding an event.
- Improve EDNS option handling, now also works for synthesised
  responses such as local-data and server.id CH TXT responses.
- Merge PR openembedded#570 from rex4539: Fix typos.
- Fix for openembedded#570: regen aclocal.m4, fix configure.ac for spelling.
- Fix to make python module opt_list use opt_list_in.
- Fix openembedded#574: unbound-checkconf reports fatal error if interface names
  are used as value for interfaces:
- Fix openembedded#574: Review fixes for it.
- Fix openembedded#576: [FR] UB_* error codes in unbound.h
- Fix openembedded#574: Review fix for spelling.
- Fix to remove git tracking and ci information from release tarballs.
- iana portlist update.
- Merge PR openembedded#511 from yan12125: Reduce unnecessary linking.
- Merge PR openembedded#493 from Jaap: Fix generation of libunbound.pc.
- Merge PR openembedded#562 from Willem: Reset keepalive per new tcp session.
- Merge PR openembedded#522 from sibeream: memory management violations fixed.
- Merge PR openembedded#530 from Shchelk: Fix: dereferencing a null pointer.
- Fix openembedded#454: listen_dnsport.c:825: error: 'IPV6_TCLASS' undeclared.
- Fix openembedded#574: Review fixes for size allocation.
- Fix doc/unbound.doxygen to remove obsolete tag warning.

Signed-off-by: Wang Mingyu <wangmy@fujitsu.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
halstead pushed a commit that referenced this pull request Apr 16, 2022
Changelog:
=========
Features
- Fix #596: unset the RA bit when a query is blocked by an unbound
  RPZ nxdomain reply. The option rpz-signal-nxdomain-ra allows to
  signal that a domain is externally blocked to clients when it
  is blocked with NXDOMAIN by unsetting RA.
- Add rpz: for-downstream: yesno option, where the RPZ zone is
  authoritatively answered for, so the RPZ zone contents can be
  checked with DNS queries directed at the RPZ zone.
- Merge PR #616: Update ratelimit logic. It also introduces
  ratelimit-backoff and ip-ratelimit-backoff configuration options.
- Change aggressive-nsec default to yes.
- Merge #401: RPZ triggers. This add additional RPZ triggers,
  unbound supports a full set of rpz triggers, and this now
  includes nsdname, nsip and clientip triggers. Also actions
  are fully supported, and this now includes the tcp-only action.
- Merge #519: Support for selective enabling tcp-upstream for
  stub/forward zones.
- Merge PR #514, from ziollek: Docker environment for run tests.
- Support using system-wide crypto policies.
- Fix that --with-ssl can use "/usr/include/openssl11" to pass the
  location of a different openssl version.
- Merged #41 from Moritz Schneider: made outbound-msg-retry
  configurable.
- Implement RFC8375: Special-Use Domain 'home.arpa.'.
- Merge PR #555 from fobser: Allow interface names as scop

Bug Fixes
- Fix compile warning for if_nametoindex on windows 64bit.
- Merge PR #581 from fobser: Fix -Wmissing-prototypes and -Wshadow
  warnings in rpz.
- Fix validator debug output about DS support, print correct algorithm.
- Add code similar to fix for ldns for tab between strings, for
  consistency, the test case was not broken.
- Allow local-data for classes other than IN to inherit a configured
  local-zone's type if possible, instead of defaulting to type
  transparent as per the implicit rule.
- Fix to pick up other class local zone information before unlock.
- Add missing configure flags for optional features in the
  documentation.
- Fix Unbound capitalization in the documentation.
- Fix #591: Unbound-anchor manpage links to non-existent license file.
- contrib/aaaa-filter-iterator.patch file renewed diff content to
  apply cleanly to the current coderepo for the current code version.
- Fix to add test for rpz-signal-nxdomain-ra.
- Fix #596: only unset RA when NXDOMAIN is signalled.
- Fix that RPZ does not set RD flag on replies, it should be copied
  from the query.
- Fix for #596: fix that rpz return message is returned and not just
  the rcode from the iterator return path. This fixes signal unset RA
  after a CNAME.
- Fix unit tests for rpz now that the AA flag returns successfully from
  the iterator loop.
- Fix for #596: add unit test for nsdname trigger and signal unset RA.
- Fix for #596: add unit test for nsip trigger and signal unset RA.
- Fix #598: Fix unbound-checkconf fatal error: module conf
  'respip dns64 validator iterator' is not known to work.
- Fix for #596: Fix rpz-signal-nxdomain-ra to work for clientip
  triggered operation.
- Merge #600 from pemensik: Change file mode before changing file
  owner.
- Fix prematurely terminated TCP queries when a reply has the same ID.
- For #602: Allow the module-config "subnetcache validator cachedb
  iterator".
- Fix EDNS to upstream where the same option could be attached
  more than once.
- Add a region to serviced_query for allocations.
- For dnstap, do not wakeupnow right there. Instead zero the timer to
  force the wakeup callback asap.
- Fix #610: Undefine-shift in sldns_str2wire_hip_buf.
- Fix #588: Unbound 1.13.2 crashes due to p->pc is NULL in
  serviced_udp_callback.
- Merge PR #612: TCP race condition.
- Test for NSID in SERVFAIL response due to DNSSEC bogus.
- Fix #599: [FR] RFC 9156 (obsoletes RFC 7816), by noting the new RFC
  document.
- Fix tls-* and ssl-* documented alternate syntax to also be available
  through remote-control and unbound-checkconf.
- Better cleanup on failed DoT/DoH listening socket creation.
- iana portlist update.
- Fix review comment for use-after-free when failing to send UDP out.
- Merge PR #603 from fobser: Use OpenSSL 1.1 API to access DSA and RSA
  internals.
- Merge PR #532 from Shchelk: Fix: buffer overflow bug.
- Merge PR #617: Update stub/forward-host notation to accept port and
  tls-auth-name.
- Update stream_ssl.tdir test to also use the new forward-host
  notation.
- Fix header comment for doxygen for authextstrtoaddr.
- please clang analyzer for loop in test code.
- Fix docker splint test to use more portable uname.
- Update contrib/aaaa-filter-iterator.patch with diff for current
  software version.
- Fix for #611: Integer overflow in sldns_wire2str_pkt_scan.
- Add test tool readzone to .gitignore.
- Merge #521: Update mini_event.c.
- Merge #523: fix: free() call more than once with the same pointer.
- For #519: note stub-tcp-upstream and forward-tcp-upstream in
  the example configuration file.
- For #519: yacc and lex. And fix python bindings, and test program
  unbound-dnstap-socket.
- For #519: fix comments for doxygen.
- Fix to print error from unbound-anchor for writing to the key
  file, also when not verbose.
- For #514: generate configure.
- Fix for #431: Squelch permission denied errors for udp connect,
  and udp send, they are visible at higher verbosity settings.
- Fix zonemd verification of key that is not in DNS but in the zone
  and needs a chain of trust.
- zonemd, fix order of bogus printout string manipulation.
- Fix to support harden-algo-downgrade for ZONEMD dnssec checks.
- Merge PR #528 from fobser: Make sldns_str2wire_svcparam_buf()
  static.
- Fix #527: not sending quad9 cert to syslog (and may be more).
- Fix sed script in ssldir split handling.
- Fix #529: Fix: log_assert does nothing if UNBOUND_DEBUG is
  undefined.
- Fix #531: Fix: passed to proc after free.
- Fix #536: error: RPZ: name of record (drop.spamhaus.org.rpz.local.)
  to insert into RPZ.
- Fix the stream wait stream_wait_count_lock and http2 buffer locks
  setup and desetup from race condition.
- Fix RPZ locks. Do not unlock zones lock if requested and rpz find
  zone does not find the zone. Readlock the clientip that is found
  for ipbased triggers. Unlock the nsdname zone lock when done.
  Unlock zone and ip in rpz nsip and nsdname callback. Unlock
  authzone and localzone if clientip found in rpz worker call.
- Fix compile warning in libunbound for listen desetup routine.
- Fix asynclook unit test for setup of lockchecks before log.
- Fix #533: Negative responses get cached even when setting
  cache-max-negative-ttl: 1
- Fix tcp fastopen failure when disabled, try normal connect instead.
- Fix #538: Fix subnetcache statistics.
- Small fixes for #41: changelog, conflicts resolved,
  processQueryResponse takes an iterator env argument like other
  functions in the iterator, no colon in string for set_option,
  and some whitespace style, to make it similar to the rest.
- Fix for #41: change outbound retry to int to fix signed comparison
  warnings.
- Fix root_anchor test to check with new icannbundle date.
- Fix initialisation errors reported by gcc sanitizer.
- Fix lock debug code for gcc sanitizer reports.
- Fix more initialisation errors reported by gcc sanitizer.
- Fix crosscompile on windows to work with openssl 3.0.0 the
  link with ws2_32 needs -l:libssp.a for __strcpy_chk.
  Also copy results from lib64 directory if needed.
- For crosscompile on windows, detect 64bit stackprotector library.
- Fix crosscompile shell syntax.
- Fix crosscompile windows to use libssp when it exists.
- For the windows compile script disable gost.
- Fix that on windows, use BIO_set_callback_ex instead of deprecated
  BIO_set_callback.
- Fix crosscompile script for the shared build flags.
- Fix to add example.conf note for outbound-msg-retry.
- Fix chaos replies to have truncation for short message lengths,
  or long reply strings.
- Fix to protect custom regional create against small values.
- Fix #552: Unbound assumes index.html exists on RPZ host.
- Fix that forward-zone name is documented as the full name of the
  zone. It is not relative but a fully qualified domain name.
- Fix analyzer review failure in rpz action override code to not
  crash on unlocking the local zone lock.
- Fix to remove unused code from rpz resolve client and action
  function.
- Merge #565: unbound.service.in: Disable ProtectKernelTunables again.
- Fix for #558: fix loop in comm_point->tcp_free when a comm_point is
  reclaimed more than once during callbacks.
- Fix for #558: clear the UB_EV_TIMEOUT bit before adding an event.
- Improve EDNS option handling, now also works for synthesised
  responses such as local-data and server.id CH TXT responses.
- Merge PR #570 from rex4539: Fix typos.
- Fix for #570: regen aclocal.m4, fix configure.ac for spelling.
- Fix to make python module opt_list use opt_list_in.
- Fix #574: unbound-checkconf reports fatal error if interface names
  are used as value for interfaces:
- Fix #574: Review fixes for it.
- Fix #576: [FR] UB_* error codes in unbound.h
- Fix #574: Review fix for spelling.
- Fix to remove git tracking and ci information from release tarballs.
- iana portlist update.
- Merge PR #511 from yan12125: Reduce unnecessary linking.
- Merge PR #493 from Jaap: Fix generation of libunbound.pc.
- Merge PR #562 from Willem: Reset keepalive per new tcp session.
- Merge PR #522 from sibeream: memory management violations fixed.
- Merge PR #530 from Shchelk: Fix: dereferencing a null pointer.
- Fix #454: listen_dnsport.c:825: error: 'IPV6_TCLASS' undeclared.
- Fix #574: Review fixes for size allocation.
- Fix doc/unbound.doxygen to remove obsolete tag warning.

Signed-off-by: Wang Mingyu <wangmy@fujitsu.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
kraj pushed a commit to YoeDistro/meta-openembedded that referenced this pull request Jul 15, 2022
Changelog:
=========
Added
------
    Add support for arbitrary size integers (openembedded#548)

Fixed
---------
    CVE-2022-31116:
        Replace wchar_t string decoding implementation with a uint32_t-based one (openembedded#555)
        Fix handling of surrogates on decoding (openembedded#550)
    CVE-2022-31117: Potential double free of buffer during string decoding
    Fix memory leak on encoding errors when the buffer was resized (openembedded#549)
    Integer parsing: always detect overflows (openembedded#544)
    Fix handling of surrogates on encoding (openembedded#530)

Signed-off-by: Xu Huan <xuhuan.fnst@fujitsu.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
None yet
Projects
None yet
Development

Successfully merging this pull request may close these issues.

3 participants