1## c-ares version 1.27.0 - Feb 23 2024 2 3This is a security, feature, and bugfix release. 4 5Security: 6 7* Moderate. CVE-2024-25629. Reading malformatted `/etc/resolv.conf`, 8 `/etc/nsswitch.conf` or the `HOSTALIASES` file could result in a crash. 9 [GHSA-mg26-v6qh-x48q](https://github.com/c-ares/c-ares/security/advisories/GHSA-mg26-v6qh-x48q) 10 11Features: 12 13* New function `ares_queue_active_queries()` to retrieve number of in-flight 14 queries. [PR #712](https://github.com/c-ares/c-ares/pull/712) 15* New function `ares_queue_wait_empty()` to wait for the number of in-flight 16 queries to reach zero. [PR #710](https://github.com/c-ares/c-ares/pull/710) 17* New `ARES_FLAG_NO_DEFLT_SVR` for `ares_init_options()` to return a failure if 18 no DNS servers can be found rather than attempting to use `127.0.0.1`. This 19 also introduces a new ares status code of `ARES_ENOSERVER`. [PR #713](https://github.com/c-ares/c-ares/pull/713) 20 21Changes: 22 23* EDNS Packet size should be 1232 as per DNS Flag Day. [PR #705](https://github.com/c-ares/c-ares/pull/705) 24 25Bugfixes: 26 27* Windows DNS suffix search list memory leak. [PR #711](https://github.com/c-ares/c-ares/pull/711) 28* Fix warning due to ignoring return code of `write()`. [PR #709](https://github.com/c-ares/c-ares/pull/709) 29* CMake: don't override target output locations if not top-level. [Issue #708](https://github.com/c-ares/c-ares/issues/708) 30* Fix building c-ares without thread support. [PR #700](https://github.com/c-ares/c-ares/pull/700) 31 32Thanks go to these friendly people for their efforts and contributions for this release: 33 34* Anthony Alayo (@anthonyalayo) 35* Brad House (@bradh352) 36* Cheng Zhao (@zcbenz) 37* Cristian Rodríguez (@crrodriguez) 38* Daniel Stenberg (@bagder) 39* Oliver Welsh (@oliverwelsh) 40* Vojtěch Vobr (@vojtechvobr) 41