[ubuntu/focal-security] c-ares 1.15.0-1ubuntu0.3 (Accepted)

Marc Deslauriers marc.deslauriers at canonical.com
Wed Jun 14 13:13:00 UTC 2023


c-ares (1.15.0-1ubuntu0.3) focal-security; urgency=medium

  * SECURITY UPDATE: buffer underflow on certain ipv6 addresses
    - debian/patches/CVE-2023-31130.diff: add newer inet_net_pton_ipv6()
      and fix test cases in inet_net_pton.c, test/ares-test-internal.cc.
    - CVE-2023-31130
  * SECURITY UPDATE: denial of service via 0-byte UDP payload
    - debian/patches/CVE-2023-32067.diff: check length in ares_process.c.
    - CVE-2023-32067

Date: 2023-06-12 19:27:07.797995+00:00
Changed-By: Marc Deslauriers <marc.deslauriers at canonical.com>
https://launchpad.net/ubuntu/+source/c-ares/1.15.0-1ubuntu0.3
-------------- next part --------------
Sorry, changesfile not available.


More information about the Focal-changes mailing list