[ubuntu/jammy-security] c-ares 1.18.1-1ubuntu0.22.04.2 (Accepted)

Marc Deslauriers marc.deslauriers at canonical.com
Wed Jun 14 13:12:59 UTC 2023


c-ares (1.18.1-1ubuntu0.22.04.2) jammy-security; urgency=medium

  * SECURITY UPDATE: buffer underflow on certain ipv6 addresses
    - debian/patches/CVE-2023-31130.diff: add newer inet_net_pton_ipv6()
      and fix test cases in src/lib/inet_net_pton.c,
      test/ares-test-internal.cc.
    - CVE-2023-31130
  * SECURITY UPDATE: denial of service via 0-byte UDP payload
    - debian/patches/CVE-2023-32067.diff: check length in
      src/lib/ares_process.c.
    - CVE-2023-32067

Date: 2023-06-12 19:28:07.538195+00:00
Changed-By: Marc Deslauriers <marc.deslauriers at canonical.com>
https://launchpad.net/ubuntu/+source/c-ares/1.18.1-1ubuntu0.22.04.2
-------------- next part --------------
Sorry, changesfile not available.


More information about the jammy-changes mailing list