[ubuntu/plucky-security] c-ares 1.34.4-2.1ubuntu0.1 (Accepted)
Marc Deslauriers
marc.deslauriers at canonical.com
Mon May 5 11:44:11 UTC 2025
c-ares (1.34.4-2.1ubuntu0.1) plucky-security; urgency=medium
* SECURITY UPDATE: Use after free() in read_answers()
- debian/patches/CVE-2025-31498-1.patch: queue queries to be resent in
src/lib/ares_close_sockets.c, src/lib/ares_cookie.c,
src/lib/ares_private.h, src/lib/ares_process.c,
test/ares-test-mock-ai.cc, test/ares-test-mock.cc, test/ares-test.cc,
test/ares-test.h.
- debian/patches/CVE-2025-31498-2.patch: windows build fix in
test/ares-test.cc.
- debian/patches/CVE-2025-31498-3.patch: windows build fix in
test/ares-test.cc.
- debian/patches/CVE-2025-31498-4.patch: build fix in
test/ares-test.cc, test/ares-test.h.
- CVE-2025-31498
Date: 2025-04-09 18:48:14.792645+00:00
Changed-By: Marc Deslauriers <marc.deslauriers at canonical.com>
https://launchpad.net/ubuntu/+source/c-ares/1.34.4-2.1ubuntu0.1
-------------- next part --------------
Sorry, changesfile not available.
More information about the plucky-changes
mailing list