[ALSA-2022:2043] Moderate: c-ares security update
Type:
security
Severity:
moderate
Release date:
2023-03-13
Description:
The c-ares C library defines asynchronous DNS (Domain Name System) requests and provides name resolving API. Security Fix(es): * c-ares: Missing input validation of host names may lead to domain hijacking (CVE-2021-3672) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. Additional Changes: For detailed information on changes in this release, see the AlmaLinux Release Notes linked from the References section.
References:
Updated packages listed below:
Architecture Package Checksum
aarch64 c-ares-devel-1.13.0-6.el8.aarch64.rpm 298cb7a2c763152f29fc092d18801f11650b8c0ab1aeb91c8bbf2729fd29d7bc
aarch64 c-ares-1.13.0-6.el8.aarch64.rpm e8dbbba696d5d228210a3e3fbc1949317f9e7c94cd116e98958971f52c8ca459
i686 c-ares-devel-1.13.0-6.el8.i686.rpm 662b94249ec4ec88a9d784802ced0ec0ddddd1473022df0c1d20a4781514c59c
i686 c-ares-1.13.0-6.el8.i686.rpm ac44aabf9a844178cfadbb785b36fbc53e6fe99621329ff5d96e7f5c5b64ebad
ppc64le c-ares-1.13.0-6.el8.ppc64le.rpm 81691b86fb494b959c8564f3be613c59aa89d25d3b5a2b3faef3c5427faa9938
ppc64le c-ares-devel-1.13.0-6.el8.ppc64le.rpm c2ce0a2ca389119d1eb265609cd3e851ee709031b2c4e4b6a1a0fc61a2f31058
x86_64 c-ares-1.13.0-6.el8.x86_64.rpm 2f196bc7858fde6aacebfbf83211bfacb1ce5b14818b2c32827e88173de30ceb
x86_64 c-ares-1.13.0-6.el8.x86_64.rpm 2f196bc7858fde6aacebfbf83211bfacb1ce5b14818b2c32827e88173de30ceb
x86_64 c-ares-devel-1.13.0-6.el8.x86_64.rpm 76723fac6da6b27afd0dcdadc5b3abea13fa8adf9658410585248e54733aad66
x86_64 c-ares-devel-1.13.0-6.el8.x86_64.rpm 76723fac6da6b27afd0dcdadc5b3abea13fa8adf9658410585248e54733aad66
Notes:
This page is generated automatically from Red Hat security data and has not been checked for errors. For clarification or corrections please contact the AlmaLinux Packaging Team.