[ALSA-2023:7116] Moderate: c-ares security update
Type:
security
Severity:
moderate
Release date:
2023-11-24
Description:
The c-ares C library defines asynchronous DNS (Domain Name System) requests and provides name resolving API. Security Fix(es): * c-ares: buffer overflow in config_sortlist() due to missing string length check (CVE-2022-4904) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. Additional Changes: For detailed information on changes in this release, see the AlmaLinux Release Notes linked from the References section.
References:
Updated packages listed below:
Architecture Package Checksum
aarch64 c-ares-1.13.0-8.el8.aarch64.rpm 78ec21fc29aeecbc41fb6ad5be9f9a931724bffed2c40f5be85446241e44195f
aarch64 c-ares-devel-1.13.0-8.el8.aarch64.rpm dd24b62a7f4479748592e26f4dd8824cc6e1257ef1283b2bee2b717612e99bb5
i686 c-ares-1.13.0-8.el8.i686.rpm 48d3a39b9dce7065fcfcfdddb35319f4f95a80e974251183c5bd5425d63c0346
i686 c-ares-devel-1.13.0-8.el8.i686.rpm 8fd67cb8b17887bc93c83db82b8f087836cd63a87ea95b2b83e3b87aee2412cd
ppc64le c-ares-devel-1.13.0-8.el8.ppc64le.rpm 2855d0d33ff20472705b8a3a1b345aceddc6ef5a608ea4d08904b42360892953
ppc64le c-ares-1.13.0-8.el8.ppc64le.rpm 7e870d73cb0820dcd41265e95a08178783b42bb2818350a0d6e05c5aa4b82cdf
s390x c-ares-devel-1.13.0-8.el8.s390x.rpm f61e4e7f0bc977370976abebb8f085f6cb40a639396a6b191fade0ac42f22307
s390x c-ares-1.13.0-8.el8.s390x.rpm f7cb754dc0c462ad39c76a90b182611cb0b652cfab2b7b13b4cb008e5314e6ba
x86_64 c-ares-1.13.0-8.el8.x86_64.rpm b4981d83bdf3fd00959791cc156eab8c56e37d07ac5c60cfca7630866c3773a2
x86_64 c-ares-devel-1.13.0-8.el8.x86_64.rpm ec95ee5a10285c3c52e38cd3da4d3d115bac91e035e43f347a7181128998db5b
Notes:
This page is generated automatically from Red Hat security data and has not been checked for errors. For clarification or corrections please contact the AlmaLinux Packaging Team.