RLSA-2023:7207
See a problem?- Import Source
- https://storage.googleapis.com/resf-osv-data/RLSA-2023:7207.json
- JSON Data
- https://api.osv.dev/v1/vulns/RLSA-2023:7207
- Related
- Published
- 2023-11-28T22:42:52.397971Z
- Modified
- 2023-11-28T22:45:07.913565Z
- Summary
- Moderate: c-ares security update
- Details
-
The c-ares C library defines asynchronous DNS (Domain Name System) requests and provides name resolving API.
Security Fix(es):
c-ares: Heap buffer over read in aresparsesoa_reply (CVE-2020-22217)
c-ares: Buffer Underwrite in aresinetnet_pton() (CVE-2023-31130)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
- References
- Credits
-
-
- Rocky Enterprise Software Foundation
-
- Red Hat
-
Affected packages
Rocky Linux:8 / c-ares
Package
- Name
- c-ares
- Purl
- pkg:rpm/rocky-linux/c-ares?distro=rocky-linux-8&epoch=0