Stay Connected:

ELSA-2023-6635

ELSA-2023-6635 - c-ares security, bug fix, and enhancement update

Type:SECURITY
Severity:MODERATE
Release Date:2023-11-11

Description


[1.19.1-1]
- Resolves: rhbz#2209564 - CVE-2023-31124 c-ares: AutoTools does not set CARES_RANDOM_FILE during cross compilation [rhel-9]
- Resolves: rhbz#2209556 - CVE-2023-31130 c-ares: Buffer Underwrite in ares_inet_net_pton() [rhel-9]
- Resolves: rhbz#2209550 - CVE-2023-31147 c-ares: Insufficient randomness in generation of DNS query IDs [rhel-9]
- Resolves: rhbz#2209520 - CVE-2023-32067 c-ares: 0-byte UDP payload Denial of Service [rhel-9.3.0]
- Resolves: rhbz#2210370 - Rebase c-ares for RHEL 9.3

[1.17.1-6]
- Resolves: rhbz#2170868 - c-ares: buffer overflow in config_sortlist() due to missing string length check [rhel-9]


Related CVEs


CVE-2022-4904
CVE-2023-31130
CVE-2023-31147
CVE-2023-31124

Updated Packages


Release/ArchitectureFilenameMD5sumSuperseded By AdvisoryChannel Label
Oracle Linux 9 (aarch64) c-ares-1.19.1-1.el9.src.rpmd0e4188f7c597a43e242e653c240fa1a-ol9_aarch64_appstream
c-ares-1.19.1-1.el9.src.rpmd0e4188f7c597a43e242e653c240fa1a-ol9_aarch64_baseos_latest
c-ares-1.19.1-1.el9.src.rpmd0e4188f7c597a43e242e653c240fa1a-ol9_aarch64_u3_baseos_base
c-ares-1.19.1-1.el9.aarch64.rpmaa5e3341183cd033a0c15c6cac56dfb7-ol9_aarch64_baseos_latest
c-ares-1.19.1-1.el9.aarch64.rpmaa5e3341183cd033a0c15c6cac56dfb7-ol9_aarch64_u3_baseos_base
c-ares-devel-1.19.1-1.el9.aarch64.rpmcfddff01706cc0955eb80adf7c9e0f44-ol9_aarch64_appstream
Oracle Linux 9 (x86_64) c-ares-1.19.1-1.el9.src.rpmd0e4188f7c597a43e242e653c240fa1a-ol9_x86_64_appstream
c-ares-1.19.1-1.el9.src.rpmd0e4188f7c597a43e242e653c240fa1a-ol9_x86_64_baseos_latest
c-ares-1.19.1-1.el9.src.rpmd0e4188f7c597a43e242e653c240fa1a-ol9_x86_64_u3_baseos_base
c-ares-1.19.1-1.el9.i686.rpm120322d0d0c14adfdc83c68b3fa03150-ol9_x86_64_baseos_latest
c-ares-1.19.1-1.el9.i686.rpm120322d0d0c14adfdc83c68b3fa03150-ol9_x86_64_u3_baseos_base
c-ares-1.19.1-1.el9.x86_64.rpm28247f1dc5dff8f599fa17b3dc0cf59a-ol9_x86_64_baseos_latest
c-ares-1.19.1-1.el9.x86_64.rpm28247f1dc5dff8f599fa17b3dc0cf59a-ol9_x86_64_u3_baseos_base
c-ares-devel-1.19.1-1.el9.i686.rpmcc813f60ed8cd484039c71728972fb7c-ol9_x86_64_appstream
c-ares-devel-1.19.1-1.el9.x86_64.rpmfc276e5f4bf151128ac2371cca7eb817-ol9_x86_64_appstream



This page is generated automatically and has not been checked for errors or omissions. For clarification or corrections please contact the Oracle Linux ULN team

software.hardware.complete
Subscribe | Careers | Contact Us | Legal Notices | Terms of Use | Your Privacy Rights