ELSA-2023-6635

ULN >
Oracle Linux Errata repository >
ELSA-2023-6635

ELSA-2023-6635 - c-ares security, bug fix, and enhancement update

Type:	SECURITY
Impact:	MODERATE
Release Date:	2023-11-11

Description

[1.19.1-1]
- Resolves: rhbz#2209564 - CVE-2023-31124 c-ares: AutoTools does not set CARES_RANDOM_FILE during cross compilation [rhel-9]
- Resolves: rhbz#2209556 - CVE-2023-31130 c-ares: Buffer Underwrite in ares_inet_net_pton() [rhel-9]
- Resolves: rhbz#2209550 - CVE-2023-31147 c-ares: Insufficient randomness in generation of DNS query IDs [rhel-9]
- Resolves: rhbz#2209520 - CVE-2023-32067 c-ares: 0-byte UDP payload Denial of Service [rhel-9.3.0]
- Resolves: rhbz#2210370 - Rebase c-ares for RHEL 9.3

[1.17.1-6]
- Resolves: rhbz#2170868 - c-ares: buffer overflow in config_sortlist() due to missing string length check [rhel-9]

Related CVEs

Updated Packages

Release/Architecture	Filename	sha256	Superseded By Advisory	Channel Label

Oracle Linux 9 (aarch64)	c-ares-1.19.1-1.el9.src.rpm	4e9c90219117c7fbb966ac6ac9850eb83ae780096cc9f8e0767422bf66099a17	-	ol9_aarch64_appstream
	c-ares-1.19.1-1.el9.src.rpm	4e9c90219117c7fbb966ac6ac9850eb83ae780096cc9f8e0767422bf66099a17	-	ol9_aarch64_baseos_latest
	c-ares-1.19.1-1.el9.src.rpm	4e9c90219117c7fbb966ac6ac9850eb83ae780096cc9f8e0767422bf66099a17	-	ol9_aarch64_u3_baseos_base
	c-ares-1.19.1-1.el9.src.rpm	4e9c90219117c7fbb966ac6ac9850eb83ae780096cc9f8e0767422bf66099a17	-	ol9_aarch64_u4_baseos_base
	c-ares-1.19.1-1.el9.aarch64.rpm	688af3d6802cc0e1c59c2951056d72e9aee81874afb340a1c99ac3ad5b6dfd13	-	ol9_aarch64_baseos_latest
	c-ares-1.19.1-1.el9.aarch64.rpm	688af3d6802cc0e1c59c2951056d72e9aee81874afb340a1c99ac3ad5b6dfd13	-	ol9_aarch64_u3_baseos_base
	c-ares-1.19.1-1.el9.aarch64.rpm	688af3d6802cc0e1c59c2951056d72e9aee81874afb340a1c99ac3ad5b6dfd13	-	ol9_aarch64_u4_baseos_base
	c-ares-devel-1.19.1-1.el9.aarch64.rpm	375e16f33bbfb95187c5a5b4d5517d547bda8b9066979798f1e657b87e613766	-	ol9_aarch64_appstream

Oracle Linux 9 (x86_64)	c-ares-1.19.1-1.el9.src.rpm	4e9c90219117c7fbb966ac6ac9850eb83ae780096cc9f8e0767422bf66099a17	-	ol9_x86_64_appstream
	c-ares-1.19.1-1.el9.src.rpm	4e9c90219117c7fbb966ac6ac9850eb83ae780096cc9f8e0767422bf66099a17	-	ol9_x86_64_baseos_latest
	c-ares-1.19.1-1.el9.src.rpm	4e9c90219117c7fbb966ac6ac9850eb83ae780096cc9f8e0767422bf66099a17	-	ol9_x86_64_u3_baseos_base
	c-ares-1.19.1-1.el9.src.rpm	4e9c90219117c7fbb966ac6ac9850eb83ae780096cc9f8e0767422bf66099a17	-	ol9_x86_64_u4_baseos_base
	c-ares-1.19.1-1.el9.i686.rpm	1c3629a45063e0db4b79a6932cf014da6430afd0d3410a31279fdfc6a70af9e5	-	ol9_x86_64_baseos_latest
	c-ares-1.19.1-1.el9.i686.rpm	1c3629a45063e0db4b79a6932cf014da6430afd0d3410a31279fdfc6a70af9e5	-	ol9_x86_64_u3_baseos_base
	c-ares-1.19.1-1.el9.i686.rpm	1c3629a45063e0db4b79a6932cf014da6430afd0d3410a31279fdfc6a70af9e5	-	ol9_x86_64_u4_baseos_base
	c-ares-1.19.1-1.el9.x86_64.rpm	c674f141951d9233c728eed6d64381be16f0cb77f086636a65551b7270c7d431	-	ol9_x86_64_baseos_latest
	c-ares-1.19.1-1.el9.x86_64.rpm	c674f141951d9233c728eed6d64381be16f0cb77f086636a65551b7270c7d431	-	ol9_x86_64_u3_baseos_base
	c-ares-1.19.1-1.el9.x86_64.rpm	c674f141951d9233c728eed6d64381be16f0cb77f086636a65551b7270c7d431	-	ol9_x86_64_u4_baseos_base
	c-ares-devel-1.19.1-1.el9.i686.rpm	1bb58910b96fadec994ed415ac2b44618abb6d1eb77634463fc03282642364aa	-	ol9_x86_64_appstream
	c-ares-devel-1.19.1-1.el9.x86_64.rpm	24064d10c2e4680e767f2cc1f08cc8b39c2a57674d8250331cd2c52afc527d69	-	ol9_x86_64_appstream

This page is generated automatically and has not been checked for errors or omissions. For clarification or corrections please contact the Oracle Linux ULN team

Technical information

Oracle Linux Support

Connect

Contact Us

Global contacts
Oracle 1-800-633-0691