Package "c-ares"

Name:	c-ares
Description:	This package is just an umbrella for a group of other packages, it has no description. Description samples from packages in group: asynchronous name resolver - development files asynchronous name resolver
Latest version:	1.18.1-1ubuntu0.22.04.3
Release:	jammy (22.04)
Level:	updates
Repository:	main

Links

Raw Package Information

All versions of this package

Bug fixes

List of files in package

Repository home page

Other versions of "c-ares" in Jammy

Repository	Area	Version
base	main	1.18.1-1build1
security	main	1.18.1-1ubuntu0.22.04.3

Packages in group

Deleted packages are displayed in grey.

Changelog

Version: 1.18.1-1ubuntu0.22.04.3 2024-03-06 14:06:59 UTC

c-ares (1.18.1-1ubuntu0.22.04.3) jammy-security; urgency=medium * SECURITY UPDATE: Out of bounds read in ares__read_line() - debian/patches/CVE-2024-25629.patch: filtering to eliminate out of bounds read - CVE-2024-25629 -- Nick Galanis <email address hidden> Wed, 28 Feb 2024 13:37:18 +0000

Source diff to previous version

CVE-2024-25629

c-ares is a C library for asynchronous DNS requests. `ares__read_line()` is used to parse local configuration files such as `/etc/resolv.conf`, `/etc

Version: 1.18.1-1ubuntu0.22.04.2 2023-06-14 16:07:05 UTC

c-ares (1.18.1-1ubuntu0.22.04.2) jammy-security; urgency=medium * SECURITY UPDATE: buffer underflow on certain ipv6 addresses - debian/patches/CVE-2023-31130.diff: add newer inet_net_pton_ipv6() and fix test cases in src/lib/inet_net_pton.c, test/ares-test-internal.cc. - CVE-2023-31130 * SECURITY UPDATE: denial of service via 0-byte UDP payload - debian/patches/CVE-2023-32067.diff: check length in src/lib/ares_process.c. - CVE-2023-32067 -- Marc Deslauriers <email address hidden> Mon, 12 Jun 2023 14:43:33 -0400

Source diff to previous version

CVE-2023-32067

c-ares is an asynchronous resolver library. c-ares is vulnerable to denial of service. If a target resolver sends a query, the attacker forges a malf

Version: 1.18.1-1ubuntu0.22.04.1	2023-03-02 16:07:06 UTC
`c-ares (1.18.1-1ubuntu0.22.04.1) jammy-security; urgency=medium * SECURITY UPDATE: buffer overflow in config_sortlist() - debian/patches/CVE-2022-4904.patch: add length checks to src/lib/ares_init.c, test/ares-test-init.cc. - CVE-2022-4904 -- Marc Deslauriers <email address hidden> Wed, 01 Mar 2023 12:18:31 -0500`

About - Send Feedback to @ubuntu_updates

Package "c-ares"

Links

Other versions of "c-ares" in Jammy

Packages in group

Changelog

Share this page

Bookmarks

Latest updates

updates

proposed

security

PPA updates