SUSE-SU-2023:2313-1 -- SLES c-ares, libcares2ID: oval:org.secpod.oval:def:89049023 | Date: (C)2023-07-18 (M)2024-01-02 |
Class: PATCH | Family: unix |
This update for c-ares fixes the following issues: Update to version 1.19.1: * CVE-2023-32067: 0-byte UDP payload causes Denial of Service * CVE-2023-31147: Insufficient randomness in generation of DNS query IDs * CVE-2023-31130: Buffer Underwrite in ares_inet_net_pton * CVE-2023-31124: AutoTools does not set CARES_RANDOM_FILE during cross compilation * Fix uninitialized memory warning in test * ares_getaddrinfo should allow a port of 0 * Fix memory leak in ares_send on error * Fix comment style in ares_data.h * Fix typo in ares_init_options.3 * Sync ax_pthread.m4 with upstream * Sync ax_cxx_compile_stdcxx_11.m4 with upstream to fix uclibc support
Platform: |
SUSE Linux Enterprise Desktop 15 SP4 |
SUSE Linux Enterprise Desktop 15 SP5 |
SUSE Linux Enterprise Server 15 SP4 |
SUSE Linux Enterprise Server 15 SP5 |
SUSE Linux Enterprise Server 15 SP2 |
SUSE Linux Enterprise Server 15 SP3 |
SUSE Linux Enterprise Server 15 SP1 |