FEDORA-2023-ae97529c00 — security update for c-ares

stable

c-ares-1.19.1-1.fc37

FEDORA-2023-ae97529c00 created by spot 2 weeks ago for Fedora 37

Update to 1.19.1. Fixes CVE-2023-32067, CVE-2023-31130, CVE-2023-31147, CVE-2023-31124

How to install

sudo dnf upgrade --refresh --advisory=FEDORA-2023-ae97529c00

This update has been submitted for testing by spot.

2 weeks ago

This update's test gating status has been changed to 'waiting'.

2 weeks ago

spot edited this update.

2 weeks ago

This update's test gating status has been changed to 'passed'.

2 weeks ago

This update has been pushed to testing.

2 weeks ago

filiperosset commented & provided feedback a week ago

karma

no regressions noted

geraldosimiao provided feedback a week ago

karma

This update can be pushed to stable now if the maintainer wishes

a week ago

rai510 provided feedback a week ago

karma

This update has been submitted for stable by bodhi.

a week ago

This update has been pushed to stable.

a week ago

Please login to add feedback.

Metadata

Type

security

Severity

high

Karma

Signed

Content Type

RPM

Test Gating

passed

Builds

c-ares-1.19.1-1.fc37

Settings

Unstable by Karma

-3

Stable by Karma

Stable by Time

14 days

Dates

submitted

2 weeks ago

in testing

2 weeks ago

in stable

a week ago

modified

2 weeks ago

approved

a week ago

BZ#2209494 CVE-2023-31124 c-ares: AutoTools does not set CARES_RANDOM_FILE during cross compilation

BZ#2209497 CVE-2023-31130 c-ares: Buffer Underwrite in ares_inet_net_pton()

BZ#2209501 CVE-2023-31147 c-ares: Insufficient randomness in generation of DNS query IDs

BZ#2209502 CVE-2023-32067 c-ares: 0-byte UDP payload Denial of Service

BZ#2209506 CVE-2023-32067 c-ares: 0-byte UDP payload Denial of Service [fedora-all]

BZ#2209542 CVE-2023-31124 CVE-2023-31130 CVE-2023-31147 c-ares: various flaws [fedora-all]

c-ares-1.19.1-1.fc37

Automated Test Results

passed