Information on source package c-ares

Available versions

ReleaseVersion
stretch1.12.0-1+deb9u1
buster1.14.0-1
bullseye1.17.1-1
sid1.17.1-1

Resolved issues

BugDescription
CVE-2020-14354ares_destroy() with pending ares_getaddrinfo() leads to Use-After-Free
CVE-2020-8277A Node.js application that allows an attacker to trigger a DNS request ...
CVE-2017-1000381The c-ares function `ares_parse_naptr_reply()`, which is used for pars ...
CVE-2016-5180Heap-based buffer overflow in the ares_create_query function in c-ares ...

Security announcements

DSA / DLADescription
DLA-998-1c-ares - security update
DLA-648-1c-ares - security update
DSA-3682-1c-ares - security update

Search for package or bug name: Reporting problems