[El-errata] ELSA-2023-7207 Moderate: Oracle Linux 8 c-ares security update

Errata Announcements for Oracle Linux el-errata at oss.oracle.com
Thu Nov 23 20:39:46 UTC 2023


Oracle Linux Security Advisory ELSA-2023-7207

http://linux.oracle.com/errata/ELSA-2023-7207.html

The following updated rpms for Oracle Linux 8 have been uploaded to the Unbreakable Linux Network:

x86_64:
c-ares-1.13.0-9.el8_9.1.i686.rpm
c-ares-1.13.0-9.el8_9.1.x86_64.rpm
c-ares-devel-1.13.0-9.el8_9.1.i686.rpm
c-ares-devel-1.13.0-9.el8_9.1.x86_64.rpm

aarch64:
c-ares-1.13.0-9.el8_9.1.aarch64.rpm
c-ares-devel-1.13.0-9.el8_9.1.aarch64.rpm


SRPMS:
http://oss.oracle.com/ol8/SRPMS-updates//c-ares-1.13.0-9.el8_9.1.src.rpm

Related CVEs:

CVE-2020-22217
CVE-2023-31130




Description of changes:

[1.13.0-9.1]
- Resolves: RHEL-11931 - Buffer Underwrite in ares_inet_net_pton() [rhel-8.9.0.z]

[1.13.0-9]
- Resolves: rhbz#2238293 - CVE-2020-22217 c-ares: read-heap-buffer-overflow in ares_parse_soa_reply [rhel-8] [rhel-8.9.0.z]




More information about the El-errata mailing list