RLSA-2024:3842 Low: c-ares security update

The c-ares C library defines asynchronous DNS Domain Name System requests and provides name resolving API. Security Fixes: c-ares: Out of bounds read in aresreadline CVE-2024-25629 For more details about the security issues, including the impact, a CVSS score, acknowledgments, and other related...

c-ares security update

An update is available for c-ares. This update affects Rocky Linux 9. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list The c-ares C library defines asynchronous DNS Domain Name System requests and...

c-ares security update

An update is available for c-ares. This update affects Rocky Linux 8. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list The c-ares C library defines asynchronous DNS Domain Name System requests and...

SUSE-SU-2024:1136-1 Security update for c-ares

This update for c-ares fixes the following issues: - CVE-2024-25629: Fixed out of bounds read in aresreadline bsc1220279...

Medium: nodejs

Issue Overview: NOTE: https://nodejs.org/en/blog/release/v18.19.1 NOTE: https://github.com/nodejs/node/commit/f31d47e135973746c4f490d5eb635eded8bb3dda v18.x NOTE: https://github.com/nodejs/node/commit/9052ef43dc2d1b0db340591a9bc9e45a25c01d90 main CVE-2024-22025 Undici is an HTTP/1.1 client, writt...

Moderate: Red Hat Security Advisory: c-ares security update

An update for c-ares is now available for Red Hat Enterprise Linux 8.6 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for...

SUSE-SU-2023:2313-1 Security update for c-ares

This update for c-ares fixes the following issues: Update to version 1.19.1: - CVE-2023-32067: 0-byte UDP payload causes Denial of Service bsc1211604 - CVE-2023-31147: Insufficient randomness in generation of DNS query IDs bsc1211605 - CVE-2023-31130: Buffer Underwrite in aresinetnetpton bsc12116...

c-ares security update

1.13.0-6 - Resolves: rhbz1989425 - CVE-2021-3672 c-ares: missing input validation of host names may lead to Domain Hijacking rhel-8...

Trust Boundary Violation due to Incomplete Blacklist in Test Failure Processing in Ares

Impact This allows an attacker to create special subclasses of InvocationTargetException that escape the exception sanitization because JUnit extracts the cause in a trusted context before the exception reaches Ares. This means that arbitrary student code can be executed in a trusted context, and...

SUSE: Security Advisory (SUSE-SU-2021:2760-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

OPENSUSE-SU-2021:2760-1 Security update for c-ares

This update for c-ares fixes the following issues: Version update to git snapshot 1.17.1+20200724: - CVE-2021-3672: fixed missing input validation on hostnames returned by DNS servers bsc1188881 - If aresgetaddrinfo was terminated by an aresdestroy, it would cause crash - Crash in sortaddrinfo if...

DSA-4954-1 c-ares - security update

Bulletin has no description...