Hi Gregor,
I'm a member of the LTS team. I intend to prepare a DLA release for this issue
so you don't have to. If you could prepare a point update for Bullseye though,
that would be appreciated.
Cheers,
Markus
signature.asc
Description: This is a digitally signed message part
Hi Gregor,
On Sat, Feb 18, 2023 at 12:56:39AM +0100, Gregor Jasny wrote:
> Hi Salvatore,
>
> On 17.02.23 21:31, Salvatore Bonaccorso wrote:
> > The following vulnerability was published for c-ares.
> >
> > CVE-2022-4904[0]:
> > | buffer overflow in config_sortlist() due to missing string length
Hi Salvatore,
On 17.02.23 21:31, Salvatore Bonaccorso wrote:
The following vulnerability was published for c-ares.
CVE-2022-4904[0]:
| buffer overflow in config_sortlist() due to missing string length check
I uploaded a fixed package for sid and prepared an update for bullseye
and buster:
Source: c-ares
Version: 1.18.1-1
Severity: important
Tags: security upstream
Forwarded: https://github.com/c-ares/c-ares/pull/497
X-Debbugs-Cc: car...@debian.org, Debian Security Team
Control: fixed -1 1.19.0-1
Hi,
The following vulnerability was published for c-ares.
CVE-2022-4904[0]:
|
4 matches
Mail list logo