2023/06, FLOSS activity

Debian activities (LTS, ELTS)

  • DLA-3471-1 c-ares_1.14.0-1+deb10u3, ELA-883-1 c-ares_1.10.0-2+deb8u5, c-ares_1.12.0-1+deb9u4
    • CVE-2023-32067 Improve UDP packet handling in ares_process.c to prevent a denial of service due to a malformed UDP packet.

    • CVE-2023-31130 Fix buffer underflow for certain IPv6 addresses in inet_net_pton_ipv6(). Use our own IP conversion functions, do not delegate to OS.