[Buildroot] [PATCH] c-ares: security bump to version 1.13.0

Peter Korsgaard peter at korsgaard.com
Mon Jun 26 08:00:34 UTC 2017


>>>>> "Peter" == Peter Korsgaard <peter at korsgaard.com> writes:

 > Fixes the following security issues:
 > CVE-2017-1000381: The c-ares function `ares_parse_naptr_reply()`, which is
 > used for parsing NAPTR responses, could be triggered to read memory outside
 > of the given input buffer if the passed in DNS response packet was crafted
 > in a particular way.

 > https://c-ares.haxx.se/adv_20170620.html

 > Signed-off-by: Peter Korsgaard <peter at korsgaard.com>

Committed to 2017.02.x and 2017.05.x, thanks.

-- 
Bye, Peter Korsgaard


More information about the buildroot mailing list