[Buildroot] [PATCH] c-ares: security bump to version 1.13.0
Peter Korsgaard
peter at korsgaard.com
Mon Jun 26 08:00:34 UTC 2017
>>>>> "Peter" == Peter Korsgaard <peter at korsgaard.com> writes:
> Fixes the following security issues:
> CVE-2017-1000381: The c-ares function `ares_parse_naptr_reply()`, which is
> used for parsing NAPTR responses, could be triggered to read memory outside
> of the given input buffer if the passed in DNS response packet was crafted
> in a particular way.
> https://c-ares.haxx.se/adv_20170620.html
> Signed-off-by: Peter Korsgaard <peter at korsgaard.com>
Committed to 2017.02.x and 2017.05.x, thanks.
--
Bye, Peter Korsgaard
More information about the buildroot
mailing list