LGTM.
Thanks.
On 2023-05-23 3:43 p.m., Volker Schlecht wrote:
> Cc: Maintainer
>
> c-ares released version 1.19.1 yesterday, fixing
>
> o CVE-2023-32067. High. 0-byte UDP payload causes Denial of Service [12]
> o CVE-2023-31147. Moderate. Insufficient randomness in generation of DNS
> query IDs [13]
> o CVE-2023-31130. Moderate. Buffer Underwrite in ares_inet_net_pton()
> [14]
> o CVE-2023-31124. Low. AutoTools does not set CARES_RANDOM_FILE during
> cross
> compilation [15]
>
> Full changelog:
>
> https://c-ares.org/changelog.html
>
> Most tests pass on amd64 with PRIVSEP enabled, failing tests appear to
> be due to missing network access, see
>
> https://github.com/c-ares/c-ares/issues/337
No comments:
Post a Comment