Date: Fri, 23 Feb 2024 14:18:33 +0000 From: bugzilla-noreply@freebsd.org To: ports-bugs@FreeBSD.org Subject: [Bug 277261] dns/c-ares: upgrade to 1.27.0 required (moderate security issue) Message-ID: <bug-277261-7788@https.bugs.freebsd.org/bugzilla/>
next in thread | raw e-mail | index | archive | help
https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=3D277261 Bug ID: 277261 Summary: dns/c-ares: upgrade to 1.27.0 required (moderate security issue) Product: Ports & Packages Version: Latest Hardware: Any OS: Any Status: New Keywords: security Severity: Affects Many People Priority: --- Component: Individual Port(s) Assignee: zi@FreeBSD.org Reporter: rodrigo@FreeBSD.org Flags: maintainer-feedback?(zi@FreeBSD.org) Assignee: zi@FreeBSD.org According with c-ares project there is an open CVE-2024-25629 who affect versions of c-ares before 1.27.0. Reading a malformed /etc/resolv.conf, /etc/nsswitch.conf or HOSTALIASES can crash the process. The severity level is considered as moderate. --=20 You are receiving this mail because: You are the assignee for the bug.=
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?bug-277261-7788>