[Bug 277261] dns/c-ares: upgrade to 1.27.0 required (moderate security issue)
- Go to: [ bottom of page ] [ top of archives ] [ this month ]
Date: Fri, 23 Feb 2024 14:18:33 UTC
https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=277261 Bug ID: 277261 Summary: dns/c-ares: upgrade to 1.27.0 required (moderate security issue) Product: Ports & Packages Version: Latest Hardware: Any OS: Any Status: New Keywords: security Severity: Affects Many People Priority: --- Component: Individual Port(s) Assignee: zi@FreeBSD.org Reporter: rodrigo@FreeBSD.org Flags: maintainer-feedback?(zi@FreeBSD.org) Assignee: zi@FreeBSD.org According with c-ares project there is an open CVE-2024-25629 who affect versions of c-ares before 1.27.0. Reading a malformed /etc/resolv.conf, /etc/nsswitch.conf or HOSTALIASES can crash the process. The severity level is considered as moderate. -- You are receiving this mail because: You are the assignee for the bug.