c-ares-1.13.0-6.el8.ML.1

エラータID: AXSA:2022-3337:02

Release date: 
Friday, July 1, 2022 - 10:07
Subject: 
c-ares-1.13.0-6.el8.ML.1
Affected Channels: 
Asianux Server 8 for x86_64
Severity: 
Moderate
Description: 

The c-ares C library defines asynchronous DNS (Domain Name System) requests and
provides name resolving API.

Security Fix(es):

* c-ares: Missing input validation of host names may lead to domain hijacking
(CVE-2021-3672)

For more details about the security issue(s), including the impact, a CVSS
score, acknowledgments, and other related information, refer to the CVE page(s)
listed in the References section.

Additional Changes:

For detailed information on changes in this release, see the Red Hat Enterprise
Linux 8.6 Release Notes linked from the References section.

CVE-2021-3672
A flaw was found in c-ares library, where a missing input validation check of
host names returned by DNS (Domain Name Servers) can lead to output of wrong
hostnames which might potentially lead to Domain Hijacking. The highest threat
from this vulnerability is to confidentiality and integrity as well as system
availability.

Solution: 

Update packages.

CVEs: 
CVE-2021-3672
A flaw was found in c-ares library, where a missing input validation check of host names returned by DNS (Domain Name Servers) can lead to output of wrong hostnames which might potentially lead to Domain Hijacking. The highest threat from this vulnerability is to confidentiality and integrity as well as system availability.
Additional Info: 

N/A

Download: 

SRPMS
  1. c-ares-1.13.0-6.el8.ML.1.src.rpm
    MD5: 748b8c3cf136b68dea57e66586b6b3b0
    SHA-256: 6be27b34d0f607ed7c3a185b3fb85ea44ea85c02d1d81289b419ff06aad57b62
    Size: 1.40 MB

Asianux Server 8 for x86_64
  1. c-ares-1.13.0-6.el8.ML.1.x86_64.rpm
    MD5: d54c1c6b1195729df215fede8e70b8ac
    SHA-256: 31b903e5b6c8d0e7143bdb90db854075dbafad6eeacbad892a9051cbeba2703f
    Size: 92.27 kB
  2. c-ares-devel-1.13.0-6.el8.ML.1.x86_64.rpm
    MD5: 9b13af5bd9b29fc3b46a6b5e08539259
    SHA-256: 5dfea3725d07340f4c99c7395ab63da7bd9b7f7610d3b6c4caede6bf2e84511b
    Size: 87.05 kB
  3. c-ares-1.13.0-6.el8.ML.1.i686.rpm
    MD5: e04bd3c6b30bb0f3bc6f8462a19eb267
    SHA-256: ef34148c2541de96185b80e75b106fa964f195489731246ab3965e6a3bcd0762
    Size: 95.86 kB
  4. c-ares-devel-1.13.0-6.el8.ML.1.i686.rpm
    MD5: 1ce342a2ce95a356d47c6bd7baf04cf4
    SHA-256: 97e38467acb63bfb5806df0045f1233d0a36bc204f9328ffe95f65996229446e
    Size: 87.08 kB