c-ares-1.13.0-6.el8.ML.1
エラータID: AXSA:2022-3337:02
リリース日:
2022/07/01 Friday - 10:07
題名:
c-ares-1.13.0-6.el8.ML.1
影響のあるチャネル:
Asianux Server 8 for x86_64
Severity:
High
Description:
以下項目について対処しました。
[Security Fix]
- c-ares には、DNSが返すホスト名の検証が不完全なため、誤った
ホスト名を返し、ドメイン名ハイジャックを引き起こす可能性のある
脆弱性があります。(CVE-2021-3672)
解決策:
パッケージをアップデートしてください。
CVE:
CVE-2021-3672
A flaw was found in c-ares library, where a missing input validation check of host names returned by DNS (Domain Name Servers) can lead to output of wrong hostnames which might potentially lead to Domain Hijacking. The highest threat from this vulnerability is to confidentiality and integrity as well as system availability.
A flaw was found in c-ares library, where a missing input validation check of host names returned by DNS (Domain Name Servers) can lead to output of wrong hostnames which might potentially lead to Domain Hijacking. The highest threat from this vulnerability is to confidentiality and integrity as well as system availability.
追加情報:
N/A
ダウンロード:
SRPMS
- c-ares-1.13.0-6.el8.ML.1.src.rpm
MD5: 748b8c3cf136b68dea57e66586b6b3b0
SHA-256: 6be27b34d0f607ed7c3a185b3fb85ea44ea85c02d1d81289b419ff06aad57b62
Size: 1.40 MB
Asianux Server 8 for x86_64
- c-ares-1.13.0-6.el8.ML.1.x86_64.rpm
MD5: d54c1c6b1195729df215fede8e70b8ac
SHA-256: 31b903e5b6c8d0e7143bdb90db854075dbafad6eeacbad892a9051cbeba2703f
Size: 92.27 kB - c-ares-devel-1.13.0-6.el8.ML.1.x86_64.rpm
MD5: 9b13af5bd9b29fc3b46a6b5e08539259
SHA-256: 5dfea3725d07340f4c99c7395ab63da7bd9b7f7610d3b6c4caede6bf2e84511b
Size: 87.05 kB - c-ares-1.13.0-6.el8.ML.1.i686.rpm
MD5: e04bd3c6b30bb0f3bc6f8462a19eb267
SHA-256: ef34148c2541de96185b80e75b106fa964f195489731246ab3965e6a3bcd0762
Size: 95.86 kB - c-ares-devel-1.13.0-6.el8.ML.1.i686.rpm
MD5: 1ce342a2ce95a356d47c6bd7baf04cf4
SHA-256: 97e38467acb63bfb5806df0045f1233d0a36bc204f9328ffe95f65996229446e
Size: 87.08 kB
English