projects / buildroot.git / commit
? search:
summary | shortlog | log | commit | commitdiff | tree
(parent: 9bbb6ef) | patch
package/c-ares: security bump to version 1.17.0
authorFabrice Fontaine <fontaine.fabrice@gmail.com>
Tue, 17 Nov 2020 07:10:54 +0000 (08:10 +0100)
committerPeter Korsgaard <peter@korsgaard.com>
Tue, 17 Nov 2020 19:57:50 +0000 (20:57 +0100)
commitc7a369a907f988cf193b06fd4a7ce5547976c21a
tree292d44d33d3b5c16d7f150fbbd8acc650ad7b378tree
parent9bbb6efc81fee71f8045530742f715c933361f77commit | diff
package/c-ares: security bump to version 1.17.0

- avoid read-heap-buffer-overflow in ares_parse_soa_reply found during
  fuzzing
- Avoid theoretical buffer overflow in RC4 loop comparison
- Empty hquery->name could lead to invalid memory access
- ares_parse_{a,aaaa}_reply() could return a larger *naddrttls than was
  passed in

https://c-ares.haxx.se/changelog.html#1_17_0

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
package/c-ares/c-ares.hash diff | blob | history
package/c-ares/c-ares.mk diff | blob | history