Accepted c-ares 1.17.1-1+deb11u2 (source) into proposed-updates

To: debian-changes@lists.debian.org
Subject: Accepted c-ares 1.17.1-1+deb11u2 (source) into proposed-updates
From: Debian FTP Masters <ftpmaster@ftp-master.debian.org>
Date: Thu, 16 Mar 2023 13:47:08 +0000
Message-id: <[🔎] E1pcnwi-00BKOw-3R@fasolo.debian.org>
Mail-followup-to: debian-devel@lists.debian.org
Reply-to: debian-devel@lists.debian.org

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

Format: 1.8
Date: Sat, 18 Feb 2023 00:24:32 +0100
Source: c-ares
Architecture: source
Version: 1.17.1-1+deb11u2
Distribution: bullseye
Urgency: medium
Maintainer: Gregor Jasny <gjasny@googlemail.com>
Changed-By: Gregor Jasny <gjasny@googlemail.com>
Closes: 1031525
Changes:
 c-ares (1.17.1-1+deb11u2) bullseye; urgency=medium
 .
    * Fix CVE-2022-4904:
      It was discovered that in c-ares, an asynchronous name resolver library,
      the config_sortlist function is missing checks about the validity of the
      input string, which allows a possible arbitrary length stack overflow and
      thus may cause a denial of service. (Closes: #1031525)
Checksums-Sha1:
 e2639e670116fc80b76e92c6c3e2675b19b74e34 2182 c-ares_1.17.1-1+deb11u2.dsc
 1cbb97ad2e0dbadf702bd810c94d9f627fc3b983 10576 c-ares_1.17.1-1+deb11u2.debian.tar.xz
 cda98e9bdd53f027be412c121779439e7fa0b107 6587 c-ares_1.17.1-1+deb11u2_arm64.buildinfo
Checksums-Sha256:
 722ba16daf51ec3f462707ca48dcf1ded89a4d1f3941418ae31c6cd1086287dc 2182 c-ares_1.17.1-1+deb11u2.dsc
 5287aeb8f59fb03b6833e1b62b18a04c02d964b557936ea6b1968cf624d86ce3 10576 c-ares_1.17.1-1+deb11u2.debian.tar.xz
 a47903a981166bed1ec495769c51b794869dda1f7686117ea1d7cb259420a92a 6587 c-ares_1.17.1-1+deb11u2_arm64.buildinfo
Files:
 726502fc68669ec034fc7ee493b8b539 2182 libs optional c-ares_1.17.1-1+deb11u2.dsc
 f199e6258350d6a3355f5fcae94a657e 10576 libs optional c-ares_1.17.1-1+deb11u2.debian.tar.xz
 0470d11e1371dbf845c5d38d0b3155c3 6587 libs optional c-ares_1.17.1-1+deb11u2_arm64.buildinfo

-----BEGIN PGP SIGNATURE-----

iQJKBAEBCAA0FiEEBdAWnCbkFZNBgSnfGZpk+t+1AP8FAmQSw6IWHGdqYXNueUBn
b29nbGVtYWlsLmNvbQAKCRAZmmT637UA/7POD/9YZJDJBfKNhrpPYk1OjVxvI/zS
Jr4FAioukY6PrtkD9Cg9zie0qhrz0dk77iJKP+hQo7e1Xak3Xg27HP7S3w6+Ekff
9Cu7w2/lYQNeXJ/ecGJ6gTsH234m+dp/QAYUj1CIlmegfC+2lapeyBJRAlTv8ktB
mXPbKwJn65T9ICYtHBH5OdUSlmMpnmNqsG8uzH2sfHMVPiuggzFX5MRb8qAj35CK
HkIhSzyXtXoDgoLDbU/SZEIDuqU1XV4/ZI7SAtayulY+ZmmRuQTEC2kBgQagh7OF
bodGR1mx+sIkm9F2EZ819Gq2GzK75uhToqH6WPDSWkkzW/MkraEqT8dIzF6SN43q
8O2WAvGyFqW8vjRdd+ET6B8tYxDGOQ/0qy0TF5bqdX0hHNLU5jqNlp4mHa9HvvrB
IuZo4447fWItXMV3AMIMQbSEdZamcUP117Xj6FUWywSsDPMcmBl9lVfiLF5m3xFz
xYJriVeNWdLzbjTBzdP2lzrP2KidpkCiJtZkd8n9QRfWSXhdUGyOHaCcUloOKOB/
OmNiyzp83u+fLi/cWvBI/YkNlCDoZXuZJywmKFBgQ6fzORLhbW5UTeznSpIrr7hc
jQVGmTaZfW6xYVQ0bmfJLA3wgdKSmOrKoXmaCv9Q+XJNusFDJVJvUB1j6NaVPWl6
J9ssLuijnN+MydrZqg==
=vM0d
-----END PGP SIGNATURE-----

Reply to:

Prev by Date: Accepted rails 2:6.0.3.7+dfsg-2+deb11u1 (source) into proposed-updates
Next by Date: Accepted sox 14.4.2+git20190427-2+deb11u2 (source) into proposed-updates
Previous by thread: Accepted rails 2:6.0.3.7+dfsg-2+deb11u1 (source) into proposed-updates
Next by thread: Accepted sox 14.4.2+git20190427-2+deb11u2 (source) into proposed-updates
Index(es):
- Date
- Thread