From 1.19.0 release notes (https://c-ares.org/changelog.html): Low. Stack overflow in ares_set_sortlist() which is used during c-ares initialization and typically provided by an administrator and not an end user. Links to https://github.com/c-ares/c-ares/pull/497.
The bug has been referenced in the following commit(s): https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=ac7e1f7d296b09daf32727950cdd62bc7dfb694f commit ac7e1f7d296b09daf32727950cdd62bc7dfb694f Author: Sam James <sam@gentoo.org> AuthorDate: 2023-01-29 07:43:26 +0000 Commit: Sam James <sam@gentoo.org> CommitDate: 2023-01-29 07:43:26 +0000 net-dns/c-ares: add 1.19.0 Bug: https://bugs.gentoo.org/892489 Signed-off-by: Sam James <sam@gentoo.org> net-dns/c-ares/Manifest | 2 ++ net-dns/c-ares/c-ares-1.19.0.ebuild | 70 +++++++++++++++++++++++++++++++++++++ 2 files changed, 72 insertions(+)
The bug has been referenced in the following commit(s): https://gitweb.gentoo.org/data/glsa.git/commit/?id=c2152e9dc06608bf6a50d3bdd22ee8bd8bf222ce commit c2152e9dc06608bf6a50d3bdd22ee8bd8bf222ce Author: GLSAMaker <glsamaker@gentoo.org> AuthorDate: 2024-01-05 09:27:33 +0000 Commit: Hans de Graaff <graaff@gentoo.org> CommitDate: 2024-01-05 09:28:02 +0000 [ GLSA 202401-02 ] c-ares: Multiple Vulnerabilities Bug: https://bugs.gentoo.org/807604 Bug: https://bugs.gentoo.org/807775 Bug: https://bugs.gentoo.org/892489 Bug: https://bugs.gentoo.org/905341 Signed-off-by: GLSAMaker <glsamaker@gentoo.org> Signed-off-by: Hans de Graaff <graaff@gentoo.org> glsa-202401-02.xml | 50 ++++++++++++++++++++++++++++++++++++++++++++++++++ 1 file changed, 50 insertions(+)
