Oval Definition:oval:org.opensuse.security:def:67222
Revision Date:2021-08-17Version:1
Title:Security update for c-ares (Important)
Description:

This update for c-ares fixes the following issues:

Version update to git snapshot 1.17.1+20200724:

- CVE-2021-3672: fixed missing input validation on hostnames returned by DNS servers (bsc#1188881) - If ares_getaddrinfo() was terminated by an ares_destroy(), it would cause crash - Crash in sortaddrinfo() if the list size equals 0 due to an unexpected DNS response - Expand number of escaped characters in DNS replies as per RFC1035 5.1 to prevent spoofing - Use unbuffered /dev/urandom for random data to prevent early startup performance issues
Family:unixClass:patch
Status:Reference(s):1169679
1169748
1171441
1171443
1171444
1171445
1171446
1171447
1171474
1173247
1173605
1174200
1177211
1188881
CVE-2020-11017
CVE-2020-11018
CVE-2020-11019
CVE-2020-11038
CVE-2020-11039
CVE-2020-11040
CVE-2020-11041
CVE-2020-11043
CVE-2020-11085
CVE-2020-11086
CVE-2020-11087
CVE-2020-11088
CVE-2020-11089
CVE-2020-11095
CVE-2020-11096
CVE-2020-11097
CVE-2020-11098
CVE-2020-11099
CVE-2020-11521
CVE-2020-11522
CVE-2020-11523
CVE-2020-11524
CVE-2020-11525
CVE-2020-11526
CVE-2020-13396
CVE-2020-13397
CVE-2020-13398
CVE-2020-26116
CVE-2020-4030
CVE-2020-4031
CVE-2020-4032
CVE-2020-4033
CVE-2021-3672
Platform(s):SUSE Linux Enterprise Module for Open Buildservice Development Tools 15 SP2
SUSE Linux Enterprise Module for Open Buildservice Development Tools 15 SP3
Product(s):
Definition Synopsis
  • SUSE Linux Enterprise Module for Open Buildservice Development Tools 15 SP2 is installed
  • AND Package Information
  • freerdp-2.1.2-15.7 is installed
  • OR freerdp-server-2.1.2-15.7 is installed
  • OR freerdp-wayland-2.1.2-15.7 is installed
  • OR libuwac0-0-2.1.2-15.7 is installed
  • OR uwac0-0-devel-2.1.2-15.7 is installed
    • BACK