Changes made to bug 2209497

Back to bug 2209497

Who	When	What	Removed	Added
Sandipan Roy	2023-05-24 03:57:29 UTC	CC		nodejs-maint, zsvetlik
Sandipan Roy	2023-05-24 04:05:14 UTC	Summary	CVE-2023-31130 c-ares: Buffer Underwrite in ares_inet_net_pton()	CVE-2023-31130 c-ares: Buffer Underwrite in ares_inet_net_pton()
Sandipan Roy	2023-05-24 04:06:05 UTC	Blocks		2209110
Sandipan Roy	2023-05-24 04:22:51 UTC	Depends On		2209542, 2209540, 2209547, 2209546, 2209543, 2209545, 2209539, 2209548, 2209541
Sandipan Roy	2023-05-24 04:24:52 UTC	Depends On		2209556, 2209559, 2209558, 2209557, 2209554, 2209561
RHEL Program Management Team	2023-05-30 11:04:03 UTC	Depends On		2211045
RHEL Program Management Team	2023-05-30 11:04:09 UTC	Depends On		2211046
RHEL Program Management Team	2023-05-30 11:04:15 UTC	Depends On		2211047
RHEL Program Management Team	2023-05-30 11:04:31 UTC	Depends On		2211048
RHEL Program Management Team	2023-05-30 11:04:46 UTC	Depends On		2211049
RHEL Program Management Team	2023-06-05 14:44:51 UTC	Depends On		2212436
RHEL Program Management Team	2023-06-05 14:44:57 UTC	Depends On		2212437
Guilherme de Almeida Suckevicz	2023-06-13 16:34:12 UTC	CC		hhorak, jorton
Guilherme de Almeida Suckevicz	2023-06-13 16:39:13 UTC	Depends On		2214630
errata-xmlrpc	2023-06-14 07:27:19 UTC	Link ID		Red Hat Product Errata RHSA-2023:3577
errata-xmlrpc	2023-06-14 08:39:12 UTC	Link ID		Red Hat Product Errata RHSA-2023:3586
errata-xmlrpc	2023-06-14 18:03:11 UTC	Link ID		Red Hat Product Errata RHBA-2023:3603
errata-xmlrpc	2023-06-19 00:24:49 UTC	Link ID		Red Hat Product Errata RHBA-2023:3657
errata-xmlrpc	2023-06-19 13:27:38 UTC	Link ID		Red Hat Product Errata RHBA-2023:3666
Sandipan Roy	2023-06-20 05:04:18 UTC	Doc Text		A vulnerability was found in c-ares. This security vulnerability occurs in ares_inet_net_pton() function that is vulnerable to a buffer underflow for certain ipv6 addresses, in particular "0::00:00:00/2" was found to cause an issue. C-ares only uses this function internally for configuration purposes which would require an administrator to configure such an address via ares_set_sortlist().
Paige Jung	2023-06-20 13:23:53 UTC	Doc Text	A vulnerability was found in c-ares. This security vulnerability occurs in ares_inet_net_pton() function that is vulnerable to a buffer underflow for certain ipv6 addresses, in particular "0::00:00:00/2" was found to cause an issue. C-ares only uses this function internally for configuration purposes which would require an administrator to configure such an address via ares_set_sortlist().	A vulnerability was found in c-ares. This issue occurs in the ares_inet_net_pton() function, which is vulnerable to a buffer underflow for certain ipv6 addresses. "0::00:00:00/2" in particular was found to cause an issue. C-ares only uses this function internally for configuration purposes, which would require an administrator to configure such an address via ares_set_sortlist().
Red Hat Bugzilla	2023-07-07 08:32:43 UTC	Assignee	security-response-team	nobody
errata-xmlrpc	2023-07-12 08:12:37 UTC	Link ID		Red Hat Product Errata RHSA-2023:4036
errata-xmlrpc	2023-07-12 08:24:19 UTC	Link ID		Red Hat Product Errata RHSA-2023:4039
errata-xmlrpc	2023-07-12 08:25:21 UTC	Link ID		Red Hat Product Errata RHSA-2023:4035
errata-xmlrpc	2023-07-12 08:25:24 UTC	Link ID		Red Hat Product Errata RHSA-2023:4034
errata-xmlrpc	2023-07-12 08:26:15 UTC	Link ID		Red Hat Product Errata RHSA-2023:4033
errata-xmlrpc	2023-07-13 01:00:20 UTC	Link ID		Red Hat Product Errata RHBA-2023:4045
errata-xmlrpc	2023-07-13 01:06:13 UTC	Link ID		Red Hat Product Errata RHBA-2023:4046
errata-xmlrpc	2023-07-13 11:35:23 UTC	Link ID		Red Hat Product Errata RHBA-2023:4077
errata-xmlrpc	2023-07-13 11:42:13 UTC	Link ID		Red Hat Product Errata RHBA-2023:4078
errata-xmlrpc	2023-07-17 06:51:26 UTC	Link ID		Red Hat Product Errata RHBA-2023:4098

Back to bug 2209497