{"affected":[{"ecosystem_specific":{"binaries":[{"libcares2":"1.19.1-150000.3.23.1"}]},"package":{"ecosystem":"SUSE:Linux Enterprise Micro 5.3","name":"c-ares","purl":"pkg:rpm/suse/c-ares&distro=SUSE%20Linux%20Enterprise%20Micro%205.3"},"ranges":[{"events":[{"introduced":"0"},{"fixed":"1.19.1-150000.3.23.1"}],"type":"ECOSYSTEM"}]},{"ecosystem_specific":{"binaries":[{"libcares2":"1.19.1-150000.3.23.1"}]},"package":{"ecosystem":"SUSE:Linux Enterprise Micro 5.4","name":"c-ares","purl":"pkg:rpm/suse/c-ares&distro=SUSE%20Linux%20Enterprise%20Micro%205.4"},"ranges":[{"events":[{"introduced":"0"},{"fixed":"1.19.1-150000.3.23.1"}],"type":"ECOSYSTEM"}]},{"ecosystem_specific":{"binaries":[{"c-ares-devel":"1.19.1-150000.3.23.1","libcares2":"1.19.1-150000.3.23.1"}]},"package":{"ecosystem":"SUSE:Linux Enterprise Module for Basesystem 15 SP4","name":"c-ares","purl":"pkg:rpm/suse/c-ares&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Basesystem%2015%20SP4"},"ranges":[{"events":[{"introduced":"0"},{"fixed":"1.19.1-150000.3.23.1"}],"type":"ECOSYSTEM"}]},{"ecosystem_specific":{"binaries":[{"c-ares-devel":"1.19.1-150000.3.23.1","libcares2":"1.19.1-150000.3.23.1"}]},"package":{"ecosystem":"SUSE:Linux Enterprise Module for Basesystem 15 SP5","name":"c-ares","purl":"pkg:rpm/suse/c-ares&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Basesystem%2015%20SP5"},"ranges":[{"events":[{"introduced":"0"},{"fixed":"1.19.1-150000.3.23.1"}],"type":"ECOSYSTEM"}]},{"ecosystem_specific":{"binaries":[{"c-ares-devel":"1.19.1-150000.3.23.1","libcares2":"1.19.1-150000.3.23.1"}]},"package":{"ecosystem":"SUSE:Linux Enterprise High Performance Computing 15 SP1-LTSS","name":"c-ares","purl":"pkg:rpm/suse/c-ares&distro=SUSE%20Linux%20Enterprise%20High%20Performance%20Computing%2015%20SP1-LTSS"},"ranges":[{"events":[{"introduced":"0"},{"fixed":"1.19.1-150000.3.23.1"}],"type":"ECOSYSTEM"}]},{"ecosystem_specific":{"binaries":[{"c-ares-devel":"1.19.1-150000.3.23.1","libcares2":"1.19.1-150000.3.23.1"}]},"package":{"ecosystem":"SUSE:Linux Enterprise High Performance Computing 15 SP2-LTSS","name":"c-ares","purl":"pkg:rpm/suse/c-ares&distro=SUSE%20Linux%20Enterprise%20High%20Performance%20Computing%2015%20SP2-LTSS"},"ranges":[{"events":[{"introduced":"0"},{"fixed":"1.19.1-150000.3.23.1"}],"type":"ECOSYSTEM"}]},{"ecosystem_specific":{"binaries":[{"c-ares-devel":"1.19.1-150000.3.23.1","libcares2":"1.19.1-150000.3.23.1"}]},"package":{"ecosystem":"SUSE:Linux Enterprise High Performance Computing 15 SP3-ESPOS","name":"c-ares","purl":"pkg:rpm/suse/c-ares&distro=SUSE%20Linux%20Enterprise%20High%20Performance%20Computing%2015%20SP3-ESPOS"},"ranges":[{"events":[{"introduced":"0"},{"fixed":"1.19.1-150000.3.23.1"}],"type":"ECOSYSTEM"}]},{"ecosystem_specific":{"binaries":[{"c-ares-devel":"1.19.1-150000.3.23.1","libcares2":"1.19.1-150000.3.23.1"}]},"package":{"ecosystem":"SUSE:Linux Enterprise High Performance Computing 15 SP3-LTSS","name":"c-ares","purl":"pkg:rpm/suse/c-ares&distro=SUSE%20Linux%20Enterprise%20High%20Performance%20Computing%2015%20SP3-LTSS"},"ranges":[{"events":[{"introduced":"0"},{"fixed":"1.19.1-150000.3.23.1"}],"type":"ECOSYSTEM"}]},{"ecosystem_specific":{"binaries":[{"c-ares-devel":"1.19.1-150000.3.23.1","libcares2":"1.19.1-150000.3.23.1"}]},"package":{"ecosystem":"SUSE:Linux Enterprise Real Time 15 SP3","name":"c-ares","purl":"pkg:rpm/suse/c-ares&distro=SUSE%20Linux%20Enterprise%20Real%20Time%2015%20SP3"},"ranges":[{"events":[{"introduced":"0"},{"fixed":"1.19.1-150000.3.23.1"}],"type":"ECOSYSTEM"}]},{"ecosystem_specific":{"binaries":[{"c-ares-devel":"1.19.1-150000.3.23.1","libcares2":"1.19.1-150000.3.23.1"}]},"package":{"ecosystem":"SUSE:Linux Enterprise Server 15 SP1-LTSS","name":"c-ares","purl":"pkg:rpm/suse/c-ares&distro=SUSE%20Linux%20Enterprise%20Server%2015%20SP1-LTSS"},"ranges":[{"events":[{"introduced":"0"},{"fixed":"1.19.1-150000.3.23.1"}],"type":"ECOSYSTEM"}]},{"ecosystem_specific":{"binaries":[{"c-ares-devel":"1.19.1-150000.3.23.1","libcares2":"1.19.1-150000.3.23.1"}]},"package":{"ecosystem":"SUSE:Linux Enterprise Server 15 SP2-LTSS","name":"c-ares","purl":"pkg:rpm/suse/c-ares&distro=SUSE%20Linux%20Enterprise%20Server%2015%20SP2-LTSS"},"ranges":[{"events":[{"introduced":"0"},{"fixed":"1.19.1-150000.3.23.1"}],"type":"ECOSYSTEM"}]},{"ecosystem_specific":{"binaries":[{"c-ares-devel":"1.19.1-150000.3.23.1","libcares2":"1.19.1-150000.3.23.1"}]},"package":{"ecosystem":"SUSE:Linux Enterprise Server 15 SP3-LTSS","name":"c-ares","purl":"pkg:rpm/suse/c-ares&distro=SUSE%20Linux%20Enterprise%20Server%2015%20SP3-LTSS"},"ranges":[{"events":[{"introduced":"0"},{"fixed":"1.19.1-150000.3.23.1"}],"type":"ECOSYSTEM"}]},{"ecosystem_specific":{"binaries":[{"c-ares-devel":"1.19.1-150000.3.23.1","libcares2":"1.19.1-150000.3.23.1"}]},"package":{"ecosystem":"SUSE:Linux Enterprise Server for SAP Applications 15 SP1","name":"c-ares","purl":"pkg:rpm/suse/c-ares&distro=SUSE%20Linux%20Enterprise%20Server%20for%20SAP%20Applications%2015%20SP1"},"ranges":[{"events":[{"introduced":"0"},{"fixed":"1.19.1-150000.3.23.1"}],"type":"ECOSYSTEM"}]},{"ecosystem_specific":{"binaries":[{"c-ares-devel":"1.19.1-150000.3.23.1","libcares2":"1.19.1-150000.3.23.1"}]},"package":{"ecosystem":"SUSE:Linux Enterprise Server for SAP Applications 15 SP2","name":"c-ares","purl":"pkg:rpm/suse/c-ares&distro=SUSE%20Linux%20Enterprise%20Server%20for%20SAP%20Applications%2015%20SP2"},"ranges":[{"events":[{"introduced":"0"},{"fixed":"1.19.1-150000.3.23.1"}],"type":"ECOSYSTEM"}]},{"ecosystem_specific":{"binaries":[{"c-ares-devel":"1.19.1-150000.3.23.1","libcares2":"1.19.1-150000.3.23.1"}]},"package":{"ecosystem":"SUSE:Linux Enterprise Server for SAP Applications 15 SP3","name":"c-ares","purl":"pkg:rpm/suse/c-ares&distro=SUSE%20Linux%20Enterprise%20Server%20for%20SAP%20Applications%2015%20SP3"},"ranges":[{"events":[{"introduced":"0"},{"fixed":"1.19.1-150000.3.23.1"}],"type":"ECOSYSTEM"}]},{"ecosystem_specific":{"binaries":[{"c-ares-devel":"1.19.1-150000.3.23.1","libcares2":"1.19.1-150000.3.23.1"}]},"package":{"ecosystem":"SUSE:Manager Proxy 4.2","name":"c-ares","purl":"pkg:rpm/suse/c-ares&distro=SUSE%20Manager%20Proxy%204.2"},"ranges":[{"events":[{"introduced":"0"},{"fixed":"1.19.1-150000.3.23.1"}],"type":"ECOSYSTEM"}]},{"ecosystem_specific":{"binaries":[{"c-ares-devel":"1.19.1-150000.3.23.1","libcares2":"1.19.1-150000.3.23.1"}]},"package":{"ecosystem":"SUSE:Manager Server 4.2","name":"c-ares","purl":"pkg:rpm/suse/c-ares&distro=SUSE%20Manager%20Server%204.2"},"ranges":[{"events":[{"introduced":"0"},{"fixed":"1.19.1-150000.3.23.1"}],"type":"ECOSYSTEM"}]},{"ecosystem_specific":{"binaries":[{"libcares2":"1.19.1-150000.3.23.1"}]},"package":{"ecosystem":"SUSE:Linux Enterprise Micro 5.1","name":"c-ares","purl":"pkg:rpm/suse/c-ares&distro=SUSE%20Linux%20Enterprise%20Micro%205.1"},"ranges":[{"events":[{"introduced":"0"},{"fixed":"1.19.1-150000.3.23.1"}],"type":"ECOSYSTEM"}]},{"ecosystem_specific":{"binaries":[{"libcares2":"1.19.1-150000.3.23.1"}]},"package":{"ecosystem":"SUSE:Linux Enterprise Micro 5.2","name":"c-ares","purl":"pkg:rpm/suse/c-ares&distro=SUSE%20Linux%20Enterprise%20Micro%205.2"},"ranges":[{"events":[{"introduced":"0"},{"fixed":"1.19.1-150000.3.23.1"}],"type":"ECOSYSTEM"}]},{"ecosystem_specific":{"binaries":[{"c-ares-devel":"1.19.1-150000.3.23.1","libcares2":"1.19.1-150000.3.23.1"}]},"package":{"ecosystem":"SUSE:Enterprise Storage 7","name":"c-ares","purl":"pkg:rpm/suse/c-ares&distro=SUSE%20Enterprise%20Storage%207"},"ranges":[{"events":[{"introduced":"0"},{"fixed":"1.19.1-150000.3.23.1"}],"type":"ECOSYSTEM"}]},{"ecosystem_specific":{"binaries":[{"c-ares-devel":"1.19.1-150000.3.23.1","libcares2":"1.19.1-150000.3.23.1"}]},"package":{"ecosystem":"SUSE:Enterprise Storage 7.1","name":"c-ares","purl":"pkg:rpm/suse/c-ares&distro=SUSE%20Enterprise%20Storage%207.1"},"ranges":[{"events":[{"introduced":"0"},{"fixed":"1.19.1-150000.3.23.1"}],"type":"ECOSYSTEM"}]},{"ecosystem_specific":{"binaries":[{"libcares2":"1.19.1-150000.3.23.1"}]},"package":{"ecosystem":"openSUSE:Leap Micro 5.3","name":"c-ares","purl":"pkg:rpm/opensuse/c-ares&distro=openSUSE%20Leap%20Micro%205.3"},"ranges":[{"events":[{"introduced":"0"},{"fixed":"1.19.1-150000.3.23.1"}],"type":"ECOSYSTEM"}]},{"ecosystem_specific":{"binaries":[{"c-ares-devel":"1.19.1-150000.3.23.1","c-ares-utils":"1.19.1-150000.3.23.1","libcares2":"1.19.1-150000.3.23.1","libcares2-32bit":"1.19.1-150000.3.23.1"}]},"package":{"ecosystem":"openSUSE:Leap 15.4","name":"c-ares","purl":"pkg:rpm/opensuse/c-ares&distro=openSUSE%20Leap%2015.4"},"ranges":[{"events":[{"introduced":"0"},{"fixed":"1.19.1-150000.3.23.1"}],"type":"ECOSYSTEM"}]},{"ecosystem_specific":{"binaries":[{"c-ares-devel":"1.19.1-150000.3.23.1","c-ares-utils":"1.19.1-150000.3.23.1","libcares2":"1.19.1-150000.3.23.1","libcares2-32bit":"1.19.1-150000.3.23.1"}]},"package":{"ecosystem":"openSUSE:Leap 15.5","name":"c-ares","purl":"pkg:rpm/opensuse/c-ares&distro=openSUSE%20Leap%2015.5"},"ranges":[{"events":[{"introduced":"0"},{"fixed":"1.19.1-150000.3.23.1"}],"type":"ECOSYSTEM"}]}],"aliases":[],"details":"This update for c-ares fixes the following issues:\n\nUpdate to version 1.19.1:\n\n- CVE-2023-32067: 0-byte UDP payload causes Denial of Service (bsc#1211604)\n- CVE-2023-31147: Insufficient randomness in generation of DNS query IDs (bsc#1211605)\n- CVE-2023-31130: Buffer Underwrite in ares_inet_net_pton() (bsc#1211606)\n- CVE-2023-31124: AutoTools does not set CARES_RANDOM_FILE during cross compilation (bsc#1211607)\n- Fix uninitialized memory warning in test\n- ares_getaddrinfo() should allow a port of 0\n- Fix memory leak in ares_send() on error\n- Fix comment style in ares_data.h\n- Fix typo in ares_init_options.3\n- Sync ax_pthread.m4 with upstream\n- Sync ax_cxx_compile_stdcxx_11.m4 with upstream to fix uclibc support \n","id":"SUSE-SU-2023:2313-1","modified":"2023-05-30T07:30:02Z","published":"2023-05-30T07:30:02Z","references":[{"type":"ADVISORY","url":"https://www.suse.com/support/update/announcement/2023/suse-su-20232313-1/"},{"type":"REPORT","url":"https://bugzilla.suse.com/1211604"},{"type":"REPORT","url":"https://bugzilla.suse.com/1211605"},{"type":"REPORT","url":"https://bugzilla.suse.com/1211606"},{"type":"REPORT","url":"https://bugzilla.suse.com/1211607"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2023-31124"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2023-31130"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2023-31147"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2023-32067"}],"related":["CVE-2023-31124","CVE-2023-31130","CVE-2023-31147","CVE-2023-32067"],"summary":"Security update for c-ares","upstream":["CVE-2023-31124","CVE-2023-31130","CVE-2023-31147","CVE-2023-32067"]}