AVG-2268 log

Package c-ares
Status Fixed
Severity Medium
Type insufficient validation
Affected 1.17.1-1
Fixed 1.17.2-1
Current 1.34.4-1 [extra-testing]
1.34.3-1 [extra]
Ticket None
Created Tue Aug 10 06:48:54 2021
Issue Severity Remote Type Description
CVE-2021-3672 Medium Yes Insufficient validation
Missing input validation of host names returned by Domain Name Servers in the c-ares library before version 1.17.2 can lead to output of wrong hostnames...
Date Advisory Package Type
10 Aug 2021 ASA-202108-13 c-ares insufficient validation