| Errata ID | 370 |
|---|---|
| Date | 2018-05-08 |
| Source package | c-ares |
| Fixed in version | 1.10.0-2+deb8u2 |
| Description | This update addresses the following issue: * The c-ares function `ares_parse_naptr_reply()`, which is used for parsing NAPTR responses, could be triggered to read memory outside of the given input buffer if the passed in DNS response packet was crafted in a particular way. (CVE-2017-1000381) |
| Additional notes | |
| CVE ID | CVE-2017-1000381 |
| UCS Bug number | #46247 |
