Issued at: 2025-12-10
Updated at: 2025-12-10
Synopsis
Low: c-ares security update
Description
The c-ares C library defines asynchronous DNS (Domain Name System) requests and provides name resolving API.
Security Fix(es):
* c-ares: Out of bounds read in ares__read_line() (CVE-2024-25629)
For more details about the security issue(s), including the impact, a CVSS
score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
Affected products
Rocky Linux 9 aarch64
Rocky Linux 9 ppc64le
Rocky Linux 9 s390x
Rocky Linux 9 x86_64
Fixes
2265713
CVEs
CVE-2024-25629
Affected packages
Rocky Linux 9 x86_64 - BaseOS
c-ares-0:1.19.1-2.el9_4.x86_64.rpm
c-ares-debuginfo-0:1.19.1-2.el9_4.i686.rpm
c-ares-0:1.19.1-2.el9_4.src.rpm
c-ares-debugsource-0:1.19.1-2.el9_4.i686.rpm
c-ares-debuginfo-0:1.19.1-2.el9_4.x86_64.rpm
c-ares-debugsource-0:1.19.1-2.el9_4.x86_64.rpm
c-ares-0:1.19.1-2.el9_4.i686.rpm
Rocky Linux 9 ppc64le - BaseOS
c-ares-debuginfo-0:1.19.1-2.el9_4.ppc64le.rpm
c-ares-0:1.19.1-2.el9_4.ppc64le.rpm
c-ares-debugsource-0:1.19.1-2.el9_4.ppc64le.rpm
c-ares-0:1.19.1-2.el9_4.src.rpm
Rocky Linux 9 s390x - BaseOS
c-ares-debuginfo-0:1.19.1-2.el9_4.s390x.rpm
c-ares-debugsource-0:1.19.1-2.el9_4.s390x.rpm
c-ares-0:1.19.1-2.el9_4.src.rpm
c-ares-0:1.19.1-2.el9_4.s390x.rpm
Rocky Linux 9 aarch64 - BaseOS
c-ares-debugsource-0:1.19.1-2.el9_4.aarch64.rpm
c-ares-0:1.19.1-2.el9_4.src.rpm
c-ares-0:1.19.1-2.el9_4.aarch64.rpm
c-ares-debuginfo-0:1.19.1-2.el9_4.aarch64.rpm
Rocky Linux 9 x86_64 - AppStream
c-ares-devel-0:1.19.1-2.el9_4.x86_64.rpm
c-ares-devel-0:1.19.1-2.el9_4.i686.rpm
Rocky Linux 9 ppc64le - AppStream
c-ares-devel-0:1.19.1-2.el9_4.ppc64le.rpm
Rocky Linux 9 aarch64 - AppStream
c-ares-devel-0:1.19.1-2.el9_4.aarch64.rpm
Rocky Linux 9 s390x - AppStream
c-ares-devel-0:1.19.1-2.el9_4.s390x.rpm