c-ares: Multiple Vulnerabilities Multiple vulnerabilities have been discovered in c-ares the worst of which could result in Denial of Service. c-ares 2023-10-08 2023-10-08 906964 remote 1.19.1 1.19.1

c-ares is a C library for asynchronous DNS requests (including name resolves).

Multiple vulnerabilities have been discovered in c-ares. Please review the CVE identifiers referenced below for details.

Please review the referenced CVE identifiers for details.

There is no known workaround at this time.

All c-ares users should upgrade to the latest version:

# emerge --sync # emerge --ask --oneshot --verbose ">=net-dns/c-ares-1.19.1" CVE-2023-31124 CVE-2023-31130 CVE-2023-31147 CVE-2023-32067 graaff graaff