File _patchinfo of Package patchinfo.29101

<patchinfo incident="29101">
  <issue tracker="cve" id="2023-31147"/>
  <issue tracker="cve" id="2023-32067"/>
  <issue tracker="cve" id="2023-31130"/>
  <issue tracker="cve" id="2023-31124"/>
  <issue tracker="bnc" id="1211606">VUL-0: CVE-2023-31130: c-ares: Buffer Underwrite in ares_inet_net_pton()</issue>
  <issue tracker="bnc" id="1211604">VUL-0: CVE-2023-32067: c-ares: 0-byte UDP payload causes Denial of Service</issue>
  <issue tracker="bnc" id="1211605">VUL-0: CVE-2023-31147: c-ares: Insufficient randomness in generation of DNS query IDs</issue>
  <issue tracker="bnc" id="1211607">VUL-0: CVE-2023-31124: c-ares: AutoTools does not set CARES_RANDOM_FILE during cross compilation</issue>
  <packager>adamm</packager>
  <rating>important</rating>
  <category>security</category>
  <summary>Security update for libcares2</summary>
  <description>This update for libcares2 fixes the following issues:

- CVE-2023-32067: Fixed a denial of service that could be triggered by
  a 0-byte UDP payload (bsc#1211604).
- CVE-2023-31147: Fixed an insufficient randomness in generation of
  DNS query IDs (bsc#1211605).
- CVE-2023-31130: Fixed a buffer underflow when configuring specific
  IPv6 addresses (bsc#1211606).
- CVE-2023-31124: Fixed a build issue when cross-compiling that could
  lead to insufficient randomness (bsc#1211607).
</description>
</patchinfo>