Explore top 10 tips to secure your open-source projects now. Read More

×
Alerts This Week
Warning Icon 1 547
Alerts This Week
Warning Icon 1 547

Fedora 44 c-ares Important Use After Free Fix 2026-950a662010

fedora
Calendar Grey July 9, 2026
Dist Fedora Esm H88
Update to c-ares 1.34.7 resolves important security issues including CVE-2026-33630 and use-after-free bugs.
update to 1.34.7 fixes CVE-2026-33630 (GHSA-6wfj-rwm7-3542) and GHSA-pjmc-gx33-gc76 and GHSA- jv8r-gqr9-68wj

Summary

c-ares is a C library that performs DNS requests and name resolves

asynchronously. c-ares is a fork of the library named 'ares', written

by Greg Hudson at MIT.

Update Information:

update to 1.34.7 fixes CVE-2026-33630 (GHSA-6wfj-rwm7-3542) and GHSA-pjmc-gx33-gc76 and GHSA- jv8r-gqr9-68wj

Change Log

* Mon Jul 6 2026 Tom Callaway - 1.34.7-1 - update to 1.34.7 - fixes CVE-2026-33630 (GHSA-6wfj-rwm7-3542) and GHSA-pjmc-gx33-gc76 and GHSA-jv8r-gqr9-68wj

References


[ 1 ] Bug #2420051 - c-ares-1.34.7 is available https://bugzilla.redhat.com/show_bug.cgi?id=2420051 [ 2 ] Bug #2497696 - CVE-2026-33630 c-ares: c-ares: Use-after-free / double-free in query-completion handling [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=2497696

Update Instructions

This update can be installed with the "dnf" update program. Use su -c 'dnf upgrade --advisory FEDORA-2026-950a662010' at the command line. For more information, refer to the dnf documentation available at http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label

Severity
important
Lowest
Low
Medium
High
Critical

Name: c-ares
Product: Fedora 44
Version: 1.34.7
Release: 1.fc44
Summary: A library that performs asynchronous DNS operations

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.