Errata overview
Errata ID 370
Date 2018-05-08
Source package c-ares
Fixed in version 1.10.0-2+deb8u2
This update addresses the following issue:
* The c-ares function `ares_parse_naptr_reply()`, which is used for parsing
  NAPTR responses, could be triggered to read memory outside of the given
  input buffer if the passed in DNS response packet was crafted in a
  particular way. (CVE-2017-1000381)
Additional notes
CVE ID CVE-2017-1000381
UCS Bug number #46247