|
|
Subscribe / Log in / New account

Debian alert DLA-3414-1 (avahi)



From:
              Chris Lamb <lamby@debian.org>


To:
              debian-lts-announce@lists.debian.org


Subject:
              [SECURITY] [DLA 3414-1] avahi security update


Date:
              Tue, 02 May 2023 14:00:31 -0700


Message-ID:
              <168305056374.387593.5096627798405258905@copycat>


-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

- -------------------------------------------------------------------------
Debian LTS Advisory DLA-3414-1                debian-lts@lists.debian.org
https://www.debian.org/lts/security/                           Chris Lamb
May 02, 2023                                  https://wiki.debian.org/LTS
- -------------------------------------------------------------------------

Package        : avahi
Version        : 0.7-4+deb10u2
CVE ID         : CVE-2023-1981
Debian Bug     : 1034594

It was discovered that there was a local Denial of Service (DoS)
vulnerability in Avahi, a system that facilitates service discovery
on a local network.

The avahi-daemon process could have been crashed over the DBus
message bus.

For Debian 10 buster, this problem has been fixed in version
0.7-4+deb10u2.

We recommend that you upgrade your avahi packages.

For the detailed security status of avahi please refer to
its security tracker page at:
https://security-tracker.debian.org/tracker/avahi

Further information about Debian LTS security advisories, how to apply
these updates to your system and frequently asked questions can be
found at: https://wiki.debian.org/LTS

-----BEGIN PGP SIGNATURE-----

iQIzBAEBCAAdFiEEwv5L0nHBObhsUz5GHpU+J9QxHlgFAmRRUEEACgkQHpU+J9Qx
HlgFmA//UpXQ83Q2rcFZVV6SJAAqAxPCe+LXPDIyWgC075qn2aBUbliLk9Bu5Lhc
2QSiQD+LfQrZmouPks6PKVUEOQVwcb84sd4olXZHhOddxND1PyzOcK8SPxdO1aMY
8A1prFOXn+VBE7iQ3yDi/r0TcungQruT7TbkxCDPQbFBP8aToUsN+R8XqqUPhvuR
O31ZgFeX0cRqlshOYTmFhgCNsWiIdH7sCTsk+cgMsezKZKVEXSLhQYNKVzPW0SSC
lY4yc9r2PkiwNgHrBvlUV1/wh8PQhmu6NAiegLDynYf76nZtJmg6ho6SbumE/gPv
8+glEZ6AKwaFhlUcUvxmhtti3LeJND2pwDE4oiMVij+6Vz9szG1VFdGMe7/ZMrHl
dTHY3FTwYt3HhUBMXd2fn6Wtld4AIli544cm6uv/P4az5k/Yps/czq5N3mfThy84
7xILW8JXvsb7bTySIv6YOzuhIrKNiv0SNZZHE/S+6n7gIQLoCM0Dw/5xXfhQd5BS
sjeNAITJiq6SazpjvuyNUSHHVkS/AGnIBu4Csdjvj7fmEAwPWrir0dLB9QiBH6sj
PPTFF3ztgWYyxEKIfoO5x6Tqh6jEo5Yt86rqcaINgCl2f69Qi8ABxMKqDgZ5wcFS
TTX97/zqRTFJ4ie9TWmXKcDUqme7PKQe30JgEXBWNY883Olnv28=
=EUpZ
-----END PGP SIGNATURE-----
to post comments


Copyright © 2025, Eklektix, Inc.
Comments and public postings are copyrighted by their creators.
Linux is a registered trademark of Linus Torvalds