avahi-0.6.32-2.3 on GA media SUSE Patch security@suse.de SUSE Security Team openSUSE-SU-2024:10363 Final 1 1 2024-06-17T21:45:33Z current 2024-06-17T21:45:33Z 2024-06-17T21:45:33Z cve-database/bin/generate-cvrf.pl 2017-02-24T01:00:00Z avahi-0.6.32-2.3 on GA media These are all security issues fixed in the avahi-0.6.32-2.3 package on the GA media of openSUSE Tumbleweed. The CVRF data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0). openSUSE-Tumbleweed-2024-10363 Copyright SUSE LLC under the Creative Commons License 4.0 with Attribution (CC-BY-4.0) E-Mail link for openSUSE-SU-2024:10363 https://www.suse.com/support/security/rating/ SUSE Security Ratings https://www.suse.com/security/cve/CVE-2009-0758/ SUSE CVE CVE-2009-0758 page https://www.suse.com/security/cve/CVE-2010-2244/ SUSE CVE CVE-2010-2244 page https://www.suse.com/security/cve/CVE-2011-1002/ SUSE CVE CVE-2011-1002 page openSUSE Tumbleweed avahi-0.6.32-2.3 avahi-autoipd-0.6.32-2.3 avahi-compat-howl-devel-0.6.32-2.3 avahi-compat-mDNSResponder-devel-0.6.32-2.3 avahi-lang-0.6.32-2.3 avahi-utils-0.6.32-2.3 libavahi-client3-0.6.32-2.3 libavahi-client3-32bit-0.6.32-2.3 libavahi-common3-0.6.32-2.3 libavahi-common3-32bit-0.6.32-2.3 libavahi-core7-0.6.32-2.3 libavahi-devel-0.6.32-2.3 libdns_sd-0.6.32-2.3 libdns_sd-32bit-0.6.32-2.3 libhowl0-0.6.32-2.3 python-avahi-0.6.32-2.3 avahi-0.6.32-2.3 as a component of openSUSE Tumbleweed avahi-autoipd-0.6.32-2.3 as a component of openSUSE Tumbleweed avahi-compat-howl-devel-0.6.32-2.3 as a component of openSUSE Tumbleweed avahi-compat-mDNSResponder-devel-0.6.32-2.3 as a component of openSUSE Tumbleweed avahi-lang-0.6.32-2.3 as a component of openSUSE Tumbleweed avahi-utils-0.6.32-2.3 as a component of openSUSE Tumbleweed libavahi-client3-0.6.32-2.3 as a component of openSUSE Tumbleweed libavahi-client3-32bit-0.6.32-2.3 as a component of openSUSE Tumbleweed libavahi-common3-0.6.32-2.3 as a component of openSUSE Tumbleweed libavahi-common3-32bit-0.6.32-2.3 as a component of openSUSE Tumbleweed libavahi-core7-0.6.32-2.3 as a component of openSUSE Tumbleweed libavahi-devel-0.6.32-2.3 as a component of openSUSE Tumbleweed libdns_sd-0.6.32-2.3 as a component of openSUSE Tumbleweed libdns_sd-32bit-0.6.32-2.3 as a component of openSUSE Tumbleweed libhowl0-0.6.32-2.3 as a component of openSUSE Tumbleweed python-avahi-0.6.32-2.3 as a component of openSUSE Tumbleweed The originates_from_local_legacy_unicast_socket function in avahi-core/server.c in avahi-daemon 0.6.23 does not account for the network byte order of a port number when processing incoming multicast packets, which allows remote attackers to cause a denial of service (network bandwidth and CPU consumption) via a crafted legacy unicast mDNS query packet that triggers a multicast packet storm. CVE-2009-0758 openSUSE Tumbleweed:avahi-0.6.32-2.3 openSUSE Tumbleweed:avahi-autoipd-0.6.32-2.3 openSUSE Tumbleweed:avahi-compat-howl-devel-0.6.32-2.3 openSUSE Tumbleweed:avahi-compat-mDNSResponder-devel-0.6.32-2.3 openSUSE Tumbleweed:avahi-lang-0.6.32-2.3 openSUSE Tumbleweed:avahi-utils-0.6.32-2.3 openSUSE Tumbleweed:libavahi-client3-0.6.32-2.3 openSUSE Tumbleweed:libavahi-client3-32bit-0.6.32-2.3 openSUSE Tumbleweed:libavahi-common3-0.6.32-2.3 openSUSE Tumbleweed:libavahi-common3-32bit-0.6.32-2.3 openSUSE Tumbleweed:libavahi-core7-0.6.32-2.3 openSUSE Tumbleweed:libavahi-devel-0.6.32-2.3 openSUSE Tumbleweed:libdns_sd-0.6.32-2.3 openSUSE Tumbleweed:libdns_sd-32bit-0.6.32-2.3 openSUSE Tumbleweed:libhowl0-0.6.32-2.3 openSUSE Tumbleweed:python-avahi-0.6.32-2.3 moderate To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2009-0758.html CVE-2009-0758 https://bugzilla.suse.com/480865 SUSE Bug 480865 The AvahiDnsPacket function in avahi-core/socket.c in avahi-daemon in Avahi 0.6.16 and 0.6.25 allows remote attackers to cause a denial of service (assertion failure and daemon exit) via a DNS packet with an invalid checksum followed by a DNS packet with a valid checksum, a different vulnerability than CVE-2008-5081. CVE-2010-2244 openSUSE Tumbleweed:avahi-0.6.32-2.3 openSUSE Tumbleweed:avahi-autoipd-0.6.32-2.3 openSUSE Tumbleweed:avahi-compat-howl-devel-0.6.32-2.3 openSUSE Tumbleweed:avahi-compat-mDNSResponder-devel-0.6.32-2.3 openSUSE Tumbleweed:avahi-lang-0.6.32-2.3 openSUSE Tumbleweed:avahi-utils-0.6.32-2.3 openSUSE Tumbleweed:libavahi-client3-0.6.32-2.3 openSUSE Tumbleweed:libavahi-client3-32bit-0.6.32-2.3 openSUSE Tumbleweed:libavahi-common3-0.6.32-2.3 openSUSE Tumbleweed:libavahi-common3-32bit-0.6.32-2.3 openSUSE Tumbleweed:libavahi-core7-0.6.32-2.3 openSUSE Tumbleweed:libavahi-devel-0.6.32-2.3 openSUSE Tumbleweed:libdns_sd-0.6.32-2.3 openSUSE Tumbleweed:libdns_sd-32bit-0.6.32-2.3 openSUSE Tumbleweed:libhowl0-0.6.32-2.3 openSUSE Tumbleweed:python-avahi-0.6.32-2.3 moderate To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2010-2244.html CVE-2010-2244 https://bugzilla.suse.com/603289 SUSE Bug 603289 https://bugzilla.suse.com/646961 SUSE Bug 646961 avahi-core/socket.c in avahi-daemon in Avahi before 0.6.29 allows remote attackers to cause a denial of service (infinite loop) via an empty mDNS (1) IPv4 or (2) IPv6 UDP packet to port 5353. NOTE: this vulnerability exists because of an incorrect fix for CVE-2010-2244. CVE-2011-1002 openSUSE Tumbleweed:avahi-0.6.32-2.3 openSUSE Tumbleweed:avahi-autoipd-0.6.32-2.3 openSUSE Tumbleweed:avahi-compat-howl-devel-0.6.32-2.3 openSUSE Tumbleweed:avahi-compat-mDNSResponder-devel-0.6.32-2.3 openSUSE Tumbleweed:avahi-lang-0.6.32-2.3 openSUSE Tumbleweed:avahi-utils-0.6.32-2.3 openSUSE Tumbleweed:libavahi-client3-0.6.32-2.3 openSUSE Tumbleweed:libavahi-client3-32bit-0.6.32-2.3 openSUSE Tumbleweed:libavahi-common3-0.6.32-2.3 openSUSE Tumbleweed:libavahi-common3-32bit-0.6.32-2.3 openSUSE Tumbleweed:libavahi-core7-0.6.32-2.3 openSUSE Tumbleweed:libavahi-devel-0.6.32-2.3 openSUSE Tumbleweed:libdns_sd-0.6.32-2.3 openSUSE Tumbleweed:libdns_sd-32bit-0.6.32-2.3 openSUSE Tumbleweed:libhowl0-0.6.32-2.3 openSUSE Tumbleweed:python-avahi-0.6.32-2.3 moderate To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2011-1002.html CVE-2011-1002 https://bugzilla.suse.com/671797 SUSE Bug 671797