ALSA-2023:7836

See a problem?
Please try reporting it to the source first.
Source
https://errata.almalinux.org/8/ALSA-2023-7836.html
Import Source
https://github.com/AlmaLinux/osv-database/blob/master/advisories/almalinux8/ALSA-2023:7836.json
JSON Data
https://api.osv.dev/v1/vulns/ALSA-2023:7836
Related
Published
2023-12-14T00:00:00Z
Modified
2023-12-15T09:22:34Z
Summary
Moderate: avahi security update
Details

Avahi is an implementation of the DNS Service Discovery and Multicast DNS specifications for Zero Configuration Networking. It facilitates service discovery on a local network. Avahi and Avahi-aware applications allow you to plug your computer into a network and, with no configuration, view other people to chat with, view printers to print with, and find shared files on other computers.

Security Fix(es):

  • avahi: Local DoS by event-busy-loop from writing long lines to /run/avahi-daemon/socket (CVE-2021-3468)
  • avahi: Reachable assertion in avahidnspacketappendrecord (CVE-2023-38469)
  • avahi: Reachable assertion in avahiescapelabel (CVE-2023-38470)
  • avahi: Reachable assertion in dbussethost_name (CVE-2023-38471)
  • avahi: Reachable assertion in avahirdataparse (CVE-2023-38472)
  • avahi: Reachable assertion in avahialternativehost_name (CVE-2023-38473)

For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.

References

Affected packages

AlmaLinux:8 / avahi

Package

Name
avahi

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
0.7-21.el8_9.1

AlmaLinux:8 / avahi-autoipd

Package

Name
avahi-autoipd

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
0.7-21.el8_9.1

AlmaLinux:8 / avahi-compat-howl

Package

Name
avahi-compat-howl

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
0.7-21.el8_9.1

AlmaLinux:8 / avahi-compat-howl-devel

Package

Name
avahi-compat-howl-devel

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
0.7-21.el8_9.1

AlmaLinux:8 / avahi-compat-libdns_sd

Package

Name
avahi-compat-libdns_sd

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
0.7-21.el8_9.1

AlmaLinux:8 / avahi-compat-libdns_sd-devel

Package

Name
avahi-compat-libdns_sd-devel

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
0.7-21.el8_9.1

AlmaLinux:8 / avahi-devel

Package

Name
avahi-devel

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
0.7-21.el8_9.1

AlmaLinux:8 / avahi-glib

Package

Name
avahi-glib

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
0.7-21.el8_9.1

AlmaLinux:8 / avahi-glib-devel

Package

Name
avahi-glib-devel

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
0.7-21.el8_9.1

AlmaLinux:8 / avahi-gobject

Package

Name
avahi-gobject

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
0.7-21.el8_9.1

AlmaLinux:8 / avahi-gobject-devel

Package

Name
avahi-gobject-devel

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
0.7-21.el8_9.1

AlmaLinux:8 / avahi-libs

Package

Name
avahi-libs

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
0.7-21.el8_9.1

AlmaLinux:8 / avahi-tools

Package

Name
avahi-tools

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
0.7-21.el8_9.1

AlmaLinux:8 / avahi-ui

Package

Name
avahi-ui

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
0.7-21.el8_9.1

AlmaLinux:8 / avahi-ui-devel

Package

Name
avahi-ui-devel

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
0.7-21.el8_9.1

AlmaLinux:8 / avahi-ui-gtk3

Package

Name
avahi-ui-gtk3

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
0.7-21.el8_9.1

AlmaLinux:8 / python3-avahi

Package

Name
python3-avahi

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
0.7-21.el8_9.1