Updated avahi packages fix security vulnerabilities
Publication date: 25 Jan 2024Modification date: 25 Jan 2024
Type: security
Affected Mageia releases : 9
CVE: CVE-2023-38469 , CVE-2023-38470 , CVE-2023-38471 , CVE-2023-38472 , CVE-2023-38473
Description
The updated packages fix security vulnerabilities:
A vulnerability was found in Avahi, where a reachable assertion exists
in avahi_dns_packet_append_record. (CVE-2023-38469)
A vulnerability was found in Avahi. A reachable assertion exists in the
avahi_escape_label() function. (CVE-2023-38470)
A vulnerability was found in Avahi. A reachable assertion exists in the
dbus_set_host_name function. (CVE-2023-38471)
A vulnerability was found in Avahi. A reachable assertion exists in the
avahi_rdata_parse() function. (CVE-2023-38472)
A vulnerability was found in Avahi. A reachable assertion exists in the
avahi_alternative_host_name() function. (CVE-2023-38473)
References
- https://bugs.mageia.org/show_bug.cgi?id=32363
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-38469
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-38470
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-38471
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-38472
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-38473
SRPMS
9/core
- avahi-0.8-10.1.mga9