UbuntuUpdates.org

Package "avahi"

Name: avahi

Description:

This package is just an umbrella for a group of other packages, it has no description.
Description samples from packages in group:

  • Service discover user interface for avahi
  • Avahi DNS configuration tool
  • Avahi GTK+ utilities
  • Python utility package for Avahi
Latest version: 0.7-4ubuntu7.2
Release: focal (20.04)
Level: security
Repository: universe

Links

All versions of this package
Bug fixes

List of files in package
Repository home page

Other versions of "avahi" in Focal

Repository Area Version
base main 0.7-4ubuntu7
base universe 0.7-4ubuntu7
security main 0.7-4ubuntu7.2
updates main 0.7-4ubuntu7.2
updates universe 0.7-4ubuntu7.2

Packages in group

Deleted packages are displayed in grey.


Changelog

Version: 0.7-4ubuntu7.2 2023-06-01 16:08:00 UTC

  avahi (0.7-4ubuntu7.2) focal-security; urgency=medium

  * SECURITY UPDATE: avahi-daemon can be crashed via DBus
    - debian/patches/CVE-2023-1981.patch: emit error if requested service
      is not found in avahi-daemon/dbus-protocol.c.
    - CVE-2023-1981

 -- Marc Deslauriers <email address hidden> Wed, 31 May 2023 09:59:47 -0400
Source diff to previous version
CVE-2023-1981 A vulnerability was found in the avahi library. This flaw allows an unprivileged user to make a dbus call, causing the avahi daemon to crash.

Version: 0.7-4ubuntu7.1 2021-07-07 19:07:06 UTC

  avahi (0.7-4ubuntu7.1) focal-security; urgency=medium

  * SECURITY UPDATE: DoS via infinite loop on local socket
    - debian/patches/CVE-2021-3468.patch: handle HUP event in
      avahi-daemon/simple-protocol.c.
    - CVE-2021-3468

 -- Marc Deslauriers <email address hidden> Tue, 06 Jul 2021 11:39:14 -0400
CVE-2021-3468 A flaw was found in avahi in versions 0.6 up to 0.8. The event used to signal the termination of the client connection on the avahi Unix socket is no


About   -   Send Feedback to @ubuntu_updates