SUSE Package Hub - SUSE-SLE-Module-Packagehub-Subpackages-15-SP5-2024-4386

Update Info

SUSE-SLE-Module-Packagehub-Subpackages-15-SP5-2024-4386

Security update for avahi

Type: security

Severity: moderate

Issued: 2024-12-19

Description:

This update for avahi fixes the following issues:

- CVE-2024-52616: Fixed Avahi Wide-Area DNS Predictable Transaction IDs (bsc#1233420)

  Other fixes: 
  - no longer supply bogus services to callbacks (bsc#1226586).

References

CVE: CVE-2024-52616
Bugzilla: 1233420 VUL-0: CVE-2024-52616: avahi: Avahi Wide-Area DNS Predictable Transaction IDs
Bugzilla: 1226586 avahi-browse -a fails with "Invalid service type"

Packages

avahi-0.8-150400.7.20.1