Описание
Security update for avahi
This update for avahi fixes the following issues:
- CVE-2021-26720: drop privileges when invoking avahi-daemon-check-dns.sh (bsc#1180827)
- Add sudo to requires: used to drop privileges.
Список пакетов
Image SLES12-SP4-Azure-BYOS
libavahi-client3-0.6.32-32.12.2
libavahi-common3-0.6.32-32.12.2
Image SLES12-SP4-EC2-HVM-BYOS
libavahi-client3-0.6.32-32.12.2
libavahi-common3-0.6.32-32.12.2
Image SLES12-SP4-GCE-BYOS
libavahi-client3-0.6.32-32.12.2
libavahi-common3-0.6.32-32.12.2
Image SLES12-SP4-OCI-BYOS
libavahi-client3-0.6.32-32.12.2
libavahi-common3-0.6.32-32.12.2
Image SLES12-SP4-SAP-Azure
libavahi-client3-0.6.32-32.12.2
libavahi-common3-0.6.32-32.12.2
Image SLES12-SP4-SAP-Azure-BYOS
libavahi-client3-0.6.32-32.12.2
libavahi-common3-0.6.32-32.12.2
Image SLES12-SP4-SAP-Azure-LI-BYOS-Production
libavahi-client3-0.6.32-32.12.2
libavahi-common3-0.6.32-32.12.2
Image SLES12-SP4-SAP-Azure-VLI-BYOS-Production
libavahi-client3-0.6.32-32.12.2
libavahi-common3-0.6.32-32.12.2
Image SLES12-SP4-SAP-EC2-HVM
libavahi-client3-0.6.32-32.12.2
libavahi-common3-0.6.32-32.12.2
Image SLES12-SP4-SAP-EC2-HVM-BYOS
libavahi-client3-0.6.32-32.12.2
libavahi-common3-0.6.32-32.12.2
Image SLES12-SP4-SAP-GCE
libavahi-client3-0.6.32-32.12.2
libavahi-common3-0.6.32-32.12.2
Image SLES12-SP4-SAP-GCE-BYOS
libavahi-client3-0.6.32-32.12.2
libavahi-common3-0.6.32-32.12.2
Image SLES12-SP4-SAP-OCI-BYOS
libavahi-client3-0.6.32-32.12.2
libavahi-common3-0.6.32-32.12.2
Image SLES12-SP5-Azure-BYOS
libavahi-client3-0.6.32-32.12.2
libavahi-common3-0.6.32-32.12.2
Image SLES12-SP5-Azure-Basic-On-Demand
libavahi-client3-0.6.32-32.12.2
libavahi-common3-0.6.32-32.12.2
Image SLES12-SP5-Azure-HPC-BYOS
libavahi-client3-0.6.32-32.12.2
libavahi-common3-0.6.32-32.12.2
Image SLES12-SP5-Azure-HPC-On-Demand
libavahi-client3-0.6.32-32.12.2
libavahi-common3-0.6.32-32.12.2
Image SLES12-SP5-Azure-SAP-BYOS
libavahi-client3-0.6.32-32.12.2
libavahi-common3-0.6.32-32.12.2
Image SLES12-SP5-Azure-SAP-On-Demand
libavahi-client3-0.6.32-32.12.2
libavahi-common3-0.6.32-32.12.2
Image SLES12-SP5-Azure-Standard-On-Demand
libavahi-client3-0.6.32-32.12.2
libavahi-common3-0.6.32-32.12.2
Image SLES12-SP5-EC2-BYOS
libavahi-client3-0.6.32-32.12.2
libavahi-common3-0.6.32-32.12.2
Image SLES12-SP5-EC2-ECS-On-Demand
libavahi-client3-0.6.32-32.12.2
libavahi-common3-0.6.32-32.12.2
Image SLES12-SP5-EC2-On-Demand
libavahi-client3-0.6.32-32.12.2
libavahi-common3-0.6.32-32.12.2
Image SLES12-SP5-EC2-SAP-BYOS
libavahi-client3-0.6.32-32.12.2
libavahi-common3-0.6.32-32.12.2
Image SLES12-SP5-EC2-SAP-On-Demand
libavahi-client3-0.6.32-32.12.2
libavahi-common3-0.6.32-32.12.2
Image SLES12-SP5-GCE-BYOS
libavahi-client3-0.6.32-32.12.2
libavahi-common3-0.6.32-32.12.2
Image SLES12-SP5-GCE-On-Demand
libavahi-client3-0.6.32-32.12.2
libavahi-common3-0.6.32-32.12.2
Image SLES12-SP5-GCE-SAP-BYOS
libavahi-client3-0.6.32-32.12.2
libavahi-common3-0.6.32-32.12.2
Image SLES12-SP5-GCE-SAP-On-Demand
libavahi-client3-0.6.32-32.12.2
libavahi-common3-0.6.32-32.12.2
Image SLES12-SP5-OCI-BYOS-BYOS
libavahi-client3-0.6.32-32.12.2
libavahi-common3-0.6.32-32.12.2
Image SLES12-SP5-OCI-BYOS-SAP-BYOS
libavahi-client3-0.6.32-32.12.2
libavahi-common3-0.6.32-32.12.2
Image SLES12-SP5-SAP-Azure-LI-BYOS-Production
libavahi-client3-0.6.32-32.12.2
libavahi-common3-0.6.32-32.12.2
Image SLES12-SP5-SAP-Azure-VLI-BYOS-Production
libavahi-client3-0.6.32-32.12.2
libavahi-common3-0.6.32-32.12.2
SUSE Linux Enterprise Server 12 SP5
avahi-0.6.32-32.12.2
avahi-lang-0.6.32-32.12.2
avahi-utils-0.6.32-32.12.2
libavahi-client3-0.6.32-32.12.2
libavahi-client3-32bit-0.6.32-32.12.2
libavahi-common3-0.6.32-32.12.2
libavahi-common3-32bit-0.6.32-32.12.2
libavahi-core7-0.6.32-32.12.2
libavahi-glib1-0.6.32-32.12.3
libavahi-glib1-32bit-0.6.32-32.12.3
libdns_sd-0.6.32-32.12.2
libdns_sd-32bit-0.6.32-32.12.2
SUSE Linux Enterprise Server for SAP Applications 12 SP5
avahi-0.6.32-32.12.2
avahi-lang-0.6.32-32.12.2
avahi-utils-0.6.32-32.12.2
libavahi-client3-0.6.32-32.12.2
libavahi-client3-32bit-0.6.32-32.12.2
libavahi-common3-0.6.32-32.12.2
libavahi-common3-32bit-0.6.32-32.12.2
libavahi-core7-0.6.32-32.12.2
libavahi-glib1-0.6.32-32.12.3
libavahi-glib1-32bit-0.6.32-32.12.3
libdns_sd-0.6.32-32.12.2
libdns_sd-32bit-0.6.32-32.12.2
SUSE Linux Enterprise Software Development Kit 12 SP5
avahi-compat-howl-devel-0.6.32-32.12.2
avahi-compat-mDNSResponder-devel-0.6.32-32.12.2
libavahi-devel-0.6.32-32.12.2
libavahi-glib-devel-0.6.32-32.12.3
libavahi-gobject-devel-0.6.32-32.12.3
libavahi-gobject0-0.6.32-32.12.3
libavahi-ui-gtk3-0-0.6.32-32.12.3
libavahi-ui0-0.6.32-32.12.3
libhowl0-0.6.32-32.12.2
python-avahi-0.6.32-32.12.2
typelib-1_0-Avahi-0_6-0.6.32-32.12.3
SUSE Linux Enterprise Workstation Extension 12 SP5
libavahi-gobject0-0.6.32-32.12.3
libavahi-ui-gtk3-0-0.6.32-32.12.3
libavahi-ui0-0.6.32-32.12.3
Ссылки
- Link for SUSE-SU-2021:0563-1
- E-Mail link for SUSE-SU-2021:0563-1
- SUSE Security Ratings
- SUSE Bug 1180827
- SUSE CVE CVE-2021-26720 page
Описание
avahi-daemon-check-dns.sh in the Debian avahi package through 0.8-4 is executed as root via /etc/network/if-up.d/avahi-daemon, and allows a local attacker to cause a denial of service or create arbitrary empty files via a symlink attack on files under /run/avahi-daemon. NOTE: this only affects the packaging for Debian GNU/Linux (used indirectly by SUSE), not the upstream Avahi product.
Затронутые продукты
Image SLES12-SP4-Azure-BYOS:libavahi-client3-0.6.32-32.12.2
Image SLES12-SP4-Azure-BYOS:libavahi-common3-0.6.32-32.12.2
Image SLES12-SP4-EC2-HVM-BYOS:libavahi-client3-0.6.32-32.12.2
Image SLES12-SP4-EC2-HVM-BYOS:libavahi-common3-0.6.32-32.12.2
Ссылки
- CVE-2021-26720
- SUSE Bug 1180827
- SUSE Bug 1180865
- SUSE Bug 1181852
- SUSE Bug 1186412
- SUSE Bug 1205048