SUSE-SU-2024:4196-1

Опубликовано: 05 дек. 2024

Источник: suse-cvrf

Описание

Security update for avahi

This update for avahi fixes the following issues:

CVE-2024-52616: Fixed Avahi Wide-Area DNS Predictable Transaction IDs (bsc#1233420)

Список пакетов

Container suse/manager/5.0/x86_64/server:latest

libavahi-client3-0.8-150600.15.6.1

libavahi-common3-0.8-150600.15.6.1

Container suse/pcp:latest

libavahi-client3-0.8-150600.15.6.1

libavahi-common3-0.8-150600.15.6.1

Image SLES15-SP6

libavahi-client3-0.8-150600.15.6.1

libavahi-common3-0.8-150600.15.6.1

Image SLES15-SP6-Azure-Basic

libavahi-client3-0.8-150600.15.6.1

libavahi-common3-0.8-150600.15.6.1

Image SLES15-SP6-Azure-Standard

libavahi-client3-0.8-150600.15.6.1

libavahi-common3-0.8-150600.15.6.1

Image SLES15-SP6-BYOS

libavahi-client3-0.8-150600.15.6.1

libavahi-common3-0.8-150600.15.6.1

Image SLES15-SP6-BYOS-Azure

libavahi-client3-0.8-150600.15.6.1

libavahi-common3-0.8-150600.15.6.1

Image SLES15-SP6-BYOS-EC2

libavahi-client3-0.8-150600.15.6.1

libavahi-common3-0.8-150600.15.6.1

Image SLES15-SP6-BYOS-GCE

libavahi-client3-0.8-150600.15.6.1

libavahi-common3-0.8-150600.15.6.1

Image SLES15-SP6-CHOST-BYOS

libavahi-client3-0.8-150600.15.6.1

libavahi-common3-0.8-150600.15.6.1

Image SLES15-SP6-CHOST-BYOS-Aliyun

libavahi-client3-0.8-150600.15.6.1

libavahi-common3-0.8-150600.15.6.1

Image SLES15-SP6-CHOST-BYOS-Azure

libavahi-client3-0.8-150600.15.6.1

libavahi-common3-0.8-150600.15.6.1

Image SLES15-SP6-CHOST-BYOS-EC2

libavahi-client3-0.8-150600.15.6.1

libavahi-common3-0.8-150600.15.6.1

Image SLES15-SP6-CHOST-BYOS-GCE

libavahi-client3-0.8-150600.15.6.1

libavahi-common3-0.8-150600.15.6.1

Image SLES15-SP6-CHOST-BYOS-GDC

libavahi-client3-0.8-150600.15.6.1

libavahi-common3-0.8-150600.15.6.1

Image SLES15-SP6-CHOST-BYOS-SAP-CCloud

libavahi-client3-0.8-150600.15.6.1

libavahi-common3-0.8-150600.15.6.1

Image SLES15-SP6-EC2

libavahi-client3-0.8-150600.15.6.1

libavahi-common3-0.8-150600.15.6.1

Image SLES15-SP6-EC2-ECS-HVM

libavahi-client3-0.8-150600.15.6.1

libavahi-common3-0.8-150600.15.6.1

Image SLES15-SP6-GCE

libavahi-client3-0.8-150600.15.6.1

libavahi-common3-0.8-150600.15.6.1

Image SLES15-SP6-HPC

libavahi-client3-0.8-150600.15.6.1

libavahi-common3-0.8-150600.15.6.1

Image SLES15-SP6-HPC-Azure

libavahi-client3-0.8-150600.15.6.1

libavahi-common3-0.8-150600.15.6.1

Image SLES15-SP6-HPC-BYOS

libavahi-client3-0.8-150600.15.6.1

libavahi-common3-0.8-150600.15.6.1

Image SLES15-SP6-HPC-BYOS-Azure

libavahi-client3-0.8-150600.15.6.1

libavahi-common3-0.8-150600.15.6.1

Image SLES15-SP6-HPC-BYOS-EC2

libavahi-client3-0.8-150600.15.6.1

libavahi-common3-0.8-150600.15.6.1

Image SLES15-SP6-HPC-BYOS-GCE

libavahi-client3-0.8-150600.15.6.1

libavahi-common3-0.8-150600.15.6.1

Image SLES15-SP6-HPC-EC2

libavahi-client3-0.8-150600.15.6.1

libavahi-common3-0.8-150600.15.6.1

Image SLES15-SP6-HPC-GCE

libavahi-client3-0.8-150600.15.6.1

libavahi-common3-0.8-150600.15.6.1

Image SLES15-SP6-Hardened-BYOS

libavahi-client3-0.8-150600.15.6.1

libavahi-common3-0.8-150600.15.6.1

Image SLES15-SP6-Hardened-BYOS-Azure

libavahi-client3-0.8-150600.15.6.1

libavahi-common3-0.8-150600.15.6.1

Image SLES15-SP6-Hardened-BYOS-EC2

libavahi-client3-0.8-150600.15.6.1

libavahi-common3-0.8-150600.15.6.1

Image SLES15-SP6-Hardened-BYOS-GCE

libavahi-client3-0.8-150600.15.6.1

libavahi-common3-0.8-150600.15.6.1

Image SLES15-SP6-SAP

libavahi-client3-0.8-150600.15.6.1

libavahi-common3-0.8-150600.15.6.1

Image SLES15-SP6-SAP-Azure

libavahi-client3-0.8-150600.15.6.1

libavahi-common3-0.8-150600.15.6.1

Image SLES15-SP6-SAP-Azure-LI-BYOS

libavahi-client3-0.8-150600.15.6.1

libavahi-common3-0.8-150600.15.6.1

libdns_sd-0.8-150600.15.6.1

Image SLES15-SP6-SAP-Azure-LI-BYOS-Production

libavahi-client3-0.8-150600.15.6.1

libavahi-common3-0.8-150600.15.6.1

libdns_sd-0.8-150600.15.6.1

Image SLES15-SP6-SAP-Azure-VLI-BYOS

libavahi-client3-0.8-150600.15.6.1

libavahi-common3-0.8-150600.15.6.1

libdns_sd-0.8-150600.15.6.1

Image SLES15-SP6-SAP-Azure-VLI-BYOS-Production

libavahi-client3-0.8-150600.15.6.1

libavahi-common3-0.8-150600.15.6.1

libdns_sd-0.8-150600.15.6.1

Image SLES15-SP6-SAP-BYOS

libavahi-client3-0.8-150600.15.6.1

libavahi-common3-0.8-150600.15.6.1

Image SLES15-SP6-SAP-BYOS-Azure

libavahi-client3-0.8-150600.15.6.1

libavahi-common3-0.8-150600.15.6.1

Image SLES15-SP6-SAP-BYOS-EC2

libavahi-client3-0.8-150600.15.6.1

libavahi-common3-0.8-150600.15.6.1

Image SLES15-SP6-SAP-BYOS-GCE

libavahi-client3-0.8-150600.15.6.1

libavahi-common3-0.8-150600.15.6.1

Image SLES15-SP6-SAP-EC2

libavahi-client3-0.8-150600.15.6.1

libavahi-common3-0.8-150600.15.6.1

Image SLES15-SP6-SAP-GCE

libavahi-client3-0.8-150600.15.6.1

libavahi-common3-0.8-150600.15.6.1

Image SLES15-SP6-SAP-Hardened

libavahi-client3-0.8-150600.15.6.1

libavahi-common3-0.8-150600.15.6.1

Image SLES15-SP6-SAP-Hardened-Azure

libavahi-client3-0.8-150600.15.6.1

libavahi-common3-0.8-150600.15.6.1

Image SLES15-SP6-SAP-Hardened-BYOS

libavahi-client3-0.8-150600.15.6.1

libavahi-common3-0.8-150600.15.6.1

Image SLES15-SP6-SAP-Hardened-BYOS-Azure

libavahi-client3-0.8-150600.15.6.1

libavahi-common3-0.8-150600.15.6.1

Image SLES15-SP6-SAP-Hardened-BYOS-EC2

libavahi-client3-0.8-150600.15.6.1

libavahi-common3-0.8-150600.15.6.1

Image SLES15-SP6-SAP-Hardened-BYOS-GCE

libavahi-client3-0.8-150600.15.6.1

libavahi-common3-0.8-150600.15.6.1

Image SLES15-SP6-SAP-Hardened-EC2

libavahi-client3-0.8-150600.15.6.1

libavahi-common3-0.8-150600.15.6.1

Image SLES15-SP6-SAP-Hardened-GCE

libavahi-client3-0.8-150600.15.6.1

libavahi-common3-0.8-150600.15.6.1

Image SLES15-SP6-SAPCAL

libavahi-client3-0.8-150600.15.6.1

libavahi-common3-0.8-150600.15.6.1

Image SLES15-SP6-SAPCAL-Azure

libavahi-client3-0.8-150600.15.6.1

libavahi-common3-0.8-150600.15.6.1

Image SLES15-SP6-SAPCAL-EC2

libavahi-client3-0.8-150600.15.6.1

libavahi-common3-0.8-150600.15.6.1

Image SLES15-SP6-SAPCAL-GCE

libavahi-client3-0.8-150600.15.6.1

libavahi-common3-0.8-150600.15.6.1

Image server-image

libavahi-client3-0.8-150600.15.6.1

libavahi-common3-0.8-150600.15.6.1

SUSE Linux Enterprise Module for Basesystem 15 SP6

avahi-0.8-150600.15.6.1

avahi-compat-howl-devel-0.8-150600.15.6.1

avahi-compat-mDNSResponder-devel-0.8-150600.15.6.1

avahi-lang-0.8-150600.15.6.1

avahi-utils-0.8-150600.15.6.1

libavahi-client3-0.8-150600.15.6.1

libavahi-client3-32bit-0.8-150600.15.6.1

libavahi-common3-0.8-150600.15.6.1

libavahi-common3-32bit-0.8-150600.15.6.1

libavahi-core7-0.8-150600.15.6.1

libavahi-devel-0.8-150600.15.6.1

libavahi-glib-devel-0.8-150600.15.6.1

libavahi-glib1-0.8-150600.15.6.1

libavahi-gobject0-0.8-150600.15.6.1

libavahi-libevent1-0.8-150600.15.6.1

libavahi-ui-gtk3-0-0.8-150600.15.6.1

libdns_sd-0.8-150600.15.6.1

libhowl0-0.8-150600.15.6.1

typelib-1_0-Avahi-0_6-0.8-150600.15.6.1

SUSE Linux Enterprise Module for Desktop Applications 15 SP6

avahi-autoipd-0.8-150600.15.6.1

avahi-utils-gtk-0.8-150600.15.6.1

libavahi-gobject-devel-0.8-150600.15.6.1

SUSE Linux Enterprise Module for Package Hub 15 SP6

python3-avahi-0.8-150600.15.6.1

openSUSE Leap 15.6

avahi-0.8-150600.15.6.1

avahi-autoipd-0.8-150600.15.6.1

avahi-compat-howl-devel-0.8-150600.15.6.1

avahi-compat-mDNSResponder-devel-0.8-150600.15.6.1

avahi-lang-0.8-150600.15.6.1

avahi-utils-0.8-150600.15.6.1

avahi-utils-gtk-0.8-150600.15.6.1

libavahi-client3-0.8-150600.15.6.1

libavahi-client3-32bit-0.8-150600.15.6.1

libavahi-common3-0.8-150600.15.6.1

libavahi-common3-32bit-0.8-150600.15.6.1

libavahi-core7-0.8-150600.15.6.1

libavahi-devel-0.8-150600.15.6.1

libavahi-glib-devel-0.8-150600.15.6.1

libavahi-glib1-0.8-150600.15.6.1

libavahi-glib1-32bit-0.8-150600.15.6.1

libavahi-gobject-devel-0.8-150600.15.6.1

libavahi-gobject0-0.8-150600.15.6.1

libavahi-libevent1-0.8-150600.15.6.1

libavahi-qt5-1-0.8-150600.15.6.1

libavahi-qt5-devel-0.8-150600.15.6.1

libavahi-ui-gtk3-0-0.8-150600.15.6.1

libdns_sd-0.8-150600.15.6.1

libdns_sd-32bit-0.8-150600.15.6.1

libhowl0-0.8-150600.15.6.1

python3-avahi-0.8-150600.15.6.1

python3-avahi-gtk-0.8-150600.15.6.1

typelib-1_0-Avahi-0_6-0.8-150600.15.6.1

Ссылки

https://www.suse.com/support/update/announcement/2024/suse-su-20244196-1/
Link for SUSE-SU-2024:4196-1
https://lists.suse.com/pipermail/sle-security-updates/2024-December/019932.html
E-Mail link for SUSE-SU-2024:4196-1
https://www.suse.com/support/security/rating/
SUSE Security Ratings
https://bugzilla.suse.com/1233420
SUSE Bug 1233420
https://www.suse.com/security/cve/CVE-2024-52616/
SUSE CVE CVE-2024-52616 page

Описание

A flaw was found in the Avahi-daemon, where it initializes DNS transaction IDs randomly only once at startup, incrementing them sequentially after that. This predictable behavior facilitates DNS spoofing attacks, allowing attackers to guess transaction IDs.

Затронутые продукты

Container suse/manager/5.0/x86_64/server:latest:libavahi-client3-0.8-150600.15.6.1

Container suse/manager/5.0/x86_64/server:latest:libavahi-common3-0.8-150600.15.6.1

Container suse/pcp:latest:libavahi-client3-0.8-150600.15.6.1

Container suse/pcp:latest:libavahi-common3-0.8-150600.15.6.1

Ссылки

https://www.suse.com/security/cve/CVE-2024-52616.html
CVE-2024-52616
https://bugzilla.suse.com/1233420
SUSE Bug 1233420

SUSE-SU-2024:4196-1

Описание

Список пакетов

Container suse/manager/5.0/x86_64/server:latest

Container suse/pcp:latest

Image SLES15-SP6

Image SLES15-SP6-Azure-Basic

Image SLES15-SP6-Azure-Standard

Image SLES15-SP6-BYOS

Image SLES15-SP6-BYOS-Azure

Image SLES15-SP6-BYOS-EC2

Image SLES15-SP6-BYOS-GCE

Image SLES15-SP6-CHOST-BYOS

Image SLES15-SP6-CHOST-BYOS-Aliyun

Image SLES15-SP6-CHOST-BYOS-Azure

Image SLES15-SP6-CHOST-BYOS-EC2

Image SLES15-SP6-CHOST-BYOS-GCE

Image SLES15-SP6-CHOST-BYOS-GDC

Image SLES15-SP6-CHOST-BYOS-SAP-CCloud

Image SLES15-SP6-EC2

Image SLES15-SP6-EC2-ECS-HVM

Image SLES15-SP6-GCE

Image SLES15-SP6-HPC

Image SLES15-SP6-HPC-Azure

Image SLES15-SP6-HPC-BYOS

Image SLES15-SP6-HPC-BYOS-Azure

Image SLES15-SP6-HPC-BYOS-EC2

Image SLES15-SP6-HPC-BYOS-GCE

Image SLES15-SP6-HPC-EC2

Image SLES15-SP6-HPC-GCE

Image SLES15-SP6-Hardened-BYOS

Image SLES15-SP6-Hardened-BYOS-Azure

Image SLES15-SP6-Hardened-BYOS-EC2

Image SLES15-SP6-Hardened-BYOS-GCE

Image SLES15-SP6-SAP

Image SLES15-SP6-SAP-Azure

Image SLES15-SP6-SAP-Azure-LI-BYOS

Image SLES15-SP6-SAP-Azure-LI-BYOS-Production

Image SLES15-SP6-SAP-Azure-VLI-BYOS

Image SLES15-SP6-SAP-Azure-VLI-BYOS-Production

Image SLES15-SP6-SAP-BYOS

Image SLES15-SP6-SAP-BYOS-Azure

Image SLES15-SP6-SAP-BYOS-EC2

Image SLES15-SP6-SAP-BYOS-GCE

Image SLES15-SP6-SAP-EC2

Image SLES15-SP6-SAP-GCE

Image SLES15-SP6-SAP-Hardened

Image SLES15-SP6-SAP-Hardened-Azure

Image SLES15-SP6-SAP-Hardened-BYOS

Image SLES15-SP6-SAP-Hardened-BYOS-Azure

Image SLES15-SP6-SAP-Hardened-BYOS-EC2

Image SLES15-SP6-SAP-Hardened-BYOS-GCE

Image SLES15-SP6-SAP-Hardened-EC2

Image SLES15-SP6-SAP-Hardened-GCE

Image SLES15-SP6-SAPCAL

Image SLES15-SP6-SAPCAL-Azure

Image SLES15-SP6-SAPCAL-EC2

Image SLES15-SP6-SAPCAL-GCE

Image server-image

SUSE Linux Enterprise Module for Basesystem 15 SP6

SUSE Linux Enterprise Module for Desktop Applications 15 SP6

SUSE Linux Enterprise Module for Package Hub 15 SP6

openSUSE Leap 15.6

Ссылки

Уязвимость: CVE-2024-52616

Описание

Затронутые продукты

Ссылки