Описание
Security update for avahi
This update for avahi fixes the following issues:
- CVE-2024-52616: sequential increment of DNS transaction IDs allows DNS spoofing. (bsc#1233420)
Список пакетов
Image SLES12-SP5-Azure-BYOS
libavahi-client3-0.6.32-32.30.1
libavahi-common3-0.6.32-32.30.1
Image SLES12-SP5-Azure-HPC-BYOS
libavahi-client3-0.6.32-32.30.1
libavahi-common3-0.6.32-32.30.1
Image SLES12-SP5-Azure-HPC-On-Demand
libavahi-client3-0.6.32-32.30.1
libavahi-common3-0.6.32-32.30.1
Image SLES12-SP5-Azure-SAP-BYOS
libavahi-client3-0.6.32-32.30.1
libavahi-common3-0.6.32-32.30.1
Image SLES12-SP5-Azure-SAP-On-Demand
libavahi-client3-0.6.32-32.30.1
libavahi-common3-0.6.32-32.30.1
Image SLES12-SP5-Azure-Standard-On-Demand
libavahi-client3-0.6.32-32.30.1
libavahi-common3-0.6.32-32.30.1
Image SLES12-SP5-EC2-BYOS
libavahi-client3-0.6.32-32.30.1
libavahi-common3-0.6.32-32.30.1
Image SLES12-SP5-EC2-ECS-On-Demand
libavahi-client3-0.6.32-32.30.1
libavahi-common3-0.6.32-32.30.1
Image SLES12-SP5-EC2-On-Demand
libavahi-client3-0.6.32-32.30.1
libavahi-common3-0.6.32-32.30.1
Image SLES12-SP5-EC2-SAP-BYOS
libavahi-client3-0.6.32-32.30.1
libavahi-common3-0.6.32-32.30.1
Image SLES12-SP5-EC2-SAP-On-Demand
libavahi-client3-0.6.32-32.30.1
libavahi-common3-0.6.32-32.30.1
Image SLES12-SP5-GCE-BYOS
libavahi-client3-0.6.32-32.30.1
libavahi-common3-0.6.32-32.30.1
Image SLES12-SP5-GCE-On-Demand
libavahi-client3-0.6.32-32.30.1
libavahi-common3-0.6.32-32.30.1
Image SLES12-SP5-GCE-SAP-BYOS
libavahi-client3-0.6.32-32.30.1
libavahi-common3-0.6.32-32.30.1
Image SLES12-SP5-GCE-SAP-On-Demand
libavahi-client3-0.6.32-32.30.1
libavahi-common3-0.6.32-32.30.1
Image SLES12-SP5-SAP-Azure-LI-BYOS-Production
libavahi-client3-0.6.32-32.30.1
libavahi-common3-0.6.32-32.30.1
Image SLES12-SP5-SAP-Azure-VLI-BYOS-Production
libavahi-client3-0.6.32-32.30.1
libavahi-common3-0.6.32-32.30.1
SUSE Linux Enterprise Server LTSS Extended Security 12 SP5
avahi-0.6.32-32.30.1
avahi-lang-0.6.32-32.30.1
avahi-utils-0.6.32-32.30.1
libavahi-client3-0.6.32-32.30.1
libavahi-client3-32bit-0.6.32-32.30.1
libavahi-common3-0.6.32-32.30.1
libavahi-common3-32bit-0.6.32-32.30.1
libavahi-core7-0.6.32-32.30.1
libavahi-glib1-0.6.32-32.30.1
libavahi-glib1-32bit-0.6.32-32.30.1
libdns_sd-0.6.32-32.30.1
libdns_sd-32bit-0.6.32-32.30.1
Ссылки
- Link for SUSE-SU-2024:4282-1
- E-Mail link for SUSE-SU-2024:4282-1
- SUSE Security Ratings
- SUSE Bug 1233420
- SUSE CVE CVE-2024-52616 page
Описание
A flaw was found in the Avahi-daemon, where it initializes DNS transaction IDs randomly only once at startup, incrementing them sequentially after that. This predictable behavior facilitates DNS spoofing attacks, allowing attackers to guess transaction IDs.
Затронутые продукты
Image SLES12-SP5-Azure-BYOS:libavahi-client3-0.6.32-32.30.1
Image SLES12-SP5-Azure-BYOS:libavahi-common3-0.6.32-32.30.1
Image SLES12-SP5-Azure-HPC-BYOS:libavahi-client3-0.6.32-32.30.1
Image SLES12-SP5-Azure-HPC-BYOS:libavahi-common3-0.6.32-32.30.1
Ссылки
- CVE-2024-52616
- SUSE Bug 1233420