- Detalji os-a: WN7
- Važnost: IMP
- Operativni sustavi: L
- Kategorije: LUB
==========================================================================
Ubuntu Security Notice USN-3876-1
January 31, 2019
avahi vulnerabilities
==========================================================================
A security issue affects these releases of Ubuntu and its derivatives:
– Ubuntu 18.10
– Ubuntu 18.04 LTS
– Ubuntu 16.04 LTS
– Ubuntu 14.04 LTS
Summary:
Several security issues were fixed in Avahi.
Software Description:
– avahi: Avahi IPv4LL network address configuration daemon
Details:
Chad Seaman discovered that Avahi incorrectly handled certain messages.
An attacker could possibly use this issue to cause a denial of service.
(CVE-2017-6519, CVE-2018-1000845)
Update instructions:
The problem can be corrected by updating your system to the following
package versions:
Ubuntu 18.10:
avahi-daemon 0.7-4ubuntu2.1
libavahi-core7 0.7-4ubuntu2.1
Ubuntu 18.04 LTS:
avahi-daemon 0.7-3.1ubuntu1.2
libavahi-core7 0.7-3.1ubuntu1.2
Ubuntu 16.04 LTS:
avahi-daemon 0.6.32~rc+dfsg-1ubuntu2.3
libavahi-core7 0.6.32~rc+dfsg-1ubuntu2.3
Ubuntu 14.04 LTS:
avahi-daemon 0.6.31-4ubuntu1.3
libavahi-core7 0.6.31-4ubuntu1.3
In general, a standard system update will make all the necessary
changes.
References:
https://usn.ubuntu.com/usn/usn-3876-1
CVE-2017-6519, CVE-2018-1000845
Package Information:
https://launchpad.net/ubuntu/+source/avahi/0.7-4ubuntu2.1
https://launchpad.net/ubuntu/+source/avahi/0.7-3.1ubuntu1.2
https://launchpad.net/ubuntu/+source/avahi/0.6.32~rc+dfsg-1ubuntu2.3
https://launchpad.net/ubuntu/+source/avahi/0.6.31-4ubuntu1.3—–BEGIN PGP SIGNATURE—–
Version: GnuPG v2
iQIcBAABCAAGBQJcUu95AAoJEEW851uECx9pB3sP/2pEQ4hDpXPoTH0ME4hThrqb
HZFXYyxd4yUx+2+PUTOrpEiXCu3vi9kAdktMrhe7nsdFCWYndbGHzpLg8ZVaVegt
Hkk7fDIhQb/foOu7JB7Kk4JuhOt+UfwMAkX3b7QI/yImYRE/Wp/Dw5YLNH0kqmCd
i4cI2Kc1cG4HQJFWRGZgupJZLfn4V0oQWx9/j8kdB0+WA8UEMFF/NKRlqZevODkR
C58Cl2VM0GgUNQ6K4Zkp9/kZwVyo9zHrnKLKz8GE5iNuaIOxPjA3tfeHztcyT6j2
5u7Rxkf2N2/zhAGI4tpdR2p6DGoV3K8rVstjF+FertwV7jkvBWKsyfuYlP1U5Yx9
y5LAKBfem9Q4kOniUS88XvcWy6UhDR8Wp8OcyXduqusKKWFKoAFV2gN7AtRNNfUi
/iX0Vb8XiffnUnnwqsoDABW2XgUJKzhJsGlnz95WAuSsKWyrAlB1NkTPzQIfpR+X
BTArltXwIe0y2q14w3vdyDiFxV6mWVSEejy3vn6stnMhDvdF50N6njKn2J8PT/6q
VrdUQLuHVUFzx1yK2e6XAOpqaFvS1811Losc8f/j/tLT1dYnI46YlEvphBStVEPe
lhnD9pRfVA0WmIKyyOb7aSa1odPATiBlO9cLSla2hX76W9dRnuy1twTw4A4G6KZ6
j3XzB5gf4eMR5MO5CDwl
=BPiN
—–END PGP SIGNATURE—–
—
ubuntu-security-announce mailing list
ubuntu-security-announce@lists.ubuntu.com
Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-security-announce
==========================================================================
Ubuntu Security Notice USN-3876-2
January 31, 2019
avahi vulnerabilities
==========================================================================
A security issue affects these releases of Ubuntu and its derivatives:
– Ubuntu 12.04 ESM
Summary:
Several security issues were fixed in Avahi.
Software Description:
– avahi: Avahi IPv4LL network address configuration daemon
Details:
USN-3876-1 fixed a vulnerability in Avahi. This update provides
the corresponding update for Ubuntu 12.04 ESM.
Original advisory details:
Chad Seaman discovered that Avahi incorrectly handled certain
messages.
An attacker could possibly use this issue to cause a denial of
service.
(CVE-2017-6519, CVE-2018-1000845)
Update instructions:
The problem can be corrected by updating your system to the following
package versions:
Ubuntu 12.04 ESM:
avahi-daemon 0.6.30-5ubuntu2.3
libavahi-core7 0.6.30-5ubuntu2.3
In general, a standard system update will make all the necessary
changes.
References:
https://usn.ubuntu.com/usn/usn-3876-2
https://usn.ubuntu.com/usn/usn-3876-1
CVE-2017-6519, CVE-2018-1000845—–BEGIN PGP SIGNATURE—–
Version: GnuPG v2
iQIcBAABCAAGBQJcUviSAAoJEEW851uECx9pIL4P/j5cTHTq0ufHNjLTNjNUE7RC
aw8UNkcW1OqfODMvngMyT+s7q0uTCnz6sRhtP2PMmvCSh6ryY7Anc8eNFU86t8JY
2O0zTVY7gpXvWNUpszu0TDswhxNQSpHyxMyit7lbLxuf41vh8CIBctRFoffNRkKB
wN3eveGR5qwy1EKGTlAeiaz063Gn27hJF13vGtEa+lFEkUo6fTsrXEXhI3mcZfIY
RXyWylR1tDY95yiBrcHG8xBAG/bX1sMcTgZQerCV0RPekNfoRve7RvUUEeONOCZ+
4xPHMOyiNC+My3ky3K96VVz+G+miCfj7HSEK1elDDjuPxkryuoQCXFRKIIzUB7Ra
JnlX4cBpaOhMorCDCo3QjhOgk01C1+UaucAa7+B7Lowa0n3OJhO2SzhkCtJ6vuNY
M3VN24QwWpsAori/ZGRSpsJ3NwkgUkx+mWD6Ap/ZTdimcZJp5iGyItRkY5QhESKx
qREUGYk3iHuDhtdrg5gxpUy/HlYQ/WOwGpuwqRKeEvEZ6shUJFnXiZt4A6N/YT5H
duG9O8lDWKeGy4oL+YFDNi0L0Gd2jwtxf7O2QgJ7B8Qibr719ryYZGrj6Ku8lYXp
35iQdHyVnioO3UqafkeG0CPM11m22Q6kZGj5Res+6jDx25LsexkRcehz4eFeHffP
nktxYaz38+MdrQEcKu1i
=EhR6
—–END PGP SIGNATURE—–
—
| Autor | Josip Papratovic |
| Cert id | NCERT-REF-2019-02-0001-ADV |
| Cve | CERT-CVE-DUMMY |
| ID izvornika | CERT-ORIGID-DUMMY |
| Proizvod | CERT-DUMMY-PRODUCT |
| Izvor | Adobe |
