Alerts This Week
Warning Icon 1 764
Alerts This Week
Warning Icon 1 764

SUSE: 2023:4911-2 moderate: issue with avahi network configuration

suse
Calendar Grey December 19, 2023
Dist Suse Esm H88
An essential slight security upgrade for coreutils addresses multiple vulnerabilities with distinct instructions for execution.
* bsc#1215947 * bsc#1216419 Cross-References: * CVE-2023-38470

Summary

## This update for avahi fixes the following issues: * CVE-2023-38473: Fixed a reachable assertion when parsing a host name (bsc#1216419). * CVE-2023-38470: Fixed that each label is at least one byte long (bsc#1215947). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.4 zypper in -t patch openSUSE-SLE-15.4-2023-4910=1 * SUSE Manager Proxy 4.2 zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Proxy-4.2-2023-4910=1 * SUSE Manager Retail Branch Server 4.2 zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Retail-Branch- Server-4.2-2023-4910=1 * SUSE Manager Server 4.2

Topics%20covered

Topics Covered

security advisory moderate severity security patch SUSE network issue avahi update

References

* bsc#1215947

* bsc#1216419

Cross-

* CVE-2023-38470

* CVE-2023-38473

CVSS scores:

* CVE-2023-38470 ( SUSE ): 6.2 CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

* CVE-2023-38470 ( NVD ): 6.2 CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

* CVE-2023-38473 ( SUSE ): 6.2 CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

* CVE-2023-38473 ( NVD ): 6.2 CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

Affected Products:

* openSUSE Leap 15.4

* SUSE Linux Enterprise Micro 5.2

* SUSE Linux Enterprise Micro for Rancher 5.2

* SUSE Manager Proxy 4.2

* SUSE Manager Retail Branch Server 4.2

* SUSE Manager Server 4.2

An update that solves two vulnerabilities can now be installed.

##

* https://www.suse.com/security/cve/CVE-2023-38470.html

* https://www.suse.com/security/cve/CVE-2023-38473.html

Announcement ID: SUSE-SU-2023:4910-1
Rating: moderate

Topics%20covered

Topics Covered

security advisory moderate severity security patch SUSE network issue avahi update

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Your message here