Alerts This Week
Warning Icon 1 640
Alerts This Week
Warning Icon 1 640

SUSE Linux Micro 6.0 Update: 2025:20103-1 Moderate: avahi Security Patch

suse
Calendar Grey June 4, 2025
Dist Suse Esm H88
Notice for SUSE pertaining to moderate vulnerabilities in avahi, incorporating solutions for DNS security threats alongside various package enhancements.
* bsc#1212476 * bsc#1226586 * bsc#1233420 Cross-References:

Summary

## This update for avahi fixes the following issues: * CVE-2024-52616: Properly randomize query id of DNS packets (bsc#1233420). Bug fixes: * No longer supply bogus services to callbacks (bsc#1226586). * Tag hardening patches as PATCH-FEATURE-OPENSUSE * Remove dependency on /usr/bin/python3 using %python3_fix_shebang macro (bsc#1212476). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Micro 6.0 zypper in -t patch SUSE-SLE-Micro-6.0-155=1 ## Package List: * SUSE Linux Micro 6.0 (aarch64 s390x x86_64) * libavahi-common3-debuginfo-0.8-6.1 * libavahi-client3-debuginfo-0.8-6.1 * libavahi-core7-debuginfo-0.8-6.1

References

* bsc#1212476

* bsc#1226586

* bsc#1233420

Cross-

* CVE-2024-52616

CVSS scores:

* CVE-2024-52616 ( SUSE ): 6.3

CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N

* CVE-2024-52616 ( SUSE ): 5.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N

* CVE-2024-52616 ( NVD ): 5.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N

Affected Products:

* SUSE Linux Micro 6.0

An update that solves one vulnerability and has two fixes can now be installed.

##

* https://www.suse.com/security/cve/CVE-2024-52616.html

* https://bugzilla.suse.com/show_bug.cgi?id=1212476

* https://bugzilla.suse.com/show_bug.cgi?id=1226586

* https://bugzilla.suse.com/show_bug.cgi?id=1233420

Announcement ID: SUSE-SU-2025:20103-1
Release Date: 2025-02-03T09:17:39Z
Rating: moderate

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Your message here