Several security issues were fixed in Avahi.
Software Description:
- avahi: Avahi IPv4LL network address configuration daemon
Details:
Chad Seaman discovered that Avahi incorrectly handled certain messages.
An attacker could possibly use this issue to cause a denial of service.
(CVE-2017-6519, CVE-2018-1000845)
The problem can be corrected by updating your system to the following package versions: Ubuntu 18.10: avahi-daemon 0.7-4ubuntu2.1 libavahi-core7 0.7-4ubuntu2.1 Ubuntu 18.04 LTS: avahi-daemon 0.7-3.1ubuntu1.2 libavahi-core7 0.7-3.1ubuntu1.2 Ubuntu 16.04 LTS: avahi-daemon 0.6.32~rc+dfsg-1ubuntu2.3 libavahi-core7 0.6.32~rc+dfsg-1ubuntu2.3 Ubuntu 14.04 LTS: avahi-daemon 0.6.31-4ubuntu1.3 libavahi-core7 0.6.31-4ubuntu1.3 In general, a standard system update will make all the necessary changes.
https://ubuntu.com/security/notices/USN-3876-1
CVE-2017-6519, CVE-2018-1000845
Get the latest Linux and open source security news straight to your inbox.