Alerts This Week
Warning Icon 1 637
Alerts This Week
Warning Icon 1 637

Stay Secure with the Latest Linux Advisories

Debianlts Large Esm H800
Debian LTS

Debian Dovecot High Severity Service Disruption Info Leak Flaw DLA-4617-1

Calendar White Jun 05, 2026
Important
Debianlts Large Esm H900
Debian LTS

Debian 11 gsasl Critical DoS Threat Advisory DLA-4618-1 CVE-2026-48829

Calendar White Jun 05, 2026
Critical
Suse Large Esm H900
SuSE

SUSE MozillaThunderbird Important Memory Safety Fix Advisory 2026-2271-1

Calendar White Jun 05, 2026
Important
Suse Large Esm H800
SuSE

SUSE Linux Micro 6.0 Ignition Key HTTP Transport Loop Patch 2026-21987-1

Calendar White Jun 05, 2026
Important
Suse Large Esm H900
SuSE

SUSE Linux Micro 6.0 Important Libzypp Libsolv Security Update 2026-21988-1

Calendar White Jun 05, 2026
Important
Suse Large Esm H900
SuSE

SUSE Google-Guest-Agent Important Security Update 2026-21989-1

Calendar White Jun 05, 2026
Important
Suse Large Esm H800
SuSE

SUSE Linux Micro Important Salt Multi-Linux Manager Vuln 2026-21990-1

Calendar White Jun 05, 2026
Important
Suse Large Esm H900
SuSE

SUSE Linux Micro Critical Ignition Patch CVE-2026-33814

Calendar White Jun 05, 2026
Important
Suse Large Esm H900
SuSE

SUSE Linux Micro 6.1 Security Update for libzypp libsolv Key 2026-21992-1

Calendar White Jun 05, 2026
Important
Filter Icon Refine advisories
X Clear Filters
X Clear Filters
View More

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Community Poll

More Polls

What got you started with Linux?

No answer selected. Please try again.
Please select either existing option or enter your own, however not both.
Please select minimum {0} answer(s).
Please select maximum {0} answer(s).
/main-polls/150-what-got-you-started-with-linux?task=poll.vote&format=json
150
radio
0
[{"id":483,"title":"Self-taught through trial and error","votes":545,"type":"x","order":1,"pct":78.42,"resources":[]},{"id":484,"title":"Formal training or courses","votes":30,"type":"x","order":2,"pct":4.32,"resources":[]},{"id":485,"title":"A job that required it","votes":34,"type":"x","order":3,"pct":4.89,"resources":[]},{"id":486,"title":"Other","votes":86,"type":"x","order":4,"pct":12.37,"resources":[]}] ["#ff5b00","#4ac0f2","#b80028","#eef66c","#60bb22","#b96a9a","#62c2cc"] ["rgba(255,91,0,0.7)","rgba(74,192,242,0.7)","rgba(184,0,40,0.7)","rgba(238,246,108,0.7)","rgba(96,187,34,0.7)","rgba(185,106,154,0.7)","rgba(98,194,204,0.7)"] 350
bottom 200
Loading...

Explore Latest Linux Security advisories

We found 2 articles for you...
100
Ls Advisories Suse Esm H240
Price Tag 1security advisorylocal privilege escalationimportant

SUSE: open-vm-tools Important Local Privilege Escalation CVE-2025-41244

* bsc#1250373 Cross-References: * CVE-2025-41244 . # Security update for open-vm-tools Announcement ID: SUSE-SU-2025:03434-1 Release Date: 2025-09-30T14:08:27Z Rating: important References: * bsc#1250373 Cross-References: * CVE-2025-41244 CVSS scores: * CVE-2025-41244 ( SUSE ): 8.5 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2025-41244 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2025-41244 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H Affected Products: * Basesystem Module 15-SP6 * Basesystem Module 15-SP7 * Containers Module 15-SP6 * Containers Module 15-SP7 * Desktop Applications Module 15-SP6 * Desktop Applications Module 15-SP7 * openSUSE Leap 15.6 * SUSE Linux Enterprise Desktop 15 SP6 * SUSE Linux Enterprise Desktop 15 SP7 * SUSE Linux Enterprise Real Time 15 SP6 * SUSE Linux Enterprise Real Time 15 SP7 * SUSE Linux Enterprise Server 15 SP6 * SUSE Linux Enterprise Server 15 SP7 * SUSE Linux Enterprise Server for SAP Applications 15 SP6 * SUSE Linux Enterprise Server for SAP Applications 15 SP7 An update that solves one vulnerability can now be installed. ## Description: This update for open-vm-tools fixes the following issues: * CVE-2025-41244: local privilege escalation via the Service Discovery Plugin (bsc#1250373). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.6 zypper in -t patch SUSE-2025-3434=1 openSUSE-SLE-15.6-2025-3434=1 * Basesystem Module 15-SP6 zypper in -t patch SUSE-SLE-Module-Basesystem-15-SP6-2025-3434=1 * Basesystem Module 15-SP7 zypper in -t patch SUSE-SLE-Module-Basesystem-15-SP7-2025-3434=1 * Containers Module 15-SP6 zypper in -t patch SUSE-SLE-Module-Containers-15-SP6-2025-3434=1 * Containers Module 15-SP7 zypper in -tpatch SUSE-SLE-Module-Containers-15-SP7-2025-3434=1 * Desktop Applications Module 15-SP6 zypper in -t patch SUSE-SLE-Module-Desktop-Applications-15-SP6-2025-3434=1 * Desktop Applications Module 15-SP7 zypper in -t patch SUSE-SLE-Module-Desktop-Applications-15-SP7-2025-3434=1 ## Package List: * openSUSE Leap 15.6 (aarch64 x86_64 i586) * libvmtools0-13.0.0-150600.3.18.1 * libvmtools0-debuginfo-13.0.0-150600.3.18.1 * open-vm-tools-desktop-13.0.0-150600.3.18.1 * open-vm-tools-containerinfo-debuginfo-13.0.0-150600.3.18.1 * open-vm-tools-debugsource-13.0.0-150600.3.18.1 * libvmtools-devel-13.0.0-150600.3.18.1 * open-vm-tools-sdmp-debuginfo-13.0.0-150600.3.18.1 * open-vm-tools-containerinfo-13.0.0-150600.3.18.1 * open-vm-tools-13.0.0-150600.3.18.1 * open-vm-tools-sdmp-13.0.0-150600.3.18.1 * open-vm-tools-debuginfo-13.0.0-150600.3.18.1 * open-vm-tools-desktop-debuginfo-13.0.0-150600.3.18.1 * openSUSE Leap 15.6 (x86_64) * open-vm-tools-salt-minion-13.0.0-150600.3.18.1 * Basesystem Module 15-SP6 (aarch64 x86_64) * libvmtools0-13.0.0-150600.3.18.1 * libvmtools0-debuginfo-13.0.0-150600.3.18.1 * open-vm-tools-debugsource-13.0.0-150600.3.18.1 * open-vm-tools-sdmp-debuginfo-13.0.0-150600.3.18.1 * open-vm-tools-13.0.0-150600.3.18.1 * open-vm-tools-sdmp-13.0.0-150600.3.18.1 * open-vm-tools-debuginfo-13.0.0-150600.3.18.1 * Basesystem Module 15-SP6 (x86_64) * libvmtools-devel-13.0.0-150600.3.18.1 * open-vm-tools-salt-minion-13.0.0-150600.3.18.1 * Basesystem Module 15-SP7 (aarch64 x86_64) * libvmtools0-13.0.0-150600.3.18.1 * libvmtools0-debuginfo-13.0.0-150600.3.18.1 * open-vm-tools-debugsource-13.0.0-150600.3.18.1 * open-vm-tools-sdmp-debuginfo-13.0.0-150600.3.18.1 * open-vm-tools-13.0.0-150600.3.18.1 * open-vm-tools-sdmp-13.0.0-150600.3.18.1 * open-vm-tools-debuginfo-13.0.0-150600.3.18.1 * Basesystem Module 15-SP7 (x86_64) * libvmtools-devel-13.0.0-150600.3.18.1 *open-vm-tools-salt-minion-13.0.0-150600.3.18.1 * Containers Module 15-SP6 (aarch64 x86_64) * open-vm-tools-debuginfo-13.0.0-150600.3.18.1 * open-vm-tools-containerinfo-13.0.0-150600.3.18.1 * open-vm-tools-debugsource-13.0.0-150600.3.18.1 * open-vm-tools-containerinfo-debuginfo-13.0.0-150600.3.18.1 * Containers Module 15-SP7 (aarch64 x86_64) * open-vm-tools-debuginfo-13.0.0-150600.3.18.1 * open-vm-tools-containerinfo-13.0.0-150600.3.18.1 * open-vm-tools-debugsource-13.0.0-150600.3.18.1 * open-vm-tools-containerinfo-debuginfo-13.0.0-150600.3.18.1 * Desktop Applications Module 15-SP6 (aarch64 x86_64) * open-vm-tools-debuginfo-13.0.0-150600.3.18.1 * open-vm-tools-desktop-13.0.0-150600.3.18.1 * open-vm-tools-debugsource-13.0.0-150600.3.18.1 * open-vm-tools-desktop-debuginfo-13.0.0-150600.3.18.1 * Desktop Applications Module 15-SP7 (aarch64 x86_64) * open-vm-tools-debuginfo-13.0.0-150600.3.18.1 * open-vm-tools-desktop-13.0.0-150600.3.18.1 * open-vm-tools-debugsource-13.0.0-150600.3.18.1 * open-vm-tools-desktop-debuginfo-13.0.0-150600.3.18.1 ## References: * https://www.suse.com/security/cve/CVE-2025-41244.html * https://bugzilla.suse.com/show_bug.cgi?id=1250373 . Critical security update for open-vm-tools addressing local privilege escalation risks. Install patches to safeguard systems.. open-vm-tools important update local privilege escalation SUSE. . Severity: Important. LinuxSecurity.com Team

Calendar 2 Sep 30, 2025 Important SuSE
202
Ls Advisories Opensuse Esm H240
Price Tag 1security advisoryimportantlocal escalation

openSUSE Leap 15.6: Important Local Escalation Patch for open-vm-tools

An update that solves one vulnerability can now be installed.. # Security update for open-vm-tools Announcement ID: SUSE-SU-2025:03434-1 Release Date: 2025-09-30T14:08:27Z Rating: important References: * bsc#1250373 Cross-References: * CVE-2025-41244 CVSS scores: * CVE-2025-41244 ( SUSE ): 8.5 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2025-41244 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2025-41244 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H Affected Products: * Basesystem Module 15-SP6 * Basesystem Module 15-SP7 * Containers Module 15-SP6 * Containers Module 15-SP7 * Desktop Applications Module 15-SP6 * Desktop Applications Module 15-SP7 * openSUSE Leap 15.6 * SUSE Linux Enterprise Desktop 15 SP6 * SUSE Linux Enterprise Desktop 15 SP7 * SUSE Linux Enterprise Real Time 15 SP6 * SUSE Linux Enterprise Real Time 15 SP7 * SUSE Linux Enterprise Server 15 SP6 * SUSE Linux Enterprise Server 15 SP7 * SUSE Linux Enterprise Server for SAP Applications 15 SP6 * SUSE Linux Enterprise Server for SAP Applications 15 SP7 An update that solves one vulnerability can now be installed. ## Description: This update for open-vm-tools fixes the following issues: * CVE-2025-41244: local privilege escalation via the Service Discovery Plugin (bsc#1250373). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.6 zypper in -t patch SUSE-2025-3434=1 openSUSE-SLE-15.6-2025-3434=1 * Basesystem Module 15-SP6 zypper in -t patch SUSE-SLE-Module-Basesystem-15-SP6-2025-3434=1 * Basesystem Module 15-SP7 zypper in -t patch SUSE-SLE-Module-Basesystem-15-SP7-2025-3434=1 * Containers Module 15-SP6 zypper in -t patch SUSE-SLE-Module-Containers-15-SP6-2025-3434=1 * Containers Module 15-SP7 zypper in -t patch SUSE-SLE-Module-Containers-15-SP7-2025-3434=1 * Desktop Applications Module 15-SP6 zypper in -t patch SUSE-SLE-Module-Desktop-Applications-15-SP6-2025-3434=1 * Desktop Applications Module 15-SP7 zypper in -t patch SUSE-SLE-Module-Desktop-Applications-15-SP7-2025-3434=1 ## Package List: * openSUSE Leap 15.6 (aarch64 x86_64 i586) * libvmtools0-13.0.0-150600.3.18.1 * libvmtools0-debuginfo-13.0.0-150600.3.18.1 * open-vm-tools-desktop-13.0.0-150600.3.18.1 * open-vm-tools-containerinfo-debuginfo-13.0.0-150600.3.18.1 * open-vm-tools-debugsource-13.0.0-150600.3.18.1 * libvmtools-devel-13.0.0-150600.3.18.1 * open-vm-tools-sdmp-debuginfo-13.0.0-150600.3.18.1 * open-vm-tools-containerinfo-13.0.0-150600.3.18.1 * open-vm-tools-13.0.0-150600.3.18.1 * open-vm-tools-sdmp-13.0.0-150600.3.18.1 * open-vm-tools-debuginfo-13.0.0-150600.3.18.1 * open-vm-tools-desktop-debuginfo-13.0.0-150600.3.18.1 * openSUSE Leap 15.6 (x86_64) * open-vm-tools-salt-minion-13.0.0-150600.3.18.1 * Basesystem Module 15-SP6 (aarch64 x86_64) * libvmtools0-13.0.0-150600.3.18.1 * libvmtools0-debuginfo-13.0.0-150600.3.18.1 * open-vm-tools-debugsource-13.0.0-150600.3.18.1 * open-vm-tools-sdmp-debuginfo-13.0.0-150600.3.18.1 * open-vm-tools-13.0.0-150600.3.18.1 * open-vm-tools-sdmp-13.0.0-150600.3.18.1 * open-vm-tools-debuginfo-13.0.0-150600.3.18.1 * Basesystem Module 15-SP6 (x86_64) * libvmtools-devel-13.0.0-150600.3.18.1 * open-vm-tools-salt-minion-13.0.0-150600.3.18.1 * Basesystem Module 15-SP7 (aarch64 x86_64) * libvmtools0-13.0.0-150600.3.18.1 * libvmtools0-debuginfo-13.0.0-150600.3.18.1 * open-vm-tools-debugsource-13.0.0-150600.3.18.1 * open-vm-tools-sdmp-debuginfo-13.0.0-150600.3.18.1 * open-vm-tools-13.0.0-150600.3.18.1 * open-vm-tools-sdmp-13.0.0-150600.3.18.1 * open-vm-tools-debuginfo-13.0.0-150600.3.18.1 * Basesystem Module 15-SP7 (x86_64) * libvmtools-devel-13.0.0-150600.3.18.1 *open-vm-tools-salt-minion-13.0.0-150600.3.18.1 * Containers Module 15-SP6 (aarch64 x86_64) * open-vm-tools-debuginfo-13.0.0-150600.3.18.1 * open-vm-tools-containerinfo-13.0.0-150600.3.18.1 * open-vm-tools-debugsource-13.0.0-150600.3.18.1 * open-vm-tools-containerinfo-debuginfo-13.0.0-150600.3.18.1 * Containers Module 15-SP7 (aarch64 x86_64) * open-vm-tools-debuginfo-13.0.0-150600.3.18.1 * open-vm-tools-containerinfo-13.0.0-150600.3.18.1 * open-vm-tools-debugsource-13.0.0-150600.3.18.1 * open-vm-tools-containerinfo-debuginfo-13.0.0-150600.3.18.1 * Desktop Applications Module 15-SP6 (aarch64 x86_64) * open-vm-tools-debuginfo-13.0.0-150600.3.18.1 * open-vm-tools-desktop-13.0.0-150600.3.18.1 * open-vm-tools-debugsource-13.0.0-150600.3.18.1 * open-vm-tools-desktop-debuginfo-13.0.0-150600.3.18.1 * Desktop Applications Module 15-SP7 (aarch64 x86_64) * open-vm-tools-debuginfo-13.0.0-150600.3.18.1 * open-vm-tools-desktop-13.0.0-150600.3.18.1 * open-vm-tools-debugsource-13.0.0-150600.3.18.1 * open-vm-tools-desktop-debuginfo-13.0.0-150600.3.18.1 ## References: * https://www.suse.com/security/cve/CVE-2025-41244.html * https://bugzilla.suse.com/show_bug.cgi?id=1250373 . An important update for open-vm-tools fixes a local privilege escalation issue, enhancing system security on openSUSE.. open-vm-tools update, openSUSE security, privilege escalation, system patch, SUSE vulnerability advisory. . Severity: Important. LinuxSecurity.com Team

Calendar 2 Sep 30, 2025 Important OpenSUSE
Banner 3 1028x280 1708121785 1771599793
100
Ls Advisories Suse Esm H240
Price Tag 1security advisoryprivilege escalationimportant

SUSE: Open-VM-Tools Local Privilege Escalation Vulnerability CVE-2025-41244

* bsc#1250373 Cross-References: * CVE-2025-41244 . # Security update for open-vm-tools Announcement ID: SUSE-SU-2025:03435-1 Release Date: 2025-09-30T14:10:01Z Rating: important References: * bsc#1250373 Cross-References: * CVE-2025-41244 CVSS scores: * CVE-2025-41244 ( SUSE ): 8.5 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2025-41244 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2025-41244 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H Affected Products: * openSUSE Leap 15.3 * SUSE Enterprise Storage 7.1 * SUSE Linux Enterprise High Performance Computing 15 SP3 * SUSE Linux Enterprise High Performance Computing 15 SP4 * SUSE Linux Enterprise High Performance Computing 15 SP5 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP5 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP3 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP5 * SUSE Linux Enterprise Micro 5.1 * SUSE Linux Enterprise Micro 5.2 * SUSE Linux Enterprise Micro 5.3 * SUSE Linux Enterprise Micro 5.4 * SUSE Linux Enterprise Micro 5.5 * SUSE Linux Enterprise Micro for Rancher 5.2 * SUSE Linux Enterprise Micro for Rancher 5.3 * SUSE Linux Enterprise Micro for Rancher 5.4 * SUSE Linux Enterprise Server 15 SP3 * SUSE Linux Enterprise Server 15 SP3 LTSS * SUSE Linux Enterprise Server 15 SP4 * SUSE Linux Enterprise Server 15 SP4 LTSS * SUSE Linux Enterprise Server 15 SP5 * SUSE Linux Enterprise Server 15 SP5 LTSS * SUSE Linux Enterprise Server for SAP Applications 15 SP3 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 * SUSE Manager Proxy 4.3 * SUSE Manager Proxy 4.3 LTS * SUSE Manager Retail Branch Server 4.3 * SUSE Manager Retail Branch Server 4.3 LTS * SUSE ManagerServer 4.3 * SUSE Manager Server 4.3 LTS An update that solves one vulnerability can now be installed. ## Description: This update for open-vm-tools fixes the following issues: * CVE-2025-41244: local privilege escalation via the Service Discovery Plugin (bsc#1250373). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.3 zypper in -t patch SUSE-2025-3435=1 * SUSE Linux Enterprise Micro for Rancher 5.3 zypper in -t patch SUSE-SLE-Micro-5.3-2025-3435=1 * SUSE Linux Enterprise Micro 5.3 zypper in -t patch SUSE-SLE-Micro-5.3-2025-3435=1 * SUSE Linux Enterprise Micro for Rancher 5.4 zypper in -t patch SUSE-SLE-Micro-5.4-2025-3435=1 * SUSE Linux Enterprise Micro 5.4 zypper in -t patch SUSE-SLE-Micro-5.4-2025-3435=1 * SUSE Linux Enterprise Micro 5.5 zypper in -t patch SUSE-SLE-Micro-5.5-2025-3435=1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP3 zypper in -t patch SUSE-SLE-Product-HPC-15-SP3-LTSS-2025-3435=1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-ESPOS-2025-3435=1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-LTSS-2025-3435=1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP5 zypper in -t patch SUSE-SLE-Product-HPC-15-SP5-ESPOS-2025-3435=1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP5 zypper in -t patch SUSE-SLE-Product-HPC-15-SP5-LTSS-2025-3435=1 * SUSE Linux Enterprise Server 15 SP3 LTSS zypper in -t patch SUSE-SLE-Product-SLES-15-SP3-LTSS-2025-3435=1 * SUSE Linux Enterprise Server 15 SP4 LTSS zypper in -t patch SUSE-SLE-Product-SLES-15-SP4-LTSS-2025-3435=1 * SUSE Linux Enterprise Server 15 SP5 LTSS zypper in -t patchSUSE-SLE-Product-SLES-15-SP5-LTSS-2025-3435=1 * SUSE Linux Enterprise Server for SAP Applications 15 SP3 zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP3-2025-3435=1 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP4-2025-3435=1 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP5-2025-3435=1 * SUSE Manager Proxy 4.3 LTS zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Proxy-4.3-LTS-2025-3435=1 * SUSE Manager Retail Branch Server 4.3 LTS zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Retail-Branch- Server-4.3-LTS-2025-3435=1 * SUSE Manager Server 4.3 LTS zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Server-4.3-LTS-2025-3435=1 * SUSE Enterprise Storage 7.1 zypper in -t patch SUSE-Storage-7.1-2025-3435=1 * SUSE Linux Enterprise Micro 5.1 zypper in -t patch SUSE-SUSE-MicroOS-5.1-2025-3435=1 * SUSE Linux Enterprise Micro 5.2 zypper in -t patch SUSE-SUSE-MicroOS-5.2-2025-3435=1 * SUSE Linux Enterprise Micro for Rancher 5.2 zypper in -t patch SUSE-SUSE-MicroOS-5.2-2025-3435=1 ## Package List: * openSUSE Leap 15.3 (aarch64 x86_64 i586) * open-vm-tools-desktop-13.0.0-150300.64.1 * libvmtools0-debuginfo-13.0.0-150300.64.1 * open-vm-tools-sdmp-debuginfo-13.0.0-150300.64.1 * open-vm-tools-sdmp-13.0.0-150300.64.1 * open-vm-tools-desktop-debuginfo-13.0.0-150300.64.1 * open-vm-tools-containerinfo-13.0.0-150300.64.1 * open-vm-tools-debugsource-13.0.0-150300.64.1 * libvmtools0-13.0.0-150300.64.1 * open-vm-tools-containerinfo-debuginfo-13.0.0-150300.64.1 * open-vm-tools-debuginfo-13.0.0-150300.64.1 * libvmtools-devel-13.0.0-150300.64.1 * open-vm-tools-13.0.0-150300.64.1 * openSUSE Leap 15.3 (x86_64) * open-vm-tools-salt-minion-13.0.0-150300.64.1 * SUSE Linux Enterprise Micro for Rancher 5.3 (x86_64) * libvmtools0-debuginfo-13.0.0-150300.64.1 *open-vm-tools-debugsource-13.0.0-150300.64.1 * open-vm-tools-debuginfo-13.0.0-150300.64.1 * libvmtools0-13.0.0-150300.64.1 * open-vm-tools-13.0.0-150300.64.1 * SUSE Linux Enterprise Micro 5.3 (x86_64) * libvmtools0-debuginfo-13.0.0-150300.64.1 * open-vm-tools-debugsource-13.0.0-150300.64.1 * open-vm-tools-debuginfo-13.0.0-150300.64.1 * libvmtools0-13.0.0-150300.64.1 * open-vm-tools-13.0.0-150300.64.1 * SUSE Linux Enterprise Micro for Rancher 5.4 (x86_64) * libvmtools0-debuginfo-13.0.0-150300.64.1 * open-vm-tools-debugsource-13.0.0-150300.64.1 * open-vm-tools-debuginfo-13.0.0-150300.64.1 * libvmtools0-13.0.0-150300.64.1 * open-vm-tools-13.0.0-150300.64.1 * SUSE Linux Enterprise Micro 5.4 (x86_64) * libvmtools0-debuginfo-13.0.0-150300.64.1 * open-vm-tools-debugsource-13.0.0-150300.64.1 * open-vm-tools-debuginfo-13.0.0-150300.64.1 * libvmtools0-13.0.0-150300.64.1 * open-vm-tools-13.0.0-150300.64.1 * SUSE Linux Enterprise Micro 5.5 (x86_64) * libvmtools0-debuginfo-13.0.0-150300.64.1 * open-vm-tools-debugsource-13.0.0-150300.64.1 * open-vm-tools-debuginfo-13.0.0-150300.64.1 * libvmtools0-13.0.0-150300.64.1 * open-vm-tools-13.0.0-150300.64.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP3 (x86_64) * open-vm-tools-desktop-13.0.0-150300.64.1 * libvmtools0-debuginfo-13.0.0-150300.64.1 * open-vm-tools-sdmp-debuginfo-13.0.0-150300.64.1 * open-vm-tools-sdmp-13.0.0-150300.64.1 * open-vm-tools-desktop-debuginfo-13.0.0-150300.64.1 * open-vm-tools-containerinfo-13.0.0-150300.64.1 * open-vm-tools-debugsource-13.0.0-150300.64.1 * open-vm-tools-salt-minion-13.0.0-150300.64.1 * libvmtools0-13.0.0-150300.64.1 * open-vm-tools-containerinfo-debuginfo-13.0.0-150300.64.1 * open-vm-tools-debuginfo-13.0.0-150300.64.1 * libvmtools-devel-13.0.0-150300.64.1 * open-vm-tools-13.0.0-150300.64.1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 (aarch64 x86_64) * open-vm-tools-desktop-13.0.0-150300.64.1 * libvmtools0-debuginfo-13.0.0-150300.64.1 * open-vm-tools-sdmp-debuginfo-13.0.0-150300.64.1 * open-vm-tools-sdmp-13.0.0-150300.64.1 * open-vm-tools-desktop-debuginfo-13.0.0-150300.64.1 * open-vm-tools-containerinfo-13.0.0-150300.64.1 * open-vm-tools-debugsource-13.0.0-150300.64.1 * libvmtools0-13.0.0-150300.64.1 * open-vm-tools-containerinfo-debuginfo-13.0.0-150300.64.1 * open-vm-tools-debuginfo-13.0.0-150300.64.1 * libvmtools-devel-13.0.0-150300.64.1 * open-vm-tools-13.0.0-150300.64.1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 (x86_64) * open-vm-tools-salt-minion-13.0.0-150300.64.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 (aarch64 x86_64) * open-vm-tools-desktop-13.0.0-150300.64.1 * libvmtools0-debuginfo-13.0.0-150300.64.1 * open-vm-tools-sdmp-debuginfo-13.0.0-150300.64.1 * open-vm-tools-sdmp-13.0.0-150300.64.1 * open-vm-tools-desktop-debuginfo-13.0.0-150300.64.1 * open-vm-tools-containerinfo-13.0.0-150300.64.1 * open-vm-tools-debugsource-13.0.0-150300.64.1 * libvmtools0-13.0.0-150300.64.1 * open-vm-tools-containerinfo-debuginfo-13.0.0-150300.64.1 * open-vm-tools-debuginfo-13.0.0-150300.64.1 * libvmtools-devel-13.0.0-150300.64.1 * open-vm-tools-13.0.0-150300.64.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 (x86_64) * open-vm-tools-salt-minion-13.0.0-150300.64.1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP5 (aarch64 x86_64) * open-vm-tools-desktop-13.0.0-150300.64.1 * libvmtools0-debuginfo-13.0.0-150300.64.1 * open-vm-tools-sdmp-debuginfo-13.0.0-150300.64.1 * open-vm-tools-sdmp-13.0.0-150300.64.1 * open-vm-tools-containerinfo-13.0.0-150300.64.1 * open-vm-tools-debugsource-13.0.0-150300.64.1 * libvmtools0-13.0.0-150300.64.1 * open-vm-tools-debuginfo-13.0.0-150300.64.1 * open-vm-tools-desktop-debuginfo-13.0.0-150300.64.1 *open-vm-tools-containerinfo-debuginfo-13.0.0-150300.64.1 * open-vm-tools-13.0.0-150300.64.1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP5 (x86_64) * libvmtools-devel-13.0.0-150300.64.1 * open-vm-tools-salt-minion-13.0.0-150300.64.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP5 (aarch64 x86_64) * open-vm-tools-desktop-13.0.0-150300.64.1 * libvmtools0-debuginfo-13.0.0-150300.64.1 * open-vm-tools-sdmp-debuginfo-13.0.0-150300.64.1 * open-vm-tools-sdmp-13.0.0-150300.64.1 * open-vm-tools-containerinfo-13.0.0-150300.64.1 * open-vm-tools-debugsource-13.0.0-150300.64.1 * libvmtools0-13.0.0-150300.64.1 * open-vm-tools-debuginfo-13.0.0-150300.64.1 * open-vm-tools-desktop-debuginfo-13.0.0-150300.64.1 * open-vm-tools-containerinfo-debuginfo-13.0.0-150300.64.1 * open-vm-tools-13.0.0-150300.64.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP5 (x86_64) * libvmtools-devel-13.0.0-150300.64.1 * open-vm-tools-salt-minion-13.0.0-150300.64.1 * SUSE Linux Enterprise Server 15 SP3 LTSS (x86_64) * open-vm-tools-desktop-13.0.0-150300.64.1 * libvmtools0-debuginfo-13.0.0-150300.64.1 * open-vm-tools-sdmp-debuginfo-13.0.0-150300.64.1 * open-vm-tools-sdmp-13.0.0-150300.64.1 * open-vm-tools-desktop-debuginfo-13.0.0-150300.64.1 * open-vm-tools-containerinfo-13.0.0-150300.64.1 * open-vm-tools-debugsource-13.0.0-150300.64.1 * open-vm-tools-salt-minion-13.0.0-150300.64.1 * libvmtools0-13.0.0-150300.64.1 * open-vm-tools-containerinfo-debuginfo-13.0.0-150300.64.1 * open-vm-tools-debuginfo-13.0.0-150300.64.1 * libvmtools-devel-13.0.0-150300.64.1 * open-vm-tools-13.0.0-150300.64.1 * SUSE Linux Enterprise Server 15 SP4 LTSS (aarch64 x86_64) * open-vm-tools-desktop-13.0.0-150300.64.1 * libvmtools0-debuginfo-13.0.0-150300.64.1 * open-vm-tools-sdmp-debuginfo-13.0.0-150300.64.1 * open-vm-tools-sdmp-13.0.0-150300.64.1 *open-vm-tools-desktop-debuginfo-13.0.0-150300.64.1 * open-vm-tools-containerinfo-13.0.0-150300.64.1 * open-vm-tools-debugsource-13.0.0-150300.64.1 * libvmtools0-13.0.0-150300.64.1 * open-vm-tools-containerinfo-debuginfo-13.0.0-150300.64.1 * open-vm-tools-debuginfo-13.0.0-150300.64.1 * libvmtools-devel-13.0.0-150300.64.1 * open-vm-tools-13.0.0-150300.64.1 * SUSE Linux Enterprise Server 15 SP4 LTSS (x86_64) * open-vm-tools-salt-minion-13.0.0-150300.64.1 * SUSE Linux Enterprise Server 15 SP5 LTSS (aarch64 x86_64) * open-vm-tools-desktop-13.0.0-150300.64.1 * libvmtools0-debuginfo-13.0.0-150300.64.1 * open-vm-tools-sdmp-debuginfo-13.0.0-150300.64.1 * open-vm-tools-sdmp-13.0.0-150300.64.1 * open-vm-tools-containerinfo-13.0.0-150300.64.1 * open-vm-tools-debugsource-13.0.0-150300.64.1 * libvmtools0-13.0.0-150300.64.1 * open-vm-tools-debuginfo-13.0.0-150300.64.1 * open-vm-tools-desktop-debuginfo-13.0.0-150300.64.1 * open-vm-tools-containerinfo-debuginfo-13.0.0-150300.64.1 * open-vm-tools-13.0.0-150300.64.1 * SUSE Linux Enterprise Server 15 SP5 LTSS (x86_64) * libvmtools-devel-13.0.0-150300.64.1 * open-vm-tools-salt-minion-13.0.0-150300.64.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP3 (x86_64) * open-vm-tools-desktop-13.0.0-150300.64.1 * libvmtools0-debuginfo-13.0.0-150300.64.1 * open-vm-tools-sdmp-debuginfo-13.0.0-150300.64.1 * open-vm-tools-sdmp-13.0.0-150300.64.1 * open-vm-tools-desktop-debuginfo-13.0.0-150300.64.1 * open-vm-tools-containerinfo-13.0.0-150300.64.1 * open-vm-tools-debugsource-13.0.0-150300.64.1 * open-vm-tools-salt-minion-13.0.0-150300.64.1 * libvmtools0-13.0.0-150300.64.1 * open-vm-tools-containerinfo-debuginfo-13.0.0-150300.64.1 * open-vm-tools-debuginfo-13.0.0-150300.64.1 * libvmtools-devel-13.0.0-150300.64.1 * open-vm-tools-13.0.0-150300.64.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 (x86_64) *open-vm-tools-desktop-13.0.0-150300.64.1 * libvmtools0-debuginfo-13.0.0-150300.64.1 * open-vm-tools-sdmp-debuginfo-13.0.0-150300.64.1 * open-vm-tools-sdmp-13.0.0-150300.64.1 * open-vm-tools-desktop-debuginfo-13.0.0-150300.64.1 * open-vm-tools-containerinfo-13.0.0-150300.64.1 * open-vm-tools-debugsource-13.0.0-150300.64.1 * open-vm-tools-salt-minion-13.0.0-150300.64.1 * libvmtools0-13.0.0-150300.64.1 * open-vm-tools-containerinfo-debuginfo-13.0.0-150300.64.1 * open-vm-tools-debuginfo-13.0.0-150300.64.1 * libvmtools-devel-13.0.0-150300.64.1 * open-vm-tools-13.0.0-150300.64.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 (x86_64) * open-vm-tools-desktop-13.0.0-150300.64.1 * libvmtools0-debuginfo-13.0.0-150300.64.1 * open-vm-tools-sdmp-debuginfo-13.0.0-150300.64.1 * open-vm-tools-sdmp-13.0.0-150300.64.1 * open-vm-tools-desktop-debuginfo-13.0.0-150300.64.1 * open-vm-tools-containerinfo-13.0.0-150300.64.1 * open-vm-tools-debugsource-13.0.0-150300.64.1 * open-vm-tools-salt-minion-13.0.0-150300.64.1 * libvmtools0-13.0.0-150300.64.1 * open-vm-tools-containerinfo-debuginfo-13.0.0-150300.64.1 * open-vm-tools-debuginfo-13.0.0-150300.64.1 * libvmtools-devel-13.0.0-150300.64.1 * open-vm-tools-13.0.0-150300.64.1 * SUSE Manager Proxy 4.3 LTS (x86_64) * libvmtools0-debuginfo-13.0.0-150300.64.1 * open-vm-tools-sdmp-debuginfo-13.0.0-150300.64.1 * open-vm-tools-sdmp-13.0.0-150300.64.1 * open-vm-tools-containerinfo-13.0.0-150300.64.1 * open-vm-tools-debugsource-13.0.0-150300.64.1 * open-vm-tools-salt-minion-13.0.0-150300.64.1 * libvmtools0-13.0.0-150300.64.1 * open-vm-tools-containerinfo-debuginfo-13.0.0-150300.64.1 * open-vm-tools-debuginfo-13.0.0-150300.64.1 * libvmtools-devel-13.0.0-150300.64.1 * open-vm-tools-13.0.0-150300.64.1 * SUSE Manager Retail Branch Server 4.3 LTS (x86_64) * libvmtools0-debuginfo-13.0.0-150300.64.1 *open-vm-tools-sdmp-debuginfo-13.0.0-150300.64.1 * open-vm-tools-sdmp-13.0.0-150300.64.1 * open-vm-tools-containerinfo-13.0.0-150300.64.1 * open-vm-tools-debugsource-13.0.0-150300.64.1 * open-vm-tools-salt-minion-13.0.0-150300.64.1 * libvmtools0-13.0.0-150300.64.1 * open-vm-tools-containerinfo-debuginfo-13.0.0-150300.64.1 * open-vm-tools-debuginfo-13.0.0-150300.64.1 * libvmtools-devel-13.0.0-150300.64.1 * open-vm-tools-13.0.0-150300.64.1 * SUSE Manager Server 4.3 LTS (x86_64) * libvmtools0-debuginfo-13.0.0-150300.64.1 * open-vm-tools-sdmp-debuginfo-13.0.0-150300.64.1 * open-vm-tools-sdmp-13.0.0-150300.64.1 * open-vm-tools-containerinfo-13.0.0-150300.64.1 * open-vm-tools-debugsource-13.0.0-150300.64.1 * open-vm-tools-salt-minion-13.0.0-150300.64.1 * libvmtools0-13.0.0-150300.64.1 * open-vm-tools-containerinfo-debuginfo-13.0.0-150300.64.1 * open-vm-tools-debuginfo-13.0.0-150300.64.1 * libvmtools-devel-13.0.0-150300.64.1 * open-vm-tools-13.0.0-150300.64.1 * SUSE Enterprise Storage 7.1 (x86_64) * open-vm-tools-desktop-13.0.0-150300.64.1 * libvmtools0-debuginfo-13.0.0-150300.64.1 * open-vm-tools-sdmp-debuginfo-13.0.0-150300.64.1 * open-vm-tools-sdmp-13.0.0-150300.64.1 * open-vm-tools-desktop-debuginfo-13.0.0-150300.64.1 * open-vm-tools-containerinfo-13.0.0-150300.64.1 * open-vm-tools-debugsource-13.0.0-150300.64.1 * open-vm-tools-salt-minion-13.0.0-150300.64.1 * libvmtools0-13.0.0-150300.64.1 * open-vm-tools-containerinfo-debuginfo-13.0.0-150300.64.1 * open-vm-tools-debuginfo-13.0.0-150300.64.1 * libvmtools-devel-13.0.0-150300.64.1 * open-vm-tools-13.0.0-150300.64.1 * SUSE Linux Enterprise Micro 5.1 (x86_64) * libvmtools0-debuginfo-13.0.0-150300.64.1 * open-vm-tools-debugsource-13.0.0-150300.64.1 * open-vm-tools-debuginfo-13.0.0-150300.64.1 * libvmtools0-13.0.0-150300.64.1 * open-vm-tools-13.0.0-150300.64.1 * SUSE Linux Enterprise Micro 5.2 (x86_64) *libvmtools0-debuginfo-13.0.0-150300.64.1 * open-vm-tools-debugsource-13.0.0-150300.64.1 * open-vm-tools-debuginfo-13.0.0-150300.64.1 * libvmtools0-13.0.0-150300.64.1 * open-vm-tools-13.0.0-150300.64.1 * SUSE Linux Enterprise Micro for Rancher 5.2 (x86_64) * libvmtools0-debuginfo-13.0.0-150300.64.1 * open-vm-tools-debugsource-13.0.0-150300.64.1 * open-vm-tools-debuginfo-13.0.0-150300.64.1 * libvmtools0-13.0.0-150300.64.1 * open-vm-tools-13.0.0-150300.64.1 ## References: * https://www.suse.com/security/cve/CVE-2025-41244.html * https://bugzilla.suse.com/show_bug.cgi?id=1250373 . An important security update for open-vm-tools addresses local privilege escalation and requires prompt action.. open-vm-tools update, SUSE Linux patch, privilege escalation fix. . Severity: Important. LinuxSecurity.com Team

Calendar 2 Sep 30, 2025 Important SuSE
91
Ls Advisories Gentoo Esm H240
Price Tag 1security advisorydenial of serviceGentoo

Gentoo 202409-28 Low: HashiCorp Consul Multiple Threats

Multiple vulnerabilities have been discovered in HashiCorp Consul, the worst of which could result in denial of service.. - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Gentoo Linux Security Advisory GLSA 202409-28 - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - https://security.gentoo.org/ - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Severity: Low Title: HashiCorp Consul: Multiple Vulnerabilities Date: September 28, 2024 Bugs: #885997 ID: 202409-28 - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Synopsis ======== Multiple vulnerabilities have been discovered in HashiCorp Consul, the worst of which could result in denial of service. Background ========== HashiCorp Consul is a tool for service discovery, monitoring and configuration. Affected packages ================= Package Vulnerable Unaffected ---------------- ------------ ------------ app-admin/consul < 1.15.10 > = 1.15.10 Description =========== Multiple vulnerabilities have been found in HashiCorp Consul. Please review the CVE identifiers referenced below for details. Impact ====== Please review the CVE identifiers referenced below for details. Workaround ========== There is no known workaround at this time. Resolution ========== All HashiCorp Consul users should upgrade to the latest version: # emerge --sync # emerge --ask --oneshot --verbose "> =app-admin/consul-1.15.10" References ========== [ 1 ] CVE-2022-41717 https://nvd.nist.gov/vuln/detail/CVE-2022-41717 Availability ============ This GLSA and any updates to it are available for viewing at the Gentoo Security Website: https://security.gentoo.org/glsa/202409-28 Concerns? ========= Security is a primary focus of Gentoo Linux and ensuring the confidentiality and security of our users' machines is of utmost importance to us. Any security concerns should beaddressed to This email address is being protected from spambots. You need JavaScript enabled to view it. or alternatively, you may file a bug at https://bugs.gentoo.org. License ======= Copyright 2024 Gentoo Foundation, Inc; referenced text belongs to its owner(s). The contents of this document are licensed under the Creative Commons - Attribution / Share Alike license. https://creativecommons.org/licenses/by-sa/2.5 . Gentoo Linux Advisory GLSA 202410-05 addresses moderate-severity vulnerabilities within HashiCorp Vault impacting data security.. HashiCorp, Consul, Gentoo Linux, security updates, service discovery. . Severity: Low. LinuxSecurity.com Team

Calendar 2 Sep 28, 2024 Low Gentoo
Banner 3 1028x280 1708121785 1771599793
197
Ls Advisories Deblts Esm H240
Price Tag 1security advisorydenial of servicedebian

Debian 10 Buster DLA-3466-1 Critical: Avahi DoS Issue Fix

Avahi a free zero-configuration networking (zeroconf) implementation, including a system for multicast DNS/DNS-SD service discovery, was affected by a Deny of Service. The event used to signal the termination of the client connection on the avahi Unix socket is not correctly handled . - ------------------------------------------------------------------------- Debian LTS Advisory DLA-3466-1 This email address is being protected from spambots. You need JavaScript enabled to view it. https://www.debian.org/lts/security/ Bastien Roucariès June 21, 2023 https://wiki.debian.org/LTS - ------------------------------------------------------------------------- Package : avahi Version : 0.7-4+deb10u3 CVE ID : CVE-2021-3468 Debian Bug : 984938 Avahi a free zero-configuration networking (zeroconf) implementation, including a system for multicast DNS/DNS-SD service discovery, was affected by a Deny of Service. The event used to signal the termination of the client connection on the avahi Unix socket is not correctly handled in the client_work function, allowing a local attacker to trigger an infinite loop. For Debian 10 buster, this problem has been fixed in version 0.7-4+deb10u3. We recommend that you upgrade your avahi packages. For the detailed security status of avahi please refer to its security tracker page at: https://security-tracker.debian.org/tracker/source-package/avahi Further information about Debian LTS security advisories, how to apply these updates to your system and frequently asked questions can be found at: https://wiki.debian.org/LTS . Debian LTS Advisory DLA-3470-1 resolves a samba vulnerability; prompt updates are advised for improved protection.. Avahi Security Update, Debian LTS Advisory, Denial of Service Fix, Networking Vulnerability. . Severity: Critical. LinuxSecurity.com Team

Calendar 2 Jun 21, 2023 Critical Debian LTS
197
Ls Advisories Deblts Esm H240
Price Tag 1security advisorydebiandoS

Debian: DLA-3414-1 DoS Issue: Avahi Service Discovery Crash

It was discovered that there was a local Denial of Service (DoS) vulnerability in Avahi, a system that facilitates service discovery on a local network. . - ------------------------------------------------------------------------- Debian LTS Advisory DLA-3414-1 This email address is being protected from spambots. You need JavaScript enabled to view it. https://www.debian.org/lts/security/ Chris Lamb May 02, 2023 https://wiki.debian.org/LTS - ------------------------------------------------------------------------- Package : avahi Version : 0.7-4+deb10u2 CVE ID : CVE-2023-1981 Debian Bug : 1034594 It was discovered that there was a local Denial of Service (DoS) vulnerability in Avahi, a system that facilitates service discovery on a local network. The avahi-daemon process could have been crashed over the DBus message bus. For Debian 10 buster, this problem has been fixed in version 0.7-4+deb10u2. We recommend that you upgrade your avahi packages. For the detailed security status of avahi please refer to its security tracker page at: https://security-tracker.debian.org/tracker/source-package/avahi Further information about Debian LTS security advisories, how to apply these updates to your system and frequently asked questions can be found at: https://wiki.debian.org/LTS . A significant Local Denial of Service flaw in Avahi has been identified and addressed. Debian users must apply the latest update to enhance their system security.. Denial of Service, Avahi Security Update, Debian Fix. . Severity: Important. LinuxSecurity.com Team

Calendar 2 May 02, 2023 Important Debian LTS
Banner 3 1028x280 1708121785 1771599793
98
Ls Advisories Redhat Esm H240
Price Tag 1security advisorynetwork securityupdate

Red Hat Enterprise Linux 7: RHSA-2020-1176-01 Low: Avahi Security Update

An update for avahi is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Low. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 ==================================================================== Red Hat Security Advisory Synopsis: Low: avahi security update Advisory ID: RHSA-2020:1176-01 Product: Red Hat Enterprise Linux Advisory URL: https://access.redhat.com/errata/RHSA-2020:1176 Issue date: 2020-03-31 CVE Names: CVE-2017-6519 ==================================================================== 1. Summary: An update for avahi is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Low. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section. 2. Relevant releases/architectures: Red Hat Enterprise Linux Client (v. 7) - x86_64 Red Hat Enterprise Linux Client Optional (v. 7) - x86_64 Red Hat Enterprise Linux ComputeNode (v. 7) - x86_64 Red Hat Enterprise Linux ComputeNode Optional (v. 7) - x86_64 Red Hat Enterprise Linux Server (v. 7) - ppc64, ppc64le, s390x, x86_64 Red Hat Enterprise Linux Server Optional (v. 7) - ppc64, ppc64le, s390x, x86_64 Red Hat Enterprise Linux Workstation (v. 7) - x86_64 Red Hat Enterprise Linux Workstation Optional (v. 7) - x86_64 3. Description: Avahi is an implementation of the DNS Service Discovery and Multicast DNS specifications for Zero Configuration Networking. It facilitates service discovery on a local network. Avahi and Avahi-aware applications allow you to plug your computer into a network and, with no configuration, view other people to chat with, view printers to print with, and find shared fileson other computers. Security Fix(es): * avahi: Multicast DNS responds to unicast queries outside of local network (CVE-2017-6519) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. Additional Changes: For detailed information on changes in this release, see the Red Hat Enterprise Linux 7.8 Release Notes linked from the References section. 4. Solution: For details on how to apply this update, which includes the changes described in this advisory, refer to: https://access.redhat.com/articles/11258 After installing the update, avahi-daemon will be restarted automatically. 5. Bugs fixed (https://bugzilla.redhat.com/): 1426712 - CVE-2017-6519 avahi: Multicast DNS responds to unicast queries outside of local network 6. Package List: Red Hat Enterprise Linux Client (v. 7): Source: avahi-0.6.31-20.el7.src.rpm x86_64: avahi-0.6.31-20.el7.i686.rpm avahi-0.6.31-20.el7.x86_64.rpm avahi-autoipd-0.6.31-20.el7.x86_64.rpm avahi-debuginfo-0.6.31-20.el7.i686.rpm avahi-debuginfo-0.6.31-20.el7.x86_64.rpm avahi-glib-0.6.31-20.el7.i686.rpm avahi-glib-0.6.31-20.el7.x86_64.rpm avahi-gobject-0.6.31-20.el7.i686.rpm avahi-gobject-0.6.31-20.el7.x86_64.rpm avahi-libs-0.6.31-20.el7.i686.rpm avahi-libs-0.6.31-20.el7.x86_64.rpm avahi-ui-gtk3-0.6.31-20.el7.i686.rpm avahi-ui-gtk3-0.6.31-20.el7.x86_64.rpm Red Hat Enterprise Linux Client Optional (v.7): x86_64: avahi-compat-howl-0.6.31-20.el7.i686.rpm avahi-compat-howl-0.6.31-20.el7.x86_64.rpm avahi-compat-howl-devel-0.6.31-20.el7.i686.rpm avahi-compat-howl-devel-0.6.31-20.el7.x86_64.rpm avahi-compat-libdns_sd-0.6.31-20.el7.i686.rpm avahi-compat-libdns_sd-0.6.31-20.el7.x86_64.rpm avahi-compat-libdns_sd-devel-0.6.31-20.el7.i686.rpm avahi-compat-libdns_sd-devel-0.6.31-20.el7.x86_64.rpm avahi-debuginfo-0.6.31-20.el7.i686.rpm avahi-debuginfo-0.6.31-20.el7.x86_64.rpm avahi-devel-0.6.31-20.el7.i686.rpm avahi-devel-0.6.31-20.el7.x86_64.rpm avahi-dnsconfd-0.6.31-20.el7.x86_64.rpm avahi-glib-devel-0.6.31-20.el7.i686.rpm avahi-glib-devel-0.6.31-20.el7.x86_64.rpm avahi-gobject-devel-0.6.31-20.el7.i686.rpm avahi-gobject-devel-0.6.31-20.el7.x86_64.rpm avahi-qt3-0.6.31-20.el7.i686.rpm avahi-qt3-0.6.31-20.el7.x86_64.rpm avahi-qt3-devel-0.6.31-20.el7.i686.rpm avahi-qt3-devel-0.6.31-20.el7.x86_64.rpm avahi-qt4-0.6.31-20.el7.i686.rpm avahi-qt4-0.6.31-20.el7.x86_64.rpm avahi-qt4-devel-0.6.31-20.el7.i686.rpm avahi-qt4-devel-0.6.31-20.el7.x86_64.rpm avahi-tools-0.6.31-20.el7.x86_64.rpm avahi-ui-0.6.31-20.el7.i686.rpm avahi-ui-0.6.31-20.el7.x86_64.rpm avahi-ui-devel-0.6.31-20.el7.i686.rpm avahi-ui-devel-0.6.31-20.el7.x86_64.rpm avahi-ui-tools-0.6.31-20.el7.x86_64.rpm Red Hat Enterprise Linux ComputeNode (v. 7): Source: avahi-0.6.31-20.el7.src.rpm x86_64: avahi-0.6.31-20.el7.i686.rpm avahi-0.6.31-20.el7.x86_64.rpm avahi-autoipd-0.6.31-20.el7.x86_64.rpm avahi-debuginfo-0.6.31-20.el7.i686.rpm avahi-debuginfo-0.6.31-20.el7.x86_64.rpm avahi-glib-0.6.31-20.el7.i686.rpm avahi-glib-0.6.31-20.el7.x86_64.rpm avahi-libs-0.6.31-20.el7.i686.rpm avahi-libs-0.6.31-20.el7.x86_64.rpm Red Hat Enterprise Linux ComputeNode Optional (v.7): x86_64: avahi-compat-howl-0.6.31-20.el7.i686.rpm avahi-compat-howl-0.6.31-20.el7.x86_64.rpm avahi-compat-howl-devel-0.6.31-20.el7.i686.rpm avahi-compat-howl-devel-0.6.31-20.el7.x86_64.rpm avahi-compat-libdns_sd-0.6.31-20.el7.i686.rpm avahi-compat-libdns_sd-0.6.31-20.el7.x86_64.rpm avahi-compat-libdns_sd-devel-0.6.31-20.el7.i686.rpm avahi-compat-libdns_sd-devel-0.6.31-20.el7.x86_64.rpm avahi-debuginfo-0.6.31-20.el7.i686.rpm avahi-debuginfo-0.6.31-20.el7.x86_64.rpm avahi-devel-0.6.31-20.el7.i686.rpm avahi-devel-0.6.31-20.el7.x86_64.rpm avahi-dnsconfd-0.6.31-20.el7.x86_64.rpm avahi-glib-devel-0.6.31-20.el7.i686.rpm avahi-glib-devel-0.6.31-20.el7.x86_64.rpm avahi-gobject-0.6.31-20.el7.i686.rpm avahi-gobject-0.6.31-20.el7.x86_64.rpm avahi-gobject-devel-0.6.31-20.el7.i686.rpm avahi-gobject-devel-0.6.31-20.el7.x86_64.rpm avahi-qt3-0.6.31-20.el7.i686.rpm avahi-qt3-0.6.31-20.el7.x86_64.rpm avahi-qt3-devel-0.6.31-20.el7.i686.rpm avahi-qt3-devel-0.6.31-20.el7.x86_64.rpm avahi-qt4-0.6.31-20.el7.i686.rpm avahi-qt4-0.6.31-20.el7.x86_64.rpm avahi-qt4-devel-0.6.31-20.el7.i686.rpm avahi-qt4-devel-0.6.31-20.el7.x86_64.rpm avahi-tools-0.6.31-20.el7.x86_64.rpm avahi-ui-0.6.31-20.el7.i686.rpm avahi-ui-0.6.31-20.el7.x86_64.rpm avahi-ui-devel-0.6.31-20.el7.i686.rpm avahi-ui-devel-0.6.31-20.el7.x86_64.rpm avahi-ui-gtk3-0.6.31-20.el7.i686.rpm avahi-ui-gtk3-0.6.31-20.el7.x86_64.rpm avahi-ui-tools-0.6.31-20.el7.x86_64.rpm Red Hat Enterprise Linux Server (v.7): Source: avahi-0.6.31-20.el7.src.rpm ppc64: avahi-0.6.31-20.el7.ppc.rpm avahi-0.6.31-20.el7.ppc64.rpm avahi-autoipd-0.6.31-20.el7.ppc64.rpm avahi-debuginfo-0.6.31-20.el7.ppc.rpm avahi-debuginfo-0.6.31-20.el7.ppc64.rpm avahi-glib-0.6.31-20.el7.ppc.rpm avahi-glib-0.6.31-20.el7.ppc64.rpm avahi-gobject-0.6.31-20.el7.ppc.rpm avahi-gobject-0.6.31-20.el7.ppc64.rpm avahi-libs-0.6.31-20.el7.ppc.rpm avahi-libs-0.6.31-20.el7.ppc64.rpm avahi-ui-gtk3-0.6.31-20.el7.ppc.rpm avahi-ui-gtk3-0.6.31-20.el7.ppc64.rpm ppc64le: avahi-0.6.31-20.el7.ppc64le.rpm avahi-autoipd-0.6.31-20.el7.ppc64le.rpm avahi-debuginfo-0.6.31-20.el7.ppc64le.rpm avahi-glib-0.6.31-20.el7.ppc64le.rpm avahi-gobject-0.6.31-20.el7.ppc64le.rpm avahi-libs-0.6.31-20.el7.ppc64le.rpm avahi-ui-gtk3-0.6.31-20.el7.ppc64le.rpm s390x: avahi-0.6.31-20.el7.s390.rpm avahi-0.6.31-20.el7.s390x.rpm avahi-autoipd-0.6.31-20.el7.s390x.rpm avahi-debuginfo-0.6.31-20.el7.s390.rpm avahi-debuginfo-0.6.31-20.el7.s390x.rpm avahi-glib-0.6.31-20.el7.s390.rpm avahi-glib-0.6.31-20.el7.s390x.rpm avahi-gobject-0.6.31-20.el7.s390.rpm avahi-gobject-0.6.31-20.el7.s390x.rpm avahi-libs-0.6.31-20.el7.s390.rpm avahi-libs-0.6.31-20.el7.s390x.rpm avahi-ui-gtk3-0.6.31-20.el7.s390.rpm avahi-ui-gtk3-0.6.31-20.el7.s390x.rpm x86_64: avahi-0.6.31-20.el7.i686.rpm avahi-0.6.31-20.el7.x86_64.rpm avahi-autoipd-0.6.31-20.el7.x86_64.rpm avahi-debuginfo-0.6.31-20.el7.i686.rpm avahi-debuginfo-0.6.31-20.el7.x86_64.rpm avahi-glib-0.6.31-20.el7.i686.rpm avahi-glib-0.6.31-20.el7.x86_64.rpm avahi-gobject-0.6.31-20.el7.i686.rpm avahi-gobject-0.6.31-20.el7.x86_64.rpm avahi-libs-0.6.31-20.el7.i686.rpm avahi-libs-0.6.31-20.el7.x86_64.rpm avahi-ui-gtk3-0.6.31-20.el7.i686.rpm avahi-ui-gtk3-0.6.31-20.el7.x86_64.rpm Red Hat Enterprise Linux Server Optional (v.7): ppc64: avahi-compat-howl-0.6.31-20.el7.ppc.rpm avahi-compat-howl-0.6.31-20.el7.ppc64.rpm avahi-compat-howl-devel-0.6.31-20.el7.ppc.rpm avahi-compat-howl-devel-0.6.31-20.el7.ppc64.rpm avahi-compat-libdns_sd-0.6.31-20.el7.ppc.rpm avahi-compat-libdns_sd-0.6.31-20.el7.ppc64.rpm avahi-compat-libdns_sd-devel-0.6.31-20.el7.ppc.rpm avahi-compat-libdns_sd-devel-0.6.31-20.el7.ppc64.rpm avahi-debuginfo-0.6.31-20.el7.ppc.rpm avahi-debuginfo-0.6.31-20.el7.ppc64.rpm avahi-devel-0.6.31-20.el7.ppc.rpm avahi-devel-0.6.31-20.el7.ppc64.rpm avahi-dnsconfd-0.6.31-20.el7.ppc64.rpm avahi-glib-devel-0.6.31-20.el7.ppc.rpm avahi-glib-devel-0.6.31-20.el7.ppc64.rpm avahi-gobject-devel-0.6.31-20.el7.ppc.rpm avahi-gobject-devel-0.6.31-20.el7.ppc64.rpm avahi-qt3-0.6.31-20.el7.ppc.rpm avahi-qt3-0.6.31-20.el7.ppc64.rpm avahi-qt3-devel-0.6.31-20.el7.ppc.rpm avahi-qt3-devel-0.6.31-20.el7.ppc64.rpm avahi-qt4-0.6.31-20.el7.ppc.rpm avahi-qt4-0.6.31-20.el7.ppc64.rpm avahi-qt4-devel-0.6.31-20.el7.ppc.rpm avahi-qt4-devel-0.6.31-20.el7.ppc64.rpm avahi-tools-0.6.31-20.el7.ppc64.rpm avahi-ui-0.6.31-20.el7.ppc.rpm avahi-ui-0.6.31-20.el7.ppc64.rpm avahi-ui-devel-0.6.31-20.el7.ppc.rpm avahi-ui-devel-0.6.31-20.el7.ppc64.rpm avahi-ui-tools-0.6.31-20.el7.ppc64.rpm ppc64le: avahi-compat-howl-0.6.31-20.el7.ppc64le.rpm avahi-compat-howl-devel-0.6.31-20.el7.ppc64le.rpm avahi-compat-libdns_sd-0.6.31-20.el7.ppc64le.rpm avahi-compat-libdns_sd-devel-0.6.31-20.el7.ppc64le.rpm avahi-debuginfo-0.6.31-20.el7.ppc64le.rpm avahi-devel-0.6.31-20.el7.ppc64le.rpm avahi-dnsconfd-0.6.31-20.el7.ppc64le.rpm avahi-glib-devel-0.6.31-20.el7.ppc64le.rpm avahi-gobject-devel-0.6.31-20.el7.ppc64le.rpm avahi-qt3-0.6.31-20.el7.ppc64le.rpm avahi-qt3-devel-0.6.31-20.el7.ppc64le.rpm avahi-qt4-0.6.31-20.el7.ppc64le.rpm avahi-qt4-devel-0.6.31-20.el7.ppc64le.rpm avahi-tools-0.6.31-20.el7.ppc64le.rpm avahi-ui-0.6.31-20.el7.ppc64le.rpm avahi-ui-devel-0.6.31-20.el7.ppc64le.rpm avahi-ui-tools-0.6.31-20.el7.ppc64le.rpm s390x: avahi-compat-howl-0.6.31-20.el7.s390.rpm avahi-compat-howl-0.6.31-20.el7.s390x.rpm avahi-compat-howl-devel-0.6.31-20.el7.s390.rpm avahi-compat-howl-devel-0.6.31-20.el7.s390x.rpm avahi-compat-libdns_sd-0.6.31-20.el7.s390.rpm avahi-compat-libdns_sd-0.6.31-20.el7.s390x.rpm avahi-compat-libdns_sd-devel-0.6.31-20.el7.s390.rpm avahi-compat-libdns_sd-devel-0.6.31-20.el7.s390x.rpm avahi-debuginfo-0.6.31-20.el7.s390.rpm avahi-debuginfo-0.6.31-20.el7.s390x.rpm avahi-devel-0.6.31-20.el7.s390.rpm avahi-devel-0.6.31-20.el7.s390x.rpm avahi-dnsconfd-0.6.31-20.el7.s390x.rpm avahi-glib-devel-0.6.31-20.el7.s390.rpm avahi-glib-devel-0.6.31-20.el7.s390x.rpm avahi-gobject-devel-0.6.31-20.el7.s390.rpm avahi-gobject-devel-0.6.31-20.el7.s390x.rpm avahi-qt3-0.6.31-20.el7.s390.rpm avahi-qt3-0.6.31-20.el7.s390x.rpm avahi-qt3-devel-0.6.31-20.el7.s390.rpm avahi-qt3-devel-0.6.31-20.el7.s390x.rpm avahi-qt4-0.6.31-20.el7.s390.rpm avahi-qt4-0.6.31-20.el7.s390x.rpm avahi-qt4-devel-0.6.31-20.el7.s390.rpm avahi-qt4-devel-0.6.31-20.el7.s390x.rpm avahi-tools-0.6.31-20.el7.s390x.rpm avahi-ui-0.6.31-20.el7.s390.rpm avahi-ui-0.6.31-20.el7.s390x.rpm avahi-ui-devel-0.6.31-20.el7.s390.rpm avahi-ui-devel-0.6.31-20.el7.s390x.rpm avahi-ui-tools-0.6.31-20.el7.s390x.rpm x86_64: avahi-compat-howl-0.6.31-20.el7.i686.rpm avahi-compat-howl-0.6.31-20.el7.x86_64.rpm avahi-compat-howl-devel-0.6.31-20.el7.i686.rpm avahi-compat-howl-devel-0.6.31-20.el7.x86_64.rpm avahi-compat-libdns_sd-0.6.31-20.el7.i686.rpm avahi-compat-libdns_sd-0.6.31-20.el7.x86_64.rpm avahi-compat-libdns_sd-devel-0.6.31-20.el7.i686.rpm avahi-compat-libdns_sd-devel-0.6.31-20.el7.x86_64.rpm avahi-debuginfo-0.6.31-20.el7.i686.rpm avahi-debuginfo-0.6.31-20.el7.x86_64.rpm avahi-devel-0.6.31-20.el7.i686.rpm avahi-devel-0.6.31-20.el7.x86_64.rpm avahi-dnsconfd-0.6.31-20.el7.x86_64.rpm avahi-glib-devel-0.6.31-20.el7.i686.rpm avahi-glib-devel-0.6.31-20.el7.x86_64.rpm avahi-gobject-devel-0.6.31-20.el7.i686.rpm avahi-gobject-devel-0.6.31-20.el7.x86_64.rpm avahi-qt3-0.6.31-20.el7.i686.rpm avahi-qt3-0.6.31-20.el7.x86_64.rpm avahi-qt3-devel-0.6.31-20.el7.i686.rpm avahi-qt3-devel-0.6.31-20.el7.x86_64.rpm avahi-qt4-0.6.31-20.el7.i686.rpm avahi-qt4-0.6.31-20.el7.x86_64.rpm avahi-qt4-devel-0.6.31-20.el7.i686.rpm avahi-qt4-devel-0.6.31-20.el7.x86_64.rpm avahi-tools-0.6.31-20.el7.x86_64.rpm avahi-ui-0.6.31-20.el7.i686.rpm avahi-ui-0.6.31-20.el7.x86_64.rpm avahi-ui-devel-0.6.31-20.el7.i686.rpm avahi-ui-devel-0.6.31-20.el7.x86_64.rpm avahi-ui-tools-0.6.31-20.el7.x86_64.rpm Red Hat Enterprise Linux Workstation (v. 7): Source: avahi-0.6.31-20.el7.src.rpm x86_64: avahi-0.6.31-20.el7.i686.rpm avahi-0.6.31-20.el7.x86_64.rpm avahi-autoipd-0.6.31-20.el7.x86_64.rpm avahi-debuginfo-0.6.31-20.el7.i686.rpm avahi-debuginfo-0.6.31-20.el7.x86_64.rpm avahi-glib-0.6.31-20.el7.i686.rpm avahi-glib-0.6.31-20.el7.x86_64.rpm avahi-gobject-0.6.31-20.el7.i686.rpm avahi-gobject-0.6.31-20.el7.x86_64.rpm avahi-libs-0.6.31-20.el7.i686.rpm avahi-libs-0.6.31-20.el7.x86_64.rpm avahi-ui-gtk3-0.6.31-20.el7.i686.rpm avahi-ui-gtk3-0.6.31-20.el7.x86_64.rpm Red Hat Enterprise Linux Workstation Optional (v.7): x86_64: avahi-compat-howl-0.6.31-20.el7.i686.rpm avahi-compat-howl-0.6.31-20.el7.x86_64.rpm avahi-compat-howl-devel-0.6.31-20.el7.i686.rpm avahi-compat-howl-devel-0.6.31-20.el7.x86_64.rpm avahi-compat-libdns_sd-0.6.31-20.el7.i686.rpm avahi-compat-libdns_sd-0.6.31-20.el7.x86_64.rpm avahi-compat-libdns_sd-devel-0.6.31-20.el7.i686.rpm avahi-compat-libdns_sd-devel-0.6.31-20.el7.x86_64.rpm avahi-debuginfo-0.6.31-20.el7.i686.rpm avahi-debuginfo-0.6.31-20.el7.x86_64.rpm avahi-devel-0.6.31-20.el7.i686.rpm avahi-devel-0.6.31-20.el7.x86_64.rpm avahi-dnsconfd-0.6.31-20.el7.x86_64.rpm avahi-glib-devel-0.6.31-20.el7.i686.rpm avahi-glib-devel-0.6.31-20.el7.x86_64.rpm avahi-gobject-devel-0.6.31-20.el7.i686.rpm avahi-gobject-devel-0.6.31-20.el7.x86_64.rpm avahi-qt3-0.6.31-20.el7.i686.rpm avahi-qt3-0.6.31-20.el7.x86_64.rpm avahi-qt3-devel-0.6.31-20.el7.i686.rpm avahi-qt3-devel-0.6.31-20.el7.x86_64.rpm avahi-qt4-0.6.31-20.el7.i686.rpm avahi-qt4-0.6.31-20.el7.x86_64.rpm avahi-qt4-devel-0.6.31-20.el7.i686.rpm avahi-qt4-devel-0.6.31-20.el7.x86_64.rpm avahi-tools-0.6.31-20.el7.x86_64.rpm avahi-ui-0.6.31-20.el7.i686.rpm avahi-ui-0.6.31-20.el7.x86_64.rpm avahi-ui-devel-0.6.31-20.el7.i686.rpm avahi-ui-devel-0.6.31-20.el7.x86_64.rpm avahi-ui-tools-0.6.31-20.el7.x86_64.rpm These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://access.redhat.com/security/team/key 7. References: https://access.redhat.com/security/cve/CVE-2017-6519 https://access.redhat.com/security/updates/classification#low https://docs.redhat.com/en/documentation/red_hat_enterprise_linux/7/html/7.8_release_notes/index 8. Contact: The Red Hat security contact is . More contact details at https://access.redhat.com/security/team/contact Copyright 2020 Red Hat, Inc. -----BEGIN PGP SIGNATURE----- Version: GnuPGv1 iQIVAwUBXoOdCdzjgjWX9erEAQhZ3w//RbrqHtid9WDMrBl/mTBOBw9JOuMEMr1w FP8trNiWR7k3w95c3VMTLBQ5LgdTUlrgyBZq2sgMGSrttB5/G93Mp5Hypbhzo+2u nBW8LoNJ8cmATXFvRzI1+bOlaVssBnGp+AFJ0shYdVZDep66lgz4OgNZMG4ny8Zj flinrGj6Iw3CZV7KdOH58HdU4YGk+sq81Te8G8RsukVewqFa7mRlhgepKZUacl7Y EDhuRA4EapYMkO98nmVKXco8/kbsDAomu7dCAfOqGjdS07Qj7z6PvW8SxkVfN6kU KOFjiy/lb/VPqfOQVyqDAJjJHYWvo92K7mK04+sm9OxTbBPZeTpZ/RkG9p/x1Nr4 dQfdLAI65OlSWhwCuwANuqaBdoOliy0KEMNOP1PFMwNrryqEE9Gx0F9SjcEen+D5 uZq8HIu2hnpywT4gFOrdiuqeC5NMFIWLRtPZrwLJ4x6kYCQ+1asMmIRLx/aHzYRB zLfkbXHO7nSoaGgZqjzYi58Es+Pw1wAxICsIg6ewZmq13571m7GXbEtVQJre1hMf 1UzvYxtzILt0k73ZHzS6OX5lz+NAQqDWmj9fIv+IqFzwkH+9uGoNheOCX0HauKIU 1dAJpchUtWdTVz206aM8gmsoRfoL629JYWc2B4a+J/rGginAyDbzJZF0e/oEoYqs NOxfCV+JUeo=te5C -----END PGP SIGNATURE----- -- RHSA-announce mailing list This email address is being protected from spambots. You need JavaScript enabled to view it. . Ubuntu has announced a critical security patch for netfilter, tackling emerging vulnerabilities and reinforcing firewall protection.. Red Hat, Security Update, Avahi, Network Discovery, Linux Security. . Severity: Low. LinuxSecurity.com Team

Calendar 2 Mar 31, 2020 Low Red Hat
200
Ls Advisories Scientific Esm H240
Price Tag 1security advisoryupdatebug fix

Scientific Linux 6: CVE-2011-1002 Moderate: Avahi Service Fix

Moderate: avahi security and bug fix update. Date: Wed, 1 Jun 2011 11:10:47 -0500 Reply-To: Troy Dawson Sender: Security Errata for Scientific Linux From: Troy Dawson Subject: Security ERRATA Moderate: avahi on SL6.x i386/x86_64 Comments: To: "This email address is being protected from spambots. You need JavaScript enabled to view it." MIME-Version: 1.0 Synopsis: Moderate: avahi security and bug fix update Issue Date: 2011-05-19 CVE Numbers: CVE-2011-1002 Avahi is an implementation of the DNS Service Discovery and Multicast DNS specifications for Zero Configuration Networking. It facilitates service discovery on a local network. Avahi and Avahi-aware applications allow you to plug your computer into a network and, with no configuration, view other people to chat with, view printers to print to, and find shared files on other computers. A flaw was found in the way the Avahi daemon (avahi-daemon) processed Multicast DNS (mDNS) packets with an empty payload. An attacker on the local network could use this flaw to cause avahi-daemon on a target system to enter an infinite loop via an empty mDNS UDP packet. (CVE-2011-1002) This update also fixes the following bug: * Previously, the avahi packages in Scientific Linux 6 were not compiled with standard RPM CFLAGS; therefore, the Stack Protector and Fortify Source protections were not enabled, and the debuginfo packages did not contain the information required for debugging. This update corrects this issue by using proper CFLAGS when compiling the packages. (BZ#629954, BZ#684276) All users are advised to upgrade to these updated packages, which contain a backported patch to correct these issues. After installing the update, avahi-daemon will be restarted automatically. SL6: x86_64 avahi-ui-tools-0.6.25-11.el6.x86_64.rpm avahi-gobject-devel-0.6.25-11.el6.i686.rpm avahi-gobject-0.6.25-11.el6.x86_64.rpm avahi-gobject-0.6.25-11.el6.i686.rpm avahi-glib-devel-0.6.25-11.el6.x86_64.rpm avahi-glib-devel-0.6.25-11.el6.i686.rpm avahi-glib-0.6.25-11.el6.x86_64.rpm avahi-glib-0.6.25-11.el6.i686.rpm avahi-dnsconfd-0.6.25-11.el6.x86_64.rpm avahi-devel-0.6.25-11.el6.x86_64.rpm avahi-devel-0.6.25-11.el6.i686.rpm avahi-debuginfo-0.6.25-11.el6.x86_64.rpm avahi-debuginfo-0.6.25-11.el6.i686.rpm avahi-compat-libdns_sd-devel-0.6.25-11.el6.x86_64.rpm avahi-gobject-devel-0.6.25-11.el6.x86_64.rpm avahi-libs-0.6.25-11.el6.i686.rpm avahi-ui-devel-0.6.25-11.el6.x86_64.rpm avahi-ui-devel-0.6.25-11.el6.i686.rpm avahi-ui-0.6.25-11.el6.x86_64.rpm avahi-ui-0.6.25-11.el6.i686.rpm avahi-tools-0.6.25-11.el6.x86_64.rpm avahi-qt4-devel-0.6.25-11.el6.x86_64.rpm avahi-qt4-0.6.25-11.el6.x86_64.rpm avahi-qt4-0.6.25-11.el6.i686.rpm avahi-qt3-devel-0.6.25-11.el6.x86_64.rpm avahi-qt3-devel-0.6.25-11.el6.i686.rpm avahi-qt3-0.6.25-11.el6.x86_64.rpm avahi-qt3-0.6.25-11.el6.i686.rpm avahi-libs-0.6.25-11.el6.x86_64.rpm avahi-compat-libdns_sd-devel-0.6.25-11.el6.i686.rpm avahi-compat-libdns_sd-0.6.25-11.el6.x86_64.rpm avahi-compat-libdns_sd-0.6.25-11.el6.i686.rpm avahi-qt4-devel-0.6.25-11.el6.i686.rpm avahi-0.6.25-11.el6.i686.rpm avahi-0.6.25-11.el6.x86_64.rpm avahi-autoipd-0.6.25-11.el6.x86_64.rpm avahi-compat-howl-0.6.25-11.el6.i686.rpm avahi-compat-howl-0.6.25-11.el6.x86_64.rpm avahi-compat-howl-devel-0.6.25-11.el6.i686.rpm avahi-compat-howl-devel-0.6.25-11.el6.x86_64.rpm i386 avahi-glib-0.6.25-11.el6.i686.rpm avahi-dnsconfd-0.6.25-11.el6.i686.rpm avahi-devel-0.6.25-11.el6.i686.rpm avahi-debuginfo-0.6.25-11.el6.i686.rpm avahi-compat-libdns_sd-devel-0.6.25-11.el6.i686.rpm avahi-compat-libdns_sd-0.6.25-11.el6.i686.rpm avahi-compat-howl-devel-0.6.25-11.el6.i686.rpm avahi-compat-howl-0.6.25-11.el6.i686.rpm avahi-autoipd-0.6.25-11.el6.i686.rpm avahi-glib-devel-0.6.25-11.el6.i686.rpm avahi-gobject-0.6.25-11.el6.i686.rpm avahi-ui-tools-0.6.25-11.el6.i686.rpm avahi-ui-devel-0.6.25-11.el6.i686.rpm avahi-ui-0.6.25-11.el6.i686.rpm avahi-tools-0.6.25-11.el6.i686.rpm avahi-qt4-devel-0.6.25-11.el6.i686.rpm avahi-qt4-0.6.25-11.el6.i686.rpm avahi-qt3-devel-0.6.25-11.el6.i686.rpm avahi-qt3-0.6.25-11.el6.i686.rpm avahi-libs-0.6.25-11.el6.i686.rpm avahi-gobject-devel-0.6.25-11.el6.i686.rpm avahi-0.6.25-11.el6.i686.rpm - Scientific Linux Development Team . An update for avahi has been released to address a security vulnerability in mDNS handling for Scientific Linux. Users are recommended to upgrade.. avahi Update, Scientific Linux Security, Service Discovery Fix. . Severity: Important. LinuxSecurity.com Team

Calendar 2 Jun 01, 2011 Important Scientific Linux
Banner 3 1028x280 1708121785 1771599793
News Add Esm H240

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Community Poll

More Polls

What got you started with Linux?

No answer selected. Please try again.
Please select either existing option or enter your own, however not both.
Please select minimum {0} answer(s).
Please select maximum {0} answer(s).
/main-polls/150-what-got-you-started-with-linux?task=poll.vote&format=json
150
radio
0
[{"id":483,"title":"Self-taught through trial and error","votes":545,"type":"x","order":1,"pct":78.42,"resources":[]},{"id":484,"title":"Formal training or courses","votes":30,"type":"x","order":2,"pct":4.32,"resources":[]},{"id":485,"title":"A job that required it","votes":34,"type":"x","order":3,"pct":4.89,"resources":[]},{"id":486,"title":"Other","votes":86,"type":"x","order":4,"pct":12.37,"resources":[]}] ["#ff5b00","#4ac0f2","#b80028","#eef66c","#60bb22","#b96a9a","#62c2cc"] ["rgba(255,91,0,0.7)","rgba(74,192,242,0.7)","rgba(184,0,40,0.7)","rgba(238,246,108,0.7)","rgba(96,187,34,0.7)","rgba(185,106,154,0.7)","rgba(98,194,204,0.7)"] 350
bottom 200

Search Topics

Your message here