[Pkg-utopia-maintainers] Bug#990900: avahi: CVE-2021-36217
Salvatore Bonaccorso
carnil at debian.org
Mon Aug 9 20:13:52 BST 2021
Control: retitle 990900 avahi: CVE-2021-3502
Control: forcemerge 986018 990900
On Sat, Jul 10, 2021 at 11:22:51PM +0200, Salvatore Bonaccorso wrote:
> Source: avahi
> Version: 0.8-5
> Severity: important
> Tags: security upstream
> X-Debbugs-Cc: carnil at debian.org, Debian Security Team <team at security.debian.org>
>
> Hi,
>
> The following vulnerability was published for avahi.
>
> CVE-2021-36217[0]:
> | Avahi 0.8 allows a local denial of service (NULL pointer dereference
> | and daemon crash) against avahi-daemon via the D-Bus interface or a
> | "ping .local" command.
>
>
> If you fix the vulnerability please also make sure to include the
> CVE (Common Vulnerabilities & Exposures) id in your changelog entry.
>
> For further information see:
>
> [0] https://security-tracker.debian.org/tracker/CVE-2021-36217
> https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-36217
> [1] https://bugzilla.suse.com/show_bug.cgi?id=1188083
This issue is actually a duplicate of CVE-2021-3502. CVE-2021-36217
got rejected.
Regards,
Salvatore
More information about the Pkg-utopia-maintainers
mailing list