(RHSA-2020:1176) Low: avahi security update

2020-03-3109:28:31

access.redhat.com

CVSS2

6.4

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

NONE

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:N/A:P

CVSS3

9.1

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

NONE

Availability Impact

HIGH

CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H

EPSS

0.062

Percentile

93.7%

JSON

Avahi is an implementation of the DNS Service Discovery and Multicast DNS specifications for Zero Configuration Networking. It facilitates service discovery on a local network. Avahi and Avahi-aware applications allow you to plug your computer into a network and, with no configuration, view other people to chat with, view printers to print with, and find shared files on other computers.

Security Fix(es):

avahi: Multicast DNS responds to unicast queries outside of local network (CVE-2017-6519)

For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.

Additional Changes:

For detailed information on changes in this release, see the Red Hat Enterprise Linux 7.8 Release Notes linked from the References section.

OSVersionArchitecturePackageVersionFilename
RedHat7ppc64leavahi-glib< 0.6.31-20.el7avahi-glib-0.6.31-20.el7.ppc64le.rpm
RedHat7ppc64avahi-devel< 0.6.31-20.el7avahi-devel-0.6.31-20.el7.ppc64.rpm
RedHat7ppcavahi-ui-devel< 0.6.31-20.el7avahi-ui-devel-0.6.31-20.el7.ppc.rpm
RedHat7ppc64leavahi-libs< 0.6.31-20.el7avahi-libs-0.6.31-20.el7.ppc64le.rpm
RedHat7s390xavahi-ui< 0.6.31-20.el7avahi-ui-0.6.31-20.el7.s390x.rpm
RedHat7s390avahi-ui-gtk3< 0.6.31-20.el7avahi-ui-gtk3-0.6.31-20.el7.s390.rpm
RedHat7i686avahi-qt4< 0.6.31-20.el7avahi-qt4-0.6.31-20.el7.i686.rpm
RedHat7x86_64avahi-dnsconfd< 0.6.31-20.el7avahi-dnsconfd-0.6.31-20.el7.x86_64.rpm
RedHat7ppcavahi-compat-libdns_sd-devel< 0.6.31-20.el7avahi-compat-libdns_sd-devel-0.6.31-20.el7.ppc.rpm
RedHat7ppc64avahi-qt4-devel< 0.6.31-20.el7avahi-qt4-devel-0.6.31-20.el7.ppc64.rpm

OS	Version	Architecture	Package	Version	Filename
RedHat	7	ppc64le	avahi-glib	< 0.6.31-20.el7	avahi-glib-0.6.31-20.el7.ppc64le.rpm
RedHat	7	ppc64	avahi-devel	< 0.6.31-20.el7	avahi-devel-0.6.31-20.el7.ppc64.rpm
RedHat	7	ppc	avahi-ui-devel	< 0.6.31-20.el7	avahi-ui-devel-0.6.31-20.el7.ppc.rpm
RedHat	7	ppc64le	avahi-libs	< 0.6.31-20.el7	avahi-libs-0.6.31-20.el7.ppc64le.rpm
RedHat	7	s390x	avahi-ui	< 0.6.31-20.el7	avahi-ui-0.6.31-20.el7.s390x.rpm
RedHat	7	s390	avahi-ui-gtk3	< 0.6.31-20.el7	avahi-ui-gtk3-0.6.31-20.el7.s390.rpm
RedHat	7	i686	avahi-qt4	< 0.6.31-20.el7	avahi-qt4-0.6.31-20.el7.i686.rpm
RedHat	7	x86_64	avahi-dnsconfd	< 0.6.31-20.el7	avahi-dnsconfd-0.6.31-20.el7.x86_64.rpm
RedHat	7	ppc	avahi-compat-libdns_sd-devel	< 0.6.31-20.el7	avahi-compat-libdns_sd-devel-0.6.31-20.el7.ppc.rpm
RedHat	7	ppc64	avahi-qt4-devel	< 0.6.31-20.el7	avahi-qt4-devel-0.6.31-20.el7.ppc64.rpm