25 lines
1.0 KiB
Plaintext
25 lines
1.0 KiB
Plaintext
<patchinfo incident="155">
|
|
<!-- generated from request(s) 355307 -->
|
|
<issue tracker="bnc" id="1212476">patch shebang line match the python version required in the package</issue>
|
|
<issue tracker="bnc" id="1226586">avahi-browse -a fails with "Invalid service type"</issue>
|
|
<issue tracker="bnc" id="1233420">VUL-0: CVE-2024-52616: avahi: Avahi Wide-Area DNS Predictable Transaction IDs</issue>
|
|
<issue tracker="cve" id="2024-52616"/>
|
|
<packager>qzhao</packager>
|
|
<rating>moderate</rating>
|
|
<category>security</category>
|
|
<summary>Security update for avahi</summary>
|
|
<description>This update for avahi fixes the following issues:
|
|
|
|
- CVE-2024-52616: Properly randomize query id of DNS packets (bsc#1233420).
|
|
|
|
Bug fixes:
|
|
|
|
- No longer supply bogus services to callbacks (bsc#1226586).
|
|
- Tag hardening patches as PATCH-FEATURE-OPENSUSE
|
|
- Remove dependency on /usr/bin/python3 using %python3_fix_shebang macro (bsc#1212476).
|
|
</description>
|
|
<package>avahi</package>
|
|
<package>avahi:glib2</package>
|
|
<package>avahi:qt5</package>
|
|
<seperate_build_arch/>
|
|
</patchinfo> |