avahi-0.6.31-20.el7
エラータID: AXSA:2020-4548:01
リリース日:
2020/04/02 Thursday - 05:56
題名:
avahi-0.6.31-20.el7
影響のあるチャネル:
Asianux Server 7 for x86_64
Severity:
Low
Description:
以下項目について対処しました。
[Security Fix]
- Avahi の avahi-daemon は同一リンク上にないソースアドレスからの IPv6
ユニキャストクエリに不注意に応答してしまい、このことによってリモートの攻撃者が
サービス拒否(トラフィックの増大)を引き起こし、ポート 5353 UDP パケット経由で
応答したデバイスから機密情報を得る脆弱性があります。(CVE-2017-6519)
注: この脆弱性は CVE-2015-2809 と重複しているかも知れません。
一部CVEの翻訳文はJVNからの引用になります。
http://jvndb.jvn.jp/
解決策:
パッケージをアップデートしてください。
CVE:
CVE-2017-6519
avahi-daemon in Avahi through 0.6.32 and 0.7 inadvertently responds to IPv6 unicast queries with source addresses that are not on-link, which allows remote attackers to cause a denial of service (traffic amplification) and may cause information leakage by obtaining potentially sensitive information from the responding device via port-5353 UDP packets. NOTE: this may overlap CVE-2015-2809.
avahi-daemon in Avahi through 0.6.32 and 0.7 inadvertently responds to IPv6 unicast queries with source addresses that are not on-link, which allows remote attackers to cause a denial of service (traffic amplification) and may cause information leakage by obtaining potentially sensitive information from the responding device via port-5353 UDP packets. NOTE: this may overlap CVE-2015-2809.
追加情報:
N/A
ダウンロード:
SRPMS
- avahi-0.6.31-20.el7.src.rpm
MD5: aae536b9c47cec27a65e242e7d80b56e
SHA-256: 1b64f73fe87e926d71c2edf2f64e486913f858fec0e5c7074d5ca7ad4fefdb94
Size: 1.25 MB
Asianux Server 7 for x86_64
- avahi-0.6.31-20.el7.x86_64.rpm
MD5: f94e44c066a1f097aefe466fd39891b5
SHA-256: b515f7612f4a854e7ffafc0280be2cc2f6ea2957c4420ff91e659573d6e6ec51
Size: 263.08 kB - avahi-autoipd-0.6.31-20.el7.x86_64.rpm
MD5: b3a5d7c79845d01b16ceb2e5596957c2
SHA-256: 046d59ceebb1a559d185652992b3abf3e82b197cc94f074fce81891c313d14bd
Size: 39.05 kB - avahi-glib-0.6.31-20.el7.x86_64.rpm
MD5: a9097be1312439f076de81b3989b1b2c
SHA-256: a1ba171c2e312a5276ef54c5027120e805292514f18ca2e7132cfd601f8fc772
Size: 24.21 kB - avahi-gobject-0.6.31-20.el7.x86_64.rpm
MD5: 1ccba47a9abc8341dc6f2ba91e36317e
SHA-256: 4369a1c714102bb45a072f1ea21f78bfbebbcd2bbe3541f21f443bd11dd54b73
Size: 34.02 kB - avahi-libs-0.6.31-20.el7.x86_64.rpm
MD5: bc781c569850eac7d87841ebd27c5a5b
SHA-256: 48a27ebb25030855a0c8902480ff1fcc5713e0544cee2da2b611e91586a2391d
Size: 60.83 kB - avahi-ui-gtk3-0.6.31-20.el7.x86_64.rpm
MD5: 9e315e3ad1a98479d1d880dd820ec4e1
SHA-256: 01e8d23a8503ee2b71c6bcfe2da21c0656d2016014b624988187ef54d3c83e89
Size: 36.27 kB - avahi-0.6.31-20.el7.i686.rpm
MD5: acbccb795db45ef45186a218c3ab27b2
SHA-256: e74a34cb407765e1646a965ae4e219e2852fb3e1fbfc7e6e63227b000ae1cc1f
Size: 261.62 kB - avahi-glib-0.6.31-20.el7.i686.rpm
MD5: f3fd5d9f7c88841b9f3b849562145713
SHA-256: c5792af5fcca00b1c0281edb4cfb2f78aa777f24e84b13b8d34f94772d0967d5
Size: 24.47 kB - avahi-gobject-0.6.31-20.el7.i686.rpm
MD5: d03639068a416fb7930d5cf59c72e406
SHA-256: 1541295701b7d01fc6778830bb0598bfb6d716ef8666a0cf344c88b054828625
Size: 33.20 kB - avahi-libs-0.6.31-20.el7.i686.rpm
MD5: 13afbcbc5ad4481f45362274db489d1d
SHA-256: e757e6c3138dae0edc72bbdc8b656fb837e45859a843d96c82c657ada337ae42
Size: 60.52 kB - avahi-ui-gtk3-0.6.31-20.el7.i686.rpm
MD5: 38ea9774ddbb237b842a9b089c2d8f18
SHA-256: d4ac28267a04b223ac7ae467393484b8bacde9621d905d25a3b310309af214d8
Size: 35.86 kB