ALT Linux Team

Package avahi update in sisyphus on 2025-01-20

ALT-PU-2025-1591-1

Package avahi updated to version 0.8-alt5 for branch sisyphus in task 370646.

Closed vulnerabilities

Published: 2024-11-22
Modified: 2025-05-14

CVE-2024-52616

A flaw was found in the Avahi-daemon, where it initializes DNS transaction IDs randomly only once at startup, incrementing them sequentially after that. This predictable behavior facilitates DNS spoofing attacks, allowing attackers to guess transaction IDs.

References:
VKontakte | Telegram | YouTube | Forum | GitHub | Bugzilla
Version: 2.1.1
Back to top