Am Donnerstag, den 24.02.2011, 15:57 +0100 schrieb Michael Biebl:
> But you are right, the security tracker should be updated
http://svn.debian.org/wsvn/secure-testing/?rev=16247
Best regards
Alexander Kurtz
signature.asc
Description: This is a digitally signed message part
On Thu, 2011-02-24 at 15:31 +, Julien Reveret wrote:
> [snip]
>
> It seems that mandriva already released an update for avahi :
>
> http://lists.grok.org.uk/pipermail/full-disclosure/2011-February/079525.html
>
> I guess you're facing the same issue.
0.6.28-4 has been accepted to unstable
> Package: avahi-daemon
> Version: 0.6.27-2
> Tags: security
> Severity: critical
> Justification: Introduces possible denial-of-service scenario.
>
> Hi,
>
> when I scan my server from another machine on the network using nmap, I
> get this:
[snip]
It seems that mandriva already released an upda
Am 24.02.2011 15:48, schrieb Alexander Kurtz:
> So, the code which introduced this vulnerability (CVE-2011-1002[1]) was
> actually added[2] when fixing another vulnerability (CVE-2010-2244[3]).
> As a consequence, lenny IS indeed vulnerable and needs to be fixed too.
Correct.
I uploaded a fixed l
Am 24.02.2011 15:52, schrieb Michael Biebl:
> Am 24.02.2011 15:48, schrieb Alexander Kurtz:
>> So, the code which introduced this vulnerability (CVE-2011-1002[1]) was
>> actually added[2] when fixing another vulnerability (CVE-2010-2244[3]).
>> As a consequence, lenny IS indeed vulnerable and needs
Hi everybody,
Am Mittwoch, den 23.02.2011, 16:13 +0100 schrieb Michael Biebl:
> A fixed package has been uploaded to unstable and stable-security (squeeze).
First the good news: I can confirm that upgrading *all* avahi packages
to 0.6.28-4 fixes the problem (only upgrading avahi-daemon does not!
6 matches
Mail list logo