CVE-2023-38469, CVE-2023-38470, CVE-2023-38471, CVE-2023-38472, & CVE-2023-38473 Remediation for avahi-libs
Package: avahi
OS: 3.19
@ncopa can you help fix these CVEs? Since they were detected in 11/2023 these are overdue for remediation. Appreciate your help and assistance.
CVEs:
CVE-2023-38469 (medium severity)
- A vulnerability was found in Avahi, where a reachable assertion exists in avahi_dns_packet_append_record.
- https://nvd.nist.gov/vuln/detail/CVE-2023-38469
- https://security.alpinelinux.org/vuln/CVE-2023-38469
CVE-2023-38470 (medium severity)
- A vulnerability was found in Avahi. A reachable assertion exists in the avahi_escape_label() function.
- https://nvd.nist.gov/vuln/detail/CVE-2023-38470
- https://security.alpinelinux.org/vuln/CVE-2023-38470
CVE-2023-38471 (medium severity)
- A vulnerability was found in Avahi. A reachable assertion exists in the dbus_set_host_name function.
- https://nvd.nist.gov/vuln/detail/CVE-2023-38471
- https://security.alpinelinux.org/vuln/CVE-2023-38471
CVE-2023-38472 (medium severity)
- A vulnerability was found in Avahi. A reachable assertion exists in the avahi_rdata_parse() function.
- https://nvd.nist.gov/vuln/detail/CVE-2023-38472
- https://security.alpinelinux.org/vuln/CVE-2023-38472
CVE-2023-38473 (medium severity)
- A vulnerability was found in Avahi. A reachable assertion exists in the avahi_alternative_host_name() function.
- https://nvd.nist.gov/vuln/detail/CVE-2023-38473
- https://security.alpinelinux.org/vuln/CVE-2023-38473