[avahi] New release to fix all CVEs since 2021?
* Neustradamus *
neustradamus at hotmail.com
Fri Oct 27 22:05:45 UTC 2023
Dear Avahi team, @lathiat, @evverx, @pemensik,
This email has been published on GitHub here:
- https://github.com/lathiat/avahi/issues/503
Current unsecure stable version is 0.8.0 (2020-02-18), 3 years, 8 months, 9 days.
It is possible to create the 0.9.0 release build to fix all CVEs (Vulnerabilities)?
- https://www.cvedetails.com/vulnerability-list/vendor_id-4481/Avahi.html
- https://cve.report/software/avahi/avahi
- ...
Current list:
- CVE-2023-38473: https://github.com/lathiat/avahi/issues/451
- CVE-2023-38472: https://github.com/lathiat/avahi/issues/452
- CVE-2023-38471: https://github.com/lathiat/avahi/issues/453
- CVE-2023-38470: https://github.com/lathiat/avahi/issues/454
- CVE-2023-38469: https://github.com/lathiat/avahi/issues/455
- CVE-2023-1981: https://github.com/lathiat/avahi/issues/375
- CVE-2021-36217
- CVE-2021-26720
- CVE-2021-3502: https://github.com/lathiat/avahi/issues/338
- CVE-2021-3468
The original tickets have been closed without the new release build:
- https://github.com/lathiat/avahi/issues/325
- https://github.com/lathiat/avahi/issues/430
Thanks in advance.
More information about the avahi
mailing list