Debian Security Advisory
DSA-2174-1 avahi -- denial of service
- Date Reported:
- 26 Feb 2011
- Affected Packages:
- Security database references:
- In the Debian bugtracking system: Bug 614785.
In Mitre's CVE dictionary: CVE-2011-1002.
- More information:
It was discovered that Avahi, an implementation of the zeroconf protocol, can be crashed remotely by a single UDP packet, which may result in a denial of service.
For the oldstable distribution (lenny), this problem has been fixed in version 0.6.23-3lenny3.
For the stable distribution (squeeze), this problem has been fixed in version 0.6.27-2+squeeze1.
For the testing (wheezy) and unstable distribution (sid), this problem has been fixed in version 0.6.28-4.
We recommend that you upgrade your avahi packages.