Control: retitle 990900 avahi: CVE-2021-3502 Control: forcemerge 986018 990900
On Sat, Jul 10, 2021 at 11:22:51PM +0200, Salvatore Bonaccorso wrote: > Source: avahi > Version: 0.8-5 > Severity: important > Tags: security upstream > X-Debbugs-Cc: car...@debian.org, Debian Security Team > <t...@security.debian.org> > > Hi, > > The following vulnerability was published for avahi. > > CVE-2021-36217[0]: > | Avahi 0.8 allows a local denial of service (NULL pointer dereference > | and daemon crash) against avahi-daemon via the D-Bus interface or a > | "ping .local" command. > > > If you fix the vulnerability please also make sure to include the > CVE (Common Vulnerabilities & Exposures) id in your changelog entry. > > For further information see: > > [0] https://security-tracker.debian.org/tracker/CVE-2021-36217 > https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-36217 > [1] https://bugzilla.suse.com/show_bug.cgi?id=1188083 This issue is actually a duplicate of CVE-2021-3502. CVE-2021-36217 got rejected. Regards, Salvatore
