[ubuntu/hardy-security] avahi_0.6.22-2ubuntu4.2_ia64_translations.tar.gz, avahi_0.6.22-2ubuntu4.2_i386_translations.tar.gz, avahi_0.6.22-2ubuntu4.2_hppa_translations.tar.gz, avahi_0.6.22-2ubuntu4.2_amd64_translations.tar.gz, avahi_0.6.22-2ubuntu4.2_sparc_translations.tar.gz (delayed), avahi_0.6.22-2ubuntu4.2_powerpc_translations.tar.gz, avahi, avahi_0.6.22-2ubuntu4.2_lpia_translations.tar.gz 0.6.22-2ubuntu4.2 (Accepted)

Ubuntu Installer archive at ubuntu.com
Wed Sep 29 15:06:22 BST 2010 

avahi (0.6.22-2ubuntu4.2) hardy-security; urgency=low

  * SECURITY UPDATE: denial of service via crafted legacy unicast mDNS
    query packet
    - debian/patches/81_CVE-2009-0758.patch: account for network byte order
      in avahi-core/server.c.
    - CVE-2009-0758
  * SECURITY UPDATE: denial of service via invalid DNS packet
    - debian/patches/82_CVE-2010-2244.patch: fail gracefully on corrupt
      packets in avahi-core/socket.c.
    - CVE-2010-2244

Date: Wed, 22 Sep 2010 13:12:27 -0400
Changed-By: Marc Deslauriers <marc.deslauriers at ubuntu.com>
Maintainer: Ubuntu Core Developers <ubuntu-devel-discuss at lists.ubuntu.com>
https://launchpad.net/ubuntu/hardy/+source/avahi/0.6.22-2ubuntu4.2
-------------- next part --------------
Format: 1.7
Date: Wed, 22 Sep 2010 13:12:27 -0400
Source: avahi
Binary: avahi-daemon avahi-dnsconfd avahi-autoipd python-avahi avahi-utils avahi-discover libavahi-common3 libavahi-common-data libavahi-common-dev libavahi-core5 libavahi-core-dev libavahi-client3 libavahi-client-dev libavahi-glib1 libavahi-glib-dev libavahi-gobject0 libavahi-gobject-dev libavahi-qt3-1 libavahi-qt3-dev libavahi-qt4-1 libavahi-qt4-dev libavahi-compat-howl0 libavahi-compat-howl-dev libavahi-compat-libdnssd1 libavahi-compat-libdnssd-dev libavahi-ui0 libavahi-ui-dev avahi-dbg
Architecture: source
Version: 0.6.22-2ubuntu4.2
Distribution: hardy-security
Urgency: low
Maintainer: Ubuntu Core Developers <ubuntu-devel-discuss at lists.ubuntu.com>
Changed-By: Marc Deslauriers <marc.deslauriers at ubuntu.com>
Description: 
 avahi-autoipd - Avahi IPv4LL network address configuration daemon
 avahi-daemon - Avahi mDNS/DNS-SD daemon
 avahi-dbg  - Avahi - debugging symbols
 avahi-discover - Service discover user interface for avahi
 avahi-dnsconfd - Avahi DNS configuration tool
 avahi-utils - Avahi browsing, publishing and discovery utilities
 libavahi-client-dev - Development files for the Avahi client library
 libavahi-client3 - Avahi client library
 libavahi-common-data - Avahi common data files
 libavahi-common-dev - Development files for the Avahi common library
 libavahi-common3 - Avahi common library
 libavahi-compat-howl-dev - Development headers for the Avahi Howl compatibility library
 libavahi-compat-howl0 - Avahi Howl compatibility library
 libavahi-compat-libdnssd-dev - Development headers for the Avahi Apple Bonjour compatibility lib
 libavahi-compat-libdnssd1 - Avahi Apple Bonjour compatibility library
 libavahi-core-dev - Development files for Avahi's embeddable mDNS/DNS-SD library
 libavahi-core5 - Avahi's embeddable mDNS/DNS-SD library
 libavahi-glib-dev - Development headers for the Avahi glib integration library
 libavahi-glib1 - Avahi glib integration library
 libavahi-gobject-dev - Development headers for the Avahi GObject library
 libavahi-gobject0 - Avahi GObject library
 libavahi-qt3-1 - Avahi Qt 3 integration library
 libavahi-qt3-dev - Development headers for the Avahi Qt 3 integration library
 libavahi-qt4-1 - Avahi Qt 4 integration library
 libavahi-qt4-dev - Development headers for the Avahi Qt 4 integration library
 libavahi-ui-dev - Development headers for the Avahi GTK User interface library
 libavahi-ui0 - Avahi GTK User interface library
 python-avahi - Python utility package for Avahi
Changes: 
 avahi (0.6.22-2ubuntu4.2) hardy-security; urgency=low
 .
   * SECURITY UPDATE: denial of service via crafted legacy unicast mDNS
     query packet
     - debian/patches/81_CVE-2009-0758.patch: account for network byte order
       in avahi-core/server.c.
     - CVE-2009-0758
   * SECURITY UPDATE: denial of service via invalid DNS packet
     - debian/patches/82_CVE-2010-2244.patch: fail gracefully on corrupt
       packets in avahi-core/socket.c.
     - CVE-2010-2244
Files: 
 e114002dccb347936a8725f53c8a8c1c 1918 net optional avahi_0.6.22-2ubuntu4.2.dsc
 a13fefc5b0f38a81984b2184207a4a6f 25671 net optional avahi_0.6.22-2ubuntu4.2.diff.gz
Original-Maintainer: Utopia Maintenance Team <pkg-utopia-maintainers at lists.alioth.debian.org>

More information about the Hardy-changes mailing list