Bug 14249

Summary: [CVE 21] avahi 0.8 CVE
Product: [ROSA-based products] ROSA Fresh Reporter: Vladimir Potapov <v.potapov>
Component: Packages from MainAssignee: ROSA Linux Bugs <bugs>
Status: VERIFIED FIXED QA Contact: ROSA Linux Bugs <bugs>
Severity: normal    
Priority: Normal CC: a.proklov, i.gaptrakhmanov
Version: AllFlags: v.potapov: qa_verified+
v.potapov: secteam_verified?
a.proklov: published+
Target Milestone: ---   
Hardware: All   
OS: Linux   
URL: CVE-2021-3468
Whiteboard:
Platform: --- ROSA Vulnerability identifier:
RPM Package: ISO-related:
Bad POT generating: Upstream:

Description Vladimir Potapov 2024-01-13 11:30:04 MSK 
https://nvd.nist.gov/vuln/detail/CVE-2021-3468 medium
Comment 1 ilfat 2024-01-15 13:14:25 MSK 
******** QA ADVISORY ********

Avahi in commit 35bb1bae902ae9ff2da809fb5f577ba873c43359,
which we are using, already includes a fix for CVE-2021-3468.
CVE-2021-3468 added as fixed to the spec file.

avahi-0.8-12.git35bb1b.3

# rosa2021.1
https://abf.rosalinux.ru/build_lists/4955704 i686
https://abf.rosalinux.ru/build_lists/4955705 x86_64
https://abf.rosalinux.ru/build_lists/4955706 aarch64
https://abf.rosalinux.ru/build_lists/4955707 riscv64
https://abf.rosalinux.ru/build_lists/4955708 e2kv4

# rosa2021.15
https://abf.rosalinux.ru/build_lists/4955710 i686
https://abf.rosalinux.ru/build_lists/4955711 x86_64
https://abf.rosalinux.ru/build_lists/4955712 aarch64
https://abf.rosalinux.ru/build_lists/4955713 e2kv4
Comment 2 Vladimir Potapov 2024-01-17 10:59:31 MSK 
(In reply to ilfat from comment #1)
> ******** QA ADVISORY ********
> 
> Avahi in commit 35bb1bae902ae9ff2da809fb5f577ba873c43359,
> which we are using, already includes a fix for CVE-2021-3468.
> CVE-2021-3468 added as fixed to the spec file.
> 
> avahi-0.8-12.git35bb1b.3
> 
> # rosa2021.1
> https://abf.rosalinux.ru/build_lists/4955704 i686
> https://abf.rosalinux.ru/build_lists/4955705 x86_64
> https://abf.rosalinux.ru/build_lists/4955706 aarch64
> https://abf.rosalinux.ru/build_lists/4955707 riscv64
> https://abf.rosalinux.ru/build_lists/4955708 e2kv4
********************************************************
The update sent to testings

> # rosa2021.15
> https://abf.rosalinux.ru/build_lists/4955710 i686
> https://abf.rosalinux.ru/build_lists/4955711 x86_64
> https://abf.rosalinux.ru/build_lists/4955712 aarch64
> https://abf.rosalinux.ru/build_lists/4955713 e2kv4
published
Comment 3 Vladimir Potapov 2024-01-24 04:46:17 MSK 
avahi-0.8-12.git35bb1b.3
https://abf.rosalinux.ru/build_lists/4955704 i686
https://abf.rosalinux.ru/build_lists/4955705 x86_64
https://abf.rosalinux.ru/build_lists/4955706 aarch64
https://abf.rosalinux.ru/build_lists/4955707 riscv64
https://abf.rosalinux.ru/build_lists/4955708 e2k
********************************** Advisory *******************************
Avahi in commit 35bb1bae902ae9ff2da809fb5f577ba873c43359,
which we are using, already includes a fix for CVE-2021-3468.
CVE-2021-3468 added as fixed to the spec file.

****************************************************************************
QA Verified