[RFC] avahi: upgrade 0.8 -> 0.9-rc4

diff --git a/meta/recipes-connectivity/avahi/avahi_0.8.bb b/meta/recipes-connectivity/avahi/avahi_0.9.bb
similarity index 83%
rename from meta/recipes-connectivity/avahi/avahi_0.8.bb
rename to meta/recipes-connectivity/avahi/avahi_0.9.bb
index 0042c3c2e3d..b5b63cf1ee4 100644
--- a/meta/recipes-connectivity/avahi/avahi_0.8.bb
+++ b/meta/recipes-connectivity/avahi/avahi_0.9.bb
@@ -18,35 +18,18 @@  LIC_FILES_CHKSUM = "file://LICENSE;md5=2d5025d4aa3495befef8f17206a5b0a1 \
                     file://avahi-daemon/main.c;endline=21;md5=9ee77368c5407af77caaef1b07285969 \
                     file://avahi-client/client.h;endline=23;md5=f4ac741a25c4f434039ba3e18c8674cf"
 
-SRC_URI = "${GITHUB_BASE_URI}/download/v${PV}/avahi-${PV}.tar.gz \
+SRC_URI = "git://github.com/avahi/avahi;protocol=https;branch=master;tag=v0.9-rc4 \
            file://00avahi-autoipd \
            file://99avahi-autoipd \
-           file://initscript.patch \
+           file://avahi-daemon.in \
+           file://avahi-dnsconfd.in \
            file://0001-Fix-opening-etc-resolv.conf-error.patch \
-           file://handle-hup.patch \
-           file://local-ping.patch \
-           file://invalid-service.patch \
-           file://CVE-2023-1981.patch \
-           file://CVE-2023-38469-1.patch \
-           file://CVE-2023-38469-2.patch \
-           file://CVE-2023-38470-1.patch \
-           file://CVE-2023-38470-2.patch \
-           file://CVE-2023-38471-1.patch \
-           file://CVE-2023-38471-2.patch \
-           file://CVE-2023-38472.patch \
-           file://CVE-2023-38473.patch \
-           file://CVE-2024-52616.patch \
-           file://CVE-2024-52615.patch \
-           file://CVE-2025-68276.patch \
-           file://CVE-2026-24401.patch \
-           file://CVE-2025-68468.patch \
-           file://CVE-2025-68471.patch \
-           file://CVE-2026-34933-1.patch \
-           file://CVE-2026-34933-2.patch \
            "
 
+PV = "0.9~rc4"
+SRCREV = "625ca0fac19229f6dfa3a6c6b698ae657187e50c"
+
 GITHUB_BASE_URI = "https://github.com/avahi/avahi/releases/"
-SRC_URI[sha256sum] = "060309d7a333d38d951bc27598c677af1796934dbd98e1024e7ad8de798fedda"
 
 CVE_STATUS[CVE-2021-26720] = "not-applicable-platform: Issue only affects Debian/SUSE"
 
@@ -55,17 +38,20 @@  DEPENDS = "expat libcap libdaemon glib-2.0 glib-2.0-native"
 # For gtk related PACKAGECONFIGs: gtk, gtk3
 AVAHI_GTK ?= ""
 
-PACKAGECONFIG ??= "dbus ${@bb.utils.contains_any('DISTRO_FEATURES','x11 wayland','${AVAHI_GTK}','',d)}"
+PACKAGECONFIG ??= "dbus ${@bb.utils.contains_any('DISTRO_FEATURES','x11 wayland','${AVAHI_GTK}','',d)} ${@bb.utils.filter('DISTRO_FEATURES', 'systemd', d)}"
 PACKAGECONFIG[dbus] = "--enable-dbus,--disable-dbus,dbus"
 PACKAGECONFIG[gtk] = "--enable-gtk,--disable-gtk,gtk+"
 PACKAGECONFIG[gtk3] = "--enable-gtk3,--disable-gtk3,gtk+3"
 PACKAGECONFIG[libdns_sd] = "--enable-compat-libdns_sd --enable-dbus,,dbus"
 PACKAGECONFIG[libevent] = "--enable-libevent,--disable-libevent,libevent"
+PACKAGECONFIG[systemd] = "--enable-libsystemd,--disable-libsystemd --without-systemdsystemunitdir,systemd"
 PACKAGECONFIG[qt5] = "--enable-qt5,--disable-qt5,qtbase"
 
 inherit autotools pkgconfig gettext gobject-introspection github-releases
 
-EXTRA_OECONF = "--with-avahi-priv-access-group=adm \
+EXTRA_OECONF = " \
+             --runstatedir=${runtimedir} \
+             --with-avahi-priv-access-group=adm \
              --disable-stack-protector \
              --disable-gdbm \
              --disable-dbm \
@@ -75,14 +61,12 @@  EXTRA_OECONF = "--with-avahi-priv-access-group=adm \
              --disable-qt4 \
              --disable-python \
              --disable-doxygen-doc \
-             --enable-manpages \
+             --disable-manpages \
              ${EXTRA_OECONF_SYSVINIT} \
-             ${EXTRA_OECONF_SYSTEMD} \
            "
 
 # The distro choice determines what init scripts are installed
 EXTRA_OECONF_SYSVINIT = "${@bb.utils.contains('DISTRO_FEATURES','sysvinit','--with-distro=debian','--with-distro=none',d)}"
-EXTRA_OECONF_SYSTEMD = "${@bb.utils.contains('DISTRO_FEATURES','systemd','--with-systemdsystemunitdir=${systemd_system_unitdir}/','--without-systemdsystemunitdir',d)}"
 
 do_configure:prepend() {
     # This m4 file will get in the way of our introspection.m4 with special cross-compilation fixes
@@ -97,9 +81,9 @@  RRECOMMENDS:${PN}:append:libc-glibc = " avahi-libnss-mdns"
 
 do_install() {
 	autotools_do_install
-	rm -rf ${D}/run
+
+	rm -rf ${D}${runtimedir}
 	test -d ${D}${datadir}/dbus-1 && rmdir --ignore-fail-on-non-empty ${D}${datadir}/dbus-1
-	rm -rf ${D}${libdir}/avahi
 
 	# Move example service files out of /etc/avahi/services so we don't
 	# advertise ssh & sftp-ssh by default
@@ -147,9 +131,8 @@  FILES:avahi-daemon = "${sbindir}/avahi-daemon \
                       ${sysconfdir}/avahi/avahi-daemon.conf \
                       ${sysconfdir}/avahi/hosts \
                       ${sysconfdir}/avahi/services \
-                      ${sysconfdir}/dbus-1 \
                       ${sysconfdir}/init.d/avahi-daemon \
-                      ${datadir}/dbus-1/interfaces \
+                      ${datadir}/dbus-1 \
                       ${datadir}/avahi/avahi-service.dtd \
                       ${datadir}/avahi/service-types \
                       ${datadir}/dbus-1/system-services"
@@ -194,6 +177,11 @@  do_install:append() {
 	install -d ${D}${sysconfdir}/udhcpc.d
 	install ${UNPACKDIR}/00avahi-autoipd ${D}${sysconfdir}/udhcpc.d
 	install ${UNPACKDIR}/99avahi-autoipd ${D}${sysconfdir}/udhcpc.d
+
+	install -d ${D}${sysconfdir}/init.d
+	install ${UNPACKDIR}/avahi-daemon.in ${D}${sysconfdir}/init.d/avahi-daemon
+	install ${UNPACKDIR}/avahi-dnsconfd.in ${D}${sysconfdir}/init.d/avahi-dnsconfd
+	sed -i -e 's,@sbindir@,${sbindir},g' -e 's,@sysconfdir@,${sysconfdir},g' ${D}${sysconfdir}/init.d/avahi-*
 }
 
 # At the time the postinst runs, dbus might not be setup so only restart if running 
diff --git a/meta/recipes-connectivity/avahi/files/0001-Fix-opening-etc-resolv.conf-error.patch b/meta/recipes-connectivity/avahi/files/0001-Fix-opening-etc-resolv.conf-error.patch
index cb8b83fd238..d46b4d88ac8 100644
--- a/meta/recipes-connectivity/avahi/files/0001-Fix-opening-etc-resolv.conf-error.patch
+++ b/meta/recipes-connectivity/avahi/files/0001-Fix-opening-etc-resolv.conf-error.patch
@@ -39,7 +39,7 @@  index 548c834..63e28e4 100644
 +After=systemd-resolved.service connman.service
  
  [Service]
- Type=dbus
+ BusName=org.freedesktop.Avahi
 -- 
 2.11.0
 
diff --git a/meta/recipes-connectivity/avahi/files/CVE-2023-1981.patch b/meta/recipes-connectivity/avahi/files/CVE-2023-1981.patch
deleted file mode 100644
index 4d7924d13a6..00000000000
--- a/meta/recipes-connectivity/avahi/files/CVE-2023-1981.patch
+++ /dev/null
@@ -1,58 +0,0 @@ 
-From a2696da2f2c50ac43b6c4903f72290d5c3fa9f6f Mon Sep 17 00:00:00 2001
-From: =?UTF-8?q?Petr=20Men=C5=A1=C3=ADk?= <pemensik@redhat.com>
-Date: Thu, 17 Nov 2022 01:51:53 +0100
-Subject: [PATCH] Emit error if requested service is not found
-
-It currently just crashes instead of replying with error. Check return
-value and emit error instead of passing NULL pointer to reply.
-
-Fixes #375
-
-Upstream-Status: Backport [import from ubuntu https://git.launchpad.net/ubuntu/+source/avahi/tree/debian/patches/CVE-2023-1981.patch?h=ubuntu/jammy-security
-Upstream commit https://github.com/lathiat/avahi/commit/a2696da2f2c50ac43b6c4903f72290d5c3fa9f6f]
-CVE: CVE-2023-1981
-Signed-off-by: Vijay Anusuri <vanusuri@mvista.com>
----
- avahi-daemon/dbus-protocol.c | 20 ++++++++++++++------
- 1 file changed, 14 insertions(+), 6 deletions(-)
-
-diff --git a/avahi-daemon/dbus-protocol.c b/avahi-daemon/dbus-protocol.c
-index 70d7687bc..406d0b441 100644
---- a/avahi-daemon/dbus-protocol.c
-+++ b/avahi-daemon/dbus-protocol.c
-@@ -375,10 +375,14 @@ static DBusHandlerResult dbus_get_alternative_host_name(DBusConnection *c, DBusM
-     }
- 
-     t = avahi_alternative_host_name(n);
--    avahi_dbus_respond_string(c, m, t);
--    avahi_free(t);
-+    if (t) {
-+        avahi_dbus_respond_string(c, m, t);
-+        avahi_free(t);
- 
--    return DBUS_HANDLER_RESULT_HANDLED;
-+        return DBUS_HANDLER_RESULT_HANDLED;
-+    } else {
-+        return avahi_dbus_respond_error(c, m, AVAHI_ERR_NOT_FOUND, "Hostname not found");
-+    }
- }
- 
- static DBusHandlerResult dbus_get_alternative_service_name(DBusConnection *c, DBusMessage *m, DBusError *error) {
-@@ -389,10 +393,14 @@ static DBusHandlerResult dbus_get_alternative_service_name(DBusConnection *c, DB
-     }
- 
-     t = avahi_alternative_service_name(n);
--    avahi_dbus_respond_string(c, m, t);
--    avahi_free(t);
-+    if (t) {
-+        avahi_dbus_respond_string(c, m, t);
-+        avahi_free(t);
- 
--    return DBUS_HANDLER_RESULT_HANDLED;
-+        return DBUS_HANDLER_RESULT_HANDLED;
-+    } else {
-+        return avahi_dbus_respond_error(c, m, AVAHI_ERR_NOT_FOUND, "Service not found");
-+    }
- }
- 
- static DBusHandlerResult dbus_create_new_entry_group(DBusConnection *c, DBusMessage *m, DBusError *error) {
diff --git a/meta/recipes-connectivity/avahi/files/CVE-2023-38469-1.patch b/meta/recipes-connectivity/avahi/files/CVE-2023-38469-1.patch
deleted file mode 100644
index a078f66102f..00000000000
--- a/meta/recipes-connectivity/avahi/files/CVE-2023-38469-1.patch
+++ /dev/null
@@ -1,48 +0,0 @@ 
-From 72842945085cc3adaccfdfa2853771b0e75ef991 Mon Sep 17 00:00:00 2001
-From: Evgeny Vereshchagin <evvers@ya.ru>
-Date: Mon, 23 Oct 2023 20:29:31 +0000
-Subject: [PATCH] avahi: core: reject overly long TXT resource records
-
-Closes https://github.com/lathiat/avahi/issues/455
-
-Upstream-Status: Backport [https://github.com/lathiat/avahi/commit/a337a1ba7d15853fb56deef1f464529af6e3a1cf]
-CVE: CVE-2023-38469
-
-Signed-off-by: Meenali Gupta <meenali.gupta@windriver.com>
----
- avahi-core/rr.c | 9 ++++++++-
- 1 file changed, 8 insertions(+), 1 deletion(-)
-
-diff --git a/avahi-core/rr.c b/avahi-core/rr.c
-index 7fa0bee..b03a24c 100644
---- a/avahi-core/rr.c
-+++ b/avahi-core/rr.c
-@@ -32,6 +32,7 @@
- #include <avahi-common/malloc.h>
- #include <avahi-common/defs.h>
-
-+#include "dns.h"
- #include "rr.h"
- #include "log.h"
- #include "util.h"
-@@ -688,11 +689,17 @@ int avahi_record_is_valid(AvahiRecord *r) {
-         case AVAHI_DNS_TYPE_TXT: {
-
-             AvahiStringList *strlst;
-+            size_t used = 0;
-
--            for (strlst = r->data.txt.string_list; strlst; strlst = strlst->next)
-+            for (strlst = r->data.txt.string_list; strlst; strlst = strlst->next) {
-                 if (strlst->size > 255 || strlst->size <= 0)
-                     return 0;
-
-+                used += 1+strlst->size;
-+                if (used > AVAHI_DNS_RDATA_MAX)
-+                    return 0;
-+            }
-+
-             return 1;
-         }
-     }
---
-2.40.0
diff --git a/meta/recipes-connectivity/avahi/files/CVE-2023-38469-2.patch b/meta/recipes-connectivity/avahi/files/CVE-2023-38469-2.patch
deleted file mode 100644
index f8f60ddca1c..00000000000
--- a/meta/recipes-connectivity/avahi/files/CVE-2023-38469-2.patch
+++ /dev/null
@@ -1,65 +0,0 @@ 
-From c6cab87df290448a63323c8ca759baa516166237 Mon Sep 17 00:00:00 2001
-From: Evgeny Vereshchagin <evvers@ya.ru>
-Date: Wed, 25 Oct 2023 18:15:42 +0000
-Subject: [PATCH] tests: pass overly long TXT resource records
-
-to make sure they don't crash avahi any more.
-It reproduces https://github.com/lathiat/avahi/issues/455
-
-Canonical notes:
-nickgalanis> removed first hunk since there is no .github dir in this release
-
-Upstream-Status: Backport [import from ubuntu https://git.launchpad.net/ubuntu/+source/avahi/tree/debian/patches/CVE-2023-38469-2.patch?h=ubuntu/jammy-security
-Upstream commit https://github.com/lathiat/avahi/commit/c6cab87df290448a63323c8ca759baa516166237]
-CVE: CVE-2023-38469
-Signed-off-by: Vijay Anusuri <vanusuri@mvista.com>
----
- avahi-client/client-test.c       | 14 ++++++++++++++
- 1 files changed, 14 insertions(+)
-
-Index: avahi-0.8/avahi-client/client-test.c
-===================================================================
---- avahi-0.8.orig/avahi-client/client-test.c
-+++ avahi-0.8/avahi-client/client-test.c
-@@ -22,6 +22,7 @@
- #endif
- 
- #include <stdio.h>
-+#include <string.h>
- #include <assert.h>
- 
- #include <avahi-client/client.h>
-@@ -33,6 +34,8 @@
- #include <avahi-common/malloc.h>
- #include <avahi-common/timeval.h>
- 
-+#include <avahi-core/dns.h>
-+
- static const AvahiPoll *poll_api = NULL;
- static AvahiSimplePoll *simple_poll = NULL;
- 
-@@ -222,6 +225,9 @@ int main (AVAHI_GCC_UNUSED int argc, AVA
-     uint32_t cookie;
-     struct timeval tv;
-     AvahiAddress a;
-+    uint8_t rdata[AVAHI_DNS_RDATA_MAX+1];
-+    AvahiStringList *txt = NULL;
-+    int r;
- 
-     simple_poll = avahi_simple_poll_new();
-     poll_api = avahi_simple_poll_get(simple_poll);
-@@ -258,6 +264,14 @@ int main (AVAHI_GCC_UNUSED int argc, AVA
-     printf("%s\n", avahi_strerror(avahi_entry_group_add_service (group, AVAHI_IF_UNSPEC, AVAHI_PROTO_UNSPEC, 0, "Lathiat's Site", "_http._tcp", NULL, NULL, 80, "foo=bar", NULL)));
-     printf("add_record: %d\n", avahi_entry_group_add_record (group, AVAHI_IF_UNSPEC, AVAHI_PROTO_UNSPEC, 0, "TestX", 0x01, 0x10, 120, "\5booya", 6));
- 
-+    memset(rdata, 1, sizeof(rdata));
-+    r = avahi_string_list_parse(rdata, sizeof(rdata), &txt);
-+    assert(r >= 0);
-+    assert(avahi_string_list_serialize(txt, NULL, 0) == sizeof(rdata));
-+    error = avahi_entry_group_add_service_strlst(group, AVAHI_IF_UNSPEC, AVAHI_PROTO_UNSPEC, 0, "TestX", "_qotd._tcp", NULL, NULL, 123, txt);
-+    assert(error == AVAHI_ERR_INVALID_RECORD);
-+    avahi_string_list_free(txt);
-+
-     avahi_entry_group_commit (group);
- 
-     domain = avahi_domain_browser_new (avahi, AVAHI_IF_UNSPEC, AVAHI_PROTO_UNSPEC, NULL, AVAHI_DOMAIN_BROWSER_BROWSE, 0, avahi_domain_browser_callback, (char*) "omghai3u");
diff --git a/meta/recipes-connectivity/avahi/files/CVE-2023-38470-1.patch b/meta/recipes-connectivity/avahi/files/CVE-2023-38470-1.patch
deleted file mode 100644
index 91f9e677ace..00000000000
--- a/meta/recipes-connectivity/avahi/files/CVE-2023-38470-1.patch
+++ /dev/null
@@ -1,59 +0,0 @@ 
-From af7bfad67ca53a7c4042a4a2d85456b847e9f249 Mon Sep 17 00:00:00 2001
-From: =?UTF-8?q?Petr=20Men=C5=A1=C3=ADk?= <pemensik@redhat.com>
-Date: Tue, 11 Apr 2023 15:29:59 +0200
-Subject: [PATCH] avahi: Ensure each label is at least one byte long
-
-The only allowed exception is single dot, where it should return empty
-string.
-
-Fixes #454.
-
-Upstream-Status: Backport [https://github.com/lathiat/avahi/commit/94cb6489114636940ac683515417990b55b5d66c]
-CVE: CVE-2023-38470
-
-Signed-off-by: Meenali Gupta <meenali.gupta@windriver.com>
----
- avahi-common/domain-test.c | 14 ++++++++++++++
- avahi-common/domain.c      |  2 +-
- 2 files changed, 15 insertions(+), 1 deletion(-)
-
-diff --git a/avahi-common/domain-test.c b/avahi-common/domain-test.c
-index cf763ec..3acc1c1 100644
---- a/avahi-common/domain-test.c
-+++ b/avahi-common/domain-test.c
-@@ -45,6 +45,20 @@ int main(AVAHI_GCC_UNUSED int argc, AVAHI_GCC_UNUSED char *argv[]) {
-     printf("%s\n", s = avahi_normalize_name_strdup("fo\\\\o\\..f oo."));
-     avahi_free(s);
-
-+    printf("%s\n", s = avahi_normalize_name_strdup("."));
-+    avahi_free(s);
-+
-+    s = avahi_normalize_name_strdup(",.=.}.=.?-.}.=.?.?.}.}.?.?.?.z.?.?.}.}."
-+		    "}.?.?.?.r.=.=.}.=.?.}}.}.?.?.?.zM.=.=.?.?.}.}.?.?.}.}.}"
-+		    ".?.?.?.r.=.=.}.=.?.}}.}.?.?.?.zM.=.=.?.?.}.}.?.?.?.zM.?`"
-+		    "?.}.}.}.?.?.?.r.=.?.}.=.?.?.}.?.?.?.}.=.?.?.}??.}.}.?.?."
-+		    "?.z.?.?.}.}.}.?.?.?.r.=.=.}.=.?.}}.}.?.?.?.zM.?`?.}.}.}."
-+		    "??.?.zM.?`?.}.}.}.?.?.?.r.=.?.}.=.?.?.}.?.?.?.}.=.?.?.}?"
-+		    "?.}.}.?.?.?.z.?.?.}.}.}.?.?.?.r.=.=.}.=.?.}}.}.?.?.?.zM."
-+		    "?`?.}.}.}.?.?.?.r.=.=.?.?`.?.?}.}.}.?.?.?.r.=.?.}.=.?.?."
-+		    "}.?.?.?.}.=.?.?.}");
-+    assert(s == NULL);
-+
-     printf("%i\n", avahi_domain_equal("\\065aa bbb\\.\\046cc.cc\\\\.dee.fff.", "Aaa BBB\\.\\.cc.cc\\\\.dee.fff"));
-     printf("%i\n", avahi_domain_equal("A", "a"));
-
-diff --git a/avahi-common/domain.c b/avahi-common/domain.c
-index 3b1ab68..e66d241 100644
---- a/avahi-common/domain.c
-+++ b/avahi-common/domain.c
-@@ -201,7 +201,7 @@ char *avahi_normalize_name(const char *s, char *ret_s, size_t size) {
-         }
-
-         if (!empty) {
--            if (size < 1)
-+            if (size < 2)
-                 return NULL;
-
-             *(r++) = '.';
---
-2.40.0
diff --git a/meta/recipes-connectivity/avahi/files/CVE-2023-38470-2.patch b/meta/recipes-connectivity/avahi/files/CVE-2023-38470-2.patch
deleted file mode 100644
index e0736bf210a..00000000000
--- a/meta/recipes-connectivity/avahi/files/CVE-2023-38470-2.patch
+++ /dev/null
@@ -1,52 +0,0 @@ 
-From 20dec84b2480821704258bc908e7b2bd2e883b24 Mon Sep 17 00:00:00 2001
-From: Evgeny Vereshchagin <evvers@ya.ru>
-Date: Tue, 19 Sep 2023 03:21:25 +0000
-Subject: [PATCH] [common] bail out when escaped labels can't fit into ret
-
-Fixes:
-```
-==93410==ERROR: AddressSanitizer: stack-buffer-overflow on address 0x7f9e76f14c16 at pc 0x00000047208d bp 0x7ffee90a6a00 sp 0x7ffee90a61c8
-READ of size 1110 at 0x7f9e76f14c16 thread T0
-    #0 0x47208c in __interceptor_strlen (out/fuzz-domain+0x47208c) (BuildId: 731b20c1eef22c2104e75a6496a399b10cfc7cba)
-    #1 0x534eb0 in avahi_strdup avahi/avahi-common/malloc.c:167:12
-    #2 0x53862c in avahi_normalize_name_strdup avahi/avahi-common/domain.c:226:12
-```
-and
-```
-fuzz-domain: fuzz/fuzz-domain.c:38: int LLVMFuzzerTestOneInput(const uint8_t *, size_t): Assertion `avahi_domain_equal(s, t)' failed.
-==101571== ERROR: libFuzzer: deadly signal
-    #0 0x501175 in __sanitizer_print_stack_trace (/home/vagrant/avahi/out/fuzz-domain+0x501175) (BuildId: 682bf6400aff9d41b64b6e2cc3ef5ad600216ea8)
-    #1 0x45ad2c in fuzzer::PrintStackTrace() (/home/vagrant/avahi/out/fuzz-domain+0x45ad2c) (BuildId: 682bf6400aff9d41b64b6e2cc3ef5ad600216ea8)
-    #2 0x43fc07 in fuzzer::Fuzzer::CrashCallback() (/home/vagrant/avahi/out/fuzz-domain+0x43fc07) (BuildId: 682bf6400aff9d41b64b6e2cc3ef5ad600216ea8)
-    #3 0x7f1581d7ebaf  (/lib64/libc.so.6+0x3dbaf) (BuildId: c9f62793b9e886eb1b95077d4f26fe2b4aa1ac25)
-    #4 0x7f1581dcf883 in __pthread_kill_implementation (/lib64/libc.so.6+0x8e883) (BuildId: c9f62793b9e886eb1b95077d4f26fe2b4aa1ac25)
-    #5 0x7f1581d7eafd in gsignal (/lib64/libc.so.6+0x3dafd) (BuildId: c9f62793b9e886eb1b95077d4f26fe2b4aa1ac25)
-    #6 0x7f1581d6787e in abort (/lib64/libc.so.6+0x2687e) (BuildId: c9f62793b9e886eb1b95077d4f26fe2b4aa1ac25)
-    #7 0x7f1581d6779a in __assert_fail_base.cold (/lib64/libc.so.6+0x2679a) (BuildId: c9f62793b9e886eb1b95077d4f26fe2b4aa1ac25)
-    #8 0x7f1581d77186 in __assert_fail (/lib64/libc.so.6+0x36186) (BuildId: c9f62793b9e886eb1b95077d4f26fe2b4aa1ac25)
-    #9 0x5344a4 in LLVMFuzzerTestOneInput /home/vagrant/avahi/fuzz/fuzz-domain.c:38:9
-```
-
-It's a follow-up to 94cb6489114636940ac683515417990b55b5d66c
-
-Upstream-Status: Backport [import from ubuntu https://git.launchpad.net/ubuntu/+source/avahi/tree/debian/patches/CVE-2023-38470-2.patch?h=ubuntu/jammy-security
-CVE: CVE-2023-38470 #Follow-up patch
-Signed-off-by: Vijay Anusuri <vanusuri@mvista.com>
----
- avahi-common/domain.c | 3 ++-
- 1 file changed, 2 insertions(+), 1 deletion(-)
-
-Index: avahi-0.8/avahi-common/domain.c
-===================================================================
---- avahi-0.8.orig/avahi-common/domain.c
-+++ avahi-0.8/avahi-common/domain.c
-@@ -210,7 +210,8 @@ char *avahi_normalize_name(const char *s
-         } else
-             empty = 0;
- 
--        avahi_escape_label(label, strlen(label), &r, &size);
-+        if (!(avahi_escape_label(label, strlen(label), &r, &size)))
-+            return NULL;
-     }
- 
-     return ret_s;
diff --git a/meta/recipes-connectivity/avahi/files/CVE-2023-38471-1.patch b/meta/recipes-connectivity/avahi/files/CVE-2023-38471-1.patch
deleted file mode 100644
index b3f716495db..00000000000
--- a/meta/recipes-connectivity/avahi/files/CVE-2023-38471-1.patch
+++ /dev/null
@@ -1,73 +0,0 @@ 
-From 48d745db7fd554fc33e96ec86d3675ebd530bb8e Mon Sep 17 00:00:00 2001
-From: Michal Sekletar <msekleta@redhat.com>
-Date: Mon, 23 Oct 2023 13:38:35 +0200
-Subject: [PATCH] avahi: core: extract host name using avahi_unescape_label()
-
-Previously we could create invalid escape sequence when we split the
-string on dot. For example, from valid host name "foo\\.bar" we have
-created invalid name "foo\\" and tried to set that as the host name
-which crashed the daemon.
-
-Fixes #453
-
-Upstream-Status: Backport [https://github.com/lathiat/avahi/commit/894f085f402e023a98cbb6f5a3d117bd88d93b09]
-CVE: CVE-2023-38471
-
-Signed-off-by: Meenali Gupta <meenali.gupta@windriver.com>
----
- avahi-core/server.c | 27 +++++++++++++++++++++------
- 1 file changed, 21 insertions(+), 6 deletions(-)
-
-diff --git a/avahi-core/server.c b/avahi-core/server.c
-index e507750..40f1d68 100644
---- a/avahi-core/server.c
-+++ b/avahi-core/server.c
-@@ -1295,7 +1295,11 @@ static void update_fqdn(AvahiServer *s) {
- }
-
- int avahi_server_set_host_name(AvahiServer *s, const char *host_name) {
--    char *hn = NULL;
-+    char label_escaped[AVAHI_LABEL_MAX*4+1];
-+    char label[AVAHI_LABEL_MAX];
-+    char *hn = NULL, *h;
-+    size_t len;
-+
-     assert(s);
-
-     AVAHI_CHECK_VALIDITY(s, !host_name || avahi_is_valid_host_name(host_name), AVAHI_ERR_INVALID_HOST_NAME);
-@@ -1305,17 +1309,28 @@ int avahi_server_set_host_name(AvahiServer *s, const char *host_name) {
-     else
-         hn = avahi_normalize_name_strdup(host_name);
-
--    hn[strcspn(hn, ".")] = 0;
-+    h = hn;
-+    if (!avahi_unescape_label((const char **)&hn, label, sizeof(label))) {
-+        avahi_free(h);
-+        return AVAHI_ERR_INVALID_HOST_NAME;
-+    }
-+
-+    avahi_free(h);
-+
-+    h = label_escaped;
-+    len = sizeof(label_escaped);
-+    if (!avahi_escape_label(label, strlen(label), &h, &len))
-+        return AVAHI_ERR_INVALID_HOST_NAME;
-
--    if (avahi_domain_equal(s->host_name, hn) && s->state != AVAHI_SERVER_COLLISION) {
--        avahi_free(hn);
-+    if (avahi_domain_equal(s->host_name, label_escaped) && s->state != AVAHI_SERVER_COLLISION)
-         return avahi_server_set_errno(s, AVAHI_ERR_NO_CHANGE);
--    }
-
-     withdraw_host_rrs(s);
-
-     avahi_free(s->host_name);
--    s->host_name = hn;
-+    s->host_name = avahi_strdup(label_escaped);
-+    if (!s->host_name)
-+        return AVAHI_ERR_NO_MEMORY;
-
-     update_fqdn(s);
-
---
-2.40.0
diff --git a/meta/recipes-connectivity/avahi/files/CVE-2023-38471-2.patch b/meta/recipes-connectivity/avahi/files/CVE-2023-38471-2.patch
deleted file mode 100644
index 44737bfc2e1..00000000000
--- a/meta/recipes-connectivity/avahi/files/CVE-2023-38471-2.patch
+++ /dev/null
@@ -1,52 +0,0 @@ 
-From b675f70739f404342f7f78635d6e2dcd85a13460 Mon Sep 17 00:00:00 2001
-From: Evgeny Vereshchagin <evvers@ya.ru>
-Date: Tue, 24 Oct 2023 22:04:51 +0000
-Subject: [PATCH] core: return errors from avahi_server_set_host_name properly
-
-It's a follow-up to 894f085f402e023a98cbb6f5a3d117bd88d93b09
-
-Upstream-Status: Backport [import from ubuntu https://git.launchpad.net/ubuntu/+source/avahi/tree/debian/patches/CVE-2023-38471-2.patch?h=ubuntu/jammy-security
-Upstream commit https://github.com/lathiat/avahi/commit/b675f70739f404342f7f78635d6e2dcd85a13460]
-CVE: CVE-2023-38471 #Follow-up Patch
-Signed-off-by: Vijay Anusuri <vanusuri@mvista.com>
----
- avahi-core/server.c | 9 ++++++---
- 1 file changed, 6 insertions(+), 3 deletions(-)
-
-Index: avahi-0.8/avahi-core/server.c
-===================================================================
---- avahi-0.8.orig/avahi-core/server.c
-+++ avahi-0.8/avahi-core/server.c
-@@ -1309,10 +1309,13 @@ int avahi_server_set_host_name(AvahiServ
-     else
-         hn = avahi_normalize_name_strdup(host_name);
- 
-+    if (!hn)
-+        return avahi_server_set_errno(s, AVAHI_ERR_NO_MEMORY);
-+
-     h = hn;
-     if (!avahi_unescape_label((const char **)&hn, label, sizeof(label))) {
-         avahi_free(h);
--        return AVAHI_ERR_INVALID_HOST_NAME;
-+        return avahi_server_set_errno(s, AVAHI_ERR_INVALID_HOST_NAME);
-     }
- 
-     avahi_free(h);
-@@ -1320,7 +1323,7 @@ int avahi_server_set_host_name(AvahiServ
-     h = label_escaped;
-     len = sizeof(label_escaped);
-     if (!avahi_escape_label(label, strlen(label), &h, &len))
--        return AVAHI_ERR_INVALID_HOST_NAME;
-+        return avahi_server_set_errno(s, AVAHI_ERR_INVALID_HOST_NAME);
- 
-     if (avahi_domain_equal(s->host_name, label_escaped) && s->state != AVAHI_SERVER_COLLISION)
-         return avahi_server_set_errno(s, AVAHI_ERR_NO_CHANGE);
-@@ -1330,7 +1333,7 @@ int avahi_server_set_host_name(AvahiServ
-     avahi_free(s->host_name);
-     s->host_name = avahi_strdup(label_escaped);
-     if (!s->host_name)
--        return AVAHI_ERR_NO_MEMORY;
-+        return avahi_server_set_errno(s, AVAHI_ERR_NO_MEMORY);
- 
-     update_fqdn(s);
- 
diff --git a/meta/recipes-connectivity/avahi/files/CVE-2023-38472.patch b/meta/recipes-connectivity/avahi/files/CVE-2023-38472.patch
deleted file mode 100644
index 85dbded73bd..00000000000
--- a/meta/recipes-connectivity/avahi/files/CVE-2023-38472.patch
+++ /dev/null
@@ -1,46 +0,0 @@ 
-From b024ae5749f4aeba03478e6391687c3c9c8dee40 Mon Sep 17 00:00:00 2001
-From: Michal Sekletar <msekleta@redhat.com>
-Date: Thu, 19 Oct 2023 17:36:44 +0200
-Subject: [PATCH] core: make sure there is rdata to process before parsing it
-
-Fixes #452
-
-CVE-2023-38472
-
-Upstream-Status: Backport [import from ubuntu https://git.launchpad.net/ubuntu/+source/avahi/tree/debian/patches/CVE-2023-38472.patch?h=ubuntu/jammy-security
-Upstream commit https://github.com/lathiat/avahi/commit/b024ae5749f4aeba03478e6391687c3c9c8dee40]
-CVE: CVE-2023-38472
-Signed-off-by: Meenali Gupta <meenali.gupta@windriver.com>
-Signed-off-by: Vijay Anusuri <vanusuri@mvista.com>
----
- avahi-client/client-test.c      | 3 +++
- avahi-daemon/dbus-entry-group.c | 2 +-
- 2 files changed, 4 insertions(+), 1 deletion(-)
-
-Index: avahi-0.8/avahi-client/client-test.c
-===================================================================
---- avahi-0.8.orig/avahi-client/client-test.c
-+++ avahi-0.8/avahi-client/client-test.c
-@@ -272,6 +272,9 @@ int main (AVAHI_GCC_UNUSED int argc, AVA
-     assert(error == AVAHI_ERR_INVALID_RECORD);
-     avahi_string_list_free(txt);
- 
-+    error = avahi_entry_group_add_record (group, AVAHI_IF_UNSPEC, AVAHI_PROTO_UNSPEC, 0, "TestX", 0x01, 0x10, 120, "", 0);
-+    assert(error != AVAHI_OK);
-+
-     avahi_entry_group_commit (group);
- 
-     domain = avahi_domain_browser_new (avahi, AVAHI_IF_UNSPEC, AVAHI_PROTO_UNSPEC, NULL, AVAHI_DOMAIN_BROWSER_BROWSE, 0, avahi_domain_browser_callback, (char*) "omghai3u");
-Index: avahi-0.8/avahi-daemon/dbus-entry-group.c
-===================================================================
---- avahi-0.8.orig/avahi-daemon/dbus-entry-group.c
-+++ avahi-0.8/avahi-daemon/dbus-entry-group.c
-@@ -340,7 +340,7 @@ DBusHandlerResult avahi_dbus_msg_entry_g
-         if (!(r = avahi_record_new_full (name, clazz, type, ttl)))
-             return avahi_dbus_respond_error(c, m, AVAHI_ERR_NO_MEMORY, NULL);
- 
--        if (avahi_rdata_parse (r, rdata, size) < 0) {
-+        if (!rdata || avahi_rdata_parse (r, rdata, size) < 0) {
-             avahi_record_unref (r);
-             return avahi_dbus_respond_error(c, m, AVAHI_ERR_INVALID_RDATA, NULL);
-         }
diff --git a/meta/recipes-connectivity/avahi/files/CVE-2023-38473.patch b/meta/recipes-connectivity/avahi/files/CVE-2023-38473.patch
deleted file mode 100644
index 707acb60fec..00000000000
--- a/meta/recipes-connectivity/avahi/files/CVE-2023-38473.patch
+++ /dev/null
@@ -1,110 +0,0 @@ 
-From 88cbbc48d5efff9726694557ca6c3f698f3affe4 Mon Sep 17 00:00:00 2001
-From: Michal Sekletar <msekleta@redhat.com>
-Date: Wed, 11 Oct 2023 17:45:44 +0200
-Subject: [PATCH] avahi: common: derive alternative host name from its
- unescaped version
-
-Normalization of input makes sure we don't have to deal with special
-cases like unescaped dot at the end of label.
-
-Fixes #451 #487
-
-Upstream-Status: Backport [https://github.com/lathiat/avahi/commit/b448c9f771bada14ae8de175695a9729f8646797]
-CVE: CVE-2023-38473
-
-Signed-off-by: Meenali Gupta <meenali.gupta@windriver.com>
----
- avahi-common/alternative-test.c |  3 +++
- avahi-common/alternative.c      | 27 +++++++++++++++++++--------
- 2 files changed, 22 insertions(+), 8 deletions(-)
-
-diff --git a/avahi-common/alternative-test.c b/avahi-common/alternative-test.c
-index 9255435..681fc15 100644
---- a/avahi-common/alternative-test.c
-+++ b/avahi-common/alternative-test.c
-@@ -31,6 +31,9 @@ int main(AVAHI_GCC_UNUSED int argc, AVAHI_GCC_UNUSED char *argv[]) {
-     const char* const test_strings[] = {
-         "XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX",
-         "XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXüüüüüüü",
-+        ").",
-+        "\\.",
-+        "AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA\\\\",
-         "gurke",
-         "-",
-         " #",
-diff --git a/avahi-common/alternative.c b/avahi-common/alternative.c
-index b3d39f0..a094e6d 100644
---- a/avahi-common/alternative.c
-+++ b/avahi-common/alternative.c
-@@ -49,15 +49,20 @@ static void drop_incomplete_utf8(char *c) {
- }
-
- char *avahi_alternative_host_name(const char *s) {
-+    char label[AVAHI_LABEL_MAX], alternative[AVAHI_LABEL_MAX*4+1];
-+    char *alt, *r, *ret;
-     const char *e;
--    char *r;
-+    size_t len;
-
-     assert(s);
-
-     if (!avahi_is_valid_host_name(s))
-         return NULL;
-
--    if ((e = strrchr(s, '-'))) {
-+    if (!avahi_unescape_label(&s, label, sizeof(label)))
-+        return NULL;
-+
-+    if ((e = strrchr(label, '-'))) {
-         const char *p;
-
-         e++;
-@@ -74,19 +79,18 @@ char *avahi_alternative_host_name(const char *s) {
-
-     if (e) {
-         char *c, *m;
--        size_t l;
-         int n;
-
-         n = atoi(e)+1;
-         if (!(m = avahi_strdup_printf("%i", n)))
-             return NULL;
-
--        l = e-s-1;
-+        len = e-label-1;
-
--        if (l >= AVAHI_LABEL_MAX-1-strlen(m)-1)
--            l = AVAHI_LABEL_MAX-1-strlen(m)-1;
-+        if (len >= AVAHI_LABEL_MAX-1-strlen(m)-1)
-+            len = AVAHI_LABEL_MAX-1-strlen(m)-1;
-
--        if (!(c = avahi_strndup(s, l))) {
-+        if (!(c = avahi_strndup(label, len))) {
-             avahi_free(m);
-             return NULL;
-         }
-@@ -100,7 +104,7 @@ char *avahi_alternative_host_name(const char *s) {
-     } else {
-         char *c;
-
--        if (!(c = avahi_strndup(s, AVAHI_LABEL_MAX-1-2)))
-+        if (!(c = avahi_strndup(label, AVAHI_LABEL_MAX-1-2)))
-             return NULL;
-
-         drop_incomplete_utf8(c);
-@@ -109,6 +113,13 @@ char *avahi_alternative_host_name(const char *s) {
-         avahi_free(c);
-     }
-
-+    alt = alternative;
-+    len = sizeof(alternative);
-+    ret = avahi_escape_label(r, strlen(r), &alt, &len);
-+
-+    avahi_free(r);
-+    r = avahi_strdup(ret);
-+
-     assert(avahi_is_valid_host_name(r));
-
-     return r;
---
-2.40.0
diff --git a/meta/recipes-connectivity/avahi/files/CVE-2024-52615.patch b/meta/recipes-connectivity/avahi/files/CVE-2024-52615.patch
deleted file mode 100644
index 9737f528375..00000000000
--- a/meta/recipes-connectivity/avahi/files/CVE-2024-52615.patch
+++ /dev/null
@@ -1,228 +0,0 @@ 
-From 4e2e1ea0908d7e6ad7f38ae04fdcdf2411f8b942 Mon Sep 17 00:00:00 2001
-From: Michal Sekletar <msekleta@redhat.com>
-Date: Wed, 27 Nov 2024 18:07:32 +0100
-Subject: [PATCH] core/wide-area: fix for CVE-2024-52615
-
-CVE: CVE-2024-52615
-Upstream-Status: Backport [https://github.com/avahi/avahi/commit/4e2e1ea0908d7e6ad7f38ae04fdcdf2411f8b942]
-
-Signed-off-by: Zhang Peng <peng.zhang1.cn@windriver.com>
----
- avahi-core/wide-area.c | 128 ++++++++++++++++++++++-------------------
- 1 file changed, 69 insertions(+), 59 deletions(-)
-
-diff --git a/avahi-core/wide-area.c b/avahi-core/wide-area.c
-index 00a15056e..06df7afc6 100644
---- a/avahi-core/wide-area.c
-+++ b/avahi-core/wide-area.c
-@@ -81,6 +81,10 @@ struct AvahiWideAreaLookup {
- 
-     AvahiAddress dns_server_used;
- 
-+    int fd;
-+    AvahiWatch *watch;
-+    AvahiProtocol proto;
-+
-     AVAHI_LLIST_FIELDS(AvahiWideAreaLookup, lookups);
-     AVAHI_LLIST_FIELDS(AvahiWideAreaLookup, by_key);
- };
-@@ -88,9 +92,6 @@ struct AvahiWideAreaLookup {
- struct AvahiWideAreaLookupEngine {
-     AvahiServer *server;
- 
--    int fd_ipv4, fd_ipv6;
--    AvahiWatch *watch_ipv4, *watch_ipv6;
--
-     /* Cache */
-     AVAHI_LLIST_HEAD(AvahiWideAreaCacheEntry, cache);
-     AvahiHashmap *cache_by_key;
-@@ -125,35 +126,67 @@ static AvahiWideAreaLookup* find_lookup(AvahiWideAreaLookupEngine *e, uint16_t i
-     return l;
- }
- 
-+static void socket_event(AVAHI_GCC_UNUSED AvahiWatch *w, int fd, AVAHI_GCC_UNUSED AvahiWatchEvent events, void *userdata);
-+
- static int send_to_dns_server(AvahiWideAreaLookup *l, AvahiDnsPacket *p) {
-+    AvahiWideAreaLookupEngine *e;
-     AvahiAddress *a;
-+    AvahiServer *s;
-+    AvahiWatch *w;
-+    int r;
- 
-     assert(l);
-     assert(p);
- 
--    if (l->engine->n_dns_servers <= 0)
-+    e = l->engine;
-+    assert(e);
-+
-+    s = e->server;
-+    assert(s);
-+
-+    if (e->n_dns_servers <= 0)
-         return -1;
- 
--    assert(l->engine->current_dns_server < l->engine->n_dns_servers);
-+    assert(e->current_dns_server < e->n_dns_servers);
- 
--    a = &l->engine->dns_servers[l->engine->current_dns_server];
-+    a = &e->dns_servers[e->current_dns_server];
-     l->dns_server_used = *a;
- 
--    if (a->proto == AVAHI_PROTO_INET) {
-+    if (l->fd >= 0) {
-+        /* We are reusing lookup object and sending packet to another server so let's cleanup before we establish connection to new server. */
-+        s->poll_api->watch_free(l->watch);
-+        l->watch = NULL;
- 
--        if (l->engine->fd_ipv4 < 0)
--            return -1;
-+        close(l->fd);
-+        l->fd = -EBADF;
-+    }
- 
--        return avahi_send_dns_packet_ipv4(l->engine->fd_ipv4, AVAHI_IF_UNSPEC, p, NULL, &a->data.ipv4, AVAHI_DNS_PORT);
-+    assert(a->proto == AVAHI_PROTO_INET || a->proto == AVAHI_PROTO_INET6);
- 
--    } else {
--        assert(a->proto == AVAHI_PROTO_INET6);
-+    if (a->proto == AVAHI_PROTO_INET)
-+        r = s->config.use_ipv4 ? avahi_open_unicast_socket_ipv4() : -1;
-+    else
-+        r = s->config.use_ipv6 ? avahi_open_unicast_socket_ipv6() : -1;
- 
--        if (l->engine->fd_ipv6 < 0)
--            return -1;
-+    if (r < 0) {
-+        avahi_log_error(__FILE__ ": Failed to create socket for wide area lookup");
-+        return -1;
-+    }
- 
--        return avahi_send_dns_packet_ipv6(l->engine->fd_ipv6, AVAHI_IF_UNSPEC, p, NULL, &a->data.ipv6, AVAHI_DNS_PORT);
-+    w = s->poll_api->watch_new(s->poll_api, r, AVAHI_WATCH_IN, socket_event, l);
-+    if (!w) {
-+        close(r);
-+        avahi_log_error(__FILE__ ": Failed to create socket watch for wide area lookup");
-+        return -1;
-     }
-+
-+    l->fd = r;
-+    l->watch = w;
-+    l->proto = a->proto;
-+
-+    return a->proto == AVAHI_PROTO_INET ?
-+                avahi_send_dns_packet_ipv4(l->fd, AVAHI_IF_UNSPEC, p, NULL, &a->data.ipv4, AVAHI_DNS_PORT):
-+                avahi_send_dns_packet_ipv6(l->fd, AVAHI_IF_UNSPEC, p, NULL, &a->data.ipv6, AVAHI_DNS_PORT);
- }
- 
- static void next_dns_server(AvahiWideAreaLookupEngine *e) {
-@@ -246,6 +279,9 @@ AvahiWideAreaLookup *avahi_wide_area_lookup_new(
-     l->dead = 0;
-     l->key = avahi_key_ref(key);
-     l->cname_key = avahi_key_new_cname(l->key);
-+    l->fd = -EBADF;
-+    l->watch = NULL;
-+    l->proto = AVAHI_PROTO_UNSPEC;
-     l->callback = callback;
-     l->userdata = userdata;
- 
-@@ -314,6 +350,12 @@ static void lookup_destroy(AvahiWideAreaLookup *l) {
-     if (l->cname_key)
-         avahi_key_unref(l->cname_key);
- 
-+    if (l->watch)
-+            l->engine->server->poll_api->watch_free(l->watch);
-+
-+    if (l->fd >= 0)
-+        close(l->fd);
-+
-     avahi_free(l);
- }
- 
-@@ -572,14 +614,20 @@ static void handle_packet(AvahiWideAreaLookupEngine *e, AvahiDnsPacket *p) {
- }
- 
- static void socket_event(AVAHI_GCC_UNUSED AvahiWatch *w, int fd, AVAHI_GCC_UNUSED AvahiWatchEvent events, void *userdata) {
--    AvahiWideAreaLookupEngine *e = userdata;
-+    AvahiWideAreaLookup *l = userdata;
-+    AvahiWideAreaLookupEngine *e = l->engine;
-     AvahiDnsPacket *p = NULL;
- 
--    if (fd == e->fd_ipv4)
--        p = avahi_recv_dns_packet_ipv4(e->fd_ipv4, NULL, NULL, NULL, NULL, NULL);
-+    assert(l);
-+    assert(e);
-+    assert(l->fd == fd);
-+
-+    if (l->proto == AVAHI_PROTO_INET)
-+        p = avahi_recv_dns_packet_ipv4(l->fd, NULL, NULL, NULL, NULL, NULL);
-     else {
--        assert(fd == e->fd_ipv6);
--        p = avahi_recv_dns_packet_ipv6(e->fd_ipv6, NULL, NULL, NULL, NULL, NULL);
-+        assert(l->proto == AVAHI_PROTO_INET6);
-+
-+        p = avahi_recv_dns_packet_ipv6(l->fd, NULL, NULL, NULL, NULL, NULL);
-     }
- 
-     if (p) {
-@@ -598,32 +646,6 @@ AvahiWideAreaLookupEngine *avahi_wide_area_engine_new(AvahiServer *s) {
-     e->server = s;
-     e->cleanup_dead = 0;
- 
--    /* Create sockets */
--    e->fd_ipv4 = s->config.use_ipv4 ? avahi_open_unicast_socket_ipv4() : -1;
--    e->fd_ipv6 = s->config.use_ipv6 ? avahi_open_unicast_socket_ipv6() : -1;
--
--    if (e->fd_ipv4 < 0 && e->fd_ipv6 < 0) {
--        avahi_log_error(__FILE__": Failed to create wide area sockets: %s", strerror(errno));
--
--        if (e->fd_ipv6 >= 0)
--            close(e->fd_ipv6);
--
--        if (e->fd_ipv4 >= 0)
--            close(e->fd_ipv4);
--
--        avahi_free(e);
--        return NULL;
--    }
--
--    /* Create watches */
--
--    e->watch_ipv4 = e->watch_ipv6 = NULL;
--
--    if (e->fd_ipv4 >= 0)
--        e->watch_ipv4 = s->poll_api->watch_new(e->server->poll_api, e->fd_ipv4, AVAHI_WATCH_IN, socket_event, e);
--    if (e->fd_ipv6 >= 0)
--        e->watch_ipv6 = s->poll_api->watch_new(e->server->poll_api, e->fd_ipv6, AVAHI_WATCH_IN, socket_event, e);
--
-     e->n_dns_servers = e->current_dns_server = 0;
- 
-     /* Initialize cache */
-@@ -651,18 +673,6 @@ void avahi_wide_area_engine_free(AvahiWideAreaLookupEngine *e) {
-     avahi_hashmap_free(e->lookups_by_id);
-     avahi_hashmap_free(e->lookups_by_key);
- 
--    if (e->watch_ipv4)
--        e->server->poll_api->watch_free(e->watch_ipv4);
--
--    if (e->watch_ipv6)
--        e->server->poll_api->watch_free(e->watch_ipv6);
--
--    if (e->fd_ipv6 >= 0)
--        close(e->fd_ipv6);
--
--    if (e->fd_ipv4 >= 0)
--        close(e->fd_ipv4);
--
-     avahi_free(e);
- }
- 
-@@ -680,7 +690,7 @@ void avahi_wide_area_set_servers(AvahiWideAreaLookupEngine *e, const AvahiAddres
- 
-     if (a) {
-         for (e->n_dns_servers = 0; n > 0 && e->n_dns_servers < AVAHI_WIDE_AREA_SERVERS_MAX; a++, n--)
--            if ((a->proto == AVAHI_PROTO_INET && e->fd_ipv4 >= 0) || (a->proto == AVAHI_PROTO_INET6 && e->fd_ipv6 >= 0))
-+            if (a->proto == AVAHI_PROTO_INET || a->proto == AVAHI_PROTO_INET6)
-                 e->dns_servers[e->n_dns_servers++] = *a;
-     } else {
-         assert(n == 0);
diff --git a/meta/recipes-connectivity/avahi/files/CVE-2024-52616.patch b/meta/recipes-connectivity/avahi/files/CVE-2024-52616.patch
deleted file mode 100644
index a156f987280..00000000000
--- a/meta/recipes-connectivity/avahi/files/CVE-2024-52616.patch
+++ /dev/null
@@ -1,104 +0,0 @@ 
-From f8710bdc8b29ee1176fe3bfaeabebbda1b7a79f7 Mon Sep 17 00:00:00 2001
-From: =?UTF-8?q?Petr=20Men=C5=A1=C3=ADk?= <pemensik@redhat.com>
-Date: Mon, 11 Nov 2024 00:56:09 +0100
-Subject: [PATCH] Properly randomize query id of DNS packets
-
-CVE: CVE-2024-52616
-Upstream-Status: Backport [https://github.com/avahi/avahi/commit/f8710bdc8b29ee1176fe3bfaeabebbda1b7a79f7]
-
-Signed-off-by: Zhang Peng <peng.zhang1.cn@windriver.com>
----
- avahi-core/wide-area.c | 36 ++++++++++++++++++++++++++++--------
- configure.ac           |  3 ++-
- 2 files changed, 30 insertions(+), 9 deletions(-)
-
-diff --git a/avahi-core/wide-area.c b/avahi-core/wide-area.c
-index 971f5e714..00a15056e 100644
---- a/avahi-core/wide-area.c
-+++ b/avahi-core/wide-area.c
-@@ -40,6 +40,13 @@
- #include "addr-util.h"
- #include "rr-util.h"
- 
-+#ifdef HAVE_SYS_RANDOM_H
-+#include <sys/random.h>
-+#endif
-+#ifndef HAVE_GETRANDOM
-+#  define getrandom(d, len, flags) (-1)
-+#endif
-+
- #define CACHE_ENTRIES_MAX 500
- 
- typedef struct AvahiWideAreaCacheEntry AvahiWideAreaCacheEntry;
-@@ -84,8 +91,6 @@ struct AvahiWideAreaLookupEngine {
-     int fd_ipv4, fd_ipv6;
-     AvahiWatch *watch_ipv4, *watch_ipv6;
- 
--    uint16_t next_id;
--
-     /* Cache */
-     AVAHI_LLIST_HEAD(AvahiWideAreaCacheEntry, cache);
-     AvahiHashmap *cache_by_key;
-@@ -201,6 +206,26 @@ static void sender_timeout_callback(AvahiTimeEvent *e, void *userdata) {
-     avahi_time_event_update(e, avahi_elapse_time(&tv, 1000, 0));
- }
- 
-+static uint16_t get_random_uint16(void) {
-+    uint16_t next_id;
-+
-+    if (getrandom(&next_id, sizeof(next_id), 0) == -1)
-+        next_id = (uint16_t) rand();
-+    return next_id;
-+}
-+
-+static uint16_t avahi_wide_area_next_id(AvahiWideAreaLookupEngine *e) {
-+    uint16_t next_id;
-+
-+    next_id = get_random_uint16();
-+    while (find_lookup(e, next_id)) {
-+        /* This ID is already used, get new. */
-+        next_id = get_random_uint16();
-+    }
-+    return next_id;
-+}
-+
-+
- AvahiWideAreaLookup *avahi_wide_area_lookup_new(
-     AvahiWideAreaLookupEngine *e,
-     AvahiKey *key,
-@@ -227,11 +252,7 @@ AvahiWideAreaLookup *avahi_wide_area_lookup_new(
-     /* If more than 65K wide area quries are issued simultaneously,
-      * this will break. This should be limited by some higher level */
- 
--    for (;; e->next_id++)
--        if (!find_lookup(e, e->next_id))
--            break; /* This ID is not yet used. */
--
--    l->id = e->next_id++;
-+    l->id = avahi_wide_area_next_id(e);
- 
-     /* We keep the packet around in case we need to repeat our query */
-     l->packet = avahi_dns_packet_new(0);
-@@ -604,7 +625,6 @@ AvahiWideAreaLookupEngine *avahi_wide_area_engine_new(AvahiServer *s) {
-         e->watch_ipv6 = s->poll_api->watch_new(e->server->poll_api, e->fd_ipv6, AVAHI_WATCH_IN, socket_event, e);
- 
-     e->n_dns_servers = e->current_dns_server = 0;
--    e->next_id = (uint16_t) rand();
- 
-     /* Initialize cache */
-     AVAHI_LLIST_HEAD_INIT(AvahiWideAreaCacheEntry, e->cache);
-diff --git a/configure.ac b/configure.ac
-index a3211b80e..31bce3d76 100644
---- a/configure.ac
-+++ b/configure.ac
-@@ -367,7 +367,8 @@ AC_FUNC_SELECT_ARGTYPES
- # whether libc's malloc does too. (Same for realloc.)
- #AC_FUNC_MALLOC
- #AC_FUNC_REALLOC
--AC_CHECK_FUNCS([gethostname memchr memmove memset mkdir select socket strchr strcspn strdup strerror strrchr strspn strstr uname setresuid setreuid setresgid setregid strcasecmp gettimeofday putenv strncasecmp strlcpy gethostbyname seteuid setegid setproctitle getprogname])
-+AC_CHECK_FUNCS([gethostname memchr memmove memset mkdir select socket strchr strcspn strdup strerror strrchr strspn strstr uname setresuid setreuid setresgid setregid strcasecmp gettimeofday putenv strncasecmp strlcpy gethostbyname seteuid setegid setproctitle getprogname getrandom])
-+AC_CHECK_HEADERS([sys/random.h])
- 
- AC_FUNC_CHOWN
- AC_FUNC_STAT
-
diff --git a/meta/recipes-connectivity/avahi/files/CVE-2025-68276.patch b/meta/recipes-connectivity/avahi/files/CVE-2025-68276.patch
deleted file mode 100644
index b3e11f9597f..00000000000
--- a/meta/recipes-connectivity/avahi/files/CVE-2025-68276.patch
+++ /dev/null
@@ -1,68 +0,0 @@ 
-From d5d18ced67e969d6a5052cacdbd7d4b2c97a1a3f Mon Sep 17 00:00:00 2001
-From: Evgeny Vereshchagin <evvers@ya.ru>
-Date: Wed, 17 Dec 2025 08:11:23 +0000
-Subject: [PATCH] core: refuse to create wide-area record browsers when
- wide-area is off
-
-It fixes a bug where it was possible for unprivileged local users to
-crash avahi-daemon (with wide-area disabled) by creating record browsers
-with the AVAHI_LOOKUP_USE_WIDE_AREA flag set via D-Bus (either by calling
-the RecordBrowserNew method directly or by creating hostname/address/service
-resolvers/browsers that create those browsers internally themselves).
-
-```
-$ gdbus call --system --dest org.freedesktop.Avahi --object-path / --method org.freedesktop.Avahi.Server.ResolveHostName -- -1 -1 yo.local -1 1
-Error: GDBus.Error:org.freedesktop.DBus.Error.NoReply: Message recipient disconnected from message bus without replying
-```
-```
-dbus-protocol.c: interface=org.freedesktop.Avahi.Server, path=/, member=ResolveHostName
-avahi-daemon: wide-area.c:725: avahi_wide_area_scan_cache: Assertion `e' failed.
-==307948==
-==307948== Process terminating with default action of signal 6 (SIGABRT)
-==307948==    at 0x4B3630C: __pthread_kill_implementation (pthread_kill.c:44)
-==307948==    by 0x4ADF921: raise (raise.c:26)
-==307948==    by 0x4AC74AB: abort (abort.c:77)
-==307948==    by 0x4AC741F: __assert_fail_base.cold (assert.c:118)
-==307948==    by 0x48D8B85: avahi_wide_area_scan_cache (wide-area.c:725)
-==307948==    by 0x48C8953: lookup_scan_cache (browse.c:351)
-==307948==    by 0x48C8B1B: lookup_go (browse.c:386)
-==307948==    by 0x48C9148: defer_callback (browse.c:516)
-==307948==    by 0x48AEA0E: expiration_event (timeeventq.c:94)
-==307948==    by 0x489D3AE: timeout_callback (simple-watch.c:447)
-==307948==    by 0x489D787: avahi_simple_poll_dispatch (simple-watch.c:563)
-==307948==    by 0x489D91E: avahi_simple_poll_iterate (simple-watch.c:605)
-==307948==
-```
-
-wide-area has been disabled by default since
-9c4214146738146e454f098264690e8e884c39bd (v0.9-rc2).
-
-https://github.com/avahi/avahi/security/advisories/GHSA-mhf3-865v-g5rc
-
-CVE: CVE-2025-68276
-Upstream-Status: Backport [https://github.com/avahi/avahi/pull/806/commits/0c013e2e819be3bda74cecf48b5f64956cf8a760]
-
-Signed-off-by: Adarsh Jagadish Kamini <adarsh.jagadish.kamini@est.tech>
----
- avahi-core/browse.c | 5 +++++
- 1 file changed, 5 insertions(+)
-
-diff --git a/avahi-core/browse.c b/avahi-core/browse.c
-index e8a915e..59d53cb 100644
---- a/avahi-core/browse.c
-+++ b/avahi-core/browse.c
-@@ -541,6 +541,11 @@ AvahiSRecordBrowser *avahi_s_record_browser_prepare(
-     AVAHI_CHECK_VALIDITY_RETURN_NULL(server, AVAHI_FLAGS_VALID(flags, AVAHI_LOOKUP_USE_WIDE_AREA|AVAHI_LOOKUP_USE_MULTICAST), AVAHI_ERR_INVALID_FLAGS);
-     AVAHI_CHECK_VALIDITY_RETURN_NULL(server, !(flags & AVAHI_LOOKUP_USE_WIDE_AREA) || !(flags & AVAHI_LOOKUP_USE_MULTICAST), AVAHI_ERR_INVALID_FLAGS);
- 
-+    if ((flags & AVAHI_LOOKUP_USE_WIDE_AREA) && !server->wide_area_lookup_engine) {
-+        avahi_server_set_errno(server, AVAHI_ERR_NOT_SUPPORTED);
-+        return NULL;
-+    }
-+
-     if (!(b = avahi_new(AvahiSRecordBrowser, 1))) {
-         avahi_server_set_errno(server, AVAHI_ERR_NO_MEMORY);
-         return NULL;
--- 
-2.34.1
-
diff --git a/meta/recipes-connectivity/avahi/files/CVE-2025-68468.patch b/meta/recipes-connectivity/avahi/files/CVE-2025-68468.patch
deleted file mode 100644
index 3635cc8d53e..00000000000
--- a/meta/recipes-connectivity/avahi/files/CVE-2025-68468.patch
+++ /dev/null
@@ -1,32 +0,0 @@ 
-From 483f83828cfda965fac914ff1b39c63c256372b2 Mon Sep 17 00:00:00 2001
-From: Hugo Muis <198191869+friendlyhugo@users.noreply.github.com>
-Date: Sun, 2 Mar 2025 18:06:24 +0100
-Subject: [PATCH] core: fix DoS bug by removing incorrect assertion
-
-Closes https://github.com/avahi/avahi/issues/683
-
-CVE: CVE-2025-68468
-
-Upstream-Status: Backport
-[https://github.com/avahi/avahi/commit/f66be13d7f31a3ef806d226bf8b67240179d309a]
-
-Signed-off-by: Amaury Couderc <amaury.couderc@est.tech>
----
- avahi-core/browse.c | 1 -
- 1 file changed, 1 deletion(-)
-
-diff --git a/avahi-core/browse.c b/avahi-core/browse.c
-index 86e4432..79595fe 100644
---- a/avahi-core/browse.c
-+++ b/avahi-core/browse.c
-@@ -295,7 +295,6 @@ static void lookup_multicast_callback(
-                 lookup_drop_cname(l, interface, protocol, 0, r);
-             else {
-                 /* It's a normal record, so let's call the user callback */
--                assert(avahi_key_equal(b->key, l->key));
- 
-                 b->callback(b, interface, protocol, event, r, flags, b->userdata);
-             }
--- 
-2.43.0
-
diff --git a/meta/recipes-connectivity/avahi/files/CVE-2025-68471.patch b/meta/recipes-connectivity/avahi/files/CVE-2025-68471.patch
deleted file mode 100644
index 210565cdd61..00000000000
--- a/meta/recipes-connectivity/avahi/files/CVE-2025-68471.patch
+++ /dev/null
@@ -1,36 +0,0 @@ 
-From 4e84c1d6eb2f54d1643bd7ce62817c722ca36d25 Mon Sep 17 00:00:00 2001
-From: Hugo Muis <198191869+friendlyhugo@users.noreply.github.com>
-Date: Sun, 2 Mar 2025 18:06:24 +0100
-Subject: [PATCH] core: fix DoS bug by changing assert to return
-
-Closes https://github.com/avahi/avahi/issues/678
-
-CVE: CVE-2025-68471
-
-Upstream-Status: Backport
-[https://github.com/avahi/avahi/commit/9c6eb53bf2e290aed84b1f207e3ce35c54cc0aa1]
-
-Signed-off-by: Amaury Couderc <amaury.couderc@est.tech>
----
- avahi-core/browse.c | 5 ++++-
- 1 file changed, 4 insertions(+), 1 deletion(-)
-
-diff --git a/avahi-core/browse.c b/avahi-core/browse.c
-index 2941e57..86e4432 100644
---- a/avahi-core/browse.c
-+++ b/avahi-core/browse.c
-@@ -320,7 +320,10 @@ static int lookup_start(AvahiSRBLookup *l) {
-     assert(l);
- 
-     assert(!(l->flags & AVAHI_LOOKUP_USE_WIDE_AREA) != !(l->flags & AVAHI_LOOKUP_USE_MULTICAST));
--    assert(!l->wide_area && !l->multicast);
-+    if (l->wide_area || l->multicast) {
-+        /* Avoid starting a duplicate lookup */
-+        return 0;
-+    }
- 
-     if (l->flags & AVAHI_LOOKUP_USE_WIDE_AREA) {
- 
--- 
-2.43.0
-
diff --git a/meta/recipes-connectivity/avahi/files/CVE-2026-24401.patch b/meta/recipes-connectivity/avahi/files/CVE-2026-24401.patch
deleted file mode 100644
index 1a442966fc9..00000000000
--- a/meta/recipes-connectivity/avahi/files/CVE-2026-24401.patch
+++ /dev/null
@@ -1,74 +0,0 @@ 
-From 5eea2640324928c15936b7a2bcbf8ea0de7b08f7 Mon Sep 17 00:00:00 2001
-From: Hugo Muis <198191869+friendlyhugo@users.noreply.github.com>
-Date: Sun, 2 Mar 2025 18:06:24 +0100
-Subject: [PATCH] core: fix uncontrolled recursion bug using a simple loop
- detection algorithm
-
-Closes https://github.com/avahi/avahi/issues/501
-
-CVE: CVE-2026-24401
-Upstream-Status: Backport [https://github.com/avahi/avahi/commit/78eab31128479f06e30beb8c1cbf99dd921e2524]
-(cherry picked from commit 78eab31128479f06e30beb8c1cbf99dd921e2524)
-Signed-off-by: Ankur Tyagi <ankur.tyagi85@gmail.com>
----
- avahi-core/browse.c | 40 ++++++++++++++++++++++++++++++++++++++++
- 1 file changed, 40 insertions(+)
-
-diff --git a/avahi-core/browse.c b/avahi-core/browse.c
-index f461083..975b3e9 100644
---- a/avahi-core/browse.c
-+++ b/avahi-core/browse.c
-@@ -401,6 +401,40 @@ static int lookup_go(AvahiSRBLookup *l) {
-     return n;
- }
- 
-+static int lookup_exists_in_path(AvahiSRBLookup* lookup, AvahiSRBLookup* from, AvahiSRBLookup* to) {
-+    AvahiRList* rl;
-+    if (from == to)
-+        return 0;
-+    for (rl = from->cname_lookups; rl; rl = rl->rlist_next) {
-+        int r = lookup_exists_in_path(lookup, rl->data, to);
-+        if (r == 1) {
-+            /* loop detected, propagate result */
-+            return r;
-+        } else if (r == 0) {
-+            /* is loop detected? */
-+            return lookup == from;
-+        } else {
-+	        /* `to` not found, continue */
-+            continue;
-+        }
-+    }
-+    /* no path found */
-+    return -1;
-+}
-+
-+static int cname_would_create_loop(AvahiSRBLookup* l, AvahiSRBLookup* n) {
-+    int ret;
-+    if (l == n)
-+        /* Loop to self */
-+        return 1;
-+
-+    ret = lookup_exists_in_path(n, l->record_browser->root_lookup, l);
-+
-+    /* Path to n always exists */
-+    assert(ret != -1);
-+    return ret;
-+}
-+
- static void lookup_handle_cname(AvahiSRBLookup *l, AvahiIfIndex interface, AvahiProtocol protocol, AvahiLookupFlags flags, AvahiRecord *r) {
-     AvahiKey *k;
-     AvahiSRBLookup *n;
-@@ -420,6 +454,12 @@ static void lookup_handle_cname(AvahiSRBLookup *l, AvahiIfIndex interface, Avahi
-         return;
-     }
- 
-+    if (cname_would_create_loop(l, n)) {
-+        /* CNAME loops are not allowed */
-+        lookup_unref(n);
-+        return;
-+    }
-+
-     l->cname_lookups = avahi_rlist_prepend(l->cname_lookups, lookup_ref(n));
- 
-     lookup_go(n);
diff --git a/meta/recipes-connectivity/avahi/files/CVE-2026-34933-1.patch b/meta/recipes-connectivity/avahi/files/CVE-2026-34933-1.patch
deleted file mode 100644
index 208345a3258..00000000000
--- a/meta/recipes-connectivity/avahi/files/CVE-2026-34933-1.patch
+++ /dev/null
@@ -1,108 +0,0 @@ 
-From 0be89b6bb5c3983837b5e0febcbbbf452ecf7675 Mon Sep 17 00:00:00 2001
-From: Evgeny Vereshchagin <evvers@ya.ru>
-Date: Wed, 1 Apr 2026 05:31:58 +0000
-Subject: [PATCH] core: refuse to accept publish flags where both wide_area and
- multicast are set
-
-It fixes a bug where it was possible for unprivileged local users to
-crash avahi-daemon via D-Bus by calling EntryGroup methods accepting
-flags and passing both AVAHI_PUBLISH_USE_WIDE_AREA and
-AVAHI_PUBLISH_USE_MULTICAST there. For example when AddRecord was
-invoked like that avahi-daemon crashed with
-```
-dbus-entry-group.c: interface=org.freedesktop.Avahi.EntryGroup, path=/Client0/EntryGroup1, member=AddRecord
-avahi-daemon: entry.c:57: transport_flags_from_domain: Assertion `!((*flags & AVAHI_PUBLISH_USE_MULTICAST) && (*flags & AVAHI_PUBLISH_USE_WIDE_AREA))' failed.
-==84944==
-==84944== Process terminating with default action of signal 6 (SIGABRT)
-==84944==    at 0x4B353BC: __pthread_kill_implementation (pthread_kill.c:44)
-==84944==    by 0x4ADE941: raise (raise.c:26)
-==84944==    by 0x4AC64AB: abort (abort.c:77)
-==84944==    by 0x4AC641F: __assert_fail_base.cold (assert.c:118)
-==84944==    by 0x48A9404: transport_flags_from_domain (entry.c:57)
-==84944==    by 0x48A9F8F: server_add_internal (entry.c:224)
-==84944==    by 0x48AA49F: avahi_server_add (entry.c:324)
-==84944==    by 0x401A670: avahi_dbus_msg_entry_group_impl (dbus-entry-group.c:348)
-==84944==    by 0x4A70741: ??? (in /usr/lib/x86_64-linux-gnu/libdbus-1.so.3.38.3)
-==84944==    by 0x4A5FB22: dbus_connection_dispatch (in /usr/lib/x86_64-linux-gnu/libdbus-1.so.3.38.3)
-==84944==    by 0x401D01D: dispatch_timeout_callback (dbus-watch-glue.c:105)
-==84944==    by 0x488E3AE: timeout_callback (simple-watch.c:447)
-==84944==
-```
-It's a follow-up to fbce111b069aa1e4c701ed37ee1d9f6d6cefaac5 where
-those flags were introduced and consistent with the other places
-where wide_area/multicast flags are used.
-
-It was discovered by
-Guillaume Meunier - Head of Vulnerability Operations Center France - Orange Cyberdefense
-
-https://github.com/avahi/avahi/security/advisories/GHSA-w65r-6gxh-vhvc
-
-CVE-2026-34933
-
-Upstream-Status: Backport [https://github.com/avahi/avahi/commit/0be89b6bb5c3983837b5e0febcbbbf452ecf7675]
-CVE: CVE-2026-34933
-Signed-off-by: Vijay Anusuri <vanusuri@mvista.com>
----
- avahi-core/entry.c | 7 +++++++
- 1 file changed, 7 insertions(+)
-
-diff --git a/avahi-core/entry.c b/avahi-core/entry.c
-index 0d862133d..06eb12076 100644
---- a/avahi-core/entry.c
-+++ b/avahi-core/entry.c
-@@ -207,6 +207,7 @@ static AvahiEntry * server_add_internal(
-                                          AVAHI_PUBLISH_UPDATE|
-                                          AVAHI_PUBLISH_USE_WIDE_AREA|
-                                          AVAHI_PUBLISH_USE_MULTICAST), AVAHI_ERR_INVALID_FLAGS);
-+    AVAHI_CHECK_VALIDITY_RETURN_NULL(s, !(flags & AVAHI_PUBLISH_USE_WIDE_AREA) || !(flags & AVAHI_PUBLISH_USE_MULTICAST), AVAHI_ERR_INVALID_FLAGS);
-     AVAHI_CHECK_VALIDITY_RETURN_NULL(s, avahi_is_valid_domain_name(r->key->name), AVAHI_ERR_INVALID_HOST_NAME);
-     AVAHI_CHECK_VALIDITY_RETURN_NULL(s, r->ttl != 0, AVAHI_ERR_INVALID_TTL);
-     AVAHI_CHECK_VALIDITY_RETURN_NULL(s, !avahi_key_is_pattern(r->key), AVAHI_ERR_IS_PATTERN);
-@@ -454,6 +455,7 @@ int avahi_server_add_address(
-                                               AVAHI_PUBLISH_UPDATE|
-                                               AVAHI_PUBLISH_USE_WIDE_AREA|
-                                               AVAHI_PUBLISH_USE_MULTICAST), AVAHI_ERR_INVALID_FLAGS);
-+    AVAHI_CHECK_VALIDITY(s, !(flags & AVAHI_PUBLISH_USE_WIDE_AREA) || !(flags & AVAHI_PUBLISH_USE_MULTICAST), AVAHI_ERR_INVALID_FLAGS);
-     AVAHI_CHECK_VALIDITY(s, !name || avahi_is_valid_fqdn(name), AVAHI_ERR_INVALID_HOST_NAME);
- 
-     /* Prepare the host naem */
-@@ -595,6 +597,7 @@ static int server_add_service_strlst_nocopy(
-                                                                 AVAHI_PUBLISH_UPDATE|
-                                                                 AVAHI_PUBLISH_USE_WIDE_AREA|
-                                                                 AVAHI_PUBLISH_USE_MULTICAST), AVAHI_ERR_INVALID_FLAGS);
-+    AVAHI_CHECK_VALIDITY_SET_RET_GOTO_FAIL(s, !(flags & AVAHI_PUBLISH_USE_WIDE_AREA) || !(flags & AVAHI_PUBLISH_USE_MULTICAST), AVAHI_ERR_INVALID_FLAGS);
-     AVAHI_CHECK_VALIDITY_SET_RET_GOTO_FAIL(s, avahi_is_valid_service_name(name), AVAHI_ERR_INVALID_SERVICE_NAME);
-     AVAHI_CHECK_VALIDITY_SET_RET_GOTO_FAIL(s, avahi_is_valid_service_type_strict(type), AVAHI_ERR_INVALID_SERVICE_TYPE);
-     AVAHI_CHECK_VALIDITY_SET_RET_GOTO_FAIL(s, !domain || avahi_is_valid_domain_name(domain), AVAHI_ERR_INVALID_DOMAIN_NAME);
-@@ -754,6 +757,7 @@ static int server_update_service_txt_strlst_nocopy(
-                                                                 AVAHI_PUBLISH_NO_COOKIE|
-                                                                 AVAHI_PUBLISH_USE_WIDE_AREA|
-                                                                 AVAHI_PUBLISH_USE_MULTICAST), AVAHI_ERR_INVALID_FLAGS);
-+    AVAHI_CHECK_VALIDITY_SET_RET_GOTO_FAIL(s, !(flags & AVAHI_PUBLISH_USE_WIDE_AREA) || !(flags & AVAHI_PUBLISH_USE_MULTICAST), AVAHI_ERR_INVALID_FLAGS);
-     AVAHI_CHECK_VALIDITY_SET_RET_GOTO_FAIL(s, avahi_is_valid_service_name(name), AVAHI_ERR_INVALID_SERVICE_NAME);
-     AVAHI_CHECK_VALIDITY_SET_RET_GOTO_FAIL(s, avahi_is_valid_service_type_strict(type), AVAHI_ERR_INVALID_SERVICE_TYPE);
-     AVAHI_CHECK_VALIDITY_SET_RET_GOTO_FAIL(s, !domain || avahi_is_valid_domain_name(domain), AVAHI_ERR_INVALID_DOMAIN_NAME);
-@@ -843,6 +847,7 @@ int avahi_server_add_service_subtype(
-     AVAHI_CHECK_VALIDITY_SET_RET_GOTO_FAIL(s, AVAHI_IF_VALID(interface), AVAHI_ERR_INVALID_INTERFACE);
-     AVAHI_CHECK_VALIDITY_SET_RET_GOTO_FAIL(s, AVAHI_PROTO_VALID(protocol), AVAHI_ERR_INVALID_PROTOCOL);
-     AVAHI_CHECK_VALIDITY_SET_RET_GOTO_FAIL(s, AVAHI_FLAGS_VALID(flags, AVAHI_PUBLISH_USE_MULTICAST|AVAHI_PUBLISH_USE_WIDE_AREA), AVAHI_ERR_INVALID_FLAGS);
-+    AVAHI_CHECK_VALIDITY_SET_RET_GOTO_FAIL(s, !(flags & AVAHI_PUBLISH_USE_WIDE_AREA) || !(flags & AVAHI_PUBLISH_USE_MULTICAST), AVAHI_ERR_INVALID_FLAGS);
-     AVAHI_CHECK_VALIDITY_SET_RET_GOTO_FAIL(s, avahi_is_valid_service_name(name), AVAHI_ERR_INVALID_SERVICE_NAME);
-     AVAHI_CHECK_VALIDITY_SET_RET_GOTO_FAIL(s, avahi_is_valid_service_type_strict(type), AVAHI_ERR_INVALID_SERVICE_TYPE);
-     AVAHI_CHECK_VALIDITY_SET_RET_GOTO_FAIL(s, !domain || avahi_is_valid_domain_name(domain), AVAHI_ERR_INVALID_DOMAIN_NAME);
-@@ -910,6 +915,7 @@ static AvahiEntry *server_add_dns_server_name(
-     assert(name);
- 
-     AVAHI_CHECK_VALIDITY_RETURN_NULL(s, AVAHI_FLAGS_VALID(flags, AVAHI_PUBLISH_USE_WIDE_AREA|AVAHI_PUBLISH_USE_MULTICAST), AVAHI_ERR_INVALID_FLAGS);
-+    AVAHI_CHECK_VALIDITY_RETURN_NULL(s, !(flags & AVAHI_PUBLISH_USE_WIDE_AREA) || !(flags & AVAHI_PUBLISH_USE_MULTICAST), AVAHI_ERR_INVALID_FLAGS);
-     AVAHI_CHECK_VALIDITY_RETURN_NULL(s, type == AVAHI_DNS_SERVER_UPDATE || type == AVAHI_DNS_SERVER_RESOLVE, AVAHI_ERR_INVALID_FLAGS);
-     AVAHI_CHECK_VALIDITY_RETURN_NULL(s, port != 0, AVAHI_ERR_INVALID_PORT);
-     AVAHI_CHECK_VALIDITY_RETURN_NULL(s, avahi_is_valid_fqdn(name), AVAHI_ERR_INVALID_HOST_NAME);
-@@ -967,6 +973,7 @@ int avahi_server_add_dns_server_address(
-     AVAHI_CHECK_VALIDITY(s, AVAHI_IF_VALID(interface), AVAHI_ERR_INVALID_INTERFACE);
-     AVAHI_CHECK_VALIDITY(s, AVAHI_PROTO_VALID(protocol) && AVAHI_PROTO_VALID(address->proto), AVAHI_ERR_INVALID_PROTOCOL);
-     AVAHI_CHECK_VALIDITY(s, AVAHI_FLAGS_VALID(flags, AVAHI_PUBLISH_USE_MULTICAST|AVAHI_PUBLISH_USE_WIDE_AREA), AVAHI_ERR_INVALID_FLAGS);
-+    AVAHI_CHECK_VALIDITY(s, !(flags & AVAHI_PUBLISH_USE_WIDE_AREA) || !(flags & AVAHI_PUBLISH_USE_MULTICAST), AVAHI_ERR_INVALID_FLAGS);
-     AVAHI_CHECK_VALIDITY(s, type == AVAHI_DNS_SERVER_UPDATE || type == AVAHI_DNS_SERVER_RESOLVE, AVAHI_ERR_INVALID_FLAGS);
-     AVAHI_CHECK_VALIDITY(s, port != 0, AVAHI_ERR_INVALID_PORT);
-     AVAHI_CHECK_VALIDITY(s, !domain || avahi_is_valid_domain_name(domain), AVAHI_ERR_INVALID_DOMAIN_NAME);
diff --git a/meta/recipes-connectivity/avahi/files/CVE-2026-34933-2.patch b/meta/recipes-connectivity/avahi/files/CVE-2026-34933-2.patch
deleted file mode 100644
index 479d0d7e932..00000000000
--- a/meta/recipes-connectivity/avahi/files/CVE-2026-34933-2.patch
+++ /dev/null
@@ -1,96 +0,0 @@ 
-From a93fdd980d2db5d453475c0aa2b39946bd6611bd Mon Sep 17 00:00:00 2001
-From: Evgeny Vereshchagin <evvers@ya.ru>
-Date: Wed, 1 Apr 2026 05:30:58 +0000
-Subject: [PATCH] tests: make sure AVAHI_PUBLISH_USE_WIDE_AREA is refused
-
-Upstream-Status: Backport [https://github.com/avahi/avahi/commit/a93fdd980d2db5d453475c0aa2b39946bd6611bd]
-CVE: CVE-2026-34933
-Signed-off-by: Vijay Anusuri <vanusuri@mvista.com>
----
- avahi-client/client-test.c | 25 +++++++++++++++++++++++++
- avahi-core/avahi-test.c    | 12 +++++++++++-
- 2 files changed, 36 insertions(+), 1 deletion(-)
-
-diff --git a/avahi-client/client-test.c b/avahi-client/client-test.c
-index 9a015d7..c80e12f 100644
---- a/avahi-client/client-test.c
-+++ b/avahi-client/client-test.c
-@@ -212,6 +212,28 @@ static void terminate(AVAHI_GCC_UNUSED AvahiTimeout *timeout, AVAHI_GCC_UNUSED v
-     avahi_simple_poll_quit(simple_poll);
- }
- 
-+static void test_refuse_publish_flags(AvahiEntryGroup *g, AvahiPublishFlags flags, int expected) {
-+    AvahiAddress a;
-+    AvahiStringList *l = NULL;
-+    int r;
-+
-+    r = avahi_entry_group_add_record(g, AVAHI_IF_UNSPEC, AVAHI_PROTO_UNSPEC, flags, "test.local", AVAHI_DNS_CLASS_IN, AVAHI_DNS_TYPE_CNAME, 120, "\0", 1);
-+    assert(r == expected);
-+
-+    avahi_address_parse("224.0.0.251", AVAHI_PROTO_UNSPEC, &a);
-+    r = avahi_entry_group_add_address(g, AVAHI_IF_UNSPEC, AVAHI_PROTO_UNSPEC, flags, "test.local", &a);
-+    assert(r == expected);
-+
-+    r = avahi_entry_group_add_service_strlst(g, AVAHI_IF_UNSPEC, AVAHI_PROTO_UNSPEC, flags, "test", "_http._tcp", NULL, NULL, 80, l);
-+    assert(r == expected);
-+
-+    r = avahi_entry_group_update_service_txt_strlst(g, AVAHI_IF_UNSPEC, AVAHI_PROTO_UNSPEC, flags, "test", "_http._tcp", NULL, l);
-+    assert(r == expected);
-+
-+    r = avahi_entry_group_add_service_subtype(g, AVAHI_IF_UNSPEC, AVAHI_PROTO_UNSPEC, flags, "test", "_http._tcp", NULL, "_magic._sub._http._tcp");
-+    assert(r == expected);
-+}
-+
- int main (AVAHI_GCC_UNUSED int argc, AVAHI_GCC_UNUSED char *argv[]) {
-     AvahiClient *avahi;
-     AvahiEntryGroup *group, *group2;
-@@ -275,6 +297,9 @@ int main (AVAHI_GCC_UNUSED int argc, AVAHI_GCC_UNUSED char *argv[]) {
-     error = avahi_entry_group_add_record (group, AVAHI_IF_UNSPEC, AVAHI_PROTO_UNSPEC, 0, "TestX", 0x01, 0x10, 120, "", 0);
-     assert(error != AVAHI_OK);
- 
-+    test_refuse_publish_flags(group, AVAHI_PUBLISH_USE_WIDE_AREA, AVAHI_ERR_NOT_SUPPORTED);
-+    test_refuse_publish_flags(group, AVAHI_PUBLISH_USE_WIDE_AREA|AVAHI_PUBLISH_USE_MULTICAST, AVAHI_ERR_INVALID_FLAGS);
-+
-     avahi_entry_group_commit (group);
- 
-     domain = avahi_domain_browser_new (avahi, AVAHI_IF_UNSPEC, AVAHI_PROTO_UNSPEC, NULL, AVAHI_DOMAIN_BROWSER_BROWSE, 0, avahi_domain_browser_callback, (char*) "omghai3u");
-diff --git a/avahi-core/avahi-test.c b/avahi-core/avahi-test.c
-index 2a7872b..2bae82b 100644
---- a/avahi-core/avahi-test.c
-+++ b/avahi-core/avahi-test.c
-@@ -30,6 +30,7 @@
- #include <netinet/in.h>
- #include <arpa/inet.h>
- 
-+#include <avahi-common/error.h>
- #include <avahi-common/malloc.h>
- #include <avahi-common/simple-watch.h>
- #include <avahi-common/alternative.h>
-@@ -150,6 +151,7 @@ static void remove_entries(void) {
- static void create_entries(int new_name) {
-     AvahiAddress a;
-     AvahiRecord *r;
-+    int error;
- 
-     remove_entries();
- 
-@@ -181,7 +183,15 @@ static void create_entries(int new_name) {
-         goto fail;
-     }
- 
--    if (avahi_server_add_dns_server_address(server, group, AVAHI_IF_UNSPEC, AVAHI_PROTO_UNSPEC, 0, NULL, AVAHI_DNS_SERVER_RESOLVE, avahi_address_parse("192.168.50.1", AVAHI_PROTO_UNSPEC, &a), 53) < 0) {
-+    avahi_address_parse("192.168.50.1", AVAHI_PROTO_UNSPEC, &a);
-+
-+    error = avahi_server_add_dns_server_address(server, group, AVAHI_IF_UNSPEC, AVAHI_PROTO_UNSPEC, AVAHI_PUBLISH_USE_WIDE_AREA, NULL, AVAHI_DNS_SERVER_RESOLVE, &a, 53);
-+    assert(error == AVAHI_ERR_NOT_SUPPORTED);
-+
-+    error = avahi_server_add_dns_server_address(server, group, AVAHI_IF_UNSPEC, AVAHI_PROTO_UNSPEC, AVAHI_PUBLISH_USE_WIDE_AREA|AVAHI_PUBLISH_USE_MULTICAST, NULL, AVAHI_DNS_SERVER_RESOLVE, &a, 53);
-+    assert(error == AVAHI_ERR_INVALID_FLAGS);
-+
-+    if (avahi_server_add_dns_server_address(server, group, AVAHI_IF_UNSPEC, AVAHI_PROTO_UNSPEC, 0, NULL, AVAHI_DNS_SERVER_RESOLVE, &a, 53) < 0) {
-         avahi_log_error("Failed to add new DNS Server address");
-         goto fail;
-     }
--- 
-2.43.0
-
diff --git a/meta/recipes-connectivity/avahi/files/avahi-daemon.in b/meta/recipes-connectivity/avahi/files/avahi-daemon.in
new file mode 100644
index 00000000000..49ec3586896
--- /dev/null
+++ b/meta/recipes-connectivity/avahi/files/avahi-daemon.in
@@ -0,0 +1,198 @@ 
+#!/bin/sh
+### BEGIN INIT INFO
+# Provides:          avahi
+# Required-Start:    $remote_fs dbus
+# Required-Stop:     $remote_fs dbus
+# Should-Start:	     $syslog
+# Should-Stop:       $syslog
+# Default-Start:     2 3 4 5
+# Default-Stop:      0 1 6
+# Short-Description: Avahi mDNS/DNS-SD Daemon
+# Description:       Zeroconf daemon for configuring your network 
+#                    automatically
+### END INIT INFO
+#
+# This file is part of avahi.
+#
+# avahi is free software; you can redistribute it and/or modify it
+# under the terms of the GNU Lesser General Public License as
+# published by the Free Software Foundation; either version 2 of the
+# License, or (at your option) any later version.
+#
+# avahi is distributed in the hope that it will be useful, but WITHOUT
+# ANY WARRANTY; without even the implied warranty of MERCHANTABILITY
+# or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public
+# License for more details.
+#
+# You should have received a copy of the GNU Lesser General Public
+# License along with avahi; if not, write to the Free Software
+# Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307
+# USA.
+
+#
+# avahi     avahi daemon
+#                               Daemon for ZeroConf
+#
+# Authors:      <sebastien.estienne@gmail.com>
+#
+
+if [ -f /lib/lsb/init-functions ]
+then
+    . /lib/lsb/init-functions
+else
+    # int log_begin_message (char *message)
+    log_begin_msg () {
+        if [ -z "$1" ]; then
+	    return 1
+        fi
+        echo " * $@"
+    }
+
+    # int log_end_message (int exitstatus)
+    log_end_msg () {
+	
+    # If no arguments were passed, return
+	[ -z "$1" ] && return 1
+	
+    # Only do the fancy stuff if we have an appropriate terminal
+    # and if /usr is already mounted
+	TPUT=/usr/bin/tput
+	EXPR=/usr/bin/expr
+	if [ -x $TPUT ] && [ -x $EXPR ] && $TPUT hpa 60 >/dev/null 2>&1; then
+	    COLS=`$TPUT cols`
+	    if [ -n "$COLS" ]; then
+		COL=`$EXPR $COLS - 7`
+	    else
+		COL=73
+	    fi
+	    UP=`$TPUT cuu1`
+	    END=`$TPUT hpa $COL`
+	    START=`$TPUT hpa 0`
+	    RED=`$TPUT setaf 1`
+	    NORMAL=`$TPUT op`
+	    if [ $1 -eq 0 ]; then
+		echo "$UP$END[ ok ]"
+	    else
+		echo -e "$UP$START $RED*$NORMAL$END[${RED}fail${NORMAL}]"
+	    fi
+	else
+	    if [ $1 -eq 0 ]; then
+		echo "   ...done."
+	    else
+		echo "   ...fail!"
+	    fi
+	fi
+	return $1
+    }
+    
+    log_warning_msg () {
+	if log_use_fancy_output; then
+	    YELLOW=`$TPUT setaf 3`
+	    NORMAL=`$TPUT op`
+	    echo "$YELLOW*$NORMAL $@"
+	else
+	    echo "$@"
+	fi
+    }
+
+fi
+
+#set -e
+
+PATH=/sbin:/bin:/usr/sbin:/usr/bin
+DESC="Avahi mDNS/DNS-SD Daemon"
+NAME="avahi-daemon"
+DAEMON="@sbindir@/$NAME"
+SCRIPTNAME=/etc/init.d/$NAME
+
+# Gracefully exit if the package has been removed.
+test -x $DAEMON || exit 0
+
+# don't start if /etc/default/avahi-daemon says so.
+AVAHI_DAEMON_START=1
+test -f /etc/default/avahi-daemon && . /etc/default/avahi-daemon
+
+if [ "$AVAHI_DAEMON_START" != "1" -a "$1" != "stop" ]; then
+    log_warning_msg "Not starting $DESC $NAME, disabled via /etc/default/$NAME"
+    exit 0
+fi
+
+#
+#       Function that starts the daemon/service.
+#
+d_start() {
+    modprobe capability >/dev/null 2>&1 || true
+
+    $DAEMON -c && return 0
+
+    if [ -s /etc/localtime ]; then
+	if [ ! -d /etc/avahi/etc ]; then
+	    mkdir -p @sysconfdir@/avahi/etc >/dev/null 2>&1
+	fi
+	cp -fp /etc/localtime @sysconfdir@/avahi/etc >/dev/null 2>&1
+    fi;
+    
+    $DAEMON -D
+}
+
+#
+#       Function that stops the daemon/service.
+#
+d_stop() {
+    $DAEMON -c && $DAEMON -k
+}
+
+#
+#       Function that reload the config file for the daemon/service.
+#
+d_reload() {
+    $DAEMON -c && $DAEMON -r
+}
+
+#
+#       Function that check the status of the daemon/service.
+#
+d_status() {
+    $DAEMON -c
+    status=$?
+    if [ $status = 0 ]; then
+        echo "$DESC is running"
+        return 0
+    else
+        echo "$DESC is not running"
+        return 3
+    fi
+}
+
+case "$1" in
+    start)
+        log_begin_msg "Starting $DESC: $NAME"
+        d_start
+        log_end_msg $?
+        ;;
+    stop)
+        log_begin_msg "Stopping $DESC: $NAME"
+        d_stop
+        log_end_msg $?
+        ;;
+    reload)
+        log_begin_msg "Reloading services for $DESC: $NAME"
+        d_reload
+        log_end_msg $?
+        ;;
+    restart|force-reload)
+        log_begin_msg "Restarting $DESC: $NAME"
+        $DAEMON -c && d_stop
+        d_start
+        log_end_msg $?
+        ;;
+    status)
+        d_status
+	;;
+    *)
+        echo "Usage: $SCRIPTNAME {start|stop|restart|force-reload|reload|status}" >&2
+        exit 1
+        ;;
+esac
+
+exit $?
diff --git a/meta/recipes-connectivity/avahi/files/avahi-dnsconfd.in b/meta/recipes-connectivity/avahi/files/avahi-dnsconfd.in
new file mode 100644
index 00000000000..2529a75bda5
--- /dev/null
+++ b/meta/recipes-connectivity/avahi/files/avahi-dnsconfd.in
@@ -0,0 +1,197 @@ 
+#!/bin/sh
+### BEGIN INIT INFO
+# Provides:          avahi-dnsconfd
+# Required-Start:    $remote_fs avahi
+# Required-Stop:     $remote_fs avahi
+# Should-Start:	     $syslog
+# Should-Stop:       $syslog
+# Default-Start:     2 3 4 5
+# Default-Stop:      0 1 6
+# Short-Description: Avahi mDNS/DNS-SD DNS configuration
+# Description:       Zeroconf daemon for configuring your network 
+#                    automatically
+### END INIT INFO
+#
+#
+# This file is part of avahi.
+#
+# avahi is free software; you can redistribute it and/or modify it
+# under the terms of the GNU Lesser General Public License as
+# published by the Free Software Foundation; either version 2 of the
+# License, or (at your option) any later version.
+#
+# avahi is distributed in the hope that it will be useful, but WITHOUT
+# ANY WARRANTY; without even the implied warranty of MERCHANTABILITY
+# or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public
+# License for more details.
+#
+# You should have received a copy of the GNU Lesser General Public
+# License along with avahi; if not, write to the Free Software
+# Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307
+# USA.
+
+#
+# avahi-dnsconfd     avahi dns configuration daemon
+#                               Daemon for ZeroConf
+#
+# Authors:      <sebastien.estienne@gmail.com>
+#
+
+if [ -f /lib/lsb/init-functions ]
+then
+    . /lib/lsb/init-functions
+else
+    # int log_begin_message (char *message)
+    log_begin_msg () {
+        if [ -z "$1" ]; then
+	    return 1
+        fi
+        echo " * $@"
+    }
+
+    # int log_end_message (int exitstatus)
+    log_end_msg () {
+	
+    # If no arguments were passed, return
+	[ -z "$1" ] && return 1
+	
+    # Only do the fancy stuff if we have an appropriate terminal
+    # and if /usr is already mounted
+	TPUT=/usr/bin/tput
+	EXPR=/usr/bin/expr
+	if [ -x $TPUT ] && [ -x $EXPR ] && $TPUT hpa 60 >/dev/null 2>&1; then
+	    COLS=`$TPUT cols`
+	    if [ -n "$COLS" ]; then
+		COL=`$EXPR $COLS - 7`
+	    else
+		COL=73
+	    fi
+	    UP=`$TPUT cuu1`
+	    END=`$TPUT hpa $COL`
+	    START=`$TPUT hpa 0`
+	    RED=`$TPUT setaf 1`
+	    NORMAL=`$TPUT op`
+	    if [ $1 -eq 0 ]; then
+		echo "$UP$END[ ok ]"
+	    else
+		echo -e "$UP$START $RED*$NORMAL$END[${RED}fail${NORMAL}]"
+	    fi
+	else
+	    if [ $1 -eq 0 ]; then
+		echo "   ...done."
+	    else
+		echo "   ...fail!"
+	    fi
+	fi
+	return $1
+    }
+    
+    log_warning_msg () {
+	if log_use_fancy_output; then
+	    YELLOW=`$TPUT setaf 3`
+	    NORMAL=`$TPUT op`
+	    echo "$YELLOW*$NORMAL $@"
+	else
+	    echo "$@"
+	fi
+    }
+
+fi
+
+#set -e
+
+PATH=/sbin:/bin:/usr/sbin:/usr/bin
+DESC="Avahi Unicast DNS Configuration Daemon"
+NAME="avahi-dnsconfd"
+DAEMON="@sbindir@/$NAME"
+SCRIPTNAME=/etc/init.d/$NAME
+
+# Gracefully exit if the package has been removed.
+test -x $DAEMON || exit 0
+
+# don't start if /etc/default/avahi-dnsconfd says so.
+AVAHI_DNSCONFD_START=1
+test -f /etc/default/avahi-dnsconfd && . /etc/default/avahi-dnsconfd
+
+if [ "$AVAHI_DNSCONFD_START" != "1" -a "$1" != "stop" ]; then
+    log_warning_msg "Not starting $DESC $NAME, disabled via /etc/default/$NAME"
+    exit 0
+fi
+
+#
+#       Function that starts the daemon/service.
+#
+d_start() {
+    $DAEMON -c
+    [ $? = 0 ] && exit 0
+
+    if [ -s /etc/localtime ]; then
+	if [ ! -d /etc/avahi/etc ]; then
+	    mkdir -p @sysconfdir@/avahi/etc >/dev/null 2>&1
+	fi
+	cp -fp /etc/localtime @sysconfdir@/avahi/etc >/dev/null 2>&1
+    fi;
+    
+    $DAEMON -D
+}
+
+#
+#       Function that stops the daemon/service.
+#
+d_stop() {
+    $DAEMON -c
+    [ $? != 0 ] && exit 0
+
+    $DAEMON -k
+}
+
+#
+#       Function that reload the config file for the daemon/service.
+#
+d_refresh() {
+    $DAEMON -c
+    [ $? != 0 ] && exit 0
+
+    $DAEMON -r
+}
+
+#
+#       Function that check the status of the daemon/service.
+#
+d_status() {
+    $DAEMON -c
+    [ $? = 0 ]  && echo "$DESC is running" || echo "$DESC is not running"
+}
+
+case "$1" in
+    start)
+        log_begin_msg "Starting $DESC: $NAME"
+        d_start
+        log_end_msg $?
+        ;;
+    stop)
+        log_begin_msg "Stopping $DESC: $NAME"
+        d_stop
+        log_end_msg $?
+        ;;
+    refresh)
+        log_begin_msg "Refreshing $DESC: $NAME"
+        d_refresh
+        log_end_msg $?
+        ;;
+    reload|restart|force-reload)
+        log_begin_msg "Restarting $DESC: $NAME"
+        $DAEMON -c && d_stop
+        d_start
+        log_end_msg $?
+        ;;
+    status)
+        d_status
+	;;
+    *)
+        echo "Usage: $SCRIPTNAME {start|stop|restart|force-reload|reload}" >&2
+        exit 1
+        ;;
+esac
+
+exit 0
diff --git a/meta/recipes-connectivity/avahi/files/handle-hup.patch b/meta/recipes-connectivity/avahi/files/handle-hup.patch
deleted file mode 100644
index 26632e5443d..00000000000
--- a/meta/recipes-connectivity/avahi/files/handle-hup.patch
+++ /dev/null
@@ -1,41 +0,0 @@ 
-CVE: CVE-2021-3468
-Upstream-Status: Submitted [https://github.com/lathiat/avahi/pull/330]
-Signed-off-by: Ross Burton <ross.burton@arm.com>
-
-From 447affe29991ee99c6b9732fc5f2c1048a611d3b Mon Sep 17 00:00:00 2001
-From: Riccardo Schirone <sirmy15@gmail.com>
-Date: Fri, 26 Mar 2021 11:50:24 +0100
-Subject: [PATCH] Avoid infinite-loop in avahi-daemon by handling HUP event in
- client_work
-
-If a client fills the input buffer, client_work() disables the
-AVAHI_WATCH_IN event, thus preventing the function from executing the
-`read` syscall the next times it is called. However, if the client then
-terminates the connection, the socket file descriptor receives a HUP
-event, which is not handled, thus the kernel keeps marking the HUP event
-as occurring. While iterating over the file descriptors that triggered
-an event, the client file descriptor will keep having the HUP event and
-the client_work() function is always called with AVAHI_WATCH_HUP but
-without nothing being done, thus entering an infinite loop.
-
-See https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=984938
----
- avahi-daemon/simple-protocol.c | 5 +++++
- 1 file changed, 5 insertions(+)
-
-diff --git a/avahi-daemon/simple-protocol.c b/avahi-daemon/simple-protocol.c
-index 3e0ebb11..6c0274d6 100644
---- a/avahi-daemon/simple-protocol.c
-+++ b/avahi-daemon/simple-protocol.c
-@@ -424,6 +424,11 @@ static void client_work(AvahiWatch *watch, AVAHI_GCC_UNUSED int fd, AvahiWatchEv
-         }
-     }
- 
-+    if (events & AVAHI_WATCH_HUP) {
-+        client_free(c);
-+        return;
-+    }
-+
-     c->server->poll_api->watch_update(
-         watch,
-         (c->outbuf_length > 0 ? AVAHI_WATCH_OUT : 0) |
diff --git a/meta/recipes-connectivity/avahi/files/initscript.patch b/meta/recipes-connectivity/avahi/files/initscript.patch
deleted file mode 100644
index e1176888df1..00000000000
--- a/meta/recipes-connectivity/avahi/files/initscript.patch
+++ /dev/null
@@ -1,51 +0,0 @@ 
-Note: upcoming avahi 0.9 drops debian initscripts altogether,
-so any version update would probably have to copy the last
-upstream versions into oe-core, and install them from the recipe.
-
-Upstream-Status: Inappropriate [upstream removed the files]
-
-Index: avahi-0.7/initscript/debian/avahi-daemon.in
-===================================================================
---- avahi-0.7.orig/initscript/debian/avahi-daemon.in
-+++ avahi-0.7/initscript/debian/avahi-daemon.in
-@@ -1,5 +1,17 @@
- #!/bin/sh
--
-+### BEGIN INIT INFO
-+# Provides:          avahi
-+# Required-Start:    $remote_fs dbus
-+# Required-Stop:     $remote_fs dbus
-+# Should-Start:	     $syslog
-+# Should-Stop:       $syslog
-+# Default-Start:     2 3 4 5
-+# Default-Stop:      0 1 6
-+# Short-Description: Avahi mDNS/DNS-SD Daemon
-+# Description:       Zeroconf daemon for configuring your network 
-+#                    automatically
-+### END INIT INFO
-+#
- # This file is part of avahi.
- #
- # avahi is free software; you can redistribute it and/or modify it
-Index: avahi-0.7/initscript/debian/avahi-dnsconfd.in
-===================================================================
---- avahi-0.7.orig/initscript/debian/avahi-dnsconfd.in
-+++ avahi-0.7/initscript/debian/avahi-dnsconfd.in
-@@ -1,4 +1,17 @@
- #!/bin/sh
-+### BEGIN INIT INFO
-+# Provides:          avahi-dnsconfd
-+# Required-Start:    $remote_fs avahi
-+# Required-Stop:     $remote_fs avahi
-+# Should-Start:	     $syslog
-+# Should-Stop:       $syslog
-+# Default-Start:     2 3 4 5
-+# Default-Stop:      0 1 6
-+# Short-Description: Avahi mDNS/DNS-SD DNS configuration
-+# Description:       Zeroconf daemon for configuring your network 
-+#                    automatically
-+### END INIT INFO
-+#
- 
- # This file is part of avahi.
- #
diff --git a/meta/recipes-connectivity/avahi/files/invalid-service.patch b/meta/recipes-connectivity/avahi/files/invalid-service.patch
deleted file mode 100644
index 8f188aff2c6..00000000000
--- a/meta/recipes-connectivity/avahi/files/invalid-service.patch
+++ /dev/null
@@ -1,29 +0,0 @@ 
-From 46490e95151d415cd22f02565e530eb5efcef680 Mon Sep 17 00:00:00 2001
-From: Asger Hautop Drewsen <asger@princh.com>
-Date: Mon, 9 Aug 2021 14:25:08 +0200
-Subject: [PATCH] Fix avahi-browse: Invalid service type
-
-Invalid service types will stop the browse from completing, or
-in simple terms "my washing machine stops me from printing".
-
-Upstream-Status: Submitted [https://github.com/lathiat/avahi/pull/472]
-Signed-off-by: Ross Burton <ross.burton@arm.com>
----
- avahi-core/browse-service.c | 4 +++-
- 1 file changed, 3 insertions(+), 1 deletion(-)
-
-diff --git a/avahi-core/browse-service.c b/avahi-core/browse-service.c
-index 63e0275a..ac3d2ecb 100644
---- a/avahi-core/browse-service.c
-+++ b/avahi-core/browse-service.c
-@@ -103,7 +103,9 @@ AvahiSServiceBrowser *avahi_s_service_browser_prepare(
-     AVAHI_CHECK_VALIDITY_RETURN_NULL(server, AVAHI_PROTO_VALID(protocol), AVAHI_ERR_INVALID_PROTOCOL);
-     AVAHI_CHECK_VALIDITY_RETURN_NULL(server, !domain || avahi_is_valid_domain_name(domain), AVAHI_ERR_INVALID_DOMAIN_NAME);
-     AVAHI_CHECK_VALIDITY_RETURN_NULL(server, AVAHI_FLAGS_VALID(flags, AVAHI_LOOKUP_USE_WIDE_AREA|AVAHI_LOOKUP_USE_MULTICAST), AVAHI_ERR_INVALID_FLAGS);
--    AVAHI_CHECK_VALIDITY_RETURN_NULL(server, avahi_is_valid_service_type_generic(service_type), AVAHI_ERR_INVALID_SERVICE_TYPE);
-+
-+    if (!avahi_is_valid_service_type_generic(service_type))
-+        service_type = "_invalid._tcp";
- 
-     if (!domain)
-         domain = server->domain_name;
diff --git a/meta/recipes-connectivity/avahi/files/local-ping.patch b/meta/recipes-connectivity/avahi/files/local-ping.patch
deleted file mode 100644
index 8f102815df0..00000000000
--- a/meta/recipes-connectivity/avahi/files/local-ping.patch
+++ /dev/null
@@ -1,152 +0,0 @@ 
-CVE: CVE-2021-3502
-Upstream-Status: Backport
-Signed-off-by: Ross Burton <ross.burton@arm.com>
-
-From 9d31939e55280a733d930b15ac9e4dda4497680c Mon Sep 17 00:00:00 2001
-From: Tommi Rantala <tommi.t.rantala@nokia.com>
-Date: Mon, 8 Feb 2021 11:04:43 +0200
-Subject: [PATCH] Fix NULL pointer crashes from #175
-
-avahi-daemon is crashing when running "ping .local".
-The crash is due to failing assertion from NULL pointer.
-Add missing NULL pointer checks to fix it.
-
-Introduced in #175 - merge commit 8f75a045709a780c8cf92a6a21e9d35b593bdecd
----
- avahi-core/browse-dns-server.c   | 5 ++++-
- avahi-core/browse-domain.c       | 5 ++++-
- avahi-core/browse-service-type.c | 3 +++
- avahi-core/browse-service.c      | 3 +++
- avahi-core/browse.c              | 3 +++
- avahi-core/resolve-address.c     | 5 ++++-
- avahi-core/resolve-host-name.c   | 5 ++++-
- avahi-core/resolve-service.c     | 5 ++++-
- 8 files changed, 29 insertions(+), 5 deletions(-)
-
-diff --git a/avahi-core/browse-dns-server.c b/avahi-core/browse-dns-server.c
-index 049752e9..c2d914fa 100644
---- a/avahi-core/browse-dns-server.c
-+++ b/avahi-core/browse-dns-server.c
-@@ -343,7 +343,10 @@ AvahiSDNSServerBrowser *avahi_s_dns_server_browser_new(
-         AvahiSDNSServerBrowser* b;
- 
-         b = avahi_s_dns_server_browser_prepare(server, interface, protocol, domain, type, aprotocol, flags, callback, userdata);
-+        if (!b)
-+            return NULL;
-+
-         avahi_s_dns_server_browser_start(b);
- 
-         return b;
--}
-\ No newline at end of file
-+}
-diff --git a/avahi-core/browse-domain.c b/avahi-core/browse-domain.c
-index f145d56a..06fa70c0 100644
---- a/avahi-core/browse-domain.c
-+++ b/avahi-core/browse-domain.c
-@@ -253,7 +253,10 @@ AvahiSDomainBrowser *avahi_s_domain_browser_new(
-         AvahiSDomainBrowser *b;
- 
-         b = avahi_s_domain_browser_prepare(server, interface, protocol, domain, type, flags, callback, userdata);
-+        if (!b)
-+            return NULL;
-+
-         avahi_s_domain_browser_start(b);
- 
-         return b;
--}
-\ No newline at end of file
-+}
-diff --git a/avahi-core/browse-service-type.c b/avahi-core/browse-service-type.c
-index fdd22dcd..b1fc7af8 100644
---- a/avahi-core/browse-service-type.c
-+++ b/avahi-core/browse-service-type.c
-@@ -171,6 +171,9 @@ AvahiSServiceTypeBrowser *avahi_s_service_type_browser_new(
-         AvahiSServiceTypeBrowser *b;
- 
-         b = avahi_s_service_type_browser_prepare(server, interface, protocol, domain, flags, callback, userdata);
-+        if (!b)
-+            return NULL;
-+
-         avahi_s_service_type_browser_start(b);
- 
-         return b;
-diff --git a/avahi-core/browse-service.c b/avahi-core/browse-service.c
-index 5531360c..63e0275a 100644
---- a/avahi-core/browse-service.c
-+++ b/avahi-core/browse-service.c
-@@ -184,6 +184,9 @@ AvahiSServiceBrowser *avahi_s_service_browser_new(
-         AvahiSServiceBrowser *b;
- 
-         b = avahi_s_service_browser_prepare(server, interface, protocol, service_type, domain, flags, callback, userdata);
-+        if (!b)
-+            return NULL;
-+
-         avahi_s_service_browser_start(b);
- 
-         return b;
-diff --git a/avahi-core/browse.c b/avahi-core/browse.c
-index 2941e579..e8a915e9 100644
---- a/avahi-core/browse.c
-+++ b/avahi-core/browse.c
-@@ -634,6 +634,9 @@ AvahiSRecordBrowser *avahi_s_record_browser_new(
-         AvahiSRecordBrowser *b;
- 
-         b = avahi_s_record_browser_prepare(server, interface, protocol, key, flags, callback, userdata);
-+        if (!b)
-+            return NULL;
-+
-         avahi_s_record_browser_start_query(b);
- 
-         return b;
-diff --git a/avahi-core/resolve-address.c b/avahi-core/resolve-address.c
-index ac0b29b1..e61dd242 100644
---- a/avahi-core/resolve-address.c
-+++ b/avahi-core/resolve-address.c
-@@ -286,7 +286,10 @@ AvahiSAddressResolver *avahi_s_address_resolver_new(
-         AvahiSAddressResolver *b;
- 
-         b = avahi_s_address_resolver_prepare(server, interface, protocol, address, flags, callback, userdata);
-+        if (!b)
-+            return NULL;
-+
-         avahi_s_address_resolver_start(b);
- 
-         return b;
--}
-\ No newline at end of file
-+}
-diff --git a/avahi-core/resolve-host-name.c b/avahi-core/resolve-host-name.c
-index 808b0e72..4e8e5973 100644
---- a/avahi-core/resolve-host-name.c
-+++ b/avahi-core/resolve-host-name.c
-@@ -318,7 +318,10 @@ AvahiSHostNameResolver *avahi_s_host_name_resolver_new(
-         AvahiSHostNameResolver *b;
- 
-         b = avahi_s_host_name_resolver_prepare(server, interface, protocol, host_name, aprotocol, flags, callback, userdata);
-+        if (!b)
-+            return NULL;
-+
-         avahi_s_host_name_resolver_start(b);
- 
-         return b;
--}
-\ No newline at end of file
-+}
-diff --git a/avahi-core/resolve-service.c b/avahi-core/resolve-service.c
-index 66bf3cae..43771763 100644
---- a/avahi-core/resolve-service.c
-+++ b/avahi-core/resolve-service.c
-@@ -519,7 +519,10 @@ AvahiSServiceResolver *avahi_s_service_resolver_new(
-         AvahiSServiceResolver *b;
- 
-         b = avahi_s_service_resolver_prepare(server, interface, protocol, name, type, domain, aprotocol, flags, callback, userdata);
-+        if (!b)
-+            return NULL;
-+
-         avahi_s_service_resolver_start(b);
- 
-         return b;
--}
-\ No newline at end of file
-+}