diff mbox series

[3/3] avahi: upgrade 0.9-rc4 -> 0.9-rc5

Message ID 20260629105506.2156617-3-ross.burton@arm.com
State Under Review
Headers show
Series [1/3] pango: upgrade 1.57.1 -> 1.58.0 | expand

Commit Message

Ross Burton June 29, 2026, 10:55 a.m. UTC 
Notably, this has security fixes:

- common: make sure valid domain names can be normalized

  It fixes a bug where it was possible for unprivileged local users to
  crash avahi-daemon via D-Bus by calling the RecordBrowserNew method
  with bogus domain names.

- core: always create new lookups and let queriers coalesce them

  It fixes a bug where it was possible to trigger a use-after-free by
  sending CNAME RRs.

Curated upstream changelog:
- core: always create new lookups and let queriers coalesce them
- tree-wide: cast chars to unsigned chars before passing them to ctype functions
- common: make sure valid domain names can be normalized
- core: add missing check to avahi_record_copy
- core: add missing checks to avahi_dns_packet_append_name
- core: add missing checks to parse_rdata
- core: handle prefix lengths longer than 120 correctly
- core: use ip6_masklen for IPv6 prefix lengths on BSD
- core: no longer read past netmask in ip6_masklen
- core: set scope ids for link-local IPv6 addresses
- tests: cover oversize rdata rejection in avahi_rdata_parse
- dns: reject rdata larger than the 16 bit rdlength field
- common: free copy instead of NULL on failures in string_list_copy
- common: add missing checks to avahi_alternative_*
- core: free copy's HINFO 'os' field on rdata copy failure
- core: fill out msg_controllen for IPV6_PKTINFO control messages correctly
- tests: call functions with side effects outside of assertions
- tests: call avahi_string_list_parse outside of assert
- fix: replace __FUNCTION__ with __func__ in AVAHI_WARN_UNSUPPORTED

Signed-off-by: Ross Burton <ross.burton@arm.com>
---
 meta/recipes-connectivity/avahi/avahi_0.9.bb | 6 +++---
 1 file changed, 3 insertions(+), 3 deletions(-)
diff mbox series

Patch

diff --git a/meta/recipes-connectivity/avahi/avahi_0.9.bb b/meta/recipes-connectivity/avahi/avahi_0.9.bb
index b5b63cf1ee4..308ddc1822c 100644
--- a/meta/recipes-connectivity/avahi/avahi_0.9.bb
+++ b/meta/recipes-connectivity/avahi/avahi_0.9.bb
@@ -18,7 +18,7 @@  LIC_FILES_CHKSUM = "file://LICENSE;md5=2d5025d4aa3495befef8f17206a5b0a1 \
                     file://avahi-daemon/main.c;endline=21;md5=9ee77368c5407af77caaef1b07285969 \
                     file://avahi-client/client.h;endline=23;md5=f4ac741a25c4f434039ba3e18c8674cf"
 
-SRC_URI = "git://github.com/avahi/avahi;protocol=https;branch=master;tag=v0.9-rc4 \
+SRC_URI = "git://github.com/avahi/avahi;protocol=https;branch=master;tag=v0.9-rc5 \
            file://00avahi-autoipd \
            file://99avahi-autoipd \
            file://avahi-daemon.in \
@@ -26,8 +26,8 @@  SRC_URI = "git://github.com/avahi/avahi;protocol=https;branch=master;tag=v0.9-rc
            file://0001-Fix-opening-etc-resolv.conf-error.patch \
            "
 
-PV = "0.9~rc4"
-SRCREV = "625ca0fac19229f6dfa3a6c6b698ae657187e50c"
+PV = "0.9~rc5"
+SRCREV = "71b640e686964efb27cb708f4457ffaed183c319"
 
 GITHUB_BASE_URI = "https://github.com/avahi/avahi/releases/"