Script 'mail_helper' called by obssrc Hello community, here is the log from the commit of package avahi for openSUSE:Factory checked in at 2021-04-24 23:07:00 ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Comparing /work/SRC/openSUSE:Factory/avahi (Old) and /work/SRC/openSUSE:Factory/.avahi.new.12324 (New) ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Package is "avahi" Sat Apr 24 23:07:00 2021 rev:138 rq:887505 version:0.8 Changes: -------- avahi-mono.changes: same change avahi-qt5.changes: same change --- /work/SRC/openSUSE:Factory/avahi/avahi.changes 2021-02-22 14:39:56.968590321 +0100 +++ /work/SRC/openSUSE:Factory/.avahi.new.12324/avahi.changes 2021-04-24 23:07:17.567236964 +0200 @@ -1,0 +2,7 @@ +Tue Apr 20 16:17:54 UTC 2021 - Michael Gorse <mgo...@suse.com> + +- Add avahi-CVE-2021-3468.patch: avoid infinite loop by handling + HUP event in client_work (boo#1184521 CVE-2021-3468). + https://github.com/lathiat/avahi/pull/330 + +------------------------------------------------------------------- New: ---- avahi-CVE-2021-3468.patch ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Other differences: ------------------ ++++++ avahi-glib2.spec ++++++ --- /var/tmp/diff_new_pack.E722qV/_old 2021-04-24 23:07:18.247237926 +0200 +++ /var/tmp/diff_new_pack.E722qV/_new 2021-04-24 23:07:18.251237931 +0200 @@ -77,6 +77,8 @@ Patch19: avahi-0.6.32-suppress-resolv-conf-warning.patch # PATCH-FIX-UPSTREAM add-IT_PROG_INTLTOOL.patch alarr...@suse.com -- add IT_PROG_INTLTOOL so intltool works Patch20: add-IT_PROG_INTLTOOL.patch +# PATCH-FIX-UPSTREAM avahi-CVE-2021-3468.patch boo#1184521 mgo...@suse.com -- avoid infinite loop by handling HUP event in client_work. +Patch21: avahi-CVE-2021-3468.patch BuildRequires: fdupes BuildRequires: gcc-c++ BuildRequires: gdbm-devel @@ -261,6 +263,7 @@ DNS specifications for Zeroconf Computing. %else + %package -n python3-avahi Summary: A set of Avahi utilities written in Python Group: Development/Languages/Python @@ -404,13 +407,14 @@ DNS specifications for Zeroconf Computing. # This is the avahi-discover command, only provided for the primary python3 flavor + %package -n python3-avahi-gtk Summary: A set of Avahi utilities written in Python Using python-gtk Group: Development/Languages/Python Requires: python3-avahi = %{version} Requires: python3-gobject Requires(post): coreutils -Requires(postun): coreutils +Requires(postun):coreutils Provides: %{oldpython}-avahi-gtk = %{version} Obsoletes: %{oldpython}-avahi-gtk < %{version} # Provide split-provides for update from <= 11.0: @@ -514,6 +518,7 @@ %patch4 %patch19 -p1 %patch20 -p1 +%patch21 -p1 %if !%{build_core} # Replace all .la references from local .la files to installed versions @@ -798,6 +803,7 @@ %postun -n python-avahi %python_uninstall_alternative avahi-bookmarks %else + %post -n python3-avahi %python_install_alternative avahi-bookmarks avahi-bookmarks.1 @@ -974,6 +980,7 @@ %if %{build_core} %files -n avahi-mono %else + %files %endif %defattr(-,root,root) ++++++ avahi-mono.spec ++++++ --- /var/tmp/diff_new_pack.E722qV/_old 2021-04-24 23:07:18.275237965 +0200 +++ /var/tmp/diff_new_pack.E722qV/_new 2021-04-24 23:07:18.275237965 +0200 @@ -77,6 +77,8 @@ Patch19: avahi-0.6.32-suppress-resolv-conf-warning.patch # PATCH-FIX-UPSTREAM add-IT_PROG_INTLTOOL.patch alarr...@suse.com -- add IT_PROG_INTLTOOL so intltool works Patch20: add-IT_PROG_INTLTOOL.patch +# PATCH-FIX-UPSTREAM avahi-CVE-2021-3468.patch boo#1184521 mgo...@suse.com -- avoid infinite loop by handling HUP event in client_work. +Patch21: avahi-CVE-2021-3468.patch BuildRequires: fdupes BuildRequires: gcc-c++ BuildRequires: gdbm-devel @@ -260,6 +262,7 @@ DNS specifications for Zeroconf Computing. %else + %package -n python3-avahi Summary: A set of Avahi utilities written in Python Group: Development/Languages/Python @@ -403,13 +406,14 @@ DNS specifications for Zeroconf Computing. # This is the avahi-discover command, only provided for the primary python3 flavor + %package -n python3-avahi-gtk Summary: A set of Avahi utilities written in Python Using python-gtk Group: Development/Languages/Python Requires: python3-avahi = %{version} Requires: python3-gobject Requires(post): coreutils -Requires(postun): coreutils +Requires(postun):coreutils Provides: %{oldpython}-avahi-gtk = %{version} Obsoletes: %{oldpython}-avahi-gtk < %{version} # Provide split-provides for update from <= 11.0: @@ -451,7 +455,6 @@ %if %{build_mono} %package -n avahi-mono Summary: Mono Bindings for avahi, the D-BUS Service for Zeroconf and Bonjour -License: LGPL-2.1-or-later Group: Development/Languages/Mono Requires: gtk-sharp2 Requires: libavahi-client%{avahi_client_sover} >= %{version} @@ -514,6 +517,7 @@ %patch4 %patch19 -p1 %patch20 -p1 +%patch21 -p1 %if !%{build_core} # Replace all .la references from local .la files to installed versions @@ -798,6 +802,7 @@ %postun -n python-avahi %python_uninstall_alternative avahi-bookmarks %else + %post -n python3-avahi %python_install_alternative avahi-bookmarks avahi-bookmarks.1 @@ -974,6 +979,7 @@ %if %{build_core} %files -n avahi-mono %else + %files %endif %defattr(-,root,root) ++++++ avahi-qt5.spec ++++++ --- /var/tmp/diff_new_pack.E722qV/_old 2021-04-24 23:07:18.295237993 +0200 +++ /var/tmp/diff_new_pack.E722qV/_new 2021-04-24 23:07:18.299237999 +0200 @@ -77,6 +77,8 @@ Patch19: avahi-0.6.32-suppress-resolv-conf-warning.patch # PATCH-FIX-UPSTREAM add-IT_PROG_INTLTOOL.patch alarr...@suse.com -- add IT_PROG_INTLTOOL so intltool works Patch20: add-IT_PROG_INTLTOOL.patch +# PATCH-FIX-UPSTREAM avahi-CVE-2021-3468.patch boo#1184521 mgo...@suse.com -- avoid infinite loop by handling HUP event in client_work. +Patch21: avahi-CVE-2021-3468.patch BuildRequires: fdupes BuildRequires: gcc-c++ BuildRequires: gdbm-devel @@ -261,6 +263,7 @@ DNS specifications for Zeroconf Computing. %else + %package -n python3-avahi Summary: A set of Avahi utilities written in Python Group: Development/Languages/Python @@ -404,13 +407,14 @@ DNS specifications for Zeroconf Computing. # This is the avahi-discover command, only provided for the primary python3 flavor + %package -n python3-avahi-gtk Summary: A set of Avahi utilities written in Python Using python-gtk Group: Development/Languages/Python Requires: python3-avahi = %{version} Requires: python3-gobject Requires(post): coreutils -Requires(postun): coreutils +Requires(postun):coreutils Provides: %{oldpython}-avahi-gtk = %{version} Obsoletes: %{oldpython}-avahi-gtk < %{version} # Provide split-provides for update from <= 11.0: @@ -514,6 +518,7 @@ %patch4 %patch19 -p1 %patch20 -p1 +%patch21 -p1 %if !%{build_core} # Replace all .la references from local .la files to installed versions @@ -798,6 +803,7 @@ %postun -n python-avahi %python_uninstall_alternative avahi-bookmarks %else + %post -n python3-avahi %python_install_alternative avahi-bookmarks avahi-bookmarks.1 @@ -974,6 +980,7 @@ %if %{build_core} %files -n avahi-mono %else + %files %endif %defattr(-,root,root) ++++++ avahi.spec ++++++ --- /var/tmp/diff_new_pack.E722qV/_old 2021-04-24 23:07:18.323238033 +0200 +++ /var/tmp/diff_new_pack.E722qV/_new 2021-04-24 23:07:18.327238039 +0200 @@ -79,6 +79,8 @@ Patch19: avahi-0.6.32-suppress-resolv-conf-warning.patch # PATCH-FIX-UPSTREAM add-IT_PROG_INTLTOOL.patch alarr...@suse.com -- add IT_PROG_INTLTOOL so intltool works Patch20: add-IT_PROG_INTLTOOL.patch +# PATCH-FIX-UPSTREAM avahi-CVE-2021-3468.patch boo#1184521 mgo...@suse.com -- avoid infinite loop by handling HUP event in client_work. +Patch21: avahi-CVE-2021-3468.patch BuildRequires: fdupes BuildRequires: gcc-c++ BuildRequires: gdbm-devel @@ -263,6 +265,7 @@ DNS specifications for Zeroconf Computing. %else + %package -n python3-avahi Summary: A set of Avahi utilities written in Python Group: Development/Languages/Python @@ -406,13 +409,14 @@ DNS specifications for Zeroconf Computing. # This is the avahi-discover command, only provided for the primary python3 flavor + %package -n python3-avahi-gtk Summary: A set of Avahi utilities written in Python Using python-gtk Group: Development/Languages/Python Requires: python3-avahi = %{version} Requires: python3-gobject Requires(post): coreutils -Requires(postun): coreutils +Requires(postun):coreutils Provides: %{oldpython}-avahi-gtk = %{version} Obsoletes: %{oldpython}-avahi-gtk < %{version} # Provide split-provides for update from <= 11.0: @@ -509,6 +513,7 @@ %patch4 %patch19 -p1 %patch20 -p1 +%patch21 -p1 %if !%{build_core} # Replace all .la references from local .la files to installed versions @@ -793,6 +798,7 @@ %postun -n python-avahi %python_uninstall_alternative avahi-bookmarks %else + %post -n python3-avahi %python_install_alternative avahi-bookmarks avahi-bookmarks.1 @@ -969,6 +975,7 @@ %if %{build_core} %files -n avahi-mono %else + %files %endif %defattr(-,root,root) ++++++ avahi-CVE-2021-3468.patch ++++++ >From 447affe29991ee99c6b9732fc5f2c1048a611d3b Mon Sep 17 00:00:00 2001 From: Riccardo Schirone <sirm...@gmail.com> Date: Fri, 26 Mar 2021 11:50:24 +0100 Subject: [PATCH] Avoid infinite-loop in avahi-daemon by handling HUP event in client_work If a client fills the input buffer, client_work() disables the AVAHI_WATCH_IN event, thus preventing the function from executing the `read` syscall the next times it is called. However, if the client then terminates the connection, the socket file descriptor receives a HUP event, which is not handled, thus the kernel keeps marking the HUP event as occurring. While iterating over the file descriptors that triggered an event, the client file descriptor will keep having the HUP event and the client_work() function is always called with AVAHI_WATCH_HUP but without nothing being done, thus entering an infinite loop. See https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=984938 --- avahi-daemon/simple-protocol.c | 5 +++++ 1 file changed, 5 insertions(+) diff --git a/avahi-daemon/simple-protocol.c b/avahi-daemon/simple-protocol.c index 3e0ebb1..6c0274d 100644 --- a/avahi-daemon/simple-protocol.c +++ b/avahi-daemon/simple-protocol.c @@ -424,6 +424,11 @@ static void client_work(AvahiWatch *watch, AVAHI_GCC_UNUSED int fd, AvahiWatchEv } } + if (events & AVAHI_WATCH_HUP) { + client_free(c); + return; + } + c->server->poll_api->watch_update( watch, (c->outbuf_length > 0 ? AVAHI_WATCH_OUT : 0) | -- 2.31.1
