commit avahi for openSUSE:Factory

Source-Sync Wed, 07 Jul 2021 09:31:21 -0700

Script 'mail_helper' called by obssrc
Hello community,

here is the log from the commit of package avahi for openSUSE:Factory checked 
in at 2021-07-07 18:29:49
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Comparing /work/SRC/openSUSE:Factory/avahi (Old)
 and      /work/SRC/openSUSE:Factory/.avahi.new.2625 (New)
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++


Package is "avahi"

Wed Jul  7 18:29:49 2021 rev:140 rq:904185 version:0.8

Changes:
--------
avahi-mono.changes: same change
avahi-qt5.changes: same change
--- /work/SRC/openSUSE:Factory/avahi/avahi.changes      2021-06-11 
00:17:42.297215919 +0200
+++ /work/SRC/openSUSE:Factory/.avahi.new.2625/avahi.changes    2021-07-07 
18:30:46.074855240 +0200
@@ -1,0 +2,6 @@
+Fri Jul  2 17:40:20 UTC 2021 - Michael Gorse <mgo...@suse.com>
+
+- Add avahi-CVE-2021-3502.patch: fix NULL pointer crashes
+  (boo#1184846 CVE-2021-3502).
+
+-------------------------------------------------------------------

New:
----
  avahi-CVE-2021-3502.patch

++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++

Other differences:
------------------
++++++ avahi-glib2.spec ++++++
--- /var/tmp/diff_new_pack.9zoZH0/_old  2021-07-07 18:30:46.830849307 +0200
+++ /var/tmp/diff_new_pack.9zoZH0/_new  2021-07-07 18:30:46.834849276 +0200
@@ -79,6 +79,8 @@
 Patch20:        add-IT_PROG_INTLTOOL.patch
 # PATCH-FIX-UPSTREAM avahi-CVE-2021-3468.patch boo#1184521 mgo...@suse.com -- 
avoid infinite loop by handling HUP event in client_work.
 Patch21:        avahi-CVE-2021-3468.patch
+# PATCH-FIX-UPSTREAM avahi-CVE-2021-3502.patch boo#1184846 mgo...@suse.com -- 
fix NULL pointer crashes.
+Patch22:        avahi-CVE-2021-3502.patch
 BuildRequires:  fdupes
 BuildRequires:  gcc-c++
 BuildRequires:  gdbm-devel
@@ -319,6 +321,7 @@
 Requires:       libavahi-client%{avahi_client_sover} = %{version}
 Requires:       libavahi-common%{avahi_common_sover} = %{version}
 Requires:       libavahi-core%{avahi_core_sover} = %{version}
+Requires:       libavahi-libevent%{avahi_libevent_sover} = %{version}
 # Last appeared in OpenSUSE 10.3:
 Provides:       avahi-devel = %{version}
 Obsoletes:      avahi-devel < %{version}
@@ -406,8 +409,8 @@
 Avahi is an implementation of the DNS Service Discovery and Multicast
 DNS specifications for Zeroconf Computing.
 
-# This is the avahi-discover command, only provided for the primary python3 
flavor
 
+# This is the avahi-discover command, only provided for the primary python3 
flavor
 %package -n python3-avahi-gtk
 Summary:        A set of Avahi utilities written in Python Using python-gtk
 Group:          Development/Languages/Python
@@ -519,6 +522,7 @@
 %patch19 -p1
 %patch20 -p1
 %patch21 -p1
+%patch22 -p1
 
 %if !%{build_core}
 # Replace all .la references from local .la files to installed versions

avahi-mono.spec: same change
avahi-qt5.spec: same change
++++++ avahi.spec ++++++
--- /var/tmp/diff_new_pack.9zoZH0/_old  2021-07-07 18:30:46.934848491 +0200
+++ /var/tmp/diff_new_pack.9zoZH0/_new  2021-07-07 18:30:46.938848459 +0200
@@ -81,6 +81,8 @@
 Patch20:        add-IT_PROG_INTLTOOL.patch
 # PATCH-FIX-UPSTREAM avahi-CVE-2021-3468.patch boo#1184521 mgo...@suse.com -- 
avoid infinite loop by handling HUP event in client_work.
 Patch21:        avahi-CVE-2021-3468.patch
+# PATCH-FIX-UPSTREAM avahi-CVE-2021-3502.patch boo#1184846 mgo...@suse.com -- 
fix NULL pointer crashes.
+Patch22:        avahi-CVE-2021-3502.patch
 BuildRequires:  fdupes
 BuildRequires:  gcc-c++
 BuildRequires:  gdbm-devel
@@ -409,8 +411,8 @@
 Avahi is an implementation of the DNS Service Discovery and Multicast
 DNS specifications for Zeroconf Computing.
 
-# This is the avahi-discover command, only provided for the primary python3 
flavor
 
+# This is the avahi-discover command, only provided for the primary python3 
flavor
 %package -n python3-avahi-gtk
 Summary:        A set of Avahi utilities written in Python Using python-gtk
 Group:          Development/Languages/Python
@@ -515,6 +517,7 @@
 %patch19 -p1
 %patch20 -p1
 %patch21 -p1
+%patch22 -p1
 
 %if !%{build_core}
 # Replace all .la references from local .la files to installed versions

++++++ avahi-CVE-2021-3502.patch ++++++
>From 9d31939e55280a733d930b15ac9e4dda4497680c Mon Sep 17 00:00:00 2001
From: Tommi Rantala <tommi.t.rant...@nokia.com>
Date: Mon, 8 Feb 2021 11:04:43 +0200
Subject: [PATCH] Fix NULL pointer crashes from #175

avahi-daemon is crashing when running "ping .local".
The crash is due to failing assertion from NULL pointer.
Add missing NULL pointer checks to fix it.

Introduced in #175 - merge commit 8f75a045709a780c8cf92a6a21e9d35b593bdecd
---
 avahi-core/browse-dns-server.c   | 5 ++++-
 avahi-core/browse-domain.c       | 5 ++++-
 avahi-core/browse-service-type.c | 3 +++
 avahi-core/browse-service.c      | 3 +++
 avahi-core/browse.c              | 3 +++
 avahi-core/resolve-address.c     | 5 ++++-
 avahi-core/resolve-host-name.c   | 5 ++++-
 avahi-core/resolve-service.c     | 5 ++++-
 8 files changed, 29 insertions(+), 5 deletions(-)

diff --git a/avahi-core/browse-dns-server.c b/avahi-core/browse-dns-server.c
index 049752e..c2d914f 100644
--- a/avahi-core/browse-dns-server.c
+++ b/avahi-core/browse-dns-server.c
@@ -343,7 +343,10 @@ AvahiSDNSServerBrowser *avahi_s_dns_server_browser_new(
         AvahiSDNSServerBrowser* b;
 
         b = avahi_s_dns_server_browser_prepare(server, interface, protocol, 
domain, type, aprotocol, flags, callback, userdata);
+        if (!b)
+            return NULL;
+
         avahi_s_dns_server_browser_start(b);
 
         return b;
-}
\ No newline at end of file
+}
diff --git a/avahi-core/browse-domain.c b/avahi-core/browse-domain.c
index f145d56..06fa70c 100644
--- a/avahi-core/browse-domain.c
+++ b/avahi-core/browse-domain.c
@@ -253,7 +253,10 @@ AvahiSDomainBrowser *avahi_s_domain_browser_new(
         AvahiSDomainBrowser *b;
 
         b = avahi_s_domain_browser_prepare(server, interface, protocol, 
domain, type, flags, callback, userdata);
+        if (!b)
+            return NULL;
+
         avahi_s_domain_browser_start(b);
 
         return b;
-}
\ No newline at end of file
+}
diff --git a/avahi-core/browse-service-type.c b/avahi-core/browse-service-type.c
index fdd22dc..b1fc7af 100644
--- a/avahi-core/browse-service-type.c
+++ b/avahi-core/browse-service-type.c
@@ -171,6 +171,9 @@ AvahiSServiceTypeBrowser *avahi_s_service_type_browser_new(
         AvahiSServiceTypeBrowser *b;
 
         b = avahi_s_service_type_browser_prepare(server, interface, protocol, 
domain, flags, callback, userdata);
+        if (!b)
+            return NULL;
+
         avahi_s_service_type_browser_start(b);
 
         return b;
diff --git a/avahi-core/browse-service.c b/avahi-core/browse-service.c
index 5531360..63e0275 100644
--- a/avahi-core/browse-service.c
+++ b/avahi-core/browse-service.c
@@ -184,6 +184,9 @@ AvahiSServiceBrowser *avahi_s_service_browser_new(
         AvahiSServiceBrowser *b;
 
         b = avahi_s_service_browser_prepare(server, interface, protocol, 
service_type, domain, flags, callback, userdata);
+        if (!b)
+            return NULL;
+
         avahi_s_service_browser_start(b);
 
         return b;
diff --git a/avahi-core/browse.c b/avahi-core/browse.c
index 2941e57..e8a915e 100644
--- a/avahi-core/browse.c
+++ b/avahi-core/browse.c
@@ -634,6 +634,9 @@ AvahiSRecordBrowser *avahi_s_record_browser_new(
         AvahiSRecordBrowser *b;
 
         b = avahi_s_record_browser_prepare(server, interface, protocol, key, 
flags, callback, userdata);
+        if (!b)
+            return NULL;
+
         avahi_s_record_browser_start_query(b);
 
         return b;
diff --git a/avahi-core/resolve-address.c b/avahi-core/resolve-address.c
index ac0b29b..e61dd24 100644
--- a/avahi-core/resolve-address.c
+++ b/avahi-core/resolve-address.c
@@ -286,7 +286,10 @@ AvahiSAddressResolver *avahi_s_address_resolver_new(
         AvahiSAddressResolver *b;
 
         b = avahi_s_address_resolver_prepare(server, interface, protocol, 
address, flags, callback, userdata);
+        if (!b)
+            return NULL;
+
         avahi_s_address_resolver_start(b);
 
         return b;
-}
\ No newline at end of file
+}
diff --git a/avahi-core/resolve-host-name.c b/avahi-core/resolve-host-name.c
index 808b0e7..4e8e597 100644
--- a/avahi-core/resolve-host-name.c
+++ b/avahi-core/resolve-host-name.c
@@ -318,7 +318,10 @@ AvahiSHostNameResolver *avahi_s_host_name_resolver_new(
         AvahiSHostNameResolver *b;
 
         b = avahi_s_host_name_resolver_prepare(server, interface, protocol, 
host_name, aprotocol, flags, callback, userdata);
+        if (!b)
+            return NULL;
+
         avahi_s_host_name_resolver_start(b);
 
         return b;
-}
\ No newline at end of file
+}
diff --git a/avahi-core/resolve-service.c b/avahi-core/resolve-service.c
index 66bf3ca..4377176 100644
--- a/avahi-core/resolve-service.c
+++ b/avahi-core/resolve-service.c
@@ -519,7 +519,10 @@ AvahiSServiceResolver *avahi_s_service_resolver_new(
         AvahiSServiceResolver *b;
 
         b = avahi_s_service_resolver_prepare(server, interface, protocol, 
name, type, domain, aprotocol, flags, callback, userdata);
+        if (!b)
+            return NULL;
+
         avahi_s_service_resolver_start(b);
 
         return b;
-}
\ No newline at end of file
+}
-- 
2.32.0

commit avahi for openSUSE:Factory

Reply via email to