* [Buildroot] [PATCH 1/1] package/avahi: upstream patch for CVE-2026-34933
@ 2026-06-26 19:59 Thomas Perale via buildroot
2026-07-05 9:51 ` Julien Olivain via buildroot
2026-07-10 13:51 ` Thomas Perale via buildroot
0 siblings, 2 replies; 3+ messages in thread
From: Thomas Perale via buildroot @ 2026-06-26 19:59 UTC (permalink / raw)
To: buildroot
This fixes the following vulnerability:
- CVE-2026-34933:
Avahi is a system which facilitates service discovery on a local
network via the mDNS/DNS-SD protocol suite. Prior to version 0.9-rc4,
any unprivileged local user can crash avahi-daemon by sending a single
D-Bus method call with conflicting publish flags. This issue has been
patched in version 0.9-rc4.
For more information, see:
- https://www.cve.org/CVERecord?id=CVE-2026-34933
- https://github.com/avahi/avahi/commit/0be89b6bb5c3983837b5e0febcbbbf452ecf7675
Signed-off-by: Thomas Perale <thomas.perale@mind.be>
---
...both-wide-area-and-multicast-are-set.patch | 106 ++++++++++++++++++
package/avahi/avahi.mk | 3 +
2 files changed, 109 insertions(+)
create mode 100644 package/avahi/0017-core-refuse-to-accept-publish-flags-where-both-wide-area-and-multicast-are-set.patch
diff --git a/package/avahi/0017-core-refuse-to-accept-publish-flags-where-both-wide-area-and-multicast-are-set.patch b/package/avahi/0017-core-refuse-to-accept-publish-flags-where-both-wide-area-and-multicast-are-set.patch
new file mode 100644
index 0000000000..de359b7d22
--- /dev/null
+++ b/package/avahi/0017-core-refuse-to-accept-publish-flags-where-both-wide-area-and-multicast-are-set.patch
@@ -0,0 +1,106 @@
+From 0be89b6bb5c3983837b5e0febcbbbf452ecf7675 Mon Sep 17 00:00:00 2001
+From: Evgeny Vereshchagin <evvers@ya.ru>
+Date: Wed, 1 Apr 2026 05:31:58 +0000
+Subject: [PATCH] core: refuse to accept publish flags where both wide_area and
+ multicast are set
+
+It fixes a bug where it was possible for unprivileged local users to
+crash avahi-daemon via D-Bus by calling EntryGroup methods accepting
+flags and passing both AVAHI_PUBLISH_USE_WIDE_AREA and
+AVAHI_PUBLISH_USE_MULTICAST there. For example when AddRecord was
+invoked like that avahi-daemon crashed with
+```
+dbus-entry-group.c: interface=org.freedesktop.Avahi.EntryGroup, path=/Client0/EntryGroup1, member=AddRecord
+avahi-daemon: entry.c:57: transport_flags_from_domain: Assertion `!((*flags & AVAHI_PUBLISH_USE_MULTICAST) && (*flags & AVAHI_PUBLISH_USE_WIDE_AREA))' failed.
+==84944==
+==84944== Process terminating with default action of signal 6 (SIGABRT)
+==84944== at 0x4B353BC: __pthread_kill_implementation (pthread_kill.c:44)
+==84944== by 0x4ADE941: raise (raise.c:26)
+==84944== by 0x4AC64AB: abort (abort.c:77)
+==84944== by 0x4AC641F: __assert_fail_base.cold (assert.c:118)
+==84944== by 0x48A9404: transport_flags_from_domain (entry.c:57)
+==84944== by 0x48A9F8F: server_add_internal (entry.c:224)
+==84944== by 0x48AA49F: avahi_server_add (entry.c:324)
+==84944== by 0x401A670: avahi_dbus_msg_entry_group_impl (dbus-entry-group.c:348)
+==84944== by 0x4A70741: ??? (in /usr/lib/x86_64-linux-gnu/libdbus-1.so.3.38.3)
+==84944== by 0x4A5FB22: dbus_connection_dispatch (in /usr/lib/x86_64-linux-gnu/libdbus-1.so.3.38.3)
+==84944== by 0x401D01D: dispatch_timeout_callback (dbus-watch-glue.c:105)
+==84944== by 0x488E3AE: timeout_callback (simple-watch.c:447)
+==84944==
+```
+It's a follow-up to fbce111b069aa1e4c701ed37ee1d9f6d6cefaac5 where
+those flags were introduced and consistent with the other places
+where wide_area/multicast flags are used.
+
+It was discovered by
+Guillaume Meunier - Head of Vulnerability Operations Center France - Orange Cyberdefense
+
+https://github.com/avahi/avahi/security/advisories/GHSA-w65r-6gxh-vhvc
+
+CVE: CVE-2026-34933
+Upstream: https://github.com/avahi/avahi/commit/0be89b6bb5c3983837b5e0febcbbbf452ecf7675
+Signed-off-by: Thomas Perale <thomas.perale@mind.be>
+---
+ avahi-core/entry.c | 7 +++++++
+ 1 file changed, 7 insertions(+)
+
+diff --git a/avahi-core/entry.c b/avahi-core/entry.c
+index 0d862133d..06eb12076 100644
+--- a/avahi-core/entry.c
++++ b/avahi-core/entry.c
+@@ -207,6 +207,7 @@ static AvahiEntry * server_add_internal(
+ AVAHI_PUBLISH_UPDATE|
+ AVAHI_PUBLISH_USE_WIDE_AREA|
+ AVAHI_PUBLISH_USE_MULTICAST), AVAHI_ERR_INVALID_FLAGS);
++ AVAHI_CHECK_VALIDITY_RETURN_NULL(s, !(flags & AVAHI_PUBLISH_USE_WIDE_AREA) || !(flags & AVAHI_PUBLISH_USE_MULTICAST), AVAHI_ERR_INVALID_FLAGS);
+ AVAHI_CHECK_VALIDITY_RETURN_NULL(s, avahi_is_valid_domain_name(r->key->name), AVAHI_ERR_INVALID_HOST_NAME);
+ AVAHI_CHECK_VALIDITY_RETURN_NULL(s, r->ttl != 0, AVAHI_ERR_INVALID_TTL);
+ AVAHI_CHECK_VALIDITY_RETURN_NULL(s, !avahi_key_is_pattern(r->key), AVAHI_ERR_IS_PATTERN);
+@@ -454,6 +455,7 @@ int avahi_server_add_address(
+ AVAHI_PUBLISH_UPDATE|
+ AVAHI_PUBLISH_USE_WIDE_AREA|
+ AVAHI_PUBLISH_USE_MULTICAST), AVAHI_ERR_INVALID_FLAGS);
++ AVAHI_CHECK_VALIDITY(s, !(flags & AVAHI_PUBLISH_USE_WIDE_AREA) || !(flags & AVAHI_PUBLISH_USE_MULTICAST), AVAHI_ERR_INVALID_FLAGS);
+ AVAHI_CHECK_VALIDITY(s, !name || avahi_is_valid_fqdn(name), AVAHI_ERR_INVALID_HOST_NAME);
+
+ /* Prepare the host naem */
+@@ -595,6 +597,7 @@ static int server_add_service_strlst_nocopy(
+ AVAHI_PUBLISH_UPDATE|
+ AVAHI_PUBLISH_USE_WIDE_AREA|
+ AVAHI_PUBLISH_USE_MULTICAST), AVAHI_ERR_INVALID_FLAGS);
++ AVAHI_CHECK_VALIDITY_SET_RET_GOTO_FAIL(s, !(flags & AVAHI_PUBLISH_USE_WIDE_AREA) || !(flags & AVAHI_PUBLISH_USE_MULTICAST), AVAHI_ERR_INVALID_FLAGS);
+ AVAHI_CHECK_VALIDITY_SET_RET_GOTO_FAIL(s, avahi_is_valid_service_name(name), AVAHI_ERR_INVALID_SERVICE_NAME);
+ AVAHI_CHECK_VALIDITY_SET_RET_GOTO_FAIL(s, avahi_is_valid_service_type_strict(type), AVAHI_ERR_INVALID_SERVICE_TYPE);
+ AVAHI_CHECK_VALIDITY_SET_RET_GOTO_FAIL(s, !domain || avahi_is_valid_domain_name(domain), AVAHI_ERR_INVALID_DOMAIN_NAME);
+@@ -754,6 +757,7 @@ static int server_update_service_txt_strlst_nocopy(
+ AVAHI_PUBLISH_NO_COOKIE|
+ AVAHI_PUBLISH_USE_WIDE_AREA|
+ AVAHI_PUBLISH_USE_MULTICAST), AVAHI_ERR_INVALID_FLAGS);
++ AVAHI_CHECK_VALIDITY_SET_RET_GOTO_FAIL(s, !(flags & AVAHI_PUBLISH_USE_WIDE_AREA) || !(flags & AVAHI_PUBLISH_USE_MULTICAST), AVAHI_ERR_INVALID_FLAGS);
+ AVAHI_CHECK_VALIDITY_SET_RET_GOTO_FAIL(s, avahi_is_valid_service_name(name), AVAHI_ERR_INVALID_SERVICE_NAME);
+ AVAHI_CHECK_VALIDITY_SET_RET_GOTO_FAIL(s, avahi_is_valid_service_type_strict(type), AVAHI_ERR_INVALID_SERVICE_TYPE);
+ AVAHI_CHECK_VALIDITY_SET_RET_GOTO_FAIL(s, !domain || avahi_is_valid_domain_name(domain), AVAHI_ERR_INVALID_DOMAIN_NAME);
+@@ -843,6 +847,7 @@ int avahi_server_add_service_subtype(
+ AVAHI_CHECK_VALIDITY_SET_RET_GOTO_FAIL(s, AVAHI_IF_VALID(interface), AVAHI_ERR_INVALID_INTERFACE);
+ AVAHI_CHECK_VALIDITY_SET_RET_GOTO_FAIL(s, AVAHI_PROTO_VALID(protocol), AVAHI_ERR_INVALID_PROTOCOL);
+ AVAHI_CHECK_VALIDITY_SET_RET_GOTO_FAIL(s, AVAHI_FLAGS_VALID(flags, AVAHI_PUBLISH_USE_MULTICAST|AVAHI_PUBLISH_USE_WIDE_AREA), AVAHI_ERR_INVALID_FLAGS);
++ AVAHI_CHECK_VALIDITY_SET_RET_GOTO_FAIL(s, !(flags & AVAHI_PUBLISH_USE_WIDE_AREA) || !(flags & AVAHI_PUBLISH_USE_MULTICAST), AVAHI_ERR_INVALID_FLAGS);
+ AVAHI_CHECK_VALIDITY_SET_RET_GOTO_FAIL(s, avahi_is_valid_service_name(name), AVAHI_ERR_INVALID_SERVICE_NAME);
+ AVAHI_CHECK_VALIDITY_SET_RET_GOTO_FAIL(s, avahi_is_valid_service_type_strict(type), AVAHI_ERR_INVALID_SERVICE_TYPE);
+ AVAHI_CHECK_VALIDITY_SET_RET_GOTO_FAIL(s, !domain || avahi_is_valid_domain_name(domain), AVAHI_ERR_INVALID_DOMAIN_NAME);
+@@ -910,6 +915,7 @@ static AvahiEntry *server_add_dns_server_name(
+ assert(name);
+
+ AVAHI_CHECK_VALIDITY_RETURN_NULL(s, AVAHI_FLAGS_VALID(flags, AVAHI_PUBLISH_USE_WIDE_AREA|AVAHI_PUBLISH_USE_MULTICAST), AVAHI_ERR_INVALID_FLAGS);
++ AVAHI_CHECK_VALIDITY_RETURN_NULL(s, !(flags & AVAHI_PUBLISH_USE_WIDE_AREA) || !(flags & AVAHI_PUBLISH_USE_MULTICAST), AVAHI_ERR_INVALID_FLAGS);
+ AVAHI_CHECK_VALIDITY_RETURN_NULL(s, type == AVAHI_DNS_SERVER_UPDATE || type == AVAHI_DNS_SERVER_RESOLVE, AVAHI_ERR_INVALID_FLAGS);
+ AVAHI_CHECK_VALIDITY_RETURN_NULL(s, port != 0, AVAHI_ERR_INVALID_PORT);
+ AVAHI_CHECK_VALIDITY_RETURN_NULL(s, avahi_is_valid_fqdn(name), AVAHI_ERR_INVALID_HOST_NAME);
+@@ -967,6 +973,7 @@ int avahi_server_add_dns_server_address(
+ AVAHI_CHECK_VALIDITY(s, AVAHI_IF_VALID(interface), AVAHI_ERR_INVALID_INTERFACE);
+ AVAHI_CHECK_VALIDITY(s, AVAHI_PROTO_VALID(protocol) && AVAHI_PROTO_VALID(address->proto), AVAHI_ERR_INVALID_PROTOCOL);
+ AVAHI_CHECK_VALIDITY(s, AVAHI_FLAGS_VALID(flags, AVAHI_PUBLISH_USE_MULTICAST|AVAHI_PUBLISH_USE_WIDE_AREA), AVAHI_ERR_INVALID_FLAGS);
++ AVAHI_CHECK_VALIDITY(s, !(flags & AVAHI_PUBLISH_USE_WIDE_AREA) || !(flags & AVAHI_PUBLISH_USE_MULTICAST), AVAHI_ERR_INVALID_FLAGS);
+ AVAHI_CHECK_VALIDITY(s, type == AVAHI_DNS_SERVER_UPDATE || type == AVAHI_DNS_SERVER_RESOLVE, AVAHI_ERR_INVALID_FLAGS);
+ AVAHI_CHECK_VALIDITY(s, port != 0, AVAHI_ERR_INVALID_PORT);
+ AVAHI_CHECK_VALIDITY(s, !domain || avahi_is_valid_domain_name(domain), AVAHI_ERR_INVALID_DOMAIN_NAME);
diff --git a/package/avahi/avahi.mk b/package/avahi/avahi.mk
index bcba0a0a4f..0a674182bc 100644
--- a/package/avahi/avahi.mk
+++ b/package/avahi/avahi.mk
@@ -60,6 +60,9 @@ AVAHI_IGNORE_CVES += CVE-2025-68471
# 0016-core-fix-uncontrolled-recursion-bug-using-a-simple-loop-detection-algorithm.patch
AVAHI_IGNORE_CVES += CVE-2026-24401
+# 0017-core-refuse-to-accept-publish-flags-where-both-wide-area-and-multicast-are-set.patch
+AVAHI_IGNORE_CVES += CVE-2026-34933
+
AVAHI_CONF_ENV = \
avahi_cv_sys_cxx_works=yes \
DATADIRNAME=share
--
2.54.0
_______________________________________________
buildroot mailing list
buildroot@buildroot.org
https://lists.buildroot.org/mailman/listinfo/buildroot
^ permalink raw reply related [flat|nested] 3+ messages in thread
* Re: [Buildroot] [PATCH 1/1] package/avahi: upstream patch for CVE-2026-34933
2026-06-26 19:59 [Buildroot] [PATCH 1/1] package/avahi: upstream patch for CVE-2026-34933 Thomas Perale via buildroot
@ 2026-07-05 9:51 ` Julien Olivain via buildroot
2026-07-10 13:51 ` Thomas Perale via buildroot
1 sibling, 0 replies; 3+ messages in thread
From: Julien Olivain via buildroot @ 2026-07-05 9:51 UTC (permalink / raw)
To: Thomas Perale; +Cc: buildroot
On 26/06/2026 21:59, Thomas Perale via buildroot wrote:
> This fixes the following vulnerability:
>
> - CVE-2026-34933:
> Avahi is a system which facilitates service discovery on a local
> network via the mDNS/DNS-SD protocol suite. Prior to version
> 0.9-rc4,
> any unprivileged local user can crash avahi-daemon by sending a
> single
> D-Bus method call with conflicting publish flags. This issue has
> been
> patched in version 0.9-rc4.
>
> For more information, see:
> - https://www.cve.org/CVERecord?id=CVE-2026-34933
> -
> https://github.com/avahi/avahi/commit/0be89b6bb5c3983837b5e0febcbbbf452ecf7675
>
> Signed-off-by: Thomas Perale <thomas.perale@mind.be>
Applied to master, thanks.
_______________________________________________
buildroot mailing list
buildroot@buildroot.org
https://lists.buildroot.org/mailman/listinfo/buildroot
^ permalink raw reply [flat|nested] 3+ messages in thread
* Re: [Buildroot] [PATCH 1/1] package/avahi: upstream patch for CVE-2026-34933
2026-06-26 19:59 [Buildroot] [PATCH 1/1] package/avahi: upstream patch for CVE-2026-34933 Thomas Perale via buildroot
2026-07-05 9:51 ` Julien Olivain via buildroot
@ 2026-07-10 13:51 ` Thomas Perale via buildroot
1 sibling, 0 replies; 3+ messages in thread
From: Thomas Perale via buildroot @ 2026-07-10 13:51 UTC (permalink / raw)
To: Thomas Perale; +Cc: buildroot
In reply of:
> This fixes the following vulnerability:
>
> - CVE-2026-34933:
> Avahi is a system which facilitates service discovery on a local
> network via the mDNS/DNS-SD protocol suite. Prior to version 0.9-rc4,
> any unprivileged local user can crash avahi-daemon by sending a single
> D-Bus method call with conflicting publish flags. This issue has been
> patched in version 0.9-rc4.
>
> For more information, see:
> - https://www.cve.org/CVERecord?id=CVE-2026-34933
> - https://github.com/avahi/avahi/commit/0be89b6bb5c3983837b5e0febcbbbf452ecf7675
>
> Signed-off-by: Thomas Perale <thomas.perale@mind.be>
Applied to 2026.05.x & 2025.02.x. Thanks
> ---
> ...both-wide-area-and-multicast-are-set.patch | 106 ++++++++++++++++++
> package/avahi/avahi.mk | 3 +
> 2 files changed, 109 insertions(+)
> create mode 100644 package/avahi/0017-core-refuse-to-accept-publish-flags-where-both-wide-area-and-multicast-are-set.patch
>
> diff --git a/package/avahi/0017-core-refuse-to-accept-publish-flags-where-both-wide-area-and-multicast-are-set.patch b/package/avahi/0017-core-refuse-to-accept-publish-flags-where-both-wide-area-and-multicast-are-set.patch
> new file mode 100644
> index 0000000000..de359b7d22
> --- /dev/null
> +++ b/package/avahi/0017-core-refuse-to-accept-publish-flags-where-both-wide-area-and-multicast-are-set.patch
> @@ -0,0 +1,106 @@
> +From 0be89b6bb5c3983837b5e0febcbbbf452ecf7675 Mon Sep 17 00:00:00 2001
> +From: Evgeny Vereshchagin <evvers@ya.ru>
> +Date: Wed, 1 Apr 2026 05:31:58 +0000
> +Subject: [PATCH] core: refuse to accept publish flags where both wide_area and
> + multicast are set
> +
> +It fixes a bug where it was possible for unprivileged local users to
> +crash avahi-daemon via D-Bus by calling EntryGroup methods accepting
> +flags and passing both AVAHI_PUBLISH_USE_WIDE_AREA and
> +AVAHI_PUBLISH_USE_MULTICAST there. For example when AddRecord was
> +invoked like that avahi-daemon crashed with
> +```
> +dbus-entry-group.c: interface=org.freedesktop.Avahi.EntryGroup, path=/Client0/EntryGroup1, member=AddRecord
> +avahi-daemon: entry.c:57: transport_flags_from_domain: Assertion `!((*flags & AVAHI_PUBLISH_USE_MULTICAST) && (*flags & AVAHI_PUBLISH_USE_WIDE_AREA))' failed.
> +==84944==
> +==84944== Process terminating with default action of signal 6 (SIGABRT)
> +==84944== at 0x4B353BC: __pthread_kill_implementation (pthread_kill.c:44)
> +==84944== by 0x4ADE941: raise (raise.c:26)
> +==84944== by 0x4AC64AB: abort (abort.c:77)
> +==84944== by 0x4AC641F: __assert_fail_base.cold (assert.c:118)
> +==84944== by 0x48A9404: transport_flags_from_domain (entry.c:57)
> +==84944== by 0x48A9F8F: server_add_internal (entry.c:224)
> +==84944== by 0x48AA49F: avahi_server_add (entry.c:324)
> +==84944== by 0x401A670: avahi_dbus_msg_entry_group_impl (dbus-entry-group.c:348)
> +==84944== by 0x4A70741: ??? (in /usr/lib/x86_64-linux-gnu/libdbus-1.so.3.38.3)
> +==84944== by 0x4A5FB22: dbus_connection_dispatch (in /usr/lib/x86_64-linux-gnu/libdbus-1.so.3.38.3)
> +==84944== by 0x401D01D: dispatch_timeout_callback (dbus-watch-glue.c:105)
> +==84944== by 0x488E3AE: timeout_callback (simple-watch.c:447)
> +==84944==
> +```
> +It's a follow-up to fbce111b069aa1e4c701ed37ee1d9f6d6cefaac5 where
> +those flags were introduced and consistent with the other places
> +where wide_area/multicast flags are used.
> +
> +It was discovered by
> +Guillaume Meunier - Head of Vulnerability Operations Center France - Orange Cyberdefense
> +
> +https://github.com/avahi/avahi/security/advisories/GHSA-w65r-6gxh-vhvc
> +
> +CVE: CVE-2026-34933
> +Upstream: https://github.com/avahi/avahi/commit/0be89b6bb5c3983837b5e0febcbbbf452ecf7675
> +Signed-off-by: Thomas Perale <thomas.perale@mind.be>
> +---
> + avahi-core/entry.c | 7 +++++++
> + 1 file changed, 7 insertions(+)
> +
> +diff --git a/avahi-core/entry.c b/avahi-core/entry.c
> +index 0d862133d..06eb12076 100644
> +--- a/avahi-core/entry.c
> ++++ b/avahi-core/entry.c
> +@@ -207,6 +207,7 @@ static AvahiEntry * server_add_internal(
> + AVAHI_PUBLISH_UPDATE|
> + AVAHI_PUBLISH_USE_WIDE_AREA|
> + AVAHI_PUBLISH_USE_MULTICAST), AVAHI_ERR_INVALID_FLAGS);
> ++ AVAHI_CHECK_VALIDITY_RETURN_NULL(s, !(flags & AVAHI_PUBLISH_USE_WIDE_AREA) || !(flags & AVAHI_PUBLISH_USE_MULTICAST), AVAHI_ERR_INVALID_FLAGS);
> + AVAHI_CHECK_VALIDITY_RETURN_NULL(s, avahi_is_valid_domain_name(r->key->name), AVAHI_ERR_INVALID_HOST_NAME);
> + AVAHI_CHECK_VALIDITY_RETURN_NULL(s, r->ttl != 0, AVAHI_ERR_INVALID_TTL);
> + AVAHI_CHECK_VALIDITY_RETURN_NULL(s, !avahi_key_is_pattern(r->key), AVAHI_ERR_IS_PATTERN);
> +@@ -454,6 +455,7 @@ int avahi_server_add_address(
> + AVAHI_PUBLISH_UPDATE|
> + AVAHI_PUBLISH_USE_WIDE_AREA|
> + AVAHI_PUBLISH_USE_MULTICAST), AVAHI_ERR_INVALID_FLAGS);
> ++ AVAHI_CHECK_VALIDITY(s, !(flags & AVAHI_PUBLISH_USE_WIDE_AREA) || !(flags & AVAHI_PUBLISH_USE_MULTICAST), AVAHI_ERR_INVALID_FLAGS);
> + AVAHI_CHECK_VALIDITY(s, !name || avahi_is_valid_fqdn(name), AVAHI_ERR_INVALID_HOST_NAME);
> +
> + /* Prepare the host naem */
> +@@ -595,6 +597,7 @@ static int server_add_service_strlst_nocopy(
> + AVAHI_PUBLISH_UPDATE|
> + AVAHI_PUBLISH_USE_WIDE_AREA|
> + AVAHI_PUBLISH_USE_MULTICAST), AVAHI_ERR_INVALID_FLAGS);
> ++ AVAHI_CHECK_VALIDITY_SET_RET_GOTO_FAIL(s, !(flags & AVAHI_PUBLISH_USE_WIDE_AREA) || !(flags & AVAHI_PUBLISH_USE_MULTICAST), AVAHI_ERR_INVALID_FLAGS);
> + AVAHI_CHECK_VALIDITY_SET_RET_GOTO_FAIL(s, avahi_is_valid_service_name(name), AVAHI_ERR_INVALID_SERVICE_NAME);
> + AVAHI_CHECK_VALIDITY_SET_RET_GOTO_FAIL(s, avahi_is_valid_service_type_strict(type), AVAHI_ERR_INVALID_SERVICE_TYPE);
> + AVAHI_CHECK_VALIDITY_SET_RET_GOTO_FAIL(s, !domain || avahi_is_valid_domain_name(domain), AVAHI_ERR_INVALID_DOMAIN_NAME);
> +@@ -754,6 +757,7 @@ static int server_update_service_txt_strlst_nocopy(
> + AVAHI_PUBLISH_NO_COOKIE|
> + AVAHI_PUBLISH_USE_WIDE_AREA|
> + AVAHI_PUBLISH_USE_MULTICAST), AVAHI_ERR_INVALID_FLAGS);
> ++ AVAHI_CHECK_VALIDITY_SET_RET_GOTO_FAIL(s, !(flags & AVAHI_PUBLISH_USE_WIDE_AREA) || !(flags & AVAHI_PUBLISH_USE_MULTICAST), AVAHI_ERR_INVALID_FLAGS);
> + AVAHI_CHECK_VALIDITY_SET_RET_GOTO_FAIL(s, avahi_is_valid_service_name(name), AVAHI_ERR_INVALID_SERVICE_NAME);
> + AVAHI_CHECK_VALIDITY_SET_RET_GOTO_FAIL(s, avahi_is_valid_service_type_strict(type), AVAHI_ERR_INVALID_SERVICE_TYPE);
> + AVAHI_CHECK_VALIDITY_SET_RET_GOTO_FAIL(s, !domain || avahi_is_valid_domain_name(domain), AVAHI_ERR_INVALID_DOMAIN_NAME);
> +@@ -843,6 +847,7 @@ int avahi_server_add_service_subtype(
> + AVAHI_CHECK_VALIDITY_SET_RET_GOTO_FAIL(s, AVAHI_IF_VALID(interface), AVAHI_ERR_INVALID_INTERFACE);
> + AVAHI_CHECK_VALIDITY_SET_RET_GOTO_FAIL(s, AVAHI_PROTO_VALID(protocol), AVAHI_ERR_INVALID_PROTOCOL);
> + AVAHI_CHECK_VALIDITY_SET_RET_GOTO_FAIL(s, AVAHI_FLAGS_VALID(flags, AVAHI_PUBLISH_USE_MULTICAST|AVAHI_PUBLISH_USE_WIDE_AREA), AVAHI_ERR_INVALID_FLAGS);
> ++ AVAHI_CHECK_VALIDITY_SET_RET_GOTO_FAIL(s, !(flags & AVAHI_PUBLISH_USE_WIDE_AREA) || !(flags & AVAHI_PUBLISH_USE_MULTICAST), AVAHI_ERR_INVALID_FLAGS);
> + AVAHI_CHECK_VALIDITY_SET_RET_GOTO_FAIL(s, avahi_is_valid_service_name(name), AVAHI_ERR_INVALID_SERVICE_NAME);
> + AVAHI_CHECK_VALIDITY_SET_RET_GOTO_FAIL(s, avahi_is_valid_service_type_strict(type), AVAHI_ERR_INVALID_SERVICE_TYPE);
> + AVAHI_CHECK_VALIDITY_SET_RET_GOTO_FAIL(s, !domain || avahi_is_valid_domain_name(domain), AVAHI_ERR_INVALID_DOMAIN_NAME);
> +@@ -910,6 +915,7 @@ static AvahiEntry *server_add_dns_server_name(
> + assert(name);
> +
> + AVAHI_CHECK_VALIDITY_RETURN_NULL(s, AVAHI_FLAGS_VALID(flags, AVAHI_PUBLISH_USE_WIDE_AREA|AVAHI_PUBLISH_USE_MULTICAST), AVAHI_ERR_INVALID_FLAGS);
> ++ AVAHI_CHECK_VALIDITY_RETURN_NULL(s, !(flags & AVAHI_PUBLISH_USE_WIDE_AREA) || !(flags & AVAHI_PUBLISH_USE_MULTICAST), AVAHI_ERR_INVALID_FLAGS);
> + AVAHI_CHECK_VALIDITY_RETURN_NULL(s, type == AVAHI_DNS_SERVER_UPDATE || type == AVAHI_DNS_SERVER_RESOLVE, AVAHI_ERR_INVALID_FLAGS);
> + AVAHI_CHECK_VALIDITY_RETURN_NULL(s, port != 0, AVAHI_ERR_INVALID_PORT);
> + AVAHI_CHECK_VALIDITY_RETURN_NULL(s, avahi_is_valid_fqdn(name), AVAHI_ERR_INVALID_HOST_NAME);
> +@@ -967,6 +973,7 @@ int avahi_server_add_dns_server_address(
> + AVAHI_CHECK_VALIDITY(s, AVAHI_IF_VALID(interface), AVAHI_ERR_INVALID_INTERFACE);
> + AVAHI_CHECK_VALIDITY(s, AVAHI_PROTO_VALID(protocol) && AVAHI_PROTO_VALID(address->proto), AVAHI_ERR_INVALID_PROTOCOL);
> + AVAHI_CHECK_VALIDITY(s, AVAHI_FLAGS_VALID(flags, AVAHI_PUBLISH_USE_MULTICAST|AVAHI_PUBLISH_USE_WIDE_AREA), AVAHI_ERR_INVALID_FLAGS);
> ++ AVAHI_CHECK_VALIDITY(s, !(flags & AVAHI_PUBLISH_USE_WIDE_AREA) || !(flags & AVAHI_PUBLISH_USE_MULTICAST), AVAHI_ERR_INVALID_FLAGS);
> + AVAHI_CHECK_VALIDITY(s, type == AVAHI_DNS_SERVER_UPDATE || type == AVAHI_DNS_SERVER_RESOLVE, AVAHI_ERR_INVALID_FLAGS);
> + AVAHI_CHECK_VALIDITY(s, port != 0, AVAHI_ERR_INVALID_PORT);
> + AVAHI_CHECK_VALIDITY(s, !domain || avahi_is_valid_domain_name(domain), AVAHI_ERR_INVALID_DOMAIN_NAME);
> diff --git a/package/avahi/avahi.mk b/package/avahi/avahi.mk
> index bcba0a0a4f..0a674182bc 100644
> --- a/package/avahi/avahi.mk
> +++ b/package/avahi/avahi.mk
> @@ -60,6 +60,9 @@ AVAHI_IGNORE_CVES += CVE-2025-68471
> # 0016-core-fix-uncontrolled-recursion-bug-using-a-simple-loop-detection-algorithm.patch
> AVAHI_IGNORE_CVES += CVE-2026-24401
>
> +# 0017-core-refuse-to-accept-publish-flags-where-both-wide-area-and-multicast-are-set.patch
> +AVAHI_IGNORE_CVES += CVE-2026-34933
> +
> AVAHI_CONF_ENV = \
> avahi_cv_sys_cxx_works=yes \
> DATADIRNAME=share
> --
> 2.54.0
>
> _______________________________________________
> buildroot mailing list
> buildroot@buildroot.org
> https://lists.buildroot.org/mailman/listinfo/buildroot
_______________________________________________
buildroot mailing list
buildroot@buildroot.org
https://lists.buildroot.org/mailman/listinfo/buildroot
^ permalink raw reply [flat|nested] 3+ messages in thread
end of thread, other threads:[~2026-07-10 13:51 UTC | newest]
Thread overview: 3+ messages (download: mbox.gz follow: Atom feed
-- links below jump to the message on this page --
2026-06-26 19:59 [Buildroot] [PATCH 1/1] package/avahi: upstream patch for CVE-2026-34933 Thomas Perale via buildroot
2026-07-05 9:51 ` Julien Olivain via buildroot
2026-07-10 13:51 ` Thomas Perale via buildroot
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.