------------------------------------------------------------------- Tue Jan 13 04:23:18 UTC 2026 - Cliff Zhao - Add avahi-CVE-2025-68276.patch: Backport 0c013e2 from upstream, refuse to create wide-area record browsers when wide-area is off. (CVE-2025-68276, bsc#1256498) ------------------------------------------------------------------- Tue Jan 13 04:23:18 UTC 2026 - Cliff Zhao - Add avahi-CVE-2025-68471.patch: Backport 9c6eb53 from upstream, fix DoS bug by changing assert to return. (CVE-2025-68471, bsc#1256500) ------------------------------------------------------------------- Tue Jan 13 04:23:18 UTC 2026 - Cliff Zhao - Add avahi-CVE-2025-68468.patch: Backport f66be13 from upstream, fix DoS bug by removing incorrect assertion. (CVE-2025-68468, bsc#1256499) ------------------------------------------------------------------- Mon Sep 15 14:32:04 UTC 2025 - Cliff Zhao - Add avahi-CVE-2024-52615.patch: Backport 4e2e1ea from upstream, Resolve fixed source ports for wide-area DNS queries cause DNS responses be injected. (CVE-2024-52615, bsc#1233421) ------------------------------------------------------------------- Wed Nov 20 10:09:45 UTC 2024 - Cliff Zhao - Add avahi-CVE-2024-52616.patch: Backporting 1dade81c from upstream: Properly randomize query id of DNS packets. (CVE-2024-52616, bsc#1233420) ------------------------------------------------------------------- Tue Apr 11 21:48:34 UTC 2023 - Michael Gorse - Add avahi-CVE-2023-1981.patch: emit error if requested service is not found (boo#1210328 CVE-2023-1981). ------------------------------------------------------------------- Thu Nov 3 15:54:55 UTC 2022 - Michael Gorse - Add avahi-bsc1163683.patch: do not cache responses generated locally (bsc#1163683). ------------------------------------------------------------------- Tue Apr 20 16:17:54 UTC 2021 - Michael Gorse - Add avahi-CVE-2021-3468.patch: avoid infinite loop by handling HUP event in client_work (boo#1184521 CVE-2021-3468). https://github.com/lathiat/avahi/pull/330 ------------------------------------------------------------------- Mon Feb 8 17:30:34 UTC 2021 - Michael Gorse - Update avahi-daemon-check-dns.sh from Debian. Our previous version relied on ifconfig, route, and init.d. - Rebase avahi-daemon-check-dns-suse.patch, and drop privileges when invoking avahi-daemon-check-dns.sh (boo#1180827 CVE-2021-26720). - Add sudo to requires: used to drop privileges. ------------------------------------------------------------------- Tue Jul 21 21:39:05 UTC 2020 - Michael Gorse - When changing ownership of /var/lib/autoipd, only change ownership of files owned by avahi, to mitigate against possible exploits (bsc#1154063). ------------------------------------------------------------------- Mon Jan 14 20:39:06 UTC 2019 - mgorse@suse.com - Add CVE-2018-1000845.patch: drop legacy unicast queries from address not on local link (boo#1120281 CVE-2018-1000845). ------------------------------------------------------------------- Wed May 2 09:45:41 UTC 2018 - yfjiang@suse.com - Add avahi-daemon-increase-rlimit.patch: increase rlimit as a conservative way to handle certain crashes referring to upstream commit 71ace71 (bsc#1085255). ------------------------------------------------------------------- Thu Nov 23 13:37:26 UTC 2017 - rbrown@suse.com - Replace references to /var/adm/fillup-templates with new %_fillupdir macro (boo#1069468) ------------------------------------------------------------------- Sat Sep 17 13:52:41 UTC 2011 - jengelh@medozas.de - Remove redundant tags/sections from specfile - Use %_smp_mflags for parallel build - Add libavahi-devel to baselibs ------------------------------------------------------------------- Fri Aug 12 18:57:25 UTC 2011 - andrea.turrini@gmail.com - Fixed typo in avahi-qt4.spec. ------------------------------------------------------------------- Mon Mar 15 17:10:10 CET 2010 - sbrabec@suse.cz - Added support for translation-update-upstream (FATE#301344). ------------------------------------------------------------------- Sun Aug 9 12:43:26 CEST 2009 - coolo@novell.com - use new python macros ------------------------------------------------------------------- Mon Sep 1 10:22:46 CEST 2008 - meissner@suse.de - Added GCC attribute alloc_size markup for allocator functions ------------------------------------------------------------------- Fri Jul 18 17:18:20 CEST 2008 - sbrabec@suse.cz - Updated to version 0.6.23: * A lot of translation updates * Beef up bnvc quite a bit, including passing a domain to browse in * Increase numer of open files resource limit to 300 so that we can deal with more clients simultaneously. * Rework 'poof' algorithm a bit to reduce traffic load on noisy links. * Build fixes * Minor other updates * Backwards compatible with Avahi 0.6.x with x < 23. ------------------------------------------------------------------- Sun May 11 11:49:29 CEST 2008 - coolo@suse.de - fix rename of xxbit packages ------------------------------------------------------------------- Wed Mar 5 16:14:36 CET 2008 - sbrabec@suse.cz - Create new spec file to avoid dependency of avahi core on Qt.