Ubuntu
avahi package

lp:ubuntu/dapper-updates/avahi

Dapper (6.06)
dapper-updates

Created by James Westby on 2009-07-19 and last modified on 2009-07-19

Get this branch:: bzr branch lp:ubuntu/dapper-updates/avahi

Members of Ubuntu branches can upload to this branch. Log in for directions.

Branch merges

No branches dependent on this one.

Related bugs

Link a bug report

Related blueprints

Branch information

Owner:: Ubuntu branches

Review team:: Ubuntu Development Team

Status:: Mature

Recent revisions

40. By Jamie Strandboge on 2008-12-18: * SECURITY UPDATE: denial of service via crafted mDNS packet
  - debian/patches/80_CVE-2008-5081.patch: verify port is > 0 in server.c
  - CVE-2008-5081
* SECURITY UPDATE: denial of service via empty TXT record over dbus
  - debian/patches/80_CVE-2007-3372.patch: set k to empty string in
    avahi_dbus_read_strlst() if k in NULL and also check for size in
    avahi_string_list_add_arbitrary() assert
  - CVE-2007-3372
39. By Kees Cook on 2007-01-04: * SECURITY UPDATE: denial of service via malformed DNS reply.
* Add 'debian/patches/ubuntu_02_endless-dns-loop.patch' from upstream
* References
CVE-2006-6870
38. By Martin Pitt on 2006-12-14: * debian/patches/ubuntu_01_netlink-ownership.patch:
  - Previous patch broke operation with network-manager (the kernel sends
    funny process IDs, and due to the dropped packets avahi's state gets
    scrambled).
  - Now verify the packet's user ID instead.
  - Thanks to Trent Lloyd for the updated patch.
  - Closes: LP#72728
37. By Kees Cook on 2006-11-10: * SECURITY UPDATE: all netlink packets were expected to be from the kernel,
  which could lead to other local users manipulating Avahi, possibly
  crashing the server or gaining Avahi user privileges.
* Add 'debian/patches/ubuntu_01_netlink-ownership.patch' to verify packet
  owner, as done in upstream CVS.
* References
  CVE-2006-5461
36. By ZhengPeng Hou on 2006-05-26: Add kubuntu_03_fix_duplicate_entries_in_menu.patch
avahi-discover has two entries in menu, so add this
patch fix it .
35. By Sebastian Dröge on 2006-05-15: * debian/patches/02_avahi-sharp_processes_thread.patch:
  + Patch from upstream SVN:
    - ensure the event loop is finished before freeing the poll object
    - set Client.Handle to null immediately after freeing it
    - fixes a segfault on Client.Dispose()
34. By Sebastian Dröge on 2006-05-10: * New upstream release
  + SECURITY UPDATE: Fixes CVE-2006-2288 and CVE-2006-2289
* 03_cmsg_too_large.patch,
  04_initscript_log_end_msg.patch,
  05_empty_service_directory.patch,
  06_cname_handling.patch,
  07_avahi-sharp_missing_lock.patch,
  08_avahi-python_regex_fix.patch:
  - dropped, upstream now
* UVF Exception granted by Colin Watson
33. By Sebastian Dröge on 2006-04-22: * 08_avahi-python_regex_fix.patch (SVN rev 1189):
+ Fix the regex in the ServiceTypeDatabase to also match on service types
with - in them like _sftp-ssh._tcp
32. By Sebastian Dröge on 2006-04-18: * debian/patches/07_avahi-sharp_missing_lock.patch (SVN rev 1188):
+ Add a missing lock around the avahi_entry_group_add_service_strlst()
call (Closes: Malone #37647)
31. By Sebastian Dröge on 2006-04-01: * debian/patches/06_cname_handling.patch:
+ Fix CNAME handling in avahi (Closes: Malone #36642)

Branch metadata

Branch format:: Branch format 7

Repository format:: Bazaar repository format 2a (needs bzr 1.16 or later)

Stacked on:: lp:ubuntu/karmic/avahi

This branch contains Public information

Everyone can see this information.

Subscribers

James Westby

Ubuntuavahi package