[ubuntu/noble-security] avahi 0.8-13ubuntu6.1 (Accepted)
Hlib Korzhynskyy
hlib.korzhynskyy at canonical.com
Mon Jan 19 12:07:14 UTC 2026
avahi (0.8-13ubuntu6.1) noble-security; urgency=medium
* SECURITY UPDATE: Denial of service when creating a record browser.
- debian/patches/CVE-2025-68276.patch: Add AVAHI_LOOKUP_USE_WIDE_AREA and
wide area use check in avahi-core/browse.c.
- CVE-2025-68276
* SECURITY UPDATE: Denial of service after CNAME expiration.
- debian/patches/CVE-2025-68468.patch: Remove assert in
avahi-core/browse.c.
- CVE-2025-68468
* SECURITY UPDATE: Denial of service on receiving CNAME resource records.
- debian/patches/CVE-2025-68471.patch: Change assert to return on
wide_area check in avahi-core/browse.c.
- CVE-2025-68471
Date: 2026-01-16 20:39:11.520979+00:00
Changed-By: Hlib Korzhynskyy <hlib.korzhynskyy at canonical.com>
https://launchpad.net/ubuntu/+source/avahi/0.8-13ubuntu6.1
-------------- next part --------------
Sorry, changesfile not available.
More information about the noble-changes
mailing list