[ubuntu/resolute-proposed] avahi 0.8-17ubuntu2 (Accepted)

Hlib Korzhynskyy hlib.korzhynskyy at canonical.com
Mon Jan 19 17:39:26 UTC 2026 

avahi (0.8-17ubuntu2) resolute; urgency=medium

  * SECURITY UPDATE: Denial of service when creating a record browser.
    - debian/patches/CVE-2025-68276.patch: Add AVAHI_LOOKUP_USE_WIDE_AREA and
      wide area use check in avahi-core/browse.c.
    - CVE-2025-68276
  * SECURITY UPDATE: Denial of service after CNAME expiration.
    - debian/patches/CVE-2025-68468.patch: Remove assert in
      avahi-core/browse.c.
    - CVE-2025-68468
  * SECURITY UPDATE: Denial of service on receiving CNAME resource records.
    - debian/patches/CVE-2025-68471.patch: Change assert to return on
      wide_area check in avahi-core/browse.c.
    - CVE-2025-68471

Date: Mon, 19 Jan 2026 13:55:55 -0330
Changed-By: Hlib Korzhynskyy <hlib.korzhynskyy at canonical.com>
Maintainer: Ubuntu Developers <ubuntu-devel-discuss at lists.ubuntu.com>
Signed-By: Marc Deslauriers <marc.deslauriers at canonical.com>
https://launchpad.net/ubuntu/+source/avahi/0.8-17ubuntu2
-------------- next part --------------
Format: 1.8
Date: Mon, 19 Jan 2026 13:55:55 -0330
Source: avahi
Built-For-Profiles: noudeb
Architecture: source
Version: 0.8-17ubuntu2
Distribution: resolute
Urgency: medium
Maintainer: Ubuntu Developers <ubuntu-devel-discuss at lists.ubuntu.com>
Changed-By: Hlib Korzhynskyy <hlib.korzhynskyy at canonical.com>
Changes:
 avahi (0.8-17ubuntu2) resolute; urgency=medium
 .
   * SECURITY UPDATE: Denial of service when creating a record browser.
     - debian/patches/CVE-2025-68276.patch: Add AVAHI_LOOKUP_USE_WIDE_AREA and
       wide area use check in avahi-core/browse.c.
     - CVE-2025-68276
   * SECURITY UPDATE: Denial of service after CNAME expiration.
     - debian/patches/CVE-2025-68468.patch: Remove assert in
       avahi-core/browse.c.
     - CVE-2025-68468
   * SECURITY UPDATE: Denial of service on receiving CNAME resource records.
     - debian/patches/CVE-2025-68471.patch: Change assert to return on
       wide_area check in avahi-core/browse.c.
     - CVE-2025-68471
Checksums-Sha1:
 35425f3daa5dbf036b5a17cb66ab1a5dc29c7ed6 4167 avahi_0.8-17ubuntu2.dsc
 9229c02864a54525d53a215b514d4ac13e48be77 61420 avahi_0.8-17ubuntu2.debian.tar.xz
 a042ebeabebe0db4a0c75574dc4b130a5b2f3ae3 17024 avahi_0.8-17ubuntu2_source.buildinfo
Checksums-Sha256:
 97354fc996bafb5690c3b1a48ee4d5c691c509e85a4e3b5c2a022498e7d98073 4167 avahi_0.8-17ubuntu2.dsc
 722164bd20f20d2fc68f6fefd31a9007f0d4d88602e0d02d283da444d5844b64 61420 avahi_0.8-17ubuntu2.debian.tar.xz
 62eb6b60763104e667d41a6950a97d7f1bc392880b1674f859aa59accfa78e5d 17024 avahi_0.8-17ubuntu2_source.buildinfo
Files:
 29875830d7692f27e20c0caf5cb04a46 4167 net optional avahi_0.8-17ubuntu2.dsc
 eecfd4d128428b8fd13c094eb4e3fd3c 61420 net optional avahi_0.8-17ubuntu2.debian.tar.xz
 6d297c44da8c189f9c227c57b7bceb1e 17024 net optional avahi_0.8-17ubuntu2_source.buildinfo
Original-Maintainer: Utopia Maintenance Team <pkg-utopia-maintainers at lists.alioth.debian.org>

More information about the Resolute-changes mailing list