main/avahi: fix CVE-2017-6519 and CVE-2018-1000845

Fixes #9241
2026-05-05 20:36:40 +02:00 · 2019-07-16 22:46:19 -03:00 · 2019-07-16 22:46:19 -03:00 · 8aeb113779
commit 8aeb113779
parent 8d7e4b03bb
2 changed files with 38 additions and 3 deletions
--- a/main/avahi/APKBUILD
+++ b/main/avahi/APKBUILD
@ -1,7 +1,7 @@
 # Maintainer: Natanael Copa <ncopa@alpinelinux.org>
 pkgname=avahi
 pkgver=0.7
-pkgrel=1
+pkgrel=2
 pkgdesc="A multicast/unicast DNS-SD framework"
 url="https://www.avahi.org/"
 arch="all"
@ -17,9 +17,16 @@ subpackages="$pkgname-dev $pkgname-doc $pkgname-tools $pkgname-glib
 	$pkgname-libs $pkgname-compat-howl:howl
 	$pkgname-compat-libdns_sd:lidns_sd $pkgname-lang
 	py2-avahi:_py2:noarch"
-source="https://github.com/lathiat/avahi/releases/download/v$pkgver/avahi-$pkgver.tar.gz"
+source="https://github.com/lathiat/avahi/releases/download/v$pkgver/avahi-$pkgver.tar.gz
+	CVE-2017-6519-and-CVE-2018-1000845.patch
+	"
 builddir="$srcdir/$pkgname-$pkgver"

+# secfixes:
+#   0.7-r2:
+#     - CVE-2017-6519
+#     - CVE-2018-1000845
+
 prepare() {
 	default_prepare
 	autoreconf -vif
@ -128,4 +135,5 @@ _py2() {
 	mv "$pkgdir"/usr/lib/python2.* "$subpkgdir"/usr/lib/
 }

-sha512sums="bae5a1e9204aca90b90e7fd223d19e809e3514d03ba5fa2da1e55bf1d72d3d3b98567f357900c36393613dc17dc98e15ff3ebf0f226f2f6b9766e592452a6ce7  avahi-0.7.tar.gz"
+sha512sums="bae5a1e9204aca90b90e7fd223d19e809e3514d03ba5fa2da1e55bf1d72d3d3b98567f357900c36393613dc17dc98e15ff3ebf0f226f2f6b9766e592452a6ce7  avahi-0.7.tar.gz
+dc5c9fde8d1244e70e3cf1c09bc274b094458d2fad982f5a79bcbf3cbddc43a0cf79e9ba106b3b0446a6f0b006fd3beeee48a03bd3d8a06cf8d9821f6945ffed  CVE-2017-6519-and-CVE-2018-1000845.patch"
--- a/main/avahi/CVE-2017-6519-and-CVE-2018-1000845.patch
+++ b/main/avahi/CVE-2017-6519-and-CVE-2018-1000845.patch
@ -0,0 +1,27 @@
+diff --git a/avahi-core/server.c b/avahi-core/server.c
+index a2cb19a..a2580e3 100644
+--- a/avahi-core/server.c
+++ b/avahi-core/server.c
+@@ -930,6 +930,7 @@ static void dispatch_packet(AvahiServer *s, AvahiDnsPacket *p, const AvahiAddres
+ 
+     if (avahi_dns_packet_is_query(p)) {
+         int legacy_unicast = 0;
+        char t[AVAHI_ADDRESS_STR_MAX];
+ 
+         /* For queries EDNS0 might allow ARCOUNT != 0. We ignore the
+          * AR section completely here, so far. Until the day we add
+@@ -947,6 +948,13 @@ static void dispatch_packet(AvahiServer *s, AvahiDnsPacket *p, const AvahiAddres
+             legacy_unicast = 1;
+         }
+ 
+        if (!is_mdns_mcast_address(dst_address) &&
+            !avahi_interface_address_on_link(i, src_address)) {
+
+            avahi_log_debug("Received non-local unicast query from host %s on interface '%s.%i'.", avahi_address_snprint(t, sizeof(t), src_address), i->hardware->name, i->protocol);
+            return;
+        }
+
+         if (legacy_unicast)
+             reflect_legacy_unicast_query_packet(s, p, i, src_address, port);
+ 
+