Accepting request 1078523 from GNOME:Next

- Add avahi-CVE-2023-1981.patch: emit error if requested service
  is not found (boo#1210328 CVE-2023-1981).

OBS-URL: https://build.opensuse.org/request/show/1078523
OBS-URL: https://build.opensuse.org/package/show/GNOME:Factory/avahi?expand=0&rev=217

avahi-CVE-2023-1981.patch

@@ -0,0 +1,56 @@
+From a2696da2f2c50ac43b6c4903f72290d5c3fa9f6f Mon Sep 17 00:00:00 2001
+From: =?UTF-8?q?Petr=20Men=C5=A1=C3=ADk?= <pemensik@redhat.com>
+Date: Thu, 17 Nov 2022 01:51:53 +0100
+Subject: [PATCH] Emit error if requested service is not found
+
+It currently just crashes instead of replying with error. Check return
+value and emit error instead of passing NULL pointer to reply.
+
+Fixes #375
+---
+ avahi-daemon/dbus-protocol.c | 20 ++++++++++++++------
+ 1 file changed, 14 insertions(+), 6 deletions(-)
+
+diff --git a/avahi-daemon/dbus-protocol.c b/avahi-daemon/dbus-protocol.c
+index 70d7687..406d0b4 100644
+--- a/avahi-daemon/dbus-protocol.c
++++ b/avahi-daemon/dbus-protocol.c
+@@ -375,10 +375,14 @@ static DBusHandlerResult dbus_get_alternative_host_name(DBusConnection *c, DBusM
+     }
+ 
+     t = avahi_alternative_host_name(n);
+-    avahi_dbus_respond_string(c, m, t);
+-    avahi_free(t);
++    if (t) {
++        avahi_dbus_respond_string(c, m, t);
++        avahi_free(t);
+ 
+-    return DBUS_HANDLER_RESULT_HANDLED;
++        return DBUS_HANDLER_RESULT_HANDLED;
++    } else {
++        return avahi_dbus_respond_error(c, m, AVAHI_ERR_NOT_FOUND, "Hostname not found");
++    }
+ }
+ 
+ static DBusHandlerResult dbus_get_alternative_service_name(DBusConnection *c, DBusMessage *m, DBusError *error) {
+@@ -389,10 +393,14 @@ static DBusHandlerResult dbus_get_alternative_service_name(DBusConnection *c, DB
+     }
+ 
+     t = avahi_alternative_service_name(n);
+-    avahi_dbus_respond_string(c, m, t);
+-    avahi_free(t);
++    if (t) {
++        avahi_dbus_respond_string(c, m, t);
++        avahi_free(t);
+ 
+-    return DBUS_HANDLER_RESULT_HANDLED;
++        return DBUS_HANDLER_RESULT_HANDLED;
++    } else {
++        return avahi_dbus_respond_error(c, m, AVAHI_ERR_NOT_FOUND, "Service not found");
++    }
+ }
+ 
+ static DBusHandlerResult dbus_create_new_entry_group(DBusConnection *c, DBusMessage *m, DBusError *error) {
+-- 
+2.40.0
+

avahi.changes

@@ -1,3 +1,9 @@
+-------------------------------------------------------------------
+Tue Apr 11 21:00:12 UTC 2023 - Michael Gorse <mgorse@suse.com>
+
+- Add avahi-CVE-2023-1981.patch: emit error if requested service
+  is not found (boo#1210328 CVE-2023-1981).
+
 -------------------------------------------------------------------
 Mon Dec 19 12:16:12 UTC 2022 - Dominique Leuenberger <dimstar@opensuse.org>
 

avahi.spec

@@ -1,7 +1,7 @@
 #
 # spec file
 #
-# Copyright (c) 2022 SUSE LLC
+# Copyright (c) 2023 SUSE LLC
 #
 # All modifications and additions to the file contributed by third parties
 # remain the property of their copyright owners, unless otherwise agreed
@@ -99,6 +99,8 @@ Patch26:        0007-Ship-avahi-discover-1-bssh-1-and-bvnc-1-also-for-GTK.patch
 Patch27:        0009-fix-bytestring-decoding-for-proper-display.patch
 Patch28:        harden_avahi-daemon.service.patch
 Patch29:        harden_avahi-dnsconfd.service.patch
+# PATCH-FIX-UPSTREAM avahi-CVE-2023-1981.patch boo#1210328 mgorse@suse.com -- emit error if requested service is not found.
+Patch30:        avahi-CVE-2023-1981.patch
 BuildRequires:  fdupes
 BuildRequires:  gcc-c++
 BuildRequires:  gdbm-devel
@@ -417,6 +419,7 @@ DNS specifications for Zeroconf Computing.
 
 
 
+
 # This is the avahi-discover command, only provided for the primary python3 flavor
 %package -n python3-avahi-gtk
 Summary:        A set of Avahi utilities written in Python Using python-gtk
@@ -510,6 +513,7 @@ cp -a %{SOURCE12} service-type-database/build-db
 %patch27 -p1
 %patch28 -p1
 %patch29 -p1
+%patch30 -p1
 
 %if !%{build_core}
 # Replace all .la references from local .la files to installed versions