-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

Format: 1.8
Date: Thu, 19 Dec 2024 09:01:14 +0200
Source: avahi
Architecture: source
Version: 0.8-10+deb12u1
Distribution: bookworm
Urgency: medium
Maintainer: Utopia Maintenance Team <pkg-utopia-maintainers@lists.alioth.debian.org>
Changed-By: Adrian Bunk <bunk@debian.org>
Closes: 1054876 1054877 1054878 1054879 1054880
Changes:
 avahi (0.8-10+deb12u1) bookworm; urgency=medium
 .
   * Non-maintainer upload.
 .
   [ Michael Biebl ]
   * core: make sure there is rdata to process before parsing it.
     Patch cherry-picked from upstream Git.
     (CVE-2023-38472, Closes: #1054879)
   * core: reject overly long TXT resource records.
     Patches cherry-picked from upstream Git.
     (CVE-2023-38469, Closes: #1054876)
   * Ensure each label is at least one byte long.
     Patch cherry-picked from upstream Git.
     (CVE-2023-38470, Closes: #1054877)
   * core: extract host name using avahi_unescape_label()
     Patch cherry-picked from upstream Git.
     (CVE-2023-38471, Closes: #1054878)
   * common: derive alternative host name from its unescaped version.
     Patch cherry-picked from upstream Git.
     (CVE-2023-38473, Closes: #1054880)
   * Fix browsing when invalid services present.
     See https://github.com/lathiat/avahi/issues/212
Checksums-Sha1:
 be4bde27bdb8d9c01240955b78c03f1bf4112e4c 3933 avahi_0.8-10+deb12u1.dsc
 969a50ae18c8d8e2288435a75666dd076e69852a 1591458 avahi_0.8.orig.tar.gz
 5cc25122e3ee64a1264d954ff57e2dedb3f56b57 42832 avahi_0.8-10+deb12u1.debian.tar.xz
Checksums-Sha256:
 807cf0a281a0e90207d05cd74dc2c9b5905458f3fe236fbf1bf6d246987dd874 3933 avahi_0.8-10+deb12u1.dsc
 060309d7a333d38d951bc27598c677af1796934dbd98e1024e7ad8de798fedda 1591458 avahi_0.8.orig.tar.gz
 16b564d442c919d9b731a3b04c4d11be8ff5e77e79db9eb692527e5acfb53966 42832 avahi_0.8-10+deb12u1.debian.tar.xz
Files:
 96c4e9e428506a38e67435df04802123 3933 net optional avahi_0.8-10+deb12u1.dsc
 229c6aa30674fc43c202b22c5f8c2be7 1591458 net optional avahi_0.8.orig.tar.gz
 d434c240237802ce93788ece839c61cc 42832 net optional avahi_0.8-10+deb12u1.debian.tar.xz

-----BEGIN PGP SIGNATURE-----

iQIzBAEBCgAdFiEEOvp1f6xuoR0v9F3wiNJCh6LYmLEFAmd5QO8ACgkQiNJCh6LY
mLHG6hAAxWoR3jJ904p4D/Nt1V37HleadnQDRfJyJJZvC08116l/hotSg86BHbRL
SCdphR4Ku6NytioPENAsrqT1osXEfngYGyM/owH/YSHcgS7iMBm0gO1c53N7Q9/U
8VqZFEa44C61BaPMc4chYUWQqJy9EkZB1R8GzxUPD4SZ1Gm5ggqcfsE1MVK8T9sA
vMwQ5IkKryQVFQeVKDJWiDrgunutrkt83XI2nDx3Q6gw61irBUUfG8dHgXdWEx+x
YfUgmADusSrCwTpzxpX9opuoWwK5V2+Ni01rG+heyff2E+YvXl/cMb7oPqYRcc1a
YD9BVEmvEpZbIKvIl3RtQ5e2gplv3K3VVfFNlJiosMAzJ08jPGXhQnYz6Cg3QQ0Q
CaecvTZDJ/r50Ubzm/kYs03vDIu3+OscSwXEuZGxsDYt+HYTEYExivfzB4w6klIh
DePjpPzPgJ9ANm7D0IoCIhvzMoRLGOmHKg+2te0gVoNPVhHs8aK1adTMpdG1NuJ4
HvA2p93CSh7dcR7aRglgr4YPWkEyDu9zu+xBS9av8D/gE2Cr6agXXle+7quKgf/e
6jC4ct/eSx3Psg/+2q+EITciIbPenjIOZ0BHqzshqKWbbwOlQbWhhxE2Yx/Iy+Ns
4DbNd78ZXeUpENP/svuboDmioiOFVhzVSJ5jWeCeH8jaqLvmyc4=
=xckb
-----END PGP SIGNATURE-----