- Resolves: #221763: CVE-2006-6870 Maliciously crafted packed can DoS avahi

daemon - upgrade to new upstream - patch revision - Resolves: #218140: avahi configuration file wants a non-existent group
2007-01-22 11:17:52 +00:00 · 2007-01-22 11:17:52 +00:00 · 5aa3ddc7ea
commit 5aa3ddc7ea
parent 8e448ad228
4 changed files with 28 additions and 10 deletions
--- a/.cvsignore
+++ b/.cvsignore
@ -1 +1 @@
-avahi-0.6.15.tar.gz
+avahi-0.6.16.tar.gz
--- a/avahi-0.6.15-netdev.patch
+++ b/avahi-0.6.15-netdev.patch
@ -0,0 +1,14 @@
+--- avahi-0.6.15/avahi-daemon/avahi-dbus.conf.in.netdev	2006-12-28 19:29:09.000000000 +0100
+++ avahi-0.6.15/avahi-daemon/avahi-dbus.conf.in	2006-12-28 19:29:15.000000000 +0100
+@@ -19,7 +19,7 @@
+     <deny send_interface="org.freedesktop.Avahi.Server" send_member="SetHostName"/>
+   </policy>
+ 
+-  <!-- Allow everything, including access to SetHostName to users of the group "netdev" -->
+  <!-- Allow everything, including access to SetHostName to users of the group "@AVAHI_PRIV_ACCESS_GROUP@" -->
+   <policy group="@AVAHI_PRIV_ACCESS_GROUP@">
+     <allow send_destination="org.freedesktop.Avahi"/>
+     <allow receive_sender="org.freedesktop.Avahi"/>
+
+
+
--- a/avahi.spec
+++ b/avahi.spec
@ -5,8 +5,8 @@
 %define WITH_MONO 0
 %endif
 Name:           avahi
-Version:        0.6.15
-Release: 4%{?dist}
+Version:        0.6.16
+Release: 	    1%{?dist}
 Summary:        Local network service discovery 
 Group:          System Environment/Base
 License:        LGPL
@ -15,7 +15,7 @@ BuildRoot:	    %{_tmppath}/%{name}-%{version}-%{release}-root-%(%{__id_u} -n)
 Requires:       dbus, libdaemon, expat, python, dbus-python, libcap
 Requires(post): initscripts, chkconfig, ldconfig
 BuildRequires:  autoconf
-BuildRequires:  automake >= 1.10, automake < 1.11
+BuildRequires:  automake
 BuildRequires:  libtool
 BuildRequires:  dbus-devel >= 0.90
 BuildRequires:  dbus-glib-devel >= 0.70
@ -38,13 +38,12 @@ Obsoletes:	    howl
 Source0:        %{name}-%{version}.tar.gz
 # enable mono's mcs to work in beehive buildroot:
 Patch6:     avahi-0.6.3-MONO_SHARED_DIR.patch
-Patch13: 	avahi-0.6.9-bz185972.patch
 Patch14:	avahi-0.6.9-bz189427.patch
 Patch15:	avahi-0.6.9-mono-libdir.patch
 Patch17:	avahi-0.6.11-use-ipv6-yes.patch
 Patch20: 	avahi-0.6.15-initscript.patch
 Patch21: 	avahi-0.6.11-align.patch
-Patch22:    avahi-0.6.15-dbus1.0.patch
+Patch23:    avahi-0.6.15-netdev.patch


 %description
@ -166,13 +165,12 @@ Header files for development with the Apple Bonjour mDNSResponder compatibility
 %if %{WITH_MONO}
 %patch6 -p1 -b .MONO_SHARED_DIR
 %endif
-%patch13 -p1 -b .bz185972
 %patch14 -p1 -b .bz189427
 %patch15 -p1 -b .mono-libdir
 %patch17 -p1 -b .use-ipv6-yes
 %patch20 -p1 -b .initscript
 %patch21 -p1 -b .align
-%patch22 -p1 -b .dbus10
+%patch23 -p1 -b .netdev

 %build
 # auto* update needed for avahi-0.5.2-fedora.patch
@ -181,7 +179,7 @@ libtoolize --force
 automake-1.10 --add-missing
 autoconf

-%configure --with-distro=fedora --disable-qt4 --disable-monodoc --without-python-twisted --with-avahi-user=avahi --with-avahi-group=avahi --enable-compat-howl \
+%configure --with-distro=fedora --disable-qt4 --disable-monodoc --without-python-twisted --with-avahi-user=avahi --with-avahi-group=avahi --enable-compat-howl --with-avahi-priv-access-group=avahi\
 %if %{WITH_COMPAT_DNSSD}
 	--enable-compat-libdns_sd \
 %endif
@ -386,6 +384,12 @@ fi
 %endif

 %changelog
+* Mon Jan 22 2007 Martin Bacovsky <mbacovsk@redhat.com> - 0.6.16-1.fc7
+- Resolves: #221763: CVE-2006-6870 Maliciously crafted packed can DoS avahi daemon
+- upgrade to new upstream
+- patch revision
+- Resolves: #218140: avahi configuration file wants a non-existent group
+
 * Wed Dec  6 2006 Jeremy Katz <katzj@redhat.com> - 0.6.15-4
 - rebuild against python 2.5

--- a/2
+++ b/2
@ -1 +1 @@
-94dbd41336d18c47fc8213735a3fbf8e  avahi-0.6.15.tar.gz
+3cbc460bbd55bae35f7b57443c063640  avahi-0.6.16.tar.gz