!108 [sync] PR-103: Cleanup spec

From: @openeuler-sync-bot 
Reviewed-by: @t_feng 
Signed-off-by: @t_feng

avahi.spec

@@ -3,11 +3,11 @@
 
 Name:             avahi
 Version:          0.8
-Release:          16
+Release:          21
 Summary:          Avahi is a local network service discovery
-License:          LGPLv2+
-URL:              http://avahi.org
-Source0:          http://avahi.org/download/%{name}-%{version}.tar.gz
+License:          LGPL-2.1-or-later AND LGPL-2.0-or-later AND BSD-2-Clause-Views AND MIT
+URL:              https://avahi.org
+Source0:          https://avahi.org/download/%{name}-%{version}.tar.gz
 
 ## upstream patches
 Patch0:           0000-avahi-dnsconfd.service-Drop-Also-avahi-daemon.socket.patch
@@ -19,12 +19,17 @@ Patch5:           0005-avahi_dns_packet_consume_uint32-fix-potential-undefi.patc
 
 Patch6001:        backport-CVE-2021-3468.patch
 Patch6002:        backport-CVE-2021-36217.patch
-Patch6023:        backport-CVE-2023-1981.patch
+Patch6003:        backport-CVE-2023-1981.patch
+Patch6004:        backport-CVE-2023-38470.patch
+Patch6005:        backport-CVE-2023-38473.patch
+Patch6006:        backport-CVE-2023-38472.patch
+Patch6007:        backport-CVE-2023-38471.patch
+Patch6008:        backport-CVE-2023-38469.patch
 
 BuildRequires:    gcc automake libtool desktop-file-utils gtk2-devel glib2-devel gcc-c++
 BuildRequires:    libcap-devel expat-devel gdbm-devel make
 BuildRequires:    intltool perl-XML-Parser systemd libevent-devel
-BuildRequires:    dbus-devel >= 0.90 dbus-glib-devel >= 0.70 libdaemon-devel >= 0.11
+BuildRequires:    dbus-devel >= 0.90 libdaemon-devel >= 0.11
 BuildRequires:    pkgconfig(libevent) >= 2.0.21
 %if 0%{?build_cross} == 0
 BuildRequires:    pkgconfig(pygobject-3.0) xmltoman gtk3-devel >= 2.99.0
@@ -69,8 +74,12 @@ Requires:         %{name} = %{version}-%{release}
 Requires:         %{name}-libs = %{version}-%{release} 
 Requires:         %{name}-glib = %{version}-%{release}
 Requires:         %{name}-ui-gtk3 = %{version}-%{release}
-Requires:         tigervnc openssh-clients pygtk2 pygtk2-libglade gdbm
+Requires:         tigervnc openssh-clients
+Conflicts:        %{name}-tools < 0.8-21
 %if %{WITH_PYTHON}
+Requires:         gdbm
+Requires:         pygtk2
+Requires:         pygtk2-libglade
 Requires:         python2-avahi = %{version}-%{release}
 Requires:         python2-dbus
 Requires:         python2-gobject-base
@@ -83,7 +92,6 @@ Avahi Graphical user interface tools for mDNS services.
 Summary:          Gtk uesr interface library for Avahi (Gtk2)
 Requires:         %{name}-libs = %{version}-%{release}
 Requires:         %{name}-glib = %{version}-%{release} 
-Requires:         gtk2
 
 %description ui
 This package contains a Gtk 2.x widget for browsing services.
@@ -182,7 +190,6 @@ Libraries for easy use of avahi from glib applications.
 Summary:          Libraries and header files for avahi glib development
 Requires:         %{name}-devel%{?_isa} = %{version}-%{release}
 Requires:         %{name}-glib%{?_isa} = %{version}-%{release}
-Requires:         glib2-devel
  
 %description glib-devel
 The avahi-devel package contains the header files and libraries
@@ -200,7 +207,6 @@ This library contains a GObject wrapper for the Avahi API
 Summary:          Libraries and header files for Avahi GObject development
 Requires:         %{name}-devel%{?_isa} = %{version}-%{release}
 Requires:         %{name}-gobject%{?_isa} = %{version}-%{release}
-#Requires:         %{name}-glib-devel = %{version}-%{release}
  
 %description gobject-devel
 The avahi-gobject-devel package contains the header files and libraries
@@ -211,7 +217,6 @@ necessary for developing programs using avahi-gobject.
 Summary:          Gtk user interface library for Avahi (Gtk+ 3 version)
 Requires:         %{name}-libs = %{version}-%{release}
 Requires:         %{name}-glib = %{version}-%{release}
-Requires:         gtk3
 
 %description ui-gtk3
 This library contains a Gtk 3.x widget for browsing services.
@@ -287,6 +292,11 @@ NOCONFIGURE=1 ./autogen.sh
 
 %install
 %make_install
+%delete_la
+
+# remove example
+rm -fv %{buildroot}%{_sysconfdir}/avahi/services/ssh.service
+rm -fv %{buildroot}%{_sysconfdir}/avahi/services/sftp-ssh.service
 
 ln -s avahi-compat-howl.pc  %{buildroot}/%{_libdir}/pkgconfig/howl.pc
 ln -s avahi-compat-libdns_sd.pc %{buildroot}/%{_libdir}/pkgconfig/libdns_sd.pc
@@ -311,14 +321,9 @@ if [ -n "$(grep '^GenericName=$' $i)" ]; then
   desktop-file-edit --copy-name-to-generic-name $i
 fi
 done
-%else
-# unpackaged files
-rm -fv $RPM_BUILD_ROOT%{_datadir}/applications/{bssh,bvnc}.desktop
-rm -fv $RPM_BUILD_ROOT%{_datadir}/avahi/interfaces/avahi-discover.ui
 %endif
 
 %find_lang %{name}
-%delete_la_and_a
 
 %check
 %if %{WITH_PYTHON}
@@ -359,15 +364,17 @@ exit 0
 %systemd_preun avahi-daemon.socket avahi-daemon.service
 
 %post
-/sbin/ldconfig
 /usr/bin/dbus-send --system --type=method_call --dest=org.freedesktop.DBus / org.freedesktop.DBus.ReloadConfig >/dev/null 2>&1 || :
 if [ "$1" -eq 1 -a -s /etc/localtime ]; then
         /usr/bin/cp -cfp /etc/localtime /etc/avahi/etc/localtime >/dev/null 2>&1 || :
 fi
 %systemd_post avahi-daemon.socket avahi-daemon.service
 
+if [ $1 -eq 1 ]; then
+    systemctl disable avahi-daemon.service
+fi
+
 %postun
-/sbin/ldconfig
 %systemd_postun_with_restart avahi-daemon.socket avahi-daemon.service
 
 %post dnsconfd
@@ -379,73 +386,29 @@ fi
 %postun dnsconfd
 %systemd_postun_with_restart avahi-dnsconfd.service
 
-%post   compat-howl -p /sbin/ldconfig
-
-%postun compat-howl -p /sbin/ldconfig
-
-%post   compat-libdns_sd -p /sbin/ldconfig
-
-%postun compat-libdns_sd -p /sbin/ldconfig
-
-%if 0%{?build_cross} == 0
-%post   ui -p /sbin/ldconfig
-
-%postun ui -p /sbin/ldconfig
-%endif
-
-%post   libs -p /sbin/ldconfig
-
-%postun libs -p /sbin/ldconfig
-
-%post   glib -p /sbin/ldconfig
-
-%postun glib -p /sbin/ldconfig
-
-%if 0%{?build_cross} == 0
-%post   ui-gtk3 -p /sbin/ldconfig
-
-%postun ui-gtk3 -p /sbin/ldconfig
-%endif
-
-%post   gobject -p /sbin/ldconfig
-
-%postun gobject -p /sbin/ldconfig
-
 %files -f %{name}.lang
 %doc README
 %license LICENSE
-
-%{_sbindir}/avahi-daemon
-%dir %{_libdir}/avahi
-%if %{WITH_PYTHON}
-%{_libdir}/avahi/service-types.db
-%endif
-%{_libdir}/libavahi-core.so.*
-
-%dir %{_datadir}/avahi
-%{_datadir}/avahi/*.dtd
-%{_datadir}/dbus-1/interfaces/*.xml
-%{_datadir}/dbus-1/system-services/org.freedesktop.Avahi.service
-
 %dir %{_sysconfdir}/avahi
 %dir %{_sysconfdir}/avahi/etc
 %ghost %{_sysconfdir}/avahi/etc/localtime
 %config(noreplace) %{_sysconfdir}/avahi/hosts
+%dir %{_sysconfdir}/avahi/services
+%ghost %attr(0755, avahi, avahi) %dir %{_localstatedir}/run/avahi-daemon
 %config(noreplace) %{_sysconfdir}/avahi/avahi-daemon.conf
 %config(noreplace) %{_sysconfdir}/dbus-1/system.d/avahi-dbus.conf
-
-%dir %{_sysconfdir}/avahi/services
-%ghost %dir %{_localstatedir}/run/avahi-daemon
-%attr(1770,avahi-autoipd,avahi-autoipd) %dir %{_localstatedir}/lib/avahi-autoipd/
+%{_sbindir}/avahi-daemon
+%dir %{_datadir}/avahi
+%{_datadir}/avahi/*.dtd
+%dir %{_libdir}/avahi
+%if %{WITH_PYTHON}
+%{_libdir}/avahi/service-types.db
+%endif
 %{_unitdir}/avahi-daemon.service
 %{_unitdir}/avahi-daemon.socket
-
-%attr(1770,avahi-autoipd,avahi-autoipd) %dir %{_localstatedir}/lib/avahi-autoipd/
-%exclude %{_sysconfdir}/rc.d/init.d/avahi-daemon
-%exclude %{_sysconfdir}/rc.d/init.d/avahi-dnsconfd
-%exclude %{_datadir}/%{name}-%{version}/*
-%exclude %{_sysconfdir}/avahi/services/ssh.service
-%exclude %{_sysconfdir}/avahi/services/sftp-ssh.service
+%{_datadir}/dbus-1/interfaces/*.xml
+%{_datadir}/dbus-1/system-services/org.freedesktop.Avahi.service
+%{_libdir}/libavahi-core.so.*
 
 %files autoipd
 %{_sbindir}/avahi-autoipd
@@ -492,17 +455,13 @@ fi
 %{_libdir}/libavahi-core.so
 %{_libdir}/libavahi-client.so
 %{_libdir}/libavahi-libevent.so
+%{_includedir}/avahi-client
+%{_includedir}/avahi-common
+%{_includedir}/avahi-core
+%{_includedir}/avahi-libevent
 %{_libdir}/pkgconfig/avahi-core.pc
 %{_libdir}/pkgconfig/avahi-client.pc
 %{_libdir}/pkgconfig/avahi-libevent.pc
-%{_includedir}/*
-%if 0%{?build_cross} == 0
-%exclude %{_includedir}/avahi-ui
-%endif
-%exclude %{_includedir}/avahi-compat-howl
-%exclude %{_includedir}/avahi-compat-libdns_sd
-%exclude %{_includedir}/dns_sd.h
-%exclude %{_includedir}/avahi-glib
 
 %if %{WITH_PYTHON}
 %files -n python2-avahi
@@ -518,19 +477,26 @@ fi
 %config(noreplace) %{_sysconfdir}/avahi/avahi-dnsconfd.action
 
 %files tools
-%{_bindir}/*
-%if %{WITH_PYTHON}
-%exclude %{_bindir}/b*
-%exclude %{_bindir}/avahi-discover*
-%exclude %{_bindir}/avahi-bookmarks
+%{_bindir}/avahi-browse
+%{_bindir}/avahi-browse-domains
+%{_bindir}/avahi-publish
+%{_bindir}/avahi-publish-address
+%{_bindir}/avahi-publish-service
+%{_bindir}/avahi-resolve
+%{_bindir}/avahi-resolve-address
+%{_bindir}/avahi-resolve-host-name
+%{_bindir}/avahi-set-host-name
 
 %files ui-tools
-%{_bindir}/b*
-%{_bindir}/avahi-discover
-%{_bindir}/avahi-bookmarks
+%{_bindir}/avahi-discover-standalone
+%{_bindir}/bshell
+%{_bindir}/bssh
+%{_bindir}/bvnc
 %{_datadir}/applications/b*.desktop
+%{_datadir}/avahi/interfaces
+%if %{WITH_PYTHON}
+%{_bindir}/avahi-bookmarks
 %{_datadir}/applications/avahi-discover.desktop
-%{_datadir}/avahi/interfaces/
 %{python2_sitelib}/avahi_discover/
 %endif
 
@@ -560,7 +526,6 @@ fi
 %{_libdir}/pkgconfig/libdns_sd.pc
 
 %if %{WITH_QT5}
-%ldconfig_scriptlets qt5
 
 %files qt5
 %{_libdir}/libavahi-qt5.so.*
@@ -572,13 +537,26 @@ fi
 %endif
 
 %files help
-%defattr(644,root,root)
 %doc docs/* avahi-daemon/example.service avahi-daemon/sftp-ssh.service avahi-daemon/ssh.service
-%{_mandir}/man1/*
-%{_mandir}/man5/*
-%{_mandir}/man8/*
+%{_mandir}/man?/*
 
 %changelog
+* Sun Aug 11 2024 Funda Wang <fundawang@yeah.net> - 0.8-21
+- fix wrongly splitted tools and ui-tools
+- cleanup spec
+
+* Mon Jun 24 2024 zhangpan <zhangpan103@h-partners.com> - 0.8-20
+- disable avahi-daemon.service default
+
+* Sun Feb 4 2024 zhangpan <zhangpan103@h-partners.com> - 0.8-19
+- delete redundant patch
+
+* Mon Nov 6 2023 zhangpan <zhangpan103@h-partners.com> - 0.8-18
+- fix CVE-2023-38469 CVE-2023-38471 CVE-2023-38472 CVE-2023-38473
+
+* Mon Oct 16 2023 zhangpan <zhangpan103@h-partners.com> - 0.8-17
+- fix CVE-2023-38470
+
 * Wed Apr 12 2023 zhouwenpei <zhouwenpei1@h-partners.com> - 0.8-16
 - fix CVE-2023-1981
 

avahi.yaml

@@ -1,4 +1,4 @@
 version_control: github
 src_repo: lathiat/avahi
 tag_prefix: "^v"
-seperator: "."
+separator: "."

backport-CVE-2023-38469.patch

@@ -0,0 +1,106 @@
+From a337a1ba7d15853fb56deef1f464529af6e3a1cf Mon Sep 17 00:00:00 2001
+From: Evgeny Vereshchagin <evvers@ya.ru>
+Date: Mon, 23 Oct 2023 20:29:31 +0000
+Subject: [PATCH 1/2] core: reject overly long TXT resource records
+
+Closes https://github.com/lathiat/avahi/issues/455
+
+CVE-2023-38469
+
+Reference:https://github.com/lathiat/avahi/commit/61b9874ff91dd20a12483db07df29fe7f35db77f
+Conflict:Adaptation Context
+
+---
+ avahi-core/rr.c | 9 ++++++++-
+ 1 file changed, 8 insertions(+), 1 deletion(-)
+
+diff --git a/avahi-core/rr.c b/avahi-core/rr.c
+index 2bb89244..9c04ebbd 100644
+--- a/avahi-core/rr.c
++++ b/avahi-core/rr.c
+@@ -32,6 +32,7 @@
+ #include <avahi-common/malloc.h>
+ #include <avahi-common/defs.h>
+ 
++#include "dns.h"
+ #include "rr.h"
+ #include "log.h"
+ #include "util.h"
+@@ -689,11 +690,17 @@ int avahi_record_is_valid(AvahiRecord *r) {
+         case AVAHI_DNS_TYPE_TXT: {
+ 
+             AvahiStringList *strlst;
++            size_t used = 0;
+ 
+-            for (strlst = r->data.txt.string_list; strlst; strlst = strlst->next)
++            for (strlst = r->data.txt.string_list; strlst; strlst = strlst->next) {
+                 if (strlst->size > 255 || strlst->size <= 0)
+                     return 0;
+ 
++                used += 1+strlst->size;
++                if (used > AVAHI_DNS_RDATA_MAX)
++                    return 0;
++            }
++
+             return 1;
+         }
+     }
+
+From c6cab87df290448a63323c8ca759baa516166237 Mon Sep 17 00:00:00 2001
+From: Evgeny Vereshchagin <evvers@ya.ru>
+Date: Wed, 25 Oct 2023 18:15:42 +0000
+Subject: [PATCH 2/2] tests: pass overly long TXT resource records
+
+to make sure they don't crash avahi any more.
+
+It reproduces https://github.com/lathiat/avahi/issues/455
+---
+ avahi-client/client-test.c       | 14 ++++++++++++++
+ 1 files changed, 14 insertions(+)
+
+diff --git a/avahi-client/client-test.c b/avahi-client/client-test.c
+index ba979988..da0e43ad 100644
+--- a/avahi-client/client-test.c
++++ b/avahi-client/client-test.c
+@@ -22,6 +22,7 @@
+ #endif
+ 
+ #include <stdio.h>
++#include <string.h>
+ #include <assert.h>
+ 
+ #include <avahi-client/client.h>
+@@ -33,6 +34,8 @@
+ #include <avahi-common/malloc.h>
+ #include <avahi-common/timeval.h>
+ 
++#include <avahi-core/dns.h>
++
+ static const AvahiPoll *poll_api = NULL;
+ static AvahiSimplePoll *simple_poll = NULL;
+ 
+@@ -222,6 +225,9 @@ int main (AVAHI_GCC_UNUSED int argc, AVAHI_GCC_UNUSED char *argv[]) {
+     uint32_t cookie;
+     struct timeval tv;
+     AvahiAddress a;
++    uint8_t rdata[AVAHI_DNS_RDATA_MAX+1];
++    AvahiStringList *txt = NULL;
++    int r;
+ 
+     simple_poll = avahi_simple_poll_new();
+     poll_api = avahi_simple_poll_get(simple_poll);
+@@ -261,6 +267,14 @@ int main (AVAHI_GCC_UNUSED int argc, AVAHI_GCC_UNUSED char *argv[]) {
+     error = avahi_entry_group_add_record (group, AVAHI_IF_UNSPEC, AVAHI_PROTO_UNSPEC, 0, "TestX", 0x01, 0x10, 120, "", 0);
+     assert(error != AVAHI_OK);
+ 
++    memset(rdata, 1, sizeof(rdata));
++    r = avahi_string_list_parse(rdata, sizeof(rdata), &txt);
++    assert(r >= 0);
++    assert(avahi_string_list_serialize(txt, NULL, 0) == sizeof(rdata));
++    error = avahi_entry_group_add_service_strlst(group, AVAHI_IF_UNSPEC, AVAHI_PROTO_UNSPEC, 0, "TestX", "_qotd._tcp", NULL, NULL, 123, txt);
++    assert(error == AVAHI_ERR_INVALID_RECORD);
++    avahi_string_list_free(txt);
++
+     avahi_entry_group_commit (group);
+ 
+     domain = avahi_domain_browser_new (avahi, AVAHI_IF_UNSPEC, AVAHI_PROTO_UNSPEC, NULL, AVAHI_DOMAIN_BROWSER_BROWSE, 0, avahi_domain_browser_callback, (char*) "omghai3u");

backport-CVE-2023-38470.patch

@@ -0,0 +1,56 @@
+From 94cb6489114636940ac683515417990b55b5d66c Mon Sep 17 00:00:00 2001
+From: =?UTF-8?q?Petr=20Men=C5=A1=C3=ADk?= <pemensik@redhat.com>
+Date: Tue, 11 Apr 2023 15:29:59 +0200
+Subject: [PATCH] Ensure each label is at least one byte long
+
+The only allowed exception is single dot, where it should return empty
+string.
+
+Fixes #454.
+
+Reference:https://github.com/lathiat/avahi/commit/94cb6489114636940ac683515417990b55b5d66c
+Conflict:NA
+
+---
+ avahi-common/domain-test.c | 14 ++++++++++++++
+ avahi-common/domain.c      |  2 +-
+ 2 files changed, 15 insertions(+), 1 deletion(-)
+
+diff --git a/avahi-common/domain-test.c b/avahi-common/domain-test.c
+index cf763eca6..3acc1c1e4 100644
+--- a/avahi-common/domain-test.c
++++ b/avahi-common/domain-test.c
+@@ -45,6 +45,20 @@ int main(AVAHI_GCC_UNUSED int argc, AVAHI_GCC_UNUSED char *argv[]) {
+     printf("%s\n", s = avahi_normalize_name_strdup("fo\\\\o\\..f oo."));
+     avahi_free(s);
+ 
++    printf("%s\n", s = avahi_normalize_name_strdup("."));
++    avahi_free(s);
++
++    s = avahi_normalize_name_strdup(",.=.}.=.?-.}.=.?.?.}.}.?.?.?.z.?.?.}.}."
++		    "}.?.?.?.r.=.=.}.=.?.}}.}.?.?.?.zM.=.=.?.?.}.}.?.?.}.}.}"
++		    ".?.?.?.r.=.=.}.=.?.}}.}.?.?.?.zM.=.=.?.?.}.}.?.?.?.zM.?`"
++		    "?.}.}.}.?.?.?.r.=.?.}.=.?.?.}.?.?.?.}.=.?.?.}??.}.}.?.?."
++		    "?.z.?.?.}.}.}.?.?.?.r.=.=.}.=.?.}}.}.?.?.?.zM.?`?.}.}.}."
++		    "??.?.zM.?`?.}.}.}.?.?.?.r.=.?.}.=.?.?.}.?.?.?.}.=.?.?.}?"
++		    "?.}.}.?.?.?.z.?.?.}.}.}.?.?.?.r.=.=.}.=.?.}}.}.?.?.?.zM."
++		    "?`?.}.}.}.?.?.?.r.=.=.?.?`.?.?}.}.}.?.?.?.r.=.?.}.=.?.?."
++		    "}.?.?.?.}.=.?.?.}");
++    assert(s == NULL);
++
+     printf("%i\n", avahi_domain_equal("\\065aa bbb\\.\\046cc.cc\\\\.dee.fff.", "Aaa BBB\\.\\.cc.cc\\\\.dee.fff"));
+     printf("%i\n", avahi_domain_equal("A", "a"));
+ 
+diff --git a/avahi-common/domain.c b/avahi-common/domain.c
+index 3b1ab6834..e66d2416c 100644
+--- a/avahi-common/domain.c
++++ b/avahi-common/domain.c
+@@ -201,7 +201,7 @@ char *avahi_normalize_name(const char *s, char *ret_s, size_t size) {
+         }
+ 
+         if (!empty) {
+-            if (size < 1)
++            if (size < 2)
+                 return NULL;
+ 
+             *(r++) = '.';

backport-CVE-2023-38471.patch

@@ -0,0 +1,71 @@
+From 894f085f402e023a98cbb6f5a3d117bd88d93b09 Mon Sep 17 00:00:00 2001
+From: Michal Sekletar <msekleta@redhat.com>
+Date: Mon, 23 Oct 2023 13:38:35 +0200
+Subject: [PATCH] core: extract host name using avahi_unescape_label()
+
+Previously we could create invalid escape sequence when we split the
+string on dot. For example, from valid host name "foo\\.bar" we have
+created invalid name "foo\\" and tried to set that as the host name
+which crashed the daemon.
+
+Fixes #453
+
+CVE-2023-38471
+
+Reference:https://github.com/lathiat/avahi/commit/894f085f402e023a98cbb6f5a3d117bd88d93b09
+Conflict:NA
+
+---
+ avahi-core/server.c | 27 +++++++++++++++++++++------
+ 1 file changed, 21 insertions(+), 6 deletions(-)
+
+diff --git a/avahi-core/server.c b/avahi-core/server.c
+index c32637af8..f6a21bb77 100644
+--- a/avahi-core/server.c
++++ b/avahi-core/server.c
+@@ -1295,7 +1295,11 @@ static void update_fqdn(AvahiServer *s) {
+ }
+ 
+ int avahi_server_set_host_name(AvahiServer *s, const char *host_name) {
+-    char *hn = NULL;
++    char label_escaped[AVAHI_LABEL_MAX*4+1];
++    char label[AVAHI_LABEL_MAX];
++    char *hn = NULL, *h;
++    size_t len;
++
+     assert(s);
+ 
+     AVAHI_CHECK_VALIDITY(s, !host_name || avahi_is_valid_host_name(host_name), AVAHI_ERR_INVALID_HOST_NAME);
+@@ -1305,17 +1309,28 @@ int avahi_server_set_host_name(AvahiServer *s, const char *host_name) {
+     else
+         hn = avahi_normalize_name_strdup(host_name);
+ 
+-    hn[strcspn(hn, ".")] = 0;
++    h = hn;
++    if (!avahi_unescape_label((const char **)&hn, label, sizeof(label))) {
++        avahi_free(h);
++        return AVAHI_ERR_INVALID_HOST_NAME;
++    }
++
++    avahi_free(h);
++
++    h = label_escaped;
++    len = sizeof(label_escaped);
++    if (!avahi_escape_label(label, strlen(label), &h, &len))
++        return AVAHI_ERR_INVALID_HOST_NAME;
+ 
+-    if (avahi_domain_equal(s->host_name, hn) && s->state != AVAHI_SERVER_COLLISION) {
+-        avahi_free(hn);
++    if (avahi_domain_equal(s->host_name, label_escaped) && s->state != AVAHI_SERVER_COLLISION)
+         return avahi_server_set_errno(s, AVAHI_ERR_NO_CHANGE);
+-    }
+ 
+     withdraw_host_rrs(s);
+ 
+     avahi_free(s->host_name);
+-    s->host_name = hn;
++    s->host_name = avahi_strdup(label_escaped);
++    if (!s->host_name)
++        return AVAHI_ERR_NO_MEMORY;
+ 
+     update_fqdn(s);

backport-CVE-2023-38472.patch

@@ -0,0 +1,44 @@
+From d886dc5b1d3d2b76aaa38289245acfdfa979ca6c Mon Sep 17 00:00:00 2001
+From: Michal Sekletar <msekleta@redhat.com>
+Date: Thu, 19 Oct 2023 17:36:44 +0200
+Subject: [PATCH] core: make sure there is rdata to process before parsing it
+
+Fixes #452
+
+CVE-2023-38472
+
+Reference:https://github.com/lathiat/avahi/commit/b024ae5749f4aeba03478e6391687c3c9c8dee40
+Conflict:NA
+
+---
+ avahi-client/client-test.c      | 3 +++
+ avahi-daemon/dbus-entry-group.c | 2 +-
+ 2 files changed, 4 insertions(+), 1 deletion(-)
+
+diff --git a/avahi-client/client-test.c b/avahi-client/client-test.c
+index b3366d848..ba9799881 100644
+--- a/avahi-client/client-test.c
++++ b/avahi-client/client-test.c
+@@ -258,6 +258,9 @@ int main (AVAHI_GCC_UNUSED int argc, AVAHI_GCC_UNUSED char *argv[]) {
+     printf("%s\n", avahi_strerror(avahi_entry_group_add_service (group, AVAHI_IF_UNSPEC, AVAHI_PROTO_UNSPEC, 0, "Lathiat's Site", "_http._tcp", NULL, NULL, 80, "foo=bar", NULL)));
+     printf("add_record: %d\n", avahi_entry_group_add_record (group, AVAHI_IF_UNSPEC, AVAHI_PROTO_UNSPEC, 0, "TestX", 0x01, 0x10, 120, "\5booya", 6));
+ 
++    error = avahi_entry_group_add_record (group, AVAHI_IF_UNSPEC, AVAHI_PROTO_UNSPEC, 0, "TestX", 0x01, 0x10, 120, "", 0);
++    assert(error != AVAHI_OK);
++
+     avahi_entry_group_commit (group);
+ 
+     domain = avahi_domain_browser_new (avahi, AVAHI_IF_UNSPEC, AVAHI_PROTO_UNSPEC, NULL, AVAHI_DOMAIN_BROWSER_BROWSE, 0, avahi_domain_browser_callback, (char*) "omghai3u");
+diff --git a/avahi-daemon/dbus-entry-group.c b/avahi-daemon/dbus-entry-group.c
+index 4e879a5ba..aa23d4b6b 100644
+--- a/avahi-daemon/dbus-entry-group.c
++++ b/avahi-daemon/dbus-entry-group.c
+@@ -340,7 +340,7 @@ DBusHandlerResult avahi_dbus_msg_entry_group_impl(DBusConnection *c, DBusMessage
+         if (!(r = avahi_record_new_full (name, clazz, type, ttl)))
+             return avahi_dbus_respond_error(c, m, AVAHI_ERR_NO_MEMORY, NULL);
+ 
+-        if (avahi_rdata_parse (r, rdata, size) < 0) {
++        if (!rdata || avahi_rdata_parse (r, rdata, size) < 0) {
+             avahi_record_unref (r);
+             return avahi_dbus_respond_error(c, m, AVAHI_ERR_INVALID_RDATA, NULL);
+         }

backport-CVE-2023-38473.patch

@@ -0,0 +1,108 @@
+From 5edc17b7913cac824daa09fca9976c9c19e88822 Mon Sep 17 00:00:00 2001
+From: Michal Sekletar <msekleta@redhat.com>
+Date: Wed, 11 Oct 2023 17:45:44 +0200
+Subject: [PATCH] common: derive alternative host name from its unescaped
+ version
+
+Normalization of input makes sure we don't have to deal with special
+cases like unescaped dot at the end of label.
+
+Fixes #451 #487
+CVE-2023-38473
+
+Reference:https://github.com/lathiat/avahi/commit/b448c9f771bada14ae8de175695a9729f8646797
+Conflict:NA
+
+---
+ avahi-common/alternative-test.c |  3 +++
+ avahi-common/alternative.c      | 27 +++++++++++++++++++--------
+ 2 files changed, 22 insertions(+), 8 deletions(-)
+
+diff --git a/avahi-common/alternative-test.c b/avahi-common/alternative-test.c
+index 9255435ec..681fc15b8 100644
+--- a/avahi-common/alternative-test.c
++++ b/avahi-common/alternative-test.c
+@@ -31,6 +31,9 @@ int main(AVAHI_GCC_UNUSED int argc, AVAHI_GCC_UNUSED char *argv[]) {
+     const char* const test_strings[] = {
+         "XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX",
+         "XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXüüüüüüü",
++        ").",
++        "\\.",
++        "AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA\\\\",
+         "gurke",
+         "-",
+         " #",
+diff --git a/avahi-common/alternative.c b/avahi-common/alternative.c
+index b3d39f0ed..a094e6d76 100644
+--- a/avahi-common/alternative.c
++++ b/avahi-common/alternative.c
+@@ -49,15 +49,20 @@ static void drop_incomplete_utf8(char *c) {
+ }
+ 
+ char *avahi_alternative_host_name(const char *s) {
++    char label[AVAHI_LABEL_MAX], alternative[AVAHI_LABEL_MAX*4+1];
++    char *alt, *r, *ret;
+     const char *e;
+-    char *r;
++    size_t len;
+ 
+     assert(s);
+ 
+     if (!avahi_is_valid_host_name(s))
+         return NULL;
+ 
+-    if ((e = strrchr(s, '-'))) {
++    if (!avahi_unescape_label(&s, label, sizeof(label)))
++        return NULL;
++
++    if ((e = strrchr(label, '-'))) {
+         const char *p;
+ 
+         e++;
+@@ -74,19 +79,18 @@ char *avahi_alternative_host_name(const char *s) {
+ 
+     if (e) {
+         char *c, *m;
+-        size_t l;
+         int n;
+ 
+         n = atoi(e)+1;
+         if (!(m = avahi_strdup_printf("%i", n)))
+             return NULL;
+ 
+-        l = e-s-1;
++        len = e-label-1;
+ 
+-        if (l >= AVAHI_LABEL_MAX-1-strlen(m)-1)
+-            l = AVAHI_LABEL_MAX-1-strlen(m)-1;
++        if (len >= AVAHI_LABEL_MAX-1-strlen(m)-1)
++            len = AVAHI_LABEL_MAX-1-strlen(m)-1;
+ 
+-        if (!(c = avahi_strndup(s, l))) {
++        if (!(c = avahi_strndup(label, len))) {
+             avahi_free(m);
+             return NULL;
+         }
+@@ -100,7 +104,7 @@ char *avahi_alternative_host_name(const char *s) {
+     } else {
+         char *c;
+ 
+-        if (!(c = avahi_strndup(s, AVAHI_LABEL_MAX-1-2)))
++        if (!(c = avahi_strndup(label, AVAHI_LABEL_MAX-1-2)))
+             return NULL;
+ 
+         drop_incomplete_utf8(c);
+@@ -109,6 +113,13 @@ char *avahi_alternative_host_name(const char *s) {
+         avahi_free(c);
+     }
+ 
++    alt = alternative;
++    len = sizeof(alternative);
++    ret = avahi_escape_label(r, strlen(r), &alt, &len);
++
++    avahi_free(r);
++    r = avahi_strdup(ret);
++
+     assert(avahi_is_valid_host_name(r));
+ 
+     return r;