Rebuilt for https://fedoraproject.org/wiki/Fedora_44_Mass_Rebuild

Prevent crash stopped by fortification source hardening. Make it
compiled with new defaults.

https://github.com/avahi/avahi/pull/707

.fmf/version

@@ -0,0 +1 @@
+1

.gitignore

@@ -6,3 +6,4 @@
 /avahi-0.6.32.tar.gz
 /avahi-0.7.tar.gz
 /avahi-0.8.tar.gz
+/v0.9-rc2.tar.gz

0006-avahi-dnsconfd.service-Drop-Also-avahi-daemon.socket.patch

@@ -1,25 +0,0 @@
-From 9c3a314856affb288f701d2d3ee23278fc98eaee Mon Sep 17 00:00:00 2001
-From: Steve Langasek <steve.langasek@ubuntu.com>
-Date: Tue, 18 Feb 2020 15:43:19 +0800
-Subject: [PATCH 06/11] avahi-dnsconfd.service: Drop "Also=avahi-daemon.socket"
-
-Also=avahi-daemon.socket' means that 'systemctl disable avahi-dnsconfd'
-ill also disable avahi-daemon.socket, which is definitely not what we
-ant, and it also causes debhelper to throw an error. Just drop this
-entry from the configuration.
----
- avahi-dnsconfd/avahi-dnsconfd.service.in | 1 -
- 1 file changed, 1 deletion(-)
-
-diff --git a/avahi-dnsconfd/avahi-dnsconfd.service.in b/avahi-dnsconfd/avahi-dnsconfd.service.in
-index 95db79f..7c293da 100644
---- a/avahi-dnsconfd/avahi-dnsconfd.service.in
-+++ b/avahi-dnsconfd/avahi-dnsconfd.service.in
-@@ -26,4 +26,3 @@ ExecStart=@sbindir@/avahi-dnsconfd -s
- 
- [Install]
- WantedBy=multi-user.target
--Also=avahi-daemon.socket
--- 
-2.25.2
-

0007-man-add-missing-bshell.1-symlink.patch

@@ -1,35 +0,0 @@
-From f983df44870b602179b493f9c3d113753b378e27 Mon Sep 17 00:00:00 2001
-From: Michael Biebl <biebl@debian.org>
-Date: Sun, 17 Sep 2017 12:52:39 +0200
-Subject: [PATCH 07/11] man: add missing bshell.1 symlink
-
-The bshell binary is missing a symlink to its manual page. It should be
-symlinked to the man page for bssh, just like how the bvnc man page is.
-
-Bug-Debian: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=655190
----
- man/Makefile.am | 3 ++-
- 1 file changed, 2 insertions(+), 1 deletion(-)
-
-diff --git a/man/Makefile.am b/man/Makefile.am
-index d38267c..77a27bd 100644
---- a/man/Makefile.am
-+++ b/man/Makefile.am
-@@ -137,12 +137,13 @@ BSSH_LN =
- if HAVE_GTK
- if HAVE_GLIB
- BSSH_LN += $(LN_S) bssh.1 bvnc.1 &&
-+BSSH_LN += $(LN_S) bssh.1 bshell.1 &&
- endif
- endif
- install-exec-local:
- 	mkdir -p $(DESTDIR)/$(mandir)/man1 && \
- 		cd $(DESTDIR)/$(mandir)/man1 && \
--		rm -f avahi-resolve-host-name.1 avahi-resolve-address.1 avahi-browse-domains.1 avahi-publish-address.1 avahi-publish-service.1 bvnc.1 && \
-+		rm -f avahi-resolve-host-name.1 avahi-resolve-address.1 avahi-browse-domains.1 avahi-publish-address.1 avahi-publish-service.1 bvnc.1 bshell.1 && \
- 		$(BSSH_LN) \
- 		$(LN_S) avahi-resolve.1 avahi-resolve-host-name.1 && \
- 		$(LN_S) avahi-resolve.1 avahi-resolve-address.1 && \
--- 
-2.25.2
-

0008-Ship-avahi-discover-1-bssh-1-and-bvnc-1-also-for-GTK.patch

@@ -1,52 +0,0 @@
-From 751be804e891aec5701a059144e2f5cbfc981b36 Mon Sep 17 00:00:00 2001
-From: Andreas Henriksson <andreas@fatal.se>
-Date: Thu, 24 Aug 2017 17:52:19 +0200
-Subject: [PATCH 08/11] Ship avahi-discover(1), bssh(1) and bvnc(1) also for
- GTK3
-
-These manpages went missing when you disabled gtk2 builds....
----
- man/Makefile.am | 9 +++++----
- 1 file changed, 5 insertions(+), 4 deletions(-)
-
-diff --git a/man/Makefile.am b/man/Makefile.am
-index 77a27bd..289b942 100644
---- a/man/Makefile.am
-+++ b/man/Makefile.am
-@@ -56,7 +56,7 @@ man_MANS += \
- 	avahi-publish.1 \
- 	avahi-set-host-name.1
- 
--if HAVE_GTK
-+if HAVE_GTK2OR3
- man_MANS += \
- 	bssh.1
- endif
-@@ -64,12 +64,13 @@ endif
- if HAVE_PYTHON
- man_MANS += \
- 	avahi-bookmarks.1
--if HAVE_GTK
-+endif
-+
-+if HAVE_PYGOBJECT
- man_MANS += \
- 	avahi-discover.1
- endif
- endif
--endif
- 
- if ENABLE_AUTOIPD
- if HAVE_LIBDAEMON
-@@ -134,7 +135,7 @@ EXTRA_DIST = \
- if HAVE_DBUS
- 
- BSSH_LN =
--if HAVE_GTK
-+if HAVE_GTK2OR3
- if HAVE_GLIB
- BSSH_LN += $(LN_S) bssh.1 bvnc.1 &&
- BSSH_LN += $(LN_S) bssh.1 bshell.1 &&
--- 
-2.25.2
-

0009-fix-requires-in-pc-file.patch

@@ -1,24 +0,0 @@
-From 366e3798bdbd6b7bf24e59379f4a9a51af575ce9 Mon Sep 17 00:00:00 2001
-From: =?UTF-8?q?Tomasz=20Pawe=C5=82=20Gajc?= <tpgxyz@gmail.com>
-Date: Thu, 20 Feb 2020 16:09:40 +0100
-Subject: [PATCH 09/11] fix requires in pc file
-
----
- avahi-libevent.pc.in | 2 +-
- 1 file changed, 1 insertion(+), 1 deletion(-)
-
-diff --git a/avahi-libevent.pc.in b/avahi-libevent.pc.in
-index a1dca01..3356b0b 100644
---- a/avahi-libevent.pc.in
-+++ b/avahi-libevent.pc.in
-@@ -6,6 +6,6 @@ includedir=${prefix}/include
- Name: avahi-libevent
- Description: Avahi Multicast DNS Responder (libevent Support)
- Version: @PACKAGE_VERSION@
--Requires: libevent-2.1.5
-+Requires: libevent >= 2.1.5
- Libs: -L${libdir} -lavahi-libevent
- Cflags: -D_REENTRANT -I${includedir}
--- 
-2.25.2
-

0010-fix-bytestring-decoding-for-proper-display.patch

@@ -1,32 +0,0 @@
-From a94f72081dd1d546a1d95d860311a1242315bb28 Mon Sep 17 00:00:00 2001
-From: =?UTF-8?q?=C3=89ric=20Araujo?= <merwok@netwok.org>
-Date: Sat, 29 Feb 2020 19:14:04 -0500
-Subject: [PATCH 10/11] fix bytestring decoding for proper display
-
----
- avahi-python/avahi-discover/avahi-discover.py | 3 +++
- 1 file changed, 3 insertions(+)
-
-diff --git a/avahi-python/avahi-discover/avahi-discover.py b/avahi-python/avahi-discover/avahi-discover.py
-index 0db705d..4a2b575 100755
---- a/avahi-python/avahi-discover/avahi-discover.py
-+++ b/avahi-python/avahi-discover/avahi-discover.py
-@@ -238,12 +238,15 @@ class Main_window:
-                 txts+="<b>" + _("TXT") + " <i>%s</i></b> = %s\n" % (k,v)
-         else:
-             txts = "<b>" + _("TXT Data:") + "</b> <i>" + _("empty") + "</i>"
-+        
-+        txts = txts.decode("utf-8")
- 
-         infos = "<b>" + _("Service Type:") + "</b> %s\n"
-         infos += "<b>" + _("Service Name:") + "</b> %s\n"
-         infos += "<b>" + _("Domain Name:") + "</b> %s\n"
-         infos += "<b>" + _("Interface:") + "</b> %s %s\n"
-         infos += "<b>" + _("Address:") + "</b> %s/%s:%i\n%s"
-+        infos = infos.decode("utf-8")
-         infos = infos % (stype, name, domain, self.siocgifname(interface), self.protoname(protocol), host, address, port, txts.strip())
-         self.info_label.set_markup(infos)
- 
--- 
-2.25.2
-

0011-avahi_dns_packet_consume_uint32-fix-potential-undefi.patch

@@ -1,33 +0,0 @@
-From b897ca43ac100d326d118e5877da710eb7f836f9 Mon Sep 17 00:00:00 2001
-From: traffic-millions <60914101+traffic-millions@users.noreply.github.com>
-Date: Tue, 3 Mar 2020 11:15:48 +0800
-Subject: [PATCH 11/11] avahi_dns_packet_consume_uint32: fix potential
- undefined behavior
-
-avahi_dns_packet_consume_uint32 left shifts uint8_t values by 8, 16 and 24 bits to combine them into a 32-bit value. This produces an undefined behavior warning with gcc -fsanitize when fed input values of 128 or 255 however in testing no actual unexpected behavior occurs in practice and the 32-bit uint32_t is always correctly produced as the final value is immediately stored into a uint32_t and the compiler appears to handle this "correctly".
-
-Cast the intermediate values to uint32_t to prevent this warning and ensure the intended result is explicit.
-
-Closes: #267
-Closes: #268
-Reference: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=19304
----
- avahi-core/dns.c | 2 +-
- 1 file changed, 1 insertion(+), 1 deletion(-)
-
-diff --git a/avahi-core/dns.c b/avahi-core/dns.c
-index 7c38f42..d793b76 100644
---- a/avahi-core/dns.c
-+++ b/avahi-core/dns.c
-@@ -455,7 +455,7 @@ int avahi_dns_packet_consume_uint32(AvahiDnsPacket *p, uint32_t *ret_v) {
-         return -1;
- 
-     d = (uint8_t*) (AVAHI_DNS_PACKET_DATA(p) + p->rindex);
--    *ret_v = (d[0] << 24) | (d[1] << 16) | (d[2] << 8) | d[3];
-+    *ret_v = ((uint32_t)d[0] << 24) | ((uint32_t)d[1] << 16) | ((uint32_t)d[2] << 8) | (uint32_t)d[3];
-     p->rindex += sizeof(uint32_t);
- 
-     return 0;
--- 
-2.25.2
-

0016-Fix-NULL-pointer-crashes-from-175.patch

@@ -1,151 +0,0 @@
-From 9d31939e55280a733d930b15ac9e4dda4497680c Mon Sep 17 00:00:00 2001
-From: Tommi Rantala <tommi.t.rantala@nokia.com>
-Date: Mon, 8 Feb 2021 11:04:43 +0200
-Subject: [PATCH 16/16] Fix NULL pointer crashes from #175
-
-avahi-daemon is crashing when running "ping .local".
-The crash is due to failing assertion from NULL pointer.
-Add missing NULL pointer checks to fix it.
-
-Introduced in #175 - merge commit 8f75a045709a780c8cf92a6a21e9d35b593bdecd
----
- avahi-core/browse-dns-server.c   | 5 ++++-
- avahi-core/browse-domain.c       | 5 ++++-
- avahi-core/browse-service-type.c | 3 +++
- avahi-core/browse-service.c      | 3 +++
- avahi-core/browse.c              | 3 +++
- avahi-core/resolve-address.c     | 5 ++++-
- avahi-core/resolve-host-name.c   | 5 ++++-
- avahi-core/resolve-service.c     | 5 ++++-
- 8 files changed, 29 insertions(+), 5 deletions(-)
-
-diff --git a/avahi-core/browse-dns-server.c b/avahi-core/browse-dns-server.c
-index 049752e..c2d914f 100644
---- a/avahi-core/browse-dns-server.c
-+++ b/avahi-core/browse-dns-server.c
-@@ -343,7 +343,10 @@ AvahiSDNSServerBrowser *avahi_s_dns_server_browser_new(
-         AvahiSDNSServerBrowser* b;
- 
-         b = avahi_s_dns_server_browser_prepare(server, interface, protocol, domain, type, aprotocol, flags, callback, userdata);
-+        if (!b)
-+            return NULL;
-+
-         avahi_s_dns_server_browser_start(b);
- 
-         return b;
--}
-\ No newline at end of file
-+}
-diff --git a/avahi-core/browse-domain.c b/avahi-core/browse-domain.c
-index f145d56..06fa70c 100644
---- a/avahi-core/browse-domain.c
-+++ b/avahi-core/browse-domain.c
-@@ -253,7 +253,10 @@ AvahiSDomainBrowser *avahi_s_domain_browser_new(
-         AvahiSDomainBrowser *b;
- 
-         b = avahi_s_domain_browser_prepare(server, interface, protocol, domain, type, flags, callback, userdata);
-+        if (!b)
-+            return NULL;
-+
-         avahi_s_domain_browser_start(b);
- 
-         return b;
--}
-\ No newline at end of file
-+}
-diff --git a/avahi-core/browse-service-type.c b/avahi-core/browse-service-type.c
-index fdd22dc..b1fc7af 100644
---- a/avahi-core/browse-service-type.c
-+++ b/avahi-core/browse-service-type.c
-@@ -171,6 +171,9 @@ AvahiSServiceTypeBrowser *avahi_s_service_type_browser_new(
-         AvahiSServiceTypeBrowser *b;
- 
-         b = avahi_s_service_type_browser_prepare(server, interface, protocol, domain, flags, callback, userdata);
-+        if (!b)
-+            return NULL;
-+
-         avahi_s_service_type_browser_start(b);
- 
-         return b;
-diff --git a/avahi-core/browse-service.c b/avahi-core/browse-service.c
-index 5531360..63e0275 100644
---- a/avahi-core/browse-service.c
-+++ b/avahi-core/browse-service.c
-@@ -184,6 +184,9 @@ AvahiSServiceBrowser *avahi_s_service_browser_new(
-         AvahiSServiceBrowser *b;
- 
-         b = avahi_s_service_browser_prepare(server, interface, protocol, service_type, domain, flags, callback, userdata);
-+        if (!b)
-+            return NULL;
-+
-         avahi_s_service_browser_start(b);
- 
-         return b;
-diff --git a/avahi-core/browse.c b/avahi-core/browse.c
-index 2941e57..e8a915e 100644
---- a/avahi-core/browse.c
-+++ b/avahi-core/browse.c
-@@ -634,6 +634,9 @@ AvahiSRecordBrowser *avahi_s_record_browser_new(
-         AvahiSRecordBrowser *b;
- 
-         b = avahi_s_record_browser_prepare(server, interface, protocol, key, flags, callback, userdata);
-+        if (!b)
-+            return NULL;
-+
-         avahi_s_record_browser_start_query(b);
- 
-         return b;
-diff --git a/avahi-core/resolve-address.c b/avahi-core/resolve-address.c
-index ac0b29b..e61dd24 100644
---- a/avahi-core/resolve-address.c
-+++ b/avahi-core/resolve-address.c
-@@ -286,7 +286,10 @@ AvahiSAddressResolver *avahi_s_address_resolver_new(
-         AvahiSAddressResolver *b;
- 
-         b = avahi_s_address_resolver_prepare(server, interface, protocol, address, flags, callback, userdata);
-+        if (!b)
-+            return NULL;
-+
-         avahi_s_address_resolver_start(b);
- 
-         return b;
--}
-\ No newline at end of file
-+}
-diff --git a/avahi-core/resolve-host-name.c b/avahi-core/resolve-host-name.c
-index 808b0e7..4e8e597 100644
---- a/avahi-core/resolve-host-name.c
-+++ b/avahi-core/resolve-host-name.c
-@@ -318,7 +318,10 @@ AvahiSHostNameResolver *avahi_s_host_name_resolver_new(
-         AvahiSHostNameResolver *b;
- 
-         b = avahi_s_host_name_resolver_prepare(server, interface, protocol, host_name, aprotocol, flags, callback, userdata);
-+        if (!b)
-+            return NULL;
-+
-         avahi_s_host_name_resolver_start(b);
- 
-         return b;
--}
-\ No newline at end of file
-+}
-diff --git a/avahi-core/resolve-service.c b/avahi-core/resolve-service.c
-index 66bf3ca..4377176 100644
---- a/avahi-core/resolve-service.c
-+++ b/avahi-core/resolve-service.c
-@@ -519,7 +519,10 @@ AvahiSServiceResolver *avahi_s_service_resolver_new(
-         AvahiSServiceResolver *b;
- 
-         b = avahi_s_service_resolver_prepare(server, interface, protocol, name, type, domain, aprotocol, flags, callback, userdata);
-+        if (!b)
-+            return NULL;
-+
-         avahi_s_service_resolver_start(b);
- 
-         return b;
--}
-\ No newline at end of file
-+}
--- 
-2.31.1
-

0016-fix-QT3-build.patch

@@ -1,29 +0,0 @@
-From 66a684b988052664669158819fc123469b714f50 Mon Sep 17 00:00:00 2001
-From: Rex Dieter <rdieter@gmail.com>
-Date: Tue, 17 Nov 2020 16:42:00 -0600
-Subject: [PATCH 16/16] fix QT3 build
-
-recent commit d1e71b320d96d0f213ecb0885c8313039a09f693 adding QT5
-support added a new conditional
-but failed to actually set the define.  This commit adds that to
-allow successful build when enabling QT3 support
----
- avahi-qt/Makefile.am | 2 +-
- 1 file changed, 1 insertion(+), 1 deletion(-)
-
-diff --git a/avahi-qt/Makefile.am b/avahi-qt/Makefile.am
-index 09ce7ca..b404810 100644
---- a/avahi-qt/Makefile.am
-+++ b/avahi-qt/Makefile.am
-@@ -38,7 +38,7 @@ libavahi_qt3_la_SOURCES = \
- qt-watch.moc3: qt-watch.cpp
- 	$(AM_V_GEN)$(MOC_QT3) $^ > $@
- 
--libavahi_qt3_la_CPPFLAGS = $(AM_CFLAGS) $(QT3_CFLAGS) $(VISIBILITY_HIDDEN_CFLAGS)
-+libavahi_qt3_la_CPPFLAGS = $(AM_CFLAGS) $(QT3_CFLAGS) -DQT3 $(VISIBILITY_HIDDEN_CFLAGS)
- libavahi_qt3_la_LIBADD = $(AM_LDADD) ../avahi-common/libavahi-common.la $(QT3_LIBS)
- libavahi_qt3_la_LDFLAGS = $(AM_LDFLAGS) -export-dynamic -version-info $(LIBAVAHI_QT3_VERSION_INFO)
- endif
--- 
-2.28.0
-

0017-Emit-error-if-requested-service-is-not-found.patch

@@ -1,56 +0,0 @@
-From a2696da2f2c50ac43b6c4903f72290d5c3fa9f6f Mon Sep 17 00:00:00 2001
-From: =?UTF-8?q?Petr=20Men=C5=A1=C3=ADk?= <pemensik@redhat.com>
-Date: Thu, 17 Nov 2022 01:51:53 +0100
-Subject: [PATCH] Emit error if requested service is not found
-
-It currently just crashes instead of replying with error. Check return
-value and emit error instead of passing NULL pointer to reply.
-
-Fixes #375
----
- avahi-daemon/dbus-protocol.c | 20 ++++++++++++++------
- 1 file changed, 14 insertions(+), 6 deletions(-)
-
-diff --git a/avahi-daemon/dbus-protocol.c b/avahi-daemon/dbus-protocol.c
-index 70d7687..406d0b4 100644
---- a/avahi-daemon/dbus-protocol.c
-+++ b/avahi-daemon/dbus-protocol.c
-@@ -375,10 +375,14 @@ static DBusHandlerResult dbus_get_alternative_host_name(DBusConnection *c, DBusM
-     }
- 
-     t = avahi_alternative_host_name(n);
--    avahi_dbus_respond_string(c, m, t);
--    avahi_free(t);
-+    if (t) {
-+        avahi_dbus_respond_string(c, m, t);
-+        avahi_free(t);
- 
--    return DBUS_HANDLER_RESULT_HANDLED;
-+        return DBUS_HANDLER_RESULT_HANDLED;
-+    } else {
-+        return avahi_dbus_respond_error(c, m, AVAHI_ERR_NOT_FOUND, "Hostname not found");
-+    }
- }
- 
- static DBusHandlerResult dbus_get_alternative_service_name(DBusConnection *c, DBusMessage *m, DBusError *error) {
-@@ -389,10 +393,14 @@ static DBusHandlerResult dbus_get_alternative_service_name(DBusConnection *c, DB
-     }
- 
-     t = avahi_alternative_service_name(n);
--    avahi_dbus_respond_string(c, m, t);
--    avahi_free(t);
-+    if (t) {
-+        avahi_dbus_respond_string(c, m, t);
-+        avahi_free(t);
- 
--    return DBUS_HANDLER_RESULT_HANDLED;
-+        return DBUS_HANDLER_RESULT_HANDLED;
-+    } else {
-+        return avahi_dbus_respond_error(c, m, AVAHI_ERR_NOT_FOUND, "Service not found");
-+    }
- }
- 
- static DBusHandlerResult dbus_create_new_entry_group(DBusConnection *c, DBusMessage *m, DBusError *error) {
--- 
-2.38.1
-

avahi-0.8-no_undefined.patch

@@ -1,12 +1,10 @@
-diff -up avahi-0.8/avahi-qt/Makefile.am.no_undefined avahi-0.8/avahi-qt/Makefile.am
---- avahi-0.8/avahi-qt/Makefile.am.no_undefined	2018-09-14 00:31:28.490023071 -0500
-+++ avahi-0.8/avahi-qt/Makefile.am	2020-11-17 16:35:04.646045499 -0600
-@@ -38,9 +38,9 @@ libavahi_qt3_la_SOURCES = \
- qt-watch.moc3: qt-watch.cpp
- 	$(AM_V_GEN)$(MOC_QT3) $^ > $@
+diff --git a/avahi-qt/Makefile.am b/avahi-qt/Makefile.am
+index b404810..6911db8 100644
+--- a/avahi-qt/Makefile.am
++++ b/avahi-qt/Makefile.am
+@@ -40,7 +40,7 @@ qt-watch.moc3: qt-watch.cpp
  
--libavahi_qt3_la_CPPFLAGS = $(AM_CFLAGS) $(QT3_CFLAGS) -DQT3 $(VISIBILITY_HIDDEN_CFLAGS)
-+libavahi_qt3_la_CPPFLAGS = $(AM_CFLAGS) $(QT3_CFLAGS) -DQT3 $(VISIBILITY_HIDDEN_CFLAGS)
+ libavahi_qt3_la_CPPFLAGS = $(AM_CFLAGS) $(QT3_CFLAGS) -DQT3 $(VISIBILITY_HIDDEN_CFLAGS)
  libavahi_qt3_la_LIBADD = $(AM_LDADD) ../avahi-common/libavahi-common.la $(QT3_LIBS)
 -libavahi_qt3_la_LDFLAGS = $(AM_LDFLAGS) -export-dynamic -version-info $(LIBAVAHI_QT3_VERSION_INFO)
 +libavahi_qt3_la_LDFLAGS = $(AM_LDFLAGS) -Wl,--no-undefined -no-undefined -export-dynamic -version-info $(LIBAVAHI_QT3_VERSION_INFO)
@@ -31,36 +29,3 @@ diff -up avahi-0.8/avahi-qt/Makefile.am.no_undefined avahi-0.8/avahi-qt/Makefile
  endif
  
  CLEANFILES = $(BUILT_SOURCES)
-diff -up avahi-0.8/avahi-qt/Makefile.in.no_undefined avahi-0.8/avahi-qt/Makefile.in
---- avahi-0.8/avahi-qt/Makefile.in.no_undefined	2020-02-18 01:03:16.474614659 -0600
-+++ avahi-0.8/avahi-qt/Makefile.in	2020-11-17 16:36:12.263297534 -0600
-@@ -551,9 +551,9 @@ BUILT_SOURCES = $(am__append_2) $(am__ap
- @HAVE_QT3_TRUE@libavahi_qt3_la_SOURCES = \
- @HAVE_QT3_TRUE@	qt-watch.cpp
- 
--@HAVE_QT3_TRUE@libavahi_qt3_la_CPPFLAGS = $(AM_CFLAGS) $(QT3_CFLAGS) $(VISIBILITY_HIDDEN_CFLAGS)
-+@HAVE_QT3_TRUE@libavahi_qt3_la_CPPFLAGS = $(AM_CFLAGS) $(QT3_CFLAGS) -DQT3 $(VISIBILITY_HIDDEN_CFLAGS)
- @HAVE_QT3_TRUE@libavahi_qt3_la_LIBADD = $(AM_LDADD) ../avahi-common/libavahi-common.la $(QT3_LIBS)
--@HAVE_QT3_TRUE@libavahi_qt3_la_LDFLAGS = $(AM_LDFLAGS) -export-dynamic -version-info $(LIBAVAHI_QT3_VERSION_INFO)
-+@HAVE_QT3_TRUE@libavahi_qt3_la_LDFLAGS = $(AM_LDFLAGS) -Wl,--no-undefined -no-undefined -export-dynamic -version-info $(LIBAVAHI_QT3_VERSION_INFO)
- @HAVE_QT4_TRUE@avahiqt4includedir = $(includedir)/avahi-qt4
- @HAVE_QT4_TRUE@avahiqt4include_HEADERS = \
- @HAVE_QT4_TRUE@	qt-watch.h
-@@ -563,7 +563,7 @@ BUILT_SOURCES = $(am__append_2) $(am__ap
- 
- @HAVE_QT4_TRUE@libavahi_qt4_la_CPPFLAGS = $(AM_CFLAGS) $(QT4_CFLAGS) -DQT4 $(VISIBILITY_HIDDEN_CFLAGS)
- @HAVE_QT4_TRUE@libavahi_qt4_la_LIBADD = $(AM_LDADD) ../avahi-common/libavahi-common.la $(QT4_LIBS)
--@HAVE_QT4_TRUE@libavahi_qt4_la_LDFLAGS = $(AM_LDFLAGS) -version-info $(LIBAVAHI_QT4_VERSION_INFO)
-+@HAVE_QT4_TRUE@libavahi_qt4_la_LDFLAGS = $(AM_LDFLAGS) -Wl,--no-undefined -no-undefined -version-info $(LIBAVAHI_QT4_VERSION_INFO)
- @HAVE_QT5_TRUE@avahiqt5includedir = $(includedir)/avahi-qt5
- @HAVE_QT5_TRUE@avahiqt5include_HEADERS = \
- @HAVE_QT5_TRUE@	qt-watch.h
-@@ -573,7 +573,7 @@ BUILT_SOURCES = $(am__append_2) $(am__ap
- 
- @HAVE_QT5_TRUE@libavahi_qt5_la_CPPFLAGS = $(AM_CFLAGS) --std=gnu++11 $(QT5_CFLAGS) -DQT5 $(VISIBILITY_HIDDEN_CFLAGS)
- @HAVE_QT5_TRUE@libavahi_qt5_la_LIBADD = $(AM_LDADD) ../avahi-common/libavahi-common.la $(QT5_LIBS)
--@HAVE_QT5_TRUE@libavahi_qt5_la_LDFLAGS = $(AM_LDFLAGS) -version-info $(LIBAVAHI_QT5_VERSION_INFO)
-+@HAVE_QT5_TRUE@libavahi_qt5_la_LDFLAGS = $(AM_LDFLAGS) -Wl,--no-undefined -no-undefined -version-info $(LIBAVAHI_QT5_VERSION_INFO)
- CLEANFILES = $(BUILT_SOURCES)
- all: $(BUILT_SOURCES)
- 	$(MAKE) $(AM_MAKEFLAGS) all-am

avahi-0.9-CVE-2024-52615.patch

@@ -0,0 +1,224 @@
+From 4e2e1ea0908d7e6ad7f38ae04fdcdf2411f8b942 Mon Sep 17 00:00:00 2001
+From: Michal Sekletar <msekleta@redhat.com>
+Date: Wed, 27 Nov 2024 18:07:32 +0100
+Subject: [PATCH] core/wide-area: fix for CVE-2024-52615
+
+---
+ avahi-core/wide-area.c | 128 ++++++++++++++++++++++-------------------
+ 1 file changed, 69 insertions(+), 59 deletions(-)
+
+diff --git a/avahi-core/wide-area.c b/avahi-core/wide-area.c
+index 00a15056e..06df7afc6 100644
+--- a/avahi-core/wide-area.c
++++ b/avahi-core/wide-area.c
+@@ -81,6 +81,10 @@ struct AvahiWideAreaLookup {
+ 
+     AvahiAddress dns_server_used;
+ 
++    int fd;
++    AvahiWatch *watch;
++    AvahiProtocol proto;
++
+     AVAHI_LLIST_FIELDS(AvahiWideAreaLookup, lookups);
+     AVAHI_LLIST_FIELDS(AvahiWideAreaLookup, by_key);
+ };
+@@ -88,9 +92,6 @@ struct AvahiWideAreaLookup {
+ struct AvahiWideAreaLookupEngine {
+     AvahiServer *server;
+ 
+-    int fd_ipv4, fd_ipv6;
+-    AvahiWatch *watch_ipv4, *watch_ipv6;
+-
+     /* Cache */
+     AVAHI_LLIST_HEAD(AvahiWideAreaCacheEntry, cache);
+     AvahiHashmap *cache_by_key;
+@@ -125,35 +126,67 @@ static AvahiWideAreaLookup* find_lookup(AvahiWideAreaLookupEngine *e, uint16_t i
+     return l;
+ }
+ 
++static void socket_event(AVAHI_GCC_UNUSED AvahiWatch *w, int fd, AVAHI_GCC_UNUSED AvahiWatchEvent events, void *userdata);
++
+ static int send_to_dns_server(AvahiWideAreaLookup *l, AvahiDnsPacket *p) {
++    AvahiWideAreaLookupEngine *e;
+     AvahiAddress *a;
++    AvahiServer *s;
++    AvahiWatch *w;
++    int r;
+ 
+     assert(l);
+     assert(p);
+ 
+-    if (l->engine->n_dns_servers <= 0)
++    e = l->engine;
++    assert(e);
++
++    s = e->server;
++    assert(s);
++
++    if (e->n_dns_servers <= 0)
+         return -1;
+ 
+-    assert(l->engine->current_dns_server < l->engine->n_dns_servers);
++    assert(e->current_dns_server < e->n_dns_servers);
+ 
+-    a = &l->engine->dns_servers[l->engine->current_dns_server];
++    a = &e->dns_servers[e->current_dns_server];
+     l->dns_server_used = *a;
+ 
+-    if (a->proto == AVAHI_PROTO_INET) {
++    if (l->fd >= 0) {
++        /* We are reusing lookup object and sending packet to another server so let's cleanup before we establish connection to new server. */
++        s->poll_api->watch_free(l->watch);
++        l->watch = NULL;
+ 
+-        if (l->engine->fd_ipv4 < 0)
+-            return -1;
++        close(l->fd);
++        l->fd = -EBADF;
++    }
+ 
+-        return avahi_send_dns_packet_ipv4(l->engine->fd_ipv4, AVAHI_IF_UNSPEC, p, NULL, &a->data.ipv4, AVAHI_DNS_PORT);
++    assert(a->proto == AVAHI_PROTO_INET || a->proto == AVAHI_PROTO_INET6);
+ 
+-    } else {
+-        assert(a->proto == AVAHI_PROTO_INET6);
++    if (a->proto == AVAHI_PROTO_INET)
++        r = s->config.use_ipv4 ? avahi_open_unicast_socket_ipv4() : -1;
++    else
++        r = s->config.use_ipv6 ? avahi_open_unicast_socket_ipv6() : -1;
+ 
+-        if (l->engine->fd_ipv6 < 0)
+-            return -1;
++    if (r < 0) {
++        avahi_log_error(__FILE__ ": Failed to create socket for wide area lookup");
++        return -1;
++    }
+ 
+-        return avahi_send_dns_packet_ipv6(l->engine->fd_ipv6, AVAHI_IF_UNSPEC, p, NULL, &a->data.ipv6, AVAHI_DNS_PORT);
++    w = s->poll_api->watch_new(s->poll_api, r, AVAHI_WATCH_IN, socket_event, l);
++    if (!w) {
++        close(r);
++        avahi_log_error(__FILE__ ": Failed to create socket watch for wide area lookup");
++        return -1;
+     }
++
++    l->fd = r;
++    l->watch = w;
++    l->proto = a->proto;
++
++    return a->proto == AVAHI_PROTO_INET ?
++                avahi_send_dns_packet_ipv4(l->fd, AVAHI_IF_UNSPEC, p, NULL, &a->data.ipv4, AVAHI_DNS_PORT):
++                avahi_send_dns_packet_ipv6(l->fd, AVAHI_IF_UNSPEC, p, NULL, &a->data.ipv6, AVAHI_DNS_PORT);
+ }
+ 
+ static void next_dns_server(AvahiWideAreaLookupEngine *e) {
+@@ -246,6 +279,9 @@ AvahiWideAreaLookup *avahi_wide_area_lookup_new(
+     l->dead = 0;
+     l->key = avahi_key_ref(key);
+     l->cname_key = avahi_key_new_cname(l->key);
++    l->fd = -EBADF;
++    l->watch = NULL;
++    l->proto = AVAHI_PROTO_UNSPEC;
+     l->callback = callback;
+     l->userdata = userdata;
+ 
+@@ -314,6 +350,12 @@ static void lookup_destroy(AvahiWideAreaLookup *l) {
+     if (l->cname_key)
+         avahi_key_unref(l->cname_key);
+ 
++    if (l->watch)
++            l->engine->server->poll_api->watch_free(l->watch);
++
++    if (l->fd >= 0)
++        close(l->fd);
++
+     avahi_free(l);
+ }
+ 
+@@ -572,14 +614,20 @@ static void handle_packet(AvahiWideAreaLookupEngine *e, AvahiDnsPacket *p) {
+ }
+ 
+ static void socket_event(AVAHI_GCC_UNUSED AvahiWatch *w, int fd, AVAHI_GCC_UNUSED AvahiWatchEvent events, void *userdata) {
+-    AvahiWideAreaLookupEngine *e = userdata;
++    AvahiWideAreaLookup *l = userdata;
++    AvahiWideAreaLookupEngine *e = l->engine;
+     AvahiDnsPacket *p = NULL;
+ 
+-    if (fd == e->fd_ipv4)
+-        p = avahi_recv_dns_packet_ipv4(e->fd_ipv4, NULL, NULL, NULL, NULL, NULL);
++    assert(l);
++    assert(e);
++    assert(l->fd == fd);
++
++    if (l->proto == AVAHI_PROTO_INET)
++        p = avahi_recv_dns_packet_ipv4(l->fd, NULL, NULL, NULL, NULL, NULL);
+     else {
+-        assert(fd == e->fd_ipv6);
+-        p = avahi_recv_dns_packet_ipv6(e->fd_ipv6, NULL, NULL, NULL, NULL, NULL);
++        assert(l->proto == AVAHI_PROTO_INET6);
++
++        p = avahi_recv_dns_packet_ipv6(l->fd, NULL, NULL, NULL, NULL, NULL);
+     }
+ 
+     if (p) {
+@@ -598,32 +646,6 @@ AvahiWideAreaLookupEngine *avahi_wide_area_engine_new(AvahiServer *s) {
+     e->server = s;
+     e->cleanup_dead = 0;
+ 
+-    /* Create sockets */
+-    e->fd_ipv4 = s->config.use_ipv4 ? avahi_open_unicast_socket_ipv4() : -1;
+-    e->fd_ipv6 = s->config.use_ipv6 ? avahi_open_unicast_socket_ipv6() : -1;
+-
+-    if (e->fd_ipv4 < 0 && e->fd_ipv6 < 0) {
+-        avahi_log_error(__FILE__": Failed to create wide area sockets: %s", strerror(errno));
+-
+-        if (e->fd_ipv6 >= 0)
+-            close(e->fd_ipv6);
+-
+-        if (e->fd_ipv4 >= 0)
+-            close(e->fd_ipv4);
+-
+-        avahi_free(e);
+-        return NULL;
+-    }
+-
+-    /* Create watches */
+-
+-    e->watch_ipv4 = e->watch_ipv6 = NULL;
+-
+-    if (e->fd_ipv4 >= 0)
+-        e->watch_ipv4 = s->poll_api->watch_new(e->server->poll_api, e->fd_ipv4, AVAHI_WATCH_IN, socket_event, e);
+-    if (e->fd_ipv6 >= 0)
+-        e->watch_ipv6 = s->poll_api->watch_new(e->server->poll_api, e->fd_ipv6, AVAHI_WATCH_IN, socket_event, e);
+-
+     e->n_dns_servers = e->current_dns_server = 0;
+ 
+     /* Initialize cache */
+@@ -651,18 +673,6 @@ void avahi_wide_area_engine_free(AvahiWideAreaLookupEngine *e) {
+     avahi_hashmap_free(e->lookups_by_id);
+     avahi_hashmap_free(e->lookups_by_key);
+ 
+-    if (e->watch_ipv4)
+-        e->server->poll_api->watch_free(e->watch_ipv4);
+-
+-    if (e->watch_ipv6)
+-        e->server->poll_api->watch_free(e->watch_ipv6);
+-
+-    if (e->fd_ipv6 >= 0)
+-        close(e->fd_ipv6);
+-
+-    if (e->fd_ipv4 >= 0)
+-        close(e->fd_ipv4);
+-
+     avahi_free(e);
+ }
+ 
+@@ -680,7 +690,7 @@ void avahi_wide_area_set_servers(AvahiWideAreaLookupEngine *e, const AvahiAddres
+ 
+     if (a) {
+         for (e->n_dns_servers = 0; n > 0 && e->n_dns_servers < AVAHI_WIDE_AREA_SERVERS_MAX; a++, n--)
+-            if ((a->proto == AVAHI_PROTO_INET && e->fd_ipv4 >= 0) || (a->proto == AVAHI_PROTO_INET6 && e->fd_ipv6 >= 0))
++            if (a->proto == AVAHI_PROTO_INET || a->proto == AVAHI_PROTO_INET6)
+                 e->dns_servers[e->n_dns_servers++] = *a;
+     } else {
+         assert(n == 0);

avahi-0.9-address-data-size.patch

@@ -0,0 +1,30 @@
+From 358e5a3b0122b418614e2ac0fc71f6aad1de06f8 Mon Sep 17 00:00:00 2001
+From: Michal Sekletar <msekleta@redhat.com>
+Date: Mon, 23 Jun 2025 16:27:40 +0200
+Subject: [PATCH] Make data member as big as IPv6 address
+
+Unfortunately, recent FORTIFY_SOURCE hardening for inet_pton() can't
+deal with our type independent "data[1]" union member trick.
+
+Fixes #699
+---
+ avahi-common/address.h | 6 +++---
+ 1 file changed, 3 insertions(+), 3 deletions(-)
+
+diff --git a/avahi-common/address.h b/avahi-common/address.h
+index a14104fad..013fa975e 100644
+--- a/avahi-common/address.h
++++ b/avahi-common/address.h
+@@ -71,9 +71,9 @@ typedef struct AvahiAddress {
+     AvahiProtocol proto; /**< Address family */
+ 
+     union {
+-        AvahiIPv6Address ipv6;  /**< Address when IPv6 */
+-        AvahiIPv4Address ipv4;  /**< Address when IPv4 */
+-        uint8_t data[1];        /**< Type-independent data field */
++        AvahiIPv6Address ipv6;                   /**< Address when IPv6 */
++        AvahiIPv4Address ipv4;                   /**< Address when IPv4 */
++        uint8_t data[sizeof(AvahiIPv6Address)];  /**< Type-independent data field */
+     } data;
+ } AvahiAddress;
+ 

avahi.spec

@@ -56,24 +56,24 @@
 # trim changelog included in binary rpms
 %global _changelog_trimtime %(date +%s -d "1 year ago")
 
+%define rc rc2
+
 Name:             avahi
-Version:          0.8
-Release:          22%{?dist}
+Version:          0.9%{?rc:~%{rc}}
+Release:          7%{?dist}
 Summary:          Local network service discovery
-License:          LGPLv2+
+License:          LGPL-2.1-or-later AND LGPL-2.0-or-later AND BSD-2-Clause-Views AND MIT
 URL:              http://avahi.org
 Requires:         dbus
 Requires:         expat
 Requires:         libdaemon >= 0.11
 # For /usr/bin/dbus-send
 Requires(post):   dbus
-Requires(pre):    shadow-utils
 Requires(pre):    coreutils
 Requires:         %{name}-libs%{?_isa} = %{version}-%{release}
 BuildRequires:    automake
 BuildRequires:    libtool
 BuildRequires:    dbus-devel >= 0.90
-BuildRequires:    dbus-glib-devel >= 0.70
 BuildRequires:    desktop-file-utils
 %if %{WITH_GTK2}
 BuildRequires:    gtk2-devel
@@ -126,44 +126,25 @@ BuildRequires:    mono-devel
 BuildRequires:    monodoc-devel
 %endif
 BuildRequires:    systemd
+BuildRequires:    systemd-devel
 BuildRequires:    gcc
 BuildRequires:    gcc-c++
+BuildRequires:    gettext-devel
 
-%if 0%{?beta:1}
-Source0:          https://github.com/lathiat/avahi/archive/%{version}-%{beta}.tar.gz#/%{name}-%{version}-%{beta}.tar.gz
+%if 0%{?rc:1}
+Source0:          https://github.com/avahi/avahi/archive/refs/tags/v%{version_no_tilde}.tar.gz
 %else
-Source0:          https://github.com/lathiat/avahi/releases/download/v%{version}/avahi-%{version}.tar.gz
-#Source0:         http://avahi.org/download/avahi-%%{version}.tar.gz
+Source0:          https://github.com/avahi/avahi/releases/download/v%{version_no_tilde}/%{name}-%{version_no_tilde}.tar.gz
 %endif
 
 ## upstream patches
-# https://github.com/lathiat/avahi/commit/9c3a314856affb288f701d2d3ee23278fc98eaee
-Patch6: 0006-avahi-dnsconfd.service-Drop-Also-avahi-daemon.socket.patch
-# https://github.com/lathiat/avahi/pull/148
-# https://github.com/lathiat/avahi/commit/f983df44870b602179b493f9c3d113753b378e27
-Patch7: 0007-man-add-missing-bshell.1-symlink.patch
-# https://github.com/lathiat/avahi/pull/142
-Patch8: 0008-Ship-avahi-discover-1-bssh-1-and-bvnc-1-also-for-GTK.patch
-# https://github.com/lathiat/avahi/pull/265
-# https://github.com/lathiat/avahi/commit/366e3798bdbd6b7bf24e59379f4a9a51af575ce9
-Patch9: 0009-fix-requires-in-pc-file.patch
-# https://github.com/lathiat/avahi/pull/270
-# https://github.com/lathiat/avahi/commit/a94f72081dd1d546a1d95d860311a1242315bb28
-Patch10: 0010-fix-bytestring-decoding-for-proper-display.patch
-# https://github.com/lathiat/avahi/pull/268
-# https://github.com/lathiat/avahi/commit/b897ca43ac100d326d118e5877da710eb7f836f9
-Patch11: 0011-avahi_dns_packet_consume_uint32-fix-potential-undefi.patch
-# https://github.com/lathiat/avahi/pull/324
-# https://github.com/lathiat/avahi/commit/9d31939e55280a733d930b15ac9e4dda4497680c
-Patch16: 0016-Fix-NULL-pointer-crashes-from-175.patch
-# https://github.com/lathiat/avahi/pull/407
-Patch17: 0017-Emit-error-if-requested-service-is-not-found.patch
+# https://github.com/avahi/avahi/pull/662
+Patch1: avahi-0.9-CVE-2024-52615.patch
+# https://github.com/avahi/avahi/pull/707
+Patch2: avahi-0.9-address-data-size.patch
 
 ## downstream patches
 Patch100: avahi-0.6.30-mono-libdir.patch
-# https://bugzilla.redhat.com/show_bug.cgi?id=1897925
-# https://github.com/lathiat/avahi/pull/312
-Patch101: 0016-fix-QT3-build.patch
 Patch102: avahi-0.8-no_undefined.patch
 
 %description
@@ -420,7 +401,6 @@ libraries.
 
 %package autoipd
 Summary:          Link-local IPv4 address automatic configuration daemon (IPv4LL)
-Requires(pre):    shadow-utils
 Requires:         %{name}-libs%{?_isa} = %{version}-%{release}
 
 %description autoipd
@@ -463,10 +443,18 @@ Requires:         %{name}-libs%{?_isa} = %{version}-%{release}
 
 
 %prep
-%autosetup -n %{name}-%{version}%{?beta:-%{beta}} -p1
+%autosetup -n %{name}-%{version_no_tilde} -p1
 
 rm -fv docs/INSTALL
 
+# Create two sysusers.d config files
+cat >avahi.sysusers.conf <<EOF
+u avahi 70 'Avahi mDNS/DNS-SD Stack' %{_localstatedir}/run/avahi-daemon -
+EOF
+cat >avahi-autoipd.sysusers.conf <<EOF
+u avahi-autoipd 170 'Avahi IPv4LL Stack' %{_localstatedir}/lib/avahi-autoipd -
+EOF
+
 
 %build
 ## why autogen?
@@ -578,6 +566,9 @@ rm -fv %{buildroot}%{_sysconfdir}/rc.d/init.d/avahi-dnsconfd
 
 %find_lang %{name}
 
+install -m0644 -D avahi.sysusers.conf %{buildroot}%{_sysusersdir}/avahi.conf
+install -m0644 -D avahi-autoipd.sysusers.conf %{buildroot}%{_sysusersdir}/avahi-autoipd.conf
+
 
 %check
 %if %{with check}
@@ -593,17 +584,6 @@ rm -fv %{buildroot}%{_sysconfdir}/rc.d/init.d/avahi-dnsconfd
 %endif
 
 
-%pre
-getent group avahi >/dev/null || groupadd -f -g 70 -r avahi
-if ! getent passwd avahi > /dev/null ; then
-  if ! getent passwd 70 > /dev/null ; then
-    useradd -r -l -u 70 -g avahi -d %{_localstatedir}/run/avahi-daemon -s /sbin/nologin -c "Avahi mDNS/DNS-SD Stack" avahi
-  else
-    useradd -r -l -g avahi -d %{_localstatedir}/run/avahi-daemon -s /sbin/nologin -c "Avahi mDNS/DNS-SD Stack" avahi
-  fi
-fi
-exit 0
-
 %post
 %{?ldconfig}
 /usr/bin/dbus-send --system --type=method_call --dest=org.freedesktop.DBus / org.freedesktop.DBus.ReloadConfig >/dev/null 2>&1 || :
@@ -619,17 +599,6 @@ fi
 %{?ldconfig}
 %systemd_postun_with_restart avahi-daemon.socket avahi-daemon.service
 
-%pre autoipd
-getent group avahi-autoipd >/dev/null || groupadd -f -g 170 -r avahi-autoipd
-if ! getent passwd avahi-autoipd > /dev/null ; then
-  if ! getent passwd 170 > /dev/null; then
-    useradd -r -u 170 -l -g avahi-autoipd -d %{_localstatedir}/lib/avahi-autoipd -s /sbin/nologin -c "Avahi IPv4LL Stack" avahi-autoipd
-  else
-    useradd -r -l -g avahi-autoipd -d %{_localstatedir}/lib/avahi-autoipd -s /sbin/nologin -c "Avahi IPv4LL Stack" avahi-autoipd
-  fi
-fi
-exit 0
-
 %post dnsconfd
 %systemd_post avahi-dnsconfd.service
 
@@ -660,9 +629,9 @@ exit 0
 %ghost %{_sysconfdir}/avahi/etc/localtime
 %config(noreplace) %{_sysconfdir}/avahi/hosts
 %dir %{_sysconfdir}/avahi/services
-%ghost %dir %{_localstatedir}/run/avahi-daemon
+%ghost %attr(0755, avahi, avahi) %dir %{_localstatedir}/run/avahi-daemon
 %config(noreplace) %{_sysconfdir}/avahi/avahi-daemon.conf
-%config(noreplace) %{_sysconfdir}/dbus-1/system.d/avahi-dbus.conf
+%config(noreplace) %{_datadir}/dbus-1/system.d/avahi-dbus.conf
 %{_sbindir}/avahi-daemon
 %dir %{_datadir}/avahi
 %{_datadir}/avahi/*.dtd
@@ -677,12 +646,14 @@ exit 0
 %{_datadir}/dbus-1/interfaces/*.xml
 %{_datadir}/dbus-1/system-services/org.freedesktop.Avahi.service
 %{_libdir}/libavahi-core.so.*
+%{_sysusersdir}/avahi.conf
 
 %files autoipd
 %{_sbindir}/avahi-autoipd
 %config(noreplace) %{_sysconfdir}/avahi/avahi-autoipd.action
 %attr(1770,avahi-autoipd,avahi-autoipd) %dir %{_localstatedir}/lib/avahi-autoipd/
 %{_mandir}/man8/avahi-autoipd.*
+%{_sysusersdir}/avahi-autoipd.conf
 
 %files dnsconfd
 %config(noreplace) %{_sysconfdir}/avahi/avahi-dnsconfd.action
@@ -878,6 +849,56 @@ exit 0
 
 
 %changelog
+* Fri Jan 16 2026 Fedora Release Engineering <releng@fedoraproject.org> - 0.9~rc2-7
+- Rebuilt for https://fedoraproject.org/wiki/Fedora_44_Mass_Rebuild
+
+* Tue Aug 05 2025 Petr Menšík <pemensik@redhat.com> - 0.9~rc2-6
+- Fix port randomization for wide area queries (CVE-2024-52615)
+- Add systemd-devel dependency
+- Fix test crashing because FORTIFY_SOURCE protection
+
+* Wed Jul 23 2025 Fedora Release Engineering <releng@fedoraproject.org> - 0.9~rc2-5
+- Rebuilt for https://fedoraproject.org/wiki/Fedora_43_Mass_Rebuild
+
+* Mon Apr 14 2025 Zbigniew Jędrzejewski-Szmek <zbyszek@in.waw.pl> - 0.9~rc2-4
+- Also create sysusers.d config file for the avahi-autoipd user
+
+* Thu Jan 23 2025 Zbigniew Jędrzejewski-Szmek <zbyszek@in.waw.pl> - 0.9~rc2-3
+- Add sysusers.d config file to allow rpm to create users/groups automatically
+
+* Thu Jan 16 2025 Michal Sekletar <msekleta@redhat.com> - 0.9~rc2-2
+- Fix previous changelog entry
+
+* Thu Jan 16 2025 Michal Sekletar <msekleta@redhat.com> - 0.9~rc2-1
+- Rebase to 0.9-rc2
+
+* Thu Jan 16 2025 Fedora Release Engineering <releng@fedoraproject.org> - 0.8-31
+- Rebuilt for https://fedoraproject.org/wiki/Fedora_42_Mass_Rebuild
+
+* Wed Aug 21 2024 Michal Sekletar <msekleta@redhat.com> - 0.8-30
+- fix file attributes of /run/avahi-daemon (rhbz#1608918)
+
+* Wed Jul 17 2024 Fedora Release Engineering <releng@fedoraproject.org> - 0.8-29
+- Rebuilt for https://fedoraproject.org/wiki/Fedora_41_Mass_Rebuild
+
+* Thu Apr 04 2024 Michal Sekletar <msekleta@redhat.com> - 0.8-28
+- Add gettext-devel to build dependencies
+
+* Mon Jan 22 2024 Fedora Release Engineering <releng@fedoraproject.org> - 0.8-27
+- Rebuilt for https://fedoraproject.org/wiki/Fedora_40_Mass_Rebuild
+
+* Fri Jan 19 2024 Fedora Release Engineering <releng@fedoraproject.org> - 0.8-26
+- Rebuilt for https://fedoraproject.org/wiki/Fedora_40_Mass_Rebuild
+
+* Wed Jul 26 2023 Lukáš Zaoral <lzaoral@redhat.com> - 0.8-25
+- migrate to SPDX license format
+
+* Wed Jul 19 2023 Fedora Release Engineering <releng@fedoraproject.org> - 0.8-24
+- Rebuilt for https://fedoraproject.org/wiki/Fedora_39_Mass_Rebuild
+
+* Wed May 10 2023 Tomas Popela <tpopela@redhat.com> - 0.8-23
+- Drop BR on dbus-glib as the project is not using it at all
+
 * Sun Mar 19 2023 Petr Menšík <pemensik@redhat.com> - 0.8-22
 - Enable unit tests during check
 - Prevent crashes on some invalid DBus calls

plans/main.fmf

@@ -0,0 +1,6 @@
+summary: Run all tests
+execute:
+  how: tmt
+discover:
+  how: fmf
+

sources

@@ -1 +1 @@
-SHA512 (avahi-0.8.tar.gz) = c6ba76feb6e92f70289f94b3bf12e5f5c66c11628ce0aeb3cadfb72c13a5d1a9bd56d71bdf3072627a76cd103b9b056d9131aa49ffe11fa334c24ab3b596c7de
+SHA512 (v0.9-rc2.tar.gz) = 29d6c9d075d0202b9da2cdf935fa04fad31ba95475ba5de086c9958d25caa405925bbd82ed439a024febf7880325e80c1a032a660284a7708c71dae9076f413b

tests/got-audit/got-audit.gdb

@@ -0,0 +1,2 @@
+gef config gef.disable_color True
+got-audit --all

tests/got-audit/main.fmf

@@ -0,0 +1,7 @@
+summary: Audit the GOT for signs of tampering
+description: |
+  Pointers in the server process GOT will be checked to ensure that
+  each function pointer's value is within a shared object file
+  that exports a symbol of that name, and that no shared object
+  files export conflicting symbols.
+contact: Gordon Messmer <gordon.messmer@gmail.com>

tests/got-audit/runtest.sh

@@ -0,0 +1,45 @@
+#!/bin/bash
+# vim: dict+=/usr/share/beakerlib/dictionary.vim cpt=.,w,b,u,t,i,k
+# ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
+#
+#   runtest.sh of /CoreOS/avahi/Sanity/got-audit
+#   Description: Check pointers in the server process GOT for signs of tampering
+#   Author: Gordon Messmer <gordon.messmer@gmail.com>
+#
+
+# Include Beaker environment
+. /usr/share/beakerlib/beakerlib.sh || exit 1
+
+TEST="/CoreOS/avahi/Sanity/got-audit"
+
+rlJournalStart
+    rlPhaseStartSetup
+        rlServiceStart avahi-daemon.socket
+        rlServiceStart avahi-daemon
+        rlRun "TestDir=\$(pwd)"
+        rlRun "TmpDir=\$(mktemp -d)" 0 "Creating tmp directory"
+        rlRun "pushd $TmpDir"
+        rlRun "auditfile=\$(mktemp --tmpdir=${TmpDir})"
+    rlPhaseEnd
+
+    rlPhaseStartTest "Run GEF got-audit"
+        rlRun "SERVICE_PID=\$(systemctl show --property=MainPID --value avahi-daemon.service)"
+        rlRun "echo SERVICE_PID is '$SERVICE_PID'"
+        [ -n "$SERVICE_PID" ] || rlFail "No service pid was found"
+        rlRun "gdb-gef --pid '$SERVICE_PID' --command='$TestDir'/got-audit.gdb --batch > '$auditfile'"
+        # Basic test: ensure that at least one symbol is found in libc.so,
+        #  to verify that the report looks plausible.
+        rlAssertGrep " : /.*/libc.so" "$auditfile"
+        # Ensure the got-audit did not report any errors
+        rlAssertNotGrep " :: ERROR" "$auditfile"
+        rlRun "cp '$auditfile' '$TMT_TEST_DATA'/got-audit.txt"
+    rlPhaseEnd
+
+    rlPhaseStartCleanup
+        rlServiceRestore avahi-daemon.socket
+        rlServiceRestore avahi-daemon
+        rlRun "popd"
+        rlRun "rm -r $TmpDir" 0 "Removing tmp directory"
+    rlPhaseEnd
+rlJournalEnd
+rlJournalPrintText

tests/main.fmf

@@ -0,0 +1,2 @@
+test: ./runtest.sh
+framework: beakerlib

tests/tests.yml

@@ -8,9 +8,11 @@
     - classic
     tests:
     - Basic-sanity-test
+    - got-audit
     required_packages:
     - avahi
     - avahi-tools
     - bind
     - bind-chroot
     - bind-utils
+    - gdb-gef           # needed to test got-audit