It seems this is meant for distributions that lack mdnsresponder. It's
heavier than it as dbus is required.
Since this happens to conflict with mdnsresponder, just remove it.
Signed-off-by: Rosen Penev <rosenp@gmail.com>
Imported patches included in debian and other package.
* 200-Fix-NULL-pointer-crashes-from-175.patch
CVE-2021-3502
A flaw was found in avahi 0.8-5. A reachable assertion is present in avahi_s_host_name_resolver_start function allowing a local attacker to crash the avahi service by requesting hostname resolutions through the avahi socket or dbus methods for invalid hostnames. The highest threat from this vulnerability is to the service availability.
* 201-Avoid-infinite-loop-in-avahi-daemon-by-handling-HUP-event.patch
CVE-2021-3468
A flaw was found in avahi in versions 0.6 up to 0.8. The event used to signal the termination of the client connection on the avahi Unix socket is not correctly handled in the client_work function, allowing a local attacker to trigger an infinite loop. The highest threat from this vulnerability is to the availability of the avahi service, which becomes unresponsive after this flaw is triggered.
* 202-avahi_dns_packet_consume_uint32-fix-potential-undefined-b.patch
avahi_dns_packet_consume_uint32 left shifts uint8_t values by 8, 16 and 24 bits to combine them into a 32-bit value. This produces an undefined behavior warning with gcc -fsanitize when fed input values of 128 or 255 however in testing no actual unexpected behavior occurs in practice and the 32-bit uint32_t is always correctly produced as the final value is immediately stored into a uint32_t and the compiler appears to handle this "correctly".
Cast the intermediate values to uint32_t to prevent this warning and ensure the intended result is explicit.
* 203-Do-not-disable-timeout-cleanup-on-watch-cleanup.patch
This was causing timeouts to never be removed from the linked list that tracks them, resulting in both memory and CPU usage to grow larger over time.
* 204-Emit-error-if-requested-service-is-not-found.patch
It currently just crashes instead of replying with error. Check return
value and emit error instead of passing NULL pointer to reply.
* 205-conf-file-line-lengths.patch
Allow avahi-daemon.conf file to have lines longer than 256 characters (new limit 1024).
Signed-off-by: Hirokazu MORIKAWA <morikw2@gmail.com>
Fixed the affected issue in the latest commit
daemon.err avahi-daemon[xxx]: mkdir("/run/avahi-daemon/"): No such file or directory
Signed-off-by: Hirokazu MORIKAWA <morikw2@gmail.com>
This seems to happen only on some distributions (Void, Arch):
/usr/lib/libgcc_s.so.1: file not recognized: file format not recognized
collect2: error: ld returned 1 exit status
libtool: error: error: relink 'libdns_sd.la' with the above command before installing it
Signed-off-by: Michal Vasilek <michal.vasilek@nic.cz>
The crude loop I wrote to come up with this changeset:
find -L package/feeds/packages/ -name patches | \
sed 's/patches$/refresh/' | sort | xargs make
Signed-off-by: Ilya Lipnitskiy <ilya.lipnitskiy@gmail.com>
The config symbol SSP_SUPPORT is ambiguous and means different
things to different packages: either "toolchain is compiled
with ssp support" or "toolchain uses gcc libssp". The use of the
symbol should be deprecated and the appropriate symbol used
instead.
Signed-off-by: Ian Cooper <iancooper@hotmail.com>
Clean up Makefile slightly.
Update configure options for the new version.
Remove first patch and update the other one.
Use a different solution for the stack protector on certain platforms.
Run script through shellcheck. Small quote fix.
Signed-off-by: Rosen Penev <rosenp@gmail.com>
The inline if statement does not work correctly. Moved it to a more proper place.
Also changed the install to install the symlinks as well.
Signed-off-by: Rosen Penev <rosenp@gmail.com>
In avahi 0.7 the runtime_dir was updated to be /run instead of /var/run
for better systemd compatibility. Patch out that change to fix
avahi-daemon.
Signed-off-by: Jeremiah McConnell <miah@miah.com>
Build depends refer to source package names, not binary package names.
In many cases, PKG_BUILD_DEPENDS simply duplicated runtime dependencies of
a source package's binary packages; as the corresponding source packages
are implicitly added as bulid dependencies, PKG_BUILD_DEPENDS can simply be
dropped in these cases. In the other cases, *_BUILD_DEPENDS is fixed to
refer to the correct source package name.
Dependency of mysql-server is adjusted from libncursesw to libncurses
(as libncursesw is a virtual package provided by libncurses), so the build
dependency on ncurses is emitted unconditionally.
Signed-off-by: Matthias Schiffer <mschiffer@universe-factory.net>
fix Makefile chmod (644)
replace MD5SUM with HASH
add PKG_MIRROR_HASH when PKG_SOURCE_PROTO:=git
(PKG_SOURCE_PROTO:=svn tarballs are not reproducible for now)
Signed-off-by: Etienne Champetier <champetier.etienne@gmail.com>
You can now specify in '/etc/config/network'
config interface 'eth1_autoip'
option ifname 'eth1'
option proto 'autoip'
And netifd would handle the rest of the logic/setup.
Signed-off-by: Claudiu Brasovean <cbrasho@gmail.com>
Signed-off-by: Ted Hess <thess@kitschensync.net>
Warning is:
#warning redirecting incorrect #include <sys/poll.h> to <poll.
Not a big issue.
But it can be annoying when building with -Werror set.
Signed-off-by: Alexandru Ardelean <ardeleanalex@gmail.com>
Found on an all-y build with SSP enabled:
Package avahi-autoipd is missing dependencies for the following libraries:
libssp.so.0
Adding the missing dependency to address that.
Signed-off-by: Daniel Golle <daniel@makrotopia.org>
This makes the description of the HTTP and SSH services look the
same as in other distributions as suggested by kirelagin in #543.
Signed-off-by: Michael Heimpold <mhei@heimpold.de>
