From acd1fee45cb1512d4c92edf2ead5cd45e74aa667 Mon Sep 17 00:00:00 2001
From: ze-you-liu <zeyouliu@tencent.com>
Date: Tue, 13 Jan 2026 18:50:24 +0800
Subject: [PATCH] fix CVE-2025-68471

---
 .gitignore                     |  1 +
 avahi-0.8-CVE-2025-68471.patch | 16 ++++++++++++++++
 avahi.spec                     |  7 ++++++-
 3 files changed, 23 insertions(+), 1 deletion(-)
 create mode 100644 .gitignore
 create mode 100644 avahi-0.8-CVE-2025-68471.patch

diff --git a/.gitignore b/.gitignore
new file mode 100644
index 0000000..935f26b
--- /dev/null
+++ b/.gitignore
@@ -0,0 +1 @@
+avahi-0.8.tar.gz
diff --git a/avahi-0.8-CVE-2025-68471.patch b/avahi-0.8-CVE-2025-68471.patch
new file mode 100644
index 0000000..a129cff
--- /dev/null
+++ b/avahi-0.8-CVE-2025-68471.patch
@@ -0,0 +1,16 @@
+diff --git a/avahi-core/browse.c b/avahi-core/browse.c
+index e8a915e..ad08bd6 100644
+--- a/avahi-core/browse.c
++++ b/avahi-core/browse.c
+@@ -320,7 +320,10 @@ static int lookup_start(AvahiSRBLookup *l) {
+     assert(l);
+ 
+     assert(!(l->flags & AVAHI_LOOKUP_USE_WIDE_AREA) != !(l->flags & AVAHI_LOOKUP_USE_MULTICAST));
+-    assert(!l->wide_area && !l->multicast);
++    if (l->wide_area || l->multicast) {
++        /* Avoid starting a duplicate lookup */
++        return 0;
++    }
+ 
+     if (l->flags & AVAHI_LOOKUP_USE_WIDE_AREA) {
+ 
diff --git a/avahi.spec b/avahi.spec
index 8551f63..c5e7c4b 100644
--- a/avahi.spec
+++ b/avahi.spec
@@ -3,7 +3,7 @@
 Summary:          Service Discovery for Linux using mDNS/DNS-SD -- compatible with Bonjour
 Name:             avahi
 Version:          0.8
-Release:          12%{?dist}
+Release:          13%{?dist}
 License:          LGPLv2+
 URL:              http://avahi.org
 Source0:          http://avahi.org/download/avahi-%{version}.tar.gz
@@ -21,6 +21,7 @@ Patch0011:        fix-CVE-2023-38471.patch
 Patch0012:        fix-CVE-2023-38472.patch
 Patch0013:        fix-CVE-2023-38473.patch
 Patch0014:        fix-CVE-2023-38469.patch
+Patch0015:        avahi-0.8-CVE-2025-68471.patch
 Patch3000:        3000-avahi-0.8-no_undefined.patch
 Patch3001:        CVE-2024-52616.patch
 Patch3002:        CVE-2024-52615.patch
@@ -460,6 +461,10 @@ exit 0
 
 
 %changelog
+* Tue Jan 13 2026 ze-you-liu <zeyouliu@tencent.com> - 0.8-13
+- [Type] security
+- [DESC] Fix CVE-2025-68471 vulnerability
+
 * Mon Jun 30 2025 Xin Cheng <denisecheng@tencent.com> - 0.8-12
 - fix CVE-2024-52615 and CVE-2024-52616
 
-- 
Gitee