CLSA-2025-1743675732 avahi: Fix of 8 CVEs

CVE-2021-3468: handle termination event on avahi Unix socket to prevent infinite loop - CVE-2023-1981: prevent avahi daemon crash by emitting an error if the requested D-Bus service is not found - CVE-2021-3502: fix avahi-daemon crashing from NULL pointer assertions - CVE-2023-38469: reject...

Videolabs libmicrodns 0.1.0 TXT record RDATA-parsing denial-of-service vulnerability

Summary An exploitable denial-of-service vulnerability exists in the TXT record-parsing functionality of Videolabs libmicrodns 0.1.0. When parsing the RDATA section in a TXT record in mDNS messages, multiple integer overflows can be triggered, leading to a denial of service. An attacker can send ...

bind: named crash with an assertion failure on parsing malformed rdata

The RFC 5011 implementation in rdata.c in ISC BIND 9.7.x and 9.8.x before 9.8.5-P2, 9.8.6b1, 9.9.x before 9.9.3-P2, and 9.9.4b1, and DNSco BIND 9.9.3-S1 before 9.9.3-S1-P1 and 9.9.4-S1b1, allows remote attackers to cause a denial of service assertion failure and named daemon exit via a query with...