{"id":"MGASA-2026-0016","summary":"Updated avahi packages fix security vulnerabilities","details":"Avahi has a reachable assertion in avahi_wide_area_scan_cache.\n(CVE-2025-68276)\nAvahi has a reachable assertion in lookup_multicast_callback.\n(CVE-2025-68468)\nAvahi has a reachable assertion in lookup_start. (CVE-2025-68471)\n","modified":"2026-04-16T04:41:39.143869485Z","published":"2026-01-23T00:11:41Z","upstream":["CVE-2025-68276","CVE-2025-68468","CVE-2025-68471"],"references":[{"type":"ADVISORY","url":"https://advisories.mageia.org/MGASA-2026-0016.html"},{"type":"REPORT","url":"https://bugs.mageia.org/show_bug.cgi?id=34887"},{"type":"WEB","url":"https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/message/DR2CTF5XR6GVX3JYIAAO3ULJNUZDGBVS/"},{"type":"ADVISORY","url":"https://ubuntu.com/security/notices/USN-7967-1"}],"affected":[{"package":{"name":"avahi","ecosystem":"Mageia:9","purl":"pkg:rpm/mageia/avahi?arch=source&distro=mageia-9"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"0.8-10.3.mga9"}]}],"ecosystem_specific":{"section":"core"},"database_specific":{"source":"https://advisories.mageia.org/MGASA-2026-0016.json"}}],"schema_version":"1.7.5","credits":[{"name":"Mageia","contact":["https://wiki.mageia.org/en/Packages_Security_Team"],"type":"COORDINATOR"}]}