From the ChangeLog: Fix a local DoS vulnerability, where an assert() could be hit by passing empty TXT data over D-Bus to the Avahi daemon. (Low Risk) I'm about to bump the package.
Arches please test and mark stable. Target keywords are: avahi-0.6.20.ebuild:KEYWORDS="alpha amd64 arm hppa ia64 ppc ppc64 sh sparc x86 ~x86-fbsd"
Broken ATM, please don't stable yet
Let me know when a fixed version is ready for stable marking.
I added the patch to net-dns/avahi-0.6.19-r1.
We now have a fixed version not blocked by bug #182999. Arches please test and mark stable. Target keywords are: avahi-0.6.19-r1.ebuild:KEYWORDS="alpha amd64 arm hppa ia64 ppc ppc64 s390 sh sparc x86 ~x86-fbsd"
ppc64 stable
sparc stable.
alpha/ia64/x86 stable
ppc stable
Stable for HPPA.
amd64 stable
This one is ready for glsa decision. It seems that this DoS can only be triggered locally, so I vote NO.
Voting NO and closing.