Dear all, Good news, an update has been done by Avahi Team, a new RC has been released: 0.9 RC3 (2026-01-27): - https://github.com/avahi/avahi/tags - https://github.com/avahi/avahi/releases/tag/v0.9-rc3
At the same time, a new CVE has been added: CVE-2026-24401: - https://github.com/avahi/avahi/security - https://github.com/avahi/avahi/security/advisories/GHSA-h4vp-5m8j-f6w3 - https://www.cvedetails.com/cve/CVE-2026-24401/ - https://www.google.com/search?q=CVE-2026-24401 Please update to Avahi 0.9 RC3 to be in more security. Regards, Neustradamus ________________________________________ From: avahi <[email protected]> on behalf of * Neustradamus * <[email protected]> Sent: Sunday, January 18, 2026 17:36 To: [email protected] Subject: Avahi - NEW CVEs are not listed yet in my GitHub ticket (CVEs since 2021) Dear all, In first, I wish you a Happy New Year 2026! It is important for me to inform you about new Avahi CVEs. Currently, it has not been added in my Avahi ticket that I have created a long time ago about current CVEs since 2021: - https://github.com/avahi/avahi/issues/503 Recall, the latest Avahi version is 0.8.0 (2020-02-18), 6 years soon. CVE-2025-68471 - https://github.com/avahi/avahi/security/advisories/GHSA-56rf-42xr-qmmg - https://www.cve.org/CVERecord?id=CVE-2025-68471 CVE-2025-68468 - https://github.com/avahi/avahi/security/advisories/GHSA-cp79-r4x9-vf52 - https://www.cve.org/CVERecord?id=CVE-2025-68468 CVE-2025-68276 - https://github.com/avahi/avahi/security/advisories/GHSA-mhf3-865v-g5rc - https://www.cve.org/CVERecord?id=CVE-2025-68276 CVE-2025-59529 - https://github.com/avahi/avahi/security/advisories/GHSA-73wf-3xmj-x82q - https://www.cve.org/CVERecord?id=CVE-2025-59529 A list is here: - https://www.cve.org/CVERecord/SearchResults?query=avahi - https://www.cvedetails.com/vulnerability-list/vendor_id-4481/Avahi.html Note: Maybe there are others too. Several softwares, projects, companies wait a new Avahi release build for security. Note: The latest unstable version is 0.9 RC2 (2024-11-19). SECURITY IS VERY IMPORTANT. Regards, Neustradamus
