This update for avahi fixes the following issues:
* CVE-2025-68276: Fixed refuse to create wide-area record browsers when wide-
area is off (bsc#1256498)
* CVE-2025-68471: Fixed DoS bug by changing assert to return (bsc#1256500)
* CVE-2025-68468: Fixed DoS bug by removing incorrect assertion (bsc#1256499)
## Patch Instructions:
To install this SUSE update use the SUSE recommended installation methods like
YaST online_update or "zypper patch".
Alternatively you can run the command listed for your product:
* openSUSE Leap 15.6
zypper in -t patch SUSE-2026-259=1 openSUSE-SLE-15.6-2026-259=1
* Basesystem Module 15-SP7
zypper in -t patch SUSE-SLE-Module-Basesystem-15-SP7-2026-259=1
* Desktop Applications Module 15-SP7
zypper in -t patch SUSE-SLE-Module-Desktop-Applications-15-SP7-2026-259=1
* SUSE Package Hub 15 15-SP7
zypper in -t patch SUSE-SLE-Module-Packagehub-Subpackages-15-SP7-2026-259=1
* openSUSE Leap 15.6 (aarch64 ppc64le s390x x86_64 i586)
* avahi-utils-gtk-debuginfo-0.8-150600.15.12.1
* libavahi-ui-gtk3-0-debuginfo-0.8-150600.15.12.1
* libavahi-devel-0.8-150600.15.12.1
* libdns_sd-0.8-150600.15.12.1
* libavahi-ui-gtk3-0-0.8-150600.15.12.1
* libavahi-gobject0-0.8-150600.15.12.1
* typelib-1_0-Avahi-0_6-0.8-150600.15.12.1
* libavahi-gobject-devel-0.8-150600.15.12.1
* avahi-glib2-debugsource-0.8-150600.15.12.1
* python3-avahi-gtk-0.8-150600.15.12.1
* avahi-compat-howl-devel-0.8-150600.15.12.1
* libavahi-qt5-devel-0.8-150600.15.12.1
* avahi-utils-0.8-150600.15.12.1
* avahi-debuginfo-0.8-150600.15.12.1
* libdns_sd-debuginfo-0.8-150600.15.12.1
* avahi-0.8-150600.15.12.1
* libavahi-glib1-debuginfo-0.8-150600.15.12.1
* libavahi-libevent1-0.8-150600.15.12.1
* libavahi-core7-0.8-150600.15.12.1
* libavahi-glib1-0.8-150600.15.12.1
* libavahi-core7-debuginfo-0.8-150600.15.12.1
* libhowl0-debuginfo-0.8-150600.15.12.1
* avahi-utils-gtk-0.8-150600.15.12.1
* libavahi-client3-debuginfo-0.8-150600.15.12.1
*...
Read the Full Advisory* bsc#1256498
* bsc#1256499
* bsc#1256500
## References:
* https://www.suse.com/security/cve/CVE-2025-68276.html
* https://www.suse.com/security/cve/CVE-2025-68468.html
* https://www.suse.com/security/cve/CVE-2025-68471.html
* https://bugzilla.suse.com/show_bug.cgi?id=1256498
* https://bugzilla.suse.com/show_bug.cgi?id=1256499
* https://bugzilla.suse.com/show_bug.cgi?id=1256500
Get the latest Linux and open source security news straight to your inbox.