Two denial of service conditions were discovered in avahi, a Multicast DNS implementation. Huge Dias discovered that the avahi daemon aborts with an assert error if it encounters a UDP packet with source port 0 (CVE-2008-5081). It was discovered that the avahi daemon aborts with an assert error if it receives an empty TXT record over D-Bus (CVE-2007-3372). For the stable distribution (etch), these problems have been fixed in version 0.6.16-3etch2. For the unstable distribution (sid), these problems have been fixed in version 0.6.23-3. We recommend that you upgrade your avahi packages.
Two denial of service conditions were discovered in avahi, a Multicast DNS implementation.
Huge Dias discovered that the avahi daemon aborts with an assert error if it encounters a UDP packet with source port 0 (CVE-2008-5081).
It was discovered that the avahi daemon aborts with an assert error if it receives an empty TXT record over D-Bus (CVE-2007-3372).
For the stable distribution (etch), these problems have been fixed in version 0.6.16-3etch4.
For the unstable distribution (sid), these problems have been fixed in version 0.6.23-3.
We recommend that you upgrade your avahi packages.
MD5 checksums of the listed files are available in the original advisory.