Mandriva Linux Security Advisory - The consume_labels function in avahi-core/dns.c in Avahi before 0.6.16 allows remote attackers to cause a denial of service (infinite loop) via a crafted compressed DNS response with a label that points to itself.
db653fedf0f97f8642f50ebd58b11367c38216a21c1f69bb31aa92d253c6c99e
Ubuntu Security Notice 402-1 - A flaw was discovered in Avahi's handling of compressed DNS packets. If a specially crafted reply were received over the network, the Avahi daemon would go into an infinite loop, causing a denial of service.
3b34b1c0a1afd0f21a031bc1428ae1b38b74cf0d649b5cd8e96d6bdd2bbd3d86