mirror of
https://github.com/motioneye-project/motioneyeos.git
synced 2025-04-20 05:17:17 +00:00
853cff9679
Fixes CVE-2017-6519: avahi-daemon in Avahi through 0.6.32 and 0.7 inadvertently responds to IPv6 unicast queries with source addresses that are not on-link, which allows remote attackers to cause a denial of service (traffic amplification) and may cause information leakage by obtaining potentially sensitive information from the responding device via port-5353 UDP packets. Signed-off-by: Artem Panfilov <panfilov.artyom@gmail.com> Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com> (cherry picked from commit 1e17adf1c5ee1cecd747f84fff8f6261c1e8a476) Signed-off-by: Peter Korsgaard <peter@korsgaard.com>