diff --git a/CVE-2010-2244.patch b/CVE-2010-2244.patch
new file mode 100644
index 0000000..9d5784b
--- /dev/null
+++ b/CVE-2010-2244.patch
@@ -0,0 +1,41 @@
+From 2b2844b10d7b7e5c97f9c667d664d9418bb7769a Mon Sep 17 00:00:00 2001
+From: Ludwig Nussel <ludwig.nussel@suse.de>
+Date: Wed, 19 May 2010 15:43:44 +0200
+Subject: [PATCH] socket: ignore packet if FIONREAD returns zero
+
+zero size is reported for corrupt packets. recvmsg() later could
+nevertheless get data from a good packet that followed the bad one.
+So get out early to avoid hitting an assertion.
+---
+ avahi-core/socket.c |    8 ++++++++
+ 1 files changed, 8 insertions(+), 0 deletions(-)
+
+diff --git a/avahi-core/socket.c b/avahi-core/socket.c
+index 4146d5a..f9b90a2 100644
+--- a/avahi-core/socket.c
++++ b/avahi-core/socket.c
+@@ -652,6 +652,10 @@ AvahiDnsPacket *avahi_recv_dns_packet_ipv4(
+         goto fail;
+     }
+ 
++    /* For corrupt packets FIONREAD returns zero size (See rhbz #607297) */
++    if (!ms)
++        goto fail;
++
+     p = avahi_dns_packet_new(ms + AVAHI_DNS_PACKET_EXTRA_SIZE);
+ 
+     io.iov_base = AVAHI_DNS_PACKET_DATA(p);
+@@ -805,6 +809,10 @@ AvahiDnsPacket *avahi_recv_dns_packet_ipv6(
+         goto fail;
+     }
+ 
++    /* For corrupt packets FIONREAD returns zero size (See rhbz #607297) */
++    if (!ms)
++        goto fail;
++
+     p = avahi_dns_packet_new(ms + AVAHI_DNS_PACKET_EXTRA_SIZE);
+ 
+     io.iov_base = AVAHI_DNS_PACKET_DATA(p);
+-- 
+1.6.3.3
+
diff --git a/avahi.spec b/avahi.spec
index b32c5c2..88971e9 100644
--- a/avahi.spec
+++ b/avahi.spec
@@ -6,7 +6,7 @@
 %endif
 Name:           avahi
 Version:        0.6.25
-Release:        6%{?dist}
+Release:        7%{?dist}
 Summary:        Local network service discovery
 Group:          System Environment/Base
 License:        LGPLv2
@@ -40,6 +40,7 @@ Obsoletes:            howl
 Source0:        http://avahi.org/download/%{name}-%{version}.tar.gz
 # enable mono's mcs to work in beehive buildroot:
 Patch2:     avahi-0.6.3-MONO_SHARED_DIR.patch
+Patch3:	    CVE-2010-2244.patch
 
 %description
 Avahi is a system which facilitates service discovery on
@@ -273,6 +274,7 @@ fashion with mDNS.
 %if %{WITH_MONO}
 %patch2 -p1 -b .MONO_SHARED_DIR
 %endif
+%patch3 -p1
 
 # nuke rpath, TODO: double-check if still required on new releases
 autoreconf -i
@@ -577,6 +579,9 @@ fi
 %endif
 
 %changelog
+* Wed Jun 30 2010 Lennart Poettering <lpoetter@redhat.com> - 0.6.25-7
+- Fix CVE-2010-2244, rhbz 607297
+
 * Mon Jan 25 2010 Lennart Poettering <lpoetter@redhat.com> - 0.6.25-6
 - Move avahi-discover from avahi-tools to avahi-ui-tools
 - https://bugzilla.redhat.com/show_bug.cgi?id=513768