On Tue, Jun 26, 2012 at 06:36:56PM +0300, Rücker Thomas wrote:
> Hi Jonas,
>
> On 13/06/12 02:02, Jonas Smedegaard wrote:
>> Hi Thomas,
>>
>> On 12-06-13 at 12:50am, Rücker Thomas wrote:
>>> Hello, your friendly upstream here.
>>>
>>> We just released Icecast 2.3.3 which addresses this issue.
>>>
>>> Also for the record. It's fairly easy to spot those injection
>>> attempts by looking at the Icecast access log.
>> Great. I am looking into updating the packaging now.
>
> Just wondering how the updated package is going.
> Mainly as I hear there is a freeze coming to debian.
> Would be too bad to miss the window.
CVE-2011-4612 is still unfixed in Wheezy, only in unstable. Please either
ask the release managers to unblock 2.3.3 (unlikely at this time
in the freeze) or upload an isolated fix to testing-proposed-updates.
Cheers,
Moritz
--
To UNSUBSCRIBE, email to [email protected]
with a subject of "unsubscribe". Trouble? Contact [email protected]
