On Mon, Apr 27, 2015 at 07:08:41PM -0400, Unit 193 wrote: > -----BEGIN PGP SIGNED MESSAGE----- > Hash: SHA1 > > Howdy,
Hi, > Please review and sponsor Icecast2 2.4.2 and Ices2 2.0.2 into unstable. > Both have several bug fixes, and Icecast2 has security fixes as well as a > fix to correctly set passwords prompted for in debconf. > > Icecast2: ssh://anonscm.debian.org/git/pkg-multimedia/icecast2.git > Ices2: ssh://anonscm.debian.org/git/pkg-multimedia/ices2.git > > Changelog for Icecast2: > > * Imported Upstream version 2.4.2 (Closes: #779968) > - Set PATH_MAX to 4096 if not defined (Closes: #767542) > - Fix crash with stream_auth (Closes: #782120, fixes: CVE-2015-3026) Would it be possible for you to prepare an upload for jessie-security fixing this as well? The patch fixing the vulnerability is [0]. If you decide to do this please have a look at [1] and once you are done send a debdiff to [email protected]. I'll have a look at the icecast2 update later, if no one beats me to it. Cheers [0] https://trac.xiph.org/changeset/27abfbbd688df3e3077b535997330aa06603250f/icecast-server [1] https://www.debian.org/doc/manuals/developers-reference/pkgs.html#bug-security-building
signature.asc
Description: Digital signature
_______________________________________________ pkg-multimedia-maintainers mailing list [email protected] http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/pkg-multimedia-maintainers
