Actually, Ubuntu 13.04 has the fix as part of 2.3.3-1ubuntu1:
icecast2 (2.3.3-1ubuntu1) raring; urgency=low
* Merge from debian unstable, remaining changes:
- 1004_fix_xmlCleanupParser_splatter.patch: Make sure that
xmlCleanupParser() is only called once: on exit. Doing otherwise
potentially results in Bad Things (e.g., crashes that point
incorrectly to PulseAudio).
-- Lorenzo De Liso <[email protected]> Tue, 04 Dec 2012 16:08:48 +0100
icecast2 (2.3.3-1) unstable; urgency=low
[ upstream ]
* New upstream bugfix release.
+ Allow the source password to be undefined. This is to avoid
falling back to a default password which would be a security
problem. Fixing #1846
+ Applied justdave's patches, fixing #1717 and #1718. HTTPS now with
better security and support for chained certificates.
+ trunk/icecast/conf/icecast_minimal.xml.in: Updated <alias> to use
destination="" not dest="". The old dest="" attribute is still
supported.
+ Added 'admin' and 'location' to default config, thus fixing #1839.
+ Added VCLT playlist support.
Closes: bug#652663, which fixes CVE-2011-4612.
** Changed in: icecast2 (Ubuntu)
Status: Invalid => Fix Released
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/894782
Title:
Newline injection in error.log
To manage notifications about this bug go to:
https://bugs.launchpad.net/icecast/+bug/894782/+subscriptions
--
ubuntu-bugs mailing list
[email protected]
https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
