Icecast2 2.4.2 and Ices2 2.0.2 for Debian unstable
Alessandro Ghedini
ghedo at debian.org
Tue Apr 28 10:06:15 UTC 2015
On Mon, Apr 27, 2015 at 07:08:41PM -0400, Unit 193 wrote:
> -----BEGIN PGP SIGNED MESSAGE-----
> Hash: SHA1
>
> Howdy,
Hi,
> Please review and sponsor Icecast2 2.4.2 and Ices2 2.0.2 into unstable.
> Both have several bug fixes, and Icecast2 has security fixes as well as a
> fix to correctly set passwords prompted for in debconf.
>
> Icecast2: ssh://anonscm.debian.org/git/pkg-multimedia/icecast2.git
> Ices2: ssh://anonscm.debian.org/git/pkg-multimedia/ices2.git
>
> Changelog for Icecast2:
>
> * Imported Upstream version 2.4.2 (Closes: #779968)
> - Set PATH_MAX to 4096 if not defined (Closes: #767542)
> - Fix crash with stream_auth (Closes: #782120, fixes: CVE-2015-3026)
Would it be possible for you to prepare an upload for jessie-security fixing
this as well? The patch fixing the vulnerability is [0]. If you decide to do
this please have a look at [1] and once you are done send a debdiff to
team at security.debian.org.
I'll have a look at the icecast2 update later, if no one beats me to it.
Cheers
[0] https://trac.xiph.org/changeset/27abfbbd688df3e3077b535997330aa06603250f/icecast-server
[1] https://www.debian.org/doc/manuals/developers-reference/pkgs.html#bug-security-building
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 819 bytes
Desc: Digital signature
URL: <http://lists.alioth.debian.org/pipermail/pkg-multimedia-maintainers/attachments/20150428/591cb164/attachment.sig>
More information about the pkg-multimedia-maintainers
mailing list