Bug#652663: CVE-2011-4612
Moritz Muehlenhoff
jmm at inutil.org
Thu Sep 6 16:05:26 UTC 2012
On Tue, Jun 26, 2012 at 06:36:56PM +0300, Rücker Thomas wrote:
> Hi Jonas,
>
> On 13/06/12 02:02, Jonas Smedegaard wrote:
>> Hi Thomas,
>>
>> On 12-06-13 at 12:50am, Rücker Thomas wrote:
>>> Hello, your friendly upstream here.
>>>
>>> We just released Icecast 2.3.3 which addresses this issue.
>>>
>>> Also for the record. It's fairly easy to spot those injection
>>> attempts by looking at the Icecast access log.
>> Great. I am looking into updating the packaging now.
>
> Just wondering how the updated package is going.
> Mainly as I hear there is a freeze coming to debian.
> Would be too bad to miss the window.
CVE-2011-4612 is still unfixed in Wheezy, only in unstable. Please either
ask the release managers to unblock 2.3.3 (unlikely at this time
in the freeze) or upload an isolated fix to testing-proposed-updates.
Cheers,
Moritz
More information about the pkg-multimedia-maintainers
mailing list