oss-sec mailing list archives
Re: RE: [Icecast-dev] Security issue in icecast
From: Jamie Strandboge <jamie () canonical com>
Date: Thu, 15 Dec 2011 13:17:08 -0600
On Thu, 2011-12-15 at 20:31 +0200, Thomas.Rucker () tieto com wrote:
*snip* Sending this to a public mailing list might not have been the smartest idea.
I considered this a low impact vulnerability and therefore followed the procedures for reporting to oss-security. Additionally, I looked for a security contact at http://www.icecast.org/contact.php but could not find one, so I sent to the list since it said this was a valid way to submit bugs. If the issue were more severe, I would have followed a different procedure. I apologize for the inconvenience.
We're already aware of Moritz's finding and are working on a fix. Expect icecast release 2.3.3 soon.
Glad to hear. Thanks! -- Jamie Strandboge | http://www.canonical.com
Attachment:
signature.asc
Description: This is a digitally signed message part
Current thread:
- Security issue in icecast Jamie Strandboge (Dec 15)
- RE: [Icecast-dev] Security issue in icecast Thomas.Rucker (Dec 15)
- Re: RE: [Icecast-dev] Security issue in icecast Jamie Strandboge (Dec 15)
- Re: Security issue in icecast Kurt Seifried (Dec 15)
- RE: [Icecast-dev] Security issue in icecast Thomas.Rucker (Dec 15)