Your message dated Mon, 23 Jul 2012 08:47:11 +0000 with message-id <e1steij-0008jy...@franck.debian.org> and subject line Bug#652663: fixed in icecast2 2.3.3-1 has caused the Debian Bug report #652663, regarding CVE-2011-4612 to be marked as done.
This means that you claim that the problem has been dealt with. If this is not the case it is now your responsibility to reopen the Bug report if necessary, and/or fix the problem forthwith. (NB: If you are a system administrator and have no idea what this message is talking about, this may indicate a serious mail system misconfiguration somewhere. Please contact ow...@bugs.debian.org immediately.) -- 652663: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=652663 Debian Bug Tracking System Contact ow...@bugs.debian.org with problems
--- Begin Message ---Package: icecast2 Severity: important Tags: security Hi, a minor vulnerability has been discovered in Icecast. Please see https://bugs.launchpad.net/ubuntu/+source/icecast2/+bug/894782 for details. This is CVE-2011-4612, please mention it in the changelog. This doesn't warrant a DSA. You can however fix it through a point update: http://www.debian.org/doc/manuals/developers-reference/pkgs.html#upload-stable Cheers, Moritz -- System Information: Debian Release: wheezy/sid APT prefers unstable APT policy: (500, 'unstable') Architecture: amd64 (x86_64) Kernel: Linux 3.1.0-1-amd64 (SMP w/2 CPU cores) Locale: LANG=de_DE.UTF-8, LC_CTYPE=de_DE.UTF-8 (charmap=UTF-8) Shell: /bin/sh linked to /bin/dash
--- End Message ---
--- Begin Message ---Source: icecast2 Source-Version: 2.3.3-1 We believe that the bug you reported is fixed in the latest version of icecast2, which is due to be installed in the Debian FTP archive. A summary of the changes between this version and the previous one is attached. Thank you for reporting the bug, which will now be closed. If you have further comments please address them to 652...@bugs.debian.org, and the maintainer will reopen the bug report if appropriate. Debian distribution maintenance software pp. Jonas Smedegaard <d...@jones.dk> (supplier of updated icecast2 package) (This message was generated automatically at their request; if you believe that there is a problem with it please contact the archive administrators by mailing ftpmas...@debian.org) -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 Format: 1.8 Date: Mon, 23 Jul 2012 10:31:34 +0200 Source: icecast2 Binary: icecast2 Architecture: source amd64 Version: 2.3.3-1 Distribution: unstable Urgency: low Maintainer: Debian Multimedia Maintainers <pkg-multimedia-maintainers@lists.alioth.debian.org> Changed-By: Jonas Smedegaard <d...@jones.dk> Description: icecast2 - streaming media server Closes: 652050 652663 Changes: icecast2 (2.3.3-1) unstable; urgency=low . [ upstream ] * New upstream bugfix release. + Allow the source password to be undefined. This is to avoid falling back to a default password which would be a security problem. Fixing #1846 + Applied justdave's patches, fixing #1717 and #1718. HTTPS now with better security and support for chained certificates. + trunk/icecast/conf/icecast_minimal.xml.in: Updated <alias> to use destination="" not dest="". The old dest="" attribute is still supported. + Added 'admin' and 'location' to default config, thus fixing #1839. + Added VCLT playlist support. Closes: bug#652663, which fixes CVE-2011-4612. . [ Jonas Smedegaard ] * Setup git-import-orig to filter out debian subdir. * Drop patches 1002 and 1003, applied upstream. * Unfuzz patch 1001. * Avoid locally shipped CDBS snippets (but keep them included with source to minimize diff for freeze-exception inspection). * Add Brazilian Portuguese (pt_BR) localization. Closes: bug#652050. Thanks to Adriano Rafael Gomes. * Setup git-buildpackage to use wheezy branch. Checksums-Sha1: 71a92164876b2c5b6294d316806767ac1ea8d2c2 2225 icecast2_2.3.3-1.dsc 61cf1bd5b4ed491aad488dc6cf1ca2d8eb657363 1161774 icecast2_2.3.3.orig.tar.gz b2df5769f323083c7a1f2d6bc480b0fdd5a2fbe3 32502 icecast2_2.3.3-1.debian.tar.gz 30097d9cf2f8e33af982b71c64be0cce7f5f7a77 328220 icecast2_2.3.3-1_amd64.deb Checksums-Sha256: 218d5495ca3f9df4674d27649c19df950d4e182f76a638a7d277ea947cddae99 2225 icecast2_2.3.3-1.dsc 1b1d06f5f83c9a983cd28cc78aa90e4038f933511b3d20d7fd2cfc116645c36d 1161774 icecast2_2.3.3.orig.tar.gz a49d3cf207c19f2385d979ba5c2fa912413727ac6c75bad54c059f0c2893d4f9 32502 icecast2_2.3.3-1.debian.tar.gz d4aa362c17c9744bd21ca5c16436d698bf6d19a230e92780951b6f8a0f636a9a 328220 icecast2_2.3.3-1_amd64.deb Files: cfb01fef13e4c9f9bde5029fa06aedf4 2225 sound optional icecast2_2.3.3-1.dsc 2b5d1b40778922e5f6431b7758c359ad 1161774 sound optional icecast2_2.3.3.orig.tar.gz 11c159523ab53ac086ee5e6c6fc1f1c3 32502 sound optional icecast2_2.3.3-1.debian.tar.gz 0e0ccdedf0ecf1b8b6a3c76016ed186f 328220 sound optional icecast2_2.3.3-1_amd64.deb -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.12 (GNU/Linux) iQIcBAEBCgAGBQJQDQ4UAAoJECx8MUbBoAEhvuQQAKdhYqrVKaWhyOkNaRWu4gyU 2TdS7NB4gmjWuXb8WjD+b+I/Yd8dyWEXbXP+09zfsCAfj2EqrgxFdE8fAv6P+DEq KeuZLNp/UZZwiY4PRGg5AsGsQsabrT9dfe2GATGkKlJa9MNaly4L0iM2Rw4uOi36 pb25FrXMAIorE0zMDuZQqHUJznQ5PVEdAZNmQ2rJZU+yr7VfCrLNcROGl/yeMXS7 cF5cLJnTTbgElsEmoVhn/vhbieZLB1uEst/2CTGZsadA7rEpVFTp3v2gVd3GSVIu gFTtVv6CG3Plu8OS8cmoWwG71ZWC4YJqBkrCXAFD6D/2rMQLAFqWA3Bl348exVIC ixeXs+KUYHg1za2SxYdq7MdGk5TCxtulWqnYzbE6qK+jsH0nDB/Gn7exoKPSgvSZ 14OMEm6uv8CNmWtjayiZYlFhH529meCrUaPe1rKVqMEjDG9Xn6lwY3FtCJhWa5Bg 3LBqV978sB913dZ0Ed7BRswPdrFo8C3vodAtW3kpRPSHS255zXs5ez/wgWonyKcO geTHJuDhk9CXanfrPmIQsW7oswMU+5vSn6f3O1mEaM0i9oeQIlkuUWjAs+7hljaK WQRyeVHjvsAepqqDxupMADiFkc/pbLu4ROYocZGE0Kh/lhtGpyR8xt8Lh7PHDUFx 0OgDujL080/GYexbVCDZ =jgro -----END PGP SIGNATURE-----
--- End Message ---
_______________________________________________ pkg-multimedia-maintainers mailing list pkg-multimedia-maintainers@lists.alioth.debian.org http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/pkg-multimedia-maintainers
