hello, maybe an outdated question: there was a message on the securityfocus mailing list (bugtraq) today (and several month before) about a remote buffer overflow in icecast v1.3.10 (which seems to be a package in debian). does this affect 1.3.11 too or is the version at http://www.icecast.org/download.html fixed? thanks, uno <p>--- >8 ---- List archives: http://www.xiph.org/archives/ icecast project homepage: http://www.icecast.org/ To unsubscribe from this list, send a message to 'icecast-request@xiph.org' containing only the word 'unsubscribe' in the body. No subject is needed. Unsubscribe messages sent to the list will be ignored/filtered.
Jack Moffitt:> > securityfocus mailing list (bugtraq) today (and several month before) > > about a remote buffer overflow in icecast v1.3.10 (which seems to be a > > Point me to a url at bugtraq where I can read a description of the > problem.i've the today's email only in the web archive, here's a copy. don't know if it's old news... u. <p>-----BEGIN PGP SIGNED MESSAGE----- - ------------------------------------------------------------------------ Debian Security Advisory DSA-089-2 security@debian.org http://www.debian.org/security/ Wichert Akkerman January 21, 2002 - ------------------------------------------------------------------------ <p>Package : icecast-server Problem type : remote exploit (and others) Debian-specific: no In Debian Security Advisory DSA-089-1 we reported that icecast-server has several security problems. For details please see that advisory. The i386 package mention in the DSA-089-1 advisory was incorrectly compiled and will not run on Debian GNU/Linux potato machines. This has been corrected in version 1.3.10-1.1. <p>wget url will fetch the file for you dpkg -i file.deb will install the referenced file. <p>Debian GNU/Linux 2.2 alias potato - --------------------------------- Potato was released for alpha, arm, i386, m68k, powerpc and sparc. This advisory only updates the i386 package. Intel IA-32 architecture: http://security.debian.org/dists/stable/updates/main/binary-i386/icecast-server_1.3.10-1.1_i386.deb MD5 checksum: 6777c4acf5c95daf691597ed5b9ee502 This package will be moved into the stable distribution on its next revision. For not yet released architectures please refer to the appropriate directory ftp://ftp.debian.org/debian/dists/sid/binary-$arch/ . <p><p><p><p>--- >8 ---- List archives: http://www.xiph.org/archives/ icecast project homepage: http://www.icecast.org/ To unsubscribe from this list, send a message to 'icecast-request@xiph.org' containing only the word 'unsubscribe' in the body. No subject is needed. Unsubscribe messages sent to the list will be ignored/filtered.
I've got the same problem, please kick me too my email is mod77@gmx.net Jan Phr33k 22.01.2002:>HiGuys >I have been trying to unsubscribe from this list for 2 weeks nw - at >least >20 requests using the right email addy etc - please, remove me from >the >list, I realise this is not suppsed to be the place to ask BUT >nothing else >has worked. >phr33k@i4free.co.nz is the emal addy. >Zac<p>--- >8 ---- List archives: http://www.xiph.org/archives/ icecast project homepage: http://www.icecast.org/ To unsubscribe from this list, send a message to 'icecast-request@xiph.org' containing only the word 'unsubscribe' in the body. No subject is needed. Unsubscribe messages sent to the list will be ignored/filtered.
> maybe an outdated question: there was a message on the > securityfocus mailing list (bugtraq) today (and several month before) > about a remote buffer overflow in icecast v1.3.10 (which seems to be a > package in debian). > does this affect 1.3.11 too or is the version at > http://www.icecast.org/download.html fixed?Point me to a url at bugtraq where I can read a description of the problem. 1.3.10 and 1.3.11 had numerous security fixes, so I'd hope it has already been fixed. jack. --- >8 ---- List archives: http://www.xiph.org/archives/ icecast project homepage: http://www.icecast.org/ To unsubscribe from this list, send a message to 'icecast-request@xiph.org' containing only the word 'unsubscribe' in the body. No subject is needed. Unsubscribe messages sent to the list will be ignored/filtered.
HiGuys I have been trying to unsubscribe from this list for 2 weeks nw - at least 20 requests using the right email addy etc - please, remove me from the list, I realise this is not suppsed to be the place to ask BUT nothing else has worked. phr33k@i4free.co.nz is the emal addy. Zac <p>----- Original Message ----- From: "udo noll" <un@aporee.org> To: <icecast@xiph.org> Sent: Tuesday, January 22, 2002 10:05 AM Subject: [icecast] icecast security <p>>> hello, > maybe an outdated question: there was a message on the > securityfocus mailing list (bugtraq) today (and several month before) > about a remote buffer overflow in icecast v1.3.10 (which seems to be a > package in debian). > does this affect 1.3.11 too or is the version at > http://www.icecast.org/download.html fixed? > thanks, uno > > > --- >8 ---- > List archives: http://www.xiph.org/archives/ > icecast project homepage: http://www.icecast.org/ > To unsubscribe from this list, send a message to'icecast-request@xiph.org'> containing only the word 'unsubscribe' in the body. No subject is needed. > Unsubscribe messages sent to the list will be ignored/filtered. ><p><p>--- >8 ---- List archives: http://www.xiph.org/archives/ icecast project homepage: http://www.icecast.org/ To unsubscribe from this list, send a message to 'icecast-request@xiph.org' containing only the word 'unsubscribe' in the body. No subject is needed. Unsubscribe messages sent to the list will be ignored/filtered.