Date: Thu, 15 Dec 2011 13:17:08 -0600 From: Jamie Strandboge <jamie@...onical.com> To: icecast-dev@...h.org Cc: security@...itz-naumann.com, security@...ntu.com, oss-security <oss-security@...ts.openwall.com> Subject: Re: RE: [Icecast-dev] Security issue in icecast On Thu, 2011-12-15 at 20:31 +0200, Thomas.Rucker@...to.com wrote: > *snip* > Sending this to a public mailing list might not have been the smartest idea. I considered this a low impact vulnerability and therefore followed the procedures for reporting to oss-security. Additionally, I looked for a security contact at http://www.icecast.org/contact.php but could not find one, so I sent to the list since it said this was a valid way to submit bugs. If the issue were more severe, I would have followed a different procedure. I apologize for the inconvenience. > We're already aware of Moritz's finding and are working on a fix. > > Expect icecast release 2.3.3 soon. Glad to hear. Thanks! -- Jamie Strandboge | http://www.canonical.com Download attachment "signature.asc" of type "application/pgp-signature" (837 bytes)
Powered by blists - more mailing lists
Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.
Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.