Good morning,
It was reported that Icecast could possibly leak the contents of
on-connect scripts to clients, which may contain sensitive information.
This issue has been fixed in the 2.4.1 release:
http://icecast.org/news/icecast-release-2_4_1/
"Fix on-connect and on-disconnect script STDIN/STDOUT/STDERR corruption
due to shared file descriptors."
References:
https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=770222
https://trac.xiph.org/ticket/2089
Cheers,
--
Murray McAllister / Red Hat Product Security
https://bugzilla.redhat.com/show_bug.cgi?id=1165880
--
To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
