[icecast] Fwd: Icecast temp patch (OR: Patches? We DO need stinkin' patches!!@$!)

Alfredo E. Cotroneo alfredo at nexus.org
Thu Apr 4 05:52:36 PST 2002

Hi There,

re. the recently reported buffer overflow in icecast, is there any 
"official" security patch against 1.3.11 ? I am reluctant to take any 
un-official patch like this one ;-)

There is nothing on www.icecast.org/releases, maybe it's somewhere else ?



<p><p>>Mailing-List: contact bugtraq-help at securityfocus.com; run by ezmlm
>List-Id: <bugtraq.list-id.securityfocus.com>
>List-Post: <mailto:bugtraq at securityfocus.com>
>List-Help: <mailto:bugtraq-help at securityfocus.com>
>List-Unsubscribe: <mailto:bugtraq-unsubscribe at securityfocus.com>
>List-Subscribe: <mailto:bugtraq-subscribe at securityfocus.com>
>Delivered-To: mailing list bugtraq at securityfocus.com
>Delivered-To: moderator for bugtraq at securityfocus.com
>From: Neeko Oni <neeko at haackey.com>
>Subject: Icecast temp patch (OR: Patches?  We DO need stinkin' patches!!@$!)
>To: bugtraq at securityfocus.com
>Date: Wed, 3 Apr 2002 12:42:03 -0800 (PST)
>This addresses the client_login() Icecast issue:
>For those who have a burning need to 'patch < patch', or just don't
>want to type three lines into client.c, I've attached a small
>patch to client.c (Icecast 1.3.11).
>Simplicity is thy name.
>(More specific:  It's the suggested patch in the icx.c exploit, with
>  an added logging flag.)
>Thanks to Diz for making this public.
>.Neeko Oni

-------------- next part --------------

<p>--- >8 ----
List archives:  http://www.xiph.org/archives/
icecast project homepage: http://www.icecast.org/
To unsubscribe from this list, send a message to 'icecast-request at xiph.org'
containing only the word 'unsubscribe' in the body.  No subject is needed.
Unsubscribe messages sent to the list will be ignored/filtered.

More information about the Icecast mailing list