-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 Package : icecast2 Version : 2.4.0-1.1+deb8u2 CVE ID : CVE-2018-18820 Debian Bug : 912611
A buffer overflow was discovered in the URL-authentication backend of the icecast2, the popular open source streaming media server. If the backend is enabled, then any malicious HTTP client can send a request for specific resource including a crafted header which can overwrite the server's stack contents, leading to denial of service and potentially remote code execution. For Debian 8 "Jessie", this problem has been fixed in version 2.4.0-1.1+deb8u2. We recommend that you upgrade your icecast2 packages. Further information about Debian LTS security advisories, how to apply these updates to your system and frequently asked questions can be found at: https://wiki.debian.org/LTS -----BEGIN PGP SIGNATURE----- iQIzBAEBCgAdFiEE7xPqJqaY/zX9fJAuhj1N8u2cKO8FAlv7+wMACgkQhj1N8u2c KO+eiw//QXEeGDc6vBF1MvdS18nb4obl0mvBTvw1wsEVO6feRfHoKgwe/gbis04I djUt9d6+LJQHCsRM/LceQ8aZqAYReKh8HvQTtS1N1R8OUCwM3fsVMZPM5zH0yUx3 gPP46Lp2AWld+N4MDttfYgMD5Jb1BxZCLgnRy8Im7SgQy9J8D6FeDkkYhosGaddc PthldI02Zt7bvn/P3JtLjtQq6Ebt4BIRh6kzr4w4gR1FQDAtLtvMre7ydDLqH7ab mVTTrhpdCAlIwsxqnBbydcYOkNPiiQyU/P4CxqGOk+0rlSqn811SABJBTa/Ywc9y jc2uRGGT5XZoqb7eHhSDGzAGlrJerr/utQYSu5HzhoKd8GNITxVxsMzHT3XDtbnf Iq1kNj/YI/BNQysAmzDamhQK5E7fcRNDnzD1H7Dqp+2c43JcIdHwpG9oKgx9C92w bPnJQDibenjr/3Gb7BcGznnauii2/tW1zYuKdc2h+jj491d3Po7i1hLb3Z1y3pH7 kXCDnp/z3BRZpO3boFvMCdHZTrlD0RbWwtd/QyjvZ3uuwzGvAASwNuz0g/SMqy/C EywDEbIx6rsWso+xjM+UYTItX1sb6sfFnSjnnrQ1FeBoFWEZbgb5yqmxwuCH17PM 74wwJfdyAFJNx1o3BJgdW1r8UWS+ll1Wt963gJ6T2sI3NBqgNZ0= =K7iP -----END PGP SIGNATURE-----
