I found a security issue in the peercast server in the
HTTP::getAuthUserPass function. I already contacted the upstream author 6 days
ago and didn't get an answer yet so I am publishing this now.
Created attachment 151859 [details, diff]
Patch proposed by Nico.
sound herd, please bump with the attached patch.
(In reply to comment #2)
> sound herd, please bump with the attached patch.
+*peercast-0.1218-r1 (06 Jul 2008)
+ 06 Jul 2008; Peter Alfredsen <firstname.lastname@example.org>
+ +files/peercast-0.1218-CVE-2008-2040.patch, -peercast-0.1217.ebuild,
+ Security bump for CVE-2008-2040 wrt bug #220281
arches, please test and mark stable media-soud/peercast-0.218-r1, target KEYWORDS" "amd64 x86"
amd64/x86 stable, all arches done.
glsa request filed