SEARCH
NEW RPMS
DIRECTORIES
ABOUT
FAQ
VARIOUS
BLOG

 
 
Changelog for icecast-debuginfo-2.3.3-137.1.x86_64.rpm :
Wed Jun 5 14:00:00 2013 pascal.bleserAATTopensuse.org
- update to 2.3.3:

* security:
+ Improved HTTPS cipher handling and added support for chained certificates.
+ Allow the source password to be undefined. There was a corner case, where
a default password would have taken effect. It would require the admin to
remove the \'source-password\' from the icecast config to take effect. Default
configs ship with the password set, so this vulnerability doesn\'t trigger
there.
+ Prevent error log injection of control characters by substituting
non-alphanumeric characters with a \'.\' (CVE-2011-4612). Injection attempts
can be identified via access.log, as that stores URL encoded requests.
Investigation if further logging code needs to have sanitized output is
ongoing.

* bugfixes:
+ On-demand relaying - Reject listeners while reconnecting. Fix stats for
relays without mount section.
+ Prevent too frequent YP updates.
+ Only allow raw metadata updates from same IP as connected source (unless
user is admin). This addresses broken client software that issues updates
without being connected.
+ Minor memory leaks
+ XSPF file installation
+ Fix case of global listeners count becoming out of sync.
+ Setting an interval of 0 in mount should disable shoutcast metadata inserts.

* authentication:
+ Sources can now be authenticated via URL, like listeners. Post info is
\"action=stream_auth&mount=/stream&ip=IP&server=SERVER&port=8000&user=fred&pass=pass\"
As admin requests can come in for a stream (eg metadata update) these
requests can be issued while stream is active. For these &admin=1 is added to
the POST details.

* XSL update:
+ automatically generate VCLT playlist like we do with M3U, the mountpoint
extension is .vclt
- package updates:

* add systemd service file

* add logrotate configuration

* add Gentoo patches

* set pidfile directive in default config file to make it work with
systemd

* split out HTML documentation into -doc subpackage

Tue Jan 22 13:00:00 2013 jwAATTsuse.com
- nuked %make_install to make SLES11 SP2 happy.

Mon Nov 19 13:00:00 2012 dimstarAATTopensuse.org
- Fix useradd invocation: -o is useless without -u and newer
versions of pwdutils/shadowutils fail on this now.

Mon Mar 5 13:00:00 2012 tiwaiAATTsuse.de
- Fix VUL-1: icecast log injection (CVE-2011-4612, bnc#737255)

Sat Oct 15 14:00:00 2011 cooloAATTsuse.com
- add libtool as buildrequire to make the spec file more reliable

Mon Aug 29 14:00:00 2011 crrodriguezAATTopensuse.org
- Fix build with --no-add-needed
- Enable SSL support.

Wed Jun 18 14:00:00 2008 tiwaiAATTsuse.de
- updated to version 2.3.2:

* Character set support

* Authentication improvements

* Listening socket update

* XSL update

* Updates for stream directory handling.

* Updates for Win32.

* Accept/Ban IP support.

* A Mountpoint is exported to the slaves even if no mount
section is defined for it.

* Relays handle redirection (HTTP 302) if one is received at
startup.

* Automatically generate XSPF playlist like we do with M3U, the
mountpoint extension is .xspf

* Header updates for proxy handling and certain clients like
some shoutcast source clients and flash players.

* Added Kate/Skeleton codecs to Ogg handler.

* Various stats cleanups.

* The streamlist passed from master to slave had a limited
length

* Documentation updates.

* Relay startup/shutdown is cleaner.

* several build cleanups.

* several resource leaks and race conditions fixed

Fri Feb 2 13:00:00 2007 mmarekAATTsuse.cz
- fix build with curl-7.16
- fixed more comparison with string literals by using static char
*
variables instead of #defines to string constans to detect
whether a default or malloced value is used

Tue Dec 19 13:00:00 2006 tiwaiAATTsuse.de
- fix comparison of string literal in cfgfile.c (#226380).

Wed Oct 11 14:00:00 2006 tiwaiAATTsuse.de
- added icecast-2.3.1_runas_icecast_user.patch:
run icecast as \"icecast\" user and group by default
- added init script
- added log/home dir to the fileist
- dont run suse_update_config/autoreconf seems unneeded.
(tested with the buildservice on 10.0->Factory)
- replaced manual configure call with %configure

Wed Jan 25 13:00:00 2006 mlsAATTsuse.de
- converted neededforbuild to BuildRequires

Mon Dec 12 13:00:00 2005 tiwaiAATTsuse.de
- fix the log directory of the sample xml file (#137965).

Fri Dec 2 13:00:00 2005 tiwaiAATTsuse.de
- updated to version 2.3.1.

Sat Oct 15 14:00:00 2005 maxAATTsuse.de
- Enabled support for ogg/speex and ogg/theora streams.

Fri Oct 7 14:00:00 2005 starkAATTsuse.de
- update to version 2.3.0

Tue Jun 14 14:00:00 2005 tiwaiAATTsuse.de
- repackaged - initial version: 2.2.0.


  
ICM