SEARCH
NEW RPMS
DIRECTORIES
ABOUT
FAQ
VARIOUS
BLOG

 
 
Changelog for icecast-2.4.2-9.1.x86_64.rpm :
Fri Nov 2 13:00:00 2018 tiwaiAATTsuse.de
- Fix buffer overflow in url-auth (CVE-2018-18820, bsc#1114434):
icecast-CVE-2018-18820-1.patch
icecast-CVE-2018-18820-2.patch

Wed Apr 8 14:00:00 2015 tiwaiAATTsuse.de
- update to version 2.4.2:
Fix crash when URL Auth is used with stream_autho without
credentials (bnc#926402)

Mon Jan 19 13:00:00 2015 p.drouandAATTgmail.com
- Remove sysvinit support as the package now build only for systems
with systemd support
- Add a backward rc compatibility symlink to systemd service file
- Only require systemd-rpm-macros to build; no need to require
entire systemd environment
- Clean up specfile

Tue Nov 25 13:00:00 2014 tiwaiAATTsuse.de
- updated to version 2.4.1:

* Fixes in logging, in default mounts, JSON status API

* SSL Security improvements:

* Handle empty strings in config file better

* Require Content-Type header for PUT requests

* Fix possible leak of on-connect scripts (CVE-2014-9018,bnc#906538)
More details, see http://icecast.org/news/icecast-release-2_4_1/
- Remove obsoleted patch:
icecast-2.4.0-produce-valid-json.patch
- Change doc subpackage to noarch
- Spec file cleanup

Sat Nov 22 13:00:00 2014 fisiuAATTopensuse.org
- Add icecast-mp3-frame-validation.patch: validate mp3 frame.

Fri Nov 14 13:00:00 2014 fisiuAATTopensuse.org
- Add icecast-2.4.0-produce-valid-json.patch: produce valid json status,
fix boo#905468.

Sun Nov 9 13:00:00 2014 Led
- fix bashisms in pre script

Tue May 20 14:00:00 2014 mailAATTdavykager.nl
- Update to version 2.4.0:

* Support for WebM video

* Support for Opus audio in Ogg

* Fixes for some race conditions

* Allow (standard strftime(3)) %x codes in . Disabled for win32.

* Dropped debian packaging directory as debian use their own.
- Disable Gentoo patches because they have no effect on the OBS builds.
icecast-2.3.3-libkate.patch (has no effect on automated builds)
icecast-2.3.3-fix-xiph_openssl.patch (spec file guarantees openssl exists)
- Rebase icecast-fix-no-add-needed.patch for version 2.4.0.

Tue Feb 11 13:00:00 2014 tiwaiAATTsuse.de
- Remove the obsoleted icecast-2.3.2-CVE-2011-4612.diff that leads
to invalid access to freed memory (bnc#862096)

Fri Nov 29 13:00:00 2013 pascal.bleserAATTopensuse.org
- remove dependency to syslog.target in icecast.service, as it doesn\'t exist
any more, see bnc#852314

Wed Jun 5 14:00:00 2013 pascal.bleserAATTopensuse.org
- update to 2.3.3:

* security:
+ Improved HTTPS cipher handling and added support for chained certificates.
+ Allow the source password to be undefined. There was a corner case, where
a default password would have taken effect. It would require the admin to
remove the \'source-password\' from the icecast config to take effect. Default
configs ship with the password set, so this vulnerability doesn\'t trigger
there.
+ Prevent error log injection of control characters by substituting
non-alphanumeric characters with a \'.\' (CVE-2011-4612). Injection attempts
can be identified via access.log, as that stores URL encoded requests.
Investigation if further logging code needs to have sanitized output is
ongoing.

* bugfixes:
+ On-demand relaying - Reject listeners while reconnecting. Fix stats for
relays without mount section.
+ Prevent too frequent YP updates.
+ Only allow raw metadata updates from same IP as connected source (unless
user is admin). This addresses broken client software that issues updates
without being connected.
+ Minor memory leaks
+ XSPF file installation
+ Fix case of global listeners count becoming out of sync.
+ Setting an interval of 0 in mount should disable shoutcast metadata inserts.

* authentication:
+ Sources can now be authenticated via URL, like listeners. Post info is
\"action=stream_auth&mount=/stream&ip=IP&server=SERVER&port=8000&user=fred&pass=pass\"
As admin requests can come in for a stream (eg metadata update) these
requests can be issued while stream is active. For these &admin=1 is added to
the POST details.

* XSL update:
+ automatically generate VCLT playlist like we do with M3U, the mountpoint
extension is .vclt
- package updates:

* add systemd service file

* add logrotate configuration

* add Gentoo patches

* set pidfile directive in default config file to make it work with
systemd

* split out HTML documentation into -doc subpackage

Tue Jan 22 13:00:00 2013 jwAATTsuse.com
- nuked %make_install to make SLES11 SP2 happy.

Mon Nov 19 13:00:00 2012 dimstarAATTopensuse.org
- Fix useradd invocation: -o is useless without -u and newer
versions of pwdutils/shadowutils fail on this now.

Mon Mar 5 13:00:00 2012 tiwaiAATTsuse.de
- Fix VUL-1: icecast log injection (CVE-2011-4612, bnc#737255)

Sat Oct 15 14:00:00 2011 cooloAATTsuse.com
- add libtool as buildrequire to make the spec file more reliable

Mon Aug 29 14:00:00 2011 crrodriguezAATTopensuse.org
- Fix build with --no-add-needed
- Enable SSL support.


  
ICM