SEARCH
NEW RPMS
DIRECTORIES
ABOUT
FAQ
VARIOUS
BLOG

 
 
Changelog for icecast-2.4.4-4.2.x86_64.rpm :

* Thu Feb 22 2024 Dominique Leuenberger - Use %autosetup macro. Allows to eliminate the usage of deprecated %patchN
* Thu Feb 08 2024 Dominique Leuenberger - Provide user/group symbol for user created during pre.
* Wed Sep 22 2021 Johannes Segitz - Added hardening to systemd service(s) (bsc#1181400). Modified:
* icecast.service
* Fri Nov 02 2018 tiwaiAATTsuse.de- update to version 2.4.4:
* Fix buffer overflows in URL auth code (CVE-2018-18820, bsc#1114434)
* Worked around buffer overflows in URL auth’s cURL interface
* Do not report hashed user passworts in user list
* Fixed segfault in htpasswd auth if no filename is set
* Fixed a segfault when xsltApplyStylesheet() returns error
* Do not segfault on malformed Opus streams
* Global listener count could be negative under certain circumstances
* Added code to announce Opus streams as such towards yp servers
* Sun Dec 17 2017 avindraAATTopensuse.org- update to version 2.4.3:
* Fixes Windows only vulnerability (CVE-2005-0837), where an attacker could access the raw XSLT template file by appending a dot “.” to the URL. To be clear, no runtime information could be accessed this way.- cleanup spec file with spec-cleaner- fix bad line endings warning in CSS file- rebase icecast-fix-no-add-needed.patch- replace PreReq statements with Requires(pre)
* Wed Apr 08 2015 tiwaiAATTsuse.de- update to version 2.4.2: Fix crash when URL Auth is used with stream_autho without credentials (bnc#926402)
* Mon Jan 19 2015 p.drouandAATTgmail.com- Remove sysvinit support as the package now build only for systems with systemd support- Add a backward rc compatibility symlink to systemd service file- Only require systemd-rpm-macros to build; no need to require entire systemd environment- Clean up specfile
* Tue Nov 25 2014 tiwaiAATTsuse.de- updated to version 2.4.1:
* Fixes in logging, in default mounts, JSON status API
* SSL Security improvements:
* Handle empty strings in config file better
* Require Content-Type header for PUT requests
* Fix possible leak of on-connect scripts (CVE-2014-9018,bnc#906538) More details, see http://icecast.org/news/icecast-release-2_4_1/- Remove obsoleted patch: icecast-2.4.0-produce-valid-json.patch- Change doc subpackage to noarch- Spec file cleanup
* Sat Nov 22 2014 fisiuAATTopensuse.org- Add icecast-mp3-frame-validation.patch: validate mp3 frame.
* Fri Nov 14 2014 fisiuAATTopensuse.org- Add icecast-2.4.0-produce-valid-json.patch: produce valid json status, fix boo#905468.
  
ICM