|Index||index by Group||index by Distribution||index by Vendor||index by creation date||index by Name||Mirrors||Help||Search|
|Name: icecast||Distribution: openSUSE Leap 15.0|
|Version: 2.4.3||Vendor: openSUSE|
|Release: lp150.1.2||Build date: Wed May 9 01:41:53 2018|
|Group: Productivity/Networking/Web/Servers||Build host: obs-arm-6|
|Size: 504557||Source RPM: icecast-2.4.3-lp150.1.2.src.rpm|
|Summary: Audio Streaming Server|
Icecast is a MP3 and OGG streaming server able to serve many clients with MP3 and OGG audio.
* Sun Dec 17 2017 email@example.com - update to version 2.4.3: * Fixes Windows only vulnerability (CVE-2005-0837), where an attacker could access the raw XSLT template file by appending a dot “.” to the URL. To be clear, no runtime information could be accessed this way. - cleanup spec file with spec-cleaner - fix bad line endings warning in CSS file - rebase icecast-fix-no-add-needed.patch - replace PreReq statements with Requires(pre) * Wed Apr 08 2015 firstname.lastname@example.org - update to version 2.4.2: Fix crash when URL Auth is used with stream_autho without credentials (bnc#926402) * Mon Jan 19 2015 email@example.com - Remove sysvinit support as the package now build only for systems with systemd support - Add a backward rc compatibility symlink to systemd service file - Only require systemd-rpm-macros to build; no need to require entire systemd environment - Clean up specfile * Tue Nov 25 2014 firstname.lastname@example.org - updated to version 2.4.1: * Fixes in logging, <auth> in default mounts, JSON status API * SSL Security improvements: * Handle empty strings in config file better * Require Content-Type header for PUT requests * Fix possible leak of on-connect scripts (CVE-2014-9018,bnc#906538) More details, see http://icecast.org/news/icecast-release-2_4_1/ - Remove obsoleted patch: icecast-2.4.0-produce-valid-json.patch - Change doc subpackage to noarch - Spec file cleanup * Sat Nov 22 2014 email@example.com - Add icecast-mp3-frame-validation.patch: validate mp3 frame. * Fri Nov 14 2014 firstname.lastname@example.org - Add icecast-2.4.0-produce-valid-json.patch: produce valid json status, fix boo#905468. * Sun Nov 09 2014 Led <email@example.com> - fix bashisms in pre script * Tue May 20 2014 firstname.lastname@example.org - Update to version 2.4.0: * Support for WebM video * Support for Opus audio in Ogg * Fixes for some race conditions * Allow (standard strftime(3)) %x codes in <dump-file>. Disabled for win32. * Dropped debian packaging directory as debian use their own. - Disable Gentoo patches because they have no effect on the OBS builds. icecast-2.3.3-libkate.patch (has no effect on automated builds) icecast-2.3.3-fix-xiph_openssl.patch (spec file guarantees openssl exists) - Rebase icecast-fix-no-add-needed.patch for version 2.4.0. * Tue Feb 11 2014 email@example.com - Remove the obsoleted icecast-2.3.2-CVE-2011-4612.diff that leads to invalid access to freed memory (bnc#862096) * Fri Nov 29 2013 firstname.lastname@example.org - remove dependency to syslog.target in icecast.service, as it doesn't exist any more, see bnc#852314 * Wed Jun 05 2013 email@example.com - update to 2.3.3: * security: + Improved HTTPS cipher handling and added support for chained certificates. + Allow the source password to be undefined. There was a corner case, where a default password would have taken effect. It would require the admin to remove the 'source-password' from the icecast config to take effect. Default configs ship with the password set, so this vulnerability doesn't trigger there. + Prevent error log injection of control characters by substituting non-alphanumeric characters with a '.' (CVE-2011-4612). Injection attempts can be identified via access.log, as that stores URL encoded requests. Investigation if further logging code needs to have sanitized output is ongoing. * bugfixes: + On-demand relaying - Reject listeners while reconnecting. Fix stats for relays without mount section. + Prevent too frequent YP updates. + Only allow raw metadata updates from same IP as connected source (unless user is admin). This addresses broken client software that issues updates without being connected. + Minor memory leaks + XSPF file installation + Fix case of global listeners count becoming out of sync. + Setting an interval of 0 in mount should disable shoutcast metadata inserts. * authentication: + Sources can now be authenticated via URL, like listeners. Post info is "action=stream_auth&mount=/stream&ip=IP&server=SERVER&port=8000&user=fred&pass=pass" As admin requests can come in for a stream (eg metadata update) these requests can be issued while stream is active. For these &admin=1 is added to the POST details. * XSL update: + automatically generate VCLT playlist like we do with M3U, the mountpoint extension is .vclt - package updates: * add systemd service file * add logrotate configuration * add Gentoo patches * set pidfile directive in default config file to make it work with systemd * split out HTML documentation into -doc subpackage * Tue Jan 22 2013 firstname.lastname@example.org - nuked %make_install to make SLES11 SP2 happy. * Mon Nov 19 2012 email@example.com - Fix useradd invocation: -o is useless without -u and newer versions of pwdutils/shadowutils fail on this now. * Mon Mar 05 2012 firstname.lastname@example.org - Fix VUL-1: icecast log injection (CVE-2011-4612, bnc#737255) * Sat Oct 15 2011 email@example.com - add libtool as buildrequire to make the spec file more reliable * Mon Aug 29 2011 firstname.lastname@example.org - Fix build with --no-add-needed - Enable SSL support.
/etc/icecast.xml /etc/logrotate.d/icecast /usr/bin/icecast /usr/lib/systemd/system/icecast.service /usr/sbin/rcicecast /usr/share/doc/packages/icecast /usr/share/doc/packages/icecast/AUTHORS /usr/share/doc/packages/icecast/COPYING /usr/share/doc/packages/icecast/ChangeLog /usr/share/doc/packages/icecast/NEWS /usr/share/doc/packages/icecast/README /usr/share/doc/packages/icecast/TODO /usr/share/icecast /usr/share/icecast/admin /usr/share/icecast/admin/listclients.xsl /usr/share/icecast/admin/listmounts.xsl /usr/share/icecast/admin/manageauth.xsl /usr/share/icecast/admin/moveclients.xsl /usr/share/icecast/admin/response.xsl /usr/share/icecast/admin/stats.xsl /usr/share/icecast/admin/updatemetadata.xsl /usr/share/icecast/admin/vclt.xsl /usr/share/icecast/admin/xspf.xsl /usr/share/icecast/web /usr/share/icecast/web/auth.xsl /usr/share/icecast/web/icecast.png /usr/share/icecast/web/key.png /usr/share/icecast/web/server_version.xsl /usr/share/icecast/web/status-json.xsl /usr/share/icecast/web/status.xsl /usr/share/icecast/web/style.css /usr/share/icecast/web/tunein.png /usr/share/icecast/web/xml2json.xslt /var/lib/icecast /var/log/icecast
Generated by rpm2html 1.8.1
Fabrice Bellet, Sat Apr 9 10:47:22 2022