Index index by Group index by Distribution index by Vendor index by creation date index by Name Mirrors Help Search

icecast-2.4.3-lp150.1.2 RPM for armv7hl

From OpenSuSE Ports Leap 15.0 for armv7hl

Name: icecast Distribution: openSUSE Leap 15.0
Version: 2.4.3 Vendor: openSUSE
Release: lp150.1.2 Build date: Wed May 9 01:41:53 2018
Group: Productivity/Networking/Web/Servers Build host: obs-arm-6
Size: 504557 Source RPM: icecast-2.4.3-lp150.1.2.src.rpm
Summary: Audio Streaming Server
Icecast is a MP3 and OGG streaming server able to serve many clients
with MP3 and OGG audio.






* Sun Dec 17 2017
  - update to version 2.4.3:
    * Fixes Windows only vulnerability (CVE-2005-0837), where an
      attacker could access the raw XSLT template file by appending a
      dot “.” to the URL. To be clear, no runtime information could be
      accessed this way.
  - cleanup spec file with spec-cleaner
  - fix bad line endings warning in CSS file
  - rebase icecast-fix-no-add-needed.patch
  - replace PreReq statements with Requires(pre)
* Wed Apr 08 2015
  - update to version 2.4.2:
    Fix crash when URL Auth is used with stream_autho without
    credentials (bnc#926402)
* Mon Jan 19 2015
  - Remove sysvinit support as the package now build only for systems
    with systemd support
  - Add a backward rc compatibility symlink to systemd service file
  - Only require systemd-rpm-macros to build; no need to require
    entire systemd environment
  - Clean up specfile
* Tue Nov 25 2014
  - updated to version 2.4.1:
    * Fixes in logging, <auth> in default mounts, JSON status API
    * SSL Security improvements:
    * Handle empty strings in config file better
    * Require Content-Type header for PUT requests
    * Fix possible leak of on-connect scripts (CVE-2014-9018,bnc#906538)
    More details, see
  - Remove obsoleted patch:
  - Change doc subpackage to noarch
  - Spec file cleanup
* Sat Nov 22 2014
  - Add icecast-mp3-frame-validation.patch: validate mp3 frame.
* Fri Nov 14 2014
  - Add icecast-2.4.0-produce-valid-json.patch: produce valid json status,
    fix boo#905468.
* Sun Nov 09 2014 Led <>
  - fix bashisms in pre script
* Tue May 20 2014
  - Update to version 2.4.0:
    * Support for WebM video
    * Support for Opus audio in Ogg
    * Fixes for some race conditions
    * Allow (standard strftime(3)) %x codes in <dump-file>. Disabled for win32.
    * Dropped debian packaging directory as debian use their own.
  - Disable Gentoo patches because they have no effect on the OBS builds.
    icecast-2.3.3-libkate.patch (has no effect on automated builds)
    icecast-2.3.3-fix-xiph_openssl.patch (spec file guarantees openssl exists)
  - Rebase icecast-fix-no-add-needed.patch for version 2.4.0.
* Tue Feb 11 2014
  - Remove the obsoleted icecast-2.3.2-CVE-2011-4612.diff that leads
    to invalid access to freed memory (bnc#862096)
* Fri Nov 29 2013
  - remove dependency to in icecast.service, as it doesn't exist
    any more, see bnc#852314
* Wed Jun 05 2013
  - update to 2.3.3:
    * security:
      + Improved HTTPS cipher handling and added support for chained certificates.
      + Allow the source password to be undefined. There was a corner case, where
      a default password would have taken effect. It would require the admin to
      remove the 'source-password' from the icecast config to take effect. Default
      configs ship with the password set, so this vulnerability doesn't trigger
      + Prevent error log injection of control characters by substituting
      non-alphanumeric characters with a '.' (CVE-2011-4612). Injection attempts
      can be identified via access.log, as that stores URL encoded requests.
      Investigation if further logging code needs to have sanitized output is
    * bugfixes:
      + On-demand relaying - Reject listeners while reconnecting. Fix stats for
      relays without mount section.
      + Prevent too frequent YP updates.
      + Only allow raw metadata updates from same IP as connected source (unless
      user is admin). This addresses broken client software that issues updates
      without being connected.
      + Minor memory leaks
      + XSPF file installation
      + Fix case of global listeners count becoming out of sync.
      + Setting an interval of 0 in mount should disable shoutcast metadata inserts.
    * authentication:
      + Sources can now be authenticated via URL, like listeners. Post info is
      As admin requests can come in for a stream (eg metadata update) these
      requests can be issued while stream is active. For these &admin=1 is added to
      the POST details.
    * XSL update:
      + automatically generate VCLT playlist like we do with M3U, the mountpoint
      extension is .vclt
  - package updates:
    * add systemd service file
    * add logrotate configuration
    * add Gentoo patches
    * set pidfile directive in default config file to make it work with
    * split out HTML documentation into -doc subpackage
* Tue Jan 22 2013
  - nuked %make_install to make SLES11 SP2 happy.
* Mon Nov 19 2012
  - Fix useradd invocation: -o is useless without -u and newer
    versions of pwdutils/shadowutils fail on this now.
* Mon Mar 05 2012
  - Fix VUL-1: icecast log injection (CVE-2011-4612, bnc#737255)
* Sat Oct 15 2011
  - add libtool as buildrequire to make the spec file more reliable
* Mon Aug 29 2011
  - Fix build with --no-add-needed
  - Enable SSL support.



Generated by rpm2html 1.8.1

Fabrice Bellet, Sat Apr 9 10:47:22 2022