- Detalji os-a: FED
- Važnost: IMP
- Operativni sustavi: L
- Kategorije: LFE
——————————————————————————–
Fedora Update Notification
FEDORA-2014-16394
2014-12-06 01:55:57
——————————————————————————–
Name : icecast
Product : Fedora 20
Version : 2.4.1
Release : 1.fc20
URL : http://www.icecast.org/
Summary : ShoutCast compatible streaming media server
Description :
Icecast is a streaming media server which currently supports
Ogg Vorbis and MP3 audio streams. It can be used to create an
Internet radio station or a privately running jukebox and many
things in between. It is very versatile in that new formats
can be added relatively easily and supports open standards for
communication and interaction.
——————————————————————————–
Update Information:
**fix CVE-2014-9091 (#1168146, #1168147, #1168148, #1168149)**
**fix CVE-2014-9018 (#1165880, #1165882, #1165883, #1165885)**
**enabled fully hardened build (#954320)**
* update new to release v2.4.1 (#1101950)
* added doc-subpkg
——————————————————————————–
ChangeLog:
* Thu Dec 4 2014 Björn Esser <bjoern.esser@gmail.com> – 2.4.1-1
– update new to release v2.4.1 (#1101950)
– fix CVE-2014-9091 (#1168146, #1168147, #1168148, #1168149)
– fix CVE-2014-9018 (#1165880, #1165882, #1165883, #1165885)
– unified spec-file for el5+ and Fedora
– some improvements to readability
– added doc-subpkg
* Thu Dec 4 2014 Björn Esser <bjoern.esser@gmail.com> – 2.3.3-6
– enabled fully hardened build (#954320)
* Sat Aug 16 2014 Fedora Release Engineering <rel-eng@lists.fedoraproject.org> – 2.3.3-5
– Rebuilt for https://fedoraproject.org/wiki/Fedora_21_22_Mass_Rebuild
* Sat Jun 7 2014 Fedora Release Engineering <rel-eng@lists.fedoraproject.org> – 2.3.3-4
– Rebuilt for https://fedoraproject.org/wiki/Fedora_21_Mass_Rebuild
——————————————————————————–
References:
[ 1 ] Bug #1168146 – CVE-2014-9091 icecast: supplementary groups are not overriden
https://bugzilla.redhat.com/show_bug.cgi?id=1168146
[ 2 ] Bug #1165880 – CVE-2014-9018 icecast: possible leak of on-connect scripts
https://bugzilla.redhat.com/show_bug.cgi?id=1165880
——————————————————————————–
This update can be installed with the “yum” update program. Use
su -c ‘yum update icecast’ at the command line.
For more information, refer to “Managing Software with yum”,
available at http://docs.fedoraproject.org/yum/.
All packages are signed with the Fedora Project GPG key. More details on the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/keys
——————————————————————————–
_______________________________________________
package-announce mailing list
package-announce@lists.fedoraproject.org
https://admin.fedoraproject.org/mailman/listinfo/package-announce
——————————————————————————–
Fedora Update Notification
FEDORA-2014-16435
2014-12-06 09:20:53
——————————————————————————–
Name : icecast
Product : Fedora 21
Version : 2.4.1
Release : 1.fc21
URL : http://www.icecast.org/
Summary : ShoutCast compatible streaming media server
Description :
Icecast is a streaming media server which currently supports
Ogg Vorbis and MP3 audio streams. It can be used to create an
Internet radio station or a privately running jukebox and many
things in between. It is very versatile in that new formats
can be added relatively easily and supports open standards for
communication and interaction.
——————————————————————————–
Update Information:
**fix CVE-2014-9091 (#1168146, #1168147, #1168148, #1168149)**
**fix CVE-2014-9018 (#1165880, #1165882, #1165883, #1165885)**
**enabled fully hardened build (#954320)**
* update new to release v2.4.1 (#1101950)
* added doc-subpkg
——————————————————————————–
ChangeLog:
* Thu Dec 4 2014 Björn Esser <bjoern.esser@gmail.com> – 2.4.1-1
– update new to release v2.4.1 (#1101950)
– fix CVE-2014-9091 (#1168146, #1168147, #1168148, #1168149)
– fix CVE-2014-9018 (#1165880, #1165882, #1165883, #1165885)
– unified spec-file for el5+ and Fedora
– some improvements to readability
– added doc-subpkg
* Thu Dec 4 2014 Björn Esser <bjoern.esser@gmail.com> – 2.3.3-6
– enabled fully hardened build (#954320)
——————————————————————————–
References:
[ 1 ] Bug #1168146 – CVE-2014-9091 icecast: supplementary groups are not overriden
https://bugzilla.redhat.com/show_bug.cgi?id=1168146
[ 2 ] Bug #1165880 – CVE-2014-9018 icecast: possible leak of on-connect scripts
https://bugzilla.redhat.com/show_bug.cgi?id=1165880
——————————————————————————–
This update can be installed with the “yum” update program. Use
su -c ‘yum update icecast’ at the command line.
For more information, refer to “Managing Software with yum”,
available at http://docs.fedoraproject.org/yum/.
All packages are signed with the Fedora Project GPG key. More details on the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/keys
——————————————————————————–
_______________________________________________
package-announce mailing list
package-announce@lists.fedoraproject.org
https://admin.fedoraproject.org/mailman/listinfo/package-announce
——————————————————————————
Fedora Update Notification
FEDORA-2014-16483
2014-12-07 03:00:32
——————————————————————————–
Name : icecast
Product : Fedora 19
Version : 2.4.1
Release : 1.fc19
URL : http://www.icecast.org/
Summary : ShoutCast compatible streaming media server
Description :
Icecast is a streaming media server which currently supports
Ogg Vorbis and MP3 audio streams. It can be used to create an
Internet radio station or a privately running jukebox and many
things in between. It is very versatile in that new formats
can be added relatively easily and supports open standards for
communication and interaction.
——————————————————————————–
Update Information:
**fix CVE-2014-9091 (#1168146, #1168147, #1168148, #1168149)**
**fix CVE-2014-9018 (#1165880, #1165882, #1165883, #1165885)**
**enabled fully hardened build (#954320)**
* update new to release v2.4.1 (#1101950)
* added doc-subpkg
——————————————————————————–
ChangeLog:
* Thu Dec 4 2014 Björn Esser – 2.4.1-1
– update new to release v2.4.1 (#1101950)
– fix CVE-2014-9091 (#1168146, #1168147, #1168148, #1168149)
– fix CVE-2014-9018 (#1165880, #1165882, #1165883, #1165885)
– unified spec-file for el5+ and Fedora
– some improvements to readability
– added doc-subpkg
* Thu Dec 4 2014 Björn Esser – 2.3.3-6
– enabled fully hardened build (#954320)
* Sat Aug 16 2014 Fedora Release Engineering – 2.3.3-5
– Rebuilt for https://fedoraproject.org/wiki/Fedora_21_22_Mass_Rebuild
* Sat Jun 7 2014 Fedora Release Engineering – 2.3.3-4
– Rebuilt for https://fedoraproject.org/wiki/Fedora_21_Mass_Rebuild
* Sat Aug 3 2013 Fedora Release Engineering – 2.3.3-3
– Rebuilt for https://fedoraproject.org/wiki/Fedora_20_Mass_Rebuild
——————————————————————————–
References:
[ 1 ] Bug #1168146 – CVE-2014-9091 icecast: supplementary groups are not overriden
https://bugzilla.redhat.com/show_bug.cgi?id=1168146
[ 2 ] Bug #1165880 – CVE-2014-9018 icecast: possible leak of on-connect scripts
https://bugzilla.redhat.com/show_bug.cgi?id=1165880
——————————————————————————–
This update can be installed with the “yum” update program. Use
su -c ‘yum update icecast’ at the command line.
For more information, refer to “Managing Software with yum”,
available at http://docs.fedoraproject.org/yum/.
All packages are signed with the Fedora Project GPG key. More details on the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/keys
——————————————————————————–
_______________________________________________
package-announce mailing list
package-announce@lists.fedoraproject.org
https://admin.fedoraproject.org/mailman/listinfo/package-announce
| Autor | Tomislav Protega |
| Cert id | NCERT-REF-2014-12-0046-ADV |
| Cve | CVE-2014-9091 CVE-2014-9018 |
| ID izvornika | FEDORA-2014-16394 FEDORA-2014-16435 |
| Proizvod | icecast |
| Izvor | http://www.redhat.com |
