Subject: pkg/27253: icecast2 critical update
To: None <gnats-bugs@gnats.NetBSD.org>
From: None <pancake@phreaker.net>
List: pkgsrc-bugs
Date: 10/13/2004 18:52:45
>Number: 27253
>Category: pkg
>Synopsis: icecast2 critical update
>Confidential: no
>Severity: critical
>Priority: high
>Responsible: pkg-manager
>State: open
>Class: support
>Submitter-Id: net
>Arrival-Date: Wed Oct 13 17:16:00 UTC 2004
>Closed-Date:
>Last-Modified:
>Originator: User Foo
>Release: FreeBSD 6.0-CURRENT
>Organization:
>Environment:
System: FreeBSD porticoluna 6.0-CURRENT FreeBSD 6.0-CURRENT #1: Wed Sep 22 12:06:57 CEST 2004 esn@porticoluna:/usr/obj/usr/src/sys/KERN_PLUNA2 i386
Architecture: i386
Machine: i386
>Description:
icecast2.0.1 has changed the master_site.
also it has 3 critical security bugs: 2 buffer overflows and one
directory traversal flaw.
release 2.0.2 solves all these problesm.
>How-To-Repeat:
http://news.nopcode.org/?search=icecast&by=words&show=all
>Fix:
update to 2.0.2
--- distinfo.orig Wed Oct 13 18:41:03 2004
+++ distinfo Wed Oct 13 18:43:50 2004
@@ -1,6 +1,6 @@
$NetBSD: distinfo,v 1.10 2004/06/24 18:20:04 xtraeme Exp $
-SHA1 (icecast-2.0.1.tar.gz) = e9ecbb55d2a5d950bcca00c46f58a9eec28b6ae4
-Size (icecast-2.0.1.tar.gz) = 750259 bytes
+SHA1 (icecast-2.0.2.tar.gz) = d85ff7e686040eb2d6f70aae175614cba318762a
+Size (icecast-2.0.2.tar.gz) = 750391 bytes
SHA1 (patch-aa) = fa92a4a704a3f471a0669c9933b36a3586425dc5
SHA1 (patch-ab) = 39cf0ed1e9da8c7d90fa192731307817e91496c9
--- Makefile.orig Wed Oct 13 18:40:57 2004
+++ Makefile Wed Oct 13 18:43:34 2004
@@ -1,10 +1,9 @@
# $NetBSD: Makefile,v 1.26 2004/10/03 00:13:06 tv Exp $
#
-DISTNAME= icecast-2.0.1
-PKGREVISION= 2
+DISTNAME= icecast-2.0.2
CATEGORIES= audio
-MASTER_SITES= http://www.icecast.org/files/
+MASTER_SITES= http://svn.xiph.org/releases/icecast/
MAINTAINER= pancake@phreaker.net
HOMEPAGE= http://www.icecast.org/
>Release-Note:
>Audit-Trail:
>Unformatted: