1
0
mirror of https://gitlab.xiph.org/xiph/icecast-server.git synced 2024-06-16 06:15:24 +00:00

Preparing for 2.4.1 release.

We are now code complete plus an additional security fix.
Some testing remains before final release.

svn path=/icecast/trunk/icecast/; revision=19314
This commit is contained in:
Thomas B. "dm8tbr" Ruecker 2014-11-17 22:19:38 +00:00
parent baee2d0c7f
commit 9cd2e5c48e
2 changed files with 36 additions and 1 deletions

View File

@ -1,3 +1,38 @@
2014-11-17 19:20:57 ph3-der-loewe
* subset of earlier patch so it can go into 2.4.1: disconnects
stdio of <on-[dis]connect> scripts from random filehandles.
* This is considered a security fix: if on-connect/on-disconnect
scripts are used, file descriptors of the server process remain open
and could be written to or read from. Most pressing STDIN, STDOUT,
STDERR are handled. Further all file descriptors up to 1024 are closed.
There is a remaining (much lower) risk in combination of either a
malicious or susceptible script and FDs above 1024.
2014-11-10 10:46:55 ph3-der-loewe
* patch to fix regression on header size with large headers introduced
by support of <server-id> and <http-headers>. This should ensure we
have at least space for 2kB of extra headers. Depending on function
and call we may have much more space.
2014-11-10 08:23:34 dm8tbr
* Update minimal config to also contain ACAO * header
2014-11-10 06:25:15 dm8tbr
* Update default config: SSL, headers, default-mount
2014-11-09 10:55:29 dm8tbr
* Updated default openSSL cipher string
* https://wiki.mozilla.org/Security/Server_Side_TLS#Intermediate_compatibility_.28default.29
* same Qualys result
2014-11-09 09:13:59 dm8tbr
* Clean up default config
2014-11-08 16:23:26 dm8tbr

View File

@ -1,4 +1,4 @@
AC_INIT([Icecast], [2.4.0], [icecast@xiph.org])
AC_INIT([Icecast], [2.4.1], [icecast@xiph.org])
AC_PREREQ(2.54)
AC_CONFIG_SRCDIR(src/main.c)