Fedora 20 Update: ezstream-0.6.0-1.fc20

updates at fedoraproject.org updates at fedoraproject.org
Sun Apr 5 14:35:57 UTC 2015 

--------------------------------------------------------------------------------
Fedora Update Notification
FEDORA-2015-4709
2015-03-26 16:50:11
--------------------------------------------------------------------------------

Name        : ezstream
Product     : Fedora 20
Version     : 0.6.0
Release     : 1.fc20
URL         : http://www.icecast.org/ezstream/
Summary     : Command line source client for Icecast media streaming servers
Description :
Ezstream is a command line source client for Icecast media streaming servers.

In its basic mode of operation, it streams media files or data from standard
input without reencoding and thus requires only very little CPU resources. It
can also use various external decoders and encoders to reencode from one format
to another, and stream the result to an Icecast server. Additional features
include scriptable playlist and metadata handling. All of its features make
ezstream a very flexible source client.

Supported media formats for streaming are MP3, Ogg Vorbis and Ogg Theora.
Native metadata support includes MP3 (ID3v1 only) and Ogg Vorbis, and many
more formats understood by TagLib library.

--------------------------------------------------------------------------------
Update Information:

This release fixes security bug leading to remote shell command execution when processing malicous metadata. Users must remove double quotes around metadata placeholders in encode and decode elements in configuration files to complete the fix on their system. This release also fixes an infinite loop when stopping to send data to standard input. This relase adds new metadata_refreshinterval configuation directive and "-m" positional argument to control metadata updates. Also this release corrects license declaration to (GPLv2 and BSD and MIT).
--------------------------------------------------------------------------------
ChangeLog:

* Tue Mar 24 2015 Petr Pisar <ppisar at redhat.com> - 0.6.0-1
- Modernize spec file
- Correct dependencies
- Correct license tag from (GPLv2) to (GPLv2 and BSD and MIT)
- 0.6.0 bump (fixes a security bug when processing metadata placeholders
  leading to arbitrary shell command execution)
--------------------------------------------------------------------------------
References:

  [ 1 ] Bug #1205049 - New upstream release of ezstream - 0.6.0 (security)
        https://bugzilla.redhat.com/show_bug.cgi?id=1205049
--------------------------------------------------------------------------------

This update can be installed with the "yum" update program.  Use
su -c 'yum update ezstream' at the command line.
For more information, refer to "Managing Software with yum",
available at http://docs.fedoraproject.org/yum/.

All packages are signed with the Fedora Project GPG key.  More details on the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/keys
--------------------------------------------------------------------------------

More information about the package-announce mailing list