Icecast - Dec 2014 - [Icecast-dev] Icecast 2.4.1 release (Windows Installer)

This is to announce the release of Icecast 2.4.1.

This is a pure bugfix-only release. Upgrading to it is recommended,
especially due to security fixes. A summary of the changes is listed
below, for details please refer to the ChangeLog.

Fixes

    * Fix autogen.sh to work properly on OS X
    * Removed threadpool from the example config
      (it is long gone and unused)
    * More detailed logging:
        - Add source IP adress to source start/stop logging
        - Add mountpoints to some log lines
    * Fix logging to send errors to STDERR prior to opening log files
    * Fix <auth> in default mounts (<mount
type="default">)
    * Fix the JSON status API (status-json.xsl),
      which could return invalid JSON in some cases
    * SSL Security improvements:
        - Disable SSLv3
        - Disable SSL compression
        - Updated the default ciphers to be more secure
    * Handle empty strings in config file better
    * Fix logging of client connection duration time on Windows
    * Fix possibly broken XML on Windows
    * Require Content-Type header for PUT requests
    * Fix on-connect and on-disconnect script STDIN/STDOUT/STDERR
      corruption due to shared file descriptors.
    * Fix JSON access by adding support for global and mount specific
      custom HTTP headers

Known issues

    * HTTP PUT implementation currently doesn?t support
      chunked encoding yet.
    * HTTP PUT with ?Expect: 100-Continue? receives first a ?100? and
      soon after a ?200?, instead of the ?200? at end of transmission.
    * Caution should be exercised when using <on-connect> or
      <on-disconnect>, as there is a small chance of stream file
      descriptors being mixed up with script file descriptors, if the
      FD numbers go above 1024. This will be further addressed in the
      next Icecast release.
    * Don?t use comments inside <http-headers> as it will prevent
      processing of further <header> tags.
    * Web interface shows Login when using just stream_auth.


Change log:
http://svn.xiph.org/icecast/tags/icecast-2.4.1/ChangeLog

Source tar ball:
http://downloads.xiph.org/releases/icecast/icecast-2.4.1.tar.gz

Windows build:
http://downloads.xiph.org/releases/icecast/icecast_win32_2.4.1.zip


Soon I'll also update the OBS repositories from 2.4.0 to 2.4.1:
https://build.opensuse.org/package/show?package=icecast&project=home%3Adm8tbr
The package repositories are here:
http://download.opensuse.org/repositories/home:/dm8tbr/
While the packages don't go through extensive testing, they should work
fine, please report any issues you encounter on the icecast mailing list.


Cheers

Thomas

Hi,

Quick update below.

On 11/20/2014 09:20 AM, "Thomas B. R?cker"
wrote:
> This is to announce the release of Icecast 2.4.1.
>
> Fixes
> [?]
>     * Fix on-connect and on-disconnect script STDIN/STDOUT/STDERR
>       corruption due to shared file descriptors.
On request of the RedHat security team to the oss-security list, MITRE
has assigned this issue the following identifier:

CVE-2014-9018


I'd like to thank the Debian and RedHat teams for taking care of Icecast
and this issue.

Also I'd like to remind everyone, that 2.4.0?2.4.1 is a pure bug-fix
release and a real no-brainer to upgrade, please do so.


Cheers

Thomas

Hi again!

If you haven't updated to 2.4.1 yet, now you have even less excuses.
Read below!

On 11/20/2014 09:20 AM, "Thomas B. R?cker"
wrote:
> This is to announce the release of Icecast 2.4.1.
[?]
> Soon I'll also update the OBS repositories from 2.4.0 to 2.4.1:
>
https://build.opensuse.org/package/show?package=icecast&project=home%3Adm8tbr
> The package repositories are here:
> http://download.opensuse.org/repositories/home:/dm8tbr/
Sadly it took me quite a while to figure out some issues introduced by
our new documentation directory layout. But I finally have things
working. Some people already tried out the test packages I had (where
docs were still "broken") and didn't report any problems. So go
ahead to
the URLs above and add the matching repository to your distribution.

As a bonus: Those packages should now all be built with openSSL support
enabled.

While the packages don't go through extensive testing, they should work
fine, please report any issues you encounter to the Icecast mailing list
or me directly.

Cheers

Thomas

Hi once again!

Merry whatever doesn't offend you!

I've taken the time to set up a clean automated build of Icecast for
Windows. This is on the Open Build Service instance of the OpenSUSE
folks. It is now building against a clean and up to date MinGW32
environment, maintained as part of openSUSE.

This needed some fixes to our code to build properly. Erik van
Pienbroek, of the Fedora project, was of invaluable help and spent some
hours cleaning up our MinGW32 specific code.

The last two days I've spent hours building on top of the great ground
work for a new Windows installer started by our Stephan Jauernick.
Utilizing the Nullsoft Installer framework we're able to create Windows
installers also from our Linux build environment.

I've chosen to redo the Windows release of Icecast 2.4.1, as the
original one for Windows was just the provisional Zip file. Also we're
not going to have a new stable release for the next couple of months, so
I want our Windows users to have a nice installation experience without
the need to wait long. (Spoiler: There will be a beta release during the
next few days though.)

Without further ado, here's the Windows installer:
http://downloads.xiph.org/releases/icecast/icecast_win32_2.4.1.exe

Notes:
- Not usable to upgrade older versions, you MUST back up your config XML
and uninstall any old versions before installing this version. If you
used the Zip file 2.4.0/2.4.1 builds, please don't try to install into
such a directory but delete it first, only retaining the config XML.
- Will install cleanly over itself and not overwrite existing config.
- Properly registers with the Windows software management infrastructure.
- Start menu contains items for: starting server (console window MUST
stay open), web interface and documentation.
- Supports HTTPS aka "SSL" (TLSv1 and up, really), see documentation
for
details.

Things still on my ToDo list for future releases:
- Windows service installation (there is a workaround utilizing "nssm"
though)
- Uninstall option to purge also config and web files, currently
retained to enable easy reinstallation

I've done some installation and runtime testing including HTTPS and
didn't notice any problems. Actually I'm listening to a stream right now
over HTTPS. If there are any issues, please let me know if you run into
problems.

Cheers

Thomas

PS: The 2.4.1 zip file is now deprecated and shouldn't be used anymore!
Website will update shortly.