Fedora 27 : icecast (2018-f3d995c6a8)
Medium Nessus Plugin ID 118899
SynopsisThe remote Fedora host is missing a security update.
DescriptionThis release fixes buffer overflows in URL authentication code (CVE-2018-18820), a crash in htpasswd authentication if no filename is set, a crash on xsltApplyStylesheet() error, and a crash on malformed Opus streams. It also corrects global listener counter. It stops displaying hashed user passwords for security concerns. It adds support for announcing Opus streams to YP catalogs.
Note that Tenable Network Security has extracted the preceding description block directly from the Fedora update system website.
Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
SolutionUpdate the affected icecast package.