According to the icecast page, there is a 2.0.2 release which fixed a security exploit. That's all they pretty much say, so I'll have to contact upstream and figure out what it is exactly. All I know is that 2.0.2 is not in portage :).
There, found more information: http://lists.xiph.org/pipermail/icecast-dev/2004-September/001278.html it seems it's win32 only, but as it says: but didn't have any noticeable effect on non-win32 servers..We are recommending that everyone upgrade to icecast 2.0.2 just to be sure. My guess would be to not do anything on this and I'll just bump it to 2.0.2 when I get a chance, but if we want to track this as a security bug just in case upstream finds out more then we can do that too. Otherwise re-assign to sound as a bump request and I'll try and take care of it at some point.
We'll hang on to this bug for a bit to see if any non-win32 information leaks out about it. Chris/sound, please bump when you get a chance. Thanks!
http://secunia.com/advisories/12666/ judging after this page, seems it is pretty big.
Ok, the ebuild is bumped in portage. However, I vote no glsa, as according to all the annoucements I've seen, this exploit only occurs on win32 systems (as they can tell so far...). I say close this out for now, but re-open should something regarding *nix based systems come up.
Closing without GLSA. Please re-open if any sign of a non-win32 vulnerability arises.
