1 files changed, 0 insertions, 101 deletions
diff --git a/share/security/advisories/FreeBSD-SA-01:23.icecast.asc b/share/security/advisories/FreeBSD-SA-01:23.icecast.asc
deleted file mode 100644
index 01177d1b31..0000000000
--- a/share/security/advisories/FreeBSD-SA-01:23.icecast.asc
+++ /dev/null
@@ -1,101 +0,0 @@
------BEGIN PGP SIGNED MESSAGE-----
-
-=============================================================================
-FreeBSD-SA-01:23                                           Security Advisory
-                                                                FreeBSD, Inc.
-
-Topic:          icecast port contains remote vulnerability
-
-Category:       ports
-Module:         icecast
-Announced:      2001-03-12
-Credits:        |CyRaX| <cyrax@pkcrew.org>
-Affects:        Ports collection prior to the correction date.
-Corrected:      2001-03-10
-Vendor status:  Unresponsive
-FreeBSD only:   NO
-
-I.   Background
-
-icecast is a server for streaming MP3 audio.
-
-II.  Problem Description
-
-The icecast software, versions prior to 1.3.7_1, contains multiple
-format string vulnerabilities, which allow a remote attacker to
-execute arbitrary code as the user running icecast, usually the root
-user.
-
-There are a number of other potential abuses of format strings which
-may or may not pose security risks, but have not currently been
-audited.
-
-The icecast port is not installed by default, nor is it "part of
-FreeBSD" as such: it is part of the FreeBSD ports collection, which
-contains nearly 4700 third-party applications in a ready-to-install
-format.  The ports collections shipped with FreeBSD 3.5.1 and 4.2
-contain this problem since it was discovered after the releases.
-
-FreeBSD makes no claim about the security of these third-party
-applications, although an effort is underway to provide a security
-audit of the most security-critical ports.
-
-III. Impact
-
-Arbitrary remote users can execute arbitrary code on the local system
-as the user running icecast, usually the root user.
-
-If you have not chosen to install the icecast port/package, then your
-system is not vulnerable to this problem.
-
-IV.  Workaround
-
-Deinstall the icecast port/package, if you have installed it.
-
-V.   Solution
-
-Consider running the icecast software as a non-privileged user to
-minimize the impact of further security vulnerabilities in this
-software.
-
-To upgrade icecast, choose one of the following options:
-
-1) Upgrade your entire ports collection and rebuild the icecast port.
-
-2) Deinstall the old package and install a new package dated after the
-correction date, obtained from:
-
-[i386]
-ftp://ftp.FreeBSD.org/pub/FreeBSD/ports/i386/packages-4-stable/audio/icecast-1.3.7_1.tgz
-ftp://ftp.FreeBSD.org/pub/FreeBSD/ports/i386/packages-5-current/audio/icecast-1.3.7_1.tgz
-
-NOTE: It may be several days before updated packages are available
-
-[alpha]
-ftp://ftp.FreeBSD.org/pub/FreeBSD/ports/alpha/packages-4-stable/audio/icecast-1.3.7_1.tgz
-ftp://ftp.FreeBSD.org/pub/FreeBSD/ports/alpha/packages-5-current/audio/icecast-1.3.7_1.tgz
-
-3) download a new port skeleton for the icecast port from:
-
-http://www.freebsd.org/ports/
-
-and use it to rebuild the port.
-
-4) Use the portcheckout utility to automate option (3) above. The
-portcheckout port is available in /usr/ports/devel/portcheckout or the
-package can be obtained from:
-
-ftp://ftp.FreeBSD.org/pub/FreeBSD/ports/i386/packages-4-stable/devel/portcheckout-2.0.tgz
-ftp://ftp.FreeBSD.org/pub/FreeBSD/ports/alpha/packages-4-stable/devel/portcheckout-2.0.tgz
-ftp://ftp.FreeBSD.org/pub/FreeBSD/ports/i386/packages-5-current/devel/portcheckout-2.0.tgz
-ftp://ftp.FreeBSD.org/pub/FreeBSD/ports/alpha/packages-5-current/devel/portcheckout-2.0.tgz
------BEGIN PGP SIGNATURE-----
-Version: GnuPG v1.0.4 (FreeBSD)
-Comment: For info see http://www.gnupg.org
-
-iQCVAwUBOq1b9lUuHi5z0oilAQF0VQQAgjsvLSPtZ1pu6OtkGxuMJhCmmeCvFJvL
-4szsF1csrFrXhaH7z1VjJP8r/Q2NBzWcS3qujkhGRObsGGyvAJKk7QVrqnjXV3gD
-rgLnphjNlKt0VuXafxXwTT8YTxoCbzOHy23aa0KaRWoCAVcVi4AAZs4XHEUgU+Ov
-lWOyEgxUBEk=
-=WM3Y
------END PGP SIGNATURE-----