2021-10-18 17:04:18 +02:00
|
|
|
-------------------------------------------------------------------
|
2022-08-29 15:07:53 +02:00
|
|
|
Fri Aug 19 19:25:35 UTC 2022 - Georg Pfuetzenreuter <georg.pfuetzenreuter@suse.com>
|
|
|
|
|
|
|
|
|
|
- Drop @privileged SystemCallFilter, can prevent service from starting (status=31/SYS)
|
|
|
|
|
|
|
|
|
|
-------------------------------------------------------------------
|
2021-10-18 17:04:18 +02:00
|
|
|
Mon Oct 18 14:55:57 UTC 2021 - Michael Ströder <michael@stroeder.com>
|
|
|
|
|
|
|
|
|
|
- Dropped harden_coturn.service.patch because systemd units are
|
|
|
|
|
created from own source anyway and are proven to work
|
|
|
|
|
|
2021-10-15 16:04:20 +02:00
|
|
|
-------------------------------------------------------------------
|
|
|
|
|
Fri Oct 15 12:11:35 UTC 2021 - Johannes Segitz <jsegitz@suse.com>
|
|
|
|
|
|
|
|
|
|
- Drop ProtectClock hardening, can cause issues if other device acceess is needed
|
|
|
|
|
|
2021-08-31 00:28:45 +02:00
|
|
|
-------------------------------------------------------------------
|
|
|
|
|
Mon Aug 30 11:55:53 UTC 2021 - Johannes Segitz <jsegitz@suse.com>
|
|
|
|
|
|
|
|
|
|
- Added hardening to systemd service(s). Added patch(es):
|
|
|
|
|
* harden_coturn.service.patch
|
|
|
|
|
Modified:
|
|
|
|
|
* coturn.service
|
|
|
|
|
* coturn@.service
|
|
|
|
|
|
2021-01-11 11:58:27 +01:00
|
|
|
-------------------------------------------------------------------
|
|
|
|
|
Mon Jan 11 10:27:20 UTC 2021 - Johannes Weberhofer <jweberhofer@weberhofer.at>
|
|
|
|
|
|
|
|
|
|
- Version 4.5.2
|
|
|
|
|
* Fix for CVE-2020-26262 (boo#1180764)
|
|
|
|
|
- Fix ipv6 ::1 loopback check
|
|
|
|
|
- Not allow allocate peer address 0.0.0.0/8 and ::/128
|
|
|
|
|
- For more details see the github security advisory:
|
|
|
|
|
https://github.com/coturn/coturn/security/advisories/GHSA-6g6j-r9rf-cm7p
|
|
|
|
|
|
|
|
|
|
* fix null pointer dereference in case of out of memory.
|
|
|
|
|
* Fix: Null pointer dereference on tcp_client_input_handler_rfc6062data function
|
|
|
|
|
* Fix: use-after-free vulnerability on write_to_peerchannel function
|
|
|
|
|
* Fix: use-after-free vulnerability on write_client_connection function
|
|
|
|
|
|
|
|
|
|
* add prometheus metrics
|
|
|
|
|
* Delete trailing whitespace in example configuration files
|
|
|
|
|
* Add architecture ppc64le to travis build
|
|
|
|
|
* Fix misleading option in doc (prometheus)
|
|
|
|
|
* Allow RFC6062 TCP relay data to look like TLS
|
|
|
|
|
* Add support for proxy protocol V1
|
|
|
|
|
* Print full date and time in logs
|
|
|
|
|
* Add new options: "new-log-timestamp" and "new-log-timestamp-format"
|
|
|
|
|
* Do not use FIPS and remove hardcode OPENSSL_VERSION_NUMBER with LibreSSL
|
|
|
|
|
* Add ACME redirect url
|
|
|
|
|
* support of --acme-redirect <URL>
|
|
|
|
|
* fix acme security, redundancy, consistency
|
|
|
|
|
* Add new --log-binding option to enable binding request logging
|
|
|
|
|
* Fix stale-nonce documentation
|
|
|
|
|
* Version number is changed to semver 2.0
|
|
|
|
|
* pkg-config, and various cleanups in configure file
|
|
|
|
|
* Add systemd notification for better systemd integration
|
|
|
|
|
* Fix c++ support
|
|
|
|
|
* Remove session id/allocation labels
|
|
|
|
|
* Remove per session metrics. We should later add more counters.
|
|
|
|
|
|
2020-12-29 17:21:36 +01:00
|
|
|
-------------------------------------------------------------------
|
|
|
|
|
Sun Dec 27 15:42:09 UTC 2020 - Michael Ströder <michael@stroeder.com>
|
|
|
|
|
|
|
|
|
|
- AppArmor profile has ABI 3.0 and some minor changes
|
|
|
|
|
- Modified systemd unit:
|
|
|
|
|
* do not use daemon mode
|
|
|
|
|
* Type=simple
|
|
|
|
|
* added security settings
|
|
|
|
|
- added multi-instance systemd unit
|
|
|
|
|
|
2020-08-31 02:11:00 +02:00
|
|
|
-------------------------------------------------------------------
|
|
|
|
|
Wed Aug 19 10:48:41 UTC 2020 - Callum Farmer <callumjfarmer13@gmail.com>
|
|
|
|
|
|
|
|
|
|
- Fixes for %_libexecdir changing to /usr/libexec (bsc#1174075)
|
|
|
|
|
|
2020-06-30 10:03:55 +02:00
|
|
|
-------------------------------------------------------------------
|
|
|
|
|
Tue Jun 30 07:54:01 UTC 2020 - Johannes Weberhofer <jweberhofer@weberhofer.at>
|
|
|
|
|
|
|
|
|
|
- Version 4.5.1.3:
|
|
|
|
|
* Remove reference to SSLv3: gh#coturn/coturn#566
|
|
|
|
|
* Ignore MD5 for BoringSSL: gh#coturn/coturn#579
|
|
|
|
|
* STUN response buffer not initialized properly; he issue found and
|
|
|
|
|
reported gh#coturn/coturn#583 by Felix Dörre all credits belongs to
|
2020-06-30 15:14:54 +02:00
|
|
|
him. CVE-2020-4067, boo#1173510
|
2020-06-30 10:03:55 +02:00
|
|
|
|
|
|
|
|
- Let coturn allow binding to ports below 1024 per default
|
|
|
|
|
|
2020-05-04 15:08:12 +02:00
|
|
|
-------------------------------------------------------------------
|
|
|
|
|
Mon May 4 12:58:39 UTC 2020 - Johannes Weberhofer <jweberhofer@weberhofer.at>
|
|
|
|
|
|
|
|
|
|
- Extended Readme.SUSE with description on how to bind to ports below 1024
|
|
|
|
|
- Fixes and enhancements in service-file
|
|
|
|
|
- /etc/sysconfig/coturn defaults now to not show software's version to the public
|
|
|
|
|
|
|
|
|
|
- Version 4.5.1.2:
|
|
|
|
|
* Do not display empty CLI passwd alert if CLI is not enabled
|
|
|
|
|
* Removed several functions: gh#coturn/coturn#359
|
|
|
|
|
* Fix webadmin IP permission and possible SQL-injections: gh#coturn/coturn#386
|
|
|
|
|
* Fix Mongo driver crash on invalid connection string: gh#coturn/coturn#390
|
|
|
|
|
* enhanced fread return length check: gh#coturn/coturn#392
|
|
|
|
|
* disconnect database gracefully: #367
|
|
|
|
|
* Using SSL_get_version method for BoringSSL compatibility:
|
|
|
|
|
turn_session_info->tls_method returns real TLS version:
|
|
|
|
|
gh#coturn/coturn#382
|
|
|
|
|
* Added systemd service example: gh#coturn/coturn#276
|
|
|
|
|
* Add bandwidth usage reporting packet/bandwidth usage by peers:
|
|
|
|
|
gh#coturn/coturn#284
|
|
|
|
|
* Modifying configure to enable compile with private libraries:
|
|
|
|
|
gh#coturn/coturn#381
|
|
|
|
|
* Append to log files rather than overriding them: gh#coturn/coturn#417
|
|
|
|
|
* Updated incorrect string length check for 'ssh': gh#coturn/coturn#442
|
|
|
|
|
* Fix Dockerfile for latest Debian: gh#coturn/coturn#449
|
|
|
|
|
* CVE-2020-6061, CVE-2020-6062: specially crafted HTTP POST request can lead
|
|
|
|
|
to heap overflow which can result in information leak:
|
|
|
|
|
gh#coturn/coturn#489
|
|
|
|
|
* STUN input validation: gh#coturn/coturn#472
|
|
|
|
|
* Allow MD5 in FIPS mode: gh#coturn/coturn#398
|
|
|
|
|
* update travis config ubuntu/mac images
|
|
|
|
|
* added null check for second char: gh#coturn/coturn#466
|
|
|
|
|
* compiler warning fixes: gh#coturn/coturn#470
|
|
|
|
|
* Fix a memory leak when an SHATYPE isn't supported: gh#coturn/coturn#471
|
|
|
|
|
* fix compiler warning comparison between signed and unsigned integer expressions
|
|
|
|
|
* fix compiler warning string truncation
|
|
|
|
|
* change Diffie Hellman default key length from 1066 to 2066
|
|
|
|
|
* drop of supplementary group IDs: gh#coturn/coturn#522
|
|
|
|
|
* Unify spelling of Coturn: gh#coturn/coturn#514
|
|
|
|
|
* Rename "prod" config option to "no-software-attribute": gh#coturn/coturn#506
|
|
|
|
|
gh#coturn/coturn#478
|
|
|
|
|
* change sql data dir in docker-compose-all.yml: gh#coturn/coturn#516
|
|
|
|
|
* add flags to disable periodic use of dynamic tables: gh#coturn/coturn#525
|
|
|
|
|
|
|
|
|
|
* fix typos and grammar: gh#coturn/coturn#463, gh#coturn/coturn#488
|
|
|
|
|
* Update README.docker: gh#coturn/coturn#475
|
|
|
|
|
* fix config extension in README.docker: gh#coturn/coturn#519
|
|
|
|
|
* Code beautifications: gh#coturn/coturn#327, gh#coturn/coturn#455,
|
|
|
|
|
gh#coturn/coturn#513
|
|
|
|
|
|
|
|
|
|
- Removed patches now included in upstream: coturn-4.5.1.0-append-log.patch,
|
2020-05-04 15:50:12 +02:00
|
|
|
coturn-4.5.1.1-cve-2020-6061.patch, coturn-4.5.1.1-cve-2020-6062.patch and
|
2020-05-04 15:08:12 +02:00
|
|
|
coturn-4.5.1.1.missing-call-to-setgroups-before-setuid.patch
|
|
|
|
|
|
2020-04-20 17:32:53 +02:00
|
|
|
-------------------------------------------------------------------
|
|
|
|
|
Tue Apr 14 18:38:59 UTC 2020 - lars@linux-schulserver.de
|
|
|
|
|
|
|
|
|
|
- added apparmor profile (coturn-apparmor-usr.bin.turnserver)
|
|
|
|
|
- fix executable permissions in devel package by using defattr
|
|
|
|
|
|
2020-04-12 07:55:26 +02:00
|
|
|
-------------------------------------------------------------------
|
|
|
|
|
Sun Apr 12 05:47:04 UTC 2020 - Johannes Weberhofer <jweberhofer@weberhofer.at>
|
|
|
|
|
|
|
|
|
|
- Use pkgconfig(systemd) for packaging
|
|
|
|
|
|
2020-04-12 17:17:22 +02:00
|
|
|
-------------------------------------------------------------------
|
|
|
|
|
Sat Apr 11 20:17:07 UTC 2020 - Jan Engelhardt <jengelh@inai.de>
|
|
|
|
|
|
|
|
|
|
- Shorten description by stripping the long list of all RFCs.
|
|
|
|
|
- Drop %defattr; use %autosetup.
|
|
|
|
|
|
2020-04-11 15:08:03 +02:00
|
|
|
-------------------------------------------------------------------
|
|
|
|
|
Thu Apr 9 10:57:37 UTC 2020 - Johannes Weberhofer <jweberhofer@weberhofer.at>
|
|
|
|
|
|
|
|
|
|
- Initial release of coturn 4.5.1.1
|
