Accepting request 817809 from home:weberho:branches:network:telephony

- Version 4.5.1.3: * Remove reference to SSLv3: gh#coturn/coturn#566 * Ignore MD5 for BoringSSL: gh#coturn/coturn#579 * STUN response buffer not initialized properly; he issue found and reported gh#coturn/coturn#583 by Felix Dörre all credits belongs to him. CVE-2020-4067 - Let coturn allow binding to ports below 1024 per default OBS-URL: https://build.opensuse.org/request/show/817809 OBS-URL: https://build.opensuse.org/package/show/network:telephony/coturn?expand=0&rev=10
2020-06-30 08:03:55 +00:00 · 2020-06-30 08:03:55 +00:00 · ab957dfa08
commit ab957dfa08
parent a08f36789d
6 changed files with 18 additions and 11 deletions
--- a/README.SUSE
+++ b/README.SUSE
@ -10,8 +10,3 @@ firewall-cmd --zone=public --add-service=coturn [--permanent]
 * /etc/syconfig/coturn has the option '--no-software-attribute' enabled to hide 
  the software version for production issue.

-* The trunserveer can only be bound to a port belo 1024 if you add the
-  AmbientCapabilities=CAP_NET_BIND_SERVICE section to the service file.
-
-
-
--- a/coturn-4.5.1.2.tar.gz
+++ b/coturn-4.5.1.2.tar.gz
@ -1,3 +0,0 @@
-version https://git-lfs.github.com/spec/v1
-oid sha256:a1ab5fb6a97c1fdd509f6301c5e706f422475a7086657c0c56e2b27cbe01932c
-size 436487
--- a/coturn-4.5.1.3.tar.gz
+++ b/coturn-4.5.1.3.tar.gz
@ -0,0 +1,3 @@
+version https://git-lfs.github.com/spec/v1
+oid sha256:4ff1f8c041ac71445018d81321d4b66e5dce4f171ef73a348d858dc9a0cc1cce
+size 437084
--- a/coturn.changes
+++ b/coturn.changes
@ -1,3 +1,15 @@
+-------------------------------------------------------------------
+Tue Jun 30 07:54:01 UTC 2020 - Johannes Weberhofer <jweberhofer@weberhofer.at>
+
+- Version 4.5.1.3:
+  * Remove reference to SSLv3: gh#coturn/coturn#566
+  * Ignore MD5 for BoringSSL: gh#coturn/coturn#579
+  * STUN response buffer not initialized properly; he issue found and 
+    reported gh#coturn/coturn#583 by Felix Dörre all credits belongs to 
+    him. CVE-2020-4067
+
+- Let coturn allow binding to ports below 1024 per default
+
 -------------------------------------------------------------------
 Mon May  4 12:58:39 UTC 2020 - Johannes Weberhofer <jweberhofer@weberhofer.at>

--- a/coturn.service
+++ b/coturn.service
@ -13,8 +13,8 @@ ExecStart=/usr/bin/turnserver -o -c /etc/coturn/turnserver.conf --pidfile /run/c
 Restart=on-abort
 ExecReload=/bin/kill -HUP $MAINPID

-# enable next line to make coturn able to bind to a port below 1024
-#AmbientCapabilities=CAP_NET_BIND_SERVICE
+# next line allows coturn to bind to a port below 1024
+AmbientCapabilities=CAP_NET_BIND_SERVICE

 LimitCORE=infinity
 LimitNOFILE=999999
--- a/coturn.spec
+++ b/coturn.spec
@ -24,7 +24,7 @@
 %endif
 %bcond_without  apparmor
 Name:           coturn
-Version:        4.5.1.2
+Version:        4.5.1.3
 Release:        0
 Summary:        TURN and STUN server for VoIP
 License:        BSD-3-Clause