pool/coturn
SHA256
3
0
Fork 1
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
16 Commits 2 Branches 0 Tags 120 KiB
2155609804
Commit Graph

15 Commits

Author SHA256 Message Date
Johannes Weberhofer
2155609804 Accepting request 998247 from home:crameleon:branches:network:telephony 
Adjust hardening, README and license year

OBS-URL: https://build.opensuse.org/request/show/998247
OBS-URL: https://build.opensuse.org/package/show/network:telephony/coturn?expand=0&rev=22
 2022-08-29 13:07:53 +00:00
Michael Ströder
cb404f5020 Accepting request 926042 from home:stroeder:network 
- Dropped harden_coturn.service.patch because systemd units are
  created from own source anyway and are proven to work

OBS-URL: https://build.opensuse.org/request/show/926042
OBS-URL: https://build.opensuse.org/package/show/network:telephony/coturn?expand=0&rev=21
 2021-10-18 15:04:18 +00:00
Johannes Weberhofer
df6f7fba40 Accepting request 925450 from home:jsegitz:branches:systemdhardening_protectclock 
- Drop ProtectClock hardening, can cause issues if other device acceess is needed

OBS-URL: https://build.opensuse.org/request/show/925450
OBS-URL: https://build.opensuse.org/package/show/network:telephony/coturn?expand=0&rev=20
 2021-10-15 14:04:20 +00:00
Michael Ströder
23890538db Accepting request 915053 from home:jsegitz:branches:systemdhardening:network:telephony 
Automatic systemd hardening effort by the security team. This has not been tested. For details please see https://en.opensuse.org/openSUSE:Security_Features#Systemd_hardening_effort

OBS-URL: https://build.opensuse.org/request/show/915053
OBS-URL: https://build.opensuse.org/package/show/network:telephony/coturn?expand=0&rev=19
 2021-08-30 22:28:45 +00:00
Michael Ströder
36f26e008a Accepting request 862256 from home:weberho:branches:network:telephony 
- Version 4.5.2
  * Fix for CVE-2020-26262 (boo#1180764)
    - Fix ipv6 ::1 loopback check
    - Not allow allocate peer address 0.0.0.0/8 and ::/128
    - For more details see the github security advisory:
      https://github.com/coturn/coturn/security/advisories/GHSA-6g6j-r9rf-cm7p
  * fix null pointer dereference in case of out of memory.
  * Fix: Null pointer dereference on tcp_client_input_handler_rfc6062data function
  * Fix: use-after-free vulnerability on write_to_peerchannel function
  * Fix: use-after-free vulnerability on write_client_connection function
  * add prometheus metrics
  * Delete trailing whitespace in example configuration files
  * Add architecture ppc64le to travis build
  * Fix misleading option in doc (prometheus)
  * Allow RFC6062 TCP relay data to look like TLS
  * Add support for proxy protocol V1
  * Print full date and time in logs
  * Add new options: "new-log-timestamp" and "new-log-timestamp-format"
  * Do not use FIPS and remove hardcode OPENSSL_VERSION_NUMBER with LibreSSL
  * Add ACME redirect url
  * support of --acme-redirect <URL>
  * fix acme security, redundancy, consistency
  * Add new --log-binding option to enable binding request logging
  * Fix stale-nonce documentation
  * Version number is changed to semver 2.0
  * pkg-config, and various cleanups in configure file
  * Add systemd notification for better systemd integration
  * Fix c++ support
  * Remove session id/allocation labels
  * Remove per session metrics. We should later add more counters.

OBS-URL: https://build.opensuse.org/request/show/862256
OBS-URL: https://build.opensuse.org/package/show/network:telephony/coturn?expand=0&rev=17
 2021-01-11 10:58:27 +00:00
Johannes Weberhofer
a23b99d3d2 Accepting request 858909 from home:stroeder:branches:network:telephony 
- AppArmor profile has ABI 3.0 and some minor changes
- Modified systemd unit:
  * do not use daemon mode
  * Type=simple
  * added security settings
- added multi-instance systemd unit

OBS-URL: https://build.opensuse.org/request/show/858909
OBS-URL: https://build.opensuse.org/package/show/network:telephony/coturn?expand=0&rev=15
 2020-12-29 16:21:36 +00:00
Lars Vogdt
828e7289d2 Accepting request 827858 from home:gmbr3:libexecdir 
- Fixes for %_libexecdir changing to /usr/libexec (bsc#1174075)

OBS-URL: https://build.opensuse.org/request/show/827858
OBS-URL: https://build.opensuse.org/package/show/network:telephony/coturn?expand=0&rev=13
 2020-08-31 00:11:00 +00:00
Johannes Weberhofer
8d0cf978e9 Accepting request 817875 from home:weberho:branches:network:telephony 
added reference to boo#1173510

OBS-URL: https://build.opensuse.org/request/show/817875
OBS-URL: https://build.opensuse.org/package/show/network:telephony/coturn?expand=0&rev=11
 2020-06-30 13:14:54 +00:00
Johannes Weberhofer
ab957dfa08 Accepting request 817809 from home:weberho:branches:network:telephony 
- Version 4.5.1.3:
  * Remove reference to SSLv3: gh#coturn/coturn#566
  * Ignore MD5 for BoringSSL: gh#coturn/coturn#579
  * STUN response buffer not initialized properly; he issue found and 
    reported gh#coturn/coturn#583 by Felix Dörre all credits belongs to 
    him. CVE-2020-4067
- Let coturn allow binding to ports below 1024 per default

OBS-URL: https://build.opensuse.org/request/show/817809
OBS-URL: https://build.opensuse.org/package/show/network:telephony/coturn?expand=0&rev=10
 2020-06-30 08:03:55 +00:00
Johannes Weberhofer
a08f36789d Accepting request 800069 from home:weberho:branches:network:telephony 
Fixed typo in changelog

OBS-URL: https://build.opensuse.org/request/show/800069
OBS-URL: https://build.opensuse.org/package/show/network:telephony/coturn?expand=0&rev=8
 2020-05-04 13:50:12 +00:00
Johannes Weberhofer
7ec561df97 Accepting request 800058 from home:weberho:branches:network:telephony 
- Version 4.5.1.2:
- Extended Readme.SUSE with description on how to bind to ports below 1024
- Fixes and enhancements in service-file
- /etc/sysconfig/coturn defaults now to not show software's version to the public

OBS-URL: https://build.opensuse.org/request/show/800058
OBS-URL: https://build.opensuse.org/package/show/network:telephony/coturn?expand=0&rev=7
 2020-05-04 13:08:12 +00:00
Johannes Weberhofer
c4ca41a9dd Accepting request 795858 from home:lrupp:branches:network:telephony 
allow /etc/pki/coturn/** in apparmor to allow loading of certificates from the standard location.


- added apparmor profile (coturn-apparmor-usr.bin.turnserver)
- fix executable permissions in devel package by using defattr

OBS-URL: https://build.opensuse.org/request/show/795858
OBS-URL: https://build.opensuse.org/package/show/network:telephony/coturn?expand=0&rev=5
 2020-04-20 15:32:53 +00:00
Johannes Weberhofer
de4232263d Accepting request 793234 from home:jengelh:branches:network:telephony 
- Shorten description by stripping the long list of all RFCs.
- Drop %defattr; use %autosetup.

OBS-URL: https://build.opensuse.org/request/show/793234
OBS-URL: https://build.opensuse.org/package/show/network:telephony/coturn?expand=0&rev=3
 2020-04-12 15:17:22 +00:00
Johannes Weberhofer
ab5075b12c Accepting request 793282 from home:weberho:branches:network:telephony 
- Use pkgconfig(systemd) for packaging

OBS-URL: https://build.opensuse.org/request/show/793282
OBS-URL: https://build.opensuse.org/package/show/network:telephony/coturn?expand=0&rev=2
 2020-04-12 05:55:26 +00:00
Jan Engelhardt
f0c86398b7 Accepting request 793075 from home:weberho:tools 
Coturn is a STUN/TURN server which works nicely e.g. nextcloud. I'd like to offer that project in factory and Leap.
Please review. If you like the package I'll request the coturn user/group for factory.

OBS-URL: https://build.opensuse.org/request/show/793075
OBS-URL: https://build.opensuse.org/package/show/network:telephony/coturn?expand=0&rev=1
 2020-04-11 13:08:03 +00:00