pool/coturn
SHA256
3
0
Fork 1
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
ab957dfa08
coturn/coturn.changes
Johannes Weberhofer ab957dfa08 Accepting request 817809 from home:weberho:branches:network:telephony 
- Version 4.5.1.3:
  * Remove reference to SSLv3: gh#coturn/coturn#566
  * Ignore MD5 for BoringSSL: gh#coturn/coturn#579
  * STUN response buffer not initialized properly; he issue found and 
    reported gh#coturn/coturn#583 by Felix Dörre all credits belongs to 
    him. CVE-2020-4067
- Let coturn allow binding to ports below 1024 per default

OBS-URL: https://build.opensuse.org/request/show/817809
OBS-URL: https://build.opensuse.org/package/show/network:telephony/coturn?expand=0&rev=10
2020-06-30 08:03:55 +00:00

88 lines
4.1 KiB
Plaintext
Raw Blame History

-------------------------------------------------------------------
Tue Jun 30 07:54:01 UTC 2020 - Johannes Weberhofer <jweberhofer@weberhofer.at>
- Version 4.5.1.3:
* Remove reference to SSLv3: gh#coturn/coturn#566
* Ignore MD5 for BoringSSL: gh#coturn/coturn#579
* STUN response buffer not initialized properly; he issue found and
reported gh#coturn/coturn#583 by Felix Dörre all credits belongs to
him. CVE-2020-4067
- Let coturn allow binding to ports below 1024 per default
-------------------------------------------------------------------
Mon May 4 12:58:39 UTC 2020 - Johannes Weberhofer <jweberhofer@weberhofer.at>
- Extended Readme.SUSE with description on how to bind to ports below 1024
- Fixes and enhancements in service-file
- /etc/sysconfig/coturn defaults now to not show software's version to the public
- Version 4.5.1.2:
* Do not display empty CLI passwd alert if CLI is not enabled
* Removed several functions: gh#coturn/coturn#359
* Fix webadmin IP permission and possible SQL-injections: gh#coturn/coturn#386
* Fix Mongo driver crash on invalid connection string: gh#coturn/coturn#390
* enhanced fread return length check: gh#coturn/coturn#392
* disconnect database gracefully: #367
* Using SSL_get_version method for BoringSSL compatibility:
turn_session_info->tls_method returns real TLS version:
gh#coturn/coturn#382
* Added systemd service example: gh#coturn/coturn#276
* Add bandwidth usage reporting packet/bandwidth usage by peers:
gh#coturn/coturn#284
* Modifying configure to enable compile with private libraries:
gh#coturn/coturn#381
* Append to log files rather than overriding them: gh#coturn/coturn#417
* Updated incorrect string length check for 'ssh': gh#coturn/coturn#442
* Fix Dockerfile for latest Debian: gh#coturn/coturn#449
* CVE-2020-6061, CVE-2020-6062: specially crafted HTTP POST request can lead
to heap overflow which can result in information leak:
gh#coturn/coturn#489
* STUN input validation: gh#coturn/coturn#472
* Allow MD5 in FIPS mode: gh#coturn/coturn#398
* update travis config ubuntu/mac images
* added null check for second char: gh#coturn/coturn#466
* compiler warning fixes: gh#coturn/coturn#470
* Fix a memory leak when an SHATYPE isn't supported: gh#coturn/coturn#471
* fix compiler warning comparison between signed and unsigned integer expressions
* fix compiler warning string truncation
* change Diffie Hellman default key length from 1066 to 2066
* drop of supplementary group IDs: gh#coturn/coturn#522
* Unify spelling of Coturn: gh#coturn/coturn#514
* Rename "prod" config option to "no-software-attribute": gh#coturn/coturn#506
gh#coturn/coturn#478
* change sql data dir in docker-compose-all.yml: gh#coturn/coturn#516
* add flags to disable periodic use of dynamic tables: gh#coturn/coturn#525
* fix typos and grammar: gh#coturn/coturn#463, gh#coturn/coturn#488
* Update README.docker: gh#coturn/coturn#475
* fix config extension in README.docker: gh#coturn/coturn#519
* Code beautifications: gh#coturn/coturn#327, gh#coturn/coturn#455,
gh#coturn/coturn#513
- Removed patches now included in upstream: coturn-4.5.1.0-append-log.patch,
coturn-4.5.1.1-cve-2020-6061.patch, coturn-4.5.1.1-cve-2020-6062.patch and
coturn-4.5.1.1.missing-call-to-setgroups-before-setuid.patch
-------------------------------------------------------------------
Tue Apr 14 18:38:59 UTC 2020 - lars@linux-schulserver.de
- added apparmor profile (coturn-apparmor-usr.bin.turnserver)
- fix executable permissions in devel package by using defattr
-------------------------------------------------------------------
Sun Apr 12 05:47:04 UTC 2020 - Johannes Weberhofer <jweberhofer@weberhofer.at>
- Use pkgconfig(systemd) for packaging
-------------------------------------------------------------------
Sat Apr 11 20:17:07 UTC 2020 - Jan Engelhardt <jengelh@inai.de>
- Shorten description by stripping the long list of all RFCs.
- Drop %defattr; use %autosetup.
-------------------------------------------------------------------
Thu Apr 9 10:57:37 UTC 2020 - Johannes Weberhofer <jweberhofer@weberhofer.at>
- Initial release of coturn 4.5.1.1
Reference in New Issue View Git Blame Copy Permalink