--------------------------------------------------------------------------------
Fedora EPEL Update Notification
FEDORA-EPEL-2020-ebecd0eb91
2020-06-01 01:01:15.594238
--------------------------------------------------------------------------------
Name : coturn
Product : Fedora EPEL 7
Version : 4.5.1.2
Release : 1.el7
URL :
https://github.com/coturn/coturn/
Summary : TURN/STUN & ICE Server
Description :
The Coturn TURN Server is a VoIP media traffic NAT traversal server and gateway.
It can be used as a general-purpose network traffic TURN server/gateway, too.
This implementation also includes some extra features. Supported RFCs:
TURN specs:
- RFC 5766 - base TURN specs
- RFC 6062 - TCP relaying TURN extension
- RFC 6156 - IPv6 extension for TURN
- Experimental DTLS support as client protocol.
STUN specs:
- RFC 3489 - "classic" STUN
- RFC 5389 - base "new" STUN specs
- RFC 5769 - test vectors for STUN protocol testing
- RFC 5780 - NAT behavior discovery support
The implementation fully supports the following client-to-TURN-server protocols:
- UDP (per RFC 5766)
- TCP (per RFC 5766 and RFC 6062)
- TLS (per RFC 5766 and RFC 6062); TLS1.0/TLS1.1/TLS1.2
- DTLS (experimental non-standard feature)
Supported relay protocols:
- UDP (per RFC 5766)
- TCP (per RFC 6062)
Supported user databases (for user repository, with passwords or keys, if
authentication is required):
- SQLite
- MySQL
- PostgreSQL
- Redis
Redis can also be used for status and statistics storage and notification.
Supported TURN authentication mechanisms:
- long-term
- TURN REST API (a modification of the long-term mechanism, for time-limited
secret-based authentication, for WebRTC applications)
The load balancing can be implemented with the following tools (either one or a
combination of them):
- network load-balancer server
- DNS-based load balancing
- built-in ALTERNATE-SERVER mechanism.
--------------------------------------------------------------------------------
Update Information:
Coturn 4.5.1.2 ============== - merge regression fix: * Do not display
empty CLI passwd alert if CLI is not enabled - merge PR #359: * Remove
`turn_free_simple()` * Remove `turn_malloc()` * Remove `turn_realloc()`
* Remove `turn_free()` * Remove `turn_calloc()` * Remove `turn_strdup()`
* Remove `SSL_NEW()` and `SSL_FREE()` * Remove pointer debugging machinery
* Remove `ns_bzero()`, `ns_bcopy()`, and `ns_bcmp()` * Remove
`[su]{08,16,32,64}bits` type defines - merge PR #327 * Strip white-spaces
from config file lines end - merge PR #386 * fix the webadmin ip
permission add/delete sql injection - merge PR #390 * fix mongo driver
crash when invalid connection string is used - merge PR #392 enhanced fread
return length check - merge PR #367 disconnect database gracefully - merge
PR #382 * Using `SSL_get_version` method for BoringSSL compatibility *
Now we put in `turn_session_info->tls_method` the real TLS version. Earlier we
put UNKNOWN in this field if it was a TLS protocol that was not defined
supportel TLS protocol during compile time. - merge PR #276 Add systemd
service example - merge PR #284 Add bandwidth usage reporting packet/bandwidth
usage by peers - merge PR #381 Modifying configure to enable compile with
private libraries - merge PR #455 Typo corrected - merge PR #417 Append only
to log files rather to override them - merge PR #442 Updated incorrect string
length check for 'ssh' - merge PR #449 Fix Dockerfile for latest Debian -
http server NULL dereference * Reported (by
quarkslab.com, cisco/talos)
* CVE-2020-6061 / TALOS-2020-0984 - http server out of bound read *
Reported (by
quarkslab.com, cisco/talos) * CVE-2020-6061 / TALOS-2020-0984
- merge PR #472 STUN input validation - merge PR #398 FIPS - merge PR #478
prod - merge PR #463 fix typos and grammar - update travis config ubuntu/mac
images - merge PR #466 added null check for second char - merge PR #470
compiler warning fixes - merge PR #475 Update `README.docker` - merge PR
#471 Fix a memory leak when an SHATYPE isn't supported - merge PR #488 Fix
typos about `INSTALL` filenames - fix compiler warning comparison between
signed and unsigned integer expressions - fix compiler warning string
truncation - change Diffie Hellman default key length from 1066 to 2066 -
merge PR #522 drop of supplementary group IDs - merge PR #514 Unify spelling
of Coturn - merge PR#506 Rename "prod" config option to "no-software-
attribute" - merge PR #519 fix config extension in `README.docker` - merge
PR #516 change sql data dir in `docker-compose-all.yml` - merge PR #513 remove
trailing spaces from `README`s - merge PR #525 add flags to disable periodic
use of dynamic tables
--------------------------------------------------------------------------------
ChangeLog:
* Sat May 16 2020 Robert Scheck <robert(a)fedoraproject.org> - 4.5.1.2-1
- Update to 4.5.1.2
--------------------------------------------------------------------------------
This update can be installed with the "yum" update programs. Use
su -c 'yum update coturn' at the command line.
For more information, refer to "YUM", available at
https://access.redhat.com/documentation/en-US/Red_Hat_Enterprise_Linux/7\
/html/System_Administrators_Guide/ch-yum.html
All packages are signed with the Fedora EPEL GPG key. More details on the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/keys
--------------------------------------------------------------------------------