Change log for coturn package in Debian
1 → 56 of 56 results | First • Previous • Next • Last |
coturn (4.6.1-2) unstable; urgency=medium * Team upload * [72b4051] gbp: Remove DEFAULT rules * [e8cd8e1] Use common VoIP Team name * [5c6af2b] Link to common team Vcs (Closes: #960919) * [115af22] Drop default CI config * [f63dcdf] Fix lintian: depends-on-obsolete-package * [062f3bf] Drop useless lintian overrides * [22048fc] d/copyright: clean up -- Bastian Germann <email address hidden> Sat, 13 Apr 2024 13:50:36 +0000
Available diffs
coturn (4.6.1-1) unstable; urgency=medium * Team upload. * New upstream release. -- Dominik George <email address hidden> Sun, 05 Feb 2023 11:03:55 +0100
Available diffs
coturn (4.5.2-3.1) unstable; urgency=medium * Non-maintainer upload. * [518094e] New No-FIPS-140-mode.patch fixes build against OpenSSL 3.0 (Closes: #995659, LP: #1967018) -- Nicholas Guriev <email address hidden> Thu, 02 Jun 2022 13:36:34 +0300
coturn (4.5.2-3) unstable; urgency=medium [ Ferenc Wágner ] * [50ab417] Don't rely on the documentation being present for creating the DB. Dpkg may be configured to omit installing files under /usr/share/doc. Since the database schema is shipped in a private directory as well, switch to using that instance instead. (Closes: #985054) * [6f94ecb] Let the purge go through under unforeseen circumstances * [d8f0a0a] Let debhelper do its business before the final cleanup * [4033c69] Make the SQLite database writable by the turnserver user and group. File permissions alone aren't enough, the containing directory needs to be writable as well. * [81731d8] Ship the empty /var/lib/turndb directory for better discoverability * [34a2b34] Split up our autopkgtest into several tests [ Mészáros Mihály ] * [1666988] Add forwarded not-needed to Fix-undefinded-OPENSSL_VERSION_1_1_1.patch -- Mészáros Mihály <email address hidden> Wed, 24 Mar 2021 20:30:23 +0100
Available diffs
- diff from 4.5.2-2 to 4.5.2-3 (2.2 KiB)
coturn (4.5.2-2) unstable; urgency=medium [ Michael Prokop ] * [059ff0a] debian/coturn.postrm: fix check for dpkg-statoverride on package removal. This fixes a regression introduced in commit b9a4a8. While at it, also move the statoverride removal before the account removal. (Closes: #981330) [ Ferenc Wágner ] * [e991e26] Enroll to basic Salsa-CI [ Mészáros Mihály ] * [3505b22] HotFix upstream undefinded OPENSSL_VERSION_1_1_1 * [20f9a9e] Add tls test to debian autopkgtest -- Mészáros Mihály <email address hidden> Wed, 10 Feb 2021 22:03:27 +0100
Available diffs
- diff from 4.5.2-1 to 4.5.2-2 (1.8 KiB)
Published in buster-release |
coturn (4.5.1.1-1.1+deb10u2) buster-security; urgency=high * [c750a89] Fix-CVE-2020-26262-Enable-Security - Fix ipv6 ::1 loopback check - Not allow allocate peer address 0.0.0.0/8 and ::/128 -- Mészáros Mihály <email address hidden> Tue, 15 Dec 2020 17:23:34 +0100
coturn (4.5.2-1) unstable; urgency=high * [49df393] New upstream release (4.5.2) - fix null pointer dereference in case of out of memory.(by Thomas Moeller) - merge PR #517 (by wolmi) add prometheus metrics - merge PR #637 (by David Florness) Delete trailing whitespace in example configuration files - merge PR #631 (by Debabrata Deka) Add architecture ppc64le to travis build - merge PR #627 (by Samuel) Fix misleading option in doc (prometheus) - merge PR #643 (by tupelo-schneck) Allow RFC6062 TCP relay data to look like TLS - merge PR #655 (by plinss) Add support for proxy protocol V1 - merge PR #618 (by Paul Wayper) Print full date and time in logs Add new options: "new-log-timestamp" and "new-log-timestamp-format" - merge PR #599 (by Cédric Krier) Do not use FIPS and remove hardcode OPENSSL_VERSION_NUMBER with LibreSSL - update Docker mongoDB and fix with workaround the missing systemctl - merge PR #660 (by Camden Narzt) fix compilation on macOS Big Sur - merge PR #546 #551 #672 (by jelmd) Add support of --acme-redirect <URL> fix acme security, redundancy, consistency - Disable binding request logging to avoid DoS attacks.(Breaking change!) Add new --log-binding option to enable binding request logging - Fix stale-nonce documentation. Resolves #604 - Version numbering is changed to semver 2.0 - Merge PR #288 (by Hristo Venev) pkg-config, and various cleanups in configure file - Add systemd notification for better systemd integration - Fix Issue #621 (by ycaibb) Null pointer dereference on tcp_client_input_handler_rfc6062data function - Fix Issue #600 (by ycaibb) use-after-free vulnerability on write_to_peerchannel function - Fix Issue #601 (by ycaibb) use-after-free vulnerability on write_client_connection function - Little refactoring prometheus Fix c++ support Simplify (as agreed in Issue #666) Remove session id/allocation labels Remove per session metrics. We should later add more counters. - Fix CVE-2020-26262 (credits: Enable-Security) Fix ipv6 ::1 loopback check Not allow allocate peer address 0.0.0.0/8 and ::/128 For more details see the github security advisory: https://github.com/coturn/coturn/security/advisories/GHSA-6g6j-r9rf-cm7p * [f0c1753] Change coturn service type to systemd notify (Closes: #934513) * [f9b9547] Add libsystemd-dev to build dependency * [5a811b1] Update watch version to 4 * [c0a645e] Update Debian Standards to 4.5.1 * [e429100] Patch not-needed to forwarded to upstream * [bc56267] Add pkg-config to build dependency * [bd98206] Postrm remove dir /var/lib/turn * [8c58afe] Change sqlite db permissions. Change owner to turnserver:turnserver and mode 660 (Closes: #930097) * [b9a4a8b] Change config file permissions. Change owner to root:turnserver and mode 640 (Closes: #954379) * [3e85092] init.d script drop root privileges (Closes: 904415) * [24eb87a] Add info about binding privileged ports (Closes: #964009) * [136a8a2] Disable pid file creation -- Mészáros Mihály <email address hidden> Mon, 11 Jan 2021 20:05:38 +0100
Available diffs
Superseded in buster-release |
coturn (4.5.1.1-1.1+deb10u1) buster-security; urgency=high * Non-maintainer upload by the Security Team. * specially crafted HTTP POST request can lead to heap overflow which can result in information leak (CVE-2020-6061) (Closes: #951876) * specially crafted HTTP POST request can lead to server crash and denial of service (CVE-2020-6062) (Closes: #951876) * init with zero any new or reused stun buffers (CVE-2020-4067) -- Salvatore Bonaccorso <email address hidden> Fri, 26 Jun 2020 10:49:56 +0200
Published in stretch-release |
coturn (4.5.0.5-1+deb9u2) stretch-security; urgency=high * Non-maintainer upload by the Security Team. * specially crafted HTTP POST request can lead to heap overflow which can result in information leak (CVE-2020-6061) (Closes: #951876) * specially crafted HTTP POST request can lead to server crash and denial of service (CVE-2020-6062) (Closes: #951876) * init with zero any new or reused stun buffers (CVE-2020-4067) -- Salvatore Bonaccorso <email address hidden> Fri, 26 Jun 2020 13:49:31 +0200
coturn (4.5.1.3-1) unstable; urgency=medium * [ec640a2] New upstream release (4.5.1.3) - Fixes CVE-2020-6061 heap overflow vulnerability Crafted HTTP POST request can lead to information leaks and other misbehavior - Fixes CVE-2020-6062 denial-of-service vulnerability Crafted HTTP POST request can lead to server crash and denial of service - Fixes CVE-2020-4067 STUN response buffer not initialized One client (an attacker) could use their connection to intelligently query coturn server to get interesting bytes in the padding bytes from the connection of another client - Tidy, and remove compatibility layers * Remove turn_free_simple * Remove turn_malloc() * Remote turn_realloc() * Remote turn_free() * Remove turn_calloc() * Remove turn_strdup() * Remove SSL_NEW() and SSL_FREE() * Remove pointer debugging machinery * Remove ns_bzero(), ns_bcopy(), and ns_bcmp() * Remove [su]{08,16,32,64}bits type defines - Fix the webadmin ip permission add/delete sql injection - Fix mongo driver crash when invalid connection string is used - Change Diffie Hellman default key length from 1066 to 2066 - New test Certificate and test CA - Fixes in packaging (rpm, docker) * [1af9910] Remove patch for CVE 2020 6061+6062 * [82079ae] Update debehelper to debhelper-compat and ver 13 * [60997b6] Add Pre-Depends * [2830ed6] Add Rules-Requires-Root * [f648d45] Update metadata * [aca2929] Change Debian VoIP Team mailinglist * [f2f1398] exclude CA from examples and docs * [83c24b5] Add symlink turnutils_uclient > usr/bin/turnutils * [1f2cd31] migrate bin from turnserver to coturn, symlink -- Mészáros Mihály <email address hidden> Sat, 27 Jun 2020 17:24:51 +0200
Available diffs
- diff from 4.5.1.1-1.2 to 4.5.1.3-1 (189.0 KiB)
Superseded in sid-release |
coturn (4.5.1.1-1.2) unstable; urgency=medium * Non-maintainer upload. * Update Uploaders. (Closes: #953466) * Fix "CVE-2020-6061 CVE-2020-6062" by applying upstream patch. (Closes: #951876) -- Tobias Frost <email address hidden> Mon, 13 Apr 2020 18:49:12 +0200
Available diffs
coturn (4.5.1.1-1.1) unstable; urgency=medium * Non-maintainer upload. * Don't ship the (empty) /var/lib/turn/turndb SQLite database and generate it on-demand in the postinst instead, avoiding overwriting it on upgrade/reinstall. (Closes: #929269) -- Chris Lamb <email address hidden> Sun, 26 May 2019 15:11:04 +0100
Available diffs
- diff from 4.5.1.1-1 to 4.5.1.1-1.1 (990 bytes)
Superseded in stretch-release |
coturn (4.5.0.5-1+deb9u1) stretch-security; urgency=high * HotFix: for 3 vulnerabilities For more details see: - CVE-2018-4056 coTURN Administrator Web Portal SQL injection vulnerability Fix: Disable (hardcocded) web admin interface until 4.5.1.0, where it will be fixed more correctly. - CVE-2018-4058 coTURN TURN server unsafe loopback forwarding default configuration vulnerability Fix: Disable loopback-peer functionality by default. - CVE-2018-4059 coTURN server unsafe telnet admin portal default configuration vulnerability Fix: Disable telnet cli if the cli-password is empty. -- Mészáros Mihály <email address hidden> Mon, 21 Jan 2019 09:31:26 +0100
coturn (4.5.1.1-1) unstable; urgency=medium * [a13ba45] Fix: missing /etc/turnserver.conf * [8a03c32] Revert "Temporary prevent from failing" This reverts commit 218987f4256a8894e06d7876c434b1f37fd0785f. * [96ca6cb] New upstream release (4.5.1.1) (Closes: #916919) * [f399223] Set log to syslog * [7b135b2] Upgrde to debian-policy 4.3 -- Mészáros Mihály <email address hidden> Sun, 03 Mar 2019 00:38:30 +0100
Available diffs
coturn (4.5.1.0-1) unstable; urgency=medium * Sync to upstream 4.5.1.0 - Fix CVE-2018-4058: coTURN unsafe loopback forwarding default configuration vulnerability - by default loopback disabled - no-loopback option removed! - allow-loopback-peers option added - Fix CVE-2018-4056: coTURN Administrator Web Portal SQL injection vulnerability - Web admin disabled by default - Web admin could listen on separated IP and port - web-admin-ip option added - web-admin-port option added - Web admin is disabled on STUN/TURN ports. - web-admin-listen-on-workers option added to enable web-admin STUN/TURN ports - Fix CVE-2018-4059: coTURN server unsafe telnet admin portal default configuration vulnerability - An empty cli-password with an allow-loopback-peers option is prohibited. - fix memory leak in read_config_file -- Mészáros Mihály <email address hidden> Mon, 28 Jan 2019 13:16:57 +0100
Available diffs
coturn (4.5.0.8-1) unstable; urgency=medium [ Ferenc Wágner ] * [2239059] Adopt DEP-14 repo structure * [f670437] New upstream release (4.5.0.8) * [455044e] Remove misplaced example files [ Mészáros Mihály ] * [924e374] Add myself to uploader * [5505174] updated debian package - add <email address hidden> to uploaders - add upstream metadata - add systemd service file - update according policy to 4.2.1 - update urls from http to https - update override - update compat from 9 to 10 - install readme.txt to doc * [bc46839] wrap-and-sort -an * [a468320] Review systemd starter * [2db2918] Add info about systemd to README * [e932875] Service type change to simple * [a9e2953] Add autopkgtest * [8d6976e] change back to fork * [26f2b19] coturn daemon need few sec to setup listeners. It returns elaier after fork, than it has finsihed all listener setup. * [0c93a39] remove sleep from test * [6096e86] Configure pid * [232176f] Add comment why we need to sleep 2 sec * [0a32440] Remove turnserver alias * [36f88e7] Add full path to sleep (for backward compatibility). -- Mészáros Mihály <email address hidden> Tue, 18 Dec 2018 14:43:33 +0100
coturn (4.5.0.7-1) unstable; urgency=medium * Sync to upstream 4.5.0.7 -- Oleg Moskalenko <email address hidden> Sun, 10 Dec 2017 20:08:06 -0800
coturn (4.5.0.6-1) unstable; urgency=medium * Incompatibility with BoringSSL fixed -- Oleg Moskalenko <email address hidden> Sun, 26 Mar 2017 22:09:04 -0700
coturn (4.5.0.5-1) unstable; urgency=medium * Sync to upstream 4.5.0.5 -- Oleg Moskalenko <email address hidden> Sun, 16 Oct 2016 23:38:04 -0700
coturn (4.5.0.4-4) unstable; urgency=medium * trying to fix piuparts report -- Oleg Moskalenko <email address hidden> Tue, 23 Aug 2016 22:03:18 -0700
coturn (4.5.0.4-3) unstable; urgency=medium * trying to fix piuparts report -- Oleg Moskalenko <email address hidden> Mon, 22 Aug 2016 23:56:49 -0700
coturn (4.5.0.4-2) unstable; urgency=medium * Debian Policy upgraded to 3.9.8 -- Oleg Moskalenko <email address hidden> Mon, 22 Aug 2016 01:32:39 -0700
coturn (4.5.0.4-1) unstable; urgency=medium * OpenSSL compatibility (closes: #828271) -- Oleg Moskalenko <email address hidden> Mon, 22 Aug 2016 00:10:03 -0700
coturn (4.5.0.3-1) unstable; urgency=medium * SSLv3 support removed, closes: #804440 -- Oleg Moskalenko <email address hidden> Sun, 15 Nov 2015 23:38:46 -0800
Available diffs
- diff from 4.5.0.2-3 to 4.5.0.3-1 (5.2 KiB)
coturn (4.5.0.2-3) unstable; urgency=medium * Telnet package dependency fixed -- Oleg Moskalenko <email address hidden> Fri, 02 Oct 2015 23:47:29 -0700
Available diffs
- diff from 4.4.5.4-2 to 4.5.0.2-3 (14.7 KiB)
coturn (4.5.0.2-1) unstable; urgency=medium * DTLS segfault fixed -- Oleg Moskalenko <email address hidden> Wed, 30 Sep 2015 00:25:00 -0700
coturn (4.5.0.1-5) unstable; urgency=medium * Package for Sid -- Oleg Moskalenko <email address hidden> Mon, 28 Sep 2015 00:17:13 -0700
coturn (4.5.0.1-4) unstable; urgency=medium * Copyright fixed -- Oleg Moskalenko <email address hidden> Sat, 26 Sep 2015 20:55:13 -0700
coturn (4.5.0.1-3) unstable; urgency=medium * Typo fixed -- Oleg Moskalenko <email address hidden> Sat, 26 Sep 2015 18:06:31 -0700
coturn (4.5.0.1-1) unstable; urgency=low * Sync to upstream 4.5.0.1 -- Oleg Moskalenko <email address hidden> Sun, 20 Sep 2015 21:58:30 -0700
coturn (4.4.5.4-2) unstable; urgency=low * Github migration -- Oleg Moskalenko <email address hidden> Sun, 19 Jul 2015 14:10:51 -0700
Available diffs
- diff from 4.4.5.2-1 to 4.4.5.4-2 (10.5 KiB)
- diff from 4.4.5.3-1 to 4.4.5.4-2 (6.1 KiB)
coturn (4.4.5.3-1) unstable; urgency=low * sync to 4.4.5.3: security fix -- Oleg Moskalenko <email address hidden> Sun, 28 Jun 2015 20:35:15 -0700
Available diffs
- diff from 4.4.5.2-1 to 4.4.5.3-1 (5.8 KiB)
coturn (4.4.5.2-1) unstable; urgency=low * Sync to upstream 4.4.5.2 -- Oleg Moskalenko <email address hidden> Sat, 06 Jun 2015 01:07:27 -0700
Available diffs
- diff from 4.4.5.1-1 to 4.4.5.2-1 (3.1 KiB)
coturn (4.4.5.1-1) unstable; urgency=low * Sync to 4.4.5.1 upstream -- Oleg Moskalenko <email address hidden> Wed, 27 May 2015 00:17:29 -0700
Available diffs
- diff from 4.4.4.2-1 to 4.4.5.1-1 (30.2 KiB)
coturn (4.4.4.2-1) unstable; urgency=low * SCTP fixes. -- Oleg Moskalenko <email address hidden> Sun, 05 Apr 2015 21:24:55 -0700
Available diffs
- diff from 4.4.2.1-1 to 4.4.4.2-1 (24.3 KiB)
coturn (4.4.4.1-2) unstable; urgency=low * sctp example script added to install -- Oleg Moskalenko <email address hidden> Mon, 23 Mar 2015 23:44:00 -0700
coturn (4.4.2.3-1) unstable; urgency=low * Sync to upstream 4.4.2.3 -- Oleg Moskalenko <email address hidden> Thu, 05 Mar 2015 23:33:39 -0800
coturn (4.4.2.2-1) unstable; urgency=low * Sync to upstream 4.4.2.2: SQLite db schema bug fixed -- Oleg Moskalenko <email address hidden> Sun, 22 Feb 2015 21:14:19 -0800
coturn (4.4.2.1-1) unstable; urgency=low * Sync to the new upstream version: updated according to the new draft specs; bug fixes. -- Oleg Moskalenko <email address hidden> Sun, 08 Feb 2015 13:04:20 -0800
Available diffs
- diff from 4.4.1.2-1 to 4.4.2.1-1 (13.3 KiB)
coturn (4.4.1.2-1) unstable; urgency=low * Sync to 4.4.1.2 upstream -- Oleg Moskalenko <email address hidden> Sun, 01 Feb 2015 20:43:30 -0800
Available diffs
- diff from 4.4.1.1-2 to 4.4.1.2-1 (7.5 KiB)
coturn (4.4.1.1-2) unstable; urgency=low * source control info fixed -- Oleg Moskalenko <email address hidden> Fri, 30 Jan 2015 22:34:46 -0800
Available diffs
- diff from 4.4.1.1-1 to 4.4.1.1-2 (517 bytes)
coturn (4.4.1.1-1) unstable; urgency=low * Sync to 4.4.1.1: security fixes; https web admin connection. -- Oleg Moskalenko <email address hidden> Sun, 25 Jan 2015 01:50:44 -0800
Available diffs
- diff from 4.3.3.1-1 to 4.4.1.1-1 (80.1 KiB)
coturn (4.3.3.1-1) unstable; urgency=low * Sync to 4.3.3.1 -- Oleg Moskalenko <email address hidden> Wed, 24 Dec 2014 00:50:38 -0800
Available diffs
- diff from 4.3.2.2-1 to 4.3.3.1-1 (9.0 KiB)
coturn (4.3.2.2-1) unstable; urgency=low * Sync to 4.3.2.2 -- Oleg Moskalenko <email address hidden> Sun, 14 Dec 2014 22:06:24 -0800
Available diffs
- diff from 4.3.1.3-1 to 4.3.2.2-1 (14.0 KiB)
coturn (4.3.1.3-1) unstable; urgency=low * Sync to 4.3.1.3: a maintenance build. -- Oleg Moskalenko <email address hidden> Sun, 07 Dec 2014 22:50:45 -0800
Available diffs
- diff from 4.3.1.2-1 to 4.3.1.3-1 (7.7 KiB)
coturn (4.3.1.2-1) unstable; urgency=low * Sync to 4.3.1.2: SQLite DB installation fixed. -- Oleg Moskalenko <email address hidden> Sun, 23 Nov 2014 13:38:11 -0800
Available diffs
- diff from 4.3.1.1-1 to 4.3.1.2-1 (3.9 KiB)
coturn (4.3.1.1-1) unstable; urgency=low * Sync to 4.3.1.1: SQLite support added. -- Oleg Moskalenko <email address hidden> Sun, 23 Nov 2014 00:15:03 -0800
Available diffs
- diff from 4.2.3.1-1 to 4.3.1.1-1 (32.5 KiB)
coturn (4.2.3.1-1) unstable; urgency=low * Sync to 4.2.3.1 -- Oleg Moskalenko <email address hidden> Sun, 09 Nov 2014 22:56:18 -0800
Available diffs
- diff from 4.2.2.2-1 to 4.2.3.1-1 (8.3 KiB)
coturn (4.2.2.2-1) unstable; urgency=low * 1) Sync to 4.2.2.2; 2) UFW definitions added to the debian package. -- Oleg Moskalenko <email address hidden> Wed, 29 Oct 2014 23:49:49 -0700
Available diffs
- diff from 4.2.1.2-1 to 4.2.2.2-1 (20.5 KiB)
coturn (4.2.1.2-1) unstable; urgency=low * Sync to upstream 4.2.1.2 version: the oAuth support added. -- Oleg Moskalenko <email address hidden> Mon, 13 Oct 2014 00:52:06 -0700
Available diffs
- diff from 4.1.1.1-1 to 4.2.1.2-1 (57.4 KiB)
coturn (4.1.2.1-3) unstable; urgency=low * List of supported specs extended. -- Oleg Moskalenko <email address hidden> Tue, 02 Sep 2014 22:57:32 -0700
coturn (4.1.2.1-2) unstable; urgency=low * SVN source control tags changed to GIT -- Oleg Moskalenko <email address hidden> Tue, 02 Sep 2014 22:23:55 -0700
coturn (4.1.2.1-1) unstable; urgency=low * Sync to upstream 4.1.2.1 -- Oleg Moskalenko <email address hidden> Wed, 20 Aug 2014 22:23:56 -0700
coturn (4.1.1.1-1) unstable; urgency=low * Sync to upstream 4.1.1.1 -- Oleg Moskalenko <email address hidden> Thu, 31 Jul 2014 00:55:33 -0700
Available diffs
- diff from 4.1.0.2-1 to 4.1.1.1-1 (4.1 KiB)
coturn (4.1.0.2-1) unstable; urgency=low * Sync to upstream 4.1.0.2 -- Oleg Moskalenko <email address hidden> Tue, 22 Jul 2014 13:23:09 -0700
Available diffs
- diff from 4.0.0.0-1 to 4.1.0.2-1 (71.9 KiB)
coturn (4.0.0.0-1) unstable; urgency=low * Initial Debian release (Closes: #747010) -- Daniel Pocock <email address hidden> Wed, 07 May 2014 21:33:36 +0200
1 → 56 of 56 results | First • Previous • Next • Last |