--------------------------------------------------------------------------------Fedora Update Notification
FEDORA-2021-dee141fc61
2021-01-20 01:31:19.232083
--------------------------------------------------------------------------------Name        : coturn
Product     : Fedora 33
Version     : 4.5.2
Release     : 1.fc33
URL         : https://github.com/coturn/coturn/
Summary     : TURN/STUN & ICE Server
Description :
The Coturn TURN Server is a VoIP media traffic NAT traversal server and gateway.
It can be used as a general-purpose network traffic TURN server/gateway, too.

This implementation also includes some extra features. Supported RFCs:

TURN specs:
- RFC 5766 - base TURN specs
- RFC 6062 - TCP relaying TURN extension
- RFC 6156 - IPv6 extension for TURN
- Experimental DTLS support as client protocol.

STUN specs:
- RFC 3489 - "classic" STUN
- RFC 5389 - base "new" STUN specs
- RFC 5769 - test vectors for STUN protocol testing
- RFC 5780 - NAT behavior discovery support

The implementation fully supports the following client-to-TURN-server protocols:
- UDP (per RFC 5766)
- TCP (per RFC 5766 and RFC 6062)
- TLS (per RFC 5766 and RFC 6062); TLS1.0/TLS1.1/TLS1.2
- DTLS (experimental non-standard feature)

Supported relay protocols:
- UDP (per RFC 5766)
- TCP (per RFC 6062)

Supported user databases (for user repository, with passwords or keys, if
authentication is required):
- SQLite
- MySQL
- PostgreSQL
- Redis

Redis can also be used for status and statistics storage and notification.

Supported TURN authentication mechanisms:
- long-term
- TURN REST API (a modification of the long-term mechanism, for time-limited
  secret-based authentication, for WebRTC applications)

The load balancing can be implemented with the following tools (either one or a
combination of them):
- network load-balancer server
- DNS-based load balancing
- built-in ALTERNATE-SERVER mechanism.

--------------------------------------------------------------------------------Update Information:

Coturn 4.5.2 ============    - Fix null pointer dereference in case of out of
memory   - Add prometheus metrics   - Delete trailing whitespace in example
configuration files   - Add architecture ppc64le to travis build   - Fix
misleading option in doc (prometheus)   - Allow RFC6062 TCP relay data to look
like TLS   - Add support for proxy protocol V1    - Print full date and time in
logs   - Add new options: "new-log-timestamp" and "new-log-timestamp-format"   -Do not use FIPS and remove hardcode `OPENSSL_VERSION_NUMBER` with LibreSSL   -Add ACME redirect url   - Support of `--acme-redirect `   - Fix acme
security, redundancy, consistency   - Disable binding request logging to avoid
DoS attacks (Breaking change!)     - Add new `--log-binding` option to enable
binding request logging   - Fix stale-nonce documentation   - Version number is
changed to semver 2.0   - pkg-config, and various cleanups in configure file   -Add systemd notification for better systemd integration   - Fix: Null pointer
dereference on tcp_client_input_handler_rfc6062data function   - Fix: use-after-free vulnerability on write_to_peerchannel function   - Fix: use-after-free
vulnerability on write_client_connection function   - Little refactoring
prometheus         - Fix c++ support       - Simplify         - Remove session
id/allocation labels         - Remove per session metrics   - Fix CVE-2020-26262
- Fix ipv6 ::1 loopback check     - Not allow allocate peer address 0.0.0.0/8
and ::/128     - For more details see the github security advisory:
https://github.com/coturn/coturn/security/advisories/GHSA-6g6j-r9rf-cm7p
--------------------------------------------------------------------------------ChangeLog:

* Mon Jan 11 2021 Robert Scheck  - 4.5.2-1
- Upgrade to 4.5.2 (#1914861)
* Sun Sep 27 2020 Christian Glombek  - 4.5.1.3-3
- Rebuilt for libevent 2.1.12 soname bump
--------------------------------------------------------------------------------References:

  [ 1 ] Bug #1915045 - CVE-2020-26262 coturn: Loopback access control bypass
        https://bugzilla.redhat.com/show_bug.cgi?id=1915045
--------------------------------------------------------------------------------This update can be installed with the "dnf" update program. Use
su -c 'dnf upgrade --advisory FEDORA-2021-dee141fc61' at the command
line. For more information, refer to the dnf documentation available at
https://dnf.readthedocs.io/en/latest/command_ref.html

All packages are signed with the Fedora Project GPG key. More details on the
GPG keys used by the Fedora Project can be found at
--------------------------------------------------------------------------------_______________________________________________
package-announce mailing list -- package-announce@lists.fedoraproject.org
To unsubscribe send an email to package-announce-leave@lists.fedoraproject.org
Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/
List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines
List Archives: https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/

Fedora 33: coturn 2021-dee141fc61

January 19, 2021
Coturn 4.5.2 memory - Add prometheus metrics - Delete trailing whitespace in example configuration files - Add architecture ppc64le to travis build - Fix misleading option in d...

Summary

The Coturn TURN Server is a VoIP media traffic NAT traversal server and gateway.

It can be used as a general-purpose network traffic TURN server/gateway, too.

This implementation also includes some extra features. Supported RFCs:

TURN specs:

- RFC 5766 - base TURN specs

- RFC 6062 - TCP relaying TURN extension

- RFC 6156 - IPv6 extension for TURN

- Experimental DTLS support as client protocol.

STUN specs:

- RFC 3489 - "classic" STUN

- RFC 5389 - base "new" STUN specs

- RFC 5769 - test vectors for STUN protocol testing

- RFC 5780 - NAT behavior discovery support

The implementation fully supports the following client-to-TURN-server protocols:

- UDP (per RFC 5766)

- TCP (per RFC 5766 and RFC 6062)

- TLS (per RFC 5766 and RFC 6062); TLS1.0/TLS1.1/TLS1.2

- DTLS (experimental non-standard feature)

Supported relay protocols:

- UDP (per RFC 5766)

- TCP (per RFC 6062)

Supported user databases (for user repository, with passwords or keys, if

authentication is required):

- SQLite

- MySQL

- PostgreSQL

- Redis

Redis can also be used for status and statistics storage and notification.

Supported TURN authentication mechanisms:

- long-term

- TURN REST API (a modification of the long-term mechanism, for time-limited

secret-based authentication, for WebRTC applications)

The load balancing can be implemented with the following tools (either one or a

combination of them):

- network load-balancer server

- DNS-based load balancing

- built-in ALTERNATE-SERVER mechanism.

Coturn 4.5.2 ============ - Fix null pointer dereference in case of out of

memory - Add prometheus metrics - Delete trailing whitespace in example

configuration files - Add architecture ppc64le to travis build - Fix

misleading option in doc (prometheus) - Allow RFC6062 TCP relay data to look

like TLS - Add support for proxy protocol V1 - Print full date and time in

logs - Add new options: "new-log-timestamp" and "new-log-timestamp-format" -Do not use FIPS and remove hardcode `OPENSSL_VERSION_NUMBER` with LibreSSL -Add ACME redirect url - Support of `--acme-redirect ` - Fix acme

security, redundancy, consistency - Disable binding request logging to avoid

DoS attacks (Breaking change!) - Add new `--log-binding` option to enable

binding request logging - Fix stale-nonce documentation - Version number is

changed to semver 2.0 - pkg-config, and various cleanups in configure file -Add systemd notification for better systemd integration - Fix: Null pointer

dereference on tcp_client_input_handler_rfc6062data function - Fix: use-after-free vulnerability on write_to_peerchannel function - Fix: use-after-free

vulnerability on write_client_connection function - Little refactoring

prometheus - Fix c++ support - Simplify - Remove session

id/allocation labels - Remove per session metrics - Fix CVE-2020-26262

- Fix ipv6 ::1 loopback check - Not allow allocate peer address 0.0.0.0/8

and ::/128 - For more details see the github security advisory:

https://github.com/coturn/coturn/security/advisories/GHSA-6g6j-r9rf-cm7p

* Mon Jan 11 2021 Robert Scheck - 4.5.2-1

- Upgrade to 4.5.2 (#1914861)

* Sun Sep 27 2020 Christian Glombek - 4.5.1.3-3

- Rebuilt for libevent 2.1.12 soname bump

[ 1 ] Bug #1915045 - CVE-2020-26262 coturn: Loopback access control bypass

https://bugzilla.redhat.com/show_bug.cgi?id=1915045

su -c 'dnf upgrade --advisory FEDORA-2021-dee141fc61' at the command

line. For more information, refer to the dnf documentation available at

https://dnf.readthedocs.io/en/latest/command_ref.html

All packages are signed with the Fedora Project GPG key. More details on the

GPG keys used by the Fedora Project can be found at

package-announce mailing list -- package-announce@lists.fedoraproject.org

To unsubscribe send an email to package-announce-leave@lists.fedoraproject.org

Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/

List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines

List Archives: https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/

FEDORA-2021-dee141fc61 2021-01-20 01:31:19.232083 Product : Fedora 33 Version : 4.5.2 Release : 1.fc33 URL : https://github.com/coturn/coturn/ Summary : TURN/STUN & ICE Server Description : The Coturn TURN Server is a VoIP media traffic NAT traversal server and gateway. It can be used as a general-purpose network traffic TURN server/gateway, too. This implementation also includes some extra features. Supported RFCs: TURN specs: - RFC 5766 - base TURN specs - RFC 6062 - TCP relaying TURN extension - RFC 6156 - IPv6 extension for TURN - Experimental DTLS support as client protocol. STUN specs: - RFC 3489 - "classic" STUN - RFC 5389 - base "new" STUN specs - RFC 5769 - test vectors for STUN protocol testing - RFC 5780 - NAT behavior discovery support The implementation fully supports the following client-to-TURN-server protocols: - UDP (per RFC 5766) - TCP (per RFC 5766 and RFC 6062) - TLS (per RFC 5766 and RFC 6062); TLS1.0/TLS1.1/TLS1.2 - DTLS (experimental non-standard feature) Supported relay protocols: - UDP (per RFC 5766) - TCP (per RFC 6062) Supported user databases (for user repository, with passwords or keys, if authentication is required): - SQLite - MySQL - PostgreSQL - Redis Redis can also be used for status and statistics storage and notification. Supported TURN authentication mechanisms: - long-term - TURN REST API (a modification of the long-term mechanism, for time-limited secret-based authentication, for WebRTC applications) The load balancing can be implemented with the following tools (either one or a combination of them): - network load-balancer server - DNS-based load balancing - built-in ALTERNATE-SERVER mechanism. Coturn 4.5.2 ============ - Fix null pointer dereference in case of out of memory - Add prometheus metrics - Delete trailing whitespace in example configuration files - Add architecture ppc64le to travis build - Fix misleading option in doc (prometheus) - Allow RFC6062 TCP relay data to look like TLS - Add support for proxy protocol V1 - Print full date and time in logs - Add new options: "new-log-timestamp" and "new-log-timestamp-format" -Do not use FIPS and remove hardcode `OPENSSL_VERSION_NUMBER` with LibreSSL -Add ACME redirect url - Support of `--acme-redirect ` - Fix acme security, redundancy, consistency - Disable binding request logging to avoid DoS attacks (Breaking change!) - Add new `--log-binding` option to enable binding request logging - Fix stale-nonce documentation - Version number is changed to semver 2.0 - pkg-config, and various cleanups in configure file -Add systemd notification for better systemd integration - Fix: Null pointer dereference on tcp_client_input_handler_rfc6062data function - Fix: use-after-free vulnerability on write_to_peerchannel function - Fix: use-after-free vulnerability on write_client_connection function - Little refactoring prometheus - Fix c++ support - Simplify - Remove session id/allocation labels - Remove per session metrics - Fix CVE-2020-26262 - Fix ipv6 ::1 loopback check - Not allow allocate peer address 0.0.0.0/8 and ::/128 - For more details see the github security advisory: https://github.com/coturn/coturn/security/advisories/GHSA-6g6j-r9rf-cm7p * Mon Jan 11 2021 Robert Scheck - 4.5.2-1 - Upgrade to 4.5.2 (#1914861) * Sun Sep 27 2020 Christian Glombek - 4.5.1.3-3 - Rebuilt for libevent 2.1.12 soname bump [ 1 ] Bug #1915045 - CVE-2020-26262 coturn: Loopback access control bypass https://bugzilla.redhat.com/show_bug.cgi?id=1915045 su -c 'dnf upgrade --advisory FEDORA-2021-dee141fc61' at the command line. For more information, refer to the dnf documentation available at https://dnf.readthedocs.io/en/latest/command_ref.html All packages are signed with the Fedora Project GPG key. More details on the GPG keys used by the Fedora Project can be found at package-announce mailing list -- package-announce@lists.fedoraproject.org To unsubscribe send an email to package-announce-leave@lists.fedoraproject.org Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/

Change Log

References

Update Instructions

Severity
Product : Fedora 33
Version : 4.5.2
Release : 1.fc33
URL : https://github.com/coturn/coturn/
Summary : TURN/STUN & ICE Server

Related News

24.Key Code Esm H320
2 - 3 min read
The Akira ransomware group has extorted approximately $42 million from over 250 victims since January 1, 2024. The group initially focused on
5.ShakingHands Esm H320
2 - 3 min read
At The Linux Foundation's Open Source Summit North America , Linus Torvalds, the creator of Linux, discussed various topics related to Linux
30.Lock Globe Motherboard Esm H320
1 - 2 min read
The SPDX 3.0 release marks a significant milestone in software management, particularly for Linux admins, infosec professionals, internet security
11.Locks IsometricPattern Esm H320
2 - 3 min read
Open Source maintainers and developers have been warned about the continued wave of attacks aimed at project maintainers similar to those recently
28.Lock Globe Esm H320
1 - 2 min read
A resurgence of cyberattacks targeting Linux systems in Asian campaigns through the utilization of the Pupy Remote Access Trojan (RAT) has been
27.Tablet Connections Blocks Lock Esm H320
2 - 4 min read
Canonical has recently announced the Beta release of Ubuntu Linux 24.04 LTS , codenamed "Noble Numbat." This release aims to continue Ubuntu's
21.Globe RadiatingCode Esm H320
2 - 3 min read
The open-source movement has come a long way, from its origins in the 1960s and 1970s to becoming an integral part of organizations worldwide.
13.Lock StylizedMotherboard Esm H320
2 - 3 min read
The Rust-based Edera project demonstrates a unique approach to container security that addresses cloud-native computing challenges. Let's examine
Sign Up

Get the Latest News & Insights

Sign up to get the latest security news affecting Linux and open source delivered straight to your inbox.

© 2024 Guardian Digital, Inc All Rights Reserved