coturn 4.5.1.0-1 source package in Ubuntu
Changelog
coturn (4.5.1.0-1) unstable; urgency=medium
* Sync to upstream 4.5.1.0
- Fix CVE-2018-4058: coTURN unsafe loopback forwarding
default configuration vulnerability
- by default loopback disabled
- no-loopback option removed!
- allow-loopback-peers option added
- Fix CVE-2018-4056: coTURN Administrator Web Portal
SQL injection vulnerability
- Web admin disabled by default
- Web admin could listen on separated IP and port
- web-admin-ip option added
- web-admin-port option added
- Web admin is disabled on STUN/TURN ports.
- web-admin-listen-on-workers option added
to enable web-admin STUN/TURN ports
- Fix CVE-2018-4059: coTURN server unsafe telnet admin
portal default configuration vulnerability
- An empty cli-password with an allow-loopback-peers option is prohibited.
- fix memory leak in read_config_file
-- Mészáros Mihály <email address hidden> Mon, 28 Jan 2019 13:16:57 +0100
Upload details
- Uploaded by:
- Debian VoIP Team
- Uploaded to:
- Sid
- Original maintainer:
- Debian VoIP Team
- Architectures:
- any
- Section:
- misc
- Urgency:
- Medium Urgency
See full publishing history Publishing
| Series | Published | Component | Section |
|---|
Downloads
| File | Size | SHA-256 Checksum |
|---|---|---|
| coturn_4.5.1.0-1.dsc | 2.1 KiB | e4e7a29619c089f754b7d9f2fec668837b6695e8bbc8504f435e3d831f645d82 |
| coturn_4.5.1.0.orig.tar.gz | 401.3 KiB | b84581a46dd40ad674f2905d680e9d0be9743fbbc001198dd498a584fd2fbd15 |
| coturn_4.5.1.0-1.debian.tar.xz | 10.3 KiB | 8e6486316d8eaeb643c64e56d02855a699097137af6ed28229af9cf042113159 |
Available diffs
No changes file available.
Binary packages built by this source
- coturn: No summary available for coturn in ubuntu disco.
No description available for coturn in ubuntu disco.
- coturn-dbgsym: No summary available for coturn-dbgsym in ubuntu disco.
No description available for coturn-dbgsym in ubuntu disco.
