coturn_4.5.1.0-1_source.changes ACCEPTED into unstable
Debian FTP Masters
ftpmaster at ftp-master.debian.org
Mon Jan 28 13:04:40 GMT 2019
Accepted:
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512
Format: 1.8
Date: Mon, 28 Jan 2019 13:16:57 +0100
Source: coturn
Architecture: source
Version: 4.5.1.0-1
Distribution: unstable
Urgency: medium
Maintainer: Debian VoIP Team <pkg-voip-maintainers at lists.alioth.debian.org>
Changed-By: Mészáros Mihály <misi at majd.eu>
Changes:
coturn (4.5.1.0-1) unstable; urgency=medium
.
* Sync to upstream 4.5.1.0
- Fix CVE-2018-4058: coTURN unsafe loopback forwarding
default configuration vulnerability
- by default loopback disabled
- no-loopback option removed!
- allow-loopback-peers option added
- Fix CVE-2018-4056: coTURN Administrator Web Portal
SQL injection vulnerability
- Web admin disabled by default
- Web admin could listen on separated IP and port
- web-admin-ip option added
- web-admin-port option added
- Web admin is disabled on STUN/TURN ports.
- web-admin-listen-on-workers option added
to enable web-admin STUN/TURN ports
- Fix CVE-2018-4059: coTURN server unsafe telnet admin
portal default configuration vulnerability
- An empty cli-password with an allow-loopback-peers option is prohibited.
- fix memory leak in read_config_file
Checksums-Sha1:
54c70cedf3314219b868037080954917d1cfd13a 2196 coturn_4.5.1.0-1.dsc
6bebf3ba1b0f4370fae9045e190ef401074b095b 410893 coturn_4.5.1.0.orig.tar.gz
f672a054bc2bcf20ef3cdda68e0d01650a134dec 10556 coturn_4.5.1.0-1.debian.tar.xz
43afdf3a37406e76b406ac29638f30861fd0427c 7366 coturn_4.5.1.0-1_amd64.buildinfo
Checksums-Sha256:
e4e7a29619c089f754b7d9f2fec668837b6695e8bbc8504f435e3d831f645d82 2196 coturn_4.5.1.0-1.dsc
b84581a46dd40ad674f2905d680e9d0be9743fbbc001198dd498a584fd2fbd15 410893 coturn_4.5.1.0.orig.tar.gz
8e6486316d8eaeb643c64e56d02855a699097137af6ed28229af9cf042113159 10556 coturn_4.5.1.0-1.debian.tar.xz
bda501685725c9e3387680ad3d96acb6628746a3d622157cdcbf876eb35b9ebe 7366 coturn_4.5.1.0-1_amd64.buildinfo
Files:
2f25a440e687d993283b03d2dd7d91cd 2196 net optional coturn_4.5.1.0-1.dsc
cbb7f1f69845f7f46ba4a131d030aea6 410893 net optional coturn_4.5.1.0.orig.tar.gz
585ae0ae942c4503b9e725ebc4e2b066 10556 net optional coturn_4.5.1.0-1.debian.tar.xz
452a02473216a84ac414c8a176060def 7366 net optional coturn_4.5.1.0-1_amd64.buildinfo
-----BEGIN PGP SIGNATURE-----
iQIzBAEBCgAdFiEEwddEx0RNIUL7eugtOsj3Fkd+2yMFAlxO+HYACgkQOsj3Fkd+
2yOasxAAqJE74EKgSUJZCvnKHFETxi4wed7PH2X44qeRr/HNM0NR4eJGUDmp+DaR
GZpf2QFkoq2t0gtw5R/o/UNUTjZGfZsGIysH4rQLRB6zMmFwTBrLo1uwva45swHN
cS7Tek1UAAR5Mh4ejOwX6Brm/BvunU0OLFLpbkc3S+tm/+TLH9h1jb0z2JxUi1ut
7Cj5Y7DSzN9MKI7QLPx8uPebv1ZaNP5lmWMhBSuHHDyVlm17Eta1M39WaG07dL/H
9ZMH04kRcD//BPKZbqZMW6OswJ8VLcB+fWuCTbBrI89iLQ0hkneAEuhvBxe/ACIX
8AHzb0TLlmnp6+uqExpjMG6/kd3FgGHEM6aLCNjsZ6lhv4ditr/HdphRifAVwVCq
oBIYD6ELYhrYqUT/ClcVfBDSNjAKoMNi6IxlCm4rqoRo2mWHGrnl4RwUsccrQusG
FL11q/vaTLvfTSZE4Iii+awYAQmT2PQRwsbY8FC34dPdf+tjTlxsPMt3eaVuy8v9
nSrwSaYeV709wbl/X6wj7nzABixeGAJWdOQfnbgmObZQ2LeBhWfuBI0GlFTgLjJD
BQDviw2cxzIAu3dgOwS0SPBwqIoOHtRSRgoeBMjF5hhbu4ghB4SzBO34zKikaS6D
zXKujP1SDkunkITR8xe+YgUgypHsq1RPh+lozzB7dzqjZuu0v4w=
=NQL0
-----END PGP SIGNATURE-----
Thank you for your contribution to Debian.
More information about the Pkg-voip-maintainers
mailing list