Back to coturn PTS page

Accepted coturn 4.5.1.0-1 (source) into unstable

To: debian-devel-changes@lists.debian.org
Subject: Accepted coturn 4.5.1.0-1 (source) into unstable
From: Mészáros Mihály <misi@majd.eu>
Date: Mon, 28 Jan 2019 13:04:40 +0000
Mail-followup-to: debian-devel@lists.debian.org
Message-id: <E1go6ae-000I1i-2o@fasolo.debian.org>
Reply-to: debian-devel@lists.debian.org

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

Format: 1.8
Date: Mon, 28 Jan 2019 13:16:57 +0100
Source: coturn
Architecture: source
Version: 4.5.1.0-1
Distribution: unstable
Urgency: medium
Maintainer: Debian VoIP Team <pkg-voip-maintainers@lists.alioth.debian.org>
Changed-By: Mészáros Mihály <misi@majd.eu>
Changes:
 coturn (4.5.1.0-1) unstable; urgency=medium
 .
   * Sync to upstream 4.5.1.0
     - Fix CVE-2018-4058: coTURN unsafe loopback forwarding
       default configuration vulnerability
       - by default loopback disabled
       - no-loopback option removed!
       - allow-loopback-peers option added
     - Fix CVE-2018-4056: coTURN Administrator Web Portal
       SQL injection vulnerability
       - Web admin disabled by default
       - Web admin could listen on separated IP and port
       - web-admin-ip option added
       - web-admin-port option added
       - Web admin is disabled on STUN/TURN ports.
       - web-admin-listen-on-workers option added
         to enable web-admin STUN/TURN ports
     - Fix CVE-2018-4059: coTURN server unsafe telnet admin
       portal default configuration vulnerability
       - An empty cli-password with an allow-loopback-peers option is prohibited.
     - fix memory leak in read_config_file
Checksums-Sha1:
 54c70cedf3314219b868037080954917d1cfd13a 2196 coturn_4.5.1.0-1.dsc
 6bebf3ba1b0f4370fae9045e190ef401074b095b 410893 coturn_4.5.1.0.orig.tar.gz
 f672a054bc2bcf20ef3cdda68e0d01650a134dec 10556 coturn_4.5.1.0-1.debian.tar.xz
 43afdf3a37406e76b406ac29638f30861fd0427c 7366 coturn_4.5.1.0-1_amd64.buildinfo
Checksums-Sha256:
 e4e7a29619c089f754b7d9f2fec668837b6695e8bbc8504f435e3d831f645d82 2196 coturn_4.5.1.0-1.dsc
 b84581a46dd40ad674f2905d680e9d0be9743fbbc001198dd498a584fd2fbd15 410893 coturn_4.5.1.0.orig.tar.gz
 8e6486316d8eaeb643c64e56d02855a699097137af6ed28229af9cf042113159 10556 coturn_4.5.1.0-1.debian.tar.xz
 bda501685725c9e3387680ad3d96acb6628746a3d622157cdcbf876eb35b9ebe 7366 coturn_4.5.1.0-1_amd64.buildinfo
Files:
 2f25a440e687d993283b03d2dd7d91cd 2196 net optional coturn_4.5.1.0-1.dsc
 cbb7f1f69845f7f46ba4a131d030aea6 410893 net optional coturn_4.5.1.0.orig.tar.gz
 585ae0ae942c4503b9e725ebc4e2b066 10556 net optional coturn_4.5.1.0-1.debian.tar.xz
 452a02473216a84ac414c8a176060def 7366 net optional coturn_4.5.1.0-1_amd64.buildinfo

-----BEGIN PGP SIGNATURE-----

iQIzBAEBCgAdFiEEwddEx0RNIUL7eugtOsj3Fkd+2yMFAlxO+HYACgkQOsj3Fkd+
2yOasxAAqJE74EKgSUJZCvnKHFETxi4wed7PH2X44qeRr/HNM0NR4eJGUDmp+DaR
GZpf2QFkoq2t0gtw5R/o/UNUTjZGfZsGIysH4rQLRB6zMmFwTBrLo1uwva45swHN
cS7Tek1UAAR5Mh4ejOwX6Brm/BvunU0OLFLpbkc3S+tm/+TLH9h1jb0z2JxUi1ut
7Cj5Y7DSzN9MKI7QLPx8uPebv1ZaNP5lmWMhBSuHHDyVlm17Eta1M39WaG07dL/H
9ZMH04kRcD//BPKZbqZMW6OswJ8VLcB+fWuCTbBrI89iLQ0hkneAEuhvBxe/ACIX
8AHzb0TLlmnp6+uqExpjMG6/kd3FgGHEM6aLCNjsZ6lhv4ditr/HdphRifAVwVCq
oBIYD6ELYhrYqUT/ClcVfBDSNjAKoMNi6IxlCm4rqoRo2mWHGrnl4RwUsccrQusG
FL11q/vaTLvfTSZE4Iii+awYAQmT2PQRwsbY8FC34dPdf+tjTlxsPMt3eaVuy8v9
nSrwSaYeV709wbl/X6wj7nzABixeGAJWdOQfnbgmObZQ2LeBhWfuBI0GlFTgLjJD
BQDviw2cxzIAu3dgOwS0SPBwqIoOHtRSRgoeBMjF5hhbu4ghB4SzBO34zKikaS6D
zXKujP1SDkunkITR8xe+YgUgypHsq1RPh+lozzB7dzqjZuu0v4w=
=NQL0
-----END PGP SIGNATURE-----