commit coturn for openSUSE:Leap:15.2

root Thu, 07 May 2020 10:34:09 -0700

Hello community,

here is the log from the commit of package coturn for openSUSE:Leap:15.2 
checked in at 2020-05-07 19:28:27
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Comparing /work/SRC/openSUSE:Leap:15.2/coturn (Old)
 and      /work/SRC/openSUSE:Leap:15.2/.coturn.new.2738 (New)
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++


Package is "coturn"

Thu May  7 19:28:27 2020 rev:3 rq:801108 version:4.5.1.2

Changes:
--------
--- /work/SRC/openSUSE:Leap:15.2/coturn/coturn.changes  2020-04-21 
19:08:45.928140618 +0200
+++ /work/SRC/openSUSE:Leap:15.2/.coturn.new.2738/coturn.changes        
2020-05-07 19:33:59.122287785 +0200
@@ -1,0 +2,54 @@
+Mon May  4 12:58:39 UTC 2020 - Johannes Weberhofer <jweberho...@weberhofer.at>
+
+- Extended Readme.SUSE with description on how to bind to ports below 1024
+- Fixes and enhancements in service-file
+- /etc/sysconfig/coturn defaults now to not show software's version to the 
public
+
+- Version 4.5.1.2:
+  * Do not display empty CLI passwd alert if CLI is not enabled
+  * Removed several functions: gh#coturn/coturn#359
+  * Fix webadmin IP permission and possible SQL-injections: 
gh#coturn/coturn#386
+  * Fix Mongo driver crash on invalid connection string: gh#coturn/coturn#390
+  * enhanced fread return length check: gh#coturn/coturn#392
+  * disconnect database gracefully: #367
+  * Using SSL_get_version method for BoringSSL compatibility: 
+    turn_session_info->tls_method returns real TLS version:
+    gh#coturn/coturn#382
+  * Added systemd service example: gh#coturn/coturn#276
+  * Add bandwidth usage reporting packet/bandwidth usage by peers:
+    gh#coturn/coturn#284
+  * Modifying configure to enable compile with private libraries:
+    gh#coturn/coturn#381
+  * Append to log files rather than overriding them: gh#coturn/coturn#417
+  * Updated incorrect string length check for 'ssh': gh#coturn/coturn#442
+  * Fix Dockerfile for latest Debian: gh#coturn/coturn#449
+  * CVE-2020-6061, CVE-2020-6062: specially crafted HTTP POST request can lead
+    to heap overflow which can result in information leak:
+    gh#coturn/coturn#489
+  * STUN input validation: gh#coturn/coturn#472
+  * Allow MD5 in FIPS mode: gh#coturn/coturn#398
+  * update travis config ubuntu/mac images
+  * added null check for second char: gh#coturn/coturn#466
+  * compiler warning fixes: gh#coturn/coturn#470
+  * Fix a memory leak when an SHATYPE isn't supported: gh#coturn/coturn#471
+  * fix compiler warning comparison between signed and unsigned integer 
expressions
+  * fix compiler warning string truncation
+  * change Diffie Hellman default key length from 1066 to 2066
+  * drop of supplementary group IDs: gh#coturn/coturn#522
+  * Unify spelling of Coturn: gh#coturn/coturn#514
+  * Rename "prod" config option to "no-software-attribute": 
gh#coturn/coturn#506
+    gh#coturn/coturn#478
+  * change sql data dir in docker-compose-all.yml: gh#coturn/coturn#516
+  * add flags to disable periodic use of dynamic tables: gh#coturn/coturn#525
+
+  * fix typos and grammar: gh#coturn/coturn#463, gh#coturn/coturn#488
+  * Update README.docker: gh#coturn/coturn#475
+  * fix config extension in README.docker: gh#coturn/coturn#519
+  * Code beautifications: gh#coturn/coturn#327, gh#coturn/coturn#455,
+    gh#coturn/coturn#513
+
+- Removed patches now included in upstream: coturn-4.5.1.0-append-log.patch, 
+  coturn-4.5.1.1-cve-2020-6061.patch, coturn-4.5.1.1-cve-2020-6062.patch and 
+  coturn-4.5.1.1.missing-call-to-setgroups-before-setuid.patch
+
+-------------------------------------------------------------------

Old:
----
  coturn-4.5.1.0-append-log.patch
  coturn-4.5.1.1-cve-2020-6061.patch
  coturn-4.5.1.1-cve-2020-6062.patch
  coturn-4.5.1.1.missing-call-to-setgroups-before-setuid.patch
  coturn-4.5.1.1.tar.gz

New:
----
  coturn-4.5.1.2.tar.gz

++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++

Other differences:
------------------
++++++ coturn.spec ++++++
--- /var/tmp/diff_new_pack.P6Ewh6/_old  2020-05-07 19:33:59.738289018 +0200
+++ /var/tmp/diff_new_pack.P6Ewh6/_new  2020-05-07 19:33:59.742289026 +0200
@@ -17,14 +17,14 @@
 
 
 %global _lto_cflags %{?_lto_cflags} -ffat-lto-objects
-%bcond_without  apparmor
 %if 0%{?suse_version} > 1320
 %bcond_without  apparmor_reload
 %else
 %bcond_with     apparmor_reload
 %endif
+%bcond_without  apparmor
 Name:           coturn
-Version:        4.5.1.1
+Version:        4.5.1.2
 Release:        0
 Summary:        TURN and STUN server for VoIP
 License:        BSD-3-Clause
@@ -39,14 +39,6 @@
 Source6:        %{name}.firewalld
 Source7:        README.SUSE
 Source8:        %{name}-apparmor-usr.bin.turnserver
-# PATCH-FIX-UPSTREAM coturn-4.5.1.0-append-log.patch Append only to log files 
rather to override them
-Patch0:         coturn-4.5.1.0-append-log.patch
-# PATCH-FIX-UPSTREAM  coturn-4.5.1.1-cve-2020-6061.patch CVE-2020-6061
-Patch1:         coturn-4.5.1.1-cve-2020-6061.patch
-# PATCH-FIX-UPSTREAM  coturn-4.5.1.1-cve-2020-6062.patch CVE-2020-6062
-Patch2:         coturn-4.5.1.1-cve-2020-6062.patch
-# PATCH-FIX-UPSTREAM   
coturn-4.5.1.1.missing-call-to-setgroups-before-setuid.patch fix rpmlint error
-Patch3:         coturn-4.5.1.1.missing-call-to-setgroups-before-setuid.patch
 BuildRequires:  fdupes
 BuildRequires:  firewall-macros
 BuildRequires:  libevent-devel >= 2.0.0
@@ -59,6 +51,10 @@
 BuildRequires:  pkgconfig(libssl) >= 1.0.2
 BuildRequires:  pkgconfig(sqlite3)
 BuildRequires:  pkgconfig(systemd)
+Requires(pre):  %fillup_prereq
+Requires(pre):  shadow
+Recommends:     logrotate
+%sysusers_requires
 %if %{with apparmor}
 %if 0%{?suse_version} <= 1315
 BuildRequires:  apparmor-profiles
@@ -71,10 +67,6 @@
 BuildRequires:  apparmor-rpm-macros
 %endif
 %endif
-Requires(pre):  %fillup_prereq
-Requires(pre):  shadow
-Recommends:     logrotate
-%sysusers_requires
 
 %description
 STUN (Session Traversal Utilities for NAT) and TURN (Traversal Using Relays

++++++ README.SUSE ++++++
--- /var/tmp/diff_new_pack.P6Ewh6/_old  2020-05-07 19:33:59.774289090 +0200
+++ /var/tmp/diff_new_pack.P6Ewh6/_new  2020-05-07 19:33:59.778289098 +0200
@@ -6,3 +6,12 @@
 ```
 firewall-cmd --zone=public --add-service=coturn [--permanent]
 ```
+
+* /etc/syconfig/coturn has the option '--no-software-attribute' enabled to 
hide 
+  the software version for production issue.
+
+* The trunserveer can only be bound to a port belo 1024 if you add the
+  AmbientCapabilities=CAP_NET_BIND_SERVICE section to the service file.
+
+
+

++++++ coturn-4.5.1.1.tar.gz -> coturn-4.5.1.2.tar.gz ++++++
++++ 19791 lines of diff (skipped)

++++++ coturn.service ++++++
--- /var/tmp/diff_new_pack.P6Ewh6/_old  2020-05-07 19:34:00.062289666 +0200
+++ /var/tmp/diff_new_pack.P6Ewh6/_new  2020-05-07 19:34:00.062289666 +0200
@@ -7,12 +7,15 @@
 User=coturn
 Group=coturn
 Type=forking
-EnvironmentFile=-/etc/sysconfig/turnserver
+EnvironmentFile=-/etc/sysconfig/coturn
 PIDFile=/run/coturn/turnserver.pid
 ExecStart=/usr/bin/turnserver -o -c /etc/coturn/turnserver.conf --pidfile 
/run/coturn/turnserver.pid $EXTRA_OPTIONS
 Restart=on-abort
 ExecReload=/bin/kill -HUP $MAINPID
 
+# enable next line to make coturn able to bind to a port below 1024
+#AmbientCapabilities=CAP_NET_BIND_SERVICE
+
 LimitCORE=infinity
 LimitNOFILE=999999
 LimitNPROC=60000

++++++ coturn.sysconfig ++++++
--- /var/tmp/diff_new_pack.P6Ewh6/_old  2020-05-07 19:34:00.082289706 +0200
+++ /var/tmp/diff_new_pack.P6Ewh6/_new  2020-05-07 19:34:00.082289706 +0200
@@ -5,4 +5,4 @@
 #
 # TURN Server startup options
 #
-EXTRA_OPTIONS=""
+EXTRA_OPTIONS="--no-software-attribute"

commit coturn for openSUSE:Leap:15.2

Reply via email to