Bug#924962: unblock: coturn/4.5.1.1-1

[wferi]

Dear Release Team,

I sponsored the late upload of 4.5.1.1-1, please let me try to make up
for that by providing some more information (hopefully) in favor of the
unblock.

First of all, the Docker changes, which are the biggest part of the src
debdiff, do not affect the binary package at all, please just ignore
them.

On Tue, 19 Mar 2019 09:25:13 +0100 =?utf-8?b?TcOpc3rDoXJvcyBNaWjDoWx5?= 
 wrote:

> In 4.5.1.0 we droped root privilege but we didn't considered that in
> the defualt file logging it will cause an issue.

The issue is the logs being put into (after several fallback steps due
to lack of privileges) the private tmpfs created by systemd.  This makes
them ephemeral, and uses memory for doing so.  Also, the package does
not provide any logrotate config, so syslog is a better choice for this
reason as well.  This change is implemented by shipping the conffile
/etc/turnserver.conf again (it was inadvertently dropped from 4.5.1.0-1)
and patching it to use syslog.

The TTL query always returns 0 on Sparc64, so the relay code has use the
default 64 on that architecture to work at all.  This is a workaround
for some bug, possibly in libc.

The "pwd check" part fixes a NULL pointer dereference, which was an
oversight, a regression introduced in 4.5.1.0.

All the remaining changes fix #916919, the alignment problem.
-- 
Thanks for your consideration,
Feri

Bug#924962: unblock: coturn/4.5.1.1-1

[Mészáros Mihály]

Package: release.debian.org
Severity: normal
User: release.debian@packages.debian.org
Usertags: unblock

Please unblock package coturn

The release 4.5.1.0 was a security fix. 
To keep it separated form other issues, it doesn't contain an another
very important 64 bit mem alingment fix that we released in upstream: 4.5.1.1.

The 4.5.1.0 has fixed many security issues, but it still contains the mem 
alingment
problem on all 64 bit arcitectures! And so it is broken in many 64 bit
architectures that don't tolarate and autofix mem alingment issues:
e.g. Arm64, Sparc64 etc.

We had to ignore 64 bit issue in 4.5.1.0-1 to release security fix as soon as 
possible.
See the "-" sign that ignores the errors: 
https://github.com/coturn/coturn/blob/6cce69cf35221bc5270744b842e6f73c0ded9ac0/debian/rules#L20
It is ugly, and it is also removed in 4.5.1.1-1 with the release of the 64bit 
mem alingment fix.

In 4.5.1.0 we droped root privilege but we didn't considered that in
the defualt file logging it will cause an issue.
In 4.5.1.1-1 we turned on syslog in the preinstalled config to fix this:
https://github.com/coturn/coturn/blob/debian/4.5.1.1-1/debian/patches/Set-logging-to-syslog.patch

We almost catched the freeze deadline with 4.5.1.1-1 (only missed an hour or 
so).

Please consider to unblock it beacuse of the above.

Thanks!

unblock coturn/4.5.1.1-1

-- System Information:
Debian Release: 9.8
  APT prefers stable-updates
  APT policy: (500, 'stable-updates'), (500, 'stable')
Architecture: amd64 (x86_64)

Kernel: Linux 4.9.0-8-amd64 (SMP w/1 CPU core)
Locale: LANG=hu_HU.UTF-8, LC_CTYPE=hu_HU.UTF-8 (charmap=UTF-8), 
LANGUAGE=hu_HU.UTF-8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/dash
Init: systemd (via /run/systemd/system)
diff -Nru coturn-4.5.1.0/ChangeLog coturn-4.5.1.1/ChangeLog
--- coturn-4.5.1.0/ChangeLog2019-01-18 13:35:39.0 +0100
+++ coturn-4.5.1.1/ChangeLog2019-03-02 23:11:57.0 +0100
@@ -1,3 +1,19 @@
+02/03/2019 Oleg Moskalenko  Mihály Mészáros 
+Version 4.5.1.1 'dan Eider':
+   - merge PR #330 missing \r\n after http Connection:close (by gribunin)
+   - merge PR #303 fix typo enpoint (by Majid Motallebikashani)
+   - merge PR #129 seperate http web-admin listener (by Thibaut ACKERMANN)
+   - regression from 4.5.1.0
+   * readd pwd check
+   * add to config missing web-admin-listen-on-workers option
+   - merge docker branch
+   * Add Docker file for all database backend.
+   - merge sparc64 branch
+   * Fix mem alingment issue on 64 bit architecture
+   That issue caused earlier "bus error" on sparc64 and armhf
+   - merge PR #336 Clarify Debian install (by David-dp-)
+   - merge PR #339 RPM build fix (by Peter Hudec )
+
 24/11/2018 Oleg Moskalenko  Mihály Mészáros 
 Version 4.5.1.0 'dan Eider':
Consider to change config file after upgrade, because it contains some 
diff -Nru coturn-4.5.1.0/debian/changelog coturn-4.5.1.1/debian/changelog
--- coturn-4.5.1.0/debian/changelog 2019-01-28 13:16:57.0 +0100
+++ coturn-4.5.1.1/debian/changelog 2019-03-03 00:38:30.0 +0100
@@ -1,3 +1,14 @@
+coturn (4.5.1.1-1) unstable; urgency=medium
+
+  * [a13ba45] Fix: missing /etc/turnserver.conf
+  * [8a03c32] Revert "Temporary prevent from failing"
+This reverts commit 218987f4256a8894e06d7876c434b1f37fd0785f.
+  * [96ca6cb] New upstream release (4.5.1.1) (Closes: #916919)
+  * [f399223] Set log to syslog
+  * [7b135b2] Upgrde to debian-policy 4.3
+
+ -- Mészáros Mihály   Sun, 03 Mar 2019 00:38:30 +0100
+
 coturn (4.5.1.0-1) unstable; urgency=medium
 
   * Sync to upstream 4.5.1.0
diff -Nru coturn-4.5.1.0/debian/control coturn-4.5.1.1/debian/control
--- coturn-4.5.1.0/debian/control   2019-01-28 12:46:05.0 +0100
+++ coturn-4.5.1.1/debian/control   2019-03-03 00:38:30.0 +0100
@@ -16,7 +16,7 @@
libssl-dev (>= 1.0.0~),
postgresql-client,
sqlite3
-Standards-Version: 4.2.1
+Standards-Version: 4.3.0
 Homepage: https://github.com/coturn/coturn/
 Vcs-Git: https://github.com/coturn/coturn.git -b debian/sid
 Vcs-Browser: https://github.com/coturn/coturn/tree/debian/sid
diff -Nru coturn-4.5.1.0/debian/coturn.install 
coturn-4.5.1.1/debian/coturn.install
--- coturn-4.5.1.0/debian/coturn.install2019-01-28 12:46:05.0 
+0100
+++ coturn-4.5.1.1/debian/coturn.install2019-03-03 00:07:47.0 
+0100
@@ -6,6 +6,7 @@
 bin/turnutils_stunclient usr/bin
 bin/turnutils_uclient usr/bin
 debian/etc/ufw/applications.d/turnserver etc/ufw/applications.d
+examples/etc/turnserver.conf etc
 include/turn/client/TurnMsgLib.h usr/include/turn
 include/turn/client/ns_turn_ioaddr.h usr/include/turn
 include/turn/client/ns_turn_msg.h usr/include/turn
diff -Nru coturn-4.5.1.0/debian/patches/series 
coturn-4.5.1.1/debian/patches/series
--- coturn-4.5.1.0/debian/patches/series1970-01-01