-------------------------------------------------------------------------------- Fedora Update Notification FEDORA-2023-7f5458dfec 2023-04-24 02:03:19.290619 -------------------------------------------------------------------------------- Name : coturn Product : Fedora 37 Version : 4.6.2 Release : 1.fc37 URL : https://github.com/coturn/coturn/ Summary : TURN/STUN & ICE Server Description : The Coturn TURN Server is a VoIP media traffic NAT traversal server and gateway. It can be used as a general-purpose network traffic TURN server/gateway, too. This implementation also includes some extra features. Supported RFCs: TURN specs: - RFC 5766 - base TURN specs - RFC 6062 - TCP relaying TURN extension - RFC 6156 - IPv6 extension for TURN - Experimental DTLS support as client protocol. STUN specs: - RFC 3489 - "classic" STUN - RFC 5389 - base "new" STUN specs - RFC 5769 - test vectors for STUN protocol testing - RFC 5780 - NAT behavior discovery support The implementation fully supports the following client-to-TURN-server protocols: - UDP (per RFC 5766) - TCP (per RFC 5766 and RFC 6062) - TLS (per RFC 5766 and RFC 6062); TLS1.0/TLS1.1/TLS1.2 - DTLS (experimental non-standard feature) Supported relay protocols: - UDP (per RFC 5766) - TCP (per RFC 6062) Supported user databases (for user repository, with passwords or keys, if authentication is required): - SQLite - MySQL - PostgreSQL - Redis Redis can also be used for status and statistics storage and notification. Supported TURN authentication mechanisms: - long-term - TURN REST API (a modification of the long-term mechanism, for time-limited secret-based authentication, for WebRTC applications) The load balancing can be implemented with the following tools (either one or a combination of them): - network load-balancer server - DNS-based load balancing - built-in ALTERNATE-SERVER mechanism. -------------------------------------------------------------------------------- Update Information: # Coturn 4.6.2 - Fix MSVC CI build - Prometheus: make sure microhttpd starts using epoll if supported - Fix typo in `mainrelay.c` - Remove unused include that breaks OpenBSD - Delete `LICENSE.OpenSSL` - use santisied psql string - Use the actual redis connection string to connect, not the sanitized one - Implement non-blocking recvfrom on Windows - Add contributing guidelines - Move and split documentation files - Use inline functions for errno checks - Add STUN request/response/error prometheus counters - Add configuration option for TLS 1.3 ciphersuites - Fix wrong usage of C-style in place generated array - bugfix: fix broken type label of `turn_total_allocations` gauge - Add explicit `SIGTERM` and `SIGINT` handlers - Set string bytes to null to prevent random origin - Regenerate manual pages from `README` files - Fix inverted logic in TLS configuration options - Reduce code duplication when printing userdb - Fix memory corruption on socket close - Cleanup logs on turnserver start - Optional build info compiled into turnserver binary - Fix duplicate prometheus metric report - Add sessioncount to prometheus metrics - Update openssl API use to non- deprecated version - Log `threadId` to logs to aid in multi-threaded debugging - Use khash 0.2.8 - Reflect new native Windows build support in documentation - Check and fix format string for `turn_log_func_default` - Properly calculate size for `sm_allocated` - Do not discard qualifiers in `free()` - Simplify defines for macOS platform - WINDOWS: unsigned long should not be used to store pointers - Reduce usage of `TURN_NO_HIREDIS` macros - Update to fix duplicate stdout log output - Use c11 standard - Reduce usage of `TURN_NO_PROMETHEUS` - Remove unnecessary declaration from header file - Support Windows MSVC - Fix resource leaks - Backlog fifo - Change rpm systemd service type from notify to exec - Add missing comma - Fix off-by-one when terminating gcm_nonce - Use `%zu` format specifier for `size_t` - Fix variable argument handling - Cleanup openssl initialization - fuzzing support - created `netengine.c` `get_relay_server` utility method to reduce code duplication - fix bug in calls to `ssl_read` and `ssl_send` where extra verbose flag goes missing - ignore raw UDP if `no_udp` is enabled - Sanitize DB connection string before printing to log - Better detect SCTP protocol - Redis memleaks and socketleaks - Fix issue 51563 in oss-fuzz - Fix multiple warnings in `libtelnet.c` file - Update libtelnet to 0.23 (portability issues) - Remove debug publish to redis - Cleanup unused include of header files - Use single `SSL_CTX` for DTLS support - Malformed response to mobility refresh request - Silence warnings by converting STRCPY to `strncpy` calls - Build CI with prometheus support - Replace references to non-existent pdf file with links - Fix TLS1.3 support - Use a single SSL context object - Use epoll for promhttp server if supported - Fix issues reported by cppcheck - Replace bcopy with memcpy - Replace bzero with memset - Improve openssl3 and FIPS support - Preserve file timestamps when using `install` - Fix renegotiation flag for older version of openssl -------------------------------------------------------------------------------- ChangeLog: * Sat Apr 15 2023 Robert Scheck <robert@xxxxxxxxxxxxxxxxx> - 4.6.2-1 - Upgrade to 4.6.2 (#2186297) * Thu Jan 19 2023 Robert Scheck <robert@xxxxxxxxxxxxxxxxx> - 4.6.1-3 - Added upstream patch to fix OpenSSL 3 support * Thu Jan 19 2023 Fedora Release Engineering <releng@xxxxxxxxxxxxxxxxx> - 4.6.1-2 - Rebuilt for https://fedoraproject.org/wiki/Fedora_38_Mass_Rebuild -------------------------------------------------------------------------------- References: [ 1 ] Bug #2186297 - coturn-4.6.2 is available https://bugzilla.redhat.com/show_bug.cgi?id=2186297 -------------------------------------------------------------------------------- This update can be installed with the "dnf" update program. Use su -c 'dnf upgrade --advisory FEDORA-2023-7f5458dfec' at the command line. For more information, refer to the dnf documentation available at http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label All packages are signed with the Fedora Project GPG key. More details on the GPG keys used by the Fedora Project can be found at https://fedoraproject.org/keys -------------------------------------------------------------------------------- _______________________________________________ package-announce mailing list -- package-announce@xxxxxxxxxxxxxxxxxxxxxxx To unsubscribe send an email to package-announce-leave@xxxxxxxxxxxxxxxxxxxxxxx Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedoraproject.org/archives/list/package-announce@xxxxxxxxxxxxxxxxxxxxxxx Do not reply to spam, report it: https://pagure.io/fedora-infrastructure/new_issue