master/coturn
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Add Change Logs

Browse Source
This commit is contained in:
Mészáros Mihály 2018-11-05 15:20:58 +01:00
parent e2717e0fae
commit 8a647d7591
1 changed files with 37 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

38
ChangeLog
View File

@ -1,5 +1,41 @@
27/09/2018 Oleg Moskalenko <mom040267@gmail.com> Mihály Mészáros <misi@majd.eu>
Version 4.5.0.9 'dan Eider':
Version 4.5.1.0 'dan Eider':
Consider to change config file after upgrade, because it contains not backward compatible breaking changes!
- Security fixes
Many thanks to Nicolas Edet (Cisco) who reported all of the following issues!!
* DB/SQL injection in stun realm. Fix: add extra string validation.
* DB/SQL injection in web-admin interface lack of admin user validation.
Fix: add extra string validation.
* Fix for earlier unsafe default settings:
o HTTPS administrator interface should be disabled by default
It could be enbled with "web-admin" option.
o Default configuration allowed earlier forwarding traffic
from an external interface to loopback interface. Now it
has been changed and option name is also changed!
!!BREAKING change!! Don't forget to change config!!
"no-loopback-peers" replaced by "allow-loopback-peers"
o Unauthenticated telnet admin interface runs on the
loopback interface, which can be accessed by exploiting the
loopback relay that was enabled by default.
- Admin portal does not list TCP session ( reported and fixed by Nicolas Edet )
- Fix memory leak in read_config_file (by Thibaut Ackermann)
- Add a release helper script.
- Web Admin interface use own listener (it is disableb by default)
!!BREAKING change!! Don't forget to change/review config!!
* Add new option "web-admin-ip" to set listener ip. By default (127.0.0.1)
* Add new option "web-admin-port" to set webadmin listen port
* Add new option "web-admin-listen-on-workers" to change back to earlier
behaviour and listen web admin on all worker processes and ports.
- Not allow to start server if "allow-loopback-peers" set without "cli-password"
!!BREAKING change!! Don't forget to change config!!
Added a warning if cli-password is empty or missing, but allow-loopback-peers
set, and so loopback allocation is enalbed.
27/09/2018 Oleg Moskalenko <mom040267@gmail.com> Mihály Mészáros <misi@majd.eu>
Version 4.5.0.8 'dan Eider':