Package Release Info


Update Info: openSUSE-2022-10184
Available in Package Hub : 15 SP4 Update





Change Logs

* Fri Aug 19 2022 Georg Pfuetzenreuter <>
- Drop @privileged SystemCallFilter, can prevent service from starting (status=31/SYS)
* Mon May 04 2020 Johannes Weberhofer <>
- Extended Readme.SUSE with description on how to bind to ports below 1024
- Fixes and enhancements in service-file
- /etc/sysconfig/coturn defaults now to not show software's version to the public
- Version
  * Do not display empty CLI passwd alert if CLI is not enabled
  * Removed several functions: gh#coturn/coturn#359
  * Fix webadmin IP permission and possible SQL-injections: gh#coturn/coturn#386
  * Fix Mongo driver crash on invalid connection string: gh#coturn/coturn#390
  * enhanced fread return length check: gh#coturn/coturn#392
  * disconnect database gracefully: #367
  * Using SSL_get_version method for BoringSSL compatibility:
    turn_session_info->tls_method returns real TLS version:
  * Added systemd service example: gh#coturn/coturn#276
  * Add bandwidth usage reporting packet/bandwidth usage by peers:
  * Modifying configure to enable compile with private libraries:
  * Append to log files rather than overriding them: gh#coturn/coturn#417
  * Updated incorrect string length check for 'ssh': gh#coturn/coturn#442
  * Fix Dockerfile for latest Debian: gh#coturn/coturn#449
  * CVE-2020-6061, CVE-2020-6062: specially crafted HTTP POST request can lead
    to heap overflow which can result in information leak:
  * STUN input validation: gh#coturn/coturn#472
  * Allow MD5 in FIPS mode: gh#coturn/coturn#398
  * update travis config ubuntu/mac images
  * added null check for second char: gh#coturn/coturn#466
  * compiler warning fixes: gh#coturn/coturn#470
  * Fix a memory leak when an SHATYPE isn't supported: gh#coturn/coturn#471
  * fix compiler warning comparison between signed and unsigned integer expressions
  * fix compiler warning string truncation
  * change Diffie Hellman default key length from 1066 to 2066
  * drop of supplementary group IDs: gh#coturn/coturn#522
  * Unify spelling of Coturn: gh#coturn/coturn#514
  * Rename "prod" config option to "no-software-attribute": gh#coturn/coturn#506
  * change sql data dir in docker-compose-all.yml: gh#coturn/coturn#516
  * add flags to disable periodic use of dynamic tables: gh#coturn/coturn#525
  * fix typos and grammar: gh#coturn/coturn#463, gh#coturn/coturn#488
  * Update README.docker: gh#coturn/coturn#475
  * fix config extension in README.docker: gh#coturn/coturn#519
  * Code beautifications: gh#coturn/coturn#327, gh#coturn/coturn#455,
- Removed patches now included in upstream: coturn-,
  coturn-, coturn- and
* Tue Apr 14 2020
- added apparmor profile (coturn-apparmor-usr.bin.turnserver)
- fix executable permissions in devel package by using defattr
* Sun Apr 12 2020 Johannes Weberhofer <>
- Use pkgconfig(systemd) for packaging
* Sat Apr 11 2020 Jan Engelhardt <>
- Shorten description by stripping the long list of all RFCs.
- Drop %defattr; use %autosetup.
* Thu Apr 09 2020 Johannes Weberhofer <>
- Initial release of coturn
* Tue Jun 30 2020 Johannes Weberhofer <>
- Version
  * Remove reference to SSLv3: gh#coturn/coturn#566
  * Ignore MD5 for BoringSSL: gh#coturn/coturn#579
  * STUN response buffer not initialized properly; he issue found and
    reported gh#coturn/coturn#583 by Felix Dörre all credits belongs to
    him. CVE-2020-4067, boo#1173510
- Let coturn allow binding to ports below 1024 per default
Version: 4.5.2-bp154.1.39
* Mon Oct 18 2021 Michael Ströder <>
- Dropped harden_coturn.service.patch because systemd units are
  created from own source anyway and are proven to work
* Fri Oct 15 2021 Johannes Segitz <>
- Drop ProtectClock hardening, can cause issues if other device acceess is needed
* Mon Aug 30 2021 Johannes Segitz <>
- Added hardening to systemd service(s). Added patch(es):
  * harden_coturn.service.patch
  * coturn.service
  * coturn@.service
* Mon Jan 11 2021 Johannes Weberhofer <>
- Version 4.5.2
  * Fix for CVE-2020-26262 (boo#1180764)
  - Fix ipv6 ::1 loopback check
  - Not allow allocate peer address and ::/128
  - For more details see the github security advisory:
  * fix null pointer dereference in case of out of memory.
  * Fix: Null pointer dereference on tcp_client_input_handler_rfc6062data function
  * Fix: use-after-free vulnerability on write_to_peerchannel function
  * Fix: use-after-free vulnerability on write_client_connection function
  * add prometheus metrics
  * Delete trailing whitespace in example configuration files
  * Add architecture ppc64le to travis build
  * Fix misleading option in doc (prometheus)
  * Allow RFC6062 TCP relay data to look like TLS
  * Add support for proxy protocol V1
  * Print full date and time in logs
  * Add new options: "new-log-timestamp" and "new-log-timestamp-format"
  * Do not use FIPS and remove hardcode OPENSSL_VERSION_NUMBER with LibreSSL
  * Add ACME redirect url
  * support of --acme-redirect <URL>
  * fix acme security, redundancy, consistency
  * Add new --log-binding option to enable binding request logging
  * Fix stale-nonce documentation
  * Version number is changed to semver 2.0
  * pkg-config, and various cleanups in configure file
  * Add systemd notification for better systemd integration
  * Fix c++ support
  * Remove session id/allocation labels
  * Remove per session metrics. We should later add more counters.
* Sun Dec 27 2020 Michael Ströder <>
- AppArmor profile has ABI 3.0 and some minor changes
- Modified systemd unit:
  * do not use daemon mode
  * Type=simple
  * added security settings
- added multi-instance systemd unit
* Wed Aug 19 2020 Callum Farmer <>
- Fixes for %_libexecdir changing to /usr/libexec (bsc#1174075)