Security update for coturn
This update for coturn fixes the following issues:
Version 4.5.1.3:
* Remove reference to SSLv3: gh#coturn/coturn#566
* Ignore MD5 for BoringSSL: gh#coturn/coturn#579
* STUN response buffer not initialized properly; he issue found and
reported gh#coturn/coturn#583 by Felix Dörre all credits belongs to
him. CVE-2020-4067, boo#1173510
- Let coturn allow binding to ports below 1024 per default
-
Submitted by
Johannes Weberhofer (weberho)
Fixed bugs
bnc#1173510
VUL-1: CVE-2020-4067: coturn: information leak across client connections
