Package "coturn"

Name: coturn


TURN and STUN server for VoIP

Latest version:
Release: cosmic (18.10)
Level: security
Repository: universe
Homepage: https://github.com/coturn/coturn/


Save this URL for the latest version of "coturn": https://www.ubuntuupdates.org/coturn

Download "coturn"

Other versions of "coturn" in Cosmic

Repository Area Version
base universe
updates universe


Version: 2019-02-14 22:06:31 UTC

  coturn ( cosmic-security; urgency=medium

  * [1328ae1] HotFix: for 3 Vulnerability.
    For more details see:
    - CVE-2018-4056 - coTURN Administrator Web Portal SQL injection vulnerability
    - CVE-2018-4058 - coTURN TURN server unsafe loopback forwarding default configuration vulnerability
    - CVE-2018-4059 - coTURN server unsafe telnet admin portal default configuration vulnerability
    These patches address hotfix the 3 CVE above.
    * Disable-Web-admin-interface-due-Security-Vulnerability.patch
    It disables hardcocded web admin interface until where it will be fixed correctly.
    * Disable-loopback-peers-due-Vulnerability.patch
    Disable by default loopback-peer functionality.
    * empty-cli-password-not-allowed-disable-telnet-cli.patch
    Disable telnet cli if the cli-password is empty.

 -- Mészáros Mihály <email address hidden> Wed, 06 Feb 2019 14:56:38 +0100

CVE-2018-4056 An exploitable SQL injection vulnerability exists in the administrator web portal function of coTURN prior to version A login message with a

About   -   Send Feedback to @ubuntu_updates