coturn-4.13.1-1.el10_2
FEDORA-EPEL-2026-f33139a01c
Packages in this update:
- coturn-4.13.1-1.el10_2
- Security fixes
- Null-terminate server_name in stun_is_challenge_response_str
- Canonicalize all IPv4-in-IPv6 encodings before peer-IP checks
- Auto-deny coturn's own database backend endpoints as relay peers
- Deny link-local / ULA / site-local relay peers by default
- More performance improvements for --udp-recvmmsg and --multiplex-peer. If your system does not rely on TURN unique ports give multiplexing a try - it has capacity to dramatically increase performance.
- Security fixes
- Wrap atomic everywhere
- Fix sendmmsg stride bug in multiplex-peer UDP batch flush
- Reap TURN permissions/channels via a per-thread sweep instead of per-object timers
- Add --udp-sendmmsg-log to observe egress sendmmsg/UDP-GSO batching
- Expose recvmmsg/sendmmsg UDP batch sizes as Prometheus metrics
- Restrict recvmmsg fast path to shared fan-in sockets (make --udp-recvmmsg useful standalone)
- Enable --udp-recvmmsg by default on Linux
- Security hardening: port parsing, admin brute-force throttle, credential log redaction, constant-time compare, OAuth bounds checks, permission cap
- Add continuous latency mode to stunclient
- Fix test_redis_format link failure
- Fix configure MANPREFIX typo
- Fix missing sqlite3 dependendcy
- Fix UDP receive buffer ownership