[ubuntu-hardened] Dangerous issue in Coturn Ubuntu distribution
Julio Spinelli
spine001 at gmail.com
Tue Jul 27 15:50:56 UTC 2021
This issue: https://ubuntu.com/security/CVE-2020-26262
has been fixed in the latest version of Coturn, but people installing
Ubuntu today 20.04 will still unknowingly install the older version of
COTURN that is wide open due to this issue.
So, my question is what can we do to speed up the availability of the last
version or alternatively add a caution with a link to this issue so that
installers of the current version know that they must set up
--denied-peer-ip especifically.
No installation guides that I checked (many) have this caution included.
It seems that a very simple action could be taken to mitigate this.
--
Julio C Spinelli
Life is what you make of it!
This electronic message contains information from Julio C. Spinelli. The
contents may be privileged and confidential and are intended for the use of
the intended addressee(s) only. If you are not an intended addressee, note
that any disclosure, copying, distribution, or use of the contents of this
message is prohibited. If you have received this e-mail in error, please
contact me at 1 at juliospinelli.com
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.ubuntu.com/archives/ubuntu-hardened/attachments/20210727/6e104fc6/attachment.html>
More information about the ubuntu-hardened
mailing list