Fixes and improvements

General

• support using regexp groups in every part of a source URL (#5766) (#5779)
• improve anti-brute force mechanism (#5835) delay authentication failure responses by a random amount of time, use the same anti-brute force mechanism with all users.
• limit size of HTTP requests shown in debug logs (#5858)
• print body of selected HTTP responses when log level is debug (#5859)

Media-over-QUIC

• fix race condition when closing server (#5836) some sessions were hanging if they were concurrently being closed by the remote peer.
• rename moqHTTPS2Address into moqHTTP2Address, moqHTTPS3Address into moqHTTP3Address (#5841)

RTSP

• support PROXY protocol (#5754) Support PROXY protocol v1/v2 on RTMP, RTMPS, RTSP, and RTSPS TCP listeners so real client IPs are visible when running behind L4 proxies (nginx stream, HAProxy, AWS NLB).
• restore support for H264 packetization-mode 0 (#5846) (#5857) H264 streams with packetization-mode=0 cannot be routed with UDP since packets are too big. Inbound streams with packetization-mode=0 are blocked by the server since v1.19.0 but this caused compatibility issues with some cameras. The server is now able to receive such streams with TCP, and automatically remuxes them in streams with packetization-mode=1, which can be routed freely.

RTMP

• support PROXY protocol (#5754) Support PROXY protocol v1/v2 on RTMP, RTMPS, RTSP, and RTSPS TCP listeners so real client IPs are visible when running behind L4 proxies (nginx stream, HAProxy, AWS NLB).

Dependencies

• code.cloudfoundry.org/bytefmt updated from v0.74.0 to v0.76.0
• github.com/bluenviron/gortsplib/v5 updated from v5.5.4 to v5.6.0
• github.com/pion/ice/v4 updated from v4.2.7 to v4.2.8-0.20260604162030-72f5001c4596
• github.com/pion/webrtc/v4 updated from v4.2.14 to v4.2.15
• github.com/quic-go/quic-go updated from v0.59.0 to v0.60.0
• golang.org/x/crypto updated from v0.52.0 to v0.53.0
• golang.org/x/net updated from v0.55.0 to v0.56.0
• golang.org/x/sync updated from v0.20.0 to v0.21.0
• golang.org/x/sys updated from v0.45.0 to v0.46.0
• golang.org/x/term updated from v0.43.0 to v0.44.0
• github.com/pion/dtls/v3 updated from v3.1.3 to v3.1.4
• github.com/pion/stun/v3 updated from v3.1.4 to v3.1.5
• github.com/pion/turn/v5 updated from v5.0.7 to v5.0.9
• golang.org/x/text updated from v0.37.0 to v0.38.0
• github.com/pires/go-proxyproto v0.12.0 added

Security

Binaries are compiled from source code by the Release workflow, which is a fully-visible process that prevents any change or external interference in produced artifacts.

Checksums of binaries are also published in a public blockchain by using GitHub Attestations, and they can be verified by running:

ls mediamtx_* | xargs -L1 gh attestation verify --repo bluenviron/mediamtx

You can verify checksums of binaries by downloading checksums.sha256 and running:

cat checksums.sha256 | grep "$(ls mediamtx_*)" | sha256sum --check

Below are development builds for testing purposes.

Latest development build: 2.7.2.11 (June 10th 2026)

Latest stable release build: 2.7.2
https://github.com/clsid2/mpc-hc/releases/tag/2.7.2

• [p]Added display of lowest and highest sticker price in the last 7 days in the Cologne 2026 Major Shop.[/p][/*]
• [p]Added stickers showcase to the Cologne 2026 Major Hub tile on the main menu.[/p][/*]

• [p]Added multi-select functionality in Storage Units deposit/retrieve UI.[/p][/*]
• [p]Added appropriate error message when user's inventory is full and they try to redeem Weekly Care Package rewards, Armory items, or items in the Major Shop cart.[/p][/*]
• [p]Fixed number wrapping rules in some languages.[/p][/*]