❌

Lees weergave

↗️

v4.1.0

βœ‡Coolify
Door: andrasbacsai

Features

  • Added Railpack as a beta build pack option with build-time environment support, config merging, examples, and deployment smoke coverage (#9117, resolves #5282).
  • Added configurable application stop grace periods for manual stops, previews, and deployments (#9746, fixes #5620).
  • Added structured audit logging for API mutations, webhook events, authentication, and authorization outcomes (#9842).
  • Added per-server configurable SSH connection timeouts and exposed the setting through the API and UI (#9844).
  • Added deployment skipping for webhook commits and PR/MR titles containing [skip ci] or [skip cd] (#9861).
  • Added instance-level MCP support with read-only tools for Coolify resources and API/UI enablement controls (#9862).
  • Added application deployment configuration diff tracking so pending changes and build-impacting changes are surfaced before redeploy (#10183, fixes #8357).
  • Added a collapsible sidebar with persisted state, tooltips, and a compact team menu (#9945).
  • Added a Gitea runner service template (#9961).

Fixes

  • Fixed OAuth user matching by normalizing email addresses before lookup (#9488, fixes #9487).
  • Fixed SMTP notification validation by setting a default encryption value (#9543).
  • Fixed database backup max storage validation to allow decimal values (#9801, fixes #9794).
  • Fixed Dockerfile build pack builds by using BuildKit-supported host networking (#9811, fixes #9804).
  • Fixed generated HEX magic environment secrets so encoded values have the expected length (#9820).
  • Fixed server reachability notifications by dispatching them through an event path without blocking retry loops (#9843, fixes #9830).
  • Fixed large file-volume editing in the UI by blocking editable payloads over 5 MiB (#9851, fixes #4701).
  • Fixed deployment commit resolution to use the application git_commit_sha when no commit is explicitly provided (#9865, closes #9204).
  • Fixed database imports to allow .dmp files (#9869).
  • Fixed invalid or undecryptable Sentinel tokens by regenerating them automatically (#9874).
  • Fixed scheduled task server resolution when relationships are missing (#9922, fixes #9916).
  • Fixed preview image tags so different commits on the same PR do not reuse shared tags (#10066, fixes #5538).
  • Fixed custom nginx configuration updates from the API by correctly decoding payloads and supporting clearing the value (#10067, fixes #9975).
  • Fixed API token expiration warnings so sent-warning state persists and failed notifications can retry (#10184).
  • Fixed terminal reliability with heartbeat handling, idle timeouts, reconnect replay, and preserved scrollback.
  • Fixed deployment and log views so auto-scroll pauses when users scroll up and resumes at the bottom.
  • Fixed realtime server dependencies by replacing Axios with the native HTTP client (#10065).
  • Fixed nginx Docker images to use patched official packages and HTTPS package repositories (#10026).
  • Fixed Docmost templates to require a mail driver before startup.

Improvements

  • Improved Railpack behavior with Docker buildx validation, safer shell argument handling, scoped build-time variables, better port handling, and updated helper versions (#9117, resolves #5282).
  • Improved MCP resource listing performance and changed enable/disable routes to POST for state-changing actions (#9862).
  • Improved standalone database lookup coverage for KeyDB, Dragonfly, and ClickHouse (#9862).
  • Suppressed noisy Horizon failed-job entries for expected deployment and timeout failures on cloud instances (#9871).
  • Synced service templates from next and disabled the stale LiteQueen template (#9884, #10006).
  • Bumped follow-redirects in the realtime Docker package to 1.16.0 (#9690).
  • Bumped phpseclib/phpseclib to 3.0.52 (#9952).
  • Improved Vite dev-server host, port, and CORS configuration for local development.
  • Improved collapsed sidebar spacing, deployment indicator alignment, and environment-variable dirty indicators.

Breaking Changes

  • Removed the deprecated Docker Compose application API endpoint; service creation should use POST /api/v1/services instead.
  • Changed MCP enable/disable endpoints from GET to POST (#9862).

What's Changed

New Contributors

Full Changelog: v4.0.0...v4.1.0

  •  
  • ↗️
↗️

Postfix stable release 3.11.3 and legacy releases 3.10.10, 3.9.11, 3.8.17

βœ‡Postfix

Postfix stable release 3.11.3 and legacy releases 3.10.10, 3.9.11, 3.8.17

[An on-line version of this announcement will be available at https://www.postfix.org/announcements/postfix-3.11.3.html]

Fixed in Postfix 3.8-3.11:

  • Bitrot: builds with musl libc broke, because they were using an obsolete NO_SNPRINTF code path that had not been updated for Claude Code findings.

  • Two fixes for a signed integer overshift condition (a left shift into the sign bit). This "works" on contemporary CPUs, but may break in the future. One reported by Kamil Frankowicz, and one by Robert Sayre.

  • Viktor Dukhovni fixed an 'uninitialized value' error in the 'collate.pl' script.

Fixed in Postfix 3.11:

  • Test code fixes by Viktor Dukhovni for a deprecation warning with OpenSSL 4.0, and for a race condition that caused a test script to fail.

You can find the updated Postfix source code at the mirrors listed at https://www.postfix.org/.

  •  
  • ↗️
↗️

v1.18.2

βœ‡MediaMTX
Door: github-actions[bot]

Fixes and improvements

RTSP

RTMP

HLS

  • fix error 500 caused by in-stream params (bluenviron/gohlslib#355) (#5728) (#5745) PR bluenviron/gohlslib#344 caused a regression. Many codecs (AV1, H264, H265, VP9) use in-stream parameters, that were not taken into consideration anymore when generating init.mp4 and playlists. This has been solved.

WebRTC

RPI Camera

  • support changing text overlay dynamically (#5270) (#5748)

Dependencies

  • code.cloudfoundry.org/bytefmt updated from v0.70.0 to v0.72.0
  • github.com/Masterminds/semver/v3 updated from v3.4.0 to v3.5.0
  • github.com/bluenviron/gohlslib/v2 updated from v2.3.1 to v2.3.2
  • github.com/bluenviron/gortmplib updated from v0.3.1 to v0.3.2
  • github.com/bluenviron/gortsplib/v5 updated from v5.5.2 to v5.5.3
  • github.com/datarhei/gosrt updated from v0.10.0 to v0.11.0
  • github.com/fsnotify/fsnotify updated from v1.10.0 to v1.10.1
  • github.com/go-git/go-billy/v5 updated from v5.8.0 to v5.9.0
  • github.com/go-git/go-git/v5 updated from v5.18.0 to v5.19.0
  • github.com/gookit/color updated from v1.6.0 to v1.6.1
  • github.com/matthewhartstonge/argon2 updated from v1.5.2 to v1.5.3
  • github.com/pion/rtp updated from v1.10.1 to v1.10.2
  • golang.org/x/crypto updated from v0.50.0 to v0.51.0
  • golang.org/x/net updated from v0.53.0 to v0.54.0
  • golang.org/x/sys updated from v0.43.0 to v0.44.0
  • golang.org/x/term updated from v0.42.0 to v0.43.0
  • github.com/cyphar/filepath-securejoin updated from v0.4.1 to v0.6.1
  • github.com/pjbgf/sha1cd updated from v0.3.2 to v0.6.0
  • golang.org/x/text updated from v0.36.0 to v0.37.0
  • github.com/bluenviron/mediamtx-rpicamera updated from v2.5.6 to v2.5.7

Security

Binaries are compiled from source code by the Release workflow, which is a fully-visible process that prevents any change or external interference in produced artifacts.

Checksums of binaries are also published in a public blockchain by using GitHub Attestations, and they can be verified by running:

ls mediamtx_* | xargs -L1 gh attestation verify --repo bluenviron/mediamtx

You can verify checksums of binaries by downloading checksums.sha256 and running:

cat checksums.sha256 | grep "$(ls mediamtx_*)" | sha256sum --check

  •  
  • ↗️
↗️

PostgreSQL 18.4, 17.10, 16.14, 15.18, and 14.23 Released!

βœ‡PostgreSQL

The PostgreSQL Global Development Group has released an update to all supported versions of PostgreSQL, including 18.4, 17.10, 16.14, 15.18, and 14.23. This release fixes 11 security vulnerabilities and over 60 bugs reported over the last several months.

For the full list of changes, please review the release notes.

PostgreSQL 14 EOL Notice

PostgreSQL 14 will stop receiving fixes on November 12, 2026. If you are running PostgreSQL 14 in a production environment, we suggest that you make plans to upgrade to a newer, supported version of PostgreSQL. Please see our versioning policy for more information.

Security Issues

CVE-2026-6472: PostgreSQL CREATE TYPE does not check multirange schema CREATE privilege

CVSS v3.1 Base Score: 5.4

Supported, Vulnerable Versions: 14 - 18.

Missing authorization in PostgreSQL CREATE TYPE allows an object creator to hijack other queries that use search_path to find user-defined types, including extension-defined types. That is to say, the victim will execute arbitrary SQL functions of the attacker's choice. Versions before PostgreSQL 18.4, 17.10, 16.14, 15.18, and 14.23 are affected.

The PostgreSQL project thanks Jelte Fennema-Nio for reporting this problem.

CVE-2026-6473: PostgreSQL server undersizes allocations, via integer wraparound

CVSS v3.1 Base Score: 8.8

Supported, Vulnerable Versions: 14 - 18.

Integer wraparound in multiple PostgreSQL server features allows an application input provider to cause the server to undersize an allocation and write out-of-bounds. This results in a segmentation fault. Versions before PostgreSQL 18.4, 17.10, 16.14, 15.18, and 14.23 are affected.

The PostgreSQL project thanks Anemone, A1ex, Xint Code, Jihe Wang, Jingzhou Fu, Pavel Kohout, Petr Simecek, www.aisle.com, Bruce Dang of Calif.io, and Sven Klemm for reporting this problem.

CVE-2026-6474: PostgreSQL timeofday() can disclose portions of server memory

CVSS v3.1 Base Score: 4.3

Supported, Vulnerable Versions: 14 - 18.

Externally-controlled format string in PostgreSQL timeofday() function allows an attacker to retrieve portions of server memory, via crafted timezone zones. Versions before PostgreSQL 18.4, 17.10, 16.14, 15.18, and 14.23 are affected.

The PostgreSQL project thanks Xint Code for reporting this problem.

CVE-2026-6475: PostgreSQL pg_basebackup and pg_rewind can overwrite unrelated files of origin superuser choice

CVSS v3.1 Base Score: 8.8

Supported, Vulnerable Versions: 14 - 18.

Symlink following in PostgreSQL pg_basebackup plain format and in pg_rewind allows an origin superuser to overwrite local files, e.g. /var/lib/postgres/.bashrc, that hijack the operating system account. It will remain the case that starting the server after these commands implicitly trusts the origin superuser, due to features like shared_preload_libraries. Hence, the attack has practical implications only if one takes relevant action between these commands and server start, like moving the files to a different VM or snapshotting the VM. Versions before PostgreSQL 18.4, 17.10, 16.14, 15.18, and 14.23 are affected.

The PostgreSQL project thanks Valery Gubanov, XlabAI Team of Tencent Xuanwu Lab, Atuin Automated Vulnerability Discovery Engine, Zhanpeng Liu (pkugenuine(at)gmail(dot)com), Guannan Wang (wgnbuaa(at)gmail(dot)com), and Guancheng Li (lgcpku(at)gmail(dot)com) for reporting this problem.

CVE-2026-6476: PostgreSQL pg_createsubscriber allows SQL injection via subscription name

CVSS v3.1 Base Score: 7.2

Supported, Vulnerable Versions: 17 - 18.

SQL injection in PostgreSQL pg_createsubscriber allows an attacker with pg_create_subscription rights to execute arbitrary SQL as a superuser. The attack takes effect when pg_createsubscriber next runs. Within major versions 17 and 18, minor versions before PostgreSQL 18.4 and 17.10 are affected. Versions before PostgreSQL 17 are unaffected.

The PostgreSQL project thanks Yu Kunpeng for reporting this problem.

CVE-2026-6477: PostgreSQL libpq lo_* functions let server superuser overwrite client stack memory

CVSS v3.1 Base Score: 8.8

Supported, Vulnerable Versions: 14 - 18.

Use of inherently dangerous function PQfn(..., result_is_int=0, ...) in PostgreSQL libpq lo_export(), lo_read(), lo_lseek64(), and lo_tell64() functions allows the server superuser to overwrite a client stack buffer with an arbitrarily-large response. Like gets(), PQfn(..., result_is_int=0, ...) stores arbitrary-length, server-determined data into a buffer of unspecified size. Because both the \lo_export command in psql and pg_dump call lo_read(), the server superuser can overwrite pg_dump or psql stack memory. Versions before PostgreSQL 18.4, 17.10, 16.14, 15.18, and 14.23 are affected.

The PostgreSQL project thanks Yu Kunpeng and Martin Heistermann for reporting this problem.

CVE-2026-6478: PostgreSQL discloses MD5-hashed passwords via covert timing channel

CVSS v3.1 Base Score: 6.5

Supported, Vulnerable Versions: 14 - 18.

Covert timing channel in comparison of MD5-hashed password in PostgreSQL authentication allows an attacker to recover user credentials sufficient to authenticate. This does not affect scram-sha-256 passwords, the default in all supported releases. However, current databases may have MD5-hashed passwords originating in upgrades from PostgreSQL 13 or earlier. Versions before PostgreSQL 18.4, 17.10, 16.14, 15.18, and 14.23 are affected.

The PostgreSQL project thanks Joe Conway for reporting this problem.

CVE-2026-6479: PostgreSQL SSL/GSS init causes denial of service, via uncontrolled recursion

CVSS v3.1 Base Score: 7.5

Supported, Vulnerable Versions: 14 - 18.

Uncontrolled recursion in PostgreSQL SSL and GSS negotiation allows an attacker able to connect to a PostgreSQL AF_UNIX socket to achieve sustained denial of service. If SSL and GSS are both disabled, an attacker can do the same via access to a PostgreSQL TCP socket. Versions before PostgreSQL 18.4, 17.10, 16.14, 15.18, and 14.23 are affected.

The PostgreSQL project thanks Calif.io in collaboration with Claude and Anthropic Research for reporting this problem.

CVE-2026-6575: PostgreSQL pg_restore_attribute_stats accepts values that cause query planning to read past end of stats array

CVSS v3.1 Base Score: 4.3

Supported, Vulnerable Versions: 18.

Buffer over-read in PostgreSQL function pg_restore_attribute_stats() accepts array values of unmatched length, which causes query planning to read past end of one array. This allows a table maintainer to infer memory values past that array end. Within major version 18, minor versions before PostgreSQL 18.4 are affected. Versions before PostgreSQL 18 are unaffected.

The PostgreSQL project thanks Jeroen Gui for reporting this problem.

CVE-2026-6637: PostgreSQL refint allows stack buffer overflow and SQL injection

CVSS v3.1 Base Score: 8.8

Supported, Vulnerable Versions: 14 - 18.

Stack buffer overflow in PostgreSQL module refint allows an unprivileged database user to execute arbitrary code as the operating system user running the database. A distinct attack is possible if the application declares a user-controlled column as a refint cascade primary key and facilitates user-controlled updates to that column. In that case, a SQL injection allows a primary key update value provider to execute arbitrary SQL as the database user performing the primary key update. Versions before PostgreSQL 18.4, 17.10, 16.14, 15.18, and 14.23 are affected.

The PostgreSQL project thanks Nikolay Samokhvalov for reporting this problem.

CVE-2026-6638: PostgreSQL REFRESH PUBLICATION allows SQL injection via table name

CVSS v3.1 Base Score: 3.7

Supported, Vulnerable Versions: 16 - 18.

SQL injection in PostgreSQL logical replication ALTER SUBSCRIPTION ... REFRESH PUBLICATION allows a subscriber table creator to execute arbitrary SQL with the subscription's publication-side credentials. The attack takes effect at the next REFRESH PUBLICATION. Within major versions 16, 17, and 18, minor versions before PostgreSQL 18.4, 17.10, and 16.14 are affected. Versions before PostgreSQL 16 are unaffected.

The PostgreSQL project thanks Pavel Kohout, Aisle Research for reporting this problem.

Bug Fixes and Improvements

This update fixes over 60 bugs that were reported in the last several months. The issues listed below affect PostgreSQL 18. Some of these issues may also affect other supported versions of PostgreSQL.

  • Fix queries that could return incorrect results when using a nondeterministic collation over a unique index.
  • Fix loss of deferrability of foreign-key triggers. Previously, a foreign key defined as DEFERRABLE INITIALLY DEFERRED would behave as NOT DEFERRABLE after being set to NOT ENFORCED status and then back to ENFORCED. If you have a foreign key with this problem, after installing this update you can fix it by setting it to NOT ENFORCED and then back to ENFORCED.
  • Improve the planner's ability to apply partition pruning to more cases.
  • Fix self-join removal to handle join clauses that are only boolean columns, for example, ON t1.boolcol.
  • Several fixes around virtual generated columns, including ensuring INSERT ... ON CONFLICT works when EXCLUDED references a virtual generated column.
  • Report a serialization failure when MERGE encounters a concurrently-updated tuple in "repeatable read" or "serializable" isolation modes.
  • Fix CREATE TABLE ... LIKE ... INCLUDING STATISTICS for cases where the source table had one or more dropped columns.
  • Fix WITHOUT OVERLAPS to allow domains.
  • Disallow making a composite type be a member of itself via a multirange.
  • Fix sometimes-incorrect results when array_agg(anyarray) executes in parallel.
  • Prevent bloating during restore of an incremental backup.
  • Prevent stuck logical replication slot synchronization worker processes from blocking promotion of a standby server.
  • Make the pg_aios system view pid column show NULL instead of 0 when an entry has no owning process.
  • Fix cases where pg_stat_replication shows NULL lag even while replication is active.
  • Correctly display JOIN alias variables that are used in GROUP BY.
  • If the startup process fails, properly shut down other child processes before exiting the postmaster.
  • Fix race condition that could cause a standby server following WAL from a primary of an older minor version to get into a crash-and-restart loop.
  • Prevent indefinite wait in shutdown of a walsender process when logical replication is actively publishing data.
  • Ensure that free space map changes are persisted during recovery. This could have performance ramifications on a standby server after promotion.
  • Fix assorted bugs in backup decompression and tar-parsing code used in pg_basebackup and pg_verifybackup.
  • Ensure pg_dumpall doesn't skip role grants with dangling grantor OIDs, restoring the behavior before PostgreSQL 16. Emits a warning about missing grantor if the source server is PostgreSQL 16 or later.
  • Fix pg_upgrade to use the correct protocol version when connecting to older source servers.
  • Fix output in pg_overexplain when using the RANGE_TABLE option.
  • Fix postgres_fdw crash due to premature cleanup of a failed connection.

This release also updates time zone data files to tzdata release 2026b, in which British Columbia (America/Vancouver) will be on year-round UTC-07 (effectively, permanent DST) beginning in November 2026. This release assumes that their TZ abbreviation will be MST from that time forward (though this could change). There is also a historical correction for Moldova, which has used EU DST transition times since 2022.

Updating

All PostgreSQL update releases are cumulative. As with other minor releases, users are not required to dump and reload their database or use pg_upgrade in order to apply this update release; you may simply stop PostgreSQL and update its binaries.

Users who have skipped one or more update releases may need to run additional post-update steps; please see the release notes from earlier versions for details.

For more details, please see the release notes.

Links

If you have corrections or suggestions for this release announcement, please send them to the pgsql-www@lists.postgresql.org public mailing list.

  •  
  • ↗️
↗️

Minecraft 26.2-snapshot-7 (snapshot) Released

βœ‡Minecraft
26.2 Snapshot 7 (known as 26.2-snapshot-7 in the launcher) is the seventh snapshot for Java Edition 26.2, released on May 12, 2026, which adds new soundtracks, a new music disc, peer-to-peer connectivity, and the friends list. Full changelog: https://minecraft.wiki/Java_Edition_26.2-snapshot-7
  •  
  • ↗️
↗️

Release v2.4.4

βœ‡Dovecot
Door: cmouse

You can install pre-built binaries from https://repo.dovecot.org/

Docker images can be found at https://hub.docker.com/r/dovecot/dovecot

Please review https://doc.dovecot.org/2.4.4/installation/upgrade/2.3-to-2.4.html and https://doc.dovecot.org/2.4.4/installation/installation.html.

Important

There are experimental features in 2.4, one is enabled with --enable-experimental-mail-utf8, and another with --enable-experimental-imap4rev2, and you also need to set mail_utf8_extensions=yes and imap4rev2_enabled=yes to enable them in config.

Critical bug fixes

  • CVE-2026-27851: lib-var-expand: Safe filter marks all following pipelines safe.
  • CVE-2026-33603: auth: CRAM-SHA-*-PLUS channel binding could be faked.
    MITM attacker with a certificate trusted by the client could have
    bypassed the requirement for channel binding.
  • CVE-2026-40020: IMAP folders can be shared-spammed to everyone.
  • CVE-2026-42006: An attacker can cause uncontrolled memory usage with
    excessive bracing over IMAP. The fix in CVE-2026-27857 was incomplete.

Changes

  • indexer-worker, quota-status, script-login, program-client-local: Root
    privileges are now dropped permanently before serving requests.
  • indexer-worker: Default restart_request_count changed to 1 to work
    correctly after permanent root privilege drop.
  • lmtp: Add back service_extra_groups=$SET:default_internal_group that was
    incorrectly removed in v2.4.3.
  • master: inet_listener_reuse_port has been replaced by service_reuse_port.
    The new setting properly pre-creates all listener sockets at startup and
    assigns one unique socket per process. Using this allows evenly distributing
    incoming connections to login processes. See
    https://doc.dovecot.org/latest/core/config/service.html#service_reuse_port
    for details.

Bug fixes

  • auth: Fix LDAP escaping of 0x13 control character.
  • auth: Use timing-safe comparison for certificate and public key fingerprints.
  • fts: Correctly handle internal http-client response errors.
  • fts: Don't send request to Tika if there is no body text.
  • fts: Fix address header indexing for RFC 2047 encoded-words.
  • fts: tika, fts-solr: Fix use-after-free crash during DNS lookup.
  • imap: Fix assertion panic on invalid REPLACE 0 command.
  • lib-auth-client: Avoid "unknown id" errors for aborted auth requests.
  • lib-dcrypt: Fix potential crash if trying to access untrusted/corrupted keys.
  • lib-dcrypt: Improve error message if keys aren't in hex format as expected.
  • lib-index: Fix potential crash if fsck fails.
  • lib-ldap: Fix using OpenLDAP default CA when ssl_client_ca_dir/file is unset.
    v2.4.3 regression.
  • lib-master, master: Fix behavior for services with client_limit>1 and
    restart_request_count so that processes reaching restart_request_count are
    no longer counted towards process_limit.
  • lib-master: Fix crash when reaching client_limit with restart_request_count>1.
  • lib-master: haproxy - Don't trust client certificate common name when
    HAProxy reports verification failure.
  • lib-sasl: cram-md5 - Fix out of bounds memory read.
  • lib-sasl: oauth2 - Fix one byte out of bounds read.
  • lib-sql: cassandra - Fix reusing Cassandra SSL connections.
  • lib-sql: sqlite - Fix sqlite_journal_mode=wal to actually work.
  • lib-storage: Auto-rename non-NFC subscription file entries to NFC on read.
  • lib-storage: Prevent non-atom SEARCH keywords from causing IMAP
    command injection.
  • lib-var-expand-crypt: Return error if hex decoding fails.
  • lib-var-expand: Fix crash (SIGFPE) with non-positive divisor for / and %.
  • log: Fix memory leak at deinit.
  • login-common: When process is full, don't destroy clients waiting on
    master auth.
  • login-proxy: Fix crash with rawlog and multiplexing during reconnection.
  • mail-compress: Fix panic when save method unavailable.
  • mail-crypt: Fix crash when HMAC-based algorithm is used.
  • mail-crypt: Use AEAD instead of HMAC with ChaCha20-Poly1305.
  • mdbox: Create files with O_NOFOLLOW.
  • push-notification: ox - Fix use-after-free crash during DNS lookup.
  • quota: quota-status - Limit input buffer size to 1 kB.

  •  
  • ↗️
↗️

v0.16.5

βœ‡Stalwart
Door: github-actions[bot]

[0.16.5] - 2026-05-11

If you are upgrading from v0.16.x, replace the binary (or run docker pull). If you are upgrading from v0.15.x and below, please read the upgrading documentation for more information on how to upgrade from previous versions.

Added

  • is_ip_in_cidr expression function for CIDR matching.

Changed

  • Bump mail-auth to 0.9 (which bumps hickory-resolver to 0.26).
  • Deprecated RFC2136 SIG(0) support as it is no longer supported by hickory.

Fixed

  • JMAP:
    • Patching ids containing digits in JSON Pointers fails.
    • Patching nested objects with null values fails.
  • External directories:
    • SQL: Return Failed instead of Error when the query returns no results.
    • LDAP: Impersonation fails when the user has not logged in before.
  • Network: Attempt binding to IPv4 when binding to IPv6 fails with EAFNOSUPPORT error.
  • Bootstrap: Timeout after 30 seconds when probing the data store.
  • HTTP: Use permissive CORS headers for .well-known endpoints.
  • ACME:
    • Include apex domains when requesting certificates for subdomains.
    • Use the public suffix list to determine the zone name when no origin is provided.
  • MTA:
    • Allow rescheduling recipients with permanent failures.
    • Process reports using original RCPT before rewriting.
  • Autodiscover v2 endpoint unreachable.
  • DNS update (via dns-update crate):
    • OVH + Google Cloud DNS: Fix FQDN handling for MX and SRV records.
    • Route53: Fix changeset error resolution.
    • deSEC: Use empty subname for apex records instead of @, which the API rejects.
    • Cloudflare: Wrap TXT record content in double quotes (RFC 1035) to suppress dashboard warnings.
  • iCalendar/JSCalendar (via calcard crate):
    • Support STATUS:CANCELLED mapping from VTODO to JSCalendar.
    • Fixed duration parsing for zero duration PT0S.

Check binary attestation here

  •  
  • ↗️
↗️

v0.16.4

βœ‡Stalwart
Door: github-actions[bot]

[0.16.4] - 2026-05-05

If you are upgrading from v0.16.x, replace the binary (or run docker pull). If you are upgrading from v0.15.x and below, please read the upgrading documentation for more information on how to upgrade from previous versions.

Added

Changed

Fixed

  • Live tracing in community and OSS versions.
  • Timezone changes from the AccountSettings object return invalidProperties.
  • mail-parser panic with certain messages containing corrupted attachments.
  • Pagination by anchor for queued messages, tasks and metrics.
  • Spam filter: Use original instead of rewritten RCPT on checks.
  • JMAP:
    • References in nested objects not resolved.
    • AddressBook/query fetches wrong resources.
  • Import tool fails to restore registry entries.
  • FDB: Allow multiple FoundationDB instances in the same process.
  • Autoconfig: Return %EMAILADDRESS% when no email address is provided.
  • Quota: Include Sieve scripts in quota recalculations.

Check binary attestation here

  •  
  • ↗️
↗️

Postfix stable release 3.11.2 and legacy releases 3.10.9, 3.9.10, 3.8.16

βœ‡Postfix

Postfix stable release 3.11.2 and legacy releases 3.10.9, 3.9.10, 3.8.16

[An on-line version of this announcement will be available at https://www.postfix.org/announcements/postfix-3.11.2.html]

Fixed in Postfix 3.11:

  • Bugfix (defect introduced: Postfix 3.11): the proxymap(8) daemon dereferenced an uninitialized pointer after a request protocol error. This daemon is not exposed to local or remote users. Found by Claude Opus 4.6.

  • Bugfix (defect introduced: 20260309) a change, to set the service_name default value to "amnesiac", violated a test that parameter names in postconf output must match 1:1 with parameter names in the postlink script.

Fixed in Postfix 3.10:

  • Bugfix (defect introduced: Postfix 3.10): The RFC 2047 encoder for the sender "full name" could loop when a very long full_name_encoding_charset value was configured in main.cf. Found by Claude Opus 4.6.

Fixed in Postfix 3.8, 3.9, 3.10:

  • Bugfix (defect introduced: Postfix 2.3, date: 20050323): buffer over-read when Postfix an enhanced status code is not followed by other text. For example, "5.7.2" without text after the three-number code. This CANNOT be triggered with an SMTP or LMTP server response; is confirmed with an access(5) table and likely with a policy server response; can possibly be triggered with pipe-to-command output, header_checks(5), body_checks(5), an error(8) transport in transport_maps, or a milter response; and is confirmed with a DNSBL server TXT response while Postfix is configured with "$rbl_code $rbl_text" in rbl_reply_maps or default_rbl_reply. This could result in process termination. Problem reported by Kamil Frankowicz.

    For older Postfix versions, a buffer over-read patch is included at the end of this text.

  • Code cleanup: log a fatal error instead of dereferencing a null pointer after a first/next cursor initialization failure. Fedor Vorobev. This affected the Berkeley DB client.

Fixed in Postfix 3.8, 3.9, 3.10. 3.11:

  • Portability: support for recent FreeBSD, NetBSD, and OpenBSD versions. Brad Smith.

  • Bugfix (defect introduced: Postfix 2.2, date 20041207): When truncating a database file, the cdb: database client looked at the file size from before requesting an exclusive lock on a database file, instead of the file size after the exclusive lock was granted. Found by Claude Opus 4.6.

  • Bugfix (defect introduced: Postfix alpha, date 19980309): file descriptor leak after fork() failure. Found by Claude Opus 4.6.

  • Mistakes in debug logging. Found by Claude Opus 4.6. This affected two files in Postfix 3.8 and 3.9, three files in Postfix 3.10 and 3.11.

  • Unchecked null pointer results after an out-of-memory condition in a library dependency. Found by Claude Opus 4.6. The fix is to return an error status or to log a fatal error. This affected three source files.

  • Missing or incomplete guards for ssize_t or int overflow, found by Claude Opus 4.6. This affected three source files. These limits are unlikely to be exceeded because the size of in-memory objects is limited by design (the number of in-memory objects is also limited).

You can find the updated Postfix source code at the mirrors listed at https://www.postfix.org/.

Buffer over-read patch for Postfix 2.3 .. 3.7: 

 --- /var/tmp/postfix-3.8.15/src/global/dsn_util.c	2006-01-07 20:28:37.000000000 -0500 +++ src/global/dsn_util.c	2026-05-01 16:59:50.961688175 -0400 @@ -155,5 +155,5 @@  	strncpy(dp->dsn.data, cp, len);  	dp->dsn.data[len] = 0; -	cp += len + 1; +	cp += len;      } else if ((len = dsn_valid(def_dsn)) > 0) {  	strncpy(dp->dsn.data, def_dsn, len);
  •  
  • ↗️
↗️

Asterisk Release certified-18.9-cert18

βœ‡Asterisk
Door: asteriskteam

The Asterisk Development Team would like to announce
the release of Certified asterisk-18.9-cert18.

The release artifacts are available for immediate download at
https://github.com/asterisk/asterisk/releases/tag/certified-18.9-cert18
and
https://downloads.asterisk.org/pub/telephony/certified-asterisk

Repository: https://github.com/asterisk/asterisk
Tag: certified-18.9-cert18

This release resolves issues reported by the community
and would have not been possible without your participation.

Thank You!

Change Log for Release asterisk-certified-18.9-cert18

Links:

Summary:

  • Commits: 1
  • Commit Authors: 1
  • Issues Resolved: 1
  • Security Advisories Resolved: 0

User Notes:

Upgrade Notes:

Developer Notes:

Commit Authors:

  • Naveen Albert: (1)

Issue and Commit Detail:

Closed Issues:

  • ASTERISK-30265: res_pjsip_session: Fix missing PLAR support on INVITEs

Commits By Author:

  • Naveen Albert (1):

    • res_pjsip_session.c: Map empty extensions in INVITEs to s.

Commit List:

  • res_pjsip_session.c: Map empty extensions in INVITEs to s.

Commit Details:

res_pjsip_session.c: Map empty extensions in INVITEs to s.

Author: Naveen Albert
Date: 2022-10-17

Some SIP devices use an empty extension for PLAR functionality.

Rather than rejecting these empty extensions, we now use the s
extension for such calls to mirror the existing PLAR functionality
in Asterisk (e.g. chan_dahdi).

ASTERISK-30265 #close

  •  
  • ↗️
↗️

v0.16.3

βœ‡Stalwart
Door: github-actions[bot]

[0.16.3] - 2026-04-30

If you are upgrading from v0.16.x, replace the binary (or run docker pull). If you are upgrading from v0.15.x and below, please read the upgrading documentation for more information on how to upgrade from previous versions.

Added

Changed

  • Replaced STALWART_HTTPS_PORT with STALWART_PUBLIC_URL.
  • App Passwords now begin with app_ instead of app to avoid issues with some clients that do not support spaces in passwords.

Fixed

  • Directory:
    • Invalidate caches when group memberships change on an external directory.
    • OIDC: errors instead of "failed to decode token".
    • OIDC: Recovery admin access.
    • User impersonation.
  • Tasks:
    • Delete locked tasks.
    • Queue pagination by anchor.
  • Log viewer: All events show as INFO.
  • Registry: Allow changing object variants.
  • Node id renewal.
  • DNS Updater: Fix Route53 serialization format.

Check binary attestation here

  •  
  • ↗️
↗️

v1.18.1

βœ‡MediaMTX
Door: github-actions[bot]

Fixes and improvements

General

  • prevent code injection in case of MTX_QUERY in hooks (#5707) When MTX_QUERY is used explicitly in hooks, for instance "curl http://something/?$MTX_QUERY", it can be used to inject arbitrary commands. MTX_QUERY is now url-encoded to prevent any abuse regardless of the configuration.
  • use temporary redirects instead of permanent redirects (#5710) this prevents unwanted caching.

HLS

  • prevent open redirect attacks (#5708)
  • support reading and writing KLV (#5604)
  • add hlsCDNSecret (#5716) this allows to serve HLS streams behind a CDN in a simplified way, compatible with the new HLS session system.
  • add public attribute to cache-control header (bluenviron/gohlslib#349)
  • allow caching non-low-latency playlists (bluenviron/gohlslib#350)

WebRTC

  • prevent open redirect attacks (#5708)

RPI Camera

Security

Binaries are compiled from source code by the Release workflow, which is a fully-visible process that prevents any change or external interference in produced artifacts.

Checksums of binaries are also published in a public blockchain by using GitHub Attestations, and they can be verified by running:

ls mediamtx_* | xargs -L1 gh attestation verify --repo bluenviron/mediamtx

You can verify checksums of binaries by downloading checksums.sha256 and running:

cat checksums.sha256 | grep "$(ls mediamtx_*)" | sha256sum --check

  •  
  • ↗️
↗️

v1.18.0

βœ‡MediaMTX
Door: github-actions[bot]

New major features

HLS

  • track sessions (#962) (#5683) sessions are now tracked through cookies or query parameters. This provides the ability to inspect sessions through logs, metrics and API, allows more precise tracking of outbound bytes, decreases load on external HTTP authentication URLs since they are now called once per session and not once per request.
  • support serving streams with a CDN (#5696)

Fixes and improvements

General

  • improve listener labels (#5635) add a label after every "listener opened on :XXX" message that mentions protocols of every listener.
  • dump unencrypted TLS sessions (#5624) when dumpPackets is true, embed TLS master keys into the dump, in a format which is natively compatible with Wireshark.
  • use "token" as query parameter key to pass tokens (#5647) the legacy "jwt" query parameter key is still supported.
  • deprecate authJWTInHTTPQuery and disable JWTs in query parameters (#5648) This fixes a long standing security flaw. Even though it's a breaking change, few users should be impacted since this feature has been discouraged for some time.
  • expose token passed as query parameter to HTTP authentication too (#5649) this allows to parse tokens coming from RTSP and RTMP without additional effort.
  • playback: return errors as JSON (#5656) this is aligned with all other HTTP-based services.
  • prevent out-of-memory errors (#5674) impose a maximum size on body of incoming HTTP requests and responses.
  • metrics: improve performance (#5663) use string.Builder instead of string concatenation
  • metrics: add labels to the output (#5687) group metrics under visible, distinct labels.
  • metrics: fix filtering by type=rtmp_conns and type=rtmps_conns (#5689)
  • metrics: add readerType attribute to the path_readers metric (#5690) this allows to filter path readers by type.
  • metrics: use an enum for parsing metrics type (#5692)
  • metrics: fix race condition when reloading configuration (#5693)
  • docs: add scaling page (#5695)

API

  • sort path readers (#5691)

RTSP

HLS

  • return JSON with error message in case path conf is not available (#5655) this behavior is aligned with WebRTC one.
  • improve muxer performance (#5660) use a mutex instead of a channel to get current instance.
  • fix running linter when there are unstaged git changes (bluenviron/gohlslib#336)
  • client: use redirected URL when reloading playlist (bluenviron/gohlslib#340) this allows to store and use tokens and signed URLs.
  • client: support reading KLV (bluenviron/gohlslib#337)
  • prevent out-of-memory errors (bluenviron/gohlslib#343)
  • muxer: generate init segment once (bluenviron/gohlslib#344) Previously, the init segment was regenerated in case of codec parameter changes, but changing the init segment has been proved to cause video and audio discontinuities on iOS. Now the init file contains starting parameters only and never changes during the stream lifetime.
  • client: increase size limit of segments and parts (bluenviron/gohlslib#345)
  • return a custom error when body size limit is exceeded (bluenviron/gohlslib#346)
  • muxer: store non-low-latency playlists and init files on disk (bluenviron/gohlslib#348)

Dependencies

  • code.cloudfoundry.org/bytefmt updated from v0.67.0 to v0.69.0
  • github.com/alecthomas/kong updated from v1.14.0 to v1.15.0
  • github.com/bluenviron/gohlslib/v2 updated from v2.2.9 to v2.3.0
  • github.com/bluenviron/gortsplib/v5 updated from v5.5.1 to v5.5.2
  • github.com/go-git/go-git/v5 updated from v5.17.2 to v5.18.0
  • github.com/matthewhartstonge/argon2 updated from v1.4.6 to v1.5.2
  • github.com/pion/ice/v4 updated from v4.2.2 to v4.2.5
  • golang.org/x/crypto updated from v0.49.0 to v0.50.0
  • golang.org/x/sys updated from v0.42.0 to v0.43.0
  • golang.org/x/term updated from v0.41.0 to v0.42.0
  • github.com/pion/stun/v3 updated from v3.1.1 to v3.1.2
  • github.com/pion/turn/v4 removed
  • golang.org/x/net updated from v0.52.0 to v0.53.0
  • golang.org/x/text updated from v0.35.0 to v0.36.0
  • golang.org/x/time updated from v0.12.0 to v0.14.0
  • github.com/pion/turn/v5 v5.0.3 added
  • hls.js updated from v1.6.15 to v1.6.16

Security

Binaries are compiled from source code by the Release workflow, which is a fully-visible process that prevents any change or external interference in produced artifacts.

Checksums of binaries are also published in a public blockchain by using GitHub Attestations, and they can be verified by running:

ls mediamtx_* | xargs -L1 gh attestation verify --repo bluenviron/mediamtx

You can verify checksums of binaries by downloading checksums.sha256 and running:

cat checksums.sha256 | grep "$(ls mediamtx_*)" | sha256sum --check

  •  
  • ↗️
↗️

v1.17.1

βœ‡MediaMTX
Door: github-actions[bot]

Fixes and improvements

General

  • prevent directory traversal attacks (#5602) Path names are used as part of paths in several components: in the recorder, in the playback server and in every HTTP-based component (WebRTC, HLS, API). Special characters that allow to escape from the intended directory are now forbidden in order to prevent directory traversal attacks.

RTSP

RTMP

WebRTC

  • fix random absolute timestamps with Opus, G711 and LPCM (#5597) When rewriting audio RTP timestamps in WebRTC egress, NTP was derived using regenerated packet timestamps minus the incoming RTP base timestamp. That mixed timestamp domains and could shift absolute time by an arbitrary offset while still exposing mapping as available. Fix by using a consistent outgoing RTP domain in rewritten audio paths
  • strip TWCC extension of incoming RTP packets (#5146) (#5605) The TWCC extension is used as part of the WebRTC congestion control algorithm placed between the publisher and the server. If this extension is routed untouched from the server to readers, it messes with the congestion control algorithm present between the server and each reader. Remove it.

RPI Camera

Dependencies

  • github.com/bluenviron/gortmplib updated from v0.3.0 to v0.3.1
  • github.com/bluenviron/gortsplib/v5 updated from v5.5.0 to v5.5.1
  • github.com/gin-contrib/pprof updated from v1.5.3 to v1.5.4
  • github.com/go-git/go-git/v5 updated from v5.17.0 to v5.17.2
  • github.com/pion/ice/v4 updated from v4.2.1 to v4.2.2
  • github.com/pion/webrtc/v4 updated from v4.2.9 to v4.2.11
  • github.com/pion/sctp updated from v1.9.2 to v1.9.4
  • github.com/bluenviron/mediamtx-rpicamera updated from v2.5.4 to v2.5.5

Security

Binaries are compiled from source code by the Release workflow, which is a fully-visible process that prevents any change or external interference in produced artifacts.

Checksums of binaries are also published in a public blockchain by using GitHub Attestations, and they can be verified by running:

ls mediamtx_* | xargs -L1 gh attestation verify --repo bluenviron/mediamtx

You can verify checksums of binaries by downloading checksums.sha256 and running:

cat checksums.sha256 | grep "$(ls mediamtx_*)" | sha256sum --check

  •  
  • ↗️
↗️

v1.17.0

βœ‡MediaMTX
Door: github-actions[bot]

New major features

WebRTC

  • support publishing multiple video/audio renditions (#5573) this allows to receive multiple video tracks from OBS Studio with the new WebRTC Simulcast feature introduced in v32.1.0.

API

  • provide track details (#5307) (#5333) (#1726) (#5585)
  • add user field to RTSP, RTMP, SRT, WebRTC conns and sessions (https://github.com/bluenviron/mediamtx/issues/5104) (#5565)
  • add RTSP reported lost packets (#5198) (#5579) The new outboundRtpPacketsReportedLost property allows to track RTP packets that have been reported lost by readers. Furthermore, stats now have a "inbound" or "outbound" prefix to improve readability.
  • rename WebRTC stats to match RTSP ones (#5581)
  • add new stats (#5582) - RTSPSession.outboundRTPPacketsDiscarded - Path.inboundFramesInError - SRTConn.outboundFramesDiscarded - WebRTCSession.outboundFramesDiscarded - RTMPConn.outboundFramesDiscarded - HLSMuxer.outboundFramesDiscarded

Fixes and improvements

General

  • avoid buffering HTTP response body in loggerWriter (#5552) loggerWriter was shadow-copying every response byte into a bytes.Buffer to report the body size, causing the entire response to be accumulated in memory for the lifetime of each request. Replace the buffer with a plain int counter since dump() only ever reported the byte count anyway.
  • optionally validate JWT iss and aud claims (#5569)
  • metrics: add two missing SRT stats (#5580)

API

  • add deprecated fields to the OpenAPI definition (#5575)
  • add missing enums and move all enums in dedicated components (#5576)

RTSP

HLS

WebRTC

  • fix panic with WHIP POST authentication failures (#5566)

Dependencies

  • code.cloudfoundry.org/bytefmt updated from v0.64.0 to v0.67.0
  • github.com/abema/go-mp4 updated from v1.4.1 to v1.5.0
  • github.com/bluenviron/gohlslib/v2 updated from v2.2.8 to v2.2.9
  • github.com/bluenviron/gortsplib/v5 updated from v5.4.0 to v5.5.0
  • github.com/bluenviron/mediacommon/v2 updated from v2.8.2 to v2.8.3
  • golang.org/x/crypto updated from v0.48.0 to v0.49.0
  • golang.org/x/sys updated from v0.41.0 to v0.42.0
  • golang.org/x/term updated from v0.40.0 to v0.41.0
  • golang.org/x/net updated from v0.51.0 to v0.52.0
  • golang.org/x/text updated from v0.34.0 to v0.35.0

Security

Binaries are compiled from source code by the Release workflow, which is a fully-visible process that prevents any change or external interference in produced artifacts.

Checksums of binaries are also published in a public blockchain by using GitHub Attestations, and they can be verified by running:

ls mediamtx_* | xargs -L1 gh attestation verify --repo bluenviron/mediamtx

You can verify checksums of binaries by downloading checksums.sha256 and running:

cat checksums.sha256 | grep "$(ls mediamtx_*)" | sha256sum --check

  •  
  • ↗️
↗️

v1.16.3

βœ‡MediaMTX
Door: github-actions[bot]

Fixes and improvements

General

  • fill product version of Windows executable (#5167) (#5511)
  • improve JSON decoder performance (#5526) avoid decoding JSON twice.
  • fix panic when setting writeQueueSize to zero (#5360) (#5527)
  • prevent using alwaysAvailableFile and alwaysAvailableTracks together (#5529)
  • improve playback precision of alwaysAvailable offline segment (#5530)
  • fix MPEG-4 audio configuration not matching error (#5468) (#5533) This happened when using alwaysAvailableFile and a MPEG-4 audio track.
  • fix corrupted video with alwaysAvailableFile (#5534) when alwaysAvailableFile points to a file with a H265 or H264 track, server is started, an online stream is published and then closed, video was getting corrupted since the online video was overriding the parameters of the offline video.
  • fix audio from alwaysAvailableFile not being streamed (#5535)
  • fix alwaysAvailableFile restarting when a publisher fails (#5536) when a publisher try to start an online stream and there's an error, alwaysAvailableFile restarted without any reason.
  • revert to Go 1.25 (#5521) (#5538) It seems like Go 1.26 is causing segmentation faults, related to channels, on Windows.
  • inherit MPEG-4 audio type from alwaysAvailableFile (#5539)
  • mpegts: properly compute PTS of async KLV frames (bluenviron/mediacommon#291) (bluenviron/mediacommon#311) Store last valid PTS as soon as possible, by parsing PES headers in advance, then use this PTS as timestamp of KLV frames without PTS.

HLS

Dependencies

  • Go updated from 1.26 to 1.25
  • github.com/asticode/go-astits updated from v1.14.0 to v1.15.0
  • github.com/bluenviron/gohlslib/v2 updated from v2.2.6 to v2.2.8
  • github.com/bluenviron/gortsplib/v5 updated from v5.3.2 to v5.4.0
  • github.com/bluenviron/mediacommon/v2 updated from v2.8.0 to v2.8.2
  • github.com/gin-gonic/gin updated from v1.11.0 to v1.12.0
  • github.com/go-git/go-billy/v5 updated from v5.7.0 to v5.8.0
  • github.com/go-git/go-git/v5 updated from v5.16.5 to v5.17.0
  • github.com/bytedance/sonic updated from v1.14.0 to v1.15.0
  • github.com/bytedance/sonic/loader updated from v0.3.0 to v0.5.0
  • github.com/cloudflare/circl updated from v1.6.1 to v1.6.3
  • github.com/gabriel-vasile/mimetype updated from v1.4.8 to v1.4.12
  • github.com/go-playground/validator/v10 updated from v10.27.0 to v10.30.1
  • github.com/quic-go/quic-go updated from v0.57.0 to v0.59.0
  • github.com/ugorji/go/codec updated from v1.3.0 to v1.3.1
  • golang.org/x/arch updated from v0.20.0 to v0.22.0
  • golang.org/x/net updated from v0.50.0 to v0.51.0
  • google.golang.org/protobuf updated from v1.36.9 to v1.36.10
  • github.com/bytedance/gopkg v0.1.3 added
  • go.mongodb.org/mongo-driver/v2 v2.5.0 added

Security

Binaries are compiled from source code by the Release workflow without human intervention.

You can verify that binaries have been produced by the workflow by using GitHub Attestations:

ls mediamtx_* | xargs -L1 gh attestation verify --repo bluenviron/mediamtx

You can verify checksums of binaries by downloading checksums.sha256 and running:

cat checksums.sha256 | grep "$(ls mediamtx_*)" | sha256sum --check

  •  
  • ↗️
↗️

v1.16.2

βœ‡MediaMTX
Door: github-actions[bot]

Fixes and improvements

General

  • support X-Forwarded-Proto in playback server (#4970) (#5445) allow reverse proxies to change the schema of URLs returned by the server through the X-Forwarded-Proto header.
  • make config file YAML 1.2 compliant (#5345) (#5456)
  • replace YAML parser (#5461) switch from the unmaintained gopkg.in/yaml to goccy/go-yaml
  • deprecate unix+rtp (#5318) (#4999) (#5351) (#5470) Unix socket are stream-based connections, while RTP requires packet-based connections. While packet-based Unix sockets exist (unixgram), no client supports them. Consequently we are forced to deprecate unix+rtp.
  • fix codec parameters not being loaded from alwaysAvailableFile (#5484)
  • warn when alwaysAvailableFile is not MP4 (#5483)
  • suggest using JWTs in query parameters for RTSP and RTMP (#5267) (#5493) In case of RTSP and RTMP, JWTs cannot be used as passwords since there's a size limit. Therefore, documentation is updated to suggest passing JWT through query parameters, and authJWTInHTTPQuery is updated to act on HTTP requests only.
  • fix error 400 with parallel describe and publish requests (#5095) (#5502) When a path is dynamic, and the path receives multiple describe and publish requests in parallel, describe requests might cause the path to be deleted, and this might cause pending publish requests to fail, since the path has been deleted. This patch improves the situation by checking for pending requests before deleting a path.
  • add integrated packet dumper (#5488) this allows to dump any incoming and outgoing packet, to disk, in pcapng format.
  • log packet sizes if UDPMaxPayloadSize is exceeded (#4668)
  • improve video/audio sync of alwaysAvailable (#5443) (#5508) store elapsed time once for the entire stream and start PTS of sub streams from there.
  • improve pmp4 and fmp4 parser robustness (bluenviron/mediacommon#299)
  • mp4: fix H265 + iOS compatibility (bluenviron/mediacommon#290) On iOS, H265 requires the hvc1 box instead of the hev1 box.
  • h264: prevent Annex-B from decoding more NALUs than MaxNALUsPerAccessUnit (bluenviron/mediacommon#303)
  • improve H264 and MPEG-4 video performance (#4971) (bluenviron/mediacommon#304)
  • mp4: fill reserved fields properly (bluenviron/mediacommon#307)
  • mpegts: parse Opus channel configuration (#5002) (bluenviron/mediacommon#309)

API

  • add conns to RTSP Sessions (#5454) this allows to find connections associated with a RTSP session.

RTMP

  • prevent legacy clients from reading multiple video/audio tracks (#5478)
  • fix marshaling H264 VideoExCodedFrames (#4996) (bluenviron/gortmplib#46) These messages were marshaled wrongly, causing errors when trying to read H264 tracks with an ID >= 1.
  • support reading H265 with video codec id 12 (#5105) (bluenviron/gortmplib#48)

HLS

  • client: support storing and sending cookies (#5444)

WebRTC

  • allow tuning WHEP timeouts (#5027) (#5479) add whepHandshakeTimeout, whepTrackGatherTimeout, whepSTUNGatherTimeout
  • add whepBearerTokenParameter (#3796) (#5486) this allows to pass Authorization: Bearer to servers that require it.

SRT

  • set timeout of idle peers to readTimeout (#5489)

RPI Camera

Dependencies

  • Go updated from 1.25 to 1.26
  • code.cloudfoundry.org/bytefmt updated from v0.63.0 to v0.64.0
  • github.com/MicahParks/keyfunc/v3 updated from v3.7.0 to v3.8.0
  • github.com/bluenviron/gohlslib/v2 updated from v2.2.5 to v2.2.6
  • github.com/bluenviron/gortmplib updated from v0.2.1 to v0.3.0
  • github.com/bluenviron/gortsplib/v5 updated from v5.3.1 to v5.3.2
  • github.com/bluenviron/mediacommon/v2 updated from v2.7.1 to v2.8.0
  • github.com/datarhei/gosrt updated from v0.9.0 to v0.10.0
  • github.com/go-git/go-git/v5 updated from v5.16.4 to v5.16.5
  • github.com/matthewhartstonge/argon2 updated from v1.4.5 to v1.4.6
  • github.com/pion/ice/v4 updated from v4.2.0 to v4.2.1
  • github.com/pion/sdp/v3 updated from v3.0.17 to v3.0.18
  • github.com/pion/webrtc/v4 updated from v4.2.3 to v4.2.9
  • golang.org/x/crypto updated from v0.47.0 to v0.48.0
  • golang.org/x/sys updated from v0.40.0 to v0.41.0
  • golang.org/x/term updated from v0.39.0 to v0.40.0
  • gopkg.in/yaml.v2 removed
  • github.com/goccy/go-yaml updated from v1.18.0 to v1.19.2
  • github.com/pion/dtls/v3 updated from v3.0.10 to v3.1.2
  • golang.org/x/net updated from v0.49.0 to v0.50.0
  • golang.org/x/text updated from v0.33.0 to v0.34.0
  • github.com/google/gopacket v1.1.19 added
  • github.com/bluenviron/mediamtx-rpicamera updated from v2.5.3 to v2.5.4

Security

Binaries are compiled from source code by the Release workflow without human intervention.

You can verify that binaries have been produced by the workflow by using GitHub Attestations:

ls mediamtx_* | xargs -L1 gh attestation verify --repo bluenviron/mediamtx

You can verify checksums of binaries by downloading checksums.sha256 and running:

cat checksums.sha256 | grep "$(ls mediamtx_*)" | sha256sum --check

  •  
  • ↗️
↗️

v1.16.1

βœ‡MediaMTX
Door: github-actions[bot]

Fixes and improvements

General

  • fix typo in error message ('alwaysAvailableVideo' -> 'alwaysAvailableFile') (#5417)
  • emit structured logs with nanosecond precision (#4924) (#5404)
  • set default udpMaxPayloadSize to an IPv6 compatible value (#4882) (#5402) When using IPv6, there are 20 bytes less available for UDP payload, which has been adjusted accordingly.
  • add authHTTPFingerprint (#5413) (#5422)
  • add additional checks on always-available streams (#5408) make sure that published streams match MPEG-4 audio, G711 and LPCM parameters declared in configuration or used by the offline file.
  • improve JSON error message (#5412) (#5433)
  • pmp4: improve compatibility (#5423) (bluenviron/mediacommon#298)

RTSP

RPI Camera

Dependencies

  • code.cloudfoundry.org/bytefmt updated from v0.62.0 to v0.63.0
  • github.com/alecthomas/kong updated from v1.13.0 to v1.14.0
  • github.com/bluenviron/gortsplib/v5 updated from v5.3.0 to v5.3.1
  • github.com/bluenviron/mediacommon/v2 updated from v2.7.0 to v2.7.1
  • github.com/pion/interceptor updated from v0.1.43 to v0.1.44
  • github.com/pion/rtp updated from v1.10.0 to v1.10.1
  • github.com/bluenviron/mediamtx-rpicamera updated from v2.5.2 to v2.5.3

Security

Binaries are compiled from source code by the Release workflow without human intervention.

You can verify that binaries have been produced by the workflow by using GitHub Attestations:

ls mediamtx_* | xargs -L1 gh attestation verify --repo bluenviron/mediamtx

You can verify checksums of binaries by downloading checksums.sha256 and running:

cat checksums.sha256 | grep "$(ls mediamtx_*)" | sha256sum --check

  •  
  • ↗️
↗️

v1.16.0

βœ‡MediaMTX
Door: github-actions[bot]

New major features

General

  • add always available streams (#5335) When the publisher or source of a stream is offline, the server can be configured to fill gaps in the stream with a video that is played on repeat until a publisher comes back online. This allows readers to stay connected regardless of the state of the stream. The offline video and any future online stream are concatenated without decoding or re-encoding packets, using the original codec.

API

  • add available, availableTime, online, onlineTime properties (#5391) these replace ready and readyTime and allow to monitor the new "always-available" feature.

WebRTC

  • support reading KLV tracks (#4722)

Fixes and improvements

General

  • move away from balenalib Docker images (#5313)
  • print OS and Arch in first log line (#5315)
  • print last decode error (#5319) decode errors are still grouped together, but the last one is now printed.
  • print last processing error (#5323)
  • use the same filtering process for every codec (#5324) this allows to apply features that were previously implemented for single codecs (like RTP packet resizing), to any codec, and simplifies future development.
  • prevent several configuration errors (#5368)
  • fix typos in documentation (#5370)
  • fix overriding default user with environment variables (#5371) MTX_AUTHINTERNALUSERS_0_USER and MTX_AUTHINTERNALUSERS_0_PASS are now working even when the configuration file is present.
  • prevent setting empty usernames with environment variables (#5373)
  • fix panic with environment variables (#5374) this happened when loading deprecated slices of structs with environment variables.
  • prevent setting slices to null (#5375) In Golang, slices can be set to nil, while in most other languages they cannot. This causes compatibility issues, especially because the OpenAPI definition of the API does not allow slices to be nil. This prevents slices from being set to nil through JSON/YAML, and also sets default slices to an empty list instead of nil.
  • Update hlsEncryption documentation on Low-Latency HLS requirements (#5379)
  • fix race condition when closing HTTP servers (#5390) when a HTTP server is closed, open connections are now immediately closed and open routines are waited before the server is considered closed.
  • deprecate fallback (#5388) The fallback feature worked with RTSP only and did not allow readers to resume the original stream. It has been replaced by alwaysAvailable.
  • mpegts: add E-AC-3 (Dolby Digital Plus) codec support (bluenviron/mediacommon#272)
  • mpeg4audio: support channel_config=0 (bluenviron/mediacommon#273)
  • mpeg4audio: in ASC, prefer marshaling legacy ChannelConfig when available (bluenviron/mediacommon#280)
  • pmp4: increase compatibility (bluenviron/mediacommon#293)
  • pmp4: support MP4s with data before track definitions (bluenviron/mediacommon#294)

API

  • improve OpenAPI definition (#5380) add uint64, uint, uuid, move WebRTCICEServer into dedicated schema

RTSP

  • fix log labels of RTSPS listeners (#5367) use "TCP/RTSPS", "UDP/SRTP", "UDP/SRTCP" to refer to secure listeners
  • add rtspUDPSourcePortRange param (#5363) (#5397)

HLS

  • fix playback starting point for VOD streams without EXT-X-PLAYLIST-TYPE (bluenviron/gohlslib#308)
  • client: return every unit before an error (bluenviron/gohlslib#314) In case of an error, downloaded unit that were not processed yet were discarded. Now they are returned before the client exits.

WebRTC

  • print incoming data channel messages (#5357)

RPI Camera

Dependencies

  • code.cloudfoundry.org/bytefmt updated from v0.59.0 to v0.62.0
  • github.com/bluenviron/gohlslib/v2 updated from v2.2.4 to v2.2.5
  • github.com/bluenviron/gortmplib updated from v0.2.0 to v0.2.1
  • github.com/bluenviron/gortsplib/v5 updated from v5.2.2 to v5.3.0
  • github.com/bluenviron/mediacommon/v2 updated from v2.6.0 to v2.7.0
  • github.com/golang-jwt/jwt/v5 updated from v5.3.0 to v5.3.1
  • github.com/matthewhartstonge/argon2 updated from v1.4.4 to v1.4.5
  • github.com/pion/ice/v4 updated from v4.1.0 to v4.2.0
  • github.com/pion/interceptor updated from v0.1.42 to v0.1.43
  • github.com/pion/rtp updated from v1.9.0 to v1.10.0
  • github.com/pion/transport/v3 removed
  • github.com/pion/webrtc/v4 updated from v4.2.1 to v4.2.3
  • golang.org/x/crypto updated from v0.46.0 to v0.47.0
  • golang.org/x/sys updated from v0.39.0 to v0.40.0
  • golang.org/x/term updated from v0.38.0 to v0.39.0
  • github.com/pion/datachannel updated from v1.5.10 to v1.6.0
  • github.com/pion/dtls/v3 updated from v3.0.9 to v3.0.10
  • github.com/pion/sctp updated from v1.9.0 to v1.9.2
  • github.com/pion/srtp/v3 updated from v3.0.9 to v3.0.10
  • github.com/pion/stun/v3 updated from v3.0.2 to v3.1.1
  • github.com/pion/turn/v4 updated from v4.1.3 to v4.1.4
  • golang.org/x/net updated from v0.48.0 to v0.49.0
  • golang.org/x/text updated from v0.32.0 to v0.33.0
  • github.com/pion/transport/v4 v4.0.1 added
  • github.com/bluenviron/mediamtx-rpicamera updated from v2.5.1 to v2.5.2

Security

Binaries are compiled from source through the Release workflow without human intervention, preventing any external interference.

You can verify that binaries have been produced by the workflow by using GitHub Attestations:

ls mediamtx_* | xargs -L1 gh attestation verify --repo bluenviron/mediamtx

You can verify checksums of binaries by downloading checksums.sha256 and running:

cat checksums.sha256 | grep "$(ls mediamtx_*)" | sha256sum --check

  •  
  • ↗️
↗️

v1.15.6

βœ‡MediaMTX
Door: github-actions[bot]

Fixes and improvements

General

  • add structured logging (#5219)
  • fix 1-minute offset when recording a H264 WebRTC track (#5275) (#5278)
  • disable syslog logging on macOS (#5005) (#5295)
  • set syslog priority and do not write level and date to syslog (#4923) (#5296) When writing log entries to syslog, pass the level (WARN, INFO, etc) directly to syslog. Avoid writing level and date. This provides a better integration and allows to use syslog search tools.

RTSP

  • avoid setupping back channels (#5074) (#5289)
  • Support URI format sent by HappyTime ONVIF and RTSP clients during (bluenviron/gortsplib#964)
  • fix medias wrongly marked as back channels (#5074) (bluenviron/gortsplib#970) Some cameras mark medias as back channels even though they are not. Try to detect this by checking whether in full the SDP there are both back channels and standard channels, unmarking back channels otherwise.
  • when there are back channels, add recvonly attribute to standard channels (bluenviron/gortsplib#971)

SRT

  • fix broken connections in case of high latency (#3756) (#5282) When listening and accepting an incoming connection request, the response might be received by the peer with some delay due to latency. This causes the peer to send a second connection request, that is not detected as duplicate because the first connection request has already been removed from the map that is used to check for duplicates (connReqs), so it is treated as a brand new connection request, breaking the first connection. This patch fixes the issue by introducing another map (connByPeer) that is used to check whether a connection request is associated to an already-accepted connection.

Dependencies

  • code.cloudfoundry.org/bytefmt updated from v0.58.0 to v0.59.0
  • github.com/bluenviron/gortmplib updated from v0.1.2 to v0.2.0
  • github.com/bluenviron/gortsplib/v5 updated from v5.2.1 to v5.2.2
  • github.com/bluenviron/mediacommon/v2 updated from v2.5.3 to v2.6.0
  • github.com/matthewhartstonge/argon2 updated from v1.4.3 to v1.4.4
  • github.com/pion/ice/v4 updated from v4.0.13 to v4.1.0
  • github.com/pion/rtp updated from v1.8.26 to v1.9.0
  • github.com/pion/sdp/v3 updated from v3.0.16 to v3.0.17
  • github.com/pion/webrtc/v4 updated from v4.1.7 to v4.2.1
  • golang.org/x/crypto updated from v0.45.0 to v0.46.0
  • golang.org/x/sys updated from v0.38.0 to v0.39.0
  • golang.org/x/term updated from v0.37.0 to v0.38.0
  • github.com/pion/dtls/v3 updated from v3.0.8 to v3.0.9
  • github.com/pion/sctp updated from v1.8.41 to v1.9.0
  • github.com/pion/stun/v3 updated from v3.0.1 to v3.0.2
  • github.com/quic-go/qpack updated from v0.5.1 to v0.6.0
  • github.com/quic-go/quic-go updated from v0.54.1 to v0.57.0
  • go.uber.org/mock removed
  • golang.org/x/mod removed
  • golang.org/x/net updated from v0.47.0 to v0.48.0
  • golang.org/x/sync removed
  • golang.org/x/text updated from v0.31.0 to v0.32.0
  • golang.org/x/time updated from v0.9.0 to v0.12.0
  • golang.org/x/tools removed

Security

Binaries are compiled from source through the Release workflow without human intervention, preventing any external interference.

You can verify that binaries have been produced by the workflow by using GitHub Attestations:

ls mediamtx_* | xargs -L1 gh attestation verify --repo bluenviron/mediamtx

You can verify checksums of binaries by downloading checksums.sha256 and running:

cat checksums.sha256 | grep "$(ls mediamtx_*)" | sha256sum --check

  •  
  • ↗️
↗️

v1.15.5

βœ‡MediaMTX
Door: github-actions[bot]

Fixes and improvements

General

  • apidocs: fix compatibility with OpenAPI 3.0 (#5210) double-precision numbers are now represented as double.
  • playback: support concatenating segments with long gaps (#5172) Thanks to the new mtxi MP4 box, it's possible to check whether two segments are consecutive without involving dates or timestamps. When the new mtxi box is present in both segments, do not check if the end of the first segment corresponds to the start of the second segment.
  • recorder: reset when absolute time drifts from stream time (#4778) (#5239) the server now detects when system time changes too much and restarts recordings when that happens.
  • playback: fix crash (#5240) (#5250) when requesting a recording with the mp4 format, if there are two tracks and the second track has no samples, the server crashed. This fixes the issue.
  • fix panic when changing log file to a nonexisting directory (#5132) (#5249)
  • h264: fix regression in DTS extractor (#5207) (bluenviron/mediacommon#263)
  • h264: increase MaxNALUsPerAccessUnit (bluenviron/mediacommon#262) Some parrot drones use slice-encoding with 45 independent slices, resulting in frames consisting of 48 NALUs.
  • pmp4: fix crash when unmarshaling and there are no samples (#5240) (bluenviron/mediacommon#267)
  • fmp4: Correctly parse trun v0 sample composition time offset (bluenviron/mediacommon#268)
  • h265: fix DTS extraction with multiple slices (#5071) (bluenviron/mediacommon#269)

API

  • always reply with JSON in case of success or failure (#5252) Reply with "status": "ok" in case of success, and with "status": "error" in case of error. This makes the API more accessible and user friendly.

RTSP

RTMP

Dependencies

  • github.com/bluenviron/gortmplib updated from v0.1.1 to v0.1.2
  • github.com/bluenviron/gortsplib/v5 updated from v5.2.0 to v5.2.1
  • github.com/bluenviron/mediacommon/v2 updated from v2.5.1 to v2.5.3
  • github.com/go-git/go-billy/v5 updated from v5.6.2 to v5.7.0
  • github.com/go-git/go-git/v5 updated from v5.16.3 to v5.16.4
  • github.com/pion/ice/v4 updated from v4.0.10 to v4.0.13
  • github.com/pion/rtp updated from v1.8.25 to v1.8.26
  • github.com/pion/webrtc/v4 updated from v4.1.6 to v4.1.7
  • github.com/pion/dtls/v3 updated from v3.0.7 to v3.0.8
  • github.com/pion/mdns/v2 updated from v2.0.7 to v2.1.0
  • github.com/pion/sctp updated from v1.8.40 to v1.8.41
  • github.com/pion/srtp/v3 updated from v3.0.8 to v3.0.9
  • github.com/pion/stun/v3 updated from v3.0.0 to v3.0.1
  • github.com/pion/turn/v4 updated from v4.1.1 to v4.1.3

Security

Binaries are compiled from source through the Release workflow without human intervention, preventing any external interference.

You can verify that binaries have been produced by the workflow by using GitHub Attestations:

ls mediamtx_* | xargs -L1 gh attestation verify --repo bluenviron/mediamtx

You can verify checksums of binaries by downloading checksums.sha256 and running:

cat checksums.sha256 | grep "$(ls mediamtx_*)" | sha256sum --check

  •  
  • ↗️
❌