Fixes and improvements
General
- support multiple CORS origins (#5150)
- add udpReadBufferSize parameter (#5129) this allows to set a global UDP read buffer, applied to every UDP socket.
- extend udpReadBufferSize to WebRTC UDP sockets (#5130) this allows to decrease packet losses without touching system parameters.
- recorder: prevent FMP4 durations from overflowing (#4711) (#5126) the timestamp difference between two samples was put inside an unsigned integer that, when negative, caused an overflow.
RTP
- reorder packets before ingestion (#5194)
RTSP
- support RTSP responses with empty status message (bluenviron/gortsplib#807) (bluenviron/gortsplib#928)
- server: fix timeout when reading with Media Foundation (#5090) (bluenviron/gortsplib#932)
- fix SP payload of MIKEY messages (bluenviron/gortsplib#827) (bluenviron/gortsplib#935) fill PayloadSPPolicyParamTypeAuthTagLen andPayloadSPPolicyParamTypeSessionAuthKeyLen properly.
- support formats with dynamic SSRC (bluenviron/gortsplib#687) (bluenviron/gortsplib#940)
- improve performance by decoding RTP header once (bluenviron/gortsplib#941)
HLS
- muxer: prevent FMP4 durations from overflowing (#5126) (bluenviron/gohlslib#290)
Dependencies
- code.cloudfoundry.org/bytefmt updated from v0.55.0 to v0.58.0
- github.com/alecthomas/kong updated from v1.12.1 to v1.13.0
- github.com/asticode/go-astits updated from v1.13.0 to v1.14.0
- github.com/bluenviron/gohlslib/v2 updated from v2.2.3 to v2.2.4
- github.com/bluenviron/gortsplib/v5 updated from v5.1.1 to v5.2.0
- github.com/matthewhartstonge/argon2 updated from v1.4.1 to v1.4.3
- github.com/pion/interceptor updated from v0.1.41 to v0.1.42
- github.com/pion/rtp updated from v1.8.23 to v1.8.25
- golang.org/x/crypto updated from v0.43.0 to v0.45.0
- golang.org/x/sys updated from v0.37.0 to v0.38.0
- golang.org/x/term updated from v0.36.0 to v0.37.0
- github.com/pion/transport/v3 updated from v3.0.8 to v3.1.1
- golang.org/x/mod updated from v0.29.0 to v0.30.0
- golang.org/x/net updated from v0.46.0 to v0.47.0
- golang.org/x/sync updated from v0.17.0 to v0.18.0
- golang.org/x/text updated from v0.30.0 to v0.31.0
- golang.org/x/tools updated from v0.38.0 to v0.39.0
- hls.js updated from v1.6.13 to v1.6.15
Security
Binaries are compiled from source through the Release workflow without human intervention, preventing any external interference.
You can verify that binaries have been produced by the workflow by using GitHub Attestations:
ls mediamtx_* | xargs -L1 gh attestation verify --repo bluenviron/mediamtx
You can verify checksums of binaries by downloading checksums.sha256 and running:
cat checksums.sha256 | grep "$(ls mediamtx_*)" | sha256sum --check