A new update of Wowza Streaming Engine 4.8.19+4 has been released (build number as of the date of publication of the article - build 20220628155901)
Major changes in the new release.
- In order to exclude code vulnerable according to CVE-2022-22965 the dependencies of the Spring Cloud libraries were changed when building the Wowza Streaming Engine Manager administration web console. The likelihood of an attack using this vulnerability seems unlikely, but it's still better to update Wowza.
- Added the ability to digest authentication and store Wowza Streaming Engine Manager passwords in encrypted form using the sha256 algorithm (previously only MD5 was supported). This addition is important to comply with corporate security standards.
- Wowza Streaming Engine directory path on fresh Windows installation changed from "C:\Program Files(x86)\.." to "C:\Program Files\.
- Fixes a bug with a crash in the thumbs generator.