Wowza Streaming Engine 4.8.8.01 Release Notes

Version: Wowza Streaming Engine™ 4.8.8.01 build 20201216140014 released on December 17, 2020.

Note: Wowza Streaming Engine 4.8.8.01 is the latest installer release but a newer updater-only version of Wowza Streaming Engine is available as Wowza Streaming Engine 4.8.9.

Java support: Wowza Streaming Engine 4.8.8.01 is built on Java 9 (OpenJDK Java SE JRE 9.0.4), but can be used with Java versions 9-12. For more information, see Manually install and troubleshoot Java on Wowza Streaming Engine.

Note: For step-by-step instructions on how to update your Wowza Streaming Engine media server software, see Update your Wowza Streaming Engine installation.

Contents


New features and functionality in Wowza Streaming Engine 4.8.8.01
Installation and upgrade considerations for Wowza Streaming Engine 4.8.8.01
Breaking changes in Wowza Streaming Engine 4.8.8.01
Detailed list of changes in Wowza Streaming Engine 4.8.8.01
Known issues with Wowza Streaming Engine 4.8.8.01
Patch updates to Wowza Streaming Engine 4.8.8.01

New features and functionality in Wowza Streaming Engine 4.8.8.01


Wowza Streaming Engine is a robust, customizable, and scalable media server software that powers reliable streaming of high-quality video and audio to any device, anywhere. Wowza Streaming Engine 4.8.8.01 contains several enhancements and fixes that help to improve the functionality of the media server software.

Security improvements and updates

In Wowza Streaming Engine 4.8.8.01, we've fixed security issues related to how passwords are stored in the admin.password file. You now have the option to encode passwords using Bcrypt or digest hash functions. We've also added a command-line tool that enables you to manage users. Security improvements also include updating permissions on several directories with the Linux installer and updating several libraries, such as the Restlet framework library. For more information about these security improvements, see the following the articles:

Low-Latency HLS improvements

Wowza Streaming Engine 4.8.8.01 includes several fixes and performance enhancements for Low-Latency HLS (LL-HLS) that allow streams to be played with any HTML5 player and delivered over a CDN that pulls streams from Wowza Streaming Engine. This includes updates to the default values for the optional LL-HLS and CMAF packetizer properties involved in creating both segments and partial segments and configuring the PART-HOLD-BACK attribute in playlists. For more information about streaming LL-HLS, see the following articles:

Media Cache updates

Wowza Streaming Engine 4.8.8.01 includes new functionality, fixes, and improved logging for Media Cache. For example, you can now download media segments with AWS SDK for Java (2.14.15) for Amazon S3 Media Cache sources and log available storage space in Media Cache stores. For more information about these Media Cache updates, see the following articles:

Logging updates

With Wowza Streaming Engine 4.8.8.01, we updated the logging framework from Apache Log4j 1.x to Apache Log4j 2 for more reliable logging and additional logging functionality. The Log4j 2 logging system provides ample functionality for log formatting, log rolling, and log retrieval for most applications. For more information about the logging updates, see the following article:

NVIDIA NVENC SDK 9 update

With the upgrade to NVIDIA NVENC SDK 9, Wowza Streaming Engine 4.8.8.01 supports higher quality transcoding workflows when using NVIDIA Turing or newer architecture. The Wowza Streaming Engine Transcoder supports NVIDIA 440.xx drivers, but does not yet support NVIDIA 450.xx drivers.

HTTPS load performance update

Wowza Streaming Engine 4.8.8.01 features improved delivery load performance for HTTPS from Wowza Streaming Engine via a more native implementation in the JVM. See up to double the performance for load delivery with HTTPS by enabling Conscrypt with the insertConscryptCryptoProvider property. For more information about enabling Conscrypt, see the following articles:

Installation and update considerations for Wowza Streaming Engine 4.8.8.01


Wowza Streaming Engine 4.8.5 and later installs a custom packaged version of OpenJDK Java SE JRE 9.0.4 that includes the java.scripting module. This module is required for Wowza Streaming Engine 4.8.8.01 but is not added by the Wowza Streaming Engine 4.8.8.01 updater. If you are updating to Wowza Streaming Engine 4.8.8.01 from Wowza Streaming Engine 4.8.0 or earlier, before you update, you need to install a supported version of Java that contains the java.scripting module, such as Java 9-12 or the custom version of OpenJDK Java SE JRE 9.0.4 installed with Wowza Streaming Engine 4.8.8.01 (available from the Downloads tab of My Account). Then instruct Wowza Streaming Engine to use that version of Java according to the instructions in Manually install and troubleshoot Java on Wowza Streaming Engine.

When using the Wowza Streaming Engine 4.8.8.01 installer to install a new instance of Wowza Streaming Engine on Windows, you may need to install additional dependencies in order to ingest SRT MediaCaster streams or use the generic SRT stream targets destination to publish an SRT stream. To address this, install the latest version of the Microsoft Visual C++ Redistributable for Visual Studio appropriate to your operating system.

Breaking changes in Wowza Streaming Engine 4.8.8.01


Wowza Streaming Engine REST API XML responses

With the upgrade to version 2.4.3 of the Restlet framework library due to security vulnerabilities in version 2.3.12, some REST API XML responses have changed and are not backward compatible. We've identified changes in the XML responses with the following GET requests. Additionally, the REST API XML response for 404 errors has changed.

The XML responses with the following GET requests changed only to add properties:

Click See more for a list of changes to each XML responses.

Logging configuration update

With the upgrade to Apache Log4j 2, the logging configuration has changed to use [install-dir]/conf/log4j2-config.xml. Existing logging configurations need to be moved to log4j2-config.xml. When updating to Wowza Streaming Engine 4.8.8.01, properties from existing logging configurations in [install-dir]/conf/log4j.properties are copied to [install-dir]/conf/log4j.properties.bak. For more information, see About logging in Wowza Streaming Engine.

Access log header information not added every start up

With the upgrade to Apache Log4j 2, Wowza Streaming Engine no longer writes headers to the Access log file (wowzastreamingengine_access.log) every time the Wowza Streaming Engine server starts up. Wowza Streaming Engine now only adds the following header information to the beginning of new wowzastreamingengine_access.log files:

#Version: ...
#Start-Date: ...
#Software: ...
#Date: ...

ServerVersion HTTP Provider default behavior update

The default behavior of the ServerVersion HTTP Provider changed to return the server version with http://[wowza-ip-address]:1935/ServerVersion instead of http://[wowza-ip-address]:1935.

Detailed list of changes in Wowza Streaming Engine 4.8.8.01


Changes since Wowza Streaming Engine 4.8.5


Low-Latency HLS (LL-HLS)
  • Fixed an issue with EXT-X-PROGRAM-DATE-TIME was reporting the segment end time instead of segment start time.
  • Fixed an issue that caused a null pointer exception when adding rendition reports to media playlists.
  • Fixed an issue with EXT-X-PROGRAM-DATE-TIME tags being added only after the complete segment was created.
  • Fixed an issue with LL-HLS streaming that caused player requests for the last partial segment to fail with 500 internal server errors.
  • Fixed an issue with HTTP/2 implementation and connection window size doubling.
  • Fixed an issue with timing out and returning HTTP 503 errors earlier than three Target Durations after blocking playlist reloads is requested with the _HLS_part query parameter.
  • Fixed an issue that caused PART-HOLD-BACK values to not account for the maximum part target duration from all renditions.
  • Fixed an issue that caused the cupertinoPartHoldBack property to be ignored.
  • Fixed an issue with partial segments being removed earlier than three target durations from the end of the playlist for Low-Latency HLS streams, causing playback issues.
  • Added support for PING messages over HTTP/2.
  • Changed the default values for the following LL-HLS and CMAF packetizer properties:
    • cmafLLChunkingScheme – byDuration
    • cmafLLChunkDurationTargetVideo – 1000 (ms)
    • cmafLLChunkDurationTargetAudio – 1000 (ms)
    • cmafLLChunkFrameCountTargetVideo – 30
    • cmafLLChunkFrameCountTargetAudio – 47
    • cmafSegmentDurationTarget – 6000 (ms)
Security and SSL performance
  • Updated the access to the following directories on Linux to use 644 permissions (read-only for all users except the owner): [install-dir]/conf, [install-dir]/manager/conf, [install-dir]/content, [install-dir]/transcoder. This update requires a new installation of Wowza Streaming Engine 4.8.8.01, rather than using the updater.
  • Fixed a security vulnerability related to passwords. This change requires a new installation of Wowza Streaming Engine 4.8.8.01, rather than using the updater.
    • Made the following changes to the admin.password file:
      • Added support for secure password storage using Bcrypt one-way hashing. Bcrypt hashed passwords are compatible with HTTP basic authentication for HTTP Providers, the REST API, and the REST API Documentation Server.
      • Added a group (name: basic) for read-only users.
      • Added a passwordEncoding field to separate password encoding from authentication mechanisms.
    • Made the following updates to the REST API:
      • Added a new parameter (name: passwordEncoding, values: bcrypt, digest, cleartext) for specifying a password encoding format when adding or updating users. If no value is specified, the password encoding format will default to the value set for <PasswordEncodingScheme> in Server.xml.
      • Added a new property (name: PasswordEncodingScheme; location: [install-dir]/conf/Server.xml, <Server>/<RestInterface>, default: bcrypt) for specifying a password encoding format. This value will default to bcrypt for new installations.
    • Added a CLI tool for adding and updating users.
    • Changed the default value for <AuthenticationMethod> in Server.xml to basic.
    • Fixed an issue with Wowza Streaming Engine Manager incompatibility with HTTP basic authentication.
    • Updated the default behavior of the Wowza Streaming Engine installer to automatically use Bcrypt one-way hashing when adding new users.
  • Upgraded the Restlet framework library to version 2.4.3.
  • Upgraded to newer versions of several libraries including Spring Boot 2.3.1, Spring Framework 5.2.7, Spring Security 5.3.3, Apache Tomcat 9.0.36, Apache Ant 1.10.8, Apache Taglibs 1.2.5, Apache Commons Lang 3.10, Apache Commons Text 1.8, Jackson 2.11.1, JAXB 2.3.3, Java Servlet API 4.0.1, Joda-Time 2.10.6, and Bootstrap 3.3.7.
  • Fixed an XSS security vulnerability in Wowza Streaming Engine Manager.
  • Notarized and stapled the macOS installer to meet basic macOS security requirements.
  • Added a new property (name: insertConscryptCryptoProvider, location: [install-dir]/conf/Server.xml, <Server>/<Properties>, type: Boolean, default: false) to enable Conscrypt, an open-source Java Security Provider that improves SSL performance.
  • Added support for MPEG-DASH Common Encryption (CENC) with H.265 (HEVC) video for live and VOD streaming.
  • Changed the default value of the <RequestFilters> property for the HTTPServerVersion HTTP Providers in VHost.xml to *ServerVersion.
  • Removed the Server header from the default headers returned with all HTTP requests.
  • Fixed an issue with ensuring URIs are validated according to HTTP specifications before processing.
  • Fixed an issue with ensuring the Host header for HTTP/1.1 requests is present before processing requests.
  • Fixed an issue with Wowza Streaming Engine occasionally returning a 200 response code to HTTP requests when it should have returned a 404 response code.
Media Cache
  • Added AWS SDK for Java (2.14.15) support for Amazon S3 Media Cache sources.
  • Updated Media Cache Amazon S3 source authentication to AWS Signature Version 4.
  • Added a new property (name: logStoreCapacityInterval, location: [install-dir]/conf/MediaCache.xml, <MediaCache>/<Properties>, type: Integer, default: 10000) to enable logging of available storage space in Media Cache stores.
  • Fixed an issue with HTTPS URLs defaulting back to HTTP for Media Cache Amazon S3 and HTTP sources.
Live Stream Transcoding
  • Upgraded to NVIDIA NVENC SDK 9.
  • Fixed an issue with Transcoder B-frame reordering that caused warnings to appear in the console during playback.
  • Fixed an issue with not saving overlay images when adding or updating them as a decoding preset in a Transcoder template for an application in Wowza Streaming Engine Manager.
  • Added support for a new parameter in Transcoder templates for adjusting the volume on audio transcoded to the Opus codec (location: <Encode>/<Audio>/<Parameters>/<Parameter>, name: opus.gain, type: Double).
  • Updated the encoder for VP8 and VP9 video codecs to use constant bitrate (CBR) encoding by default.
  • Added audio encode callbacks to the Wowza Streaming Engine Java API for intercepting and modifying audio data before and after resampling.
Stream Targets (Push Publishing)
  • Fixed an issue with publishing streams to Facebook using the Facebook Live stream target failing as a result of a change in the Facebook Graph API to deprecate the save_vod parameter for some requests.
  • Fixed an issue with a null pointer exception sometimes occurring when stopping a PushPublish session.
Live Stream DVR Playback (nDVR)
  • Fixed an issue with starting nDVR recordings using the Wowza Streaming Engine Java API not working due to a stream timeout.
  • Fixed an issue with not saving changes made to an application's nDVR configuration in Wowza Streaming Engine Manager when was not enabled.
  • Fixed an issue with nDVR store conversions that could cause server out of memory errors.
  • Fixed an issue with the nDVR converter sometimes creating an audio-only MP4 file when audio and video content is in the nDVR store.
Logging
  • Updated the Wowza Streaming Engine logging framework from Apache Log4j 1.x to ApacheLog4j 2. Use the new [install-dir]/conf/log4j2-config.xml file for logging configuration.
  • Added exception handling and logging for methods in Java modules.
  • Decreased the log level for missing Quick Sync system libraries from WARN to INFO.
  • Fixed an issue with incorrect logging when playing MPEG-DASH streams using secure tokens.
  • Fixed an issue with incorrect logging when using custom Push Publishing modules that contain map entries for the same stream name.
  • Fixed an issue with the stream type for E-AC3 audio being incorrectly logged as AC3 audio with HLS streams.
  • Fixed an issue with erroneously logging "Stream index not found" when stopping SRT MediaCaster streams.
SRT
  • Improved error handling for SRT ingest and publish on Windows operating systems.
  • Fixed an issue with SRT streams with high packet loss that could cause a deadlock.
  • Added new default methods to the IMediaStream interface in the Wowza Streaming Engine Java API to set or get whether a stream is an SRT stream:
    • void setIsSRT(boolean isSRT)
    • boolean getIsSRT()
  • Added new methods to the LiveMediaSRTReceiver class in the Wowza Streaming Engine Java API for retrieval of native statistical data for SRT sockets:
    • public SRTNativeTraceStats getSRTNativeStats()
    • public SRTNativeTraceStats getSRTNativeStats(boolean instantaneous)
RTSP/RTP
  • Fixed an issue with RTCP handlers mishandling RTP packets when listening for RTP multicast streams.
  • Fixed an issue with error parsing of RTCP sender reports.
  • Fixed an issue with Wowza Streaming Engine looping indefinitely and increasing CPU usage when trying to connect to an RTP endpoint with I/O exceptions, such as when the RTP SSL certificate was not valid.
  • Fixed an issue with incorrectly deserializing RTCP packets with a zero length resulting in repeated logging messages.
  • Fixed an issue with shutting down RTSP streams that could cause a deadlock.
MPEG-DASH
  • Fixed an issue with playback of MPEG-DASH adaptive bitrate streams failing due to the play alias resolving incorrectly.
  • Fixed an issue with MPEG-DASH manifests incorrectly showing variable frame rate video after a stream restarted or due to content loss.
Installer and updater
  • Fixed an issue with the updater overwriting the tomcat.properties file and, if updating from version 4.7.7 or earlier, deleting the winstone.properties file.
  • Updated the Windows installer to have a valid installer certificate.
  • Modified the Wowza Streaming Engine updaters for Linux and macOS to only update permissions for the following directories: [install-dir]/lib, [install-dir]/manager/lib, [install-dir]/bin, [install-dir]/manager/bin, [install-dir]/scripts.
Miscellaneous
  • Added support for H.264 levels 6, 6.1, and 6.2.
  • Fixed an issue with onPublish events being called twice for HLS and SRT MediaCaster streams.
  • Fixed an issue with an incoming stream being stopped through either the Wowza Streaming Engine REST API or Wowza Streaming Engine Manager and timing out at the same time that could cause a deadlock.
  • Fixed a memory leak that occurred when shutting down a stream.
  • Fixed an issue with the HTTPProviderSimpleWebServer returning the incorrect MIME type on Windows.
  • Added handling of invalid URLs for HTTP requests when attempting to resolve MIME types.
  • Fixed an issue with parsing invalid Request-Lines in HTTP/1.1 request messages.
Removed and deprecated functionality
  • Removed the test players in Wowza Streaming Engine Manager. The Test Players window was renamed Test Playback and now provides playback URLs for each protocol that you can use with your player or the Video Test Players webpage.
  • Removed Microsoft Smooth Streaming and Adobe HDS from the Playback Types options in Wowza Streaming Engine Manager.
  • Removed support for sending a continuous live stream with Facebook Live stream targets. Existing stream targets with continuous live streaming enabled will need to be updated to disable sending a continuous live stream in PushPublishMap.txt in [install-dir]/conf/[application name].
  • Removed support for posting to a group you manage (the Group option for Video Destination) with Facebook Live stream targets. Existing stream targets with group enabled for video destination will need to be updated to publish to a page or timeline in PushPublishMap.txt in [install-dir]/conf/[application name].
  • Removed Concurrent collector from the Java Garbage Collection Settings options in Wowza Streaming Engine Manager.
  • Removed Mirror Image from the destination options on the Add Stream Targets page in Wowza Streaming Engine Manager.
  • Removed the [install-dir]/examples directory.
  • Deprecated the following ModuleCoreSecurity properties:
    • securityPublishIPBlackList. Use the securityPublishIPBlockList property instead.
    • securityPublishIPWhiteList. Use the securityPublishIPAllowList property instead.
    • securityPlayIPBlackList. Use the securityPlayIPBlockList property instead.
    • securityPlayIPWhiteList. Use the securityPlayIPAllowList property instead.
  • Deprecated the following HTTPProvider property:
    • KillConnectionTimeout. Use the EndConnectionTimeout property instead.
  • Deprecated support for hardware acceleration using NVIDIA Kepler GPUs, which will be unsupported in future releases.

Known issues with Wowza Streaming Engine 4.8.8.01


For a detailed list of known issues that are still in effect, see Known issues with Wowza Streaming Engine.

Patch updates to Wowza Streaming Engine 4.8.8.01


Between production releases, Wowza occasionally provides patches to fix bugs or regressions in the latest production release, which can be deployed in production environments and workflows for long-term stability.

There is no available patch release for Wowza Streaming Engine 4.8.8.01 at this time.