From efa90b0f51529d3a82d83010e7cb71a666e3733a Mon Sep 17 00:00:00 2001
From: mekya <ahmetmermerkaya@gmail.com>
Date: Wed, 3 Jul 2024 18:05:39 +0300
Subject: [PATCH 1/3] Set owasp score to 7, change default value of
 sendAudioLevelToViewers

Decrease vulnerability score to 7 and Change default value to false for
sendAudioLevelToViewers
---
 pom.xml                                                 | 2 +-
 src/main/java/io/antmedia/AppSettings.java              | 4 ++--
 src/test/java/io/antmedia/test/AppSettingsUnitTest.java | 2 +-
 3 files changed, 4 insertions(+), 4 deletions(-)

diff --git a/pom.xml b/pom.xml
index 08f4bc0c9..03d6fff0d 100644
--- a/pom.xml
+++ b/pom.xml
@@ -225,7 +225,7 @@
               <artifactId>dependency-check-maven</artifactId>
               <version>${owasp.version}</version>
 			  <configuration>
-				 <failBuildOnCVSS>8</failBuildOnCVSS>
+				 <failBuildOnCVSS>7</failBuildOnCVSS>
 				 <suppressionFile>owasp-suppressions.xml</suppressionFile>
 			   </configuration>
               <executions>
diff --git a/src/main/java/io/antmedia/AppSettings.java b/src/main/java/io/antmedia/AppSettings.java
index e1430e880..8c80382d8 100644
--- a/src/main/java/io/antmedia/AppSettings.java
+++ b/src/main/java/io/antmedia/AppSettings.java
@@ -2061,8 +2061,8 @@ public boolean isWriteStatsToDatastore() {
 	 * 
 	 * Ant Media Server sends audio level 5 times in a second
 	 */
-	@Value("${sendAudioLevelToViewers:true}")
-	private boolean sendAudioLevelToViewers = true;
+	@Value("${sendAudioLevelToViewers:false}")
+	private boolean sendAudioLevelToViewers = false;
   
   /**
    * Enable/disable video frame scaling in GPU when there is an adaptive bitrate 
diff --git a/src/test/java/io/antmedia/test/AppSettingsUnitTest.java b/src/test/java/io/antmedia/test/AppSettingsUnitTest.java
index 70696ec8d..e44ce3609 100644
--- a/src/test/java/io/antmedia/test/AppSettingsUnitTest.java
+++ b/src/test/java/io/antmedia/test/AppSettingsUnitTest.java
@@ -537,7 +537,7 @@ public void testUnsetAppSettings(AppSettings appSettings) {
 		assertEquals(150, appSettings.getAbrUpScaleRTTMs(), 0.0001);
 		assertNotNull(appSettings.getClusterCommunicationKey());
 		assertEquals(false, appSettings.isId3TagEnabled());
-		assertEquals(true, appSettings.isSendAudioLevelToViewers());
+		assertEquals(false, appSettings.isSendAudioLevelToViewers());
 		assertNull(appSettings.getTimeTokenSecretForPublish());
 		assertNull(appSettings.getTimeTokenSecretForPlay());
 

From c7cda7c852eb1df2f8e77dfe257e928639a6face Mon Sep 17 00:00:00 2001
From: mekya <ahmetmermerkaya@gmail.com>
Date: Thu, 4 Jul 2024 12:00:22 +0300
Subject: [PATCH 2/3] Suppress mpegvideoencoder vulnerability because it's not
 being used

---
 owasp-suppressions.xml | 8 ++++++++
 1 file changed, 8 insertions(+)

diff --git a/owasp-suppressions.xml b/owasp-suppressions.xml
index f245a777a..b81adb947 100644
--- a/owasp-suppressions.xml
+++ b/owasp-suppressions.xml
@@ -99,6 +99,14 @@
 	   <packageUrl regex="true">^pkg:maven/org\.bytedeco/(ffmpeg|cuda).*@.*$</packageUrl>
 	   <cve>CVE-2023-34112</cve>
 	</suppress>
+		<suppress>
+	   <notes><![CDATA[
+	   file name: ffmpeg-5.1.2-1.5.8.jar,ffmpeg-platform-5.1.2-1.5.8.jar, ffmpeg-5.1.2-1.5.8-linux-x86.jar
+	   This vulnerability is about using mpegvideoencoder. We don't use mpegvideo encoder in our end
+	   ]]></notes>
+	   <packageUrl regex="true">^pkg:maven/org\.bytedeco/(ffmpeg|cuda).*@.*$</packageUrl>
+	   <cve>CVE-2024-32230</cve>
+	</suppress>
 
 	
 </suppressions>
\ No newline at end of file

From e85ccdf53c72500e17bca4fdc871e3c41082d5e8 Mon Sep 17 00:00:00 2001
From: mekya <ahmetmermerkaya@gmail.com>
Date: Thu, 4 Jul 2024 15:25:45 +0300
Subject: [PATCH 3/3] Add icons and comments to have multirack play in web
 panel

---
 .../java/io/antmedia/datastore/db/types/Broadcast.java     | 6 ++++++
 src/main/server/webapps/root/images/icons/mute-icon.svg    | 6 ++++++
 src/main/server/webapps/root/images/icons/readme           | 1 +
 src/main/server/webapps/root/images/icons/speaker-icon.svg | 7 +++++++
 4 files changed, 20 insertions(+)
 create mode 100644 src/main/server/webapps/root/images/icons/mute-icon.svg
 create mode 100644 src/main/server/webapps/root/images/icons/readme
 create mode 100644 src/main/server/webapps/root/images/icons/speaker-icon.svg

diff --git a/src/main/java/io/antmedia/datastore/db/types/Broadcast.java b/src/main/java/io/antmedia/datastore/db/types/Broadcast.java
index fc1547740..763d22b51 100644
--- a/src/main/java/io/antmedia/datastore/db/types/Broadcast.java
+++ b/src/main/java/io/antmedia/datastore/db/types/Broadcast.java
@@ -373,6 +373,12 @@ public Broadcast() {
 	@Schema(description ="If this broadcast is a track of a WebRTC stream. This variable is Id of that stream.")
 	private String mainTrackStreamId;
 
+	/*
+	 * Refactor: remove this field and store everything as streams in the database.
+	 * On the other hand, we can keep the number of subtracks here
+	 * 
+	 * Lastly, there is also an dependency in the webpanel, it just plays the multitrack by looking at this field.
+	 */
 	@Schema(description ="If this broadcast is main track. This variable hold sub track ids.")
 	private List<String> subTrackStreamIds = new ArrayList<>();
 
diff --git a/src/main/server/webapps/root/images/icons/mute-icon.svg b/src/main/server/webapps/root/images/icons/mute-icon.svg
new file mode 100644
index 000000000..8f3b5f067
--- /dev/null
+++ b/src/main/server/webapps/root/images/icons/mute-icon.svg
@@ -0,0 +1,6 @@
+<?xml version="1.0"?>
+<svg xmlns="http://www.w3.org/2000/svg" version="1.0" width="500" height="500" viewBox="0 0 75 75"
+stroke="#111" stroke-width="5">
+<path d="m39,14-17,15H6V48H22l17,15z" fill="#111" stroke-linejoin="round"/>
+<path d="m49,26 20,24m0-24-20,24" fill="none" stroke-linecap="round"/>
+</svg>
\ No newline at end of file
diff --git a/src/main/server/webapps/root/images/icons/readme b/src/main/server/webapps/root/images/icons/readme
new file mode 100644
index 000000000..99640c4ca
--- /dev/null
+++ b/src/main/server/webapps/root/images/icons/readme
@@ -0,0 +1 @@
+The icons(mute-icon, speaker-icon) are being used in multitrack-play.html
\ No newline at end of file
diff --git a/src/main/server/webapps/root/images/icons/speaker-icon.svg b/src/main/server/webapps/root/images/icons/speaker-icon.svg
new file mode 100644
index 000000000..300db8523
--- /dev/null
+++ b/src/main/server/webapps/root/images/icons/speaker-icon.svg
@@ -0,0 +1,7 @@
+<?xml version="1.0" encoding="UTF-8" standalone="no"?>
+<svg xmlns="http://www.w3.org/2000/svg" version="1.0"  width="500" height="500" viewBox="0 0 75 75">
+<path d="M39.389,13.769 L22.235,28.606 L6,28.606 L6,47.699 L21.989,47.699 L39.389,62.75 L39.389,13.769z"
+style="stroke:#111;stroke-width:5;stroke-linejoin:round;fill:#111;"
+/>
+<path d="M48,27.6a19.5,19.5 0 0 1 0,21.4M55.1,20.5a30,30 0 0 1 0,35.6M61.6,14a38.8,38.8 0 0 1 0,48.6" style="fill:none;stroke:#111;stroke-width:5;stroke-linecap:round"/>
+</svg>
\ No newline at end of file