Opened 10 years ago
Closed 10 years ago
#5164 closed enhancement (fixed)
stunnel-5.02
| Reported by: | Fernando de Oliveira | Owned by: | Fernando de Oliveira |
|---|---|---|---|
| Priority: | normal | Milestone: | 7.6 |
| Component: | BOOK | Version: | SVN |
| Severity: | normal | Keywords: | |
| Cc: |
Description
http://mirrors.zerg.biz/stunnel/stunnel-5.02.tar.gz
https://www.stunnel.org/sdf_ChangeLog.html
I think that urgency is not high for us, it seems to involve only DLLs, which I believe is for other OS, not Linux.
... Version 5.02, 2014.06.09, urgency: HIGH: Security bugfixes OpenSSL DLLs updated to version 1.0.1h. See http://www.openssl.org/news/secadv_20140605.txt New features Major rewrite of the protocol.c interface: it is now possible to add protocol negotiations at multiple connection phases, protocols can individually decide whether the remote connection will be established before or after SSL/TLS is negotiated. Heap memory blocks are wiped before release. This only works for block allocated by stunnel, and not by OpenSSL or other libraries. The safe_memcmp() function implemented with execution time not dependent on the compared data. Updated the stunnel.conf and stunnel.init templates. Added a client-mode example to the manual. Bugfixes Fixed "failover = rr" broken since version 5.00. Fixed "taskbar = no" broken since version 5.00. Compilation fix for missing SSL_OP_MSIE_SSLV2_RSA_PADDING option.
Change History (2)
comment:1 by , 10 years ago
| Owner: | changed from to |
|---|---|
| Status: | new → assigned |
comment:2 by , 10 years ago
| Resolution: | → fixed |
|---|---|
| Status: | assigned → closed |
Note:
See TracTickets
for help on using tickets.
Fixed at r13224.