|Reported by:||Douglas R. Reno||Owned by:||Bruce Dubbs|
Description (last modified by )
New minor version
Version 5.55, 2019.06.10, urgency: HIGH Security bugfixes - Fixed a Windows local privilege escalation vulnerability caused insecure OpenSSL cross-compilation defaults. Successful exploitation requires stunnel to be deployed as a Windows service, and user- writable C:\ folder. - OpenSSL DLLs updated to version 1.1.1c. Bugfixes - Implemented a workaround for Windows hangs caused by its inability to monitor the same socket descriptor from multiple threads. - Windows configuration (including cryptographic keys) is now completely removed at uninstall. - A number of testing framework fixes and improvements.
Change History (4)
Note: See TracTickets for help on using tickets.