Changes between Initial Version and Version 3 of Ticket #12139


Ignore:
Timestamp:
07/03/2019 10:38:55 PM (5 years ago)
Author:
Bruce Dubbs
Comment:

Legend:

Unmodified
Added
Removed
Modified

  • Ticket #12139

    • Property Milestone 8.59.0
    • Property Owner changed from blfs-book to Bruce Dubbs
    • Property Status newassigned

  • Ticket #12139 – Description

    initial v3  
    22
    33{{{
    4 
    54Version 5.55, 2019.06.10, urgency: HIGH
    65
    76    Security bugfixes
    8         Fixed a Windows local privilege escalation vulnerability caused insecure OpenSSL cross-compilation defaults. Successful exploitation requires stunnel to be deployed as a Windows service, and user-writable C:\ folder. This vulnerability was discovered and reported by Rich Mirch.
    9         OpenSSL DLLs updated to version 1.1.1c.
     7       -  Fixed a Windows local privilege escalation vulnerability caused
     8          insecure OpenSSL cross-compilation defaults. Successful exploitation
     9          requires stunnel to be deployed as a Windows service, and user-
     10          writable C:\ folder. 
     11       -  OpenSSL DLLs updated to version 1.1.1c.
    1012
    1113    Bugfixes
    12         Implemented a workaround for Windows hangs caused by its inability to the monitor the same socket descriptor from multiple threads.
    13         Windows configuration (including cryptographic keys) is now completely removed at uninstall.
    14         A number of testing framework fixes and improvements.
    15 
     14       -  Implemented a workaround for Windows hangs caused by its inability
     15          to monitor the same socket descriptor from multiple threads.
     16       -  Windows configuration (including cryptographic keys) is now
     17          completely removed at uninstall.
     18       -  A number of testing framework fixes and improvements.
    1619}}}