Opened 8 years ago

Closed 8 years ago

#5164 closed enhancement (fixed)

stunnel-5.02

Reported by: Fernando de Oliveira Owned by: Fernando de Oliveira
Priority: normal Milestone: 7.6
Component: BOOK Version: SVN
Severity: normal Keywords:
Cc:

Description

http://mirrors.zerg.biz/stunnel/stunnel-5.02.tar.gz

https://www.stunnel.org/sdf_ChangeLog.html

I think that urgency is not high for us, it seems to involve only DLLs, which I believe is for other OS, not Linux.

...
Version 5.02, 2014.06.09, urgency: HIGH:

Security bugfixes
OpenSSL DLLs updated to version 1.0.1h. See 
http://www.openssl.org/news/secadv_20140605.txt



New features
Major rewrite of the protocol.c interface: it is now possible to add protocol 
negotiations at multiple connection phases, protocols can individually decide 
whether the remote connection will be established before or after SSL/TLS is 
negotiated.
Heap memory blocks are wiped before release. This only works for block allocated 
by stunnel, and not by OpenSSL or other libraries.
The safe_memcmp() function implemented with execution time not dependent on the 
compared data.
Updated the stunnel.conf and stunnel.init templates.
Added a client-mode example to the manual.
Bugfixes
Fixed "failover = rr" broken since version 5.00.
Fixed "taskbar = no" broken since version 5.00.
Compilation fix for missing SSL_OP_MSIE_SSLV2_RSA_PADDING option.

Change History (2)

comment:1 by Fernando de Oliveira, 8 years ago

Owner: changed from blfs-book@… to Fernando de Oliveira
Status: newassigned

comment:2 by Fernando de Oliveira, 8 years ago

Resolution: fixed
Status: assignedclosed

Fixed at r13224.

Note: See TracTickets for help on using tickets.