SEARCH
NEW RPMS
DIRECTORIES
ABOUT
FAQ
VARIOUS
BLOG

 
 
Changelog for stunnel-4.35-8.37.i586.rpm :
Tue Feb 22 13:00:00 2011 daniel.rahnAATTnovell.com
- update to 4.35:

* New features
- Log file reopen on USR1 signal was added.

* Bugfixes
- CLOEXEC file descriptor leaks fixed on Linux >= 2.6.28 with
glibc >= 2.10.
- Fixed reload of FIPS-enabled stunnel.
- A serious bug in asynchronous shutdown code fixed.
- Data alignment updated in libwrap.c.

Mon Sep 21 14:00:00 2009 daniel.rahnAATTnovell.com
- package source as bz2
- strip off debug package
- remove executable bit from files in %doc
- update to 4.27:
Version 4.27, 2009.04.16, urgency: MEDIUM:

* New features
- Win32 DLLs for OpenSSL 0.9.8k.
- FIPS support was updated for openssl-fips 1.2.
- New priority failover strategy for multiple \"connect\" targets,
controlled with \"failover=rr\" (default) or \"failover=prio\".
- pgsql protocol negotiation by Marko Kreen .
- Building instructions were updated in INSTALL.W32 file.

* Bugfixes
- Libwrap helper processes fixed to close standard
input/output/error file descriptors.
- OS2 compilation fixes.
- WCE fixes by Pierre Delaage .

Wed Feb 18 13:00:00 2009 vetterAATTphysik.uni-wuerzburg.de
- set ownership of /var/lib/stunnel/var/run to stunnel for pid file
- update to 4.26:
Version 4.26, 2008.09.20, urgency: MEDIUM:

* New features
- Win32 DLLs for OpenSSL 0.9.8i.
- /etc/hosts.allow and /etc/hosts.deny no longer need to be copied to
the chrooted directory, as the libwrap processes are no longer
chrooted.
- A more informative error messages for invalid port number specified
in stunnel.conf file.
- Support for Microsoft Visual C++ 9.0 Express Edition.

* Bugfixes
- Killing all libwrap processes at stunnel shutdown fixed.
- A minor bug in stunnel.init sample SysV startup file fixed.

Mon Sep 15 14:00:00 2008 poemlAATTsuse.de
- update to 4.25. Changelog excerpt, only platform relevant changes
shown here:

* SECURITY FIX:
- OCSP code was fixed to properly reject revocated certificates.

* New features
- Makefile was updated to use standard autoconf variables:
sysconfdir, localstatedir and pkglibdir.
- A new global option to control logging to syslog:
syslog = yes|no
Simultaneous logging to a file and the syslog is now possible.
- A new service level option to control stack size:
stack =

* Bugfixes
- Spawning libwrap processes delayed until privileges are dropped.
- Compilation fix for systems without struct msghdr.msg_control.
- Restored chroot() to be executed after decoding numerical
userid and groupid values in drop_privileges().
- A few bugs fixed the in the new libwrap support code.
- TLSv1 method used by default in FIPS mode instead of
SSLv3 client and SSLv23 server methods.
- OpenSSL GPL license exception update based on
http://www.gnu.org/licenses/gpl-faq.html#GPLIncompatibleLibs
- dropped stunnel-4.21-write_pid_as_root.diff, and instead fix the
init script to add chroot prefix when dealing with the pid file

Mon Sep 15 14:00:00 2008 poemlAATTsuse.de
- fix init script\'s LSB headers

Tue Feb 5 13:00:00 2008 poemlAATTsuse.de
- create $chroot_dir/var/run for the new pidfile location

Mon Jan 28 13:00:00 2008 poemlAATTsuse.de
- make the filelist own /usr/lib
*/stunnel

Fri Jan 25 13:00:00 2008 poemlAATTsuse.de
- fix build (re-diff stunnel-4.21-write_pid_as_root.diff)
- fix filelist (make sure that the binaries stay in /usr/sbin)

Mon Oct 29 13:00:00 2007 poemlAATTsuse.de
- update to 4.21: Changes:
Initial FIPS 140-2 support was added. Non-MT-safe libwrap (TCP
Wrappers) library support was rewritten. It\'s currently based on
pre-forked processes and should be much faster. Some bugfixes
were also added.

Thu Aug 16 14:00:00 2007 poemlAATTsuse.de
- update to 4.20. Changes (edited):
Version 4.20, 2006.11.30, urgency: MEDIUM:

* Release notes
- There are a lot of new features in this version.

* New features
- New service-level option to specify OCSP server flag:
OCSPflag =
- \"protocolCredentials\" option changed to \"protocolUsername\"
and \"protocolPassword\"
- NTLM support to be enabled with the new service-level option:
protocolAuthentication = NTLM
- imap protocol negotiation support added.
- Passphrase cache was added so the user does not need to reenter
the same passphrase for each defined service any more.
- New service-level option to retry connect+exec section:
retry = yes|no
- Local IP and port is logged for each established connection.

* Bugfixes
- Serious problem with SSL_WANT_
* retries fixed.
The new code requires extensive testing!
- Problem with detecting getaddrinfo() in ./configure fixed.
- Compilation problem due to misplaced #endif in ssl.c fixed.
- Duplicate 220 in smtp_server() function in protocol.c fixed.
- Minor update of safestring()/safename() macros.


  
ICM