SEARCH
NEW RPMS
DIRECTORIES
ABOUT
FAQ
VARIOUS
BLOG

 
 
Changelog for stunnel-debugsource-5.00-2.6.x86_64.rpm :

* Wed May 27 2015 drahnAATTsuse.com- stunnel-CVE-2015-3644.patch: Fix authentication bypass when using \"redirect\" option (CVE-2015-3644, bsc#931517, backport from v5.17)
* Thu Mar 06 2014 drahnAATTsuse.com- update to final v5.00 code (FATE#315694)- security fix: Added PRNG state update in fork threading (CVE-2014-0016).- Patches: - stunnel-listenqueue-option.patch refreshed.
* Wed Feb 05 2014 drahnAATTsuse.com- re-add stunnel.cnf openssl cert default config file (bnc#862294)
* Fri Jan 31 2014 drahnAATTsuse.com- update license information to correct SPDX format- reintroduce stunnel3-binpath.patch - set correct PATH within stunnel3 wrapper
* Tue Jan 21 2014 drahnAATTsuse.com- Update to version 5.0b1 (FATE#315694) - Default \"pid\" is now \"\", i.e. not to create a pid file at startup. - Default \"ciphers\" updated to \"HIGH:MEDIUM:+3DES:+DH:!aNULL:!SSLv2\" due to AlFBPPS attack and bad performance of DH ciphersuites. - New service-level option \"redirect\" to redirect SSL client connections on authentication failures instead of rejecting them. - New global \"engineDefault\" configuration file option to control which OpenSSL tasks are delegated to the current engine. - New service-level configuration file option \"engineId\" to select the engine by identifier, e.g. \"engineId = capi\". - Improved readability of error messages printed when stunnel refuses to start due to a critical error.- Patches: - stunnel-CVE-2013-1762.patch obsoleted. Drpped. - stunnel-default-fips-off.patch obsoleted. Dropped. - stunnel-listenqueue-option.patch refreshed.
* Tue Mar 05 2013 drahnAATTsuse.com- stunnel-CVE-2013-1762.patch: Fix buffer overflow in NTLM authentication (CVE-2013-1762, bnc#807440)
* Thu Jan 03 2013 drahnAATTsuse.com- update package to new version 4.54 (FATE#314256)- New features:
* \"session\" option renamed to more readable \"sessionCacheTimeout\". The old name remains accepted for backward compatibility.
* New service-level \"sessionCacheSize\" option to control session cache size.
* New service-level option \"reset\" to control whether TCP RST flag is used to indicate errors. The default value is \"reset = yes\".
* New service-level option \"renegotiation\" to disable SSL renegotiation.
* Added client-mode \"sni\" option to directly control the value of TLS Server Name Indication (RFC 3546) extension.
* Glibc-specific dynamic allocation tuning was applied to help unused memory deallocation.
* Non-blocking OCSP implementation.
* New \"compression = deflate\" global option to enable RFC 2246 compresion.- stunnel-init-openssl-fix.patch obsoleted. Dropped.- stunnel-cipher-handling.patch obsoleted. Dropped.- stunnel-listenqueue-option.patch rebased to new version.- stunnel-default-fips-off.patch rebased to new version.
* Wed Aug 22 2012 drahnAATTsuse.com- stunnel-cipher-handling.patch: Fix stunnel cipher initialization. Backport from upstream version 4.53 (bnc#776756)
* Mon Aug 20 2012 drahnAATTsuse.com- stunnel-init-openssl-fix.patch: Fix openSSL library initialization. Backport from upstream version 4.53. (bnc#775262)- stunnel-default-fips-off.patch: Default FIPS mode to off when built against updated openSSL library. (bnc#775262)- correct configure option to enable libwrap support
* Thu May 12 2011 drahnAATTsuse.de- update package to 4.36 (FATE#311400)- obsoletes SOMAXCONN and libwrap disable patches (bnc#674554)- forward port listenqueue patch (bnc#674554)
* Mon Sep 21 2009 daniel.rahnAATTnovell.com- checkin package for SLES11 SP1 (FATE#307180)- package source as bz2- strip off debug package- update to 4.27: Version 4.27, 2009.04.16, urgency: MEDIUM:
* New features - Win32 DLLs for OpenSSL 0.9.8k. - FIPS support was updated for openssl-fips 1.2. - New priority failover strategy for multiple \"connect\" targets, controlled with \"failover=rr\" (default) or \"failover=prio\". - pgsql protocol negotiation by Marko Kreen . - Building instructions were updated in INSTALL.W32 file.
* Bugfixes - Libwrap helper processes fixed to close standard input/output/error file descriptors. - OS2 compilation fixes. - WCE fixes by Pierre Delaage .
  
ICM