CVS commit: [pkgsrc-2008Q1] pkgsrc/security/stunnel

["Tyler R. Retzlaff" <rtr%netbsd.org@localhost>]

Module Name:    pkgsrc
Committed By:   rtr
Date:           Tue May 27 13:29:03 UTC 2008

Modified Files:
        pkgsrc/security/stunnel [pkgsrc-2008Q1]: Makefile PLIST distinfo
        pkgsrc/security/stunnel/files [pkgsrc-2008Q1]: stunnel.sh
        pkgsrc/security/stunnel/patches [pkgsrc-2008Q1]: patch-aa
Added Files:
        pkgsrc/security/stunnel [pkgsrc-2008Q1]: MESSAGE
Removed Files:
        pkgsrc/security/stunnel/patches [pkgsrc-2008Q1]: patch-ac

Log Message:
pullup ticket #2400 - requested by tnn
stunnel: update package due to security issue

revisions pulled up:
- pkgsrc/security/stunnel/MESSAGE               1.1
- pkgsrc/security/stunnel/Makefile              1.62
- pkgsrc/security/stunnel/PLIST                 1.10
- pkgsrc/security/stunnel/distinfo              1.24
- pkgsrc/security/stunnel/files/stunnel.sh      1.2
- pkgsrc/security/stunnel/patches/patch-aa      1.20
- pkgsrc/security/stunnel/patches/patch-ac      r0

   Module Name: pkgsrc
   Committed By:        tnn
   Date:                Tue May 27 11:51:32 UTC 2008

   Modified Files:
        pkgsrc/security/stunnel: Makefile PLIST distinfo
        pkgsrc/security/stunnel/files: stunnel.sh
        pkgsrc/security/stunnel/patches: patch-aa
   Added Files:
        pkgsrc/security/stunnel: MESSAGE
   Removed Files:
        pkgsrc/security/stunnel/patches: patch-ac

   Log Message:
   Update to stunnel-4.24.

   4.24: fix security problem (properly reject revoked certs)
   4.23: WinNT bugfix
   4.22:
    - A new global option to control logging to syslog.
      Simultaneous logging to a file and the syslog is now possible.
    - A new service level option to control stack size.
    - Restored chroot() to be executed after decoding numerical
      userid and groupid values in drop_privileges().
    - A few bugs fixed the in the new libwrap support code.
    - TLSv1 method used by default in FIPS mode instead of
      SSLv3 client and SSLv23 server methods.
   4.21:
    - Initial FIPS 140-2 support (see INSTALL.FIPS for details).
    - Experimental fast support for non-MT-safe libwrap is provided
      with pre-spawned processes.
    - Stunnel binary moved from /usr/local/sbin to /usr/local/bin
      in order to meet FHS and LSB requirements.
    - Added code to disallow compiling stunnel with pthreads when
      OpenSSL is compiled without threads support.
    - Minor manual update.
    - TODO file updated.
    - Dynamic locking callbacks added (needed by some engines to work).
    - AC_ARG_ENABLE fixed in configure.am to accept yes/no arguments.
    - On some systems libwrap requires yp_get_default_domain from libnsl,
      additional checking for libnsl was added to the ./configure script.
    - Sending a list of trusted CAs for the client to choose the right
      certificate restored.
    - Some compatibility issues with NTLM authentication fixed.


To generate a diff of this commit:
cvs rdiff -r0 -r1.1.2.2 pkgsrc/security/stunnel/MESSAGE
cvs rdiff -r1.61 -r1.61.2.1 pkgsrc/security/stunnel/Makefile
cvs rdiff -r1.9 -r1.9.10.1 pkgsrc/security/stunnel/PLIST
cvs rdiff -r1.23 -r1.23.10.1 pkgsrc/security/stunnel/distinfo
cvs rdiff -r1.1 -r1.1.32.1 pkgsrc/security/stunnel/files/stunnel.sh
cvs rdiff -r1.19 -r1.19.10.1 pkgsrc/security/stunnel/patches/patch-aa
cvs rdiff -r1.9 -r0 pkgsrc/security/stunnel/patches/patch-ac

Please note that diffs are not public domain; they are subject to the
copyright notices on the relevant files.