[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index][Old Index]
CVS commit: [pkgsrc-2008Q1] pkgsrc/security/stunnel
Module Name: pkgsrc
Committed By: rtr
Date: Tue May 27 13:29:03 UTC 2008
pkgsrc/security/stunnel [pkgsrc-2008Q1]: Makefile PLIST distinfo
pkgsrc/security/stunnel/files [pkgsrc-2008Q1]: stunnel.sh
pkgsrc/security/stunnel/patches [pkgsrc-2008Q1]: patch-aa
pkgsrc/security/stunnel [pkgsrc-2008Q1]: MESSAGE
pkgsrc/security/stunnel/patches [pkgsrc-2008Q1]: patch-ac
pullup ticket #2400 - requested by tnn
stunnel: update package due to security issue
revisions pulled up:
- pkgsrc/security/stunnel/MESSAGE 1.1
- pkgsrc/security/stunnel/Makefile 1.62
- pkgsrc/security/stunnel/PLIST 1.10
- pkgsrc/security/stunnel/distinfo 1.24
- pkgsrc/security/stunnel/files/stunnel.sh 1.2
- pkgsrc/security/stunnel/patches/patch-aa 1.20
- pkgsrc/security/stunnel/patches/patch-ac r0
Module Name: pkgsrc
Committed By: tnn
Date: Tue May 27 11:51:32 UTC 2008
pkgsrc/security/stunnel: Makefile PLIST distinfo
Update to stunnel-4.24.
4.24: fix security problem (properly reject revoked certs)
4.23: WinNT bugfix
- A new global option to control logging to syslog.
Simultaneous logging to a file and the syslog is now possible.
- A new service level option to control stack size.
- Restored chroot() to be executed after decoding numerical
userid and groupid values in drop_privileges().
- A few bugs fixed the in the new libwrap support code.
- TLSv1 method used by default in FIPS mode instead of
SSLv3 client and SSLv23 server methods.
- Initial FIPS 140-2 support (see INSTALL.FIPS for details).
- Experimental fast support for non-MT-safe libwrap is provided
with pre-spawned processes.
- Stunnel binary moved from /usr/local/sbin to /usr/local/bin
in order to meet FHS and LSB requirements.
- Added code to disallow compiling stunnel with pthreads when
OpenSSL is compiled without threads support.
- Minor manual update.
- TODO file updated.
- Dynamic locking callbacks added (needed by some engines to work).
- AC_ARG_ENABLE fixed in configure.am to accept yes/no arguments.
- On some systems libwrap requires yp_get_default_domain from libnsl,
additional checking for libnsl was added to the ./configure script.
- Sending a list of trusted CAs for the client to choose the right
- Some compatibility issues with NTLM authentication fixed.
To generate a diff of this commit:
cvs rdiff -r0 -r188.8.131.52 pkgsrc/security/stunnel/MESSAGE
cvs rdiff -r1.61 -r184.108.40.206 pkgsrc/security/stunnel/Makefile
cvs rdiff -r1.9 -r220.127.116.11 pkgsrc/security/stunnel/PLIST
cvs rdiff -r1.23 -r18.104.22.168 pkgsrc/security/stunnel/distinfo
cvs rdiff -r1.1 -r22.214.171.124 pkgsrc/security/stunnel/files/stunnel.sh
cvs rdiff -r1.19 -r126.96.36.199 pkgsrc/security/stunnel/patches/patch-aa
cvs rdiff -r1.9 -r0 pkgsrc/security/stunnel/patches/patch-ac
Please note that diffs are not public domain; they are subject to the
copyright notices on the relevant files.
Main Index |
Thread Index |