pkgsrc-Bugs archive
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index][Old Index]
PR/51449 CVS commit: [pkgsrc-2016Q2] pkgsrc/security/stunnel
The following reply was made to PR pkg/51449; it has been noted by GNATS.
From: "Benny Siegert" <bsiegert%netbsd.org@localhost>
To: gnats-bugs%gnats.NetBSD.org@localhost
Cc:
Subject: PR/51449 CVS commit: [pkgsrc-2016Q2] pkgsrc/security/stunnel
Date: Sat, 3 Sep 2016 18:13:39 +0000
Module Name: pkgsrc
Committed By: bsiegert
Date: Sat Sep 3 18:13:39 UTC 2016
Modified Files:
pkgsrc/security/stunnel [pkgsrc-2016Q2]: Makefile distinfo
Added Files:
pkgsrc/security/stunnel/patches [pkgsrc-2016Q2]:
patch-stunnel.conf-sample.in
Log Message:
Pullup ticket #5089 - requested by jym
security/stunnel: security fix
Revisions pulled up:
- security/stunnel/Makefile 1.104
- security/stunnel/distinfo 1.51
- security/stunnel/patches/patch-stunnel.conf-sample.in 1.1
---
Module Name: pkgsrc
Committed By: jym
Date: Mon Aug 29 19:21:25 UTC 2016
Modified Files:
pkgsrc/security/stunnel: Makefile distinfo
Added Files:
pkgsrc/security/stunnel/patches: patch-stunnel.conf-sample.in
Log Message:
PR pkg/51449
Update stunnel to 5.35.
- Add patch to provide an explicit chroot option to the default
configuration sample (option is documented but not found within
the default conf file). While here, enable setuid/setgid as
stunnel user/group creations are handled by package.
- Rework SUBSTs so that they apply to the correct sample
config file.
Changelog:
Version 5.35, 2016.07.18, urgency: HIGH
* Bugfixes
- Fixed incorrectly enforced client certificate requests.
- Only default to SO_EXCLUSIVEADDRUSE on Vista and later.
- Fixed thread safety of the configuration file reopening.
Version 5.34, 2016.07.05, urgency: HIGH
* Security bugfixes
- Fixed malfunctioning "verify = 4".
* New features
- Bind sockets with SO_EXCLUSIVEADDRUSE on WIN32.
- Added three new service-level options: requireCert, verifyChain,
and verifyPeer for fine-grained certificate verification control.
- Improved compatibility with the current OpenSSL 1.1.0-dev tree.
Version 5.33, 2016.06.23, urgency: HIGH
* New features
- Improved memory leak detection performance and accuracy.
- Improved compatibility with the current OpenSSL 1.1.0-dev tree.
- SNI support also enabled on OpenSSL 0.9.8f and later (thx to
Guillermo Rodriguez Garcia).
- Added support for PKCS #12 (.p12/.pfx) certificates (thx to
Dmitry Bakshaev).
* Bugfixes
- Fixed a TLS session caching memory leak (thx to Richard Kraemer).
Before stunnel 5.27 this leak only emerged with sessiond enabled.
- Yet another WinCE socket fix (thx to Richard Kraemer).
- Fixed passphrase/pin dialogs in tstunnel.exe.
- Fixed a FORK threading build regression bug.
- OPENSSL_NO_DH compilation fix (thx to Brian Lin).
- Fixed a TLS session caching memory leak (thx to Richard Kraemer).
Before stunnel 5.27 this leak only emerged with sessiond enabled.
- Yet another WinCE socket fix (thx to Richard Kraemer).
- Fixed passphrase/pin dialogs in tstunnel.exe.
- Fixed a FORK threading build regression bug.
- OPENSSL_NO_DH compilation fix (thx to Brian Lin).
To generate a diff of this commit:
cvs rdiff -u -r1.102 -r1.102.2.1 pkgsrc/security/stunnel/Makefile
cvs rdiff -u -r1.50 -r1.50.2.1 pkgsrc/security/stunnel/distinfo
cvs rdiff -u -r0 -r1.1.2.2 \
pkgsrc/security/stunnel/patches/patch-stunnel.conf-sample.in
Please note that diffs are not public domain; they are subject to the
copyright notices on the relevant files.
Home |
Main Index |
Thread Index |
Old Index