pkgsrc-Bugs archive

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index][Old Index]

PR/51449 CVS commit: [pkgsrc-2016Q2] pkgsrc/security/stunnel



The following reply was made to PR pkg/51449; it has been noted by GNATS.

From: "Benny Siegert" <bsiegert%netbsd.org@localhost>
To: gnats-bugs%gnats.NetBSD.org@localhost
Cc: 
Subject: PR/51449 CVS commit: [pkgsrc-2016Q2] pkgsrc/security/stunnel
Date: Sat, 3 Sep 2016 18:13:39 +0000

 Module Name:	pkgsrc
 Committed By:	bsiegert
 Date:		Sat Sep  3 18:13:39 UTC 2016
 
 Modified Files:
 	pkgsrc/security/stunnel [pkgsrc-2016Q2]: Makefile distinfo
 Added Files:
 	pkgsrc/security/stunnel/patches [pkgsrc-2016Q2]:
 	    patch-stunnel.conf-sample.in
 
 Log Message:
 Pullup ticket #5089 - requested by jym
 security/stunnel: security fix
 
 Revisions pulled up:
 - security/stunnel/Makefile                                     1.104
 - security/stunnel/distinfo                                     1.51
 - security/stunnel/patches/patch-stunnel.conf-sample.in         1.1
 
 ---
    Module Name:    pkgsrc
    Committed By:   jym
    Date:           Mon Aug 29 19:21:25 UTC 2016
 
    Modified Files:
            pkgsrc/security/stunnel: Makefile distinfo
    Added Files:
            pkgsrc/security/stunnel/patches: patch-stunnel.conf-sample.in
 
    Log Message:
    PR pkg/51449
 
    Update stunnel to 5.35.
 
    - Add patch to provide an explicit chroot option to the default
      configuration sample (option is documented but not found within
      the default conf file). While here, enable setuid/setgid as
      stunnel user/group creations are handled by package.
    - Rework SUBSTs so that they apply to the correct sample
      config file.
 
    Changelog:
 
    Version 5.35, 2016.07.18, urgency: HIGH
    * Bugfixes
      - Fixed incorrectly enforced client certificate requests.
      - Only default to SO_EXCLUSIVEADDRUSE on Vista and later.
      - Fixed thread safety of the configuration file reopening.
 
    Version 5.34, 2016.07.05, urgency: HIGH
    * Security bugfixes
      - Fixed malfunctioning "verify = 4".
    * New features
      - Bind sockets with SO_EXCLUSIVEADDRUSE on WIN32.
      - Added three new service-level options: requireCert, verifyChain,
        and verifyPeer for fine-grained certificate verification control.
      - Improved compatibility with the current OpenSSL 1.1.0-dev tree.
 
    Version 5.33, 2016.06.23, urgency: HIGH
    * New features
      - Improved memory leak detection performance and accuracy.
      - Improved compatibility with the current OpenSSL 1.1.0-dev tree.
      - SNI support also enabled on OpenSSL 0.9.8f and later (thx to
        Guillermo Rodriguez Garcia).
      - Added support for PKCS #12 (.p12/.pfx) certificates (thx to
        Dmitry Bakshaev).
    * Bugfixes
      - Fixed a TLS session caching memory leak (thx to Richard Kraemer).
        Before stunnel 5.27 this leak only emerged with sessiond enabled.
      - Yet another WinCE socket fix (thx to Richard Kraemer).
      - Fixed passphrase/pin dialogs in tstunnel.exe.
      - Fixed a FORK threading build regression bug.
      - OPENSSL_NO_DH compilation fix (thx to Brian Lin).
      - Fixed a TLS session caching memory leak (thx to Richard Kraemer).
        Before stunnel 5.27 this leak only emerged with sessiond enabled.
      - Yet another WinCE socket fix (thx to Richard Kraemer).
      - Fixed passphrase/pin dialogs in tstunnel.exe.
      - Fixed a FORK threading build regression bug.
      - OPENSSL_NO_DH compilation fix (thx to Brian Lin).
 
 
 To generate a diff of this commit:
 cvs rdiff -u -r1.102 -r1.102.2.1 pkgsrc/security/stunnel/Makefile
 cvs rdiff -u -r1.50 -r1.50.2.1 pkgsrc/security/stunnel/distinfo
 cvs rdiff -u -r0 -r1.1.2.2 \
     pkgsrc/security/stunnel/patches/patch-stunnel.conf-sample.in
 
 Please note that diffs are not public domain; they are subject to the
 copyright notices on the relevant files.
 


Home | Main Index | Thread Index | Old Index