stunnel 4.22 released (Black Hat Europe edition)

Dear Users, I have just released a new version of stunnel. This is mostly a bugfix release and I recommend to schedule an upgrade. Please find below the ChangeLog entry: Version 4.22, 2008.03.28, urgency: MEDIUM: * New features - Makefile was updated to use standard autoconf variables:

stunnel 4.24 released

Dear Users, I have just released a new version of stunnel, which fixes a security issue in the OCSP functionality. The bug allows a revoked certificate to successfully authenticate. Any installations with OCSP enabled should be upgraded ASAP. Other users are not affected. Home page/download:

Re: problems

Kelly Phinney wrote: I downloaded OPENSSL because I was getting an error message: stunnel-4.10.exe-ordinal not found I am not getting that message anymore but now I am getting this message upon startup: stunnel-4.10.exe.-application error the application failed to initialize properly

[openssl-users] stunnel 5.29 released

-BEGIN PGP SIGNED MESSAGE- Hash: SHA256 Dear Users, I have released version 5.29 of stunnel. The ChangeLog entry: Version 5.29, 2016.01.08, urgency: LOW * New features - New WIN32 icons. - Performance improvement: rwlocks used for locking with pthreads. * Bugfixes - Compilation

Re: [openssl-users] SSL_COMP

-BEGIN PGP SIGNED MESSAGE- Hash: SHA256 On 12.01.2016 20:18, Viktor Dukhovni wrote: >> On Jan 12, 2016, at 4:05 AM, Michal Trojnara >> wrote: I guess openssl/ssl.h should >> be modified to include: typedef struct ssl_comp_st SSL_COMP; >>

[openssl-users] stunnel 5.33 released

Dear Users, I have released version 5.33 of stunnel. This release fixes a memory leak. Upgrade is highly recommended. The ChangeLog entry: Version 5.33, 2016.06.23, urgency: HIGH * New features - Improved memory leak detection performance and accuracy. - Improved compatibility with the

[openssl-users] stunnel 5.32 released

Dear Users, I have released version 5.32 of stunnel. The ChangeLog entry: Version 5.32, 2016.05.03, urgency: HIGH * Security bugfixes - OpenSSL DLLs updated to version 1.0.2h. https://www.openssl.org/news/secadv_20160503.txt * New features - New "socket = a:IPV6_V6ONLY=yes" option to

[openssl-users] stunnel 5.35 released

Dear Users, I have released version 5.35 of stunnel. The ChangeLog entry: Version 5.35, 2016.07.18, urgency: HIGH * Bugfixes - Fixed incorrectly enforced client certificate requests. - Only default to SO_EXCLUSIVEADDRUSE on Vista and later. - Fixed thread safety of the configuration file

[openssl-users] stunnel 5.34 released

Dear Users, I have released version 5.34 of stunnel. This release includes a major security bugfix. The ChangeLog entry: Version 5.34, 2016.07.05, urgency: HIGH * Security bugfixes - Fixed malfunctioning "verify = 4". * New features - Bind sockets with SO_EXCLUSIVEADDRUSE on WIN32. -

[openssl-users] stunnel 5.40 released

Dear Users, I have released version 5.40 of stunnel. Version 5.40, 2017.01.28, urgency: HIGH * Security bugfixes - OpenSSL DLLs updated to version 1.0.2k. https://www.openssl.org/news/secadv/20170126.txt * New features - DH ciphersuites are now disabled by default. - The daily server

[openssl-users] stunnel 5.35 released

Dear Users, I have released version 5.35 of stunnel. The ChangeLog entry: Version 5.35, 2016.07.18, urgency: HIGH * Bugfixes - Fixed incorrectly enforced client certificate requests. - Only default to SO_EXCLUSIVEADDRUSE on Vista and later. - Fixed thread safety of the configuration file

[openssl-users] stunnel 5.36 released

Dear Users, I have released version 5.36 of stunnel. Version 5.36, 2016.09.22, urgency: HIGH * Security bugfixes - OpenSSL DLLs updated to version 1.0.2i. https://www.openssl.org/news/secadv_20160922.txt * New features - Added support for OpenSSL 1.1.0 built with "no-deprecated". -

[openssl-users] stunnel 5.37 released

Dear Users, I have released version 5.37 of stunnel. Version 5.37, 2016.11.06, urgency: MEDIUM * Bugfixes - OpenSSL DLLs updated to version 1.0.2j (stops crashes). - The default SNI target (not handled by any slave service) is handled by the master service rather than rejected. -

[openssl-users] stunnel 5.38 released

Dear Users, I have released version 5.38 of stunnel. Version 5.38, 2016.11.26, urgency: MEDIUM * New features - "sni=" can be used to prevent sending the SNI extension. - The AI_ADDRCONFIG resolver flag is used when available. - Merged Debian 06-lfs.patch (thx Peter Pentchev). * Bugfixes

[openssl-users] stunnel 5.39 released

Dear Users, I have released version 5.39 of stunnel. Version 5.39, 2017.01.01, urgency: LOW * New features - PKCS#11 engine (pkcs11.dll) added to the Win32 build. - Per-destination TLS session cache added for the client mode. - The new "logId" parameter "process" added to log PID values.

[openssl-users] stunnel 5.41 released

Dear Users, I have released version 5.41 of stunnel. Version 5.41, 2017.04.01, urgency: MEDIUM * New features - PKCS#11 engine DLL updated to version 0.4.5. - Default engine UI set with ENGINE_CTRL_SET_USER_INTERFACE. - Key file name added into the passphrase console prompt. -

[openssl-users] stunnel 5.42 released

Dear Users, I have released version 5.42 of stunnel. Version 5.42, 2017.07.16, urgency: HIGH * New features - "redirect" also supports "exec" and not only "connect". - PKCS#11 engine DLL updated to version 0.4.7. * Bugfixes - Fixed premature cron thread initialization causing hangs. -

[openssl-users] stunnel 5.44 released

Dear Users, I have released version 5.44 of stunnel. It is a bugfix release. I recommend updating to this version. Version 5.44, 2017.11.26, urgency: MEDIUM * New features - Signed Win32 executables, libraries, and installer. * Bugfixes - Default accept address restored to INADDR_ANY. -

[openssl-users] stunnel 5.43 released

Dear Users, I have released version 5.43 of stunnel. Version 5.43, 2017.11.05, urgency: LOW * New features - OpenSSL DLLs updated to version 1.0.2m. - Android build updated to OpenSSL 1.1.0g. - Allow for multiple "accept" ports per section. - Self-test framework (make check). - Added

Re: [openssl-users] stunnel 5.46 released

On 05/29/2018 01:48 AM, Viktor Dukhovni wrote: > I am rather puzzled as to why you chose to eliminate > not just fixed DH, but also the ephemeral finite-field > DH key exchange. What's wrong with the DHE ciphers? Mostly precomputation attacks: https://weakdh.org/logjam.html Those parameters are

Re: [openssl-users] stunnel 5.46 released

On 05/31/2018 06:15 AM, Viktor Dukhovni wrote: > I expect there are still plenty of LTS RedHat systems that > ship without EC support, though yes anything reasonably > up to date, will have EC support. AFAIR EC cipher suites were introduced in OpenSSL 1.0.0, so those LTS systems must be using

stunnel 5.55 released

Dear Users, I have released version 5.55 of stunnel. This release addresses a number of important Windows issues, including security vulnerabilities. Version 5.55, 2019.06.10, urgency: HIGH * Security bugfixes   - Fixed a Windows local privilege escalation vulnerability     caused insecure

stunnel 5.56 released

Dear Users, I have released version 5.56 of stunnel. ### Version 5.56, 2019.11.22, urgency: HIGH * New features   - Various text files converted to Markdown format. * Bugfixes   - Support for realpath(3) implementations incompatible     with POSIX.1-2008, such as 4.4BSD or Solaris.   - Support

stunnel 5.57 released

Dear Users, I have released version 5.57 of stunnel. This is a security release.  Make sure to upgrade if you use the "redirect" option. ### Version 5.57, 2020.10.11, urgency: HIGH * Security bugfixes   - The "redirect" option was fixed to properly     handle "verifyChain = yes" (thx to Rob

stunnel 5.59 released

Dear Users, I have released version 5.59 of stunnel. ### Version 5.59, 2021.04.05, urgency: HIGH * Security bugfixes   - OpenSSL DLLs updated to version 1.1.1k. * New features   - Client-side "protocol = ldap" support (thx to Bart     Dopheide and Seth Grover). * Bugfixes   - The test suite

stunnel 5.58 released

Dear Users, I have released version 5.58 of stunnel. This release fixes another security bug in the "redirect" option. ### Version 5.58, 2021.02.20, urgency: HIGH * Security bugfixes   - The "redirect" option was fixed to properly handle     unauthenticated requests (thx to Martin Stein).   -

stunnel 60 released

Dear Users, I have released version 5.60 of stunnel. ### Version 5.60, 2021.08.16, urgency: LOW * New features   - New 'sessionResume' service-level option to allow     or disallow session resumption   - Added support for the new SSL_set_options() values.   - Download fresh ca-certs.pem for

stunnel 5.61 released

Dear Users, I have released version 5.61 of stunnel. ### Version 5.61, 2021.12.22, urgency: LOW * New features sponsored by the University of Maryland   - Added new "protocol = capwin" and "protocol = capwinctrl"     configuration file options. * New features for the Windows platform   - Added

stunnel 5.62 released

Dear Users, I have released version 5.62 of stunnel. ### Version 5.62, 2022.01.17, urgency: MEDIUM * New features   - Added a bash completion script. * Bugfixes   - Fixed a transfer() loop bug. Home page: https://www.stunnel.org/ Download: https://www.stunnel.org/downloads.html SHA-256

stunnel 5.63 released

Dear Users, I have released version 5.63 of stunnel. ### Version 5.63, 2022.03.15, urgency: HIGH * Security bugfixes   - OpenSSL DLLs updated to version 3.0.2. * New features   - Updated stunnel.spec to support bash completion. * Bugfixes   - Fixed a PRNG initialization crash (thx to Gleydson

stunnel 5.65 released

Dear Users, I have released version 5.65 of stunnel. On Windows, this release fixes a high severity OpenSSL vulnerability: https://www.openssl.org/news/secadv/20220705.txt ### Version 5.65, 2022.07.17, urgency: HIGH * Security bugfixes   - OpenSSL DLLs updated to version 3.0.5. * Bugfixes   -

stunnel 5.64 released

Dear Users, I have released version 5.64 of stunnel. This release only includes Windows fixes and improvements. ### Version 5.64, 2022.05.06, urgency: MEDIUM * Security bugfixes   - OpenSSL DLLs updated to version 3.0.3. * New features   - Updated the pkcs11 engine for Windows. * Bugfixes   -

stunnel 5.66 released

Dear Users, I have released version 5.66 of stunnel. ### Version 5.66, 2022.09.11, urgency: MEDIUM * New features   - OpenSSL 3.0 FIPS Provider support for Windows. * Bugfixes   - Fixed building on machines without pkg-config.   - Added the missing "environ" declaration for     BSD-based

stunnel 5.67 released

Dear Users, I have released version 5.67 of stunnel. ### Version 5.67, 2022.11.01, urgency: HIGH * Security bugfixes   - OpenSSL DLLs updated to version 3.0.7. * New features   - Provided a logging callback to custom engines. * Bugfixes   - Fixed "make cert" with OpenSSL older than 3.0.   -