Dear Users,
I have just released a new version of stunnel. This is mostly a bugfix
release and I recommend to schedule an upgrade.
Please find below the ChangeLog entry:
Version 4.22, 2008.03.28, urgency: MEDIUM:
* New features
- Makefile was updated to use standard autoconf variables:
Dear Users,
I have just released a new version of stunnel, which fixes a security issue
in the OCSP functionality. The bug allows a revoked certificate to
successfully authenticate. Any installations with OCSP enabled should be
upgraded ASAP. Other users are not affected.
Home page/download:
Kelly Phinney wrote:
I downloaded OPENSSL because I was getting an error message:
stunnel-4.10.exe-ordinal not found
I am not getting that message anymore but now I am getting
this message upon startup:
stunnel-4.10.exe.-application error
the application failed to initialize properly
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256
Dear Users,
I have released version 5.29 of stunnel.
The ChangeLog entry:
Version 5.29, 2016.01.08, urgency: LOW
* New features
- New WIN32 icons.
- Performance improvement: rwlocks used for locking with pthreads.
* Bugfixes
- Compilation
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256
On 12.01.2016 20:18, Viktor Dukhovni wrote:
>> On Jan 12, 2016, at 4:05 AM, Michal Trojnara
>> wrote: I guess openssl/ssl.h should
>> be modified to include: typedef struct ssl_comp_st SSL_COMP;
>>
Dear Users,
I have released version 5.33 of stunnel.
This release fixes a memory leak. Upgrade is highly recommended.
The ChangeLog entry:
Version 5.33, 2016.06.23, urgency: HIGH
* New features
- Improved memory leak detection performance and accuracy.
- Improved compatibility with the
Dear Users,
I have released version 5.32 of stunnel.
The ChangeLog entry:
Version 5.32, 2016.05.03, urgency: HIGH
* Security bugfixes
- OpenSSL DLLs updated to version 1.0.2h.
https://www.openssl.org/news/secadv_20160503.txt
* New features
- New "socket = a:IPV6_V6ONLY=yes" option to
Dear Users,
I have released version 5.35 of stunnel.
The ChangeLog entry:
Version 5.35, 2016.07.18, urgency: HIGH
* Bugfixes
- Fixed incorrectly enforced client certificate requests.
- Only default to SO_EXCLUSIVEADDRUSE on Vista and later.
- Fixed thread safety of the configuration file
Dear Users,
I have released version 5.34 of stunnel.
This release includes a major security bugfix.
The ChangeLog entry:
Version 5.34, 2016.07.05, urgency: HIGH
* Security bugfixes
- Fixed malfunctioning "verify = 4".
* New features
- Bind sockets with SO_EXCLUSIVEADDRUSE on WIN32.
-
Dear Users,
I have released version 5.40 of stunnel.
Version 5.40, 2017.01.28, urgency: HIGH
* Security bugfixes
- OpenSSL DLLs updated to version 1.0.2k.
https://www.openssl.org/news/secadv/20170126.txt
* New features
- DH ciphersuites are now disabled by default.
- The daily server
Dear Users,
I have released version 5.35 of stunnel.
The ChangeLog entry:
Version 5.35, 2016.07.18, urgency: HIGH
* Bugfixes
- Fixed incorrectly enforced client certificate requests.
- Only default to SO_EXCLUSIVEADDRUSE on Vista and later.
- Fixed thread safety of the configuration file
Dear Users,
I have released version 5.36 of stunnel.
Version 5.36, 2016.09.22, urgency: HIGH
* Security bugfixes
- OpenSSL DLLs updated to version 1.0.2i.
https://www.openssl.org/news/secadv_20160922.txt
* New features
- Added support for OpenSSL 1.1.0 built with "no-deprecated".
-
Dear Users,
I have released version 5.37 of stunnel.
Version 5.37, 2016.11.06, urgency: MEDIUM
* Bugfixes
- OpenSSL DLLs updated to version 1.0.2j (stops crashes).
- The default SNI target (not handled by any slave service)
is handled by the master service rather than rejected.
-
Dear Users,
I have released version 5.38 of stunnel.
Version 5.38, 2016.11.26, urgency: MEDIUM
* New features
- "sni=" can be used to prevent sending the SNI extension.
- The AI_ADDRCONFIG resolver flag is used when available.
- Merged Debian 06-lfs.patch (thx Peter Pentchev).
* Bugfixes
Dear Users,
I have released version 5.39 of stunnel.
Version 5.39, 2017.01.01, urgency: LOW
* New features
- PKCS#11 engine (pkcs11.dll) added to the Win32 build.
- Per-destination TLS session cache added for the client mode.
- The new "logId" parameter "process" added to log PID values.
Dear Users,
I have released version 5.41 of stunnel.
Version 5.41, 2017.04.01, urgency: MEDIUM
* New features
- PKCS#11 engine DLL updated to version 0.4.5.
- Default engine UI set with ENGINE_CTRL_SET_USER_INTERFACE.
- Key file name added into the passphrase console prompt.
-
Dear Users,
I have released version 5.42 of stunnel.
Version 5.42, 2017.07.16, urgency: HIGH
* New features
- "redirect" also supports "exec" and not only "connect".
- PKCS#11 engine DLL updated to version 0.4.7.
* Bugfixes
- Fixed premature cron thread initialization causing hangs.
-
Dear Users,
I have released version 5.44 of stunnel.
It is a bugfix release. I recommend updating to this version.
Version 5.44, 2017.11.26, urgency: MEDIUM
* New features
- Signed Win32 executables, libraries, and installer.
* Bugfixes
- Default accept address restored to INADDR_ANY.
-
Dear Users,
I have released version 5.43 of stunnel.
Version 5.43, 2017.11.05, urgency: LOW
* New features
- OpenSSL DLLs updated to version 1.0.2m.
- Android build updated to OpenSSL 1.1.0g.
- Allow for multiple "accept" ports per section.
- Self-test framework (make check).
- Added
On 05/29/2018 01:48 AM, Viktor Dukhovni wrote:
> I am rather puzzled as to why you chose to eliminate
> not just fixed DH, but also the ephemeral finite-field
> DH key exchange. What's wrong with the DHE ciphers?
Mostly precomputation attacks: https://weakdh.org/logjam.html
Those parameters are
On 05/31/2018 06:15 AM, Viktor Dukhovni wrote:
> I expect there are still plenty of LTS RedHat systems that
> ship without EC support, though yes anything reasonably
> up to date, will have EC support.
AFAIR EC cipher suites were introduced in OpenSSL 1.0.0, so those LTS
systems must be using
Dear Users,
I have released version 5.55 of stunnel.
This release addresses a number of important Windows issues, including
security vulnerabilities.
Version 5.55, 2019.06.10, urgency: HIGH
* Security bugfixes
- Fixed a Windows local privilege escalation vulnerability
caused insecure
Dear Users,
I have released version 5.56 of stunnel.
### Version 5.56, 2019.11.22, urgency: HIGH
* New features
- Various text files converted to Markdown format.
* Bugfixes
- Support for realpath(3) implementations incompatible
with POSIX.1-2008, such as 4.4BSD or Solaris.
- Support
Dear Users,
I have released version 5.57 of stunnel.
This is a security release. Make sure to upgrade if you use the "redirect"
option.
### Version 5.57, 2020.10.11, urgency: HIGH
* Security bugfixes
- The "redirect" option was fixed to properly
handle "verifyChain = yes" (thx to Rob
Dear Users,
I have released version 5.59 of stunnel.
### Version 5.59, 2021.04.05, urgency: HIGH
* Security bugfixes
- OpenSSL DLLs updated to version 1.1.1k.
* New features
- Client-side "protocol = ldap" support (thx to Bart
Dopheide and Seth Grover).
* Bugfixes
- The test suite
Dear Users,
I have released version 5.58 of stunnel.
This release fixes another security bug in the "redirect" option.
### Version 5.58, 2021.02.20, urgency: HIGH
* Security bugfixes
- The "redirect" option was fixed to properly handle
unauthenticated requests (thx to Martin Stein).
-
Dear Users,
I have released version 5.60 of stunnel.
### Version 5.60, 2021.08.16, urgency: LOW
* New features
- New 'sessionResume' service-level option to allow
or disallow session resumption
- Added support for the new SSL_set_options() values.
- Download fresh ca-certs.pem for
Dear Users,
I have released version 5.61 of stunnel.
### Version 5.61, 2021.12.22, urgency: LOW
* New features sponsored by the University of Maryland
- Added new "protocol = capwin" and "protocol = capwinctrl"
configuration file options.
* New features for the Windows platform
- Added
Dear Users,
I have released version 5.62 of stunnel.
### Version 5.62, 2022.01.17, urgency: MEDIUM
* New features
- Added a bash completion script.
* Bugfixes
- Fixed a transfer() loop bug.
Home page: https://www.stunnel.org/
Download: https://www.stunnel.org/downloads.html
SHA-256
Dear Users,
I have released version 5.63 of stunnel.
### Version 5.63, 2022.03.15, urgency: HIGH
* Security bugfixes
- OpenSSL DLLs updated to version 3.0.2.
* New features
- Updated stunnel.spec to support bash completion.
* Bugfixes
- Fixed a PRNG initialization crash (thx to Gleydson
Dear Users,
I have released version 5.65 of stunnel.
On Windows, this release fixes a high severity OpenSSL vulnerability:
https://www.openssl.org/news/secadv/20220705.txt
### Version 5.65, 2022.07.17, urgency: HIGH
* Security bugfixes
- OpenSSL DLLs updated to version 3.0.5.
* Bugfixes
-
Dear Users,
I have released version 5.64 of stunnel. This release only includes Windows
fixes and improvements.
### Version 5.64, 2022.05.06, urgency: MEDIUM
* Security bugfixes
- OpenSSL DLLs updated to version 3.0.3.
* New features
- Updated the pkcs11 engine for Windows.
* Bugfixes
-
Dear Users,
I have released version 5.66 of stunnel.
### Version 5.66, 2022.09.11, urgency: MEDIUM
* New features
- OpenSSL 3.0 FIPS Provider support for Windows.
* Bugfixes
- Fixed building on machines without pkg-config.
- Added the missing "environ" declaration for
BSD-based
Dear Users,
I have released version 5.67 of stunnel.
### Version 5.67, 2022.11.01, urgency: HIGH
* Security bugfixes
- OpenSSL DLLs updated to version 3.0.7.
* New features
- Provided a logging callback to custom engines.
* Bugfixes
- Fixed "make cert" with OpenSSL older than 3.0.
-
34 matches
Mail list logo