Dear Users,I have released version 4.42 of stunnel. This is a security bugfix release. Upgrade is highly recommended!
The ChangeLog entry:
Version 4.42, 2011.08.18, urgency: HIGH:
* New features
- New verify level 0 to request and ignore peer certificate. This
feature is useful with the new Windows GUI menu to save cached peer
certificate chains, as SSL client certificates are not sent by
default.
- Manual page has been updated.- Removed support for changing Windows Service name with "service" option.
* Bugfixes- Fixed a heap corruption vulnerability in versions 4.40 and 4.41. It may possibly be leveraged to perform DoS or remote code execution attacks.
- The -quiet commandline option was applied to *all* message boxes.- Silent install (/S option) no longer attempts to create stunnel.pem.
Home page: http://www.stunnel.org/ Download: ftp://ftp.stunnel.org/stunnel/ SHA-256 hash for stunnel-4.42.tar.gz: d33c407bfc4f58070e818081bd082c38f91cab7691ccbb794da63143c535de3b Best regards, Mike
PGP.sig
Description: This is a digitally signed message part
