-
stunnel4 (3:4.29-1+squeeze1) squeeze-security; urgency=high
* Non-maintainer upload by the Security Team.
* Add CVE-2013-1762.patch patch.
CVE-2013-1762: Fix buffer overflow vulnerability due to incorrect
integer conversion in the NTLM authentication of the CONNECT protocol
negotiation. (Closes: #702267)
-- Salvatore Bonaccorso <email address hidden> Sat, 27 Apr 2013 17:00:30 +0200
-
stunnel4 (3:4.29-1) unstable; urgency=low
* New upstream version (Closes: #559270).
- sessiond, a high performance SSL session cache was built for stunnel.
A new service-level "sessiond" option was added. sessiond is
available for download on ftp://stunnel.mirt.net/stunnel/sessiond/ .
stunnel clusters will be a lot faster, now!
- Transparent proxy support on Linux kernels >=2.6.28.
See the manual for details.
The old transproxy.txt file is no longer provided.
- New socket options to control TCP keepalive on Linux:
TCP_KEEPCNT, TCP_KEEPIDLE, TCP_KEEPINTVL.
- SSL options updated for the recent version of OpenSSL library.
- Bugfixes
+ Missing "fips" option was added to the manual.
+ A serious bug in asynchronous shutdown code fixed.
+ Data alignment updated in libwrap.c.
+ Polish manual encoding fixed. Debian's patch for this removed.
+ Notes on compression implementation in OpenSSL added to the manual.
* Use correct owner:group for logs after rotation. (Closes: #529481).
Thanks Brian 'morlenxus' Miculcy <email address hidden>
* Use copytruncate in logrotate file, instead of restarting the
daemon (Closes: #535915).
Thanks Andrew Buckeridge <email address hidden>
* Bump Standards-Version to 3.8.3. No changes required.
* Do not specify path to true in postinst script.
-- Luis Rodrigo Gallardo Cruz <email address hidden> Tue, 08 Dec 2009 19:34:21 -0800
-
stunnel4 (3:4.27-1) unstable; urgency=low
* New upstream release.
- Remove debian/patches/security-check_certificate, now included upstream.
Fixes: CVE-2008-2420
- Libwrap helper processes fixed to close standard
input/output/error file descriptors. (Closes: #482379)
* Rebase quilt patches to not require -p0. (Closes: #484966)
* Fix sample configuration file to use ssl cert from /etc/ssl/certs
(Closes: #460953).
* Warn if automatic startup is disabled in /etc/default/stunnel4
(Closes: #475599).
* Use invoke-rc.d in ppp start/stop scripts.
* Standards-Version: 3.8.1.
- Add README.source documenting use of quilt.
* Bump to debhelper 7
- Remove unused old option from dh_mkshlibs call
* Declare the polish pod's encoding and use unicode when converting it
to a manpage.
* Dummy upgrade package is priority: extra
-- Luis Rodrigo Gallardo Cruz <email address hidden> Fri, 24 Apr 2009 19:56:05 -0700
-
stunnel4 (3:4.22-2) unstable; urgency=low
* Check if a daemon is already running before trying to start it with the
same configuration file. Thanks Peter Palfrader <email address hidden> for
the report (Closes: #506091).
-- Luis Rodrigo Gallardo Cruz <email address hidden> Tue, 18 Nov 2008 13:52:42 +0100
