Navigation:
Browse pkgsrc
(this page)
New packages:Log Message:
pullup ticket #2400 - requested by tnn
stunnel: update package due to security issue
revisions pulled up:
- pkgsrc/security/stunnel/MESSAGE 1.1
- pkgsrc/security/stunnel/Makefile 1.62
- pkgsrc/security/stunnel/PLIST 1.10
- pkgsrc/security/stunnel/distinfo 1.24
- pkgsrc/security/stunnel/files/stunnel.sh 1.2
- pkgsrc/security/stunnel/patches/patch-aa 1.20
- pkgsrc/security/stunnel/patches/patch-ac r0
Module Name: pkgsrc
Committed By: tnn
Date: Tue May 27 11:51:32 UTC 2008
Modified Files:
pkgsrc/security/stunnel: Makefile PLIST distinfo
pkgsrc/security/stunnel/files: stunnel.sh
pkgsrc/security/stunnel/patches: patch-aa
Added Files:
pkgsrc/security/stunnel: MESSAGE
Removed Files:
pkgsrc/security/stunnel/patches: patch-ac
Log Message:
Update to stunnel-4.24.
4.24: fix security problem (properly reject revoked certs)
4.23: WinNT bugfix
4.22:
- A new global option to control logging to syslog.
Simultaneous logging to a file and the syslog is now possible.
- A new service level option to control stack size.
- Restored chroot() to be executed after decoding numerical
userid and groupid values in drop_privileges().
- A few bugs fixed the in the new libwrap support code.
- TLSv1 method used by default in FIPS mode instead of
SSLv3 client and SSLv23 server methods.
4.21:
- Initial FIPS 140-2 support (see INSTALL.FIPS for details).
- Experimental fast support for non-MT-safe libwrap is provided
with pre-spawned processes.
- Stunnel binary moved from /usr/local/sbin to /usr/local/bin
in order to meet FHS and LSB requirements.
- Added code to disallow compiling stunnel with pthreads when
OpenSSL is compiled without threads support.
- Minor manual update.
- TODO file updated.
- Dynamic locking callbacks added (needed by some engines to work).
- AC_ARG_ENABLE fixed in configure.am to accept yes/no arguments.
- On some systems libwrap requires yp_get_default_domain from libnsl,
additional checking for libnsl was added to the ./configure script.
- Sending a list of trusted CAs for the client to choose the right
certificate restored.
- Some compatibility issues with NTLM authentication fixed.