pkgsrc.se | The NetBSD package collection

Subject: CVS commit: pkgsrc/security/stunnel
From: Ryo ONODERA
Date: 2018-06-07 20:54:20
Message id: 20180607185420.65557FBEC@cvs.NetBSD.org

Log Message:
Update to 5.46

Changelog:
Version 5.46, 2018.05.28, urgency: MEDIUM
* New features
  - The default cipher list was updated to a safer value:
    "HIGH:!aNULL:!SSLv2:!DH:!kDHEPSK".
* Bugfixes
  - Default accept address restored to INADDR_ANY.

Version 5.45, 2018.05.21, urgency: MEDIUM
* New feature sponsored by https://loadbalancer.org/
  - Implemented delayed deallocation of service sections
    after configuration file reload.
* Other new features
  - OpenSSL DLLs updated to version 1.0.2o.
  - Deprecated the sslVersion option.
  - The "socket" option is now also available in service sections.
  - Implemented try-restart in the SysV init script (thx to
    Peter Pentchev).
  - TLS 1.3 compliant session handling for OpenSSL 1.1.1.
  - Default "failover" value changed from "rr" to \ 
"prio".
  - New "make check" tests.
* Bugfixes
  - A service no longer refuses to start if binding fails for
    some (but not all) addresses:ports.
  - Fixed compression handling with OpenSSL 1.1.0 and later.
  - _beginthread() replaced with safer _beginthreadex().
  - Fixed exception handling in libwrap.
  - Fixed exec+connect services.
  - Fixed automatic resolver delaying.
  - Fixed a Gentoo cross-compilation bug (thx to Joe Harvell).
  - A number of "make check" framework fixes.
  - Fixed false postive memory leak logs.
  - Build fixes for OpenSSL versions down to 0.9.7.
  - Fixed (again) round-robin failover in the FORK threading model.

Version 5.44, 2017.11.26, urgency: MEDIUM
* New features
  - Signed Win32 executables, libraries, and installer.
* Bugfixes
  - Default accept address restored to INADDR_ANY.
  - Fixed a race condition in "make check".
  - Fixed removing the pid file after configuration reload.

Version 5.43, 2017.11.05, urgency: LOW
* New features
  - OpenSSL DLLs updated to version 1.0.2m.
  - Android build updated to OpenSSL 1.1.0g.
  - Allow for multiple "accept" ports per section.
  - Self-test framework (make check).
  - Added config load before OpenSSL init (thx to Dmitrii Pichulin).
  - OpenSSL 1.1.0 support for Travis CI.
  - OpenSSL 1.1.1-dev compilation fixes.
* Bugfixes
  - Fixed a memory fault on Solaris.
  - Fixed round-robin failover in the FORK threading model.
  - Fixed handling SSL_ERROR_ZERO_RETURN in SSL_shutdown().
  - Minor fixes of the logging subsystem.

Files:

Revision	Action	file
1.109	modify	pkgsrc/security/stunnel/Makefile
1.57	modify	pkgsrc/security/stunnel/distinfo
1.21	modify	pkgsrc/security/stunnel/patches/patch-ac
1.4	modify	pkgsrc/security/stunnel/patches/patch-configure