[stunnel-announce] stunnel 5.15 release

Michal Trojnara Michal.Trojnara at mirt.net
Thu Apr 16 15:42:02 CEST 2015


-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Dear Users,

I have released version 5.15 of stunnel.

The ChangeLog entry:

Version 5.15, 2015.04.16, urgency: LOW:
* New features
  - Added new service-level options "checkHost", "checkEmail" and
    "checkIP" for additional checks of the peer certificate subject.
    These options require OpenSSL version 1.0.2 or higher.
  - Win32 binary distribution now ships with the Mozilla root CA
    bundle.  This bundle is intended be used together with the new
    "checkHost" option to validate server certs accepted by Mozilla.
  - New commandline options "-reload" to reload the configuration
    file and "-reopen" to reopen the log file of stunnel running
    as a Windows service (thx to Marc McLaughlin).
  - Added session persistence based on negotiated TLS sessions.

https://en.wikipedia.org/wiki/Load_balancing_%28computing%29#Persistence
    The current implementation does not support external TLS
    session caching with sessiond.
  - MEDIUM ciphers (currently SEED and RC4) are removed from the
    default cipher list.
  - The "redirect" option was improved to not only redirect sessions
    established with an untrusted certificate, but also sessions
    established without a client certificate.
  - OpenSSL version checking modified to distinguish FIPS and
    non-FIPS builds.
  - Improved compatibility with the current OpenSSL 1.1.0-dev tree.
  - Removed support for OpenSSL versions older than 0.9.7.
    The final update for the OpenSSL 0.9.6 branch was 17 Mar 2004.
  - "sessiond" support improved to also work in OpenSSL 0.9.7.
  - Randomize the initial value of the round-robin counter.
  - New stunnel.conf templates are provided for Windows and Unix.
* Bugfixes
  - Fixed compilation against old versions of OpenSSL.
  - Fixed memory leaks in certificate verification.

Home page: https://www.stunnel.org/
Download:  https://www.stunnel.org/downloads.html

SHA-256 hashes:
58ff4645eb5d6bd64e6ddedaa683534302f75625c531e8a6364badcac0541cba
stunnel-5.15.tar.gz
08316dc39f72f10f7b28a67e25ddf90f3f189208b09562c12d81478c6ca2e782
stunnel-5.15-installer.exe
db96edbe66f1c3524e51f21b47cc541953d1659e746765a43d0272cfe60712b0
stunnel-5.15-android.zip

Best regards,
    Mike
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1

iQIcBAEBAgAGBQJVL7wqAAoJEC78f/DUFuAU+30P/Ar197tSUJC0+sLBXwddWkm4
J7d9lFThQFECDDSIqaFYfCuecIgGHk8LUVq8nQHh21H1tvpPp7SnYHkzOLsb2w/y
G7rLdA+a8BgRTUF3rMxTyghL78Yor88OLI8J93U7pkQkl0bIZpiITn838R5x9/NP
+nGTgqy3U5tNoXALBQ/tLZCNML/XaEyxfrbdStOslV5Ay3m23RPw9wqgD4tJoWqe
5x52sMmLh0nhE5lX3xAKxzabVcioAaqVlBEgK1/ZKJj709Olcv14HZcOWzWhWkka
MR0ItrZMkYf3lLk/StDm3s2BakKRraRustxlK8wAV4ci7t/IBnWshIpYIij9Nzct
HNOT10GjWpN6pwwixNcMBUn7/wDNjiRVw/1n/keL84qSYry54Czo1LpBra1lMCmg
8WENkpJbaNFHvXI4rEzZkiPdlG16tXHF33CcYxwrT8bCXa+Uk4i8c98TJ2jfOaUv
VFVLWxFtK4ydoppgOo2eRuymVPNK4HbLZnLPL874xPlHpYjRl5ndClLeDpkDzgJv
8y6zdYwJLFbinWGGHTZIVlyQQfKzB1NDCfXxknsbxtCpZt5Ja0Ka+oS6kcOMZz6f
CjYpmd52wjEtAoxxxsjGGrYsO3q0sn0UU3Kc97lGGS/MsgbXFYDnSGqP+p8lzDoq
urHG9EjMxXNMcnmKp9JQ
=XLyZ
-----END PGP SIGNATURE-----


More information about the stunnel-announce mailing list