[stunnel-users] stunnel 4.55 released (security update)

Michal Trojnara Michal.Trojnara at mirt.net
Sun Mar 3 20:46:00 CET 2013


Dear Users,

I have released version 4.55 of stunnel.  This is a massive bugfix
release, including a security bugfix.  Update is highly recommended.

The ChangeLog entry:

Version 4.55, 2013.03.03, urgency: HIGH:
* Security bugfix
  - OpenSSL updated to version 1.0.1e in Win32/Android builds.
  - Buffer overflow vulnerability fixed in the NTLM authentication
    of the CONNECT protocol negotiation.
    See https://www.stunnel.org/CVE-2013-1762.html for details.
* New features
  - SNI wildcard matching in server mode.
  - Terminal version of stunnel (tstunnel.exe) build for Win32.
* Bugfixes
  - Fixed write half-close handling in the transfer() function (thx to
    Dustin Lundquist).
  - Fixed EAGAIN error handling in the transfer() function (thx to
    Jan Bee).
  - Restored default signal handlers before execvp() (thx to Michael
    Weiser).
  - Fixed memory leaks in protocol negotiation (thx to Arthur Mesh).
  - Fixed a file descriptor leak during configuration file reload (thx
    to Arthur Mesh).
  - Closed SSL sockets were removed from the the transfer() c->fds poll.
  - Minor fix in handling exotic inetd-mode configurations.
  - WCE compilation fixes.
  - IPv6 compilation fix in protocol.c.
  - Windows installer fixes.

Home page: https://www.stunnel.org/
Download:  https://www.stunnel.org/downloads.html

SHA-256 hash for stunnel-4.55.tar.gz:
5a4acecfabd454415c727435acdfca7dc46aa542998fb278293f494a6d36d37a

Best regards,
    Mike

-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 196 bytes
Desc: OpenPGP digital signature
URL: <http://www.stunnel.org/pipermail/stunnel-users/attachments/20130303/3c0c7c3e/attachment.sig>


More information about the stunnel-users mailing list