Dear Users,
Version 4.26, 2008.09.20, urgency: MEDIUM:
* New features
- Win32 DLLs for OpenSSL 0.9.8i.
- /etc/hosts.allow and /etc/hosts.deny no longer need to be copied to
the chrooted directory, as the libwrap processes are no longer
chrooted.
- A more informative error messages for invalid port number specified
in stunnel.conf file.
- Support for Microsoft Visual C++ 9.0 Express Edition.
* Bugfixes
- Killing all libwrap processes at stunnel shutdown fixed.
- A minor bug in stunnel.init sample SysV startup file fixed.
Home page/download: http://stunnel.mirt.net/
sha1sum for stunnel-4.24.tar.gz file:
1c9f5dd6b21f354c356cd9100899a90a83068c68
Best regards,
Mike
Dear Users,
Version 4.25, 2008.06.01, urgency: MEDIUM:
* New features
- Win32 DLLs for OpenSSL 0.9.8h.
* Bugfixes
- Spawning libwrap processes delayed until privileges are dropped.
- Compilation fix for systems without struct msghdr.msg_control.
Home page/download: http://stunnel.mirt.net/
sha1sum for stunnel-4.24.tar.gz file:
fc6d61fad996f750c76ea627c5dd9f789af0eaf6
Best regards,
Mike
Dear Users,
I have just released a new version of stunnel.
Please find below the ChangeLog entry:
Version 4.23, 2008.05.03, urgency: HIGH:
* Bugfixes
- Local privilege escalation bug on Windows NT based
systems fixed. A local user could exploit stunnel
running as a service to gain localsystem privileges.
Home page/download: http://stunnel.mirt.net/
sha1sum for stunnel-4.23.tar.gz file:
d0fef8b518a44b9623692381a53680e0b4b01686
Best regards,
Mike
Dear Users,
Please test the new stunnel 4.21 and report your issues on the Bug Tracking
System (http://stunnel.mirt.net/bts.html) or email the information to the
stunnel-users mailing list. This is the easiest way to help stunnel working
fine on your various systems. I was developing it for quite a long time and
I likely failed to fix all the bugs. I'm especially interested in all
compilation or runtime issues with the new FIPS and libwrap code.
By the time you can find a patch for setuid/setgid+chroot problem here:
ftp://stunnel.mirt.net/stunnel/setuid.patch
Best regards,
Mike
Dear Users,
The new version is available for download on:
ftp://stunnel.mirt.net/stunnel/
Version 4.21, 2007.10.27, urgency: LOW/EXPERIMENTAL:
* New features sponsored by Open-Source Software Institute
- Initial FIPS 140-2 support (see INSTALL.FIPS for details).
Win32 platform is not currently supported.
* New features
- Experimental fast support for non-MT-safe libwrap is provided
with pre-spawned processes.
- Stunnel binary moved from /usr/local/sbin to /usr/local/bin
in order to meet FHS and LSB requirements.
Please delete the /usr/local/sbin/stunnel when upgrading.
- Added code to disallow compiling stunnel with pthreads when
OpenSSL is compiled without threads support.
- Win32 DLLs for OpenSSL 0.9.8g.
- Minor manual update.
- TODO file updated.
* Bugfixes
- Dynamic locking callbacks added (needed by some engines to work).
- AC_ARG_ENABLE fixed in configure.am to accept yes/no arguments.
- On some systems libwrap requires yp_get_default_domain from libnsl,
additional checking was added.
- Sending a list of trusted CAs for the client to choose the right
certificate restored.
- Some compatibility issues with NTLM authentication fixed.
- Taskbar icon (unless there is a config file parsing error) and
"Save As" disabled in the service mode for local Win32 security
(it's much like Yeti -- some people claim they have seen it).
sha1 hash for stunnel-4.21.tar.gz file:
7785c45167d902aa728b839adee02a8cc056d86a
Best regards,
Mike
Dear Users,
I have just released a new version of stunnel. Here is the ChangeLog entry:
Version 4.20, 2006.11.30, urgency: MEDIUM:
* Release notes
- The new transfer() function has been well tested.
I recommend upgrading any previous version with this one.
* Bugfixes
- Fixed support for encrypted passphases (broken in 4.19).
- Reduced amount of debug logs.
- A minor man page update.
Home page/download: http://stunnel.mirt.net/
sha1sum for stunnel-4.20.tar.gz fie:
a9a449b28a4f34ab22f6b4bfaa81c1904a5883c4
Best regards,
Mike
Dear Users,
A new version of stunnel has just been released.
Version 4.19, 2006.11.11, urgency: LOW/EXPERIMENTAL:
* Release notes
- There are a lot of new features in this version. I recommend
to test it well before upgrading your mission-critical systems.
* New features
- New service-level option to specify OCSP server flag:
OCSPflag = <flag>
- "protocolCredentials" option changed to "protocolUsername"
and "protocolPassword"
- NTLM support to be enabled with the new service-level option:
protocolAuthentication = NTLM
- imap protocol negotiation support added.
- Passphrase cache was added so the user does not need to reenter
the same passphrase for each defined service any more.
- New service-level option to retry connect+exec section:
retry = yes|no
- Local IP and port is logged for each established connection.
- Win32 DLLs for OpenSSL 0.9.8d.
* Bugfixes
- Serious problem with SSL_WANT_* retries fixed.
The new code requires extensive testing!
Homepage: http://stunnel.mirt.net/
Download: ftp://stunnel.mirt.net/stunnel/
sha1sum for stunnel-4.19.tar.gz:
d58da8117278d71598279c77935585de81b74394
Best regards,
Mike
Dear Users,
I want you to know how much grateful I am for all your donations.
Thank you very much. Some day stunnel may be full-time job. 8-)
Even now sponsored features make a substantial addition to my budget.
BTW: I have updated currency to USD. I hope it's more convenient.
http://stunnel.mirt.net/
Best regards,
Mike
Dear Users,
Since PayPal finally decided to provide full support for users
in Poland I've added a donation button on the web page.
http://stunnel.mirt.net/
I really appreciate each donation. 8-)
Best regards,
Mike
