[stunnel-announce] stunnel 5.01 released
Michal Trojnara
Michal.Trojnara at mirt.net
Tue Apr 8 18:20:38 CEST 2014
Dear Users,
I have released version 5.01 of stunnel.
The ChangeLog entry:
Version 5.01, 2014.04.08, urgency: HIGH:
* Security bugfixes
- OpenSSL DLLs updated to version 1.0.1g.
This version mitigates TLS heartbeat read overrun (CVE-2014-0160).
* New features
- X.509 extensions added to the created self-signed stunnel.pem.
- "FIPS = no" also allowed in non-FIPS builds of stunnel.
- Search all certificates with the same subject name for a matching
public key rather than only the first one (thx to Leon Winter).
- Create logs in the local application data folder if stunnel folder
is not writable on Win32.
* Bugfixes
- close_notify not sent when SSL still has some data buffered.
- Protocol negotiation with server-side SNI fixed.
- A Mac OS X missing symbols fixed.
- Win32 configuration file reload crash fixed.
- Added s_pool_free() on exec+connect service retires.
- Line-buffering enforced on stderr output.
Home page: https://www.stunnel.org/
Download: https://www.stunnel.org/downloads.html
SHA-256 hash for stunnel-5.01.tar.gz:
2565bf58ffe8a612304c64df621105b2e42d6e389e815ed4205dbeec4f3f886b
Best regards,
Mike
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 252 bytes
Desc: OpenPGP digital signature
URL: <http://www.stunnel.org/pipermail/stunnel-announce/attachments/20140408/ba1f3a81/attachment.sig>
More information about the stunnel-announce
mailing list