[stunnel-announce] stunnel 5.01 released

Michal Trojnara Michal.Trojnara at mirt.net
Tue Apr 8 18:20:38 CEST 2014


Dear Users,

I have released version 5.01 of stunnel.

The ChangeLog entry:

Version 5.01, 2014.04.08, urgency: HIGH:
* Security bugfixes
  - OpenSSL DLLs updated to version 1.0.1g.
    This version mitigates TLS heartbeat read overrun (CVE-2014-0160).
* New features
  - X.509 extensions added to the created self-signed stunnel.pem.
  - "FIPS = no" also allowed in non-FIPS builds of stunnel.
  - Search all certificates with the same subject name for a matching
    public key rather than only the first one (thx to Leon Winter).
  - Create logs in the local application data folder if stunnel folder
    is not writable on Win32.
* Bugfixes
  - close_notify not sent when SSL still has some data buffered.
  - Protocol negotiation with server-side SNI fixed.
  - A Mac OS X missing symbols fixed.
  - Win32 configuration file reload crash fixed.
  - Added s_pool_free() on exec+connect service retires.
  - Line-buffering enforced on stderr output.

Home page: https://www.stunnel.org/
Download:  https://www.stunnel.org/downloads.html

SHA-256 hash for stunnel-5.01.tar.gz:
2565bf58ffe8a612304c64df621105b2e42d6e389e815ed4205dbeec4f3f886b

Best regards,
    Mike

-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 252 bytes
Desc: OpenPGP digital signature
URL: <http://www.stunnel.org/pipermail/stunnel-announce/attachments/20140408/ba1f3a81/attachment.sig>


More information about the stunnel-announce mailing list