kpriv/pkgsrc-wip
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity
6377 commits 1 branch 0 tags 462 MiB
Commit graph

6 commits

Author SHA1 Message Date
Thomas Klausner
786ad7d43c pkg-vulnerabilities file fixed -- TODO can go. 2004-05-12 08:18:42 +00:00
Thomas Klausner
dac4e07750 Convert to bl3. 2004-05-12 08:16:02 +00:00
Chris Pinnock
3671f16559 Whitespace 2003-12-30 20:09:37 +00:00
Hauke Fath
cceaa95297 List bogus pkg vulnerability-list issue. 2003-11-07 20:39:44 +00:00
Hauke Fath
c2ccdbd164 stunnel v3.xx does _not_ have a config file. 2003-10-26 14:55:27 +00:00
Hauke Fath
86b2e895f2 Although there is a stunnel version 4, the v3 branch is still 
maintained. In fact, it does not have two annoying bugs of the v4:
stunnel processes do not stick around forever, and the cli options are
still present as opposed to the v4 windows-like config file.

From the changelog since v3.22 (when the pkgsrc stunnel was upgraded
to 4.0.4):

Version 3.26, 2003.08.29 urgency: MEDIUM:
* Several improvements, all implemented by Steve Grubb:
* Fixed new child signal handler, introduced in 3.25,
  which was buggy in pthreads environments
* Fixed problem where the accept() can block indefinately
  if the user or OS has discarded the connection.
* Minor code cleanup and removal of duplicate function.

Version 3.25, 2003.07.25, urgency: HIGH:
* Fixed buggy SIGCHLD handling using patch supplied by Nalin Dahyabhai
  of Red Hat.
* Fixed buggy SIGCHLD handling patch (their new pipe descriptors were
  leaked), removed unused pty_release and pty_make_controlling_tty
  functions which are not used, removed CRIT_LIBWRAP which needs to
  be inside CRIT_NTOA anyway.  Thanks to Steve Grubb for these
  suggestions.
* REMOTE_HOST variable is always placed in the environment of
  procesess spawned with 'exec'.
* Added ENVIRONMENT section to man page, documenting REMOTE_HOST,
  SSL_CLIENT_DN and SSL_CLIENT_I_DN.
* Removed entries from TODO, since development is in 4.x only.

Version 3.24, 2002.04.23, urgency: HIGH:
* Fixed bug whereby RSA blinding was called in client mode
  even when no cert was in use.
* Patches no longer need to be public domain to be accepted into
  the Stunnel-3.x branch.  Anything compatible with the existing
  GPL license is fine.

Version 3.23, 2002.04.02, urgency: HIGH:
* Enabled RSA blinding on all RSA keys to prevent RSA timing attack that
  was proven to be exploitable by David Brumley and Dan Boneh.  See
  http://crypto.stanford.edu/~dabo/abstracts/ssl-timing.html for more
  details about the attack.  If you have an OpenSSL library that has
  RSA blinding on by default (>=0.9.7b or >=0.9.6j) then you do not
  need to upgrade, but it is still suggested.
* precompiled stunnel.exe no longer distributed in the source tarball
* Brian Hatch <bri@stunnel.org> taking over maintenance of the
  Stunnel 3.x branch.  New functionality should focus on the 4.x
  branch, 3.x will only be maintained for security and bugfixes.
 2003-10-26 14:26:22 +00:00