pkgsrc/security/stunnel
jym a1ae535f4d Update stunnel to 4.55. Critical update that fixes CVE-2013-1762.
Changelog:

Version 4.55, 2013.03.03, urgency: HIGH:

    Security bugfix
        OpenSSL updated to version 1.0.1e in Win32/Android builds.
        Buffer overflow vulnerability fixed in the NTLM authentication of the CONNECT protocol negotiation. See https://www.stunnel.org/CVE-2013-1762.html for details.
    New features
        SNI wildcard matching in server mode.
        Terminal version of stunnel (tstunnel.exe) build for Win32.
    Bugfixes
        Fixed write half-close handling in the transfer() function (thx to Dustin Lundquist).
        Fixed EAGAIN error handling in the transfer() function (thx to Jan Bee).
        Restored default signal handlers before execvp() (thx to Michael Weiser).
        Fixed memory leaks in protocol negotiation (thx to Arthur Mesh).
        Fixed a file descriptor leak during configuration file reload (thx to Arthur Mesh).
        Closed SSL sockets were removed from the the transfer() c->fds poll.
        Minor fix in handling exotic inetd-mode configurations.
        WCE compilation fixes.
        IPv6 compilation fix in protocol.c.
        Windows installer fixes.
2013-03-06 22:50:31 +00:00
..
files
patches Update to 4.46 2011-11-10 21:01:39 +00:00
DESCR
distinfo Update stunnel to 4.55. Critical update that fixes CVE-2013-1762. 2013-03-06 22:50:31 +00:00
Makefile Update stunnel to 4.55. Critical update that fixes CVE-2013-1762. 2013-03-06 22:50:31 +00:00
MESSAGE
options.mk Add inet6 to default suggested options. It's 2012. 2012-06-12 15:45:54 +00:00
PLIST