pool/stunnel
SHA256
4
0
Fork 1
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
stunnel/stunnel.changes

243 lines
9.3 KiB
Plaintext
Raw Normal View History

OBS-URL: https://build.opensuse.org/package/show/security:Stunnel/stunnel?expand=0&rev=2
2006-06-23 10:15:06 +00:00
-------------------------------------------------------------------
OBS-URL: https://build.opensuse.org/package/show/security:Stunnel/stunnel?expand=0&rev=12
2006-06-23 13:24:33 +00:00
Fri Jun 23 15:11:22 CEST 2006 - poeml@suse.de
OBS-URL: https://build.opensuse.org/package/show/security:Stunnel/stunnel?expand=0&rev=2
2006-06-23 10:15:06 +00:00
OBS-URL: https://build.opensuse.org/package/show/security:Stunnel/stunnel?expand=0&rev=9
2006-06-23 12:01:15 +00:00
- build as non-root
OBS-URL: https://build.opensuse.org/package/show/security:Stunnel/stunnel?expand=0&rev=2
2006-06-23 10:15:06 +00:00
- build with fPIE/pie on SUSE 10.0 or newer, or on any other
platform
- fix BuildRequires for Fedora Core, and wrap suse_version macros
OBS-URL: https://build.opensuse.org/package/show/security:Stunnel/stunnel?expand=0&rev=12
2006-06-23 13:24:33 +00:00
- upstream 4.1.5
* Release notes
- There are a lot of new features in this version. I recommend
to test it well before upgrading your mission-critical systems.
[note by packager: out since 3 months, without major problems]
* Bugfixes
- Default threading model changed to pthread for better portability.
- DH parameters are not included in the certificate by default.
* New features sponsored by Software House http://www.swhouse.com/
- Most SSL-related options (including client, cert, key) are now
available on service level, so it is possible to have an SSL
client and an SSL server in a single stunnel process.
* New features
- Client mode CONNECT protocol support (RFC 2817 section 5.2).
http://www.ietf.org/rfc/rfc2817.txt
- Retrying exec+connect services added.
- make install now tries to create /var/lib/stunnel chmoded 1770
and group nogroup, which we don't do.
OBS-URL: https://build.opensuse.org/package/show/security:Stunnel/stunnel?expand=0&rev=2
2006-06-23 10:15:06 +00:00
-------------------------------------------------------------------
Wed Jan 25 21:41:50 CET 2006 - mls@suse.de
- converted neededforbuild to BuildRequires
-------------------------------------------------------------------
Sun Nov 27 18:05:05 CET 2005 - lmuelle@suse.de
- update to 4.14
-------------------------------------------------------------------
Thu Oct 6 14:16:25 CEST 2005 - poeml@suse.de
- fix hang/segfault upon connect. Use pthreads by removing
configure check for ucontext.h [#119650]
-------------------------------------------------------------------
Tue Aug 30 15:54:37 CEST 2005 - poeml@suse.de
- fix parsing of ldd output when setting up the chroot jail [#114090]
-------------------------------------------------------------------
Tue Jun 21 14:39:34 CEST 2005 - poeml@suse.de
- update to 4.10
- Some bugfixes and code cleanup were done.
- A new user-level non-preemptive thread model was added for even
greater scalability.
- The stunnel3 script was improved to be more compatible with
getopt.
- add post-4.10 stunnel-4.10-inetd.patch
- compile with tcp wrappers
- compile as PIE and link with -z relro
-------------------------------------------------------------------
Tue Jan 4 10:46:20 CET 2005 - poeml@suse.de
- update to 4.07
* Bugfixes
- Problem with infinite poll() timeout negative, but not equal
to -1 fixed.
- Problem with a file descriptor ready to be read just after a
non-blocking connect call fixed.
- Compile error with EAI_NODATA not defined or equal to
EAI_NONAME fixed.
- IP address and TCP port textual representation length (IPLEN)
increased to 128 bytes.
- OpenSSL engine support is only used if engine.h header file
exists.
- Broken NT Service mode on WIN32 platform fixed.
- Support for IPv4-only WIN32 machines restored.
-------------------------------------------------------------------
Tue Dec 28 15:28:18 CET 2004 - poeml@suse.de
- update to 4.06
In this version, IPv6 support, compression support, hardware
engine selection and many other features were added. A new
stunnel3 Perl script to emulate version 3.x command line options
was added. poll() is used instead of select() where available,
so FD_SETSIZE no longer limits the number of concurrent
connections.
- add stunnel-4.06-nfds.dif
stunnel-4.06-poll_timeout.patch
stunnel-4.06-race_condition.patch
-------------------------------------------------------------------
Thu Nov 11 12:57:47 CET 2004 - poeml@suse.de
- fix filelist for /usr/lib
-------------------------------------------------------------------
Fri Mar 5 17:20:21 CET 2004 - poeml@suse.de
- update to 4.05. new features (excerpt):
* New feature sponsored by SURFnet http://www.surfnet.nl/
- Support for CIFS aka SMB protocol SSL negotiation.
* New features
- CRL support with new CApath and CAfile global options.
- New -fd command line parameter to read configuration
from a specified file descriptor instead of a file.
- accept is reported as error with [section] defined (in
stunnel 4.04 it was silently ignored causing problems
for lusers that did not read the fine manual).
- Use fcntl() instead of ioctlsocket() to set socket
nonblocking when it is supported.
- Basic support for hardware engines with OpenSSL >= 0.9.7.
- French manual by Bernard Choppy <choppy@imaginet.fr>.
- Thread stack size reduced to 64KB for maximum scalability.
- Added optional code to debug thread stack usage.
- Support for nsr-tandem-nsk (thx to Tom Bates <tom.bates@hp.com>).
* Bugfixes
- TCP wrappers code moved to CRIT_NTOA critical section
since it uses static inet_ntoa() result buffer.
- SSL_ERROR_SYSCALL handling problems fixed.
- added code to retry nonblocking SSL_shutdown() calls.
- Use FD_SETSIZE instead of 16 file descriptors in inetd
mode.
- fdscanf groks lowercase protocol negotiation commands.
- Libwrap detection bug in ./configure script fixed.
- Some other minor updates.
- show readme only at first installation
-------------------------------------------------------------------
Tue Aug 26 18:15:22 CEST 2003 - poeml@suse.de
- add Config: syslog-ng to sysconfig.syslog-stunnel
-------------------------------------------------------------------
Thu Aug 14 21:10:14 CEST 2003 - poeml@suse.de
- add activation metadata to sysconfig template [#28954]
- rename README.SuSE to README.{SuSE,UnitedLinux}
- don't show blurb in %post if a certificate exists
-------------------------------------------------------------------
Tue Aug 12 15:50:51 CEST 2003 - poeml@suse.de
- implement 'try-restart' in rcstunnel correctly [#28636]
-------------------------------------------------------------------
Wed Jul 30 18:06:49 CEST 2003 - poeml@suse.de
- add an example configuration for tunneling MySQL
- make stunnel3_wrapper compatible to more shells, and merge it
with stunnel3_convert (which becomes a symlink)
- new macros for stop/restart of services on rpm update/removal
-------------------------------------------------------------------
Tue May 13 12:00:38 CEST 2003 - poeml@suse.de
- delete (from the build root) files not to be packaged
- package the libtool library file
- add a commented option to the sample configuration
-------------------------------------------------------------------
Thu Mar 13 14:10:53 CET 2003 - poeml@suse.de
- rc.stunnel: do not write the startup log to a world writable
directory [cf. #25239]
-------------------------------------------------------------------
Mon Feb 17 18:22:36 CET 2003 - poeml@suse.de
- Version 4.04, 2003.01.12, urgency: MEDIUM:
* New features [excerpt]
- New 'options' configuration option to setup
OpenSSL library hacks with SSL_CTX_set_options().
- 'service' option also changes the name for
TCP Wrappers access control in inetd mode.
- SSL is negotiated before connecting remote host
or spawning local process whenever possible.
- REMOTE_HOST variable is always placed in the
enrivonment of a process spawned with 'exec'.
- Whole SSL error stack is dumped on errors.
- 'make cert' rule is back (was missing since 4.00).
- Manual page updated (special thanks to Brian Hatch).
* Bugfixes
- Major code cleanup (thx to Steve Grubb <linux_4ever@yahoo.com>).
- Unsafe functions are removed from SIGCHLD handler.
- Several bugs in auth_user() fixed.
- Incorrect port when using 'local' option fixed.
- OpenSSL tools '-rand' option is no longer directly
used with a device (like '/dev/urandom').
Temporary random file is created with 'dd' instead.
- fix typo in conf file example
-------------------------------------------------------------------
Wed Feb 12 15:33:39 CET 2003 - mmj@suse.de
- Add sysconfig metadata [#22699]
-------------------------------------------------------------------
Thu Oct 31 21:38:10 CET 2002 - poeml@suse.de
- update to 4.03
- add stunnel3_wrapper that translates the cmdline arguments into a
configuration file
- fix default path of pidfile
- more examples
-------------------------------------------------------------------
Fri Oct 25 22:27:10 CEST 2002 - poeml@suse.de
- write the pid file before dropping the privileges
-------------------------------------------------------------------
Fri Oct 25 20:22:23 CEST 2002 - poeml@suse.de
- major version upgrade to 4.02
- better permissions for /etc/stunnel and keys [#18557]
- run as "stunnel" user in chroot jail
- add sysconfig.syslog-stunnel template and /var/lib/stunnel/dev
for an additional syslog socket
- added init script and example configuration
-------------------------------------------------------------------
Sat Jul 27 14:20:01 CEST 2002 - adrian@suse.de
- use %run_ldconfig
-------------------------------------------------------------------
Thu Mar 8 11:50:46 CET 2001 - bk@suse.de
- update to 3.14 and fix localstatedir (/var/run/stunnel)
-------------------------------------------------------------------
Mon Feb 5 16:11:33 CET 2001 - bk@suse.de
- fixed neededforbuild
-------------------------------------------------------------------
Sun Feb 4 23:55:48 CET 2001 - bk@suse.de
- new package
Reference in New Issue Copy Permalink