- update to version 4.42

* New features - New verify level 0 to request and ignore peer certificate. - Manual page has been updated. * Bugfixes - Fixed a heap corruption vulnerability in versions 4.40 and 4.41. It may possibly be leveraged to perform DoS or remote code execution attacks (CVE-2011-2940). OBS-URL: https://build.opensuse.org/package/show/security:Stunnel/stunnel?expand=0&rev=51
2011-09-02 08:17:26 +00:00 · 2011-09-02 08:17:26 +00:00 · 1a29b53be2
commit 1a29b53be2
parent 76178b7b3e
4 changed files with 16 additions and 4 deletions
--- a/stunnel-4.40.tar.bz2
+++ b/stunnel-4.40.tar.bz2
@ -1,3 +0,0 @@
-version https://git-lfs.github.com/spec/v1
-oid sha256:4cc7004e5c568809b819e27ba487fea7706a780bca8906bf986afbc02e82793f
-size 464485
--- a/stunnel-4.42.tar.bz2
+++ b/stunnel-4.42.tar.bz2
@ -0,0 +1,3 @@
+version https://git-lfs.github.com/spec/v1
+oid sha256:79b6f1b413f98ecb2910ebdbe74838688e373c59420b06f3ee232956c5f4420c
+size 467605
--- a/stunnel.changes
+++ b/stunnel.changes
@ -1,3 +1,15 @@
+-------------------------------------------------------------------
+Fri Sep  2 08:12:24 UTC 2011 - drahn@suse.com
+
+- update to version 4.42
+* New features
+   - New verify level 0 to request and ignore peer certificate.
+   - Manual page has been updated.
+* Bugfixes
+   - Fixed a heap corruption vulnerability in versions 4.40 and 4.41.   
+     It may possibly be leveraged to perform DoS or remote code 
+     execution attacks (CVE-2011-2940).
+
 -------------------------------------------------------------------
 Sun Aug  7 14:30:37 UTC 2011 - drahn@suse.com

--- a/stunnel.spec
+++ b/stunnel.spec
@ -19,7 +19,7 @@ BuildRequires:  gcc-c++ tcp_wrappers
 %endif
 Summary:        Universal SSL Tunnel
 License:        GNU Library General Public License v. 2.0 and 2.1 (LGPL)
-Version:        4.40
+Version:        4.42
 Release:        0.<RELEASE6> 
 Group:          Productivity/Networking/Security
 URL:            http://www.stunnel.org/