pool/stunnel
SHA256
12
0
Fork 1
Code Issues Pull Requests Activity

Accepting request 429283 from home:sdrahn:branches:security:Stunnel

Browse Source 
- update to version 5.35
- repackage source as bz2
- adjust systemd unit file to start after network-online.target
- bugixes:
	* Fixed incorrectly enforced client certificate requests. 
	* Fixed thread safety of the configuration file reopening.
	* Fixed malfunctioning "verify = 4".
	* Only reset the watchdog if some data was actually transferred. 
	* Fixed logging an incorrect value of the round-robin starting point (thx to
	  Jose Alf.).
- new features:
	* Added three new service-level options: requireCert, verifyChain, and
	  verifyPeer for fine-grained certificate verification control. 
	* SNI support also enabled on OpenSSL 0.9.8f and later (thx to Guillermo
	  Rodriguez Garcia).
	* Added support for PKCS #12 (.p12/.pfx) certificates (thx to Dmitry
	  Bakshaev).
	* New "socket = a:IPV6_V6ONLY=yes" option to only bind IPv6. 
	* Added logging the list of client CAs requested by the server.

OBS-URL: https://build.opensuse.org/request/show/429283
OBS-URL: https://build.opensuse.org/package/show/security:Stunnel/stunnel?expand=0&rev=76
This commit is contained in:
Daniel Rahn
2016-09-21 11:09:42 +00:00
committed by Git OBS Bridge
parent 4fff1f9924
commit 82d23f55cc
6 changed files with 30 additions and 23 deletions
Download Patch File Download Diff File Expand all files Collapse all files

23
stunnel.changes
View File

@@ -1,3 +1,26 @@
-------------------------------------------------------------------
Wed Sep 21 10:51:09 UTC 2016 - drahn@suse.com
- update to version 5.35
- repackage source as bz2
- adjust systemd unit file to start after network-online.target
- bugixes:
* Fixed incorrectly enforced client certificate requests.
* Fixed thread safety of the configuration file reopening.
* Fixed malfunctioning "verify = 4".
* Only reset the watchdog if some data was actually transferred.
* Fixed logging an incorrect value of the round-robin starting point (thx to
Jose Alf.).
- new features:
* Added three new service-level options: requireCert, verifyChain, and
verifyPeer for fine-grained certificate verification control.
* SNI support also enabled on OpenSSL 0.9.8f and later (thx to Guillermo
Rodriguez Garcia).
* Added support for PKCS #12 (.p12/.pfx) certificates (thx to Dmitry
Bakshaev).
* New "socket = a:IPV6_V6ONLY=yes" option to only bind IPv6.
* Added logging the list of client CAs requested by the server.
-------------------------------------------------------------------
Wed Feb 3 10:45:58 UTC 2016 - michael@stroeder.com