From 8d6b8eebd16798d047e427265e201a6fcd3c5710cbdcfb59144e3a2f59cd0628 Mon Sep 17 00:00:00 2001 From: Andreas Vetter Date: Mon, 25 Sep 2023 09:35:17 +0000 Subject: [PATCH] Accepting request 1113392 from home:pmonrealgonzalez:branches:security:Stunnel - Update to 5.71: * Security bugfixes: - OpenSSL DLLs updated to version 3.1.3. * Bugfixes: - Fixed the console output of tstunnel.exe. * Features sponsored by SAE IT-systems: - OCSP stapling is requested and verified in the client mode. - Using "verifyChain" automatically enables OCSP stapling in the client mode. - OCSP stapling is always available in the server mode. - An inconclusive OCSP verification breaks TLS negotiation. This can be disabled with "OCSPrequire = no". - Added the "TIMEOUTocsp" option to control the maximum time allowed for connecting an OCSP responder. * Features: - Added support for Red Hat OpenSSL 3.x patches. OBS-URL: https://build.opensuse.org/request/show/1113392 OBS-URL: https://build.opensuse.org/package/show/security:Stunnel/stunnel?expand=0&rev=168 --- stunnel-5.70.tar.gz | 3 --- stunnel-5.70.tar.gz.asc | 18 ------------------ stunnel-5.71.tar.gz | 3 +++ stunnel-5.71.tar.gz.asc | 18 ++++++++++++++++++ stunnel.changes | 20 ++++++++++++++++++++ stunnel.spec | 3 ++- 6 files changed, 43 insertions(+), 22 deletions(-) delete mode 100644 stunnel-5.70.tar.gz delete mode 100644 stunnel-5.70.tar.gz.asc create mode 100644 stunnel-5.71.tar.gz create mode 100644 stunnel-5.71.tar.gz.asc diff --git a/stunnel-5.70.tar.gz b/stunnel-5.70.tar.gz deleted file mode 100644 index 39bed3a..0000000 --- a/stunnel-5.70.tar.gz +++ /dev/null @@ -1,3 +0,0 @@ -version https://git-lfs.github.com/spec/v1 -oid sha256:7bbc7b9e9a988d76301325db4c110ec360a98ffb8a221c7accbff9c0a8bae2f3 -size 882920 diff --git a/stunnel-5.70.tar.gz.asc b/stunnel-5.70.tar.gz.asc deleted file mode 100644 index e2e1c5f..0000000 --- a/stunnel-5.70.tar.gz.asc +++ /dev/null @@ -1,18 +0,0 @@ ------BEGIN PGP SIGNATURE----- - -iQKTBAABCgB9FiEEK8fk5n48wMG+py+MLvx/8NQW4BQFAmSvEppfFIAAAAAALgAo -aXNzdWVyLWZwckBub3RhdGlvbnMub3BlbnBncC5maWZ0aGhvcnNlbWFuLm5ldDJC -QzdFNEU2N0UzQ0MwQzFCRUE3MkY4QzJFRkM3RkYwRDQxNkUwMTQACgkQLvx/8NQW -4BRH5A//RIIKoCL+/teJZDBlfptqaKb2uuS2LGyIBwgsru21h8c5AKO+4XRMwZp/ -mNvw905ZBX1FMikPppcDJzUDl4N14keyKN8mz1gQIdVpP3NkZ0fov0YkK4Y5Hiya -p69TNl6ZHMDc4ur5dxxUOTq76y7GQ6o/1dJExkqAtyaPr8RFlaMj8V2VQ+3X+a2n -nEkSfx52GActeKqt5B6j1U3hDk7afcl3OpUNDA0HBPMGJoWK+a1+vdPJWEfb0nWj -4hzltwK6HS+E778SdUJ1Bdj8K1hfPnJYEuCXHiI/Q3glwbCPo6vOKAZZPBw67BGt -0tNVqsgslSbN2I2uNVJ7ecEf7jn+buTe6Cz5Ux7mRWgoT5A4qJ2lVnAiIfFRYtWh -4MuHDwt1rNNMIGvLoqC2ZjmI+ighmu+G4a7p8/OJFTc+2dJpU130u3dUkRaDh7Jt -y/Jix+HI72lrNEfYaYseLzW+WQscS8wuhqI/ytmz8e4rfKDiJbeQiY1OlCHZEYfX -I/OTAaRM+6lRf/K3OpBD8+IYicFNEPjCThZZ9jztMPMkdRmRSzqy3YjXZkyDJoz/ -59xozU1oNRpbUJ3chcdz5ImSYsUxoZpfYbWWllqPuwrKhvYeFYh1XNVFajsaGl3n -hIZbov/fOnRUaPaK62seumke75SnqvuTCavBbnIhhhG4liAPEEY= -=A7pY ------END PGP SIGNATURE----- diff --git a/stunnel-5.71.tar.gz b/stunnel-5.71.tar.gz new file mode 100644 index 0000000..86cf8c2 --- /dev/null +++ b/stunnel-5.71.tar.gz @@ -0,0 +1,3 @@ +version https://git-lfs.github.com/spec/v1 +oid sha256:f023aae837c2d32deb920831a5ee1081e11c78a5d57340f8e6f0829f031017f5 +size 895646 diff --git a/stunnel-5.71.tar.gz.asc b/stunnel-5.71.tar.gz.asc new file mode 100644 index 0000000..79559c3 --- /dev/null +++ b/stunnel-5.71.tar.gz.asc @@ -0,0 +1,18 @@ +-----BEGIN PGP SIGNATURE----- + +iQKTBAABCgB9FiEEK8fk5n48wMG+py+MLvx/8NQW4BQFAmUKA7NfFIAAAAAALgAo +aXNzdWVyLWZwckBub3RhdGlvbnMub3BlbnBncC5maWZ0aGhvcnNlbWFuLm5ldDJC +QzdFNEU2N0UzQ0MwQzFCRUE3MkY4QzJFRkM3RkYwRDQxNkUwMTQACgkQLvx/8NQW +4BS9ZxAAxK9dNbFrL3ZOmW18OT82LKza1Zli9grdiEx4GY6s+atY6DgrWiOfJi5A +NQtwoeYRWcEkMgWKRev28zMEPzGkUzYyaBUbqDDisAziDXyyKfriqmkbG4jl8Gv+ +qY+SgrM2ElhZxTnvRtUvzG6dogBeA1iWcNANAYgYVxH2yOFcNB0HYA25aBrPpmO4 +37h7ZRc94Yn2fK4zdR7D8DxYEAkmrZJxMydytTwp4EHu2t3lmw+vJdzIS7RtJoRL +Apd/Fh8USZB++Xx+4vFiuDcydGz5xdUNCB9jXYJoTCxFUP9mQsyR05Q8uscPunk9 +SfCd7pbzextsoFF5gOoee3tvwgwlhI7SR9eS585ni0oXyNaFUMwXS0qBVN1f86fr +iAl3j8pGVnqJpmiZ8o4xGj3/g5Nvp14Ts/qXlRvqvzoU6Ka6MEefH2sMxzm5RCQr +tAcrDROGUyN0HJcdy8TAWobqX0HWQqwlGjyeZAJAtFcmno00Au6FYnkn+dLkvxIx +bsEaaG7QrP9p6JpEnQhsLLEKAgD9olmPWzFLCeeE1PZg/klSbVG4qmHv113ixlDy +6smwnHDnb+UysgosKyAzWqlrLUhPYqca83Y8DFbpS9wi1AG6OjCuJ3jtdRq+HAjn +l5PRZhWOTUi+weLWSpmGO2py5JfJm010grKdzA9d9YMR9YspSOU= +=6RnW +-----END PGP SIGNATURE----- diff --git a/stunnel.changes b/stunnel.changes index 071bc4d..ff6b330 100644 --- a/stunnel.changes +++ b/stunnel.changes @@ -1,3 +1,23 @@ +------------------------------------------------------------------- +Mon Sep 25 08:46:41 UTC 2023 - Pedro Monreal + +- Update to 5.71: + * Security bugfixes: + - OpenSSL DLLs updated to version 3.1.3. + * Bugfixes: + - Fixed the console output of tstunnel.exe. + * Features sponsored by SAE IT-systems: + - OCSP stapling is requested and verified in the client mode. + - Using "verifyChain" automatically enables OCSP stapling in + the client mode. + - OCSP stapling is always available in the server mode. + - An inconclusive OCSP verification breaks TLS negotiation. + This can be disabled with "OCSPrequire = no". + - Added the "TIMEOUTocsp" option to control the maximum time + allowed for connecting an OCSP responder. + * Features: + - Added support for Red Hat OpenSSL 3.x patches. + ------------------------------------------------------------------- Thu Sep 7 11:01:11 UTC 2023 - Pedro Monreal diff --git a/stunnel.spec b/stunnel.spec index 055e235..5f8e2ab 100644 --- a/stunnel.spec +++ b/stunnel.spec @@ -22,7 +22,7 @@ %define _fillupdir %{_localstatedir}/adm/fillup-templates %endif Name: stunnel -Version: 5.70 +Version: 5.71 Release: 0 Summary: Universal TLS Tunnel License: GPL-2.0-or-later @@ -48,6 +48,7 @@ BuildRequires: netcat BuildRequires: pkgconfig BuildRequires: procps BuildRequires: python3 +BuildRequires: python3-cryptography BuildRequires: tcpd-devel BuildRequires: zlib-devel BuildRequires: pkgconfig(systemd)