From ec05e6c6bfc328e885af67997ec1419a0e3a98fc Mon Sep 17 00:00:00 2001 From: Adolf Belka Date: Sat, 20 May 2023 14:10:45 +0200 Subject: [PATCH 1/1] stunnel: Update to version 5.69 - Update from version 5.63 to 5.69 - Update of rootfile not required - Changelog Version 5.69, 2023.03.04, urgency: MEDIUM * New features - Improved logging performance with the "output" option. - Improved file read performance on the WIN32 platform. - DH and kDHEPSK ciphersuites removed from FIPS defaults. - Set the LimitNOFILE ulimit in stunnel.service to allow for up to 10,000 concurrent clients. * Bugfixes - Fixed the "CApath" option on the WIN32 platform by applying https://github.com/openssl/openssl/pull/20312. - Fixed stunnel.spec used for building rpm packages. - Fixed tests on some OSes and architectures by merging Debian 07-tests-errmsg.patch (thx to Peter Pentchev). Version 5.68, 2023.02.07, urgency: HIGH * Security bugfixes - OpenSSL DLLs updated to version 3.0.8. * New features - Added the new 'CAengine' service-level option to load a trusted CA certificate from an engine. - Added requesting client certificates in server mode with 'CApath' besides 'CAfile'. - Improved file read performance. - Improved logging performance. * Bugfixes - Fixed EWOULDBLOCK errors in protocol negotiation. - Fixed handling TLS errors in protocol negotiation. - Prevented following fatal TLS alerts with TCP resets. - Improved OpenSSL initialization on WIN32. - Improved testing suite stability. Version 5.67, 2022.11.01, urgency: HIGH * Security bugfixes - OpenSSL DLLs updated to version 3.0.7. * New features - Provided a logging callback to custom engines. * Bugfixes - Fixed "make cert" with OpenSSL older than 3.0. - Fixed the code and the documentation to use conscious language for SNI servers (thx to Clemens Lang). Version 5.66, 2022.09.11, urgency: MEDIUM * New features - OpenSSL 3.0 FIPS Provider support for Windows. * Bugfixes - Fixed building on machines without pkg-config. - Added the missing "environ" declaration for BSD-based operating systems. - Fixed the passphrase dialog with OpenSSL 3.0. Version 5.65, 2022.07.17, urgency: HIGH * Security bugfixes - OpenSSL DLLs updated to version 3.0.5. * Bugfixes - Fixed handling globally enabled FIPS. - Fixed openssl.cnf processing in WIN32 GUI. - Fixed a number of compiler warnings. - Fixed tests on older versions of OpenSSL. Version 5.64, 2022.05.06, urgency: MEDIUM * Security bugfixes - OpenSSL DLLs updated to version 3.0.3. * New features - Updated the pkcs11 engine for Windows. * Bugfixes - Removed the SERVICE_INTERACTIVE_PROCESS flag in "stunnel -install". Signed-off-by: Adolf Belka Signed-off-by: Michael Tremer --- lfs/stunnel | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) diff --git a/lfs/stunnel b/lfs/stunnel index b157de1ff2..24527bb25b 100644 --- a/lfs/stunnel +++ b/lfs/stunnel @@ -1,7 +1,7 @@ ############################################################################### # # # IPFire.org - A linux based firewall # -# Copyright (C) 2007-2022 IPFire Team # +# Copyright (C) 2007-2023 IPFire Team # # # # This program is free software: you can redistribute it and/or modify # # it under the terms of the GNU General Public License as published by # @@ -24,7 +24,7 @@ include Config -VER = 5.63 +VER = 5.69 SUMMARY = Universal TLS Tunnel THISAPP = stunnel-$(VER) @@ -33,7 +33,7 @@ DL_FROM = $(URL_IPFIRE) DIR_APP = $(DIR_SRC)/$(THISAPP) TARGET = $(DIR_INFO)/$(THISAPP) PROG = stunnel -PAK_VER = 10 +PAK_VER = 11 DEPS = @@ -47,7 +47,7 @@ objects = $(DL_FILE) $(DL_FILE) = $(DL_FROM)/$(DL_FILE) -$(DL_FILE)_BLAKE2 = 4558f233bae0972853239b4ad8638cbf8402baf221c8b65f0b8857c624735430ed026fa4cfac8212e60737f1f522e38898da5056a66e3374509886b02068e1db +$(DL_FILE)_BLAKE2 = fd213d1c7bc9efb42ee501bccd720c6535d123fe9d78354ff14a1701edcc30f1b563ff46fa34fd3f53bb976a7e700f0cd63589a8488738314604e593a95ad7bd install : $(TARGET) -- 2.39.2