| Revision Date: | 2021-01-22 | Version: | 1 |
| Title: | Security update for stunnel (Moderate) |
| Description: |
This update for stunnel fixes the following issues:
Security issue fixed:
- The 'redirect' option was fixed to properly handle 'verifyChain = yes' (bsc#1177580).
Non-security issues fixed:
- Fix startup problem of the stunnel daemon (bsc#1178533)
- update to 5.57: * Security bugfixes * New features - New securityLevel configuration file option. - Support for modern PostgreSQL clients - TLS 1.3 configuration updated for better compatibility. * Bugfixes - Fixed a transfer() loop bug. - Fixed memory leaks on configuration reloading errors. - DH/ECDH initialization restored for client sections. - Delay startup with systemd until network is online. - A number of testing framework fixes and improvements.
- update to 5.56: - Various text files converted to Markdown format. - Support for realpath(3) implementations incompatible with POSIX.1-2008, such as 4.4BSD or Solaris. - Support for engines without PRNG seeding methods (thx to Petr Mikhalitsyn). - Retry unsuccessful port binding on configuration file reload. - Thread safety fixes in SSL_SESSION object handling. - Terminate clients on exit in the FORK threading model.
- Fixup stunnel.conf handling: * Remove old static openSUSE provided stunnel.conf. * Use upstream stunnel.conf and tailor it for openSUSE using sed. * Don't show README.openSUSE when installing.
- enable /etc/stunnel/conf.d - re-enable openssl.cnf
|
| Family: | unix | Class: | patch |
| Status: | | Reference(s): | 1177580
1178533
SUSE-SU-2021:0194-1
|
| Platform(s): | openSUSE Leap 15.3 SLE Imports
| Product(s): | |
| Definition Synopsis |
| openSUSE Leap 15.3 SLE Imports is installed AND Package Information
stunnel-5.57-3.5.1 is installed
OR stunnel-doc-5.57-3.5.1 is installed
|