lp:ubuntu/trusty/stunnel4
- Get this branch:
- bzr branch lp:ubuntu/trusty/stunnel4
Branch merges
Branch information
- Owner:
- Ubuntu branches
- Status:
- Mature
Recent revisions
- 15. By Salvatore Bonaccorso
-
* Non-maintainer upload.
* Add CVE-2013-1762.patch patch.
CVE-2013-1762: Fix buffer overflow in NTLM authentication of the CONNECT
protocol negotiation. (Closes: #702267) - 14. By Rodrigo Gallardo
-
* New upstream version 4.53.
- Added client-mode "sni" option to directly control the value of
TLS Server Name Indication (RFC 3546) extension (Closes: #668041).
- Added support for IP_FREEBIND socket option with a pached Linux kernel.
- Glibc-specific dynamic allocation tuning was applied to help unused memory
deallocation.
- Non-blocking OCSP implementation.
- Various other bugfixes, see upstream changelog for details.* Enabled hardening compile flags. There were NO compile time warning messages
or errors triggered because of this.* Updated to Standards-Version 3.9.3. No changes required.
- Migrating to /run from /var/run will be a hard problem, because we expect
user written config files to refer to the directory. We'll punt on making
this change for now.
* Updated copyright years to 2012.
* Added Description: LSB header to init script. - 13. By Rodrigo Gallardo
-
* New upstream version 4.52.
* Do not enable chroot in sample config file. It is misleading to users, it
suggests it can be used with no further changes. Closes: #652812
* Remove log files on purge. Closes: #657135 - 12. By Rodrigo Gallardo
-
* New Upstream Release.
- Fixed a heap corruption vulnerability in versions 4.40 and 4.41. It may
possibly be leveraged to perform DoS or remote code execution attacks.
(Closes: #638758)
- New verify level 0 to request and ignore peer certificate. - 10. By Rodrigo Gallardo
-
Fix variable substitution in init script (Closes: #623221).
Thanks Tomas Kapralek <email address hidden> for report and diagnosis. - 9. By Rodrigo Gallardo
-
* New Upstream Releases (Closes: #621987).
* Upstream incorporated our init script, so this package no longer carries
its own copy of it.
* Bump Standards-Version to 3.9.2. No changes needed.
* Remove /etc/stunnel/stunnel4. conf file as it is useless, except as a sample.
A README file for /etc/stunnel was provided (Closes: #549384).
* Minor cleanup of debian/rules, no longer runs configure twice. - 8. By Rodrigo Gallardo
-
* New upstream version (Closes: #559270).
- sessiond, a high performance SSL session cache was built for stunnel.
A new service-level "sessiond" option was added. sessiond is
available for download on ftp://stunnel.mirt.net/ stunnel/ sessiond/ .
stunnel clusters will be a lot faster, now!
- Transparent proxy support on Linux kernels >=2.6.28.
See the manual for details.
The old transproxy.txt file is no longer provided.
- New socket options to control TCP keepalive on Linux:
TCP_KEEPCNT, TCP_KEEPIDLE, TCP_KEEPINTVL.
- SSL options updated for the recent version of OpenSSL library.
- Bugfixes
+ Missing "fips" option was added to the manual.
+ A serious bug in asynchronous shutdown code fixed.
+ Data alignment updated in libwrap.c.
+ Polish manual encoding fixed. Debian's patch for this removed.
+ Notes on compression implementation in OpenSSL added to the manual.* Use correct owner:group for logs after rotation. (Closes: #529481).
Thanks Brian 'morlenxus' Miculcy <email address hidden>
* Use copytruncate in logrotate file, instead of restarting the
daemon (Closes: #535915).
Thanks Andrew Buckeridge <email address hidden>
* Bump Standards-Version to 3.8.3. No changes required.
* Do not specify path to true in postinst script. - 7. By Rodrigo Gallardo
-
* New upstream release.
- Remove debian/patches/ security- check_certifica te, now included upstream.
Fixes: CVE-2008-2420
- Libwrap helper processes fixed to close standard
input/output/ error file descriptors. (Closes: #482379)
* Rebase quilt patches to not require -p0. (Closes: #484966)
* Fix sample configuration file to use ssl cert from /etc/ssl/certs
(Closes: #460953).
* Warn if automatic startup is disabled in /etc/default/stunnel4
(Closes: #475599).
* Use invoke-rc.d in ppp start/stop scripts.
* Standards-Version: 3.8.1.
- Add README.source documenting use of quilt.
* Bump to debhelper 7
- Remove unused old option from dh_mkshlibs call
* Declare the polish pod's encoding and use unicode when converting it
to a manpage.
* Dummy upgrade package is priority: extra
Branch metadata
- Branch format:
- Branch format 7
- Repository format:
- Bazaar repository format 2a (needs bzr 1.16 or later)
- Stacked on:
- lp:ubuntu/utopic/stunnel4