lp:ubuntu/trusty/stunnel4

Created by Ubuntu Package Importer and last modified
Get this branch:
bzr branch lp:ubuntu/trusty/stunnel4
Members of Ubuntu branches can upload to this branch. Log in for directions.

Branch merges

Related bugs

Related blueprints

Branch information

Owner:
Ubuntu branches
Status:
Mature

Recent revisions

16. By Adam Conrad

Use dh_autotools-dev to update config.{sub,guess} for new ports.

15. By Salvatore Bonaccorso

* Non-maintainer upload.
* Add CVE-2013-1762.patch patch.
  CVE-2013-1762: Fix buffer overflow in NTLM authentication of the CONNECT
  protocol negotiation. (Closes: #702267)

14. By Rodrigo Gallardo

* New upstream version 4.53.
  - Added client-mode "sni" option to directly control the value of
    TLS Server Name Indication (RFC 3546) extension (Closes: #668041).
  - Added support for IP_FREEBIND socket option with a pached Linux kernel.
  - Glibc-specific dynamic allocation tuning was applied to help unused memory
    deallocation.
  - Non-blocking OCSP implementation.
  - Various other bugfixes, see upstream changelog for details.

* Enabled hardening compile flags. There were NO compile time warning messages
  or errors triggered because of this.

* Updated to Standards-Version 3.9.3. No changes required.
  - Migrating to /run from /var/run will be a hard problem, because we expect
    user written config files to refer to the directory. We'll punt on making
    this change for now.
* Updated copyright years to 2012.
* Added Description: LSB header to init script.

13. By Rodrigo Gallardo

* New upstream version 4.52.
* Do not enable chroot in sample config file. It is misleading to users, it
  suggests it can be used with no further changes. Closes: #652812
* Remove log files on purge. Closes: #657135

12. By Rodrigo Gallardo

* New Upstream Release.
 - Fixed a heap corruption vulnerability in versions 4.40 and 4.41. It may
   possibly be leveraged to perform DoS or remote code execution attacks.
   (Closes: #638758)
 - New verify level 0 to request and ignore peer certificate.

11. By Colin Watson

Rebuild for OpenSSL 1.0.0.

10. By Rodrigo Gallardo

Fix variable substitution in init script (Closes: #623221).
Thanks Tomas Kapralek <email address hidden> for report and diagnosis.

9. By Rodrigo Gallardo

* New Upstream Releases (Closes: #621987).
* Upstream incorporated our init script, so this package no longer carries
  its own copy of it.
* Bump Standards-Version to 3.9.2. No changes needed.
* Remove /etc/stunnel/stunnel4.conf file as it is useless, except as a sample.
  A README file for /etc/stunnel was provided (Closes: #549384).
* Minor cleanup of debian/rules, no longer runs configure twice.

8. By Rodrigo Gallardo

* New upstream version (Closes: #559270).
 - sessiond, a high performance SSL session cache was built for stunnel.
   A new service-level "sessiond" option was added. sessiond is
   available for download on ftp://stunnel.mirt.net/stunnel/sessiond/ .
   stunnel clusters will be a lot faster, now!
 - Transparent proxy support on Linux kernels >=2.6.28.
   See the manual for details.
   The old transproxy.txt file is no longer provided.
 - New socket options to control TCP keepalive on Linux:
   TCP_KEEPCNT, TCP_KEEPIDLE, TCP_KEEPINTVL.
 - SSL options updated for the recent version of OpenSSL library.
 - Bugfixes
  + Missing "fips" option was added to the manual.
  + A serious bug in asynchronous shutdown code fixed.
  + Data alignment updated in libwrap.c.
  + Polish manual encoding fixed. Debian's patch for this removed.
  + Notes on compression implementation in OpenSSL added to the manual.

* Use correct owner:group for logs after rotation. (Closes: #529481).
  Thanks Brian 'morlenxus' Miculcy <email address hidden>
* Use copytruncate in logrotate file, instead of restarting the
  daemon (Closes: #535915).
  Thanks Andrew Buckeridge <email address hidden>
* Bump Standards-Version to 3.8.3. No changes required.
* Do not specify path to true in postinst script.

7. By Rodrigo Gallardo

* New upstream release.
 - Remove debian/patches/security-check_certificate, now included upstream.
   Fixes: CVE-2008-2420
 - Libwrap helper processes fixed to close standard
   input/output/error file descriptors. (Closes: #482379)
* Rebase quilt patches to not require -p0. (Closes: #484966)
* Fix sample configuration file to use ssl cert from /etc/ssl/certs
  (Closes: #460953).
* Warn if automatic startup is disabled in /etc/default/stunnel4
  (Closes: #475599).
* Use invoke-rc.d in ppp start/stop scripts.
* Standards-Version: 3.8.1.
  - Add README.source documenting use of quilt.
* Bump to debhelper 7
  - Remove unused old option from dh_mkshlibs call
* Declare the polish pod's encoding and use unicode when converting it
  to a manpage.
* Dummy upgrade package is priority: extra

Branch metadata

Branch format:
Branch format 7
Repository format:
Bazaar repository format 2a (needs bzr 1.16 or later)
Stacked on:
lp:ubuntu/utopic/stunnel4
This branch contains Public information 
Everyone can see this information.

Subscribers