[prev in list] [next in list] [prev in thread] [next in thread]
List: stunnel-users
Subject: [stunnel-users] stunnel 4.37 released
From: Michal Trojnara <Michal.Trojnara () mirt ! net>
Date: 2011-06-17 21:15:31
Message-ID: 5B468CEF-93C5-44DC-B1BB-826ABC6D0C0B () mirt ! net
[Download RAW message or body]
[Attachment #2 (multipart/signed)]
[Attachment #4 (multipart/alternative)]
Dear Users,
I have just released version 4.37 of stunnel. This release is mainly
intended to fix bugs and portability issues introduced in versions
4.35 and 4.36.
This version also provides new security defaults, updated to better
match current best practices in cryptographic applications.
The ChangeLog entry:
Version 4.37, 2011.06.17, urgency: MEDIUM:
* New features
- Client-side SNI implemented (RFC 3546 section 3.1).
- Default "ciphers" changed from the OpenSSL default to a more secure
and faster "RC4-MD5:HIGH:!aNULL:!SSLv2".
A paranoid (and usually slower) setting would be "HIGH:!aNULL:!
SSLv2".
- Recommended "options = NO_SSLv2" added to the sample stunnel.conf
file.
- Default client method upgraded from SSLv3 to TLSv1.
To connect servers without TLS support use "sslVersion = SSLv3"
option.
- Improved --enable-fips and --disable-fips ./configure option
handling.
- On startup stunnel now compares the compiled version of OpenSSL
against
the running version of OpenSSL. A warning is logged on mismatch.
* Bugfixes
- Non-blocking socket handling in local mode fixed (Debian bug
#626856).
- UCONTEXT threading mode fixed.
- Removed the use of gcc Thread-Local Storage for improved
portability.
- va_copy macro defined for platforms that do not have it.
- Fixed "local" option parsing on IPv4 systems.
- Solaris compilation fix (redefinition of "STR").
Home page: http://www.stunnel.org/
Download: ftp://ftp.stunnel.org/stunnel/
SHA-256 hash for stunnel-4.37.tar.gz:
02ca30609ccb26f6e52ff7eb79a6778ea452a04432eaef7d959d19933f6fe109
Best regards,
Mike
[Attachment #7 (text/html)]
<html><body style="word-wrap: break-word; -webkit-nbsp-mode: space; \
-webkit-line-break: after-white-space; "><div>Dear Users,</div><div><br></div><div>I \
have just released version 4.37 of stunnel. This release is mainly intended to \
fix bugs and portability issues introduced in versions 4.35 \
and 4.36.</div><div>This version also provides new security defaults, updated to \
better match current best practices in cryptographic \
applications.</div><div><br></div><div>The ChangeLog \
entry:</div><div><br></div><div><div><div>Version 4.37, 2011.06.17, urgency: \
MEDIUM:</div><div>* New features</div><div> - Client-side SNI implemented \
(RFC 3546 section 3.1).</div><div> - Default "ciphers" changed from the \
OpenSSL default to a more secure</div><div> and faster \
"RC4-MD5:HIGH:!aNULL:!SSLv2".</div><div> A paranoid (and usually \
slower) setting would be "HIGH:!aNULL:!SSLv2".</div><div> - Recommended \
"options = NO_SSLv2" added to the sample stunnel.conf file.</div><div> - \
Default client method upgraded from SSLv3 to TLSv1.</div><div> To \
connect servers without TLS support use "sslVersion = SSLv3" \
option.</div><div> - Improved --enable-fips and --disable-fips ./configure \
option handling.</div><div> - On startup stunnel now compares the compiled \
version of OpenSSL against</div><div> the running version of \
OpenSSL. A warning is logged on mismatch.</div><div>* \
Bugfixes</div><div> - Non-blocking socket handling in local mode fixed \
(Debian bug #626856).</div><div> - UCONTEXT threading mode \
fixed.</div><div> - Removed the use of gcc Thread-Local Storage for \
improved portability.</div><div> - va_copy macro defined for platforms \
that do not have it.</div><div> - Fixed "local" option parsing on IPv4 \
systems.</div><div> - Solaris compilation fix (redefinition of \
"STR").</div></div></div><div><br></div><div>Home page: <a \
href="http://stunnel.mirt.net/">http://www.stunnel.org/</a><br>Download: <a \
href="ftp://stunnel.mirt.net/stunnel/">ftp://ftp.stunnel.org/stunnel/</a></div><div><br></div><div><div>SHA-256 \
hash for stunnel-4.37.tar.gz:</div></div><div>02ca30609ccb26f6e52ff7eb79a6778ea452a04432eaef7d959d19933f6fe109</div><div><br></div><div>Best \
regards,</div><div><span class="Apple-tab-span" style="white-space: pre; \
"> </span>Mike</div></body></html>
["PGP.sig" (application/pgp-signature)]
_______________________________________________
stunnel-users mailing list
stunnel-users@stunnel.org
http://stunnel.mirt.net/mailman/listinfo/stunnel-users
[prev in list] [next in list] [prev in thread] [next in thread]
Configure |
About |
News |
Add a list |
Sponsored by KoreLogic