Overview
Request 918848 revoked
jsc#SLE-20679
- Update to 5.60:
* New features
- New 'sessionResume' service-level option to allow
or disallow session resumption
- Added support for the new SSL_set_options() values.
- Download fresh ca-certs.pem for each new release.
* Bugfixes
- Fixed 'redirect' with 'protocol'. This combination is
not supported by 'smtp', 'pop3' and 'imap' protocols.
- ensure proper startup after network: stunnel-5.59_service_always_after_network.patch
- update to 5.59:
* new feature: Client-side "protocol = ldap" support
* Fix configuration reload when compression is used
* Fix paths in generated manuals
* Fix test suite fixed not to require external connectivity
- Update to 5.58:
* Security bugfixes
- The "redirect" option was fixed to properly handle unauthenticated requests (thx to Martin Stein). boo#1182529
- Fixed a double free with OpenSSL older than 1.1.0 (thx to Petr Strukov).
* New features
- New 'protocolHeader' service-level option to insert custom 'connect' protocol negotiation headers.
This feature can be used to impersonate other software (e.g. web browsers).
- 'protocolHost' can also be used to control the client SMTP protocol negotiation HELO/EHLO value.
- Initial FIPS 3.0 support.
* Bugfixes
- X.509v3 extensions required by modern versions of OpenSSL are added to generated self-signed test certificates.
- Fixed a tiny memory leak in configuration file reload error handling (thx to Richard Könning).
- Merged Debian 05-typos.patch (thx to Peter Pentchev).
- Merged with minor changes Debian 06-hup-separate.patch (thx to Peter Pentchev).
- Merged Debian 07-imap-capabilities.patch (thx to Ansgar).
- Merged Debian 08-addrconfig-workaround.patch (thx to Peter Pentchev).
- Fixed engine initialization (thx to Petr Strukov).
- FIPS TLS feature is reported when a provider or container is available, and not when FIPS control API is available.
Request History
asvetter created request
jsc#SLE-20679
- Update to 5.60:
* New features
- New 'sessionResume' service-level option to allow
or disallow session resumption
- Added support for the new SSL_set_options() values.
- Download fresh ca-certs.pem for each new release.
* Bugfixes
- Fixed 'redirect' with 'protocol'. This combination is
not supported by 'smtp', 'pop3' and 'imap' protocols.
- ensure proper startup after network: stunnel-5.59_service_always_after_network.patch
- update to 5.59:
* new feature: Client-side "protocol = ldap" support
* Fix configuration reload when compression is used
* Fix paths in generated manuals
* Fix test suite fixed not to require external connectivity
- Update to 5.58:
* Security bugfixes
- The "redirect" option was fixed to properly handle unauthenticated requests (thx to Martin Stein). boo#1182529
- Fixed a double free with OpenSSL older than 1.1.0 (thx to Petr Strukov).
* New features
- New 'protocolHeader' service-level option to insert custom 'connect' protocol negotiation headers.
This feature can be used to impersonate other software (e.g. web browsers).
- 'protocolHost' can also be used to control the client SMTP protocol negotiation HELO/EHLO value.
- Initial FIPS 3.0 support.
* Bugfixes
- X.509v3 extensions required by modern versions of OpenSSL are added to generated self-signed test certificates.
- Fixed a tiny memory leak in configuration file reload error handling (thx to Richard Könning).
- Merged Debian 05-typos.patch (thx to Peter Pentchev).
- Merged with minor changes Debian 06-hup-separate.patch (thx to Peter Pentchev).
- Merged Debian 07-imap-capabilities.patch (thx to Ansgar).
- Merged Debian 08-addrconfig-workaround.patch (thx to Peter Pentchev).
- Fixed engine initialization (thx to Petr Strukov).
- FIPS TLS feature is reported when a provider or container is available, and not when FIPS control API is available.
lkocman accepted review
ok to mirror
lkocman approved review
ok to mirror
asvetter revoked request
This is done