stunnel 5.58 released

Previous Topic Next Topic
classic Classic list List threaded Threaded
1 message Options
Reply | Threaded
Open this post in threaded view

stunnel 5.58 released

OpenSSL - User mailing list
Dear Users,

I have released version 5.58 of stunnel.

This release fixes another security bug in the "redirect" option.

### Version 5.58, 2021.02.20, urgency: HIGH
* Security bugfixes
   - The "redirect" option was fixed to properly handle
     unauthenticated requests (thx to Martin Stein).
   - Fixed a double free with OpenSSL older than 1.1.0 (thx to
     Petr Strukov).
   - OpenSSL DLLs updated to version 1.1.1j.
* New features
   - New 'protocolHeader' service-level option to insert custom
     'connect' protocol negotiation headers.  This feature can
     be used to impersonate other software (e.g. web browsers).
   - 'protocolHost' can also be used to control the client SMTP
     protocol negotiation HELO/EHLO value.
   - Initial FIPS 3.0 support.
* Bugfixes
   - X.509v3 extensions required by modern versions of OpenSSL
     are added to generated self-signed test certificates.
   - Fixed a tiny memory leak in configuration file reload
     error handling (thx to Richard Könning).
   - Merged Debian 05-typos.patch (thx to Peter Pentchev).
   - Merged with minor changes Debian 06-hup-separate.patch
     (thx to Peter Pentchev).
   - Merged Debian 07-imap-capabilities.patch (thx to Ansgar).
   - Merged Debian 08-addrconfig-workaround.patch (thx to Peter
   - Fixed tests on the WSL2 platform.
   - NSIS installer updated to version 3.06 to fix a multiuser
     installation bug on some platforms, including 64-bit XP.
   - Fixed engine initialization (thx to Petr Strukov).
   - FIPS TLS feature is reported when a provider or container
     is available, and not when FIPS control API is available.

Home page:

SHA-256 hashes:
d4c14cc096577edca3f6a2a59c2f51869e35350b3988018ddf808c88e5973b79 stunnel-5.58.tar.gz
92055a006a0d178a25cc29ef681ae32d4cea3075c096abc893c92ba6285d6908 stunnel-5.58-win64-installer.exe

Best regards,

OpenPGP_signature (855 bytes) Download Attachment