2017-09-23 15:25:21 +02:00
|
|
|
stunnel4 (3:5.06-1) unstable; urgency=medium
|
|
|
|
|
|
|
|
There are two major changes in this version of stunnel.
|
|
|
|
|
|
|
|
First, the /usr/bin/stunnel symlink has been switched from stunnel3
|
|
|
|
to stunnel4. This should not affect any tools that invoke stunnel
|
|
|
|
using the stunnel4 name, and it should not affect any Debian packages
|
|
|
|
that use stunnel. However, any local tools that invoke stunnel with
|
|
|
|
3.x-style command-line options instead of a 4.x-style configuration
|
|
|
|
file should make sure that they use the stunnel3 executable name and
|
|
|
|
not simply stunnel any more, or they should be converted to use
|
|
|
|
a 4.x-style configuration file (there is no need to create an actual
|
|
|
|
file on the filesystem, the configuration may be passed to stunnel
|
|
|
|
on its standard input using the "-fd 0" command-line option).
|
|
|
|
|
|
|
|
Second, this version DISABLES support for the SSLv2 and SSLv3 protocols!
|
|
|
|
|
|
|
|
If needed, it may be re-enabled by editing the stunnel configuration
|
|
|
|
file and adding "-NO_SSLv2" or "-NO_SSLv3" respectively to
|
|
|
|
the "options" setting; see /etc/stunnel/README for an example.
|
|
|
|
|
|
|
|
-- Peter Pentchev <roam@ringlet.net> Thu, 16 Oct 2014 13:56:35 +0300
|
|
|
|
|
|
|
|
stunnel4 (3:5.01-3) unstable; urgency=medium
|
|
|
|
|
|
|
|
This version temporarily brings back the creation of a default pid
|
|
|
|
file, /var/run/stunnel4.pid, if there is no "pid" setting in
|
|
|
|
the configuration file. The reason for this is that the init script
|
|
|
|
cannot monitor the started stunnel processes if there is no pid file
|
|
|
|
at all.
|
|
|
|
|
|
|
|
The init script now warns about configuration files that have no
|
|
|
|
"pid" setting and will thus use the default pid file location.
|
|
|
|
In the future it will refuse to start with such configurations, so
|
|
|
|
it would be best to add the "pid" setting to all the *.conf files in
|
|
|
|
the /etc/stunnel/ directory.
|
|
|
|
|
|
|
|
-- Peter Pentchev <roam@ringlet.net> Fri, 18 Apr 2014 14:37:42 +0300
|
|
|
|
|
|
|
|
stunnel (3:5.01-2) unstable; urgency=medium
|
|
|
|
|
|
|
|
This version DISABLES the RLE compression method, too. This means
|
|
|
|
that stunnel currently has no compression methods available at all,
|
|
|
|
since the underlying OpenSSL library does not have any, either.
|
|
|
|
Tunnel configurations that explicitly set "compression" will NEED
|
|
|
|
to be modified.
|
|
|
|
|
|
|
|
-- Peter Pentchev <roam@ringlet.net> Mon, 14 Apr 2014 15:04:56 +0300
|
|
|
|
|
|
|
|
stunnel (3:5.01-1) unstable; urgency=medium
|
|
|
|
|
|
|
|
This version DISABLES the creation of the process ID file and
|
|
|
|
the use of TCP wrappers for access control by default!
|
|
|
|
|
|
|
|
Tunnel configurations that use PID files (e.g. for monitoring) or
|
|
|
|
TCP wrappers (/etc/hosts.allow, /etc/hosts.deny) will NEED to be
|
|
|
|
modified to explicitly specify the 'pidfile' global option or
|
|
|
|
the 'libwrap' service-level option respectively.
|
|
|
|
|
|
|
|
This version also DISABLES the "zlib" and "deflate" compression
|
|
|
|
algorithms because they are not supported in the Debian OpenSSL
|
|
|
|
package since version 1.0.1e-5. The only supported compression
|
|
|
|
algorithm is "rle". Tunnel configurations that explicitly set
|
|
|
|
"compression" to something other than "rle" will NEED to be modified.
|
|
|
|
|
|
|
|
-- Peter Pentchev <roam@ringlet.net> Tue, 25 Mar 2014 18:05:11 +0200
|
|
|
|
|
2013-04-22 19:47:34 +02:00
|
|
|
stunnel (3:4.33-1) experimental; urgency=low
|
|
|
|
|
|
|
|
This version introduces support for reloading the configuration file
|
|
|
|
and for closing/reopening log files. The init script has been
|
|
|
|
updated to provide these options, and the default logrotate
|
|
|
|
configuration has been updated to take advantage of them.
|
|
|
|
|
|
|
|
|
|
|
|
-- Luis Rodrigo Gallardo Cruz <rodrigo@debian.org> Thu, 04 Feb 2010 19:52:23 -0800
|
|
|
|
|
|
|
|
stunnel (3:4.28-1) unstable; urgency=low
|
|
|
|
|
|
|
|
The default behaviour of the logrotate configuration for stunnel4
|
|
|
|
has been changed. Instead of restarting stunnel after rotating the
|
|
|
|
log files we now use the 'copytruncate' keyword. This avoids the
|
|
|
|
problems associated with the restart, but introduces the possibility
|
|
|
|
of loosing small amounts of log data. Please see Debian bugs
|
|
|
|
#535915, #535924 and #323171 for more info.
|
|
|
|
|
|
|
|
-- Luis Rodrigo Gallardo Cruz <rodrigo@debian.org> Wed, 25 Nov 2009 17:12:42 -0800
|
|
|
|
|
|
|
|
stunnel (2:4.140-5) unstable; urgency=low
|
|
|
|
|
|
|
|
stunnel/stunnel4 binaries are located in /usr/bin instead of
|
|
|
|
/usr/sbin in order to be FHS compliant (they can be used by normal
|
|
|
|
user). You need to update your scripts to refer to this new location
|
|
|
|
|
|
|
|
-- Julien Lemoine <speedblue@debian.org> Sun, 19 Feb 2006 17:31:24 +0100
|
|
|
|
|