stunnel4 (3:4.53-1.1) unstable; urgency=high * Non-maintainer upload. * Add CVE-2013-1762.patch patch. CVE-2013-1762: Fix buffer overflow in NTLM authentication of the CONNECT protocol negotiation. (Closes: #702267) -- Salvatore Bonaccorso Mon, 22 Apr 2013 19:47:34 +0200 stunnel4 (3:4.53-1) unstable; urgency=low * New upstream version 4.53. - Added client-mode "sni" option to directly control the value of TLS Server Name Indication (RFC 3546) extension (Closes: #668041). - Added support for IP_FREEBIND socket option with a pached Linux kernel. - Glibc-specific dynamic allocation tuning was applied to help unused memory deallocation. - Non-blocking OCSP implementation. - Various other bugfixes, see upstream changelog for details. * Enabled hardening compile flags. There were NO compile time warning messages or errors triggered because of this. * Updated to Standards-Version 3.9.3. No changes required. - Migrating to /run from /var/run will be a hard problem, because we expect user written config files to refer to the directory. We'll punt on making this change for now. * Updated copyright years to 2012. * Added Description: LSB header to init script. -- Luis Rodrigo Gallardo Cruz Sun, 03 Jun 2012 11:34:36 -0700 stunnel4 (3:4.52-1) unstable; urgency=low * New upstream version 4.52. * Do not enable chroot in sample config file. It is misleading to users, it suggests it can be used with no further changes. Closes: #652812 * Remove log files on purge. Closes: #657135 -- Luis Rodrigo Gallardo Cruz Sun, 12 Feb 2012 12:06:37 -0800 stunnel4 (3:4.51~b5-1) experimental; urgency=low * New upstream version - Fixed exec+connect sections (Closes: #653882). - New "compression = deflate" global option to enable RFC 2246 compression. For compatibility with previous versions "compression = zlib" and "compression = rle" also enable the deflate (RFC 2246) compression. - Separate default ciphers and sslVersion for "fips = yes" and "fips = no". -- Luis Rodrigo Gallardo Cruz Wed, 04 Jan 2012 11:24:58 -0800 stunnel4 (3:4.50-1) unstable; urgency=low * New Upstream Releases. Highlights: + 4.46: - Added Unix socket support (e.g. "connect = /var/run/stunnel/socket"). - Added "verify = 4" mode to ignore CA chain and only verify peer certificate. - Removed the limit of 16 IP addresses for a single 'connect' option. - Removed the limit of 256 stunnel.conf sections in PTHREAD threading model. + 4.45: - "protocol = proxy" support to send original client IP address to haproxy http://haproxy.1wt.eu/download/1.5/doc/proxy-protocol.txt This requires accept-proxy bind option of haproxy 1.5-dev3 or later. - Libwrap helper processes are no longer started if libwrap is disabled in all sections of the configuration file. - Fixed -l option handling in stunnel3 script (thx to Kai Gülzau). - Script to build default stunnel.pem was fixed (thx to Sebastian Kayser). + 4.44: - Heap buffer overflow protection with canaries. - Stack buffer overflow protection with -fstack-protector. - Fixed garbled error messages on errors with setuid/setgid options. + 4.43: - Major optimization of the logging subsystem. Benchmarks indicate up to 15% stunnel performance improvement. * Remove config.guess and config.sub in clean target, otherwise build fails because of changes in source outside of a patch. Found and fixed by Peter Eisentraut (Closes: #647176). * Updated watchfile to new upstream's directory structure for archived releases. -- Luis Rodrigo Gallardo Cruz Thu, 29 Dec 2011 06:39:09 -0800 stunnel4 (3:4.42-1) unstable; urgency=low * New Upstream Release. - Fixed a heap corruption vulnerability in versions 4.40 and 4.41. It may possibly be leveraged to perform DoS or remote code execution attacks. (Closes: #638758) - New verify level 0 to request and ignore peer certificate. -- Luis Rodrigo Gallardo Cruz Sat, 27 Aug 2011 08:34:43 -0700 stunnel4 (3:4.40-1) unstable; urgency=low * New Upstream Release: - Hardcoded 2048-bit DH parameters are used as a fallback if DH parameters are not provided in stunnel.pem. - Default "ciphers" value updated to prefer ECDH: "ALL:!SSLv2:!aNULL:!EXP:!LOW:-MEDIUM:RC4:+HIGH". - Default ECDH curve updated to "prime256v1". - Removed support for temporary RSA keys (used in obsolete export ciphers). -- Luis Rodrigo Gallardo Cruz Sun, 24 Jul 2011 11:06:57 -0700 stunnel4 (3:4.39-1) unstable; urgency=low * New Upstream Releases. Highlights: + 4.38: - Server-side SNI implemented (RFC 3546 section 3.1) with a new service-level option "nsi". - "socket" option also accepts "yes" and "no" for flags. - Nagle's algorithm is now disabled by default for improved interactivity. - Bugfix: Signal pipe set to non-blocking mode. This bug caused hangs of stunnel features based on signals, e.g. local mode, FORK threading, or configuration file reload on Unix. Win32 platform was not affected. + 4.37: - Client-side SNI implemented (RFC 3546 section 3.1). - Default "ciphers" changed from the OpenSSL default to a more secure and faster "RC4-MD5:HIGH:!aNULL:!SSLv2". A paranoid (and usually slower) setting would be "HIGH:!aNULL:!SSLv2". - Recommended "options = NO_SSLv2" added to the sample stunnel.conf file. - Default client method upgraded from SSLv3 to TLSv1. To connect servers without TLS support use "sslVersion = SSLv3" option. - Bugfix: Non-blocking socket handling in local mode fixed (Closes: #626856). + 4.36: - Dynamic memory management for strings manipulation: no more static STRLEN limit, lower stack footprint. (Closes: #594876). - Strict public key comparison added for "verify = 3" certificate checking mode (thx to Philipp Hartwig). For more details see upstream ChangeLog. * Removed /usr/lib/stunnel/libstunnel.la file. * Support restarting selected stunnel instances. Thanks Peter Palfrader. (Closes: #627765). -- Luis Rodrigo Gallardo Cruz Thu, 21 Jul 2011 15:46:25 -0700 stunnel4 (3:4.35-2) unstable; urgency=low * Fix variable substitution in init script (Closes: #623221). Thanks Tomas Kapralek for report and diagnosis. -- Luis Rodrigo Gallardo Cruz Mon, 18 Apr 2011 20:46:01 -0700 stunnel4 (3:4.35-1) unstable; urgency=low * New Upstream Releases (Closes: #621987). * Upstream incorporated our init script, so this package no longer carries its own copy of it. * Bump Standards-Version to 3.9.2. No changes needed. * Remove /etc/stunnel/stunnel4.conf file as it is useless, except as a sample. A README file for /etc/stunnel was provided (Closes: #549384). * Minor cleanup of debian/rules, no longer runs configure twice. -- Luis Rodrigo Gallardo Cruz Sun, 17 Apr 2011 22:04:53 -0700 stunnel4 (3:4.33-1) experimental; urgency=low * New Upstream Releases - 4.31 + A SIGHUP to the server will cause it to reload the configuration file. + A SIGUSR1 to the server causes it to reopen its log files. - 4.32 + New service-level "libwrap" option for run-time control whether /etc/hosts.allow and /etc/hosts.deny are used for access control. Disabling libwrap significantly increases performance of stunnel. - 4.33 + Fixes to inetd mode For more details please see upstream's ChangeLog. * Init script now provides reload and reopen-log options (Closes: #323171). * The logrotate config file now takes advantage of reopen-log option. * Update config.{build,sub} on build. Closes: #535719. * Add missing ${misc:Depends} entry to debian/control. * Update copyright years. * Update to Standards-Version: 3.9.1 - stunnel4 no longer Conflicts: stunnel, but merely Breaks: stunnel. * Update packaging to source format 3.0 (quilt). -- Luis Rodrigo Gallardo Cruz Fri, 27 Aug 2010 16:58:44 -0700 stunnel4 (3:4.29-1) unstable; urgency=low * New upstream version (Closes: #559270). - sessiond, a high performance SSL session cache was built for stunnel. A new service-level "sessiond" option was added. sessiond is available for download on ftp://stunnel.mirt.net/stunnel/sessiond/ . stunnel clusters will be a lot faster, now! - Transparent proxy support on Linux kernels >=2.6.28. See the manual for details. The old transproxy.txt file is no longer provided. - New socket options to control TCP keepalive on Linux: TCP_KEEPCNT, TCP_KEEPIDLE, TCP_KEEPINTVL. - SSL options updated for the recent version of OpenSSL library. - Bugfixes + Missing "fips" option was added to the manual. + A serious bug in asynchronous shutdown code fixed. + Data alignment updated in libwrap.c. + Polish manual encoding fixed. Debian's patch for this removed. + Notes on compression implementation in OpenSSL added to the manual. * Use correct owner:group for logs after rotation. (Closes: #529481). Thanks Brian 'morlenxus' Miculcy * Use copytruncate in logrotate file, instead of restarting the daemon (Closes: #535915). Thanks Andrew Buckeridge * Bump Standards-Version to 3.8.3. No changes required. * Do not specify path to true in postinst script. -- Luis Rodrigo Gallardo Cruz Tue, 08 Dec 2009 19:34:21 -0800 stunnel4 (3:4.27-1) unstable; urgency=low * New upstream release. - Remove debian/patches/security-check_certificate, now included upstream. Fixes: CVE-2008-2420 - Libwrap helper processes fixed to close standard input/output/error file descriptors. (Closes: #482379) * Rebase quilt patches to not require -p0. (Closes: #484966) * Fix sample configuration file to use ssl cert from /etc/ssl/certs (Closes: #460953). * Warn if automatic startup is disabled in /etc/default/stunnel4 (Closes: #475599). * Use invoke-rc.d in ppp start/stop scripts. * Standards-Version: 3.8.1. - Add README.source documenting use of quilt. * Bump to debhelper 7 - Remove unused old option from dh_mkshlibs call * Declare the polish pod's encoding and use unicode when converting it to a manpage. * Dummy upgrade package is priority: extra -- Luis Rodrigo Gallardo Cruz Fri, 24 Apr 2009 19:56:05 -0700 stunnel4 (3:4.22-2) unstable; urgency=low * Check if a daemon is already running before trying to start it with the same configuration file. Thanks Peter Palfrader for the report (Closes: #506091). -- Luis Rodrigo Gallardo Cruz Tue, 18 Nov 2008 13:52:42 +0100 stunnel4 (3:4.22-1.1) unstable; urgency=high * Non-maintainer upload by the security team * Fix security bug in the OCSP functionality that allowed revoked certificates to authenticate (Closes: #482644) Fixes: CVE-2008-2420 -- Steffen Joeris Tue, 27 May 2008 18:28:56 +0200 stunnel4 (3:4.22-1) unstable; urgency=low * New upstream release. - Build system now uses standard automake dirs. - Reworked logging system avoids outputing before log file is configured (Closes: #460019). - Simultaneous logging to a file and the syslog is now possible. - A new service level option to control stack size: stack = - Bugfixes in libwrap support code. * debian/patches/setuid.patch: Removed, it's included upstream. * debian/patches/fix-paths: Reworked to use automake's standard dirs. * Rebase the rest of the patches. * Update standards-version to 3.7.3. No changes needed. * Fix build-dependencies on -1 revisions of libssl-dev, openssl and quilt. * Register documentation in the System/Security section. -- Luis Rodrigo Gallardo Cruz Tue, 01 Apr 2008 11:07:56 -0600 stunnel4 (3:4.21-1) unstable; urgency=low * New upstream release. - Binaries moved from /usr/sbin to /usr/bin. Thus, Debian no longer diverges in that from upstream. - libstunnel.so migrated inside /usr/lib/stunnel. - Preliminary FIPS 140-2 support, but this package does not include it, as it requires static compilation. - Miscelaneous bugfixing. * debian/patches/no_zlib_link: - Rebased. Only line numbering changed. * debian/patches/libstunnel_is_private_lib: - Removed. Included upstream. * debian/patches/fix-paths: - Remove hunks related to moving binaries to /usr/bin. Refresh line numbers in the rest. * debian/patches/rename-binary: - Rebased. Minor changes due to changed dates in the manpage and the use of @prefix@ in src/stunnel3.in. * debian/patches/setuid.patch: - Patch from upstream to allow using setuid/setgid with /etc/passwd and /etc/group not within chrooted directory. * debian/README.Debian: - Add explanation about not turning FIPS mode on. - Reword warning about binaries changing place. * debian/rules, debian/stunnel4.manpages: - No longer need to move the binaries. - Upstream location for manpages changed. We still install them by hand, anyways. - Ship fr and pl manpages. - Do not pass --host to configure if not cross compiling. - Reorder target dependencies. This should avoid problems when doing paralell builds. * debian/control: - Remove XS- prefix from Vcs-* fields. - Add Homepage: field. - Correct minor typo in dummy package's description. - Version build dependency on quilt, since we require /usr/share/quilt/quilt.make (Closes: #447751). - Change my maintainer address. -- Luis Rodrigo Gallardo Cruz Wed, 05 Dec 2007 08:09:44 -0600 stunnel4 (3:4.20-5) unstable; urgency=low * debian/stunnel3.8: - Remove references to unsupported -S and -V options in manpage, and include an explicit list of tunable parameters for -O and their default values (Closes: #440718). - Rewrite -P argument description. It must be a file to be created, or empty (Closes: #398012). -- Luis Rodrigo Gallardo Cruz Thu, 27 Sep 2007 11:54:53 -0500 stunnel4 (3:4.20-4) unstable; urgency=low * Add missing names and dates of copyright attributions to debian/copyright. Update licencing blurb to mention the new FSF's postal address. * Restructure README.Debian into sections. * Remove /usr/share/lintian/overrides and /usr/sbin from debian/dirs. Explicitely create the first if needed to install an override file, and explicitely remove the later after moving the binaries, in debian/rules. * Move StunnelConf-0.1.pl into /usr/share/doc/stunnel4/contrib. Remove it from debian/docs and explicitely install it in dh_install call. * Patch configure (debian/patches/no_zlib_link) to avoid linking to zlib. This library is a dependency of openssl, but not of ours. * Rewrite changelog entries from previous version, adding mention of modified files. * Use make -C dir instead of cd dir; make constructs in debian/rules. -- Luis Rodrigo Gallardo Cruz Mon, 27 Aug 2007 18:11:40 -0500 stunnel4 (3:4.20-3) unstable; urgency=low * New Maintainer (Closes: #416955). * Manage patches to upstream source with quilt. - fix-paths changes references to /usr/sbin. We install binaries in /usr/bin. It also removes bogus @PREFIX@ uses from several paths. - rename-binary changes the name of the executable to stunnel4. - runas-user sets the default config to run as the stunnel4 user and group. - connect-proxy-dunbar *unapplied* patch from upstream's site. (It does not apply to 4.07 onwards) - openssl0.9.8-initialization *unapplied* patch. Originaly meant to close #334180, was disabled by previous maintainer without explanation. * Add stunnel dummy upgrade package. - debian/control: Add package stanza. - debian/rules: Modify to build the arch-indep package. - debian/stunnel.NEWS: Add upgrade notice for stunnel 3 users. * Shorten dh_* invocations in debian/rules. - new files: stunnel4.examples, stunnel4.links, stunnel4.manpages. * Ship upstream Changelog (Closes: #419842). - Add ChangeLog to dh_installchangelogs call in debian/rules. * Do not compress StunnelConf-0.1.pl (Closes: #432304). - Add exclude entry to dh_compress call in debian/rules. * Add watch file. * Suggests: logcheck-database (Closes: #382099). * Move libstunnel.so into /usr/lib/stunnel, as it is a private DSO. - Remove lintian overrides. - Added debian/patches/libstunnel_is_private_lib - Remove ldconfig calls from post{inst,rm} - Remove /usr/lib/libstunnel.so.4 link * Use debhelper compat mode 5. - Bump debhelper build-depends to >= 5. No other changes. * Remove /var/lib/stunnel4 when purged, if empty (in debian/postinst). * Remove manual call to invoke-rc.d from postinst. debhelper inserts it automatically. -- Luis Rodrigo Gallardo Cruz Mon, 20 Aug 2007 23:18:31 -0500 stunnel4 (3:4.20-2) unstable; urgency=low * Orphan package -- Julien Lemoine Sat, 31 Mar 2007 20:07:55 +0200 stunnel4 (3:4.20-1) unstable; urgency=low * New upstream release -- Julien Lemoine Sat, 27 Jan 2007 21:43:19 +0100 stunnel4 (3:4.18-2) unstable; urgency=low * Updated chroot default path in configuration file * Added LSB section in init script -- Julien Lemoine Tue, 7 Nov 2006 20:22:04 +0100 stunnel4 (3:4.18-1) unstable; urgency=low * New upstream release -- Julien Lemoine Wed, 27 Sep 2006 20:33:07 +0200 stunnel4 (3:4.17-2) unstable; urgency=low * Check if pids are valid before trying to use kill (Closes: #388379) -- Julien Lemoine Wed, 20 Sep 2006 22:04:41 +0200 stunnel4 (3:4.17-1) unstable; urgency=low * New upstream release -- Julien Lemoine Mon, 11 Sep 2006 22:48:09 +0200 stunnel4 (3:4.16-1) unstable; urgency=low * New upstream release -- Julien Lemoine Fri, 1 Sep 2006 22:11:10 +0200 stunnel4 (2:4.150-7) unstable; urgency=low * Fixed a bug when pid is not given in configuration file : init.d script was looking for /var/run/stunnel4/stunnel4.pid but stunnel was creating /var/run/stunnel4.pid (Closes: #384275) * Added check during start to encourage users to fill the pid= section of configuration file when start failed (for example if you use two configuration files without pid= option) -- Julien Lemoine Thu, 24 Aug 2006 17:19:57 +0200 stunnel4 (2:4.150-6) unstable; urgency=low * Updated to debian policy 3.7.2 * Fixed lintian warnings -- Julien Lemoine Tue, 22 Aug 2006 14:03:19 +0200 stunnel4 (2:4.150-5) unstable; urgency=low * Fixed typo in postinst : /var/lib/stunnel4/stunnel.log instead of /var/log/stunnel4/stunnel.org (Closes: #381127) -- Julien Lemoine Wed, 2 Aug 2006 21:19:49 +0200 stunnel4 (2:4.150-4) unstable; urgency=low * Create /var/lib/stunnel4 if it does not exist in postinst (Closes: #377074) -- Julien Lemoine Sun, 16 Jul 2006 16:12:05 +0200 stunnel4 (2:4.150-3) unstable; urgency=low * Fixed another problem with stunnel3 compatibility script (call to /usr/sbin/stunnel4 instead of /usr/bin/stunnel4) and added a check in debian/rules (Closes: #340113) -- Julien Lemoine Mon, 1 May 2006 17:58:39 +0200 stunnel4 (2:4.150-2) unstable; urgency=low * Fixed stunnel3 compatibility script problem (infinite loop) Thanks to "Martin Schwenke" for bug report. * Added a check in debian/rules to ensure that stunnel3 compatibility script does not contains infinite loop -- Julien Lemoine Mon, 27 Mar 2006 09:26:06 +0200 stunnel4 (2:4.150-1) unstable; urgency=low * New upstream release -- Julien Lemoine Sun, 12 Mar 2006 21:30:08 +0100 stunnel4 (2:4.140-6) unstable; urgency=low * Added check/creation of /var/run/stunnel4 directory in init.d script instead of postinst in order to be FHS compliant when /var/run is cleared at startup (note that /var/run/stunnel4 cleanup does not allow to have a chroot in /var/run/stunnel4) Thanks to Jim Helm : http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=343882;msg=25 -- Julien Lemoine Sun, 5 Mar 2006 18:18:58 +0100 stunnel4 (2:4.140-5) unstable; urgency=low * Move stunnel and stunnel-dsa from /usr/sbin to /usr/bin in order to be compliant with FHS standard. The stunnel program is interesting for "normal" users as well as administrator. -- Julien Lemoine Sun, 19 Feb 2006 17:47:55 +0100 stunnel4 (2:4.140-4) unstable; urgency=low * Fixed problem with default directory (/etc/stunnel for configuration directory and /var/run/stunnel4.pid for pid file) (Closes: #343882) -- Julien Lemoine Thu, 22 Dec 2005 16:32:20 +0100 stunnel4 (2:4.140-3) unstable; urgency=low * Default configuration file is now filled with values for usage in a chroot environment (if you do not want chroot or want to use vserver, you need to edit it) (Closes: #342507) -- Julien Lemoine Sat, 17 Dec 2005 10:00:40 +0100 stunnel4 (2:4.140-2) unstable; urgency=low * Fixed stunnel3 compatibility script (wrong binary : stunnel instead of stunnel4) (Closes: #340113) -- Julien Lemoine Mon, 21 Nov 2005 07:57:02 +0100 stunnel4 (2:4.140-1) unstable; urgency=low * New upstream release -- Julien Lemoine Wed, 2 Nov 2005 22:01:52 +0100 stunnel4 (2:4.120-1) unstable; urgency=low * New upstream release * Applied patch from Kurt Roeckx to fix initialization problem with openssl 0.9.8 (Closes: #334180) -- Julien Lemoine Wed, 26 Oct 2005 17:53:55 +0200 stunnel4 (2:4.110-2) unstable; urgency=low * Rebuild with openssl 0.9.8 -- Julien Lemoine Mon, 10 Oct 2005 19:41:33 +0200 stunnel4 (2:4.110-1) unstable; urgency=low * New upstream release * Updated to Standards-Version 3.6.2 -- Julien Lemoine Sun, 24 Jul 2005 11:21:14 +0200 stunnel4 (2:4.090-1) unstable; urgency=low * New upstream release * include better stunnel3 compability script from upstream, options like -cd can now be use instead of -c -d ... (closes: #305259) * Added depends on perl-modules to allow use of stunnel3 compatibilty script -- Julien Lemoine Wed, 20 Apr 2005 21:07:50 +0200 stunnel4 (2:4.070-5) unstable; urgency=low * Renamed stunnel3 compatibility script (/usr/sbin/stunnel) to be compatible with stunnel package * Added conflict with stunnel package (compatible, does not break user configuration) since stunnel 4.x is more actively maintained than stunnel 3.x -- Julien Lemoine Tue, 29 Mar 2005 22:16:43 +0200 stunnel4 (2:4.070-4) unstable; urgency=low * Add an option (PPP_RESTART) in /etc/default/stunnel4 to enable/disable restart scripts (closes: #298352) -- Julien Lemoine Mon, 7 Mar 2005 22:47:27 +0100 stunnel4 (2:4.070-3) unstable; urgency=low * Do not remove user and group if there already exist in postinst script (Closes: #290374) -- Julien Lemoine Mon, 17 Jan 2005 23:33:56 +0100 stunnel4 (2:4.070-2) unstable; urgency=low * Fixed directory problem : - confdir was /usr/etc/stunnel instead of /etc/stunnel (Closes: #289832) - zlib compression was unable to start since /etc/stunnel/stunnel.conf was not read (Closes: #289872) -- Julien Lemoine Tue, 11 Jan 2005 19:56:59 +0100 stunnel4 (2:4.070-1) unstable; urgency=low * New upstream release : Add IPV6 support * Disable proxy-connect patch (does not apply on 4.07 sources) -- Julien Lemoine Thu, 6 Jan 2005 07:23:48 +0100 stunnel4 (2:4.050-4) unstable; urgency=low * Restart connection instead of stop when ppp is down. It is possible to use stunnel for eth interfaces. (Closes: 271006) -- Julien Lemoine Sun, 26 Sep 2004 18:12:36 +0200 stunnel4 (2:4.050-3) unstable; urgency=low * Added proxy-connect patch (Closes: #267533) * Create directory /var/log/stunnel in postinst (Closes: #267093) * Create user and group stunnel4 (Closes: #266339) * Uncomment some line in default configuration file : o Use /var/log/stunnel4/stunnel.log as default log file o Use stunnel4 user and group as default o Use /var/run/stunnel4/stunnel.pid as default pid file -- Julien Lemoine Wed, 1 Sep 2004 22:19:28 +0200 stunnel4 (2:4.050-2) unstable; urgency=low * Fixed stoping problem in init.d script (Closes: #265449) Thanks to Wilfried Goesgens * Added stunnel4 in logrotate (Closes: #265437) Thanks to Wilfried Goesgens -- Julien Lemoine Fri, 13 Aug 2004 21:42:23 +0200 stunnel4 (2:4.050-1) unstable; urgency=low * By default, store pidfile in /var/run/stunnel4/stunnel.pid with /var/run/stunnel4 owned by nobody:nogroup * Oops, stunnel4 was a debian native package -- Julien Lemoine Mon, 7 Jun 2004 21:23:37 +0200 stunnel4 (2:4.05-1) unstable; urgency=low * New upstream release -- Julien Lemoine Wed, 7 Apr 2004 22:08:42 +0200 stunnel4 (2:4.04.0-10) unstable; urgency=low * Shut down stunnel4 in postinst (Closes: #234498) -- Julien Lemoine Tue, 24 Feb 2004 21:50:03 +0100 stunnel4 (2:4.04.0-9) unstable; urgency=low * Added configuration script from "Sergio Rua" -- Julien Lemoine Sun, 22 Feb 2004 23:26:38 +0100 stunnel4 (2:4.04.0-8) unstable; urgency=low * Added ppp ip-up and ip-down scripts (Closes: #227678) -- Julien Lemoine Sun, 22 Feb 2004 22:52:31 +0100 stunnel4 (2:4.04.0-7) unstable; urgency=low * Fix problem in init.d script (was not sh compatible) (Closes: #214818, #214823) -- Julien Lemoine Fri, 10 Oct 2003 00:47:57 +0200 stunnel4 (2:4.04.0-6) unstable; urgency=low * Rewrite of /etc/init.d/stunnel4 : o does not use kill -9, thus giving a chance to stunnel4 to clean up puts common code in functions o avoids calling ps twice o uses fgrep o does not print the conf file name if no processes exist for it o corrects the `stoped' typo Thanks to Francesco Potorti` (Closes: #214562) -- Julien Lemoine Tue, 7 Oct 2003 16:37:12 +0200 stunnel4 (2:4.04.0-5) unstable; urgency=low * /etc/init.d/stunnel4 can load more than one configuration file. It loads /etc/stunnel/*.conf. You can have a configuration file for server mode and one for client mode. (Closes: #211870) -- Julien Lemoine Thu, 25 Sep 2003 18:05:01 +0200 stunnel4 (2:4.04.0-4) unstable; urgency=low * Put stunnel.html in /usr/share/doc/stunnel4/ instead of /usr/share/doc/stunnel * Updated to Standards-Version 3.6.1 -- Julien Lemoine Thu, 4 Sep 2003 13:39:51 +0200 stunnel4 (2:4.04.0-3) unstable; urgency=low * Fixed wrong path search for stunnel.conf (Closes: Bug#202931) -- Julien Lemoine Sat, 26 Jul 2003 11:00:46 +0200 stunnel4 (2:4.04.0-2) unstable; urgency=low * Fixed stunnel.conf problems, file must be commented by default. (Closes: #202693) -- Julien Lemoine Fri, 25 Jul 2003 11:38:47 +0200 stunnel4 (2:4.04.0-1) unstable; urgency=low * Oops, stunnel4 is not a native package -> reupload it with a diff.gz * Does not install stunnel.so since it is not used * Updated clean rules to have a clean diff * Updated to Standards-Version 3.6.0 -- Julien Lemoine Sat, 19 Jul 2003 20:12:51 +0200 stunnel4 (2:4.04-2) unstable; urgency=low * Fixed compilation errors (removed binary in clean rule) * removed libstunnel.so since it is not used -- Julien Lemoine Sun, 13 Jul 2003 02:45:05 +0200 stunnel4 (2:4.04-1) unstable; urgency=low * Stunnel versions 4.x are now in stunnel4 package and stunnel versions 3.x are in stunnel package to keep backward compatibility. -- Julien Lemoine Fri, 4 Jul 2003 18:24:21 +0200 stunnel (4.04-5) unstable; urgency=low * The "I need to sleep more to avoid making typos" release. * Fixed typos in default/init file (ENABLED instead of ENABLE) (Closes: #197958) * Commented all stunnel.conf file, client=no is the default value (Closes: #197961) -- Julien Lemoine Thu, 19 Jun 2003 00:40:28 +0200 stunnel (4.04-4) unstable; urgency=low * Added /etc/default/stunnel with a variable ENABLE. ENABLE=0 by default since stunnel segv on some computer when all lines are commented (Closes: #197663, #197615) -- Julien Lemoine Mon, 16 Jun 2003 22:04:17 +0200 stunnel (4.04-3) unstable; urgency=low * comment ldap sample (Closes: #197566) -- Julien Lemoine Mon, 9 Jun 2003 15:03:41 +0200 stunnel (4.04-2) unstable; urgency=low * Fixed typo in init.d script (Closes: #197499) * Added a commented example in stunnel.conf from Craig Sanders -- Julien Lemoine Sun, 15 Jun 2003 18:06:07 +0200 stunnel (4.04-1) unstable; urgency=low * New upstream release (Closes: #177532, Closes: 188137) * New maintainer * Stunnel has no more -L option (Closes: #120265) * Stunnel has no more -l option (Closes: #175844) * Shutdown(1) problem was fixed (Closes: #111125) * Problem with large data resolved (tested with a 5Mo file) (Closes: #112287) * Licence is now GPL version 2 with agreement to link with openssl (Closes: #147665) * stunnel can execute command (Closes: #147537) * added a lintian overwrite for libstunnel.so since it is compiled with -avoid-version * Fixed problem with path (/etc/ instead of $(prefix)/etc, ...) * Include default configuration file in /etc * Upgraded to debian policy 3.5.10 * Added init.d file -- Julien Lemoine Sat, 24 May 2003 02:30:20 +0200 stunnel (3.22-1) unstable; urgency=high * New upstream release (closes: bug#126627). * Typo fix in postinst (closes: bug#120199, bug#121904) -- Paolo Molaro Sun, 30 Dec 2001 10:31:46 +0100 stunnel (3.21.c-1) unstable; urgency=low * New upstream release (Closes: bug#111139, bug#102834, bug#61427). * Avoid generating automatically the initial stunnel.pem, openssl cannot be reliably used in a non-interactive way (Closes: bug#60776, bug#98445). Info on how to generate the certificate is now included in README.Debian. * There is support for (re)setting OOB data handling in the new upstream version (Closes: bug#107503). * Include the sample /etc/iniy.d/stunnel file as an example in the package (Closes: bug#114669). -- Paolo Molaro Sat, 17 Nov 2001 12:31:04 +0100 stunnel (3.14-1) unstable; urgency=low * New upstream release * Actually compile it against the new libssl (Closes: #86916). -- Paolo Molaro Fri, 23 Feb 2001 18:57:18 +0100 stunnel (3.13-1) unstable; urgency=low * New upstream release. * Recompile with and depend on libssl096 (Closes: #85000, #86385, #83857, #82500). * Already fixed in previous aborted upload (Closes: #82105, #77227, #80079, #76576). -- Paolo Molaro Sun, 18 Feb 2001 21:30:50 +0100 stunnel (3.10-1) unstable; urgency=high * New upstream release. -- Paolo Molaro Wed, 20 Dec 2000 15:14:08 +0100 stunnel (3.10-0potato1) stable; urgency=high * New upstream release. -- Paolo Molaro Wed, 20 Dec 2000 13:07:35 +0100 stunnel (3.9-0potato1) stable; urgency=high * New upstream release: security fix (Closes: #80079, #76576). * Use correct dir for pid (Closes: #77227). -- Paolo Molaro Wed, 20 Dec 2000 11:24:18 +0100 stunnel (3.8-1) unstable; urgency=low * New upstream version (Closes: #75117, #67010). * Read 1k of random data in a temp file (Closes: #69808). * Added a note in postrm about the stunnel.pem file that is left in /etc/ssl/certs: it is safer if the user deals with it since it may have been create by him and not stunnel (Closes: #57648). -- Paolo Molaro Wed, 5 Jul 2000 16:43:07 +0000 stunnel (3.4a-6) unstable; urgency=low * Depends on openssl 0.9.4 (closes: bug#53947). -- Paolo Molaro Tue, 4 Jan 2000 12:37:24 +0100 stunnel (3.4a-5) unstable; urgency=medium * Include upstream download info in copyright (closes: bug#53301). * Include example from Steve Haslam to make stunnel run from a init script (closes: bug#53300). -- Paolo Molaro Thu, 23 Dec 1999 16:49:38 +0100 stunnel (3.4a-4) unstable; urgency=medium * Depends on openssl instead of Suggests (Closes: bug#49238). -- Paolo Molaro Sat, 13 Nov 1999 12:44:35 +0100 stunnel (3.4a-3) unstable; urgency=high * Fixes security problem with the certificate. -- Paolo Molaro Thu, 4 Nov 1999 17:33:52 +0100 stunnel (3.4a-2) unstable; urgency=low * Suggest openssl instead of ssleay. (Closes: bug#47712) -- Paolo Molaro Wed, 27 Oct 1999 18:24:27 +0200 stunnel (3.4a-1) unstable; urgency=low * New upstream release. * Put cert in /etc/ssl/certs (closes:#41099). I think this is neither an openssl nor stunnel bug, but a dpkg one (other similar bugs are already filed against dpkg). -- Paolo Molaro Thu, 22 Jul 1999 16:50:32 +0200 stunnel (3.3-1) unstable; urgency=low * New upstream release. -- Paolo Molaro Fri, 18 Jun 1999 16:43:05 +0200 stunnel (3.2-2) unstable; urgency=low * Fixed stupid coding error. -- Paolo Molaro Sat, 29 May 1999 13:01:17 +0200 stunnel (3.2-1) unstable; urgency=low * Recompilation with new ssl lib. * New upstream release. -- Paolo Molaro Mon, 24 May 1999 12:09:58 +0200 stunnel (2.1-2) unstable; urgency=low * Added libwrap support (/etc/hosts.{allow,deny}). * Recompilation with newer libc6. * Better stunnel-config script. -- Paolo Molaro Fri, 11 Dec 1998 11:57:52 +0100 stunnel (2.1-1) unstable; urgency=low * Initial release. -- Paolo Molaro Mon, 30 Nov 1998 11:41:29 +0100