1325 lines
51 KiB
Plaintext
1325 lines
51 KiB
Plaintext
stunnel4 (3:5.44-1) unstable; urgency=medium
|
|
|
|
* New upstream release, drop the 10-accept patch taken from upstream.
|
|
|
|
-- Peter Pentchev <roam@ringlet.net> Mon, 27 Nov 2017 14:12:39 +0200
|
|
|
|
stunnel4 (3:5.43-1) unstable; urgency=medium
|
|
|
|
* Remove whitespace at the end of the lines in old changelog entries.
|
|
* Declare compliance with Debian Policy 4.1.1 with no changes.
|
|
* Fix some typographical errors in old changelog entries.
|
|
* Add "Rules-Requires-Root: no" to the source control stanza.
|
|
* New upstream release:
|
|
- add netcat-traditional to the build dependencies since
|
|
the new upstream test suite uses it
|
|
- also run the upstream test suite as an automated package test
|
|
- add an upstream patch for the behavior of the "accept" option
|
|
* Rename the automated test scripts without a language extension.
|
|
|
|
-- Peter Pentchev <roam@ringlet.net> Wed, 15 Nov 2017 15:58:34 +0200
|
|
|
|
stunnel4 (3:5.42-1) unstable; urgency=medium
|
|
|
|
* Add a simple autopkgtest suite.
|
|
* Declare compliance with Debian Policy 4.1.0:
|
|
- do not install documentation files if the "nodoc" build option is
|
|
set or the "nodoc" build profile is active.
|
|
- add the 09-try-restart patch to implement the "try-restart" action
|
|
in the SysV init script.
|
|
* New upstream version:
|
|
- drop the 08-session-free patch, fixed upstream in a better way
|
|
- refresh the 02-rename-binary, 04-restore-pidfile-default, and
|
|
07-path-max patches
|
|
- add a Lintian override because "CAs" is not a typo for this package
|
|
- add a build dependency on autoconf-archive
|
|
- bump the year in the upstream copyright notice
|
|
* Drop the sdf build dependency, it does not seem to be needed any more.
|
|
|
|
-- Peter Pentchev <roam@ringlet.net> Sat, 23 Sep 2017 16:25:21 +0300
|
|
|
|
stunnel4 (3:5.39-2) unstable; urgency=medium
|
|
|
|
* Add the 08-session-free patch to avoid freeing the SSL session
|
|
twice, which will either be detected by the OpenSSL library and
|
|
crash the stunnel process, or cause use-after-free problems that
|
|
may lead to even worse results later. Closes: #850292
|
|
|
|
-- Peter Pentchev <roam@ringlet.net> Sun, 08 Jan 2017 17:30:12 +0200
|
|
|
|
stunnel4 (3:5.39-1) unstable; urgency=medium
|
|
|
|
* New upstream version:
|
|
- drop the 08-dh-openssl-1.1 patch, dhparam.c was regenerated with
|
|
OpenSSL 1.1 again
|
|
- refresh the rest of the patches
|
|
* Remove the cybermirror sites from the watch file; their stunnel
|
|
mirror has been "undergoing maintenance" for at least three months.
|
|
* Bump the year of my debian/* copyright notice.
|
|
|
|
-- Peter Pentchev <roam@ringlet.net> Tue, 03 Jan 2017 12:29:16 +0200
|
|
|
|
stunnel4 (3:5.38-1) unstable; urgency=medium
|
|
|
|
* New upstream release:
|
|
- drop the 06-lfs, 08-typos, and 09-realloc patches, included upstream
|
|
- add the 08-dh-openssl-1.1.patch to fix the build with OpenSSL 1.1
|
|
|
|
-- Peter Pentchev <roam@ringlet.net> Sun, 27 Nov 2016 03:31:13 +0200
|
|
|
|
stunnel4 (3:5.37-2) unstable; urgency=medium
|
|
|
|
* Add the 09-realloc patch to fix a reallocation / double-free bug.
|
|
Closes: #843988; thanks, Sebastian Andrzej Siewior and gregor
|
|
herrmann!
|
|
|
|
-- Peter Pentchev <roam@ringlet.net> Wed, 16 Nov 2016 20:50:08 +0200
|
|
|
|
stunnel4 (3:5.37-1) unstable; urgency=medium
|
|
|
|
* Reformat the build and runtime dependency lists in the control file.
|
|
* Add a runtime dependency on lsb-base for /lib/lsb/init-functions.
|
|
* Drop the dh_installinit override: --restart-after-upgrade is already
|
|
the default behavior in debhelper compatibility level 10.
|
|
* Update the watch file a bit:
|
|
- replace pgpmode=auto with pgpsigurlmangle - the former will not
|
|
fail on a missing upstream signature file
|
|
- make the version regular expression a bit more sane
|
|
- use v4's @ARCHIVE_EXT@ substitution variable
|
|
* Add another correction to the typos patch.
|
|
* New upstream release.
|
|
* Correct the download webpage's URL in the copyright file.
|
|
* Correct the project homepage's URL in the stunnel3 manual page.
|
|
* Use the HTTPS scheme for various upstream URLs.
|
|
|
|
-- Peter Pentchev <roam@ringlet.net> Thu, 10 Nov 2016 02:57:28 +0200
|
|
|
|
stunnel4 (3:5.36-1) unstable; urgency=medium
|
|
|
|
* Add the 24-typos patch to fix some typographical errors.
|
|
* New upstream version:
|
|
- drop the 10-no-zlib-compression patch, integrated upstream
|
|
* Bump the debhelper B-D to 10 and drop the Lintian override.
|
|
* Rename the patch files to "reindex" sequentially.
|
|
|
|
-- Peter Pentchev <roam@ringlet.net> Sun, 25 Sep 2016 12:43:20 +0300
|
|
|
|
stunnel4 (3:5.35-1) unstable; urgency=medium
|
|
|
|
* New upstream release:
|
|
- drop the 24-ssl23 patch, integrated upstream
|
|
- refresh the other patches
|
|
|
|
-- Peter Pentchev <roam@ringlet.net> Mon, 18 Jul 2016 10:45:04 +0300
|
|
|
|
stunnel4 (3:5.33-1) unstable; urgency=medium
|
|
|
|
* Switch the bugs.debian.org URL in a patch to HTTPS.
|
|
* Switch the copyright format URL to HTTPS.
|
|
* New upstream version:
|
|
- fix the build with OpenSSL-1.1; Closes: #828562
|
|
- refresh the 12-restore-pidfile-default and 23-path-max patches
|
|
* Add the 24-ssl23.h patch to further fix the OpenSSL 1.1 build -
|
|
the ssl23.h file was removed.
|
|
|
|
-- Peter Pentchev <roam@ringlet.net> Mon, 27 Jun 2016 13:51:43 +0300
|
|
|
|
stunnel4 (3:5.32-1) unstable; urgency=medium
|
|
|
|
* Declare compliance with Debian Policy 3.9.8 with no changes.
|
|
* Remove the Breaks/Replaces relations for the old "stunnel" package;
|
|
it is not even present in oldstable.
|
|
* Update the watch file:
|
|
- switch to the HTTPS scheme for the upstream downloads page
|
|
- re-enable the ftp://ftp.stunnel.org/stunnel/archive/5.x/ location
|
|
and use FTP passive mode to access it
|
|
- actually include upstream's signing subkey in the key file!
|
|
- update to the watch file format 4 and use pgpmode=auto
|
|
* Use Autoconf's AC_SYS_LARGEFILE for Large File Support.
|
|
* New upstream release:
|
|
- update the upstream author's e-mail address in the copyright file,
|
|
the upstream metadata file, and the stunnel3.8 manual page
|
|
- refresh the 02-rename-binary patch
|
|
* Bump the debhelper compatibility level to 10:
|
|
- override the Lintian debhelper warning as it itself suggests
|
|
- let debhelper handle the parallel building and autoreconf by itself
|
|
* Add the 23-path-max patch to allocate the configuration filename
|
|
dynamically and avoid the use of the possibly undefined PATH_MAX.
|
|
|
|
-- Peter Pentchev <roam@ringlet.net> Wed, 04 May 2016 14:54:45 +0300
|
|
|
|
stunnel4 (3:5.31-1) unstable; urgency=medium
|
|
|
|
* New upstream release.
|
|
* Declare compliance with Debian Policy 3.9.7 with no changes.
|
|
|
|
-- Peter Pentchev <roam@ringlet.net> Wed, 02 Mar 2016 11:29:06 +0200
|
|
|
|
stunnel4 (3:5.30-1) unstable; urgency=medium
|
|
|
|
* New upstream release:
|
|
- bump the upstream copyright years
|
|
- refresh the 02-rename-binary patch
|
|
- refresh the 10-no-zlib-compression patch (line numbers only)
|
|
* Bump the year on my debian/* copyright notice.
|
|
|
|
-- Peter Pentchev <roam@ringlet.net> Sun, 31 Jan 2016 15:40:22 +0200
|
|
|
|
stunnel4 (3:5.29-1) unstable; urgency=medium
|
|
|
|
* New upstream release, refresh the patches' line numbers.
|
|
|
|
-- Peter Pentchev <roam@ringlet.net> Fri, 08 Jan 2016 20:59:02 +0200
|
|
|
|
stunnel4 (3:5.28-1) unstable; urgency=high
|
|
|
|
* New upstream release:
|
|
- high urgency: fix a bug introduced in 3:5.27-1: if an OpenSSL
|
|
engine is used, the SSL library's initialization would not be
|
|
performed completely, skipping, for instance, the proper
|
|
initialization of the pseudo-random number generator
|
|
- refresh the patches
|
|
|
|
-- Peter Pentchev <roam@ringlet.net> Fri, 11 Dec 2015 23:24:40 +0200
|
|
|
|
stunnel4 (3:5.27-1) unstable; urgency=medium
|
|
|
|
* New upstream release:
|
|
- refresh the patches
|
|
- drop the 19-typos patch, applied upstream
|
|
|
|
-- Peter Pentchev <roam@ringlet.net> Fri, 04 Dec 2015 00:34:30 +0200
|
|
|
|
stunnel4 (3:5.26-1) unstable; urgency=medium
|
|
|
|
* New upstream version:
|
|
- drop the 14-lsb-init-functions, 18-lsb-startup, and 20-comparison
|
|
patches, applied upstream
|
|
- rework the 02-rename-binary and 10-no-zlib-compression patches
|
|
- update the 19-typos patch: the fixes within it were applied
|
|
upstream, but a couple of new typos were introduced
|
|
- refresh patches
|
|
- add the 21-author-tests patch to make the building of the Win32
|
|
binaries conditional on an environment variable and not on
|
|
the presence of the .git directory
|
|
- update the upstream copyright notice in debian/copyright
|
|
* Drop the perl-modules dependency - "perl", brought in by perl:Depends,
|
|
ought to be enough.
|
|
* Run the build in all of the source directories. Closes: #804292
|
|
* Use an https:// URL for Vcs-Git.
|
|
|
|
-- Peter Pentchev <roam@ringlet.net> Thu, 19 Nov 2015 20:44:33 +0200
|
|
|
|
stunnel4 (3:5.18-1) unstable; urgency=medium
|
|
|
|
* Add the 17-upstream-hangup patch to fix prematurely closed
|
|
connections when there is still data to be written.
|
|
Thanks to Joachim Falk for backporting the patch!
|
|
Closes: #771241
|
|
* Add the 18-lsb-startup patch to make the daemons' startup consistent
|
|
with the way things are done in Debian.
|
|
Among other things, Closes: #782030
|
|
* Rework the patches a bit:
|
|
- update the description of 01-fix-paths
|
|
- move the tools/script.sh chunk from 01-fix-paths to 02-rename-binary
|
|
- drop 08-client-example: it was actually applied upstream, no need
|
|
to add the same text twice
|
|
- drop 11-no-rle-compression: the OpenSSL bug has been fixed
|
|
somewhere in the 1.x release timeframe
|
|
* Add the 19-typos patch to fix some minor documentation typos and
|
|
rework the 02-rename-binary patch to make the change in the manual page
|
|
during the stunnel.pod -> stunnel.8 rebuild
|
|
* Add the 20-comparison patch to fix a minor logging bug.
|
|
* Remove ${misc:Pre-Depends} as explained in debhelper's #783898.
|
|
* Bump the year on my debian/* copyright notice.
|
|
* Add --parallel to the debhelper invocation.
|
|
* New upstream version:
|
|
- rework the 01-fix-paths and the 10-zlib-compression patches to
|
|
catch up with upstream updates
|
|
- refresh patches
|
|
- drop the 05-logrotate-warning-in-sample-conf patch, applied upstream
|
|
- drop the 15-upstream-systemd-libs, 16-upstream-sslv23-method, and
|
|
17-upstream-hangup patches since they were cherry-picked from
|
|
upstream to begin with
|
|
- remove handling for the dropped French manual page
|
|
|
|
-- Peter Pentchev <roam@ringlet.net> Sun, 14 Jun 2015 04:13:02 +0300
|
|
|
|
stunnel4 (3:5.06-2) unstable; urgency=medium
|
|
|
|
* Limit the systemd build dependency to Linux architectures only,
|
|
so that we actually give Stunnel a chance to build on kFreeBSD
|
|
or the Hurd.
|
|
* Add debian/upstream/metadata.
|
|
|
|
-- Peter Pentchev <roam@ringlet.net> Mon, 20 Oct 2014 11:49:05 +0300
|
|
|
|
stunnel4 (3:5.06-1) unstable; urgency=medium
|
|
|
|
* New upstream release:
|
|
- refresh patches
|
|
- drop 13-init-script-typo.patch, included upstream
|
|
* Update Standards-Version to 3.9.6.
|
|
|
|
[ Santiago Vila <sanvila@unex.es> ]
|
|
* Fix logrotate typo (closes: #762242).
|
|
|
|
[ Peter Pentchev ]
|
|
* Disable the autodetection of zlib in the configure script,
|
|
it will most probably not be used at all later.
|
|
* Fix the DEP-3 format of the 01-fix-paths, 02-rename-binary, and
|
|
03-runas-user patches - use multiple "Author" headers.
|
|
* Switch to the cgit frontend for Vcs-Browser.
|
|
* New upstream release:
|
|
- refresh the patches
|
|
- add a build dependency on libsystemd-dev for the systemd socket
|
|
activation support
|
|
- add the 15-upstream-systemd-libs patch to fix the build with
|
|
the systemd version in unstable/testing
|
|
- add a news blurb about the disabled SSLv2 and SSLv3 protocols
|
|
and the configuration options to enable them
|
|
- add the 16-upstream-sslv23-method patch to fix the build for
|
|
OpenSSL with disabled SSLv2 and SSLv3
|
|
- add Mark Theunissen's copyright notice for the systemd socket
|
|
activation code
|
|
* Drop an ancient README.Debian note about upgrading from 4.20 or
|
|
earlier, it has not even been in oldstable for quite some time now.
|
|
* Switch the /usr/bin/stunnel symlink from stunnel3 to stunnel4,
|
|
as README.Debian has threatened for ages. Add a news blurb.
|
|
* Add perl:Depends to the binary package.
|
|
|
|
-- Peter Pentchev <roam@ringlet.net> Fri, 17 Oct 2014 12:04:50 +0300
|
|
|
|
stunnel4 (3:5.03-1) unstable; urgency=medium
|
|
|
|
* New upstream version:
|
|
- refresh the 02-rename-binary, 10-no-zlib-compression, and
|
|
12-restore-pidfile-default patches
|
|
- drop the 09-init-script-ulimits patch, it was actually
|
|
included upstream in 5.02
|
|
- add the 13-init-script-typo patch to remove a stray quote
|
|
* Add the 14-lsb-init-functions patch to source /lib/lsb/init-functions,
|
|
although the init script does not use anything there yet.
|
|
|
|
-- Peter Pentchev <roam@ringlet.net> Sun, 10 Aug 2014 01:55:32 +0300
|
|
|
|
stunnel4 (3:5.02-1) unstable; urgency=medium
|
|
|
|
* New upstream version:
|
|
- drop the 04-selective-tunnel-restart, 06-init-script-description,
|
|
and 07-init-script-status patches, applied upstream
|
|
- refresh the 01-fix-paths, 02-rename-binary, 03-runas-user,
|
|
05-logrotate-warning-in-sample-conf, 08-client-example,
|
|
09-init-script-ulimits, and 12-restore-pidfile-default patches
|
|
- augment the 01-fix-paths patch to also move the pidfile to
|
|
/var/run/ and not /usr/var/run/.
|
|
|
|
-- Peter Pentchev <roam@ringlet.net> Tue, 10 Jun 2014 17:23:32 +0300
|
|
|
|
stunnel4 (3:5.01-3) unstable; urgency=medium
|
|
|
|
* Add the 12-restore-pidfile-default patch to restore stunnel's
|
|
"create the pid file by default" behavior, since the init script
|
|
has no way of monitoring the started stunnel4 processes otherwise.
|
|
The init script now warns about configurations with no "pid"
|
|
setting; in a future version it will refuse to start stunnel for
|
|
these configurations. Closes: #744851
|
|
|
|
-- Peter Pentchev <roam@ringlet.net> Fri, 18 Apr 2014 14:37:42 +0300
|
|
|
|
stunnel4 (3:5.01-2) unstable; urgency=medium
|
|
|
|
* Add the 11-no-rle-compression patch to disable RLE compression since
|
|
OpenSSL does not really implement it. Closes: #744350
|
|
* Modify the 10-no-zlib-compression patch to not even allow starting
|
|
a tunnel configured with "zlib" or "deflate" compression.
|
|
|
|
-- Peter Pentchev <roam@ringlet.net> Mon, 14 Apr 2014 15:24:25 +0300
|
|
|
|
stunnel4 (3:5.01-1) unstable; urgency=medium
|
|
|
|
* New maintainer. Closes: #738093
|
|
* A new upload should fix the build with newer OpenSSL.
|
|
Closes: #737517
|
|
* Add DEP-3 headers to the patch files.
|
|
* Switch to debhelper override rules.
|
|
* Use dh-autoreconf and retarget the rename-binary patch.
|
|
Closes: #727511
|
|
* Canonicalize the Vcs-Git and Vcs-Browser source control fields.
|
|
* Update the watch file a bit:
|
|
- watch a mirror in addition to the main site, at least temporarily
|
|
until the main FTP site is fixed
|
|
- watch for 5.x versions, too
|
|
- add Michal Trojnara's PGP key
|
|
* Convert the copyright file to the 1.0 format and add my notice.
|
|
* Remove the README.source file, unnecessary in the 3.0 (quilt) format.
|
|
* Bump Standards-Version to 3.9.5 with no further changes.
|
|
* Bump the debhelper compatibility level to 9 with multiarch:
|
|
- let debhelper set the build environment variables
|
|
- add misc:Pre-Depends to the binary package
|
|
- remove the libtool .la file in the multiarch lib directory
|
|
* Drop the versions from the libssl-dev and openssl build dependencies.
|
|
* Drop two automatically-created directories from debian/dirs
|
|
* New upstream release:
|
|
- Closes: #723781 (package new upstream version)
|
|
- a fix for CVE-2014-0016 was included. Closes: #740802
|
|
- refresh the rename-binary patch
|
|
- drop the CVE-2013-1762 patch, it was taken from stunnel-4.55
|
|
- add a stunnel4.NEWS item to note the newly disabled by default
|
|
pidfile and libwrap options
|
|
- update the copyright file
|
|
* Build with Large File Support - no problems there, since stunnel
|
|
never really uses the position or the size of any open files.
|
|
* Add the init_script_status patch to support the 'status' command.
|
|
Closes: #548974
|
|
* Rename the Debian patches following a number sequence.
|
|
* Modify the debian/stunnel3.8 and add the 08-client-example patch
|
|
to add a client configuration example to the English manual page.
|
|
Closes: #644398, although this one shall have to be referred to
|
|
upstream for inclusion in the rest of the documentation, too.
|
|
* Reword the note about FIPS support in README.Debian, fix a typo
|
|
and correct the URLs to the OpenSSL FIPS User Guide.
|
|
Closes: #642440
|
|
* Optionally set resource limits on startup. Closes: #599138
|
|
- add the RLIMITS variable to /etc/default/stunnel4
|
|
- add the 09-init-script-ulimits patch to honor it
|
|
* Add the 10-no-zlib-compression patch to disable the hardcoded
|
|
addition of zlib as a compression algorithm for OpenSSL 0.9.8 and
|
|
later; the Debian OpenSSL package is compiled without support for
|
|
zlib compression since version 1.0.1e-5.
|
|
|
|
-- Peter Pentchev <roam@ringlet.net> Tue, 08 Apr 2014 22:48:48 +0300
|
|
|
|
stunnel4 (3:4.53-1.1) unstable; urgency=high
|
|
|
|
* Non-maintainer upload.
|
|
* Add CVE-2013-1762.patch patch.
|
|
CVE-2013-1762: Fix buffer overflow in NTLM authentication of the CONNECT
|
|
protocol negotiation. (Closes: #702267)
|
|
|
|
-- Salvatore Bonaccorso <carnil@debian.org> Mon, 22 Apr 2013 19:47:34 +0200
|
|
|
|
stunnel4 (3:4.53-1) unstable; urgency=low
|
|
|
|
* New upstream version 4.53.
|
|
- Added client-mode "sni" option to directly control the value of
|
|
TLS Server Name Indication (RFC 3546) extension (Closes: #668041).
|
|
- Added support for IP_FREEBIND socket option with a pached Linux kernel.
|
|
- Glibc-specific dynamic allocation tuning was applied to help unused memory
|
|
deallocation.
|
|
- Non-blocking OCSP implementation.
|
|
- Various other bugfixes, see upstream changelog for details.
|
|
|
|
* Enabled hardening compile flags. There were NO compile time warning messages
|
|
or errors triggered because of this.
|
|
|
|
* Updated to Standards-Version 3.9.3. No changes required.
|
|
- Migrating to /run from /var/run will be a hard problem, because we expect
|
|
user written config files to refer to the directory. We'll punt on making
|
|
this change for now.
|
|
* Updated copyright years to 2012.
|
|
* Added Description: LSB header to init script.
|
|
|
|
-- Luis Rodrigo Gallardo Cruz <rodrigo@debian.org> Sun, 03 Jun 2012 11:34:36 -0700
|
|
|
|
stunnel4 (3:4.52-1) unstable; urgency=low
|
|
|
|
* New upstream version 4.52.
|
|
* Do not enable chroot in sample config file. It is misleading to users, it
|
|
suggests it can be used with no further changes. Closes: #652812
|
|
* Remove log files on purge. Closes: #657135
|
|
|
|
-- Luis Rodrigo Gallardo Cruz <rodrigo@debian.org> Sun, 12 Feb 2012 12:06:37 -0800
|
|
|
|
stunnel4 (3:4.51~b5-1) experimental; urgency=low
|
|
|
|
* New upstream version
|
|
- Fixed exec+connect sections (Closes: #653882).
|
|
- New "compression = deflate" global option to enable RFC 2246 compression.
|
|
For compatibility with previous versions "compression = zlib" and
|
|
"compression = rle" also enable the deflate (RFC 2246) compression.
|
|
- Separate default ciphers and sslVersion for "fips = yes" and "fips = no".
|
|
|
|
-- Luis Rodrigo Gallardo Cruz <rodrigo@debian.org> Wed, 04 Jan 2012 11:24:58 -0800
|
|
|
|
stunnel4 (3:4.50-1) unstable; urgency=low
|
|
|
|
* New Upstream Releases. Highlights:
|
|
+ 4.46:
|
|
- Added Unix socket support (e.g. "connect = /var/run/stunnel/socket").
|
|
- Added "verify = 4" mode to ignore CA chain and only verify peer
|
|
certificate.
|
|
- Removed the limit of 16 IP addresses for a single 'connect' option.
|
|
- Removed the limit of 256 stunnel.conf sections in PTHREAD threading
|
|
model.
|
|
+ 4.45:
|
|
- "protocol = proxy" support to send original client IP address to haproxy
|
|
http://haproxy.1wt.eu/download/1.5/doc/proxy-protocol.txt
|
|
This requires accept-proxy bind option of haproxy 1.5-dev3 or later.
|
|
- Libwrap helper processes are no longer started if libwrap is disabled
|
|
in all sections of the configuration file.
|
|
- Fixed -l option handling in stunnel3 script (thx to Kai Gülzau).
|
|
- Script to build default stunnel.pem was fixed (thx to Sebastian Kayser).
|
|
+ 4.44:
|
|
- Heap buffer overflow protection with canaries.
|
|
- Stack buffer overflow protection with -fstack-protector.
|
|
- Fixed garbled error messages on errors with setuid/setgid options.
|
|
+ 4.43:
|
|
- Major optimization of the logging subsystem.
|
|
Benchmarks indicate up to 15% stunnel performance improvement.
|
|
* Remove config.guess and config.sub in clean target, otherwise build fails
|
|
because of changes in source outside of a patch. Found and fixed by
|
|
Peter Eisentraut <petere@debian.org> (Closes: #647176).
|
|
* Updated watchfile to new upstream's directory structure for archived
|
|
releases.
|
|
|
|
-- Luis Rodrigo Gallardo Cruz <rodrigo@debian.org> Thu, 29 Dec 2011 06:39:09 -0800
|
|
|
|
stunnel4 (3:4.42-1) unstable; urgency=low
|
|
|
|
* New Upstream Release.
|
|
- Fixed a heap corruption vulnerability in versions 4.40 and 4.41. It may
|
|
possibly be leveraged to perform DoS or remote code execution attacks.
|
|
(Closes: #638758)
|
|
- New verify level 0 to request and ignore peer certificate.
|
|
|
|
-- Luis Rodrigo Gallardo Cruz <rodrigo@debian.org> Sat, 27 Aug 2011 08:34:43 -0700
|
|
|
|
stunnel4 (3:4.40-1) unstable; urgency=low
|
|
|
|
* New Upstream Release:
|
|
- Hardcoded 2048-bit DH parameters are used as a fallback if DH parameters
|
|
are not provided in stunnel.pem.
|
|
- Default "ciphers" value updated to prefer ECDH:
|
|
"ALL:!SSLv2:!aNULL:!EXP:!LOW:-MEDIUM:RC4:+HIGH".
|
|
- Default ECDH curve updated to "prime256v1".
|
|
- Removed support for temporary RSA keys (used in obsolete export ciphers).
|
|
|
|
-- Luis Rodrigo Gallardo Cruz <rodrigo@debian.org> Sun, 24 Jul 2011 11:06:57 -0700
|
|
|
|
stunnel4 (3:4.39-1) unstable; urgency=low
|
|
|
|
* New Upstream Releases. Highlights:
|
|
+ 4.38:
|
|
- Server-side SNI implemented (RFC 3546 section 3.1) with a new
|
|
service-level option "nsi".
|
|
- "socket" option also accepts "yes" and "no" for flags.
|
|
- Nagle's algorithm is now disabled by default for improved interactivity.
|
|
- Bugfix: Signal pipe set to non-blocking mode. This bug caused
|
|
hangs of stunnel features based on signals, e.g. local mode, FORK
|
|
threading, or configuration file reload on Unix. Win32 platform was
|
|
not affected.
|
|
+ 4.37:
|
|
- Client-side SNI implemented (RFC 3546 section 3.1).
|
|
- Default "ciphers" changed from the OpenSSL default to a more secure
|
|
and faster "RC4-MD5:HIGH:!aNULL:!SSLv2".
|
|
A paranoid (and usually slower) setting would be "HIGH:!aNULL:!SSLv2".
|
|
- Recommended "options = NO_SSLv2" added to the sample stunnel.conf file.
|
|
- Default client method upgraded from SSLv3 to TLSv1.
|
|
To connect servers without TLS support use "sslVersion = SSLv3" option.
|
|
- Bugfix: Non-blocking socket handling in local mode fixed
|
|
(Closes: #626856).
|
|
+ 4.36:
|
|
- Dynamic memory management for strings manipulation:
|
|
no more static STRLEN limit, lower stack footprint. (Closes: #594876).
|
|
- Strict public key comparison added for "verify = 3" certificate
|
|
checking mode (thx to Philipp Hartwig).
|
|
For more details see upstream ChangeLog.
|
|
|
|
* Removed /usr/lib/stunnel/libstunnel.la file.
|
|
* Support restarting selected stunnel instances. Thanks Peter Palfrader.
|
|
(Closes: #627765).
|
|
|
|
-- Luis Rodrigo Gallardo Cruz <rodrigo@debian.org> Thu, 21 Jul 2011 15:46:25 -0700
|
|
|
|
stunnel4 (3:4.35-2) unstable; urgency=low
|
|
|
|
* Fix variable substitution in init script (Closes: #623221).
|
|
Thanks Tomas Kapralek <kapralek@cvut.cz> for report and diagnosis.
|
|
|
|
-- Luis Rodrigo Gallardo Cruz <rodrigo@debian.org> Mon, 18 Apr 2011 20:46:01 -0700
|
|
|
|
stunnel4 (3:4.35-1) unstable; urgency=low
|
|
|
|
* New Upstream Releases (Closes: #621987).
|
|
* Upstream incorporated our init script, so this package no longer carries
|
|
its own copy of it.
|
|
* Bump Standards-Version to 3.9.2. No changes needed.
|
|
* Remove /etc/stunnel/stunnel4.conf file as it is useless, except as a sample.
|
|
A README file for /etc/stunnel was provided (Closes: #549384).
|
|
* Minor cleanup of debian/rules, no longer runs configure twice.
|
|
|
|
-- Luis Rodrigo Gallardo Cruz <rodrigo@debian.org> Sun, 17 Apr 2011 22:04:53 -0700
|
|
|
|
stunnel4 (3:4.33-1) experimental; urgency=low
|
|
|
|
* New Upstream Releases
|
|
- 4.31
|
|
+ A SIGHUP to the server will cause it to reload the configuration file.
|
|
+ A SIGUSR1 to the server causes it to reopen its log files.
|
|
- 4.32
|
|
+ New service-level "libwrap" option for run-time control whether
|
|
/etc/hosts.allow and /etc/hosts.deny are used for access control.
|
|
Disabling libwrap significantly increases performance of stunnel.
|
|
- 4.33
|
|
+ Fixes to inetd mode
|
|
|
|
For more details please see upstream's ChangeLog.
|
|
|
|
* Init script now provides reload and reopen-log options (Closes: #323171).
|
|
* The logrotate config file now takes advantage of reopen-log option.
|
|
* Update config.{build,sub} on build. Closes: #535719.
|
|
* Add missing ${misc:Depends} entry to debian/control.
|
|
* Update copyright years.
|
|
* Update to Standards-Version: 3.9.1
|
|
- stunnel4 no longer Conflicts: stunnel, but merely Breaks: stunnel.
|
|
* Update packaging to source format 3.0 (quilt).
|
|
|
|
-- Luis Rodrigo Gallardo Cruz <rodrigo@debian.org> Fri, 27 Aug 2010 16:58:44 -0700
|
|
|
|
stunnel4 (3:4.29-1) unstable; urgency=low
|
|
|
|
* New upstream version (Closes: #559270).
|
|
- sessiond, a high performance SSL session cache was built for stunnel.
|
|
A new service-level "sessiond" option was added. sessiond is
|
|
available for download on ftp://stunnel.mirt.net/stunnel/sessiond/ .
|
|
stunnel clusters will be a lot faster, now!
|
|
- Transparent proxy support on Linux kernels >=2.6.28.
|
|
See the manual for details.
|
|
The old transproxy.txt file is no longer provided.
|
|
- New socket options to control TCP keepalive on Linux:
|
|
TCP_KEEPCNT, TCP_KEEPIDLE, TCP_KEEPINTVL.
|
|
- SSL options updated for the recent version of OpenSSL library.
|
|
- Bugfixes
|
|
+ Missing "fips" option was added to the manual.
|
|
+ A serious bug in asynchronous shutdown code fixed.
|
|
+ Data alignment updated in libwrap.c.
|
|
+ Polish manual encoding fixed. Debian's patch for this removed.
|
|
+ Notes on compression implementation in OpenSSL added to the manual.
|
|
|
|
* Use correct owner:group for logs after rotation. (Closes: #529481).
|
|
Thanks Brian 'morlenxus' Miculcy <morlenxus@gmx.net>
|
|
* Use copytruncate in logrotate file, instead of restarting the
|
|
daemon (Closes: #535915).
|
|
Thanks Andrew Buckeridge <andrewb@bgc.com.au>
|
|
* Bump Standards-Version to 3.8.3. No changes required.
|
|
* Do not specify path to true in postinst script.
|
|
|
|
-- Luis Rodrigo Gallardo Cruz <rodrigo@debian.org> Tue, 08 Dec 2009 19:34:21 -0800
|
|
|
|
stunnel4 (3:4.27-1) unstable; urgency=low
|
|
|
|
* New upstream release.
|
|
- Remove debian/patches/security-check_certificate, now included upstream.
|
|
Fixes: CVE-2008-2420
|
|
- Libwrap helper processes fixed to close standard
|
|
input/output/error file descriptors. (Closes: #482379)
|
|
* Rebase quilt patches to not require -p0. (Closes: #484966)
|
|
* Fix sample configuration file to use ssl cert from /etc/ssl/certs
|
|
(Closes: #460953).
|
|
* Warn if automatic startup is disabled in /etc/default/stunnel4
|
|
(Closes: #475599).
|
|
* Use invoke-rc.d in ppp start/stop scripts.
|
|
* Standards-Version: 3.8.1.
|
|
- Add README.source documenting use of quilt.
|
|
* Bump to debhelper 7
|
|
- Remove unused old option from dh_mkshlibs call
|
|
* Declare the polish pod's encoding and use unicode when converting it
|
|
to a manpage.
|
|
* Dummy upgrade package is priority: extra
|
|
|
|
-- Luis Rodrigo Gallardo Cruz <rodrigo@debian.org> Fri, 24 Apr 2009 19:56:05 -0700
|
|
|
|
stunnel4 (3:4.22-2) unstable; urgency=low
|
|
|
|
* Check if a daemon is already running before trying to start it with the
|
|
same configuration file. Thanks Peter Palfrader <weasel@debian.org> for
|
|
the report (Closes: #506091).
|
|
|
|
-- Luis Rodrigo Gallardo Cruz <rodrigo@debian.org> Tue, 18 Nov 2008 13:52:42 +0100
|
|
|
|
stunnel4 (3:4.22-1.1) unstable; urgency=high
|
|
|
|
* Non-maintainer upload by the security team
|
|
* Fix security bug in the OCSP functionality that allowed revoked
|
|
certificates to authenticate (Closes: #482644)
|
|
Fixes: CVE-2008-2420
|
|
|
|
-- Steffen Joeris <white@debian.org> Tue, 27 May 2008 18:28:56 +0200
|
|
|
|
stunnel4 (3:4.22-1) unstable; urgency=low
|
|
|
|
* New upstream release.
|
|
- Build system now uses standard automake dirs.
|
|
- Reworked logging system avoids outputting before log file is configured
|
|
(Closes: #460019).
|
|
- Simultaneous logging to a file and the syslog is now possible.
|
|
- A new service level option to control stack size:
|
|
stack = <number of bytes>
|
|
- Bugfixes in libwrap support code.
|
|
* debian/patches/setuid.patch: Removed, it's included upstream.
|
|
* debian/patches/fix-paths: Reworked to use automake's standard dirs.
|
|
* Rebase the rest of the patches.
|
|
* Update standards-version to 3.7.3. No changes needed.
|
|
* Fix build-dependencies on -1 revisions of libssl-dev, openssl and quilt.
|
|
* Register documentation in the System/Security section.
|
|
|
|
-- Luis Rodrigo Gallardo Cruz <rodrigo@debian.org> Tue, 01 Apr 2008 11:07:56 -0600
|
|
|
|
stunnel4 (3:4.21-1) unstable; urgency=low
|
|
|
|
* New upstream release.
|
|
- Binaries moved from /usr/sbin to /usr/bin. Thus, Debian no longer
|
|
diverges in that from upstream.
|
|
- libstunnel.so migrated inside /usr/lib/stunnel.
|
|
- Preliminary FIPS 140-2 support, but this package does not include it,
|
|
as it requires static compilation.
|
|
- Miscellaneous bugfixing.
|
|
* debian/patches/no_zlib_link:
|
|
- Rebased. Only line numbering changed.
|
|
* debian/patches/libstunnel_is_private_lib:
|
|
- Removed. Included upstream.
|
|
* debian/patches/fix-paths:
|
|
- Remove hunks related to moving binaries to /usr/bin. Refresh line numbers
|
|
in the rest.
|
|
* debian/patches/rename-binary:
|
|
- Rebased. Minor changes due to changed dates in the manpage and the use of
|
|
@prefix@ in src/stunnel3.in.
|
|
* debian/patches/setuid.patch:
|
|
- Patch from upstream to allow using setuid/setgid with /etc/passwd and
|
|
/etc/group not within chrooted directory.
|
|
* debian/README.Debian:
|
|
- Add explanation about not turning FIPS mode on.
|
|
- Reword warning about binaries changing place.
|
|
* debian/rules, debian/stunnel4.manpages:
|
|
- No longer need to move the binaries.
|
|
- Upstream location for manpages changed. We still install them by hand,
|
|
anyways.
|
|
- Ship fr and pl manpages.
|
|
- Do not pass --host to configure if not cross compiling.
|
|
- Reorder target dependencies. This should avoid problems when doing
|
|
parallel builds.
|
|
* debian/control:
|
|
- Remove XS- prefix from Vcs-* fields.
|
|
- Add Homepage: field.
|
|
- Correct minor typo in dummy package's description.
|
|
- Version build dependency on quilt, since we require
|
|
/usr/share/quilt/quilt.make (Closes: #447751).
|
|
- Change my maintainer address.
|
|
|
|
-- Luis Rodrigo Gallardo Cruz <rodrigo@debian.org> Wed, 05 Dec 2007 08:09:44 -0600
|
|
|
|
stunnel4 (3:4.20-5) unstable; urgency=low
|
|
|
|
* debian/stunnel3.8:
|
|
- Remove references to unsupported -S and -V options in manpage, and
|
|
include an explicit list of tunable parameters for -O and their
|
|
default values (Closes: #440718).
|
|
- Rewrite -P argument description. It must be a file to be created, or
|
|
empty (Closes: #398012).
|
|
|
|
-- Luis Rodrigo Gallardo Cruz <rodrigo@nul-unu.com> Thu, 27 Sep 2007 11:54:53 -0500
|
|
|
|
stunnel4 (3:4.20-4) unstable; urgency=low
|
|
|
|
* Add missing names and dates of copyright attributions to
|
|
debian/copyright. Update licencing blurb to mention the new FSF's
|
|
postal address.
|
|
* Restructure README.Debian into sections.
|
|
* Remove /usr/share/lintian/overrides and /usr/sbin from
|
|
debian/dirs. Explicitly create the first if needed to install an
|
|
override file, and explicitly remove the later after moving the
|
|
binaries, in debian/rules.
|
|
* Move StunnelConf-0.1.pl into /usr/share/doc/stunnel4/contrib. Remove
|
|
it from debian/docs and explicitely install it in dh_install call.
|
|
* Patch configure (debian/patches/no_zlib_link) to avoid linking to
|
|
zlib. This library is a dependency of openssl, but not of ours.
|
|
* Rewrite changelog entries from previous version, adding mention of
|
|
modified files.
|
|
* Use make -C dir instead of cd dir; make constructs in debian/rules.
|
|
|
|
-- Luis Rodrigo Gallardo Cruz <rodrigo@nul-unu.com> Mon, 27 Aug 2007 18:11:40 -0500
|
|
|
|
stunnel4 (3:4.20-3) unstable; urgency=low
|
|
|
|
* New Maintainer (Closes: #416955).
|
|
* Manage patches to upstream source with quilt.
|
|
- fix-paths changes references to /usr/sbin.
|
|
We install binaries in /usr/bin. It also removes bogus @PREFIX@ uses
|
|
from several paths.
|
|
- rename-binary changes the name of the executable to stunnel4.
|
|
- runas-user sets the default config to run as the stunnel4 user and group.
|
|
- connect-proxy-dunbar *unapplied* patch from upstream's
|
|
site. (It does not apply to 4.07 onwards)
|
|
- openssl0.9.8-initialization *unapplied* patch. Originally meant to
|
|
close #334180, was disabled by previous maintainer without
|
|
explanation.
|
|
* Add stunnel dummy upgrade package.
|
|
- debian/control: Add package stanza.
|
|
- debian/rules: Modify to build the arch-indep package.
|
|
- debian/stunnel.NEWS: Add upgrade notice for stunnel 3 users.
|
|
* Shorten dh_* invocations in debian/rules.
|
|
- new files: stunnel4.examples, stunnel4.links, stunnel4.manpages.
|
|
* Ship upstream Changelog (Closes: #419842).
|
|
- Add ChangeLog to dh_installchangelogs call in debian/rules.
|
|
* Do not compress StunnelConf-0.1.pl (Closes: #432304).
|
|
- Add exclude entry to dh_compress call in debian/rules.
|
|
* Add watch file.
|
|
* Suggests: logcheck-database (Closes: #382099).
|
|
* Move libstunnel.so into /usr/lib/stunnel, as it is a private DSO.
|
|
- Remove lintian overrides.
|
|
- Added debian/patches/libstunnel_is_private_lib
|
|
- Remove ldconfig calls from post{inst,rm}
|
|
- Remove /usr/lib/libstunnel.so.4 link
|
|
* Use debhelper compat mode 5.
|
|
- Bump debhelper build-depends to >= 5. No other changes.
|
|
* Remove /var/lib/stunnel4 when purged, if empty (in debian/postinst).
|
|
* Remove manual call to invoke-rc.d from postinst. debhelper inserts it
|
|
automatically.
|
|
|
|
-- Luis Rodrigo Gallardo Cruz <rodrigo@nul-unu.com> Mon, 20 Aug 2007 23:18:31 -0500
|
|
|
|
stunnel4 (3:4.20-2) unstable; urgency=low
|
|
|
|
* Orphan package
|
|
|
|
-- Julien Lemoine <speedblue@debian.org> Sat, 31 Mar 2007 20:07:55 +0200
|
|
|
|
stunnel4 (3:4.20-1) unstable; urgency=low
|
|
|
|
* New upstream release
|
|
|
|
-- Julien Lemoine <speedblue@debian.org> Sat, 27 Jan 2007 21:43:19 +0100
|
|
|
|
stunnel4 (3:4.18-2) unstable; urgency=low
|
|
|
|
* Updated chroot default path in configuration file
|
|
* Added LSB section in init script
|
|
|
|
-- Julien Lemoine <speedblue@debian.org> Tue, 7 Nov 2006 20:22:04 +0100
|
|
|
|
stunnel4 (3:4.18-1) unstable; urgency=low
|
|
|
|
* New upstream release
|
|
|
|
-- Julien Lemoine <speedblue@debian.org> Wed, 27 Sep 2006 20:33:07 +0200
|
|
|
|
stunnel4 (3:4.17-2) unstable; urgency=low
|
|
|
|
* Check if pids are valid before trying to use kill
|
|
(Closes: #388379)
|
|
|
|
-- Julien Lemoine <speedblue@debian.org> Wed, 20 Sep 2006 22:04:41 +0200
|
|
|
|
stunnel4 (3:4.17-1) unstable; urgency=low
|
|
|
|
* New upstream release
|
|
|
|
-- Julien Lemoine <speedblue@debian.org> Mon, 11 Sep 2006 22:48:09 +0200
|
|
|
|
stunnel4 (3:4.16-1) unstable; urgency=low
|
|
|
|
* New upstream release
|
|
|
|
-- Julien Lemoine <speedblue@debian.org> Fri, 1 Sep 2006 22:11:10 +0200
|
|
|
|
stunnel4 (2:4.150-7) unstable; urgency=low
|
|
|
|
* Fixed a bug when pid is not given in configuration file :
|
|
init.d script was looking for /var/run/stunnel4/stunnel4.pid but
|
|
stunnel was creating /var/run/stunnel4.pid
|
|
(Closes: #384275)
|
|
* Added check during start to encourage users to fill the pid= section
|
|
of configuration file when start failed (for example if you use two
|
|
configuration files without pid= option)
|
|
|
|
-- Julien Lemoine <speedblue@debian.org> Thu, 24 Aug 2006 17:19:57 +0200
|
|
|
|
stunnel4 (2:4.150-6) unstable; urgency=low
|
|
|
|
* Updated to debian policy 3.7.2
|
|
* Fixed lintian warnings
|
|
|
|
-- Julien Lemoine <speedblue@debian.org> Tue, 22 Aug 2006 14:03:19 +0200
|
|
|
|
stunnel4 (2:4.150-5) unstable; urgency=low
|
|
|
|
* Fixed typo in postinst :
|
|
/var/lib/stunnel4/stunnel.log instead of /var/log/stunnel4/stunnel.org
|
|
(Closes: #381127)
|
|
|
|
-- Julien Lemoine <speedblue@debian.org> Wed, 2 Aug 2006 21:19:49 +0200
|
|
|
|
stunnel4 (2:4.150-4) unstable; urgency=low
|
|
|
|
* Create /var/lib/stunnel4 if it does not exist in postinst
|
|
(Closes: #377074)
|
|
|
|
-- Julien Lemoine <speedblue@debian.org> Sun, 16 Jul 2006 16:12:05 +0200
|
|
|
|
stunnel4 (2:4.150-3) unstable; urgency=low
|
|
|
|
* Fixed another problem with stunnel3 compatibility script
|
|
(call to /usr/sbin/stunnel4 instead of /usr/bin/stunnel4) and added
|
|
a check in debian/rules (Closes: #340113)
|
|
|
|
-- Julien Lemoine <speedblue@debian.org> Mon, 1 May 2006 17:58:39 +0200
|
|
|
|
stunnel4 (2:4.150-2) unstable; urgency=low
|
|
|
|
* Fixed stunnel3 compatibility script problem (infinite loop)
|
|
Thanks to "Martin Schwenke" <martin@meltin.net> for bug report.
|
|
* Added a check in debian/rules to ensure that stunnel3 compatibility script
|
|
does not contains infinite loop
|
|
|
|
-- Julien Lemoine <speedblue@debian.org> Mon, 27 Mar 2006 09:26:06 +0200
|
|
|
|
stunnel4 (2:4.150-1) unstable; urgency=low
|
|
|
|
* New upstream release
|
|
|
|
-- Julien Lemoine <speedblue@debian.org> Sun, 12 Mar 2006 21:30:08 +0100
|
|
|
|
stunnel4 (2:4.140-6) unstable; urgency=low
|
|
|
|
* Added check/creation of /var/run/stunnel4 directory in init.d script instead of
|
|
postinst in order to be FHS compliant when /var/run is cleared at startup
|
|
(note that /var/run/stunnel4 cleanup does not allow a chroot in /var/run/stunnel4)
|
|
Thanks to Jim Helm : http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=343882;msg=25
|
|
|
|
-- Julien Lemoine <speedblue@debian.org> Sun, 5 Mar 2006 18:18:58 +0100
|
|
|
|
stunnel4 (2:4.140-5) unstable; urgency=low
|
|
|
|
* Move stunnel and stunnel-dsa from /usr/sbin to /usr/bin in order to be
|
|
compliant with FHS standard. The stunnel program is interesting for
|
|
"normal" users as well as administrator.
|
|
|
|
-- Julien Lemoine <speedblue@debian.org> Sun, 19 Feb 2006 17:47:55 +0100
|
|
|
|
stunnel4 (2:4.140-4) unstable; urgency=low
|
|
|
|
* Fixed problem with default directory (/etc/stunnel for configuration
|
|
directory and /var/run/stunnel4.pid for pid file) (Closes: #343882)
|
|
|
|
-- Julien Lemoine <speedblue@debian.org> Thu, 22 Dec 2005 16:32:20 +0100
|
|
|
|
stunnel4 (2:4.140-3) unstable; urgency=low
|
|
|
|
* Default configuration file is now filled with values for usage
|
|
in a chroot environment
|
|
(if you do not want chroot or want to use vserver, you need to edit it)
|
|
(Closes: #342507)
|
|
|
|
-- Julien Lemoine <speedblue@debian.org> Sat, 17 Dec 2005 10:00:40 +0100
|
|
|
|
stunnel4 (2:4.140-2) unstable; urgency=low
|
|
|
|
* Fixed stunnel3 compatibility script
|
|
(wrong binary : stunnel instead of stunnel4)
|
|
(Closes: #340113)
|
|
|
|
-- Julien Lemoine <speedblue@debian.org> Mon, 21 Nov 2005 07:57:02 +0100
|
|
|
|
stunnel4 (2:4.140-1) unstable; urgency=low
|
|
|
|
* New upstream release
|
|
|
|
-- Julien Lemoine <speedblue@debian.org> Wed, 2 Nov 2005 22:01:52 +0100
|
|
|
|
stunnel4 (2:4.120-1) unstable; urgency=low
|
|
|
|
* New upstream release
|
|
* Applied patch from Kurt Roeckx <kurt@roeckx.be> to fix initialization
|
|
problem with openssl 0.9.8 (Closes: #334180)
|
|
|
|
-- Julien Lemoine <speedblue@debian.org> Wed, 26 Oct 2005 17:53:55 +0200
|
|
|
|
stunnel4 (2:4.110-2) unstable; urgency=low
|
|
|
|
* Rebuild with openssl 0.9.8
|
|
|
|
-- Julien Lemoine <speedblue@debian.org> Mon, 10 Oct 2005 19:41:33 +0200
|
|
|
|
stunnel4 (2:4.110-1) unstable; urgency=low
|
|
|
|
* New upstream release
|
|
* Updated to Standards-Version 3.6.2
|
|
|
|
-- Julien Lemoine <speedblue@debian.org> Sun, 24 Jul 2005 11:21:14 +0200
|
|
|
|
stunnel4 (2:4.090-1) unstable; urgency=low
|
|
|
|
* New upstream release
|
|
* include better stunnel3 compatibility script from upstream, options
|
|
like -cd can now be use instead of -c -d ...
|
|
(closes: #305259)
|
|
* Added depends on perl-modules to allow use of stunnel3 compatibility script
|
|
|
|
-- Julien Lemoine <speedblue@debian.org> Wed, 20 Apr 2005 21:07:50 +0200
|
|
|
|
stunnel4 (2:4.070-5) unstable; urgency=low
|
|
|
|
* Renamed stunnel3 compatibility script (/usr/sbin/stunnel) to be compatible
|
|
with stunnel package
|
|
* Added conflict with stunnel package (compatible, does not break user
|
|
configuration) since stunnel 4.x is more actively maintained
|
|
than stunnel 3.x
|
|
|
|
-- Julien Lemoine <speedblue@debian.org> Tue, 29 Mar 2005 22:16:43 +0200
|
|
|
|
stunnel4 (2:4.070-4) unstable; urgency=low
|
|
|
|
* Add an option (PPP_RESTART) in /etc/default/stunnel4 to enable/disable
|
|
restart scripts (closes: #298352)
|
|
|
|
-- Julien Lemoine <speedblue@debian.org> Mon, 7 Mar 2005 22:47:27 +0100
|
|
|
|
stunnel4 (2:4.070-3) unstable; urgency=low
|
|
|
|
* Do not remove user and group if there already exist in postinst
|
|
script (Closes: #290374)
|
|
|
|
-- Julien Lemoine <speedblue@debian.org> Mon, 17 Jan 2005 23:33:56 +0100
|
|
|
|
stunnel4 (2:4.070-2) unstable; urgency=low
|
|
|
|
* Fixed directory problem :
|
|
- confdir was /usr/etc/stunnel instead of /etc/stunnel (Closes: #289832)
|
|
- zlib compression was unable to start since /etc/stunnel/stunnel.conf
|
|
was not read (Closes: #289872)
|
|
|
|
-- Julien Lemoine <speedblue@debian.org> Tue, 11 Jan 2005 19:56:59 +0100
|
|
|
|
stunnel4 (2:4.070-1) unstable; urgency=low
|
|
|
|
* New upstream release : Add IPV6 support
|
|
* Disable proxy-connect patch (does not apply on 4.07 sources)
|
|
|
|
-- Julien Lemoine <speedblue@debian.org> Thu, 6 Jan 2005 07:23:48 +0100
|
|
|
|
stunnel4 (2:4.050-4) unstable; urgency=low
|
|
|
|
* Restart connection instead of stop when ppp is down. It is possible to
|
|
use stunnel for eth interfaces. (Closes: 271006)
|
|
|
|
-- Julien Lemoine <speedblue@debian.org> Sun, 26 Sep 2004 18:12:36 +0200
|
|
|
|
stunnel4 (2:4.050-3) unstable; urgency=low
|
|
|
|
* Added proxy-connect patch (Closes: #267533)
|
|
* Create directory /var/log/stunnel in postinst (Closes: #267093)
|
|
* Create user and group stunnel4 (Closes: #266339)
|
|
* Uncomment some line in default configuration file :
|
|
o Use /var/log/stunnel4/stunnel.log as default log file
|
|
o Use stunnel4 user and group as default
|
|
o Use /var/run/stunnel4/stunnel.pid as default pid file
|
|
|
|
-- Julien Lemoine <speedblue@debian.org> Wed, 1 Sep 2004 22:19:28 +0200
|
|
|
|
stunnel4 (2:4.050-2) unstable; urgency=low
|
|
|
|
* Fixed stopping problem in init.d script (Closes: #265449)
|
|
Thanks to Wilfried Goesgens <willi@almado.de>
|
|
* Added stunnel4 in logrotate (Closes: #265437)
|
|
Thanks to Wilfried Goesgens <willi@almado.de>
|
|
|
|
-- Julien Lemoine <speedblue@debian.org> Fri, 13 Aug 2004 21:42:23 +0200
|
|
|
|
stunnel4 (2:4.050-1) unstable; urgency=low
|
|
|
|
* By default, store pidfile in /var/run/stunnel4/stunnel.pid with
|
|
/var/run/stunnel4 owned by nobody:nogroup
|
|
* Oops, stunnel4 was a debian native package
|
|
|
|
-- Julien Lemoine <speedblue@debian.org> Mon, 7 Jun 2004 21:23:37 +0200
|
|
|
|
stunnel4 (2:4.05-1) unstable; urgency=low
|
|
|
|
* New upstream release
|
|
|
|
-- Julien Lemoine <speedblue@debian.org> Wed, 7 Apr 2004 22:08:42 +0200
|
|
|
|
stunnel4 (2:4.04.0-10) unstable; urgency=low
|
|
|
|
* Shut down stunnel4 in postinst (Closes: #234498)
|
|
|
|
-- Julien Lemoine <speedblue@debian.org> Tue, 24 Feb 2004 21:50:03 +0100
|
|
|
|
stunnel4 (2:4.04.0-9) unstable; urgency=low
|
|
|
|
* Added configuration script from "Sergio Rua" <srua@debian.org>
|
|
|
|
-- Julien Lemoine <speedblue@debian.org> Sun, 22 Feb 2004 23:26:38 +0100
|
|
|
|
stunnel4 (2:4.04.0-8) unstable; urgency=low
|
|
|
|
* Added ppp ip-up and ip-down scripts
|
|
(Closes: #227678)
|
|
|
|
-- Julien Lemoine <speedblue@debian.org> Sun, 22 Feb 2004 22:52:31 +0100
|
|
|
|
stunnel4 (2:4.04.0-7) unstable; urgency=low
|
|
|
|
* Fix problem in init.d script (was not sh compatible)
|
|
(Closes: #214818, #214823)
|
|
|
|
-- Julien Lemoine <speedblue@debian.org> Fri, 10 Oct 2003 00:47:57 +0200
|
|
|
|
stunnel4 (2:4.04.0-6) unstable; urgency=low
|
|
|
|
* Rewrite of /etc/init.d/stunnel4 :
|
|
o does not use kill -9, thus giving a chance to stunnel4 to clean up
|
|
puts common code in functions
|
|
o avoids calling ps twice
|
|
o uses fgrep
|
|
o does not print the conf file name if no processes exist for it
|
|
o corrects the `stoped' typo
|
|
Thanks to Francesco Potorti` <pot@gnu.org> (Closes: #214562)
|
|
|
|
-- Julien Lemoine <speedblue@debian.org> Tue, 7 Oct 2003 16:37:12 +0200
|
|
|
|
stunnel4 (2:4.04.0-5) unstable; urgency=low
|
|
|
|
* /etc/init.d/stunnel4 can load more than one configuration file.
|
|
It loads /etc/stunnel/*.conf. You can have a configuration file for
|
|
server mode and one for client mode. (Closes: #211870)
|
|
|
|
-- Julien Lemoine <speedblue@debian.org> Thu, 25 Sep 2003 18:05:01 +0200
|
|
|
|
stunnel4 (2:4.04.0-4) unstable; urgency=low
|
|
|
|
* Put stunnel.html in /usr/share/doc/stunnel4/ instead of
|
|
/usr/share/doc/stunnel
|
|
* Updated to Standards-Version 3.6.1
|
|
|
|
-- Julien Lemoine <speedblue@debian.org> Thu, 4 Sep 2003 13:39:51 +0200
|
|
|
|
stunnel4 (2:4.04.0-3) unstable; urgency=low
|
|
|
|
* Fixed wrong path search for stunnel.conf
|
|
(Closes: Bug#202931)
|
|
|
|
-- Julien Lemoine <speedblue@debian.org> Sat, 26 Jul 2003 11:00:46 +0200
|
|
|
|
stunnel4 (2:4.04.0-2) unstable; urgency=low
|
|
|
|
* Fixed stunnel.conf problems, file must be commented by default.
|
|
(Closes: #202693)
|
|
|
|
-- Julien Lemoine <speedblue@debian.org> Fri, 25 Jul 2003 11:38:47 +0200
|
|
|
|
stunnel4 (2:4.04.0-1) unstable; urgency=low
|
|
|
|
* Oops, stunnel4 is not a native package -> reupload it with a diff.gz
|
|
* Does not install stunnel.so since it is not used
|
|
* Updated clean rules to have a clean diff
|
|
* Updated to Standards-Version 3.6.0
|
|
|
|
-- Julien Lemoine <speedblue@debian.org> Sat, 19 Jul 2003 20:12:51 +0200
|
|
|
|
stunnel4 (2:4.04-2) unstable; urgency=low
|
|
|
|
* Fixed compilation errors (removed binary in clean rule)
|
|
* removed libstunnel.so since it is not used
|
|
|
|
-- Julien Lemoine <speedblue@debian.org> Sun, 13 Jul 2003 02:45:05 +0200
|
|
|
|
stunnel4 (2:4.04-1) unstable; urgency=low
|
|
|
|
* Stunnel versions 4.x are now in stunnel4 package and stunnel versions 3.x
|
|
are in stunnel package to keep backward compatibility.
|
|
|
|
-- Julien Lemoine <speedblue@debian.org> Fri, 4 Jul 2003 18:24:21 +0200
|
|
|
|
stunnel (4.04-5) unstable; urgency=low
|
|
|
|
* The "I need to sleep more to avoid making typos" release.
|
|
* Fixed typos in default/init file (ENABLED instead of ENABLE)
|
|
(Closes: #197958)
|
|
* Commented all stunnel.conf file, client=no is the default value
|
|
(Closes: #197961)
|
|
|
|
-- Julien Lemoine <speedblue@debian.org> Thu, 19 Jun 2003 00:40:28 +0200
|
|
|
|
stunnel (4.04-4) unstable; urgency=low
|
|
|
|
* Added /etc/default/stunnel with a variable ENABLE.
|
|
ENABLE=0 by default since stunnel segv on some computer when all lines
|
|
are commented (Closes: #197663, #197615)
|
|
|
|
-- Julien Lemoine <speedblue@debian.org> Mon, 16 Jun 2003 22:04:17 +0200
|
|
|
|
stunnel (4.04-3) unstable; urgency=low
|
|
|
|
* comment ldap sample (Closes: #197566)
|
|
|
|
-- Julien Lemoine <speedblue@debian.org> Mon, 9 Jun 2003 15:03:41 +0200
|
|
|
|
stunnel (4.04-2) unstable; urgency=low
|
|
|
|
* Fixed typo in init.d script (Closes: #197499)
|
|
* Added a commented example in stunnel.conf from Craig Sanders
|
|
|
|
-- Julien Lemoine <speedblue@debian.org> Sun, 15 Jun 2003 18:06:07 +0200
|
|
|
|
stunnel (4.04-1) unstable; urgency=low
|
|
|
|
* New upstream release (Closes: #177532, Closes: 188137)
|
|
* New maintainer
|
|
* Stunnel has no more -L option (Closes: #120265)
|
|
* Stunnel has no more -l option (Closes: #175844)
|
|
* Shutdown(1) problem was fixed (Closes: #111125)
|
|
* Problem with large data resolved (tested with a 5Mo file)
|
|
(Closes: #112287)
|
|
* Licence is now GPL version 2 with agreement to link with openssl
|
|
(Closes: #147665)
|
|
* stunnel can execute command (Closes: #147537)
|
|
* added a lintian overwrite for libstunnel.so since it is compiled with
|
|
-avoid-version
|
|
* Fixed problem with path (/etc/ instead of $(prefix)/etc, ...)
|
|
* Include default configuration file in /etc
|
|
* Upgraded to debian policy 3.5.10
|
|
* Added init.d file
|
|
|
|
-- Julien Lemoine <speedblue@debian.org> Sat, 24 May 2003 02:30:20 +0200
|
|
|
|
stunnel (3.22-1) unstable; urgency=high
|
|
|
|
* New upstream release (closes: bug#126627).
|
|
* Typo fix in postinst (closes: bug#120199, bug#121904)
|
|
|
|
-- Paolo Molaro <lupus@debian.org> Sun, 30 Dec 2001 10:31:46 +0100
|
|
|
|
stunnel (3.21.c-1) unstable; urgency=low
|
|
|
|
* New upstream release (Closes: bug#111139, bug#102834, bug#61427).
|
|
* Avoid generating automatically the initial stunnel.pem, openssl cannot be
|
|
reliably used in a non-interactive way (Closes: bug#60776, bug#98445). Info
|
|
on how to generate the certificate is now included in README.Debian.
|
|
* There is support for (re)setting OOB data handling in the new upstream
|
|
version (Closes: bug#107503).
|
|
* Include the sample /etc/iniy.d/stunnel file as an example in the package
|
|
(Closes: bug#114669).
|
|
|
|
-- Paolo Molaro <lupus@debian.org> Sat, 17 Nov 2001 12:31:04 +0100
|
|
|
|
stunnel (3.14-1) unstable; urgency=low
|
|
|
|
* New upstream release
|
|
* Actually compile it against the new libssl (Closes: #86916).
|
|
|
|
-- Paolo Molaro <lupus@debian.org> Fri, 23 Feb 2001 18:57:18 +0100
|
|
|
|
stunnel (3.13-1) unstable; urgency=low
|
|
|
|
* New upstream release.
|
|
* Recompile with and depend on libssl096 (Closes: #85000, #86385, #83857, #82500).
|
|
* Already fixed in previous aborted upload (Closes: #82105, #77227, #80079, #76576).
|
|
|
|
-- Paolo Molaro <lupus@debian.org> Sun, 18 Feb 2001 21:30:50 +0100
|
|
|
|
stunnel (3.10-1) unstable; urgency=high
|
|
|
|
* New upstream release.
|
|
|
|
-- Paolo Molaro <lupus@debian.org> Wed, 20 Dec 2000 15:14:08 +0100
|
|
|
|
stunnel (3.10-0potato1) stable; urgency=high
|
|
|
|
* New upstream release.
|
|
|
|
-- Paolo Molaro <lupus@debian.org> Wed, 20 Dec 2000 13:07:35 +0100
|
|
|
|
stunnel (3.9-0potato1) stable; urgency=high
|
|
|
|
* New upstream release: security fix (Closes: #80079, #76576).
|
|
* Use correct dir for pid (Closes: #77227).
|
|
|
|
-- Paolo Molaro <lupus@debian.org> Wed, 20 Dec 2000 11:24:18 +0100
|
|
|
|
stunnel (3.8-1) unstable; urgency=low
|
|
|
|
* New upstream version (Closes: #75117, #67010).
|
|
* Read 1k of random data in a temp file (Closes: #69808).
|
|
* Added a note in postrm about the stunnel.pem file that
|
|
is left in /etc/ssl/certs: it is safer if the user deals with
|
|
it since it may have been create by him and not stunnel (Closes: #57648).
|
|
|
|
-- Paolo Molaro <lupus@debian.org> Wed, 5 Jul 2000 16:43:07 +0000
|
|
|
|
stunnel (3.4a-6) unstable; urgency=low
|
|
|
|
* Depends on openssl 0.9.4 (closes: bug#53947).
|
|
|
|
-- Paolo Molaro <lupus@debian.org> Tue, 4 Jan 2000 12:37:24 +0100
|
|
|
|
stunnel (3.4a-5) unstable; urgency=medium
|
|
|
|
* Include upstream download info in copyright (closes: bug#53301).
|
|
* Include example from Steve Haslam to make stunnel run from a
|
|
init script (closes: bug#53300).
|
|
|
|
-- Paolo Molaro <lupus@debian.org> Thu, 23 Dec 1999 16:49:38 +0100
|
|
|
|
stunnel (3.4a-4) unstable; urgency=medium
|
|
|
|
* Depends on openssl instead of Suggests (Closes: bug#49238).
|
|
|
|
-- Paolo Molaro <lupus@debian.org> Sat, 13 Nov 1999 12:44:35 +0100
|
|
|
|
stunnel (3.4a-3) unstable; urgency=high
|
|
|
|
* Fixes security problem with the certificate.
|
|
|
|
-- Paolo Molaro <lupus@debian.org> Thu, 4 Nov 1999 17:33:52 +0100
|
|
|
|
stunnel (3.4a-2) unstable; urgency=low
|
|
|
|
* Suggest openssl instead of ssleay. (Closes: bug#47712)
|
|
|
|
-- Paolo Molaro <lupus@debian.org> Wed, 27 Oct 1999 18:24:27 +0200
|
|
|
|
stunnel (3.4a-1) unstable; urgency=low
|
|
|
|
* New upstream release.
|
|
* Put cert in /etc/ssl/certs (closes:#41099). I think this is
|
|
neither an openssl nor stunnel bug, but a dpkg one (other
|
|
similar bugs are already filed against dpkg).
|
|
|
|
-- Paolo Molaro <lupus@debian.org> Thu, 22 Jul 1999 16:50:32 +0200
|
|
|
|
stunnel (3.3-1) unstable; urgency=low
|
|
|
|
* New upstream release.
|
|
|
|
-- Paolo Molaro <lupus@debian.org> Fri, 18 Jun 1999 16:43:05 +0200
|
|
|
|
stunnel (3.2-2) unstable; urgency=low
|
|
|
|
* Fixed stupid coding error.
|
|
|
|
-- Paolo Molaro <lupus@debian.org> Sat, 29 May 1999 13:01:17 +0200
|
|
|
|
stunnel (3.2-1) unstable; urgency=low
|
|
|
|
* Recompilation with new ssl lib.
|
|
* New upstream release.
|
|
|
|
-- Paolo Molaro <lupus@debian.org> Mon, 24 May 1999 12:09:58 +0200
|
|
|
|
stunnel (2.1-2) unstable; urgency=low
|
|
|
|
* Added libwrap support (/etc/hosts.{allow,deny}).
|
|
* Recompilation with newer libc6.
|
|
* Better stunnel-config script.
|
|
|
|
-- Paolo Molaro <lupus@debian.org> Fri, 11 Dec 1998 11:57:52 +0100
|
|
|
|
stunnel (2.1-1) unstable; urgency=low
|
|
|
|
* Initial release.
|
|
|
|
-- Paolo Molaro <lupus@debian.org> Mon, 30 Nov 1998 11:41:29 +0100
|
|
|