debmon
/
stunnel4
1
0
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity
stunnel4/debian/changelog

940 lines
35 KiB
Plaintext
Raw Blame History

stunnel4 (3:4.57) UNRELEASED; urgency=medium
* Bump
-- Mario Fetka <mario.fetka@gmail.com> Tue, 28 Mar 2017 10:19:14 +0200
stunnel4 (3:4.53-1.1) unstable; urgency=high
* Non-maintainer upload.
* Add CVE-2013-1762.patch patch.
CVE-2013-1762: Fix buffer overflow in NTLM authentication of the CONNECT
protocol negotiation. (Closes: #702267)
-- Salvatore Bonaccorso <carnil@debian.org> Mon, 22 Apr 2013 19:47:34 +0200
stunnel4 (3:4.53-1) unstable; urgency=low
* New upstream version 4.53.
- Added client-mode "sni" option to directly control the value of
TLS Server Name Indication (RFC 3546) extension (Closes: #668041).
- Added support for IP_FREEBIND socket option with a pached Linux kernel.
- Glibc-specific dynamic allocation tuning was applied to help unused memory
deallocation.
- Non-blocking OCSP implementation.
- Various other bugfixes, see upstream changelog for details.
* Enabled hardening compile flags. There were NO compile time warning messages
or errors triggered because of this.
* Updated to Standards-Version 3.9.3. No changes required.
- Migrating to /run from /var/run will be a hard problem, because we expect
user written config files to refer to the directory. We'll punt on making
this change for now.
* Updated copyright years to 2012.
* Added Description: LSB header to init script.
-- Luis Rodrigo Gallardo Cruz <rodrigo@debian.org> Sun, 03 Jun 2012 11:34:36 -0700
stunnel4 (3:4.52-1) unstable; urgency=low
* New upstream version 4.52.
* Do not enable chroot in sample config file. It is misleading to users, it
suggests it can be used with no further changes. Closes: #652812
* Remove log files on purge. Closes: #657135
-- Luis Rodrigo Gallardo Cruz <rodrigo@debian.org> Sun, 12 Feb 2012 12:06:37 -0800
stunnel4 (3:4.51~b5-1) experimental; urgency=low
* New upstream version
- Fixed exec+connect sections (Closes: #653882).
- New "compression = deflate" global option to enable RFC 2246 compression.
For compatibility with previous versions "compression = zlib" and
"compression = rle" also enable the deflate (RFC 2246) compression.
- Separate default ciphers and sslVersion for "fips = yes" and "fips = no".
-- Luis Rodrigo Gallardo Cruz <rodrigo@debian.org> Wed, 04 Jan 2012 11:24:58 -0800
stunnel4 (3:4.50-1) unstable; urgency=low
* New Upstream Releases. Highlights:
+ 4.46:
- Added Unix socket support (e.g. "connect = /var/run/stunnel/socket").
- Added "verify = 4" mode to ignore CA chain and only verify peer
certificate.
- Removed the limit of 16 IP addresses for a single 'connect' option.
- Removed the limit of 256 stunnel.conf sections in PTHREAD threading
model.
+ 4.45:
- "protocol = proxy" support to send original client IP address to haproxy
http://haproxy.1wt.eu/download/1.5/doc/proxy-protocol.txt
This requires accept-proxy bind option of haproxy 1.5-dev3 or later.
- Libwrap helper processes are no longer started if libwrap is disabled
in all sections of the configuration file.
- Fixed -l option handling in stunnel3 script (thx to Kai Gülzau).
- Script to build default stunnel.pem was fixed (thx to Sebastian Kayser).
+ 4.44:
- Heap buffer overflow protection with canaries.
- Stack buffer overflow protection with -fstack-protector.
- Fixed garbled error messages on errors with setuid/setgid options.
+ 4.43:
- Major optimization of the logging subsystem.
Benchmarks indicate up to 15% stunnel performance improvement.
* Remove config.guess and config.sub in clean target, otherwise build fails
because of changes in source outside of a patch. Found and fixed by
Peter Eisentraut <petere@debian.org> (Closes: #647176).
* Updated watchfile to new upstream's directory structure for archived
releases.
-- Luis Rodrigo Gallardo Cruz <rodrigo@debian.org> Thu, 29 Dec 2011 06:39:09 -0800
stunnel4 (3:4.42-1) unstable; urgency=low
* New Upstream Release.
- Fixed a heap corruption vulnerability in versions 4.40 and 4.41. It may
possibly be leveraged to perform DoS or remote code execution attacks.
(Closes: #638758)
- New verify level 0 to request and ignore peer certificate.
-- Luis Rodrigo Gallardo Cruz <rodrigo@debian.org> Sat, 27 Aug 2011 08:34:43 -0700
stunnel4 (3:4.40-1) unstable; urgency=low
* New Upstream Release:
- Hardcoded 2048-bit DH parameters are used as a fallback if DH parameters
are not provided in stunnel.pem.
- Default "ciphers" value updated to prefer ECDH:
"ALL:!SSLv2:!aNULL:!EXP:!LOW:-MEDIUM:RC4:+HIGH".
- Default ECDH curve updated to "prime256v1".
- Removed support for temporary RSA keys (used in obsolete export ciphers).
-- Luis Rodrigo Gallardo Cruz <rodrigo@debian.org> Sun, 24 Jul 2011 11:06:57 -0700
stunnel4 (3:4.39-1) unstable; urgency=low
* New Upstream Releases. Highlights:
+ 4.38:
- Server-side SNI implemented (RFC 3546 section 3.1) with a new
service-level option "nsi".
- "socket" option also accepts "yes" and "no" for flags.
- Nagle's algorithm is now disabled by default for improved interactivity.
- Bugfix: Signal pipe set to non-blocking mode. This bug caused
hangs of stunnel features based on signals, e.g. local mode, FORK
threading, or configuration file reload on Unix. Win32 platform was
not affected.
+ 4.37:
- Client-side SNI implemented (RFC 3546 section 3.1).
- Default "ciphers" changed from the OpenSSL default to a more secure
and faster "RC4-MD5:HIGH:!aNULL:!SSLv2".
A paranoid (and usually slower) setting would be "HIGH:!aNULL:!SSLv2".
- Recommended "options = NO_SSLv2" added to the sample stunnel.conf file.
- Default client method upgraded from SSLv3 to TLSv1.
To connect servers without TLS support use "sslVersion = SSLv3" option.
- Bugfix: Non-blocking socket handling in local mode fixed
(Closes: #626856).
+ 4.36:
- Dynamic memory management for strings manipulation:
no more static STRLEN limit, lower stack footprint. (Closes: #594876).
- Strict public key comparison added for "verify = 3" certificate
checking mode (thx to Philipp Hartwig).
For more details see upstream ChangeLog.
* Removed /usr/lib/stunnel/libstunnel.la file.
* Support restarting selected stunnel instances. Thanks Peter Palfrader.
(Closes: #627765).
-- Luis Rodrigo Gallardo Cruz <rodrigo@debian.org> Thu, 21 Jul 2011 15:46:25 -0700
stunnel4 (3:4.35-2) unstable; urgency=low
* Fix variable substitution in init script (Closes: #623221).
Thanks Tomas Kapralek <kapralek@cvut.cz> for report and diagnosis.
-- Luis Rodrigo Gallardo Cruz <rodrigo@debian.org> Mon, 18 Apr 2011 20:46:01 -0700
stunnel4 (3:4.35-1) unstable; urgency=low
* New Upstream Releases (Closes: #621987).
* Upstream incorporated our init script, so this package no longer carries
its own copy of it.
* Bump Standards-Version to 3.9.2. No changes needed.
* Remove /etc/stunnel/stunnel4.conf file as it is useless, except as a sample.
A README file for /etc/stunnel was provided (Closes: #549384).
* Minor cleanup of debian/rules, no longer runs configure twice.
-- Luis Rodrigo Gallardo Cruz <rodrigo@debian.org> Sun, 17 Apr 2011 22:04:53 -0700
stunnel4 (3:4.33-1) experimental; urgency=low
* New Upstream Releases
- 4.31
+ A SIGHUP to the server will cause it to reload the configuration file.
+ A SIGUSR1 to the server causes it to reopen its log files.
- 4.32
+ New service-level "libwrap" option for run-time control whether
/etc/hosts.allow and /etc/hosts.deny are used for access control.
Disabling libwrap significantly increases performance of stunnel.
- 4.33
+ Fixes to inetd mode
For more details please see upstream's ChangeLog.
* Init script now provides reload and reopen-log options (Closes: #323171).
* The logrotate config file now takes advantage of reopen-log option.
* Update config.{build,sub} on build. Closes: #535719.
* Add missing ${misc:Depends} entry to debian/control.
* Update copyright years.
* Update to Standards-Version: 3.9.1
- stunnel4 no longer Conflicts: stunnel, but merely Breaks: stunnel.
* Update packaging to source format 3.0 (quilt).
-- Luis Rodrigo Gallardo Cruz <rodrigo@debian.org> Fri, 27 Aug 2010 16:58:44 -0700
stunnel4 (3:4.29-1) unstable; urgency=low
* New upstream version (Closes: #559270).
- sessiond, a high performance SSL session cache was built for stunnel.
A new service-level "sessiond" option was added. sessiond is
available for download on ftp://stunnel.mirt.net/stunnel/sessiond/ .
stunnel clusters will be a lot faster, now!
- Transparent proxy support on Linux kernels >=2.6.28.
See the manual for details.
The old transproxy.txt file is no longer provided.
- New socket options to control TCP keepalive on Linux:
TCP_KEEPCNT, TCP_KEEPIDLE, TCP_KEEPINTVL.
- SSL options updated for the recent version of OpenSSL library.
- Bugfixes
+ Missing "fips" option was added to the manual.
+ A serious bug in asynchronous shutdown code fixed.
+ Data alignment updated in libwrap.c.
+ Polish manual encoding fixed. Debian's patch for this removed.
+ Notes on compression implementation in OpenSSL added to the manual.
* Use correct owner:group for logs after rotation. (Closes: #529481).
Thanks Brian 'morlenxus' Miculcy <morlenxus@gmx.net>
* Use copytruncate in logrotate file, instead of restarting the
daemon (Closes: #535915).
Thanks Andrew Buckeridge <andrewb@bgc.com.au>
* Bump Standards-Version to 3.8.3. No changes required.
* Do not specify path to true in postinst script.
-- Luis Rodrigo Gallardo Cruz <rodrigo@debian.org> Tue, 08 Dec 2009 19:34:21 -0800
stunnel4 (3:4.27-1) unstable; urgency=low
* New upstream release.
- Remove debian/patches/security-check_certificate, now included upstream.
Fixes: CVE-2008-2420
- Libwrap helper processes fixed to close standard
input/output/error file descriptors. (Closes: #482379)
* Rebase quilt patches to not require -p0. (Closes: #484966)
* Fix sample configuration file to use ssl cert from /etc/ssl/certs
(Closes: #460953).
* Warn if automatic startup is disabled in /etc/default/stunnel4
(Closes: #475599).
* Use invoke-rc.d in ppp start/stop scripts.
* Standards-Version: 3.8.1.
- Add README.source documenting use of quilt.
* Bump to debhelper 7
- Remove unused old option from dh_mkshlibs call
* Declare the polish pod's encoding and use unicode when converting it
to a manpage.
* Dummy upgrade package is priority: extra
-- Luis Rodrigo Gallardo Cruz <rodrigo@debian.org> Fri, 24 Apr 2009 19:56:05 -0700
stunnel4 (3:4.22-2) unstable; urgency=low
* Check if a daemon is already running before trying to start it with the
same configuration file. Thanks Peter Palfrader <weasel@debian.org> for
the report (Closes: #506091).
-- Luis Rodrigo Gallardo Cruz <rodrigo@debian.org> Tue, 18 Nov 2008 13:52:42 +0100
stunnel4 (3:4.22-1.1) unstable; urgency=high
* Non-maintainer upload by the security team
* Fix security bug in the OCSP functionality that allowed revoked
certificates to authenticate (Closes: #482644)
Fixes: CVE-2008-2420
-- Steffen Joeris <white@debian.org> Tue, 27 May 2008 18:28:56 +0200
stunnel4 (3:4.22-1) unstable; urgency=low
* New upstream release.
- Build system now uses standard automake dirs.
- Reworked logging system avoids outputing before log file is configured
(Closes: #460019).
- Simultaneous logging to a file and the syslog is now possible.
- A new service level option to control stack size:
stack = <number of bytes>
- Bugfixes in libwrap support code.
* debian/patches/setuid.patch: Removed, it's included upstream.
* debian/patches/fix-paths: Reworked to use automake's standard dirs.
* Rebase the rest of the patches.
* Update standards-version to 3.7.3. No changes needed.
* Fix build-dependencies on -1 revisions of libssl-dev, openssl and quilt.
* Register documentation in the System/Security section.
-- Luis Rodrigo Gallardo Cruz <rodrigo@debian.org> Tue, 01 Apr 2008 11:07:56 -0600
stunnel4 (3:4.21-1) unstable; urgency=low
* New upstream release.
- Binaries moved from /usr/sbin to /usr/bin. Thus, Debian no longer
diverges in that from upstream.
- libstunnel.so migrated inside /usr/lib/stunnel.
- Preliminary FIPS 140-2 support, but this package does not include it,
as it requires static compilation.
- Miscelaneous bugfixing.
* debian/patches/no_zlib_link:
- Rebased. Only line numbering changed.
* debian/patches/libstunnel_is_private_lib:
- Removed. Included upstream.
* debian/patches/fix-paths:
- Remove hunks related to moving binaries to /usr/bin. Refresh line numbers
in the rest.
* debian/patches/rename-binary:
- Rebased. Minor changes due to changed dates in the manpage and the use of
@prefix@ in src/stunnel3.in.
* debian/patches/setuid.patch:
- Patch from upstream to allow using setuid/setgid with /etc/passwd and
/etc/group not within chrooted directory.
* debian/README.Debian:
- Add explanation about not turning FIPS mode on.
- Reword warning about binaries changing place.
* debian/rules, debian/stunnel4.manpages:
- No longer need to move the binaries.
- Upstream location for manpages changed. We still install them by hand,
anyways.
- Ship fr and pl manpages.
- Do not pass --host to configure if not cross compiling.
- Reorder target dependencies. This should avoid problems when doing
paralell builds.
* debian/control:
- Remove XS- prefix from Vcs-* fields.
- Add Homepage: field.
- Correct minor typo in dummy package's description.
- Version build dependency on quilt, since we require
/usr/share/quilt/quilt.make (Closes: #447751).
- Change my maintainer address.
-- Luis Rodrigo Gallardo Cruz <rodrigo@debian.org> Wed, 05 Dec 2007 08:09:44 -0600
stunnel4 (3:4.20-5) unstable; urgency=low
* debian/stunnel3.8:
- Remove references to unsupported -S and -V options in manpage, and
include an explicit list of tunable parameters for -O and their
default values (Closes: #440718).
- Rewrite -P argument description. It must be a file to be created, or
empty (Closes: #398012).
-- Luis Rodrigo Gallardo Cruz <rodrigo@nul-unu.com> Thu, 27 Sep 2007 11:54:53 -0500
stunnel4 (3:4.20-4) unstable; urgency=low
* Add missing names and dates of copyright attributions to
debian/copyright. Update licencing blurb to mention the new FSF's
postal address.
* Restructure README.Debian into sections.
* Remove /usr/share/lintian/overrides and /usr/sbin from
debian/dirs. Explicitely create the first if needed to install an
override file, and explicitely remove the later after moving the
binaries, in debian/rules.
* Move StunnelConf-0.1.pl into /usr/share/doc/stunnel4/contrib. Remove
it from debian/docs and explicitely install it in dh_install call.
* Patch configure (debian/patches/no_zlib_link) to avoid linking to
zlib. This library is a dependency of openssl, but not of ours.
* Rewrite changelog entries from previous version, adding mention of
modified files.
* Use make -C dir instead of cd dir; make constructs in debian/rules.
-- Luis Rodrigo Gallardo Cruz <rodrigo@nul-unu.com> Mon, 27 Aug 2007 18:11:40 -0500
stunnel4 (3:4.20-3) unstable; urgency=low
* New Maintainer (Closes: #416955).
* Manage patches to upstream source with quilt.
- fix-paths changes references to /usr/sbin.
We install binaries in /usr/bin. It also removes bogus @PREFIX@ uses
from several paths.
- rename-binary changes the name of the executable to stunnel4.
- runas-user sets the default config to run as the stunnel4 user and group.
- connect-proxy-dunbar *unapplied* patch from upstream's
site. (It does not apply to 4.07 onwards)
- openssl0.9.8-initialization *unapplied* patch. Originaly meant to
close #334180, was disabled by previous maintainer without
explanation.
* Add stunnel dummy upgrade package.
- debian/control: Add package stanza.
- debian/rules: Modify to build the arch-indep package.
- debian/stunnel.NEWS: Add upgrade notice for stunnel 3 users.
* Shorten dh_* invocations in debian/rules.
- new files: stunnel4.examples, stunnel4.links, stunnel4.manpages.
* Ship upstream Changelog (Closes: #419842).
- Add ChangeLog to dh_installchangelogs call in debian/rules.
* Do not compress StunnelConf-0.1.pl (Closes: #432304).
- Add exclude entry to dh_compress call in debian/rules.
* Add watch file.
* Suggests: logcheck-database (Closes: #382099).
* Move libstunnel.so into /usr/lib/stunnel, as it is a private DSO.
- Remove lintian overrides.
- Added debian/patches/libstunnel_is_private_lib
- Remove ldconfig calls from post{inst,rm}
- Remove /usr/lib/libstunnel.so.4 link
* Use debhelper compat mode 5.
- Bump debhelper build-depends to >= 5. No other changes.
* Remove /var/lib/stunnel4 when purged, if empty (in debian/postinst).
* Remove manual call to invoke-rc.d from postinst. debhelper inserts it
automatically.
-- Luis Rodrigo Gallardo Cruz <rodrigo@nul-unu.com> Mon, 20 Aug 2007 23:18:31 -0500
stunnel4 (3:4.20-2) unstable; urgency=low
* Orphan package
-- Julien Lemoine <speedblue@debian.org> Sat, 31 Mar 2007 20:07:55 +0200
stunnel4 (3:4.20-1) unstable; urgency=low
* New upstream release
-- Julien Lemoine <speedblue@debian.org> Sat, 27 Jan 2007 21:43:19 +0100
stunnel4 (3:4.18-2) unstable; urgency=low
* Updated chroot default path in configuration file
* Added LSB section in init script
-- Julien Lemoine <speedblue@debian.org> Tue, 7 Nov 2006 20:22:04 +0100
stunnel4 (3:4.18-1) unstable; urgency=low
* New upstream release
-- Julien Lemoine <speedblue@debian.org> Wed, 27 Sep 2006 20:33:07 +0200
stunnel4 (3:4.17-2) unstable; urgency=low
* Check if pids are valid before trying to use kill
(Closes: #388379)
-- Julien Lemoine <speedblue@debian.org> Wed, 20 Sep 2006 22:04:41 +0200
stunnel4 (3:4.17-1) unstable; urgency=low
* New upstream release
-- Julien Lemoine <speedblue@debian.org> Mon, 11 Sep 2006 22:48:09 +0200
stunnel4 (3:4.16-1) unstable; urgency=low
* New upstream release
-- Julien Lemoine <speedblue@debian.org> Fri, 1 Sep 2006 22:11:10 +0200
stunnel4 (2:4.150-7) unstable; urgency=low
* Fixed a bug when pid is not given in configuration file :
init.d script was looking for /var/run/stunnel4/stunnel4.pid but
stunnel was creating /var/run/stunnel4.pid
(Closes: #384275)
* Added check during start to encourage users to fill the pid= section
of configuration file when start failed (for example if you use two
configuration files without pid= option)
-- Julien Lemoine <speedblue@debian.org> Thu, 24 Aug 2006 17:19:57 +0200
stunnel4 (2:4.150-6) unstable; urgency=low
* Updated to debian policy 3.7.2
* Fixed lintian warnings
-- Julien Lemoine <speedblue@debian.org> Tue, 22 Aug 2006 14:03:19 +0200
stunnel4 (2:4.150-5) unstable; urgency=low
* Fixed typo in postinst :
/var/lib/stunnel4/stunnel.log instead of /var/log/stunnel4/stunnel.org
(Closes: #381127)
-- Julien Lemoine <speedblue@debian.org> Wed, 2 Aug 2006 21:19:49 +0200
stunnel4 (2:4.150-4) unstable; urgency=low
* Create /var/lib/stunnel4 if it does not exist in postinst
(Closes: #377074)
-- Julien Lemoine <speedblue@debian.org> Sun, 16 Jul 2006 16:12:05 +0200
stunnel4 (2:4.150-3) unstable; urgency=low
* Fixed another problem with stunnel3 compatibility script
(call to /usr/sbin/stunnel4 instead of /usr/bin/stunnel4) and added
a check in debian/rules (Closes: #340113)
-- Julien Lemoine <speedblue@debian.org> Mon, 1 May 2006 17:58:39 +0200
stunnel4 (2:4.150-2) unstable; urgency=low
* Fixed stunnel3 compatibility script problem (infinite loop)
Thanks to "Martin Schwenke" <martin@meltin.net> for bug report.
* Added a check in debian/rules to ensure that stunnel3 compatibility script
does not contains infinite loop
-- Julien Lemoine <speedblue@debian.org> Mon, 27 Mar 2006 09:26:06 +0200
stunnel4 (2:4.150-1) unstable; urgency=low
* New upstream release
-- Julien Lemoine <speedblue@debian.org> Sun, 12 Mar 2006 21:30:08 +0100
stunnel4 (2:4.140-6) unstable; urgency=low
* Added check/creation of /var/run/stunnel4 directory in init.d script instead of
postinst in order to be FHS compliant when /var/run is cleared at startup
(note that /var/run/stunnel4 cleanup does not allow to have a chroot
in /var/run/stunnel4)
Thanks to Jim Helm : http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=343882;msg=25
-- Julien Lemoine <speedblue@debian.org> Sun, 5 Mar 2006 18:18:58 +0100
stunnel4 (2:4.140-5) unstable; urgency=low
* Move stunnel and stunnel-dsa from /usr/sbin to /usr/bin in order to be
compliant with FHS standard. The stunnel program is interesting for
"normal" users as well as administrator.
-- Julien Lemoine <speedblue@debian.org> Sun, 19 Feb 2006 17:47:55 +0100
stunnel4 (2:4.140-4) unstable; urgency=low
* Fixed problem with default directory (/etc/stunnel for configuration
directory and /var/run/stunnel4.pid for pid file) (Closes: #343882)
-- Julien Lemoine <speedblue@debian.org> Thu, 22 Dec 2005 16:32:20 +0100
stunnel4 (2:4.140-3) unstable; urgency=low
* Default configuration file is now filled with values for usage
in a chroot environment
(if you do not want chroot or want to use vserver, you need to edit it)
(Closes: #342507)
-- Julien Lemoine <speedblue@debian.org> Sat, 17 Dec 2005 10:00:40 +0100
stunnel4 (2:4.140-2) unstable; urgency=low
* Fixed stunnel3 compatibility script
(wrong binary : stunnel instead of stunnel4)
(Closes: #340113)
-- Julien Lemoine <speedblue@debian.org> Mon, 21 Nov 2005 07:57:02 +0100
stunnel4 (2:4.140-1) unstable; urgency=low
* New upstream release
-- Julien Lemoine <speedblue@debian.org> Wed, 2 Nov 2005 22:01:52 +0100
stunnel4 (2:4.120-1) unstable; urgency=low
* New upstream release
* Applied patch from Kurt Roeckx <kurt@roeckx.be> to fix initialization
problem with openssl 0.9.8 (Closes: #334180)
-- Julien Lemoine <speedblue@debian.org> Wed, 26 Oct 2005 17:53:55 +0200
stunnel4 (2:4.110-2) unstable; urgency=low
* Rebuild with openssl 0.9.8
-- Julien Lemoine <speedblue@debian.org> Mon, 10 Oct 2005 19:41:33 +0200
stunnel4 (2:4.110-1) unstable; urgency=low
* New upstream release
* Updated to Standards-Version 3.6.2
-- Julien Lemoine <speedblue@debian.org> Sun, 24 Jul 2005 11:21:14 +0200
stunnel4 (2:4.090-1) unstable; urgency=low
* New upstream release
* include better stunnel3 compability script from upstream, options
like -cd can now be use instead of -c -d ...
(closes: #305259)
* Added depends on perl-modules to allow use of stunnel3 compatibilty script
-- Julien Lemoine <speedblue@debian.org> Wed, 20 Apr 2005 21:07:50 +0200
stunnel4 (2:4.070-5) unstable; urgency=low
* Renamed stunnel3 compatibility script (/usr/sbin/stunnel) to be compatible
with stunnel package
* Added conflict with stunnel package (compatible, does not break user
configuration) since stunnel 4.x is more actively maintained
than stunnel 3.x
-- Julien Lemoine <speedblue@debian.org> Tue, 29 Mar 2005 22:16:43 +0200
stunnel4 (2:4.070-4) unstable; urgency=low
* Add an option (PPP_RESTART) in /etc/default/stunnel4 to enable/disable
restart scripts (closes: #298352)
-- Julien Lemoine <speedblue@debian.org> Mon, 7 Mar 2005 22:47:27 +0100
stunnel4 (2:4.070-3) unstable; urgency=low
* Do not remove user and group if there already exist in postinst
script (Closes: #290374)
-- Julien Lemoine <speedblue@debian.org> Mon, 17 Jan 2005 23:33:56 +0100
stunnel4 (2:4.070-2) unstable; urgency=low
* Fixed directory problem :
- confdir was /usr/etc/stunnel instead of /etc/stunnel (Closes: #289832)
- zlib compression was unable to start since /etc/stunnel/stunnel.conf
was not read (Closes: #289872)
-- Julien Lemoine <speedblue@debian.org> Tue, 11 Jan 2005 19:56:59 +0100
stunnel4 (2:4.070-1) unstable; urgency=low
* New upstream release : Add IPV6 support
* Disable proxy-connect patch (does not apply on 4.07 sources)
-- Julien Lemoine <speedblue@debian.org> Thu, 6 Jan 2005 07:23:48 +0100
stunnel4 (2:4.050-4) unstable; urgency=low
* Restart connection instead of stop when ppp is down. It is possible to
use stunnel for eth interfaces. (Closes: 271006)
-- Julien Lemoine <speedblue@debian.org> Sun, 26 Sep 2004 18:12:36 +0200
stunnel4 (2:4.050-3) unstable; urgency=low
* Added proxy-connect patch (Closes: #267533)
* Create directory /var/log/stunnel in postinst (Closes: #267093)
* Create user and group stunnel4 (Closes: #266339)
* Uncomment some line in default configuration file :
o Use /var/log/stunnel4/stunnel.log as default log file
o Use stunnel4 user and group as default
o Use /var/run/stunnel4/stunnel.pid as default pid file
-- Julien Lemoine <speedblue@debian.org> Wed, 1 Sep 2004 22:19:28 +0200
stunnel4 (2:4.050-2) unstable; urgency=low
* Fixed stoping problem in init.d script (Closes: #265449)
Thanks to Wilfried Goesgens <willi@almado.de>
* Added stunnel4 in logrotate (Closes: #265437)
Thanks to Wilfried Goesgens <willi@almado.de>
-- Julien Lemoine <speedblue@debian.org> Fri, 13 Aug 2004 21:42:23 +0200
stunnel4 (2:4.050-1) unstable; urgency=low
* By default, store pidfile in /var/run/stunnel4/stunnel.pid with
/var/run/stunnel4 owned by nobody:nogroup
* Oops, stunnel4 was a debian native package
-- Julien Lemoine <speedblue@debian.org> Mon, 7 Jun 2004 21:23:37 +0200
stunnel4 (2:4.05-1) unstable; urgency=low
* New upstream release
-- Julien Lemoine <speedblue@debian.org> Wed, 7 Apr 2004 22:08:42 +0200
stunnel4 (2:4.04.0-10) unstable; urgency=low
* Shut down stunnel4 in postinst (Closes: #234498)
-- Julien Lemoine <speedblue@debian.org> Tue, 24 Feb 2004 21:50:03 +0100
stunnel4 (2:4.04.0-9) unstable; urgency=low
* Added configuration script from "Sergio Rua" <srua@debian.org>
-- Julien Lemoine <speedblue@debian.org> Sun, 22 Feb 2004 23:26:38 +0100
stunnel4 (2:4.04.0-8) unstable; urgency=low
* Added ppp ip-up and ip-down scripts
(Closes: #227678)
-- Julien Lemoine <speedblue@debian.org> Sun, 22 Feb 2004 22:52:31 +0100
stunnel4 (2:4.04.0-7) unstable; urgency=low
* Fix problem in init.d script (was not sh compatible)
(Closes: #214818, #214823)
-- Julien Lemoine <speedblue@debian.org> Fri, 10 Oct 2003 00:47:57 +0200
stunnel4 (2:4.04.0-6) unstable; urgency=low
* Rewrite of /etc/init.d/stunnel4 :
o does not use kill -9, thus giving a chance to stunnel4 to clean up
puts common code in functions
o avoids calling ps twice
o uses fgrep
o does not print the conf file name if no processes exist for it
o corrects the `stoped' typo
Thanks to Francesco Potorti` <pot@gnu.org> (Closes: #214562)
-- Julien Lemoine <speedblue@debian.org> Tue, 7 Oct 2003 16:37:12 +0200
stunnel4 (2:4.04.0-5) unstable; urgency=low
* /etc/init.d/stunnel4 can load more than one configuration file.
It loads /etc/stunnel/*.conf. You can have a configuration file for
server mode and one for client mode. (Closes: #211870)
-- Julien Lemoine <speedblue@debian.org> Thu, 25 Sep 2003 18:05:01 +0200
stunnel4 (2:4.04.0-4) unstable; urgency=low
* Put stunnel.html in /usr/share/doc/stunnel4/ instead of
/usr/share/doc/stunnel
* Updated to Standards-Version 3.6.1
-- Julien Lemoine <speedblue@debian.org> Thu, 4 Sep 2003 13:39:51 +0200
stunnel4 (2:4.04.0-3) unstable; urgency=low
* Fixed wrong path search for stunnel.conf
(Closes: Bug#202931)
-- Julien Lemoine <speedblue@debian.org> Sat, 26 Jul 2003 11:00:46 +0200
stunnel4 (2:4.04.0-2) unstable; urgency=low
* Fixed stunnel.conf problems, file must be commented by default.
(Closes: #202693)
-- Julien Lemoine <speedblue@debian.org> Fri, 25 Jul 2003 11:38:47 +0200
stunnel4 (2:4.04.0-1) unstable; urgency=low
* Oops, stunnel4 is not a native package -> reupload it with a diff.gz
* Does not install stunnel.so since it is not used
* Updated clean rules to have a clean diff
* Updated to Standards-Version 3.6.0
-- Julien Lemoine <speedblue@debian.org> Sat, 19 Jul 2003 20:12:51 +0200
stunnel4 (2:4.04-2) unstable; urgency=low
* Fixed compilation errors (removed binary in clean rule)
* removed libstunnel.so since it is not used
-- Julien Lemoine <speedblue@debian.org> Sun, 13 Jul 2003 02:45:05 +0200
stunnel4 (2:4.04-1) unstable; urgency=low
* Stunnel versions 4.x are now in stunnel4 package and stunnel versions 3.x
are in stunnel package to keep backward compatibility.
-- Julien Lemoine <speedblue@debian.org> Fri, 4 Jul 2003 18:24:21 +0200
stunnel (4.04-5) unstable; urgency=low
* The "I need to sleep more to avoid making typos" release.
* Fixed typos in default/init file (ENABLED instead of ENABLE)
(Closes: #197958)
* Commented all stunnel.conf file, client=no is the default value
(Closes: #197961)
-- Julien Lemoine <speedblue@debian.org> Thu, 19 Jun 2003 00:40:28 +0200
stunnel (4.04-4) unstable; urgency=low
* Added /etc/default/stunnel with a variable ENABLE.
ENABLE=0 by default since stunnel segv on some computer when all lines
are commented (Closes: #197663, #197615)
-- Julien Lemoine <speedblue@debian.org> Mon, 16 Jun 2003 22:04:17 +0200
stunnel (4.04-3) unstable; urgency=low
* comment ldap sample (Closes: #197566)
-- Julien Lemoine <speedblue@debian.org> Mon, 9 Jun 2003 15:03:41 +0200
stunnel (4.04-2) unstable; urgency=low
* Fixed typo in init.d script (Closes: #197499)
* Added a commented example in stunnel.conf from Craig Sanders
-- Julien Lemoine <speedblue@debian.org> Sun, 15 Jun 2003 18:06:07 +0200
stunnel (4.04-1) unstable; urgency=low
* New upstream release (Closes: #177532, Closes: 188137)
* New maintainer
* Stunnel has no more -L option (Closes: #120265)
* Stunnel has no more -l option (Closes: #175844)
* Shutdown(1) problem was fixed (Closes: #111125)
* Problem with large data resolved (tested with a 5Mo file)
(Closes: #112287)
* Licence is now GPL version 2 with agreement to link with openssl
(Closes: #147665)
* stunnel can execute command (Closes: #147537)
* added a lintian overwrite for libstunnel.so since it is compiled with
-avoid-version
* Fixed problem with path (/etc/ instead of $(prefix)/etc, ...)
* Include default configuration file in /etc
* Upgraded to debian policy 3.5.10
* Added init.d file
-- Julien Lemoine <speedblue@debian.org> Sat, 24 May 2003 02:30:20 +0200
stunnel (3.22-1) unstable; urgency=high
* New upstream release (closes: bug#126627).
* Typo fix in postinst (closes: bug#120199, bug#121904)
-- Paolo Molaro <lupus@debian.org> Sun, 30 Dec 2001 10:31:46 +0100
stunnel (3.21.c-1) unstable; urgency=low
* New upstream release (Closes: bug#111139, bug#102834, bug#61427).
* Avoid generating automatically the initial stunnel.pem, openssl cannot be
reliably used in a non-interactive way (Closes: bug#60776, bug#98445). Info
on how to generate the certificate is now included in README.Debian.
* There is support for (re)setting OOB data handling in the new upstream
version (Closes: bug#107503).
* Include the sample /etc/iniy.d/stunnel file as an example in the package
(Closes: bug#114669).
-- Paolo Molaro <lupus@debian.org> Sat, 17 Nov 2001 12:31:04 +0100
stunnel (3.14-1) unstable; urgency=low
* New upstream release
* Actually compile it against the new libssl (Closes: #86916).
-- Paolo Molaro <lupus@debian.org> Fri, 23 Feb 2001 18:57:18 +0100
stunnel (3.13-1) unstable; urgency=low
* New upstream release.
* Recompile with and depend on libssl096 (Closes: #85000, #86385, #83857, #82500).
* Already fixed in previous aborted upload (Closes: #82105, #77227, #80079, #76576).
-- Paolo Molaro <lupus@debian.org> Sun, 18 Feb 2001 21:30:50 +0100
stunnel (3.10-1) unstable; urgency=high
* New upstream release.
-- Paolo Molaro <lupus@debian.org> Wed, 20 Dec 2000 15:14:08 +0100
stunnel (3.10-0potato1) stable; urgency=high
* New upstream release.
-- Paolo Molaro <lupus@debian.org> Wed, 20 Dec 2000 13:07:35 +0100
stunnel (3.9-0potato1) stable; urgency=high
* New upstream release: security fix (Closes: #80079, #76576).
* Use correct dir for pid (Closes: #77227).
-- Paolo Molaro <lupus@debian.org> Wed, 20 Dec 2000 11:24:18 +0100
stunnel (3.8-1) unstable; urgency=low
* New upstream version (Closes: #75117, #67010).
* Read 1k of random data in a temp file (Closes: #69808).
* Added a note in postrm about the stunnel.pem file that
is left in /etc/ssl/certs: it is safer if the user deals with
it since it may have been create by him and not stunnel (Closes: #57648).
-- Paolo Molaro <lupus@debian.org> Wed, 5 Jul 2000 16:43:07 +0000
stunnel (3.4a-6) unstable; urgency=low
* Depends on openssl 0.9.4 (closes: bug#53947).
-- Paolo Molaro <lupus@debian.org> Tue, 4 Jan 2000 12:37:24 +0100
stunnel (3.4a-5) unstable; urgency=medium
* Include upstream download info in copyright (closes: bug#53301).
* Include example from Steve Haslam to make stunnel run from a
init script (closes: bug#53300).
-- Paolo Molaro <lupus@debian.org> Thu, 23 Dec 1999 16:49:38 +0100
stunnel (3.4a-4) unstable; urgency=medium
* Depends on openssl instead of Suggests (Closes: bug#49238).
-- Paolo Molaro <lupus@debian.org> Sat, 13 Nov 1999 12:44:35 +0100
stunnel (3.4a-3) unstable; urgency=high
* Fixes security problem with the certificate.
-- Paolo Molaro <lupus@debian.org> Thu, 4 Nov 1999 17:33:52 +0100
stunnel (3.4a-2) unstable; urgency=low
* Suggest openssl instead of ssleay. (Closes: bug#47712)
-- Paolo Molaro <lupus@debian.org> Wed, 27 Oct 1999 18:24:27 +0200
stunnel (3.4a-1) unstable; urgency=low
* New upstream release.
* Put cert in /etc/ssl/certs (closes:#41099). I think this is
neither an openssl nor stunnel bug, but a dpkg one (other
similar bugs are already filed against dpkg).
-- Paolo Molaro <lupus@debian.org> Thu, 22 Jul 1999 16:50:32 +0200
stunnel (3.3-1) unstable; urgency=low
* New upstream release.
-- Paolo Molaro <lupus@debian.org> Fri, 18 Jun 1999 16:43:05 +0200
stunnel (3.2-2) unstable; urgency=low
* Fixed stupid coding error.
-- Paolo Molaro <lupus@debian.org> Sat, 29 May 1999 13:01:17 +0200
stunnel (3.2-1) unstable; urgency=low
* Recompilation with new ssl lib.
* New upstream release.
-- Paolo Molaro <lupus@debian.org> Mon, 24 May 1999 12:09:58 +0200
stunnel (2.1-2) unstable; urgency=low
* Added libwrap support (/etc/hosts.{allow,deny}).
* Recompilation with newer libc6.
* Better stunnel-config script.
-- Paolo Molaro <lupus@debian.org> Fri, 11 Dec 1998 11:57:52 +0100
stunnel (2.1-1) unstable; urgency=low
* Initial release.
-- Paolo Molaro <lupus@debian.org> Mon, 30 Nov 1998 11:41:29 +0100
Reference in New Issue View Git Blame Copy Permalink