Dear Users,
I have released version 4.42 of stunnel. This is a security bugfix
release. Upgrade is highly recommended!
The ChangeLog entry:
Version 4.42, 2011.08.18, urgency: HIGH:
* New features
- New verify level 0 to request and ignore peer certificate. This
feature is useful with the new Windows GUI menu to save cached peer
certificate chains, as SSL client certificates are not sent by
default.
- Manual page has been updated.
- Removed support for changing Windows Service name with "service"
option.
* Bugfixes
- Fixed a heap corruption vulnerability in versions 4.40 and 4.41.
It may
possibly be leveraged to perform DoS or remote code execution
attacks.
- The -quiet commandline option was applied to *all* message boxes.
- Silent install (/S option) no longer attempts to create
stunnel.pem.
Home page: http://www.stunnel.org/
Download: ftp://ftp.stunnel.org/stunnel/
SHA-256 hash for stunnel-4.42.tar.gz:
d33c407bfc4f58070e818081bd082c38f91cab7691ccbb794da63143c535de3b
Best regards,
Mike