Dear Users,
I have released version 5.74 of stunnel.
### Version 5.74, 2024.12.13, urgency: HIGH
* Bugfixes
- Fixed a stapling cache deallocation crash.
- Fixed "redirect" with protocol negotiation.
* Features
- "protocolHost" support for "socks" protocol clients.
- More detailed logs in OpenSSL 3.0 or later.
Home page: https://www.stunnel.org/
Download: https://www.stunnel.org/downloads.html
SHA-256 hashes:
9bef235ab5d24a2a8dff6485dfd782ed235f4407e9bc8716deb383fc80cd6230
stunnel-5.74.tar.gz
8ce19cc782a64b0cacf32356249265ed16b3888e3578454853f5497726778d76
stunnel-5.74-win64-installer.exe
68c3395c1bebcc8b4eee2c7f58190aa2fe39b835dd7a4cce5ad37d5dfc1c5542
stunnel-5.74-android.zip
Best regards,
Mike
Dear Users,
I have released version 5.73 of stunnel.
### Version 5.73, 2024.09.09, urgency: MEDIUM
* Security bugfixes
- OpenSSL DLLs updated to version 3.3.2.
- OpenSSL FIPS Provider updated to version 3.0.9.
* Bugfixes
- Fixed a memory leak while reloading stunnel.conf
sections with "client=yes" and "delay=no".
- Fixed TIMEOUTocsp with values greater than 4.
- Fix the IPv6 test on a non-IPv6 machine.
* Features
- HELO replaced with EHLO in the post-STARTTLS SMTP
protocol negotiation (thx to Peter Pentchev).
- OCSP stapling fetches moved away from server threads.
- Improved client-side session resumption.
- Added support for the mimalloc allocator.
- Check for protocolHost moved to configuration file
processing for the client-side CONNECT protocol.
- Clarified some confusing OpenSSL's certificate
verification error messages.
- stunnel.nsi updated for Debian 13 and Fedora.
- Improved NetBSD compatibility.
Home page: https://www.stunnel.org/
Download: https://www.stunnel.org/downloads.html
SHA-256 hashes:
bc917c3bcd943a4d632360c067977a31e85e385f5f4845f69749bce88183cb38
stunnel-5.73.tar.gz
d686b1a4135947718e7a8157a8cb6694ed50e2267713de1972941148a8859789
stunnel-5.73-win64-installer.exe
9d6065ea1e7fa59405b5a152eeeaed9296bd5a0d2b11964800e95867e7391f16
stunnel-5.73-android.zip
Best regards,
Mike
Dear Users,
I have released version 5.72 of stunnel.
### Version 5.72, 2024.02.04, urgency: MEDIUM
* Security bugfixes
- OpenSSL DLLs updated to version 3.2.1.
* Bugfixes
- Fixed SSL_CTX_new() errors handling.
- Fixed OPENSSL_NO_PSK builds.
- Android build updated for NDK r23c.
- stunnel.nsi updated for Debian 12.
- Fixed tests with OpenSSL older than 1.0.2.
Home page: https://www.stunnel.org/
Download: https://www.stunnel.org/downloads.html
SHA-256 hashes:
3d532941281ae353319735144e4adb9ae489a10b7e309c58a48157f08f42e949
stunnel-5.72.tar.gz
1037c53f8ab590c2f3001e54cf381c3ea4225e9670b03870191383060e6851e7
stunnel-5.72-win64-installer.exe
668161b90034820198c456b4137ed3680d6fd49d4de920d51e499b84538f63d3
stunnel-5.72-android.zip
Best regards,
Mike
Dear Users,
I have released version 5.71 of stunnel.
### Version 5.71, 2023.09.19, urgency: MEDIUM
* Security bugfixes
- OpenSSL DLLs updated to version 3.1.3.
* Bugfixes
- Fixed the console output of tstunnel.exe.
* Features sponsored by SAE IT-systems
- OCSP stapling is requested and verified in the client mode.
- Using "verifyChain" automatically enables OCSP
stapling in the client mode.
- OCSP stapling is always available in the server mode.
- An inconclusive OCSP verification breaks TLS negotiation.
This can be disabled with "OCSPrequire = no".
- Added the "TIMEOUTocsp" option to control the maximum
time allowed for connecting an OCSP responder.
* Features
- Added support for Red Hat OpenSSL 3.x patches.
Home page: https://www.stunnel.org/
Download: https://www.stunnel.org/downloads.html
SHA-256 hashes:
f023aae837c2d32deb920831a5ee1081e11c78a5d57340f8e6f0829f031017f5
stunnel-5.71.tar.gz
945df5118473bcbf1ecdc5561fd6f26743c5dd1fd82e1a25199d0fd5c39a9373
stunnel-5.71-win64-installer.exe
d511df533bb89464a324b2439e7e04b24b6ce26ecc0e03b67ada307725343d40
stunnel-5.71-android.zip
Best regards,
Mike
Dear Users,
I have released version 5.70 of stunnel.
### Version 5.70, 2023.07.12, urgency: HIGH
* Security bugfixes
- OpenSSL DLLs updated to version 3.0.9.
- OpenSSL FIPS Provider updated to version 3.0.8.
* Bugfixes
- Fixed TLS socket EOF handling with OpenSSL 3.x.
This bug caused major interoperability issues between
stunnel built with OpenSSL 3.x and Microsoft's
Schannel Security Support Provider (SSP).
- Fixed reading certificate chains from PKCS#12 files.
* Features
- Added configurable delay for the "retry" option.
Home page: https://www.stunnel.org/
Download: https://www.stunnel.org/downloads.html
SHA-256 hashes:
7bbc7b9e9a988d76301325db4c110ec360a98ffb8a221c7accbff9c0a8bae2f3
stunnel-5.70.tar.gz
c50fb79329ddbf095e65ba8817a0249188aa5b25f15557f8504d8f65876034d9
stunnel-5.70-win64-installer.exe
df87f71596ddd8730a5394fd3795b32689664816c0aa87e206e94fdab540f672
stunnel-5.70-android.zip
Best regards,
Mike
Dear Users,
I have released version 5.69 of stunnel.
### Version 5.69, 2023.03.04, urgency: MEDIUM
* New features
- Improved logging performance with the "output" option.
- Improved file read performance on the WIN32 platform.
- DH and kDHEPSK ciphersuites removed from FIPS defaults.
- Set the LimitNOFILE ulimit in stunnel.service to allow
for up to 10,000 concurrent clients.
* Bugfixes
- Fixed the "CApath" option on the WIN32 platform by
applying https://github.com/openssl/openssl/pull/20312.
- Fixed stunnel.spec used for building rpm packages.
- Fixed tests on some OSes and architectures by merging
Debian 07-tests-errmsg.patch (thx to Peter Pentchev).
Home page: https://www.stunnel.org/
Download: https://www.stunnel.org/downloads.html
SHA-256 hashes:
1ff7d9f30884c75b98c8a0a4e1534fa79adcada2322635e6787337b4e38fdb81 stunnel-5.69.tar.gz
66c4f3bbb94c4a274f2e8e98e3d44e74c0460d6494986f0a94b9b8becdc63cc3 stunnel-5.69-win64-installer.exe
74813a0be13270b5348fc4bc7c16ada668d151773be19f404db1176b7e22aafc stunnel-5.69-android.zip
Best regards,
Mike
Dear Users,
I have released version 5.68 of stunnel.
### Version 5.68, 2023.02.07, urgency: HIGH
* Security bugfixes
- OpenSSL DLLs updated to version 3.0.8.
* New features
- Added the new 'CAengine' service-level option
to load a trusted CA certificate from an engine.
- Added requesting client certificates in server
mode with 'CApath' besides 'CAfile'.
* Bugfixes
- Fixed EWOULDBLOCK errors in protocol negotiation.
- Fixed handling TLS errors in protocol negotiation.
- Prevented following fatal TLS alerts with TCP resets.
- Improved OpenSSL initialization on WIN32.
- Improved testing suite stability.
- Improved file read performance.
- Improved logging performance.
Home page: https://www.stunnel.org/
Download: https://www.stunnel.org/downloads.html
SHA-256 hashes:
dcd895ab088b043d4e0bafa8b934e7ab3e697293828dbe9fce46cb7609a7dacf stunnel-5.68.tar.gz
62807f6233c8a5693104c09b44ebde6cc395877d948651c3ff0767e07ccdd316 stunnel-5.68-win64-installer.exe
93291060fdfc889431e8bce5cfe875b23be2bac11e2338f8f8f84d509f1b33fa stunnel-5.68-android.zip
Best regards,
Mike
Dear Users,
I have released version 5.67 of stunnel.
### Version 5.67, 2022.11.01, urgency: HIGH
* Security bugfixes
- OpenSSL DLLs updated to version 3.0.7.
* New features
- Provided a logging callback to custom engines.
* Bugfixes
- Fixed "make cert" with OpenSSL older than 3.0.
- Fixed the code and the documentation to use conscious
language for SNI servers (thx to Clemens Lang).
Home page: https://www.stunnel.org/
Download: https://www.stunnel.org/downloads.html
SHA-256 hashes:
3086939ee6407516c59b0ba3fbf555338f9d52f459bcab6337c0f00e91ea8456 stunnel-5.67.tar.gz
a6bdc2a735eb34465d10e3c7e61f32d679ba29a68de8ea8034db79c0c8b328a3 stunnel-5.67-win64-installer.exe
893f53d6647900eb34041be8f21a21c052a31de3fb393a97627021a1ef2752f5 stunnel-5.67-android.zip
Best regards,
Mike
Dear Users,
I have released version 5.66 of stunnel.
### Version 5.66, 2022.09.11, urgency: MEDIUM
* New features
- OpenSSL 3.0 FIPS Provider support for Windows.
* Bugfixes
- Fixed building on machines without pkg-config.
- Added the missing "environ" declaration for
BSD-based operating systems.
- Fixed the passphrase dialog with OpenSSL 3.0.
Home page: https://www.stunnel.org/
Download: https://www.stunnel.org/downloads.html
SHA-256 hashes:
558178704d1aa5f6883aac6cc5d6bbf2a5714c8a0d2e91da0392468cee9f579c stunnel-5.66.tar.gz
5fccb2e4db0d2e3c1adb26c3906585ac545baf88226f4f539b2dc43fe418a3ef stunnel-5.66-win64-installer.exe
3b1e30e060e16f6aa9a8ad1b1a6ba1210c165bf76bd01e4734cb4537e0717c09 stunnel-5.66-android.zip
Best regards,
Mike
Dear Users,
I have released version 5.65 of stunnel.
On Windows, this release fixes a high severity OpenSSL vulnerability:
https://www.openssl.org/news/secadv/20220705.txt
### Version 5.65, 2022.07.17, urgency: HIGH
* Security bugfixes
- OpenSSL DLLs updated to version 3.0.5.
* Bugfixes
- Fixed handling globally enabled FIPS.
- Fixed openssl.cnf processing in WIN32 GUI.
- Fixed a number of compiler warnings.
- Fixed tests on older versions of OpenSSL.
Home page: https://www.stunnel.org/
Download: https://www.stunnel.org/downloads.html
SHA-256 hashes:
60c500063bd1feff2877f5726e38278c086f96c178f03f09d264a2012d6bf7fc stunnel-5.65.tar.gz
ca88e65888102f7526cab4edad7b30e8d1e82d428c34d5b5f00513dff9ed2288 stunnel-5.65-win64-installer.exe
9dadaa8622e1c1955728cbd8d49e1a6b5eae77bfa5340f7a1f82451121aee740 stunnel-5.65-android.zip
Best regards,
Mike