looking the changelog of latest version of stunnle (version 5.57) I see the following statement:

"The "redirect" option was fixed to properly handle "verifyChain = yes" (thx to Rob Hoes)."

It is possible to have more information on the vulnerability fixed?