[stunnel-users] stunnel 4.37 released

Michal Trojnara Michal.Trojnara at mirt.net
Fri Jun 17 23:15:31 CEST 2011


Dear Users,

I have just released version 4.37 of stunnel.  This release is mainly  
intended to fix bugs and portability issues introduced in versions  
4.35 and 4.36.
This version also provides new security defaults, updated to better  
match current best practices in cryptographic applications.

The ChangeLog entry:

Version 4.37, 2011.06.17, urgency: MEDIUM:
* New features
   - Client-side SNI implemented (RFC 3546 section 3.1).
   - Default "ciphers" changed from the OpenSSL default to a more secure
     and faster "RC4-MD5:HIGH:!aNULL:!SSLv2".
     A paranoid (and usually slower) setting would be "HIGH:!aNULL:! 
SSLv2".
   - Recommended "options = NO_SSLv2" added to the sample stunnel.conf  
file.
   - Default client method upgraded from SSLv3 to TLSv1.
     To connect servers without TLS support use "sslVersion = SSLv3"  
option.
   - Improved --enable-fips and --disable-fips ./configure option  
handling.
   - On startup stunnel now compares the compiled version of OpenSSL  
against
     the running version of OpenSSL. A warning is logged on mismatch.
* Bugfixes
   - Non-blocking socket handling in local mode fixed (Debian bug  
#626856).
   - UCONTEXT threading mode fixed.
   - Removed the use of gcc Thread-Local Storage for improved  
portability.
   - va_copy macro defined for platforms that do not have it.
   - Fixed "local" option parsing on IPv4 systems.
   - Solaris compilation fix (redefinition of "STR").

Home page: http://www.stunnel.org/
Download: ftp://ftp.stunnel.org/stunnel/

SHA-256 hash for stunnel-4.37.tar.gz:
02ca30609ccb26f6e52ff7eb79a6778ea452a04432eaef7d959d19933f6fe109

Best regards,
	Mike
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://www.stunnel.org/pipermail/stunnel-users/attachments/20110617/2efa4a3a/attachment.html>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: PGP.sig
Type: application/pgp-signature
Size: 194 bytes
Desc: This is a digitally signed message part
URL: <http://www.stunnel.org/pipermail/stunnel-users/attachments/20110617/2efa4a3a/attachment.sig>


More information about the stunnel-users mailing list