Hi,
Update for Stunnel to 5.06:
Security bugfixes
OpenSSL DLLs updated to version 1.0.1j.
https://www.openssl.org/news/secadv_20141015.txt
The insecure SSLv2 protocol is now disabled by default. It can be
enabled with "options = -NO_SSLv2".
The insecure SSLv3 protocol is now disabled by default. It can be
enabled with "options = -NO_SSLv3".
Default sslVersion changed to "all" (also in FIPS mode) to
autonegotiate the highest supported TLS version.
New features
Added missing SSL options to match OpenSSL 1.0.1j.
New "-options" commandline option to display the list of supported
SSL options.
Bugfixes
Fixed FORK threading build regression bug.
Ok? Comments?
--
Sending from my toaster.
Index: Makefile
===================================================================
RCS file: /cvs/ports/security/stunnel/Makefile,v
retrieving revision 1.74
diff -u -p -r1.74 Makefile
--- Makefile 27 Aug 2014 06:58:00 -0000 1.74
+++ Makefile 23 Oct 2014 13:34:15 -0000
@@ -2,9 +2,8 @@
COMMENT= SSL encryption wrapper for standard network daemons
-DISTNAME= stunnel-5.03
+DISTNAME= stunnel-5.06
CATEGORIES= security
-REVISION= 0
MAINTAINER= Gleydson Soares <[email protected]>
@@ -30,7 +29,6 @@ CONFIGURE_ARGS+= ${CONFIGURE_SHARED} \
MODGNU_CONFIG_GUESS_DIRS=${WRKSRC}/auto
NO_TEST= Yes
USE_GMAKE= Yes
-USE_GROFF = Yes
do-install:
${INSTALL_PROGRAM} ${WRKBUILD}/src/stunnel ${PREFIX}/sbin
Index: distinfo
===================================================================
RCS file: /cvs/ports/security/stunnel/distinfo,v
retrieving revision 1.33
diff -u -p -r1.33 distinfo
--- distinfo 22 Aug 2014 02:22:25 -0000 1.33
+++ distinfo 23 Oct 2014 13:34:15 -0000
@@ -1,2 +1,2 @@
-SHA256 (stunnel-5.03.tar.gz) = mh42lGb6dW5vSLEUgKMzjB+kcX5kcocb9KOpbEg+3QM=
-SIZE (stunnel-5.03.tar.gz) = 590778
+SHA256 (stunnel-5.06.tar.gz) = CYwrbbB5PqT6W2dnzm7xhT6fbMLzITMCS+VfakYLGkA=
+SIZE (stunnel-5.06.tar.gz) = 595550
Index: patches/patch-tools_stunnel_conf-sample_in
===================================================================
RCS file:
/cvs/ports/security/stunnel/patches/patch-tools_stunnel_conf-sample_in,v
retrieving revision 1.11
diff -u -p -r1.11 patch-tools_stunnel_conf-sample_in
--- patches/patch-tools_stunnel_conf-sample_in 22 Aug 2014 02:22:25 -0000
1.11
+++ patches/patch-tools_stunnel_conf-sample_in 23 Oct 2014 13:34:15 -0000
@@ -1,7 +1,7 @@
$OpenBSD: patch-tools_stunnel_conf-sample_in,v 1.11 2014/08/22 02:22:25
gsoares Exp $
---- tools/stunnel.conf-sample.in.orig Thu May 8 05:31:52 2014
-+++ tools/stunnel.conf-sample.in Wed Aug 20 19:18:23 2014
+--- tools/stunnel.conf-sample.in.orig Wed Oct 15 09:04:20 2014
++++ tools/stunnel.conf-sample.in Thu Oct 23 10:32:30 2014
@@ -9,13 +9,13 @@
; A copy of some devices and system files is needed within the chroot jail
@@ -44,5 +44,5 @@ $OpenBSD: patch-tools_stunnel_conf-sampl
-;CRLfile = @prefix@/etc/stunnel/crls.pem
+;CRLfile = @sysconfdir@/ssl/crls.pem
- ; Disable support for insecure SSLv2 protocol
- options = NO_SSLv2
+ ; Enable support for the insecure SSLv2 protocol
+ ;options = -NO_SSLv2
