stunnel 5.58 released

Michał Trojnara Michal.Trojnara at stunnel.org
Sat Feb 20 21:46:31 UTC 2021 

Dear Users,

I have released version 5.58 of stunnel.

This release fixes another security bug in the "redirect" option.

### Version 5.58, 2021.02.20, urgency: HIGH
* Security bugfixes
   - The "redirect" option was fixed to properly handle
     unauthenticated requests (thx to Martin Stein).
   - Fixed a double free with OpenSSL older than 1.1.0 (thx to
     Petr Strukov).
   - OpenSSL DLLs updated to version 1.1.1j.
* New features
   - New 'protocolHeader' service-level option to insert custom
     'connect' protocol negotiation headers.  This feature can
     be used to impersonate other software (e.g. web browsers).
   - 'protocolHost' can also be used to control the client SMTP
     protocol negotiation HELO/EHLO value.
   - Initial FIPS 3.0 support.
* Bugfixes
   - X.509v3 extensions required by modern versions of OpenSSL
     are added to generated self-signed test certificates.
   - Fixed a tiny memory leak in configuration file reload
     error handling (thx to Richard Könning).
   - Merged Debian 05-typos.patch (thx to Peter Pentchev).
   - Merged with minor changes Debian 06-hup-separate.patch
     (thx to Peter Pentchev).
   - Merged Debian 07-imap-capabilities.patch (thx to Ansgar).
   - Merged Debian 08-addrconfig-workaround.patch (thx to Peter
     Pentchev).
   - Fixed tests on the WSL2 platform.
   - NSIS installer updated to version 3.06 to fix a multiuser
     installation bug on some platforms, including 64-bit XP.
   - Fixed engine initialization (thx to Petr Strukov).
   - FIPS TLS feature is reported when a provider or container
     is available, and not when FIPS control API is available.

Home page: https://www.stunnel.org/
Download: https://www.stunnel.org/downloads.html

SHA-256 hashes:
d4c14cc096577edca3f6a2a59c2f51869e35350b3988018ddf808c88e5973b79 stunnel-5.58.tar.gz
92055a006a0d178a25cc29ef681ae32d4cea3075c096abc893c92ba6285d6908 stunnel-5.58-win64-installer.exe
57c313ee8b42da42265b33fb91555a58c1f1b94f5e93a389c310e37a87f2013c stunnel-5.58-android.zip

Best regards,
     Mike




-------------- next part --------------
A non-text attachment was scrubbed...
Name: OpenPGP_signature
Type: application/pgp-signature
Size: 840 bytes
Desc: OpenPGP digital signature
URL: <https://mta.openssl.org/pipermail/openssl-users/attachments/20210220/9923eb13/attachment-0001.sig>

More information about the openssl-users mailing list