diff --git a/.cvsignore b/.cvsignore index 32edef3..282fd3c 100644 --- a/.cvsignore +++ b/.cvsignore @@ -1 +1 @@ -stunnel-3.19.tar.gz +stunnel-3.22.tar.gz diff --git a/sfinger.xinetd b/sfinger.xinetd index c1fba6d..286a5ae 100644 --- a/sfinger.xinetd +++ b/sfinger.xinetd @@ -7,5 +7,5 @@ service sfinger wait = no user = root server = /usr/sbin/stunnel - server_args = -s nobody -l /usr/sbin/in.fingerd -- in.fingerd + server_args = -l /usr/sbin/in.fingerd -- in.fingerd } diff --git a/sources b/sources index 62879dc..f086e7a 100644 --- a/sources +++ b/sources @@ -1 +1 @@ -5513d44a47c12687809c69d858a96e17 stunnel-3.19.tar.gz +69000d8365b006b3c080a1e2dc9ccba9 stunnel-3.22.tar.gz diff --git a/stunnel.spec b/stunnel.spec index 7d170bc..6ed8171 100644 --- a/stunnel.spec +++ b/stunnel.spec @@ -1,6 +1,6 @@ Summary: An SSL-encrypting socket wrapper. Name: stunnel -Version: 3.19 +Version: 3.22 Release: 1 License: GPL Group: Applications/Internet @@ -10,6 +10,7 @@ Source1: stunnel.cnf Source2: Certificate-Creation Source3: sfinger.xinetd Source4: pop3-redirect.xinetd +Patch0: stunnel-3.20-authpriv.patch Buildroot: %{_tmppath}/stunnel-root BuildPrereq: openssl-devel, perl, textutils, fileutils, /usr/share/dict/words, tcp_wrappers Prereq: textutils, fileutils, /bin/mktemp, /sbin/ldconfig, /usr/share/dict/words, /bin/hostname, /usr/bin/id, /usr/bin/getent @@ -22,12 +23,14 @@ in conjunction with imapd to create an SSL secure IMAP server. %prep %setup -q +%patch -p1 -b .authpriv %build %configure \ --with-ssl=%{_prefix} \ --with-pem-dir=%{_datadir}/ssl/certs \ --with-cert-file=%{_datadir}/ssl/cert.pem \ + --with-cert-dir=%{_datadir}/ssl/trusted \ --with-tcp-wrappers # We have to create a certificate before the makefile asks us to. @@ -52,6 +55,7 @@ rm -rf $RPM_BUILD_ROOT man8dir=$RPM_BUILD_ROOT%{_mandir}/man8 \ piddir=$RPM_BUILD_ROOT/%{_var}/run \ PEM_DIR=$RPM_BUILD_ROOT/%{_datadir}/ssl/certs +install -m755 stunnel $RPM_BUILD_ROOT/%{_sbindir}/ install -m644 stunnel.cnf $RPM_BUILD_ROOT/%{_datadir}/ssl %post -p /sbin/ldconfig @@ -63,16 +67,29 @@ rm -rf $RPM_BUILD_ROOT %files %defattr(-,root,root) -%doc BUGS COPY* FAQ HISTORY PORTS README TODO stunnel.html *.txt +%doc BUGS COPY* CREDITS FAQ HISTORY PORTS README TODO *.html %doc $RPM_SOURCE_DIR/Certificate-Creation %doc $RPM_SOURCE_DIR/sfinger.xinetd $RPM_SOURCE_DIR/pop3-redirect.xinetd +%lang(en) %doc doc/english/* +%lang(po) %doc doc/polish/* %ghost %config(noreplace,missingok) %{_datadir}/ssl/certs/stunnel.pem %{_libdir}/stunnel.so* %{_mandir}/man8/stunnel.8* %{_sbindir}/stunnel %changelog -* Fri Aug 10 2001 Nalin Dahyabhai +* Wed Jan 2 2002 Nalin Dahyabhai 3.22-1 +- update to 3.22, correcting a format-string vulnerability + +* Wed Oct 31 2001 Nalin Dahyabhai 3.21a-1 +- update to 3.21a + +* Tue Aug 28 2001 Nalin Dahyabhai 3.20-1 +- log using LOG_AUTHPRIV facility by default (#47289) +- make permissions on stunnel binary 0755 +- implicitly trust certificates in %%{_datadir}/ssl/trusted (#24034) + +* Fri Aug 10 2001 Nalin Dahyabhai 3.19-1 - update to 3.19 to avoid problems with stunnel being multithreaded, but tcp wrappers not being thrad-safe