From ced24bae40632c738935474fbf5fab0e23dedaa7 Mon Sep 17 00:00:00 2001 From: Sahana Prasad Date: Wed, 10 Feb 2021 10:15:15 +0100 Subject: [PATCH] - New upstream release 5.57 - Fixes #1925229 - client certificate not correctly verified when redirect and verifyChain options are used. Signed-off-by: Sahana Prasad --- .gitignore | 2 ++ sources | 4 ++-- stunnel-5.56-curves-doc-update.patch | 12 ++++++------ stunnel.spec | 9 +++++++-- 4 files changed, 17 insertions(+), 10 deletions(-) diff --git a/.gitignore b/.gitignore index 9118059..a002eb7 100644 --- a/.gitignore +++ b/.gitignore @@ -114,3 +114,5 @@ stunnel-4.33.tar.gz.asc /stunnel-5.55.tar.gz.asc /stunnel-5.56.tar.gz /stunnel-5.56.tar.gz.asc +/stunnel-5.57.tar.gz +/stunnel-5.57.tar.gz.asc diff --git a/sources b/sources index b048c4c..81a3774 100644 --- a/sources +++ b/sources @@ -1,2 +1,2 @@ -SHA512 (stunnel-5.56.tar.gz) = db1be82b80bd5606568c5565f1c9a5710d4f7abca2d89388daa441bc395aaf2be998ac6403c7a17b8af01b89ade825186c20c50f73a809f9d64eca2e1b57a877 -SHA512 (stunnel-5.56.tar.gz.asc) = 0ae8531faf943e75fe17699c3ce2b7eb916c25f3217b8e3a22bd2ae03e8ce3f40849c5aa6b078d1fa9c9a9c066610f4e517bc99e7204be754bd4ec53c80964af +SHA512 (stunnel-5.57.tar.gz) = de5feec6c2c01a6aba2c3b9b9356a8b115ba67c194b6459927870c4a5e37f8a57ac74129f223671586393539d789c868bc8f794331c7e4af058e540123b409e9 +SHA512 (stunnel-5.57.tar.gz.asc) = 4e1e1be2b92e9dad5e50b518b0fec9afa0e00419671034819a1e18c7664b138e43c176a302aaa1da3be148c55068859af739134f33fe4f1198b6298451822852 diff --git a/stunnel-5.56-curves-doc-update.patch b/stunnel-5.56-curves-doc-update.patch index 84a01a3..2ebf10f 100644 --- a/stunnel-5.56-curves-doc-update.patch +++ b/stunnel-5.56-curves-doc-update.patch @@ -6,7 +6,7 @@ .Sp +Note: This option is supported for server mode sockets only. +.Sp - Only a single curve name is allowed for OpenSSL older than 1.1.0. + Only a single curve name is allowed for OpenSSL older than 1.1.1. .Sp To get a list of supported curves use: --- stunnel-5.56/doc/stunnel.html.in.curves-doc-update 2020-04-16 17:13:25.664962696 +0200 @@ -17,7 +17,7 @@ +

Note: This option is supported for server mode sockets only.

+ -

Only a single curve name is allowed for OpenSSL older than 1.1.0.

+

Only a single curve name is allowed for OpenSSL older than 1.1.1.

To get a list of supported curves use:

--- stunnel-5.56/doc/stunnel.pod.in.curves-doc-update 2020-04-16 17:13:43.412139122 +0200 @@ -28,7 +28,7 @@ +Note: This option is supported for server mode sockets only. + - Only a single curve name is allowed for OpenSSL older than 1.1.0. + Only a single curve name is allowed for OpenSSL older than 1.1.1. To get a list of supported curves use: --- stunnel-5.56/doc/stunnel.pl.pod.in.curves-doc-update 2020-04-16 17:25:22.631934496 +0200 @@ -39,7 +39,7 @@ +Uwaga: ta opcja wpływa tylko na gniazda w trybie serwera. + - Wersje OpenSSL starsze niż 1.1.0 pozwalają na użycie tylko jednej krzywej. + Wersje OpenSSL starsze niż 1.1.1 pozwalają na użycie tylko jednej krzywej. Listę dostępnych krzywych można uzyskać poleceniem: --- stunnel-5.56/doc/stunnel.pl.html.in.curves-doc-update 2020-04-16 17:24:46.857579674 +0200 @@ -50,7 +50,7 @@ +

Uwaga: ta opcja wpływa tylko na gniazda w trybie serwera.

+ -

Wersje OpenSSL starsze niż 1.1.0 pozwalają na użycie tylko jednej krzywej.

+

Wersje OpenSSL starsze niż 1.1.1 pozwalają na użycie tylko jednej krzywej.

Listę dostępnych krzywych można uzyskać poleceniem:

--- stunnel-5.56/doc/stunnel.pl.8.in.curves-doc-update 2020-04-16 17:24:25.665369474 +0200 @@ -61,6 +61,6 @@ .Sp +Uwaga: ta opcja wpływa tylko na gniazda w trybie serwera. +.Sp - Wersje OpenSSL starsze niż 1.1.0 pozwalają na użycie tylko jednej krzywej. + Wersje OpenSSL starsze niż 1.1.1 pozwalają na użycie tylko jednej krzywej. .Sp Listę dostępnych krzywych można uzyskać poleceniem: diff --git a/stunnel.spec b/stunnel.spec index 9003b6c..31aad28 100644 --- a/stunnel.spec +++ b/stunnel.spec @@ -9,8 +9,8 @@ Summary: A TLS-encrypting socket wrapper Name: stunnel -Version: 5.56 -Release: 10%{?dist} +Version: 5.57 +Release: 1%{?dist} License: GPLv2 URL: http://www.stunnel.org/ Source0: https://www.stunnel.org/downloads/stunnel-%{version}.tar.gz @@ -141,6 +141,11 @@ make test || (for i in tests/logs/*.log ; do echo "$i": ; cat "$i" ; done) %systemd_postun_with_restart %{name}.service %changelog +* Wed Feb 10 2021 Sahana Prasad - 5.57-1 +- New upstream release 5.57 +- Fixes #1925229 - client certificate not correctly verified + when redirect and verifyChain options are used + * Wed Jan 27 2021 Fedora Release Engineering - 5.56-10 - Rebuilt for https://fedoraproject.org/wiki/Fedora_34_Mass_Rebuild