stunnel 5.34 is a security update. The upstream advisory is a bit scarce on details: https://www.stunnel.org/pipermail/stunnel-announce/2016-July/000123.html It says: This release includes a major security bugfix. [...] - Fixed malfunctioning "verify = 4". 5.34 is already in the tree, are we ready to stabilize?
(In reply to Hanno Boeck from comment #0) > stunnel 5.34 is a security update. The upstream advisory is a bit scarce on > details: > https://www.stunnel.org/pipermail/stunnel-announce/2016-July/000123.html > > It says: > This release includes a major security bugfix. > [...] > - Fixed malfunctioning "verify = 4". > > 5.34 is already in the tree, are we ready to stabilize? Hanno thanks! Give me a bit since I also want to address bug #588054 for 5.34, so we'll probably be stabilizing 5.34-r1. But #588054 is just a minor change to the init scripts and I want to test to make sure it works.
(In reply to Anthony Basile from comment #1) > (In reply to Hanno Boeck from comment #0) > > stunnel 5.34 is a security update. The upstream advisory is a bit scarce on > > details: > > https://www.stunnel.org/pipermail/stunnel-announce/2016-July/000123.html > > > > It says: > > This release includes a major security bugfix. > > [...] > > - Fixed malfunctioning "verify = 4". > > > > 5.34 is already in the tree, are we ready to stabilize? > > Hanno thanks! Give me a bit since I also want to address bug #588054 for > 5.34, so we'll probably be stabilizing 5.34-r1. But #588054 is just a minor > change to the init scripts and I want to test to make sure it works. Okay, ready to stablize 5.34-r1 KEYWORDS="alpha amd64 arm hppa ppc ppc64 sparc x86"
amd64 stable
x86 stable
ppc stable
sparc stable
ppc64 stable
Stable for HPPA.
Stable on alpha.
arm stable, all arches done.
@maintainer, please cleanup the vulnerable versions. Also, any idea as to what exactly the potential vulnerability was?
@maintainer, please clean the vulnerable versions from the tree. GLSA Vote: No
@maintainer, please clean the vulnerable versions.
(In reply to Aaron Bauman from comment #13) > @maintainer, please clean the vulnerable versions. done.
(In reply to Anthony Basile from comment #14) > (In reply to Aaron Bauman from comment #13) > > @maintainer, please clean the vulnerable versions. > > done. Thanks, Anthony! GLSA Vote: No