"I have just released a new version of stunnel, which fixes a security issue
in the OCSP functionality. The bug allows a revoked certificate to
successfully authenticate. Any installations with OCSP enabled should be
upgraded ASAP. Other users are not affected."
ramereth, please bump as necessary.
I've bumped stunnel to version 4.25.
*** Bug 225113 has been marked as a duplicate of this bug. ***
Stable for HPPA.
time for GLSA decision. I vote YES.
ok then.... YES
NB: The stunnel 3.x branch doesn't implement OCSP and is therefore not affected.