You are here
Home > Preporuke > Ranjivost programskog paketa stunnel

Ranjivost programskog paketa stunnel

  • Detalji os-a: FED
  • Važnost: IMP
  • Operativni sustavi: L
  • Kategorije: LFE

——————————————————————————–
Fedora Update Notification
FEDORA-2014-5337
2014-04-18 14:25:20
——————————————————————————–

Name : stunnel
Product : Fedora 19
Version : 5.01
Release : 1.fc19
URL : http://www.stunnel.org/
Summary : An SSL-encrypting socket wrapper
Description :
Stunnel is a socket wrapper which can provide SSL (Secure Sockets
Layer) support to ordinary applications. For example, it can be used
in conjunction with imapd to create an SSL secure IMAP server.

——————————————————————————–
Update Information:

New upstream release with following important changes:

Supports OpenSSL DLLs 1.0.1g.
Fixes to take care of OpenSSL’s TLS heartbeat read overrun (CVE-2014-0160).
——————————————————————————–
ChangeLog:

* Thu Apr 17 2014 Avesh Agarwal <avagarwa@redhat.com> – 5.01-1
– New upstream realease 5.01
– Supports OpenSSL DLLs 1.0.1g.
– Fixes to take care of OpenSSL,s TLS heartbeat
read overrun (CVE-2014-0160).
* Fri Mar 7 2014 Avesh Agarwal <avagarwa@redhat.com> – 5.00-1
– New upstream realease 5.00
– Updated local patches.
– Fix for CVE-2014-0016
– Fixed changelog date errors
– Fixes rhbz #1006819
* Mon Aug 5 2013 Avesh Agarwal <avagarwa@redhat.com> – 4.56-3
– Ftp mirrors for NA does not work, so changing source code
URLs to the correct ones.
* Sun Aug 4 2013 Fedora Release Engineering <rel-eng@lists.fedoraproject.org> – 4.56-2
– Rebuilt for https://fedoraproject.org/wiki/Fedora_20_Mass_Rebuild
* Mon Apr 1 2013 Avesh Agarwal <avagarwa@redhat.com> – 4.56-1
– New upstream realease 4.56.
– Updated local patches.
– Fixed upstream URL in spec file.
– Sourced URL of sha256 hash file in spec file.
——————————————————————————–

This update can be installed with the “yum” update program. Use
su -c ‘yum update stunnel’ at the command line.
For more information, refer to “Managing Software with yum”,
available at http://docs.fedoraproject.org/yum/.

All packages are signed with the Fedora Project GPG key. More details on the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/keys
——————————————————————————–
_______________________________________________
package-announce mailing list
package-announce@lists.fedoraproject.org
https://admin.fedoraproject.org/mailman/listinfo/package-announce

——————————————————————————–
Fedora Update Notification
FEDORA-2014-5321
2014-04-18 14:24:35
——————————————————————————–

Name : stunnel
Product : Fedora 20
Version : 5.01
Release : 1.fc20
URL : http://www.stunnel.org/
Summary : An SSL-encrypting socket wrapper
Description :
Stunnel is a socket wrapper which can provide SSL (Secure Sockets
Layer) support to ordinary applications. For example, it can be used
in conjunction with imapd to create an SSL secure IMAP server.

——————————————————————————–
Update Information:

New upstream release
Supports OpenSSL DLLs 1.0.1g.
Fixes to take care of OpenSSL,s TLS heartbeat read overrun (CVE-2014-0160).
——————————————————————————–
ChangeLog:

* Thu Apr 17 2014 Avesh Agarwal <avagarwa@redhat.com> – 5.01-1
– New upstream realease 5.01
– Supports OpenSSL DLLs 1.0.1g.
– Fixes to take care of OpenSSL,s TLS heartbeat
read overrun (CVE-2014-0160).
* Fri Mar 7 2014 Avesh Agarwal <avagarwa@redhat.com> – 5.00-1
– New upstream realease 5.00
– Updated local patches.
– Fix for CVE-2014-0016
– Fixed changelog date errors
– Fixes rhbz #1006819
——————————————————————————–

This update can be installed with the “yum” update program. Use
su -c ‘yum update stunnel’ at the command line.
For more information, refer to “Managing Software with yum”,
available at http://docs.fedoraproject.org/yum/.

All packages are signed with the Fedora Project GPG key. More details on the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/keys
——————————————————————————–
_______________________________________________
package-announce mailing list
package-announce@lists.fedoraproject.org
https://admin.fedoraproject.org/mailman/listinfo/package-announce

AutorTomislav Protega
Cert idNCERT-REF-2014-04-0020-ADV
CveCVE-2014-0160 CVE-2014-0016
ID izvornikaFEDORA-2014-5337 FEDORA-2014-5321
Proizvodstunnel
Izvorhttp://www.redhat.com
Top
More in Preporuke
Sigurnosni nedostatak implementacije tcp protokola

Otkriven je sigurnosni nedostatak u implementaciji tcp protokola. Otkriveni nedostatak potencijalnim napadačima omogućuje izvođenje napada uskraćivanjem usluge slanjem serije posebno...

Close