Sicherheit: Mehrere Probleme in stunnel
Aktuelle Meldungen Distributionen
Name: Mehrere Probleme in stunnel
ID: SUSE-SU-2021:0194-1
Distribution: SUSE
Plattformen: SUSE Linux Enterprise Module for Server Applications 15-SP2
Datum: Sa, 23. Januar 2021, 09:02
Referenzen: Keine Angabe
Applikationen: stunnel


SUSE Security Update: Security update for stunnel

Announcement ID: SUSE-SU-2021:0194-1
Rating: moderate
References: #1177580 #1178533
Affected Products:
SUSE Linux Enterprise Module for Server Applications 15-SP2

An update that contains security fixes can now be installed.


This update for stunnel fixes the following issues:

Security issue fixed:

- The "redirect" option was fixed to properly handle
"verifyChain = yes"

Non-security issues fixed:

- Fix startup problem of the stunnel daemon (bsc#1178533)

- update to 5.57:
* Security bugfixes
* New features
- New securityLevel configuration file option.
- Support for modern PostgreSQL clients
- TLS 1.3 configuration updated for better compatibility.
* Bugfixes
- Fixed a transfer() loop bug.
- Fixed memory leaks on configuration reloading errors.
- DH/ECDH initialization restored for client sections.
- Delay startup with systemd until network is online.
- A number of testing framework fixes and improvements.

- update to 5.56:
- Various text files converted to Markdown format.
- Support for realpath(3) implementations incompatible with
POSIX.1-2008, such as 4.4BSD or Solaris.
- Support for engines without PRNG seeding methods (thx to Petr
- Retry unsuccessful port binding on configuration file reload.
- Thread safety fixes in SSL_SESSION object handling.
- Terminate clients on exit in the FORK threading model.

- Fixup stunnel.conf handling:
* Remove old static openSUSE provided stunnel.conf.
* Use upstream stunnel.conf and tailor it for openSUSE using sed.
* Don't show README.openSUSE when installing.

- enable /etc/stunnel/conf.d
- re-enable openssl.cnf

Patch Instructions:

To install this SUSE Security Update use the SUSE recommended installation
like YaST online_update or "zypper patch".

Alternatively you can run the command listed for your product:

- SUSE Linux Enterprise Module for Server Applications 15-SP2:

zypper in -t patch SUSE-SLE-Module-Server-Applications-15-SP2-2021-194=1

Package List:

- SUSE Linux Enterprise Module for Server Applications 15-SP2 (aarch64
ppc64le s390x x86_64):



Pro-Linux @Facebook
Neue Nachrichten