.RHEL 9 provides `stunnel` 5.62
RHEL 9 is distributed with the `stunnel` package version 5.62. Notable
bug fixes and enhancements include:
* On systems in FIPS mode, `stunnel` now always uses FIPS mode.
* The `NO_TLSv1.1`, `NO_TLSv1.2`, and `NO_TLSv1.3` options have been renamed to `NO_TLSv1_1`, `NO_TLSv1_2`, and `NO_TLSv1_3` respectively.
* The new service-level `sessionResume` option enables and disables session resumption.
* LDAP is now supported in `stunnel` clients using the `protocol` option.
* A Bash-completion script is now available.
Version 5.61, 2021.12.22, urgency: LOW
New features sponsored by the University of Maryland
Added new "protocol = capwin" and "protocol = capwinctrl" configuration file options.
New features for the Windows platform
Added client mode allowing authenticated users to view logs, reconfigure and terminate running stunnel services.
Added support for multiple GUI and service instances distinguised by the location of stunnel.conf.
Improved log window scrolling.
Added a new 'Pause auto-scroll' GUI checkbox.
Double click on the icon tray replaced with single click.
OpenSSL DLLs updated to version 3.0.1.
Other new features
Rewritten the testing framework in python (thx to Peter Pentchev for inspiration and initial framework).
Added support for missing SSL_set_options() values.
Updated stunnel.spec to support RHEL8.
Bugfixes
Fixed OpenSSL 3.0 build.
Fixed reloading configuration with "systemctl reload stunnel.service".
Fixed incorrect messages logged for OpenSSL errors.
Fixed printing IPv6 socket option defaults on FreeBSD.
Version 5.60, 2021.08.16, urgency: LOW
New features
New 'sessionResume' service-level option to allow or disallow session resumption
Added support for the new SSL_set_options() values.
Download fresh ca-certs.pem for each new release.
Bugfixes
Fixed 'redirect' with 'protocol'. This combination is not supported by 'smtp', 'pop3' and 'imap' protocols.
Enforced minimum WIN32 log window size.
Fixed support for password-protected private keys with OpenSSL 3.0 (thx to Dmitry Belyavskiy).
Version 5.59, 2021.04.05, urgency: HIGH
Security bugfixes
OpenSSL DLLs updated to version 1.1.1k.
New features
Client-side "protocol = ldap" support (thx to Bart Dopheide and Seth Grover).
Bugfixes
The test suite fixed not to require external connectivity.
Fixed paths in generated manuals (thx to Tatsuki Makino).
Fixed configuration reload when compression is used.
Fixed compilation with early releases of OpenSSL 1.1.1.
5.62 has been release upstream in the meantime.
Version 5.62, 2022.01.17, urgency: MEDIUM
New features
Added a bash completion script.
Bugfixes
Fixed a transfer() loop bug.
Since the problem described in this bug report should be
resolved in a recent advisory, it has been closed with a
resolution of ERRATA.
For information on the advisory (new packages: stunnel), and where to find the updated
files, follow the link below.
If the solution does not work for you, open a new bug report.
https://access.redhat.com/errata/RHBA-2022:4036
Version 5.61, 2021.12.22, urgency: LOW New features sponsored by the University of Maryland Added new "protocol = capwin" and "protocol = capwinctrl" configuration file options. New features for the Windows platform Added client mode allowing authenticated users to view logs, reconfigure and terminate running stunnel services. Added support for multiple GUI and service instances distinguised by the location of stunnel.conf. Improved log window scrolling. Added a new 'Pause auto-scroll' GUI checkbox. Double click on the icon tray replaced with single click. OpenSSL DLLs updated to version 3.0.1. Other new features Rewritten the testing framework in python (thx to Peter Pentchev for inspiration and initial framework). Added support for missing SSL_set_options() values. Updated stunnel.spec to support RHEL8. Bugfixes Fixed OpenSSL 3.0 build. Fixed reloading configuration with "systemctl reload stunnel.service". Fixed incorrect messages logged for OpenSSL errors. Fixed printing IPv6 socket option defaults on FreeBSD. Version 5.60, 2021.08.16, urgency: LOW New features New 'sessionResume' service-level option to allow or disallow session resumption Added support for the new SSL_set_options() values. Download fresh ca-certs.pem for each new release. Bugfixes Fixed 'redirect' with 'protocol'. This combination is not supported by 'smtp', 'pop3' and 'imap' protocols. Enforced minimum WIN32 log window size. Fixed support for password-protected private keys with OpenSSL 3.0 (thx to Dmitry Belyavskiy). Version 5.59, 2021.04.05, urgency: HIGH Security bugfixes OpenSSL DLLs updated to version 1.1.1k. New features Client-side "protocol = ldap" support (thx to Bart Dopheide and Seth Grover). Bugfixes The test suite fixed not to require external connectivity. Fixed paths in generated manuals (thx to Tatsuki Makino). Fixed configuration reload when compression is used. Fixed compilation with early releases of OpenSSL 1.1.1.