This update for stunnel fixes the following issues:
Security issue fixed:
- The "redirect" option was fixed to properly handle "verifyChain = yes"
Non-security issues fixed:
- Fix startup problem of the stunnel daemon (bsc#1178533)
- update to 5.57:
* Security bugfixes
* New features
- New securityLevel configuration file option.
- Support for modern PostgreSQL clients
- TLS 1.3 configuration updated for better compatibility.
- Fixed a transfer() loop bug.
- Fixed memory leaks on configuration reloading errors.
- DH/ECDH initialization restored for client sections.
- Delay startup with systemd until network is online.
- A number of testing framework fixes and improvements.
- update to 5.56:
- Various text files converted to Markdown format.
- Support for realpath(3) implementations incompatible with
POSIX.1-2008, such as 4.4BSD or Solaris.
- Support for engines without PRNG seeding methods (thx to Petr
- Retry unsuccessful port binding on configuration file reload.
- Thread safety fixes in SSL_SESSION object handling.
- Terminate clients on exit in the FORK threading model.
- Fixup stunnel.conf handling:
* Remove old static openSUSE provided stunnel.conf.
* Use upstream stunnel.conf and tailor it for openSUSE using sed.
* Don't show README.openSUSE when installing.
- enable /etc/stunnel/conf.d
- re-enable openssl.cnf
This update was imported from the SUSE:SLE-15-SP2:Update update project.