This is the mail archive of the
cygwin
mailing list for the Cygwin project.
[ANNOUNCEMENT] [SECURITY] Updated: stunnel-4.56-1
- From: Andrew Schulman <schulman dot andrew at epamail dot epa dot gov>
- To: cygwin at cygwin dot com
- Date: Sun, 30 Jun 2013 09:41:18 -0400
- Subject: [ANNOUNCEMENT] [SECURITY] Updated: stunnel-4.56-1
- Reply-to: cygwin at cygwin dot com
A new version of stunnel, 4.56-1, is available in the Cygwin distribution. This is a new upstream release, with assorted
minor updates and bug fixes, and one security fix:
* Buffer overflow vulnerability fixed in the NTLM authentication of the CONNECT protocol negotiation. See
https://www.stunnel.org/CVE-2013-1762.html for details.
You can read the upstream changelog at http://www.stunnel.org/news/.
stunnel is a program that allows you to encrypt arbitrary TCP connections
inside SSL (Secure Sockets Layer). stunnel can allow you to secure non-SSL
aware daemons and protocols (like POP, IMAP, LDAP, etc) by having stunnel
provide the encryption, requiring no changes to the daemon's code.
Andrew E. Schulman
*******************************************************************
To update your installation, click on the "Install Cygwin now" link on
the http://cygwin.com/ web page. This downloads setup.exe to your
system. Then, run setup and answer all of the questions.
*** CYGWIN-ANNOUNCE UNSUBSCRIBE INFO ***
If you want to unsubscribe from the cygwin-announce mailing list, look
at the "List-Unsubscribe: " tag in the email header of this message.
Send email to the address specified there. It will be in the format:
cygwin-announce-unsubscribe-you=yourdomain.com_at_cygwin.com
If you need more information on unsubscribing, start reading here:
http://sourceware.org/lists.html#unsubscribe-simple
Please read *all* of the information on unsubscribing that is available
starting at this URL.
--
Problem reports: http://cygwin.com/problems.html
FAQ: http://cygwin.com/faq/
Documentation: http://cygwin.com/docs.html
Unsubscribe info: http://cygwin.com/ml/#unsubscribe-simple