FS#58770 - [stunnel] No longer listens on any IP address by default
Attached to Project:
Community Packages
Opened by Alex (thalunil) - Tuesday, 29 May 2018, 09:55 GMT
Last edited by Eli Schwartz (eschwartz) - Monday, 15 October 2018, 19:00 GMT
Opened by Alex (thalunil) - Tuesday, 29 May 2018, 09:55 GMT
Last edited by Eli Schwartz (eschwartz) - Monday, 15 October 2018, 19:00 GMT
|
Details
Description:
With stunnel 5.45-1 the configured stunnel service no longer listens on all ports (despite the manpage suggests this). Previous stunnel (e.g. 5.44-3) worked better in this regard. An updated stunnel version fixes this bug. https://www.stunnel.org/sdf_ChangeLog.html Version 5.46, 2018.05.28, urgency: MEDIUM New features The default cipher list was updated to a safer value: "HIGH:!aNULL:!SSLv2:!DH:!kDHEPSK". Bugfixes Default accept address restored to INADDR_ANY. ---------------------- man page says: accept = [HOST:]PORT accept connections on specified address If no host specified, defaults to all IPv4 addresses for the local host. ---------------------- configuration stanza is: [service] accept = 24801 ---------------------- Version : 5.45-1 socket information (ss -tlpn | grep stunnel) LISTEN0 128 127.0.0.1:24801 0.0.0.0:* users:(("stunnel",pid=567,fd=8)) LISTEN0 128 [::1]:24801 [::]:* users:(("stunnel",pid=567,fd=7)) Version : 5.44-3 LISTEN0 128 0.0.0.0:24801 0.0.0.0:* users:(("stunnel",pid=560,fd=7)) |
This task depends upon
Closed by Eli Schwartz (eschwartz)
Monday, 15 October 2018, 19:00 GMT
Reason for closing: Fixed
Additional comments about closing: fixed some time ago via upstream release stunnel 5.46-1
Monday, 15 October 2018, 19:00 GMT
Reason for closing: Fixed
Additional comments about closing: fixed some time ago via upstream release stunnel 5.46-1
Comment by
Michał Trojnara (mtrojnar) -
Friday, 21 September 2018, 06:30 GMT
REPEAT: Do NOT report bugs for outdated packages!