stunnel4 (3:4.53-1.1ubuntu1) trusty; urgency=low

  * Use dh_autotools-dev to update config.{sub,guess} for new ports.

 -- Adam Conrad <adconrad@ubuntu.com>  Thu, 14 Nov 2013 15:28:10 +0000

stunnel4 (3:4.53-1.1) unstable; urgency=high

  * Non-maintainer upload.
  * Add CVE-2013-1762.patch patch.
    CVE-2013-1762: Fix buffer overflow in NTLM authentication of the CONNECT
    protocol negotiation. (Closes: #702267)

 -- Salvatore Bonaccorso <carnil@debian.org>  Mon, 22 Apr 2013 19:47:34 +0200

stunnel4 (3:4.53-1) unstable; urgency=low

  * New upstream version 4.53.
    - Added client-mode "sni" option to directly control the value of
      TLS Server Name Indication (RFC 3546) extension (Closes: #668041).
    - Added support for IP_FREEBIND socket option with a pached Linux kernel.
    - Glibc-specific dynamic allocation tuning was applied to help unused memory
      deallocation.
    - Non-blocking OCSP implementation.
    - Various other bugfixes, see upstream changelog for details.

  * Enabled hardening compile flags. There were NO compile time warning messages
    or errors triggered because of this.

  * Updated to Standards-Version 3.9.3. No changes required.
    - Migrating to /run from /var/run will be a hard problem, because we expect
      user written config files to refer to the directory. We'll punt on making
      this change for now.
  * Updated copyright years to 2012.
  * Added Description: LSB header to init script.

 -- Luis Rodrigo Gallardo Cruz <rodrigo@debian.org>  Sun, 03 Jun 2012 11:34:36 -0700

stunnel4 (3:4.52-1) unstable; urgency=low

  * New upstream version 4.52.
  * Do not enable chroot in sample config file. It is misleading to users, it
    suggests it can be used with no further changes. Closes: #652812
  * Remove log files on purge. Closes: #657135

 -- Luis Rodrigo Gallardo Cruz <rodrigo@debian.org>  Sun, 12 Feb 2012 12:06:37 -0800

stunnel4 (3:4.51~b5-1) experimental; urgency=low

  * New upstream version 
    - Fixed exec+connect sections (Closes: #653882).
    - New "compression = deflate" global option to enable RFC 2246 compression.
      For compatibility with previous versions "compression = zlib" and
      "compression = rle" also enable the deflate (RFC 2246) compression.
    - Separate default ciphers and sslVersion for "fips = yes" and "fips = no".

 -- Luis Rodrigo Gallardo Cruz <rodrigo@debian.org>  Wed, 04 Jan 2012 11:24:58 -0800

stunnel4 (3:4.50-1) unstable; urgency=low

  * New Upstream Releases. Highlights:
    + 4.46:
      - Added Unix socket support (e.g. "connect = /var/run/stunnel/socket").
      - Added "verify = 4" mode to ignore CA chain and only verify peer
        certificate.
      - Removed the limit of 16 IP addresses for a single 'connect' option.
      - Removed the limit of 256 stunnel.conf sections in PTHREAD threading
        model.
    + 4.45:
      - "protocol = proxy" support to send original client IP address to haproxy
         http://haproxy.1wt.eu/download/1.5/doc/proxy-protocol.txt
         This requires accept-proxy bind option of haproxy 1.5-dev3 or later.
      - Libwrap helper processes are no longer started if libwrap is disabled
        in all sections of the configuration file.
      - Fixed -l option handling in stunnel3 script (thx to Kai Gülzau).
      - Script to build default stunnel.pem was fixed (thx to Sebastian Kayser).
    + 4.44:
      - Heap buffer overflow protection with canaries.
      - Stack buffer overflow protection with -fstack-protector.
      - Fixed garbled error messages on errors with setuid/setgid options.
    + 4.43:
      - Major optimization of the logging subsystem.
        Benchmarks indicate up to 15% stunnel performance improvement.
  * Remove config.guess and config.sub in clean target, otherwise build fails
    because of changes in source outside of a patch. Found and fixed by
    Peter Eisentraut <petere@debian.org> (Closes: #647176).
  * Updated watchfile to new upstream's directory structure for archived
    releases.

 -- Luis Rodrigo Gallardo Cruz <rodrigo@debian.org>  Thu, 29 Dec 2011 06:39:09 -0800

stunnel4 (3:4.42-1) unstable; urgency=low

  * New Upstream Release.
   - Fixed a heap corruption vulnerability in versions 4.40 and 4.41.  It may
     possibly be leveraged to perform DoS or remote code execution attacks.
     (Closes: #638758)
   - New verify level 0 to request and ignore peer certificate.

 -- Luis Rodrigo Gallardo Cruz <rodrigo@debian.org>  Sat, 27 Aug 2011 08:34:43 -0700

stunnel4 (3:4.40-1) unstable; urgency=low

  * New Upstream Release:
   - Hardcoded 2048-bit DH parameters are used as a fallback if DH parameters
     are not provided in stunnel.pem.
   - Default "ciphers" value updated to prefer ECDH:
     "ALL:!SSLv2:!aNULL:!EXP:!LOW:-MEDIUM:RC4:+HIGH".
   - Default ECDH curve updated to "prime256v1".
   - Removed support for temporary RSA keys (used in obsolete export ciphers).

 -- Luis Rodrigo Gallardo Cruz <rodrigo@debian.org>  Sun, 24 Jul 2011 11:06:57 -0700

stunnel4 (3:4.39-1) unstable; urgency=low

  * New Upstream Releases. Highlights:
   + 4.38:
     - Server-side SNI implemented (RFC 3546 section 3.1) with a new
       service-level option "nsi".
     - "socket" option also accepts "yes" and "no" for flags.
     - Nagle's algorithm is now disabled by default for improved interactivity.
     - Bugfix: Signal pipe set to non-blocking mode.  This bug caused
       hangs of stunnel features based on signals, e.g. local mode, FORK
       threading, or configuration file reload on Unix.  Win32 platform was
       not affected.
   + 4.37:
     - Client-side SNI implemented (RFC 3546 section 3.1).
     - Default "ciphers" changed from the OpenSSL default to a more secure
       and faster "RC4-MD5:HIGH:!aNULL:!SSLv2".
       A paranoid (and usually slower) setting would be "HIGH:!aNULL:!SSLv2".
     - Recommended "options = NO_SSLv2" added to the sample stunnel.conf file.
     - Default client method upgraded from SSLv3 to TLSv1.
       To connect servers without TLS support use "sslVersion = SSLv3" option.
     - Bugfix: Non-blocking socket handling in local mode fixed
       (Closes: #626856).
   + 4.36:
     - Dynamic memory management for strings manipulation:
       no more static STRLEN limit, lower stack footprint. (Closes: #594876).
     - Strict public key comparison added for "verify = 3" certificate
       checking mode (thx to Philipp Hartwig).
   For more details see upstream ChangeLog.

  * Removed /usr/lib/stunnel/libstunnel.la file.
  * Support restarting selected stunnel instances. Thanks Peter Palfrader.
    (Closes: #627765).

 -- Luis Rodrigo Gallardo Cruz <rodrigo@debian.org>  Thu, 21 Jul 2011 15:46:25 -0700

stunnel4 (3:4.35-2) unstable; urgency=low

  * Fix variable substitution in init script (Closes: #623221).
    Thanks Tomas Kapralek <kapralek@cvut.cz> for report and diagnosis.

 -- Luis Rodrigo Gallardo Cruz <rodrigo@debian.org>  Mon, 18 Apr 2011 20:46:01 -0700

stunnel4 (3:4.35-1) unstable; urgency=low

  * New Upstream Releases (Closes: #621987).
  * Upstream incorporated our init script, so this package no longer carries
    its own copy of it.
  * Bump Standards-Version to 3.9.2. No changes needed.
  * Remove /etc/stunnel/stunnel4.conf file as it is useless, except as a sample.
    A README file for /etc/stunnel was provided (Closes: #549384).
  * Minor cleanup of debian/rules, no longer runs configure twice.

 -- Luis Rodrigo Gallardo Cruz <rodrigo@debian.org>  Sun, 17 Apr 2011 22:04:53 -0700

stunnel4 (3:4.33-1) experimental; urgency=low

  * New Upstream Releases
   - 4.31
    + A SIGHUP to the server will cause it to reload the configuration file.
    + A SIGUSR1 to the server causes it to reopen its log files.
   - 4.32
    + New service-level "libwrap" option for run-time control whether
      /etc/hosts.allow and /etc/hosts.deny are used for access control.
      Disabling libwrap significantly increases performance of stunnel.
   - 4.33
    + Fixes to inetd mode
  
   For more details please see upstream's ChangeLog.

  * Init script now provides reload and reopen-log options (Closes: #323171).
  * The logrotate config file now takes advantage of reopen-log option.
  * Update config.{build,sub} on build. Closes: #535719.
  * Add missing ${misc:Depends} entry to debian/control.
  * Update copyright years.
  * Update to Standards-Version: 3.9.1
   - stunnel4 no longer Conflicts: stunnel, but merely Breaks: stunnel.
  * Update packaging to source format 3.0 (quilt).

 -- Luis Rodrigo Gallardo Cruz <rodrigo@debian.org>  Fri, 27 Aug 2010 16:58:44 -0700

stunnel4 (3:4.29-1) unstable; urgency=low

  * New upstream version (Closes: #559270).
   - sessiond, a high performance SSL session cache was built for stunnel.
     A new service-level "sessiond" option was added.  sessiond is
     available for download on ftp://stunnel.mirt.net/stunnel/sessiond/ .
     stunnel clusters will be a lot faster, now!
   - Transparent proxy support on Linux kernels >=2.6.28.
     See the manual for details.
     The old transproxy.txt file is no longer provided.
   - New socket options to control TCP keepalive on Linux:
     TCP_KEEPCNT, TCP_KEEPIDLE, TCP_KEEPINTVL.
   - SSL options updated for the recent version of OpenSSL library.
   - Bugfixes
    + Missing "fips" option was added to the manual.
    + A serious bug in asynchronous shutdown code fixed.
    + Data alignment updated in libwrap.c.
    + Polish manual encoding fixed. Debian's patch for this removed.
    + Notes on compression implementation in OpenSSL added to the manual.

  * Use correct owner:group for logs after rotation. (Closes: #529481).
    Thanks Brian 'morlenxus' Miculcy <morlenxus@gmx.net>
  * Use copytruncate in logrotate file, instead of restarting the
    daemon (Closes: #535915).
    Thanks Andrew Buckeridge <andrewb@bgc.com.au>
  * Bump Standards-Version to 3.8.3. No changes required.
  * Do not specify path to true in postinst script.

 -- Luis Rodrigo Gallardo Cruz <rodrigo@debian.org>  Tue, 08 Dec 2009 19:34:21 -0800

stunnel4 (3:4.27-1) unstable; urgency=low

  * New upstream release.
   - Remove debian/patches/security-check_certificate, now included upstream.
     Fixes: CVE-2008-2420
   - Libwrap helper processes fixed to close standard
     input/output/error file descriptors. (Closes: #482379)
  * Rebase quilt patches to not require -p0. (Closes: #484966)
  * Fix sample configuration file to use ssl cert from /etc/ssl/certs
    (Closes: #460953).
  * Warn if automatic startup is disabled in /etc/default/stunnel4
    (Closes: #475599).
  * Use invoke-rc.d in ppp start/stop scripts.
  * Standards-Version: 3.8.1.
    - Add README.source documenting use of quilt.
  * Bump to debhelper 7
    - Remove unused old option from dh_mkshlibs call
  * Declare the polish pod's encoding and use unicode when converting it
    to a manpage.
  * Dummy upgrade package is priority: extra
  
 -- Luis Rodrigo Gallardo Cruz <rodrigo@debian.org>  Fri, 24 Apr 2009 19:56:05 -0700

stunnel4 (3:4.22-2) unstable; urgency=low

  * Check if a daemon is already running before trying to start it with the
    same configuration file. Thanks Peter Palfrader <weasel@debian.org> for
    the report (Closes: #506091).

 -- Luis Rodrigo Gallardo Cruz <rodrigo@debian.org>  Tue, 18 Nov 2008 13:52:42 +0100

stunnel4 (3:4.22-1.1) unstable; urgency=high

  * Non-maintainer upload by the security team
  * Fix security bug in the OCSP functionality that allowed revoked
    certificates to authenticate (Closes: #482644)
    Fixes: CVE-2008-2420

 -- Steffen Joeris <white@debian.org>  Tue, 27 May 2008 18:28:56 +0200

stunnel4 (3:4.22-1) unstable; urgency=low

  * New upstream release.
   - Build system now uses standard automake dirs.
   - Reworked logging system avoids outputing before log file is configured 
    (Closes: #460019).
   - Simultaneous logging to a file and the syslog is now possible.
   - A new service level option to control stack size:
     stack = <number of bytes>
   - Bugfixes in libwrap support code.
  * debian/patches/setuid.patch: Removed, it's included upstream.
  * debian/patches/fix-paths: Reworked to use automake's standard dirs.
  * Rebase the rest of the patches.
  * Update standards-version to 3.7.3. No changes needed.
  * Fix build-dependencies on -1 revisions of libssl-dev, openssl and quilt.
  * Register documentation in the System/Security section.
  
 -- Luis Rodrigo Gallardo Cruz <rodrigo@debian.org>  Tue, 01 Apr 2008 11:07:56 -0600

stunnel4 (3:4.21-1) unstable; urgency=low

  * New upstream release.
   - Binaries moved from /usr/sbin to /usr/bin. Thus, Debian no longer
    diverges in that from upstream.
   - libstunnel.so migrated inside /usr/lib/stunnel.
   - Preliminary FIPS 140-2 support, but this package does not include it,
    as it requires static compilation.
   - Miscelaneous bugfixing.
  * debian/patches/no_zlib_link:
   - Rebased. Only line numbering changed.
  * debian/patches/libstunnel_is_private_lib:
   - Removed. Included upstream.
  * debian/patches/fix-paths:
   - Remove hunks related to moving binaries to /usr/bin. Refresh line numbers
    in the rest.
  * debian/patches/rename-binary:
   - Rebased. Minor changes due to changed dates in the manpage and the use of
    @prefix@ in src/stunnel3.in.
  * debian/patches/setuid.patch:
   - Patch from upstream to allow using setuid/setgid with /etc/passwd and
    /etc/group not within chrooted directory.
  * debian/README.Debian:
   - Add explanation about not turning FIPS mode on.
   - Reword warning about binaries changing place.
  * debian/rules, debian/stunnel4.manpages:
   - No longer need to move the binaries.
   - Upstream location for manpages changed. We still install them by hand,
    anyways.
   - Ship fr and pl manpages.
   - Do not pass --host to configure if not cross compiling.
   - Reorder target dependencies. This should avoid problems when doing
    paralell builds.
  * debian/control:
   - Remove XS- prefix from Vcs-* fields.
   - Add Homepage: field.
   - Correct minor typo in dummy package's description.
   - Version build dependency on quilt, since we require 
    /usr/share/quilt/quilt.make (Closes: #447751).
   - Change my maintainer address. 

 -- Luis Rodrigo Gallardo Cruz <rodrigo@debian.org>  Wed, 05 Dec 2007 08:09:44 -0600

stunnel4 (3:4.20-5) unstable; urgency=low

  * debian/stunnel3.8:
    - Remove references to unsupported -S and -V options in manpage, and
    include an explicit list of tunable parameters for -O and their
    default values (Closes: #440718).
    - Rewrite -P argument description. It must be a file to be created, or
    empty (Closes: #398012).

 -- Luis Rodrigo Gallardo Cruz <rodrigo@nul-unu.com>  Thu, 27 Sep 2007 11:54:53 -0500

stunnel4 (3:4.20-4) unstable; urgency=low

  * Add missing names and dates of copyright attributions to
    debian/copyright. Update licencing blurb to mention the new FSF's
    postal address.
  * Restructure README.Debian into sections.
  * Remove /usr/share/lintian/overrides and /usr/sbin from
    debian/dirs. Explicitely create the first if needed to install an
    override file, and explicitely remove the later after moving the
    binaries, in debian/rules.
  * Move StunnelConf-0.1.pl into /usr/share/doc/stunnel4/contrib. Remove
    it from debian/docs and explicitely install it in dh_install call.
  * Patch configure (debian/patches/no_zlib_link) to avoid linking to
    zlib. This library is a dependency of openssl, but not of ours.
  * Rewrite changelog entries from previous version, adding mention of
    modified files.
  * Use make -C dir instead of cd dir; make constructs in debian/rules.

 -- Luis Rodrigo Gallardo Cruz <rodrigo@nul-unu.com>  Mon, 27 Aug 2007 18:11:40 -0500

stunnel4 (3:4.20-3) unstable; urgency=low

  * New Maintainer (Closes: #416955).
  * Manage patches to upstream source with quilt.
   - fix-paths changes references to /usr/sbin. 
    We install binaries in /usr/bin. It also removes bogus @PREFIX@ uses
    from several paths. 
   - rename-binary changes the name of the executable to stunnel4.
   - runas-user sets the default config to run as the stunnel4 user and group. 
   - connect-proxy-dunbar *unapplied* patch from upstream's
    site. (It does not apply to 4.07 onwards)
   - openssl0.9.8-initialization *unapplied* patch. Originaly meant to
    close #334180, was disabled by previous maintainer without
    explanation.
  * Add stunnel dummy upgrade package.
   - debian/control: Add package stanza.
   - debian/rules: Modify to build the arch-indep package.
   - debian/stunnel.NEWS: Add upgrade notice for stunnel 3 users.
  * Shorten dh_* invocations in debian/rules.
   - new files: stunnel4.examples, stunnel4.links, stunnel4.manpages.
  * Ship upstream Changelog (Closes: #419842).
   - Add ChangeLog to dh_installchangelogs call in debian/rules.
  * Do not compress StunnelConf-0.1.pl (Closes: #432304).
   - Add exclude entry to dh_compress call in debian/rules.
  * Add watch file.
  * Suggests: logcheck-database (Closes: #382099).
  * Move libstunnel.so into /usr/lib/stunnel, as it is a private DSO.
   - Remove lintian overrides.
   - Added debian/patches/libstunnel_is_private_lib
   - Remove ldconfig calls from post{inst,rm}
   - Remove /usr/lib/libstunnel.so.4 link
  * Use debhelper compat mode 5.
   - Bump debhelper build-depends to >= 5. No other changes.
  * Remove /var/lib/stunnel4 when purged, if empty (in debian/postinst).
  * Remove manual call to invoke-rc.d from postinst. debhelper inserts it
    automatically.

 -- Luis Rodrigo Gallardo Cruz <rodrigo@nul-unu.com>  Mon, 20 Aug 2007 23:18:31 -0500

stunnel4 (3:4.20-2) unstable; urgency=low

  * Orphan package

 -- Julien Lemoine <speedblue@debian.org>  Sat, 31 Mar 2007 20:07:55 +0200

stunnel4 (3:4.20-1) unstable; urgency=low

  * New upstream release

 -- Julien Lemoine <speedblue@debian.org>  Sat, 27 Jan 2007 21:43:19 +0100

stunnel4 (3:4.18-2) unstable; urgency=low

  * Updated chroot default path in configuration file
  * Added LSB section in init script

 -- Julien Lemoine <speedblue@debian.org>  Tue,  7 Nov 2006 20:22:04 +0100

stunnel4 (3:4.18-1) unstable; urgency=low

  * New upstream release

 -- Julien Lemoine <speedblue@debian.org>  Wed, 27 Sep 2006 20:33:07 +0200

stunnel4 (3:4.17-2) unstable; urgency=low

  * Check if pids are valid before trying to use kill 
    (Closes: #388379)

 -- Julien Lemoine <speedblue@debian.org>  Wed, 20 Sep 2006 22:04:41 +0200

stunnel4 (3:4.17-1) unstable; urgency=low

  * New upstream release

 -- Julien Lemoine <speedblue@debian.org>  Mon, 11 Sep 2006 22:48:09 +0200

stunnel4 (3:4.16-1) unstable; urgency=low

  * New upstream release

 -- Julien Lemoine <speedblue@debian.org>  Fri,  1 Sep 2006 22:11:10 +0200

stunnel4 (2:4.150-7) unstable; urgency=low

  * Fixed a bug when pid is not given in configuration file :  
    init.d script was looking for /var/run/stunnel4/stunnel4.pid but 
    stunnel was creating /var/run/stunnel4.pid 
    (Closes: #384275)
  * Added check during start to encourage users to fill the pid= section
    of configuration file when start failed (for example if you use two
    configuration files without pid= option)

 -- Julien Lemoine <speedblue@debian.org>  Thu, 24 Aug 2006 17:19:57 +0200

stunnel4 (2:4.150-6) unstable; urgency=low

  * Updated to debian policy 3.7.2
  * Fixed lintian warnings

 -- Julien Lemoine <speedblue@debian.org>  Tue, 22 Aug 2006 14:03:19 +0200

stunnel4 (2:4.150-5) unstable; urgency=low
  
  * Fixed typo in postinst :
    /var/lib/stunnel4/stunnel.log instead of /var/log/stunnel4/stunnel.org 
    (Closes: #381127)

 -- Julien Lemoine <speedblue@debian.org>  Wed,  2 Aug 2006 21:19:49 +0200

stunnel4 (2:4.150-4) unstable; urgency=low

  * Create /var/lib/stunnel4 if it does not exist in postinst
    (Closes: #377074)

 -- Julien Lemoine <speedblue@debian.org>  Sun, 16 Jul 2006 16:12:05 +0200

stunnel4 (2:4.150-3) unstable; urgency=low

  * Fixed another problem with stunnel3 compatibility script 
    (call to /usr/sbin/stunnel4 instead of /usr/bin/stunnel4) and added 
    a check in debian/rules (Closes: #340113)

 -- Julien Lemoine <speedblue@debian.org>  Mon,  1 May 2006 17:58:39 +0200

stunnel4 (2:4.150-2) unstable; urgency=low

  * Fixed stunnel3 compatibility script problem (infinite loop)
    Thanks to "Martin Schwenke" <martin@meltin.net> for bug report.
  * Added a check in debian/rules to ensure that stunnel3 compatibility script 
    does not contains infinite loop

 -- Julien Lemoine <speedblue@debian.org>  Mon, 27 Mar 2006 09:26:06 +0200

stunnel4 (2:4.150-1) unstable; urgency=low

  * New upstream release

 -- Julien Lemoine <speedblue@debian.org>  Sun, 12 Mar 2006 21:30:08 +0100

stunnel4 (2:4.140-6) unstable; urgency=low

  * Added check/creation of /var/run/stunnel4 directory in init.d script instead of 
    postinst in order to be FHS compliant when /var/run is cleared at startup 
    (note that /var/run/stunnel4 cleanup does not allow to have a chroot 
     in /var/run/stunnel4)
    Thanks to Jim Helm : http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=343882;msg=25
  
 -- Julien Lemoine <speedblue@debian.org>  Sun,  5 Mar 2006 18:18:58 +0100

stunnel4 (2:4.140-5) unstable; urgency=low

  * Move stunnel and stunnel-dsa from /usr/sbin to /usr/bin in order to be 
    compliant with FHS standard. The stunnel program is interesting for 
    "normal" users as well as administrator.

 -- Julien Lemoine <speedblue@debian.org>  Sun, 19 Feb 2006 17:47:55 +0100

stunnel4 (2:4.140-4) unstable; urgency=low

  * Fixed problem with default directory (/etc/stunnel for configuration 
    directory and /var/run/stunnel4.pid for pid file) (Closes: #343882)

 -- Julien Lemoine <speedblue@debian.org>  Thu, 22 Dec 2005 16:32:20 +0100

stunnel4 (2:4.140-3) unstable; urgency=low

  * Default configuration file is now filled with values for usage 
    in a chroot environment 
    (if you do not want chroot or want to use vserver, you need to edit it)
    (Closes: #342507)

 -- Julien Lemoine <speedblue@debian.org>  Sat, 17 Dec 2005 10:00:40 +0100

stunnel4 (2:4.140-2) unstable; urgency=low

  * Fixed stunnel3 compatibility script 
    (wrong binary : stunnel instead of stunnel4)
    (Closes: #340113)

 -- Julien Lemoine <speedblue@debian.org>  Mon, 21 Nov 2005 07:57:02 +0100

stunnel4 (2:4.140-1) unstable; urgency=low

  * New upstream release

 -- Julien Lemoine <speedblue@debian.org>  Wed,  2 Nov 2005 22:01:52 +0100

stunnel4 (2:4.120-1) unstable; urgency=low

  * New upstream release
  * Applied patch from Kurt Roeckx <kurt@roeckx.be> to fix initialization
    problem with openssl 0.9.8 (Closes: #334180)

 -- Julien Lemoine <speedblue@debian.org>  Wed, 26 Oct 2005 17:53:55 +0200

stunnel4 (2:4.110-2) unstable; urgency=low

  * Rebuild with openssl 0.9.8

 -- Julien Lemoine <speedblue@debian.org>  Mon, 10 Oct 2005 19:41:33 +0200

stunnel4 (2:4.110-1) unstable; urgency=low

  * New upstream release
  * Updated to Standards-Version 3.6.2
  
 -- Julien Lemoine <speedblue@debian.org>  Sun, 24 Jul 2005 11:21:14 +0200

stunnel4 (2:4.090-1) unstable; urgency=low

  * New upstream release
  * include better stunnel3 compability script from upstream, options 
    like -cd can now be use instead of -c -d ...
    (closes: #305259)
  * Added depends on perl-modules to allow use of stunnel3 compatibilty script

 -- Julien Lemoine <speedblue@debian.org>  Wed, 20 Apr 2005 21:07:50 +0200

stunnel4 (2:4.070-5) unstable; urgency=low

  * Renamed stunnel3 compatibility script (/usr/sbin/stunnel) to be compatible 
    with stunnel package
  * Added conflict with stunnel package (compatible, does not break user
    configuration) since stunnel 4.x is more actively maintained 
    than stunnel 3.x
  
 -- Julien Lemoine <speedblue@debian.org>  Tue, 29 Mar 2005 22:16:43 +0200

stunnel4 (2:4.070-4) unstable; urgency=low

  * Add an option (PPP_RESTART) in /etc/default/stunnel4 to enable/disable
    restart scripts (closes: #298352)

 -- Julien Lemoine <speedblue@debian.org>  Mon,  7 Mar 2005 22:47:27 +0100

stunnel4 (2:4.070-3) unstable; urgency=low

  * Do not remove user and group if there already exist in postinst
    script (Closes: #290374)

 -- Julien Lemoine <speedblue@debian.org>  Mon, 17 Jan 2005 23:33:56 +0100

stunnel4 (2:4.070-2) unstable; urgency=low

  * Fixed directory problem :
    - confdir was /usr/etc/stunnel instead of /etc/stunnel (Closes: #289832)
    - zlib compression was unable to start since /etc/stunnel/stunnel.conf
      was not read (Closes: #289872)

 -- Julien Lemoine <speedblue@debian.org>  Tue, 11 Jan 2005 19:56:59 +0100

stunnel4 (2:4.070-1) unstable; urgency=low

  * New upstream release : Add IPV6 support
  * Disable proxy-connect patch (does not apply on 4.07 sources)

 -- Julien Lemoine <speedblue@debian.org>  Thu,  6 Jan 2005 07:23:48 +0100

stunnel4 (2:4.050-4) unstable; urgency=low

  * Restart connection instead of stop when ppp is down. It is possible to
    use stunnel for eth interfaces. (Closes: 271006)

 -- Julien Lemoine <speedblue@debian.org>  Sun, 26 Sep 2004 18:12:36 +0200

stunnel4 (2:4.050-3) unstable; urgency=low

  * Added proxy-connect patch (Closes: #267533)
  * Create directory /var/log/stunnel in postinst (Closes: #267093)
  * Create user and group stunnel4 (Closes: #266339)
  * Uncomment some line in default configuration file :
    o Use /var/log/stunnel4/stunnel.log as default log file
    o Use stunnel4 user and group as default
    o Use /var/run/stunnel4/stunnel.pid as default pid file
  
 -- Julien Lemoine <speedblue@debian.org>  Wed,  1 Sep 2004 22:19:28 +0200

stunnel4 (2:4.050-2) unstable; urgency=low

  * Fixed stoping problem in init.d script (Closes: #265449)
    Thanks to Wilfried Goesgens <willi@almado.de>
  * Added stunnel4 in logrotate (Closes: #265437)
    Thanks to Wilfried Goesgens <willi@almado.de>

 -- Julien Lemoine <speedblue@debian.org>  Fri, 13 Aug 2004 21:42:23 +0200

stunnel4 (2:4.050-1) unstable; urgency=low

  * By default, store pidfile in /var/run/stunnel4/stunnel.pid with 
    /var/run/stunnel4 owned by nobody:nogroup
  * Oops, stunnel4 was a debian native package
  
 -- Julien Lemoine <speedblue@debian.org>  Mon,  7 Jun 2004 21:23:37 +0200

stunnel4 (2:4.05-1) unstable; urgency=low

  * New upstream release

 -- Julien Lemoine <speedblue@debian.org>  Wed,  7 Apr 2004 22:08:42 +0200

stunnel4 (2:4.04.0-10) unstable; urgency=low

  * Shut down stunnel4 in postinst (Closes: #234498)

 -- Julien Lemoine <speedblue@debian.org>  Tue, 24 Feb 2004 21:50:03 +0100

stunnel4 (2:4.04.0-9) unstable; urgency=low

  * Added configuration script from "Sergio Rua" <srua@debian.org>
  
 -- Julien Lemoine <speedblue@debian.org>  Sun, 22 Feb 2004 23:26:38 +0100

stunnel4 (2:4.04.0-8) unstable; urgency=low

  * Added ppp ip-up and ip-down scripts
    (Closes: #227678)

 -- Julien Lemoine <speedblue@debian.org>  Sun, 22 Feb 2004 22:52:31 +0100

stunnel4 (2:4.04.0-7) unstable; urgency=low

  * Fix problem in init.d script (was not sh compatible)
    (Closes: #214818, #214823)
  
 -- Julien Lemoine <speedblue@debian.org>  Fri, 10 Oct 2003 00:47:57 +0200

stunnel4 (2:4.04.0-6) unstable; urgency=low

  * Rewrite of /etc/init.d/stunnel4 :
    o does not use kill -9, thus giving a chance to stunnel4 to clean up
      puts common code in functions
    o avoids calling ps twice
    o uses fgrep
    o does not print the conf file name if no processes exist for it
    o corrects the `stoped' typo
    Thanks to Francesco Potorti` <pot@gnu.org> (Closes: #214562)

 -- Julien Lemoine <speedblue@debian.org>  Tue,  7 Oct 2003 16:37:12 +0200

stunnel4 (2:4.04.0-5) unstable; urgency=low

  * /etc/init.d/stunnel4 can load more than one configuration file.
    It loads /etc/stunnel/*.conf. You can have a configuration file for 
    server mode and one for client mode. (Closes: #211870)

 -- Julien Lemoine <speedblue@debian.org>  Thu, 25 Sep 2003 18:05:01 +0200

stunnel4 (2:4.04.0-4) unstable; urgency=low

  * Put stunnel.html in /usr/share/doc/stunnel4/ instead of 
    /usr/share/doc/stunnel
  * Updated to Standards-Version 3.6.1

 -- Julien Lemoine <speedblue@debian.org>  Thu,  4 Sep 2003 13:39:51 +0200

stunnel4 (2:4.04.0-3) unstable; urgency=low

  * Fixed wrong path search for stunnel.conf
   (Closes: Bug#202931)

 -- Julien Lemoine <speedblue@debian.org>  Sat, 26 Jul 2003 11:00:46 +0200

stunnel4 (2:4.04.0-2) unstable; urgency=low

  * Fixed stunnel.conf problems, file must be commented by default.
    (Closes: #202693)

 -- Julien Lemoine <speedblue@debian.org>  Fri, 25 Jul 2003 11:38:47 +0200

stunnel4 (2:4.04.0-1) unstable; urgency=low

  * Oops, stunnel4 is not a native package -> reupload it with a diff.gz
  * Does not install stunnel.so since it is not used
  * Updated clean rules to have a clean diff
  * Updated to Standards-Version 3.6.0
  
 -- Julien Lemoine <speedblue@debian.org>  Sat, 19 Jul 2003 20:12:51 +0200

stunnel4 (2:4.04-2) unstable; urgency=low

  * Fixed compilation errors (removed binary in clean rule)
  * removed libstunnel.so since it is not used
  
 -- Julien Lemoine <speedblue@debian.org>  Sun, 13 Jul 2003 02:45:05 +0200

stunnel4 (2:4.04-1) unstable; urgency=low

  * Stunnel versions 4.x are now in stunnel4 package and stunnel versions 3.x
    are in stunnel package to keep backward compatibility.

 -- Julien Lemoine <speedblue@debian.org>  Fri,  4 Jul 2003 18:24:21 +0200

stunnel (4.04-5) unstable; urgency=low

  * The "I need to sleep more to avoid making typos" release.
  * Fixed typos in default/init file (ENABLED instead of ENABLE)
    (Closes: #197958)
  * Commented all stunnel.conf file, client=no is the default value
    (Closes: #197961)

 -- Julien Lemoine <speedblue@debian.org>  Thu, 19 Jun 2003 00:40:28 +0200

stunnel (4.04-4) unstable; urgency=low

  * Added /etc/default/stunnel with a variable ENABLE.
    ENABLE=0 by default since stunnel segv on some computer when all lines
    are commented (Closes: #197663, #197615)

 -- Julien Lemoine <speedblue@debian.org>  Mon, 16 Jun 2003 22:04:17 +0200

stunnel (4.04-3) unstable; urgency=low

  * comment ldap sample (Closes: #197566)

 -- Julien Lemoine <speedblue@debian.org>  Mon,  9 Jun 2003 15:03:41 +0200

stunnel (4.04-2) unstable; urgency=low

  * Fixed typo in init.d script (Closes: #197499)
  * Added a commented example in stunnel.conf from Craig Sanders

 -- Julien Lemoine <speedblue@debian.org>  Sun, 15 Jun 2003 18:06:07 +0200

stunnel (4.04-1) unstable; urgency=low

  * New upstream release (Closes: #177532, Closes: 188137)
  * New maintainer
  * Stunnel has no more -L option (Closes: #120265)
  * Stunnel has no more -l option (Closes: #175844)
  * Shutdown(1) problem was fixed (Closes: #111125)
  * Problem with large data resolved (tested with a 5Mo file)
    (Closes: #112287)
  * Licence is now GPL version 2 with agreement to link with openssl
    (Closes: #147665)
  * stunnel can execute command (Closes: #147537)
  * added a lintian overwrite for libstunnel.so since it is compiled with
    -avoid-version
  * Fixed problem with path (/etc/ instead of $(prefix)/etc, ...)
  * Include default configuration file in /etc
  * Upgraded to debian policy 3.5.10
  * Added init.d file
  
 -- Julien Lemoine <speedblue@debian.org>  Sat, 24 May 2003 02:30:20 +0200

stunnel (3.22-1) unstable; urgency=high

  * New upstream release (closes: bug#126627).
  * Typo fix in postinst (closes: bug#120199, bug#121904)

 -- Paolo Molaro <lupus@debian.org>  Sun, 30 Dec 2001 10:31:46 +0100

stunnel (3.21.c-1) unstable; urgency=low

  * New upstream release (Closes: bug#111139, bug#102834, bug#61427).
  * Avoid generating automatically the initial stunnel.pem, openssl cannot be
    reliably used in a non-interactive way (Closes: bug#60776, bug#98445). Info 
    on how to generate the certificate is now included in README.Debian.
  * There is support for (re)setting OOB data handling in the new upstream
    version (Closes: bug#107503).
  * Include the sample /etc/iniy.d/stunnel file as an example in the package
    (Closes: bug#114669).

 -- Paolo Molaro <lupus@debian.org>  Sat, 17 Nov 2001 12:31:04 +0100

stunnel (3.14-1) unstable; urgency=low

  * New upstream release
  * Actually compile it against the new libssl (Closes: #86916).

 -- Paolo Molaro <lupus@debian.org>  Fri, 23 Feb 2001 18:57:18 +0100

stunnel (3.13-1) unstable; urgency=low

  * New upstream release.
  * Recompile with and depend on libssl096 (Closes: #85000, #86385, #83857, #82500).
  * Already fixed in previous aborted upload (Closes: #82105, #77227, #80079, #76576).

 -- Paolo Molaro <lupus@debian.org>  Sun, 18 Feb 2001 21:30:50 +0100

stunnel (3.10-1) unstable; urgency=high

  * New upstream release.

 -- Paolo Molaro <lupus@debian.org>  Wed, 20 Dec 2000 15:14:08 +0100

stunnel (3.10-0potato1) stable; urgency=high

  * New upstream release.

 -- Paolo Molaro <lupus@debian.org>  Wed, 20 Dec 2000 13:07:35 +0100

stunnel (3.9-0potato1) stable; urgency=high

  * New upstream release: security fix (Closes: #80079, #76576).
  * Use correct dir for pid (Closes: #77227).

 -- Paolo Molaro <lupus@debian.org>  Wed, 20 Dec 2000 11:24:18 +0100

stunnel (3.8-1) unstable; urgency=low

  * New upstream version (Closes: #75117, #67010).
  * Read 1k of random data in a temp file (Closes: #69808).
  * Added a note in postrm about the stunnel.pem file that
    is left in /etc/ssl/certs: it is safer if the user deals with
    it since it may have been create by him and not stunnel (Closes: #57648).

 -- Paolo Molaro <lupus@debian.org>  Wed,  5 Jul 2000 16:43:07 +0000

stunnel (3.4a-6) unstable; urgency=low

  * Depends on openssl 0.9.4 (closes: bug#53947).

 -- Paolo Molaro <lupus@debian.org>  Tue,  4 Jan 2000 12:37:24 +0100

stunnel (3.4a-5) unstable; urgency=medium

  * Include upstream download info in copyright (closes: bug#53301).
  * Include example from Steve Haslam to make stunnel run from a
    init script (closes: bug#53300).

 -- Paolo Molaro <lupus@debian.org>  Thu, 23 Dec 1999 16:49:38 +0100

stunnel (3.4a-4) unstable; urgency=medium

  * Depends on openssl instead of Suggests (Closes: bug#49238).

 -- Paolo Molaro <lupus@debian.org>  Sat, 13 Nov 1999 12:44:35 +0100

stunnel (3.4a-3) unstable; urgency=high

  * Fixes security problem with the certificate.

 -- Paolo Molaro <lupus@debian.org>  Thu,  4 Nov 1999 17:33:52 +0100

stunnel (3.4a-2) unstable; urgency=low

  * Suggest openssl instead of ssleay. (Closes: bug#47712)

 -- Paolo Molaro <lupus@debian.org>  Wed, 27 Oct 1999 18:24:27 +0200

stunnel (3.4a-1) unstable; urgency=low

  * New upstream release.
  * Put cert in /etc/ssl/certs (closes:#41099). I think this is
    neither an openssl nor stunnel bug, but a dpkg one (other
    similar bugs are already filed against dpkg).

 -- Paolo Molaro <lupus@debian.org>  Thu, 22 Jul 1999 16:50:32 +0200

stunnel (3.3-1) unstable; urgency=low

  * New upstream release.

 -- Paolo Molaro <lupus@debian.org>  Fri, 18 Jun 1999 16:43:05 +0200

stunnel (3.2-2) unstable; urgency=low

  * Fixed stupid coding error.

 -- Paolo Molaro <lupus@debian.org>  Sat, 29 May 1999 13:01:17 +0200

stunnel (3.2-1) unstable; urgency=low

  * Recompilation with new ssl lib.
  * New upstream release.

 -- Paolo Molaro <lupus@debian.org>  Mon, 24 May 1999 12:09:58 +0200

stunnel (2.1-2) unstable; urgency=low

  * Added libwrap support (/etc/hosts.{allow,deny}).
  * Recompilation with newer libc6.
  * Better stunnel-config script.

 -- Paolo Molaro <lupus@debian.org>  Fri, 11 Dec 1998 11:57:52 +0100

stunnel (2.1-1) unstable; urgency=low

  * Initial release.

 -- Paolo Molaro <lupus@debian.org>  Mon, 30 Nov 1998 11:41:29 +0100

