Bug 19161

Summary: stunnel new security issue fixed upstream in 5.34
Product: Mageia Reporter: David Walser <luigiwalser>
Component: SecurityAssignee: Guillaume Rousse <guillomovitch>
Status: RESOLVED FIXED QA Contact: Sec team <security>
Severity: normal    
Priority: Normal    
Version: Cauldron   
Target Milestone: ---   
Hardware: All   
OS: Linux   
URL: http://lwn.net/Vulnerabilities/696702/
Whiteboard:
Source RPM: stunnel-5.31-2.mga6.src.rpm CVE:
Status comment:

Description David Walser 2016-08-08 22:17:51 CEST 
Slackware has issued an advisory on August 6:
http://www.slackware.com/security/viewer.php?l=slackware-security&y=2016&m=slackware-security.535426

You can see the issue was fixed in the upstream changelog in 5.34:
https://www.stunnel.org/sdf_ChangeLog.html

Mageia 5 may also be affected.
Comment 1 Guillaume Rousse 2016-11-11 12:27:46 CET 
Cauldron now has latest upstream version. Mageia 5 has still version 5.03, whereas the fix appears in 5.34 only, I don't think backporting the correction is worth the trouble.

Status: NEW => RESOLVED
Resolution: (none) => FIXED