DESCRIPTION
Stunnel is a wrapper for network connections. It can be used to
tunnel an unencrypted network connection over a secure connection
(encrypted using SSL or TLS) or to provide a secure means of
connecting to services that do not natively support encryption.
This update fixes two vulnerabilities that affect stunnel versions
shipped with Conectiva Linux:
1. SIGCHLD Denial of Service (CAN-2002-1563)[1]
Henrik Eriksson found[2] a race in the code that handles the SIGCHLD
signal. This vulnerability affects stunnel when configured to listen
for incoming connections (instead of being invoked by inetd) and to
start a new child process to handle each new connection. A remote
attacker can exploit this vulnerability to bring the tunneled service
down.
2. File descriptor leak (CAN-2003-0740)[3]
Steve Grubb found[4] a file descriptor leak vulnerability in versions
prior to 3.26 of stunnel that allows a local attacker to hijack the
stunnel server.
Since this update brings a new version of stunnel (3.26), several
other fixes and minor changes are included as well[5].
SOLUTION
All stunnel users should upgrade.
Please note that after the upgrade all instances of stunnel and all
active network connections being served by it must be restarted
manually.
