- Package name
- Advisory ID
- Affected versions
- CS2.1 i586 , 9.0 i586 , CS2.1 x86_64
A vulnerability was discovered in stunnel versions 3.24 and earlier, as well as 4.00, by Steve Grubb. It was found that stunnel leaks a critical file descriptor that can be used to hijack stunnel's services. All users are encouraged to upgrade to these packages. Note that the version of stunnel provided with Mandrake Linux 9.1 and above is not vulnerable to this problem.
77c752f98e0685dd677656e56b6a931c corporate/2.1/RPMS/stunnel-3.26-1.1.C21mdk.i586.rpm 45596e6e50ed995cf4b18f9bd7366828 corporate/2.1/SRPMS/stunnel-3.26-1.1.C21mdk.src.rpm
6b3eec02f63aa0d7aa64fe79b62e3020 9.0/RPMS/stunnel-3.26-1.1.90mdk.i586.rpm 14afcc8f0257338107bc60e33919a465 9.0/SRPMS/stunnel-3.26-1.1.90mdk.src.rpm
f080fa4956c146a3e40dc05ae6dbefe8 x86_64/corporate/2.1/RPMS/stunnel-3.26-1.1.C21mdk.x86_64.rpm 45596e6e50ed995cf4b18f9bd7366828 x86_64/corporate/2.1/SRPMS/stunnel-3.26-1.1.C21mdk.src.rpm