A vulnerability was found in the OCSP search functionality in stunnel
that could allow a remote attacker to use a revoked certificate that
would be successfully authenticated by stunnel (CVE-2008-2420).
This flaw only concerns users who have enabled OCSP validation
in stunnel.

The updated packages have been patched to correct this issue.