[stunnel-users] Security Problems with 4.35

• Previous message (by thread): [stunnel-users] publish/subscribe with stunnel
• Next message (by thread): [stunnel-users] Security Problems with 4.35
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

Hi,

in the announcement of 4.35, I saw:

"CLOEXEC file descriptor leaks fixed on Linux >= 2.6.28 with glibc >= 2.10. Irreparable race condition leaks remain on other Unix platforms. This issue may have security implications on some deployments."

I searched a bit, but did not find an exploit or more information on the severity of this issue. Could someone elaborate the problem a bit? I could diff to the previous version and have a look, but that will take quite some time, and my C is weak...

Best regards,

Stefan Behte

• Previous message (by thread): [stunnel-users] publish/subscribe with stunnel
• Next message (by thread): [stunnel-users] Security Problems with 4.35
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]