[stunnel-users] Security Problems with 4.35

Stefan Behte s.behte at babiel.com
Thu Feb 10 15:38:25 CET 2011


in the announcement of 4.35, I saw:

"CLOEXEC file descriptor leaks fixed on Linux >= 2.6.28 with glibc >= 2.10. Irreparable race condition leaks remain on other Unix platforms. This issue may have security implications on some deployments."

I searched a bit, but did not find an exploit or more information on the severity of this issue. Could someone elaborate the problem a bit? I could diff to the previous version and have a look, but that will take quite some time, and my C is weak...

Best regards,

Stefan Behte

More information about the stunnel-users mailing list