[stunnel-users] Security Problems with 4.35

10 Feb 2011


      Hi,
in the announcement of 4.35, I saw:
"CLOEXEC file descriptor leaks fixed on Linux >= 2.6.28 with glibc >= 2.10. Irreparable race condition leaks remain on other Unix platforms. This issue may have security implications on some deployments."
I searched a bit, but did not find an exploit or more information on the severity of this issue. Could someone elaborate the problem a bit? I could diff to the previous version and have a look, but that will take quite some time, and my C is weak...
Best regards,
Stefan Behte

2024

2023

2022

2021

2020

2019

2018

2017

2016

2015

2014

2013

2012

2011

2010

2009

2008

2007

2006

2005

2004

[stunnel-users] Security Problems with 4.35