Hi all, By the way, as mentioned, this was found with the ZeroPath tool. I was wondering if it would be of interest to send the raw results of this scanner to somebody that could allow them to review the findings without me manually triaging? I have done this with curl (https://daniel.haxx.se/blog/2025/10/10/a-new-breed-of-analyzers/) and it was quite succesful (~20% false positive rate).
If this is of interest, please let me know where to send them. The output is just markdown, and it includes potential security vulnerabilities. If not, I will (slowly) continue triaging myself. Thank you. On Wednesday, 22 October 2025 at 13:55, Gert Doering <[email protected]> wrote: > > > Hi, > > On Tue, Oct 21, 2025 at 10:34:21PM +0200, Arne Schwabe wrote: > > > Before commiting we have to check that port-share does not rely on this > > behaviour to pass the fd the forked instances. I didn't check right now. > > > Good point. I have a port-share test instance, will test. > > gert > > -- > "If was one thing all people took for granted, was conviction that if you > feed honest figures into a computer, honest figures come out. Never doubted > it myself till I met a computer with a sense of humor." > Robert A. Heinlein, The Moon is a Harsh Mistress > > Gert Doering - Munich, Germany [email protected] _______________________________________________ Openvpn-devel mailing list [email protected] https://lists.sourceforge.net/lists/listinfo/openvpn-devel
