Bug 799258 - stunnel: FD_CLOEXEC descriptor leaks
stunnel: FD_CLOEXEC descriptor leaks
Status: CLOSED UPSTREAM
Product: Red Hat Enterprise Linux 6
Classification: Red Hat
Component: stunnel (Show other bugs)
6.4
Unspecified Unspecified
unspecified Severity unspecified
: rc
: ---
Assigned To: Avesh Agarwal
BaseOS QE Security Team
:
Depends On:
Blocks:
  Show dependency treegraph
 
Reported: 2012-03-02 04:41 EST by Stefan Cornelius
Modified: 2013-04-19 13:12 EDT (History)
1 user (show)

See Also:
Fixed In Version:
Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of:
Environment:
Last Closed: 2013-04-19 13:12:24 EDT
Type: ---
Regression: ---
Mount Type: ---
Documentation: ---
CRM:
Verified Versions:
Category: ---
oVirt Team: ---
RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: ---


Attachments (Terms of Use)

  None (edit)
Description Stefan Cornelius 2012-03-02 04:41:34 EST
Description of problem:
There's a tiny race condition in stunnel that could lead to file descriptor leaks. The following blog post describes the problem in a general way:
http://udrepper.livejournal.com/20407.html

Upstream release notes for version 4.35 (initial fix) and 4.36 (additional, related fix).
http://stunnel.mirt.net/pipermail/stunnel-announce/2011-February/000051.html
http://stunnel.mirt.net/pipermail/stunnel-announce/2011-May/000052.html

Version-Release number of selected component (if applicable):
Likely all of them.

How reproducible:
Sorry, no reproducers.
Comment 2 RHEL Product and Program Management 2012-09-07 01:38:04 EDT
This request was evaluated by Red Hat Product Management for
inclusion in the current release of Red Hat Enterprise Linux.
Because the affected component is not scheduled to be updated
in the current release, Red Hat is unable to address this
request at this time.

Red Hat invites you to ask your support representative to
propose this request, if appropriate, in the next release of
Red Hat Enterprise Linux.
Comment 3 Avesh Agarwal 2013-04-19 13:12:24 EDT
Fixed upstrea, and will be dealt in rhel7 so closing for rhel6 as stunnel does not seem to be on scheduled component.

Note You need to log in before you can comment on or make changes to this bug.