> On Tue, Sep 10, 2019 at 08:29:38PM +0500, ???? ??????? wrote: > > those findings are mostly mess (maybe, except few real bugs). > > I do not mind sharing those findings with community, Willy ? > > we need more manpower here. > > Oh no problem! I'm not the one asking to hide bugs, the more eyeballs > on bug reports, the faster these ones will be sorted out! Also if one > fears that this could help a black hat guy find a vulnerability and > exploit it, mind you that these people already spend time scanning the > same code (with and without tools) and spot bugs in advance without > relying on our public reports anyway.
Please note that Sonarqube is scanning haproxy code too. Results are available at https://sonarcloud.io/dashboard?id=haproxy Some results are false positive but some are worth looking at. -- 232 avenue Napoleon BONAPARTE 92500 RUEIL MALMAISON Capital EUR 219 300,00 - RCS Nanterre B 408 832 301 - TVA FR 09 408 832 301