> On Tue, Sep 10, 2019 at 08:29:38PM +0500, ???? ??????? wrote:
> > those findings are mostly mess (maybe, except few real bugs).
> > I do not mind sharing those findings with community, Willy ?
> > we need more manpower here.
> 
> Oh no problem! I'm not the one asking to hide bugs, the more eyeballs
> on bug reports, the faster these ones will be sorted out! Also if one
> fears that this could help a black hat guy find a vulnerability and
> exploit it, mind you that these people already spend time scanning the
> same code (with and without tools) and spot bugs in advance without
> relying on our public reports anyway.


Please note that Sonarqube is scanning haproxy code too.
Results are available at https://sonarcloud.io/dashboard?id=haproxy

Some results are false positive but some are worth looking at.
--
232 avenue Napoleon BONAPARTE 92500 RUEIL MALMAISON
Capital EUR 219 300,00 - RCS Nanterre B 408 832 301 - TVA FR 09 408 832 301


Reply via email to