I take the security of the EasyTL library very seriously. I appreciate your efforts to responsibly disclose your findings and will make every effort to acknowledge your contributions.
Please note: Public disclosure of the vulnerability without prior agreement is not recommended, as it could put the wider user community at risk.
Please report (suspected) security vulnerabilities to Bikatr7@proton.me. You should receive a response within 48 hours. If the issue is confirmed, I will release a patch as soon as possible depending on the complexity but typically within a few days.
- The version of EasyTL you are using
- A description of the vulnerability
- The potential impact of the vulnerability
- Steps to reproduce or proof of concept
This information will help me to swiftly resolve potential vulnerabilities.
If you believe that your message needs to be encrypted, you can use this PGP Key so that only I can read it.
-----BEGIN PGP PUBLIC KEY BLOCK-----
xjMEZiAR/BYJKwYBBAHaRw8BAQdA6PFvOM7DinoTrdkd2YZ9iTN517dl7x4E
T9B3QuQzk9/NJUJpa2F0cjdAcHJvdG9uLm1lIDxCaWthdHI3QHByb3Rvbi5t
ZT7CjAQQFgoAPgWCZiAR/AQLCQcICZALnhKO/Xs52QMVCAoEFgACAQIZAQKb
AwIeARYhBKhHs45u2d04fY0DMwueEo79eznZAAAgjAD/XfD9smC+ngOu7Zp2
mr/vUXzsHigZ7qxgLjkO9L3403ABAKwcM/muRrsFwIF91VOBLE0oI4D4dJ8O
FfRGIjglOH4HzjgEZiAR/BIKKwYBBAGXVQEFAQEHQE7kcetJJuR9s1RakvTf
pW5pEt8s/t57AfxmrbuSnesWAwEIB8J4BBgWCgAqBYJmIBH8CZALnhKO/Xs5
2QKbDBYhBKhHs45u2d04fY0DMwueEo79eznZAAAJIQEAgwo0mhpcbwqBNbdO
NtvZMi7+esh8tJKFnUA1q+oKzc8A/0GRfh8K9b96kxxeSwBC7U5r+CzdS2BY
my3Q2eo2ITAF
=EP+L
-----END PGP PUBLIC KEY BLOCK-----
I will keep you informed of the progress towards fixing the vulnerability and announce the patched version once it is available.
Individuals who report security vulnerabilities responsibly will be acknowledged in the project documentation. If you would like to be acknowledged, please include a name or alias in your report.