Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Talos Security Advisory - TALOS-2021-1225 #5345

Closed
CiscoTalos opened this issue Jan 12, 2021 · 6 comments
Closed

Talos Security Advisory - TALOS-2021-1225 #5345

CiscoTalos opened this issue Jan 12, 2021 · 6 comments
Labels
Bug Pkg::Nef_2 Pkg::Nef_3
Milestone
5.1.3

Comments

@CiscoTalos
Copy link

Hello,
The Cisco Talos team found a security vulnerability affecting CGAL libcgal CGAL-5.1.1. As this is a sensitive security issue, this message is to request an email and PGP key for further communication. If there's an option to mark this issue as private, we can place the details here.

For further information about the Cisco Vendor Vulnerability Reporting and Disclosure Policy please refer to this document which also links to our public PGP key. https://tools.cisco.com/security/center/resources/vendor_vulnerability_policy.html

Please CC vulndev@cisco.com on all correspondence related to this issue.

###Tested Versions
CGAL Project libcgal CGAL-5.1.1
@lrineau
Copy link
Member

lrineau commented Jan 13, 2021

I am the release manager of the CGAL project. Here is my PGP key:

-----BEGIN PGP PUBLIC KEY BLOCK-----

mQGiBDpzBWcRBACglX+24FvCi8OCjZSbx2k6B6mzfl5t/GJH+1mxLAi4TCIic8C0
ueYDKhdkt+pc4apS/HkNfl9iy+t5rFuB8CxwZJtDgfaViWng9co78NoZkaDHchFl
MK9zvKKrc9jFVSY6c36LBgROxSzsnr+8nNXMP5y+7GQ8wq0fLrN+hSfPjwCg5DBR
MbMSbQFl0CADDm3ODIUkLwUD/3759XVnGI5PjO2tusl1spAHHsXgw2RUMeJcqaay
sbNvR+5vDSv+MI/N4GSZIz8NV/AU+fFRXffB1RHSZB4mmTpOncmSjwRW630Sd6vZ
iH0BHs+voF7B2kI1mrNMha7hpwNlVHdTlO9S5SDwqH1O6zRkkMikGnYaq+/V7gws
7xp4A/494uhm39G6NJancd/syJiYSKVS4/XxYHoBHOa7zHFh7NRuDFrvltydmFbo
WGZAEy3NPQRFxyoT2NvHpBo6XCIkLqsoI1zcRw0Z9sLYih3BPiJoYxhK6AhvrqOX
Gfjjv8xhWmClM1SRNQeGW6laK95CWJhihnOZr+F5ni5kUZv4NbROTGF1cmVudCBS
aW5lYXUgKEVtYWlsIGFkZHJlc3MgdXNlZCBmcm9tIDIwMDYuKSA8bGF1cmVudC5y
aW5lYXVAbm9ybWFsZXN1cC5vcmc+iGMEExECACMCGyMCHgECF4AGCwkIBwMCBBUC
CAMEFgIDAQUCSY8ezQIZAQAKCRAFbYsz7BQItDAJAKDbR47uhTEIeOx6NQ+3ey5f
ZCmsxQCfcJfRZEqb+JTezb8naVuORENuZHKIYAQTEQIAIAIbIwIeAQIXgAUCSY8c
OwYLCQgHAwIEFQIIAwQWAgMBAAoJEAVtizPsFAi0apEAn1MWi0f1l3DiNlGdBOph
I+UxpK+PAKCTppWi6+2WEyPe7X1zifUrAC4cEohgBBMRAgAgBQJEmVpmAhsjBgsJ
CAcDAgQVAggDBBYCAwECHgECF4AACgkQBW2LM+wUCLRLLACgmkN0yC1Q3cMhlrtn
9aD6uWpSSccAn103U29qB5/fLP6q98Utzk41bdO1iQIcBBMBAgAGBQJSDk7AAAoJ
EBIxI9/VdTLRiM0P/2bbjAEfnmk7OtwiKkLW2T7PdKhvfZ0T6YsOHua8zUZVTZzj
7wjHXRRzsjCdEMBSCxyxV/jU2LxBR5nCytA9wi1eLY2L1ZsCDBMELJwZXluq1d1r
mpT+dr8dNN4acYTJW9vFf+Y6mzJofrGOlDShEdowuSNryLjBj/EkT9K7utc72Jua
vicAn3clGjs1K57mjkHqriTqXL1+PzAzLmp+vvDmjcx9nQhDnKey0qbaWeiUB50s
k9HRSsN7tnFS5R1qTESWAsAoxQm5865pW+6yec6StTcBdvkDzWqCfj2RVh5jjPuA
4vrz43qzpdGErx26zCQ7Gxf2AcjHp5cMAhD090m8C/408bFYqAzh+4GbaeLQ7uql
+fXt6Zg0c8D36AP/vsL8wrFBKrdWpwjzIeH/WNxcyYEL+wKlE5hy/h1Vzt/ttSJu
LekM/5nHHNSnGYj6OnRkRCctYKXmo2m1mfyv8CxyBGvdAo7lIQeYltUkD0/R4EsM
n/kYQA/5EECJdTx5ioCcJ/TFVjgPUhKZgHya3tueXhn7NdIed3Mj2uqYG8NaU7VL
BlK7PoGRsoVfSZ+1zVkXVwVY+G4bQhjVbtaUnSTaMVSwHRQ7PFoYo6lFsn7mvykz
fb96vj7WggQcofT8FEvBD3/5fMZRh1Frls1XxbgIcbo70up8J3XhMuLjbF+atCZM
YXVyZW50IFJJTkVBVSA8bGF1cmVudC5yaW5lYXVAZW5zLmZyPohVBBMRAgAVBQI6
cwVnAwsKAwMVAwIDFgIBAheAAAoJEAVtizPsFAi0I3UAnjrQBFqSUHtlZCcnKTG2
yk+khyhsAKC4v/C+Y6X1g4jtfUtV/Dbi8TzPWohGBBMRAgAGBQI/tOB4AAoJEPEz
IkEbgK3mrUAAniR5MoZAvBQCkRpCnKgV4lQ8dEXiAJ9rZYTpLVwZwJsdVUiLb2zP
CYJWlIhGBBMRAgAGBQI/tPWMAAoJELBj2Zc25UyT/t0An0ysRgrFKIfmeOhq2jSt
fIah8WmOAJ4s7gsEiea9zof+1i+Xbs+Th7pTvIhGBBMRAgAGBQI/xiPuAAoJEEJu
nADLdPNgT38An2jtbQDMClLGYqHL4hEPGGSAFp6pAJ0VkjLi5qG20aTKEf58aNZk
Qtr7xIhGBBMRAgAGBQJAiDMfAAoJEKszPnPHnfjhVgoAnRru8Vc0SLCu2AVQwJ0G
wq4qcMhXAJ971tALHmql0Lni4pPA0e6BCFWLPIhVBBMRAgAVBQI6cwVnAwsKAwMV
AwIDFgIBAheAAAoJEAVtizPsFAi0I3UAoJJMNWUlZgG/MvZLcecqK5dhuI4CAKCe
W4QrBNreF4DCNilViKm9z8sJP4hdBBMRAgAdAheABgsJCAcDAgQVAggDBBYCAwEC
HgEFAkmPHssACgkQBW2LM+wUCLSHjgCgx2lJDuvCi2Al36Mnn+gP9BOR51gAn378
YWZ4MnL9zabJHUQthtjlyrMPiFgEExECABgDCwoDAxUDAgMWAgECF4AFAkRSDXQC
GQEACgkQBW2LM+wUCLTktwCZAVUxH53EgYePDrgfmIAdVRlwLJ0AoJUvpk3V0rC8
4n1o08UthHDtWGBsiGAEExECACACF4ACGQEFAkmPHDkGCwkIBwMCBBUCCAMEFgID
AQIeAQAKCRAFbYsz7BQItJ37AJ4lvuKdhCYE2btkQRbCK/X40Bh4xQCfZGX7iKbV
k65rUzZMCdGokgLYG4u0S0xhdXJlbnQgUmluZWF1IChPZmZpY2lhbCBlbWFpbCBh
ZGRyZXNzIHNpbmNlIDE5OTkuKSA8bGF1cmVudC5yaW5lYXVAZW5zLmZyPohgBBMR
AgAgAhsjAh4BAheABQJJjxw7BgsJCAcDAgQVAggDBBYCAwEACgkQBW2LM+wUCLQp
bACgqdOmes/MR8KldiTJNsXlyLhm20MAoJfWR1V166YUIw4dj62jT8ns5umoiGAE
ExECACAFAkRRz8gCGyMGCwkIBwMCBBUCCAMEFgIDAQIeAQIXgAAKCRAFbYsz7BQI
tG+qAKC8kvVF7JfmI+9jsflNBf8YSN5ItwCfVeNs4/UtzKYj1kK6ONmWqIl25ea0
X0xhdXJlbnQgUmluZWF1IChFbWFpbCBhZGRyZXNzIHVzZWQgZm9yIEZlZG9yYSBF
eHRyYXMpIDxsYXVyZW50LnJpbmVhdV9fZmNfZXh0cmFAbm9ybWFsZXN1cC5vcmc+
iGwEMBECACwFAkmPHWglHSBJIG5vIGxvbmdlciB1c2UgdGhhdCBlbWFpbCBhZGRy
ZXNzLgAKCRAFbYsz7BQItE+CAKCvUyfLS7JkY0ZuiMm9iG4FXCeVOwCcDDjOMa7f
euHhBziVid465/P/ENGIYAQTEQIAIAIbIwIeAQIXgAUCSY8cOwYLCQgHAwIEFQII
AwQWAgMBAAoJEAVtizPsFAi0VnMAnjIq7gD3Bl5gHnz7sVBq5sUctdh5AKDi2u5X
wedvyLomSkYBqBK9gS+ovohgBBMRAgAgBQJEUc+NAhsjBgsJCAcDAgQVAggDBBYC
AwECHgECF4AACgkQBW2LM+wUCLSefgCgxFADjRhJWVO9m/TwkAGqzOY7GVQAnRkr
6usQOXsTbUcMpVM2H4aHbSvKtGlMYXVyZW50IFJpbmVhdSAoRW1haWwgYWRkcmVz
cyBvZiBteSBJbnJpYSBhY2NvdW50LCBhdCBTb3BoaWEgQW50aXBvbGlzLikgPExh
dXJlbnQuUmluZWF1QHNvcGhpYS5pbnJpYS5mcj6IYAQTEQIAIAIbIwIeAQIXgAUC
SY8cOwYLCQgHAwIEFQIIAwQWAgMBAAoJEAVtizPsFAi0l/YAnR6gs41L0xs/3BAf
/Sg7/Ov/lRp9AKC3Dez5kQUd926Z0PGsVLmMkSBwLYhgBBMRAgAgBQJEUdBQAhsj
BgsJCAcDAgQVAggDBBYCAwECHgECF4AACgkQBW2LM+wUCLTGfgCgkSV00ISlmeI8
SnrBHDf0oRUCEBoAn00xW9t+M4EDMjRZTeXXMcA0btv3tEVMYXVyZW50IFJpbmVh
dSAoRW1haWwgYWRkcmVzcyBjb21tb25seSB1c2VkLikgPHJpbmVhdUBjbGlwcGVy
LmVucy5mcj6IgwQwEQIAQwUCSY8dBTwdIEkgaGF2ZSBsb3N0IG15IHVuaXggYWNj
b3VudCByaW5lYXVAY2xpcHBlci5lbnMuZnIgaW4gMjAwOC4ACgkQBW2LM+wUCLSM
RQCbBFxQj5eor4bNGiDGHJnwwa/OVyoAoM4cza7EmNfSqeJmpamPcgS/8VYciGAE
ExECACACGyMCHgECF4AFAkmPHDsGCwkIBwMCBBUCCAMEFgIDAQAKCRAFbYsz7BQI
tLCEAKC38+By/uz4fDzdxBGhME6ySzf0cQCfXpreeP1RHzBhLxh9MBmBirs6u2CI
YAQTEQIAIAUCRFIcHAIbIwYLCQgHAwIEFQIIAwQWAgMBAh4BAheAAAoJEAVtizPs
FAi0GEkAoIIiybEyU1JNbd7kMdDcPZ4SmwHFAKDeptlobT1EadDOuuIEVl0/Kyxw
oLQuTGF1cmVudCBSaW5lYXUgPGxhdXJlbnQucmluZWF1QG5vcm1hbGVzdXAub3Jn
PohfBDARAgAfBQJEmVo1GB0ATmVlZCB0byBhZGQgYSBjb21tZW50LgAKCRAFbYsz
7BQItDKSAJ9/D608Ch7u8li25v12rLlO4aYsKACg1SNKPtp2JMJzVFXcXtFHRP2o
BcyIYAQTEQIAIAUCRJlYtAIbIwYLCQgHAwIEFQIIAwQWAgMBAh4BAheAAAoJEAVt
izPsFAi0sl0AnjBEgpaqSU5Wm2pfqGm95QRiGqpsAJ9sEyop+kfJuvgF2aHBidse
xq0HT7QzTGF1cmVudCBSaW5lYXUgPGxhdXJlbnQucmluZWF1QGdlb21ldHJ5ZmFj
dG9yeS5jb20+iGAEExECACACGyMCHgECF4AFAkmPHDsGCwkIBwMCBBUCCAMEFgID
AQAKCRAFbYsz7BQItOo2AJ4xdiyhFISSVUPeh1jX7HtT0Z2N1QCgsHytH7ZcBNt2
7l7QqlbP6pkzN0uIYAQTEQIAIAUCSY8WCQIbIwYLCQgHAwIEFQIIAwQWAgMBAh4B
AheAAAoJEAVtizPsFAi0ZdYAmwY+iroU5xGmTpQCRF0sRaT5FmEPAKCLehFnV9se
5eAUjDpDm86sm5zy2okCHAQTAQIABgUCUg5OwAAKCRASMSPf1XUy0QlwD/9S9zkD
WOftG6REw8Q/vRQbF05oij5kv1BIV8FPLznWsVDdYunor9viERzccUHPhjMiFYJp
29jFN6klhc2ok/EjqxIaaDzxuOis+cddfrWnlVtfK6DJ/fd8MB/sGoJBBGtUQywT
2qAhhwphvxcFHpek2fwaHS8VwRrgf93P4TJd2n+JjpCOC+9cFuMyD6WWWIy1spIg
KEVBlrzHepa+D152Wc6UQWx4DPdx4+llLOTG0qP9IVhc8gi//1uZxDwW+niqXkKu
Ap0FSBEHEMlW0514gzZGYeJsbt+AXKK3qm00YjUpHCpHv6j2Mz0+y9TfUiOVb2bz
S528yDIBO0Xufs5t3Ef8V3AKOXngeSq2WoXYv5J3Hje6sOx83/XxoeiQwBp29bsY
q4Zq/OJCj6KMIP2iYTzkrP8U4IRGNbzoAd6Y3uJAEYtDWbLPvJkYrLnQaUkCnJKk
q8V7S2H9j6VbeqTlGMmw5Jw6MLmhj9Zr3e3GmxgslWn5MrooFHbAsoRZ+G0+C7xA
oA1KxItq8sI8R3MRcjHnKxBG8Jjwd0QpFmlhgEeyHFHrjKScMjS9BEhd/6X1yGy0
GiQPvDs+4ZWQH3eHuxjUocHVj8e3sNRpllKzOuRRlAU2WCm+rzOzqSk621Gu25hs
s3CUrRzeyQ9fb6S9cfk3E1xzgjp6Jb2bKVEjBrRtTGF1cmVudCBSaW5lYXUgKEVt
YWlsIGFkZHJlc3MgdXNlZCBmb3IgYWxsIEZlZG9yYS1yZWxhdGVkIGFjdGl2aXRp
ZXMpIDxsYXVyZW50LnJpbmVhdV9fZmVkb3JhQG5vcm1hbGVzdXAub3JnPohgBBMR
AgAgBQJJjx2lAhsjBgsJCAcDAgQVAggDBBYCAwECHgECF4AACgkQBW2LM+wUCLSn
egCfSMdN1EDKJrkERFpQxwcHJ6Z/45kAn1N01WzssKogmSlu2nQ55t0GRQsOiQIb
BBMBAgAGBQJSDk7AAAoJEBIxI9/VdTLRWd0P+JueBu6pBm07HwO7cIRbWMeO++dT
4qAkXYfKKNjWsdKOQ+C920FeNx7cEmb/Fuz2rfP4O5wLIE1czhn/V8NeyMCmjwyy
3IAFNnICYwsao4gO4njYk3QJEkV6UBxn4e9jlCQI/n5VlL3UCTII2Xl1wzB2gFCA
IzZNwwK7Z/Om3FfxjQ85BUgKs5UEAH+SYAgp93gSuTKZSR1avJvhucXxowAPaKMw
YX1yA4EW638pgcX1DfU/zZ8RjzCStigWMK8xMEMOzq/GEfRaetlkYR9NMKlG9jE+
5KcTD0BaYq1KVCnxQep/35jEDhnVXGz2El2rTDNaSq3pb1I3wQv4M2BljqRDbnyG
9SFwnXMKg6Chq7qDN/rd+lIpILpOyL4/8SLujzccfwhmdWhNt/LQdWd1CgtxT1yb
OrqvLE32sgOJBnxCpLepjZzZhRE6lO0KdrdACW94dvOkPCi1hjKTdIB9JU9y8dW9
rJqF9Xi/GGVo3a4R4fwkpryZhDXfCtK2OrclHAObFWur6MGKQaCSV0XMpklbNYgn
9bdWFgKXTpVdodV1h8Q9916L/XLaZBGv62fnj3gf9HUheuxnVuQdFnUztjOUssUC
U3QSBTmInzWsRsTcw/wye40kDvC6jYDvkul2Sr8Rn+Jl0xGtryFlHuTjRvYQ/V2j
uy7uWTHvJ9Fr6ku0RkxhdXJlbnQgUmluZWF1IChJRCBmb3IgdGhlIENHQUwub3Jn
IHByb2plY3QpIDxsYXVyZW50LnJpbmVhdUBjZ2FsLm9yZz6IYgQTEQIAIgUCUH/x
IwIbIwYLCQgHAwIGFQgCCQoLBBYCAwECHgECF4AACgkQBW2LM+wUCLRf9gCgmIDG
DvLZQ5xa3j6SOVE2C/X7VSoAnjfAe489Bx9W8vvWsOtd5mZ+t+JDiQIcBBMBAgAG
BQJSDk7AAAoJEBIxI9/VdTLRtHkQAKWHSffVz45si+a/4sr4hL28k9OebBWBxz+x
nOo+A38hCGDrrOKkDGpdjyaZ475RVM2gp8nLDpVGx4F2gjMg2KnxX6OcEgFCaNX0
ALyuGDkNiG2P3bJ+O3shuFZOOVSL2EGcNbLsVWec2ane57YPdi2f8sOjwdcxd32E
kEo6F9x5oQv+fsZnyTrM8hFtyrUccflHzcpu199wYkvs9XxKkInPPe6nns09iCip
XQ2iIibxRCv0lXLOFx030LQHSR/GSTuIjzIvNPQXZylcikhIFUDs/wQJO3fh0SK2
cix2uLiIjun/0gGFg72Zs+v1D4j9oBk+BO6gm38WqERop+2gSoMxSQXG7lpn9JxC
AlMc3R9v2RKsGjHv52DBtdOfOS4dZg4kmL588KUmHOibdgPzcnDfkyLpsaqFmAEO
3A/rZS2aH9s3KQIfCmrJbM+u5xcYDAqlAAoELnxeUqje6ndRkcuSifk4TNGd98Yj
iJIzJoIAPHX3l93VWHS7JIWYrfRGj9QLY9BVzQ/Cvx4/NOeF/sTRk1BfskcOxPtY
dNgGKAw5liPR51LFr6fg2B3rDIFlEYbq2bupPfK2yA6aFs9lVjQCEmhwQRVxGRCi
agsiCybRY8g/GcniGsH8ClBXmu547XwwEQDljWmuDoQoL6VyOR43JxdHJEey3pAM
NwDDc9uhuQENBDpzBaAQBADIxGH3z/IzHcBqOwbN2Ez9ytWCs3r+oeevUS0xF5BR
EwQ9emK4uQOHh1i+TZRD+Ga7JDC+ZMRRuvydp1d9PQTXfQwt+N83+WUMtVKP/Yfl
9uZ57B7krmYShXXf6JDXNYOlULljeaowXix+iqj4NOu9wGwwwT0VpsxDFNlxLGTQ
xwAEDQP+OrHEF4vWQBY7Jjufg80h+TDfpVgQNykgtMewTRssp4HLpDxxTKnZR5pZ
3PLMLV+iznVmZabKALIMedIltENw6sL2ZyhORqGqpUrjg2A9K5MR8eqccNpaqXQt
M14HbY56/MTAn5k/gqCfJQ+j4E+GA0aOV9ci+RQ/rAuG9FclHDyIRgQYEQIABgUC
OnMFoAAKCRAFbYsz7BQItPoLAJ9Vw3XzTdQF6SkKO9yOxDY5sN1V7ACgkHCHh4x9
ZJ84NcOhxhV32w8/JkCIRgQYEQIABgUCOnMFoQAKCRAFbYsz7BQItJdwAJwK86uz
bV/tmvCuDXOYE0fFSjdvagCfcbeOMelKBuRs0C9cyujI2DTvflSZAQ0EVRRDYwEI
ALSLlY5sSDmVapV/42JEikykxJh7F8ye41a1K+aEPWFKsi+LxpM2hs5pG17CGSwQ
pxdMq0nYYE5mII07fM/T80krFeGnmm/Dk2Xaa4QGFv0GpGkbFsuI6+/itTljX5nh
qiJszGNu6ooxRbpAopnxMQKZOiR5m9Rg+UFEV2HVTivIRi7jtbUlbAy5qNWsC/f0
hbi+QPEKd6vB2tponv2aHI7hSWRwUTODncxyD39F4rT/MPkfdY7cck3VIPZFKKZK
pWVxH8cZVyfMRaX1FEfFP9/f4TB7BV6yamFmmlNnJDNNiKhODHmR0ItbwJZn476Z
FSheez3q2KGxjFqbVA/vS68AEQEAAbROcmluZWF1X2xpYlFHTFZpZXdlci1xdDUg
KE5vbmUpIDxyaW5lYXUjbGliUUdMVmlld2VyLXF0NUBjb3ByLmZlZG9yYWhvc3Rl
ZC5vcmc+iQE/BBMBAgApBQJVFENjAhsvBQkJZgGABwsJCAcDAgEGFQgCCQoLBBYC
AwECHgECF4AACgkQKj2IZGYBJO9EaQf+PxPGEFihFOl53ZutixOsUlnKQUIikYU2
IWyi0qkGATj6t8b/jJL7neEPAql7LqNOgIp3hdVbUWkE260cZ3Ai1qwvsavku283
6mTqO2zC8PP+wspuyOFrvDgae9zYO1tWFj4T++zixVwaBx/GahTPGR3OKowRoWYo
gC6QCle/SQd9xBvSKIPqyCcWPLESTM3tznrhZXo2lrcFvaf28UQBTSqME/V966tH
S18qGLQiu8/Yh5twHpjPCQhdwfHF8DCRVoUKtZyzxsaYfOxgKWJNa+6pXZn2xIUJ
MHzxpkjgJMYeLWVakOv+/P7r6r27n1yVpt8P/dXYqCaA1MXK2r09H5kBDQRXB56R
AQgArOII7J4H6aqxb30ucZwlQ8+/sONFiII2LZBkYAG5YByl9nZ8Yzqr19fovSak
vU//IOFAXFRYyCSmUHZGHhZMbGjMWXYgIUdlMpNox5J9RXmLzsZ3GpN6jGBkbo2c
1hvWC1JwG/knD7oFuE8AkuCfTOEhXwKuE2oSQJo+UL85MdvG3wFoiOq9N/4Wls4H
rsuxP2sD8KOUiu/cTbjMAGhQxdy5mux+WYNIHb2v7AJVKrPr1sxvAAjm4FvHy4K2
GHl3ns98Ybs9yBWGUNUF0z8AZS1FWcoaShbHJJ9unb+xCzwbrHuC9ASYBVwdgx1J
7iHTH8QZB2mkNpoNKRTsrDdiSQARAQABtC9MYXVyZW50IFJpbmVhdSAoQ0dBTCkg
PGxhdXJlbnQucmluZWF1QGNnYWwub3JnPokBNwQTAQgAIQUCVweekQIbAwULCQgH
AgYVCAkKCwIEFgIDAQIeAQIXgAAKCRBlYQhlwM6Fxnt3B/0Y3l4lDZ+4bDVCg0nB
uS15X72+ZCiUsGl53DswNwyaOxxNZQaVgigzuiY6wD6hTeAMU3hM9sAJUjKwUC1q
cAN/0Zax9Qe2pcSvkkzleBCIaQPjWmZm3qp7yVcxkRf5PrFLBQo/ICMziv0a8zpH
292bJXCmliFtdSqBgqyhZv/1zzrje2QkUwMo2nSHa+GrD6Oy+0T1FvHcoUmnkinj
q2tA4IKRQ3ZnI601kgvtD5aTRaZR8ySIR9ZjNge9w1eDTw+ORujZyueOhpNYFJKG
1at7atyC65FYI7gB2PXfaTXfwlmfG5uvi9UT4VM34Scs58obA5PlkhphfRC0dL3b
wsA4iEYEEBECAAYFAlcHo+4ACgkQBW2LM+wUCLRDkwCfbjqYQHyGdrEsEh7EyCzw
zxhitAUAoNczJdt2mOjDZu71qE9kZZrjvXjNuQENBFcHnpEBCADQzlehxKAb9+jO
sE7xlajyGqDqxaT6a1Tca4m/KlRWVs6K8UI06y7NR2VVEeaTGS6aGBA8KKfc06+k
haGPcwpVX8v/1Nrrg0JZQdVs8gvCNV6+oO7gze/5AHOHHm2LjZtY61B+V/NEGirM
sGuI2ScmhLFC6XWgYPoafi5+NnOqHt7BG21JyLxgDinPC7kDMCvxeteBCJ7IxS1R
NVvlAJJuI1Lr75joxSF998UREoQwXfLHWepZMSDMd4hjk1pckV1e4vVP2ClRrYsM
FJFOSo0qewwebO+zOISjw6KkkrQiEOZGPlQ3tSIYuvVkm3ntmx/0IOJMJaPgkzwi
v7hV6ZV7ABEBAAGJAR8EGAEIAAkFAlcHnpECGwwACgkQZWEIZcDOhcZSzggAgK31
MoGXitsUKuAeXFAXsCpaNE0tLrI1srNHgUX6ITVn/xPs82XshjRE4jv1KKNX6KTA
GtUaiFY3+6XzJoA2tgMaK+VV0tWvEVn2IpGpjBYnIzrwvLTJc2pL2JwuiKU1qcat
+qD9rkDgh2XTlEr68fCqxiSM+zw2LCCa2Upno3FvSdRK/EA0bIqkARfHpuM4/RiQ
dl7rCIfuSaUlcKWAJH7yg8yHqxd4n9g/HzGvmDJ9A0Wqp/iiWNz+zNkjQe8Gb4D0
Xfi+p2RPgFTndv6eFK/81KzX3Rf3cxrWo6nnJAKANaV6vszj2URI5P1V3sXBpr97
fBIX79l77yYFr16/nQ==
=pILK
-----END PGP PUBLIC KEY BLOCK-----

You can write the encrypted issue report in this issue, or at laurent.rineau@cgal.org.

@CiscoTalos
Copy link
Author

We issued the encrypted report to the email address above. Thanks

@CiscoTalos
Copy link
Author

Are there any updates for this issue?

@sloriot
Copy link
Member

sloriot commented Feb 23, 2021

Fixed by #5371

@sloriot sloriot closed this as completed Feb 23, 2021
@MaelRL MaelRL added this to the 5.1.3 milestone Feb 23, 2021
@CiscoTalos
Copy link
Author

Thank you for the update. We will publicly disclose on our end.

@jubalh jubalh mentioned this issue Apr 22, 2021
Merged
@lrineau
Copy link
Member

lrineau commented Apr 22, 2021

The detailed repor is https://talosintelligence.com/vulnerability_reports/TALOS-2020-1225.

@lrineau lrineau mentioned this issue Aug 31, 2021
Closed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
Bug Pkg::Nef_2 Pkg::Nef_3
Projects
None yet
Milestone
5.1.3
Development

No branches or pull requests
4 participants
@sloriot @MaelRL @lrineau @CiscoTalos