Security bug #60
Comments
|
Hi Martin, I am a Debian maintainer of this software. Please send me an email (you will find it on the linked page). Feel free to encrypt it with the key BBBD45EA818AB86FF67E7285D3E17383CFA7FF06. We will try to fix it, request a CVE and fix older distributions if affected also. Thanks! |
|
Hi Anton
Thanks for reaching out. Regarding gpg, is this the key in question?
https://keys.openpgp.org/vks/v1/by-fingerprint/BBBD45EA818AB86FF67E7285D3E17383CFA7FF06
Gpg won't import a key without a user-id apparently.
Regards,
Martin
…________________________________
From: Anton Gladky ***@***.***>
Sent: Wednesday, September 7, 2022 9:17 PM
To: admesh/admesh ***@***.***>
Cc: Martin Zeiser (mzeiser) ***@***.***>; Author ***@***.***>
Subject: Re: [admesh/admesh] Security bug (Issue #60)
Hi Martin, I am a Debian ***@***.***> of this software. Please send me an email ***@***.******@***.***>, feel free to encrypt it with the key BBBD45EA818AB86FF67E7285D3E17383CFA7FF06.
We will try to fix it, request a CVE and fix older distributions if affected also.
Thanks!
—
Reply to this email directly, view it on GitHub<#60 (comment)>, or unsubscribe<https://github.com/notifications/unsubscribe-auth/AGK5IJZ3NGSF4ZU5VIOVDMLV5DS4FANCNFSM6AAAAAAQG3LUH4>.
You are receiving this because you authored the thread.Message ID: ***@***.***>
|
|
Yes, exactly. |
|
Thanks for the fix. |
|
@Talos-Martin @gladk Can you please publish the maliciously-crafted Our org is looking into a way to scan and/or sanitize user-contributed Since it's been over a year since the details were publicly announced, I think it would be safe to disclose. Please upload the maliciously-crafted |
Dear ADMesh developers
One of our engineers found a security bug in ADMesh. Where to send the report to?
Regards,
Cisco Talos
https://www.talosintelligence.com/
The text was updated successfully, but these errors were encountered: