Potential security issue #425
Comments
|
send it to me, @rurban as mentioned in SECURITY.md Reini |
|
@rurban - sent to your e-mail on your GitHub profile 👍 Just for reference, the report can be found here: It is private and only accessible to maintainers with repository write permissions, if not using the protected URL sent in the e-mail. |
|
Hi |
rurban
added a commit
that referenced
this issue
Mar 24, 2022
E.g. GH #425. On errors don't free pair and use pair. pair = NULL announces success, on error return the pair. add a EXPECT_UINT_DXF check esp. for BL. signed BL values have the type BLd.
|
Dropped a comment on the report @rurban - thanks 👍 |
|
@rurban - the researcher has specified the commit on the report 👍 |
|
Fixed in master thanks |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Hey there!
I belong to an open source security research community, and a member (@peacock-doris) has found an issue, but doesn’t know the best way to disclose it.
If not a hassle, might you kindly add a
SECURITY.mdfile with an email, or another contact method? GitHub recommends this best practice to ensure security issues are responsibly disclosed, and it would serve as a simple instruction for security researchers in the future.Thank you for your consideration, and I look forward to hearing from you!
(cc @huntr-helper)
The text was updated successfully, but these errors were encountered: