admesh Security bug

Dear ADMesh developers

One of our engineers found a security bug in ADMesh. Where to send the report to?

Regards,

Cisco Talos https://www.talosintelligence.com/

Sep 07 '22 15:09 Talos-Martin

Hi Martin, I am a Debian maintainer of this software. Please send me an email (you will find it on the linked page). Feel free to encrypt it with the key BBBD45EA818AB86FF67E7285D3E17383CFA7FF06.

We will try to fix it, request a CVE and fix older distributions if affected also.

Thanks!

Sep 07 '22 19:09 gladk

Hi Anton

Thanks for reaching out. Regarding gpg, is this the key in question? https://keys.openpgp.org/vks/v1/by-fingerprint/BBBD45EA818AB86FF67E7285D3E17383CFA7FF06

Gpg won't import a key without a user-id apparently.

Regards,

Martin

From: Anton Gladky @.> Sent: Wednesday, September 7, 2022 9:17 PM To: admesh/admesh @.> Cc: Martin Zeiser (mzeiser) @.>; Author @.> Subject: Re: [admesh/admesh] Security bug (Issue #60)

Hi Martin, I am a Debian @.> of this software. Please send me an email @.@.***>, feel free to encrypt it with the key BBBD45EA818AB86FF67E7285D3E17383CFA7FF06.

We will try to fix it, request a CVE and fix older distributions if affected also.

Thanks!

— Reply to this email directly, view it on GitHubhttps://github.com/admesh/admesh/issues/60#issuecomment-1239779582, or unsubscribehttps://github.com/notifications/unsubscribe-auth/AGK5IJZ3NGSF4ZU5VIOVDMLV5DS4FANCNFSM6AAAAAAQG3LUH4. You are receiving this because you authored the thread.Message ID: @.***>

Sep 08 '22 16:09 Talos-Martin

Yes, exactly.

Sep 08 '22 16:09 gladk

Thanks for the fix.

Nov 18 '22 22:11 hroncok