w3m icon indicating copy to clipboard operation
w3m copied to clipboard

Published 20 hours ago verified publisher icon tats

Found a possible security concern

Open psmoros opened this issue 1 year ago • 2 comments

Hello 👋

I run a security community that finds and fixes vulnerabilities in OSS. A researcher (@iskindar) has found a potential issue, which I would be eager to share with you.

Could you add a SECURITY.md file with an e-mail address for me to send further details to? GitHub recommends a security policy to ensure issues are responsibly disclosed, and it would help direct researchers in the future.

Looking forward to hearing from you 👍

(cc @huntr-helper)

psmoros avatar Jun 22 '23 08:06 psmoros

On Thu, Jun 22, 2023 at 01:27:42AM -0700, Pavlos wrote:

Hello 👋

I run a security community that finds and fixes vulnerabilities in OSS. A researcher @.***) has found a potential issue, which I would be eager to share with you.

Could you add a SECURITY.md file with an e-mail address for me to send further details to? GitHub recommends a security policy to ensure issues are responsibly disclosed, and it would help direct researchers in the future.

Hi,

as this is basically Debian's w3m you could report it to Debian's security team. tats is also the Debian maintainer for w3m. Or email him directly.

rkta avatar Jun 30 '23 06:06 rkta

Thank you for your suggestion. I will take your advice and report the issue to Debian's security team regarding the w3m problem. 😊

iskindar avatar Jun 30 '23 07:06 iskindar