Contact for security issue

[chb9]

Hi,

I've found a serious security issue in BlogoText 3.7.5.

@remrem How can I contact (email) you privately?

[remrem]

Hi, just created : contact at blogotext.org

[remrem]

Hi @chb9 , I did not receive your email, did you have time to send it?

[chb9]

@remrem I just sent the mail again. Did you receive it?

[remrem]

Yep !, My bad, mail filtering ...

Thank for this report, I take a look on it right now !

[remrem]

Ok, security issue confirmed. A big thank-you to you @chb9 for this issue, you rock!

I'll do my best to quickly push a fix and let the community know about the fix.

@chb9, If you plan to release this issue to the public domain, can you wait some time to let the community update theirs BlogoText ? And I think you deserve a place in CONTRIBUTORS if you want (I let you push a commit).

[B4rb3rouss]

I'm very curious to know more about this issue.

Thank you for reporting.

[chb9]

If you plan to release this issue to the public domain, can you wait some time to let the community update theirs BlogoText ?

Of course. I will also request a CVE ID after you fix that issue.

And I think you deserve a place in CONTRIBUTORS if you want (I let you push a commit).

Thank you.

[chb9]

@remrem When do you plan to fix this issue and release a new version?

[remrem]

@chb9 Tomorrow. Not enough time in the last few days :/

[BoboTiG]

@remrem do you want I take a look?

[remrem]

@BoboTiG I'm working on this right now ;)

[remrem]

Fixed version Again, thank you @chb9 ! If you need an official comment or documentation for your CVE ID request, @BoboTiG and me are here ;)

[B4rb3rouss]

Thank you :)

[chb9]

@remrem Thank you, I've requested a CVE ID and let you know as soon as I have it.

[remrem]

Ok, I close this issue.

[chb9]

CVE-2017-14957 has been assigned for this issue.

[remrem]

@chb9, thank you ;) I've just update the release description