SelfPrivacy/selfprivacy.org
1
0
Fork 0
mirror of https://git.selfprivacy.org/SelfPrivacy/selfprivacy.org.git synced 2024-11-09 18:33:13 +00:00
Code Issues Packages Projects Releases Wiki Activity

docs(en): Add credits for the vuln disclosure

Browse source
This commit is contained in:
Inex Code 2024-08-23 15:02:22 +03:00
parent 1c5c6c84d5
commit 8d1afd679f
1 changed files with 2 additions and 2 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

4
content/en/blog/releases/0.12.0.md
View file

@ -149,7 +149,7 @@ This release is made possible with the support of [NLnet foundation](https://nln
This release contains a fix for a security vulnerability. We recommend updating as soon as possible.
A security researcher discovered that the application used an insecure random number generator. This could allow an attacker to predict the random numbers generated by the application, which could lead to a variety of security issues.
[UnblvR](https://x.com/UnblvR1) discovered that the application used an insecure random number generator. This could allow an attacker to predict the random numbers generated by the application, which could lead to a variety of security issues.
While we believe the risk of exploitation is low, we recommend that you update the token on your original device:
@ -162,7 +162,7 @@ Only the token of the initial device might be vulnerable. Tokens of other device
Servers created with this version and newer will not be vulnerable to this.
We haven't received information from the security researcher on how to credit them, and will update this changelog on our website and git forge when we do.
We would like to thank UnblvR for the responsible disclosure of the vulnerability.
### Features