Reporting security vulnerabilities in rdesktop

[eyal....@gmail.com]

Hello, 

Is there a non-public way to report vulnerabilities to the developers of rdesktop?

My team at Check Point Research recently finished a security audit to the library, and we wish to share with you our results in a way that won't endanger the users of your projects.

Best Regards, 

Eyal Itkin.

[Henrik Andersson]

Hi,

> Is there a non-public way to report vulnerabilities to the developers
> of rdesktop?

Not really. You can send the report to me as an encrypted and signed
email and we will take care of it. See attached key.

Best regards,

Henrik Andersson

[Pavel Cheremushkin]

Hello, I tried to reach Henrik out to report some security issues I managed to find in rdesktop, but I couldn't reach him. Where could I find point of contact to report security vulnerabilities? Probably, it would be nice if such information would be provided on rdesktop.org

четверг, 25 октября 2018 г., 11:23:03 UTC+3 пользователь Henrik Andersson написал:

[Pierre Ossman]

On 07/02/2019 15:59, Pavel Cheremushkin wrote:
> Hello, I tried to reach Henrik out to report some security issues I managed
> to find in rdesktop, but I couldn't reach him. Where could I find point of
> contact to report security vulnerabilities? Probably, it would be nice if
> such information would be provided on rdesktop.org
>

I'm afraid Henrik is no longer working on the rdesktop project. And we
haven't yet set up an official way of reporting security issues. But you
can send it to me. I've signed this message with my PGP key if you wish
to secure the information.

Regards
--
Pierre Ossman Software Development
Cendio AB https://cendio.com
Teknikringen 8 https://twitter.com/ThinLinc
583 30 Linköping https://facebook.com/ThinLinc
Phone: +46-13-214600 https://plus.google.com/+CendioThinLinc

A: Because it messes up the order in which people normally read text.
Q: Why is top-posting such a bad thing?