Vulnerability in all versions

[AzraelsBlade]

Good morning,

Recently I discovered a vulnerability affecting all versions of phpLDAPadmin, please @leenooks reach me out so I can give you all the details.

Thank you and kind regards

[williamdes]

Reading #274 you should be the one initiating the contact

[diraneyya]

Seems suspicious indeed. Looks like someone have found an interesting phishing tactic.

[AzraelsBlade]

Hi again.

As @williamdes said, I have contacted @leenooks by mail and explained all the details about the vulnerability (no reply so far).
If I do not get a response in the next few months, maybe I can email you @williamdes so you can prepare a security release for Debian.

Thanks to all of you!

(PD: @diraneyya I have better things to do than scam people on the Internet hahaha)

[diraneyya]

Hi again.

As @williamdes said, I have contacted @leenooks by mail and explained all the details about the vulnerability (no reply so far). If I do not get a response in the next few months, maybe I can email you @williamdes so you can prepare a security release for Debian.

Thanks to all of you!

(PD: @diraneyya I have better things to do than scam people on the Internet hahaha)

I truly hope so! All the power to you if you have actually found a vulnerability and help fix it. I will make sure to donate to your crypto wallet when this happens.

[williamdes]

maybe I can email you @williamdes so you can prepare a security release for Debian.

Please file a CVE from the MITRE online form or email and also send me the patch to distribute
I think this is the best way forward:

• advise to the world with a CVE
• distribute a patch