Hello, The Cisco Talos team found a security vulnerability impacting Poppler PDF customers. As this is a sensitive security issue, this report is to request a PGP key for further communication. Please acknowledge receipt of this email so we can confirm we have the right system for reporting security issues with Poppler PDF.
Any reason you decided to open a new bug instead of following up my question at https://bugs.freedesktop.org/show_bug.cgi?id=100855 or the email at https://lists.freedesktop.org/archives/poppler/2017-April/012197.html ? > Please acknowledge receipt of this email so we can confirm we have the right system for reporting security issues with Poppler PDF. We have acknowledged your emails twice, it's you that seem to have problems following up.
Albert, I already have the three CVE reports with a testcase. Since these are private yet we cannot upload here, unless we mark this bug as private.
-- GitLab Migration Automatic Message -- This bug has been migrated to freedesktop.org's GitLab instance and has been closed from further activity. You can subscribe and participate further through the new bug through this link to our GitLab instance: https://gitlab.freedesktop.org/poppler/poppler/issues/301.
Use of freedesktop.org services, including Bugzilla, is subject to our Code of Conduct. How we collect and use information is described in our Privacy Policy.