Re: [MSVR 50480] Security Vulnerability Report

[Tim Rühsen]

Hi Tina,

thanks for contacting us. I am the current maintainer of libidn and
libidn2. Please encrypt the report with the PGP key this message is
signed with and send it directly to me.

With Best Regards, Tim

On 2/22/19 7:12 PM, Microsoft Vulnerability Research wrote:
> Hello,
> 
> 
> 
> This is Tina from Microsoft Vulnerability Research (MSVR), and we wish to 
> report a security vulnerability for GNU libidn.  I am looking for a security 
> contact within your organization to disclose the reported vulnerability. 
> Please let me know if this is the correct contact so I can send the full 
> vulnerability report to you.
> 
> 
> 
> In addition, Microsoft supports encryption to protect vulnerability 
> information that is sent in email. Please let me know if you would like the 
> report to be encrypted. Microsoft Vulnerability Research supports PGP and has 
> published PGP public keys on the Microsoft.com website at: 
> https://technet.microsoft.com/en-us/security/dn606155.aspx
> 
> 
> 
> Thank you for your assistance.
> 
> 
> 
> Regards,
> 
> Tina
> 
> MSVR
> 
> 
> ____________________________________________________________________
> 
> Please  do  not  circulate  or  discuss publicly the existence or contents of 
> this email
> without permission from Microsoft Corporation. Distribution should  be  
> limited  to
> members  of  the  above company's information security and product development
> engineering teams for the purposes of security risk analysis and remediation.
> 
> If you have received or acquired a physical or electronic copy of this paper  
> and  are
> not  a  member  of  the above company's information security group or the 
> relevant
> product  development  engineering  team,  please  securely  destroy  all  
> copies  and
> immediately notify Microsoft Vulnerability Research (MSVR) by email:
> address@hidden<mailto:address@hidden>
> ____________________________________________________________________
> ABOUT MSVR:
> 
> Microsoft  Vulnerability  Research  (MSVR)  is a program designed to help
> improve  the  security  ecosystem as a whole through the coordinated re-
> porting of known or suspected security vulnerabilities. We provide  third-
> party  companies  with information concerning vulnerabilities discovered
> by Microsoft employees either during  the course  of  their  Microsoft  re-
> sponsibilities or in their own time.
> 
> You can learn more about MSVR at:
> http://technet.microsoft.com/en-us/security/dn467919.aspx
> 
> If  you  would  rather  not receive emails from MSVR in the future, please
> let us know in a response to this email.
> 
> 
> 
> _______________________________________________
> Help-libidn mailing list
> address@hidden
> https://lists.gnu.org/mailman/listinfo/help-libidn
>

signature.asc
Description: OpenPGP digital signature