On Mon, Jun 04, 2018 at 12:47:48PM -0400, Reinhard Tartler wrote:
> Ok, thanks. That sounds like a good plan!
BTW, I'm not sure if Talos security actually reported these to the
censenta/mongoose upstream project or whether they're doing it
for the security buzz/advertising factor...
I saw that upstream seem to be fairly active, so maybe it's just
a matter of properly reporting these vulnerabilities on their
Github page, letting them fix them and then rebasing the mongoose
copy to the fixed version?
Cheers,
Moritz
