
<p>On CVE-2018–20587</p>


<p>A summary can be found at <a href="https://medium.com/@lukedashjr/cve-2018-20587-advisory-and-full-disclosure-a3105551e78b" rel="nofollow">https://medium.com/@lukedashjr/cve-2018-20587-advisory-and-full-disclosure-a3105551e78b</a></p>


<p>I don't think any action is needed from our side as long as the nodes are running in a safe environment with only one user. It's up to node operators to handle their individual op sec. Perhaps we could add some recommendations on this to make sure everyone is more aware? <a class="user-mention" data-hovercard-type="user" data-hovercard-url="/hovercards?user_id=1223908" data-octo-click="hovercard-link-click" data-octo-dimensions="link_type:self" href="https://github.com/Emzy">@Emzy</a> <a class="user-mention" data-hovercard-type="user" data-hovercard-url="/hovercards?user_id=15045051" data-octo-click="hovercard-link-click" data-octo-dimensions="link_type:self" href="https://github.com/KanoczTomas">@KanoczTomas</a> ?</p>


<p style="font-size:small;-webkit-text-size-adjust:none;color:#666;">—<br />You are receiving this because you are subscribed to this thread.<br />Reply to this email directly, <a href="https://github.com/bisq-network/roles/issues/66#issuecomment-461823512">view it on GitHub</a>, or <a href="https://github.com/notifications/unsubscribe-auth/AkpZtuqxl8LBTcCKIYqb_Tmt-k1DRnbHks5vLYw1gaJpZM4RYmQm">mute the thread</a>.<img src="https://github.com/notifications/beacon/AkpZtjMZxVckgb6c9YhIAjS-J_cf7fEyks5vLYw1gaJpZM4RYmQm.gif" height="1" width="1" alt="" /></p>


<script type="application/json" data-scope="inboxmarkup">{"api_version":"1.0","publisher":{"api_key":"05dde50f1d1a384dd78767c55493e4bb","name":"GitHub"},"entity":{"external_key":"github/bisq-network/roles","title":"bisq-network/roles","subtitle":"GitHub repository","main_image_url":"https://github.githubassets.com/images/email/message_cards/header.png","avatar_image_url":"https://github.githubassets.com/images/email/message_cards/avatar.png","action":{"name":"Open in GitHub","url":"https://github.com/bisq-network/roles"}},"updates":{"snippets":[{"icon":"PERSON","message":"@sqrrm in #66: On CVE-2018–20587\r\n\r\nA summary can be found at https://medium.com/@lukedashjr/cve-2018-20587-advisory-and-full-disclosure-a3105551e78b\r\n\r\nI don't think any action is needed from our side as long as the nodes are running in a safe environment with only one user. It's up to node operators to handle their individual op sec. Perhaps we could add some recommendations on this to make sure everyone is more aware? @Emzy @KanoczTomas ?"}],"action":{"name":"View Issue","url":"https://github.com/bisq-network/roles/issues/66#issuecomment-461823512"}}}</script>


<script type="application/ld+json">[


{


"@context": "http://schema.org",


"@type": "EmailMessage",


"potentialAction": {


"@type": "ViewAction",


"target": "https://github.com/bisq-network/roles/issues/66#issuecomment-461823512",


"url": "https://github.com/bisq-network/roles/issues/66#issuecomment-461823512",


"name": "View Issue"


},


"description": "View this Issue on GitHub",


"publisher": {


"@type": "Organization",


"name": "GitHub",


"url": "https://github.com"


}


}


]</script>