The bstring project is committed to shipping a resilient and memory safe library. We take any exploitable security vulnerabilities very seriously.
The latest stable version of the bstring library is supported with security patches.
If you are using an older version, we recommend upgrading as soon as possible so that you have the most recent security improvements and bug fixes.
If you find an exploitable security vulnerability in this software, we would love to hear from you. Please file a private GitHub security vulnerability ticket.
When reporting a vulnerability, please include as much of the following information as possible:
- Description: A clear description of the vulnerability
- Impact: Potential impact and attack scenarios
- Reproduction: Step-by-step instructions to reproduce the issue
- Affected Versions: Which versions are affected
- Environment: Operating system, software versions, configuration details
- Proof of Concept: A trivial implementation, unit test, or similar