From nurupo at tox.chat  Mon Dec 13 22:04:16 2021
From: nurupo at tox.chat (nurupo)
Date: Mon, 13 Dec 2021 17:04:16 -0500
Subject: [Bootstrap] Toxcore vulnerability discovered (CVE-2021-44847),
 update nodes to Toxcore 0.2.13
Message-ID: <5c6b9645bbb79927648dab370360731f@tox.chat>

Hi,

A vulnerability was discovered in Toxcore 0.2.12 and earlier that allows 
anyone to easily crash bootstrap nodes and may allow arbitrary code 
execution. The vulnerability was assigned CVE-2021-44847 identifier.
You can read more about it in the blog post 
https://blog.tox.chat/2021/12/stack-based-buffer-overflow-vulnerability-in-udp-packet-handling-in-toxcore-cve-2021-44847/

The vulnerability was patched in the recently released Toxcore 0.2.13.

Please update your bootstrap nodes to use Toxcore 0.2.13.

-- 
Regards,
nurupo