A thread is reserved in #Proposals which will be updated with the only legitimate Patch Proposal tied contract address(es) (see below). All other proposals, even though they may be legitimate, I would absolutely extremely suggest TORN holders to VOTE AGAINST.
THIS IS IMPORTANT, BECAUSE it can be expected, that someone will also attempt to publish a set of proposals which may seem like what we intend to do with Patch Proposal. IF THIS HAPPENS, DO NOT BE FOOLED and again, ONLY ONLY ONLY accept a Proposal with FULL COMMUNITY CONSENSUS HERE ON THE FORUM.
As such, the Proposal number will possibly not be 22, because someone else could propose something malicious.
Furthermore and less important details,
This is an advisory that totally depends on whether the attacker will execute proposal number 21, which should revert the state changes. So, this assumes the attacker will do it.
Note that addresses were mentioned, as it goes right now, a factory for some contracts will have to be deployed extra. Maybe we can CREATE2 it in forward. Will discuss in other thread.
Because the vulnerability is now known and until we do not deploy, propose and set the proposal, governance is vulnerable to the same exploit that was used to exploit it once.