Date: Sat, 1 Feb 2014 10:27:47 +0100 From: Yves-Alexis Perez <corsac@...ian.org> To: oss-security@...ts.openwall.com Cc: Solar Designer <solar@...nwall.com> Subject: Re: Linux 3.4+: arbitrary write with CONFIG_X86_X32 (CVE-2014-0038) -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 On Sat, Feb 01, 2014 at 03:45:14AM +0100, PaX Team wrote: > > http://googleonlinesecurity.blogspot.com/2013/10/going-beyond-vulnerability-rewards.html > > > > ... but finding a vulnerability would probably not fall under the latter > > program. > > yes, that's a somewhat different kettle of fish though bugfixes may > be eligible if it's about fixing or mitigating entire classes (not > the case here obviously). But I'm pretty sure one of your “pet projet” would qualify (multiple time), should you want to go that road :) Regards, - -- Yves-Alexis Perez -----BEGIN PGP SIGNATURE----- Version: GnuPG v2.0.22 (GNU/Linux) iQEcBAEBCgAGBQJS7L4QAAoJEG3bU/KmdcCldt4H/RuMevjw5wglr83nfTkxNGio boepSFmDfycX2jk+sBrPb1jFpY1xLW+KRTzsvedKb1CTCSmKLvnhHeU9ZC5FdTao 7AxoJq3C7JQuelB9eElmHAtzgTynF3nvKaKYqWJVHg1Htjs4FpH1gCvRz3iv1VpI gJ7sPdeiCxc7GM8VCA5yX593avCMIaYm1O3wdfMwSOv7fE+hbCs0U+3y/+9THmIT uLGUf0AjWLFH0z3NhUrx5yaNO+R9+0hEnk8Nlq1l1PEOI+5sH5hk7OwBEyD6EVYd E4X4s82/JEcDbKNV0HAUUX/hR7VrWmGkMA6E0BEMOLhQLdTeyIxGplSIiCDF3PY= =6PpH -----END PGP SIGNATURE-----
Powered by blists - more mailing lists
Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.
Powered by Openwall GNU/*/Linux - Powered by OpenVZ