Openwall GNU/*/Linux - a small security-enhanced Linux distro for servers
[<prev] [next>] [<thread-prev] [day] [month] [year] [list]
Date: Sun, 17 Dec 2017 02:14:16 -0500
From: Qhdwns123 <>
To: "" <>
Subject: Re: The Internet Bug Bounty: Data Processing (


I think this project is a good idea.

However, there is a difficulty.

Most of the bugs reported are only PoC files and ASan logs.

Because it takes a lot of analysis time to analyze the bugs and make the RCE (Exploit).

As a result, other bugs are delayed.


> -------- Original Message --------
> Subject: Re: [oss-security] The Internet Bug Bounty: Data Processing (
> Local Time: October 9, 2017 5:04 PM
> UTC Time: October 9, 2017 8:04 AM
> From:
> To:
> On Sun, Oct 8, 2017 at 11:24 PM Michael Niedermayer
> wrote:
>>> We’d love to have FFmpeg in-scope, but the simple reason is that they
>>> don’t
>>> reply to our e-mails. All projects participating must explicitly opt-in,
>>> and we can’t get anybody at FFmpeg to let us know their thoughts on if
>>> they
>>> would like to be added or not.
>> Your mails where misidentified as spam on my side at least, and while
>> i admit i saw them and wanted to reply later i forgot and somehow
>> apparently everyone else forgot to reply too.
>> Finally replied and yes of course FFmpeg wants to participate
> Awesome! Thanks for getting back to us.
> We've added FFmpeg to the scope at the bottom of
> Happy hacking,
> ~reed
> (for the IBB)

Powered by blists - more mailing lists

Your e-mail address:

Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.

Powered by Openwall GNU/*/Linux - Powered by OpenVZ