Date: Sun, 17 Dec 2017 02:14:16 -0500 From: Qhdwns123 <qhdwns123@...tonmail.com> To: "oss-security@...ts.openwall.com" <oss-security@...ts.openwall.com> Subject: Re: The Internet Bug Bounty: Data Processing (hackerone.com) Hello, I think this project is a good idea. However, there is a difficulty. Most of the bugs reported are only PoC files and ASan logs. Because it takes a lot of analysis time to analyze the bugs and make the RCE (Exploit). As a result, other bugs are delayed. Thanks. > -------- Original Message -------- > Subject: Re: [oss-security] The Internet Bug Bounty: Data Processing (hackerone.com) > Local Time: October 9, 2017 5:04 PM > UTC Time: October 9, 2017 8:04 AM > From: reed@...dloden.com > To: oss-security@...ts.openwall.com > > On Sun, Oct 8, 2017 at 11:24 PM Michael Niedermayer michael@...dermayer.cc > wrote: > >>> We’d love to have FFmpeg in-scope, but the simple reason is that they >>> don’t >>> reply to our e-mails. All projects participating must explicitly opt-in, >>> and we can’t get anybody at FFmpeg to let us know their thoughts on if >>> they >>> would like to be added or not. >> >> Your mails where misidentified as spam on my side at least, and while >> i admit i saw them and wanted to reply later i forgot and somehow >> apparently everyone else forgot to reply too. >> Finally replied and yes of course FFmpeg wants to participate > > Awesome! Thanks for getting back to us. > > We've added FFmpeg to the scope at the bottom of > https://hackerone.com/ibb-data. > > Happy hacking, > ~reed > (for the IBB)
Powered by blists - more mailing lists
Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.
Powered by Openwall GNU/*/Linux - Powered by OpenVZ