Date: Wed, 31 Oct 2018 22:00:23 +0100 From: Greg KH <greg@...ah.com> To: oss-security@...ts.openwall.com Subject: Re: Linux 4.19.0-rc3 Bluetooth out-of-bounds-read and use-after-free On Wed, Oct 31, 2018 at 03:11:38PM +0100, Solar Designer wrote: > As you can see below, in one message the sender offered to coordinate > with firstname.lastname@example.org and asked for a CVE ID. However, this was in response > to my questions about those aspects as it relates to the sender's other > message, and I don't know whether the sender actually proceeded to > coordinate with email@example.com (I tried asking the sender and got no > response) and no CVE ID was assigned by distros (since the sender also > didn't respond to my inquiry about security relevance). firstname.lastname@example.org generally tells all people who submit syzbot reports to just contact the upstream developers on their mailing list for issues reported by that tool, as that is what the tool's team does. And I think we did that for this report as well, but never heard anything back :( thanks, greg k-h
Powered by blists - more mailing lists
Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.
Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.