This is the mail archive of the libc-alpha@sourceware.org mailing list for the glibc project.

Index Nav:	[Date Index] [Subject Index] [Author Index] [Thread Index]
Message Nav:	[Date Prev] [Date Next]	[Thread Prev] [Thread Next]
Other format:	[Raw text]

FOSSA bug bounty program

From: Florian Weimer <fw at deneb dot enyo dot de>
To: libc-alpha at sourceware dot org
Date: Mon, 31 Dec 2018 12:10:49 +0100
Subject: FOSSA bug bounty program

glibc is listed as a participating project here:

  <https://juliareda.eu/2018/12/eu-fossa-bug-bounties/>

Has anyone been in contact with them?  How do they propose to deal
with their findings?

The default terms of the vulnerability sharing platform they chose are
incompatible with how we handle vulnerabilities, with collaboration on
patch development across multiple organizations and coordinated
disclosure for important vulnerabilities.

Follow-Ups:
- Re: FOSSA bug bounty program
  - From: Jérôme Benoit

Index Nav:	[Date Index] [Subject Index] [Author Index] [Thread Index]
Message Nav:	[Date Prev] [Date Next]	[Thread Prev] [Thread Next]