oss-sec mailing list archives

Previous By Date Next
Previous By Thread Next

RE: Vendor-sec hosting and future of closed lists

From: "Menkhus, Mark (GSE Security HP SSRT)" <mark.menkhus () hp com>
Date: Wed, 16 Mar 2011 16:26:53 +0000
Thanks Eugene,

I have been looking at how to contribute in FOSS and security, and for me
it's been in the area of how to understand what vulnerabilities are already
documented.  I might think about looking more at the kernel changelogs and
LKML lists.

For sure, I'll look for some bugs while I am at it, tho.

Mark

-----Original Message-----
From: Eugene Teo [mailto:eugene () redhat com]
Sent: Tuesday, March 15, 2011 11:45 PM
To: oss-security () lists openwall com
Cc: Menkhus, Mark (GSE Security HP SSRT)
Subject: Re: [oss-security] Vendor-sec hosting and future of closed
lists

On 03/16/2011 12:07 PM, Menkhus, Mark (GSE Security HP SSRT) wrote:
[...]

Not being the one fixing the code for our kernel left me with little

to

immediately contribute, but I requested and coordinated with several

folks

who got vendor sec for HP.  Likely, we would still want to be part of
vendor-sec.new.


Many of the kernel vulnerabilities I have seen over the past two years
at least, were reported and fixed upstream. Only a handful of them were
reported privately. I can't remember when was the last time we had a
kernel issue reported via vendor-sec. There were, but it must have been
quite some time ago. LKML is still one of the better places to find
vulnerabilities :) Contributions welcomed.

Eugene
--
main(i) { putchar(182623909 >> (i-1) * 5&31|!!(i<7)<<6) && main(++i); }

Attachment: smime.p7s
Description:

Previous By Date Next
Previous By Thread Next

Current thread: