-
Notifications
You must be signed in to change notification settings - Fork 0
Bug Bounty
monzum edited this page Nov 20, 2012
·
3 revisions
Tuf-legacy has a simple built in issue tracker that allows anyone to report bugs related to the project. In particular we are interested on security related bugs that might compromise either the system or the actual software updates.
- src/libnit_listener.py
- src/tuf_api_translator.py
- src/libc/libnetworkinterpose.c
- src/TUF/src/*
- 1 Point for minor security flaws found as well as bugs/inputs that may cause the software updater to crash.
- 2 Point for finding alternate methods to LD_PRELOAD that works cross-platform.
- 2 Points for finding major bugs in TUF itself.
- 4 Points for MAJOR security flaws that may compromise the security updates.
You may also contact the developers directly if you would like to disclose any security flaws discretely.
- Konstantin Andrianov: [email protected]
- Jerry Backer: [email protected]>
- Monzur Muhammad: [email protected]
- Rezwana Uddin: [email protected]