lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [day] [month] [year] [list]
Message-ID: <Pine.SOL.4.44.0208051732350.10634-100000@tk28>
From: thavana at ees2.oulu.fi (Tiina Havana)
Subject: Software vulnerability reporting survey

Dear Full-Disclosurers,

Software vulnerability reporting process is a topic that is vividly
debated. Now you have an opportunity to share your experiences and express
your worries on the issue anonymously - by taking part in the OUSPG
research on vulnerability reporting. I am doing a survey that is targeted
to vendors who receive bug reports, to coordinators of the reporting
process (e.g. mailing list moderators and national CERTs), and to reporters
of software vulnerabilities. So, if you do any of these, you are the right
person to answer. Even if someone from your organization already has
answered or is going to answer to this survey, I would still appreciate
getting to know your personal opinions as well.

More information and the links to the questionnaires can be found at:
https://www.ee.oulu.fi/research/ouspg/reporting/q-form/

All answers are anonymous.

The results of the survey will be published on the OUSPG's WWW-pages by the
end of this year.

I cannot do this without your help! ;)

/Tiina Havana - OUSPG

PS: We maintain a link list about discussions on vulnerability reporting:
http://www.ee.oulu.fi/research/ouspg/sage/disclosure-tracking/












Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ