[Secure-testing-team] A full audit of SPARC arch by our static
binary analysis tool
Anthony DeRobertis
anthony at derobert.net
Thu Aug 4 00:25:10 UTC 2005
Jake Appelbaum wrote:
> I'm sure people are a bit skeptical of a project like this and what kind
> of things it can do. We're not just doing this because we use Debian but
> because we want to support Free Software in general.
Sounds like a good idea. Not only will it possibly reveal unpatched bugs
in free software, but it will also give your software quite a stress test.
You don't need Debian's approval to do this; just go ahead and start it
running. I suggest that if you do start finding a lot of security holes,
you talk to MITRE to get CAN numbers for the holes you find. And then go
ahead and report the security bugs in the normal manner.
More information about the Secure-testing-team
mailing list