|
Message-ID: <YT2PR01MB9827A6400BB63C5452D163CFE8202@YT2PR01MB9827.CANPRD01.PROD.OUTLOOK.COM> Date: Thu, 7 Mar 2024 22:11:04 +0000 From: Katherine Mcmillan <kmcmi046@...tawa.ca> To: "solar@...nwall.com" <solar@...nwall.com> CC: "oss-security@...ts.openwall.com" <oss-security@...ts.openwall.com> Subject: Re: help wanted - bring more issues in here Hello Alexander, I would be interested in helping with this. Recently, I have brought a security flaw in the Wacom One driver to different communities' attention (as well as how to overcome it with 'Linux for the Wacom One' substitutions), the AI/LLM ASCII vulnerability here (ArtPrompt): https://medium.com/predict/hacking-chatgpt-the-ascii-art-jailbreak-unveiled-9efb0648cd0f, and the firmware vulnerability here (LogoFail, back in December): https://www.scmagazine.com/news/logofail-vulnerabilities-may-affect-95-of-computers-researchers-say. I am a big fan of creative exploits and solutions. I'm more deeply involved with *BSD than Linux. Thank you for considering, Katie ________________________________ From: Solar Designer <solar@...nwall.com> Sent: 07 March 2024 16:56 To: oss-security@...ts.openwall.com <oss-security@...ts.openwall.com> Subject: [oss-security] help wanted - bring more issues in here Attention : courriel externe | external email Hi, We have this contributing back task not requiring (linux-)distros membership: https://oss-security.openwall.org/wiki/mailing-lists/distros#contributing-back Administrative tasks mostly unrelated to (linux-)distros lists (but relevant to the wider community) [...] 3. Monitor for Open Source security issues/topics published elsewhere, identify which of these would fit, and bring them to oss-security - primary: Oracle Solaris, backup: vacant Alan Coopersmith of Oracle Solaris does a good job at this task. Thank you, Alan! However, this task needs more than one person's involvement. I'd appreciate it if others volunteer for it as well - both a second distro (as you can see, that spot is now vacant) and anyone else who's capable and willing to help. I'd also appreciate volunteers for just the third sub-task. I happen to notice many "Open Source security issues/topics published elsewhere" and "identify which of these would fit", but I rarely have time to write them up for posting to oss-security. So if some of you volunteer for producing proper self-contained oss-security posting out of references to issues published elsewhere, I could simply be forwarding the links and raw material to you, for you to process and post. In some cases, this can be as simple as extracting a posting from another mailing list's archive, with proper attribution and including a link too. In other cases, it's trickier. I'll provide initial guidance. Anyone? I guess many others in here also often come across more issues suitable for oss-security, and also don't have time. So assuming that enough people volunteer for the third "process and post" sub-task, please feel free to also volunteer for the first two sub-tasks. Thanks, Alexander
Powered by blists - more mailing lists
Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.
Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.