From mboxrd@z Thu Jan  1 00:00:00 1970
Return-Path: <m.muench@vu.nl>
Received: from mailin.vu.nl (mailin.vu.nl [130.37.164.72])
 by sourceware.org (Postfix) with ESMTPS id 95317385624D
 for <gcc-help@gcc.gnu.org>; Wed, 25 May 2022 17:00:17 +0000 (GMT)
DMARC-Filter: OpenDMARC Filter v1.4.1 sourceware.org 95317385624D
Received: from pexch005a.vu.local (130.37.237.82) by mailin.vu.nl
 (130.37.164.72) with Microsoft SMTP Server (version=TLS1_2,
 cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id 15.1.2375.28; Wed, 25 May
 2022 18:59:54 +0200
Received: from [10.228.130.211] (130.37.253.6) by PEXCH005a.vu.local
 (130.37.237.82) with Microsoft SMTP Server (version=TLS1_2,
 cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id 15.1.2375.28; Wed, 25 May
 2022 18:59:54 +0200
Message-ID: <1dffbaaa-04f2-9ab9-ed3a-1de20cefcff3@vu.nl>
Date: Wed, 25 May 2022 18:59:54 +0200
MIME-Version: 1.0
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:91.0) Gecko/20100101
 Thunderbird/91.9.1
Content-Language: en-US
To: <gcc-help@gcc.gnu.org>
CC: Fabian Freyer <mail@fabianfreyer.de>, <v.m.duta@vu.nl>, "Cristiano
 Giuffrida" <c.giuffrida@vu.nl>, <pagani@cs.ucsb.edu>
From: Marius Muench <m.muench@vu.nl>
Subject: Security Point of Contact
Content-Type: text/plain; charset="UTF-8"; format=flowed
Content-Transfer-Encoding: 7bit
X-Originating-IP: [130.37.253.6]
X-ClientProxiedBy: pexch011a.vu.local (130.37.237.88) To PEXCH005a.vu.local
 (130.37.237.82)
X-Spam-Status: No, score=0.8 required=5.0 tests=BAYES_50, KAM_DMARC_STATUS,
 SPF_HELO_PASS, SPF_PASS,
 T_SCC_BODY_TEXT_LINE autolearn=ham autolearn_force=no version=3.4.6
X-Spam-Checker-Version: SpamAssassin 3.4.6 (2021-04-09) on
 server2.sourceware.org
X-BeenThere: gcc-help@gcc.gnu.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: Gcc-help mailing list <gcc-help.gcc.gnu.org>
List-Unsubscribe: <https://gcc.gnu.org/mailman/options/gcc-help>,
 <mailto:gcc-help-request@gcc.gnu.org?subject=unsubscribe>
List-Archive: <https://gcc.gnu.org/pipermail/gcc-help/>
List-Post: <mailto:gcc-help@gcc.gnu.org>
List-Help: <mailto:gcc-help-request@gcc.gnu.org?subject=help>
List-Subscribe: <https://gcc.gnu.org/mailman/listinfo/gcc-help>,
 <mailto:gcc-help-request@gcc.gnu.org?subject=subscribe>
X-List-Received-Date: Wed, 25 May 2022 17:00:19 -0000

Dear GCC maintainers,

We are a group of researchers from VU Amsterdam, UC Santa Barbara, and 
independents.
We found a potential security issue with the implementation of the 
Itanium C++ ABI unwinding process, and were wondering if you have any 
secure email contact point we can follow up on with additional details, 
or whether we should post it directly to the public bugtracker after 
coordinating with other affected parties.
Either way, we would like to disclose the information as soon as possible.

Best,
Fabian, Victor, Fabio, Marius & Cristiano