From mboxrd@z Thu Jan  1 00:00:00 1970
Return-Path: <law@redhat.com>
Received: from us-smtp-delivery-124.mimecast.com
 (us-smtp-delivery-124.mimecast.com [216.205.24.124])
 by sourceware.org (Postfix) with ESMTP id 05FB23854817
 for <overseers@gcc.gnu.org>; Mon,  4 Jan 2021 17:49:02 +0000 (GMT)
DMARC-Filter: OpenDMARC Filter v1.3.2 sourceware.org 05FB23854817
Received: from mimecast-mx01.redhat.com (mimecast-mx01.redhat.com
 [209.132.183.4]) (Using TLS) by relay.mimecast.com with ESMTP id
 us-mta-135-JByxTVoXPdKUGy54uoRTZA-1; Mon, 04 Jan 2021 12:48:59 -0500
X-MC-Unique: JByxTVoXPdKUGy54uoRTZA-1
Received: from smtp.corp.redhat.com (int-mx04.intmail.prod.int.phx2.redhat.com
 [10.5.11.14])
 (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits))
 (No client certificate requested)
 by mimecast-mx01.redhat.com (Postfix) with ESMTPS id 2110910055B0;
 Mon,  4 Jan 2021 17:48:57 +0000 (UTC)
Received: from localhost.localdomain (ovpn-114-95.phx2.redhat.com
 [10.3.114.95])
 by smtp.corp.redhat.com (Postfix) with ESMTP id 907A25D9C6;
 Mon,  4 Jan 2021 17:48:56 +0000 (UTC)
Subject: Re: Security vulnerabilities affects core API authorization of gnu.org
To: Salah Mosbah <salahbughunter@gmail.com>
Cc: janus@gcc.gnu.org, gcc@gcc.gnu.org, jself@gnu.org, overseers@gcc.gnu.org
References: <CAFEc1FcNApb65M6D6aVi=qZ6OiQ64QPGfTA558POYvS55uV=dA@mail.gmail.com>
 <ac9ccc21-c01a-a503-a598-e009e30bf4e7@redhat.com>
 <CAFEc1Fc4XUn7udO3024NNSxqU+VA1sXVFjxui9Y2s-0rhY1KBw@mail.gmail.com>
From: Jeff Law <law@redhat.com>
Message-ID: <8479ad65-36b7-6b09-f6b5-ccb07c07e1ad@redhat.com>
Date: Mon, 4 Jan 2021 10:48:55 -0700
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:78.0) Gecko/20100101
 Thunderbird/78.6.0
MIME-Version: 1.0
In-Reply-To: <CAFEc1Fc4XUn7udO3024NNSxqU+VA1sXVFjxui9Y2s-0rhY1KBw@mail.gmail.com>
X-Scanned-By: MIMEDefang 2.79 on 10.5.11.14
X-Mimecast-Spam-Score: 0
X-Mimecast-Originator: redhat.com
Content-Type: text/plain; charset=utf-8
Content-Transfer-Encoding: 8bit
Content-Language: en-US
X-Spam-Status: No, score=-5.8 required=5.0 tests=BAYES_00, DKIMWL_WL_HIGH,
 DKIM_SIGNED, DKIM_VALID, DKIM_VALID_AU, DKIM_VALID_EF, KAM_SHORT, NICE_REPLY_A,
 RCVD_IN_DNSWL_LOW, RCVD_IN_MSPIKE_H3, RCVD_IN_MSPIKE_WL, SPF_HELO_NONE,
 SPF_PASS, TXREP autolearn=ham autolearn_force=no version=3.4.2
X-Spam-Checker-Version: SpamAssassin 3.4.2 (2018-09-13) on
 server2.sourceware.org
X-BeenThere: overseers@sourceware.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: Overseers mailing list <overseers.sourceware.org>
List-Unsubscribe: <https://sourceware.org/mailman/options/overseers>,
 <mailto:overseers-request@sourceware.org?subject=unsubscribe>
List-Archive: <https://sourceware.org/pipermail/overseers/>
List-Post: <mailto:overseers@sourceware.org>
List-Help: <mailto:overseers-request@sourceware.org?subject=help>
List-Subscribe: <https://sourceware.org/mailman/listinfo/overseers>,
 <mailto:overseers-request@sourceware.org?subject=subscribe>
X-List-Received-Date: Mon, 04 Jan 2021 17:49:06 -0000



On 1/4/21 10:40 AM, Salah Mosbah wrote:
> Hi Jeff,
>
> Does gnu.org <http://gnu.org/> has a bug bounty program or reporting
> bugs reward policy?
I have no idea.
jeff
>