Hi Justin, Nice to hear. I have CC ed Dev ml.
Regards Bhargava On August 16, 2017 5:18:58 PM PDT, Justin Pettit <jpet...@ovn.org> wrote: >Hi, Bhargava. This seems like a great idea to me. Unless there's >something sensitive, I'd suggest we discuss it on the >d...@openvswitch.org mailing list. The security mailing list is good >for discussing potential OVS vulnerabilities, but this seems like a >good topic for the general community. And thanks for all your >contributions to making OVS more secure! > >--Justin > > >> On Aug 16, 2017, at 4:17 PM, Bhargava Shastry ><bshas...@sec.t-labs.tu-berlin.de> wrote: >> >> Dear Ben, Sec@OvS, >> >> We have had reasonable success fuzzing OvS so far. It turns out there >is >> a security initiative led by Google that enables open-source projects >to >> benefit from continuous fuzzing [1]. I was wondering if you'd be >> interested. If you are, I can help integrate OvS into their framework >> over a two-staged effort. >> >> First, I write a test case for the remote code execution bug and >> integrate it into the fuzzer test suite [2] which is basically a >> framework for fuzzer evaluation. >> >> Second, I try to integrate OvS into OSS-fuzz, Google's initiative. >Let >> me know what you think. >> >> [1]: https://github.com/google/oss-fuzz >> [2]: https://github.com/google/fuzzer-test-suite >> >> Regards, >> Bhargava >> >> -- >> Bhargava Shastry <bshas...@sec.t-labs.tu-berlin.de> >> Security in Telecommunications >> TU Berlin / Telekom Innovation Laboratories >> Ernst-Reuter-Platz 7, Sekr TEL 17 / D - 10587 Berlin, Germany >> phone: +49 30 8353 58235 >> Keybase: https://keybase.io/bshastry >> _______________________________________________ >> security mailing list >> secur...@openvswitch.org >> https://mail.openvswitch.org/mailman/listinfo/ovs-security -- Sent from my Android device with K-9 Mail. Please excuse my brevity. _______________________________________________ dev mailing list d...@openvswitch.org https://mail.openvswitch.org/mailman/listinfo/ovs-dev
