[ofiwg] libfabric static analysis
Dave Goodell (dgoodell)
dgoodell at cisco.com
Thu Jan 14 06:53:09 PST 2016
On Jan 13, 2016, at 11:22 PM, Odzioba, Lukasz <lukasz.odzioba at intel.com> wrote:
>
> I would like to provide cleaned up list, but unfortunately I do not have time to investigate and my opinion might not be valid in all cases.
> Since there are plenty of them some might require a CVE.
>
> Would you like me to send you the full list of potential issues (it is for 1.1.0, but from what I saw most of it is still relevant)?
> If so please provide me an email to contact person responsible project security (since list might contain vulnerabilities I would prefer to no post it publicly).
Hi Lukasz,
I'm not sure if anyone on the project has much experience with issuing CVEs. But if you'd like, you can email the information to me and Sean Hefty (sean.hefty at intel.com) and we'll disseminate the info further from there as appropriate.
-Dave
More information about the ofiwg
mailing list