Joshua Rogers wrote: > Is this the right place to report a memory corruption vulnerability in grep?
Thanks for asking.
Please be sure you're using the latest from git:
http://git.sv.gnu.org/cgit/grep.git
If you think it may really be exploitable (as in arbitrary code execution),
it's best not to publicize it right away. Instead, report it privately to
a few of the recent committers -- you can use the addresses from the git log.
Otherwise, this list is fine.
