I also support this idea. Thanks! On Wed, Aug 16, 2017 at 07:55:51PM -0700, Bhargava Shastry wrote: > Hi Justin, > > Nice to hear. I have CC ed Dev ml. > > Regards > Bhargava > > > On August 16, 2017 5:18:58 PM PDT, Justin Pettit <[email protected]> wrote: > >Hi, Bhargava. This seems like a great idea to me. Unless there's > >something sensitive, I'd suggest we discuss it on the > >[email protected] mailing list. The security mailing list is good > >for discussing potential OVS vulnerabilities, but this seems like a > >good topic for the general community. And thanks for all your > >contributions to making OVS more secure! > > > >--Justin > > > > > >> On Aug 16, 2017, at 4:17 PM, Bhargava Shastry > ><[email protected]> wrote: > >> > >> Dear Ben, Sec@OvS, > >> > >> We have had reasonable success fuzzing OvS so far. It turns out there > >is > >> a security initiative led by Google that enables open-source projects > >to > >> benefit from continuous fuzzing [1]. I was wondering if you'd be > >> interested. If you are, I can help integrate OvS into their framework > >> over a two-staged effort. > >> > >> First, I write a test case for the remote code execution bug and > >> integrate it into the fuzzer test suite [2] which is basically a > >> framework for fuzzer evaluation. > >> > >> Second, I try to integrate OvS into OSS-fuzz, Google's initiative. > >Let > >> me know what you think. > >> > >> [1]: https://github.com/google/oss-fuzz > >> [2]: https://github.com/google/fuzzer-test-suite > >> > >> Regards, > >> Bhargava > >> > >> -- > >> Bhargava Shastry <[email protected]> > >> Security in Telecommunications > >> TU Berlin / Telekom Innovation Laboratories > >> Ernst-Reuter-Platz 7, Sekr TEL 17 / D - 10587 Berlin, Germany > >> phone: +49 30 8353 58235 > >> Keybase: https://keybase.io/bshastry > >> _______________________________________________ > >> security mailing list > >> [email protected] > >> https://mail.openvswitch.org/mailman/listinfo/ovs-security > > -- > Sent from my Android device with K-9 Mail. Please excuse my brevity.
> _______________________________________________ > security mailing list > [email protected] > https://mail.openvswitch.org/mailman/listinfo/ovs-security _______________________________________________ dev mailing list [email protected] https://mail.openvswitch.org/mailman/listinfo/ovs-dev
