[openssl-dev] [openssl.org #3943] Vulnerability Report
Viktor Dukhovni
openssl-users at dukhovni.org
Tue Jul 14 19:31:06 UTC 2015
On Tue, Jul 14, 2015 at 07:21:25PM +0000, Mahender Singh via RT wrote:
> Glad for your quick and fast response and implementation. I have heard
> about your bounty program over Hackerone. As I did ethical work I am hoping
> some bounty in good faith from your end.
OpenSSL is an open-source project distributed to users at no cost.
We appreciate all contributions to the OpenSSL project. Thank you
for your contribution.
If you feel your findings qualify for a bounty per the conditions
at:
https://hackerone.com/openssl
you can follow up with the contacts listed on that page.
My best guess is that a minor misconfiguration of the OpenSSL
project website is not a compromise of the OpenSSL software and
does not qualify.
--
Viktor.
More information about the openssl-dev
mailing list