[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: Vulnerability | CVE-2017-5972

Hosein Askari <hosein.askari@aol.com> writes:

>  hi sir,
> I found a vulnerability,

Congratulations :-)

> you can check this out on :CVE-2017-5972 or links are shown below:
> https://security-tracker.debian.org/tracker/CVE-2017-5972
> https://access.redhat.com/security/cve/cve-2017-5972
> http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=2017-5972
> https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-5972
> if it's possible please give me an official certificate or
> acknowledgement like redhat company,

The Debian Project is a volunteer run organisation, and as such does not
have a legal existence that might be expected to be the issuer of such

Also, this mailing list ('debian-boot') is devoted to the activity of
building the Debian-Installer, so even if it is possible for the Debian
Project to come up with such a certificate, this is not the right place
to ask.

> i want to be with your company without any salary or anything else. it
> will be my honor if you give me an official acknowledgements

Since The Debian Project is a volunteer organisation (not a company),
we're _all_ here with no salary, and you are welcome to join us. :-)

I suppose you could ask the security team for a note of thanks, or maybe
the publicity team.  Would either of those suffice?

The contact information for the parts of Debian can be found here:


Cheers, Phil.
|)|  Philip Hands  [+44 (0)20 8530 9560]  HANDS.COM Ltd.
|-|  http://www.hands.com/    http://ftp.uk.debian.org/
|(|  Hugo-Klemm-Strasse 34,   21075 Hamburg,    GERMANY

Attachment: signature.asc
Description: PGP signature

Reply to: