Hosein Askari <hosein.askari@aol.com> writes:
> hi sir,
> I found a vulnerability,
Congratulations :-)
> you can check this out on :CVE-2017-5972 or links are shown below:
>
> https://security-tracker.debian.org/tracker/CVE-2017-5972
> https://access.redhat.com/security/cve/cve-2017-5972
> http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=2017-5972
> https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-5972
>
> if it's possible please give me an official certificate or
> acknowledgement like redhat company,
The Debian Project is a volunteer run organisation, and as such does not
have a legal existence that might be expected to be the issuer of such
certificates.
Also, this mailing list ('debian-boot') is devoted to the activity of
building the Debian-Installer, so even if it is possible for the Debian
Project to come up with such a certificate, this is not the right place
to ask.
> i want to be with your company without any salary or anything else. it
> will be my honor if you give me an official acknowledgements
Since The Debian Project is a volunteer organisation (not a company),
we're _all_ here with no salary, and you are welcome to join us. :-)
I suppose you could ask the security team for a note of thanks, or maybe
the publicity team. Would either of those suffice?
The contact information for the parts of Debian can be found here:
http://www.debian.org/intro/organization
Cheers, Phil.
--
|)| Philip Hands [+44 (0)20 8530 9560] HANDS.COM Ltd.
|-| http://www.hands.com/ http://ftp.uk.debian.org/
|(| Hugo-Klemm-Strasse 34, 21075 Hamburg, GERMANY
Attachment:
signature.asc
Description: PGP signature