...
Ventana: Jeff Law – design/implementation review
Samsung: Alexy Merzlyakov – binary/rpm scanner based on Nick Clifton's annobin framework
Red Hat: Nick Clifton – annobin scanning framework
External:
Dependencies
- There is a minor dependency on wording in PSABI for a extreme corner case. Essentially PSABI will need to spell out certain requirements for callers that the callee can depend on to implement efficient stack clash mitigation. This is a technical ABI change, but it is expected all binaries in the wild would satisfy the new ABI requirements as-is without a rebuild.
...
Page Properties | ||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
Updates
- Using Alexy's scanner we're able to start scanning packages for issues. Those issues which show potential problems can then be rebuilt with Raphael's work to verify the vulnerability has been closed.
- Internal (Ventana) implementation review in progress. Generally looks good. Significant testing effort should spin up late this week.
...