July 29, 2014
Hot Topics:
RSS RSS feed Download our iPhone app

Google to Pay Developers for Securing Open Source Apps

  • October 10, 2013
  • By Developer.com Staff

Google has earned a reputation for paying generous bug bounties to security researchers who find vulnerabilities in its applications. Now it is extending that program to important open source applications that it doesn't own—sort of.

In order to be eligible for these new payouts, developers must create a patch for any problems they find, submit those patches to the project manager, and have the changes accepted by the project managers.

At first, Google will pay for patches for OpenSSH, BIND, ISC DHCPm, libjpeg, libjpeg-turbo, libpng, giflib, Chromium, Blink, OpenSSL, zlib and security-critical, commonly used components of the Linux kernel (including KVM). In the future, it plans to extend the program to Apache httpd, lighttpd, nginx, Sendmail, Postfix, Exim, OpenVPN and toolchain security improvements for GCC, binutils and llvm.

View article






Comment and Contribute

 


(Maximum characters: 1200). You have characters left.

 

 


Sitemap | Contact Us

Rocket Fuel