Google’s security patches for open source software reward




Google’s security patches for open source software reward

Google salutes rewards between 500 and 3133.70 dollars for developers who submit patches for vulnerabilities in some popular open source packages and libraries. This goes beyond the purely Google reward for reporting a security issue.

The search giant says his patch Rewards program to want to try something different than the traditional “bug bounties” organized by several firms. It should encourage software developers and security experts in addition to finding bugs also working through a patch to fix it.

The Patch Rewards program focuses on open source software that is widely used on the Internet, according to Google. However, the company itself used almost all software above. This will include OpenSSH and BIND named, but also libraries like zlib, libjpeg and libpng. Certain parts of the Linux kernel, which forms the basis of Android, covered by the program, as well as Chromium and Blink-browser engine, both software from Google. However, Google promises in the future to add, such as Apache, the GNU Compiler Collection and several SMTP daemons. Other popular software packages to the rewards program

Google calls include patches for safer memory and prevent dangerous calls to libraries as examples of patches that may come. Eligible for a reward However, all patches that are already known bug fix are not eligible. In addition, the patch be transmitted to the developers of the relevant package and are included in an update.

Then a request be submitted for a reward. At Google This amount is between 500 and 3133.70 dollars. The level of remuneration is determined by the complexity of the problem and the sophistication of the patch provided, reports Google. Incidentally, it remains known vulnerability program for reporting vulnerabilities on websites just yet exist.


In: Technology & Gadgets Asked By: [18418 Red Star Level]

Answer this Question

You must be Logged In to post an Answer.

Not a member yet? Sign Up Now »