Those advisories all came from outside sources, most notably calif.io.
It's not clear to me that FreeBSD found any of them internally ...
Those advisories all came from outside sources, most notably calif.io.
It's not clear to me that FreeBSD found any of them internally ...
Calif.io have access to Mythos Preview which they've used to find a macOS kernel memory corruption exploit on Apple M5: https://blog.calif.io/p/first-public-kernel-memory-corruptio...
It's probably the right approach to onboard a few independent security companies and task them with reviewing multiple OSS projects than it is to onboard each project individually.