security : looking for volunteers

[ggerganov]

According to our security policy we try to address security issues privately before disclosure. However, this is time consuming and currently is done in a very inefficient way by a small number of collaborators.

I am looking for volunteers interested in helping with reviewing private security vulnerability disclosures. If you are a collaborator and are interested in helping out, please add your name to the list below. You will be included in all vulnerability reports to help verify, asses and patch security issues.

List:

• @ServeurpersoCom
• @retr0reg
• @EAddario

---

To give a sense of the amount of reports that we currently have, here is the current state:

[ServeurpersoCom]

Security is my day job, so happy to help review if needed

[retr0reg]

Would love to help reviewing for Llama.cpp if needed.
I also still conduct research on Llama.cpp, so I might submit report personally. I wonder if that would be a possible conflict with the role. My thought is that I won't triage work of my own.

[EAddario]

Happy to throw my name in the hat so long helping during weekends only is OK

[ggerganov]

Thanks, I've added you to the advisories. Probably most of these are not really security issues, but would be nice to have extra look before closing them. Feel free to advise what actions to take.