The European Union has announced a series of reward programs in the search for bugs for open source software including VLC, Filezilla, PuTTY, and 7-Zip.
Financial rewards will be offered to security researchers who discover vulnerabilities in 14 projects that the European Union will include in the first phase of its program.
These rewards are offered as part of the FOSSA project (Free and Open Source Software Audit), originally released in 2015 following the discovery of security issues in Open SSL encryption.
Julia Reda, Member of the European Parliament, mentions that the bug bounty program includes 14 projects that are constantly used in the European Union.
"The size of the reward depends on the importance of the problem found and the relative importance of the software. The chosen software was previously identified as a candidate through inventories and public surveys. " Mentions Reda.
Bug bounties up to € 90,000
Many of the bug bounties have started this month and will expire sometime in the year, but there are also bounties that will continue through 2020.
Regarding the rewards offered, They start at 25000 Euros for vulnerabilities found in DSS (Digital Signatures Services) and go up to 90,000 Euros for vulnerabilities discovered in Putty. On the other hand, a vulnerability discovered in VLC is worth 58000 Euros.
More information about the rewards programs will arrive in the next few days, the first project will be released next week.
While solving critical bugs will help the European Union in the first place, users will also benefit from the work done, especially with programs as popular as VLC.