2022 q4 hof

bug-bounty-hof/client.yml

@@ -1,4 +1,51 @@
 names:
+- name: Luan Herrera
+  date: 2022-12-13
+- name: Mohamed Sabt & Gwendal Patat
+  date: 2022-12-13
+- name: Vadim
+  date: 2022-12-13
+- name: Axel Chong
+  date: 2022-11-22
+- name: Irvan Kurniawan (sourc7)
+  date: 2022-11-15
+  url: https://www.linkedin.com/in/sourc7/
+- name: Atte Kettunen
+  date: 2022-11-08
+  twitter: "@attekett"
+  url: https://twitter.com/@attekett
+- name: April King
+  date: 2022-11-08
+  url: https://grayduck.mn
+- name: Matthias Zoellner
+  date: 2022-11-05
+- name: Sam Ezeh
+  date: 2022-11-01
+- name: Tim Coen
+  date: 2022-11-01
+- name: Hafiizh
+  date: 2022-10-26
+  url: https://www.linkedin.com/in/hafiizh-7aa6bb31/
+- name: scarlet
+  date: 2022-10-26
+- name: Armin Ebert
+  date: 2022-10-26
+  url: https://rawsec.net/
+- name: Jayateertha Guruprasad
+  date: 2022-10-26
+  twitter: "JayateerthaG"
+  url: https://twitter.com/JayateerthaG
+- name: James Lee
+  date: 2022-10-11
+  twitter: "@Windowsrcer"
+  url: https://twitter.com/@Windowsrcer
+- name: Suhwan Song of SNU CompSec Lab
+  date: 2022-10-11
+- name: Willy R. Vasquez (wrv)
+  date: 2022-10-07
+- name: Ronald Crane
+  date: 2022-10-06
+  url: https://www.zippenhop.com/
 - name: Axel Chong
   date: 2022-09-20
 - name: Andrei Enache

bug-bounty-hof/web.yml

@@ -1,6 +1,42 @@
 names:
+- name: Jake Nicholson
+  date: 2022-12-19
+  url: https://www.linkedin.com/in/dimedaughter/
+- name: redparsec
+  date: 2022-11-28
+  twitter: "@r3dpars3c"
+  url: https://twitter.com/@r3dpars3c
+- name: Leonardo Marinho de Melo Junior
+  date: 2022-11-25
+  url: https://github.com/Leommjr
+- name: Jаmes Kettle
+  date: 2022-11-14
+- name: Chester van den Bogaard
+  date: 2022-11-07
+  url: https://www.linkedin.com/in/chester-van-den-bogaard/
+- name: Aariz Khan
+  date: 2022-11-07
+  url: https://www.linkedin.com/in/aarizkhan
+- name: Fredrik Nordberg Almroth
+  date: 2022-11-07
+- name: Vladyslav Kotko
+  date: 2022-11-02
+- name: 40826d
+  date: 2022-10-31
+- name: daniel_v
+  date: 2022-10-31
+  url: https://danielv.com.br/
+- name: Griffin Francis
+  date: 2022-10-31
+- name: Muhammad Zaid Ghifari
+  date: 2022-10-24
+- name: Manojkumar J
+  date: 2022-10-05
+  url: https://www.linkedin.com/in/manojkumar-j-7ba35b202/
 - name: David Klein
   date: 2022-09-21
+  twitter: "@ncd_leen"
+  url: https://twitter.com/ncd_leen
 - name: Meet Narkhede
   date: 2022-09-20
 - name: Mario E. Mejia
@@ -68,8 +104,7 @@ names:
   date: 2022-05-16
 - name: Ali Syarief
   date: 2022-05-11
-  twitter: "@kang_ali"
-  url: https://twitter.com/@kang_ali
+  url: https://www.linkedin.com/in/mohammad-ali-syarief/
 - name: Brian Carpenter of Geeknik Labs & Farm
   date: 2022-05-10
   twitter: "@geeknik"

foundation_security_advisories/update_hof.py

@@ -75,6 +75,16 @@
 """.replace("\n", "")
 
 credit_entries = {
+    "52eef32d4db6d18d2ef539868933b1ef":"Tim Coen",
+    "0078828862f4973eece40d1be8510a0b":"Jayateertha Guruprasad",
+    "918c93c03389817a230ce0b462634fde":"Manojkumar J",
+    "0d2e405bda8a025f471b28904acaa766":"April King",
+    "8c69a76d853e3002e457c95aab599317":"scarlet",
+    "042ce73faaaaf8862e36f31eedee3fb3":"Willy R. Vasquez (wrv)",
+    "69e181768b9fc29f3ab0e7c668ce89ad":"Sam Ezeh",
+    "8222a267aa38fb97e9e1535d05383445":"daniel_v",
+    "f4ff034629bf0d9943a31a5437c3c1fe":"Chester van den Bogaard",
+    "875bd7d8b1b73f362dfaaf486bcae23e":"40826d",
     "028ff665214190ae419f0febbdff465f" : "James Grant",
     "047a2ade7fdc3c6d84d5dbea228fe71e" : "Julien Maladrie",
     "05c9059021985684d94c2631e62b9d12" : "Zhang Hanming from 360 Vulcan team",
@@ -366,8 +376,10 @@
     "fdfe2689e2668dcfe620ac81a741fde8" : "Harsh Banshpal",
     "fe7f319c61c0b44d4cb751afda4f4aeb" : "Gaurav Popalghat",
     "fea05bd1b815660051bf5d090eb4e522" : "Aral Yaman",
+    "2e1575d6141ca69287e4f55ef6fec159" : "Jake Nicholson",
 }
 twitter_entries = {
+    "0078828862f4973eece40d1be8510a0b":"JayateerthaG",
     "061748177265860816977bb65cc0147a" : "@tomorrowisnew",
     "0c7f4b38ad0b504cfc48042e14564cc8" : "@pdjstone",
     "0cdb9b89f615c444f832e56c844e9e75" : "@ally_o_malley",
@@ -417,7 +429,6 @@
     "af5f683612b2560ceeb75586a09f8525" : "@ar_arv1nd",
     "b1a7c3c63dd184cfac07998a22977ccc" : "@hm_harshit",
     "b1bce803655916f8687d2da2787a17c6" : "@clavoillotte",
-    "b295cad81920d9da67e35a981b6cb146" : "@kang_ali",
     "b5e1a616809a7f78f4b1709fa2cae1ac" : "@stevenmcrane ",
     "b6b492ddfce021c3a9cfe5b12b6c87c4" : "@Pwnrin",
     "cb595bf0c104ec202ec824f464a2893f" : "https://www.linkedin.com/in/mehboob-shaikh-7791a3169",
@@ -444,6 +455,12 @@
     "fe7f319c61c0b44d4cb751afda4f4aeb" : "@Gaurav_00000",
 }
 url_entries = {
+    "2e1575d6141ca69287e4f55ef6fec159" : "https://www.linkedin.com/in/dimedaughter/",
+    "b295cad81920d9da67e35a981b6cb146" : "https://www.linkedin.com/in/mohammad-ali-syarief/",
+    "918c93c03389817a230ce0b462634fde":"https://www.linkedin.com/in/manojkumar-j-7ba35b202/",
+    "0d2e405bda8a025f471b28904acaa766":"https://grayduck.mn",
+    "8222a267aa38fb97e9e1535d05383445":"https://danielv.com.br/",
+    "f4ff034629bf0d9943a31a5437c3c1fe":"https://www.linkedin.com/in/chester-van-den-bogaard/",
     "0a01a5e6c30ea6e71f5ce82750529c8c" : "https://garethheyes.co.uk/",
     "0f14322cc49704ac5551ffe5835abd69" : "https://www.wayanadweb.com",
     "1248a90a05c7e3a46b97e6aceeb557ce" : "https://skylined.nl",
@@ -571,6 +588,9 @@ def is_client_bug(bug):
             # this is an edge case we should validate and improve
             raise Exception("Classification: '{0}' Product: '{1}' Component: '{2}' is not considered a client bug, please confirm.".format(bug['classification'], bug['product'], bug['component']))
 
+    if bug['product'] == 'Firefox' and bug['component'] in ["Firefox Monitor"]:
+        return False
+
     return bug['product'] in client_products
 
 # Set up the requests retry/backoff strategy