I want to offer a bounty for a particular bug! Where can I do that?
Bug bounties for Asterisk may be posted on the Asterisk Development mailing list at http://lists.digium.com/mailman/listinfo/asterisk-dev
Minimum offer: $500
Bounty offers may be made for both new features and bug fixes.
The lower limit of $500 is to discourage pointless offers. "I'll offer $20 for 50 hours of work on this super complex bug!"
It would be helpful if those posting a bounty add "[BOUNTY]" to the subject line of the post, thus allowing subscribers to the list to filter.
What is a bug bounty?
It is the case that some corporate users of Asterisk will pay you hard cash for your work on developing patches and bug fixes. Often, there are reasons that a firm can't or won't fix/patch Asterisk internally, and wants to outsource that work to the larger Asterisk community. The Asterisk community wins whenever a bounty bug is resolved because everyone benefits from that work. The company sponsoring the bounty wins, because their specific problem is fixed. And, of course, the programmer wins because they're paid.
But what about ... ?
If the author has signed a contributor license agreement, and the patch is in the bugtracker, it's considered fair game to be included in the version of Asterisk that Digium maintains. These patches follow the same licensing rules as everything else for Asterisk that is submitted to the bugtracker:
If there are multiple resolutions to a bounty, it is the sponsor's sole discretion to award the payment or not. All bug reports that are bounty oriented will be public and GPL, and we will actively discourage/delete non-GPL arrangements that are based on bug reports in the open-community bugtracker (i.e.: you will incur the wrath of the bug marshal posse.)
This was discussed on the dev list in Jan 2013: http://lists.digium.com/pipermail/asterisk-dev/2013-January/058351.html