mailing list archives
Re: CVE Requests
From: Mark Stanislav <mark.stanislav () gmail com>
Date: Fri, 16 Mar 2012 00:20:37 -0400
None of the details of these issues have been publicly discussed or released as I am trying (without much success) to
allocate a CVE prior to sending out a coordinated advisory including that identifier as I always have done and as the
mitre site indicates to do.
There are no reference links to provide and I am not publicizing details on this list before the developer can be
informed of the CVE.
I'm happy to take this off list as I am sure no one cares about any of this discussion but as I tried to do this
privately initially before being told to email the list instead, I'm hesitant to bother.
Follow-up off list if you like, else I'll just skip this process and release advisories without them.
Thanks for your time,
On Mar 15, 2012, at 11:41 PM, Kurt Seifried <kseifried () redhat com> wrote:
On 03/15/2012 09:00 PM, Mark Stanislav wrote:
On Mar 15, 2012, at 10:47 PM, Kurt Seifried <kseifried () redhat com> wrote:
On 03/15/2012 07:30 PM, Mark Stanislav wrote:
#1,2,3 are all included
? Sorry but I have literally no idea what that means.
You gave be a numbered list of requirements, I was confirming the existence of those first three for each
vulnerability were found with my original email to the list.
I need the actual info, please refer to:
Kurt Seifried Red Hat Security Response Team (SRT)