Home page logo

oss-sec logo oss-sec mailing list archives

Re: CVE Requests
From: "Adam D. Barratt" <adam () adam-barratt org uk>
Date: Fri, 16 Mar 2012 15:54:22 +0000

On 16.03.2012 10:26, Andreas Ericsson wrote:
Those mails are all exemplary requests for CVE id's, ofcourse, but the
fact that they are all already fixed and released means that 100% of
the work is already done. At that point, assigning a CVE id is mostly
useless and is done as a "just for the record" thing.

Whether you consider it useless or not, those are the CVE assignments that will happen on the list, aiui.

http://oss-security.openwall.org/wiki/mailing-lists/oss-security specifically says: "Public security issues only please. What you say here is public for the world to see - keep that in mind. Embargoed information is best disclosed to vendor-sec" (which should be updated to point at somewhere that actually exists).



  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]