oss-sec mailing list archives
Re: CVE Requests
From: "Adam D. Barratt" <adam () adam-barratt org uk>
Date: Fri, 16 Mar 2012 15:54:22 +0000
On 16.03.2012 10:26, Andreas Ericsson wrote:
Those mails are all exemplary requests for CVE id's, ofcourse, but thefact that they are all already fixed and released means that 100% of the work is already done. At that point, assigning a CVE id is mostly useless and is done as a "just for the record" thing.
Whether you consider it useless or not, those are the CVE assignments that will happen on the list, aiui.
http://oss-security.openwall.org/wiki/mailing-lists/oss-security specifically says: "Public security issues only please. What you say here is public for the world to see - keep that in mind. Embargoed information is best disclosed to vendor-sec" (which should be updated to point at somewhere that actually exists).
Regards, Adam
Current thread:
- Re: CVE Requests, (continued)
- Re: CVE Requests Mark Stanislav (Mar 15)
- Re: CVE Requests Kurt Seifried (Mar 15)
- Re: CVE Requests Mark Stanislav (Mar 15)
- Re: CVE Requests Kurt Seifried (Mar 15)
- Re: CVE Requests Mark Stanislav (Mar 15)
- Re: CVE Requests Solar Designer (Mar 16)
- Re: CVE Requests Kurt Seifried (Mar 16)
- Re: CVE Requests Mark Stanislav (Mar 16)
- Re: CVE Requests Kurt Seifried (Mar 16)
- Re: CVE Requests Mark Stanislav (Mar 15)
- Re: CVE Requests Andreas Ericsson (Mar 16)
- Re: CVE Requests Adam D. Barratt (Mar 16)
- Re: CVE Requests Mark Stanislav (Mar 16)
- Re: CVE Requests Tim Brown (Mar 16)
- Re: CVE Requests Mark Stanislav (Mar 16)
- Re: CVE Requests Kurt Seifried (Mar 16)
- Re: CVE Requests Tim Brown (Mar 16)
- Re: CVE Requests Eugene Teo (Mar 18)
- Re: CVE Requests Kurt Seifried (Mar 16)
- Re: CVE Requests Andreas Ericsson (Mar 19)