oss-sec mailing list archives
Re: CVE Requests
From: Kurt Seifried <kseifried () redhat com>
Date: Fri, 16 Mar 2012 13:38:46 -0600
On 03/16/2012 12:30 PM, Mark Stanislav wrote:
Is "VS@" supposed to be vendor-sec; the defunct list? Or is there another list I am not aware of? If so, can you please give me the *full* address? Thanks.
Sorry it is: http://oss-security.openwall.org/wiki/mailing-lists/distros
I'd say you may want to coordinate that documentation with Steve Christy as the nine times he allocated CVEs for me directly, this sort of conversation never came up. I can understand frustration on your part that people may not be educated, but realize that if CNAs handle this process differently, it may not be a matter of education on how 'the system works' but rather consistency within the entire process, agnostic of whom is allocating a CVE.
We're working on it.
I again, do appreciate your time but I suppose I'll just wait for Steve or whomever is manning cve@mitre to contact me back.
I'm simply loathe to assign CVE's for which I get no details from a third party especially when they have sent requests in to Mitre already. How do I know if Mitre has or has not assigned a CVE yet? We basically end up with a race condition (and duplicates).
Best, -Mark
-- Kurt Seifried Red Hat Security Response Team (SRT)
Current thread:
- CVE Requests Mark Stanislav (Mar 15)
- Re: CVE Requests Kurt Seifried (Mar 15)
- Re: CVE Requests Mark Stanislav (Mar 15)
- Re: CVE Requests Kurt Seifried (Mar 15)
- Re: CVE Requests Mark Stanislav (Mar 15)
- Re: CVE Requests Kurt Seifried (Mar 15)
- Re: CVE Requests Mark Stanislav (Mar 15)
- Re: CVE Requests Solar Designer (Mar 16)
- Re: CVE Requests Kurt Seifried (Mar 16)
- Re: CVE Requests Mark Stanislav (Mar 16)
- Re: CVE Requests Kurt Seifried (Mar 16)
- Re: CVE Requests Mark Stanislav (Mar 15)
- Re: CVE Requests Kurt Seifried (Mar 15)
- Re: CVE Requests Andreas Ericsson (Mar 16)
- Re: CVE Requests Adam D. Barratt (Mar 16)
- Re: CVE Requests Mark Stanislav (Mar 16)
- Re: CVE Requests Tim Brown (Mar 16)
- Re: CVE Requests Mark Stanislav (Mar 16)
- Re: CVE Requests Kurt Seifried (Mar 16)
- Re: CVE Requests Tim Brown (Mar 16)
- Re: CVE Requests Eugene Teo (Mar 18)
- Re: CVE Requests Kurt Seifried (Mar 16)
- Re: CVE Requests Andreas Ericsson (Mar 19)