oss-sec mailing list archives

Re: Concerns about CVE coverage shrinking - direct impact to researchers/companies

From: Kurt Seifried <kseifried () redhat com>
Date: Wed, 9 Mar 2016 12:06:26 -0700

On Wed, Mar 9, 2016 at 12:04 PM, David A. Wheeler <dwheeler () dwheeler com>
wrote:

All - I've chatted with some of the people who fund the CVE work at MITRE.
I've learned that CVEs *are* being issued, but obviously that is happening
too slowly.

They're having a meeting tomorrow (March 10) to try to figure out what
the problems are and how to fix it.  I don't know what they'll do.
However, I'm hopeful that  this will mean that the CVE work will get
back on track soon.

--- David A. Wheeler


This is literally the first I'm hearing of this, will any board members be
present?


-- 

--
Kurt Seifried -- Red Hat -- Product Security -- Cloud
PGP A90B F995 7350 148F 66BF 7554 160D 4553 5E26 7993
Red Hat Product Security contact: secalert () redhat com

Current thread:

Re: Concerns about CVE coverage shrinking - direct impact to researchers/companies, (continued)
- - - Re: Concerns about CVE coverage shrinking - direct impact to researchers/companies Solar Designer (Mar 06)
    - Re: Concerns about CVE coverage shrinking - direct impact to researchers/companies op7ic \x00 (Mar 06)
    - Re: Concerns about CVE coverage shrinking - direct impact to researchers/companies Solar Designer (Mar 06)
    - Re: Concerns about CVE coverage shrinking - direct impact to researchers/companies Robert Paprocki (Mar 06)
    - Re: Concerns about CVE coverage shrinking - direct impact to researchers/companies Gsunde Orangen (Mar 06)
    - Re: Concerns about CVE coverage shrinking - direct impact to researchers/companies Amos Jeffries (Mar 06)
    - RE: [security-vendor] Re: [oss-security] Concerns about CVE coverage shrinking - direct impact to researchers/companies Radzykewycz, T (Radzy) (Mar 07)
    - Re: Concerns about CVE coverage shrinking - direct impact to researchers/companies Tim Brown (Mar 09)
    - Re: Concerns about CVE coverage shrinking - direct impact to researchers/companies Kurt Seifried (Mar 09)
    - Re: Concerns about CVE coverage shrinking - direct impact to researchers/companies David A. Wheeler (Mar 09)
    - Re: Concerns about CVE coverage shrinking - direct impact to researchers/companies Kurt Seifried (Mar 09)
    - RE: Concerns about CVE coverage shrinking - direct impact to researchers/companies Boyle, Stephen V. (Mar 09)
    - RE: Concerns about CVE coverage shrinking - direct impact to researchers/companies John Scott (Mar 10)
    - Re: Concerns about CVE coverage shrinking - direct impact to researchers/companies Reed Loden (Mar 09)
    - Re: Concerns about CVE coverage shrinking - direct impact to researchers/companies Timothy D. Morgan (Mar 09)
    - Re: Concerns about CVE coverage shrinking - direct impact to researchers/companies Kurt Seifried (Mar 09)
    - Re: Concerns about CVE coverage shrinking - direct impact to researchers/companies Timothy D. Morgan (Mar 10)
    - Re: Concerns about CVE coverage shrinking - direct impact to researchers/companies Kurt Seifried (Mar 10)
    - Re: Concerns about CVE coverage shrinking - direct impact to researchers/companies Tim (Mar 10)
    - Re: Concerns about CVE coverage shrinking - direct impact to researchers/companies Zach W. (Mar 10)
    - Re: Concerns about CVE coverage shrinking - direct impact to researchers/companies Kurt Seifried (Mar 10)

(Thread continues...)