oss-sec mailing list archives
Re: CVE request
From: Michael Gilbert <michael.s.gilbert () gmail com>
Date: Tue, 18 Jan 2011 12:21:09 -0500
On Tue, 18 Jan 2011 16:53:51 +0000, Tim Brown wrote:
On Tuesday 18 January 2011 16:40:42 Michael Gilbert wrote:On Tue, 18 Jan 2011 12:22:05 +0000, Tim Brown wrote:Guys, What's the best way for an open source project to request a CVE prior to disclosure? I'm more that happy to coordinate the disclosure with distributions where appropriate if that makes a difference.You're looking for vendor-sec: http://oss-security.openwall.org/wiki/mailing-lists/vendor-secThat's a closed list though isn't it? If anyone wants to sponsor me on to it, I'm willing to put my OpenVAS hat on and jump through the necessary hoops :)
There are some notes at the bottom of the above page that describe what to do if you are not a vendor-sec member. Best wishes, Mike
Current thread:
- CVE request Tim Brown (Jan 18)
- Re: CVE request Michael Gilbert (Jan 18)
- Re: CVE request Tim Brown (Jan 18)
- Re: CVE request Michael Gilbert (Jan 18)
- Re: CVE request Josh Bressers (Jan 18)
- Re: CVE request Tim Brown (Jan 18)
- <Possible follow-ups>
- CVE Request Kurt Seifried (Feb 22)
- Re: CVE Request Eugene Teo (Feb 22)
- Re: CVE request Michael Gilbert (Jan 18)