oss-sec mailing list archives

Re: CVE REJECTS


From: Solar Designer <solar () openwall com>
Date: Sun, 22 Dec 2013 14:42:47 +0400

Kurt, all -

On Wed, Dec 18, 2013 at 11:29:23PM -0700, Kurt Seifried wrote:
CVE-2013-4403 - turns out CVE-2013-4404 covered the issue, no need for
4403.

CVE-2013-4418 - turns out to be security hardening, not a security
flaw, just like CVE-2013-4417

While I greatly appreciate your work on CVE assignments, I'd appreciate
it if you and others include at least project names and preferably also
vulnerability types and/or brief descriptions along with CVE IDs in
postings such as the above.  That would make them a lot more useful to
those of us who are not focused on CVE as much, but may nevertheless be
interested in findings about the actual security issues.  We're unlikely
to go and look up each CVE ID mentioned without detail just in case it's
relevant to our projects.

Thanks,

Alexander


Current thread: