Request regarding posts to the lists

[security curmudgeon <jericho () attrition org>]

This mail list deals with vulnerabilities in several hundred pieces of 
software any given month. Please remember that many subscribers to this 
list are not part of your project or company. As such, please clearly 
identify the product in the subject line.

Just including a sub-component or vulnerable functions and/or a CVE does 
not tell us what software the mail is about. This has gotten out of hand 
and in at least one case in the past few days, the entire mail never 
clearly stated the software that was vulnerable. Sure, most of us know the 
poster and it followed other advisories, but to newcomers or anyone 
reaching that post via a Google search it is not very friendly.

Thanks,

jericho / OSVDB.org