oss-sec mailing list archives

Previous By Date Next
Previous By Thread Next

Re: MITRE is adding data intake to its CVE ID process

From: John Haxby <john.haxby () oracle com>
Date: Fri, 10 Feb 2017 16:09:12 +0000
On 10/02/17 15:40, Priedhorsky, Reid wrote:

To more efficiently assign and publish CVE IDs and to enable
automation and data sharing within CVE operations, MITRE is changing
the way it accepts CVE ID requests on the oss-security mailing list.
Starting today, please direct CVE ID requests to this web form
<https://cveform.mitre.org/>

I’ve been using the CVE requests on oss-security to maintain a reasonably comprehensive and timely list of 
vulnerabilities for specific products. It’s not clear to me how to do this when CVE requests happen offline in a web 
form.

Has this use case been considered? Is there an alternate way to accomplish my goal?


I'm glad someone else mentioned this -- I've been wondering too.

What would be nice is if the web form forwarded the request and CVE-ID
(suitably formatted) to oss-security or a similar list.

jch
Previous By Date Next
Previous By Thread Next

Current thread: