oss-sec mailing list archives

RE: MITRE is adding data intake to its CVE ID process

From: "Maier, Kurt H" <kurt.maier () pnnl gov>
Date: Fri, 10 Feb 2017 21:16:28 +0000

-----Original Message-----
From: Seth Arnold [mailto:seth.arnold () canonical com]

While the oss-security list has been the best resource of information for
CVEs for us, part of our CVE ingestion is to download data from NVD and
MITRE directly:


This is a fine supplement to the oss-security list, but it completely
removes the possibility of natural discussion of CVEs by members
of the list.  Valuable insights might never surface unless every list 
member manually monitors the database and decides to send a 
message regarding a given database entry.

In short, it removes the best avenue toward the collaboration upon
which all OSS development is based in the first place.  I don't mind
if MITRE requires submitters to use their web stuff, but messages
generated by that tool should also appear on this list, or something
very valuable will be lost.

khm

Current thread:

Re: MITRE is adding data intake to its CVE ID process, (continued)
- - Re: MITRE is adding data intake to its CVE ID process John Haxby (Feb 10)
    - Re: MITRE is adding data intake to its CVE ID process Stiepan (Feb 10)
    - Re: MITRE is adding data intake to its CVE ID process Simon McVittie (Feb 10)
    - Re: MITRE is adding data intake to its CVE ID process Pierre Schweitzer (Feb 10)
    - Re: MITRE is adding data intake to its CVE ID process Moritz Muehlenhoff (Feb 11)
    - Re: MITRE is adding data intake to its CVE ID process Bob Friesenhahn (Feb 11)
  - RE: MITRE is adding data intake to its CVE ID process Maier, Kurt H (Feb 10)
    - RE: MITRE is adding data intake to its CVE ID process Ben Tasker (Feb 10)
    - Re: MITRE is adding data intake to its CVE ID process Mike Gerwitz (Feb 10)
  - Re: MITRE is adding data intake to its CVE ID process Seth Arnold (Feb 10)
    - RE: MITRE is adding data intake to its CVE ID process Maier, Kurt H (Feb 10)
    - Re: MITRE is adding data intake to its CVE ID process Tim (Feb 10)
    - Re: MITRE is adding data intake to its CVE ID process Kurt Seifried (Feb 10)
    - RE: MITRE is adding data intake to its CVE ID process Williams, Ken (Feb 10)
    - Re: MITRE is adding data intake to its CVE ID process Mats Wichmann (Feb 10)
    - Re: MITRE is adding data intake to its CVE ID process Tim (Feb 10)
    - Re: MITRE is adding data intake to its CVE ID process Adam Caudill (Feb 10)
    - Re: MITRE is adding data intake to its CVE ID process Tim (Feb 10)
    - Re: MITRE is adding data intake to its CVE ID process Guido Berhoerster (Feb 10)
- Re: MITRE is adding data intake to its CVE ID process cve-assign (Feb 10)
  - Re: MITRE is adding data intake to its CVE ID process Solar Designer (Feb 11)

(Thread continues...)