oss-sec mailing list archives

Re: accepting new members to (linux-)distros lists

From: Salvatore Bonaccorso <carnil () debian org>
Date: Sat, 8 Jul 2017 16:11:25 +0200

Hi

On Wed, Jun 28, 2017 at 10:02:40PM +0200, Solar Designer wrote:

6. If CVE IDs are requested, the report is valid, and you're a CNA,
assign those (requesting any required information from the reporter
first)

7. If the report does not mention CVE IDs (neither requests nor provides
them, and doesn't mention the reporter having requested them elsewhere),
yet the report is valid and it looks like distros will need CVE IDs, and
you're a CNA, ask the reporter whether they have already requested CVE
IDs elsewhere, then assign those if they haven't been requested
elsewhere


Speaking for Debian: Debian beeing a CNA can *help* monitoring those
explicitly and assign where needed CVEs from the assigned pool.

We are already as well contributing to other tasks, and will continue
to do so as time permits.

Regards,
Salvatore

Current thread:

Re: accepting new members to (linux-)distros lists, (continued)
- - - Re: accepting new members to (linux-)distros lists John Haxby (Jul 03)
    - Re: accepting new members to (linux-)distros lists John Haxby (Jul 25)
    - Re: accepting new members to (linux-)distros lists Henri Salo (Jul 25)
    - Re: accepting new members to (linux-)distros lists John Haxby (Jul 25)
    - Re: accepting new members to (linux-)distros lists Solar Designer (Jul 25)
    - Re: accepting new members to (linux-)distros lists John Haxby (Jul 25)
- Re: accepting new members to (linux-)distros lists Kristian Fiskerstrand (Jul 06)
  - Re: accepting new members to (linux-)distros lists kseifried () redhat com (Jul 06)
    - Re: accepting new members to (linux-)distros lists Solar Designer (Jul 06)
  - Re: accepting new members to (linux-)distros lists Solar Designer (Jul 06)
- Re: accepting new members to (linux-)distros lists Salvatore Bonaccorso (Jul 08)
  - Re: accepting new members to (linux-)distros lists Solar Designer (Jul 14)
    - Re: accepting new members to (linux-)distros lists Anthony Liguori (Jul 14)
    - Re: accepting new members to (linux-)distros lists Solar Designer (Jul 14)
    - Re: accepting new members to (linux-)distros lists kseifried () redhat com (Jul 14)
    - Re: accepting new members to (linux-)distros lists Solar Designer (Jul 14)
    - Re: accepting new members to (linux-)distros lists Kristian Fiskerstrand (Jul 14)
    - Re: accepting new members to (linux-)distros lists Solar Designer (Jul 14)
    - Re: accepting new members to (linux-)distros lists Kurt Seifried (Jul 14)
    - Re: accepting new members to (linux-)distros lists Solar Designer (Jul 14)
    - Re: accepting new members to (linux-)distros lists Kurt Seifried (Jul 14)

(Thread continues...)