oss-sec mailing list archives
Re: Numerous unconfirmed FOSS CVEs disclosed on FD mailing list
From: Christian Brabandt <cb () 256bit org>
Date: Thu, 1 Feb 2024 11:36:57 +0100
On Do, 01 Feb 2024, Matthew Fernandez wrote:
Please *DO* contest CVE issued for non-security bugs. It helps discourage this kind of bad behaviour if their CVEs get removed. May also help CNA to identify repeat offenders for closer inspection of reports.
I was planning to do this for Vim. However the relevant CVE-2023-45921 has already been classified as rejected without me doing anything yet. And interestingly, as soon as the CVE was public, it generated some attention and users have directly asked questions when we will fix it. Best, Christian -- Was man nicht in den Beinen hat, muß man im Kopf haben.
Current thread:
- Numerous unconfirmed FOSS CVEs disclosed on FD mailing list Alan Coopersmith (Jan 26)
- Re: Numerous unconfirmed FOSS CVEs disclosed on FD mailing list Matthew Fernandez (Jan 26)
- Re: Numerous unconfirmed FOSS CVEs disclosed on FD mailing list Christian Brabandt (Jan 28)
- Re: Numerous unconfirmed FOSS CVEs disclosed on FD mailing list Amos Jeffries (Feb 01)
- Re: Numerous unconfirmed FOSS CVEs disclosed on FD mailing list Matthew Fernandez (Feb 01)
- Re: Numerous unconfirmed FOSS CVEs disclosed on FD mailing list Christian Brabandt (Feb 01)
- Re: Numerous unconfirmed FOSS CVEs disclosed on FD mailing list Matthew Fernandez (Jan 26)