Openwall Project   /home  Owl  JtR  Pro  crypt  pam_passwdqc  tcb  phpass  scanlogd  popa3d  msulogin  /  Linux  BIND  /  advisories  presentations  /  services  donations  /  wordlists  passwords  /  community  lists  wiki  CVSweb  mirrors  signatures
bringing security into open environments
 
This website is powered by Openwall GNU/*/Linux security-enhanced OS
[<prev] [next>] [<thread-prev] [thread-next>] [month] [year] [list] 
Date: Fri, 28 Mar 2008 00:09:46 +0100
From: Lubomir Kundrak <lkundrak@...hat.com>
To: oss-security@...ts.openwall.com
Subject: Re: using oss-security references in CVE


On Thu, 2008-03-27 at 18:59 -0400, Steven M. Christey wrote:
> All,
> 
> In CVE, we try to provide "provenance" for every detail that makes its way
> into the description.  Issues like rxvt and CenterIM have some details
> that are only publicly documented in oss-security, and I would like to add
> these as references.

I agree. There shouldn't really be things like more public and less
public places to share security-related information.

-- 
Lubomir Kundrak (Red Hat Security Response Team)

Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.

Hosted by DataForce ISP - Powered by Openwall GNU/*/Linux