Openwall GNU/*/Linux - a small security-enhanced Linux distro for servers
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Date: Sun, 15 Jun 2014 20:29:21 +0200
From: Yves-Alexis Perez <corsac@...ian.org>
To: rich@....org
Cc: cve-assign@...re.org, henri@...v.fi, oss-security@...ts.openwall.com
Subject: Re: Re: CVE Request for KIO/kmail

On dim., 2014-06-15 at 16:55 +0100, Richard Moore wrote:
> In the past when I've tried to use the cve-assign address it has basically
> been a black hole. Since then I've either asked redhat or one of the other
> OSS vendors for a CVE. I've used the distros@...openwall.org now as a
> fallback.
> 
> I'd also note as part of the meta discussion that I'm not going to release
> details of vulnerabilities to a public list  before the fix, and just
> because someone asks for more details doesn't mean I will provide them.

May I ask why you're writing to the public oss-sec list instead of the
private distros one, then?
-- 
Yves-Alexis

[ CONTENT OF TYPE application/pgp-signature SKIPPED ]

Powered by blists - more mailing lists

Your e-mail address:

Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.

Powered by Openwall GNU/*/Linux - Powered by OpenVZ