Openwall GNU/*/Linux - a small security-enhanced Linux distro for servers
[<prev] [next>] [<thread-prev] [day] [month] [year] [list]
Date: Sun, 15 Jun 2014 21:32:54 +0100
From: Richard Moore <>
To: Yves-Alexis Perez <>
Subject: Re: Re: CVE Request for KIO/kmail

On 15 June 2014 19:29, Yves-Alexis Perez <> wrote:

> On dim., 2014-06-15 at 16:55 +0100, Richard Moore wrote:
> > In the past when I've tried to use the cve-assign address it has
> basically
> > been a black hole. Since then I've either asked redhat or one of the
> other
> > OSS vendors for a CVE. I've used the now as a
> > fallback.
> >
> > I'd also note as part of the meta discussion that I'm not going to
> release
> > details of vulnerabilities to a public list  before the fix, and just
> > because someone asks for more details doesn't mean I will provide them.
> May I ask why you're writing to the public oss-sec list instead of the
> private distros one, then?

Yep, that's obviously a mistake on my part. It's the address I had noted
for CVE requests.


Powered by blists - more mailing lists

Your e-mail address:

Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.

Powered by Openwall GNU/*/Linux - Powered by OpenVZ