Date: Tue, 9 Jun 2015 13:08:51 -0400 (EDT) From: "Steven M. Christey" <coley@...re.org> To: mancha <mancha1@...o.com> cc: oss-security@...ts.openwall.com, cve-assign@...re.org Subject: Re: MITRE delays persist > Back in mid-March you wrote an email addressing the CVE assignment > delays people had been experiencing.  > > I was relieved when I received your email because I had several > outstanding requests and was wondering why they were being held up. > > Unfortunately, almost 11 weeks has passed since your email and my > pending requests have yet to be addressed. > > Would you please provide an update on the steps MITRE is taking to > become more responsive and provide a hard timeline on clearing of the > existing backlog? > > For example, I have pending requests dating back to mid-February. > > Thank you. > >  http://marc.info/?l=oss-security&m=142679274522902&w=2 Some requests are delayed because of complexity in deciding how vulnerability information can be best represented in CVE. If there is a vulnerability-research category, aspect, or approach that we feel may have unexpected concerns that are specific to CVE, we prefer to resolve that within our team, rather than follow a piecemeal approach to the related individual requests. Accordingly, we do not designate a timeline that applies globally to every request. If anyone needs additional confirmation that a request has indeed been received and read, and that we are aware of it remaining unanswered, sending directly to the cve-assign@...re.org address is the best option. --- CVE Assignment Team, MITRE CVE Numbering Authority
Powered by blists - more mailing lists
Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.
Powered by Openwall GNU/*/Linux - Powered by OpenVZ