Date: Sun, 6 Mar 2016 12:58:46 +0530 From: Rahul Pratap Singh <techno.rps@...il.com> To: oss-security@...ts.openwall.com Subject: Re: Concerns about CVE coverage shrinking - direct impact to researchers/companies I am also sailing on the same boat. Thanks for raising this question. I reported multiple advisories to oss-sec and cve-assign. Never got even a single reply. Even, I saw, CVE-ID was assigned to same product for similar vulnerability few years back. Now, I eschew requesting CVE. Regards, Rahul Pratap Singh On Sun, Mar 6, 2016 at 11:57 AM, <gremlin@...mlin.ru> wrote: > On 2016-03-05 20:20:39 +0300, Solar Designer wrote: > > >> I think it's been said on this list previously -- these are > >> two separate activities: > >> 1. Assigning IDs > > > Problem solved: > > http://www.openwall.com/ove > > Hmmm... sorry to say, but I've garbaged 21 IDs by simply visiting > this page and reloading it twice just to see what would happen :-) > > So I'd suggest adding a BRB (Big Red Button) for those who actually > need an ID, and displaying some statistics ("1234 IDs were assigned > today") for everyone else. > > Style suggestion: > > [form action='.' method='post'] > [input style='background:red;color:white;padding:16px;font-size:32px' > name='request' value='GET ID' type='submit'] > [/form] > > Looks nice for me. > > >> 2. Analysis, deconfliction, write-up > > Having IDs is of some use even without or before all of that. > > Yes. So prepare for the above link to become really popular. > > > -- > Alexey V. Vissarionov aka Gremlin from Kremlin > GPG: 8832FE9FA791F7968AC96E4E909DAC45EF3B1FA8 >
Powered by blists - more mailing lists
Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.
Powered by Openwall GNU/*/Linux - Powered by OpenVZ