Openwall GNU/*/Linux - a small security-enhanced Linux distro for servers
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Date: Sun, 6 Mar 2016 12:58:46 +0530
From: Rahul Pratap Singh <techno.rps@...il.com>
To: oss-security@...ts.openwall.com
Subject: Re: Concerns about CVE coverage shrinking - direct
 impact to researchers/companies

I am also sailing on the same boat. Thanks for raising this question. I
reported multiple advisories to oss-sec and cve-assign. Never got even a
single reply. Even, I saw, CVE-ID was assigned to same product for similar
vulnerability few years back. Now, I eschew requesting CVE.


Regards,
Rahul Pratap Singh

On Sun, Mar 6, 2016 at 11:57 AM, <gremlin@...mlin.ru> wrote:

> On 2016-03-05 20:20:39 +0300, Solar Designer wrote:
>
>  >> I think it's been said on this list previously -- these are
>  >> two separate activities:
>  >> 1. Assigning IDs
>
>  > Problem solved:
>  > http://www.openwall.com/ove
>
> Hmmm... sorry to say, but I've garbaged 21 IDs by simply visiting
> this page and reloading it twice just to see what would happen :-)
>
> So I'd suggest adding a BRB (Big Red Button) for those who actually
> need an ID, and displaying some statistics ("1234 IDs were assigned
> today") for everyone else.
>
> Style suggestion:
>
> [form action='.' method='post']
> [input style='background:red;color:white;padding:16px;font-size:32px'
> name='request' value='GET ID' type='submit']
> [/form]
>
> Looks nice for me.
>
>  >> 2. Analysis, deconfliction, write-up
>  > Having IDs is of some use even without or before all of that.
>
> Yes. So prepare for the above link to become really popular.
>
>
> --
> Alexey V. Vissarionov aka Gremlin from Kremlin
> GPG: 8832FE9FA791F7968AC96E4E909DAC45EF3B1FA8
>

Powered by blists - more mailing lists

Your e-mail address:

Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.

Powered by Openwall GNU/*/Linux - Powered by OpenVZ