Date: Wed, 14 Dec 2016 09:44:52 +0100 From: Sona Sarmadi <sona.sarmadi@...a.com> To: <oss-security@...ts.openwall.com> CC: <cve-assign@...re.org> Subject: why many CVEs are ** RESERVED ** on Mitre Hi again, Does anyone know why Mitre lists many CVEs ** RESERVED ** while they are public (e.g. curl CVEs below)? https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8615 https://curl.haxx.se/docs/security.html: CVE-2016-8615 CVE-2016-8616 CVE-2016-8617 CVE-2016-8618 CVE-2016-8619 CVE-2016-8620 CVE-2016-8621 CVE-2016-8622 CVE-2016-8623 CVE-2016-8624 CVE-2016-8625 Shouldn't Mitre follow a process and update the page after CVEs have been made public e.g. by upstream project? Or perhaps there is another reason for these CVEs not to be updated? Best, --------------------------------------- Sona Sarmadi Security Responsible for Enea Linux Download attachment "signature.asc" of type "application/pgp-signature" (474 bytes)
Powered by blists - more mailing lists
Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.
Powered by Openwall GNU/*/Linux - Powered by OpenVZ