Openwall GNU/*/Linux - a small security-enhanced Linux distro for servers
[<prev] [next>] [thread-next>] [day] [month] [year] [list]
Date: Wed, 14 Dec 2016 09:44:52 +0100
From: Sona Sarmadi <sona.sarmadi@...a.com>
To: <oss-security@...ts.openwall.com>
CC: <cve-assign@...re.org>
Subject: why many CVEs are ** RESERVED ** on Mitre

Hi again,

Does anyone know why Mitre lists many CVEs ** RESERVED ** while they are
public (e.g. curl CVEs below)?

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8615

https://curl.haxx.se/docs/security.html:

CVE-2016-8615
CVE-2016-8616
CVE-2016-8617
CVE-2016-8618
CVE-2016-8619
CVE-2016-8620
CVE-2016-8621
CVE-2016-8622
CVE-2016-8623
CVE-2016-8624
CVE-2016-8625

Shouldn't Mitre follow a process and update the page after CVEs have
been made public e.g. by upstream project? Or perhaps there is another
reason for these CVEs not to be updated?

Best,
---------------------------------------
Sona Sarmadi
Security Responsible for Enea Linux



[ CONTENT OF TYPE application/pgp-signature SKIPPED ]

Powered by blists - more mailing lists

Your e-mail address:

Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.

Powered by Openwall GNU/*/Linux - Powered by OpenVZ