Openwall GNU/*/Linux - a small security-enhanced Linux distro for servers
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Date: Mon, 22 May 2017 16:44:08 -0700
From: Kurt H Maier <>
Subject: Re: How to request a CVE for open source projects

On Mon, May 22, 2017 at 03:13:42PM -0600, Kurt Seifried wrote:
> Well actually they can. Why do you think we (DWF) have an extensible Json format with the data hosted in git? Hint: so people can contribute.

Is it the opaque Google Docs form that fosters contribution, or the
gatekept pull-request process requiring a Github account that fosters

At what point in the DWF process is third-party input expected to occur?
The matter is not addressed in the documentation repository.  Feel free 
to mail me offlist if the answers would induce excessive cognitive 


Powered by blists - more mailing lists

Your e-mail address:

Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.

Powered by Openwall GNU/*/Linux - Powered by OpenVZ