Date: Wed, 19 Jul 2017 15:59:00 +0300 From: Henri Salo <henri@...v.fi> To: Matthew Daley <mattd@...fuzz.com> Cc: Kurt Seifried <kurt@...fried.org>, oss-security@...ts.openwall.com Subject: Re: ATutor CVE-2017-1000002, CVE-2017-1000003, CVE-2017-1000004 On Wed, Jul 19, 2017 at 11:37:28PM +1200, Matthew Daley wrote: > On 17 July 2017 at 00:01, Henri Salo <henri@...v.fi> wrote: > > Is this assigment somehow related to this oss-security post? > > http://www.openwall.com/lists/oss-security/2016/07/01/3 > > Yes. Thanks for your reply and clearing this up. One of the points in my email was that this is not documented in the DWF item well enough. There is description_data with value, but no referer to oss-security, which should also use those issue numbers. Should the assigner or requester post this information to oss-security aswell or is the point that DWF is followed via GitHub with custom scripts? If someone makes a pull request to the item is the information populated to MITRE and NVD databases and how often? -- Henri Salo
Powered by blists - more mailing lists
Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.
Powered by Openwall GNU/*/Linux - Powered by OpenVZ