Date: Tue, 18 Jan 2011 16:53:51 +0000 From: Tim Brown <timb@...-dimension.org.uk> To: oss-security@...ts.openwall.com Cc: Michael Gilbert <michael.s.gilbert@...il.com> Subject: Re: CVE request On Tuesday 18 January 2011 16:40:42 Michael Gilbert wrote: > On Tue, 18 Jan 2011 12:22:05 +0000, Tim Brown wrote: > > Guys, > > > > What's the best way for an open source project to request a CVE prior to > > disclosure? I'm more that happy to coordinate the disclosure with > > distributions where appropriate if that makes a difference. > > You're looking for vendor-sec: > http://oss-security.openwall.org/wiki/mailing-lists/vendor-sec That's a closed list though isn't it? If anyone wants to sponsor me on to it, I'm willing to put my OpenVAS hat on and jump through the necessary hoops :) Tim -- Tim Brown <mailto:timb@...-dimension.org.uk> <http://www.nth-dimension.org.uk/> Download attachment "signature.asc " of type "application/pgp-signature" (837 bytes)
Powered by blists - more mailing lists
Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.
Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.