Date: Mon, 05 Mar 2012 07:03:54 +0100 From: Florian Weimer <fw@...eb.enyo.de> To: Kurt Seifried <kseifried@...hat.com> Cc: oss-security@...ts.openwall.com, Moritz Mühlenhoff <jmm@...til.org>, Debian Security Team <security@...ian.org> Subject: Re: CVE request: notmuch * Kurt Seifried: > Potentially stupid Q, why no CVE request from Debian? I'm happy to > assign them, especially for stuff that qualifies for a DSA, it will > almost certainly qualify for a CVE. Based on our current agreement with MITRE, we can only assign names to issues which are not yet public. The fix for this notmuch issue was already released (and labeled as a potential security issue) when we were contacted.
Powered by blists - more mailing lists
Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.
Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.