Follow @Openwall on Twitter for new release announcements and other news
[<prev] [next>] [<thread-prev] [day] [month] [year] [list]
Date: Mon, 05 Mar 2012 07:03:54 +0100
From: Florian Weimer <>
To: Kurt Seifried <>
Cc:,  Moritz Mühlenhoff
 <>,  Debian Security Team <>
Subject: Re: CVE request: notmuch

* Kurt Seifried:

> Potentially stupid Q, why no CVE request from Debian? I'm happy to
> assign them, especially for stuff that qualifies for a DSA, it will
> almost certainly qualify for a CVE.

Based on our current agreement with MITRE, we can only assign names to
issues which are not yet public.  The fix for this notmuch issue was
already released (and labeled as a potential security issue) when we
were contacted.

Powered by blists - more mailing lists

Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.

Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.