Date: Thu, 18 Jul 2013 10:20:26 +0000 (UTC) From: mancha <mancha1@...h.com> To: oss-security@...ts.openwall.com Subject: Re: CVE Request - xlockmore 5.43 fixes a security flaw Kurt Seifried <kseifried@...> writes: > I request some details, others like Drupal have security advisories that > are sufficiently detailed that i can assign based on them alone, so > until a CVE requester proves that they know what they are doing, > reliably, I'm going to need details to make sure the CVE assignment is > done correctly. Part of the issue is scale, I do 1000+ CVE assignments > a year, so if they start taking more then 5-10 minutes I won't have > time to do anything else (like my day job, or sleep). Thank you for taking the time to provide such a detailed response. What you say makes complete sense and helps me (and I assume list onlookers) get a better feel for the process. Best, --mancha
Powered by blists - more mailing lists
Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.
Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.