Date: Tue, 15 Oct 2013 19:47:10 -0400 (EDT) From: cve-assign@...re.org To: kseifried@...hat.com Cc: cve-assign@...re.org, oss-security@...ts.openwall.com, leon@...nweber.de Subject: Re: CVE request: pyxtrlock -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 >Honestly I don't know what the rule is, 10? 100? 1000? 10000? 65536? At least at the moment, those numbers seem very high. From our perspective, the minimum required number of users is approximately 2. The closed issues page is sufficient: https://github.com/leonnnn/pyxtrlock/issues?page=1&state=closed Situations in which MITRE has previously declined a CVE are much more marginal; for example: - some cases of code that wasn't packaged in any way, and not even necessarily intended for use as-is, e.g., something similar to example code posted as a stackoverflow.com answer - people a few years ago who were creating fake products that didn't have any reasonable purpose, and then asking for CVEs in order to have inbound links to their "vendor" web site - -- CVE assignment team, MITRE CVE Numbering Authority M/S M300 202 Burlington Road, Bedford, MA 01730 USA [ PGP key available through http://cve.mitre.org/cve/request_id.html ] -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.14 (SunOS) iQEcBAEBAgAGBQJSXdL8AAoJEKllVAevmvmsjgAIAJRyzNohFgeSEeXbq7Z820z3 w2/ETthc8eO8kyk4yVZQaHWjHn90gI94m0DzAkBXPRY6b0GQMKOM75HXs6Yjx7Tj H9kh/+1Y1hm2v+8ANmOcWc6NlNFdnOJu2Ecfb//zQllKPp3XJsYAUVyKC+HjvTfr bomJuPM036uDhR+OZgswn6ZkGebLMbefjqq3b4guSHAWOoEw1D46rqHJspgM561a Tn8Bockj2cpbEIbWOrEFuSXfUx2mDXiFpnuAhLpcUpZDSE4DT73OzPH4XSB7GvC/ 1DaKDIH1eCYlGadGInBFdO2xNZMeztoRPswtsLmjJRgDR317S1iTmrGw8fZ1gRU= =WGDz -----END PGP SIGNATURE-----
Powered by blists - more mailing lists
Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.
Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.