Follow @Openwall on Twitter for new release announcements and other news
[<prev] [next>] [<thread-prev] [day] [month] [year] [list]
Date: Wed, 25 Mar 2015 13:05:32 +0000
From: Jeremy Stanley <>
Subject: Re: CVE request for OpenStack Compute (nova)

On 2015-03-25 03:13:40 -0400 (-0400), wrote:
> Similarly, there's obviously no obligation to send a notification to
> oss-security whenever a potential vulnerability has been evaluated.

Correct, and we don't in those situations. In this case it was
brought to the list by a representative of a Linux distribution
affected by the bug in a release we no longer support upstream,
since they need to implement a fix for it in their product.
Jeremy Stanley

Download attachment "signature.asc" of type "application/pgp-signature" (950 bytes)

Powered by blists - more mailing lists

Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.

Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.