Date: Wed, 14 Dec 2016 09:44:52 +0100 From: Sona Sarmadi <sona.sarmadi@...a.com> To: <oss-security@...ts.openwall.com> CC: <cve-assign@...re.org> Subject: why many CVEs are ** RESERVED ** on Mitre Hi again, Does anyone know why Mitre lists many CVEs ** RESERVED ** while they are public (e.g. curl CVEs below)? https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8615 https://curl.haxx.se/docs/security.html: CVE-2016-8615 CVE-2016-8616 CVE-2016-8617 CVE-2016-8618 CVE-2016-8619 CVE-2016-8620 CVE-2016-8621 CVE-2016-8622 CVE-2016-8623 CVE-2016-8624 CVE-2016-8625 Shouldn't Mitre follow a process and update the page after CVEs have been made public e.g. by upstream project? Or perhaps there is another reason for these CVEs not to be updated? Best, --------------------------------------- Sona Sarmadi Security Responsible for Enea Linux Download attachment "signature.asc" of type "application/pgp-signature" (474 bytes)
Powered by blists - more mailing lists
Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.
Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.