Date: Wed, 19 Jul 2017 15:59:00 +0300 From: Henri Salo <henri@...v.fi> To: Matthew Daley <mattd@...fuzz.com> Cc: Kurt Seifried <kurt@...fried.org>, oss-security@...ts.openwall.com Subject: Re: ATutor CVE-2017-1000002, CVE-2017-1000003, CVE-2017-1000004 On Wed, Jul 19, 2017 at 11:37:28PM +1200, Matthew Daley wrote: > On 17 July 2017 at 00:01, Henri Salo <henri@...v.fi> wrote: > > Is this assigment somehow related to this oss-security post? > > http://www.openwall.com/lists/oss-security/2016/07/01/3 > > Yes. Thanks for your reply and clearing this up. One of the points in my email was that this is not documented in the DWF item well enough. There is description_data with value, but no referer to oss-security, which should also use those issue numbers. Should the assigner or requester post this information to oss-security aswell or is the point that DWF is followed via GitHub with custom scripts? If someone makes a pull request to the item is the information populated to MITRE and NVD databases and how often? -- Henri Salo
Powered by blists - more mailing lists
Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.
Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.