[prev in list] [next in list] [prev in thread] [next in thread] 

List:       oss-security
Subject:    Re: [oss-security] CVE Help
From:       Solar Designer <solar () openwall ! com>
Date:       2008-02-23 1:34:29
Message-ID: 20080223013429.GC15672 () openwall ! com
[Download RAW message or body]

> > Jamie Strandboge wrote:
> > You'll probably want to CC Steve on such emails... I don't think he's
> > actually subscribed to the list (Steve, feel free to correct me if I'm
> > wrong here... I assumed it would be the same as vendor-sec).

On Thu, Feb 21, 2008 at 05:12:15PM -0500, Josh Bressers wrote:
> Steve,
> 
> I think this is a good opportunity to ask you how we can use this list to
> make your life easier.  Perhaps it's worth thinking about ways some of the
> subscribed CNAs can dish out CVE ids to reduce your load a little bit for
> these public issues that obviously lack a proper id.

IIRC, Steve's reason for not being on vendor-sec was that he did not
want to be exposed to more non-public security issues (and detailed info
on them) than is necessary for assigning CVE ids.  If so, this reason
does not apply for oss-security, because this is a public list.  Steve -
you're welcome to join us on oss-security, although this is, of course,
up to you. :-)

Thanks,

Alexander

[prev in list] [next in list] [prev in thread] [next in thread]