[prev in list] [next in list] [prev in thread] [next in thread]
List: oss-security
Subject: Re: [oss-security] CVE id assignment dates
From: Henri Salo <henri () nerv ! fi>
Date: 2012-01-24 14:30:07
Message-ID: 20120124143007.GG9326 () foo ! fgeek ! fi
[Download RAW message or body]
On Tue, Jan 24, 2012 at 09:10:55AM -0500, Steven M. Christey wrote:
> I completely agree that tracking this kind of information is
> important, and I've personally wanted to see disclosure-related
> stats for years. I specifically mentioned OSVDB because they are
> trying to track this information at a greater level of detail than
> any other effort I know of. And, by virtue of being an *open source*
> vulnerability database, others can contribute to it.
>
> - Steve
First of all I am heavy user of OSVDB (http://osvdb.org/user/fgeek/profile). One should note \
that even OSVDB has a license, which will limit the usage of the data: http://osvdb.org/license \
and from my own experience I can say that this is definitely not always a good thing and might \
create new aspects for words open and free. For NDA reasons I can't say the case where this was \
a problem, but you can use your imagination.
- Henri Salo
[prev in list] [next in list] [prev in thread] [next in thread]
Configure |
About |
News |
Add a list |
Sponsored by KoreLogic