[prev in list] [next in list] [prev in thread] [next in thread] 

List:       oss-security
Subject:    Re: [oss-security] CVE Request -- Revelation: 1) Limits effective password length to 32 characters 2
From:       "Steven M. Christey" <coley () rcf-smtp ! mitre ! org>
Date:       2012-06-19 19:05:04
Message-ID: Pine.GSO.4.64.1206191503350.25927 () faron ! mitre ! org
[Download RAW message or body]


On Mon, 18 Jun 2012, Kurt Seifried wrote:

> Assigned 2012 CVE's as the first clear mention of the issues is in the
> codepoet.no ticket. The Blog entry for 2010 mentions the issue
> indirectly so I'm going with the more concrete mention.

This is a reasonable approach to take.  The year portion of a CVE 
identifier can't always be associated with the actual year of disclosure, 
and in this case, it's arguable what counts as "sufficient disclosure" 
anyway.  A couple minutes of investigation is sufficient.

- Steve
[prev in list] [next in list] [prev in thread] [next in thread]