[prev in list] [next in list] [prev in thread] [next in thread] 

List:       oss-security
Subject:    Re: [oss-security] Ruby CVEs
From:       Henri Salo <henri () nerv ! fi>
Date:       2013-03-21 14:21:47
Message-ID: 20130321142147.GA4602 () kludge ! henri ! nerv ! fi
[Download RAW message or body]


On Thu, Mar 21, 2013 at 02:05:13PM +0000, Christey, Steven M. wrote:
> I agree with Alexander.  The CVE assignment process is never intended to introduce \
> unnecessary delays to the publication of vulnerability information.  Merely noting whether \
> CVEs have already been requested should reduce most of the risk of duplicates without forcing \
> people to delay publication. 
> - Steve

There hasn't been any delays in publication of this security vulnerability.
Advisory was made in different mailing list without CVE. This is the reason I
asked him to request CVE identifier and pointed to oss-security mailing list.

CVE got assigned. List knows about the issue. End of story. Next problem,
please.

---
Henri Salo


["signature.asc" (application/pgp-signature)]

[prev in list] [next in list] [prev in thread] [next in thread]