[prev in list] [next in list] [prev in thread] [next in thread]
List: oss-security
Subject: Re: [oss-security] Ruby CVEs
From: Henri Salo <henri () nerv ! fi>
Date: 2013-03-21 14:21:47
Message-ID: 20130321142147.GA4602 () kludge ! henri ! nerv ! fi
[Download RAW message or body]
On Thu, Mar 21, 2013 at 02:05:13PM +0000, Christey, Steven M. wrote:
> I agree with Alexander. The CVE assignment process is never intended to introduce \
> unnecessary delays to the publication of vulnerability information. Merely noting whether \
> CVEs have already been requested should reduce most of the risk of duplicates without forcing \
> people to delay publication.
> - Steve
There hasn't been any delays in publication of this security vulnerability.
Advisory was made in different mailing list without CVE. This is the reason I
asked him to request CVE identifier and pointed to oss-security mailing list.
CVE got assigned. List knows about the issue. End of story. Next problem,
please.
---
Henri Salo
["signature.asc" (application/pgp-signature)]
[prev in list] [next in list] [prev in thread] [next in thread]
Configure |
About |
News |
Add a list |
Sponsored by KoreLogic