[prev in list] [next in list] [prev in thread] [next in thread] 

List:       oss-security
Subject:    Re: [oss-security] MITRE is adding data intake to its CVE ID process
From:       Kash Pande <kash () tripleback ! net>
Date:       2017-04-27 15:46:49
Message-ID: 775c0f6a-3a9a-913c-de4a-40208159a6ad () tripleback ! net
[Download RAW message or body]


On 27/04/17 11:31 AM, Solar Designer wrote:
> I am a bit concerned that MITRE's change may
> result in us getting notified in fewer cases, especially if we continue
> to redirect to MITRE those CVE requests that still arrive in here.  This
> is going to result in not only fewer CVE requests sent in here, but also
> in fewer vulnerabilities being disclosed in here - or at least in them
> being brought in here with an extra delay (after MITRE has assigned a
> CVE ID and reminded the person that they should notify oss-security,
> which thankfully they do).

I share with you these concerns, thank you for articulating them.


Kash Pande
[prev in list] [next in list] [prev in thread] [next in thread]