[prev in list] [next in list] [prev in thread] [next in thread] 

List:       oss-security
Subject:    Re: [oss-security] !CVE: A new platform to track security issues not acknowledged by vendors
From:       Brian Peters <brianrpeters () gmail ! com>
Date:       2023-11-08 20:55:53
Message-ID: CAK_vis6udRU5MRodhseyqVdPVXD2iv0cU7uXqpAGxpGVh_fKAQ () mail ! gmail ! com
[Download RAW message or body]


> I somehow doubt the presence of the ! makes much of a difference.

What about NVID? NVID-2023-0001
Not (A) Vulnerability ID

On Wed, Nov 8, 2023 at 2:39 PM Vegard Nossum <vegard.nossum@oracle.com>
wrote:

>
> On 08/11/2023 14:22, !CVE Team wrote:
> > ==============
> > What is a !CVE
> > ==============
> >
> >     - A common place for !vulnerabilities (read not vulnerabilities)
> >
> >     - Security issues not covered by the traditional CVE.
> >
> >     - An identifier following common naming starting with an exclamation
> >       mark(!) Example: !CVE-2023-0001
>
> I am not a lawyer, but I'd assume you would run into some issues with
> the naming of all this -- wasn't that the exact issue that somebody else
> ran into when they tried to assign identifiers to bugs that MITRE
> wouldn't acknowledge? Here's what they said back then:
>
> <
> https://cve.mitre.org/news/archives/2021/news.html#April022021_Message_to_DWF_from_the_CVE_Board
> >
>
> I somehow doubt the presence of the ! makes much of a difference.
>
>
> Vegard
>


[prev in list] [next in list] [prev in thread] [next in thread]