Follow @Openwall on Twitter for new release announcements and other news
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Date: Thu, 17 Feb 2011 13:10:21 -0500 (EST)
From: "Steven M. Christey" <coley@...-smtp.mitre.org>
To: oss-security@...ts.openwall.com
Subject: Re: Webkit Dupes


On Sat, 5 Feb 2011, Michael Gilbert wrote:

> Hi,
>
> The following issues are duplicate CVE assignments for webkit.  Please
> merge and reject these as appropriate.

I will handle these accordingly.  As you've noticed, a lot of CVE 
descriptions don't have detailed information, so sometimes it's hard to be 
certain when there are dupes.

> Would it be possible to force Google and Apple to coordinate better to 
> avoid these dupes?  This is creating unnecessary work and making it 
> appear that webkit has a lot more issues than it really does.

I started this conversation with both organizations a while ago, and your 
findings (plus a separate effort by Josh Bressers) are renewing this 
conversation.  That is, I'm working on it :)

- Steve

Powered by blists - more mailing lists

Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.

Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.