Follow @Openwall on Twitter for new release announcements and other news
[<prev] [next>] [<thread-prev] [day] [month] [year] [list]
Message-ID: <loom.20130718T121741-706@post.gmane.org>
Date: Thu, 18 Jul 2013 10:20:26 +0000 (UTC)
From: mancha <mancha1@...h.com>
To: oss-security@...ts.openwall.com
Subject: Re: CVE Request - xlockmore 5.43 fixes a security flaw

Kurt Seifried <kseifried@...> writes:
> I request some details, others like Drupal have security advisories that
> are sufficiently detailed that i can assign based on them alone, so
> until a CVE requester proves that they know what they are doing,
> reliably, I'm going to need details to make sure the CVE assignment is
> done correctly. Part of the issue is scale, I do 1000+ CVE assignments
> a year, so if they start taking more then 5-10 minutes I won't have
> time to do anything else (like my day job, or sleep).

Thank you for taking the time to provide such a detailed response.
What you say makes complete sense and helps me (and I assume list
onlookers) get a better feel for the process.

Best,

--mancha

Powered by blists - more mailing lists

Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.

Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.