Re: [oss-security] CVE request

From: Tim Brown <timb_at_nospam>
Date: Tue Jan 18 2011 - 16:53:51 GMT
To: oss-security@lists.openwall.com

On Tuesday 18 January 2011 16:40:42 Michael Gilbert wrote:
> On Tue, 18 Jan 2011 12:22:05 +0000, Tim Brown wrote:
> > Guys,
> >
> > What's the best way for an open source project to request a CVE prior to
> > disclosure? I'm more that happy to coordinate the disclosure with
> > distributions where appropriate if that makes a difference.
>
> You're looking for vendor-sec:
> http://oss-security.openwall.org/wiki/mailing-lists/vendor-sec

That's a closed list though isn't it? If anyone wants to sponsor me on to it,
I'm willing to put my OpenVAS hat on and jump through the necessary hoops :)

Tim
-- Tim Brown <mailto:timb@nth-dimension.org.uk> <http://www.nth-dimension.org.uk/>

This message: [ Message body ]
Next message: Michael Gilbert: "Re: [oss-security] CVE request"
Previous message: Michael Gilbert: "Re: [oss-security] CVE request"
In reply to: Michael Gilbert: "Re: [oss-security] CVE request"
Next in thread: Michael Gilbert: "Re: [oss-security] CVE request"
Reply: Michael Gilbert: "Re: [oss-security] CVE request"
Reply: Josh Bressers: "Re: [oss-security] CVE request"

Contemporary messages sorted: [ By Date ] [ By Thread ] [ By Subject ] [ By Author ]