oss-security January 2011 archive
Main Archive Page > Month Archives  > oss-security archives
oss-security: Re: [oss-security] CVE request

Re: [oss-security] CVE request

From: Tim Brown <timb_at_nospam>
Date: Tue Jan 18 2011 - 16:53:51 GMT
To: oss-security@lists.openwall.com

On Tuesday 18 January 2011 16:40:42 Michael Gilbert wrote:
> On Tue, 18 Jan 2011 12:22:05 +0000, Tim Brown wrote:
> > Guys,
> >
> > What's the best way for an open source project to request a CVE prior to
> > disclosure? I'm more that happy to coordinate the disclosure with
> > distributions where appropriate if that makes a difference.
>
> You're looking for vendor-sec:
> http://oss-security.openwall.org/wiki/mailing-lists/vendor-sec

That's a closed list though isn't it? If anyone wants to sponsor me on to it,
I'm willing to put my OpenVAS hat on and jump through the necessary hoops :)

Tim
-- Tim Brown <mailto:timb@nth-dimension.org.uk> <http://www.nth-dimension.org.uk/>