oss-sec mailing list archives

Re: tool announcements

From: "Steven M. Christey" <coley () linus mitre org>
Date: Tue, 3 Jun 2008 18:08:59 -0400 (EDT)


On Tue, 3 Jun 2008, Pierre-Yves Rofes wrote:

Looking at the archives, at least half of the topics are CVE requests,
so maybe we should think about renaming the list "oss-CVEreq" :)


Until oss-security, these CVE requests were typically made either by one
distro and included in their bug report, or through vendor-sec even if the
issue was technically public.  When we assigned the CVE, it would often
become the first place where the issue was more widely announced.
Amongst the other benefits of this list, I think it provides a function
for wider, quicker dissemination of these types of issues.  The CVE
requests just happen to be part of the coordination function that the
distros used to perform in less visible ways.

- Steve

Current thread:

Re: code reviews (was: ARP handler Inspection tool released), (continued)
- - - Re: code reviews (was: ARP handler Inspection tool released) Andrea Barisani (Jun 02)
    - Re: code reviews (was: ARP handler Inspection tool released) Nico Golde (Jun 02)
    - Re: tool announcements (was: ARP handler Inspection tool released) Solar Designer (Jun 03)
    - Re: tool announcements (was: ARP handler Inspection tool released) Steven M. Christey (Jun 03)
    - Re: code reviews (was: ARP handler Inspection tool released) Solar Designer (Jun 03)
    - Re: code reviews (was: ARP handler Inspection tool released) Steve Kemp (Jun 03)
  - Re: ARP handler Inspection tool released Jonathan Smith (Jun 02)
    - tool announcements (was: ARP handler Inspection tool released) Solar Designer (Jun 03)
    - Re: tool announcements Jonathan Smith (Jun 03)
    - Re: tool announcements Pierre-Yves Rofes (Jun 03)
    - Re: tool announcements Steven M. Christey (Jun 03)
    - Re: tool announcements (was: ARP handler Inspection tool released) Michael Simpson (Jun 04)