oss-sec mailing list archives
Re: CVE request for OpenStack Compute (nova)
From: Jeremy Stanley <jeremy () openstack org>
Date: Wed, 25 Mar 2015 13:05:32 +0000
On 2015-03-25 03:13:40 -0400 (-0400), cve-assign () mitre org wrote: [...]
Similarly, there's obviously no obligation to send a notification to oss-security whenever a potential vulnerability has been evaluated.
Correct, and we don't in those situations. In this case it was brought to the list by a representative of a Linux distribution affected by the bug in a release we no longer support upstream, since they need to implement a fix for it in their product. -- Jeremy Stanley
Attachment:
signature.asc
Description: Digital signature
Current thread:
- CVE request for OpenStack Compute (nova) Garth Mollett (Mar 23)
- Re: CVE request for OpenStack Compute (nova) cve-assign (Mar 24)
- Re: CVE request for OpenStack Compute (nova) Garth Mollett (Mar 24)
- Re: Re: CVE request for OpenStack Compute (nova) Jeremy Stanley (Mar 24)
- Re: CVE request for OpenStack Compute (nova) cve-assign (Mar 25)
- Re: CVE request for OpenStack Compute (nova) Jeremy Stanley (Mar 25)
- Re: CVE request for OpenStack Compute (nova) cve-assign (Mar 24)