Follow @Openwall on Twitter for new release announcements and other news
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Message-Id: <201101181654.02556.timb@nth-dimension.org.uk>
Date: Tue, 18 Jan 2011 16:53:51 +0000
From: Tim Brown <timb@...-dimension.org.uk>
To: oss-security@...ts.openwall.com
Cc: Michael Gilbert <michael.s.gilbert@...il.com>
Subject: Re: CVE request

On Tuesday 18 January 2011 16:40:42 Michael Gilbert wrote:
> On Tue, 18 Jan 2011 12:22:05 +0000, Tim Brown wrote:
> > Guys,
> > 
> > What's the best way for an open source project to request a CVE prior to
> > disclosure?  I'm more that happy to coordinate the disclosure with
> > distributions where appropriate if that makes a difference.
> 
> You're looking for vendor-sec:
> http://oss-security.openwall.org/wiki/mailing-lists/vendor-sec

That's a closed list though isn't it?  If anyone wants to sponsor me on to it, 
I'm willing to put my OpenVAS hat on and jump through the necessary hoops :)

Tim
-- 
Tim Brown
<mailto:timb@...-dimension.org.uk>
<http://www.nth-dimension.org.uk/>

Download attachment "signature.asc " of type "application/pgp-signature" (837 bytes)

Powered by blists - more mailing lists

Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.

Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.