Follow @Openwall on Twitter for new release announcements and other news
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Message-ID: <20131222104247.GA11108@openwall.com>
Date: Sun, 22 Dec 2013 14:42:47 +0400
From: Solar Designer <solar@...nwall.com>
To: oss-security@...ts.openwall.com
Subject: Re: CVE REJECTS

Kurt, all -

On Wed, Dec 18, 2013 at 11:29:23PM -0700, Kurt Seifried wrote:
> CVE-2013-4403 - turns out CVE-2013-4404 covered the issue, no need for
> 4403.
> 
> CVE-2013-4418 - turns out to be security hardening, not a security
> flaw, just like CVE-2013-4417

While I greatly appreciate your work on CVE assignments, I'd appreciate
it if you and others include at least project names and preferably also
vulnerability types and/or brief descriptions along with CVE IDs in
postings such as the above.  That would make them a lot more useful to
those of us who are not focused on CVE as much, but may nevertheless be
interested in findings about the actual security issues.  We're unlikely
to go and look up each CVE ID mentioned without detail just in case it's
relevant to our projects.

Thanks,

Alexander

Powered by blists - more mailing lists

Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.

Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.