[
Date Prev][
Date Next][
Thread Prev][
Thread Next][
Date Index][
Thread Index]
Re: [TECH] Duplicate candidates - which one should be preferred?
Since 2001-0145 is already cross-referenced in other advisories, and
there is just a little more detail in that entry, it would make
correlation efforts easier all the way around. I there should be some
reference that it absorbed/replaced 2000-0756, and 2000-0746 should
reflect it was absorbed by 2001-0145.
Pascal Meunier wrote:
>
> Yes, I think we should keep CAN-2001-0145 to become the CVE number, and have CAN-2000-0756 and CAN(CVE)-2001-0145 doubly linked with an explicit notice "These are the same vulnerabilities."
>
> I think that this is an acceptable price to pay for a reduced lag time, if it happens only a few times per year.
>
> Cheers,
> Pascal
>
> At 11:36 PM -0500 2/27/01, Steven M. Christey wrote:
> ...
> >The guidelines suggest that CAN-2001-0145 would be promoted instead of
> >CAN-2000-0756. So, is that reasonable?
> >
> >- Steve
--
------------------------------------------------------------
David W. Baker bakerd@mitre.org
Lead INFOSEC Engineer
G023 - Secure Information Technology (703) 883-3658
The MITRE Corporation (703) 883-4589 (F)
Mailstop W435 (877) 682-0632 (P)
1820 Dolley Madison Blvd McLean, VA, 22102
------------------------------------------------------------
"Cyberspace. A consensual hallucination experienced daily by
billions of legitimate operators, in every nation, by
children being taught mathematical concepts... A graphic
representation of data abstracted from the banks of every
computer in the human system. Unthinkable complexity. Lines
of light ranged in the nonspace of the mind, clusters and
constellations of data. Like city lights, receding..."
- William Gibson, "Neuromancer"
"640K ought to be enough for anybody." - Bill Gates, 1981
-------------------------------------------------------------