|
|
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: Regarding the Distributed Weakness Filing system
- To: Kurt Seifried <kseifried@redhat.com>, cve-editorial-board-list<cve-editorial-board-list@LISTS.MITRE.ORG>
- Subject: Re: Regarding the Distributed Weakness Filing system
- From: Pascal Meunier <pmeunier@cerias.purdue.edu>
- Date: Mon, 7 Mar 2016 21:49:08 -0500
- Authentication-Results: spf=none (sender IP is 129.83.29.2)smtp.mailfrom=LISTS.MITRE.ORG; mitre.mail.onmicrosoft.com; dkim=none (messagenot signed) header.d=none;mitre.mail.onmicrosoft.com; dmarc=none action=noneheader.from=cerias.purdue.edu;
- Delivery-Date: Tue Mar 8 07:47:05 2016
- In-Reply-To: <CANO=Ty3tjTEMh7-xZSfzXaWBYmEu4N_bnZLXVmBxgD6x6942nw@mail.gmail.com>
- List-Help: <mailto:LISTSERV@LISTS.MITRE.ORG?body=INFO%20CVE-EDITORIAL-BOARD-LIST>
- List-Owner: <mailto:CVE-EDITORIAL-BOARD-LIST-request@LISTS.MITRE.ORG>
- List-Subscribe: <mailto:CVE-EDITORIAL-BOARD-LIST-subscribe-request@LISTS.MITRE.ORG>
- List-Unsubscribe: <mailto:CVE-EDITORIAL-BOARD-LIST-unsubscribe-request@LISTS.MITRE.ORG>
- References: <CANO=Ty3tjTEMh7-xZSfzXaWBYmEu4N_bnZLXVmBxgD6x6942nw@mail.gmail.com>
- Sender: <owner-cve-editorial-board-list@lists.mitre.org>
- SpamDiagnosticMetadata: 43da9c421be74aed97248473db21fd15
- SpamDiagnosticOutput: 1:2
- User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:38.0) Gecko/20100101 Icedove/38.6.0
On 03/07/2016 08:53 PM, Kurt Seifried wrote: > "The vendor declined to fix the vulnerability". That one is jaw-dropping. By implication, if I refuse to fix it, you can't mention it, discuss it, or issue an advisory about it? That's obstructing vulnerability disclosure, and a way to stimulate full disclosure by default for future issues. Can MITRE please report how many times this reason is used? Pascal
- Follow-Ups:
- Re: Regarding the Distributed Weakness Filing system
- From: Kurt Seifried <kseifried@redhat.com>
- Re: Regarding the Distributed Weakness Filing system
- References:
- Regarding the Distributed Weakness Filing system
- From: Kurt Seifried <kseifried@redhat.com>
- Regarding the Distributed Weakness Filing system
- Prev by Date: Regarding the Distributed Weakness Filing system
- Next by Date: Re: Regarding the Distributed Weakness Filing system
- Previous by thread: Regarding the Distributed Weakness Filing system
- Next by thread: Re: Regarding the Distributed Weakness Filing system
- Index(es):