[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: New CNAs

To: "Adinolfi, Daniel R" <dadinolfi@mitre.org>
Subject: Re: New CNAs
From: Kurt Seifried <kseifried@redhat.com>
Date: Sun, 21 Aug 2016 11:40:32 -0600
Authentication-results: spf=none (sender IP is 129.83.29.2) smtp.mailfrom=LISTS.MITRE.ORG; mitre.mail.onmicrosoft.com; dkim=none (message not signed) header.d=none;mitre.mail.onmicrosoft.com; dmarc=none action=none header.from=redhat.com;mitre.org; dkim=none (message not signed) header.d=none;
Cc: cve-editorial-board-list <cve-editorial-board-list@lists.mitre.org>
Delivery-date: Mon Aug 22 07:56:21 2016
In-reply-to: <CA0C7418-2CC1-4EDB-977B-6DC8527DACA5@mitre.org>
List-help: <mailto:LISTSERV@LISTS.MITRE.ORG?body=INFO%20CVE-EDITORIAL-BOARD-LIST>
List-owner: <mailto:CVE-EDITORIAL-BOARD-LIST-request@LISTS.MITRE.ORG>
List-subscribe: <mailto:CVE-EDITORIAL-BOARD-LIST-subscribe-request@LISTS.MITRE.ORG>
List-unsubscribe: <mailto:CVE-EDITORIAL-BOARD-LIST-unsubscribe-request@LISTS.MITRE.ORG>
References: <CA0C7418-2CC1-4EDB-977B-6DC8527DACA5@mitre.org>
Sender: <owner-cve-editorial-board-list@lists.mitre.org>
Spamdiagnosticmetadata: 6cdb8bfc89744bd8bfee511e3e65aa05
Spamdiagnosticoutput: 1:2

Just to confirm the Apache foundation will be a "Traditional" CNA, e.g. under MITRE directly, not under the DWF (in other words I want to confirm that they get their CVE blocks from MITRE)? Thanks.

On Wed, Aug 17, 2016 at 1:54 PM, Adinolfi, Daniel R <dadinolfi@mitre.org> wrote:

All,

As you probably remember, Intel expressed an interest in becoming a CNA, and they have since been working through the on-boarding process. We are pleased to announce the Intel team is ready to assign CVE IDs, and we are adding them to the CNA list COB Friday. This CNA will cover Intel and McAfee products.

The Apache Software Foundation has been involved with CVE assignment through Red Hat and through a long history of vulnerability management. We are also adding them to the CNA list COB Friday. This CNA will cover all software developed under the Apache Software Foundation.

Both teams have shown that they understand the assignment process and know what content needs to be provided for creating useful descriptions.

Please let us know if you have any questions.

-Dan

_________________________

Daniel Adinolfi, CISSP

Lead Cybersecurity Engineer, The MITRE Corporation

CVE Communications and CNA Coordinator

Email: <dadinolfi@mitre.org> Phone: 781-271-5774

--
Kurt Seifried -- Red Hat -- Product Security -- Cloud
PGP A90B F995 7350 148F 66BF 7554 160D 4553 5E26 7993
Red Hat Product Security contact: secalert@redhat.com

Follow-Ups:
- Re: New CNAs
  - From: Mark J Cox <mjc@redhat.com>

References:
- New CNAs
  - From: "Adinolfi, Daniel R" <dadinolfi@mitre.org>

Prev by Date: New CNAs
Next by Date: Re: New CNAs
Previous by thread: New CNAs
Next by thread: Re: New CNAs
Index(es):
- Date
- Thread