|
|
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: CVE Automation Working Group Recommendation - 01-17-2017
- To: "Booth, Harold (Fed)" <harold.booth@nist.gov>
- Subject: Re: CVE Automation Working Group Recommendation - 01-17-2017
- From: Kurt Seifried <kseifried@redhat.com>
- Date: Thu, 19 Jan 2017 08:25:39 -0700
- Authentication-results: spf=none (sender IP is 129.83.29.2) smtp.mailfrom=LISTS.MITRE.ORG; mitre.mail.onmicrosoft.com; dkim=none (message not signed) header.d=none;mitre.mail.onmicrosoft.com; dmarc=none action=none header.from=redhat.com;mitre.org; dkim=none (message not signed) header.d=none;
- Cc: "cve-editorial-board-list@lists.mitre.org" <cve-editorial-board-list@lists.mitre.org>
- Delivery-date: Thu Jan 19 12:11:17 2017
- In-reply-to: <CY4PR09MB1255BCDC0AA83D535C9ECDBFE67E0@CY4PR09MB1255.namprd09.prod.outlook.com>
- List-help: <mailto:LISTSERV@LISTS.MITRE.ORG?body=INFO%20CVE-EDITORIAL-BOARD-LIST>
- List-owner: <mailto:CVE-EDITORIAL-BOARD-LIST-request@LISTS.MITRE.ORG>
- List-subscribe: <mailto:CVE-EDITORIAL-BOARD-LIST-subscribe-request@LISTS.MITRE.ORG>
- List-unsubscribe: <mailto:CVE-EDITORIAL-BOARD-LIST-unsubscribe-request@LISTS.MITRE.ORG>
- References: <CY4PR09MB1255BCDC0AA83D535C9ECDBFE67E0@CY4PR09MB1255.namprd09.prod.outlook.com>
- Sender: <owner-cve-editorial-board-list@lists.mitre.org>
- Spamdiagnosticmetadata: 6cdb8bfc89744bd8bfee511e3e65aa05
- Spamdiagnosticoutput: 1:2
On Thu, Jan 19, 2017 at 7:52 AM, Booth, Harold (Fed) <harold.booth@nist.gov> wrote:
Proposed Recommendation
A working draft of the JSON format will be put forth on January 31st followed by a 30-day comment period. The working draft will start from the schema currently at https://github.com/
distributedweaknessfiling/DWF- and will be published at https://github.com/Documentation/blob/master/ JSON-file-format-v4.md CVEProject/automation-working- . At the end of the comment period after addressing any comments, a final version will be produced that will be used by MITRE and the CNAs for the purpose of receiving CNA submissions. Work will continue to evolve the format to address additional use cases.group/tree/master/cve_json_ schema
Please note it's not yet done, I got the basic structural changes done and documented (essentially all the new stuff), I need to merge in the version 3 JSON stuff now (e.g. how we do CVSSv2/3 and things like that).
Response Period: One Week: January 26, 2017
--
Kurt Seifried -- Red Hat -- Product Security -- Cloud
PGP A90B F995 7350 148F 66BF 7554 160D 4553 5E26 7993
Red Hat Product Security contact: secalert@redhat.com
Kurt Seifried -- Red Hat -- Product Security -- Cloud
PGP A90B F995 7350 148F 66BF 7554 160D 4553 5E26 7993
Red Hat Product Security contact: secalert@redhat.com
- Follow-Ups:
- Re: CVE Automation Working Group Recommendation - 01-17-2017
- From: "Landfield, Kent B" <kent.b.landfield@intel.com>
- Re: CVE Automation Working Group Recommendation - 01-17-2017
- References:
- CVE Automation Working Group Recommendation - 01-17-2017
- From: "Booth, Harold (Fed)" <harold.booth@nist.gov>
- CVE Automation Working Group Recommendation - 01-17-2017
- Prev by Date: CVE Automation Working Group Recommendation - 01-17-2017
- Next by Date: Re: CVE Automation Working Group Recommendation - 01-17-2017
- Previous by thread: CVE Automation Working Group Recommendation - 01-17-2017
- Next by thread: Re: CVE Automation Working Group Recommendation - 01-17-2017
- Index(es):