[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: CD PROPOSAL: EXCLUSION - Interim Decision 8/23



REJECT

Items 1, 3, 4 and 5 are just negations of the INCLUSION content decision.
They do not bring any new information, introduce inconsistencies like #5
which is almost but not exactly the negation of INCLUSION #4, and the
maintenance of two different versions of the same thing is a bad idea.  I
would suggest instead to change the INCLUSION to have item

5) It is publicly known

and this avoids all redundancies or restating of the obvious such as "fails
to satisfy all INCLUSION conditions".

Pascal


>Please vote on this pervasive content decision using the space
>provided below.
>
>Note that the requirement for sufficient validation will be one of the
>EXCEPTION content decisions.
>
>
>Content Decision: EXCLUSION (What to exclude from the CVE)
>----------------------------------------------------------
>
>VOTE:
>
>(Member may vote ACCEPT, MODIFY, REJECT, or NOOP.)
>
>
>A candidate vulnerability may not be included in the CVE if any of the
>following conditions hold:
>
>1) It does not satisfy the CVE vulnerability definition
>
>2) It is not publicly known
>
>3) It is excluded via any EXCEPTION content decision (defined
>elsewhere)
>
>4) Less than 50% of active voting members vote to ACCEPT or MODIFY
>the candidate
>
>5) Less than 2 non-MITRE members from different organizations vote on
>the candidate

Page Last Updated or Reviewed: May 22, 2007