[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: Official Vendor Statement Service for the set of CVE Vulnerabilities
- To: cve-editorial-board-list@LISTS.MITRE.ORG
- Subject: Re: Official Vendor Statement Service for the set of CVE Vulnerabilities
- From: "Steven M. Christey" <coley@rcf-smtp.mitre.org>
- Date: Thu, 7 Sep 2006 15:35:52 -0400 (EDT)
- Delivery-Date: Thu Sep 7 15:36:09 2006
- In-Reply-To: <200609071804.k87I4rcC002714@smtp.nist.gov>
- References: <200609071804.k87I4rcC002714@smtp.nist.gov>
- Sender: owner-cve-editorial-board-list@LISTS.MITRE.ORG
Several of us in the vuln database world have been talking about a capability like this for a couple years. It's become more important as the noise increases, or at least the volume of noise; I'm not sure if the percentage has changed, although grep-and-gripe research is clearly on the rise. While CERT/CC has offered something like this for years in their vulnerability notes, I am very glad to see it become much more widely available to any CVE. This will in turn improve the overall quality of vulnerability information. Finally, it should be noted that the new capability is a direct result of the Editorial Board teleconference we had a couple months ago (sigh, I know I still need to write up that summary...) It's good to see that the first meeting in a few years can still bear fruit! To that end, we should probably have another teleconference in the next month or so. - Steve
- References:
- Official Vendor Statement Service for the set of CVE Vulnerabilities
- From: "Peter Mell" <mell@nist.gov>
- Official Vendor Statement Service for the set of CVE Vulnerabilities
- Prev by Date: Official Vendor Statement Service for the set of CVE Vulnerabilities
- Prev by thread: Official Vendor Statement Service for the set of CVE Vulnerabilities
- Index(es):
