RE: Initial Guidance on Linux Issues

To: "'Mann, Dave'" <damann@mitre.org>
Subject: RE: Initial Guidance on Linux Issues
From: Carsten Eiram <che@secunia.com>
Date: Fri, 18 May 2012 02:03:50 +0000
Accept-Language: en-US, da-DK
CC: "'cve-editorial-board-list'" <cve-editorial-board-list@LISTS.MITRE.ORG>
Delivery-Date: Thu May 17 22:06:16 2012
In-Reply-To: <2F43C4D2BE8AD24C8AC17D8C64B379B3173161@IMCMBX01.MITRE.ORG>
List-Help: <mailto:LISTSERV@LISTS.MITRE.ORG?body=INFO%20CVE-EDITORIAL-BOARD-LIST>
List-Owner: <mailto:CVE-EDITORIAL-BOARD-LIST-request@LISTS.MITRE.ORG>
List-Subscribe: <mailto:CVE-EDITORIAL-BOARD-LIST-subscribe-request@LISTS.MITRE.ORG>
List-Unsubscribe: <mailto:CVE-EDITORIAL-BOARD-LIST-unsubscribe-request@LISTS.MITRE.ORG>
References: <2F43C4D2BE8AD24C8AC17D8C64B379B316E978@IMCMBX01.MITRE.ORG> <1205110933300.14241@mjc.redhat.com> <2F43C4D2BE8AD24C8AC17D8C64B379B3172C97@IMCMBX01.MITRE.ORG> <1205170824070.32852@mjc.redhat.com> <4FB4F839.4090906@cert.org> <2F43C4D2BE8AD24C8AC17D8C64B379B3173161@IMCMBX01.MITRE.ORG>
Sender: <owner-cve-editorial-board-list@LISTS.MITRE.ORG>
Thread-Index: Ac0u5o8AtEu0nGb1QVKr9eP2FxpI2AAYClOAARBTYoAAGhJhAAALQgiAAAMdg4AAGnnf0A==
Thread-Topic: Initial Guidance on Linux Issues

> -----Original Message-----
> From: owner-cve-editorial-board-list@lists.mitre.org [mailto:owner-cve-
> editorial-board-list@lists.mitre.org] On Behalf Of Mann, Dave
> Sent: 17. maj 2012 16:37
> To: Art Manion; Mark J Cox
> Cc: cve-editorial-board-list
> Subject: RE: Initial Guidance on Linux Issues
> 
> 
> FUNDING IS NOT THE ISSUE - I really, really, really want to keep funding
> levels out of this discussion as much as possible and keep this focused on
> prioritization and relevance. We've asked if it is required to give full
> coverage for all vulnerabilities disclosed in the following 4 Linux distros:
> Debian, Red Hat, Attachmate: SUSE and Ubuntu (Linux).  Mark has argued
> that for Red Hat, the answer is yes.  What about the other three?

From our customers' perspective, there is a definite preference for having full CVE coverage for the following in prioritised order:
Status: O

* Red Hat (specifically RHEL Server - our customers have limited interest in e.g. the desktop solutions and Fedora. A full coverage focus could, therefore, be on RHELS only).
* SUSE (both SLES and openSUSE - interest for e.g. SLED is limited)
* Debian
* Ubuntu


-- 

Med venlig hilsen / Kind regards


Carsten H. Eiram
Chief Security Specialist

Follow us on twitter
http://twitter.com/secunia
http://twitter.com/carsteneiram

Secunia
Mikado House
Rued Langgaards Vej 8
2300 Copenhagen S
Denmark

Phone   +45 7020 5144
Fax       +45 7020 5145

Follow-Ups:
- Re: Initial Guidance on Linux Issues
  - From: Damir Rajnovic <gaus@cisco.com>

References:
- Initial Guidance on Linux Issues
  - From: "Mann, Dave" <damann@mitre.org>
- Re: Initial Guidance on Linux Issues
  - From: Mark J Cox <mjc@redhat.com>
- RE: Initial Guidance on Linux Issues
  - From: "Mann, Dave" <damann@mitre.org>
- RE: Initial Guidance on Linux Issues
  - From: Mark J Cox <mjc@redhat.com>
- Re: Initial Guidance on Linux Issues
  - From: Art Manion <amanion@cert.org>
- RE: Initial Guidance on Linux Issues
  - From: "Mann, Dave" <damann@mitre.org>

Prev by Date: RE: Sources: Full and Partial Coverage
Next by Date: Re: Initial Guidance on Linux Issues
Prev by thread: RE: Initial Guidance on Linux Issues
Next by thread: Re: Initial Guidance on Linux Issues
Index(es):
- Date
- Thread

Page Last Updated: November 06, 2012

Common Vulnerabilities and Exposures

RE: Initial Guidance on Linux Issues