[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

RE: procedure for penalizing or revoking CNA status?

To: jericho <jericho@attrition.org>
Subject: RE: procedure for penalizing or revoking CNA status?
From: "Christey, Steven M." <coley@mitre.org>
Date: Tue, 1 Sep 2015 22:15:34 +0000
Accept-Language: en-US
Authentication-Results: spf=none (sender IP is 129.83.29.3)smtp.mailfrom=LISTS.MITRE.ORG; mitre.mail.onmicrosoft.com; dkim=none (messagenot signed) header.d=none;mitre.mail.onmicrosoft.com; dmarc=none action=noneheader.from=mitre.org;
CC: cve-editorial-board-list <cve-editorial-board-list@lists.mitre.org>
Delivered-To: coley@rcf-smtp.mitre.org
Delivery-Date: Tue Sep 1 18:16:48 2015
In-Reply-To: <alpine.LNX.2.00.1508290104360.15040@forced.attrition.org>
List-Help: <mailto:LISTSERV@LISTS.MITRE.ORG?body=INFO%20CVE-EDITORIAL-BOARD-LIST>
List-Owner: <mailto:CVE-EDITORIAL-BOARD-LIST-request@LISTS.MITRE.ORG>
List-Subscribe: <mailto:CVE-EDITORIAL-BOARD-LIST-subscribe-request@LISTS.MITRE.ORG>
List-Unsubscribe: <mailto:CVE-EDITORIAL-BOARD-LIST-unsubscribe-request@LISTS.MITRE.ORG>
References: <alpine.LNX.2.00.1409252348190.6528@forced.attrition.org> <Pine.LNX.4.64.1410101327160.14743@beijing.mitre.org> <alpine.LNX.2.00.1508282333000.15040@forced.attrition.org> <alpine.LNX.2.00.1508290104360.15040@forced.attrition.org>
Sender: <owner-cve-editorial-board-list@lists.mitre.org>
SpamDiagnosticMetadata: NSPM
SpamDiagnosticMetadata: NSPM
SpamDiagnosticOutput: 1:23
SpamDiagnosticOutput: 1:23
Thread-Index: AQHQ4h7vnwvREEB2rkifDCUWc3JcDZ4ifcOAgAXFQGA=
Thread-Topic: procedure for penalizing or revoking CNA status?

The message below, quoted in its entirety, has now been publicly archived at:

   cve.mitre.org/data/board/archives/2015-08/msg00002.html

- Steve

> -----Original Message-----
> From: jericho [mailto:jericho@attrition.org]
> Sent: Saturday, August 29, 2015 2:08 AM
> To: Christey, Steven M. <coley@mitre.org>
> Cc: cve-editorial-board-list <cve-editorial-board-list@lists.mitre.org>
> Subject: Re: procedure for penalizing or revoking CNA status?
> Importance: High
> 
> 
> The entire time writing this, was trying to find an article to justify a
> single sentence. After Tweeting to the news outlet and baiting them, they
> dug up the articles that weren't available via search, or the mobile app
> even 12 hours later.
> 
> On Sat, 29 Aug 2015, jericho wrote:
> 
> : Are you guys fucking daft? YOU CONTROL CVE. You are the overlords of this
> : failing effort. You are considered the industry standard on this. Wo(man)
> 
> http://www.theregister.co.uk/2015/08/28/security_vulns_collective_noun/?mt
> =1440828281946
> 
> Please, read this article because it is amusing, and the finale of a
> series. But, take note:
> 
> Bugnote
> * CVE stands for Common Vulnerabilities and Exposures, the industry-wide
> system for uniquely identifying security bugs.
> 
> .b
> 
> http://www.theregister.co.uk/2015/08/20/android_multitasking_flaw/
> http://www.theregister.co.uk/2015/08/21/collective_noun_security_vulns/

Prev by Date: RE: procedure for penalizing or revoking CNA status?
Next by Date: RE: NTIA announces first meeting on Vulnerability Disclosure
Prev by thread: Re: procedure for penalizing or revoking CNA status?
Next by thread: RE: NTIA announces first meeting on Vulnerability Disclosure
Index(es):
- Date
- Thread