[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: CVE Numbering Authorities (was Re: Upcoming changes for CVE)
- To: "Boyle, Stephen V." <sboyle@mitre.org>
- Subject: Re: CVE Numbering Authorities (was Re: Upcoming changes for CVE)
- From: jericho <jericho@attrition.org>
- Date: Thu, 1 Oct 2015 18:14:27 -0500
- Authentication-Results: spf=none (sender IP is 129.83.29.3)smtp.mailfrom=LISTS.MITRE.ORG; mitre.mail.onmicrosoft.com; dkim=none (messagenot signed) header.d=none;mitre.mail.onmicrosoft.com; dmarc=none action=noneheader.from=attrition.org;
- CC: cve-editorial-board-list <cve-editorial-board-list@lists.mitre.org>
- Delivery-Date: Thu Oct 1 18:14:27 2015
- Importance: high
- In-Reply-To: <alpine.LNX.2.00.1510011755200.10220@forced.attrition.org>
- List-Help: <mailto:LISTSERV@LISTS.MITRE.ORG?body=INFO%20CVE-EDITORIAL-BOARD-LIST>
- List-Owner: <mailto:CVE-EDITORIAL-BOARD-LIST-request@LISTS.MITRE.ORG>
- List-Subscribe: <mailto:CVE-EDITORIAL-BOARD-LIST-subscribe-request@LISTS.MITRE.ORG>
- List-Unsubscribe: <mailto:CVE-EDITORIAL-BOARD-LIST-unsubscribe-request@LISTS.MITRE.ORG>
- References: <CY1PR09MB0873F2B276F2C79380A705D8C7430@CY1PR09MB0873.namprd09.prod.outlook.com> <alpine.LNX.2.00.1510011755200.10220@forced.attrition.org>
- Sender: <owner-cve-editorial-board-list@lists.mitre.org>
- User-Agent: Alpine 2.00 (LNX 1167 2008-08-23)
On Thu, 1 Oct 2015, jericho wrote: : Is there an ETA on this? Yet another CNA has stepped up to follow IBM's : lead in using the incorrect CVE that is very clearly labeled to be : specific to one vendor (CVE-20141-8730), all the while IBM keeps using : it in advisory after advisory after several warnings from me, and one : from Steve Christey I believe. Should be CVE-2014-8730, damn typos. I sent a slightly stern mail to HP's security alert contact, reminding them that a) 2014-8730 is not POODLE, but a 'variant of POODLE' (something else they got wrong in the advisory), and b) 2014-8730 is specific to F5 products, and that they should assign their own CVE identifier to cover HP products.
- Follow-Ups:
- update on HP (was Re: CVE Numbering Authorities (was Re: Upcoming changes for CVE))
- From: jericho <jericho@attrition.org>
- update on HP (was Re: CVE Numbering Authorities (was Re: Upcoming changes for CVE))
- References:
- CVE Numbering Authorities (was Re: Upcoming changes for CVE)
- From: jericho <jericho@attrition.org>
- CVE Numbering Authorities (was Re: Upcoming changes for CVE)
- Prev by Date: CVE Numbering Authorities (was Re: Upcoming changes for CVE)
- Next by Date: the list archive isn't updating again?
- Prev by thread: CVE Numbering Authorities (was Re: Upcoming changes for CVE)
- Next by thread: update on HP (was Re: CVE Numbering Authorities (was Re: Upcoming changes for CVE))
- Index(es):
