[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Also an update for the Linux CNAs

To: cve-editorial-board-list <cve-editorial-board-list@lists.mitre.org>
Subject: Also an update for the Linux CNAs
From: Kurt Seifried <kseifried@redhat.com>
Date: Mon, 16 May 2016 17:48:16 -0600
Authentication-results: spf=none (sender IP is 129.83.29.2) smtp.mailfrom=LISTS.MITRE.ORG; mitre.mail.onmicrosoft.com; dkim=none (message not signed) header.d=none;mitre.mail.onmicrosoft.com; dmarc=none action=none header.from=redhat.com;
Delivery-date: Tue May 17 07:46:11 2016
List-help: <mailto:LISTSERV@LISTS.MITRE.ORG?body=INFO%20CVE-EDITORIAL-BOARD-LIST>
List-owner: <mailto:CVE-EDITORIAL-BOARD-LIST-request@LISTS.MITRE.ORG>
List-subscribe: <mailto:CVE-EDITORIAL-BOARD-LIST-subscribe-request@LISTS.MITRE.ORG>
List-unsubscribe: <mailto:CVE-EDITORIAL-BOARD-LIST-unsubscribe-request@LISTS.MITRE.ORG>
Sender: <owner-cve-editorial-board-list@lists.mitre.org>
Spamdiagnosticmetadata: 43da9c421be74aed97248473db21fd15
Spamdiagnosticoutput: 1:2

I noticed that we have

Debian GNU/Linux (Linux issues only)

Red Hat, Inc. (Linux issues only)

Ubuntu Linux (Linux issues only)

Those should probably be updated to Debian/Ubuntu only (I know when I last spoke to Florian he said the Debian CNA only did CVE's for Debian stuff, not general Open Source). I don't think Ubuntu has ever issued a general CVE? Ditto for Red Hat (although Red Hat is still handling Open Source, we are planning to shift that over to the DWF officially at some point, and thus Red Hat CNA would just handle Red Hat stuff).

--
Kurt Seifried -- Red Hat -- Product Security -- Cloud
PGP A90B F995 7350 148F 66BF 7554 160D 4553 5E26 7993
Red Hat Product Security contact: secalert@redhat.com

Prev by Date: CNA requirements
Next by Date: Re: CNA requirements
Previous by thread: Re: CNA requirements
Next by thread: Draft CNA document for discussion
Index(es):
- Date
- Thread