[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

RE: Initial Guidance on Linux Issues

> -----Original Message-----
> From: owner-cve-editorial-board-list@lists.mitre.org [mailto:owner-cve-
> editorial-board-list@lists.mitre.org] On Behalf Of Mann, Dave
> Sent: 17. maj 2012 16:37
> To: Art Manion; Mark J Cox
> Cc: cve-editorial-board-list
> Subject: RE: Initial Guidance on Linux Issues
> FUNDING IS NOT THE ISSUE - I really, really, really want to keep funding
> levels out of this discussion as much as possible and keep this focused on
> prioritization and relevance. We've asked if it is required to give full
> coverage for all vulnerabilities disclosed in the following 4 Linux distros:
> Debian, Red Hat, Attachmate: SUSE and Ubuntu (Linux).  Mark has argued
> that for Red Hat, the answer is yes.  What about the other three?

From our customers' perspective, there is a definite preference for having full CVE coverage for the following in prioritised order:
Status: O

* Red Hat (specifically RHEL Server - our customers have limited interest in e.g. the desktop solutions and Fedora. A full coverage focus could, therefore, be on RHELS only).
* SUSE (both SLES and openSUSE - interest for e.g. SLED is limited)
* Debian
* Ubuntu


Med venlig hilsen / Kind regards

Carsten H. Eiram
Chief Security Specialist

Follow us on twitter

Mikado House
Rued Langgaards Vej 8
2300 Copenhagen S

Phone   +45 7020 5144
Fax       +45 7020 5145

Page Last Updated or Reviewed: November 06, 2012