[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

RE: CVE ID Syntax Change and Options

Most/all of our tools and software can already handle modified CVE identifiers.  Our preference would be either one or two leading zeros.

Thanks and regards,
Ken Williams, Director
CA Technologies Product Vulnerability Response Team
CA Technologies Business Unit Operations
wilja22@ca.com - 816-914-4225

-----Original Message-----
From: owner-cve-editorial-board-list@lists.mitre.org [mailto:owner-cve-editorial-board-list@lists.mitre.org] On Behalf Of Mark J Cox
Sent: Wednesday, November 07, 2012 3:31 AM
To: 'Christey, Steven M.'
Cc: 'cve-editorial-board-list (cve-editorial-board-list@lists.mitre.org)'
Subject: RE: CVE ID Syntax Change and Options

We've written most of our tools to handle CVE-\d+-\d+ already, so "extra 
digits" is our preferred option, and out of those a preference would be a 
fixed number of digits with leading 0s to reduce c&p errors.

Thanks, Mark
Mark J Cox / Senior Director, Security Engineering, Red Hat

Page Last Updated or Reviewed: January 14, 2013