[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Request to include Board members in a press release about CVE IDsyntax change


As we approach the end of 2014, MITRE is planning one last major push to raise awareness about the CVE ID syntax change.  We have been contacting various organizations to see if they are willing to be listed in our press release and/or offer a quote on the CVE web site.  We are working to get as much attention as possible from this press release and any associated articles.  The primary goal is to reach vendors and/or consumers who haven't heard of the change or planned for it yet (while surprising, it's clear that many have not heard this yet).

More details are below.  Please contact cve-id-change@mitre.org if you wish to participate.

- Steve



As you know, the CVE-ID syntax has changed so that 5 digits or more
can be used, such as CVE-2014-12345, CVE-2014-7654321, etc.

On September 16, MITRE will be issuing a press release to announce
that time is running out; we will release a 5-digit CVE-ID at the end
of 2014, or the beginning of 2015 at the latest.  We hope that this
press release, along with the looming deadline, will receive some
attention within the security and general IT media.

In our press release, we would like to state that your organization
can already support the new syntax or is otherwise on schedule to be
able to support the new syntax.

In a web page related to the release, we also plan to include
supporting quotes, if you wish to provide them.  We do not currently
plan to include quotes within the press release itself.

We have a draft press release available for you to examine.  If you
wish to issue your own release at the same time, we can coordinate
with you about it.

If you're interested, please contact us at cve-id-change@mitre.org.

Thank you,
Steve Christey Coley
CVE Editor

Page Last Updated or Reviewed: April 14, 2015