oss-sec mailing list archives

why many CVEs are RESERVED on Mitre

From: Sona Sarmadi <sona.sarmadi () enea com>
Date: Wed, 14 Dec 2016 09:44:52 +0100

Hi again,

Does anyone know why Mitre lists many CVEs ** RESERVED ** while they are
public (e.g. curl CVEs below)?

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8615

https://curl.haxx.se/docs/security.html:

CVE-2016-8615
CVE-2016-8616
CVE-2016-8617
CVE-2016-8618
CVE-2016-8619
CVE-2016-8620
CVE-2016-8621
CVE-2016-8622
CVE-2016-8623
CVE-2016-8624
CVE-2016-8625

Shouldn't Mitre follow a process and update the page after CVEs have
been made public e.g. by upstream project? Or perhaps there is another
reason for these CVEs not to be updated?

Best,
---------------------------------------
Sona Sarmadi
Security Responsible for Enea Linux

Attachment: signature.asc
Description: OpenPGP digital signature

Current thread:

why many CVEs are ** RESERVED ** on Mitre Sona Sarmadi (Dec 14)
- Re: why many CVEs are ** RESERVED ** on Mitre Kurt Seifried (Dec 14)
  - Re: why many CVEs are ** RESERVED ** on Mitre Sevan Janiyan (Dec 14)
    - Re: why many CVEs are ** RESERVED ** on Mitre Kurt Seifried (Dec 14)
    - Re: why many CVEs are ** RESERVED ** on Mitre Sevan Janiyan (Dec 14)
    - Re: why many CVEs are ** RESERVED ** on Mitre Marcus Meissner (Dec 14)
    - Re: why many CVEs are ** RESERVED ** on Mitre Kurt Seifried (Dec 14)
    - Re: why many CVEs are ** RESERVED ** on Mitre Sona Sarmadi (Dec 14)

oss-sec mailing list archives

why many CVEs are ** RESERVED ** on Mitre

Current thread:

why many CVEs are RESERVED on Mitre