oss-sec mailing list archives
Re: Re: CVE Request: MCabber: remote attackers can modify the roster and intercept messages via a crafted roster-push IQ stanza
From: Salvatore Bonaccorso <carnil () debian org>
Date: Wed, 14 Dec 2016 16:27:57 +0100
Hi Sam, On Mon, Dec 12, 2016 at 10:40:16AM -0600, Sam Whited wrote:
Oops, I got the autoreply about not using this list to request CVEs after sending that message; now I'm a bit more confused about the current procedure; please advise.
Almost sure the autoreply came not from oss-security, but from the cve-assign () mitre org. But the autoreply should contain a note like:
[...] In the special case of communications involving a publicly known vulnerability on the oss-security mailing list, please do not use the https://cveform.mitre.org web site at this time, and instead send new or followup messages directly to that mailing list. (If your message pertains to a topic on the oss-security mailing list, and you are receiving an auto-response from the cve-assign () mitre org address, then you can ignore that auto-response.)
Was this the case? HTH, Regards, Salvatore
Current thread:
- CVE Request: MCabber: remote attackers can modify the roster and intercept messages via a crafted roster-push IQ stanza Salvatore Bonaccorso (Dec 09)
- Re: CVE Request: MCabber: remote attackers can modify the roster and intercept messages via a crafted roster-push IQ stanza Mathieu Pasquet (Dec 09)
- Re: CVE Request: MCabber: remote attackers can modify the roster and intercept messages via a crafted roster-push IQ stanza cve-assign (Dec 11)
- Re: Re: CVE Request: MCabber: remote attackers can modify the roster and intercept messages via a crafted roster-push IQ stanza Sam Whited (Dec 12)
- Re: Re: CVE Request: MCabber: remote attackers can modify the roster and intercept messages via a crafted roster-push IQ stanza Sam Whited (Dec 12)
- Re: Re: CVE Request: MCabber: remote attackers can modify the roster and intercept messages via a crafted roster-push IQ stanza Salvatore Bonaccorso (Dec 14)
- Re: Re: CVE Request: MCabber: remote attackers can modify the roster and intercept messages via a crafted roster-push IQ stanza Sam Whited (Dec 12)
- Re: CVE Request: MCabber: remote attackers can modify the roster and intercept messages via a crafted roster-push IQ stanza Salvatore Bonaccorso (Dec 12)