Fedora 7 and the Security Response Team
Mark J Cox
mjc at redhat.com
Mon Jun 11 15:59:18 UTC 2007
> - Only security bugs with CVE's are tracked? What if we spot something
> that has no CVE?
If it's something that is already public (for example some description of
the flaw exists outside of bugzilla and it's obvious it's a security
issue) then we can alert Mitre and they'll assign a name within a day or
two.
If it's something that's not particularly public (for example someone
reports an issue but not obvious it has security consequences) then I am a
Candidate Naming Authority for CVE and can allocate a name to Fedora.
Thanks, Mark
--
Mark J Cox / Red Hat Security Response Team
More information about the Fedora-security-list
mailing list