Welcome to the latest issue of the CVE-Announce e-newsletter. This email newsletter is
designed to bring recent news about CVE, such as new compatible products, new website
features, CVE in the news, etc. right to your email box. Common Vulnerabilities and
Exposures (CVE) is the standard for cyber security vulnerability names. The CVE Board
provides oversight and input into CVE's strategic direction, ensuring CVE meets the
vulnerability identification needs of the technology community. CVE Numbering
Authorities (CNAs) are major OS vendors, security researchers, and research
organizations that assign CVE Identifiers (CVE IDs) to newly discovered issues without
directly involving MITRE in the details of the specific vulnerabilities, and include the
CVE IDs in the first public disclosure of the vulnerabilities. Details on subscribing
(and unsubscribing) to the email newsletter are at the end. Please feel free to pass
this newsletter on to interested colleagues.
Comments: cve@mitre.org
-------------------------------------------------------
CVE-Announce e-newsletter/September 26, 2016
-------------------------------------------------------
Contents:
1. CVE Refreshes Website with New Look and Feel and Easier-to-Use Navigation Menus
2. New CVE Board Charter Is Approved
3. Minutes from CVE Board Teleconference Meeting on August 25 Now Available
4. Apache Software Foundation and Intel Corporation Added as CVE Numbering Authorities
(CNAs)
5. Also in this Issue
6. Details/Credits + Subscribing and Unsubscribing
FEATURE STORY:
CVE Refreshes Website with New Look and Feel and Easier-to-Use Navigation Menus
We have updated the CVE website to streamline site navigation for an improved user
experience. The main navigation menu is now located in an easy-to-access menu bar at the
top of every page, and expanded Section Contents menus for each section of the website
are on the left of each interior page.
The homepage has also been refreshed and now includes quick-access links to the most
frequently requested information about CVE including requesting CVE IDs, updating
information in CVE IDs, access to the various CVE List downloads, and where to find data
feeds of CVE content.
The website is now organized into these main sections:
* CVE IDs - visit to search, download, or view the CVE List; request CVE IDs; update
information in CVE IDs; and to view other supporting information and documentation about
CVE IDs and the CVE List
* About CVE - visit for an overview of the CVE effort, answers to FAQs, and our
documents archive
* Compatible Products & More - visit to see the numerous products and services that use,
or are built upon, CVE IDs
* Community - visit to learn more about CVE Numbering Authorities (CNAs); the CVE Board
including links to meeting summaries and a discussion archive; the CVE Sponsor; and
other community members
* News - visit for the latest CVE news, and to sign-up for our free e-newsletter
* Site Search - visit to search this website, for links to other searches including the
CVE List and the enhanced CVE content search in the U.S. National Vulnerability
Database, and for access to our site map
Additional updates will be coming soon, so please check back frequently.
Please send any comments or concerns to cve@mitre.org.
LINKS:
CVE website -
https://cve.mitre.org/
CVE News page article -
https://cve.mitre.org/news/archives/2016/news.html#september132016_CVE_Refreshes_Website
_with_New_Look_and_Feel_and_Easier_to_Use_Navigation_Menus
---------------------------------------------------------------
New CVE Board Charter Is Approved
We are pleased to announce that the CVE Board has approved the latest version of the
"CVE Board Charter," which includes several important updates to membership, board
member roles and responsibilities, as well as a number of policy and procedure changes.
This update was the result of many hours of hard work by the Board, and the resulting
document better positions CVE for success as it expands its reach to other sectors.
LINKS:
CVE Board Charter -
https://cve.mitre.org/community/board/charter.html
CVE Board Current Members -
https://cve.mitre.org/community/board/index.html
CVE News page article -
https://cve.mitre.org/news/archives/2016/news.html#september132016_New_CVE_Board_Charter
_Is_Approved
---------------------------------------------------------------
Minutes from CVE Editorial Board Teleconference Meeting on August 25 Now Available
The CVE Editorial Board held a teleconference meeting on August 25, 2016. Read the
meeting minutes at https://cve.mitre.org/data/board/archives/2016-09/msg00004.html.
OTHER LINKS:
CVE Editorial Board -
https://cve.mitre.org/community/board/
CVE News page article -
https://cve.mitre.org/news/archives/2016/news.html#september202016_Minutes_from_CVE_Boar
d_Teleconference_Meeting_on_August_25_Now_Available
---------------------------------------------------------------
Apache Software Foundation and Intel Corporation Added as CVE Numbering Authorities
(CNAs)
Intel Corporation and Apache Software Foundation are now CVE Numbering Authorities
(CNAs). CNAs are OS and product vendors, developers, security researchers, and research
organizations that assign CVE IDs to newly discovered issues without directly involving
MITRE in the details of the specific vulnerabilities, and include the CVE IDs in the
first public disclosure of the vulnerabilities.
CNAs are the main method for requesting a CVE ID. The following 27 organizations
currently participate as CNAs: Adobe; Apache; Apple; BlackBerry; CERT/CC; Cisco; Debian
GNU/Linux; Distributed Weakness Filing Project; EMC; FreeBSD; Google; HP; Hewlett
Packard Enterprise; IBM; ICS-CERT; Intel; JPCERT/CC; Juniper; Micro Focus; Microsoft;
MITRE (primary CNA); Mozilla; Oracle; Red Hat; Silicon Graphics; Symantec; and Ubuntu
Linux.
For more information about requesting CVE IDs from CNAs, visit the CVE Numbering
Authorities page on the CVE website.
LINKS:
Apache -
https://www.apache.org/
Intel -
http://www.intel.com/
CNAs -
https://cve.mitre.org/cve/cna.html
CVE IDs -
https://cve.mitre.org/cve/identifiers/index.html
CVE News page article -
https://cve.mitre.org/news/archives/2016/news.html#august192016_Apache_Software_Foundati
on_and_Intel_Corporation_Added_as_CVE_Numbering_Authority_CNA
---------------------------------------------------------------
ALSO IN THIS ISSUE:
* CVE Mentioned in Article about a Zero-Day MySQL Vulnerability on ZDNet
* CVE Mentioned in Article about a Severe WebEx Vulnerability on The Register
* CVE IDs Assigned for Public Vulnerabilities Related to "The Shadow Brokers"
Disclosures
Read these stories and more news at https://cve.mitre.org/news.
---------------------------------------------------------------
Details/Credits + Subscribing and Unsubscribing
Managing Editor: Dan Adinolfi, Cyber Security Technical Center. Writer: Bob Roberge. The
MITRE Corporation (www.mitre.org) maintains CVE and provides impartial technical
guidance to the CVE Board and CVE Numbering Authorities on all matters related to
ongoing development of CVE.
To unsubscribe from the CVE-Announce e-newsletter, open a new email message and copy the
following text to the BODY of the message "SIGNOFF CVE-Announce-List", then send the
message to: listserv@lists.mitre.org. To subscribe, send an email message to
listserv@lists.mitre.org with the following text in the BODY of the message: "SUBSCRIBE
CVE-Announce-List".
Copyright 2016, The MITRE Corporation. CVE and the CVE logo are registered trademarks of
The MITRE Corporation. CVE is sponsored by US-CERT (www.us-cert.gov) in the office of
Cybersecurity and Communications (www.dhs.gov/office-cybersecurity-and-communications)
at the U.S. Department of Homeland Security (www.dhs.gov).
For more information about CVE, visit the CVE website at https://cve.mitre.org or send
an email to cve@mitre.org.
Monday, September 26, 2016
Subscribe to:
Comments (Atom)
