Welcome to the latest issue of the CVE-Announce e-newsletter. This email newsletter is
designed to bring recent news about CVE, such as new website features, new CNAs, CVE in
the news, etc. right to your email box. Common Vulnerabilities and Exposures (CVE) is
the standard for cybersecurity vulnerability names. The CVE Board provides oversight and
input into CVE's strategic direction, ensuring CVE meets the vulnerability
identification needs of the technology community. CVE Numbering Authorities (CNAs) are
major OS vendors, security researchers, and research organizations that assign CVE
Identifiers (CVE IDs) to newly discovered issues without directly involving MITRE in the
details of the specific vulnerabilities, and include the CVE IDs in the first public
disclosure of the vulnerabilities. Details on subscribing (and unsubscribing) to the
email newsletter are at the end. Please feel free to pass this newsletter on to
interested colleagues.
Comments: cve@mitre.org
-------------------------------------------------------
CVE-Announce e-newsletter/February 7, 2017
-------------------------------------------------------
Contents:
1. New CVE Board Member from Black Duck Software
2. New CVE Blog Post: "Summary of your feedback about updating info in CVE ID
Descriptions"
3. Also in this Issue
4. Details/Credits + Subscribing and Unsubscribing
FEATURE STORY:
New CVE Board Member from Black Duck Software
William Cox of Black Duck Software, Inc. has joined the CVE Board.
Read the full announcement and welcome message in the CVE Board email discussion list
archive at: https://cve.mitre.org/data/board/archives/2017-01/msg00038.html.
LINKS:
Black Duck Software -
https://www.blackducksoftware.com/
CVE Board -
https://cve.mitre.org/community/board/index.html
CVE News page article -
https://cve.mitre.org/news/archives/2017/news.html#january262017_New_CVE_Board_Member_fr
om_Black_Duck_Software
---------------------------------------------------------------
New CVE Blog Post: "Summary of your feedback about updating info in CVE ID Descriptions"
Thank you to all of you who responded to our most recent blog post "What's your opinion
on updating CVE ID Descriptions?" about whether or not CVE ID Descriptions should be
updated as new information becomes available, or if we should we reject and recreate the
CVE IDs instead.
The majority of respondents indicated that updating CVE ID Descriptions with new
information is preferable to rejecting and issuing new CVE IDs. As the CVE program
continues to develop its policies and practices, we will consider the feedback from the
CVE community on the benefits of updating CVE entries versus issuing new CVE entries.
Please read the complete summary post at
https://cve.mitre.org/blog/index.html#february022017_Summary_of_your_feedback_about_upda
ting_info_in_CVE_ID_Descriptions
LINKS:
CVE ID Descriptions -
https://cve.mitre.org/about/faqs.html#b4
Previous Blog post -
https://cve.mitre.org/blog/index.html#december152016_What's_your_opinion_on_updating_CVE
_ID_Descriptions?
CVE Blog -
https://cve.mitre.org/blog/index.html
---------------------------------------------------------------
ALSO IN THIS ISSUE:
* Minutes from CVE Board Teleconference Meeting on January 11 Now Available
Read these stories and more news at https://cve.mitre.org/news.
---------------------------------------------------------------
Details/Credits + Subscribing and Unsubscribing
Managing Editor: Dan Adinolfi, Cyber Security Technical Center. Writer: Bob Roberge. The
MITRE Corporation (www.mitre.org) maintains CVE and provides impartial technical
guidance to the CVE Board and CVE Numbering Authorities on all matters related to
ongoing development of CVE.
To unsubscribe from the CVE-Announce e-newsletter, open a new email message and copy the
following text to the BODY of the message "SIGNOFF CVE-Announce-List", then send the
message to: listserv@lists.mitre.org. To subscribe, send an email message to
listserv@lists.mitre.org with the following text in the BODY of the message: "SUBSCRIBE
CVE-Announce-List".
Copyright 2017, The MITRE Corporation. CVE and the CVE logo are registered trademarks of
The MITRE Corporation. CVE is sponsored by US-CERT (www.us-cert.gov) in the office of
Cybersecurity and Communications (www.dhs.gov/office-cybersecurity-and-communications)
at the U.S. Department of Homeland Security (www.dhs.gov).
For more information about CVE, visit the CVE website at https://cve.mitre.org or send
an email to cve@mitre.org.
Subscribe to:
Post Comments (Atom)
No comments:
Post a Comment