Welcome to the latest issue of the CVE-Announce e-newsletter. This email newsletter is
designed to bring recent news about CVE, such as new website features, new CNAs, CVE in
the news, etc. right to your email box. Common Vulnerabilities and Exposures (CVE) is
the standard for cybersecurity vulnerability names. The CVE Board provides oversight and
input into CVE's strategic direction, ensuring CVE meets the vulnerability
identification needs of the technology community. CVE Numbering Authorities (CNAs) are
major OS vendors, security researchers, and research organizations that assign CVE
Identifiers (CVE IDs) to newly discovered issues without directly involving MITRE in the
details of the specific vulnerabilities, and include the CVE IDs in the first public
disclosure of the vulnerabilities. Details on subscribing (and unsubscribing) to the
email newsletter are at the end. Please feel free to pass this newsletter on to
interested colleagues.
Comments: cve@mitre.org
-------------------------------------------------------
CVE-Announce e-newsletter/March 7, 2017
-------------------------------------------------------
Contents:
1. CVE Launches Twitter Feed of Newest CVE IDs
2. Drupal.org Added as CVE Numbering Authority (CNA)
3. NOTICE: CVE Request Web Form - OUTAGE from 8:00 p.m.-10:00 p.m. EDT on March 8
4. Details/Credits + Subscribing and Unsubscribing
FEATURE STORY:
CVE Launches Twitter Feed of Newest CVE IDs
Please follow our new Twitter feed at https://twitter.com/CVEnew/ to get regular updates
of the newest CVE IDs.
OTHER LINKS:
CVE List -
https://cve.mitre.org/cve/cve.html
Other Data Updates and Feeds -
https://cve.mitre.org/cve/data_updates.html
CVE News page article -
https://cve.mitre.org/news/archives/2017/news.html#march022017_CVE_Launches_Twitter_Feed
_of_Newest_CVE_IDs
---------------------------------------------------------------
Drupal.org Added as CVE Numbering Authority (CNA)
Drupal.org is now a CVE Numbering Authority (CNA) for all issues for projects hosted
under Drupal.org only.
CNAs are OS and product vendors, developers, security researchers, and research
organizations that assign CVE IDs to newly discovered issues without directly involving
MITRE in the details of the specific vulnerabilities, and include the CVE IDs in the
first public disclosure of the vulnerabilities.
CNAs are the main method for requesting a CVE ID. The following 49 organizations
currently participate as CNAs: Adobe; Apache; Apple; BlackBerry; Brocade; CERT/CC; Check
Point; Cisco; Debian GNU/Linux; Dell EMC; Distributed Weakness Filing Project;
Drupal.org; F5; Fortinet; FreeBSD; Google; HackerOne; HP; Hewlett Packard Enterprise;
Huawei; IBM; ICS-CERT; Intel; ICS-CERT; ISC; JPCERT/CC; Juniper; KrCERT/CC; Larry
Cashdollar; Lenovo; MarkLogic; McAfee; Micro Focus; Microsoft; MITRE (primary CNA);
Mozilla; Nvidia; Objective Development; OpenSSL; Oracle; Puppet; Rapid 7; Red Hat;
Silicon Graphics; Symantec; Talos; TIBCO; Ubuntu Linux; VMWare; and Yandex.
For more information about requesting CVE ID numbers from CNAs, visit Request a CVE ID
on the CVE website at https://cve.mitre.org/cve/request_id.html.
LINKS:
Drupal.org -
https://www.drupal.org/
CNAs -
https://cve.mitre.org/cve/cna.html
Request a CVE ID from a CNA -
https://cve.mitre.org/cve/request_id.html
CVE News page article -
https://cve.mitre.org/news/archives/2017/news.html#February282017_Drupal.org_Added_as_CV
E_Numbering_Authority_CNA
---------------------------------------------------------------
NOTICE: CVE Request Web Form - OUTAGE from 8:00 p.m.-10:00 p.m. EDT on March 8
Due to scheduled maintenance, the CVE Request Web Form will be temporarily unavailable
from 8:00 p.m. until 10:00 p.m. Eastern time on Wednesday, March 8, 2017.
This temporary outage affects requests to MITRE only. All other CVE Numbering
Authorities (CNAs) can still be contacted during this time to request CVE IDs.
We apologize for any inconvenience. Please contact cve@mitre.org with any comments or
concerns.
LINKS:
CVE IDs -
https://cve.mitre.org/cve/cve.html
CVE Request web form -
https://cveform.mitre.org/
Request CVE IDs from CNAs -
https://cve.mitre.org/cve/request_id.html
CVE News page article -
https://cve.mitre.org/news/archives/2017/news.html#March062017_NOTICE_CVE_Request_Web_Fo
rm_Outage_from_8:00_p.m._10:00_p.m._EDT_on_March_8
---------------------------------------------------------------
Details/Credits + Subscribing and Unsubscribing
Managing Editor: Dan Adinolfi, Cyber Security Technical Center. Writer: Bob Roberge. The
MITRE Corporation (www.mitre.org) maintains CVE and provides impartial technical
guidance to the CVE Board and CVE Numbering Authorities on all matters related to
ongoing development of CVE.
To unsubscribe from the CVE-Announce e-newsletter, open a new email message and copy the
following text to the BODY of the message "SIGNOFF CVE-Announce-List", then send the
message to: listserv@lists.mitre.org. To subscribe, send an email message to
listserv@lists.mitre.org with the following text in the BODY of the message: "SUBSCRIBE
CVE-Announce-List".
Copyright 2017, The MITRE Corporation. CVE and the CVE logo are registered trademarks of
The MITRE Corporation. CVE is sponsored by US-CERT (www.us-cert.gov) in the office of
Cybersecurity and Communications (www.dhs.gov/office-cybersecurity-and-communications)
at the U.S. Department of Homeland Security (www.dhs.gov).
For more information about CVE, visit the CVE website at https://cve.mitre.org or send
an email to cve@mitre.org.
Subscribe to:
Post Comments (Atom)
No comments:
Post a Comment