Welcome to the latest issue of the CVE-Announce e-newsletter. This email newsletter is
designed to bring recent news about CVE, such as new website features, new CNAs, CVE in
the news, etc. right to your email box. Common Vulnerabilities and Exposures (CVE) is
the standard for cybersecurity vulnerability names. The CVE Board provides oversight and
input into CVE's strategic direction, ensuring CVE meets the vulnerability
identification needs of the technology community. CVE Numbering Authorities (CNAs) are
major OS vendors, security researchers, and research organizations that assign CVE
Identifiers (CVE IDs) to newly discovered issues without directly involving MITRE in the
details of the specific vulnerabilities, and include the CVE IDs in the first public
disclosure of the vulnerabilities. Details on subscribing (and unsubscribing) to the
email newsletter are at the end. Please feel free to pass this newsletter on to
interested colleagues.
Comments: cve@mitre.org
-------------------------------------------------------
CVE-Announce e-newsletter/April 5, 2017
-------------------------------------------------------
Contents:
1. Two Organizations Added as CVE Numbering Authorities (CNAs): Siemens and Qualcomm
2. Minutes from CVE Board Teleconference Meeting on March 8 Now Available
3. Follow us on LinkedIn and Twitter
4. Details/Credits + Subscribing and Unsubscribing
FEATURE STORY:
Two Organizations Added as CVE Numbering Authorities (CNAs): Siemens and Qualcomm
Two additional organizations are now CVE Numbering Authorities (CNAs): Siemens AG for
Siemens issues only, and Qualcomm, Inc. for Qualcomm and Snapdragon issues only.
CNAs are OS and product vendors, developers, security researchers, and research
organizations that assign CVE IDs to newly discovered issues without directly involving
MITRE in the details of the specific vulnerabilities, and include the CVE IDs in the
first public disclosure of the vulnerabilities.
CNAs are the main method for requesting a CVE ID. The following 54 organizations
currently participate as CNAs: Adobe; Apache; Apple; BlackBerry; Brocade; Canonical;
CERT/CC; Check Point; Cisco; Debian GNU/Linux; Dell EMC; Distributed Weakness Filing
Project; Drupal.org; F5; Flexera Software; Fortinet; FreeBSD; Google; HackerOne; HP;
Hewlett Packard Enterprise; Huawei; IBM; ICS-CERT; Intel; ISC; JPCERT/CC; Juniper;
KrCERT/CC; Larry Cashdollar; Lenovo; MarkLogic; McAfee; Micro Focus; Microsoft; MITRE
(primary CNA); Mozilla; Netgear; Nvidia; Objective Development; OpenSSL; Oracle; Puppet;
Qihoo 360; Qualcomm; Rapid 7; Red Hat; Siemens; Silicon Graphics; Symantec; Talos;
TIBCO; VMware; and Yandex.
For more information about requesting CVE ID numbers from CNAs, visit Request a CVE ID
on the CVE website at https://cve.mitre.org/cve/request_id.html.
LINKS:
Siemens -
https://www.siemens.com/cert
Qualcomm -
https://www.qualcomm.com/
CNAs -
https://cve.mitre.org/cve/cna.html
Request a CVE ID from a CNA -
https://cve.mitre.org/cve/request_id.html
CVE News page articles -
https://cve.mitre.org/news/archives/2017/news.html#April42017_Qualcomm_Added_as_CVE_Numb
ering_Authority_CNA
https://cve.mitre.org/news/archives/2017/news.html#March232017_Siemens_Added_as_CVE_Numb
ering_Authority_CNA
---------------------------------------------------------------
Minutes from CVE Board Teleconference Meeting on March 8 Now Available
The CVE Board held a teleconference meeting on March 8, 2017. Read the meeting minutes
at https://cve.mitre.org/data/board/archives/2017-03/msg00032.html.
The CVE Board includes numerous cybersecurity-related organizations including commercial
security tool vendors, academia, research institutions, government departments and
agencies, and other prominent security experts, as well as end-users of vulnerability
information. Through open and collaborative discussions, the Board provides critical
input regarding the data sources, product coverage, coverage goals, operating structure,
and strategic direction of the CVE program.
For additional information about the CVE Board, visit
https://cve.mitre.org/community/board/index.html.
LINKS:
CVE Board Current Members -
https://cve.mitre.org/community/board/index.html#current_members
Board Meetings Archive -
https://cve.mitre.org/community/board/archive.html#meeting_summaries
CVE News page article -
https://cve.mitre.org/news/archives/2017/news.html#March302017_Minutes_from_CVE_Board_Te
leconference_Meeting_on_March_8_Now_Available
---------------------------------------------------------------
Follow us on LinkedIn and Twitter
Please follow us on Twitter for the latest from CVE:
* Feed of the latest CVE IDs -
https://twitter.com/CVEnew/
* Feed of news and announcements about CVE -
https://twitter.com/CVEannounce/
Please also visit us on LinkedIn to more easily comment on our news articles and CVE
Blog posts:
* CVE-CWE-CAPEC on LinkedIn -
https://www.linkedin.com/company/11033649
* CVE Blog -
https://cve.mitre.org/blog/
---------------------------------------------------------------
Details/Credits + Subscribing and Unsubscribing
Managing Editor: Dan Adinolfi, Cyber Security Technical Center. Writer: Bob Roberge. The
MITRE Corporation (www.mitre.org) maintains CVE and provides impartial technical
guidance to the CVE Board and CVE Numbering Authorities on all matters related to
ongoing development of CVE.
To unsubscribe from the CVE-Announce e-newsletter, open a new email message and copy the
following text to the BODY of the message "SIGNOFF CVE-Announce-List", then send the
message to: listserv@lists.mitre.org. To subscribe, send an email message to
listserv@lists.mitre.org with the following text in the BODY of the message: "SUBSCRIBE
CVE-Announce-List".
Copyright 2017, The MITRE Corporation. CVE and the CVE logo are registered trademarks of
The MITRE Corporation. CVE is sponsored by US-CERT (www.us-cert.gov) in the office of
Cybersecurity and Communications (www.dhs.gov/office-cybersecurity-and-communications)
at the U.S. Department of Homeland Security (www.dhs.gov).
For more information about CVE, visit the CVE website at https://cve.mitre.org or send
an email to cve@mitre.org.
Subscribe to:
Post Comments (Atom)
No comments:
Post a Comment