Welcome to the latest issue of the CVE-Announce e-newsletter. This email newsletter is
designed to bring recent news about CVE, such as new website features, new CNAs, CVE in
the news, etc. right to your email box. Common Vulnerabilities and Exposures (CVE) is
the standard for cybersecurity vulnerability names. The CVE Board provides oversight and
input into CVE's strategic direction, ensuring CVE meets the vulnerability
identification needs of the technology community. CVE Numbering Authorities (CNAs) are
major OS vendors, security researchers, and research organizations that assign CVE
Identifiers (CVE IDs) to newly discovered issues without directly involving MITRE in the
details of the specific vulnerabilities, and include the CVE IDs in the first public
disclosure of the vulnerabilities. Details on subscribing (and unsubscribing) to the
email newsletter are at the end. Please feel free to pass this newsletter on to
interested colleagues.
Comments: cve@mitre.org
-------------------------------------------------------
CVE-Announce e-newsletter/June 7, 2017
-------------------------------------------------------
Contents:
1. Three Organizations Added as CVE Numbering Authorities (CNAs): CA, Dahua, and
Synology
2. Also in this Issue
3. Follow us on LinkedIn and Twitter
4. Details/Credits + Subscribing and Unsubscribing
FEATURE STORY:
Three Organizations Added as CVE Numbering Authorities (CNAs): CA, Dahua, and Synology
Three additional organizations are now CVE Numbering Authorities (CNAs): CA Technologies
for CA issues only; Dahua Technologies for Dahua issues only; and Synology Inc. for
Synology issues including its network attached storage (NAS) products only.
CNAs are OS and product vendors, developers, security researchers, and research
organizations that assign CVE IDs to newly discovered issues without directly involving
MITRE in the details of the specific vulnerabilities, and include the CVE IDs in the
first public disclosure of the vulnerabilities.
CNAs are the main method for requesting a CVE ID. The following 61 organizations
currently participate as CNAs: Adobe; Apache; Apple; BlackBerry; Brocade; CA; Canonical;
CERT/CC; Check Point; Cisco; Dahua; Debian GNU/Linux; Dell EMC; Distributed Weakness
Filing Project; Drupal.org; Eclipse Foundation; Elastic; F5; Flexera Software; Fortinet;
FreeBSD; Google; HackerOne; HP; Hewlett Packard Enterprise; Huawei; IBM; ICS-CERT;
Intel; IOActive; ISC; JPCERT/CC; Juniper; KrCERT/CC; Larry Cashdollar; Lenovo;
MarkLogic; McAfee; Micro Focus; Microsoft; MITRE (primary CNA); Mozilla; Netgear;
Nvidia; Objective Development; OpenSSL; Oracle; Puppet; Qihoo 360; Qualcomm; Rapid 7;
Red Hat; Schneider Electric; Siemens; Silicon Graphics; Symantec; Synology; Talos;
TIBCO; VMware; and Yandex.
For more information about requesting CVE ID numbers from CNAs, visit Request a CVE ID
on the CVE website at https://cve.mitre.org/cve/request_id.html.
LINKS:
CA -
https://www.ca.com/
Dahua -
http://www.dahuasecurity.com/
Synology -
https://www.synology.com/
CNAs -
https://cve.mitre.org/cve/cna.html
Request a CVE ID from a CNA -
https://cve.mitre.org/cve/request_id.html
Become a CNA -
https://cve.mitre.org/cve/cna.html#become_a_cna
CVE News page articles -
https://cve.mitre.org/news/archives/2017/news.html#June52017_CA_Technologies_Added_as_CV
E_Numbering_Authority_CNA
https://cve.mitre.org/news/archives/2017/news.html#June52017_Dahua_Added_as_CVE_Numberin
g_Authority_CNA
https://cve.mitre.org/news/archives/2017/news.html#June12017_Synology_Added_as_CVE_Numbe
ring_Authority_CNA
---------------------------------------------------------------
ALSO IN THIS ISSUE:
* Ambionics Security Makes Declaration of CVE Compatibility
* Bluedon Information Security Technologies Makes Declaration of CVE Compatibility
* Minutes from CVE Board Teleconference Meeting on May 3 Now Available
Read these stories and more news at https://cve.mitre.org/news/archives/2017/news.html.
---------------------------------------------------------------
Follow us on LinkedIn and Twitter
Please follow us on Twitter for the latest from CVE:
* Feed of the latest CVE IDs -
https://twitter.com/CVEnew/
* Feed of news and announcements about CVE -
https://twitter.com/CVEannounce/
Please also visit us on LinkedIn to more easily comment on our news articles and CVE
Blog posts:
* CVE-CWE-CAPEC on LinkedIn -
https://www.linkedin.com/company/11033649
* CVE Blog -
https://cve.mitre.org/blog/
---------------------------------------------------------------
Details/Credits + Subscribing and Unsubscribing
Managing Editor: Dan Adinolfi, Cyber Security Technical Center. Writer: Bob Roberge. The
MITRE Corporation (www.mitre.org) maintains CVE and provides impartial technical
guidance to the CVE Board and CVE Numbering Authorities on all matters related to
ongoing development of CVE.
To unsubscribe from the CVE-Announce e-newsletter, open a new email message and copy the
following text to the BODY of the message "SIGNOFF CVE-Announce-List", then send the
message to: listserv@lists.mitre.org. To subscribe, send an email message to
listserv@lists.mitre.org with the following text in the BODY of the message: "SUBSCRIBE
CVE-Announce-List".
Copyright 2017, The MITRE Corporation. CVE and the CVE logo are registered trademarks of
The MITRE Corporation. CVE is sponsored by US-CERT (www.us-cert.gov) in the office of
Cybersecurity and Communications (www.dhs.gov/office-cybersecurity-and-communications)
at the U.S. Department of Homeland Security (www.dhs.gov).
For more information about CVE, visit the CVE website at https://cve.mitre.org or send
an email to cve@mitre.org.
Subscribe to:
Post Comments (Atom)
No comments:
Post a Comment