Groups | Search | Server Info | Login | Register
Groups > linux.debian.security > #4531
| From | "Wheeler, David A" <dwheeler@ida.org> |
|---|---|
| Newsgroups | linux.debian.security |
| Subject | Should Debian ask for a CPE when a CVE in Debian is found? |
| Date | 2016-02-12 17:30 +0100 |
| Message-ID | <r1oLw-Wf-23@gated-at.bofh.it> (permalink) |
| Organization | linux.* mail to news gateway |
[Multipart message — attachments visible in raw view] - view raw
Should Debian's security team ask for a Common Platform Enumeration (CPE) id when a related CVE is found/reported fixed? CPEs are used to by some systems to identify software (including, optionally, specific version numbers of software). Some security scanning automated tools use CPEs for identification. More info on requesting CPEs here: https://nvd.nist.gov/cpe.cfm I thought I'd raise the idea. Thanks! --- David A. Wheeler
Back to linux.debian.security | Previous | Next — Next in thread | Find similar
Should Debian ask for a CPE when a CVE in Debian is found? "Wheeler, David A" <dwheeler@ida.org> - 2016-02-12 17:30 +0100
RE: Should Debian ask for a CPE when a CVE in Debian is found? "Booth, Harold" <harold.booth@nist.gov> - 2016-02-12 19:30 +0100
Re: Should Debian ask for a CPE when a CVE in Debian is found? Paul Wise <pabs@debian.org> - 2016-02-13 22:00 +0100
Re: Should Debian ask for a CPE when a CVE in Debian is found? Holger Levsen <holger@layer-acht.org> - 2016-02-15 10:10 +0100
Re: Should Debian ask for a CPE when a CVE in Debian is found? Vulchev <v.vulchev@gmail.com> - 2016-02-15 10:30 +0100
Re: Should Debian ask for a CPE when a CVE in Debian is found? Elmar Stellnberger <estellnb@gmail.com> - 2016-02-15 10:40 +0100
Re: Should Debian ask for a CPE when a CVE in Debian is found? "georg@riseup.net" <georg@riseup.net> - 2016-02-15 18:40 +0100
Re: Should Debian ask for a CPE when a CVE in Debian is found? Paul Wise <pabs@debian.org> - 2016-02-16 00:50 +0100
csiph-web