[32440] in bugtraq
Re: Funny article
daemon@ATHENA.MIT.EDU (Systems Administrator)
Fri Nov 14 16:36:04 2003
Date: Fri, 14 Nov 2003 10:52:07 +1100 (EST)
From: Systems Administrator <sysadmin@sunet.com.au>
To: "Steven M. Christey" <coley@mitre.org>
Cc: bugtraq@securityfocus.com
In-Reply-To: <200311132304.hADN42TV005857@linus.mitre.org>
Message-ID: <Pine.LNX.4.44.0311141047090.4764-100000@ganymede.bcc.local>
MIME-Version: 1.0
Content-Type: TEXT/PLAIN; charset=ISO-8859-1
Content-Transfer-Encoding: 8BIT
Quick question: would it make sense to have somewhere:
- A common (computer/human readable) format for vulnerability
disclosures
- A common format for bugfix publications
?
I was thinking something like:
Software name: foo-package
Software version: 2.4-2.6,3.1
Vulnerability type: ...
.
.
.
And also some documentation on how to fill in each (eg.
vulnerability type)? And specify that these be text attachments to
e-mails, or something, so that computers can read them, and people can
read them, and it'll make everything easy.
Is there something like this already, or another forum where I
should be asking this instead?
:)
--
Tim Nelson
Systems Administrator
Sunet Internet
Tel: +61 3 5241 1155
Fax: +61 3 5241 6187
Web: http://www.sunet.com.au/
Email: sysadmin@sunet.com.au
