Article 4RTK3 [$] What to do about CVE numbers

[$] What to do about CVE numbers

by
corbet
from LWN.net on (#4RTK3)
Common Vulnerability and Exposure (CVE) numbers have been used for manyyears as a way of uniquely identifying software vulnerabilities. It hasbecome increasingly clear in recent years that there are problems with CVEnumbers, though, and increasing numbers ofvulnerabilities are not being assigned CVE numbers at all. At the 2019 Kernel Recipes event, GregKroah-Hartman delivered a "40-minute rant with an unsatisfactoryconclusion" on CVE numbers and how the situation might be improved. The conclusion may be"unsatisfactory", but it seems destined to stir up some discussionregardless.
External Content
Source RSS or Atom Feed
Feed Location http://lwn.net/headlines/rss
Feed Title LWN.net
Feed Link https://lwn.net/
Reply 0 comments