About CVE

Terminology
Documents
FAQs
CVE List

About CVE Identifiers
Obtain a CVE Identifier
Search CVE
Search NVD
CVE In Use

CVE Compatible Products
NVD for CVE Fix Information
More . . .
News & Events

Calendar
Free Newsletter
Community

CVE Editorial Board
Sponsor
Contact Us

Search the Site

CVE Community

Editorial Board
Mail List & Meetings Archive
Roles, Tasks, & Qualifications
Adding New Members
Sponsor

CVE In Use

CVE Compatible Products and Services
More . . .

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[CVEPRI] Upcoming CVE Activities

To: cve-editorial-board-list@lists.mitre.org
Subject: [CVEPRI] Upcoming CVE Activities
From: "Steven M. Christey" <coley@MITRE.ORG>
Date: Tue, 24 Aug 2004 16:15:04 -0400 (EDT)
Delivery-Date: Tue Aug 24 16:15:20 2004
Sender: owner-cve-editorial-board-list@lists.mitre.org

All,

It's been quiet on this mailing list, but it's hardly been quiet for
CVE.

I am about to release a new CVE version, but first, approximately 500
candidates will need to be moved to the INTERIM phase.  That will be
in a separate email, coming tonight.

The new CVE version will include references to both OSVDB and OVAL.
You may have noticed large scale additions of these references, and
others, over the past couple of weeks.

We will also be publishing the CVE and candidate lists in XML format.

The CVE version *after that* will likely include promotions of many
other candidates, as I am satisfied that content decisions like
CD:SF-LOC and CD:SF-EXEC have proven themselves to be stable,
repeatable, and reliable over the past couple years.  The various
Candidate Numbering Authorities have been using them independently,
without any major errors (allowing for the fact that CNA assignment
happens very early in the disclosure process.)

We also have a number of candidates waiting in the wings to be created
and proposed to the Editorial Board.  My colleague on the CVE content
team, Jen Schommer, has been diligently doing the background work on
creating these new issues, which should only require light editing
from me.  I am grateful to her for her efforts.

We have also been gearing up for our second round of evaluations for
certificates of CVE Compatibility, especially in the area of mapping
accuracy.  We've established a team and done much of the background
work and development necessary to complete these evaluations
effectively.  Barbara Pease, our longest-standing content team member,
will lead this effort.

While it is still in the very early stages, we have been taking a
close look at how to handle configuration issues in CVE.  Another
content team member, Charles Schmidt, has been doing some of this
development work, with Adam Shostack consulting.

In recent months, I've received inquiries from various Editorial Board
members regarding Board participation.  Managing and communicating
with the Editorial Board has been a lower priority than this
long-overdue new CVE version, but it's clear that a teleconference is
in order.  I propose that we hold a telecon sometime during the week
of September 13 through 17.  Soon after this telecon, we will be
saying goodbye to some Board members, and adding new ones who have
been patiently waiting in the wings.



- Steve

Next by Date: [INTERIM] ACCEPT 480 candidates (Final Decision September 1)
Next by thread: [INTERIM] ACCEPT 480 candidates (Final Decision September 1)
Index(es):
- Date
- Thread

Page Last Updated: May 22, 2007