daniel:// stenberg://4d ago

a CVE dispute. What a great system.

https://daniel.haxx.se/blog/2026/06/24/a-cve-dispute/

a CVE dispute

A few years years ago the curl project signed up and became a CNA. This means that we are masters of and can allocate our own CVE identifiers. For any security problems within our territory, it is we who decides if the issue should get a CVE our not. No more bogus CVEs. 57 CVEs … Continue reading a CVE dispute →

daniel.haxx.se
Show threadMark Esler4d ago

@bagder would nominating https://www.cve.org/PartnerInformation/ListofPartners/partner/redhat as your CNA's root help avoid MITRE?

MITRE sits above other roots, but if the processes flows to Pete's group first it might squelch the noise https://www.cve.org/programorganization/Structure

Show threaddaniel:// stenberg://4d ago
@eslerm our root is Red Hat already. I don't know why MITRE was involved here
Show threadMark Esler
@bagder 😔
Jun 24 at 10:37pmWeb