[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]
Subject: Re: [csaf] CSAF JSON Schema - what to do about product statuses?
I like the suggested approach.
A separate note about the “product statuses”: a while back it was suggested to also add the product status of “under investigation”. Since some vendors may put an early response/advisory to a zero day (or open source vulnerability) and put products under
investigation in their advisories and then update when the investigation is over. Not suggesting to decide on this now, since the current activity is to first convert the current specification in JSON; but something to keep in mind. I will put that in a Jira
issue so that we can discuss at a later time.
Regards,
Omar Santos
PSIRT, Security Research and Operations
Cisco Systems, Inc.
Email: os@cisco.com
Phone: +1
919 392 8635
PGP Key: 0x3AF27EDC
|
[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]