On Mon, Apr 29, 2019 at 6:51 AM Stanislav Malyshev <[email protected]> wrote:
> Hi! > > I have set up PHP as CNA (CVE Identifiers authority) with MITRE. That > means that we will be assigning our own CVEs from now on. The process in > broad strokes works like this: > > 1. We request a block of numbers > 2. When we have security bug, we use one of the numbers in the block > 3. We create CVE descriptions and commit them to the cvelist repo > > Much more detailed documentation on how it is done is here: > https://wiki.php.net/cve > > Me please (:
