Techly NewsGet the app

Get the latest tech news

Linux Becomes a CVE Numbering Authority (Like Curl and Python). Is This a Turning Point?


From a blog post by Greg Kroah-Hartman: As was recently announced, the Linux kernel project has been accepted as a CVE Numbering Authority (CNA) for vulnerabilities found in Linux. This is a trend, of more open source projects taking over the haphazard assignments of CVEs against their project by...

I'd also like to thank the cve.org group and board as they all made the application process very smooth for us and provided loads of help in making this all possible. It's also work that it looks like all open source projects might be mandated to do with the recent rules and laws being enacted in different parts of the world, so having this in place with the kernel will allow us to notify all sorts of different CNA-like organizations if needed in the future. alanw(Slashdot reader #1,822) worries this could overwhelm the CVE infrastructure, pointing to an ongoing discussion at LWN.net.

Get the Android app

Or read this on Slashdot

Read more on:

Photo of Linux

Linux

Photo of python

python

Photo of turning point

turning point

Related news:

News photo

Shim vulnerability exposes most Linux systems to attack

News photo

Microsoft is bringing Linux’s sudo command to Windows 11

News photo

Critical vulnerability affecting most Linux distros allows for bootkits | Buffer overflow in bootloader shim allows attackers to run code each time devices boot up

« Israel Summons Brazil Ambassador After Lula’s Comments on Gaza
Can Robots.txt Files Really Stop AI Crawlers? »