[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[Xen-users] Vulnerability disclosure vs discovery

To: xen-devel@xxxxxxxxxxxxx, xen-users@xxxxxxxxxxxxx
From: Charles Gonçalves <charles.fg@xxxxxxxxx>
Date: Wed, 25 Mar 2020 10:34:38 +0000
Delivery-date: Wed, 25 Mar 2020 10:36:37 +0000
List-id: Xen user discussion <xen-users.lists.xenproject.org>

Hello,

I'm a Ph.D. candidate in UC (Portugal) working with Xen's vulnerability discovery process, right now focusing on modeling, and I'd like to understand the process before the disclosure (by XSA or CVE/NVD).

It would be nice to have a more precise date that traces a vulnerability (XSA) to its discovery rather than the public release date.

Currently, I'm parsing any references from NVD/CVE and analyzing the dates. For older XSA, this works better than from newer ones.

Is there any other place that I could find this information?

Atenciosamente,

Charles Ferreira Gonçalves

_______________________________________________
Xen-users mailing list
Xen-users@xxxxxxxxxxxxxxxxxxxx
https://lists.xenproject.org/mailman/listinfo/xen-users

Prev by Date: Re: [Xen-users] Xen 4.13 and Raspberry Pi4
Next by Date: [Xen-users] AMD Ryzen
Previous by thread: [Xen-users] Xen 4.13 on Raspberry Pi 4
Next by thread: [Xen-users] AMD Ryzen
Index(es):
- Date
- Thread

Lists.xenproject.org is hosted with RackSpace, monitoring our
servers 24x7x365 and backed by RackSpace's Fanatical Support®.