再保险:[CVEPRI] 3月9至10编委会会议总结

在因3/14/00,你写道:>基因一定是偷听我们的会议。不,我只是知道,看到所有的一切。:-)不幸的是,经常痛苦.....视图>我们还考虑事情>像ICQ,永久测试版。我们基本上同意仅β>状态不是一个理由排除CVE的事情。>包含的主要标准包括生命的长度和广度都的可用性。这>并不意味着我们必须包括每一个安全漏洞在短暂的β>“true”。> >希望这清除。安迪> > > - - - - - -原始邮件- - - - - - >:清单< spaf@CERIAS.PURDUE。莫尼耶帕斯卡EDU > >: < pmeunier@PURDUE。EDU > > Cc: < cve-editorial-board-list@lists.mitre.org > >发送:3月14日,星期二,2000年14 >主题:Re: [CVEPRI] 3月9至10编委会会议总结> > > >在09:09 3/14/00,帕斯卡贝写道:> > > >董事会还回顾了CD: EX-BETA。 Attendees agreed that CVE should >> >>include problems in beta software, provided that the beta code was >> >>intended for public dissemination. >> > >> >I missed that part. I would like to know why people think that bugs >> >in admittedly buggy, pre-release, short-lived software run by a few >> >people (on hopefully sandboxed or somehow protected or unimportant >> >systems) should be of concern to the CVE. >> >> Unfortunately, the definition of "beta" that you used is not the one used >> by most vendors any more (except the buggy part). Most vendors now >> release traditionally-alpha code onto the net or in other widespread >> release and lots of people adopt it. Mozilla and Windows 2000 are >examples >> of long-lived, widesprad releases of "beta" code. >> >> --spaf >>