Dennis E. Hamilton wrote on Thu, Oct 13, 2011 at 09:26:56 -0700: > CVE registrations are not the same as advisories and security-update > announcements, such as this one from a downstream dependency impacted by > vulnerability CVE-2008-2370: > <https://rhn.redhat.com/errata/RHSA-2008-0862.html>. > A CVE can be linked to the advisories that reference it, as is the case with > CVE-2008-2370.
When you identify an issue, you can obtain a CVE identifier for it by asking security@ to request an identifier for you.
