The release notes for the new version reference some CVEs that 
have not been publically released yet. Are they slow, or is 
this something that needs to be added to the release 
process checklist? 

For example, see the CVE hyperlink for json parsing at:

which leads to:

It's also possible the wrong CVE was entered, but I don't see 
one that seems to pertain to the issue described (and 
CVE-2015-5288, -3166, -3167, -0243, -0244 are in the same boat).

Greg Sabino Mullane
End Point Corporation
PGP Key: 0x14964AC8

Attachment: signature.asc
Description: Digital signature

Reply via email to