So: in order to have more control over filing of CVEs against Jackson components, we (Jackson project) would need to register as CNA (CVE Numbering Authority) for Jackson. While the process is not particularly heavy or complicated:
https://forms.monday.com/forms/0ac7c73564ba6ce893f8b1a90cc4abbd?r=use1 but it's also not something to just do without due consideration, focus. So I was wondering if anyone might be interested in driving this process? I would be happy to help, and work on actual security reports (as I have been so far). But would prefer if someone else wanted to lead the effort in setting up bit of scaffolding needed (2 landing pages, it sounds like). -+ Tatu +- -- You received this message because you are subscribed to the Google Groups "jackson-dev" group. To unsubscribe from this group and stop receiving emails from it, send an email to [email protected]. To view this discussion on the web visit https://groups.google.com/d/msgid/jackson-dev/CAL4a10gGtODfgdU9tsjU2aRnLnxxq5vgX5oBMSEyep4DkytO2A%40mail.gmail.com.
