FYI, The ioquake3.org blog post was updated to reference me as the reporter.
On Tue, Mar 14, 2017 at 4:42 PM, Victor Roemer <vroe...@badsec.org> wrote: > Any way we can amend that? > > On Tue, Mar 14, 2017 at 3:31 PM, Simon McVittie <s...@debian.org> wrote: > >> On Tue, 14 Mar 2017 at 13:38:37 -0400, Victor Roemer wrote: >> > I originally reported the vulnerability to ioquake3. I'd like to help >> with the >> > CVE however I can. >> > I'm not familiar with CVE reports which is why one hasn't already been >> written. >> >> MITRE's new process really doesn't help matters there... >> >> I've requested a CVE ID, with this bug given as a contact address. >> Hopefully that will work. >> >> Sorry, I didn't see this email until after I had sent the CVE request, >> and the ioquake3 maintainers didn't credit you in their advisory, so >> the initial CVE request doesn't credit you either. That wasn't intentional >> on my part. >> >> S >> > >
