oss-sec: by thread
550 messages
starting Jul 01 11 and
ending Sep 30 11
Date index |
Thread index |
Author index
- Please reject CVE-2011-0705 Huzaifa Sidhpurwala (Jul 01)
- CVE request: kernel: nl80211: missing check for valid SSID size in scan operations Petr Matousek (Jul 01)
- Re: CVE request: kernel: tomoyo: oops in tomoyo_mount_acl() Eugene Teo (Jul 01)
- php ZipArchive::addGlob() crashes on invalid flags Tomas Hoger (Jul 01)
- Re: php ZipArchive::addGlob() crashes on invalid flags Maksymilian Arciemowicz (Jul 01)
- Re: Re: php ZipArchive::addGlob() crashes on invalid flags Tomas Hoger (Jul 01)
- Re: php ZipArchive::addGlob() crashes on invalid flags Maksymilian Arciemowicz (Jul 01)
- Re: Closed list Oracle Security Alerts (Jul 01)
- Re: Closed list Tomas Hoger (Jul 04)
- <Possible follow-ups>
- Re: Closed list Steve Kemp (Jul 21)
- Re: Closed list Solar Designer (Jul 21)
- Re: Closed list Steffen Joeris (Jul 21)
- Re: Closed list Solar Designer (Jul 22)
- Re: Closed list Tomas Hoger (Jul 29)
- Re: Closed list Solar Designer (Jul 29)
- Re: Closed list Solar Designer (Jul 21)
- Closed List John Haxby (Aug 30)
- Re: Closed List Solar Designer (Aug 30)
- Re: Closed List John Haxby (Aug 30)
- Re: Closed List Solar Designer (Aug 30)
- vsftpd download backdoored Solar Designer (Jul 03)
- Re: vsftpd download backdoored Moritz Muehlenhoff (Jul 04)
- Re: vsftpd download backdoored Solar Designer (Jul 04)
- Re: vsftpd download backdoored Eugene Teo (Jul 04)
- Re: vsftpd download backdoored Solar Designer (Jul 04)
- Re: vsftpd download backdoored HD Moore (Jul 04)
- Re: vsftpd download backdoored Solar Designer (Jul 04)
- Re: vsftpd download backdoored HD Moore (Jul 04)
- Re: vsftpd download backdoored Solar Designer (Jul 04)
- Re: vsftpd download backdoored Solar Designer (Jul 04)
- Re: vsftpd download backdoored HD Moore (Jul 04)
- Re: vsftpd download backdoored Solar Designer (Jul 04)
- Re: vsftpd download backdoored Matthias Andree (Jul 05)
- Re: vsftpd download backdoored Chris Evans (Jul 06)
- Re: vsftpd download backdoored Eugene Teo (Jul 05)
- Re: vsftpd download backdoored Solar Designer (Jul 05)
- Re: vsftpd download backdoored Josh Bressers (Jul 11)
- Re: vsftpd download backdoored Solar Designer (Jul 04)
- Re: vsftpd download backdoored Moritz Muehlenhoff (Jul 04)
- Re: CVE request: openssl timing attack Solar Designer (Jul 03)
- Re: CVE request: openssl timing attack Tomas Hoger (Jul 04)
- Re: CVE request: openssl timing attack Solar Designer (Jul 05)
- Re: CVE request: openssl timing attack Tomas Hoger (Jul 06)
- Re: CVE request: openssl timing attack Solar Designer (Jul 09)
- Re: CVE request: openssl timing attack Solar Designer (Jul 05)
- Re: CVE request: openssl timing attack Tomas Hoger (Jul 04)
- Re: CVE requests; issues fixed in MySQL 5.1.52 Ludwig Nussel (Jul 04)
- Re: CVE requests; issues fixed in MySQL 5.1.52 Josh Bressers (Jul 12)
- Re: CVE requests; issues fixed in MySQL 5.1.52 Jan Lieskovsky (Jul 20)
- Re: CVE requests; issues fixed in MySQL 5.1.52 Josh Bressers (Jul 12)
- CVE request: plone privilege escalation flaw Vincent Danen (Jul 04)
- Re: CVE request: plone privilege escalation flaw Josh Bressers (Jul 12)
- FreeBSD 4.x OpenSSH/libopie remote root hole Solar Designer (Jul 04)
- Re: FreeBSD 4.x OpenSSH/libopie remote root hole Colin Percival (Jul 04)
- Re: FreeBSD 4.x OpenSSH/libopie remote root hole Solar Designer (Jul 04)
- Re: FreeBSD 4.x OpenSSH/libopie remote root hole Sebastian Krahmer (Jul 05)
- <Possible follow-ups>
- Re: FreeBSD 4.x OpenSSH/libopie remote root hole Markus Friedl (Jul 06)
- Re: FreeBSD 4.x OpenSSH/libopie remote root hole Colin Percival (Jul 04)
- R: Re: [oss-security] vsftpd download backdoored pinto.elia () gmail com (Jul 04)
- The Bind incident Eugene Teo (Jul 05)
- Re: The Bind incident Eugene Teo (Jul 05)
- Re: The Bind incident Barry Greene (Jul 06)
- Re: The Bind incident Eugene Teo (Jul 07)
- Re: The Bind incident Barry Greene (Jul 06)
- Re: The Bind incident Solar Designer (Jul 05)
- Re: The Bind incident Mike O'Connor (Jul 06)
- Re: The Bind incident Florian Weimer (Jul 06)
- Re: The Bind incident Mike O'Connor (Jul 06)
- Re: The Bind incident Eugene Teo (Jul 05)
- CVE request: kernel: perf, x86: fix Intel fixed counters base initialization Eugene Teo (Jul 05)
- Re: CVE request: kernel: perf, x86: fix Intel fixed counters base initialization Huzaifa Sidhpurwala (Jul 05)
- Security issue in reseed Jamie Strandboge (Jul 06)
- CVE Request: reseed Jamie Strandboge (Jul 06)
- Re: CVE Request: reseed Josh Bressers (Jul 12)
- CVE Request: reseed Jamie Strandboge (Jul 06)
- CVE Request: foo2zjs Marc Deslauriers (Jul 06)
- Re: CVE Request: foo2zjs Josh Bressers (Jul 12)
- libreoffice/openoffice.org CVE id request Nico Golde (Jul 06)
- Re: libreoffice/openoffice.org CVE id request Josh Bressers (Jul 12)
- Re: CVE request: crypt_blowfish 8-bit character mishandling Solar Designer (Jul 06)
- Re: CVE request: crypt_blowfish 8-bit character mishandling Ludwig Nussel (Jul 07)
- Re: CVE request: crypt_blowfish 8-bit character mishandling Solar Designer (Jul 07)
- Re: CVE request: crypt_blowfish 8-bit character mishandling Solar Designer (Jul 08)
- Re: CVE request: crypt_blowfish 8-bit character mishandling Solar Designer (Jul 07)
- Re: CVE request: crypt_blowfish 8-bit character mishandling Solar Designer (Jul 07)
- <Possible follow-ups>
- Re: CVE request: crypt_blowfish 8-bit character mishandling Ludwig Nussel (Jul 07)
- Re: CVE request: crypt_blowfish 8-bit character mishandling Solar Designer (Jul 07)
- Re: CVE request: crypt_blowfish 8-bit character mishandling Ludwig Nussel (Jul 11)
- Re: CVE request: crypt_blowfish 8-bit character mishandling Solar Designer (Jul 11)
- Re: CVE request: crypt_blowfish 8-bit character mishandling Ludwig Nussel (Jul 12)
- Re: CVE request: crypt_blowfish 8-bit character mishandling Ludwig Nussel (Jul 13)
- Re: CVE request: crypt_blowfish 8-bit character mishandling Solar Designer (Jul 14)
- Re: CVE request: crypt_blowfish 8-bit character mishandling Ludwig Nussel (Jul 14)
- Re: CVE request: crypt_blowfish 8-bit character mishandling Solar Designer (Jul 14)
- Re: CVE request: crypt_blowfish 8-bit character mishandling Solar Designer (Jul 17)
- Re: CVE request: crypt_blowfish 8-bit character mishandling Solar Designer (Jul 17)
- Re: CVE request: crypt_blowfish 8-bit character mishandling Solar Designer (Aug 03)
- Re: CVE request: crypt_blowfish 8-bit character mishandling Solar Designer (Jul 07)
- Re: CVE request: crypt_blowfish 8-bit character mishandling Solar Designer (Jul 17)
- Re: CVE request: crypt_blowfish 8-bit character mishandling Solar Designer (Jul 17)
- Re: CVE request: crypt_blowfish 8-bit character mishandling Ludwig Nussel (Jul 07)
- CVE-2011-1780, CVE-2011-1936, kernel/xen issues Eugene Teo (Jul 07)
- Re: Re: CVE Request -- oprofile -- Local privilege escalation via crafted opcontrol event parameter when authorized by sudo Jamie Strandboge (Jul 07)
- oCERT name change due to trademark claims Andrea Barisani (Jul 07)
- SSL renegotiation DoS CVE-2011-1473 Tomas Hoger (Jul 08)
- CVE Request: ruby PRNG fixes Ludwig Nussel (Jul 11)
- Re: CVE Request: ruby PRNG fixes Josh Bressers (Jul 12)
- Re: CVE Request: ruby PRNG fixes Huzaifa Sidhpurwala (Jul 19)
- Re: CVE Request: ruby PRNG fixes Josh Bressers (Jul 20)
- CVE Request -- Drupal 7 -- Access bypass in node listings (SA-CORE-2011-002) Jan Lieskovsky (Jul 11)
- Re: CVE Request -- Drupal 7 -- Access bypass in node listings (SA-CORE-2011-002) Josh Bressers (Jul 12)
- CVE-2011-2525 kernel: kernel: net_sched: fix qdisc_notify() Eugene Teo (Jul 11)
- Apache symlink issue: can documented behavior be a security problem and hence get a CVE? halfdog (Jul 12)
- Re: Apache symlink issue: can documented behavior be a security problem and hence get a CVE? Mike O'Connor (Jul 12)
- Re: Apache symlink issue: can documented behavior be a security problem and hence get a CVE? Josh Bressers (Jul 12)
- Re: Apache symlink issue: can documented behavior be a security problem and hence get a CVE? Steven M. Christey (Jul 13)
- [Announcement] ClubHack Magazine Issue 18-July2011 Released Abhijeet Patil (Jul 12)
- CVE Request: qemu -runas does not clear supplementary groups Michael Tokarev (Jul 12)
- Re: CVE Request: qemu -runas does not clear supplementary groups Vincent Danen (Jul 12)
- CVE id request: apache mod-auth-external Nico Golde (Jul 12)
- Re: CVE id request: apache mod-auth-external Josh Bressers (Jul 12)
- CVE-2011-2689 kernel: gfs2: make sure fallocate bytes is a multiple of blksize Eugene Teo (Jul 12)
- Security issues fixed in libpng 1.5.4 Huzaifa Sidhpurwala (Jul 12)
- CVE Request: hplip/foomatic-filters Sebastian Krahmer (Jul 13)
- Re: CVE Request: hplip/foomatic-filters Jan Lieskovsky (Jul 18)
- Re: CVE Request: hplip/foomatic-filters Tomas Hoger (Jul 28)
- Re: CVE Request: hplip/foomatic-filters Tomas Hoger (Aug 01)
- Re: CVE Request: hplip/foomatic-filters Tomas Hoger (Jul 28)
- Re: CVE Request: hplip/foomatic-filters Jan Lieskovsky (Jul 18)
- [oCERT-2011-001] Chyrp input sanitization errors Andrea Barisani (Jul 13)
- Re: [oCERT-2011-001] Chyrp input sanitization errors Steven M. Christey (Jul 13)
- CVE Request -- libsndfile -- Integer overflow by processing certain PAF files Jan Lieskovsky (Jul 13)
- Re: CVE Request -- libsndfile -- Integer overflow by processing certain PAF files Erik de Castro Lopo (Jul 14)
- Re: CVE Request -- libsndfile -- Integer overflow by processing certain PAF files Jan Lieskovsky (Jul 14)
- Re: CVE Request -- libsndfile -- Integer overflow by processing certain PAF files Erik de Castro Lopo (Jul 14)
- Re: Re: CVE Request -- libsndfile -- Integer overflow by processing certain PAF files Jan Lieskovsky (Jul 15)
- Re: Re: CVE Request -- libsndfile -- Integer overflow by processing certain PAF files Dan Rosenberg (Jul 15)
- Re: Re: CVE Request -- libsndfile -- Integer overflow by processing certain PAF files Dan Rosenberg (Jul 14)
- Re: CVE Request -- libsndfile -- Integer overflow by processing certain PAF files Jan Lieskovsky (Jul 14)
- Re: CVE Request -- libsndfile -- Integer overflow by processing certain PAF files Huzaifa Sidhpurwala (Jul 17)
- Re: CVE Request -- libsndfile -- Integer overflow by processing certain PAF files Erik de Castro Lopo (Jul 14)
- CVE request: webkit ZDI-11-138 and ZDI-11-139 Thomas Biege (Jul 14)
- Re: CVE request: webkit ZDI-11-138 and ZDI-11-139 Thomas Biege (Aug 02)
- <Possible follow-ups>
- Re: CVE request: webkit ZDI-11-138 and ZDI-11-139 Huzaifa Sidhpurwala (Aug 02)
- CVE-2009-4067 kernel: usb: buffer overflow in auerswald_probe() Eugene Teo (Jul 15)
- CVE-2011-1764 Exim: DKIM Format String Djalal Harouni (Jul 15)
- CVE request: vulnerability in FreeRADIUS (OCSP) dfncert (Jul 15)
- Re: CVE request: vulnerability in FreeRADIUS (OCSP) Vincent Danen (Jul 15)
- Re: CVE request: vulnerability in FreeRADIUS (OCSP) dfncert (Jul 18)
- Re: CVE request: vulnerability in FreeRADIUS (OCSP) Ludwig Nussel (Jul 18)
- Re: CVE request: vulnerability in FreeRADIUS (OCSP) dfncert (Jul 18)
- Re: CVE request: vulnerability in FreeRADIUS (OCSP) Stefan Behte (Jul 18)
- Re: CVE request: vulnerability in FreeRADIUS (OCSP) Solar Designer (Jul 18)
- Re: CVE request: vulnerability in FreeRADIUS (OCSP) Tim Zingelman (Jul 18)
- Re: CVE request: vulnerability in FreeRADIUS (OCSP) Solar Designer (Jul 19)
- Re: CVE request: vulnerability in FreeRADIUS (OCSP) Tim Zingelman (Jul 19)
- *BSD security contacts (was: CVE request: vulnerability in FreeRADIUS (OCSP)) Solar Designer (Jul 19)
- Re: *BSD security contacts (was: CVE request: vulnerability in FreeRADIUS (OCSP)) Tim Zingelman (Jul 21)
- Re: *BSD security contacts Solar Designer (Jul 21)
- Re: CVE request: vulnerability in FreeRADIUS (OCSP) dfncert (Jul 19)
- Re: CVE request: vulnerability in FreeRADIUS (OCSP) Tomas Hoger (Jul 19)
- Re: CVE request: vulnerability in FreeRADIUS (OCSP) dfncert (Jul 19)
- Re: CVE request: vulnerability in FreeRADIUS (OCSP) Josh Bressers (Jul 20)
- Re: CVE request: vulnerability in FreeRADIUS (OCSP) Solar Designer (Jul 19)
- Re: CVE request: vulnerability in FreeRADIUS (OCSP) dfncert (Jul 18)
- Re: CVE request: vulnerability in FreeRADIUS (OCSP) Vincent Danen (Jul 15)
- CVE Request -- kernel: ext4: kernel panic when writing data to the last block of sparse file Petr Matousek (Jul 15)
- CVE request and info: freetype flaw to jailbreak iphone Vincent Danen (Jul 16)
- Re: CVE request and info: freetype flaw to jailbreak iphone Geoffrey Keating (Jul 17)
- CVE-2011-2520: flaw in system-config-firewall's usage of pickle allows privilege escalation Vincent Danen (Jul 18)
- CVE id request: (e)glibc Nico Golde (Jul 18)
- Re: CVE id request: (e)glibc Josh Bressers (Jul 20)
- cve id request: insecure xauth cookie handling in fglrx (ati catalyst) driver Michael Gilbert (Jul 18)
- Re: cve id request: insecure xauth cookie handling in fglrx (ati catalyst) driver Mike O'Connor (Jul 21)
- Re: cve id request: insecure xauth cookie handling in fglrx (ati catalyst) driver Michael Gilbert (Jul 22)
- Re: cve id request: insecure xauth cookie handling in fglrx (ati catalyst) driver Michael Gilbert (Aug 03)
- Re: cve id request: insecure xauth cookie handling in fglrx (ati catalyst) driver Mike O'Connor (Jul 21)
- CVE Request -- Wireshark: Infinite loop in the ANSI A Interface (IS-634/IOS) dissector Jan Lieskovsky (Jul 19)
- Re: CVE Request -- Wireshark: Infinite loop in the ANSI A Interface (IS-634/IOS) dissector Huzaifa Sidhpurwala (Jul 19)
- CVE Request -- MapServer -- SQL injections in OGC filter encoding and in WMS time support. Jan Lieskovsky (Jul 19)
- Re: CVE Request -- MapServer -- SQL injections in OGC filter encoding and in WMS time support. Even Rouault (Jul 19)
- Re: CVE Request -- MapServer -- SQL injections in OGC filter encoding and in WMS time support. Alan Boudreault (Jul 19)
- CVE Request -- MapServer -- Stack based buffer overflow [was: Re: [oss-security] Re: CVE Request -- MapServer -- SQL injections in OGC filter encoding and in WMS time support.] Jan Lieskovsky (Jul 19)
- Re: CVE Request -- MapServer -- Stack based buffer overflow [was: Re: [oss-security] Re: CVE Request -- MapServer -- SQL injections in OGC filter encoding and in WMS time support.] Alan Boudreault (Jul 20)
- Re: CVE Request -- MapServer -- Stack based buffer overflow [was: Re: [oss-security] Re: CVE Request -- MapServer -- SQL injections in OGC filter encoding and in WMS time support.] Josh Bressers (Jul 20)
- Re: CVE Request -- MapServer -- SQL injections in OGC filter encoding and in WMS time support. Alan Boudreault (Jul 19)
- Re: CVE Request -- MapServer -- SQL injections in OGC filter encoding and in WMS time support. Even Rouault (Jul 19)
- CVE request: kernel: ipv6: make fragment identifications less predictable Eugene Teo (Jul 20)
- Re: CVE request: kernel: ipv6: make fragment identifications less predictable Huzaifa Sidhpurwala (Jul 20)
- CVE request: kernel: si4713-i2c: avoid potential buffer overflow on si4713 Eugene Teo (Jul 20)
- Re: CVE request: kernel: si4713-i2c: avoid potential buffer overflow on si4713 Huzaifa Sidhpurwala (Jul 20)
- CVE request: sNews 1.7.1 XSS in reorder Henri Salo (Jul 20)
- Re: CVE request: sNews 1.7.1 XSS in reorder Josh Bressers (Jul 20)
- CVE request: kernel: arbitrary kernel read in xtensa Dan Rosenberg (Jul 20)
- Re: CVE request: kernel: arbitrary kernel read in xtensa Josh Bressers (Jul 20)
- Fwd: Joomla! Security News Henri Salo (Jul 20)
- Re: Fwd: Joomla! Security News Josh Bressers (Jul 20)
- New IcedTea and IcedTea-Web releases Tomas Hoger (Jul 20)
- CVE Request -- libgssapi, libgssglue -- Ability to load untrusted configuration file, when loading GSS mechanisms and their definitions during initialization Jan Lieskovsky (Jul 21)
- Re: CVE Request -- libgssapi, libgssglue -- Ability to load untrusted configuration file, when loading GSS mechanisms and their definitions during initialization Josh Bressers (Jul 22)
- Re: CVE Request -- libgssapi, libgssglue -- Ability to load untrusted configuration file, when loading GSS mechanisms and their definitions during initialization Sebastian Krahmer (Jul 24)
- Re: CVE Request -- libgssapi, libgssglue -- Ability to load untrusted configuration file, when loading GSS mechanisms and their definitions during initialization Tomas Hoger (Aug 12)
- Re: CVE Request -- libgssapi, libgssglue -- Ability to load untrusted configuration file, when loading GSS mechanisms and their definitions during initialization Marcus Meissner (Aug 12)
- Re: CVE Request -- libgssapi, libgssglue -- Ability to load untrusted configuration file, when loading GSS mechanisms and their definitions during initialization Sebastian Krahmer (Jul 24)
- Re: CVE Request -- libgssapi, libgssglue -- Ability to load untrusted configuration file, when loading GSS mechanisms and their definitions during initialization Josh Bressers (Jul 22)
- CVE Request: Joomla! 1.7.0-RC and lower | Cross Site Scripting Vulnerabilities YGN Ethical Hacker Group (Jul 21)
- Re: CVE Request: Joomla! 1.7.0-RC and lower | Cross Site Scripting Vulnerabilities Josh Bressers (Jul 22)
- CVE Request -- cGit -- XSS flaw in rename hint Jan Lieskovsky (Jul 22)
- Re: CVE Request -- cGit -- XSS flaw in rename hint Josh Bressers (Jul 22)
- Re: CVE Request -- cGit -- XSS flaw in rename hint Lukas Fleischer (Jul 22)
- Re: Re: CVE Request -- cGit -- XSS flaw in rename hint Jan Lieskovsky (Jul 24)
- Re: Re: CVE Request -- cGit -- XSS flaw in rename hint Lukas Fleischer (Jul 24)
- Re: Re: CVE Request -- cGit -- XSS flaw in rename hint Jan Lieskovsky (Jul 24)
- CVE request: PyForum backdoor BMSA-2009-07 Henri Salo (Jul 24)
- Re: CVE request: PyForum backdoor BMSA-2009-07 Josh Bressers (Jul 26)
- Re: CVE request: silverstripe before 2.4.4 Henri Salo (Jul 24)
- CVE request: Drupal Data-module multiple vulnerabilities Henri Salo (Jul 24)
- Re: CVE request: Drupal Data-module multiple vulnerabilities Josh Bressers (Jul 26)
- Squirrelmail CVE duplicates Moritz Muehlenhoff (Jul 24)
- Re: Squirrelmail CVE duplicates Jan Lieskovsky (Jul 25)
- Re: Squirrelmail CVE duplicates Moritz Mühlenhoff (Jul 25)
- Re: Squirrelmail CVE duplicates Jan Lieskovsky (Jul 25)
- Re: CVE Request -- rpm -- Fails to remove the SUID/SGID bits on package upgrade (RH BZ#598775) Solar Designer (Jul 24)
- Re: CVE Request -- rpm -- Fails to remove the SUID/SGID bits on package upgrade (RH BZ#598775) Vasiliy Kulikov (Jul 25)
- Re: CVE Request -- rpm -- Fails to remove the SUID/SGID bits on package upgrade (RH BZ#598775) Solar Designer (Jul 25)
- <Possible follow-ups>
- Re: CVE Request -- rpm -- Fails to remove the SUID/SGID bits on package upgrade (RH BZ#598775) Jeff Johnson (Jul 25)
- Re: CVE Request -- rpm -- Fails to remove the SUID/SGID bits on package upgrade (RH BZ#598775) Solar Designer (Jul 25)
- Re: CVE Request -- rpm -- Fails to remove the SUID/SGID bits on package upgrade (RH BZ#598775) Vasiliy Kulikov (Jul 25)
- CVE request - dhcp clients Tomas Hoger (Jul 25)
- Re: CVE request - dhcp clients Josh Bressers (Jul 26)
- Re: CVE request - dhcp clients Tomas Hoger (Jul 27)
- Re: CVE request - dhcp clients Sebastian Krahmer (Jul 27)
- Re: CVE request - dhcp clients Tomas Hoger (Jul 27)
- Re: CVE request - dhcp clients Sebastian Krahmer (Jul 27)
- Re: CVE request - dhcp clients Tomas Hoger (Jul 27)
- Re: CVE request - dhcp clients Josh Bressers (Jul 26)
- CVE-Request -- phpMyAdmin -- PMASA-2011-11 and PMASA-2011-12 Jan Lieskovsky (Jul 25)
- Re: CVE-Request -- phpMyAdmin -- PMASA-2011-11 and PMASA-2011-12 Josh Bressers (Jul 26)
- CVE Request -- GLPI -- Properly blacklist some sensitive fields Jan Lieskovsky (Jul 25)
- Re: CVE Request -- GLPI -- Properly blacklist some sensitive fields Josh Bressers (Jul 26)
- CVE Request: Ark path traversal Jeff Mitchell (Jul 25)
- Re: CVE Request: Ark path traversal Josh Bressers (Jul 26)
- Re: CVE Request: Ark path traversal Jeff Mitchell (Jul 26)
- Re: CVE Request: Ark path traversal Josh Bressers (Jul 26)
- CVE Request: Input validation failure affecting multiple KDE applications, as well as many other Qt-based applications Jeff Mitchell (Jul 25)
- CVE: Input validation failure affecting multiple KDE applications, as well as many other Qt-based applications Jeff Mitchell (Jul 25)
- two systemtap flaws: CVE-2011-2502 and CVE-2011-2503 Vincent Danen (Jul 25)
- Re: two systemtap flaws: CVE-2011-2502 and CVE-2011-2503 Tavis Ormandy (Jul 28)
- Re: Re: two systemtap flaws: CVE-2011-2502 and CVE-2011-2503 Huzaifa Sidhpurwala (Jul 28)
- Re: Re: two systemtap flaws: CVE-2011-2502 and CVE-2011-2503 Tavis Ormandy (Jul 28)
- Re: Re: two systemtap flaws: CVE-2011-2502 and CVE-2011-2503 Huzaifa Sidhpurwala (Jul 28)
- Re: two systemtap flaws: CVE-2011-2502 and CVE-2011-2503 Tavis Ormandy (Jul 28)
- CVE Request -- Clam AntiVirus -- v0.97.2 -- Off-by-one error by scanning message hashes Jan Lieskovsky (Jul 26)
- Re: CVE Request -- Clam AntiVirus -- v0.97.2 -- Off-by-one error by scanning message hashes Josh Bressers (Jul 26)
- CVE request: hplip: insecure tmp file handling Matthias Weckbecker (Jul 26)
- Re: CVE request: hplip: insecure tmp file handling Josh Bressers (Jul 26)
- Information on CVE-2011-2300/CVE-2011-2305 for VirtualBox ? Moritz Muehlenhoff (Jul 26)
- Re: Information on CVE-2011-2300/CVE-2011-2305 for VirtualBox ? Dan Rosenberg (Jul 26)
- Re: Information on CVE-2011-2300/CVE-2011-2305 for VirtualBox ? Moritz Mühlenhoff (Jul 26)
- Re: Information on CVE-2011-2300/CVE-2011-2305 for VirtualBox ? Dan Rosenberg (Jul 26)
- Re: Symlinks and filesystem recursion vulnerabilities: Action needed or ignore? Solar Designer (Jul 26)
- iputils ping6 -s buffer overflow Solar Designer (Jul 26)
- CFP SecurityByte India Papers, Call For (Jul 26)
- Re: CFP SecurityByte India Solar Designer (Jul 26)
- Re: CVE request: multiple libraries getenv() misuse Solar Designer (Jul 26)
- CVE request: drupal7 SA-CORE-2011-003 (access restriction bypass) Vincent Danen (Jul 27)
- Re: CVE request: drupal7 SA-CORE-2011-003 (access restriction bypass) Josh Bressers (Jul 29)
- Re: CVE request: gri < 2.12.18 insecure temp file generation Henri Salo (Jul 28)
- Re: CVE request: gri < 2.12.18 insecure temp file generation Steven M. Christey (Jul 28)
- CVE-request Tribiq CMS path disclosure HTB22857 Henri Salo (Jul 28)
- Re: CVE-request Tribiq CMS path disclosure HTB22857 Josh Bressers (Jul 29)
- libxml security fix from apple ... any information? Marcus Meissner (Jul 28)
- Re: libxml security fix from apple ... any information? Huzaifa Sidhpurwala (Jul 28)
- Re: libxml security fix from apple ... any information? Billy Rios (Jul 28)
- Re: Re: libxml security fix from apple ... any information? Thomas Biege (Jul 29)
- Re: Re: libxml security fix from apple ... any information? Moritz Muehlenhoff (Jul 29)
- Re: Re: libxml security fix from apple ... any information? Jeffrey Czerniak (Jul 30)
- Re: libxml security fix from apple ... any information? Solar Designer (Jul 30)
- Re: libxml security fix from apple ... any information? Daniel Veillard (Aug 04)
- Re: Re: libxml security fix from apple ... any information? Thomas Biege (Jul 29)
- CVE Request -- foomatic (foomatic-filters): foomatic-rip (debug mode) insecure temporary file use in renderer command line by processing PostScript data Jan Lieskovsky (Jul 28)
- Re: CVE Request -- foomatic (foomatic-filters): foomatic-rip (debug mode) insecure temporary file use in renderer command line by processing PostScript data Josh Bressers (Jul 29)
- Re: CVE Request -- foomatic (foomatic-filters): foomatic-rip (debug mode) insecure temporary file use in renderer command line by processing PostScript data Josh Bressers (Aug 17)
- CVE-2011-2524: libsoup's SoupServer directory traversal flaw Vincent Danen (Jul 28)
- multiple flaws in minissdpd Kees Cook (Jul 28)
- Re: multiple flaws in minissdpd miniupnp (Jul 29)
- CVE request: kernel: gro: Only reset frag0 when skb can be pulled Kees Cook (Jul 28)
- Re: CVE request: kernel: gro: Only reset frag0 when skb can be pulled Eugene Teo (Jul 28)
- Re: CVE Request -- vsftpd -- Do not create network namespace per connection Eugene Teo (Jul 29)
- Re: CVE Request -- vsftpd -- Do not create network namespace per connection Jan Lieskovsky (Jul 29)
- CVE-2011-2724 assignment notification -- samba -- incomplete fix for CVE-2010-0547 issue Jan Lieskovsky (Jul 29)
- CVE mistake in libsoup release notes Vincent Danen (Jul 29)
- CVE Request: Elgg 1.7.9 <= | Multiple Cross Site Scripting Vulnerabilities YGN Ethical Hacker Group (Jul 30)
- CFP open for ClubHack2011 Abhijeet Patil (Jul 30)
- Re: CFP open for ClubHack2011 Solar Designer (Jul 30)
- Re: CFP open for ClubHack2011 Thomas Biege (Aug 01)
- Re: CFP open for ClubHack2011 Solar Designer (Jul 30)
- CVE request: GIF loader buffer overflow when initializing decompression tables Thomas Biege (Aug 02)
- Re: CVE request: GIF loader buffer overflow when initializing decompression tables Tomas Hoger (Aug 03)
- Re: CVE request: GIF loader buffer overflow when initializing decompression tables Tomas Hoger (Aug 19)
- CVE request: Linux kernel af_packet information leak Moritz Muehlenhoff (Aug 03)
- Re: CVE request: Linux kernel af_packet information leak Josh Bressers (Aug 03)
- CVE Request: foomatic-gui Marc Deslauriers (Aug 03)
- Re: CVE Request: foomatic-gui Tim Waugh (Aug 03)
- Re: CVE Request: foomatic-gui Josh Bressers (Aug 03)
- Re: CVE Request: foomatic-gui dave bl (Aug 04)
- Re: CVE Request: foomatic-gui Henri Salo (Aug 04)
- Re: CVE Request: foomatic-gui Tim Waugh (Aug 04)
- Re: CVE Request: foomatic-gui Josh Bressers (Aug 04)
- Re: CVE Request: foomatic-gui Tim Waugh (Aug 05)
- Re: CVE Request: foomatic-gui dave bl (Aug 05)
- Re: CVE Request: foomatic-gui Huzaifa Sidhpurwala (Aug 11)
- Re: CVE Request: foomatic-gui dave bl (Aug 04)
- CVE id request: shttpd/mongoose/yassl embedded webserver Nico Golde (Aug 03)
- Re: CVE id request: shttpd/mongoose/yassl embedded webserver Josh Bressers (Aug 03)
- cve request: xpdf: insecure tempfile usage in zxpdf script Michael Gilbert (Aug 03)
- Re: cve request: xpdf: insecure tempfile usage in zxpdf script Josh Bressers (Aug 09)
- CVE-request: clamav floating point exception in OLE2 scanner DoS Henri Salo (Aug 03)
- Re: CVE-request: clamav floating point exception in OLE2 scanner DoS Henri Salo (Sep 24)
- CVE request: coppermine gallery < 1.4.26 Henri Salo (Aug 04)
- Re: CVE request: coppermine gallery < 1.4.26 Josh Bressers (Aug 19)
- CVE-request: KaiBB security vulnerabilities without CVE-IDs Henri Salo (Aug 04)
- Re: CVE-request: KaiBB security vulnerabilities without CVE-IDs Josh Bressers (Aug 19)
- CVE-request: FreeBSD/NetBSD/OpenBSD(?) ftpd remote crash (2010) Henri Salo (Aug 04)
- Re: CVE-request: FreeBSD/NetBSD/OpenBSD(?) ftpd remote crash (2010) Mike O'Connor (Aug 04)
- Re: CVE-request: FreeBSD/NetBSD/OpenBSD(?) ftpd remote crash (2010) Josh Bressers (Aug 19)
- CVE-request: pithos symlink vulnerability CWE-61 Henri Salo (Aug 04)
- Re: CVE-request: pithos symlink vulnerability CWE-61 Josh Bressers (Aug 19)
- CVE request: heap overflow in tcptrack < 1.4.2 Vincent Danen (Aug 09)
- Re: CVE request: heap overflow in tcptrack < 1.4.2 Josh Bressers (Aug 09)
- Re: CVE request: heap overflow in tcptrack < 1.4.2 Steven M. Christey (Aug 31)
- Re: CVE request: heap overflow in tcptrack < 1.4.2 Moritz Muehlenhoff (Sep 13)
- Re: CVE request: heap overflow in tcptrack < 1.4.2 Steven M. Christey (Aug 31)
- Re: CVE request: heap overflow in tcptrack < 1.4.2 Josh Bressers (Aug 09)
- CVE request: perf: may parse user-controlled config file dann frazier (Aug 09)
- Re: CVE request: perf: may parse user-controlled config file Steve Grubb (Aug 09)
- Re: CVE request: perf: may parse user-controlled config file Yves-Alexis Perez (Aug 09)
- Re: CVE request: perf: may parse user-controlled config file Steve Grubb (Aug 10)
- Re: CVE request: perf: may parse user-controlled config file dann frazier (Aug 11)
- Re: CVE request: perf: may parse user-controlled config file Yves-Alexis Perez (Aug 09)
- Re: CVE request: perf: may parse user-controlled config file Josh Bressers (Aug 09)
- Re: CVE request: perf: may parse user-controlled config file Steve Grubb (Aug 09)
- CVE request: zabbix XSS flaw Vincent Danen (Aug 09)
- Re: CVE request: zabbix XSS flaw Josh Bressers (Aug 09)
- CVE requests: Two kernel issues Moritz Muehlenhoff (Aug 09)
- Re: CVE requests: Two kernel issues Eugene Teo (Aug 09)
- Re: CVE requests: Two kernel issues Dan Rosenberg (Aug 09)
- Re: CVE requests: Two kernel issues Eugene Teo (Aug 09)
- Re: CVE requests: Two kernel issues Moritz Muehlenhoff (Aug 10)
- Re: CVE requests: Two kernel issues Eugene Teo (Aug 11)
- Re: CVE requests: Two kernel issues Yves-Alexis Perez (Aug 12)
- Re: CVE requests: Two kernel issues Eugene Teo (Aug 14)
- Re: CVE requests: Two kernel issues Dan Rosenberg (Aug 09)
- Re: CVE requests: Two kernel issues Eugene Teo (Aug 09)
- CVE request (and disclosure): ax25d missing setuid return code check Dan Rosenberg (Aug 09)
- Re: CVE request (and disclosure): ax25d missing setuid return code check Eren Türkay (Aug 10)
- Re: CVE request (and disclosure): ax25d missing setuid return code check Thomas Osterried (Aug 11)
- Re: CVE request (and disclosure): ax25d missing setuid return code check Ralf Baechle (Aug 11)
- Re: CVE request (and disclosure): ax25d missing setuid return code check Jon Oberheide (Aug 11)
- Re: CVE request (and disclosure): ax25d missing setuid return code check Solar Designer (Aug 11)
- Re: CVE request (and disclosure): ax25d missing setuid return code check Thomas Osterried (Aug 18)
- Re: CVE request (and disclosure): ax25d missing setuid return code check Thomas Osterried (Aug 11)
- Re: CVE request (and disclosure): ax25d missing setuid return code check Josh Bressers (Aug 12)
- Re: CVE request (and disclosure): ax25d missing setuid return code check Eren Türkay (Aug 10)
- CVE request: libmodplug: multiple vulnerabilities reported in <= 0.8.8.3 Thomas Biege (Aug 10)
- Re: CVE request: libmodplug: multiple vulnerabilities reported in <= 0.8.8.3 Tomas Hoger (Aug 10)
- Re: CVE request: libmodplug: multiple vulnerabilities reported in <= 0.8.8.3 Thomas Biege (Aug 11)
- Re: CVE request: libmodplug: multiple vulnerabilities reported in <= 0.8.8.3 Josh Bressers (Aug 12)
- Re: CVE request: libmodplug: multiple vulnerabilities reported in <= 0.8.8.3 Tomas Hoger (Aug 10)
- [oCERT-2011-002] libavcodec insufficient boundary check Daniele Bianco (Aug 10)
- Re: [oCERT-2011-002] libavcodec insufficient boundary check Dan Rosenberg (Aug 10)
- Re: [oCERT-2011-002] libavcodec insufficient boundary check Daniele Bianco (Aug 10)
- Re: [oCERT-2011-002] libavcodec insufficient boundary check Dan Rosenberg (Aug 10)
- LZW decompression issues Tomas Hoger (Aug 10)
- Re: LZW decompression issues Solar Designer (Sep 28)
- Re: LZW decompression issues Solar Designer (Sep 28)
- Re: LZW decompression issues Colin Percival (Sep 28)
- Re: LZW decompression issues Tomas Hoger (Sep 28)
- Re: LZW decompression issues Solar Designer (Sep 28)
- Re: LZW decompression issues Tavis Ormandy (Sep 28)
- Re: LZW decompression issues Solar Designer (Sep 28)
- Re: LZW decompression issues Tomas Hoger (Sep 29)
- Re: LZW decompression issues Tim Zingelman (Sep 29)
- Re: LZW decompression issues Joerg Sonnenberger (Sep 29)
- Re: LZW decompression issues Solar Designer (Sep 29)
- Re: LZW decompression issues Tavis Ormandy (Sep 29)
- Re: LZW decompression issues Florian Weimer (Sep 28)
- Re: LZW decompression issues Solar Designer (Sep 28)
- CVE-2011-2907: authentication bypass in torque Vincent Danen (Aug 10)
- CVE request: improper permissions on ~/.qtnx/*.nxml Vincent Danen (Aug 11)
- Re: CVE request: improper permissions on ~/.qtnx/*.nxml Josh Bressers (Aug 12)
- CVE Request: Mambo CMS 4.6.x (4.6.5) | SQL Injection YGN Ethical Hacker Group (Aug 11)
- Re: CVE Request: Mambo CMS 4.6.x (4.6.5) | SQL Injection Josh Bressers (Aug 12)
- CVE request: multiple vulnerabilities in dtc Jonathan Wiltshire (Aug 12)
- Re: CVE request: multiple vulnerabilities in dtc Jonathan Wiltshire (Aug 12)
- Re: CVE request: multiple vulnerabilities in dtc Thomas Goirand (Aug 12)
- Re: Re: CVE request: multiple vulnerabilities in dtc Josh Bressers (Aug 24)
- Re: CVE request: multiple vulnerabilities in dtc Jonathan Wiltshire (Aug 24)
- Re: Re: CVE request: multiple vulnerabilities in dtc Josh Bressers (Aug 24)
- CVE request: two vulnerabilities in ktsuss 1.4 and earlier John Lightsey (Aug 13)
- Re: CVE request: two vulnerabilities in ktsuss 1.4 and earlier Josh Bressers (Aug 16)
- kernel: ext3/4: ext3/4_symlink lock oops Eugene Teo (Aug 14)
- CVE request -- kernel: perf: fix software event overflow Petr Matousek (Aug 15)
- Re: CVE request -- kernel: perf: fix software event overflow Eugene Teo (Aug 15)
- CVE request: ruby on rails flaws (4) Vincent Danen (Aug 17)
- Re: CVE request: ruby on rails flaws (4) Josh Bressers (Aug 19)
- Re: CVE request: ruby on rails flaws (4) Vincent Danen (Aug 19)
- Re: CVE request: ruby on rails flaws (4) Josh Bressers (Aug 22)
- Re: CVE request: ruby on rails flaws (4) Matthias Weckbecker (Aug 22)
- Re: CVE request: ruby on rails flaws (4) Josh Bressers (Aug 22)
- Re: CVE request: ruby on rails flaws (4) Vincent Danen (Aug 19)
- Re: CVE request: ruby on rails flaws (4) Josh Bressers (Aug 19)
- CVE Request: WebsiteBaker 2.8.1 <= Arbitrary File Upload Vulnerability YGN Ethical Hacker Group (Aug 17)
- Re: CVE Request: WebsiteBaker 2.8.1 <= Arbitrary File Upload Vulnerability Josh Bressers (Aug 19)
- CVE Request: WebsiteBaker 2.8.1 <= Cross Site Request Forgery (CSRF) Vulnerability YGN Ethical Hacker Group (Aug 17)
- Re: CVE Request: WebsiteBaker 2.8.1 <= Cross Site Request Forgery (CSRF) Vulnerability Josh Bressers (Aug 19)
- CVE Request: Elgg 1.7.10 <= | Multiple Vulnerabilities YGN Ethical Hacker Group (Aug 17)
- Re: CVE Request: Elgg 1.7.10 <= | Multiple Vulnerabilities Josh Bressers (Aug 19)
- CVE request: roundcube XSS before 0.5.4 Hanno Böck (Aug 18)
- Re: CVE request: roundcube XSS before 0.5.4 Josh Bressers (Aug 19)
- Start(up) API project security Sergey Chernyshev (Aug 18)
- CVE request: MantisBT <1.2.7 search.php multiple XSS vulnerabilities David Hicks (Aug 18)
- Re: CVE request: MantisBT <1.2.7 search.php multiple XSS vulnerabilities Josh Bressers (Aug 19)
- CVE request: heap overflow in perl while decoding Unicode string Vincent Danen (Aug 18)
- Re: CVE request: heap overflow in perl while decoding Unicode string Josh Bressers (Aug 19)
- CVE request: Linux: ZERO_SIZE_PTR dereference for long symlinks in Be FS Timo Warns (Aug 19)
- Re: CVE request: Linux: ZERO_SIZE_PTR dereference for long symlinks in Be FS Eugene Teo (Aug 19)
- CVE request: BusyBox unpack_Z_stream() buffer underflow Alex Legler (Aug 19)
- Re: CVE request: BusyBox unpack_Z_stream() buffer underflow Tomas Hoger (Aug 19)
- CVE request: stunnel 4.4x heap overflow flaw Vincent Danen (Aug 19)
- Re: CVE request: stunnel 4.4x heap overflow flaw Josh Bressers (Aug 19)
- CVE request: Pidgin crash Mark Doliner (Aug 20)
- Re: CVE request: Pidgin crash Huzaifa Sidhpurwala (Aug 21)
- Re: CVE request: Pidgin crash Huzaifa Sidhpurwala (Aug 22)
- Re: CVE request: Pidgin crash Mark Doliner (Aug 22)
- Re: CVE request: Pidgin crash Mark Doliner (Aug 22)
- Re: CVE request: Pidgin crash Moritz Mühlenhoff (Aug 22)
- Re: CVE request: Pidgin crash Mark Doliner (Aug 22)
- Re: CVE request: Pidgin crash Josh Bressers (Aug 22)
- Re: CVE request: Pidgin crash Huzaifa Sidhpurwala (Aug 22)
- Re: CVE request: Pidgin crash Huzaifa Sidhpurwala (Aug 21)
- CVE request: libqt4: two memory issues Matthias Weckbecker (Aug 22)
- Re: CVE request: libqt4: two memory issues Tomas Hoger (Aug 24)
- Re: CVE request: libqt4: two memory issues Josh Bressers (Aug 24)
- Re: CVE request: libqt4: two memory issues Tomas Hoger (Aug 24)
- CVE Request: Concrete CMS 5.4.1.1 <= Cross Site Scripting YGN Ethical Hacker Group (Aug 22)
- Re: CVE Request: Concrete CMS 5.4.1.1 <= Cross Site Scripting Josh Bressers (Aug 22)
- CVE assignment php NULL pointer dereference - CVE-2011-3182 Josh Bressers (Aug 22)
- CVE request: kernel: change in how tcp seq numbers are generated Eugene Teo (Aug 23)
- Re: CVE request: kernel: change in how tcp seq numbers are generated Petr Matousek (Aug 23)
- lxc + fscaps Sebastian Krahmer (Aug 23)
- CVE assignment - PHP salt flaw CVE-2011-3189 Josh Bressers (Aug 23)
- CVE request: kernel: cifs: singedness issue in CIFSFindNext() Eugene Teo (Aug 23)
- Re: CVE request: kernel: cifs: singedness issue in CIFSFindNext() Eugene Teo (Aug 23)
- Re: CVE request: kernel: cifs: singedness issue in CIFSFindNext() David Jorm (Aug 24)
- CVE assignment Apache httpd multiple-range DoS ("Apache Killer") - CVE-2011-3192 Mark J Cox (Aug 24)
- lightdm issues Sebastian Krahmer (Aug 24)
- Re: lightdm issues Robert Ancell (Aug 26)
- Re: Re: lightdm issues Yves-Alexis Perez (Sep 07)
- Re: Re: lightdm issues Josh Bressers (Sep 09)
- Re: Re: lightdm issues Yves-Alexis Perez (Sep 07)
- Re: lightdm issues Robert Ancell (Aug 26)
- Re: [Pkg-xfce-devel] Bug#639151: Bug#639151: Bug#639151: Local privilege escalation Yves-Alexis Perez (Aug 25)
- Re: [Pkg-xfce-devel] Bug#639151: Bug#639151: Bug#639151: Local privilege escalation Sebastian Krahmer (Aug 26)
- Re: [Pkg-xfce-devel] Bug#639151: Bug#639151: Bug#639151: Local privilege escalation Yves-Alexis Perez (Aug 26)
- Re: Re: [Pkg-xfce-devel] Bug#639151: Bug#639151: Bug#639151: Local privilege escalation Yves-Alexis Perez (Aug 26)
- Re: [Pkg-xfce-devel] Bug#639151: Bug#639151: Bug#639151: Local privilege escalation Solar Designer (Aug 26)
- Re: [Pkg-xfce-devel] Bug#639151: Bug#639151: Bug#639151: Local privilege escalation Yves-Alexis Perez (Aug 29)
- Re: [Pkg-xfce-devel] Bug#639151: Bug#639151: Bug#639151: Local privilege escalation Solar Designer (Sep 05)
- Re: [Pkg-xfce-devel] Bug#639151: Bug#639151: Bug#639151: Local privilege escalation Yves-Alexis Perez (Aug 26)
- Re: [Pkg-xfce-devel] Bug#639151: Bug#639151: Bug#639151: Local privilege escalation Sebastian Krahmer (Aug 26)
- CVE Assignment - evolution CVE-2011-3201 Josh Bressers (Aug 26)
- CVE Request: Jcow CMS 4.2 <= | Cross Site Scripting YGN Ethical Hacker Group (Aug 26)
- Re: CVE Request: Jcow CMS 4.2 <= | Cross Site Scripting Josh Bressers (Aug 30)
- CVE Request: Jcow CMS 4.x:4.2 <= , 5.x:5.2 <= | Arbitrary Code Execution YGN Ethical Hacker Group (Aug 26)
- Re: CVE Request: Jcow CMS 4.x:4.2 <= , 5.x:5.2 <= | Arbitrary Code Execution Josh Bressers (Aug 30)
- Security issue in hammerhead Jamie Strandboge (Aug 26)
- Re: Security issue in hammerhead Josh Bressers (Aug 30)
- CVE-request(?): squid: buffer overflow in Gopher reply parser Matthias Weckbecker (Aug 29)
- Re: CVE-request(?): squid: buffer overflow in Gopher reply parser Vincent Danen (Aug 30)
- Re: CVE-request(?): squid: buffer overflow in Gopher reply parser Josh Bressers (Aug 30)
- kernel: CVE-2011-2482/2519 Eugene Teo (Aug 29)
- kernel: xen: CVE-2011-2901 Petr Matousek (Aug 30)
- CVE request for bcfg2 (remote root) Jonathan Wiltshire (Sep 01)
- Re: CVE request for bcfg2 (remote root) Josh Bressers (Sep 06)
- Re: CVE request for OpenTTD Josh Bressers (Sep 06)
- CVE Request: OFED 1.5.2 /proc/net/sdpstats reading local denial of service/crash Marcus Meissner (Sep 06)
- Re: CVE Request: OFED 1.5.2 /proc/net/sdpstats reading local denial of service/crash Petr Matousek (Sep 07)
- Re: CVE Request: OFED 1.5.2 /proc/net/sdpstats reading local denial of service/crash Marcus Meissner (Sep 07)
- Re: CVE Request: OFED 1.5.2 /proc/net/sdpstats reading local denial of service/crash Petr Matousek (Sep 07)
- CVE Request -- openvas-scanner -- Insecure temporary file use by generation of an OVAL system characteristics document, when ovaldi support enabled Jan Lieskovsky (Sep 07)
- Re: CVE Request -- openvas-scanner -- Insecure temporary file use by generation of an OVAL system characteristics document, when ovaldi support enabled Henri Doreau (Sep 07)
- Re: CVE Request -- openvas-scanner -- Insecure temporary file use by generation of an OVAL system characteristics document, when ovaldi support enabled Tim Brown (Sep 07)
- Re: CVE Request -- openvas-scanner -- Insecure temporary file use by generation of an OVAL system characteristics document, when ovaldi support enabled Josh Bressers (Sep 09)
- Re: [Openvas-devel] [oss-security] CVE Request -- openvas-scanner -- Insecure temporary file use by generation of an OVAL system characteristics document, when ovaldi support enabled Jan-Oliver Wagner (Sep 09)
- Re: [Openvas-devel] [oss-security] CVE Request -- openvas-scanner -- Insecure temporary file use by generation of an OVAL system characteristics document, when ovaldi support enabled Tim Brown (Sep 09)
- Re: CVE Request -- openvas-scanner -- Insecure temporary file use by generation of an OVAL system characteristics document, when ovaldi support enabled Josh Bressers (Sep 09)
- CVE id request: masqmail Nico Golde (Sep 07)
- Re: CVE id request: masqmail Josh Bressers (Sep 09)
- CVE Request -- libfcgi-perl / perl-FCGI: Certain environment variables shared between first and subsequent HTTP requests Jan Lieskovsky (Sep 08)
- Re: CVE requests: <mantisbt-1.2.8 multiple vulnerabilities (1xLFI+XSS, 2xXSS) Nico Golde (Sep 08)
- Re: CVE requests: <mantisbt-1.2.8 multiple vulnerabilities (1xLFI+XSS, 2xXSS) Henri Salo (Sep 08)
- <Possible follow-ups>
- Re: CVE requests: <mantisbt-1.2.8 multiple vulnerabilities (1xLFI+XSS, 2xXSS) Josh Bressers (Sep 09)
- CVE Request -- Zikula (v1.3.x) -- XSS flaw due improper sanitization of 'themename' parameter by setting default, modifying and deleting themes Jan Lieskovsky (Sep 08)
- CVE request -- kernel: fuse: check size of FUSE_NOTIFY_INVAL_ENTRY message Petr Matousek (Sep 08)
- Re: CVE request -- kernel: fuse: check size of FUSE_NOTIFY_INVAL_ENTRY message Josh Bressers (Sep 09)
- CVE request: Quassel < 0.7.3 CTCP request core DoS Alex Legler (Sep 08)
- Re: CVE request: Quassel < 0.7.3 CTCP request core DoS Josh Bressers (Sep 09)
- CVE Request -- evolution -- Uses insecure (non-SSL) connection when storing the sent message into the Sent folder Jan Lieskovsky (Sep 09)
- D-Link DCS-2121 Semicolon Vulnerability Eren Türkay (Sep 09)
- Re: D-Link DCS-2121 Semicolon Vulnerability Josh Bressers (Sep 14)
- CVE Request -- Django: v1.3.1, v1.2.7 multiple security flaws Jan Lieskovsky (Sep 11)
- Re: CVE Request -- Django: v1.3.1, v1.2.7 multiple security flaws Thijs Kinkhorst (Sep 13)
- Re: CVE Request -- Django: v1.3.1, v1.2.7 multiple security flaws Josh Bressers (Sep 14)
- Re: CVE Request -- Django: v1.3.1, v1.2.7 multiple security flaws Henri Salo (Sep 15)
- Re: CVE Request -- Django: v1.3.1, v1.2.7 multiple security flaws dave bl (Sep 15)
- Re: CVE Request -- Django: v1.3.1, v1.2.7 multiple security flaws Henri Salo (Sep 15)
- CVE Request: Multiple issues fixed in wireshark 1.6.2 Huzaifa Sidhpurwala (Sep 12)
- Re: CVE Request: Multiple issues fixed in wireshark 1.6.2 Josh Bressers (Sep 14)
- Re: CVE Request: Multiple issues fixed in wireshark 1.6.2 Steven M. Christey (Sep 14)
- Re: CVE Request: Multiple issues fixed in wireshark 1.6.2 Josh Bressers (Sep 14)
- Re: CVE Request: Multiple issues fixed in wireshark 1.6.2 Steven M. Christey (Sep 14)
- Re: CVE Request: Multiple issues fixed in wireshark 1.6.2 Steven M. Christey (Sep 14)
- Re: CVE Request: Multiple issues fixed in wireshark 1.6.2 Josh Bressers (Sep 14)
- CVE Request: BackupPC 3.2.1 fixes cross site scripting Thijs Kinkhorst (Sep 13)
- Re: CVE Request: BackupPC 3.2.1 fixes cross site scripting Josh Bressers (Sep 14)
- CVE request: ffmpeg/libav insufficuent boundary check in CAVS decoding Moritz Muehlenhoff (Sep 13)
- Re: CVE request: ffmpeg/libav insufficuent boundary check in CAVS decoding Josh Bressers (Sep 14)
- CVE request -- kernel: b43: allocate receive buffers big enough for max frame len + offset Petr Matousek (Sep 14)
- CVE request -- kernel: cifs: always do is_path_accessible check in cifs_mount Petr Matousek (Sep 14)
- Re: CVE request -- kernel: cifs: always do is_path_accessible check in cifs_mount Josh Bressers (Sep 14)
- unauthorized deletion of file in Tahoe-LAFS Zooko O'Whielacronx (Sep 14)
- CVE Request --- phpMyAdmin -- Multiple XSS flaws in versions v3.4.0 to v3.4.4 (PMASA-2011-14) Jan Lieskovsky (Sep 15)
- Re: CVE Request --- phpMyAdmin -- Multiple XSS flaws in versions v3.4.0 to v3.4.4 (PMASA-2011-14) Steven M. Christey (Sep 15)
- Re: CVE Request --- phpMyAdmin -- Multiple XSS flaws in versions v3.4.0 to v3.4.4 (PMASA-2011-14) Josh Bressers (Sep 30)
- Is there a maintainer for librsvg ? Nicolas Grégoire (Sep 15)
- Re: Is there a maintainer for librsvg ? Yves-Alexis Perez (Sep 15)
- closed-list membership transition Kees Cook (Sep 16)
- Re: closed-list membership transition Yves-Alexis Perez (Sep 16)
- Re: closed-list membership transition Kees Cook (Sep 16)
- Re: closed-list membership transition Solar Designer (Sep 16)
- Re: closed-list membership transition Ludwig Nussel (Sep 19)
- Re: closed-list membership transition Solar Designer (Sep 19)
- Re: closed-list membership transition Ludwig Nussel (Sep 19)
- Re: closed-list membership transition Yves-Alexis Perez (Sep 16)
- CVE request: PunBB multiple XSS issues Henri Salo (Sep 18)
- Re: CVE request: PunBB multiple XSS issues Josh Bressers (Sep 22)
- CVE request: XSS in status.net before 0.9.9 and 1.0.0beta2 Hanno Böck (Sep 19)
- Re: CVE request: XSS in status.net before 0.9.9 and 1.0.0beta2 Josh Bressers (Sep 22)
- CVE Request? etherape remote crash (denial of service) Marcus Meissner (Sep 19)
- Re: CVE Request? etherape remote crash (denial of service) Josh Bressers (Sep 22)
- Re: CVE request: kernel: taskstats/procfs io infoleak Vasiliy Kulikov (Sep 21)
- CVE Request -- drupal6-views_bulk_operations: XSS due improper escaping of a vocabulary help (SA-CONTRIB-2011-042) Jan Lieskovsky (Sep 22)
- CVE Request -- apt Jamie Strandboge (Sep 22)
- Re: CVE Request -- apt Josh Bressers (Sep 23)
- <Possible follow-ups>
- Re: CVE Request -- apt Jamie Strandboge (Sep 22)
- CVE Request: Missing input sanitation in various X GLX calls Marcus Meissner (Sep 22)
- Re: CVE Request: Missing input sanitation in various X GLX calls Josh Bressers (Sep 23)
- Re: CVE Request: Missing input sanitation in various X GLX calls Vincent Danen (Sep 23)
- CVE Request: X.org ProcRenderGlyps input sanitation issue Marcus Meissner (Sep 22)
- Re: CVE Request: X.org ProcRenderGlyps input sanitation issue Josh Bressers (Sep 23)
- CVE request: is_a() function may allow arbitrary code execution in PHP 5.3.7/5.3.8 Vincent Danen (Sep 24)
- Re: CVE request: is_a() function may allow arbitrary code execution in PHP 5.3.7/5.3.8 Stas Malyshev (Sep 25)
- Re: CVE request: is_a() function may allow arbitrary code execution in PHP 5.3.7/5.3.8 Pierre Joye (Sep 25)
- Re: CVE request: is_a() function may allow arbitrary code execution in PHP 5.3.7/5.3.8 Stas Malyshev (Sep 25)
- Re: CVE request: is_a() function may allow arbitrary code execution in PHP 5.3.7/5.3.8 Pierre Joye (Sep 25)
- Re: CVE request: is_a() function may allow arbitrary code execution in PHP 5.3.7/5.3.8 Stas Malyshev (Sep 25)
- Re: CVE request: is_a() function may allow arbitrary code execution in PHP 5.3.7/5.3.8 Pierre Joye (Sep 25)
- RE: CVE request: is_a() function may allow arbitrary code execution in PHP 5.3.7/5.3.8 Zeev Suraski (Sep 25)
- Re: CVE request: is_a() function may allow arbitrary code execution in PHP 5.3.7/5.3.8 Pierre Joye (Sep 25)
- Re: CVE request: is_a() function may allow arbitrary code execution in PHP 5.3.7/5.3.8 Rasmus Lerdorf (Sep 25)
- Re: CVE request: is_a() function may allow arbitrary code execution in PHP 5.3.7/5.3.8 Pierre Joye (Sep 25)
- Re: Re: CVE request: is_a() function may allow arbitrary code execution in PHP 5.3.7/5.3.8 Vincent Danen (Sep 26)
- Re: Re: CVE request: is_a() function may allow arbitrary code execution in PHP 5.3.7/5.3.8 Johannes Schlüter (Sep 26)
- Re: Re: CVE request: is_a() function may allow arbitrary code execution in PHP 5.3.7/5.3.8 Pierre Joye (Sep 26)
- Re: CVE request: is_a() function may allow arbitrary code execution in PHP 5.3.7/5.3.8 Pierre Joye (Sep 25)
- Re: CVE request: is_a() function may allow arbitrary code execution in PHP 5.3.7/5.3.8 Pierre Joye (Sep 25)
- Re: CVE request: is_a() function may allow arbitrary code execution in PHP 5.3.7/5.3.8 Josh Bressers (Sep 27)
- Re: CVE request: is_a() function may allow arbitrary code execution in PHP 5.3.7/5.3.8 Stas Malyshev (Sep 25)
- CVE request: heap-based buffer overflow in ldns Vincent Danen (Sep 24)
- Re: CVE request: heap-based buffer overflow in ldns Josh Bressers (Sep 30)
- CVE Request: Advanced Electron Forums (AEF) 1.0.9 <= Cross Site Request Forgery (CSRF) Vulnerability YGN Ethical Hacker Group (Sep 25)
- CVE requests: Typo3 Moritz Muehlenhoff (Sep 26)
- Re: CVE requests: Typo3 Josh Bressers (Sep 30)
- CVE Request: samba, cifs-utils Marc Deslauriers (Sep 27)
- Re: CVE Request: samba, cifs-utils Josh Bressers (Sep 30)
- rpm/librpm/rpm-python memory corruption pre-verification Tavis Ormandy (Sep 27)
- Re: rpm/librpm/rpm-python memory corruption pre-verification yersinia (Sep 28)
- Re: rpm/librpm/rpm-python memory corruption pre-verification nicolas vigier (Sep 29)
- CVE Request: ffmpeg/libav Marc Deslauriers (Sep 27)
- Re: CVE Request: ffmpeg/libav Josh Bressers (Sep 30)
- Re: CVE Request: ffmpeg/libav Marc Deslauriers (Sep 30)
- Re: CVE Request: ffmpeg/libav Josh Bressers (Sep 30)
- CVE Request -- Zope/Plone -- Unspecified vulnerability in Zope v2.12.x and Zope v2.13.x allowing arbitrary code execution Jan Lieskovsky (Sep 29)
- Firefox: CVE-2011-3867 a dupe of CVE-2011-2998 Moritz Muehlenhoff (Sep 29)