oss-sec: by thread
777 messages
starting Jan 01 13 and
ending Mar 29 13
Date index |
Thread index |
Author index
- Re: GnuPG 1.4.12 and lower - memory access errors and keyring database corruption Kurt Seifried (Jan 01)
- Re: CVE request: Curl insecure usage Moritz Muehlenhoff (Jan 02)
- Re: CVE request: Curl insecure usage Kurt Seifried (Jan 02)
- <Possible follow-ups>
- Re: CVE request: Curl insecure usage Moritz Muehlenhoff (Jan 15)
- Re: Charybdis: Improper assumptions in the server handshake code may lead to a remote crash Henri Salo (Jan 02)
- SQL Injection Vulnerability in Ruby on Rails (CVE-2012-5664) Aaron Patterson (Jan 02)
- Re: SQL Injection Vulnerability in Ruby on Rails (CVE-2012-5664) Carlos Alberto Lopez Perez (Jan 03)
- Re: SQL Injection Vulnerability in Ruby on Rails (CVE-2012-5664) Carlos Alberto Lopez Perez (Jan 03)
- Re: SQL Injection Vulnerability in Ruby on Rails (CVE-2012-5664) Seth Arnold (Jan 03)
- Re: SQL Injection Vulnerability in Ruby on Rails (CVE-2012-5664) cve-assign (Jan 03)
- Re: Re: SQL Injection Vulnerability in Ruby on Rails (CVE-2012-5664) Seth Arnold (Jan 04)
- Re: SQL Injection Vulnerability in Ruby on Rails (CVE-2012-5664) Carlos Alberto Lopez Perez (Jan 03)
- Re: SQL Injection Vulnerability in Ruby on Rails (CVE-2012-5664) Carlos Alberto Lopez Perez (Jan 03)
- CVE Request - SWI-Prolog / pl (X < 6.2.5): Multiple (stack-based) buffer overflows in patch canonisation code and when expanding file-names with long paths Jan Lieskovsky (Jan 03)
- nginx http proxy module does not verify peer identity of https origin server Daniel Kahn Gillmor (Jan 03)
- Re: nginx http proxy module does not verify peer identity of https origin server Kurt Seifried (Jan 03)
- CVE Request -- rpm (X >= 4.10 and X < 3d74c43 commit): Signature checking function returned success on (possibly malicious ) rpm packages Jan Lieskovsky (Jan 03)
- Re: CVE Request -- rpm (X >= 4.10 and X < 3d74c43 commit): Signature checking function returned success on (possibly malicious ) rpm packages Kurt Seifried (Jan 03)
- Re: CVE Request -- rpm (X >= 4.10 and X < 3d74c43 commit): Signature checking function returned success on (possibly malicious ) rpm packages Panu Matilainen (Jan 04)
- Re: CVE request (maybe): magento before 1.7.0.2 Kurt Seifried (Jan 03)
- CVE Request - cups: 'Listen localhost:631' option not honoured correctly on IPv6-enabled systems when systemd used for CUPS socket activation Jan Lieskovsky (Jan 04)
- Xen Security Advisory 37 (CVE-2013-0154) - Hypervisor crash due to incorrect ASSERT (debug build only) Xen . org security team (Jan 04)
- CVE Request -- qt: QSslSocket might report inappropriate errors when certificate verification fails Jan Lieskovsky (Jan 04)
- CVE request: mount/umount leak information about existence of folders Henri Salo (Jan 06)
- Re: CVE request: mount/umount leak information about existence of folders Kurt Seifried (Jan 06)
- CVE request: Havalite CMS 1.1.7 stored XSS vulnerability in comments of blog posts Henri Salo (Jan 06)
- Re: CVE request: Havalite CMS 1.1.7 stored XSS vulnerability in comments of blog posts Kurt Seifried (Jan 07)
- CVE Request -- proFTPD (X < 1.3.5.rc1): Symlink race condition when applying UserOwner to a newly (ProFTPD) created directory Jan Lieskovsky (Jan 07)
- CVE Request: Jenkins possible remote code execution Salvatore Bonaccorso (Jan 07)
- Re: CVE Request: Jenkins possible remote code execution Kurt Seifried (Jan 07)
- /dev/ptmx timing vladz (Jan 07)
- Re: /dev/ptmx timing adam swanda (Jan 07)
- Re: /dev/ptmx timing Dmitry V. Levin (Jan 07)
- Re: /dev/ptmx timing Vasily Kulikov (Jan 07)
- Re: /dev/ptmx timing Dmitry V. Levin (Jan 07)
- Re: /dev/ptmx timing Kurt Seifried (Jan 07)
- Re: /dev/ptmx timing adam swanda (Jan 07)
- CVE Request: cronie fd leak Sebastian Krahmer (Jan 08)
- Re: CVE Request: cronie fd leak Kurt Seifried (Jan 08)
- Re: CVE Request: cronie fd leak Vincent Danen (Jan 08)
- Re: CVE Request: cronie fd leak Sebastian Krahmer (Jan 09)
- Re: CVE Request: cronie fd leak Vincent Danen (Jan 09)
- Re: CVE Request: cronie fd leak Sebastian Krahmer (Jan 09)
- CVE Request: nagios Stack based buffer overflow in web interface Sebastian Krahmer (Jan 08)
- Re: CVE Request: nagios Stack based buffer overflow in web interface Kurt Seifried (Jan 08)
- Re: [Full-disclosure] File Disclosure in SimpleMachines Forum <= 2.0.3 Carlos Alberto Lopez Perez (Jan 08)
- Re: [Full-disclosure] File Disclosure in SimpleMachines Forum <= 2.0.3 WHK Yan (Jan 08)
- Re: Re: [Full-disclosure] File Disclosure in SimpleMachines Forum <= 2.0.3 Kurt Seifried (Jan 08)
- Re: Re: [Full-disclosure] File Disclosure in SimpleMachines Forum <= 2.0.3 WHK Yan (Jan 08)
- Re: Re: [Full-disclosure] File Disclosure in SimpleMachines Forum <= 2.0.3 Kurt Seifried (Jan 08)
- Message not available
- Re: Re: [Full-disclosure] File Disclosure in SimpleMachines Forum <= 2.0.3 Carlos Alberto Lopez Perez (Jan 11)
- Re: Re: [Full-disclosure] File Disclosure in SimpleMachines Forum <= 2.0.3 Kurt Seifried (Jan 16)
- Re: Re: [Full-disclosure] File Disclosure in SimpleMachines Forum <= 2.0.3 Kurt Seifried (Jan 08)
- Re: [Full-disclosure] File Disclosure in SimpleMachines Forum <= 2.0.3 WHK Yan (Jan 08)
- <Possible follow-ups>
- Xen Security Advisory 33 (CVE-2012-5634) - VT-d interrupt remapping source validation flaw Xen . org security team (Jan 11)
- Re: Confirming CVE for ettercap buffer overflow flaw (CVE-2012-0722?) Steven M. Christey (Jan 10)
- Re: Confirming CVE for ettercap buffer overflow flaw (CVE-2012-0722?) cve-assign (Jan 11)
- Re: Confirming CVE for ettercap buffer overflow flaw (CVE-2012-0722?) Vincent Danen (Jan 11)
- Re: CVE request for multi_xml ruby gem (has same problem as CVE-2013-0156) Kurt Seifried (Jan 10)
- Re: CVE request for multi_xml ruby gem (has same problem as CVE-2013-0156) Reed Loden (Jan 11)
- Re: Potential HTTP Header Injection in Apache HTTPClient Kurt Seifried (Feb 13)
- Re: Potential HTTP Header Injection in Apache HTTPClient David Jorm (Feb 14)
- Re: CVE Request -- Axis2/c Kurt Seifried (Jan 11)
- Re: gnome-keyring does not discard stored secrets in some cases Kurt Seifried (Jan 10)
- Re: gnome-keyring does not discard stored secrets in some cases Florian Weimer (Jan 11)
- Re: gnome-keyring does not discard stored secrets in some cases Kurt Seifried (Jan 16)
- Re: gnome-keyring does not discard stored secrets in some cases Florian Weimer (Jan 16)
- Re: gnome-keyring does not discard stored secrets in some cases Kurt Seifried (Jan 16)
- Re: gnome-keyring does not discard stored secrets in some cases Florian Weimer (Jan 11)
- Re: CVE request for Drupal contributed modules Forest Monsen (Jan 14)
- Re: CVE request for Drupal contributed modules Kurt Seifried (Jan 14)
- <Possible follow-ups>
- CVE request for Drupal contributed modules Forest Monsen (Jan 20)
- Re: CVE request for Drupal contributed modules Kurt Seifried (Jan 20)
- CVE request for Drupal contributed modules Forest Monsen (Jan 24)
- Re: CVE request for Drupal contributed modules Kurt Seifried (Jan 24)
- Re: CVE request for Drupal contributed modules Kurt Seifried (Jan 24)
- Re: CVE request for Drupal contributed modules Kurt Seifried (Jan 24)
- Re: CVE request for Drupal contributed modules Kurt Seifried (Jan 24)
- CVE request for Drupal contributed modules Forest Monsen (Feb 04)
- Re: CVE request for Drupal contributed modules Kurt Seifried (Feb 04)
- CVE Request for Drupal Contributed Modules Forest Monsen (Feb 27)
- Re: CVE Request for Drupal Contributed Modules Kurt Seifried (Feb 27)
- Re: DoS vulnerability in the BIND resolver (and potentially others) Kurt Seifried (Jan 13)
- Re: DoS vulnerability in the BIND resolver (and potentially others) Solar Designer (Jan 13)
- Re: CVE Request -- redis: Two insecure temporary file use flaws Kurt Seifried (Jan 14)
- Re: CVE Request -- redis: Two insecure temporary file use flaws Kurt Seifried (Jan 14)
- Re: CVE request: memcached DoS when printing out keys to be deleted in verbose mode Kurt Seifried (Jan 14)
- Re: CVE request: 3 DoS conditions in Rake Kurt Seifried (Jan 14)
- Re: CVE request: Digest::SHA double free when using load subroutine Kurt Seifried (Jan 15)
- Re: CVE request: Digest::SHA double free when using load subroutine Florian Weimer (Jan 15)
- Re: CVE request: Digest::SHA double free when using load subroutine Kurt Seifried (Jan 15)
- Re: CVE request: Digest::SHA double free when using load subroutine Salvatore Bonaccorso (Jan 15)
- Re: CVE request: Digest::SHA double free when using load subroutine Mark Shelor (Jan 17)
- Re: CVE request: Digest::SHA double free when using load subroutine Florian Weimer (Jan 15)
- Re: pam-pgsql NULL password handling issue Kurt Seifried (Jan 15)
- Re: pam-pgsql NULL password handling issue Kurt Seifried (Jan 16)
- <Possible follow-ups>
- Re: Linux kernel handling of IPv6 temporary addresses George Kargiotakis (Jan 16)
- Re: Linux kernel handling of IPv6 temporary addresses P J P (Jan 16)
- Re: Linux kernel handling of IPv6 temporary addresses George Kargiotakis (Jan 16)
- Re: Linux kernel handling of IPv6 temporary addresses P J P (Jan 16)
- Re: Linux kernel handling of IPv6 temporary addresses P J P (Jan 17)
- Re: Linux kernel handling of IPv6 temporary addresses George Kargiotakis (Jan 17)
- Re: Linux kernel handling of IPv6 temporary addresses P J P (Jan 17)
- Re: Linux kernel handling of IPv6 temporary addresses George Kargiotakis (Jan 20)
- Re: Linux kernel handling of IPv6 temporary addresses P J P (Jan 21)
- Re: Linux kernel handling of IPv6 temporary addresses P J P (Jan 16)
- Re: Linux kernel handling of IPv6 temporary addresses Kurt Seifried (Feb 21)
- Re: Xen Security Advisory 41 (CVE-2012-6075) - qemu (e1000 device driver): Buffer overflow when processing large packets Michael Tokarev (Jan 16)
- <Possible follow-ups>
- Xen Security Advisory 41 (CVE-2012-6075) - qemu (e1000 device driver): Buffer overflow when processing large packets Xen . org security team (Jan 17)
- Re: CVE request: piwik before 1.10 Kurt Seifried (Jan 17)
- Re: CVE request: MantisBT before 1.2.13 match_type XSS vulnerability Kurt Seifried (Jan 18)
- Re: CVE request: MantisBT before 1.2.13 match_type XSS vulnerability Damien Regad (Jan 21)
- Re: CVE Request -- dnsmasq: Incomplete fix for the CVE-2012-3411 issue Jan Lieskovsky (Jan 18)
- Re: CVE Request -- dnsmasq: Incomplete fix for the CVE-2012-3411 issue Kurt Seifried (Jan 18)
- Re: CVE Request: PHP openssl_encrypt memory disclosure Kurt Seifried (Jan 18)
- Re: CVE request: MantisBT 1.2.12 only summary.php category/project names XSS vulnerability Salvatore Bonaccorso (Mar 01)
- Re: CVE request: MantisBT 1.2.12 only summary.php category/project names XSS vulnerability Kurt Seifried (Mar 02)
- Re: CVE request: MantisBT before 1.2.13 "Change Status To" feature allows unauthorised workflow changes Salvatore Bonaccorso (Mar 01)
- Re: CVE request: hs-tls: Basic constraints vulnerability Florian Weimer (Jan 30)
- Re: CVE request: hs-tls: Basic constraints vulnerability Kurt Seifried (Jan 30)
- Re: CVE Request - Wordpress 3.5 Full-path disclosure vulnerability Kurt Seifried (Jan 20)
- Re: CVE Request - Wordpress 3.5 Full-path disclosure vulnerability Agostino Sarubbo (Jan 21)
- Re: CVE Request - Wordpress 3.5 Full-path disclosure vulnerability Henrique Montenegro (Jan 21)
- Re: CVE Request - Wordpress 3.5 Full-path disclosure vulnerability Giles Coochey (Jan 21)
- Re: CVE Request - Wordpress 3.5 Full-path disclosure vulnerability Henri Salo (Jan 21)
- Re: CVE Request - Wordpress 3.5 Full-path disclosure vulnerability Henrique Montenegro (Jan 21)
- Re: CVE Request - Wordpress 3.5 Full-path disclosure vulnerability Kurt Seifried (Jan 21)
- Whats worth a CVE? Scott Herbert (Jan 21)
- Re: Whats worth a CVE? Eitan Adler (Jan 21)
- Re: Whats worth a CVE? Kurt Seifried (Jan 21)
- Re: CVE Request - Wordpress 3.5 Full-path disclosure vulnerability Milan Berger (Jan 21)
- Re: CVE Request - Wordpress 3.5 Full-path disclosure vulnerability Agostino Sarubbo (Jan 21)
- <Possible follow-ups>
- Moodle security notifications public Michael de Raadt (Mar 24)
- Re: CVE Request coreutils Michael Tokarev (Jan 21)
- Re: CVE Request coreutils Kurt Seifried (Jan 21)
- Re: CVE Request coreutils Matthias Weckbecker (Jan 22)
- Re: CVE Request coreutils Kurt Seifried (Jan 23)
- Re: CVE Request coreutils Moritz Muehlenhoff (Jan 21)
- Re: CVE Request coreutils Vincent Danen (Jan 21)
- Re: CVE Request coreutils Kurt Seifried (Jan 21)
- Re: CVE Request coreutils Sebastian Krahmer (Jan 21)
- Re: CVE Request coreutils Vincent Danen (Jan 22)
- Re: CVE Request coreutils Sebastian Krahmer (Jan 22)
- Re: CVE Request coreutils Vincent Danen (Jan 23)
- Re: CVE Request coreutils Florian Weimer (Jan 22)
- Re: CVE Request coreutils Florian Weimer (Jan 22)
- Re: CVE Request coreutils Sebastian Krahmer (Jan 22)
- Re: CVE Request coreutils Vincent Danen (Jan 21)
- Re: CVE request for Movable Type Kurt Seifried (Jan 21)
- Re: CVE request for Movable Type cve-assign (Jan 22)
- Re: predictable /tmp filename in git-extras Kurt Seifried (Jan 23)
- Re: [Xen-devel] Xen Security Advisory 35 (CVE-2013-0152) - Nested HVM exposes host to being driven out of memory by guest M A Young (Jan 22)
- <Possible follow-ups>
- Xen Security Advisory 35 (CVE-2013-0152) - Nested HVM exposes host to being driven out of memory by guest Xen . org security team (Jan 23)
- Re: CVE ID Syntax Change - Call for Public Feedback Florian Weimer (Jan 24)
- Re: [Security hardening] [Notification] haproxy (previously) failed to drop supplementary groups after setuid / setgid calls properly Kurt Seifried (Jan 24)
- Re: CVE Request: zoneminder: arbitrary command execution vulnerability Kurt Seifried (Jan 28)
- Re: CVE request: WordPress 3.5.1 Maintenance and Security Release Kurt Seifried (Jan 25)
- Re: CVE request: WordPress 3.5.1 Maintenance and Security Release Andrew Nacin (Jan 26)
- Re: CVE request: WordPress 3.5.1 Maintenance and Security Release Kurt Seifried (Jan 28)
- Re: CVE request: WordPress 3.5.1 Maintenance and Security Release Andrew Nacin (Jan 26)
- Re: CVE request: WordPress 3.1.4 (and 3.2 Release Candidate 3) Kurt Seifried (Jan 28)
- Re: CVE Request: XSS in Elgg 1.8.12, 1.7.16 (core module "Twitter widget") Kurt Seifried (Jan 28)
- Re: CVE request for 'devise' ruby gem Kurt Seifried (Jan 28)
- Re: ircd-hybrid: Denial of service vulnerability in hostmask.c:try_parse_v4_netmask() Kurt Seifried (Jan 29)
- Re: CVE request -- qxl: synchronous io guest DoS Kurt Seifried (Jan 30)
- Re: CVE Request -- Corosync (2.0 <= X < 2.3): Remote DoS due improper HMAC initialization Fabio M. Di Nitto (Feb 01)
- Re: A small backlog of vulnerabilities in Chicken Scheme Henri Salo (Feb 02)
- Re: A small backlog of vulnerabilities in Chicken Scheme Peter Bex (Feb 05)
- Re: A small backlog of vulnerabilities in Chicken Scheme Kurt Seifried (Feb 06)
- Re: A small backlog of vulnerabilities in Chicken Scheme Peter Bex (Feb 07)
- Re: A small backlog of vulnerabilities in Chicken Scheme Kurt Seifried (Feb 07)
- Re: CVE id request: latd Kurt Seifried (Feb 03)
- Re: CVE id request: latd Ignatios Souvatzis (Feb 04)
- Re: CVE id request: boost Kurt Seifried (Feb 03)
- Re: CVE request: TLS CBC padding timing flaw in various SSL / TLS implementations Matthias Weckbecker (Feb 05)
- Re: CVE request: TLS CBC padding timing flaw in various SSL / TLS implementations Matthias Weckbecker (Feb 05)
- Re: CVE request: TLS CBC padding timing flaw in various SSL / TLS implementations Marcus Meissner (Feb 05)
- Re: CVE request: TLS CBC padding timing flaw in various SSL / TLS implementations Vincent Danen (Feb 05)
- Re: CVE request: TLS CBC padding timing flaw in various SSL / TLS implementations cve-assign (Feb 05)
- Re: CVE request: TLS CBC padding timing flaw in various SSL / TLS implementations Vincent Danen (Feb 05)
- Re: CVE request: TLS CBC padding timing flaw in various SSL / TLS implementations cve-assign (Feb 05)
- Re: CVE request: TLS CBC padding timing flaw in various SSL / TLS implementations cve-assign (Feb 05)
- Re: CVE request: TLS CBC padding timing flaw in various SSL / TLS implementations Hanno Böck (Feb 07)
- Re: CVE request: TLS CBC padding timing flaw in various SSL / TLS implementations Kurt Seifried (Feb 07)
- Re: CVE request: TLS CBC padding timing flaw in various SSL / TLS implementations cve-assign (Feb 07)
- Re: CVE request: TLS CBC padding timing flaw in various SSL / TLS implementations Vincent Danen (Feb 05)
- Re: CVE request: TLS CBC padding timing flaw in various SSL / TLS implementations Shawn (Feb 05)
- <Possible follow-ups>
- Xen Security Advisory 36 (CVE-2013-0153) - interrupt remap entries shared and old ones not cleared on AMD IOMMUs Xen . org security team (Feb 21)
- <Possible follow-ups>
- Xen Security Advisory 39 (CVE-2013-0216,CVE-2013-0217) - Linux netback DoS via malicious guest ring. Xen . org security team (Feb 05)
- <Possible follow-ups>
- Xen Security Advisory 43 (CVE-2013-0231) - Linux pciback DoS via not rate limited log messages. Xen . org security team (Feb 05)
- <Possible follow-ups>
- Xen Security Advisory 38 (CVE-2013-0215) - oxenstored incorrect handling of certain Xenbus ring states Xen . org security team (Feb 15)
- Re: CVE Request: imview Kurt Seifried (Feb 05)
- Re: CVE Request: imview Sang Kil Cha (Feb 05)
- Re: CVE Request: imview Kurt Seifried (Feb 06)
- Re: CVE Request: imview Sang Kil Cha (Feb 06)
- Re: CVE Request: imview gremlin (Feb 07)
- Re: CVE Request: imview Sang Kil Cha (Feb 05)
- Re: CVE request: Insecure default log file path in xNBD Kurt Seifried (Feb 06)
- Re: CVE id request: openssh? Kurt Seifried (Feb 06)
- Re: e1000e/82574L hardware erratum Kurt Seifried (Feb 06)
- Re: e1000e/82574L hardware erratum cve-assign (Feb 12)
- Re: Re: e1000e/82574L hardware erratum Eitan Adler (Feb 12)
- Re: Re: e1000e/82574L hardware erratum Florian Weimer (Feb 12)
- Re: Re: e1000e/82574L hardware erratum Eitan Adler (Feb 12)
- Re: Potential Query Manipulation with Common Rails Practises Kurt Seifried (Feb 06)
- Re: CVE request -- Linux kernel: x86/msr: /dev/cpu/*/msr local privilege escalation Kurt Seifried (Feb 07)
- Re: CVE request: XSS in roundcube before 0.8.5 Kurt Seifried (Feb 07)
- Re: CVE request: XSS flaws fixed in ganglia Kurt Seifried (Feb 08)
- Re: CVE request: XSS flaws fixed in ganglia Raphael Geissert (Feb 21)
- Re: CVE request: XSS flaws fixed in ganglia Salvatore Bonaccorso (Feb 21)
- Re: CVE request: XSS flaws fixed in ganglia Raphael Geissert (Feb 21)
- Re: CVE request: XSS flaws fixed in ganglia Kurt Seifried (Feb 26)
- Re: CVE request: XSS flaws fixed in ganglia Raphael Geissert (Mar 20)
- Re: Wordpress Pinboard theme XSS Kurt Seifried (Feb 13)
- Re: Wordpress Pinboard theme XSS Kurt Seifried (Feb 13)
- Re: CVE request: piwigo XSS in password.php Kurt Seifried (Feb 10)
- Re: CVE request: piwigo XSS in password.php Henri Salo (Feb 10)
- Re: CVE request: piwigo XSS in password.php Kurt Seifried (Feb 12)
- Re: CVE request: Transmission can be made to crash remotely Jan Lieskovsky (Feb 11)
- Re: CVE request: Transmission can be made to crash remotely Kurt Seifried (Feb 12)
- Re: CVE request: Trac Ticket Modification Workflow Permission Restriction Bypass Kurt Seifried (Feb 12)
- Re: Denial of Service and Unsafe Object Creation Vulnerability in JSON [CVE-2013-0269] jordi gemsstatus (Mar 07)
- Re: CVE request: openconnect buffer overflow Kurt Seifried (Feb 12)
- [Ignore not a security flaw] Re: [oss-security] CVE Request -- jakarta-commons-httpclient: Wildcard matching in SSL hostname verifier incorrect (a different issue than CVE-2012-5783) Jan Lieskovsky (Feb 12)
- Re: CVE Request -- jakarta-commons-httpclient: Wildcard matching in SSL hostname verifier incorrect (a different issue than CVE-2012-5783) Kurt Seifried (Feb 12)
- Re: CVE Request -- jakarta-commons-httpclient: Wildcard matching in SSL hostname verifier incorrect (a different issue than CVE-2012-5783) Kurt Seifried (Feb 12)
- Re: CVE Request -- jakarta-commons-httpclient: Wildcard matching in SSL hostname verifier incorrect (a different issue than CVE-2012-5783) David Jorm (Feb 12)
- Re: CVE Request -- jakarta-commons-httpclient: Wildcard matching in SSL hostname verifier incorrect (a different issue than CVE-2012-5783) Kurt Seifried (Feb 12)
- RE: CVE Request -- jakarta-commons-httpclient: Wildcard matching in SSL hostname verifier incorrect (a different issue than CVE-2012-5783) Christey, Steven M. (Feb 13)
- Re: CVE Request -- jakarta-commons-httpclient: Wildcard matching in SSL hostname verifier incorrect (a different issue than CVE-2012-5783) Kurt Seifried (Feb 12)
- Re: Some rubygems related CVEs Reed Loden (Feb 13)
- Re: Some rubygems related CVEs Kurt Seifried (Feb 13)
- Re: CVE Request - Full Path disclosure on Wordpress plugin NextGEN Gallery Kurt Seifried (Feb 14)
- Re: CVE Request: kernel -- local DOS (endless loop with interrupts disabled) Kurt Seifried (Feb 14)
- Re: CVE# request: pigz creates temp file with insecure permissions Matthias Weckbecker (Feb 15)
- Re: CVE# request: pigz creates temp file with insecure permissions Kurt Seifried (Feb 15)
- Re: CVE# request: pigz creates temp file with insecure permissions Steven M. Christey (Feb 15)
- Re: CVE# request: pigz creates temp file with insecure permissions Kurt Seifried (Feb 15)
- Re: CVE# request: pigz creates temp file with insecure permissions Michael Tokarev (Feb 15)
- Re: CVE# request: pigz creates temp file with insecure permissions Kurt Seifried (Feb 15)
- Re: CVE# request: pigz creates temp file with insecure permissions Kurt Seifried (Feb 15)
- Re: CVE# request: pigz creates temp file with insecure permissions Jim Mellander (Feb 27)
- Re: CVE request: unauthorized SSL certificates by Türktrust discovered Tomas Hoger (Feb 15)
- Re: CVE request: python-pyrad insecurities Kurt Seifried (Feb 15)
- RE: CVE request: python-pyrad insecurities Christey, Steven M. (Feb 15)
- Re: CVE request: python-pyrad insecurities Vincent Danen (Feb 15)
- Re: CVE request: python-pyrad insecurities Kurt Seifried (Feb 15)
- Re: CVE request: python-pyrad insecurities Vincent Danen (Feb 21)
- Re: CVE request: python-pyrad insecurities Kurt Seifried (Feb 21)
- RE: CVE request: python-pyrad insecurities Christey, Steven M. (Feb 15)
- Re: (linux-)distros membership changes Solar Designer (Feb 15)
- Re: (linux-)distros membership changes Jeremy Stanley (Feb 15)
- Re: Linux kernel race condition with PTRACE_SETREGS (CVE-2013-0871) Solar Designer (Feb 16)
- Re: Linux kernel race condition with PTRACE_SETREGS (CVE-2013-0871) Julien Tinnes (Feb 19)
- Re: Linux kernel race condition with PTRACE_SETREGS (CVE-2013-0871) Solar Designer (Feb 19)
- Re: Linux kernel race condition with PTRACE_SETREGS (CVE-2013-0871) Solar Designer (Mar 15)
- Re: Linux kernel race condition with PTRACE_SETREGS (CVE-2013-0871) Greg KH (Feb 19)
- Re: Linux kernel race condition with PTRACE_SETREGS (CVE-2013-0871) Greg KH (Feb 19)
- Re: Linux kernel race condition with PTRACE_SETREGS (CVE-2013-0871) Julien Tinnes (Feb 19)
- Re: Jenkins CVE request for Jenkins Security Advisory 2013-02-16 Kurt Seifried (Feb 20)
- Re: Jenkins CVE request for Jenkins Security Advisory 2013-02-16 Kurt Seifried (Feb 28)
- Re: CVE request: zoneminder: local file inclusion vulnerability Kurt Seifried (Feb 20)
- Re: CVE request: zoneminder: local file inclusion vulnerability Salvatore Bonaccorso (Feb 21)
- Re: CVE request -- Linux kernel: mm: thp: pmd_present and PROT_NONE local DoS Kurt Seifried (Feb 19)
- Re: CVE request -- Linux kernel: net: CIPSO_V4_TAG_LOCAL tag NULL pointer dereference Kurt Seifried (Feb 19)
- Re: CVE request -- Linux kernel: vhost: fix length for cross region descriptor Kurt Seifried (Feb 19)
- Re: isync/mbsync security advisory: missing SSL subject verification (CVE-2013-0289) Vincent Danen (Feb 20)
- RE: Handling CVEs for the XML entity expansion issues Christey, Steven M. (Feb 20)
- Re: RE: Handling CVEs for the XML entity expansion issues Tim (Feb 20)
- Re: RE: Handling CVEs for the XML entity expansion issues Kurt Seifried (Feb 20)
- Re: RE: Handling CVEs for the XML entity expansion issues Tim (Feb 20)
- Re: RE: Handling CVEs for the XML entity expansion issues Kurt Seifried (Feb 20)
- Re: RE: Handling CVEs for the XML entity expansion issues Tim (Feb 20)
- Re: RE: Handling CVEs for the XML entity expansion issues Kurt Seifried (Feb 20)
- RE: RE: Handling CVEs for the XML entity expansion issues Christey, Steven M. (Feb 20)
- Re: RE: Handling CVEs for the XML entity expansion issues Kurt Seifried (Feb 20)
- Re: RE: Handling CVEs for the XML entity expansion issues Tim Brown (Feb 21)
- Re: RE: Handling CVEs for the XML entity expansion issues Tim (Feb 20)
- Re: CVE request - Linux kernel: evm: NULL pointer de-reference flaw Kurt Seifried (Feb 20)
- Re: CVE request for Drupal Core and contributed modules Kurt Seifried (Feb 20)
- Re: nginx world-readable logdir Henri Salo (Feb 21)
- CVE request: nginx world-readable logdir Henri Salo (Feb 21)
- Re: CVE request: nginx world-readable logdir Kurt Seifried (Feb 21)
- Re: CVE request: nginx world-readable logdir Anders Petersson (Feb 21)
- Re: CVE request: nginx world-readable logdir Anders Petersson (Feb 21)
- Re: CVE request: nginx world-readable logdir Kurt Seifried (Feb 21)
- Re: CVE request: nginx world-readable logdir Kurt Seifried (Feb 21)
- Re: nginx world-readable logdir gremlin (Feb 21)
- Re: nginx world-readable logdir Kurt Seifried (Feb 21)
- Re: nginx world-readable logdir gremlin (Feb 22)
- Re: nginx world-readable logdir Kurt Seifried (Feb 22)
- Re: nginx world-readable logdir Henri Salo (Feb 22)
- Re: nginx world-readable logdir gremlin (Feb 22)
- nginx CVE-2013-0337 world-readable logs gremlin (Feb 23)
- Re: nginx CVE-2013-0337 world-readable logs Kurt Seifried (Feb 24)
- Re: nginx world-readable logdir Kurt Seifried (Feb 21)
- Re: Two more ZoneMinder that need CVE Kurt Seifried (Feb 21)
- RE: Two more ZoneMinder that need CVE Christey, Steven M. (Feb 21)
- Re: Two more ZoneMinder that need CVE Kurt Seifried (Feb 21)
- RE: Two more ZoneMinder that need CVE Christey, Steven M. (Feb 21)
- <Possible follow-ups>
- CVEs for libxml2 and expat internal and external XML entity expansion Kurt Seifried (Feb 21)
- Re: CVEs for libxml2 and expat internal and external XML entity expansion Florian Weimer (Feb 22)
- Re: CVEs for libxml2 and expat internal and external XML entity expansion Jakub Wilk (Feb 22)
- Re: CVEs for libxml2 and expat internal and external XML entity expansion Kurt Seifried (Feb 22)
- Re: CVEs for libxml2 and expat internal and external XML entity expansion Tim (Feb 22)
- Re: CVEs for libxml2 and expat internal and external XML entity expansion Kurt Seifried (Feb 22)
- Re: CVEs for libxml2 and expat internal and external XML entity expansion Florian Weimer (Feb 22)
- Re: CVE request: Linux kernel: Bluetooth HIDP information disclosure Kurt Seifried (Feb 22)
- Re: CVE request: varnish world-readable logdir Kurt Seifried (Feb 22)
- Re: Cve request: tomcat world-readable logdir Kurt Seifried (Feb 22)
- Re: CVE request: webfs world-readable log Agostino Sarubbo (Feb 22)
- Re: Re: CVE request: webfs world-readable log Kurt Seifried (Feb 22)
- Re: CVE request: sthttpd world-redable logdir Kurt Seifried (Feb 22)
- Re: CVE Request: kernel - sock_diag: Fix out-of-bounds access to sock_diag_handlers[] Petr Matousek (Feb 24)
- Re: CVE Request: kernel - sock_diag: Fix out-of-bounds access to sock_diag_handlers[] Solar Designer (Feb 25)
- Re: CVE Request: kernel - sock_diag: Fix out-of-bounds access to sock_diag_handlers[] Mathias Krause (Feb 25)
- Re: CVE Request: kernel - sock_diag: Fix out-of-bounds access to sock_diag_handlers[] Mathias Krause (Feb 25)
- Re: CVE Request: kernel - sock_diag: Fix out-of-bounds access to sock_diag_handlers[] Solar Designer (Feb 25)
- Re: CVE Request: kernel - sock_diag: Fix out-of-bounds access to sock_diag_handlers[] Mathias Krause (Feb 25)
- Re: CVE Request: kernel - sock_diag: Fix out-of-bounds access to sock_diag_handlers[] Dan Rosenberg (Feb 25)
- Re: CVE Request: kernel - sock_diag: Fix out-of-bounds access to sock_diag_handlers[] Mathias Krause (Feb 25)
- Re: CVE Request: kernel - sock_diag: Fix out-of-bounds access to sock_diag_handlers[] Dan Rosenberg (Feb 25)
- Re: CVE Request: kernel - sock_diag: Fix out-of-bounds access to sock_diag_handlers[] Mathias Krause (Feb 25)
- Re: CVE Request: kernel - sock_diag: Fix out-of-bounds access to sock_diag_handlers[] Jason A. Donenfeld (Feb 25)
- Re: CVE Request: kernel - sock_diag: Fix out-of-bounds access to sock_diag_handlers[] Dan Rosenberg (Feb 25)
- Re: CVE Request: kernel - sock_diag: Fix out-of-bounds access to sock_diag_handlers[] Solar Designer (Feb 25)
- Re: CVE Request: kernel - sock_diag: Fix out-of-bounds access to sock_diag_handlers[] Marcus Meissner (Feb 25)
- Re: CVE Request: kernel - sock_diag: Fix out-of-bounds access to sock_diag_handlers[] Solar Designer (Feb 25)
- Re: CVE Request: kernel - sock_diag: Fix out-of-bounds access to sock_diag_handlers[] Mathias Krause (Feb 25)
- Re: CVE request: skunkweb world-readable logdir Kurt Seifried (Feb 25)
- Re: CVE request: monkeyd world-readable logdir Kurt Seifried (Feb 25)
- Re: CVE request: monkeyd world-readable logdir Agostino Sarubbo (Feb 26)
- Re: CVE request: monkeyd world-readable logdir Moritz Muehlenhoff (Feb 26)
- Re: CVE request: monkeyd world-readable logdir Kurt Seifried (Feb 26)
- Re: CVE request: WordPress plugin smart-flv jwplayer.swf XSS Kurt Seifried (Feb 25)
- Re: kernel: tmpfs use-after-free Kurt Seifried (Feb 25)
- Re: kernel: tmpfs use-after-free Solar Designer (Feb 25)
- Re: CVE request: libvirt kvm-group writable storage Kurt Seifried (Feb 25)
- Re: CVE request - Linux kernel: VFAT slab-based buffer overflow Greg KH (Feb 26)
- Re: CVE request - Linux kernel: VFAT slab-based buffer overflow Kurt Seifried (Feb 26)
- Re: CVE request - Linux kernel: VFAT slab-based buffer overflow Henri Salo (Feb 26)
- Re: CVE request - Linux kernel: VFAT slab-based buffer overflow Kurt Seifried (Feb 26)
- Re: CVE request - Linux kernel: VFAT slab-based buffer overflow Yves-Alexis Perez (Feb 26)
- Re: CVE request - Linux kernel: VFAT slab-based buffer overflow Kurt Seifried (Feb 26)
- Re: CVE request - Linux kernel: VFAT slab-based buffer overflow Yves-Alexis Perez (Feb 26)
- Re: CVE request - Linux kernel: VFAT slab-based buffer overflow Jason A. Donenfeld (Feb 26)
- Re: CVE request - Linux kernel: VFAT slab-based buffer overflow Michael Gilbert (Feb 26)
- Re: CVE request - Linux kernel: VFAT slab-based buffer overflow Greg KH (Feb 26)
- Re: CVE request - Linux kernel: VFAT slab-based buffer overflow Petr Matousek (Feb 26)
- Re: CVE request - Linux kernel: VFAT slab-based buffer overflow Greg KH (Feb 27)
- Re: CVE request - Linux kernel: VFAT slab-based buffer overflow Solar Designer (Feb 27)
- Re: CVE request - Linux kernel: VFAT slab-based buffer overflow Greg KH (Feb 27)
- Re: CVE request - Linux kernel: VFAT slab-based buffer overflow Petr Matousek (Feb 27)
- Re: CVE request - Linux kernel: VFAT slab-based buffer overflow Benji (Feb 27)
- Re: CVE request - Linux kernel: VFAT slab-based buffer overflow Greg KH (Feb 27)
- Re: CVE request - Linux kernel: VFAT slab-based buffer overflow Benji (Feb 27)
- Re: CVE request - Linux kernel: VFAT slab-based buffer overflow Benji (Feb 27)
- Re: CVE request - Linux kernel: VFAT slab-based buffer overflow Jason A. Donenfeld (Feb 27)
- Re: CVE request - Linux kernel: VFAT slab-based buffer overflow Greg KH (Feb 27)
- Re: CVE request - Linux kernel: VFAT slab-based buffer overflow Jason A. Donenfeld (Feb 27)
- Re: CVE request - Linux kernel: VFAT slab-based buffer overflow Greg KH (Feb 27)
- Re: CVE request - Linux kernel: VFAT slab-based buffer overflow Petr Matousek (Feb 27)
- Re: CVE request - Linux kernel: VFAT slab-based buffer overflow Greg KH (Feb 27)
- Re: CVE request - Linux kernel: VFAT slab-based buffer overflow Petr Matousek (Feb 27)
- Re: CVE request - Linux kernel: VFAT slab-based buffer overflow Greg KH (Feb 27)
- Re: CVE request - Linux kernel: VFAT slab-based buffer overflow Eugene Teo (Feb 28)
- Re: CVE request - Linux kernel: VFAT slab-based buffer overflow Petr Matousek (Feb 27)
- Re: CVE request - Linux kernel: VFAT slab-based buffer overflow Greg KH (Feb 27)
- handling of Linux kernel vulnerabilities (was: CVE request - Linux kernel: VFAT slab-based buffer overflow) Solar Designer (Mar 03)
- Re: handling of Linux kernel vulnerabilities (was: CVE request - Linux kernel: VFAT slab-based buffer overflow) Greg KH (Mar 03)
- Re: handling of Linux kernel vulnerabilities (was: CVE request - Linux kernel: VFAT slab-based buffer overflow) Solar Designer (Mar 03)
- Re: handling of Linux kernel vulnerabilities (was: CVE request - Linux kernel: VFAT slab-based buffer overflow) Greg KH (Mar 03)
- Re: handling of Linux kernel vulnerabilities (was: CVE request - Linux kernel: VFAT slab-based buffer overflow) Michael Gilbert (Mar 03)
- Re: handling of Linux kernel vulnerabilities (was: CVE request - Linux kernel: VFAT slab-based buffer overflow) Greg KH (Mar 03)
- Re: handling of Linux kernel vulnerabilities (was: CVE request - Linux kernel: VFAT slab-based buffer overflow) Eric Lacombe (Mar 04)
- Re: handling of Linux kernel vulnerabilities (was: CVE request - Linux kernel: VFAT slab-based buffer overflow) Greg KH (Mar 04)
- Re: handling of Linux kernel vulnerabilities Kurt Seifried (Mar 04)
- Re: handling of Linux kernel vulnerabilities Solar Designer (Mar 04)
- Re: handling of Linux kernel vulnerabilities Noel Butler (Mar 05)
- Re: handling of Linux kernel vulnerabilities Solar Designer (Mar 05)
- Re: handling of Linux kernel vulnerabilities Alton Moore (Mar 05)
- Re: handling of Linux kernel vulnerabilities (was: CVE request - Linux kernel: VFAT slab-based buffer overflow) Eric Lacombe (Mar 05)
- Re: handling of Linux kernel vulnerabilities Andreas Ericsson (Mar 04)
- Re: CVE request - Linux kernel: VFAT slab-based buffer overflow Yves-Alexis Perez (Feb 27)
- Re: CVE request - Linux kernel: VFAT slab-based buffer overflow Greg KH (Feb 27)
- Re: CVE request - Linux kernel: VFAT slab-based buffer overflow Jason A. Donenfeld (Feb 27)
- Re: CVE request - Linux kernel: VFAT slab-based buffer overflow Greg KH (Feb 27)
- Re: CVE request - Linux kernel: VFAT slab-based buffer overflow Jason A. Donenfeld (Feb 27)
- Re: CVE request - Linux kernel: VFAT slab-based buffer overflow Kurt Seifried (Feb 27)
- Re: CVE request - Linux kernel: VFAT slab-based buffer overflow Jiri Kosina (Feb 27)
- Re: CVE request - Linux kernel: VFAT slab-based buffer overflow Daniel Kahn Gillmor (Feb 27)
- Re: CVE request - Linux kernel: VFAT slab-based buffer overflow Jason A. Donenfeld (Feb 27)
- Re: CVE request - Linux kernel: VFAT slab-based buffer overflow Yves-Alexis Perez (Mar 01)
- Re: CVE request - Linux kernel: VFAT slab-based buffer overflow Jason A. Donenfeld (Feb 27)
- Re: CVE request - Linux kernel: VFAT slab-based buffer overflow Greg KH (Feb 27)
- Re: CVE request - Linux kernel: VFAT slab-based buffer overflow Tim (Feb 27)
- Re: CVE request - Linux kernel: VFAT slab-based buffer overflow Greg KH (Feb 27)
- Re: CVE request - Linux kernel: VFAT slab-based buffer overflow Jiri Kosina (Feb 27)
- Re: CVE request - Linux kernel: VFAT slab-based buffer overflow Greg KH (Feb 27)
- Re: CVE request - Linux kernel: VFAT slab-based buffer overflow Jiri Kosina (Feb 27)
- Re: CVE request - Linux kernel: VFAT slab-based buffer overflow Yves-Alexis Perez (Feb 27)
- Re: CVE request - Linux kernel: VFAT slab-based buffer overflow Jiri Kosina (Feb 28)
- Re: CVE request - Linux kernel: VFAT slab-based buffer overflow Jason A. Donenfeld (Feb 27)
- Re: CVE request - Linux kernel: VFAT slab-based buffer overflow Daniel Kahn Gillmor (Feb 27)
- Re: CVE request - Linux kernel: VFAT slab-based buffer overflow Kurt Seifried (Feb 26)
- Re: CVE request - Linux kernel: VFAT slab-based buffer overflow Kurt Seifried (Feb 26)
- Re: CVE request: psi+ stores the cache file as world-readable Seth Arnold (Feb 26)
- Re: CVE request: psi+ stores the cache file as world-readable Agostino Sarubbo (Feb 26)
- Re: CVE request: psi+ stores the cache file as world-readable Kurt Seifried (Feb 26)
- Re: CVE request: psi+ stores the cache file as world-readable gremlin (Feb 26)
- Re: CVE request: psi+ stores the cache file as world-readable Russ Allbery (Feb 26)
- Re: CVE request: psi+ stores the cache file as world-readable gremlin (Feb 26)
- Re: CVE request: psi+ stores the cache file as world-readable Agostino Sarubbo (Feb 27)
- Re: CVE request: psi+ stores the cache file as world-readable Russ Allbery (Feb 26)
- Re: CVE Request: poppler 0.22.1 security fixes Kurt Seifried (Feb 27)
- Re: CVE Request: poppler 0.22.1 security fixes Salvatore Bonaccorso (Feb 27)
- Re: CVE Request: poppler 0.22.1 security fixes Kurt Seifried (Feb 27)
- Re: CVE Request: poppler 0.22.1 security fixes Yves-Alexis Perez (Feb 27)
- Re: CVE Request: poppler 0.22.1 security fixes Salvatore Bonaccorso (Feb 27)
- Re: CVE request: Linux kernel: USB: io_ti: NULL pointer dereference Kurt Seifried (Feb 27)
- Re: CVE request: sudo authentication bypass when clock is reset Kurt Seifried (Feb 27)
- <Possible follow-ups>
- Re: CVE request: sudo authentication bypass when clock is reset Todd C. Miller (Feb 28)
- Re: CVE request: potential bypass of sudo tty_tickets constraints Kurt Seifried (Feb 27)
- <Possible follow-ups>
- Re: CVE request: potential bypass of sudo tty_tickets constraints Todd C. Miller (Feb 28)
- Re: CVE id request: busybox Kurt Seifried (Mar 02)
- Re: CVE id request: busybox gremlin (Mar 03)
- Re: CVE id request: busybox Michael Tokarev (Mar 03)
- Re: CVE id request: busybox Piotr Karbowski (Mar 03)
- Re: CVE id request: busybox Michael Tokarev (Mar 03)
- Re: CVE id request: busybox Kurt Seifried (Mar 03)
- Re: CVE id request: busybox Michael Gilbert (Mar 03)
- Re: CVE id request: busybox Kurt Seifried (Mar 03)
- Re: CVE id request: busybox Thomas Biege (Mar 05)
- Re: CVE id request: busybox Thomas Biege (Mar 05)
- Re: CVE id request: busybox Raphael Geissert (Mar 05)
- Re: CVE id request: busybox Kurt Seifried (Mar 05)
- Re: CVE id request: busybox Raphael Geissert (Mar 06)
- Re: CVE id request: busybox gremlin (Mar 03)
- Re: CVE request: ruby-openid XML denial of service attack Kurt Seifried (Mar 02)
- Re: CVE Request: various gems in aftermath of rubygem actionpack issue Reed Loden (Mar 01)
- Re: CVE Request: various gems in aftermath of rubygem actionpack issue Kurt Seifried (Mar 01)
- Re: CVE Request: various gems in aftermath of rubygem actionpack issue Olivier Gonzalez (Mar 01)
- Re: CVE Request: various gems in aftermath of rubygem actionpack issue Kurt Seifried (Mar 02)
- Re: CVE Request: various gems in aftermath of rubygem actionpack issue Olivier Gonzalez (Mar 01)
- Re: CVE Request: rubygem passenger security issue Kurt Seifried (Mar 01)
- Re: CVE Request: Gambas Directory hijack vulnerability Kurt Seifried (Mar 02)
- Re: CVE request: PHP-Fusion waraxe-2013-SA#097 Kurt Seifried (Mar 02)
- Re: Reverse lookup issue in Net::Server Russ Allbery (Mar 04)
- Re: Reverse lookup issue in Net::Server Kurt Seifried (Mar 11)
- Re: Reverse lookup issue in Net::Server Steven M. Christey (Mar 13)
- Re: Reverse lookup issue in Net::Server Salvatore Bonaccorso (Mar 13)
- Re: Reverse lookup issue in Net::Server Kurt Seifried (Mar 13)
- Re: Reverse lookup issue in Net::Server Kurt Seifried (Mar 11)
- Re: CVE request: Linux kernel: xfs: _xfs_buf_find NULL pointer dereference Kurt Seifried (Mar 05)
- Re: CVE Requests (maybe): Linux kernel: various info leaks, some NULL ptr derefs Kurt Seifried (Mar 06)
- Re: CVE Requests (maybe): Linux kernel: various info leaks, some NULL ptr derefs Mathias Krause (Mar 06)
- Re: CVE Requests (maybe): Linux kernel: various info leaks, some NULL ptr derefs Kurt Seifried (Mar 07)
- Re: CVE Requests (maybe): Linux kernel: various info leaks, some NULL ptr derefs Solar Designer (Mar 07)
- Re: CVE Requests (maybe): Linux kernel: various info leaks, some NULL ptr derefs Kurt Seifried (Mar 07)
- RE: CVE Requests (maybe): Linux kernel: various info leaks, some NULL ptr derefs Christey, Steven M. (Mar 07)
- Re: CVE Requests (maybe): Linux kernel: various info leaks, some NULL ptr derefs Solar Designer (Mar 07)
- Re: CVE Requests (maybe): Linux kernel: various info leaks, some NULL ptr derefs Petr Matousek (Mar 07)
- Re: CVE Requests (maybe): Linux kernel: various info leaks, some NULL ptr derefs Kurt Seifried (Mar 07)
- Re: CVE Requests (maybe): Linux kernel: various info leaks, some NULL ptr derefs Thomas Biege (Mar 08)
- Re: CVE Requests (maybe): Linux kernel: various info leaks, some NULL ptr derefs cve-assign (Mar 14)
- Re: CVE Requests (maybe): Linux kernel: various info leaks, some NULL ptr derefs Solar Designer (Mar 07)
- Re: CVE for Ruby Entity expansion DoS vulnerability in REXML (XML bomb) U.Nakamura (Mar 11)
- Re: CVE Request -- Linux kernel: sctp: SCTP_GET_ASSOC_STATS stack overflow Kurt Seifried (Mar 07)
- Re: CVE Request -- Linux kernel: sctp: SCTP_GET_ASSOC_STATS stack overflow Petr Matousek (Mar 07)
- Re: CVE abstraction choices and the Linux kernel Petr Matousek (Mar 14)
- Re: CVE abstraction choices and the Linux kernel Michael Gilbert (Mar 14)
- Re: CVE Request: typo3 sql injection and open redirection Kurt Seifried (Mar 11)
- Re: Multiple SQL Injection vulnerabilities in Disk Pool Manager (DPM) Kurt Seifried (Mar 11)
- Re: WordPress plugins vulnerable to CVE-2013-1808 Henri Salo (Mar 14)
- Re: WordPress plugins vulnerable to CVE-2013-1808 Henri Salo (Mar 26)
- RE: WordPress plugins vulnerable to CVE-2013-1808 Christey, Steven M. (Mar 28)
- Re: CVE request: XSS in piwik 1.11 Kurt Seifried (Mar 11)
- Re: CVE-2009-4168: WordPress plugin vkontakte-api XSS vulnerability Henri Salo (Mar 14)
- RE: *.nist.gov websites gone forever? Christey, Steven M. (Mar 11)
- Re: CVE Request: MD5 used for Download verification Jeremy Stanley (Mar 11)
- Re: CVE-2013-0913 Linux kernel i915 integer overflow Alexander E. Patrakov (Mar 13)
- Re: CVE-2013-0913 Linux kernel i915 integer overflow Xin Li (Mar 14)
- Re: CVE assignments for "weak" crypto (was CVE Request: MD5 used for Download verification) Tim (Mar 12)
- Re: CVE assignments for "weak" crypto (was CVE Request: MD5 used for Download verification) Mike O'Connor (Mar 13)
- Re: CVE assignments for "weak" crypto (was CVE Request: MD5 used for Download verification) Kurt Seifried (Mar 13)
- Re: CVE request: almanah does not encrypt its database Kurt Seifried (Mar 13)
- Re: Linux kernel + devtmpfs automount == insecure /dev/{,u}random mode Tim Brown (Mar 13)
- Re: Linux kernel + devtmpfs automount == insecure /dev/{,u}random mode Eduardo Tongson (Mar 13)
- Re: Linux kernel + devtmpfs automount == insecure /dev/{,u}random mode Pavel Labushev (Mar 13)
- <Possible follow-ups>
- Re: Linux kernel + devtmpfs automount == insecure /dev/{,u}random mode gremlin (Mar 13)
- Re: Linux kernel + devtmpfs automount == insecure /dev/{,u}random mode gremlin (Mar 13)
- Re: Linux kernel + devtmpfs automount == insecure /dev/{,u}random mode Kurt Seifried (Mar 14)
- Re: Linux kernel + devtmpfs automount == insecure /dev/{,u}random mode gremlin (Mar 13)
- Re: CLONE_NEWUSER|CLONE_FS root exploit Kees Cook (Mar 13)
- Re: CLONE_NEWUSER|CLONE_FS root exploit Eugene Teo (Mar 13)
- Re: CLONE_NEWUSER|CLONE_FS root exploit Eugene Teo (Mar 13)
- Re: CLONE_NEWUSER|CLONE_FS root exploit Greg KH (Mar 13)
- Re: CLONE_NEWUSER|CLONE_FS root exploit Agostino Sarubbo (Mar 18)
- Re: CLONE_NEWUSER|CLONE_FS root exploit Eugene Teo (Mar 13)
- Re: CLONE_NEWUSER|CLONE_FS root exploit Kurt Seifried (Mar 13)
- Re: CVE Request/Guidance: Linux kernel cdc-wdm buffer overflow triggered by device Eugene Teo (Mar 14)
- RE: CVE Request/Guidance: Linux kernel cdc-wdm buffer overflow triggered by device Christey, Steven M. (Mar 14)
- Re: CVE Request/Guidance: Linux kernel cdc-wdm buffer overflow triggered by device Kurt Seifried (Mar 14)
- RE: CVE Request/Guidance: Linux kernel cdc-wdm buffer overflow triggered by device Christey, Steven M. (Mar 14)
- Re: CVE Request/Guidance: Linux kernel cdc-wdm buffer overflow triggered by device Petr Matousek (Mar 14)
- Re: CVE Request/Guidance: Linux kernel cdc-wdm buffer overflow triggered by device Kurt Seifried (Mar 14)
- Re: CVE request for a Drupal contributed module Kurt Seifried (Mar 14)
- Re: Further issue details about flaws corrected in upstream ClamAV 0.97.7 version Kurt Seifried (Mar 19)
- Re: Further issue details about flaws corrected in upstream ClamAV 0.97.7 version Gynvael Coldwind (Mar 19)
- Re: CVE request: billion laughs flaw in ptlib Kurt Seifried (Mar 15)
- Re: CVE Request: VLC Buffer overflows Kurt Seifried (Mar 19)
- Re: Ruby CVEs Henri Salo (Mar 19)
- Re: Ruby CVEs Kurt Seifried (Mar 19)
- Re: Ruby CVEs Kurt Seifried (Mar 20)
- Re: [Red Hat - Possible Forgery] Re: [oss-security] Ruby CVEs Kurt Seifried (Mar 20)
- Re: Re: [Red Hat - Possible Forgery] Re: [oss-security] Ruby CVEs Reed Loden (Mar 20)
- RE: Re: [Red Hat - Possible Forgery] Re: [oss-security] Ruby CVEs Christey, Steven M. (Mar 20)
- RE: [Red Hat - Possible Forgery] Re: [oss-security] Ruby CVEs Christey, Steven M. (Mar 20)
- Re: RE: [Red Hat - Possible Forgery] Re: [oss-security] Ruby CVEs larry Cashdollar (Mar 20)
- Re: Ruby CVEs Solar Designer (Mar 20)
- RE: Ruby CVEs Christey, Steven M. (Mar 21)
- Re: Ruby CVEs Henri Salo (Mar 21)
- Re: Ruby CVEs Henri Salo (Mar 20)
- <Possible follow-ups>
- Fwd: CVE requests larry Cashdollar (Mar 19)
- Re: Untrusted startup file inclusion in Chicken Scheme Kurt Seifried (Mar 20)
- Re: Linux kernel: net - three info leaks in rtnl Kurt Seifried (Mar 20)
- Re: Linux kernel: net - three info leaks in rtnl Moritz Muehlenhoff (Mar 25)
- Re: Linux kernel: net - three info leaks in rtnl Moritz Muehlenhoff (Mar 25)
- Re: Linux kernel: net - three info leaks in rtnl Moritz Muehlenhoff (Mar 25)
- Re: CVE Request: python-pip insecure temporary directory handling Kurt Seifried (Mar 21)
- Re: CVE Request: python-pip insecure temporary directory handling David Black (Mar 22)
- Re: CVE Request: python-pip insecure temporary directory handling Kurt Seifried (Mar 22)
- Re: CVE Request: python-pip insecure temporary directory handling David Black (Mar 22)
- Re: CVE request: MantisBT text search query can crash site Kurt Seifried (Mar 21)
- Re: CVE Request -- drupal7-views : SA-CONTRIB-2013-035 - Views - Cross Site Scripting (XSS) Kurt Seifried (Mar 22)
- Re: CVE Request -- drupal7-views : SA-CONTRIB-2013-035 - Views - Cross Site Scripting (XSS) Jan Lieskovsky (Mar 25)
- Re: CVE request: mod_ruid2 before 0.9.8 Kurt Seifried (Mar 22)
- Re: CVE request: mod_ruid2 before 0.9.8 John Lightsey (Mar 22)
- Re: CVE request: mod_ruid2 before 0.9.8 Kurt Seifried (Mar 22)
- Re: CVE request: mod_ruid2 before 0.9.8 John Lightsey (Mar 22)
- Re: CVE request for "Views" (Drupal contributed module) Kurt Seifried (Mar 22)
- Re: CVE request for "Views" (Drupal contributed module) Forest Monsen (Mar 23)
- Re: CVE request: OpenCart filemanager.php parameter traversal arbitrary file access Kurt Seifried (Mar 23)
- Re: XSS vulnerabilities in ZeroClipboard and multiple web applications Henri Salo (Mar 25)
- Re: CVE Request: Mongo DB Kurt Seifried (Mar 25)
- Re: CVE request: ibutils improper use of files in /tmp Larry W. Cashdollar (Mar 25)
- Re: CVE request: ibutils improper use of files in /tmp Kurt Seifried (Mar 25)
- Re: CVE request: ibutils improper use of files in /tmp Larry W. Cashdollar (Mar 26)
- Re: CVE request: ibutils improper use of files in /tmp Vincent Danen (Mar 26)
- Re: CVE request: ibutils improper use of files in /tmp Vincent Danen (Mar 26)
- Re: CVE request: ibutils improper use of files in /tmp Kurt Seifried (Mar 26)
- Re: CVE request: ibutils improper use of files in /tmp Kurt Seifried (Mar 26)
- Re: CVE request: ibutils improper use of files in /tmp Agostino Sarubbo (Mar 26)
- Re: CVE request: ibutils improper use of files in /tmp Larry W. Cashdollar (Mar 26)
- Re: Ruby gem Thumbshooter 0.1.5 remote code execution Larry W. Cashdollar (Mar 26)
- Re: Ruby gem Thumbshooter 0.1.5 remote code execution Kurt Seifried (Mar 26)
- Re: Ruby gem Thumbshooter 0.1.5 remote code execution Larry W. Cashdollar (Mar 26)
- Re: CVE Request -- yum: Not removing bad metadata and using it in next run Kurt Seifried (Mar 29)
- Re: [kernel-hardening] Security vulnerability tools Tim Brown (Mar 27)
- Re: Re: [kernel-hardening] Security vulnerability tools Corey Bryant (Mar 27)
- Re: Re: [kernel-hardening] Security vulnerability tools Steve Grubb (Mar 28)
- Re: Re: [kernel-hardening] Security vulnerability tools Tim Brown (Mar 28)
- Re: Re: [kernel-hardening] Security vulnerability tools Corey Bryant (Mar 27)
- Re: Security vulnerability tools Solar Designer (Mar 27)
- Re: [kernel-hardening] Re: Security vulnerability tools Corey Bryant (Mar 27)
- Re: Security vulnerability tools Solar Designer (Mar 28)
- Re: [kernel-hardening] Re: Security vulnerability tools Corey Bryant (Mar 27)
- Re: Security vulnerability tools Russ Allbery (Mar 27)
- Re: Security vulnerability tools Corey Bryant (Mar 27)
- Re: Security vulnerability tools Murray McAllister (Mar 27)
- Re: Security vulnerability tools Andreas Ericsson (Mar 28)
- Re: Security vulnerability tools Corey Bryant (Mar 29)
- Re: Re: Security vulnerability tools Raphael Geissert (Mar 29)
- Re: CVE Request for Drupal contrib modules Kurt Seifried (Mar 28)