oss-sec: by thread
714 messages
starting Jan 01 14 and
ending Mar 31 14
Date index |
Thread index |
Author index
- Re: CVE request: Fat Free CRM multiple vulnerabilities Steve Kenworthy (Jan 01)
- Duplicated CVE assignment for bip Moritz Muehlenhoff (Jan 02)
- Re: Duplicated CVE assignment for bip Steven M. Christey (Jan 02)
- kwallet crypto misuse Florian Weimer (Jan 02)
- Re: kwallet crypto misuse cve-assign (Jan 02)
- Re: Re: kwallet crypto misuse Daniel Kahn Gillmor (Jan 02)
- Re: kwallet crypto misuse cve-assign (Jan 02)
- Re: Re: kwallet crypto misuse Kurt Seifried (Jan 02)
- Re: Re: kwallet crypto misuse Michael Samuel (Jan 02)
- Re: Re: kwallet crypto misuse Daniel Kahn Gillmor (Jan 02)
- Re: kwallet crypto misuse gremlin (Jan 02)
- Re: kwallet crypto misuse Daniel Kahn Gillmor (Jan 03)
- Re: kwallet crypto misuse Simon McVittie (Jan 03)
- Re: kwallet crypto misuse Daniel Kahn Gillmor (Jan 03)
- Re: kwallet crypto misuse cve-assign (Jan 03)
- Re: kwallet crypto misuse gremlin (Jan 04)
- Re: kwallet crypto misuse Daniel Kahn Gillmor (Jan 03)
- Re: kwallet crypto misuse George Staikos (Jan 13)
- Re: kwallet crypto misuse cve-assign (Jan 02)
- CVE for freerdp int overflow? Raphael Geissert (Jan 02)
- Re: CVE for freerdp int overflow? Huzaifa Sidhpurwala (Jan 02)
- Re: CVE for freerdp int overflow? cve-assign (Jan 03)
- Re: Re: CVE to the ntp monlist DDoS issue? Moritz Muehlenhoff (Jan 02)
- radare2 endless loop Simon . (Jan 02)
- Re: radare2 endless loop Kurt Seifried (Jan 02)
- Neo4J CSRF: Potential CVE candidate Arun Babu Neelicattu (Jan 02)
- Re: Neo4J CSRF: Potential CVE candidate cve-assign (Jan 03)
- AMD Security contact Kurt Seifried (Jan 02)
- CVE Request: cross-site scripting vulnerabilities in movable type 6.0.1, 5.2.9, and 5.161 Salvatore Bonaccorso (Jan 05)
- [notification] CVE-2013-6888: uscan: remote code execution Raphael Geissert (Jan 06)
- Re: [notification] CVE-2013-6888: uscan: remote code execution Jakub Wilk (Feb 06)
- Re: [notification] CVE-2013-6888: uscan: remote code execution cve-assign (Feb 12)
- Re: [notification] CVE-2013-6888: uscan: remote code execution Jakub Wilk (Feb 06)
- [HITB-Announce] HITB Magazine Issue 10 Out Now Hafez Kamal (Jan 06)
- CVE Request: graphviz: stack-based buffer overflow in yyerror() Ratul Gupta (Jan 06)
- Re: CVE Request: graphviz: stack-based buffer overflow in yyerror() cve-assign (Jan 07)
- Re: Re: CVE Request: graphviz: stack-based buffer overflow in yyerror() Sebastian Krahmer (Jan 08)
- Re: Re: CVE Request: graphviz: stack-based buffer overflow in yyerror() Russ Allbery (Jan 08)
- Re: Re: CVE Request: graphviz: stack-based buffer overflow in yyerror() Emden R. Gansner (Jan 08)
- Re: CVE Request: graphviz: stack-based buffer overflow in yyerror() cve-assign (Jan 08)
- Re: Re: CVE Request: graphviz: stack-based buffer overflow in yyerror() Sebastian Krahmer (Jan 08)
- Re: CVE Request: graphviz: stack-based buffer overflow in yyerror() cve-assign (Jan 07)
- CVE split and a missed file P J P (Jan 06)
- Re: CVE split and a missed file P J P (Jan 07)
- Re: CVE split and a missed file cve-assign (Jan 08)
- Re: CVE split and a missed file P J P (Jan 09)
- RE: CVE split and a missed file Christey, Steven M. (Jan 09)
- Re: CVE split and a missed file cve-assign (Jan 09)
- Re: CVE split and a missed file cve-assign (Jan 08)
- Re: CVE split and a missed file cve-assign (Jan 08)
- Re: CVE split and a missed file P J P (Jan 07)
- CVE request: lightdm-gtk-greeter - local DOS due to NULL pointer dereference Guido Berhoerster (Jan 07)
- Re: CVE request: lightdm-gtk-greeter - local DOS due to NULL pointer dereference Yves-Alexis Perez (Jan 07)
- Re: CVE request: lightdm-gtk-greeter - local DOS due to NULL pointer dereference Daniel Kahn Gillmor (Jan 07)
- Re: CVE request: lightdm-gtk-greeter - local DOS due to NULL pointer dereference cve-assign (Jan 07)
- Re: CVE request: lightdm-gtk-greeter - local DOS due to NULL pointer dereference Yves-Alexis Perez (Jan 07)
- Re: CVE request: lightdm-gtk-greeter - local DOS due to NULL pointer dereference cve-assign (Jan 07)
- Bug#732283: CVE Request: Proc::Daemon writes pidfile with mode 666 cve-assign (Jan 07)
- Fwd: X.Org Security Advisory: CVE-2013-6462: Stack buffer overflow in parsing of BDF font files in libXfont Alan Coopersmith (Jan 07)
- paratrooper-pingdom-1.0.0 ruby gem exposes API login credentials Larry W. Cashdollar (Jan 07)
- Re: paratrooper-pingdom-1.0.0 ruby gem exposes API login credentials cve-assign (Jan 08)
- Paratrooper-newrelic 1.0.1 Ruby Gem exposes API key Larry W. Cashdollar (Jan 07)
- Re: Paratrooper-newrelic 1.0.1 Ruby Gem exposes API key cve-assign (Jan 08)
- https://updateframework.com/ down for a few days now Kurt Seifried (Jan 07)
- CVE Request: drupal7-entity: multiple access bypass vulnerabilities Ratul Gupta (Jan 08)
- Re: CVE Request: drupal7-entity: multiple access bypass vulnerabilities cve-assign (Jan 09)
- PlRPC Perl module: pre-auth remote code execution, weak crypto Florian Weimer (Jan 09)
- Re: PlRPC Perl module: pre-auth remote code execution, weak crypto cve-assign (Jan 09)
- temporary file issue in flite Murray McAllister (Jan 09)
- CVE request: tmux local denial of service (2009) Florian Weimer (Jan 09)
- Re: CVE request: tmux local denial of service (2009) Guido Berhoerster (Jan 09)
- Re: CVE request: tmux local denial of service (2009) cve-assign (Jan 09)
- Re: CVE request: tmux local denial of service (2009) Florian Weimer (Jan 09)
- Re: Re: CVE request: tmux local denial of service (2009) Guido Berhoerster (Jan 09)
- Re: CVE request: tmux local denial of service (2009) Florian Weimer (Jan 09)
- CVE request: remote code execution via deserialization in XStream David Jorm (Jan 09)
- Re: CVE request: remote code execution via deserialization in XStream cve-assign (Jan 09)
- Re: CVE request: remote code execution via deserialization in XStream David Jorm (Jan 09)
- Re: CVE request: remote code execution via deserialization in XStream cve-assign (Jan 09)
- CVE Request: python-jinja2: arbitrary code execution vulnerability Ratul Gupta (Jan 10)
- Re: CVE Request: python-jinja2: arbitrary code execution vulnerability cve-assign (Jan 10)
- CVE assignment for jinja2 Kurt Seifried (Jan 10)
- Re: CVE assignment for jinja2 Vincent Danen (Jan 11)
- Re: CVE assignment for jinja2 Vincent Danen (Jan 11)
- Re: CVE assignment for jinja2 Salvatore Bonaccorso (Jan 11)
- Re: CVE assignment for jinja2 Vincent Danen (Jan 11)
- Re: CVE assignment for jinja2 Vincent Danen (Jan 11)
- Linux kernel: missing CPU-state sanitation during task-switch causes DOS / privilege escalation halfdog (Jan 12)
- [OSSA 2014-001] Nova live snapshots use an insecure local directory (CVE-2013-7048) Thierry Carrez (Jan 13)
- CVE Request -- libvirt: denial of service with keepalive Petr Matousek (Jan 14)
- Re: CVE Request -- libvirt: denial of service with keepalive cve-assign (Jan 14)
- Re: CVE Request -- libvirt: denial of service with keepalive Eric Blake (Jan 14)
- Re: [Libvirt-Security] CVE Request -- libvirt: denial of service with keepalive Daniel P. Berrange (Jan 14)
- Re: CVE Request -- libvirt: denial of service with keepalive cve-assign (Jan 14)
- Re: CVE Request -- libvirt: denial of service with keepalive Eric Blake (Jan 14)
- Re: CVE Request -- libvirt: denial of service with keepalive cve-assign (Jan 14)
- CVE request: assorted kernel infoleak security fixes Salva Peiró (Jan 14)
- Re: CVE request: assorted kernel infoleak security fixes cve-assign (Jan 15)
- linux-distros membership rf (Jan 14)
- Re: linux-distros membership Yves-Alexis Perez (Jan 16)
- <Possible follow-ups>
- Re: linux-distros membership rf (Jan 16)
- Re: Re: linux-distros membership Yves-Alexis Perez (Jan 16)
- Re: linux-distros membership rf (Jan 20)
- Re: linux-distros membership Solar Designer (Jan 21)
- Re: linux-distros membership rf (Jan 22)
- Re: linux-distros membership Solar Designer (Jan 31)
- Re: linux-distros membership rf (Jan 31)
- Re: linux-distros membership Solar Designer (Jan 31)
- Re: linux-distros membership Alexander Cherepanov (Feb 01)
- Re: linux-distros membership rf (Feb 01)
- Re: linux-distros membership rf (Jan 23)
- Re: linux-distros membership Moritz Muehlenhoff (Jan 23)
- Re: linux-distros membership rf (Jan 24)
- Re: linux-distros membership rf (Jan 24)
- Re: linux-distros membership John Haxby (Jan 24)
- Re: linux-distros membership Solar Designer (Jan 21)
- CVE Request: Apache Archiva Remote Command Execution 0day Maksymilian A (Jan 14)
- <Possible follow-ups>
- Re: CVE Request: Apache Archiva Remote Command Execution 0day security curmudgeon (Jan 14)
- Re: CVE Request: Apache Archiva Remote Command Execution 0day Maksymilian A (Jan 14)
- CVE Request: drupal: multiple vulnerabilities corrected in 6.30 and 7.26 (SA-CORE-2014-001) Ratul Gupta (Jan 16)
- CVE Request - Poppler library: DoS fixed in 0.24.5 mancha (Jan 16)
- Re: CVE Request - Poppler library: DoS fixed in 0.24.5 cve-assign (Jan 17)
- Re: CVE already assigned for 1026891? Murray McAllister (Jan 16)
- CVE-2013-6488: Jenkins fails to sanitize input before adding it to the page Murray McAllister (Jan 16)
- Re: CVE-2013-6488: Jenkins fails to sanitize input before adding it to the page Reed Loden (Jan 16)
- Re: CVE-2013-6488: Jenkins fails to sanitize input before adding it to the page Kurt Seifried (Jan 17)
- Re: CVE-2013-6488: Jenkins fails to sanitize input before adding it to the page Murray McAllister (Jan 19)
- Re: CVE-2013-6488: Jenkins fails to sanitize input before adding it to the page Kurt Seifried (Jan 20)
- Re: CVE-2013-6488: Jenkins fails to sanitize input before adding it to the page Kurt Seifried (Jan 20)
- Re: CVE-2013-6488: Jenkins fails to sanitize input before adding it to the page Reed Loden (Jan 16)
- imapsync default version check with,http://imapsync.lamiral.info information leakage (CVE-2013-4279) Kurt Seifried (Jan 16)
- [OSSA 2014-002] Swift TempURL timing attack (CVE-2014-0006) Thierry Carrez (Jan 17)
- more info on "radiotap: bitmap-end-finding buffer overrun" Raphael Geissert (Jan 17)
- Re: more info on "radiotap: bitmap-end-finding buffer overrun" Henri Salo (Jan 19)
- Fwd: [Python-modules-team] Bug#735263: python-rply: insecure use of /tmp Daniel Kahn Gillmor (Jan 17)
- Re: Fwd: [Python-modules-team] Bug#735263: python-rply: insecure use of /tmp cve-assign (Jan 17)
- CVE-2014-0021: chrony traffic amplification in cmdmon protocol Vincent Danen (Jan 17)
- Re: CVE-2014-0021: chrony traffic amplification in cmdmon protocol cve-assign (Jan 17)
- Re: CVE-2014-0021: chrony traffic amplification in cmdmon protocol Vincent Danen (Jan 17)
- Re: CVE-2014-0021: chrony traffic amplification in cmdmon protocol cve-assign (Jan 17)
- Re: CVE-2014-0021: chrony traffic amplification in cmdmon protocol Vincent Danen (Jan 17)
- Re: CVE-2014-0021: chrony traffic amplification in cmdmon protocol Florian Weimer (Jan 19)
- Re: CVE-2014-0021: chrony traffic amplification in cmdmon protocol cve-assign (Jan 17)
- CVE requests / advisory: cxxtools <= 2.2, Tntnet <= 2.2 Matthew Daley (Jan 17)
- Re: CVE requests / advisory: cxxtools <= 2.2, Tntnet <= 2.2 Henri Salo (Jan 18)
- Re: CVE requests / advisory: cxxtools <= 2.2, Tntnet <= 2.2 Matthew Daley (Jan 18)
- Re: CVE requests / advisory: cxxtools <= 2.2, Tntnet <= 2.2 cve-assign (Jan 18)
- Re: CVE requests / advisory: cxxtools <= 2.2, Tntnet <= 2.2 Henri Salo (Jan 18)
- Moodle security notifications public Michael de Raadt (Jan 19)
- <Possible follow-ups>
- Moodle security notifications public Michael de Raadt (Mar 16)
- Re: Moodle security notifications public cve-assign (Mar 21)
- CVE request: Cantata vulnerability Sergey Popov (Jan 20)
- Re: CVE request: Cantata vulnerability cve-assign (Jan 20)
- CVE request for Drupal contributed modules Forest Monsen (Jan 20)
- Re: CVE request for Drupal contributed modules Henri Salo (Jan 20)
- Re: CVE request for Drupal contributed modules cve-assign (Jan 20)
- Re: CVE request for Drupal contributed modules Forest Monsen (Jan 20)
- CVE request: spip: cross-site scripting vulnerability Salvatore Bonaccorso (Jan 20)
- Re: CVE request: spip: cross-site scripting vulnerability cve-assign (Jan 20)
- Fwd: [Python-modules-team] Bug#736247: python-xdg: get_runtime_dir(strict=False): insecure use of /tmp Daniel Kahn Gillmor (Jan 21)
- CVE request: Perl module MARC::File::XML Galen Charlton (Jan 21)
- Re: CVE request: Perl module MARC::File::XML cve-assign (Jan 21)
- Getting tempfile/mktemp wrong Helmut Grohne (Jan 22)
- Re: Getting tempfile/mktemp wrong cve-assign (Jan 22)
- Xen Security Advisory 83 - Out-of-memory condition yielding memory corruption during IRQ setup Xen . org security team (Jan 23)
- Xen Security Advisory 83 (CVE-2014-1642) - Out-of-memory condition yielding memory corruption during IRQ setup Xen . org security team (Jan 23)
- [OSSA 2014-003] Live migration can leak root disk into ephemeral storage (CVE-2013-7130) Grant Murphy (Jan 23)
- CVE-2014-0022 insecure install of rpm packages via yum cron Vincent Danen (Jan 23)
- Xen Security Advisory 87 - PHYSDEVOP_{prepare,release}_msix exposed to unprivileged guests Xen . org security team (Jan 24)
- Xen Security Advisory 87 (CVE-2014-1666) - PHYSDEVOP_{prepare,release}_msix exposed to unprivileged guests Xen . org security team (Jan 24)
- Remote code execution in horde < 5.1.1 Pedro Ribeiro (Jan 28)
- Re: Remote code execution in horde < 5.1.1 cve-assign (Jan 28)
- Re: Remote code execution in horde < 5.1.1 Murray McAllister (Jan 28)
- Re: Remote code execution in horde < 5.1.1 Murray McAllister (Jan 28)
- Re: Remote code execution in horde < 5.1.1 Jan Schneider (Jan 29)
- Re: Remote code execution in horde < 5.1.1 Murray McAllister (Jan 28)
- CVE request Linux kernel: netfilter: nf_nat: leakage of uninitialized buffer in IRC NAT helper P J P (Jan 28)
- Socat security advisory 5 - PROXY-CONNECT address overflow Gerhard Rieger (Jan 28)
- CVE request: temporary file issue in Passenger rubygem Vincent Danen (Jan 28)
- Re: CVE request: temporary file issue in Passenger rubygem Raphael Geissert (Jan 29)
- Re: CVE request: temporary file issue in Passenger rubygem Raphael Geissert (Jan 29)
- Re: CVE request: temporary file issue in Passenger rubygem cve-assign (Jan 30)
- Re: Re: CVE request: temporary file issue in Passenger rubygem Tomas Hoger (Feb 03)
- Re: CVE request: temporary file issue in Passenger rubygem Raphael Geissert (Jan 29)
- OpenSSH J-PAKE vulnerability (no cause for panic! remain calm!) Kurt Seifried (Jan 28)
- Re: OpenSSH J-PAKE vulnerability (no cause for panic! remain calm!) cve-assign (Jan 29)
- Re: Re: OpenSSH J-PAKE vulnerability (no cause for panic! remain calm!) Kurt Seifried (Feb 03)
- Re: OpenSSH J-PAKE vulnerability (no cause for panic! remain calm!) cve-assign (Jan 29)
- CVE Request: Erlang OTP - ftp module - FTP Command Injection Seba (Jan 28)
- Re: CVE Request: Erlang OTP - ftp module - FTP Command Injection cve-assign (Jan 29)
- (possible) CVE request: suPHP 0.7.2 release fixed a possible arbitrary code execution Salvatore Bonaccorso (Jan 28)
- CVE Request: otrs: CSRF issue in customer web interface Salvatore Bonaccorso (Jan 29)
- Re: [Ticket#2014012942020471] CVE Request: otrs: CSRF issue in customer web interface Jens Bothe via OTRS Security Team (Jan 29)
- Re: CVE Request: otrs: CSRF issue in customer web interface cve-assign (Jan 29)
- CVE: Request Puneeth Gowda (Jan 29)
- Re: CVE: Request cve-assign (Jan 29)
- CVE REJECT request: CVE-2013-4588 P J P (Jan 29)
- collectd security contact Michael Samuel (Jan 29)
- Re: collectd security contact Kurt Seifried (Jan 29)
- <Possible follow-ups>
- Re: collectd security contact Sebastian Harl (Jan 30)
- Re: Re: collectd security contact Michael Samuel (Jan 30)
- CVE Request: Juju phpmyadmin charm Seth Arnold (Jan 29)
- Re: CVE Request: Juju phpmyadmin charm dawg (Jan 29)
- Re: CVE Request: Juju phpmyadmin charm Seth Arnold (Jan 29)
- Re: CVE Request: Juju phpmyadmin charm dawg (Jan 29)
- echor 0.1.6 Ruby Gem exposes login credentials Larry W. Cashdollar (Jan 30)
- Re: echor 0.1.6 Ruby Gem exposes login credentials cve-assign (Jan 31)
- CVE request: enlightenment sysactions Martin Carpenter (Jan 30)
- Re: CVE request: enlightenment sysactions cve-assign (Feb 03)
- CVE-2013-6393 / libyaml buffer overflow Garth Mollett (Jan 30)
- Linux 3.4+: arbitrary write with CONFIG_X86_X32 (CVE-2014-0038) Solar Designer (Jan 30)
- Re: Linux 3.4+: arbitrary write with CONFIG_X86_X32 (CVE-2014-0038) Kees Cook (Jan 30)
- Re: Linux 3.4+: arbitrary write with CONFIG_X86_X32 (CVE-2014-0038) rf (Jan 31)
- Re: Linux 3.4+: arbitrary write with CONFIG_X86_X32 (CVE-2014-0038) Solar Designer (Jan 31)
- Re: Linux 3.4+: arbitrary write with CONFIG_X86_X32 (CVE-2014-0038) rf (Jan 31)
- Re: Linux 3.4+: arbitrary write with CONFIG_X86_X32 (CVE-2014-0038) Solar Designer (Jan 31)
- Re: Linux 3.4+: arbitrary write with CONFIG_X86_X32 (CVE-2014-0038) Kurt Seifried (Jan 31)
- Re: Linux 3.4+: arbitrary write with CONFIG_X86_X32 (CVE-2014-0038) Solar Designer (Jan 31)
- Re: Linux 3.4+: arbitrary write with CONFIG_X86_X32 (CVE-2014-0038) Solar Designer (Jan 31)
- Re: Linux 3.4+: arbitrary write with CONFIG_X86_X32 (CVE-2014-0038) Matthew Daley (Jan 31)
- Re: Linux 3.4+: arbitrary write with CONFIG_X86_X32 (CVE-2014-0038) Solar Designer (Jan 31)
- Re: Linux 3.4+: arbitrary write with CONFIG_X86_X32 (CVE-2014-0038) PaX Team (Jan 31)
- Re: Linux 3.4+: arbitrary write with CONFIG_X86_X32 (CVE-2014-0038) Yves-Alexis Perez (Feb 01)
- Re: Linux 3.4+: arbitrary write with CONFIG_X86_X32 (CVE-2014-0038) Solar Designer (Jan 31)
- Re: Linux 3.4+: arbitrary write with CONFIG_X86_X32 (CVE-2014-0038) Solar Designer (Feb 01)
- Re: Linux 3.4+: arbitrary write with CONFIG_X86_X32 (CVE-2014-0038) mancha (Feb 02)
- Re: Linux 3.4+: arbitrary write with CONFIG_X86_X32 (CVE-2014-0038) Solar Designer (Feb 02)
- Re: Linux 3.4+: arbitrary write with CONFIG_X86_X32 (CVE-2014-0038) mancha (Feb 02)
- Re: Linux 3.4+: arbitrary write with CONFIG_X86_X32 (CVE-2014-0038) Solar Designer (Feb 02)
- Re: Linux 3.4+: arbitrary write with CONFIG_X86_X32 (CVE-2014-0038) mancha (Feb 02)
- <Possible follow-ups>
- Re: Linux 3.4+: arbitrary write with CONFIG_X86_X32 (CVE-2014-0038) mancha (Feb 02)
- Linux kernel: fs: fix get_dumpable() incorrect tests (CVE-2013-2929) Solar Designer (Jan 30)
- CVE request: uupdate (devscripts) directory traversal Murray McAllister (Jan 30)
- Re: CVE request: uupdate (devscripts) directory traversal cve-assign (Jan 31)
- CVE needed for libotr's support for OTR v1? Murray McAllister (Jan 30)
- Re: CVE needed for libotr's support for OTR v1? cve-assign (Feb 03)
- CVE request: impressCMS 1.3.5 arbitrary file deletion and XSS Pedro Ribeiro (Jan 31)
- Re: CVE request: impressCMS 1.3.5 arbitrary file deletion and XSS cve-assign (Jan 31)
- Re: CVE request: impressCMS 1.3.5 arbitrary file deletion and XSS Pedro Ribeiro (Feb 02)
- Re: CVE request: impressCMS 1.3.5 arbitrary file deletion and XSS cve-assign (Jan 31)
- Security Flaw CVE-2014-0037 Michael Kromer (Jan 31)
- CVE request: temp file issues in python's logilab-common module Vincent Danen (Jan 31)
- Re: CVE request: temp file issues in python's logilab-common module cve-assign (Feb 02)
- Persistent XSS in Wordpress 3.3.1+dfsg-1 (Packaged with Ubuntu 12.04.4) Larry W. Cashdollar (Feb 02)
- Re: Persistent XSS in Wordpress 3.3.1+dfsg-1 (Packaged with Ubuntu 12.04.4) Larry W. Cashdollar (Feb 02)
- Re: Persistent XSS in Wordpress 3.3.1+dfsg-1 (Packaged with Ubuntu 12.04.4) larry Cashdollar (Feb 03)
- Re: Persistent XSS in Wordpress 3.3.1+dfsg-1 (Packaged with Ubuntu 12.04.4) Larry W. Cashdollar (Feb 02)
- CVE-2014-0039: fwsnort loaded configuration file from cwd when run as a non-root user Murray McAllister (Feb 02)
- CVE request: multiple issues in Apache Cordova/PhoneGap David Jorm (Feb 02)
- Re: CVE request: multiple issues in Apache Cordova/PhoneGap cve-assign (Feb 07)
- CVE request: a2ps insecure temporary file use Murray McAllister (Feb 02)
- Re: CVE request: a2ps insecure temporary file use Murray McAllister (Feb 03)
- Re: CVE request: a2ps insecure temporary file use cve-assign (Feb 04)
- Re: Re: CVE request: a2ps insecure temporary file use Murray McAllister (Feb 05)
- Re: CVE request: a2ps insecure temporary file use cve-assign (Feb 05)
- CVE request: PHP object insertion in Contao CMS <= 3.2.5 Pedro Ribeiro (Feb 03)
- Re: CVE request: PHP object insertion in Contao CMS <= 3.2.5 cve-assign (Feb 03)
- CVE request and heads-up on insecure temp file handling in unpack200 (OpenJDK, Oracle Java) Vincent Danen (Feb 03)
- CVE request: python-gnupg before 0.3.5 shell injection Hanno Böck (Feb 04)
- Re: CVE request: python-gnupg before 0.3.5 shell injection Henri Salo (Feb 04)
- Re: CVE request: python-gnupg before 0.3.5 shell injection Florian Weimer (Feb 04)
- Re: CVE request: python-gnupg before 0.3.5 shell injection Henri Salo (Feb 04)
- Re: CVE request: python-gnupg before 0.3.5 shell injection Henri Salo (Feb 04)
- Re: CVE request: python-gnupg before 0.3.5 shell injection Florian Weimer (Feb 04)
- Re: CVE request: python-gnupg before 0.3.5 shell injection Vinay Sajip (Feb 05)
- Re: Re: CVE request: python-gnupg before 0.3.5 shell injection Florian Weimer (Feb 05)
- Re: CVE request: python-gnupg before 0.3.5 shell injection Vinay Sajip (Feb 05)
- Re: CVE request: python-gnupg before 0.3.5 shell injection Matthew Daley (Feb 04)
- Re: CVE request: python-gnupg before 0.3.5 shell injection Florian Weimer (Feb 04)
- Re: CVE request: python-gnupg before 0.3.5 shell injection Hanno Böck (Feb 06)
- Re: CVE request: python-gnupg before 0.3.5 shell injection cve-assign (Feb 09)
- Re: Re: CVE request: python-gnupg before 0.3.5 shell injection Simon McVittie (Feb 10)
- Re: CVE request: python-gnupg before 0.3.5 shell injection cve-assign (Feb 12)
- Re: CVE request: python-gnupg before 0.3.5 shell injection cve-assign (Feb 09)
- Re: CVE request: python-gnupg before 0.3.5 shell injection Henri Salo (Feb 04)
- Dokeos 2.1.1 Multiple Stored XSS Vulnerabilities Gunther (Feb 05)
- Re: Dokeos 2.1.1 Multiple Stored XSS Vulnerabilities cve-assign (Feb 07)
- Mumble-SA-2014-001 and Mumble-SA-2014-002 Mikkel Krautz (Feb 05)
- CVE request: f2py insecure temporary file use Murray McAllister (Feb 05)
- Re: CVE request: f2py insecure temporary file use Murray McAllister (Feb 06)
- Re: CVE request: f2py insecure temporary file use cve-assign (Feb 07)
- CVE Request: Multiple security issues in Android Debug Bridge (Android SDK Tools) Arun Neelicattu (Feb 05)
- Xen Security Advisory 85 - Off-by-one error in FLASK_AVC_CACHESTAT hypercall Xen . org security team (Feb 06)
- Xen Security Advisory 86 - libvchan failure handling malicious ring indexes Xen . org security team (Feb 06)
- Xen Security Advisory 84 - integer overflow in several XSM/Flask hypercalls Xen . org security team (Feb 06)
- Re: Xen Security Advisory 84 - integer overflow in several XSM/Flask hypercalls cve-assign (Feb 06)
- Re: Xen Security Advisory 84 - integer overflow in several XSM/Flask hypercalls Jan Beulich (Feb 07)
- Re: Re: Xen Security Advisory 84 - integer overflow in several XSM/Flask hypercalls Źmicier Januszkiewicz (Feb 07)
- Re: Xen Security Advisory 84 - integer overflow in several XSM/Flask hypercalls Jan Beulich (Feb 07)
- Re: Xen Security Advisory 84 - integer overflow in several XSM/Flask hypercalls cve-assign (Feb 07)
- Re: Xen Security Advisory 84 - integer overflow in several XSM/Flask hypercalls cve-assign (Feb 06)
- CVE Request: Capture::Tiny: insecure use of /tmp Salvatore Bonaccorso (Feb 06)
- Re: CVE Request: Capture::Tiny: insecure use of /tmp cve-assign (Feb 06)
- CVE Request: Linux kernel: SELinux local DoS P J P (Feb 06)
- Re: CVE Request: Linux kernel: SELinux local DoS Florian Weimer (Feb 06)
- Re: CVE Request: Linux kernel: SELinux local DoS cve-assign (Feb 06)
- CVE Split: CVE-2014-0050 Apache Commons FileUpload and Apache Tomcat DoS Arun Neelicattu (Feb 06)
- Re: CVE Split: CVE-2014-0050 Apache Commons FileUpload and Apache Tomcat DoS Arun Neelicattu (Feb 17)
- Re: CVE Split: CVE-2014-0050 Apache Commons FileUpload and Apache Tomcat DoS cve-assign (Mar 28)
- contao vulnerability - CVE assigned? Alexandre Dulaunoy (Feb 07)
- Re: contao vulnerability - CVE assigned? Hanno Böck (Feb 07)
- oath-toolkit PAM module OTP token invalidation issue Florian Weimer (Feb 07)
- Re: oath-toolkit PAM module OTP token invalidation issue cve-assign (Feb 09)
- CVE request: multiple issues in Koha Galen Charlton (Feb 07)
- Re: CVE request: multiple issues in Koha cve-assign (Feb 09)
- IcedTea-Web insecure temporary directory use - CVE-2013-6493 Tomas Hoger (Feb 07)
- CVE request? buffer overflow in socket.recvfrom_into Raphael Geissert (Feb 07)
- Re: CVE request? buffer overflow in socket.recvfrom_into cve-assign (Feb 12)
- Fwd: Old CVE ids, public, but still "RESERVED" Raphael Geissert (Feb 08)
- Re: Fwd: Old CVE ids, public, but still "RESERVED" Alan Coopersmith (Feb 08)
- Re: Old CVE ids, public, but still "RESERVED" Raphael Geissert (Feb 12)
- [oCERT-2014-001] MantisBT input sanitization errors Andrea Barisani (Feb 08)
- CVE Request New-djbdns: dnscache: potential cache poisoning P J P (Feb 09)
- Re: CVE Request New-djbdns: dnscache: potential cache poisoning Florian Weimer (Feb 10)
- Re: CVE Request New-djbdns: dnscache: potential cache poisoning P J P (Feb 10)
- Re: CVE Request New-djbdns: dnscache: potential cache poisoning P J P (Feb 10)
- Re: CVE Request New-djbdns: dnscache: potential cache poisoning Michael Samuel (Feb 11)
- Re: CVE Request New-djbdns: dnscache: potential cache poisoning P J P (Feb 11)
- Re: CVE Request New-djbdns: dnscache: potential cache poisoning P J P (Feb 11)
- Re: CVE Request New-djbdns: dnscache: potential cache poisoning Michael Samuel (Feb 11)
- Re: CVE Request New-djbdns: dnscache: potential cache poisoning P J P (Feb 11)
- Re: CVE Request New-djbdns: dnscache: potential cache poisoning P J P (Feb 17)
- Re: CVE Request New-djbdns: dnscache: potential cache poisoning Michael Samuel (Feb 17)
- Re: CVE Request New-djbdns: dnscache: potential cache poisoning P J P (Feb 18)
- Re: CVE Request New-djbdns: dnscache: potential cache poisoning Michael Samuel (Feb 11)
- Re: CVE Request New-djbdns: dnscache: potential cache poisoning P J P (Feb 11)
- Re: CVE Request New-djbdns: dnscache: potential cache poisoning Florian Weimer (Feb 27)
- Re: CVE Request New-djbdns: dnscache: potential cache poisoning P J P (Feb 10)
- Re: CVE Request New-djbdns: dnscache: potential cache poisoning cve-assign (Feb 19)
- Re: Re: CVE Request New-djbdns: dnscache: potential cache poisoning P J P (Feb 19)
- Re: CVE Request New-djbdns: dnscache: potential cache poisoning cve-assign (Feb 20)
- Re: CVE Request New-djbdns: dnscache: potential cache poisoning P J P (Feb 20)
- Re: CVE Request New-djbdns: dnscache: potential cache poisoning cve-assign (Feb 20)
- Re: Re: CVE Request New-djbdns: dnscache: potential cache poisoning Michael Samuel (Feb 20)
- Re: Re: CVE Request New-djbdns: dnscache: potential cache poisoning P J P (Feb 19)
- Re: CVE Request New-djbdns: dnscache: potential cache poisoning Florian Weimer (Feb 10)
- Xen Security Advisory 85 (CVE-2014-1895) - Off-by-one error in FLASK_AVC_CACHESTAT hypercall Xen . org security team (Feb 10)
- Xen Security Advisory 86 (CVE-2014-1896) - libvchan failure handling malicious ring indexes Xen . org security team (Feb 10)
- Xen Security Advisory 84 (CVE-2014-1891,CVE-2014-1892,CVE-2014-1893,CVE-2014-1894) - integer overflow in several XSM/Flask hypercalls Xen . org security team (Feb 10)
- CVE request: parcimonie (0.6 to 0.8, included) possible correlation between key fetches intrigeri (Feb 10)
- Re: CVE request: WebKit-GTK + Puseaudio: unexpectedly high sound volume Alexander E. Patrakov (Feb 10)
- Re: CVE request: WebKit-GTK + Puseaudio: unexpectedly high sound volume cve-assign (Feb 10)
- CVE requests: Pacemaker, Python Imaging Library, eyeD3, 9base, rc, Gamera, RPLY - insecure use of /tmp Jakub Wilk (Feb 10)
- CVE-2014-1939 searchBoxJavaBridge_ in Android Jelly Bean cve-assign (Feb 10)
- Re: CVE-2014-1939 searchBoxJavaBridge_ in Android Jelly Bean Joshua J. Drake (Feb 11)
- Re: CVE-2014-1939 searchBoxJavaBridge_ in Android Jelly Bean Nick Kralevich (Feb 18)
- Re: CVE-2014-1939 searchBoxJavaBridge_ in Android Jelly Bean cve-assign (Feb 18)
- CVE-2013-6401 Jansson hash collision issue Murray McAllister (Feb 11)
- Re: CVE-2013-6401 Jansson hash collision issue Murray McAllister (Feb 11)
- Vendor adoption of PIE INFO#934476 oss-security CERT(R) Coordination Center (Feb 11)
- Re: Vendor adoption of PIE INFO#934476 oss-security Solar Designer (Feb 15)
- Re: Vendor adoption of PIE INFO#934476 oss-security Stuart Henderson (Feb 16)
- Re: Vendor adoption of PIE INFO#934476 oss-security Christos Zoulas (Feb 16)
- Re: Vendor adoption of PIE INFO#934476 oss-security Stuart Henderson (Feb 16)
- Re: Vendor adoption of PIE INFO#934476 oss-security Nick Kralevich (Feb 16)
- Re: Vendor adoption of PIE INFO#934476 oss-security Nick Kralevich (Feb 16)
- Re: Vendor adoption of PIE INFO#934476 oss-security CERT(R) Coordination Center (Feb 16)
- Re: Vendor adoption of PIE INFO#934476 oss-security Stuart Henderson (Feb 16)
- Re: Vendor adoption of PIE INFO#934476 oss-security Solar Designer (Feb 15)
- information on "ImageMagick PSD Images Processing RLE Decoding Buffer Overflow Vulnerability" Murray McAllister (Feb 11)
- Re: information on "ImageMagick PSD Images Processing RLE Decoding Buffer Overflow Vulnerability" cve-assign (Feb 12)
- Re: information on "ImageMagick PSD Images Processing RLE Decoding Buffer Overflow Vulnerability" Murray McAllister (Feb 12)
- Re: information on "ImageMagick PSD Images Processing RLE Decoding Buffer Overflow Vulnerability" cve-assign (Feb 13)
- Re: information on "ImageMagick PSD Images Processing RLE Decoding Buffer Overflow Vulnerability" Murray McAllister (Feb 13)
- Re: information on "ImageMagick PSD Images Processing RLE Decoding Buffer Overflow Vulnerability" cve-assign (Feb 12)
- CVE request for vulnerability in OpenStack Glance Jeremy Stanley (Feb 11)
- Re: CVE request for vulnerability in OpenStack Glance cve-assign (Feb 12)
- [Benchmark 2014] WAVSEP Vulnerability Scanner Benchmark 2013/2014 Shay Chen (Feb 12)
- cinnamon-screensaver lock bypass (tested on Fedora 20) Clemens Fries (Feb 12)
- Re: cinnamon-screensaver lock bypass (tested on Fedora 20) cve-assign (Feb 12)
- Re: cinnamon-screensaver lock bypass (tested on Fedora 20) Murray McAllister (Feb 12)
- Xen Security Advisory 88 - use-after-free in xc_cpupool_getinfo() under memory pressure Xen . org security team (Feb 12)
- Xen Security Advisory 88 (CVE-2014-1950) - use-after-free in xc_cpupool_getinfo() under memory pressure Xen . org security team (Feb 12)
- [OSSA 2014-004] Glance Swift store backend password leak (CVE-2014-1948) Jeremy Stanley (Feb 12)
- CVE-2014-0079: Unauthenticated remote denial of service flaw in Zarafa Robert Scheck (Feb 12)
- Possible CVE Request for Weechat -- Mutex potentially not held for random number generation Jason A. Donenfeld (Feb 13)
- CVE Request - GnuTLS corrects flaw in certificate verification (3.1.x/3.2.x) mancha (Feb 13)
- Re: CVE Request - GnuTLS corrects flaw in certificate verification (3.1.x/3.2.x) cve-assign (Feb 13)
- Re: Re: CVE Request - GnuTLS corrects flaw in certificate verification (3.1.x/3.2.x) Tomas Hoger (Feb 25)
- Re: CVE Request - GnuTLS corrects flaw in certificate verification (3.1.x/3.2.x) cve-assign (Feb 26)
- Re: CVE Request - GnuTLS corrects flaw in certificate verification (3.1.x/3.2.x) Tomas Hoger (Feb 27)
- Re: Re: CVE Request - GnuTLS corrects flaw in certificate verification (3.1.x/3.2.x) Tomas Hoger (Feb 25)
- Re: CVE Request - GnuTLS corrects flaw in certificate verification (3.1.x/3.2.x) cve-assign (Feb 13)
- CVE request: MuPDF Stack-based Buffer Overflow in xps_parse_color() Murray McAllister (Feb 13)
- Re: CVE request: MuPDF Stack-based Buffer Overflow in xps_parse_color() cve-assign (Feb 18)
- Re: Bug#738855: initscripts: Skip killing root-owned process starting with @ Helmut Grohne (Feb 14)
- Re: Bug#738855: initscripts: Skip killing root-owned process starting with @ cve-assign (Feb 14)
- Re: Re: Bug#738855: initscripts: Skip killing root-owned process starting with @ Helmut Grohne (Feb 14)
- Re: Re: Bug#738855: initscripts: Skip killing root-owned process starting with @ Florian Weimer (Feb 15)
- Re: Re: Bug#738855: initscripts: Skip killing root-owned process starting with @ Helmut Grohne (Feb 16)
- Re: Bug#738855: initscripts: Skip killing root-owned process starting with @ Petter Reinholdtsen (Feb 15)
- Re: Bug#738855: initscripts: Skip killing root-owned process starting with @ Solar Designer (Feb 15)
- Re: Re: Bug#738855: initscripts: Skip killing root-owned process starting with @ Helmut Grohne (Feb 16)
- Re: Bug#738855: initscripts: Skip killing root-owned process starting with @ Solar Designer (Feb 15)
- Re: Bug#738855: initscripts: Skip killing root-owned process starting with @ cve-assign (Feb 14)
- [CVE-2014-0046] XSS Vulnerability With {{link-to}} Helper in Non-block Form Tom Dale (Feb 14)
- CVE request: freeradius denial of service in rlm_pap hash processing Florian Weimer (Feb 16)
- Re: CVE request: freeradius denial of service in rlm_pap hash processing cve-assign (Feb 18)
- Possible CVE Requests: several issues fixed in Jenkins (Advisory 2014-02-14) Salvatore Bonaccorso (Feb 16)
- Re: Possible CVE Requests: several issues fixed in Jenkins (Advisory 2014-02-14) David Jorm (Feb 19)
- Re: Possible CVE Requests: several issues fixed in Jenkins (Advisory 2014-02-14) Garth Mollett (Feb 20)
- Re: Possible CVE Requests: several issues fixed in Jenkins (Advisory 2014-02-14) cve-assign (Feb 20)
- Re: Possible CVE Requests: several issues fixed in Jenkins (Advisory 2014-02-14) David Jorm (Feb 19)
- CVE request: "imapsync ignores the --tls switch and sends my authentication plaintext." Murray McAllister (Feb 16)
- CVE request New-djbdns: dnscache: possible DoS P J P (Feb 17)
- Re: CVE request New-djbdns: dnscache: possible DoS P J P (Feb 18)
- Re: CVE request New-djbdns: dnscache: possible DoS cve-assign (Feb 19)
- Re: CVE request New-djbdns: dnscache: possible DoS P J P (Feb 19)
- Re: CVE request New-djbdns: dnscache: possible DoS cve-assign (Feb 20)
- Re: Re: CVE request New-djbdns: dnscache: possible DoS P J P (Feb 20)
- Re: CVE request New-djbdns: dnscache: possible DoS P J P (Feb 19)
- CVE-2014-0069 -- kernel: cifs: incorrect handling of bogus user pointers during uncached writes Petr Matousek (Feb 17)
- [OSSA 2014-005] Missing SSL certificate check in Python Swift client (CVE-2013-6396) Tristan Cacqueray (Feb 17)
- CVE request for unfixed CVE-2013-6466 in openswan-2.6.40 Paul Wouters (Feb 18)
- Re: CVE request for unfixed CVE-2013-6466 in openswan-2.6.40 cve-assign (Feb 19)
- CVE Request: Percona Toolkit automatic version check - remote code execution / information leak Marcus Meissner (Feb 18)
- CVE request: MaraDNS DoS due to incorrect bounds checking on certain strings Martin Prpic (Feb 18)
- Re: CVE request: MaraDNS DoS due to incorrect bounds checking on certain strings cve-assign (Feb 19)
- XSS Vulnerability in number_to_currency, number_to_percentage and number_to_human (CVE-2014-0081) Aaron Patterson (Feb 18)
- Data Injection Vulnerability in Active Record (CVE-2014-0080) Aaron Patterson (Feb 18)
- Denial of Service Vulnerability in Action View when using render :text (CVE-2014-0082) Aaron Patterson (Feb 18)
- CVE request: remote code execution in egroupware <= 1.8.005 Pedro Ribeiro (Feb 19)
- Re: CVE request: remote code execution in egroupware <= 1.8.005 cve-assign (Feb 19)
- Re: CVE request: remote code execution in egroupware <= 1.8.005 Ralf Becker (Feb 19)
- Re: CVE request: remote code execution in egroupware <= 1.8.005 Pedro Ribeiro (Feb 19)
- Re: CVE request: remote code execution in egroupware <= 1.8.005 Ralf Becker (Feb 19)
- Re: CVE request: remote code execution in egroupware <= 1.8.005 cve-assign (Feb 19)
- Xen Security Advisory 60 (CVE-2013-2212) - Excessive time to disable caching with HVM guests with PCI passthrough Xen . org security team (Feb 19)
- Xen Security Advisory 82 (CVE-2013-6885) - Guest triggerable AMD CPU erratum may cause host hang Xen . org security team (Feb 19)
- CVE request for CGI::Application information disclosure flaw Vincent Danen (Feb 19)
- Re: CVE request for CGI::Application information disclosure flaw cve-assign (Feb 19)
- CVE request: Linux kernel: nfs: information leakage P J P (Feb 20)
- Re: CVE request: Linux kernel: nfs: information leakage cve-assign (Feb 20)
- Re: Re: CVE request: Linux kernel: nfs: information leakage P J P (Feb 20)
- Re: CVE request: Linux kernel: nfs: information leakage cve-assign (Feb 20)
- CVE Request: Linux kernel: s390: crash due to linkage stack instruction P J P (Feb 20)
- Persistent XSS in Media File Renamer V1.7.0 Larry W. Cashdollar (Feb 20)
- Re: Persistent XSS in Media File Renamer V1.7.0 cve-assign (Feb 20)
- Request regarding posts to the lists security curmudgeon (Feb 20)
- Re: Request regarding posts to the lists Solar Designer (Feb 20)
- Re: Request regarding posts to the lists Raphael Geissert (Feb 21)
- Re: Request regarding posts to the lists Solar Designer (Feb 20)
- Fwd: temporary file creation vulnerability in Redis Matthew Hall (Feb 22)
- Re: Fwd: temporary file creation vulnerability in Redis Michael Samuel (Feb 22)
- Re: Fwd: temporary file creation vulnerability in Redis cve-assign (Feb 23)
- Re: Fwd: temporary file creation vulnerability in Redis Matthew Hall (Feb 23)
- Re: Fwd: temporary file creation vulnerability in Redis cve-assign (Feb 24)
- Re: Fwd: temporary file creation vulnerability in Redis Matthew Hall (Feb 23)
- xfe: directory masks ignored when creating new files on Samba and NFS Murray McAllister (Feb 23)
- Re: xfe: directory masks ignored when creating new files on Samba and NFS cve-assign (Feb 24)
- CVE request: XSS in MODX Revolution before 2.2.11 Hanno Böck (Feb 24)
- Re: CVE request: XSS in MODX Revolution before 2.2.11 cve-assign (Feb 24)
- CVE request for catfish program Vincent Danen (Feb 24)
- Re: CVE request for catfish program cve-assign (Feb 25)
- Re: CVE request for catfish program Vincent Danen (Feb 25)
- Re: CVE request for catfish program cve-assign (Feb 25)
- Re: CVE request for catfish program Vincent Danen (Feb 25)
- Re: CVE request for catfish program Vincent Danen (Feb 25)
- Re: CVE request for catfish program cve-assign (Feb 25)
- CVE request: hexchat buffer overflow Henri Salo (Feb 24)
- Re: CVE request: hexchat buffer overflow cve-assign (Feb 25)
- CVE request: POSH multiple vulnerabilities Damien Cauquil (Feb 26)
- REJECT CVE-2014-0070 Kurt Seifried (Feb 26)
- CVE request: PLOGGER 1.0RC1 multiple vulnerabilities Damien Cauquil (Feb 26)
- Re: CVE request: PLOGGER 1.0RC1 multiple vulnerabilities cve-assign (Feb 27)
- Re: CVE request: PLOGGER 1.0RC1 multiple vulnerabilities Damien Cauquil (Feb 27)
- Re: CVE request: PLOGGER 1.0RC1 multiple vulnerabilities cve-assign (Feb 27)
- Re: CVE request: PLOGGER 1.0RC1 multiple vulnerabilities Damien Cauquil (Feb 27)
- Re: CVE request: PLOGGER 1.0RC1 multiple vulnerabilities Damien Cauquil (Feb 27)
- Re: CVE request: PLOGGER 1.0RC1 multiple vulnerabilities cve-assign (Feb 27)
- [CVE assignment notification] Multiple vulnerabilities in POSH Damien Cauquil (Feb 26)
- CVE Request?: konqueror - https uses all ciphers, even weak ones Marcus Meissner (Feb 27)
- Re: CVE Request?: konqueror - https uses all ciphers, even weak ones Tim Brown (Mar 03)
- Re: CVE Request?: konqueror - https uses all ciphers, even weak ones Kurt Seifried (Mar 03)
- Re: CVE Request?: konqueror - https uses all ciphers, even weak ones cve-assign (Mar 03)
- Re: Re: CVE Request?: konqueror - https uses all ciphers, even weak ones Daniel Kahn Gillmor (Mar 04)
- Re: CVE Request?: konqueror - https uses all ciphers, even weak ones John Haxby (Mar 04)
- Re: CVE Request?: konqueror - https uses all ciphers, even weak ones Daniel Kahn Gillmor (Mar 04)
- Re: CVE Request?: konqueror - https uses all ciphers, even weak ones Daniel Kahn Gillmor (Mar 04)
- Re: CVE Request?: konqueror - https uses all ciphers, even weak ones John Haxby (Mar 04)
- Re: CVE Request?: konqueror - https uses all ciphers, even weak ones Daniel Kahn Gillmor (Mar 04)
- Re: CVE Request?: konqueror - https uses all ciphers, even weak ones Jann Horn (Mar 04)
- Re: CVE Request?: konqueror - https uses all ciphers, even weak ones Felix Eckhofer (Mar 04)
- Re: CVE Request?: konqueror - https uses all ciphers, even weak ones Moritz Naumann (Mar 04)
- Re: CVE Request?: konqueror - https uses all ciphers, even weak ones Hanno Böck (Mar 04)
- Re: CVE Request?: konqueror - https uses all ciphers, even weak ones Kurt Seifried (Mar 04)
- Re: CVE Request?: konqueror - https uses all ciphers, even weak ones cve-assign (Mar 04)
- Re: CVE Request?: konqueror - https uses all ciphers, even weak ones Daniel Kahn Gillmor (Mar 13)
- Re: CVE Request?: konqueror - https uses all ciphers, even weak ones cve-assign (Mar 13)
- Re: CVE Request?: konqueror - https uses all ciphers, even weak ones Kurt Seifried (Mar 03)
- Re: CVE Request?: konqueror - https uses all ciphers, even weak ones Tim Brown (Mar 03)
- CVE request: askbot xss Tomas Hoger (Feb 27)
- Re: CVE request: askbot xss cve-assign (Feb 28)
- CVE requests: MediaWiki 1.22.3, 1.21.6 and 1.19.12 release Murray McAllister (Feb 27)
- Re: CVE requests: MediaWiki 1.22.3, 1.21.6 and 1.19.12 release cve-assign (Feb 28)
- Re: CVE requests: MediaWiki 1.22.3, 1.21.6 and 1.19.12 release Vincent Danen (Feb 28)
- Re: CVE requests: MediaWiki 1.22.3, 1.21.6 and 1.19.12 release Chris Steipp (Feb 28)
- Re: Re: CVE requests: MediaWiki 1.22.3, 1.21.6 and 1.19.12 release Simon McVittie (Feb 28)
- Re: Re: CVE requests: MediaWiki 1.22.3, 1.21.6 and 1.19.12 release Chris Steipp (Feb 28)
- Re: CVE requests: MediaWiki 1.22.3, 1.21.6 and 1.19.12 release Vincent Danen (Feb 28)
- Re: CVE requests: MediaWiki 1.22.3, 1.21.6 and 1.19.12 release cve-assign (Mar 01)
- Re: CVE requests: MediaWiki 1.22.3, 1.21.6 and 1.19.12 release cve-assign (Feb 28)
- CVE request for vulnerability in OpenStack Keystone Tristan Cacqueray (Feb 28)
- Re: CVE request for vulnerability in OpenStack Keystone cve-assign (Feb 28)
- CVE request: MantisBT 1.2.13 SQL injection vulnerability Damien Regad (Feb 28)
- Re: CVE request: MantisBT 1.2.13 SQL injection vulnerability cve-assign (Feb 28)
- Re: CVE request: MantisBT 1.2.13 SQL injection vulnerability Damien Regad (Mar 03)
- Re: CVE request: MantisBT 1.2.13 SQL injection vulnerability Damien Regad (Mar 04)
- Re: CVE request: MantisBT 1.2.13 SQL injection vulnerability cve-assign (Feb 28)
- CVE request: CMS Made Simple SQL injection fixed in 1.11.10 Henri Salo (Mar 01)
- Re: CVE request: CMS Made Simple SQL injection fixed in 1.11.10 cve-assign (Mar 01)
- CVE-2014-0049 -- Linux kernel: kvm: mmio_fragments out-of-the-bounds access Petr Matousek (Mar 03)
- GnuTLS GNUTLS-SA-2014-2 Tomas Hoger (Mar 03)
- CVE Request: file: crashes when checking softmagic for some corrupt PE executables Salvatore Bonaccorso (Mar 03)
- Re: CVE Request: file: crashes when checking softmagic for some corrupt PE executables cve-assign (Mar 05)
- Re: Re: CVE Request: file: crashes when checking softmagic for some corrupt PE executables Salvatore Bonaccorso (Mar 05)
- Re: Re: CVE Request: file: crashes when checking softmagic for some corrupt PE executables Stuart Henderson (Mar 13)
- <Possible follow-ups>
- Re: Re: CVE Request: file: crashes when checking softmagic for some corrupt PE executables mancha (Mar 05)
- Re: CVE Request: file: crashes when checking softmagic for some corrupt PE executables cve-assign (Mar 05)
- possible CVE requests: perltidy insecure temporary file usage Murray McAllister (Mar 03)
- Re: Bug#740670: possible CVE requests: perltidy insecure temporary file usage Don Armstrong (Mar 07)
- Re: possible CVE requests: perltidy insecure temporary file usage cve-assign (Mar 08)
- Re: Re: possible CVE requests: perltidy insecure temporary file usage Murray McAllister (Mar 10)
- CVE request: konqueror not providing any protection against clickjacking Hanno Böck (Mar 04)
- Re: CVE request: konqueror not providing any protection against clickjacking cve-assign (Mar 06)
- CVE-2014-0100 -- Linux kernel: net: inet frag code race condition leading to user-after-free Petr Matousek (Mar 04)
- CVE-2014-0101 -- Linux kernel: net: sctp: null pointer dereference when processing authenticated cookie_echo chunk Petr Matousek (Mar 04)
- XML entity processing hardening Florian Weimer (Mar 04)
- CVE-2013-6800 is a dup of CVE-2013-1418 Marcus Meissner (Mar 04)
- Re: CVE-2013-6800 is a dup of CVE-2013-1418 cve-assign (Mar 04)
- [OSSA 2014-006] Trustee token revocation does not work with memcache backend (CVE-2014-2237) Tristan Cacqueray (Mar 04)
- CVE-2014-0102 -- Linux kernel: security: keyring cycle detector DoS Petr Matousek (Mar 04)
- Linux-PAM pam_unix/unix_chkpwd is fail-open Solar Designer (Mar 04)
- Re: Linux-PAM pam_unix/unix_chkpwd is fail-open Daniel Cegiełka (Mar 05)
- Re: Linux-PAM pam_unix/unix_chkpwd is fail-open cve-assign (Mar 07)
- Re: Linux-PAM pam_unix/unix_chkpwd is fail-open Solar Designer (Mar 07)
- libssh and stunnel PRNG flaws Huzaifa Sidhpurwala (Mar 04)
- CVE request for two net-snmp remote DoS flaws Huzaifa Sidhpurwala (Mar 05)
- Re: CVE request for two net-snmp remote DoS flaws cve-assign (Mar 05)
- CVE Request: staging/cxt1e1/linux.c: Correct arbitrary memory write in c4_ioctl() Salva Peiró (Mar 05)
- Re: CVE Request: staging/cxt1e1/linux.c: Correct arbitrary memory write in c4_ioctl() Moritz Muehlenhoff (Mar 05)
- Re: CVE Request: staging/cxt1e1/linux.c: Correct arbitrary memory write in c4_ioctl() cve-assign (Mar 06)
- CVE-2014-0036 rubygem-rbovirt: unsafe use of rest-client Garth Mollett (Mar 05)
- sudo: security policy bypass when env_reset is disabled Todd C. Miller (Mar 05)
- CVE Request/Clarification - PHP mancha (Mar 05)
- Re: CVE Request/Clarification - PHP cve-assign (Mar 07)
- <Possible follow-ups>
- Re: CVE Request/Clarification - PHP mancha (Mar 07)
- CVE request: net-snmp agentx incorrect handling of multi-object requests DoS Raphael Geissert (Mar 06)
- Re: CVE request: net-snmp agentx incorrect handling of multi-object requests DoS Huzaifa Sidhpurwala (Mar 06)
- Re: CVE request: net-snmp agentx incorrect handling of multi-object requests DoS Raphael Geissert (Mar 07)
- Re: CVE request: net-snmp agentx incorrect handling of multi-object requests DoS cve-assign (Mar 07)
- Re: CVE request: net-snmp agentx incorrect handling of multi-object requests DoS Huzaifa Sidhpurwala (Mar 06)
- CVE request: cloud-init DNS resolution fix Florian Weimer (Mar 06)
- Re: CVE request: cloud-init DNS resolution fix cve-assign (Mar 06)
- IMAP STARTTLS sniff tool Bob Ezrin (Mar 07)
- Re: IMAP STARTTLS sniff tool Solar Designer (Mar 07)
- <Possible follow-ups>
- Fw: Re: IMAP STARTTLS sniff tool Bob Ezrin (Mar 12)
- Re: Fw: Re: IMAP STARTTLS sniff tool Solar Designer (Mar 12)
- Re: IMAP STARTTLS sniff tool Henri Salo (Mar 12)
- Re: IMAP STARTTLS sniff tool Yves-Alexis Perez (Mar 13)
- Re: Fw: Re: IMAP STARTTLS sniff tool Solar Designer (Mar 12)
- CVE Request: Linux kernel: IPv6: crash due to router advertisement flooding Sabrina Dubroca (Mar 07)
- Re: CVE Request: Linux kernel: IPv6: crash due to router advertisement flooding cve-assign (Mar 07)
- CVE Request: thermald Seth Arnold (Mar 07)
- Re: CVE Request: thermald cve-assign (Mar 08)
- CVE request: SQL injection in MODX Revolution before 2.2.13 Hanno Böck (Mar 08)
- Re: CVE request: SQL injection in MODX Revolution before 2.2.13 cve-assign (Mar 08)
- udisks and udisks2: stack-based buffer overflow when handling long path names Huzaifa Sidhpurwala (Mar 10)
- Two stack-based issues in freetype [NOT a request] Raphael Geissert (Mar 10)
- Re: Two stack-based issues in freetype [NOT a request] cve-assign (Mar 12)
- Re: Two stack-based issues in freetype [NOT a request] Raphael Geissert (Mar 12)
- Re: Two stack-based issues in freetype [NOT a request] cve-assign (Mar 12)
- CVE Request for Quick Blind TCP Connection Spoofing with SYN Cookies Marcus Meissner (Mar 10)
- Re: CVE Request for Quick Blind TCP Connection Spoofing with SYN Cookies cve-assign (Mar 12)
- CVE-2014-0131 -- kernel: net: use-after-free during segmentation with zerocopy Petr Matousek (Mar 10)
- Re: CVE-2014-0131 -- kernel: net: use-after-free during segmentation with zerocopy Chris Palmer (Mar 11)
- Re: CVE-2014-0131 -- kernel: net: use-after-free during segmentation with zerocopy Petr Matousek (Mar 11)
- Re: CVE-2014-0131 -- kernel: net: use-after-free during segmentation with zerocopy Chris Palmer (Mar 11)
- When is broken crypto a vulnerability? Hanno Böck (Mar 10)
- Re: When is broken crypto a vulnerability? Alex Gaynor (Mar 10)
- Re: When is broken crypto a vulnerability? Chris Palmer (Mar 10)
- Re: When is broken crypto a vulnerability? cve-assign (Mar 10)
- Re: When is broken crypto a vulnerability? Hanno Böck (Mar 10)
- Re: Re: When is broken crypto a vulnerability? Chris Palmer (Mar 10)
- Re: When is broken crypto a vulnerability? cve-assign (Mar 10)
- Re: When is broken crypto a vulnerability? cve-assign (Mar 11)
- Re: When is broken crypto a vulnerability? Hanno Böck (Mar 10)
- Re: When is broken crypto a vulnerability? Alex Gaynor (Mar 10)
- CVE request: claws-mail vcalendar plugin stores user/password in cleartext Vincent Danen (Mar 10)
- Re: CVE request: claws-mail vcalendar plugin stores user/password in cleartext Paul (Mar 12)
- Re: Re: CVE request: claws-mail vcalendar plugin stores user/password in cleartext Marcus Meissner (Mar 12)
- Re: Re: CVE request: claws-mail vcalendar plugin stores user/password in cleartext Michael Samuel (Mar 12)
- Re: CVE request: claws-mail vcalendar plugin stores user/password in cleartext cve-assign (Mar 21)
- Re: Re: CVE request: claws-mail vcalendar plugin stores user/password in cleartext Michael Samuel (Mar 22)
- Re: Re: CVE request: claws-mail vcalendar plugin stores user/password in cleartext Marcus Meissner (Mar 12)
- Re: CVE request: claws-mail vcalendar plugin stores user/password in cleartext Paul (Mar 12)
- Remote Command Injection in Arabic Prawn 0.0.1 Ruby Gem Larry W. Cashdollar (Mar 10)
- Re: Remote Command Injection in Arabic Prawn 0.0.1 Ruby Gem cve-assign (Mar 12)
- lighttpd 1.4.34 SQL injection and path traversal CVE request Stefan Bühler (Mar 12)
- Re: lighttpd 1.4.34 SQL injection and path traversal CVE request cve-assign (Mar 12)
- Cookie Reuse Thomas Williams (Mar 12)
- Re: Cookie Reuse Russ Allbery (Mar 12)
- CVE-Request - pen issues Steve Kemp (Mar 12)
- Re: CVE-Request - pen issues cve-assign (Mar 13)
- <Possible follow-ups>
- Re: Re: CVE-Request - pen issues Steve Kemp (Mar 13)
- CVE request for icinga 1 byte \0 overflows Marcus Meissner (Mar 13)
- Re: CVE request for icinga 1 byte \0 overflows cve-assign (Mar 13)
- Re: Re: CVE request for icinga 1 byte \0 overflows Agostino Sarubbo (Mar 13)
- Re: CVE request for icinga 1 byte \0 overflows cve-assign (Mar 13)
- CVE request, libgd and php's gd Pierre Joye (Mar 14)
- Re: CVE request, libgd and php's gd cve-assign (Mar 14)
- CVE request for a bug in gnu coreutils 8.22 Qixue Xiao (Mar 14)
- Re: CVE request for a bug in gnu coreutils 8.22 Marcus Meissner (Mar 14)
- <Possible follow-ups>
- CVE request for a bug in gnu coreutils 8.22 Qixue Xiao (Mar 19)
- Re: CVE request for a bug in gnu coreutils 8.22 Solar Designer (Mar 19)
- Insecure usage of temporary files in GNU Readline Steve Kemp (Mar 14)
- Re: Insecure usage of temporary files in GNU Readline cve-assign (Mar 17)
- CVE request: kdirstat, insufficient quote escaping leading to arbitrary command execution Murray McAllister (Mar 16)
- CVE Request: netfilter: remote memory corruption in nf_conntrack_proto_dccp.c Marcus Meissner (Mar 17)
- CVE request: flaw in curl's Windows SSL backend Daniel Stenberg (Mar 17)
- Re: CVE request: flaw in curl's Windows SSL backend cve-assign (Mar 17)
- CVE request -- libvirt: unprivileged user can crash libvirtd during spice migration Petr Matousek (Mar 18)
- CVE request for python/zipfile jmm (Mar 18)
- Re: CVE request for python/zipfile cve-assign (Mar 19)
- [OT] FD mailing list died. Time for new one Georgi Guninski (Mar 19)
- Re: [OT] FD mailing list died. Time for new one Solar Designer (Mar 19)
- Re: [OT] FD mailing list died. Time for new one Georgi Guninski (Mar 19)
- Re: [OT] FD mailing list died. Time for new one Solar Designer (Mar 19)
- Re: [OT] FD mailing list died. Time for new one Georgi Guninski (Mar 19)
- Re: [OT] FD mailing list died. Time for new one Solar Designer (Mar 19)
- Re: [OT] FD mailing list died. Time for new one Georgi Guninski (Mar 19)
- Re: [OT] FD mailing list died. Time for new one Fyodor (Mar 25)
- Re: [OT] FD mailing list died. Time for new one coderman (Mar 25)
- Re: [OT] FD mailing list died. Time for new one Georgi Guninski (Mar 19)
- Re: [OT] FD mailing list died. Time for new one Georgi Guninski (Mar 19)
- Re: [OT] FD mailing list died. Time for new one Georgi Guninski (Mar 19)
- Re: [OT] FD mailing list died. Time for new one Dean Pierce (Mar 19)
- Re: [OT] FD mailing list died. Time for new one Dean Pierce (Mar 19)
- Re: [OT] FD mailing list died. Time for new one Georgi Guninski (Mar 19)
- Re: [OT] FD mailing list died. Time for new one gremlin (Mar 19)
- Re: [OT] FD mailing list died. Time for new one Jann Horn (Mar 19)
- Re: [OT] FD mailing list died. Time for new one Georgi Guninski (Mar 20)
- Re: [OT] FD mailing list died. Time for new one Georgi Guninski (Mar 20)
- Re: [OT] FD mailing list died. Time for new one Chris Steipp (Mar 19)
- Re: [OT] FD mailing list died. Time for new one Georgi Guninski (Mar 20)
- Re: [OT] FD mailing list died. Time for new one Georgi Guninski (Mar 20)
- Re: [OT] FD mailing list died. Time for new one Georgi Guninski (Mar 20)
- Re: [OT] FD mailing list died. Time for new one Dean Pierce (Mar 19)
- Re: [OT] FD mailing list died. Time for new one Georgi Guninski (Mar 21)
- Re: [OT] FD mailing list died. Time for new one Georgi Guninski (Mar 22)
- Re: [OT] FD mailing list died. Time for new one Georgi Guninski (Mar 24)
- Re: [OT] FD mailing list died. Time for new one Solar Designer (Mar 29)
- Re: [OT] FD mailing list died. Time for new one Georgi Guninski (Mar 30)
- Re: [OT] FD mailing list died. Time for new one Solar Designer (Mar 30)
- Re: [OT] FD mailing list died. Time for new one Solar Designer (Mar 29)
- Re: [OT] FD mailing list died. Time for new one Solar Designer (Mar 19)
- CVE Request: rack-ssl rubygem: XSS in error page Marcus Meissner (Mar 19)
- Re: CVE Request: rack-ssl rubygem: XSS in error page cve-assign (Mar 19)
- TigerVNC 1.3.1 fixes ZRLE decoding bounds checking issue Tomas Hoger (Mar 19)
- Requesting a CVE id for Trojitá, an e-mail client: SSL stripping Jan Kundrát (Mar 19)
- Re: Requesting a CVE id for Trojita, an e-mail client: SSL stripping cve-assign (Mar 20)
- Re: Requesting a CVE id for Trojita, an e-mail client: SSL stripping Jan Kundrát (Mar 20)
- Re: Requesting a CVE id for Trojita, an e-mail client: SSL stripping cve-assign (Mar 20)
- Re: FD mailing list died. Time for new one (or something better!) coderman (Mar 20)
- Re: Re: FD mailing list died. Time for new one (or something better!) Georgi Guninski (Mar 20)
- Re: Re: FD mailing list died. Time for new one (or something better!) Simon Ward (Mar 20)
- Re: Re: FD mailing list died. Time for new one (or something better!) Georgi Guninski (Mar 20)
- Re: Re: FD mailing list died. Time for new one (or something better!) Simon Ward (Mar 20)
- Re: FD mailing list died. Time for new one (or something better!) coderman (Mar 20)
- Re: FD mailing list died. Time for new one (or something better!) coderman (Mar 20)
- Re: Re: FD mailing list died. Time for new one (or something better!) Solar Designer (Mar 20)
- Re: FD mailing list died. Time for new one (or something better!) coderman (Mar 20)
- Re: Re: FD mailing list died. Time for new one (or something better!) Georgi Guninski (Mar 20)
- CVE request -- kernel: net: potential information leak when ubuf backed skbs are skb_zerocopy()ied Petr Matousek (Mar 20)
- CVE-2013-7339 Linux kernel - rds: prevent dereference of a NULL device cve-assign (Mar 20)
- CVE request for vulnerability in OpenStack Nova Grant Murphy (Mar 20)
- Re: CVE request for vulnerability in OpenStack Nova cve-assign (Mar 20)
- CVE Request - Uhuru Mobile Davfi Multiple Vulnerabilites dawgystyle (Mar 22)
- Re: CVE Request - Uhuru Mobile Davfi Multiple Vulnerabilites cve-assign (Mar 22)
- possible CVE request: smb4k credentials cache leak Murray McAllister (Mar 23)
- Re: possible CVE request: smb4k credentials cache leak cve-assign (Mar 25)
- KAuth security issues Sebastian Krahmer (Mar 24)
- Re: KAuth security issues Sebastian Krahmer (Mar 26)
- Re: KAuth security issues Florian Weimer (Mar 26)
- Re: KAuth security issues Sebastian Krahmer (Mar 26)
- Re: KAuth security issues Florian Weimer (Mar 26)
- Re: KAuth security issues Sebastian Krahmer (Mar 26)
- Over-embargoing Florian Weimer (Mar 24)
- Re: Over-embargoing Georgi Guninski (Mar 24)
- pam_timestamp internals Sebastian Krahmer (Mar 24)
- Re: pam_timestamp internals cve-assign (Mar 26)
- Re: pam_timestamp internals Dmitry V. Levin (Mar 31)
- Re: pam_timestamp internals Sebastian Krahmer (Mar 31)
- Re: pam_timestamp internals Dmitry V. Levin (Mar 31)
- Re: pam_timestamp internals Sebastian Krahmer (Mar 31)
- Re: pam_timestamp internals Sebastian Krahmer (Mar 31)
- Xen Security Advisory 90 - Linux netback crash trying to disable due to malformed packet Xen . org security team (Mar 24)
- [oCERT-2014-002] Xalan-Java insufficient secure processing Andrea Barisani (Mar 24)
- Xen Security Advisory 89 - HVMOP_set_mem_access is not preemptible Xen . org security team (Mar 25)
- Re: Xen Security Advisory 89 - HVMOP_set_mem_access is not preemptible cve-assign (Mar 25)
- T201403525 - Hypercube security Advisory Just1n T1mberlake (Mar 25)
- Re: T201403525 - Hypercube security Advisory cve-assign (Mar 26)
- CVE request: postfixadmin SQL injection vulnerability Thijs Kinkhorst (Mar 26)
- Re: CVE request: postfixadmin SQL injection vulnerability cve-assign (Mar 26)
- CVE request: openssh client does not check SSHFP if server offers certificate Thijs Kinkhorst (Mar 26)
- QEMU image format input validation fixes (multiple CVEs) Stefan Hajnoczi (Mar 26)
- [oCERT-2014-003] LibYAML input sanitization errors Andrea Barisani (Mar 26)
- CVE requests: Zend Framework issues fixed in ZF2014-01 and ZF2014-02 Murray McAllister (Mar 26)
- Adventure with Stack Smashing Protector (SSP) Adam Zabrocki (Mar 26)
- Re: Adventure with Stack Smashing Protector (SSP) Solar Designer (Mar 28)
- Re: Adventure with Stack Smashing Protector (SSP) Georgi Guninski (Mar 29)
- Re: Adventure with Stack Smashing Protector (SSP) Julien Cristau (Mar 29)
- Re: Adventure with Stack Smashing Protector (SSP) Georgi Guninski (Mar 29)
- Re: Adventure with Stack Smashing Protector (SSP) Georgi Guninski (Mar 29)
- Re: Adventure with Stack Smashing Protector (SSP) Solar Designer (Mar 28)
- [OSSA 2014-007] Potential context confusion in Keystone middleware (CVE-2014-0105) Tristan Cacqueray (Mar 27)
- [OSSA 2014-008] Routers can be cross plugged by other tenants (CVE-2014-0056) Grant Murphy (Mar 27)
- [OSSA 2014-009] Nova host data leak to vm instance in rescue mode (CVE-2014-0134) Tristan Cacqueray (Mar 27)
- CVE request: MediaWiki 1.22.5 login csrf Chris Steipp (Mar 27)
- Re: CVE request: MediaWiki 1.22.5 login csrf Florent Daigniere (Mar 28)
- Re: CVE request: MediaWiki 1.22.5 login csrf Chris Steipp (Mar 28)
- Re: CVE request: MediaWiki 1.22.5 login csrf Florent Daigniere (Mar 28)
- Re: CVE request: MediaWiki 1.22.5 login csrf Chris Steipp (Mar 28)
- Re: CVE request: MediaWiki 1.22.5 login csrf Florent Daigniere (Mar 28)
- Re: CVE request: MediaWiki 1.22.5 login csrf Chris Steipp (Mar 28)
- Re: CVE request: MediaWiki 1.22.5 login csrf Florent Daigniere (Mar 28)
- Re: CVE request: MediaWiki 1.22.5 login csrf Chris Steipp (Mar 28)
- Re: CVE request: MediaWiki 1.22.5 login csrf Jann Horn (Mar 28)
- Re: CVE request: MediaWiki 1.22.5 login csrf Florent Daigniere (Mar 29)
- Re: CVE request: MediaWiki 1.22.5 login csrf Jann Horn (Mar 29)
- Re: CVE request: MediaWiki 1.22.5 login csrf Chris Steipp (Mar 28)
- Re: CVE request: MediaWiki 1.22.5 login csrf Florent Daigniere (Mar 28)
- JBoss EJBInvokerServlet/JMXInvokerServlet confusion Steven M. Christey (Mar 28)
- Re: JBoss EJBInvokerServlet/JMXInvokerServlet confusion David Jorm (Mar 30)
- OT What are the delays in delivery of Fyodor's Full Disclosure list? Georgi Guninski (Mar 28)
- Re: OT What are the delays in delivery of Fyodor's Full Disclosure list? Fyodor (Mar 28)
- Re: OT What are the delays in delivery of Fyodor's Full Disclosure list? Georgi Guninski (Mar 29)
- Re: OT What are the delays in delivery of Fyodor's Full Disclosure list? Fyodor (Mar 28)
- CVE request: os.makedirs(exist_ok=True) is not thread-safe in Python Vincent Danen (Mar 28)
- Re: [PSRT] CVE request: os.makedirs(exist_ok=True) is not thread-safe in Python Victor Stinner (Mar 29)
- Re: CVE request: os.makedirs(exist_ok=True) is not thread-safe in Python cve-assign (Mar 30)
- CVE request: Linux Kernel, two security issues Agostino Sarubbo (Mar 30)
- Re: CVE request: Linux Kernel, two security issues cve-assign (Mar 30)
- CVEs, Crypto and "vulnerabilities" Kurt Seifried (Mar 30)
- Re: CVEs, Crypto and "vulnerabilities" Donald Stufft (Mar 31)
- Re: CVEs, Crypto and "vulnerabilities" Michael Samuel (Mar 31)
- Re: CVEs, Crypto and "vulnerabilities" Marcus Meissner (Mar 31)
- Re: CVEs, Crypto and "vulnerabilities" Tim (Mar 31)
- Re: CVEs, Crypto and "vulnerabilities" Marcus Meissner (Mar 31)
- CVE-2013-7348 CVE-2014-2678 Linux kernel aio and rds issues cve-assign (Mar 31)
- GOST 28147-89 gets 512 bit and 1 kbit keys gremlin (Mar 31)