oss-sec: by thread
402 messages
starting Jul 01 08 and
ending Sep 30 08
Date index |
Thread index |
Author index
- Re: CVE id request mercurial:Insufficient input validation Nico Golde (Jul 01)
- Re: openldap DoS Josh Bressers (Jul 01)
- <Possible follow-ups>
- Re: openldap DoS Steven M. Christey (Jul 01)
- Re: openldap DoS Nico Golde (Jul 13)
- Re: openldap DoS Ludwig Nussel (Jul 01)
- Re: Two remote DoS issues in linuxdcpp Steven M. Christey (Jul 01)
- Re: Two remote DoS issues in linuxdcpp Robert Buchholz (Jul 01)
- Re: CVE Request (pidgin) Steven M. Christey (Jul 01)
- Re: Re: CVE Request (pidgin) Nico Golde (Jul 03)
- Re: Re: CVE Request (pidgin) Josh Bressers (Jul 03)
- Re: Re: CVE Request (pidgin) Robert Buchholz (Jul 03)
- Re: Re: CVE Request (pidgin) Josh Bressers (Jul 03)
- Re: Re: CVE Request (pidgin) Josh Bressers (Jul 03)
- Re: Re: CVE Request (pidgin) Vincent Danen (Jul 03)
- Re: Re: CVE Request (pidgin) Nico Golde (Jul 05)
- Re: Re: CVE Request (pidgin) Vincent Danen (Jul 08)
- Re: Re: CVE Request (pidgin) Nico Golde (Jul 05)
- <Possible follow-ups>
- CVE Request (pidgin) Josh Bressers (Aug 05)
- Re: CVE Request (pidgin) Steven M. Christey (Aug 07)
- Re: Re: CVE Request (pidgin) Nico Golde (Jul 03)
- Re: CVE id request: checkinstall Steven M. Christey (Jul 01)
- Re: CVE request: php 5.2.6 ext/imap buffer overflows Steven M. Christey (Jul 01)
- Re: CVE request for dnsmasq DoS Steven M. Christey (Jul 01)
- Re: CVE request for dnsmasq DoS Nico Golde (Jul 02)
- Re: CVE request for dnsmasq DoS Jamie Strandboge (Jul 03)
- Re: CVE request for dnsmasq DoS Jamie Strandboge (Jul 08)
- Re: CVE request for dnsmasq DoS Josh Bressers (Jul 23)
- Re: CVE request for dnsmasq DoS Robert Buchholz (Jul 23)
- Re: CVE request for dnsmasq DoS Robert Buchholz (Jul 23)
- Re: CVE request for dnsmasq DoS Jamie Strandboge (Jul 12)
- Re: CVE request for dnsmasq DoS Jamie Strandboge (Jul 08)
- More ruby integer overflows (rb_ary_fill / Array#fill) Tomas Hoger (Jul 02)
- Re: CVE request: phpmyadmin < 2.11.7 XSS Steven M. Christey (Jul 02)
- 2.6.25.10 security fixes, please assign CVE id Marcus Meissner (Jul 03)
- Re: 2.6.25.10 security fixes, please assign CVE id Eugene Teo (Jul 08)
- Re: 2.6.25.10 security fixes, please assign CVE id Steven M. Christey (Jul 08)
- CVE request: mybb Hanno Böck (Jul 06)
- Re: CVE request: mybb Steven M. Christey (Jul 08)
- CVE request: simple machines forum Hanno Böck (Jul 06)
- Re: CVE request: simple machines forum Steven M. Christey (Jul 08)
- CVE request: moodle xss in < 1.8.5 Hanno Böck (Jul 06)
- Re: CVE request: moodle xss in < 1.8.5 Nico Golde (Jul 06)
- Re: CVE request: moodle xss in < 1.8.5 Hanno Böck (Jul 08)
- Re: CVE request: moodle xss in < 1.8.5 Nico Golde (Jul 08)
- Re: CVE request: moodle xss in < 1.8.5 Steven M. Christey (Jul 08)
- Re: CVE request: moodle xss in < 1.8.5 Nico Golde (Jul 08)
- Re: CVE request: moodle xss in < 1.8.5 Nico Golde (Jul 11)
- Re: CVE request: moodle xss in < 1.8.5 Hanno Böck (Jul 08)
- Re: CVE request: moodle xss in < 1.8.5 Nico Golde (Jul 06)
- Re: More arbitrary code executions in Netrw version 125, Vim 7.2a.10 Jonathan Smith (Jul 07)
- Re: More arbitrary code executions in Netrw version 125, Vim 7.2a.10 Steven M. Christey (Jul 08)
- Re: Re: More arbitrary code executions in Netrw version 125, Vim 7.2a.10 Tomas Hoger (Jul 10)
- Re: Re: More arbitrary code executions in Netrw version 125, Vim 7.2a.10 Jan Minář (Jul 12)
- Re: Re: More arbitrary code executions in Netrw version 125, Vim 7.2a.10 Tomas Hoger (Jul 15)
- Re: Re: More arbitrary code executions in Netrw version 125, Vim 7.2a.10 Jan Minář (Jul 16)
- Re: Re: More arbitrary code executions in Netrw version 125, Vim 7.2a.10 Tomas Hoger (Jul 16)
- Re: Re: More arbitrary code executions in Netrw version 125, Vim 7.2a.10 Jan Minář (Jul 16)
- Re: Re: More arbitrary code executions in Netrw version 125, Vim 7.2a.10 Jonathan Smith (Jul 20)
- Re: Re: More arbitrary code executions in Netrw version 125, Vim 7.2a.10 Tomas Hoger (Jul 20)
- Re: Re: More arbitrary code executions in Netrw version 125, Vim 7.2a.10 Steven M. Christey (Jul 31)
- Re: Re: More arbitrary code executions in Netrw version 125, Vim 7.2a.10 Tomas Hoger (Aug 05)
- Re: Re: More arbitrary code executions in Netrw version 125, Vim 7.2a.10 Jan Minář (Jul 21)
- Re: Re: More arbitrary code executions in Netrw version 125, Vim 7.2a.10 Tomas Hoger (Jul 21)
- Re: Re: More arbitrary code executions in Netrw version 125, Vim 7.2a.10 Jan Minář (Jul 21)
- Re: Re: More arbitrary code executions in Netrw version 125, Vim 7.2a.10 Tomas Hoger (Jul 10)
- <Possible follow-ups>
- Re: More arbitrary code executions in Netrw version 125, Vim 7.2a.10 Jonathan Smith (Jul 07)
- Re: More arbitrary code executions in Netrw version 125, Vim 7.2a.10 Bram Moolenaar (Jul 07)
- Re: More arbitrary code executions in Netrw version 125, Vim 7.2a.10 Steven M. Christey (Jul 08)
- [oCERT-2008-007] libpoppler uninitialized pointer Andrea Barisani (Jul 07)
- CVE-2008-2931 kernel: missing check before setting mount propagation Eugene Teo (Jul 08)
- Re: CVE-2008-2931 kernel: missing check before setting mount propagation Eugene Teo (Jul 08)
- Re: CVE id request: Clamav Tomas Hoger (Jul 08)
- Re: CVE id request: Clamav Tomas Hoger (Jul 15)
- Re: CVE id request: Clamav Steven M. Christey (Jul 18)
- Major DNS vulnerability announced [CVE Question] security curmudgeon (Jul 08)
- Re: Major DNS vulnerability announced [CVE Question] Steven M. Christey (Jul 08)
- Re: Major DNS vulnerability announced [CVE Question] Jonathan Smith (Jul 08)
- Re: Major DNS vulnerability announced [CVE Question] The Fungi (Jul 08)
- Re: Major DNS vulnerability announced [CVE Question] Matthias Andree (Jul 09)
- Re: Major DNS vulnerability announced [CVE Question] Florian Weimer (Jul 09)
- Re: Major DNS vulnerability announced [CVE Question] Jonathan Smith (Jul 08)
- Re: Major DNS vulnerability announced [CVE Question] Steven M. Christey (Jul 08)
- DNS vulnerability: other relevant software Matthias Geerdsen (Jul 09)
- Re: DNS vulnerability: other relevant software The Fungi (Jul 09)
- Re: DNS vulnerability: other relevant software Mark J Cox (Jul 09)
- Re: DNS vulnerability: other relevant software Florian Weimer (Jul 09)
- Re: DNS vulnerability: other relevant software Eugene Teo (Jul 09)
- Re: DNS vulnerability: other relevant software Eugene Teo (Jul 09)
- Re: DNS vulnerability: other relevant software Eugene Teo (Jul 10)
- Re: DNS vulnerability: other relevant software Nathanael Hoyle (Jul 10)
- Re: DNS vulnerability: other relevant software Bernhard R. Link (Jul 11)
- Re: DNS vulnerability: other relevant software Nathanael Hoyle (Jul 11)
- Re: DNS vulnerability: other relevant software Florian Weimer (Jul 13)
- Re: DNS vulnerability: other relevant software Florian Weimer (Jul 12)
- Re: DNS vulnerability: other relevant software Eugene Teo (Jul 09)
- Re: DNS vulnerability: other relevant software Mark J Cox (Jul 09)
- Re: DNS vulnerability: other relevant software Robert Buchholz (Jul 09)
- Re: DNS vulnerability: other relevant software Thomas Biege (Jul 10)
- Re: DNS vulnerability: other relevant software The Fungi (Jul 09)
- CVE id request: projectl Nico Golde (Jul 09)
- Re: CVE id request: projectl Steven M. Christey (Jul 18)
- CVE id request: libavformat Steffen Joeris (Jul 09)
- Re: CVE id request: libavformat Nico Golde (Jul 16)
- CVE request: PowerDNS recursor source port randomization Florian Weimer (Jul 09)
- Re: CVE request: PowerDNS recursor source port randomization Florian Weimer (Jul 16)
- CVE request: multiple drupal issues in < 6.3,5.8 Hanno Böck (Jul 09)
- Re: CVE request: multiple drupal issues in < 6.3,5.8 Steven M. Christey (Jul 18)
- CVE request: phpbb < 3.0.2 Hanno Böck (Jul 12)
- Re: CVE request: phpbb < 3.0.2 Steven M. Christey (Jul 18)
- CVE requests: joomla <1.5.4 Hanno Böck (Jul 12)
- Re: CVE requests: joomla <1.5.4 Steven M. Christey (Jul 18)
- CVE id request: op Nico Golde (Jul 12)
- Re: CVE id request: op Steven M. Christey (Jul 18)
- CVE requests: crashers by zzuf Hanno Böck (Jul 13)
- Re: CVE-2008-2365 kernel: ptrace: Crash on PTRACE_{ATTACH,DETACH} race -- affecting kernel versions <= 2.6.25 Marcus Meissner (Jul 14)
- CVE request: dotclear < 1.2.8 Hanno Böck (Jul 14)
- Re: CVE Id request: vim Tomas Hoger (Jul 15)
- CVE id request: byacc Jan Lieskovsky (Jul 15)
- Re: CVE id request: byacc Steven M. Christey (Jul 16)
- CVE request: Wordpress XSS Hanno Böck (Jul 15)
- Re: CVE request: Wordpress XSS Tomas Hoger (Jul 16)
- Re: CVE request: Wordpress XSS Nico Golde (Jul 16)
- Re: CVE request: Wordpress XSS Tomas Hoger (Jul 16)
- CVE request: phpmyadmin < 2.11.7.1 Hanno Böck (Jul 15)
- Re: CVE request: phpmyadmin < 2.11.7.1 Thijs Kinkhorst (Jul 16)
- Re: CVE request: phpmyadmin < 2.11.7.1 Hanno Böck (Jul 16)
- Re: CVE request: phpmyadmin < 2.11.7.1 Steven M. Christey (Jul 16)
- Re: CVE request: phpmyadmin < 2.11.7.1 Thijs Kinkhorst (Jul 16)
- Re: CVE Request: Critical vuln in Firefox 3.0 Nico Golde (Jul 16)
- Re: vsftpd CVE-2007-5962 (Red Hat / Fedora specific) Michail Litvak (Jul 17)
- Re: vsftpd CVE-2007-5962 (Red Hat / Fedora specific) Jonathan Smith (Jul 20)
- CVE request: punbb < 1.2.19 Hanno Böck (Jul 20)
- Re: CVE request: punbb < 1.2.19 Steven M. Christey (Jul 27)
- CVE request: mybb < 1.2.14 Hanno Böck (Jul 20)
- Re: CVE request: mybb < 1.2.14 Steven M. Christey (Jul 27)
- CVE request: mantis < 1.1.2 Tomas Hoger (Jul 21)
- Re: CVE request: mantis < 1.1.2 Steven M. Christey (Jul 27)
- CVE id request: moodle XSS and CSRF Ludwig Nussel (Jul 25)
- Re: CVE id request: moodle XSS and CSRF Steven M. Christey (Jul 25)
- CVE request: drupal issue in < 5.9 Miklos Vajna (Jul 26)
- Re: CVE request: drupal issue in < 5.9 Nico Golde (Jul 26)
- Re: CVE request: drupal issue in < 5.9 Miklos Vajna (Jul 26)
- Re: CVE request: drupal issue in < 5.9 Steven M. Christey (Jul 26)
- Re: CVE request: drupal issue in < 5.9 Nico Golde (Jul 27)
- Re: CVE request: drupal issue in < 5.9 Miklos Vajna (Jul 27)
- Re: CVE request: drupal issue in < 5.9 Nico Golde (Jul 27)
- Re: CVE request: drupal issue in < 5.9 Miklos Vajna (Jul 27)
- Re: CVE request: drupal issue in < 5.9 Miklos Vajna (Jul 26)
- Re: CVE request: drupal issue in < 5.9 Nico Golde (Jul 26)
- CVE id request: horde3/turba2 Nico Golde (Jul 27)
- Re: CVE id request: horde3/turba2 Steven M. Christey (Jul 27)
- Re: CVE id request: horde3/turba2 Tomas Hoger (Jul 28)
- Re: CVE id request: horde3/turba2 Nico Golde (Jul 28)
- Re: CVE id request: horde3/turba2 Steven M. Christey (Jul 28)
- Re: CVE id request: horde3/turba2 Tomas Hoger (Jul 28)
- Re: CVE id request: horde3/turba2 Steven M. Christey (Jul 27)
- cups patches for CVE-2008-0597 and CVE-2008-0596 Steffen Joeris (Jul 27)
- Re: cups patches for CVE-2008-0597 and CVE-2008-0596 Robert Buchholz (Jul 27)
- Re: cups patches for CVE-2008-0597 and CVE-2008-0596 Tomas Hoger (Jul 28)
- Re: cups patches for CVE-2008-0597 and CVE-2008-0596 Robert Buchholz (Jul 27)
- Links < 2.1 security issue Pierre-Yves Rofes (Jul 27)
- Re: Links < 2.1 security issue Steven M. Christey (Jul 27)
- Re: Links < 2.1 security issue Nico Golde (Jul 28)
- Re: Links < 2.1 security issue Steven M. Christey (Jul 27)
- CVE request: phpmyadmin < 2.11.8 Hanno Böck (Jul 28)
- Re: CVE request: phpmyadmin < 2.11.8 Steven M. Christey (Aug 04)
- Re: CVE request: phpmyadmin < 2.11.8 Nico Golde (Aug 08)
- Re: CVE request: phpmyadmin < 2.11.8 Steven M. Christey (Aug 12)
- Re: CVE request: phpmyadmin < 2.11.8 Nico Golde (Aug 08)
- Re: CVE request: phpmyadmin < 2.11.8 Steven M. Christey (Aug 04)
- CVE request: condor < 7.0.4 Mark J Cox (Jul 30)
- Re: CVE request: condor < 7.0.4 Steven M. Christey (Jul 31)
- Mono ASP.net cross site scripting issue Marcus Meissner (Jul 31)
- Re: Mono ASP.net cross site scripting issue Steven M. Christey (Jul 31)
- [oCERT-2008-009] libxslt heap overflow Andrea Barisani (Jul 31)
- OpenSC Security Advisory Andreas Jellinghaus (Jul 31)
- CVE request: vtigercrm < 5.0.4 Hanno Böck (Jul 31)
- Re: CVE request: vtigercrm < 5.0.4 Steven M. Christey (Aug 04)
- SVG vulnerability affecting Firefox, evince, eog, Gimp? Alexander Konovalenko (Jul 31)
- Re: SVG vulnerability affecting Firefox, evince, eog, Gimp? Josh Bressers (Jul 31)
- Re: SVG vulnerability affecting Firefox, evince, eog, Gimp? Jan Lieskovsky (Aug 04)
- Re: SVG vulnerability affecting Firefox, evince, eog, Gimp? Josh Bressers (Jul 31)
- CVE request: phpwebgallery < 1.7.2 Hanno Böck (Jul 31)
- Re: CVE request: phpwebgallery < 1.7.2 Pierre-Yves Rofes (Aug 01)
- CVE request: Contenido < 4.8.7, < 4.6.24 Hanno Böck (Aug 02)
- Re: CVE request: Contenido < 4.8.7, < 4.6.24 Steven M. Christey (Aug 04)
- CVE request: OpenVPN (client) 2.1-beta14 through 2.1-rc8 Tomas Hoger (Aug 03)
- Re: CVE request: OpenVPN (client) 2.1-beta14 through 2.1-rc8 Steven M. Christey (Aug 04)
- CVE request: httrack buffer overflow Thijs Kinkhorst (Aug 04)
- Re: CVE request: httrack buffer overflow Tomas Hoger (Aug 04)
- Re: CVE request: httrack buffer overflow Thijs Kinkhorst (Aug 04)
- Re: CVE request: httrack buffer overflow Steven M. Christey (Aug 04)
- source for CVE feed (was: Re: [oss-security] CVE request: httrack buffer overflow) Thijs Kinkhorst (Aug 04)
- Re: source for CVE feed (was: Re: [oss-security] CVE request: httrack buffer overflow) Steven M. Christey (Aug 04)
- Re: Re: source for CVE feed (was: Re: [oss-security] CVE request: httrack buffer overflow) Nico Golde (Aug 04)
- Re: source for CVE feed (was: Re: [oss-security] CVE request: httrack buffer overflow) Steven M. Christey (Aug 04)
- Re: CVE request: httrack buffer overflow Thijs Kinkhorst (Aug 04)
- Re: CVE request: httrack buffer overflow Tomas Hoger (Aug 04)
- CVE id request: openttd Nico Golde (Aug 04)
- Re: CVE id request: openttd Robert Buchholz (Aug 04)
- Re: CVE id request: openttd Nico Golde (Aug 05)
- Re: CVE id request: openttd Steven M. Christey (Aug 07)
- Re: CVE id request: openttd Robert Buchholz (Aug 04)
- CVE-2008-2939 low severity Apache httpd XSS Mark J Cox (Aug 06)
- CVE id request: git Nico Golde (Aug 07)
- Re: CVE id request: git Tomas Hoger (Aug 07)
- Re: CVE id request: git Steven M. Christey (Aug 07)
- CVE request: php-5.2.6 overflow issues Christian Hoffmann (Aug 08)
- Re: CVE request: php-5.2.6 overflow issues Joe Orton (Aug 08)
- Re: CVE request: php-5.2.6 overflow issues Christian Hoffmann (Aug 08)
- Re: CVE request: php-5.2.6 overflow issues Joe Orton (Aug 08)
- Re: CVE request: php-5.2.6 overflow issues Christian Hoffmann (Aug 08)
- Re: CVE request: php-5.2.6 overflow issues Steven M. Christey (Aug 12)
- Re: CVE request: php-5.2.6 overflow issues Christian Hoffmann (Aug 13)
- Re: CVE request: php-5.2.6 overflow issues Joe Orton (Aug 08)
- CVE id requests: ruby Steffen Joeris (Aug 11)
- Re: CVE id requests: ruby Steven M. Christey (Aug 12)
- Re: CVE id requests: ruby Steven M. Christey (Aug 14)
- Re: CVE id requests: ruby Steven M. Christey (Aug 12)
- CVE Request (ipsec-tools) Josh Bressers (Aug 11)
- Re: CVE Request (ipsec-tools) Steven M. Christey (Aug 12)
- Multiple CVE Request (ruby) Jan Lieskovsky (Aug 11)
- CVE request: tikiwiki < 2.0 Hanno Böck (Aug 12)
- Re: CVE request: tikiwiki < 2.0 Steven M. Christey (Aug 12)
- CVE Request (ipsec-tools again) Josh Bressers (Aug 12)
- Re: CVE Request (ipsec-tools again) Steven M. Christey (Aug 12)
- horde webmail edition < 1.1.1 Hanno Böck (Aug 12)
- Re: horde webmail edition < 1.1.1 Steven M. Christey (Aug 12)
- Re: horde webmail edition < 1.1.1 Nico Golde (Aug 13)
- Re: horde webmail edition < 1.1.1 Tomas Hoger (Aug 13)
- Re: horde webmail edition < 1.1.1 Nico Golde (Aug 13)
- Re: horde webmail edition < 1.1.1 Tomas Hoger (Aug 13)
- Re: horde webmail edition < 1.1.1 Steven M. Christey (Aug 14)
- Re: horde webmail edition < 1.1.1 Nico Golde (Aug 16)
- Re: horde webmail edition < 1.1.1 Nico Golde (Aug 13)
- Re: horde webmail edition < 1.1.1 Steven M. Christey (Aug 12)
- Joomla 1.5.x core. Emanuele Gentili (Aug 12)
- Re: Joomla 1.5.x core. Nico Golde (Aug 13)
- Re: Joomla 1.5.x core. Steven M. Christey (Aug 14)
- Re: Joomla 1.5.x core. Nico Golde (Aug 13)
- amarok temp file vuln Vincent Danen (Aug 13)
- Re: amarok temp file vuln Steven M. Christey (Aug 14)
- CVE request: openfire login page XSS (JM-629) Robert Buchholz (Aug 14)
- Re: CVE request: openfire login page XSS (JM-629) Steven M. Christey (Aug 14)
- HAVP 0.89 fixes a crash Raphael Marichez (Aug 14)
- Re: HAVP 0.89 fixes a crash Steven M. Christey (Aug 14)
- CVE request: drupal 5.10/6.4 Hanno Böck (Aug 14)
- Re: CVE request: drupal 5.10/6.4 Steven M. Christey (Aug 20)
- CVE id request: mktemp Nico Golde (Aug 15)
- Re: CVE id request: mktemp Todd C. Miller (Aug 15)
- Re: CVE id request: mktemp Sebastian Krahmer (Aug 18)
- Re: CVE id request: mktemp Nico Golde (Aug 18)
- Re: CVE id request: mktemp Todd C. Miller (Aug 18)
- Re: CVE id request: mktemp Steven M. Christey (Aug 18)
- Re: CVE id request: mktemp Nico Golde (Aug 18)
- Re: CVE id request: mktemp Todd C. Miller (Aug 18)
- Re: CVE id request: mktemp Nico Golde (Aug 18)
- Re: CVE id request: mktemp Nico Golde (Aug 18)
- CVE-2008-3276 Linux kernel dccp_setsockopt_change() integer overflow Eugene Teo (Aug 15)
- CVE request for neon Joe Orton (Aug 15)
- Re: CVE request for neon Steven M. Christey (Aug 20)
- Re: CVE request for neon Joe Orton (Aug 20)
- Re: CVE request for neon Steven M. Christey (Aug 20)
- wordpress 2.6.1 Hanno Böck (Aug 19)
- Re: wordpress 2.6.1 Steven M. Christey (Aug 20)
- swfdec 0.6.8 stable update Marcus Meissner (Aug 19)
- Re: swfdec 0.6.8 stable update Nico Golde (Aug 19)
- Re: swfdec 0.6.8 stable update Marcus Meissner (Aug 23)
- Re: swfdec 0.6.8 stable update Nico Golde (Aug 23)
- Re: swfdec 0.6.8 stable update Marcus Meissner (Aug 23)
- Re: swfdec 0.6.8 stable update Nico Golde (Aug 19)
- FW: CVE-2008-1668 - ftpd 2.4 - unauthorized root access - patch details Morris, John R. (SSRT) (Aug 20)
- [oCERT-2008-008] multiple heap overflows in xine-lib Will Drewry (Aug 22)
- Re: libxml2 denial of service flaw (CVE-2008-3281) Robert Buchholz (Aug 23)
- Re: Re: libxml2 denial of service flaw (CVE-2008-3281) Nico Golde (Aug 24)
- Re: Re: libxml2 denial of service flaw (CVE-2008-3281) Nico Golde (Aug 24)
- Re: Re: libxml2 denial of service flaw (CVE-2008-3281) Vincent Danen (Aug 25)
- Re: Re: libxml2 denial of service flaw (CVE-2008-3281) Tomas Hoger (Aug 25)
- Re: Re: libxml2 denial of service flaw (CVE-2008-3281) Vincent Danen (Aug 25)
- Re: [vendor-sec] Re: [oss-security] Re: libxml2 denial of service flaw (CVE-2008-3281) Florian Weimer (Aug 25)
- Re: Re: [vendor-sec] Re: [oss-security] Re: libxml2 denial of service flaw (CVE-2008-3281) Vincent Danen (Aug 25)
- Re: Re: libxml2 denial of service flaw (CVE-2008-3281) Nico Golde (Aug 24)
- Re: Re: libxml2 denial of service flaw (CVE-2008-3281) Nico Golde (Aug 24)
- CVE id request: vlc Nico Golde (Aug 23)
- Re: CVE id request: vlc Pınar Yanardağ (Aug 24)
- Re: CVE id request: vlc Nico Golde (Aug 24)
- Re: CVE id request: vlc Pınar Yanardağ (Aug 24)
- Pardus Bugs / Patches, Was: Re: [oss-security] CVE id request: vlc Robert Buchholz (Aug 25)
- Re: Pardus Bugs / Patches, Was: Re: [oss-security] CVE id request: vlc Pınar Yanardağ (Aug 25)
- Re: CVE id request: vlc Steven M. Christey (Aug 26)
- Re: CVE id request: vlc Nico Golde (Aug 24)
- Re: CVE id request: vlc Pınar Yanardağ (Aug 24)
- CVE request: kernel: sctp: fix potential panics in the SCTP-AUTH API Eugene Teo (Aug 25)
- Re: CVE request: kernel: sctp: fix potential panics in the SCTP-AUTH API Steven M. Christey (Aug 26)
- Re: CVE request: kernel: sctp: fix potential panics in the SCTP-AUTH API Eugene Teo (Aug 26)
- Re: CVE request: kernel: sctp: fix potential panics in the SCTP-AUTH API Steven M. Christey (Aug 26)
- CVE Request (gpicview) Jan Lieskovsky (Aug 25)
- Re: CVE Request (gpicview) Steven M. Christey (Aug 26)
- Re: CVE Request (gpicview) Jan Lieskovsky (Aug 26)
- Re: CVE Request (gpicview) Robert Buchholz (Sep 13)
- Re: CVE Request (gpicview) Nico Golde (Aug 30)
- Re: CVE Request (gpicview) Jan Lieskovsky (Aug 31)
- Re: CVE Request (gpicview) Nico Golde (Sep 04)
- Re: CVE Request (gpicview) Robert Buchholz (Sep 02)
- Re: CVE Request (gpicview) Nico Golde (Sep 04)
- Re: CVE Request (gpicview) Steven M. Christey (Sep 04)
- Re: CVE Request (gpicview) Jan Lieskovsky (Aug 31)
- Re: CVE Request (gpicview) Steven M. Christey (Aug 26)
- CVE Request (ruby) Jan Lieskovsky (Aug 25)
- Re: CVE Request (ruby) Pınar Yanardağ (Aug 26)
- Re: CVE Request (ruby) Steven M. Christey (Aug 26)
- CVE Request (samba) Jan Lieskovsky (Aug 26)
- Re: CVE Request (samba) Steven M. Christey (Aug 26)
- CVE-2008-3526 Linux kernel sctp_setsockopt_auth_key() integer overflow Eugene Teo (Aug 26)
- Re: CVE-2008-3526 Linux kernel sctp_setsockopt_auth_key() integer overflow Eugene Teo (Aug 28)
- opensc 0.11.6 with fixed security update Andreas Jellinghaus (Aug 27)
- Re: opensc 0.11.6 with fixed security update Ludwig Nussel (Sep 05)
- Re: opensc 0.11.6 with fixed security update Steven M. Christey (Sep 09)
- Re: opensc 0.11.6 with fixed security update Ludwig Nussel (Sep 05)
- CVE id request: awstats Nico Golde (Aug 27)
- Re: CVE id request: awstats Nico Golde (Aug 27)
- Re: CVE id request: awstats Steve Kemp (Aug 27)
- Re: CVE id request: awstats Nico Golde (Aug 27)
- CVE request: mono Sys.Web header injection Marcus Meissner (Aug 27)
- Re: CVE request: mono Sys.Web header injection Steven M. Christey (Sep 04)
- CVE-2008-3525 kernel: missing capability checks in sbni_ioctl() Eugene Teo (Aug 28)
- CVE request for bitlbee Miklos Vajna (Aug 29)
- Re: CVE request for bitlbee Tomas Hoger (Sep 08)
- Re: CVE request for bitlbee Steven M. Christey (Sep 09)
- Re: CVE request for bitlbee Tomas Hoger (Sep 08)
- GNU ed heap overflow Florian Weimer (Aug 31)
- Re: GNU ed heap overflow Tavis Ormandy (Sep 01)
- Re: GNU ed heap overflow Florian Weimer (Sep 01)
- Re: GNU ed heap overflow Steven M. Christey (Sep 04)
- Re: GNU ed heap overflow Florian Weimer (Sep 04)
- Re: GNU ed heap overflow Florian Weimer (Sep 01)
- Re: GNU ed heap overflow Steven M. Christey (Sep 04)
- Re: GNU ed heap overflow Tavis Ormandy (Sep 01)
- CVE id request: newsbeuter Nico Golde (Sep 01)
- Re: CVE id request: newsbeuter Nico Golde (Sep 02)
- Re: CVE id request: newsbeuter Steven M. Christey (Sep 04)
- Re: CVE id request: newsbeuter Nico Golde (Sep 04)
- Re: CVE id request: newsbeuter Steven M. Christey (Sep 04)
- Re: CVE id request: newsbeuter Nico Golde (Sep 04)
- Re: CVE id request: newsbeuter Nico Golde (Sep 04)
- [oCERT-2008-014] WordNet stack and heap overflows Rob Holland (Sep 01)
- Re: [oCERT-2008-014] WordNet stack and heap overflows Steven M. Christey (Sep 04)
- request for CVE: clamav 0.94 release Marcus Meissner (Sep 03)
- Re: request for CVE: clamav 0.94 release Hanno Böck (Sep 04)
- Re: request for CVE: clamav 0.94 release Steven M. Christey (Sep 04)
- CVE Request (ruby -- DNS spoofing vulnerability in resolv.rb) Jan Lieskovsky (Sep 03)
- Re: CVE Request (ruby -- DNS spoofing vulnerability in resolv.rb) Steven M. Christey (Sep 04)
- Re: CVE Request (ruby -- DNS spoofing vulnerability in resolv.rb) Tomas Hoger (Sep 11)
- Re: CVE Request (ruby -- DNS spoofing vulnerability in resolv.rb) Steven M. Christey (Sep 15)
- Re: CVE Request (ruby -- DNS spoofing vulnerability in resolv.rb) Tomas Hoger (Sep 11)
- Re: CVE Request (ruby -- DNS spoofing vulnerability in resolv.rb) Steven M. Christey (Sep 04)
- django CSRF vuln Vincent Danen (Sep 03)
- Re: django CSRF vuln Steven M. Christey (Sep 04)
- CVE id request: dns2tcp Nico Golde (Sep 03)
- Re: CVE id request: dns2tcp Steven M. Christey (Sep 04)
- CVE request: kernel: dio: zero struct dio with kzalloc instead of manually Eugene Teo (Sep 03)
- Re: CVE request: kernel: dio: zero struct dio with kzalloc instead of manually Steven M. Christey (Sep 04)
- CVE request: kernel: sunrpc: fix possible overrun on read of /proc/sys/sunrpc/transports Eugene Teo (Sep 03)
- Re: CVE request: kernel: sunrpc: fix possible overrun on read of /proc/sys/sunrpc/transports Steven M. Christey (Sep 04)
- CVE request: kernel: nfsd: fix buffer overrun decoding NFSv4 acl Eugene Teo (Sep 04)
- Re: CVE request: kernel: nfsd: fix buffer overrun decoding NFSv4 acl Steven M. Christey (Sep 04)
- Re: OpenSSH key blacklisting Tim Brown (Sep 04)
- CVE request: kernel: local keyboard DoS through LED switching Eugene Teo (Sep 05)
- Re: CVE request: kernel: local keyboard DoS through LED switching Steven M. Christey (Sep 09)
- Re: CVE request: kernel: local keyboard DoS through LED switching Eugene Teo (Sep 09)
- Re: CVE request: kernel: local keyboard DoS through LED switching Steven M. Christey (Sep 09)
- Re: CVE request: kernel: local keyboard DoS through LED switching Eugene Teo (Sep 09)
- Re: CVE request: kernel: local keyboard DoS through LED switching Eugene Teo (Sep 09)
- Re: CVE request: kernel: local keyboard DoS through LED switching Steven M. Christey (Sep 09)
- CVE request: pam_mount: conf: re-add luserconf security checks Eugene Teo (Sep 05)
- CVE id requests: gmanedit Steffen Joeris (Sep 05)
- Re: CVE id requests: gmanedit Steven M. Christey (Sep 09)
- Re: CVE id requests: gmanedit Nico Golde (Sep 09)
- Re: CVE id requests: gmanedit Steven M. Christey (Sep 09)
- CVE request: pam_mount < 0.47 missing security checks Hanno Böck (Sep 06)
- Re: CVE request: pam_mount < 0.47 missing security checks Steven M. Christey (Sep 09)
- CVE request: mybb < 1.4.1 Hanno Böck (Sep 09)
- Re: CVE request: mybb < 1.4.1 Steven M. Christey (Sep 09)
- cve request: punbb < 1.2.20 xss Hanno Böck (Sep 09)
- Re: cve request: punbb < 1.2.20 xss Steven M. Christey (Sep 09)
- CVE request (libpng) Pınar Yanardağ (Sep 09)
- Re: CVE request (libpng) Steven M. Christey (Sep 09)
- CVE request: MySQL empty bit-string literal server crash Robert Buchholz (Sep 09)
- Re: CVE request: MySQL empty bit-string literal server crash Steven M. Christey (Sep 09)
- Re: CVE request: MySQL incomplete fix for CVE-2008-2079 Tomas Hoger (Sep 09)
- Re: CVE request: MySQL incomplete fix for CVE-2008-2079 Steven M. Christey (Sep 15)
- ssmtp =2.62 unitialized memory disclosure Robert Buchholz (Sep 09)
- Re: ssmtp =2.62 unitialized memory disclosure Steven M. Christey (Sep 09)
- Re: ssmtp =2.62 unitialized memory disclosure Robert Buchholz (Sep 11)
- [oCERT-2008-012] Horde, Popoon frameworks common input sanitization errors (XSS) Will Drewry (Sep 10)
- [oss-list] CVE request (vim) Jan Lieskovsky (Sep 11)
- Re: [oss-list] CVE request (vim) Pınar Yanardağ (Sep 11)
- Re: [oss-list] CVE request (vim) Steven M. Christey (Sep 15)
- Re: [oss-list] CVE request (vim) Jan Minář (Sep 11)
- Re: [oss-list] CVE request (vim) Steven M. Christey (Sep 15)
- Re: [oss-list] CVE request (vim) Pınar Yanardağ (Sep 11)
- CVE request: joomla < 1.5.7 Hanno Böck (Sep 11)
- Re: CVE request: joomla < 1.5.7 Steven M. Christey (Sep 15)
- CVE request: wordpress < 2.6.2 Hanno Böck (Sep 11)
- Re: CVE request: wordpress < 2.6.2 Steven M. Christey (Sep 15)
- CVE request for Joomla multiple vuln. Emanuele Gentili (Sep 11)
- CVE request: Ruby on Rails <2.1.1 :limit and :offset SQL injection Robert Buchholz (Sep 13)
- Re: CVE request: Ruby on Rails <2.1.1 :limit and :offset SQL injection Steven M. Christey (Sep 15)
- CVE Request (python) Jan Lieskovsky (Sep 15)
- Re: CVE Request (python) Steven M. Christey (Sep 15)
- phpMyAdmin code execution (CVE request) Thijs Kinkhorst (Sep 15)
- Re: phpMyAdmin code execution (CVE request) Steven M. Christey (Sep 15)
- CVE request: kernel: splice: fix bad unlock_page() in error case Eugene Teo (Sep 16)
- CVE Request (mercurial) Josh Bressers (Sep 17)
- Re: CVE Request (mercurial) Ludwig Nussel (Sep 29)
- Re: CVE Request (mercurial) Robert Buchholz (Sep 29)
- Re: CVE Request (mercurial) Christian Hoffmann (Sep 29)
- Re: CVE Request (mercurial) Ludwig Nussel (Sep 29)
- CVE-2008-3528 Linux kernel ext[234] directory corruption DoS Eugene Teo (Sep 17)
- CVE Request (openswan, emacspeak, cman) Jan Lieskovsky (Sep 18)
- Re: CVE Request (openswan, emacspeak, cman) Steven M. Christey (Sep 23)
- CVE Request (gallery2) Josh Bressers (Sep 18)
- Re: CVE Request (gallery2) Hanno Böck (Sep 18)
- Re: CVE Request (gallery2) Steven M. Christey (Sep 23)
- CVE request: Opera < 9.52 multiple vulnerabilities Pierre-Yves Rofes (Sep 19)
- Re: CVE request: Opera < 9.52 multiple vulnerabilities Steven M. Christey (Sep 23)
- CVE request: pdnsd <1.2.7 Denial of Service Robert Buchholz (Sep 19)
- Re: CVE request: pdnsd <1.2.7 Denial of Service Steven M. Christey (Sep 23)
- viewvc security flaw? Josh Bressers (Sep 19)
- Re: viewvc security flaw? Robert Buchholz (Sep 20)
- CVE id request: proftpd Steffen Joeris (Sep 22)
- CVE req: phpmyadmin < 2.11.9.2 xss Hanno Böck (Sep 22)
- CVE id request: fraud2 Steffen Joeris (Sep 23)
- Re: CVE id request: fraud2 Robert Buchholz (Sep 24)
- Re: CVE id request: fraud2 Steven M. Christey (Sep 24)
- Re: CVE id request: fraud2 Robert Buchholz (Sep 24)
- CVE request: kernel: open() call allows setgid bit when user is not in new file's group Eugene Teo (Sep 24)
- Re: CVE request: kernel: open() call allows setgid bit when user is not in new file's group Steven M. Christey (Sep 24)
- CVE-2008-4113 update: kernel: sctp: fix random memory dereference with SCTP_HMAC_IDENT option Eugene Teo (Sep 24)
- Re: CVE-2008-4113 update: kernel: sctp: fix random memory dereference with SCTP_HMAC_IDENT option Steven M. Christey (Sep 26)
- CVE id request: faad2 Steffen Joeris (Sep 26)
- Re: CVE id request: faad2 Josh Bressers (Sep 26)
- Re: CVE id request: faad2 Steffen Joeris (Sep 26)
- Re: CVE id request: faad2 Josh Bressers (Sep 26)
- CVE-2008-4182 clarification Josh Bressers (Sep 26)
- CVE Request (lighttpd) Josh Bressers (Sep 26)
- CVE id request: ftpd Steffen Joeris (Sep 29)
- Re: CVE id request: ftpd Robert Buchholz (Sep 29)
- Re: CVE id request: ftpd Steven M. Christey (Sep 30)
- <Possible follow-ups>
- Re: CVE id request: ftpd Josh Bressers (Sep 30)
- Re: CVE id request: ftpd Steven M. Christey (Sep 30)
- [oCERT-2008-013] MPlayer Real demuxer heap overflow Andrea Barisani (Sep 29)
- Re: CVE request: lighttpd issues Christian Hoffmann (Sep 30)
- Re: CVE request: lighttpd issues Christian Hoffmann (Sep 30)
- Re: Re: CVE request: lighttpd issues Steven M. Christey (Sep 30)
- Re: CVE request: lighttpd issues Christian Hoffmann (Sep 30)
- CVE Request (xen) Josh Bressers (Sep 30)