oss-sec: by thread
640 messages
starting Jan 02 11 and
ending Mar 31 11
Date index |
Thread index |
Author index
- CVE request for subversion Kurt Seifried (Jan 02)
- Re: CVE request for subversion Josh Bressers (Jan 03)
- Re: CVE request for subversion Jan Lieskovsky (Jan 04)
- Re: CVE request for subversion Hyrum Wright (Jan 04)
- Re: CVE request for subversion Josh Bressers (Jan 05)
- Re: CVE request for subversion Hyrum K Wright (Jan 08)
- Re: CVE request for subversion Kurt Seifried (Jan 08)
- Re: CVE request for subversion Jan Lieskovsky (Jan 04)
- Re: CVE request for subversion Josh Bressers (Jan 03)
- Re: CVE request: kernel: irda: prevent integer underflow in IRLMP_ENUMDEVICES Huzaifa Sidhpurwala (Jan 02)
- CVE request for buffer overflows in gimp Huzaifa Sidhpurwala (Jan 03)
- Re: CVE request for buffer overflows in gimp Josh Bressers (Jan 04)
- Re: CVE Request -- 1, ccid -- int.overflow leading to array index error 2, pcsc-lite stack-based buffer overflow in ATR decoder [was: [oss-security] CVE request: opensc buffer overflow ] Josh Bressers (Jan 03)
- Re: Re: CVE Request -- OfflineIMAP -- 1), failed to validate remote SSL server certificate 2), allows SSLv2 protocol Josh Bressers (Jan 03)
- Re: CVE Request -- Django 1.2.4, Django 1.1.3 and Django 1.3 beta 1 -- addressing two security flaws Josh Bressers (Jan 03)
- Re: CVE request: wordpress before 3.0.4 XSS Josh Bressers (Jan 03)
- Re: CVE Request: CrawlTrack < 3.2.7 - remote php code execution Josh Bressers (Jan 03)
- Re: CVE Request: Wireshark Josh Bressers (Jan 03)
- Possible CVE Request: improper AppArmor exec transition Jamie Strandboge (Jan 03)
- Re: Possible CVE Request: improper AppArmor exec transition Jamie Strandboge (Jan 03)
- CVE request: silverstripe before 2.4.4 Hanno Böck (Jan 03)
- Re: CVE request: silverstripe before 2.4.4 Josh Bressers (Jan 04)
- CVE request: AusweisApp Hanno Böck (Jan 03)
- Re: CVE request: AusweisApp Hanno Böck (Jan 03)
- CVE-2010-4526 kernel: sctp: a race between ICMP protocol unreachable and connect() Eugene Teo (Jan 03)
- Re: CVE request: kernel: Multiple DoS issues in block layer Eugene Teo (Jan 04)
- Re: Re: CVE Request -- perl-CGI two ids, perl-CGI-Simple one id (CVE-2010-3172 already assigned for Bugzilla part) Jan Lieskovsky (Jan 04)
- Re: Re: CVE Request -- perl-CGI two ids, perl-CGI-Simple one id (CVE-2010-3172 already assigned for Bugzilla part) Mark Stosberg (Jan 04)
- CGI.pm 3.51 released Mark Stosberg (Jan 05)
- Re: CGI.pm 3.51 released (revised) Mark Stosberg (Jan 05)
- CGI.pm 3.51 released Mark Stosberg (Jan 05)
- Re: Re: CVE Request -- perl-CGI two ids, perl-CGI-Simple one id (CVE-2010-3172 already assigned for Bugzilla part) Mark Stosberg (Jan 04)
- (possible) CVE request: Clickjacking in Mediawiki Jonathan Wiltshire (Jan 04)
- Re: (possible) CVE request: Clickjacking in Mediawiki Josh Bressers (Jan 04)
- CVE-2010-4525 kvm: x86: zero kvm_vcpu_events->interrupt.pad infoleak Eugene Teo (Jan 04)
- Re: CVE-2010-4525 kvm: x86: zero kvm_vcpu_events->interrupt.pad infoleak Greg KH (Jan 05)
- Re: CVE-2010-4525 kvm: x86: zero kvm_vcpu_events->interrupt.pad infoleak Eugene Teo (Jan 06)
- Re: CVE-2010-4525 kvm: x86: zero kvm_vcpu_events->interrupt.pad infoleak Greg KH (Jan 05)
- possible flaw in widely used strtod.c implementation Pierre Joye (Jan 05)
- Re: possible flaw in widely used strtod.c implementation Michael Gilbert (Jan 05)
- Re: possible flaw in widely used strtod.c implementation Pierre Joye (Jan 05)
- Re: possible flaw in widely used strtod.c implementation Pierre Joye (Jan 06)
- Re: possible flaw in widely used strtod.c implementation Josh Bressers (Jan 06)
- Re: possible flaw in widely used strtod.c implementation Steven M. Christey (Jan 10)
- Re: possible flaw in widely used strtod.c implementation Pierre Joye (Feb 01)
- Re: possible flaw in widely used strtod.c implementation Pierre Joye (Jan 05)
- Re: possible flaw in widely used strtod.c implementation Michael Gilbert (Jan 05)
- CVE request: hastymail before 1.01 XSS Hanno Böck (Jan 05)
- Re: CVE request: hastymail before 1.01 XSS Josh Bressers (Jan 06)
- CVE request: patch directory traversal flaw Vincent Danen (Jan 05)
- Re: CVE request: patch directory traversal flaw Dan Rosenberg (Jan 05)
- Re: CVE request: patch directory traversal flaw Vincent Danen (Jan 05)
- Re: CVE request: patch directory traversal flaw Steve Beattie (Jan 06)
- Re: CVE request: patch directory traversal flaw Raphael Geissert (Jan 06)
- Re: CVE request: patch directory traversal flaw Josh Bressers (Jan 06)
- Re: CVE request: patch directory traversal flaw Vasiliy Kulikov (Jan 26)
- Re: CVE request: patch directory traversal flaw Vasiliy Kulikov (Feb 18)
- Re: CVE request: patch directory traversal flaw Raphael Geissert (Jan 06)
- Re: CVE request: patch directory traversal flaw Dan Rosenberg (Jan 05)
- CVE Request: Multiple XSS Vulnerabiliies < Piwik 1.1 Anthon Pang (Jan 05)
- Re: CVE Request: Multiple XSS Vulnerabiliies < Piwik 1.1 Josh Bressers (Jan 06)
- CVE-NONE kernel: PHONET signedness issue Eugene Teo (Jan 05)
- Re: CVE-NONE kernel: PHONET signedness issue Michael Gilbert (Jan 06)
- Re: CVE-NONE kernel: PHONET signedness issue Dan Rosenberg (Jan 06)
- Re: CVE-NONE kernel: PHONET signedness issue Michael Gilbert (Jan 06)
- Re: CVE-NONE kernel: PHONET signedness issue Nelson Elhage (Jan 06)
- Re: CVE-NONE kernel: PHONET signedness issue Steven M. Christey (Jan 06)
- Re: CVE-NONE kernel: PHONET signedness issue Dan Rosenberg (Jan 06)
- Re: CVE-NONE kernel: PHONET signedness issue Michael Gilbert (Jan 06)
- CVE Request for Joomla! 1.0.x ~ 1.0.15 | Cross Site Scripting (XSS) Vulnerability YGN Ethical Hacker Group (Jan 06)
- Re: CVE Request for Joomla! 1.0.x ~ 1.0.15 | Cross Site Scripting (XSS) Vulnerability Josh Bressers (Jan 06)
- CVE Request: Eclipse IDE Version: 3.6.1 | Help Server Local Cross Site Scripting (XSS) YGN Ethical Hacker Group (Jan 06)
- Re: CVE Request: Eclipse IDE Version: 3.6.1 | Help Server Local Cross Site Scripting (XSS) Josh Bressers (Jan 06)
- CVE Request: kernel [Re: Security review of 2.6.32.28] dann frazier (Jan 06)
- Re: CVE Request: kernel [Re: Security review of 2.6.32.28] Josh Bressers (Jan 06)
- CVE-2010-4225: XSP/mod_mono source code disclosure Thomas Biege (Jan 07)
- Re: CVE-2010-4225: XSP/mod_mono source code disclosure Oden Eriksson (Jan 20)
- Re: CVE-2010-4225: XSP/mod_mono source code disclosure Vincent Danen (Jan 20)
- Re: CVE-2010-4225: XSP/mod_mono source code disclosure Oden Eriksson (Jan 20)
- CVE Request - pimd - Insecure file creation in /var/tmp Steve Kemp (Jan 07)
- Re: CVE Request - pimd - Insecure file creation in /var/tmp Josh Bressers (Jan 07)
- Re: Re: CVE-2010-2094: PECL's phar code is vulnerable too Eygene Ryabinkin (Jan 10)
- Re: Re: CVE-2010-2094: PECL's phar code is vulnerable too Pierre Joye (Jan 10)
- CVE request: qemu-kvm: Setting VNC password to empty string silently disables all authentication Petr Matousek (Jan 10)
- CVE request: sudo does not ask for password on GID changes Vincent Danen (Jan 11)
- Re: CVE request: sudo does not ask for password on GID changes Josh Bressers (Jan 12)
- Re: CVE request: sudo does not ask for password on GID changes Todd C. Miller (Jan 12)
- CVE assignments for Wireshark Steven M. Christey (Jan 12)
- Re: CVE assignments for Wireshark Huzaifa Sidhpurwala (Jan 19)
- Re: CVE assignments for Wireshark Josh Bressers (Jan 31)
- Re: CVE assignments for Wireshark Josh Bressers (Feb 09)
- Re: CVE assignments for Wireshark Josh Bressers (Jan 31)
- Re: CVE assignments for Wireshark Huzaifa Sidhpurwala (Jan 19)
- Re: CVE requests: IO::Socket::SSL, cakephp, collectd, gnash, ocrodjvu, hypermail, libcloud, piwigo Raphael Geissert (Jan 13)
- CVE requests: ftpls, xdigger, lbreakout2, calibre, typo3 Raphael Geissert (Jan 13)
- Re: CVE requests: ftpls, xdigger, lbreakout2, calibre, typo3 Moritz Mühlenhoff (Jan 14)
- Re: CVE requests: ftpls, xdigger, lbreakout2, calibre, typo3 Steven M. Christey (Jan 14)
- Re: CVE requests: ftpls, xdigger, lbreakout2, calibre, typo3 Tomas Hoger (Jan 14)
- Re: CVE requests: ftpls, xdigger, lbreakout2, calibre, typo3 Steven M. Christey (Jan 14)
- Re: CVE requests: ftpls, xdigger, lbreakout2, calibre, typo3 Josh Bressers (Jan 14)
- Re: CVE requests: ftpls, xdigger, lbreakout2, calibre, typo3 Moritz Mühlenhoff (Jan 14)
- CVE request: proftpd before 1.3.3d Hanno Böck (Jan 14)
- Re: CVE request: proftpd before 1.3.3d Josh Bressers (Jan 14)
- Re: CVE request: proftpd before 1.3.3d TJ Saunders (Jan 14)
- Re: CVE request: proftpd before 1.3.3d Josh Bressers (Jan 14)
- CVE request: tor Moritz Muehlenhoff (Jan 17)
- Re: CVE request: tor Josh Bressers (Jan 18)
- Re: CVE request: tor Steven M. Christey (Jan 18)
- Re: CVE request: tor Josh Bressers (Jan 18)
- CVE request Tim Brown (Jan 18)
- Re: CVE request Michael Gilbert (Jan 18)
- Re: CVE request Tim Brown (Jan 18)
- Re: CVE request Michael Gilbert (Jan 18)
- Re: CVE request Josh Bressers (Jan 18)
- Re: CVE request Tim Brown (Jan 18)
- <Possible follow-ups>
- CVE Request Kurt Seifried (Feb 22)
- Re: CVE Request Eugene Teo (Feb 22)
- Re: CVE request Michael Gilbert (Jan 18)
- CVE request: heap corruption in libpango Dan Rosenberg (Jan 18)
- Re: CVE request: heap corruption in libpango Josh Bressers (Jan 20)
- CVE Request -- Asterisk: Stack-based buffer overflow by forming an outgoing SIP request with specially-crafted caller ID information (AST-2011-001) Jan Lieskovsky (Jan 19)
- 2 acpid flaws Vasiliy Kulikov (Jan 19)
- Re: 2 acpid flaws Ludwig Nussel (Mar 15)
- Re: 2 acpid flaws Josh Bressers (Mar 15)
- Re: 2 acpid flaws Ludwig Nussel (Mar 15)
- CVE request: heap corruption in VLC media player Dan Rosenberg (Jan 19)
- Re: CVE request: heap corruption in VLC media player Josh Bressers (Jan 20)
- CVE request: xpdf Dan Rosenberg (Jan 20)
- Re: CVE request: xpdf Josh Bressers (Jan 24)
- Re: CVE request: xpdf Michael Gilbert (Feb 01)
- Re: CVE request: xpdf Thomas Biege (Feb 08)
- Re: CVE request: xpdf Tomas Hoger (Feb 08)
- Re: CVE request: xpdf Thomas Biege (Feb 08)
- Re: [PATCH] acpi: debugfs: fix buffer overflows, double free Eugene Teo (Jan 20)
- Re: [PATCH] acpi: debugfs: fix buffer overflows, double free Vasiliy Kulikov (Jan 21)
- Re: [PATCH] acpi: debugfs: fix buffer overflows, double free Eugene Teo (Jan 21)
- Re: [PATCH] acpi: debugfs: fix buffer overflows, double free Steven M. Christey (Jan 22)
- Re: Re: [PATCH] acpi: debugfs: fix buffer overflows, double free Eugene Teo (Jan 22)
- Re: Re: [PATCH] acpi: debugfs: fix buffer overflows, double free Josh Bressers (Jan 24)
- Re: Re: [PATCH] acpi: debugfs: fix buffer overflows, double free Eugene Teo (Jan 24)
- Re: [PATCH] acpi: debugfs: fix buffer overflows, double free Vasiliy Kulikov (Jan 24)
- Re: Re: [PATCH] acpi: debugfs: fix buffer overflows, double free Eugene Teo (Jan 22)
- Re: [PATCH] acpi: debugfs: fix buffer overflows, double free Vasiliy Kulikov (Jan 21)
- CVE request: MaraDNS DoS via long queries Raphael Geissert (Jan 23)
- Re: CVE request: MaraDNS DoS via long queries Josh Bressers (Jan 24)
- Linux kernel av7110 negative array offset Kees Cook (Jan 24)
- Re: Linux kernel av7110 negative array offset Eugene Teo (Jan 24)
- CVE request: multiple status.net issues Kees Cook (Jan 24)
- Re: CVE request: multiple status.net issues Josh Bressers (Jan 25)
- CVE request: libxml2 heap contents leak Kees Cook (Jan 24)
- Re: CVE request: libxml2 heap contents leak Josh Bressers (Jan 25)
- Re: CVE request: libxml2 heap contents leak Pierre Joye (Jan 25)
- Re: CVE request: libxml2 heap contents leak Kees Cook (Jan 25)
- CVE request: linux kernel heap issues Kees Cook (Jan 24)
- Re: CVE request: linux kernel heap issues Kurt Seifried (Jan 24)
- Re: CVE request: linux kernel heap issues Eugene Teo (Jan 24)
- Re: CVE request: linux kernel heap issues Eugene Teo (Jan 24)
- Re: CVE request: linux kernel heap issues Eugene Teo (Jan 27)
- Re: CVE request: linux kernel heap issues Eugene Teo (Jan 24)
- CVE request: multiple gypsy vulnerabilities Kees Cook (Jan 24)
- Re: CVE request: multiple gypsy vulnerabilities Josh Bressers (Jan 25)
- syslog-ng wrong file permission vulnerability SZALAY Attila (Jan 25)
- CVE Request: VLC Subtitle StripTags heap corruption Marc Deslauriers (Jan 25)
- Re: CVE Request: VLC Subtitle StripTags heap corruption Josh Bressers (Jan 25)
- Batavi 1.0 - XSRF bug fixed Ronald van den Blink (Jan 25)
- Re: Batavi 1.0 - XSRF bug fixed Josh Bressers (Jan 27)
- CVE-2010-4238 xen dom0 issue Eugene Teo (Jan 25)
- CVE Request for phpMyAdmin 3.4.x, 3.4.0 beta 2 <= Stored Cross Site Scripting (XSS) Vulnerability YGN Ethical Hacker Group (Jan 26)
- Re: CVE Request for phpMyAdmin 3.4.x, 3.4.0 beta 2 <= Stored Cross Site Scripting (XSS) Vulnerability Josh Bressers (Jan 27)
- Re: CVE Request for phpMyAdmin 3.4.x, 3.4.0 beta 2 <= Stored Cross Site Scripting (XSS) Vulnerability Steven M. Christey (Feb 02)
- Re: CVE Request for phpMyAdmin 3.4.x, 3.4.0 beta 2 <= Stored Cross Site Scripting (XSS) Vulnerability YGN Ethical Hacker Group (Feb 24)
- Re: CVE Request for phpMyAdmin 3.4.x, 3.4.0 beta 2 <= Stored Cross Site Scripting (XSS) Vulnerability Steven M. Christey (Feb 02)
- Re: CVE Request for phpMyAdmin 3.4.x, 3.4.0 beta 2 <= Stored Cross Site Scripting (XSS) Vulnerability Josh Bressers (Jan 27)
- CVE Request:Vanilla Forums 2.0.16 <= Cross Site Scripting Vulnerability YGN Ethical Hacker Group (Jan 27)
- Re: CVE Request:Vanilla Forums 2.0.16 <= Cross Site Scripting Vulnerability Josh Bressers (Jan 27)
- CVE request: puppet Moritz Mühlenhoff (Jan 27)
- Re: CVE request: puppet Josh Bressers (Jan 31)
- request CVE for weborf Salvo Tomaselli (Jan 28)
- Re: request CVE for weborf Josh Bressers (Jan 31)
- CVE Request -- NDB: CVE-2005-3534 reintroduced in upstream nbd-v2.9.0 version Jan Lieskovsky (Jan 28)
- Re: CVE Request -- NDB: CVE-2005-3534 reintroduced in upstream nbd-v2.9.0 version Josh Bressers (Jan 31)
- MaraDNS 1.4.06 and 1.3.07.11 released Sam Trenholme (Jan 29)
- Re: MaraDNS 1.4.06 and 1.3.07.11 released Tomas Hoger (Jan 31)
- Re: MaraDNS 1.4.06 and 1.3.07.11 released Vincent Danen (Mar 18)
- Re: MaraDNS 1.4.06 and 1.3.07.11 released Raphael Geissert (Mar 18)
- Re: MaraDNS 1.4.06 and 1.3.07.11 released Vincent Danen (Mar 18)
- Re: MaraDNS 1.4.06 and 1.3.07.11 released Raphael Geissert (Mar 18)
- [HITB-Announce] Reminder: HITB2011AMS - Call for Papers closes on the 18th of Feb Hafez Kamal (Jan 30)
- CVE request: code execution in VLC media player Dan Rosenberg (Jan 31)
- Re: CVE request: code execution in VLC media player Josh Bressers (Jan 31)
- CVE Request: Zikula CMS 1.2.4 <= Cross Site Request Forgery (CSRF) Vulnerability YGN Ethical Hacker Group (Feb 01)
- Re: CVE Request: Zikula CMS 1.2.4 <= Cross Site Request Forgery (CSRF) Vulnerability Josh Bressers (Feb 03)
- CVE request: glibc CVE-2010-3847 fix regression Tomas Hoger (Feb 01)
- Re: CVE request: glibc CVE-2010-3847 fix regression Josh Bressers (Feb 03)
- CVE request: Server-side arbitrary script inclusion vulnerability in MediaWiki <=1.16.1 Reed Loden (Feb 01)
- Re: CVE request: Server-side arbitrary script inclusion vulnerability in MediaWiki <=1.16.1 Josh Bressers (Feb 03)
- CVE request: fuse Marc Deslauriers (Feb 01)
- Re: CVE request: fuse Josh Bressers (Feb 03)
- Re: CVE request: fuse Marc Deslauriers (Feb 03)
- Re: CVE request: fuse Josh Bressers (Feb 08)
- Re: CVE request: fuse Marc Deslauriers (Feb 03)
- Re: CVE request: fuse Josh Bressers (Feb 03)
- Wireshark: Freeing uninitialized pointer Huzaifa Sidhpurwala (Feb 04)
- Re: [vendor-sec] OpenSSH security advisory: legacy certificate signing in 5.6/5.7 Josh Bressers (Feb 04)
- Webkit Roundup Michael Gilbert (Feb 05)
- Webkit Dupes Michael Gilbert (Feb 05)
- Re: Webkit Dupes Steven M. Christey (Feb 17)
- Re: Webkit Dupes Michael Gilbert (Feb 18)
- Re: Webkit Dupes Steven M. Christey (Feb 17)
- CVE request: phpbb before 3.0.8 Hanno Böck (Feb 07)
- Re: CVE request: phpbb before 3.0.8 Josh Bressers (Feb 08)
- Re: CVE request: phpbb before 3.0.8 Hanno Böck (Feb 08)
- Re: CVE request: phpbb before 3.0.8 Josh Bressers (Feb 08)
- CVE request: wordpress before 3.0.5 Hanno Böck (Feb 08)
- Re: CVE request: wordpress before 3.0.5 Josh Bressers (Feb 09)
- CVE request for feh Stefan Behte (Feb 08)
- Re: CVE request for feh Josh Bressers (Feb 09)
- CVE request: kernel: btrfs heap overflow Dan Rosenberg (Feb 09)
- Re: CVE request: kernel: btrfs heap overflow Eugene Teo (Feb 09)
- Re: CVE request: kernel: btrfs heap overflow Dan Rosenberg (Feb 09)
- Re: CVE request: kernel: btrfs heap overflow Eugene Teo (Feb 09)
- Re: CVE request: kernel: btrfs heap overflow Eugene Teo (Feb 09)
- Re: CVE request: kernel: btrfs heap overflow Steven M. Christey (Feb 10)
- Re: CVE request: kernel: btrfs heap overflow Stéphane Gaudreault (Feb 09)
- Re: CVE request: kernel: btrfs heap overflow Moritz Muehlenhoff (Feb 09)
- Re: CVE request: kernel: btrfs heap overflow Greg KH (Feb 09)
- Re: CVE request: kernel: btrfs heap overflow Dan Rosenberg (Feb 09)
- Re: CVE request: kernel: btrfs heap overflow Eugene Teo (Feb 21)
- Re: CVE request: kernel: btrfs heap overflow Eugene Teo (Feb 09)
- Django multiple flaws (CVEs inside) Josh Bressers (Feb 09)
- [HITB-Announce] HITB Magazine Issue 005 Released Hafez Kamal (Feb 09)
- PHP Exif 64bit Casting Vulnerability, CVE request Pierre Joye (Feb 14)
- Re: PHP Exif 64bit Casting Vulnerability, CVE request Pierre Joye (Feb 16)
- Re: Re: PHP Exif 64bit Casting Vulnerability, CVE request Huzaifa Sidhpurwala (Feb 16)
- Re: Re: PHP Exif 64bit Casting Vulnerability, CVE request Pierre Joye (Feb 16)
- Re: Re: PHP Exif 64bit Casting Vulnerability, CVE request Huzaifa Sidhpurwala (Feb 16)
- Re: PHP Exif 64bit Casting Vulnerability, CVE request Pierre Joye (Feb 16)
- CVE request: aircrack-ng Marc Deslauriers (Feb 14)
- Re: CVE request: aircrack-ng Nico Golde (Feb 15)
- CVE request - kernel: bridge br_multicast NULL pointer dereference Eugene Teo (Feb 16)
- Re: CVE request - kernel: bridge br_multicast NULL pointer dereference Josh Bressers (Feb 16)
- Re: CVE request - kernel: bridge br_multicast NULL pointer dereference Moritz Muehlenhoff (Feb 16)
- Re: CVE request - kernel: bridge br_multicast NULL pointer dereference Josh Bressers (Feb 16)
- CVE request - kernel: s390 task_show_regs infoleak Eugene Teo (Feb 16)
- Re: CVE request - kernel: s390 task_show_regs infoleak Josh Bressers (Feb 16)
- CVE request - kernel: xfs infoleak Eugene Teo (Feb 16)
- Re: CVE request - kernel: xfs infoleak Josh Bressers (Feb 16)
- Re: CVE request - kernel: xfs infoleak Eugene Teo (Mar 01)
- kernel: ALSA: caiaq - Fix possible string-buffer overflow Eugene Teo (Feb 16)
- Re: kernel: ALSA: caiaq - Fix possible string-buffer overflow Josh Bressers (Feb 16)
- Re: kernel: ALSA: caiaq - Fix possible string-buffer overflow Eugene Teo (Feb 16)
- Re: kernel: ALSA: caiaq - Fix possible string-buffer overflow Josh Bressers (Feb 16)
- wireshark dct3trace buffer overflow Huzaifa Sidhpurwala (Feb 16)
- CVE request -- kernel: deficiency in processing igmp host membership reports in br_multicast Petr Matousek (Feb 16)
- CVE request - kernel: thp: prevent hugepages during args/env copying into the user stack Eugene Teo (Feb 16)
- Re: CVE request - kernel: thp: prevent hugepages during args/env copying into the user stack Josh Bressers (Feb 17)
- CVE id request: telepathy-gabble Nico Golde (Feb 17)
- Re: CVE id request: telepathy-gabble Josh Bressers (Feb 17)
- CVE request: avahi daemon remote denial of service by sending NULL UDP Thomas Biege (Feb 18)
- Re: CVE request: avahi daemon remote denial of service by sending NULL UDP Josh Bressers (Feb 18)
- Re: CVE request: avahi daemon remote denial of service by sending NULL UDP Steven M. Christey (Feb 22)
- Re: CVE request: avahi daemon remote denial of service by sending NULL UDP Josh Bressers (Feb 18)
- Re: CVE request: More Evince overflows Raphael Geissert (Feb 18)
- Re: Re: CVE request: More Evince overflows Tomas Hoger (Mar 04)
- clamav 0.97 Hanno Böck (Feb 21)
- Re: clamav 0.97 Josh Bressers (Feb 21)
- CVE request: ruby: FileUtils is vulnerable to symlink race attacks + Exception methods can bypass $SAFE Thomas Biege (Feb 21)
- CVE requests: freebsd kernel/tesseract/xinha/proftpd Moritz Muehlenhoff (Feb 21)
- Re: CVE requests: freebsd kernel/tesseract/xinha/proftpd Josh Bressers (Feb 23)
- Re: CVE requests: freebsd kernel/tesseract/xinha/proftpd Steven M. Christey (Mar 02)
- CVE-2011-0436: dtc sends password of new users to site admin by unencrypted email Raphael Geissert (Feb 21)
- CVE request: kernel: fs/partitions: validate map_count in mac partition tables Eugene Teo (Feb 21)
- Re: CVE request: kernel: fs/partitions: validate map_count in mac partition tables Josh Bressers (Feb 22)
- Re: CVE request: kernel: fs/partitions: validate map_count in mac partition tables Greg KH (Feb 22)
- Re: CVE request: kernel: fs/partitions: validate map_count in mac partition tables Josh Bressers (Feb 22)
- Re: CVE request: kernel: fs/partitions: validate map_count in mac partition tables Greg KH (Feb 22)
- Re: CVE request: kernel: fs/partitions: validate map_count in mac partition tables Josh Bressers (Feb 22)
- CVE request: kernel: a collection of world-writable debugfs bugs Eugene Teo (Feb 22)
- Re: CVE request: kernel: a collection of world-writable debugfs bugs Josh Bressers (Feb 22)
- Re: CVE request: kernel: a collection of world-writable debugfs bugs Eugene Teo (Feb 22)
- Re: CVE request: kernel: a collection of world-writable debugfs bugs Vasiliy Kulikov (Feb 23)
- Re: CVE request: kernel: a collection of world-writable debugfs bugs Josh Bressers (Feb 23)
- Re: CVE request: kernel: a collection of world-writable debugfs bugs Vasiliy Kulikov (Mar 20)
- Re: CVE request: kernel: a collection of world-writable debugfs bugs Dan Rosenberg (Mar 20)
- Re: CVE request: kernel: a collection of world-writable debugfs bugs Vasiliy Kulikov (Mar 21)
- Re: CVE request: kernel: a collection of world-writable debugfs bugs Eugene Teo (Feb 22)
- Re: CVE request: kernel: a collection of world-writable debugfs bugs Josh Bressers (Feb 22)
- CVE Request -- rt3 -- two issues: 1) Improper management of form data resubmittion upon user log out 2) SQL queries information leak by user account transition Jan Lieskovsky (Feb 22)
- Re: CVE Request -- rt3 -- two issues: 1) Improper management of form data resubmittion upon user log out 2) SQL queries information leak by user account transition Josh Bressers (Feb 22)
- Re: CVE Request -- rt3 -- two issues: 1) Improper management of form data resubmittion upon user log out 2) SQL queries information leak by user account transition Thomas Sibley (Feb 22)
- Re: Re: CVE Request -- rt3 -- two issues: 1) Improper management of form data resubmittion upon user log out 2) SQL queries information leak by user account transition Josh Bressers (Feb 23)
- Re: Re: CVE Request -- rt3 -- two issues: 1) Improper management of form data resubmittion upon user log out 2) SQL queries information leak by user account transition Vincent Danen (Feb 24)
- Re: Re: CVE Request -- rt3 -- two issues: 1) Improper management of form data resubmittion upon user log out 2) SQL queries information leak by user account transition Ralf Corsepius (Feb 24)
- Re: Re: CVE Request -- rt3 -- two issues: 1) Improper management of form data resubmittion upon user log out 2) SQL queries information leak by user account transition Vincent Danen (Feb 24)
- Re: Re: CVE Request -- rt3 -- two issues: 1) Improper management of form data resubmittion upon user log out 2) SQL queries information leak by user account transition Josh Bressers (Feb 23)
- gdm PostLogin script executes scripts as user gdm Thomas Biege (Feb 22)
- Re: gdm PostLogin script executes scripts as user gdm Josh Bressers (Feb 22)
- Re: gdm PostLogin script executes scripts as user gdm Thomas Biege (Feb 23)
- Re: gdm PostLogin script executes scripts as user gdm Josh Bressers (Feb 22)
- CVE Request: Vanilla Forums 2.0.17.1 ~ 2.0.17.5 <= Cross Site Scripting Vulnerability YGN Ethical Hacker Group (Feb 22)
- Re: CVE Request: Vanilla Forums 2.0.17.1 ~ 2.0.17.5 <= Cross Site Scripting Vulnerability Josh Bressers (Feb 22)
- CVE request: simple machines forum before 1.1.13 Hanno Böck (Feb 22)
- Re: CVE request: simple machines forum before 1.1.13 Josh Bressers (Feb 23)
- Re: CVE request: simple machines forum before 1.1.13 Steven M. Christey (Mar 02)
- Re: CVE request: simple machines forum before 1.1.13 Josh Bressers (Feb 23)
- CVE request: kernel: Corrupted LDM partition table issues Eugene Teo (Feb 22)
- Re: CVE request: kernel: Corrupted LDM partition table issues Josh Bressers (Feb 23)
- Physical access vulnerabilities and auto-mounting Dan Rosenberg (Feb 22)
- Re: Physical access vulnerabilities and auto-mounting Eugene Teo (Feb 22)
- Re: Physical access vulnerabilities and auto-mounting Eugene Teo (Feb 22)
- Re: Physical access vulnerabilities and auto-mounting Steve Grubb (Feb 23)
- Re: Physical access vulnerabilities and auto-mounting Timo Warns (Feb 23)
- Re: Physical access vulnerabilities and auto-mounting Steven M. Christey (Feb 23)
- Re: Physical access vulnerabilities and auto-mounting Nelson Elhage (Feb 22)
- Re: Physical access vulnerabilities and auto-mounting Solar Designer (Feb 22)
- Re: Physical access vulnerabilities and auto-mounting Michael Tokarev (Feb 22)
- Re: Physical access vulnerabilities and auto-mounting Sebastian Krahmer (Feb 22)
- Re: Physical access vulnerabilities and auto-mounting Vincent Danen (Feb 23)
- Re: Physical access vulnerabilities and auto-mounting Hanno Böck (Feb 23)
- Re: Physical access vulnerabilities and auto-mounting Eugene Teo (Feb 22)
- CVE request: kernel: fs/partitions: Kernel heap overflow via corrupted LDM partition tables Timo Warns (Feb 23)
- CVE request: pmwiki before 2.2.21 Hanno Böck (Feb 23)
- Re: CVE request: pmwiki before 2.2.21 Josh Bressers (Feb 23)
- CVE request: Information disclosure in CGIHTTPServer from Python Moritz Muehlenhoff (Feb 23)
- Re: CVE request: Information disclosure in CGIHTTPServer from Python Josh Bressers (Feb 24)
- Pattern lock bypass on SE X10 with Android 1.6 Tim Brown (Feb 23)
- Re: Pattern lock bypass on SE X10 with Android 1.6 Josh Bressers (Feb 24)
- CVE request: kernel: drm/radeon/kms: check AA resolve registers on r300 Eugene Teo (Feb 23)
- Re: CVE request: kernel: drm/radeon/kms: check AA resolve registers on r300 Josh Bressers (Feb 24)
- Re: CVE request: kernel: drm/radeon/kms: check AA resolve registers on r300 Eugene Teo (Feb 24)
- XSSer v1.5 -beta- aka "Swarm Edition!" released. psy (Feb 24)
- CVE Request -- OpenLDAP -- two issues Jan Lieskovsky (Feb 24)
- Re: CVE Request -- OpenLDAP -- two issues Josh Bressers (Feb 25)
- Re: CVE Request -- OpenLDAP -- two issues Thomas Biege (Feb 28)
- Re: CVE Request -- OpenLDAP -- two issues Vincent Danen (Feb 28)
- Re: CVE Request -- OpenLDAP -- two issues Ralf Haferkamp (Mar 01)
- Re: CVE Request -- OpenLDAP -- two issues Vincent Danen (Mar 01)
- Re: CVE Request -- OpenLDAP -- two issues Josh Bressers (Mar 01)
- Re: CVE Request -- OpenLDAP -- two issues Thomas Biege (Feb 28)
- Re: CVE Request -- OpenLDAP -- two issues Josh Bressers (Feb 25)
- CVE Request -- logwatch: Privilege escalation due improper sanitization of special characters in log file names Jan Lieskovsky (Feb 24)
- CVE Request -- Smarty -- {smarty.template} && {smarty.currentdir} security bypass Jan Lieskovsky (Feb 24)
- Re: CVE Request -- Smarty -- {smarty.template} && {smarty.currentdir} security bypass Josh Bressers (Feb 28)
- CVE request: kernel: CAP_SYS_MODULE bypass via CAP_NET_ADMIN Kees Cook (Feb 24)
- Re: CVE request: kernel: CAP_SYS_MODULE bypass via CAP_NET_ADMIN Eugene Teo (Feb 24)
- Re: CVE request: kernel: CAP_SYS_MODULE bypass via CAP_NET_ADMIN Vasiliy Kulikov (Mar 11)
- CVE request: kernel: /proc/$pid/ leaks contents across setuid exec Kees Cook (Feb 24)
- Re: CVE request: kernel: /proc/$pid/ leaks contents across setuid exec Eugene Teo (Feb 24)
- CVE request: kernel: /sys/kernel/debug/acpi/custom_method can bypass module restrictions Kees Cook (Feb 24)
- Re: CVE request: kernel: /sys/kernel/debug/acpi/custom_method can bypass module restrictions Eugene Teo (Feb 24)
- Re: CVE request: kernel: /sys/kernel/debug/acpi/custom_method can bypass module restrictions Vasiliy Kulikov (Feb 25)
- CVE request: libcgroup: Failure to verify netlink messages Nelson Elhage (Feb 24)
- Re: CVE request: libcgroup: Failure to verify netlink messages Eugene Teo (Feb 24)
- Re: CVE request: libcgroup: Failure to verify netlink messages Steve Grubb (Feb 25)
- Re: CVE request: libcgroup: Failure to verify netlink messages Nelson Elhage (Feb 25)
- Re: CVE request: libcgroup: Failure to verify netlink messages Steve Grubb (Feb 25)
- Re: CVE request: libcgroup: Failure to verify netlink messages Steve Grubb (Feb 25)
- Re: CVE request: libcgroup: Failure to verify netlink messages Eugene Teo (Feb 24)
- CVE Request: PHPShop 0.8.1 <= | Cross Site Scripting Vulnerability YGN Ethical Hacker Group (Feb 24)
- Re: CVE Request: PHPShop 0.8.1 <= | Cross Site Scripting Vulnerability Josh Bressers (Feb 28)
- CVE request: v86d: Failure to validate netlink message sender Nelson Elhage (Feb 25)
- Re: CVE request: v86d: Failure to validate netlink message sender Josh Bressers (Feb 28)
- cve request: eglibc memory corruption Michael Gilbert (Feb 26)
- Re: cve request: eglibc memory corruption Josh Bressers (Feb 28)
- Re: cve request: eglibc memory corruption Michael Gilbert (Feb 28)
- Re: cve request: eglibc memory corruption Josh Bressers (Feb 28)
- CVE Request: PEAR Installer 1.9.1 <= - Symlink Attack Helgi Þormar Þorbjörnsson (Feb 28)
- Re: CVE Request: PEAR Installer 1.9.1 <= - Symlink Attack Dan Rosenberg (Feb 28)
- Re: CVE Request: PEAR Installer 1.9.1 <= - Symlink Attack Pierre Joye (Mar 01)
- Re: CVE Request: PEAR Installer 1.9.1 <= - Symlink Attack Helgi Þormar Þorbjörnsson (Mar 01)
- Re: CVE Request: PEAR Installer 1.9.1 <= - Symlink Attack Vincent Danen (Mar 03)
- Re: CVE Request: PEAR Installer 1.9.1 <= - Symlink Attack Dan Rosenberg (Mar 01)
- Re: CVE Request: PEAR Installer 1.9.1 <= - Symlink Attack Pierre Joye (Mar 01)
- Re: CVE Request: PEAR Installer 1.9.1 <= - Symlink Attack Helgi Þormar Þorbjörnsson (Mar 01)
- Re: CVE Request: PEAR Installer 1.9.1 <= - Symlink Attack Helgi Þormar Þorbjörnsson (Mar 08)
- Re: CVE Request: PEAR Installer 1.9.1 <= - Symlink Attack Vincent Danen (Mar 11)
- Re: CVE Request: PEAR Installer 1.9.1 <= - Symlink Attack Pierre Joye (Mar 01)
- Re: CVE Request: PEAR Installer 1.9.1 <= - Symlink Attack Josh Bressers (Feb 28)
- Re: CVE Request: PEAR Installer 1.9.1 <= - Symlink Attack Dan Rosenberg (Feb 28)
- CVE request: kernel: two bluetooth and one ebtables infoleaks/DoSes Vasiliy Kulikov (Feb 28)
- Re: CVE request: kernel: two bluetooth and one ebtables infoleaks/DoSes Petr Matousek (Mar 01)
- CVE request: FreeBSD/OS X crontab information leakage Dan Rosenberg (Feb 28)
- Re: CVE request: FreeBSD/OS X crontab information leakage Josh Bressers (Feb 28)
- CVE request: kernel: OOM-killer via argv expansion Kees Cook (Feb 28)
- Re: CVE request: kernel: OOM-killer via argv expansion Kees Cook (Feb 28)
- Re: CVE request: kernel: OOM-killer via argv expansion Kees Cook (Feb 28)
- Re: CVE request: kernel: OOM-killer via argv expansion Nelson Elhage (Feb 28)
- Re: CVE request: kernel: OOM-killer via argv expansion Eugene Teo (Feb 28)
- Re: CVE request: kernel: OOM-killer via argv expansion Kees Cook (Feb 28)
- Re: CVE request: kernel: OOM-killer via argv expansion Kees Cook (Feb 28)
- CVE request: Atlassian JIRA Parameter-Based Redirection Vulnerability henri (Mar 01)
- Re: CVE request: Atlassian JIRA Parameter-Based Redirection Vulnerability Josh Bressers (Mar 01)
- cve request for smoothwall & openfiler dave b (Mar 01)
- Re: cve request for smoothwall & openfiler Josh Bressers (Mar 03)
- CVE request: kernel: Multiple DoS issues in epoll Nelson Elhage (Mar 01)
- Re: CVE request: kernel: Multiple DoS issues in epoll Petr Matousek (Mar 02)
- CVE request: VLC bookmark buffer overflow henri (Mar 02)
- Re: CVE request: VLC bookmark buffer overflow Josh Bressers (Mar 03)
- Re: CVE request: VLC bookmark buffer overflow Josh Bressers (Mar 03)
- Re: CVE request: VLC bookmark buffer overflow Henri Salo (Mar 24)
- Re: CVE request: VLC bookmark buffer overflow Steven M. Christey (Mar 28)
- Re: CVE request: VLC bookmark buffer overflow Josh Bressers (Mar 03)
- Re: CVE request: VLC bookmark buffer overflow Josh Bressers (Mar 03)
- CVE request: gri < 2.12.18 insecure temp file generation henri (Mar 02)
- Re: CVE request: gri < 2.12.18 insecure temp file generation Josh Bressers (Mar 03)
- CVE-2011-1023 kernel: rds: prevent BUG_ON triggering on congestion map updates Eugene Teo (Mar 03)
- Vendor-sec hosting and future of closed lists Marcus Meissner (Mar 03)
- Re: Vendor-sec hosting and future of closed lists Mark J Cox (Mar 03)
- Re: Vendor-sec hosting and future of closed lists Kees Cook (Mar 03)
- Re: Vendor-sec hosting and future of closed lists Steven M. Christey (Mar 03)
- Re: Vendor-sec hosting and future of closed lists Greg KH (Mar 03)
- Re: Vendor-sec hosting and future of closed lists Kees Cook (Mar 03)
- Re: Vendor-sec hosting and future of closed lists Greg KH (Mar 03)
- Re: Vendor-sec hosting and future of closed lists Dan Rosenberg (Mar 03)
- Re: Vendor-sec hosting and future of closed lists Greg KH (Mar 03)
- Re: Vendor-sec hosting and future of closed lists Dan Rosenberg (Mar 03)
- Re: Vendor-sec hosting and future of closed lists Greg KH (Mar 03)
- Re: Vendor-sec hosting and future of closed lists Michael Gilbert (Mar 03)
- Re: Vendor-sec hosting and future of closed lists Greg KH (Mar 03)
- Re: Vendor-sec hosting and future of closed lists Mike O'Connor (Mar 14)
- Re: Vendor-sec hosting and future of closed lists Eugene Teo (Mar 15)
- Re: Vendor-sec hosting and future of closed lists Mike O'Connor (Mar 15)
- RE: Vendor-sec hosting and future of closed lists Menkhus, Mark (GSE Security HP SSRT) (Mar 15)
- Re: Vendor-sec hosting and future of closed lists Eugene Teo (Mar 15)
- RE: Vendor-sec hosting and future of closed lists Menkhus, Mark (GSE Security HP SSRT) (Mar 16)
- Re: Vendor-sec hosting and future of closed lists Eugene Teo (Mar 16)
- RE: Vendor-sec hosting and future of closed lists Mark J Cox (Mar 16)
- Re: Vendor-sec hosting and future of closed lists Mike O'Connor (Mar 16)
- Re: Vendor-sec hosting and future of closed lists Dan Rosenberg (Mar 03)
- Re: Vendor-sec hosting and future of closed lists Greg KH (Mar 03)
- Re: Vendor-sec hosting and future of closed lists Mark J Cox (Mar 04)
- Re: Vendor-sec hosting and future of closed lists David Hicks (Mar 04)
- Re: Vendor-sec hosting and future of closed lists Nelson Elhage (Mar 04)
- Re: Vendor-sec hosting and future of closed lists Steven M. Christey (Mar 04)
- Re: Vendor-sec hosting and future of closed lists Kees Cook (Mar 03)
- Re: Vendor-sec hosting and future of closed lists Josh Bressers (Mar 03)
- Re: Vendor-sec hosting and future of closed lists Kees Cook (Mar 03)
- Re: Vendor-sec hosting and future of closed lists Solar Designer (Mar 03)
- Re: Vendor-sec hosting and future of closed lists S.P.Zeidler (Mar 05)
- Re: Vendor-sec hosting and future of closed lists Greg KH (Mar 05)
- Re: Vendor-sec hosting and future of closed lists S.P.Zeidler (Mar 06)
- Re: Vendor-sec hosting and future of closed lists Matthieu Herrb (Mar 06)
- Re: Vendor-sec hosting and future of closed lists Eugene Teo (Mar 06)
- Re: Vendor-sec hosting and future of closed lists Andrea Barisani (Mar 07)
- Re: Vendor-sec hosting and future of closed lists Josh Bressers (Mar 08)
- Vendor-sec hosting and future of closed lists R P Herrold (Mar 08)
- Re: Vendor-sec hosting and future of closed lists akuster (Mar 08)
- Re: Vendor-sec hosting and future of closed lists Andrea Barisani (Mar 08)
- Re: Vendor-sec hosting and future of closed lists Mike O'Connor (Mar 14)
- Re: Vendor-sec hosting and future of closed lists Andrea Barisani (Mar 16)
- Re: Vendor-sec hosting and future of closed lists Art Manion (Mar 15)
- Re: Vendor-sec hosting and future of closed lists Willy Tarreau (Mar 07)
- Re: Vendor-sec hosting and future of closed lists S.P.Zeidler (Mar 05)
- Re: Vendor-sec hosting and future of closed lists Marcus Meissner (Mar 03)
- Re: Vendor-sec hosting and future of closed lists Mark J Cox (Mar 03)
- Suid mount helpers fail to anticipate RLIMIT_FSIZE Dan Rosenberg (Mar 03)
- Re: Suid mount helpers fail to anticipate RLIMIT_FSIZE Dmitry V. Levin (Mar 03)
- Re: Suid mount helpers fail to anticipate RLIMIT_FSIZE Dan Rosenberg (Mar 03)
- Re: Suid mount helpers fail to anticipate RLIMIT_FSIZE Ludwig Nussel (Mar 03)
- Re: Suid mount helpers fail to anticipate RLIMIT_FSIZE Dan Rosenberg (Mar 05)
- Re: Suid mount helpers fail to anticipate RLIMIT_FSIZE Kees Cook (Mar 05)
- Re: Suid mount helpers fail to anticipate RLIMIT_FSIZE Josh Bressers (Mar 07)
- Re: Suid mount helpers fail to anticipate RLIMIT_FSIZE Dan Rosenberg (Mar 03)
- Re: Suid mount helpers fail to anticipate RLIMIT_FSIZE Ludwig Nussel (Mar 14)
- Re: Suid mount helpers fail to anticipate RLIMIT_FSIZE Dan Rosenberg (Mar 14)
- Re: Suid mount helpers fail to anticipate RLIMIT_FSIZE Dan Rosenberg (Mar 14)
- Re: Suid mount helpers fail to anticipate RLIMIT_FSIZE Dan Rosenberg (Mar 15)
- Re: Suid mount helpers fail to anticipate RLIMIT_FSIZE Tomas Hoger (Mar 22)
- Re: Suid mount helpers fail to anticipate RLIMIT_FSIZE Dan Rosenberg (Mar 22)
- Re: Suid mount helpers fail to anticipate RLIMIT_FSIZE Dan Rosenberg (Mar 31)
- Re: Suid mount helpers fail to anticipate RLIMIT_FSIZE Patrick J. Volkerding (Mar 31)
- Re: Suid mount helpers fail to anticipate RLIMIT_FSIZE Dan Rosenberg (Mar 14)
- Re: Suid mount helpers fail to anticipate RLIMIT_FSIZE Dmitry V. Levin (Mar 03)
- CVE-2011-1076 kernel: DNS: Fix a NULL pointer deref when trying to read an error key Eugene Teo (Mar 03)
- CVE Request -- logrotate -- nine issues Jan Lieskovsky (Mar 04)
- Re: CVE Request -- logrotate -- nine issues Solar Designer (Mar 04)
- Re: CVE Request -- logrotate -- nine issues Florian Zumbiehl (Mar 04)
- Re: CVE Request -- logrotate -- nine issues Solar Designer (Mar 04)
- Re: CVE Request -- logrotate -- nine issues Steven M. Christey (Mar 04)
- Re: CVE Request -- logrotate -- nine issues Solar Designer (Mar 04)
- Re: CVE Request -- logrotate -- nine issues Steven M. Christey (Mar 04)
- Re: CVE Request -- logrotate -- nine issues Dan Rosenberg (Mar 04)
- Re: CVE Request -- logrotate -- nine issues Steve Grubb (Mar 07)
- Re: CVE Request -- logrotate -- nine issues Josh Bressers (Mar 07)
- Re: CVE Request -- logrotate -- nine issues Florian Zumbiehl (Mar 04)
- Re: CVE Request -- logrotate -- nine issues Solar Designer (Mar 05)
- Re: CVE Request -- logrotate -- nine issues Florian Zumbiehl (Mar 06)
- Re: CVE Request -- logrotate -- nine issues Jan Lieskovsky (Mar 04)
- Re: CVE Request -- logrotate -- nine issues Solar Designer (Mar 04)
- Re: CVE Request -- logrotate -- nine issues Steven M. Christey (Mar 04)
- Re: CVE Request -- logrotate -- nine issues Solar Designer (Mar 04)
- Re: CVE Request -- logrotate -- nine issues Jan Lieskovsky (Mar 04)
- Re: CVE Request -- logrotate -- nine issues Solar Designer (Mar 05)
- Re: CVE Request -- logrotate -- nine issues Jan Kaluža (Mar 07)
- Re: CVE Request -- logrotate -- nine issues Paul Martin (Mar 07)
- Re: CVE Request -- logrotate -- nine issues Josh Bressers (Mar 07)
- Re: CVE Request -- logrotate -- nine issues Ludwig Nussel (Mar 07)
- Re: CVE Request -- logrotate -- nine issues Josh Bressers (Mar 10)
- Re: CVE Request -- logrotate -- nine issues Florian Zumbiehl (Mar 10)
- Re: CVE Request -- logrotate -- nine issues Solar Designer (Mar 10)
- Re: CVE Request -- logrotate -- nine issues Florian Zumbiehl (Mar 10)
- Re: CVE Request -- logrotate -- nine issues Solar Designer (Mar 11)
- Re: CVE Request -- logrotate -- nine issues Ludwig Nussel (Mar 11)
- Re: CVE Request -- logrotate -- nine issues Ludwig Nussel (Mar 23)
- Re: CVE Request -- logrotate -- nine issues Pavel Labushev (Mar 04)
- Re: CVE Request -- logrotate -- nine issues Solar Designer (Mar 05)
- Re: CVE Request -- logrotate -- nine issues Pavel Labushev (Mar 06)
- Re: CVE Request -- logrotate -- nine issues Solar Designer (Mar 06)
- Re: CVE Request -- logrotate -- nine issues Pavel Labushev (Mar 06)
- Re: CVE Request -- logrotate -- nine issues Florian Zumbiehl (Mar 04)
- Re: CVE Request -- logrotate -- nine issues Josh Bressers (Mar 14)
- Re: CVE Request -- logrotate -- nine issues Solar Designer (Mar 04)
- kernel: modules_disabled policy Vasiliy Kulikov (Mar 05)
- Re: kernel: modules_disabled policy Kees Cook (Mar 05)
- Re: kernel: modules_disabled policy Steve Grubb (Mar 06)
- CVE request - kernel: nfs4: Ensure that ACL pages sent over NFS were not allocated from the slab Eugene Teo (Mar 06)
- cgit convert_query_hexchar infinite loop (CVE-2011-1027) Tomas Hoger (Mar 07)
- ldd can execute an app unexpectedly Steve Grubb (Mar 07)
- Re: ldd can execute an app unexpectedly Dmitry V. Levin (Mar 07)
- Re: ldd can execute an app unexpectedly Steve Grubb (Mar 07)
- Re: ldd can execute an app unexpectedly Tim Brown (Mar 07)
- Re: ldd can execute an app unexpectedly Tomas Hoger (Mar 08)
- Re: ldd can execute an app unexpectedly Steve Grubb (Mar 08)
- Re: ldd can execute an app unexpectedly Dmitry V. Levin (Mar 07)
- CVE request: kernel: dccp: fix oops on Reset after close Eugene Teo (Mar 07)
- Re: CVE request: kernel: dccp: fix oops on Reset after close Josh Bressers (Mar 08)
- Buffer overflows in fsck may become security issues Ludwig Nussel (Mar 08)
- glibc locale escaping issue Tomas Hoger (Mar 08)
- Re: glibc locale escaping issue Josh Bressers (Mar 08)
- Re: glibc locale escaping issue Steven M. Christey (Mar 08)
- Re: glibc locale escaping issue Josh Bressers (Mar 08)
- CVE request, php's shm Pierre Joye (Mar 08)
- Re: CVE request, php's shm Josh Bressers (Mar 08)
- Re: CVE request, php's shm Tomas Hoger (Mar 08)
- KDE SSL name check issue Tomas Hoger (Mar 08)
- Re: KDE SSL name check issue Josh Bressers (Mar 08)
- CVE-2011-0714 kernel: deficiency in handling of invalid data packets in lockd Petr Matousek (Mar 08)
- CVE request: buffer overflow in unixODBC's SQLDriverConnect() Felipe Pena (Mar 09)
- Re: CVE request: buffer overflow in unixODBC's SQLDriverConnect() Josh Bressers (Mar 10)
- CVE request: libvirt: several API calls do not honour read-only connection Petr Matousek (Mar 09)
- Re: CVE request: libvirt: several API calls do not honour read-only connection Josh Bressers (Mar 10)
- nss-pam-ldapd security advisory (CVE-2011-0438) Arthur de Jong (Mar 09)
- CVE-2011-0695 kernel: panic in ib_cm:cm_work_handler Eugene Teo (Mar 10)
- CVE Request -- Asterisk AST-2011-002 / Multiple array overflow and crash vulnerabilities in UDPTL code Jan Lieskovsky (Mar 11)
- announcing libwipe Andrew Clausen (Mar 12)
- Re: announcing libwipe Kees Cook (Mar 13)
- Re: announcing libwipe Pierre Joye (Mar 13)
- Re: announcing libwipe Andrew Clausen (Mar 14)
- Re: announcing libwipe Andrew Clausen (Mar 14)
- Untrusted fs and invalid filenames Vasiliy Kulikov (Mar 12)
- Re: Untrusted fs and invalid filenames Steve Grubb (Mar 13)
- Re: Untrusted fs and invalid filenames Eitan Adler (Mar 13)
- Re: Untrusted fs and invalid filenames Stephan Mueller (Mar 14)
- Re: Untrusted fs and invalid filenames Dan Rosenberg (Mar 14)
- Re: Untrusted fs and invalid filenames Stephan Mueller (Mar 14)
- Re: Untrusted fs and invalid filenames Steve Grubb (Mar 14)
- Re: Untrusted fs and invalid filenames Vasiliy Kulikov (Mar 14)
- Re: Untrusted fs and invalid filenames Ludwig Nussel (Mar 14)
- Re: Untrusted fs and invalid filenames Steve Grubb (Mar 14)
- Re: Untrusted fs and invalid filenames Dan Rosenberg (Mar 14)
- CVE Request: bbPress 1.0.2 <= Cross Site Scripting Vulnerability YGN Ethical Hacker Group (Mar 13)
- Re: CVE Request: bbPress 1.0.2 <= Cross Site Scripting Vulnerability Josh Bressers (Mar 14)
- CVE request: PHP substr_replace() use-after-free Felipe Pena (Mar 13)
- Re: CVE request: PHP substr_replace() use-after-free Eugene Teo (Mar 13)
- Re: CVE request: PHP substr_replace() use-after-free Oden Eriksson (Mar 13)
- Re: CVE request: PHP substr_replace() use-after-free Felipe Pena (Mar 13)
- Re: CVE request: PHP substr_replace() use-after-free Vincent Danen (Mar 18)
- Re: CVE request: PHP substr_replace() use-after-free Felipe Pena (Mar 13)
- Please REJECT CVE-2008-2956 Michael Gilbert (Mar 13)
- Re: Please REJECT CVE-2008-2956 Eugene Teo (Mar 13)
- CVE Request: Joomla! 1.6.0 | SQL Injection Vulnerability YGN Ethical Hacker Group (Mar 13)
- Re: CVE Request: Joomla! 1.6.0 | SQL Injection Vulnerability Josh Bressers (Mar 14)
- CVE Request: Joomla! 1.6.0 | Cross Site Scripting (XSS) Vulnerability YGN Ethical Hacker Group (Mar 13)
- Re: CVE Request: Joomla! 1.6.0 | Cross Site Scripting (XSS) Vulnerability Josh Bressers (Mar 14)
- Re: CVE Request: Joomla! 1.6.0 | Cross Site Scripting (XSS) Vulnerability YGN Ethical Hacker Group (Mar 18)
- Re: CVE Request: Joomla! 1.6.0 | Cross Site Scripting (XSS) Vulnerability Josh Bressers (Mar 14)
- CVE requests - kernel: tpm infoleaks Eugene Teo (Mar 14)
- Re: CVE requests - kernel: tpm infoleaks Josh Bressers (Mar 14)
- Re: CVE requests - kernel: tpm infoleaks Eugene Teo (Mar 14)
- Re: CVE requests - kernel: tpm infoleaks Josh Bressers (Mar 15)
- Re: CVE requests - kernel: tpm infoleaks Josh Bressers (Mar 14)
- CVE request: format-string vulnerability in PHP Phar extension Felipe Pena (Mar 14)
- Re: CVE request: format-string vulnerability in PHP Phar extension Felipe Pena (Mar 14)
- Re: CVE request: format-string vulnerability in PHP Phar extension Josh Bressers (Mar 14)
- CVE Request / Discussion -- vino -- reports the desktop being reachable only over the local network, when reachable from everywhere Jan Lieskovsky (Mar 14)
- Re: CVE Request / Discussion -- vino -- reports the desktop being reachable only over the local network, when reachable from everywhere David King (Mar 14)
- Re: CVE Request / Discussion -- vino -- reports the desktop being reachable only over the local network, when reachable from everywhere Josh Bressers (Mar 14)
- Re: CVE Request / Discussion -- vino -- reports the desktop being reachable only over the local network, when reachable from everywhere Steven M. Christey (Mar 14)
- Re: CVE Request / Discussion -- vino -- reports the desktop being reachable only over the local network, when reachable from everywhere Josh Bressers (Mar 15)
- Re: CVE Request / Discussion -- vino -- reports the desktop being reachable only over the local network, when reachable from everywhere David Woodhouse (Mar 16)
- Re: CVE Request / Discussion -- vino -- reports the desktop being reachable only over the local network, when reachable from everywhere David King (Mar 16)
- Re: CVE Request / Discussion -- vino -- reports the desktop being reachable only over the local network, when reachable from everywhere David Woodhouse (Mar 16)
- Re: CVE Request / Discussion -- vino -- reports the desktop being reachable only over the local network, when reachable from everywhere Josh Bressers (Mar 16)
- Re: CVE Request / Discussion -- vino -- reports the desktop being reachable only over the local network, when reachable from everywhere David Woodhouse (Mar 16)
- Re: CVE Request / Discussion -- vino -- reports the desktop being reachable only over the local network, when reachable from everywhere David Woodhouse (Mar 16)
- Re: CVE Request / Discussion -- vino -- reports the desktop being reachable only over the local network, when reachable from everywhere Ludwig Nussel (Mar 16)
- CVE request for python-feedparser Vincent Danen (Mar 14)
- Re: CVE request for python-feedparser Josh Bressers (Mar 15)
- <Possible follow-ups>
- Re: CVE request for python-feedparser Jonathan Wiltshire (Mar 16)
- Re: Re: CVE request for python-feedparser Josh Bressers (Mar 21)
- gksu-polkit Sebastian Krahmer (Mar 15)
- Re: gksu-polkit Josh Bressers (Mar 15)
- CVE Request: kernel: fs/partitions: Corrupted OSF partition table can cause information disclosure Timo Warns (Mar 15)
- CVE Request: xen DoS Ludwig Nussel (Mar 17)
- Re: CVE Request: xen DoS Eugene Teo (Mar 17)
- CVE request for Asterisk flaws Vincent Danen (Mar 17)
- Re: CVE request for Asterisk flaws Josh Bressers (Mar 21)
- The risks of cleaning /tmp Dan Rosenberg (Mar 17)
- Re: The risks of cleaning /tmp Nelson Elhage (Mar 17)
- CVE request: kernel: AudioScience HPI driver Dan Rosenberg (Mar 18)
- Re: CVE request: kernel: AudioScience HPI driver Eugene Teo (Mar 18)
- CVE Request: Joomla! 1.5.21 <= SQL Injection Vulnerability YGN Ethical Hacker Group (Mar 18)
- CVE Request: Joomla! 1.5.20 <= Cross Site Scripting (XSS) Vulnerability YGN Ethical Hacker Group (Mar 18)
- CVE Request: MyBB 1.6 <= SQL Injection YGN Ethical Hacker Group (Mar 18)
- CVE Request: MyBB 1.6 <= Cross Site Scripting Vulnerability YGN Ethical Hacker Group (Mar 18)
- CVE Request: Geeklog 1.7.1 <= Cross Site Scripting Vulnerability YGN Ethical Hacker Group (Mar 18)
- CVE Request: TinyBrowser (TinyMCE Editor File browser) 1.41.6 - Multiple Vulnerabilities YGN Ethical Hacker Group (Mar 18)
- CVE Request: 2Wire Broadband Router Session Hijacking Vulnerability YGN Ethical Hacker Group (Mar 18)
- CVE Request: PHP Support Ticket 2.2 <= Multiple Vulnerabilities YGN Ethical Hacker Group (Mar 18)
- CVE Request: HP System Management Homepage(SMH) | Open URL Redirection YGN Ethical Hacker Group (Mar 18)
- Re: CVE Request: HP System Management Homepage(SMH) | Open URL Redirection Mike O'Connor (Mar 18)
- RE: CVE Request: HP System Management Homepage(SMH) | Open URL Redirection Menkhus, Mark (GSE Security HP SSRT) (Mar 19)
- Re: CVE Request: HP System Management Homepage(SMH) | Open URL Redirection Mike O'Connor (Mar 18)
- CVE Request: XOOPS 2.5.0 <= Cross Site Scripting Vulnerability YGN Ethical Hacker Group (Mar 18)
- CVE request: kernel: netfilter & econet infoleaks Vasiliy Kulikov (Mar 18)
- Re: CVE request: kernel: netfilter & econet infoleaks Eugene Teo (Mar 20)
- Re: CVE request: kernel: netfilter & econet infoleaks Eugene Teo (Mar 21)
- Re: CVE request: kernel: netfilter & econet infoleaks Eugene Teo (Mar 20)
- CVE request: MPM-ITK module for Apache HTTPD Stefan Fritsch (Mar 20)
- Re: CVE request: MPM-ITK module for Apache HTTPD Josh Bressers (Mar 21)
- Re: CVE request: MPM-ITK module for Apache HTTPD Steinar H. Gunderson (Mar 21)
- Re: CVE request: MPM-ITK module for Apache HTTPD Josh Bressers (Mar 21)
- CVE request: kernel: heap corruption in IrDA Dan Rosenberg (Mar 20)
- Re: CVE request: kernel: heap corruption in IrDA Eugene Teo (Mar 20)
- Re: CVE request: kernel: heap corruption in IrDA Dan Rosenberg (Mar 21)
- Re: CVE request: kernel: heap corruption in IrDA Eugene Teo (Mar 22)
- Re: CVE request: kernel: heap corruption in IrDA Dan Rosenberg (Mar 21)
- Re: CVE request: kernel: heap corruption in IrDA Eugene Teo (Mar 20)
- CVE request: kernel: multiple issues in ROSE Dan Rosenberg (Mar 20)
- Re: CVE request: kernel: multiple issues in ROSE Eugene Teo (Mar 20)
- Re: CVE request: kernel: multiple issues in ROSE Dan Rosenberg (Mar 30)
- Re: CVE request: kernel: multiple issues in ROSE Eugene Teo (Mar 20)
- CVE Request (minor) -- Pidgin / libpurple -- Cipher API information disclosure Jan Lieskovsky (Mar 21)
- Re: CVE UnRequest (minor) -- Pidgin / libpurple -- Cipher API information disclosure Jan Lieskovsky (Mar 21)
- Local memory disclosure (was: libpurple CVE UnRequest) Steven M. Christey (Mar 21)
- Re: Local memory disclosure (was: libpurple CVE UnRequest) Steve Grubb (Mar 21)
- Local memory disclosure (was: libpurple CVE UnRequest) Steven M. Christey (Mar 21)
- Re: CVE UnRequest (minor) -- Pidgin / libpurple -- Cipher API information disclosure Jan Lieskovsky (Mar 21)
- Re: CVE request: kernel: a collection ofworld-writable debugfs bugs dan . j . rosenberg (Mar 21)
- Security advisory: local DOS attack affecting non updated PaX patched kernels. klondike (Mar 21)
- Re: Security advisory: local DOS attack affecting non updated PaX patched kernels. Steven M. Christey (Mar 22)
- Message not available
- Re: CVE requests - kernel: irda/decnet issues Dan Rosenberg (Mar 22)
- Re: CVE requests - kernel: irda/decnet issues Josh Bressers (Mar 22)
- Re: CVE requests - kernel: irda/decnet issues Dan Rosenberg (Mar 22)
- Re: CVE Request: libpng memory leak Steven M. Christey (Mar 28)
- Re: Linux kernel signal spoofing vulnerability (CVE request) Eugene Teo (Mar 22)
- Re: Linux kernel signal spoofing vulnerability (CVE request) Julien Tinnes (Mar 29)
- RE: oss-security is on twitter Menkhus, Mark (GSE Security HP SSRT) (Mar 23)
- Re: oss-security is on twitter Eugene Teo (Mar 23)
- Re: CVE Request: perl: regex causes assertion fail Steven M. Christey (Mar 28)
- Re: CVE Request -- Asterisk Security Vulnerability Steven M. Christey (Mar 23)
- Re: CVE Request: PHP-Nuke 8.x <= "chng_uid" Blind SQL Injection Vulnerability Josh Bressers (Mar 30)
- Re: CVE Request: PHP-Nuke 8.x <= Cross Site Scripting Vulnerability Josh Bressers (Mar 30)
- Re: CVE request: kernel: two OSS fixes Eugene Teo (Mar 24)
- Re: CVE request: roundcube < 0.5.1 CSRF Jan Lieskovsky (Mar 24)
- Re: CVE Request -- Python (urllib, urllib2): Improper management of ftp:// and file:// URL schemes Steven M. Christey (Mar 28)
- Re: CVE Request -- php-doctrine-Doctrine -- SQL injection flaw Steven M. Christey (Mar 28)
- Re: CVE Request -- Nagios -- XSS in the network status map CGI script Steven M. Christey (Mar 28)
- Re: CVE request: cmsmadesimple before 1.9.1 Josh Bressers (Mar 30)
- Re: CVE Request -- Erlang/OTP R14, Erlang/OTP R14B01, Erlang/OTP R14B02 -- multiple security fixes Steven M. Christey (Mar 30)
- Re: CVE Request -- Erlang/OTP R14, Erlang/OTP R14B01, Erlang/OTP R14B02 -- multiple security fixes pan (Mar 30)
- Re: CVE Request -- Erlang/OTP R14, Erlang/OTP R14B01, Erlang/OTP R14B02 -- multiple security fixes Raimo Niskanen (Mar 31)
- Re: CVE Request -- Erlang/OTP R14, Erlang/OTP R14B01, Erlang/OTP R14B02 -- multiple security fixes Sverker Eriksson (Mar 31)
- Message not available