oss-sec: by date
640 messages
starting Jan 02 11 and
ending Mar 31 11
Date index |
Thread index |
Author index
Sunday, 02 January
CVE request for subversion Kurt Seifried
Re: CVE request: kernel: irda: prevent integer underflow in IRLMP_ENUMDEVICES Huzaifa Sidhpurwala
Monday, 03 January
CVE request for buffer overflows in gimp Huzaifa Sidhpurwala
Re: CVE Request -- 1, ccid -- int.overflow leading to array index error 2, pcsc-lite stack-based buffer overflow in ATR decoder [was: [oss-security] CVE request: opensc buffer overflow ] Josh Bressers
Re: Re: CVE Request -- OfflineIMAP -- 1), failed to validate remote SSL server certificate 2), allows SSLv2 protocol Josh Bressers
Re: CVE Request -- Django 1.2.4, Django 1.1.3 and Django 1.3 beta 1 -- addressing two security flaws Josh Bressers
Re: CVE request: wordpress before 3.0.4 XSS Josh Bressers
Re: CVE Request: CrawlTrack < 3.2.7 - remote php code execution Josh Bressers
Re: CVE Request: Wireshark Josh Bressers
Re: CVE request for subversion Josh Bressers
Possible CVE Request: improper AppArmor exec transition Jamie Strandboge
Re: Possible CVE Request: improper AppArmor exec transition Jamie Strandboge
CVE request: silverstripe before 2.4.4 Hanno Böck
CVE request: AusweisApp Hanno Böck
Re: CVE request: AusweisApp Hanno Böck
CVE-2010-4526 kernel: sctp: a race between ICMP protocol unreachable and connect() Eugene Teo
Tuesday, 04 January
Re: CVE request: kernel: Multiple DoS issues in block layer Eugene Teo
Re: Re: CVE Request -- perl-CGI two ids, perl-CGI-Simple one id (CVE-2010-3172 already assigned for Bugzilla part) Jan Lieskovsky
(possible) CVE request: Clickjacking in Mediawiki Jonathan Wiltshire
Re: CVE request for buffer overflows in gimp Josh Bressers
Re: CVE request for subversion Jan Lieskovsky
Re: Re: CVE Request -- perl-CGI two ids, perl-CGI-Simple one id (CVE-2010-3172 already assigned for Bugzilla part) Mark Stosberg
Re: CVE request for subversion Hyrum Wright
Re: CVE request: silverstripe before 2.4.4 Josh Bressers
Re: (possible) CVE request: Clickjacking in Mediawiki Josh Bressers
Re: CVE-2010-4526 kernel: sctp: a race between ICMP protocol unreachable and connect() Greg KH
CVE-2010-4525 kvm: x86: zero kvm_vcpu_events->interrupt.pad infoleak Eugene Teo
Wednesday, 05 January
possible flaw in widely used strtod.c implementation Pierre Joye
CVE request: hastymail before 1.01 XSS Hanno Böck
Re: CVE request for subversion Josh Bressers
Re: possible flaw in widely used strtod.c implementation Michael Gilbert
CGI.pm 3.51 released Mark Stosberg
Re: CGI.pm 3.51 released (revised) Mark Stosberg
Re: possible flaw in widely used strtod.c implementation Pierre Joye
Re: CVE-2010-4525 kvm: x86: zero kvm_vcpu_events->interrupt.pad infoleak Greg KH
CVE request: patch directory traversal flaw Vincent Danen
Re: CVE request: patch directory traversal flaw Dan Rosenberg
Re: CVE request: patch directory traversal flaw Vincent Danen
CVE Request: Multiple XSS Vulnerabiliies < Piwik 1.1 Anthon Pang
CVE-NONE kernel: PHONET signedness issue Eugene Teo
Thursday, 06 January
Re: CVE-2010-4525 kvm: x86: zero kvm_vcpu_events->interrupt.pad infoleak Eugene Teo
Re: possible flaw in widely used strtod.c implementation Pierre Joye
Re: possible flaw in widely used strtod.c implementation Josh Bressers
CVE Request for Joomla! 1.0.x ~ 1.0.15 | Cross Site Scripting (XSS) Vulnerability YGN Ethical Hacker Group
CVE Request: Eclipse IDE Version: 3.6.1 | Help Server Local Cross Site Scripting (XSS) YGN Ethical Hacker Group
CVE Request: kernel [Re: Security review of 2.6.32.28] dann frazier
Re: CVE-NONE kernel: PHONET signedness issue Michael Gilbert
Re: CVE-NONE kernel: PHONET signedness issue Dan Rosenberg
Re: CVE-NONE kernel: PHONET signedness issue Michael Gilbert
Re: CVE-NONE kernel: PHONET signedness issue Nelson Elhage
Re: CVE request: patch directory traversal flaw Steve Beattie
Re: CVE request: hastymail before 1.01 XSS Josh Bressers
Re: CVE Request: Multiple XSS Vulnerabiliies < Piwik 1.1 Josh Bressers
Re: CVE Request: Eclipse IDE Version: 3.6.1 | Help Server Local Cross Site Scripting (XSS) Josh Bressers
Re: CVE Request for Joomla! 1.0.x ~ 1.0.15 | Cross Site Scripting (XSS) Vulnerability Josh Bressers
Re: CVE Request: kernel [Re: Security review of 2.6.32.28] Josh Bressers
Re: CVE request: patch directory traversal flaw Raphael Geissert
Re: CVE request: patch directory traversal flaw Josh Bressers
Re: CVE request: patch directory traversal flaw Raphael Geissert
Re: CVE-NONE kernel: PHONET signedness issue Steven M. Christey
Friday, 07 January
CVE-2010-4225: XSP/mod_mono source code disclosure Thomas Biege
CVE Request - pimd - Insecure file creation in /var/tmp Steve Kemp
Re: CVE Request - pimd - Insecure file creation in /var/tmp Josh Bressers
Saturday, 08 January
Re: CVE request for subversion Hyrum K Wright
Re: CVE request for subversion Kurt Seifried
Monday, 10 January
Re: Re: CVE-2010-2094: PECL's phar code is vulnerable too Eygene Ryabinkin
Re: Re: CVE-2010-2094: PECL's phar code is vulnerable too Pierre Joye
CVE request: qemu-kvm: Setting VNC password to empty string silently disables all authentication Petr Matousek
Re: CVE request: qemu-kvm: Setting VNC password to empty string silently disables all authentication Kurt Seifried
Re: possible flaw in widely used strtod.c implementation Steven M. Christey
Tuesday, 11 January
CVE request: sudo does not ask for password on GID changes Vincent Danen
Wednesday, 12 January
Re: CVE request: sudo does not ask for password on GID changes Josh Bressers
Re: CVE request: qemu-kvm: Setting VNC password to empty string silently disables all authentication Josh Bressers
Re: CVE request: sudo does not ask for password on GID changes Todd C. Miller
CVE assignments for Wireshark Steven M. Christey
Thursday, 13 January
Re: CVE requests: IO::Socket::SSL, cakephp, collectd, gnash, ocrodjvu, hypermail, libcloud, piwigo Raphael Geissert
CVE requests: ftpls, xdigger, lbreakout2, calibre, typo3 Raphael Geissert
Friday, 14 January
Re: CVE requests: ftpls, xdigger, lbreakout2, calibre, typo3 Moritz Mühlenhoff
Re: CVE requests: ftpls, xdigger, lbreakout2, calibre, typo3 Steven M. Christey
Re: CVE requests: ftpls, xdigger, lbreakout2, calibre, typo3 Tomas Hoger
CVE request: proftpd before 1.3.3d Hanno Böck
Re: CVE requests: ftpls, xdigger, lbreakout2, calibre, typo3 Josh Bressers
Re: CVE request: proftpd before 1.3.3d Josh Bressers
Re: CVE request: proftpd before 1.3.3d TJ Saunders
Monday, 17 January
CVE request: tor Moritz Muehlenhoff
Tuesday, 18 January
CVE request Tim Brown
Re: CVE request Michael Gilbert
Re: CVE request Tim Brown
Re: CVE request Michael Gilbert
Re: CVE request Josh Bressers
CVE request: heap corruption in libpango Dan Rosenberg
Re: CVE request: tor Josh Bressers
Re: CVE request: tor Steven M. Christey
Wednesday, 19 January
CVE Request -- Asterisk: Stack-based buffer overflow by forming an outgoing SIP request with specially-crafted caller ID information (AST-2011-001) Jan Lieskovsky
Re: CVE Request -- Asterisk: Stack-based buffer overflow by forming an outgoing SIP request with specially-crafted caller ID information (AST-2011-001) Steven M. Christey
2 acpid flaws Vasiliy Kulikov
Re: CVE Request -- Asterisk: Stack-based buffer overflow by forming an outgoing SIP request with specially-crafted caller ID information (AST-2011-001) Matthew Nicholson
CVE request: heap corruption in VLC media player Dan Rosenberg
Re: CVE assignments for Wireshark Huzaifa Sidhpurwala
Thursday, 20 January
Re: CVE request: heap corruption in libpango Josh Bressers
Re: CVE request: heap corruption in VLC media player Josh Bressers
Re: CVE-2010-4225: XSP/mod_mono source code disclosure Oden Eriksson
Re: CVE-2010-4225: XSP/mod_mono source code disclosure Vincent Danen
CVE request: xpdf Dan Rosenberg
Re: [PATCH] acpi: debugfs: fix buffer overflows, double free Eugene Teo
Friday, 21 January
Re: [PATCH] acpi: debugfs: fix buffer overflows, double free Vasiliy Kulikov
Re: [PATCH] acpi: debugfs: fix buffer overflows, double free Eugene Teo
Saturday, 22 January
Re: [PATCH] acpi: debugfs: fix buffer overflows, double free Steven M. Christey
Re: Re: [PATCH] acpi: debugfs: fix buffer overflows, double free Eugene Teo
Sunday, 23 January
CVE request: MaraDNS DoS via long queries Raphael Geissert
Monday, 24 January
Linux kernel av7110 negative array offset Kees Cook
Re: CVE request: xpdf Josh Bressers
Re: Re: [PATCH] acpi: debugfs: fix buffer overflows, double free Josh Bressers
Re: [PATCH] acpi: debugfs: fix buffer overflows, double free Vasiliy Kulikov
Re: CVE request: MaraDNS DoS via long queries Josh Bressers
CVE request: multiple status.net issues Kees Cook
CVE request: libxml2 heap contents leak Kees Cook
CVE request: linux kernel heap issues Kees Cook
CVE request: multiple gypsy vulnerabilities Kees Cook
Re: Re: [PATCH] acpi: debugfs: fix buffer overflows, double free Eugene Teo
Re: Linux kernel av7110 negative array offset Eugene Teo
Re: CVE request: linux kernel heap issues Kurt Seifried
Re: CVE request: linux kernel heap issues Eugene Teo
Re: CVE request: linux kernel heap issues Eugene Teo
Tuesday, 25 January
syslog-ng wrong file permission vulnerability SZALAY Attila
CVE Request: VLC Subtitle StripTags heap corruption Marc Deslauriers
Re: CVE request: libxml2 heap contents leak Josh Bressers
Re: CVE Request: VLC Subtitle StripTags heap corruption Josh Bressers
Re: CVE request: multiple gypsy vulnerabilities Josh Bressers
Re: CVE request: libxml2 heap contents leak Pierre Joye
Re: CVE request: libxml2 heap contents leak Kees Cook
Re: CVE request: multiple status.net issues Josh Bressers
Batavi 1.0 - XSRF bug fixed Ronald van den Blink
CVE-2010-4238 xen dom0 issue Eugene Teo
Wednesday, 26 January
Re: CVE request: patch directory traversal flaw Vasiliy Kulikov
CVE Request for phpMyAdmin 3.4.x, 3.4.0 beta 2 <= Stored Cross Site Scripting (XSS) Vulnerability YGN Ethical Hacker Group
Thursday, 27 January
CVE Request:Vanilla Forums 2.0.16 <= Cross Site Scripting Vulnerability YGN Ethical Hacker Group
Re: Batavi 1.0 - XSRF bug fixed Josh Bressers
Re: CVE Request for phpMyAdmin 3.4.x, 3.4.0 beta 2 <= Stored Cross Site Scripting (XSS) Vulnerability Josh Bressers
Re: CVE Request:Vanilla Forums 2.0.16 <= Cross Site Scripting Vulnerability Josh Bressers
CVE request: puppet Moritz Mühlenhoff
Re: CVE request: linux kernel heap issues Eugene Teo
Friday, 28 January
request CVE for weborf Salvo Tomaselli
CVE Request -- NDB: CVE-2005-3534 reintroduced in upstream nbd-v2.9.0 version Jan Lieskovsky
Saturday, 29 January
MaraDNS 1.4.06 and 1.3.07.11 released Sam Trenholme
Sunday, 30 January
[HITB-Announce] Reminder: HITB2011AMS - Call for Papers closes on the 18th of Feb Hafez Kamal
Monday, 31 January
Re: MaraDNS 1.4.06 and 1.3.07.11 released Tomas Hoger
Re: CVE assignments for Wireshark Josh Bressers
CVE request: code execution in VLC media player Dan Rosenberg
Re: CVE request: puppet Josh Bressers
Re: request CVE for weborf Josh Bressers
Re: CVE Request -- NDB: CVE-2005-3534 reintroduced in upstream nbd-v2.9.0 version Josh Bressers
Re: CVE request: code execution in VLC media player Josh Bressers
Tuesday, 01 February
CVE Request: Zikula CMS 1.2.4 <= Cross Site Request Forgery (CSRF) Vulnerability YGN Ethical Hacker Group
Re: possible flaw in widely used strtod.c implementation Pierre Joye
CVE request: glibc CVE-2010-3847 fix regression Tomas Hoger
CVE request: Server-side arbitrary script inclusion vulnerability in MediaWiki <=1.16.1 Reed Loden
Re: CVE request: xpdf Michael Gilbert
CVE request: fuse Marc Deslauriers
Wednesday, 02 February
Re: CVE Request for phpMyAdmin 3.4.x, 3.4.0 beta 2 <= Stored Cross Site Scripting (XSS) Vulnerability Steven M. Christey
Thursday, 03 February
Re: CVE Request: Zikula CMS 1.2.4 <= Cross Site Request Forgery (CSRF) Vulnerability Josh Bressers
Re: CVE request: glibc CVE-2010-3847 fix regression Josh Bressers
Re: CVE request: Server-side arbitrary script inclusion vulnerability in MediaWiki <=1.16.1 Josh Bressers
Re: CVE request: fuse Josh Bressers
Re: CVE request: fuse Marc Deslauriers
Friday, 04 February
Wireshark: Freeing uninitialized pointer Huzaifa Sidhpurwala
Re: [vendor-sec] OpenSSH security advisory: legacy certificate signing in 5.6/5.7 Josh Bressers
Saturday, 05 February
Webkit Roundup Michael Gilbert
Webkit Dupes Michael Gilbert
Monday, 07 February
CVE request: phpbb before 3.0.8 Hanno Böck
Tuesday, 08 February
Re: CVE request: xpdf Thomas Biege
Re: CVE request: xpdf Tomas Hoger
Re: CVE request: xpdf Thomas Biege
Re: CVE request: fuse Josh Bressers
Re: CVE request: phpbb before 3.0.8 Josh Bressers
Re: CVE request: phpbb before 3.0.8 Hanno Böck
CVE request: wordpress before 3.0.5 Hanno Böck
CVE request for feh Stefan Behte
Wednesday, 09 February
CVE request: kernel: btrfs heap overflow Dan Rosenberg
Re: CVE request: kernel: btrfs heap overflow Eugene Teo
Re: CVE assignments for Wireshark Josh Bressers
Re: CVE request: kernel: btrfs heap overflow Dan Rosenberg
Django multiple flaws (CVEs inside) Josh Bressers
Re: CVE request: kernel: btrfs heap overflow Eugene Teo
Re: CVE request: kernel: btrfs heap overflow Eugene Teo
[HITB-Announce] HITB Magazine Issue 005 Released Hafez Kamal
Re: CVE request: kernel: btrfs heap overflow Stéphane Gaudreault
Re: CVE request: kernel: btrfs heap overflow Moritz Muehlenhoff
Re: CVE request: kernel: btrfs heap overflow Greg KH
Re: CVE request: wordpress before 3.0.5 Josh Bressers
Re: CVE request for feh Josh Bressers
Thursday, 10 February
Re: CVE request: kernel: btrfs heap overflow Steven M. Christey
Monday, 14 February
PHP Exif 64bit Casting Vulnerability, CVE request Pierre Joye
CVE request: aircrack-ng Marc Deslauriers
Tuesday, 15 February
Re: CVE request: aircrack-ng Nico Golde
Wednesday, 16 February
CVE request - kernel: bridge br_multicast NULL pointer dereference Eugene Teo
Re: PHP Exif 64bit Casting Vulnerability, CVE request Pierre Joye
CVE request - kernel: s390 task_show_regs infoleak Eugene Teo
CVE request - kernel: xfs infoleak Eugene Teo
kernel: ALSA: caiaq - Fix possible string-buffer overflow Eugene Teo
Re: Re: PHP Exif 64bit Casting Vulnerability, CVE request Pierre Joye
Re: Re: PHP Exif 64bit Casting Vulnerability, CVE request Huzaifa Sidhpurwala
Re: CVE request - kernel: bridge br_multicast NULL pointer dereference Josh Bressers
Re: CVE request - kernel: s390 task_show_regs infoleak Josh Bressers
Re: CVE request - kernel: xfs infoleak Josh Bressers
Re: kernel: ALSA: caiaq - Fix possible string-buffer overflow Josh Bressers
Re: kernel: ALSA: caiaq - Fix possible string-buffer overflow Eugene Teo
wireshark dct3trace buffer overflow Huzaifa Sidhpurwala
Re: CVE request - kernel: bridge br_multicast NULL pointer dereference Moritz Muehlenhoff
CVE request -- kernel: deficiency in processing igmp host membership reports in br_multicast Petr Matousek
Re: CVE request -- kernel: deficiency in processing igmp host membership reports in br_multicast Eugene Teo
CVE request - kernel: thp: prevent hugepages during args/env copying into the user stack Eugene Teo
Thursday, 17 February
CVE id request: telepathy-gabble Nico Golde
Re: Webkit Dupes Steven M. Christey
Re: CVE request - kernel: thp: prevent hugepages during args/env copying into the user stack Josh Bressers
Re: CVE id request: telepathy-gabble Josh Bressers
Friday, 18 February
CVE request: avahi daemon remote denial of service by sending NULL UDP Thomas Biege
Re: CVE request: patch directory traversal flaw Vasiliy Kulikov
Re: Webkit Dupes Michael Gilbert
Re: CVE request: avahi daemon remote denial of service by sending NULL UDP Josh Bressers
Re: CVE request: More Evince overflows Raphael Geissert
Monday, 21 February
clamav 0.97 Hanno Böck
CVE request: ruby: FileUtils is vulnerable to symlink race attacks + Exception methods can bypass $SAFE Thomas Biege
CVE requests: freebsd kernel/tesseract/xinha/proftpd Moritz Muehlenhoff
Re: clamav 0.97 Josh Bressers
Re: CVE request: ruby: FileUtils is vulnerable to symlink race attacks + Exception methods can bypass $SAFE Josh Bressers
CVE-2011-0436: dtc sends password of new users to site admin by unencrypted email Raphael Geissert
Re: CVE request: kernel: btrfs heap overflow Eugene Teo
CVE request: kernel: fs/partitions: validate map_count in mac partition tables Eugene Teo
Tuesday, 22 February
CVE request: kernel: a collection of world-writable debugfs bugs Eugene Teo
Re: CVE request: kernel: a collection of world-writable debugfs bugs Josh Bressers
CVE Request -- rt3 -- two issues: 1) Improper management of form data resubmittion upon user log out 2) SQL queries information leak by user account transition Jan Lieskovsky
gdm PostLogin script executes scripts as user gdm Thomas Biege
CVE Request: Vanilla Forums 2.0.17.1 ~ 2.0.17.5 <= Cross Site Scripting Vulnerability YGN Ethical Hacker Group
Re: CVE request: avahi daemon remote denial of service by sending NULL UDP Steven M. Christey
Re: CVE request: kernel: fs/partitions: validate map_count in mac partition tables Josh Bressers
Re: CVE request: kernel: fs/partitions: validate map_count in mac partition tables Greg KH
Re: CVE Request -- rt3 -- two issues: 1) Improper management of form data resubmittion upon user log out 2) SQL queries information leak by user account transition Josh Bressers
Re: gdm PostLogin script executes scripts as user gdm Josh Bressers
Re: CVE Request: Vanilla Forums 2.0.17.1 ~ 2.0.17.5 <= Cross Site Scripting Vulnerability Josh Bressers
Re: CVE request: kernel: fs/partitions: validate map_count in mac partition tables Josh Bressers
Re: CVE Request -- rt3 -- two issues: 1) Improper management of form data resubmittion upon user log out 2) SQL queries information leak by user account transition Thomas Sibley
CVE request: simple machines forum before 1.1.13 Hanno Böck
CVE Request Kurt Seifried
Re: CVE Request Eugene Teo
Re: CVE request: kernel: a collection of world-writable debugfs bugs Eugene Teo
CVE request: kernel: Corrupted LDM partition table issues Eugene Teo
Physical access vulnerabilities and auto-mounting Dan Rosenberg
Re: Physical access vulnerabilities and auto-mounting Eugene Teo
Re: Physical access vulnerabilities and auto-mounting Eugene Teo
Re: Physical access vulnerabilities and auto-mounting Nelson Elhage
Re: Physical access vulnerabilities and auto-mounting Solar Designer
Re: Physical access vulnerabilities and auto-mounting Sebastian Krahmer
Re: Physical access vulnerabilities and auto-mounting Michael Tokarev
Wednesday, 23 February
Re: gdm PostLogin script executes scripts as user gdm Thomas Biege
Re: Physical access vulnerabilities and auto-mounting Hanno Böck
Re: CVE request: kernel: a collection of world-writable debugfs bugs Vasiliy Kulikov
Re: Physical access vulnerabilities and auto-mounting Steve Grubb
CVE request: kernel: fs/partitions: Kernel heap overflow via corrupted LDM partition tables Timo Warns
Re: Physical access vulnerabilities and auto-mounting Timo Warns
CVE request: pmwiki before 2.2.21 Hanno Böck
Re: Physical access vulnerabilities and auto-mounting Vincent Danen
Re: CVE request: simple machines forum before 1.1.13 Josh Bressers
Re: CVE request: kernel: Corrupted LDM partition table issues Josh Bressers
Re: Re: CVE Request -- rt3 -- two issues: 1) Improper management of form data resubmittion upon user log out 2) SQL queries information leak by user account transition Josh Bressers
Re: CVE request: pmwiki before 2.2.21 Josh Bressers
Re: CVE request: kernel: fs/partitions: Kernel heap overflow via corrupted LDM partition tables Josh Bressers
Re: Physical access vulnerabilities and auto-mounting Steven M. Christey
Re: CVE requests: freebsd kernel/tesseract/xinha/proftpd Josh Bressers
CVE request: Information disclosure in CGIHTTPServer from Python Moritz Muehlenhoff
Re: CVE request: kernel: a collection of world-writable debugfs bugs Josh Bressers
Pattern lock bypass on SE X10 with Android 1.6 Tim Brown
Re: CVE request: kernel: fs/partitions: Kernel heap overflow via corrupted LDM partition tables Eugene Teo
CVE request: kernel: drm/radeon/kms: check AA resolve registers on r300 Eugene Teo
Re: CVE request: kernel: fs/partitions: Kernel heap overflow via corrupted LDM partition tables Jon Oberheide
Thursday, 24 February
Re: Pattern lock bypass on SE X10 with Android 1.6 Josh Bressers
XSSer v1.5 -beta- aka "Swarm Edition!" released. psy
Re: Re: CVE Request -- rt3 -- two issues: 1) Improper management of form data resubmittion upon user log out 2) SQL queries information leak by user account transition Vincent Danen
Re: Re: CVE Request -- rt3 -- two issues: 1) Improper management of form data resubmittion upon user log out 2) SQL queries information leak by user account transition Ralf Corsepius
Re: Re: CVE Request -- rt3 -- two issues: 1) Improper management of form data resubmittion upon user log out 2) SQL queries information leak by user account transition Vincent Danen
Re: CVE request: Information disclosure in CGIHTTPServer from Python Josh Bressers
Re: CVE request: kernel: drm/radeon/kms: check AA resolve registers on r300 Josh Bressers
CVE Request -- OpenLDAP -- two issues Jan Lieskovsky
CVE Request -- logwatch: Privilege escalation due improper sanitization of special characters in log file names Jan Lieskovsky
Re: CVE request: kernel: fs/partitions: Kernel heap overflow via corrupted LDM partition tables Josh Bressers
Re: CVE Request -- logwatch: Privilege escalation due improper sanitization of special characters in log file names Josh Bressers
CVE Request -- Smarty -- {smarty.template} && {smarty.currentdir} security bypass Jan Lieskovsky
CVE request: kernel: CAP_SYS_MODULE bypass via CAP_NET_ADMIN Kees Cook
CVE request: kernel: /proc/$pid/ leaks contents across setuid exec Kees Cook
Re: CVE request: kernel: CAP_SYS_MODULE bypass via CAP_NET_ADMIN Eugene Teo
Re: CVE request: kernel: /proc/$pid/ leaks contents across setuid exec Eugene Teo
CVE request: kernel: /sys/kernel/debug/acpi/custom_method can bypass module restrictions Kees Cook
Re: CVE request: kernel: drm/radeon/kms: check AA resolve registers on r300 Eugene Teo
Re: CVE request: kernel: /sys/kernel/debug/acpi/custom_method can bypass module restrictions Eugene Teo
CVE request: libcgroup: Failure to verify netlink messages Nelson Elhage
CVE Request: PHPShop 0.8.1 <= | Cross Site Scripting Vulnerability YGN Ethical Hacker Group
Re: CVE Request for phpMyAdmin 3.4.x, 3.4.0 beta 2 <= Stored Cross Site Scripting (XSS) Vulnerability YGN Ethical Hacker Group
Re: CVE request: libcgroup: Failure to verify netlink messages Eugene Teo
Friday, 25 February
Re: CVE request: kernel: /sys/kernel/debug/acpi/custom_method can bypass module restrictions Vasiliy Kulikov
Re: CVE request: libcgroup: Failure to verify netlink messages Steve Grubb
Re: CVE request: libcgroup: Failure to verify netlink messages Nelson Elhage
Re: CVE Request -- OpenLDAP -- two issues Josh Bressers
Re: CVE request: libcgroup: Failure to verify netlink messages Steve Grubb
CVE request: v86d: Failure to validate netlink message sender Nelson Elhage
Re: CVE request: kernel: /sys/kernel/debug/acpi/custom_method can bypass module restrictions Kees Cook
Saturday, 26 February
cve request: eglibc memory corruption Michael Gilbert
Monday, 28 February
Re: CVE Request -- OpenLDAP -- two issues Thomas Biege
Re: CVE Request -- OpenLDAP -- two issues Vincent Danen
CVE Request: PEAR Installer 1.9.1 <= - Symlink Attack Helgi Þormar Þorbjörnsson
CVE request: kernel: two bluetooth and one ebtables infoleaks/DoSes Vasiliy Kulikov
Re: CVE Request: PEAR Installer 1.9.1 <= - Symlink Attack Dan Rosenberg
CVE request: FreeBSD/OS X crontab information leakage Dan Rosenberg
CVE request: kernel: OOM-killer via argv expansion Kees Cook
Re: CVE Request -- Smarty -- {smarty.template} && {smarty.currentdir} security bypass Josh Bressers
Re: CVE Request: PHPShop 0.8.1 <= | Cross Site Scripting Vulnerability Josh Bressers
Re: CVE request: v86d: Failure to validate netlink message sender Josh Bressers
Re: cve request: eglibc memory corruption Josh Bressers
Re: CVE Request: PEAR Installer 1.9.1 <= - Symlink Attack Josh Bressers
Re: CVE request: kernel: OOM-killer via argv expansion Kees Cook
Re: CVE request: FreeBSD/OS X crontab information leakage Josh Bressers
Re: cve request: eglibc memory corruption Michael Gilbert
Re: CVE request: kernel: OOM-killer via argv expansion Kees Cook
Re: CVE request: kernel: OOM-killer via argv expansion Nelson Elhage
Re: CVE request: kernel: OOM-killer via argv expansion Eugene Teo
Tuesday, 01 March
Re: CVE request - kernel: xfs infoleak Eugene Teo
Re: CVE Request: PEAR Installer 1.9.1 <= - Symlink Attack Pierre Joye
Re: CVE Request: PEAR Installer 1.9.1 <= - Symlink Attack Helgi Þormar Þorbjörnsson
CVE request: Atlassian JIRA Parameter-Based Redirection Vulnerability henri
Re: CVE Request: PEAR Installer 1.9.1 <= - Symlink Attack Dan Rosenberg
Re: CVE Request: PEAR Installer 1.9.1 <= - Symlink Attack Pierre Joye
Re: CVE Request: PEAR Installer 1.9.1 <= - Symlink Attack Helgi Þormar Þorbjörnsson
Re: CVE request: kernel: two bluetooth and one ebtables infoleaks/DoSes Petr Matousek
Re: CVE Request -- OpenLDAP -- two issues Ralf Haferkamp
cve request for smoothwall & openfiler dave b
Re: CVE Request -- OpenLDAP -- two issues Vincent Danen
Re: CVE request: Atlassian JIRA Parameter-Based Redirection Vulnerability Josh Bressers
Re: CVE Request -- OpenLDAP -- two issues Josh Bressers
CVE request: kernel: Multiple DoS issues in epoll Nelson Elhage
Wednesday, 02 March
Re: CVE request: kernel: Multiple DoS issues in epoll Petr Matousek
CVE request: VLC bookmark buffer overflow henri
Re: CVE request: simple machines forum before 1.1.13 Steven M. Christey
Re: CVE requests: freebsd kernel/tesseract/xinha/proftpd Steven M. Christey
CVE request: gri < 2.12.18 insecure temp file generation henri
Thursday, 03 March
CVE-2011-1023 kernel: rds: prevent BUG_ON triggering on congestion map updates Eugene Teo
Vendor-sec hosting and future of closed lists Marcus Meissner
Re: Vendor-sec hosting and future of closed lists Mark J Cox
Re: CVE Request: PEAR Installer 1.9.1 <= - Symlink Attack Vincent Danen
Re: Vendor-sec hosting and future of closed lists Josh Bressers
Re: cve request for smoothwall & openfiler Josh Bressers
Re: CVE request: VLC bookmark buffer overflow Josh Bressers
Re: CVE request: VLC bookmark buffer overflow Josh Bressers
Re: CVE request: gri < 2.12.18 insecure temp file generation Josh Bressers
Re: Vendor-sec hosting and future of closed lists Kees Cook
Re: Vendor-sec hosting and future of closed lists Kees Cook
Re: Vendor-sec hosting and future of closed lists Steven M. Christey
Re: Vendor-sec hosting and future of closed lists Greg KH
Re: Vendor-sec hosting and future of closed lists Solar Designer
Re: Vendor-sec hosting and future of closed lists Kees Cook
Re: Vendor-sec hosting and future of closed lists Greg KH
Re: Vendor-sec hosting and future of closed lists Dan Rosenberg
Re: Vendor-sec hosting and future of closed lists Greg KH
Re: Vendor-sec hosting and future of closed lists Marcus Meissner
Re: Vendor-sec hosting and future of closed lists Dan Rosenberg
Re: Vendor-sec hosting and future of closed lists Greg KH
Re: Vendor-sec hosting and future of closed lists Michael Gilbert
Re: Vendor-sec hosting and future of closed lists Dan Rosenberg
Re: Vendor-sec hosting and future of closed lists Greg KH
Re: Vendor-sec hosting and future of closed lists Greg KH
Suid mount helpers fail to anticipate RLIMIT_FSIZE Dan Rosenberg
Re: Suid mount helpers fail to anticipate RLIMIT_FSIZE Dmitry V. Levin
Re: Suid mount helpers fail to anticipate RLIMIT_FSIZE Dan Rosenberg
Re: Suid mount helpers fail to anticipate RLIMIT_FSIZE Ludwig Nussel
CVE-2011-1076 kernel: DNS: Fix a NULL pointer deref when trying to read an error key Eugene Teo
Friday, 04 March
Re: Vendor-sec hosting and future of closed lists Mark J Cox
Re: Vendor-sec hosting and future of closed lists David Hicks
CVE Request -- logrotate -- nine issues Jan Lieskovsky
Re: CVE Request -- logrotate -- nine issues Solar Designer
Re: CVE Request -- logrotate -- nine issues Florian Zumbiehl
Re: CVE Request -- logrotate -- nine issues Jan Lieskovsky
Re: Vendor-sec hosting and future of closed lists Nelson Elhage
Re: Re: CVE request: More Evince overflows Tomas Hoger
Re: CVE Request -- logrotate -- nine issues Solar Designer
Re: Vendor-sec hosting and future of closed lists Steven M. Christey
Re: CVE Request -- logrotate -- nine issues Solar Designer
Re: CVE Request -- logrotate -- nine issues Steven M. Christey
Re: CVE Request -- logrotate -- nine issues Steven M. Christey
Re: CVE Request -- logrotate -- nine issues Solar Designer
Re: CVE Request -- logrotate -- nine issues Solar Designer
Re: CVE Request -- logrotate -- nine issues Steven M. Christey
Re: CVE Request -- logrotate -- nine issues Florian Zumbiehl
Re: CVE Request -- logrotate -- nine issues Dan Rosenberg
Re: CVE Request -- logrotate -- nine issues Jan Lieskovsky
Re: CVE Request -- logrotate -- nine issues Pavel Labushev
Saturday, 05 March
kernel: modules_disabled policy Vasiliy Kulikov
Re: kernel: modules_disabled policy Kees Cook
Re: Suid mount helpers fail to anticipate RLIMIT_FSIZE Dan Rosenberg
Re: CVE Request -- logrotate -- nine issues Solar Designer
Re: Vendor-sec hosting and future of closed lists S.P.Zeidler
Re: CVE Request -- logrotate -- nine issues Solar Designer
Re: Suid mount helpers fail to anticipate RLIMIT_FSIZE Kees Cook
Re: CVE Request -- logrotate -- nine issues Solar Designer
Re: Vendor-sec hosting and future of closed lists Greg KH
Sunday, 06 March
Re: Vendor-sec hosting and future of closed lists Matthieu Herrb
Re: Vendor-sec hosting and future of closed lists S.P.Zeidler
Re: CVE Request -- logrotate -- nine issues Pavel Labushev
Re: CVE Request -- logrotate -- nine issues Florian Zumbiehl
Re: CVE Request -- logrotate -- nine issues Solar Designer
Re: CVE Request -- logrotate -- nine issues Pavel Labushev
Re: kernel: modules_disabled policy Steve Grubb
Re: Vendor-sec hosting and future of closed lists Eugene Teo
CVE request - kernel: nfs4: Ensure that ACL pages sent over NFS were not allocated from the slab Eugene Teo
Monday, 07 March
cgit convert_query_hexchar infinite loop (CVE-2011-1027) Tomas Hoger
Re: Vendor-sec hosting and future of closed lists Andrea Barisani
Re: CVE Request -- logrotate -- nine issues Jan Kaluža
Re: CVE Request -- logrotate -- nine issues Paul Martin
Re: CVE Request -- logrotate -- nine issues Steve Grubb
Re: Vendor-sec hosting and future of closed lists Willy Tarreau
Re: Suid mount helpers fail to anticipate RLIMIT_FSIZE Josh Bressers
Re: CVE Request -- logrotate -- nine issues Josh Bressers
Re: CVE Request -- logrotate -- nine issues Josh Bressers
Re: CVE request - kernel: nfs4: Ensure that ACL pages sent over NFS were not allocated from the slab Josh Bressers
ldd can execute an app unexpectedly Steve Grubb
Re: ldd can execute an app unexpectedly Dmitry V. Levin
Re: ldd can execute an app unexpectedly Steve Grubb
Re: ldd can execute an app unexpectedly Tim Brown
CVE request: kernel: dccp: fix oops on Reset after close Eugene Teo
Re: CVE Request -- logrotate -- nine issues Ludwig Nussel
Tuesday, 08 March
Buffer overflows in fsck may become security issues Ludwig Nussel
Re: ldd can execute an app unexpectedly Tomas Hoger
glibc locale escaping issue Tomas Hoger
CVE request, php's shm Pierre Joye
Re: ldd can execute an app unexpectedly Steve Grubb
Re: CVE request, php's shm Josh Bressers
Re: CVE request, php's shm Tomas Hoger
KDE SSL name check issue Tomas Hoger
Re: Vendor-sec hosting and future of closed lists Josh Bressers
Vendor-sec hosting and future of closed lists R P Herrold
Re: Vendor-sec hosting and future of closed lists akuster
CVE-2011-0714 kernel: deficiency in handling of invalid data packets in lockd Petr Matousek
Re: Vendor-sec hosting and future of closed lists Andrea Barisani
Re: CVE request: kernel: dccp: fix oops on Reset after close Josh Bressers
Re: KDE SSL name check issue Josh Bressers
Re: glibc locale escaping issue Josh Bressers
Re: glibc locale escaping issue Steven M. Christey
Re: CVE Request: PEAR Installer 1.9.1 <= - Symlink Attack Helgi Þormar Þorbjörnsson
Re: CVE-2011-0714 kernel: deficiency in handling of invalid data packets in lockd Eugene Teo
Wednesday, 09 March
CVE request: buffer overflow in unixODBC's SQLDriverConnect() Felipe Pena
CVE request: libvirt: several API calls do not honour read-only connection Petr Matousek
nss-pam-ldapd security advisory (CVE-2011-0438) Arthur de Jong
Thursday, 10 March
Re: CVE Request -- logrotate -- nine issues Josh Bressers
Re: CVE Request -- logrotate -- nine issues Florian Zumbiehl
Re: CVE request: buffer overflow in unixODBC's SQLDriverConnect() Josh Bressers
Re: CVE request: libvirt: several API calls do not honour read-only connection Josh Bressers
Re: CVE Request -- logrotate -- nine issues Solar Designer
Re: CVE Request -- logrotate -- nine issues Florian Zumbiehl
CVE-2011-0695 kernel: panic in ib_cm:cm_work_handler Eugene Teo
Friday, 11 March
CVE Request -- Asterisk AST-2011-002 / Multiple array overflow and crash vulnerabilities in UDPTL code Jan Lieskovsky
Re: CVE Request -- logrotate -- nine issues Solar Designer
Re: CVE request: kernel: CAP_SYS_MODULE bypass via CAP_NET_ADMIN Vasiliy Kulikov
Re: CVE Request -- logrotate -- nine issues Ludwig Nussel
Re: CVE Request -- Asterisk AST-2011-002 / Multiple array overflow and crash vulnerabilities in UDPTL code Josh Bressers
Re: CVE Request: PEAR Installer 1.9.1 <= - Symlink Attack Vincent Danen
Re: CVE Request -- Asterisk AST-2011-002 / Multiple array overflow and crash vulnerabilities in UDPTL code Matthew Nicholson
Saturday, 12 March
announcing libwipe Andrew Clausen
Untrusted fs and invalid filenames Vasiliy Kulikov
Sunday, 13 March
CVE Request: bbPress 1.0.2 <= Cross Site Scripting Vulnerability YGN Ethical Hacker Group
CVE request: PHP substr_replace() use-after-free Felipe Pena
Re: CVE request: PHP substr_replace() use-after-free Eugene Teo
Please REJECT CVE-2008-2956 Michael Gilbert
Re: announcing libwipe Kees Cook
Re: CVE request: PHP substr_replace() use-after-free Oden Eriksson
CVE Request: Joomla! 1.6.0 | SQL Injection Vulnerability YGN Ethical Hacker Group
CVE Request: Joomla! 1.6.0 | Cross Site Scripting (XSS) Vulnerability YGN Ethical Hacker Group
Re: CVE request: PHP substr_replace() use-after-free Felipe Pena
Re: Untrusted fs and invalid filenames Steve Grubb
Re: Untrusted fs and invalid filenames Eitan Adler
Re: announcing libwipe Pierre Joye
Re: Please REJECT CVE-2008-2956 Eugene Teo
Monday, 14 March
CVE requests - kernel: tpm infoleaks Eugene Teo
Re: announcing libwipe Andrew Clausen
Re: announcing libwipe Andrew Clausen
Re: Suid mount helpers fail to anticipate RLIMIT_FSIZE Ludwig Nussel
Re: Untrusted fs and invalid filenames Stephan Mueller
Re: Suid mount helpers fail to anticipate RLIMIT_FSIZE Dan Rosenberg
Re: Untrusted fs and invalid filenames Dan Rosenberg
Re: Untrusted fs and invalid filenames Stephan Mueller
Re: Untrusted fs and invalid filenames Ludwig Nussel
Re: Untrusted fs and invalid filenames Steve Grubb
Re: Untrusted fs and invalid filenames Steve Grubb
CVE request: format-string vulnerability in PHP Phar extension Felipe Pena
Re: CVE request: format-string vulnerability in PHP Phar extension Felipe Pena
CVE Request / Discussion -- vino -- reports the desktop being reachable only over the local network, when reachable from everywhere Jan Lieskovsky
Re: Suid mount helpers fail to anticipate RLIMIT_FSIZE Dan Rosenberg
Re: Untrusted fs and invalid filenames Vasiliy Kulikov
CVE request for python-feedparser Vincent Danen
Re: CVE Request / Discussion -- vino -- reports the desktop being reachable only over the local network, when reachable from everywhere David King
Re: CVE Request: bbPress 1.0.2 <= Cross Site Scripting Vulnerability Josh Bressers
Re: CVE Request: Joomla! 1.6.0 | SQL Injection Vulnerability Josh Bressers
Re: CVE Request: Joomla! 1.6.0 | Cross Site Scripting (XSS) Vulnerability Josh Bressers
Re: CVE requests - kernel: tpm infoleaks Josh Bressers
Re: CVE request: format-string vulnerability in PHP Phar extension Josh Bressers
Re: CVE Request / Discussion -- vino -- reports the desktop being reachable only over the local network, when reachable from everywhere Josh Bressers
Re: CVE Request -- logrotate -- nine issues Josh Bressers
Re: CVE Request / Discussion -- vino -- reports the desktop being reachable only over the local network, when reachable from everywhere David Woodhouse
Re: CVE Request / Discussion -- vino -- reports the desktop being reachable only over the local network, when reachable from everywhere Steven M. Christey
Re: CVE requests - kernel: tpm infoleaks Eugene Teo
Re: Vendor-sec hosting and future of closed lists Mike O'Connor
Re: Vendor-sec hosting and future of closed lists Mike O'Connor
Tuesday, 15 March
Re: Vendor-sec hosting and future of closed lists Eugene Teo
gksu-polkit Sebastian Krahmer
Re: Suid mount helpers fail to anticipate RLIMIT_FSIZE Dan Rosenberg
Re: 2 acpid flaws Ludwig Nussel
Re: gksu-polkit Josh Bressers
CVE Request: kernel: fs/partitions: Corrupted OSF partition table can cause information disclosure Timo Warns
Re: Vendor-sec hosting and future of closed lists Mike O'Connor
Re: CVE request for python-feedparser Josh Bressers
Re: 2 acpid flaws Josh Bressers
Re: CVE requests - kernel: tpm infoleaks Josh Bressers
Re: CVE Request: kernel: fs/partitions: Corrupted OSF partition table can cause information disclosure Josh Bressers
Re: Vendor-sec hosting and future of closed lists Art Manion
Re: CVE Request / Discussion -- vino -- reports the desktop being reachable only over the local network, when reachable from everywhere Josh Bressers
RE: Vendor-sec hosting and future of closed lists Menkhus, Mark (GSE Security HP SSRT)
Re: Vendor-sec hosting and future of closed lists Eugene Teo
Wednesday, 16 March
RE: Vendor-sec hosting and future of closed lists Mark J Cox
Re: CVE Request / Discussion -- vino -- reports the desktop being reachable only over the local network, when reachable from everywhere Ludwig Nussel
Re: Vendor-sec hosting and future of closed lists Andrea Barisani
Re: CVE request for python-feedparser Jonathan Wiltshire
Re: CVE Request / Discussion -- vino -- reports the desktop being reachable only over the local network, when reachable from everywhere Josh Bressers
Re: CVE Request / Discussion -- vino -- reports the desktop being reachable only over the local network, when reachable from everywhere David King
Re: CVE Request / Discussion -- vino -- reports the desktop being reachable only over the local network, when reachable from everywhere David Woodhouse
Re: CVE Request / Discussion -- vino -- reports the desktop being reachable only over the local network, when reachable from everywhere David Woodhouse
Re: CVE Request / Discussion -- vino -- reports the desktop being reachable only over the local network, when reachable from everywhere David Woodhouse
RE: Vendor-sec hosting and future of closed lists Menkhus, Mark (GSE Security HP SSRT)
Re: Vendor-sec hosting and future of closed lists Eugene Teo
Re: Vendor-sec hosting and future of closed lists Mike O'Connor
Thursday, 17 March
CVE Request: xen DoS Ludwig Nussel
Re: CVE Request: xen DoS Eugene Teo
CVE request for Asterisk flaws Vincent Danen
The risks of cleaning /tmp Dan Rosenberg
Re: The risks of cleaning /tmp Nelson Elhage
Friday, 18 March
CVE request: kernel: AudioScience HPI driver Dan Rosenberg
Re: CVE request: kernel: AudioScience HPI driver Eugene Teo
Re: CVE Request: Joomla! 1.6.0 | Cross Site Scripting (XSS) Vulnerability YGN Ethical Hacker Group
CVE Request: Joomla! 1.5.21 <= SQL Injection Vulnerability YGN Ethical Hacker Group
CVE Request: Joomla! 1.5.20 <= Cross Site Scripting (XSS) Vulnerability YGN Ethical Hacker Group
CVE Request: MyBB 1.6 <= SQL Injection YGN Ethical Hacker Group
CVE Request: MyBB 1.6 <= Cross Site Scripting Vulnerability YGN Ethical Hacker Group
CVE Request: Geeklog 1.7.1 <= Cross Site Scripting Vulnerability YGN Ethical Hacker Group
CVE Request: TinyBrowser (TinyMCE Editor File browser) 1.41.6 - Multiple Vulnerabilities YGN Ethical Hacker Group
CVE Request: 2Wire Broadband Router Session Hijacking Vulnerability YGN Ethical Hacker Group
CVE Request: PHP Support Ticket 2.2 <= Multiple Vulnerabilities YGN Ethical Hacker Group
CVE Request: HP System Management Homepage(SMH) | Open URL Redirection YGN Ethical Hacker Group
CVE Request: XOOPS 2.5.0 <= Cross Site Scripting Vulnerability YGN Ethical Hacker Group
Re: CVE request: PHP substr_replace() use-after-free Vincent Danen
CVE request: kernel: netfilter & econet infoleaks Vasiliy Kulikov
Re: MaraDNS 1.4.06 and 1.3.07.11 released Vincent Danen
Re: MaraDNS 1.4.06 and 1.3.07.11 released Raphael Geissert
Re: MaraDNS 1.4.06 and 1.3.07.11 released Vincent Danen
Re: CVE Request: HP System Management Homepage(SMH) | Open URL Redirection Mike O'Connor
Saturday, 19 March
RE: CVE Request: HP System Management Homepage(SMH) | Open URL Redirection Menkhus, Mark (GSE Security HP SSRT)
Sunday, 20 March
CVE request: MPM-ITK module for Apache HTTPD Stefan Fritsch
Re: CVE request: kernel: a collection of world-writable debugfs bugs Vasiliy Kulikov
CVE request: kernel: heap corruption in IrDA Dan Rosenberg
CVE request: kernel: multiple issues in ROSE Dan Rosenberg
Re: CVE request: kernel: a collection of world-writable debugfs bugs Dan Rosenberg
Re: CVE request: kernel: netfilter & econet infoleaks Eugene Teo
Re: CVE request: kernel: multiple issues in ROSE Eugene Teo
Re: CVE request: kernel: heap corruption in IrDA Eugene Teo
Monday, 21 March
Re: CVE request: kernel: netfilter & econet infoleaks Eugene Teo
Re: CVE request: kernel: a collection of world-writable debugfs bugs Vasiliy Kulikov
CVE Request (minor) -- Pidgin / libpurple -- Cipher API information disclosure Jan Lieskovsky
Re: CVE UnRequest (minor) -- Pidgin / libpurple -- Cipher API information disclosure Jan Lieskovsky
Local memory disclosure (was: libpurple CVE UnRequest) Steven M. Christey
Re: CVE request: kernel: a collection ofworld-writable debugfs bugs dan . j . rosenberg
Re: Local memory disclosure (was: libpurple CVE UnRequest) Steve Grubb
Re: Re: CVE request for python-feedparser Josh Bressers
Re: CVE request for Asterisk flaws Josh Bressers
Re: CVE request: MPM-ITK module for Apache HTTPD Josh Bressers
Re: CVE request: MPM-ITK module for Apache HTTPD Steinar H. Gunderson
Security advisory: local DOS attack affecting non updated PaX patched kernels. klondike
Re: CVE request: kernel: heap corruption in IrDA Dan Rosenberg
Possible security fixes in 5.05? Raphael Geissert
Tuesday, 22 March
Re: CVE request: kernel: heap corruption in IrDA Eugene Teo
CVE requests - kernel: irda/decnet issues Eugene Teo
Re: Suid mount helpers fail to anticipate RLIMIT_FSIZE Tomas Hoger
Re: CVE requests - kernel: irda/decnet issues Dan Rosenberg
Re: Suid mount helpers fail to anticipate RLIMIT_FSIZE Dan Rosenberg
CVE Request: libpng memory leak Ludwig Nussel
Re: Security advisory: local DOS attack affecting non updated PaX patched kernels. Steven M. Christey
Re: Security advisory: local DOS attack affecting non updated PaX patched kernels. klondike
Re: Security advisory: local DOS attack affecting non updated PaX patched kernels. klondike
Re: CVE requests - kernel: irda/decnet issues Josh Bressers
Re: CVE requests - kernel: irda/decnet issues Dan Rosenberg
Linux kernel signal spoofing vulnerability (CVE request) Julien Tinnes
Re: Linux kernel proactive security hardening Solar Designer
Re: Linux kernel signal spoofing vulnerability (CVE request) Eugene Teo
oss-security is on twitter Eugene Teo
Wednesday, 23 March
CVE Request: perl: regex causes assertion fail Ludwig Nussel
CVE Request -- Asterisk Security Vulnerability Matthew Nicholson
Re: CVE Request -- Asterisk Security Vulnerability Steven M. Christey
CVE Request: PHP-Nuke 8.x <= "chng_uid" Blind SQL Injection Vulnerability YGN Ethical Hacker Group
CVE Request: PHP-Nuke 8.x <= Cross Site Scripting Vulnerability YGN Ethical Hacker Group
CVE Request: PHP-Nuke 8.x <= Cross Site Request Forgery (CSRF) / Anti-CSRF Bypass Vulnerability YGN Ethical Hacker Group
CVE request: kernel: two OSS fixes Dan Rosenberg
Re: CVE Request -- logrotate -- nine issues Ludwig Nussel
RE: oss-security is on twitter Menkhus, Mark (GSE Security HP SSRT)
Re: oss-security is on twitter Eugene Teo
Thursday, 24 March
CVE request: roundcube < 0.5.1 CSRF Hanno Böck
Re: CVE request: roundcube < 0.5.1 CSRF Jan Lieskovsky
CVE Request -- Python (urllib, urllib2): Improper management of ftp:// and file:// URL schemes Jan Lieskovsky
Re: CVE request: VLC bookmark buffer overflow Henri Salo
CVE-2011-0728: Loggerhead 1.18.1 security release William Grant
Re: CVE request: kernel: two OSS fixes Eugene Teo
Friday, 25 March
CVE Request -- php-doctrine-Doctrine -- SQL injection flaw Jan Lieskovsky
CVE Request -- Nagios -- XSS in the network status map CGI script Jan Lieskovsky
Sunday, 27 March
CVE-2011-1478 kernel: gro: reset dev and skb_iff on skb reuse Eugene Teo
Monday, 28 March
Re: CVE Request -- Python (urllib, urllib2): Improper management of ftp:// and file:// URL schemes Steven M. Christey
Re: CVE Request -- php-doctrine-Doctrine -- SQL injection flaw Steven M. Christey
Re: CVE Request -- Nagios -- XSS in the network status map CGI script Steven M. Christey
Re: CVE Request: perl: regex causes assertion fail Steven M. Christey
Re: CVE Request: libpng memory leak Steven M. Christey
Re: CVE request: VLC bookmark buffer overflow Steven M. Christey
Tuesday, 29 March
CVE requests : Liferay 6.0.6 Nicolas Grégoire
CVE request: cmsmadesimple before 1.9.1 Hanno Böck
CVE Request: rsyslogd memory leaks Ludwig Nussel
Re: Linux kernel signal spoofing vulnerability (CVE request) Julien Tinnes
Wednesday, 30 March
tiff CVE-2011-0192 patch broken Ludwig Nussel
CVE Request -- Erlang/OTP R14, Erlang/OTP R14B01, Erlang/OTP R14B02 -- multiple security fixes Jan Lieskovsky
Re: CVE Request -- Erlang/OTP R14, Erlang/OTP R14B01, Erlang/OTP R14B02 -- multiple security fixes Steven M. Christey
Re: CVE request: kernel: multiple issues in ROSE Dan Rosenberg
Re: CVE Request -- Erlang/OTP R14, Erlang/OTP R14B01, Erlang/OTP R14B02 -- multiple security fixes pan
Re: CVE Request: PHP-Nuke 8.x <= "chng_uid" Blind SQL Injection Vulnerability Josh Bressers
Re: CVE Request: PHP-Nuke 8.x <= Cross Site Scripting Vulnerability Josh Bressers
Re: CVE Request: PHP-Nuke 8.x <= Cross Site Request Forgery (CSRF) / Anti-CSRF Bypass Vulnerability Josh Bressers
Re: CVE request: cmsmadesimple before 1.9.1 Josh Bressers
Thursday, 31 March
Re: CVE Request -- Erlang/OTP R14, Erlang/OTP R14B01, Erlang/OTP R14B02 -- multiple security fixes Raimo Niskanen
Re: CVE Request -- Erlang/OTP R14, Erlang/OTP R14B01, Erlang/OTP R14B02 -- multiple security fixes Sverker Eriksson
Re: Suid mount helpers fail to anticipate RLIMIT_FSIZE Dan Rosenberg
Re: Suid mount helpers fail to anticipate RLIMIT_FSIZE Patrick J. Volkerding
Re: CVE Request -- Erlang/OTP R14, Erlang/OTP R14B01, Erlang/OTP R14B02 -- multiple security fixes Rickard Green