oss-sec: by thread
618 messages
starting Oct 01 15 and
ending Dec 31 15
Date index |
Thread index |
Author index
- Re: Apache James Server 2.3.2 security vulnerability fixed VU#988628 cve-assign (Oct 01)
- CVE request: Heap overflow and DoS with a tga file in gdk-pixbuf < 2.32.1 Gustavo Grieco (Oct 01)
- Re: CVE request: Heap overflow and DoS with a tga file in gdk-pixbuf < 2.32.1 Kurt Seifried (Oct 01)
- Re: CVE request: Heap overflow and DoS with a tga file in gdk-pixbuf < 2.32.1 Gustavo Grieco (Oct 01)
- Re: CVE request: Heap overflow and DoS with a tga file in gdk-pixbuf < 2.32.1 Andreas Stieger (Oct 05)
- Re: CVE request: Heap overflow and DoS with a tga file in gdk-pixbuf < 2.32.1 Gustavo Grieco (Oct 05)
- Re: CVE request: Heap overflow and DoS with a tga file in gdk-pixbuf < 2.32.1 Gustavo Grieco (Oct 01)
- Re: CVE request: Heap overflow and DoS with a tga file in gdk-pixbuf < 2.32.1 cve-assign (Oct 02)
- Re: CVE request: Heap overflow and DoS with a tga file in gdk-pixbuf < 2.32.1 Kurt Seifried (Oct 01)
- CVE request: Heap overflow with a gif file in gdk-pixbuf < 2.32.1 Gustavo Grieco (Oct 01)
- Re: CVE request: Heap overflow with a gif file in gdk-pixbuf < 2.32.1 Gustavo Grieco (Oct 01)
- Re: Re: CVE request: Heap overflow with a gif file in gdk-pixbuf < 2.32.1 Yann Droneaud (Oct 05)
- Re: CVE request: Heap overflow with a gif file in gdk-pixbuf < 2.32.1 cve-assign (Oct 02)
- Re: CVE request: Heap overflow with a gif file in gdk-pixbuf < 2.32.1 Andreas Stieger (Oct 05)
- Re: CVE request: Heap overflow with a gif file in gdk-pixbuf < 2.32.1 Gustavo Grieco (Oct 05)
- Re: CVE request: Heap overflow with a gif file in gdk-pixbuf < 2.32.1 Gustavo Grieco (Oct 01)
- CVE Request: Unauthorized access to IPC objects with SysV shm Julien Tinnes (Oct 01)
- Re: CVE Request: Unauthorized access to IPC objects with SysV shm cve-assign (Oct 01)
- Re: CVE request for wget cve-assign (Oct 01)
- Re: Re: CVE request for wget Seth Arnold (Oct 01)
- Re: Re: CVE request for wget Austin English (Oct 26)
- Re: Re: CVE request for wget Austin English (Nov 02)
- Re: Re: CVE request for wget Austin English (Nov 03)
- Re: Re: CVE request for wget Austin English (Dec 24)
- Re: Re: CVE request for wget Austin English (Oct 26)
- Re: Re: CVE request for wget Seth Arnold (Oct 01)
- CVE request: OpenSMTPD 5.7.2 Kristian Fiskerstrand (Oct 02)
- CVE requests: Critical vulnerabilities in OpenSMTPD Jason A. Donenfeld (Oct 02)
- Re: CVE requests: Critical vulnerabilities in OpenSMTPD Arrigo Triulzi (Oct 02)
- Re: CVE requests: Critical vulnerabilities in OpenSMTPD Jason A. Donenfeld (Oct 02)
- Re: CVE requests: Critical vulnerabilities in OpenSMTPD Gilles Chehade (Oct 02)
- Re: CVE requests: Critical vulnerabilities in OpenSMTPD Jason A. Donenfeld (Oct 02)
- Re: CVE requests: Critical vulnerabilities in OpenSMTPD Gilles Chehade (Oct 02)
- Re: CVE requests: Critical vulnerabilities in OpenSMTPD Arrigo Triulzi (Oct 02)
- [OSSA 2015-020] Glance storage overrun (CVE-2015-5286) Tristan Cacqueray (Oct 02)
- Qualys Security Advisory - OpenSMTPD Audit Report Qualys Security Advisory (Oct 02)
- Re: Qualys Security Advisory - OpenSMTPD Audit Report cve-assign (Oct 02)
- Re: DoS attack through Email-Address perl module v1.907 (CVE id request) Pali Rohár (Oct 02)
- Re: DoS attack through Email-Address perl module v1.907 (CVE id request) cve-assign (Oct 02)
- CVE-2015-5285: Kallithea: HTTP header injection Andrew Shadura (Oct 02)
- Re: CVE request: BD-J implementation in libbluray Jean-Baptiste Kempf (Oct 04)
- Re: CVE request: BD-J implementation in libbluray Florian Weimer (Oct 05)
- Re: CVE request: BD-J implementation in libbluray Jean-Baptiste Kempf (Nov 03)
- <Possible follow-ups>
- Re: CVE request: BD-J implementation in libbluray cve-assign (Oct 12)
- Re: Re: CVE request: BD-J implementation in libbluray Salvatore Bonaccorso (Oct 13)
- Re: CVE request: BD-J implementation in libbluray Florian Weimer (Oct 05)
- Remotely triggerable buffer overflow in OpenSMTPD Jason A. Donenfeld (Oct 04)
- Re: Remotely triggerable buffer overflow in OpenSMTPD Gilles Chehade (Oct 05)
- <Possible follow-ups>
- Re: Remotely triggerable buffer overflow in OpenSMTPD Jason A. Donenfeld (Oct 05)
- CVE request: issues fixed in PHP 5.6.14 and 5.5.30 Martin Prpic (Oct 05)
- Re: CVE request: issues fixed in PHP 5.6.14 and 5.5.30 cve-assign (Oct 10)
- CVE Request: OpenSMTPD <= 5.7.2 buffer overflow Jason A. Donenfeld (Oct 05)
- CVE request for vulnerability in OpenStack Nova Tristan Cacqueray (Oct 05)
- Re: CVE request for vulnerability in OpenStack Nova cve-assign (Oct 05)
- CVE Request: git Seth Arnold (Oct 05)
- Re: CVE Request: git Blake Burkhart (Oct 12)
- Re: CVE Request: git Jan Rusnacko (Nov 23)
- CVE Request: Audio File Library Seth Arnold (Oct 05)
- Re: CVE Request: Audio File Library cve-assign (Oct 07)
- CVE Request: gvfsd-dav Seth Arnold (Oct 05)
- Fwd: [vs-plain] CVE-2015-5261 Huzaifa Sidhpurwala (Oct 05)
- Re: CVE-Request for stored WCI (a.k.a XSS) in Visual Form Builder 2.7.5 - 2.8.4 Anti Räis (Oct 05)
- CVE request for sqlalchemy-utils robert (Oct 06)
- Re: CVE request for sqlalchemy-utils robert (Oct 18)
- Re: CVE request for sqlalchemy-utils Larry Cashdollar (Oct 19)
- Re: CVE request for sqlalchemy-utils cve-assign (Oct 20)
- Re: CVE request for sqlalchemy-utils robert (Oct 18)
- Re: CVE Request: Arm Mali gpu driver Dos vulnerability cve-assign (Oct 06)
- CVE Request: ImageMagick Seth Arnold (Oct 06)
- Re: CVE Request: ImageMagick Stefan Cornelius (Oct 08)
- [OSSA 2015-021] Nova network security group changes are not applied to running instances (CVE-2015-7713) Tristan Cacqueray (Oct 07)
- CVE request - perl library UI::Dialog 1.09 - shell escaping vulnerability Matthijs Kooijman (Oct 08)
- Re: CVE request - perl library UI::Dialog 1.09 - shell escaping vulnerability cve-assign (Oct 08)
- CVE request: Gummi Daniel Stender (Oct 08)
- Re: CVE request: Gummi cve-assign (Oct 08)
- CVE request - Android OS - Using the PPP character device driver caused the system to restart 郭永刚 (Oct 08)
- Re: CVE Request: Use-after-free in optipng 0.6.4 cve-assign (Oct 10)
- Re: CVE Request: Buffer overflow in global memory affecting optipng 0.7.5 cve-assign (Oct 10)
- ircd-ratbox and Derivatives OOM by MONITOR Command Christine Dodrill (Oct 10)
- Re: ircd-ratbox and Derivatives OOM by MONITOR Command William Pitcock (Oct 11)
- Re: CVE Request: twig remote code execution cve-assign (Oct 11)
- Re: CVE Request: zendframework SQL injections cve-assign (Oct 11)
- Re: CVE Request: squid: Nonce replay vulnerability in Digest authentication cve-assign (Oct 11)
- Re: Re: CVE Request: squid: Nonce replay vulnerability in Digest authentication Amos Jeffries (Oct 12)
- Re: Heap overflow and DoS in unzip 6.0 cve-assign (Oct 11)
- CVE Request: Plone CSRF Nathan Van Gheem (Oct 12)
- Re: CVE Request: Plone CSRF cve-assign (Oct 12)
- Re: CVE Request: Plone CSRF Nathan Van Gheem (Oct 12)
- Re: CVE Request: Plone CSRF cve-assign (Oct 12)
- [CVE-2015-3186] Apache Ambari XSS vulnerability Yusaku Sako (Oct 12)
- [CVE-2015-1775] Apache Ambari Server Side Request Forgery vulnerability Yusaku Sako (Oct 12)
- [CVE-2015-3270] A non-administrative user can escalate themselves to have administrative privileges remotely Yusaku Sako (Oct 12)
- [CVE-2015-5210] Unvalidated Redirects and Forwards using targetURI parameter can enable phishing exploits Yusaku Sako (Oct 12)
- Re: CVE request: urlfetch range handling flaw in Cyrus IMAP Florian Weimer (Oct 13)
- <Possible follow-ups>
- Re: CVE request: urlfetch range handling flaw in Cyrus IMAP cve-assign (Nov 04)
- CVE Request: Openpgp.js Critical vulnerability in S2K Gijs Hollestelle (Oct 13)
- Re: CVE Request: Openpgp.js Critical vulnerability in S2K cve-assign (Oct 30)
- CVE Requests for Drupal contributed modules (from SA-CONTRIB-2015-132 to SA-CONTRIB-2015-156) Pere Orga (Oct 14)
- <Possible follow-ups>
- Re: CVE Requests for Drupal contributed modules (from SA-CONTRIB-2015-132 to SA-CONTRIB-2015-156) Evans, Jonathan L. (Oct 21)
- Re: CVE Requests for Drupal contributed modules (from SA-CONTRIB-2015-132 to SA-CONTRIB-2015-156) Pere Orga (Oct 24)
- CVE Requests for read out of bound in libpng xiaoqixue_1 (Oct 25)
- Re: CVE Requests for read out of bound in libpng cve-assign (Oct 26)
- RE: CVE Requests for Drupal contributed modules (from SA-CONTRIB-2015-132 to SA-CONTRIB-2015-156) Evans, Jonathan L. (Oct 26)
- Re: CVE Requests for Drupal contributed modules (from SA-CONTRIB-2015-132 to SA-CONTRIB-2015-156) Pere Orga (Oct 24)
- CVE-2015-0856: sddm does not prevent access to the KDE crash handler Florian Weimer (Oct 14)
- CVE Request - Linux kernel - securelevel/secureboot bypass. Wade Mealing (Oct 14)
- Re: CVE Request - Linux kernel - securelevel/secureboot bypass. Wade Mealing (Oct 15)
- Re: CVE Request - Linux kernel - securelevel/secureboot bypass. cve-assign (Oct 15)
- Re: Re: CVE Request - Linux kernel - securelevel/secureboot bypass. Blibbet (Oct 15)
- Re: CVE Request: Glibc Pointer guarding weakness Florian Weimer (Oct 15)
- Re: CVE Request: Glibc Pointer guarding weakness akuster (Oct 29)
- CVE Request: Linux Kernel heap corruption on debug_read_tlb Salva Peiró (Oct 15)
- Re: CVE Request: Linux Kernel heap corruption on debug_read_tlb Greg KH (Oct 15)
- Re: CVE Request: Linux Kernel heap corruption on debug_read_tlb Salva Peiró (Oct 16)
- Re: CVE Request: Linux Kernel heap corruption on debug_read_tlb Florian Weimer (Oct 16)
- Re: CVE Request: Linux Kernel heap corruption on debug_read_tlb Salva Peiró (Oct 16)
- Re: CVE Request: Linux Kernel heap corruption on debug_read_tlb Greg KH (Oct 15)
- Qualys Security Advisory - LibreSSL (CVE-2015-5333 and CVE-2015-5334) Qualys Security Advisory (Oct 15)
- Re: Qualys Security Advisory - LibreSSL (CVE-2015-5333 and CVE-2015-5334) Agostino Sarubbo (Oct 16)
- Re: Qualys Security Advisory - LibreSSL (CVE-2015-5333 and CVE-2015-5334) Andreas Stieger (Oct 16)
- Re: Qualys Security Advisory - LibreSSL (CVE-2015-5333 and CVE-2015-5334) Stuart Henderson (Oct 16)
- Re: Qualys Security Advisory - LibreSSL (CVE-2015-5333 and CVE-2015-5334) Agostino Sarubbo (Oct 16)
- CVE request: lldpd crash in lldp_decode due large management address Florian Weimer (Oct 15)
- Re: CVE request: lldpd crash in lldp_decode due large management address Florian Weimer (Oct 18)
- Re: CVE request: lldpd crash in lldp_decode due large management address cve-assign (Oct 29)
- Prime example of a can of worms Kurt Seifried (Oct 18)
- Re: Prime example of a can of worms Alex Gaynor (Oct 18)
- Re: Prime example of a can of worms Matt U (Oct 18)
- Re: Prime example of a can of worms Seth Arnold (Oct 19)
- Re: Prime example of a can of worms Kurt Seifried (Oct 19)
- Re: Prime example of a can of worms Tim (Oct 19)
- Re: Prime example of a can of worms Daniel Kahn Gillmor (Oct 19)
- Re: Prime example of a can of worms Kurt Seifried (Oct 19)
- Re: Prime example of a can of worms Daniel Kahn Gillmor (Oct 19)
- Re: Prime example of a can of worms Brad Knowles (Oct 20)
- Re: Prime example of a can of worms Kurt Seifried (Oct 20)
- Re: Prime example of a can of worms gremlin (Oct 20)
- Re: Prime example of a can of worms Matthias Weckbecker (Oct 21)
- Re: Prime example of a can of worms Kurt Seifried (Oct 21)
- Re: Prime example of a can of worms Joshua Rogers (Oct 21)
- Re: Prime example of a can of worms Kurt Seifried (Oct 21)
- Re: Prime example of a can of worms Florent Daigniere (Oct 22)
- Re: Prime example of a can of worms Daniel Kahn Gillmor (Oct 22)
- Re: Prime example of a can of worms Kurt Seifried (Oct 22)
- Re: Prime example of a can of worms Daniel Kahn Gillmor (Oct 22)
- Re: Prime example of a can of worms gremlin (Oct 23)
- Re: Prime example of a can of worms Brad Knowles (Oct 19)
- Re: Prime example of a can of worms Loganaden Velvindron (Oct 21)
- Re: Prime example of a can of worms Alex Gaynor (Oct 18)
- CVE Request: MediaWiki 1.25.3, 1.24.4 and 1.23.11 Chris Steipp (Oct 19)
- Re: CVE Request: MediaWiki 1.25.3, 1.24.4 and 1.23.11 cve-assign (Oct 29)
- CVE request: crash when attempt to garbage collect an uninstantiated keyring Adam Maris (Oct 20)
- CVE Request: Linux Kernel ioctl infoleaks on vivid-osd and dgnc Salva Peiró (Oct 21)
- Re: CVE Request: Linux Kernel ioctl infoleaks on vivid-osd and dgnc cve-assign (Oct 21)
- CVE Request: BusyBox tar directory traversal Tyler Hicks (Oct 21)
- Re: CVE Request: BusyBox tar directory traversal Tyler Hicks (Oct 21)
- Re: CVE Request: BusyBox tar directory traversal cve-assign (Oct 21)
- Re: CVE Request: BusyBox tar directory traversal Robert Watson (Oct 22)
- Re: CVE Request: BusyBox tar directory traversal Tim Brown (Oct 22)
- Re: CVE Request: BusyBox tar directory traversal Robert Watson (Oct 23)
- Re: CVE Request: BusyBox tar directory traversal Yves-Alexis Perez (Oct 23)
- Re: CVE Request: BusyBox tar directory traversal Robert Watson (Oct 23)
- Re: CVE Request: BusyBox tar directory traversal Jeremy Stanley (Oct 23)
- Re: CVE Request: BusyBox tar directory traversal Jeremy Stanley (Oct 23)
- Re: CVE Request: BusyBox tar directory traversal Russ Allbery (Oct 23)
- Re: CVE Request: BusyBox tar directory traversal Tim Brown (Oct 22)
- CVE Requests for Drupal 7.41 and contributed modules Pere Orga (Oct 21)
- <Possible follow-ups>
- Re: CVE Requests for Drupal 7.41 and contributed modules CVE ID Requests (Oct 23)
- [oss-security]Crafted xml causes out of bound memory access - Libxml2 GAURAV GUPTA (Oct 21)
- Re: Crafted xml causes out of bound memory access - Libxml2 cve-assign (Oct 22)
- CVE Request: invalid curve attack on bouncycastle Raphael Hertzog (Oct 22)
- Re: CVE Request: invalid curve attack on bouncycastle cve-assign (Oct 22)
- Duplicate CVE: CVE-2015-7703 in NTP Martin Prpic (Oct 22)
- Re: Duplicate CVE: CVE-2015-7703 in NTP cve-assign (Oct 23)
- Re: Re: Duplicate CVE: CVE-2015-7703 in NTP Kurt Seifried (Oct 23)
- Re: Re: Duplicate CVE: CVE-2015-7703 in NTP Florian Weimer (Oct 23)
- Re: Duplicate CVE: CVE-2015-7703 in NTP Brad Knowles (Oct 23)
- Re: Re: Duplicate CVE: CVE-2015-7703 in NTP Kurt Seifried (Oct 23)
- Re: Duplicate CVE: CVE-2015-7703 in NTP cve-assign (Oct 23)
- [CVE-2015-5215] Ipsilon: XSS in multiple pages Patrick Uiterwijk (Oct 23)
- CVE request - Icinga 1.13.3 and older are vulnerable to XSS Ricardo (Oct 23)
- Re: CVE request - Icinga 1.13.3 and older are vulnerable to XSS cve-assign (Oct 29)
- Heap overflow and endless loop in exfatfsck / exfat-utils Hanno Böck (Oct 24)
- Re: Heap overflow and endless loop in exfatfsck / exfat-utils cve-assign (Oct 29)
- CVE request: xscreensaver aborts when unpluging second monitor cable when asking password Mamoru TASAKA (Oct 24)
- Two out of bounds reads in Zstandard / zstd Hanno Böck (Oct 24)
- Re: Two out of bounds reads in Zstandard / zstd cve-assign (Oct 29)
- CVE Request regarding Firefox FindMyDevice Service Critical ClickJacking Mohamed A. Baset (Oct 25)
- Pointer misuse unziping files with busybox Gustavo Grieco (Oct 25)
- Re: Pointer misuse unziping files with busybox Gustavo Grieco (Oct 26)
- Re: Pointer misuse unziping files with busybox cve-assign (Oct 28)
- Re: Pointer misuse unziping files with busybox Gustavo Grieco (Oct 30)
- Re: Re: Pointer misuse unziping files with busybox Rich Felker (Oct 30)
- Re: Pointer misuse unziping files with busybox cve-assign (Nov 03)
- CVE request - open-vm-tools using predictable filename in /tmp Michael Scherer (Oct 26)
- Re: CVE request - open-vm-tools using predictable filename in /tmp Florian Weimer (Oct 26)
- Re: CVE request - open-vm-tools using predictable filename in /tmp Michael Scherer (Oct 27)
- Re: CVE request - open-vm-tools using predictable filename in /tmp Florian Weimer (Oct 26)
- CVE Request: Wordpress: Cross-site scripting vulnerability in the user list table Salvatore Bonaccorso (Oct 26)
- CVE Request: XSS in Blubrry PowerPress Podcasting wordpress plugin Version 6.0.4 Dis close (Oct 27)
- CVE Request: XSS in Fast Secure Contact Form version 4.0.37 Dis close (Oct 27)
- CVE Request: XSS Vulnerability in BulletProof Security Version .52.4 Dis close (Oct 27)
- CVE Request: Multiple XSS in NextGEN Gallery by Photocrati Version 2.1.7 Dis close (Oct 27)
- Re: CVE-2015-6937 - Linux kernel - NULL pointer dereference in net/rds/connection.c Quentin Casasnovas (Oct 27)
- CVE Request: Malicious File Upload in NextGEN Gallery by Photocrati Version 2.1.10 Dis close (Oct 27)
- Multiple CVE info for Ipsilon Patrick Uiterwijk (Oct 27)
- CVE Request: Cross Site Scripting (XSS) & Cross Site Request Forgery (CSRF) in Crony Cronjob Manager Version 0.4.4 Dis close (Oct 27)
- CVE request: libxslt xsltStylePreCompute() type confusion DoS Stefan Cornelius (Oct 27)
- Re: CVE request: libxslt xsltStylePreCompute() type confusion DoS cve-assign (Oct 28)
- CVE Request: Linux kernel: Buffer overflow when copying data from skbuff to userspace Sabrina Dubroca (Oct 27)
- csd-datetime forgets to authorize users Sebastian Krahmer (Oct 28)
- Xen Security Advisory 145 (CVE-2015-7812) - arm: Host crash when preempting a multicall Xen . org security team (Oct 29)
- Xen Security Advisory 147 (CVE-2015-7814) - arm: Race between domain destruction and memory allocation decrease Xen . org security team (Oct 29)
- Xen Security Advisory 146 (CVE-2015-7813) - arm: various unimplemented hypercalls log without rate limiting Xen . org security team (Oct 29)
- Xen Security Advisory 149 (CVE-2015-7969) - leak of main per-domain vcpu pointer array Xen . org security team (Oct 29)
- Xen Security Advisory 152 (CVE-2015-7971) - x86: some pmu and profiling hypercalls log without rate limiting Xen . org security team (Oct 29)
- Xen Security Advisory 150 (CVE-2015-7970) - x86: Long latency populate-on-demand operation is not preemptible Xen . org security team (Oct 29)
- Xen Security Advisory 151 (CVE-2015-7969) - x86: leak of per-domain profiling-related vcpu pointer array Xen . org security team (Oct 29)
- Xen Security Advisory 148 (CVE-2015-7835) - x86: Uncontrolled creation of large page mappings by PV guests Xen . org security team (Oct 29)
- Xen Security Advisory 153 (CVE-2015-7972) - x86: populate-on-demand balloon size inaccuracy can crash guests Xen . org security team (Oct 29)
- Re: hostapd/wpa_supplicant - Incomplete WPS and P2P NFC NDEF record payload length validation Salvatore Bonaccorso (Oct 30)
- <Possible follow-ups>
- Re: hostapd/wpa_supplicant - Incomplete WPS and P2P NFC NDEF record payload length validation cve-assign (Nov 02)
- CVE request for Nullsoft Scriptable Install System Stefan Kanthak (Oct 31)
- CVE request: DoS in libxml2 if xz is enabled Gustavo Grieco (Nov 02)
- Re: CVE request: DoS in libxml2 if xz is enabled cve-assign (Nov 02)
- Re: CVE request: DoS in libxml2 if xz is enabled Gustavo Grieco (Nov 03)
- Re: CVE request: DoS in libxml2 if xz is enabled cve-assign (Nov 02)
- tlsfuzzer - new tool Hubert Kario (Nov 02)
- CVE request: libsndfile 1.0.25 heap overflow Martin Prpic (Nov 03)
- Re: CVE request: libsndfile 1.0.25 heap overflow Hanno Böck (Nov 03)
- Re: CVE request: libsndfile 1.0.25 heap overflow cve-assign (Nov 03)
- Re: Re: CVE request: libsndfile 1.0.25 heap overflow gauri (Nov 05)
- Re: CVE request: libsndfile 1.0.25 heap overflow cve-assign (Nov 03)
- Re: CVE request: libsndfile 1.0.25 heap overflow cve-assign (Nov 03)
- Re: CVE request: libsndfile 1.0.25 heap overflow Hanno Böck (Nov 03)
- CVE Request: pycurl use after free fixed in version 7.19.5.2 Kristian Fiskerstrand (Nov 03)
- Re: CVE Request: pycurl use after free fixed in version 7.19.5.2 cve-assign (Nov 03)
- Re: Pending CVE requests for glibc Raphael Hertzog (Nov 03)
- Re: libsndfile DoS/divide-by-zero cve-assign (Nov 03)
- CVE request -- Linux kernel: selinux: rate-limit unrecognized netlink message warnings in selinux_nlmsg_perm() Vladis Dronov (Nov 04)
- CVE request: qt5-qtwebkit records visited URLS in private browsing mode Adam Maris (Nov 05)
- Re: CVE request: qt5-qtwebkit records visited URLS in private browsing cve-assign (Nov 05)
- CVE request: stored XSS in PowerDNS < 3.4.7 Damien Cauquil (Nov 06)
- Re: CVE request: stored XSS in PowerDNS < 3.4.7 Pieter Lexis (Nov 06)
- Review+CVE request: multiple issues in redis EVAL command (lua sandbox) Luca Bruno (Nov 06)
- Re: Review+CVE request: multiple issues in redis EVAL command (lua sandbox) cve-assign (Nov 06)
- Re: Re: Review+CVE request: multiple issues in redis EVAL command (lua sandbox) Luca Bruno (Nov 06)
- Re: Review+CVE request: multiple issues in redis EVAL command (lua sandbox) cve-assign (Nov 06)
- [ANNOUNCE] CVE-2014-3576 - Apache ActiveMQ vulnerabilities Timothy Bish (Nov 06)
- Joomla CMS - Bad Cryptography - Multiple Vulnerabilities Scott Arciszewski (Nov 07)
- CVE Request: TestLink 1.9.14 CSRF Vulnerability Aravind (Nov 08)
- CVE Request: TestLink 1.9.14 Persistent XSS Vulnerability Aravind (Nov 08)
- Assign CVE for common-collections remote code execution on deserialisation flaw Jason Shepherd (Nov 08)
- Re: Assign CVE for common-collections remote code execution on deserialisation flaw Florian Weimer (Nov 08)
- Re: Assign CVE for common-collections remote code execution on deserialisation flaw Pedro Vaz De Sousa Grilo (Nov 09)
- Re: Assign CVE for common-collections remote code execution on deserialisation flaw Tim (Nov 09)
- Re: Assign CVE for common-collections remote code execution on deserialisation flaw Moritz Bechler (Nov 09)
- Re: Assign CVE for common-collections remote code execution on deserialisation flaw Tim (Nov 10)
- Re: Assign CVE for common-collections remote code execution on deserialisation flaw Moritz Bechler (Nov 11)
- Re: Assign CVE for common-collections remote code execution on deserialisation flaw Tim (Nov 11)
- CVE-Request: Assign CVE for common-collections remote code execution on deserialisation flaw Gsunde Orangen (Nov 12)
- Re: CVE-Request: Assign CVE for common-collections remote code execution on deserialisation flaw Mark Felder (Nov 12)
- Re: CVE-Request: Assign CVE for common-collections remote code execution on deserialisation flaw Tim (Nov 12)
- Re: CVE-Request: Assign CVE for common-collections remote code execution on deserialisation flaw Mark Felder (Nov 13)
- Re: CVE-Request: Assign CVE for common-collections remote code execution on deserialisation flaw Tim (Nov 13)
- Re: CVE-Request: Assign CVE for common-collections remote code execution on deserialisation flaw Gsunde Orangen (Nov 12)
- Re: CVE-Request: Assign CVE for common-collections remote code execution on deserialisation flaw Mark Felder (Nov 13)
- Re: CVE-Request: Assign CVE for common-collections remote code execution on deserialisation flaw Lisa Bradley (Nov 13)
- Re: CVE-Request: Assign CVE for common-collections remote code execution on deserialisation flaw Gsunde Orangen (Nov 13)
- Re: CVE-Request: Assign CVE for common-collections remote code execution on deserialisation flaw Oracle Security Alerts (Thomas) (Nov 17)
- Re: CVE-Request: Assign CVE for common-collections remote code execution on deserialisation flaw Mark Felder (Nov 13)
- Re: CVE-Request: Assign CVE for common-collections remote code execution on deserialisation flaw Gsunde Orangen (Nov 13)
- Re: CVE-Request: Assign CVE for common-collections remote code execution on deserialisation flaw Gsunde Orangen (Nov 15)
- Re: Assign CVE for common-collections remote code execution on deserialisation flaw Jason Shepherd (Nov 12)
- Re: Re: Assign CVE for common-collections remote code execution on deserialisation flaw Gsunde Orangen (Nov 13)
- Re: Assign CVE for common-collections remote code execution on deserialisation flaw cve-assign (Nov 17)
- Re: Assign CVE for common-collections remote code execution on deserialisation flaw Florian Weimer (Nov 08)
- PowerDNS Security Announcement 2015-03 Pieter Lexis (Nov 09)
- CVE request: Jenkins remote code execution vulnerability due to unsafe deserialization Daniel Beck (Nov 09)
- CVE request: net-snmp OpenBSD package - insecure file permission vulnerability Pierre Kim (Nov 09)
- Blind SQL injection in wp-championship wordpress plugin v5.8 Larry Cashdollar (Nov 09)
- Xen Security Advisory 156 (CVE-2015-5307,CVE-2015-8104) - x86: CPU lockup during exception delivery Xen . org security team (Nov 09)
- race condition checking digests/checksums in sudoers Alyssa Milburn (Nov 09)
- Re: race condition checking digests/checksums in sudoers cve-assign (Nov 10)
- Re: race condition checking digests/checksums in sudoers cve-assign (Nov 18)
- Re: race condition checking digests/checksums in sudoers Tomas Hoger (Dec 01)
- Re: race condition checking digests/checksums in sudoers cve-assign (Nov 10)
- CVE-2015-5307 kernel: kvm: guest to host DoS by triggering an infinite loop in microcode via #AC exception P J P (Nov 09)
- CVE-2015-8104 kernel: kvm: guest to host DoS by triggering an infinite loop in microcode via #DB exception P J P (Nov 09)
- Several reads out-of-bound in mplayer 1.1 Gustavo Grieco (Nov 10)
- Re: Several reads out-of-bound in mplayer 1.1 cve-assign (Nov 17)
- wpa_supplicant unauthorized WNM Sleep Mode GTK control Jouni Malinen (Nov 10)
- hostapd/wpa_supplicant: EAP-pwd missing last fragment length validation Jouni Malinen (Nov 10)
- wpa_supplicant: EAP-pwd peer error path failure on unexpected Confirm message Jouni Malinen (Nov 10)
- CVE request: libpng buffer overflow in png_set_PLTE Glenn Randers-Pehrson (Nov 12)
- Re: CVE request: libpng buffer overflow in png_set_PLTE cve-assign (Nov 12)
- CVE request -- [media] usbvision: usbvision_probe() can trigger a kernel NULL pointer dereference Vladis Dronov (Nov 13)
- Re: CVE request -- [media] usbvision: usbvision_probe() can trigger a kernel NULL pointer dereference Vladis Dronov (Nov 13)
- CVE request -- linux kernel: Null pointer dereference when mounting ext4 filesystem Vladis Dronov (Nov 23)
- CVE request: Reflected XSS in OcPortal CMS 9.0.20 Dis close (Nov 13)
- New security advisory for Apache CXF Colm O hEigeartaigh (Nov 14)
- Re: New security advisory for Apache CXF Hanno Böck (Nov 14)
- CVE request-HUAWEI P8 GRA-UL00 郭永刚 (Nov 16)
- Re: CVE request-HUAWEI P8 GRA-UL00 Solar Designer (Nov 16)
- Re: CVE request-HUAWEI P8 GRA-UL00 Fabio Olive Leite (Nov 16)
- Re: CVE request-HUAWEI P8 GRA-UL00 Shawn (Nov 16)
- Re: CVE request-HUAWEI P8 GRA-UL00 Solar Designer (Nov 16)
- CVE-2015-8106 - latex2rtf v2.3.8 format string vulnerability 김종권 (Nov 16)
- CVE-2015-8107 - a2ps(gnu) v4.14 format string vulnerability 김종권 (Nov 16)
- suckless sent and libxft-dev 2.3.2-1 crash Simon . (Nov 16)
- Re: suckless sent and libxft-dev 2.3.2-1 crash Tim (Nov 16)
- Re: suckless sent and libxft-dev 2.3.2-1 crash Agostino Sarubbo (Nov 17)
- Re: suckless sent and libxft-dev 2.3.2-1 crash Alan Coopersmith (Nov 17)
- Buffer overflow in libxml2 GAURAV GUPTA (Nov 17)
- Re: Buffer overflow in libxml2 cve-assign (Nov 18)
- x86 ROP mitigation Solar Designer (Nov 17)
- Message not available
- Re: Fwd: x86 ROP mitigation Bernd Schmidt (Nov 17)
- Re: Fwd: x86 ROP mitigation Jeff Law (Nov 17)
- Re: Re: Fwd: x86 ROP mitigation Daniel Micay (Nov 17)
- Re: Re: Fwd: x86 ROP mitigation Josh Bressers (Nov 17)
- Re: Re: Fwd: x86 ROP mitigation Daniel Micay (Nov 17)
- Re: Re: Fwd: x86 ROP mitigation Josh Bressers (Nov 17)
- Re: Re: Fwd: x86 ROP mitigation Daniel Micay (Nov 17)
- Re: Re: Fwd: x86 ROP mitigation Rich Felker (Nov 17)
- Re: Re: Fwd: x86 ROP mitigation Daniel Micay (Nov 17)
- Re: Fwd: x86 ROP mitigation Solar Designer (Nov 17)
- Re: Fwd: x86 ROP mitigation Florian Weimer (Nov 18)
- Data on Linux attacks (was Re: [oss-security] Re: Fwd: x86 ROP mitigation) Josh Bressers (Nov 18)
- Re: Data on Linux attacks (was Re: [oss-security] Re: Fwd: x86 ROP mitigation) Kurt Seifried (Nov 18)
- Re: Re: Fwd: x86 ROP mitigation Steve Grubb (Nov 18)
- Re: Re: Fwd: x86 ROP mitigation Fabio Pagani (Nov 18)
- Re: Fwd: x86 ROP mitigation Solar Designer (Nov 19)
- Re: Re: Fwd: x86 ROP mitigation Jonathan Salwan (Nov 19)
- Re: Fwd: x86 ROP mitigation Solar Designer (Nov 17)
- Re: Fwd: x86 ROP mitigation Bernd Schmidt (Nov 18)
- Re: Re: Fwd: x86 ROP mitigation Florian Weimer (Nov 18)
- Re: Fwd: x86 ROP mitigation Jeff Law (Nov 18)
- Re: Fwd: x86 ROP mitigation Bernd Schmidt (Nov 17)
- Message not available
- Re: CVE request for Gnome gdm/screen lock crash Kurt Seifried (Nov 17)
- Re: CVE request for path traversal / info leak bug in Spiffy web server cve-assign (Nov 18)
- Re: CVE request for path traversal / info leak bug in Spiffy web server Peter Bex (Nov 18)
- Re: CVE request for vulnerability in OpenStack Glance cve-assign (Nov 18)
- Re: Re: CVE request for vulnerability in OpenStack Glance Tristan Cacqueray (Nov 18)
- Re: [CFP] No Big Thing Conference #2 San Francisco, December 5 2015 Solar Designer (Nov 17)
- Re: CVE-2015-7266 Kurt Seifried (Nov 18)
- Re: CVE-2015-7266 Zach W. (Nov 18)
- Re: CVE-2015-7266 Kurt Seifried (Nov 18)
- Re: CVE-2015-7266 Zach W. (Nov 18)
- Re: CVE-2015-7266 Solar Designer (Nov 18)
- Re: Instruction encoding which prevents execution of a suffix Josh Bressers (Nov 23)
- Re: Instruction encoding which prevents execution of a suffix Florian Weimer (Nov 24)
- Re: LXDM X authentication issues cve-assign (Nov 20)
- Re: Re: LXDM X authentication issues Tomas Hoger (Nov 20)
- Re: seccomp filters without PR_SET_NO_NEW_PRIVS Daniel Micay (Nov 20)
- Re: CVE-2015-5257 - Weak Randomization of BridgeSecret for Apache Cordova Android Salvatore Bonaccorso (Nov 22)
- Re: Libxml2: Several out of bounds reads cve-assign (Nov 22)
- Re: CVE request for LightDM - XDMCP denial of service cve-assign (Nov 22)
- Re: Heap Overflow in PCRE Moritz Muehlenhoff (Nov 24)
- Re: Heap Overflow in PCRE Hanno Böck (Nov 24)
- Re: Heap Overflow in PCRE Fabian Keil (Nov 24)
- Re: Heap Overflow in PCRE Hanno Böck (Nov 24)
- Re: Heap Overflow in PCRE Fabian Keil (Nov 25)
- Re: Heap Overflow in PCRE Hanno Böck (Nov 24)
- Re: Heap Overflow in PCRE cve-assign (Nov 28)
- Re: Re: Heap Overflow in PCRE Michal Zalewski (Nov 28)
- Re: Heap Overflow in PCRE cve-assign (Nov 29)
- Re: Re: Heap Overflow in PCRE Tomas Hoger (Nov 30)
- Re: Heap Overflow in PCRE cve-assign (Dec 01)
- Re: Re: Heap Overflow in PCRE Salvatore Bonaccorso (Dec 02)
- Re: Heap Overflow in PCRE cve-assign (Dec 02)
- Re: Re: Heap Overflow in PCRE Jakub Wilk (Dec 03)
- Re: Re: Heap Overflow in PCRE Michal Zalewski (Nov 28)
- Re: CVE Request: IPTables-Parse: Use of predictable names for temporary files cve-assign (Nov 24)
- Re: CVE request: DoS in ONOS when handling jumbo ethernet frames Kurt Seifried (Nov 25)
- Re: CVE request: Redmine - information disclosure on the time logging form cve-assign (Nov 25)
- Re: Announcing https://github.com/RedHatProductSecurity/Certificates-Shipped/ Reed Loden (Nov 25)
- Re: Announcing https://github.com/RedHatProductSecurity/Certificates-Shipped/ Kurt Seifried (Nov 25)
- Re: Announcing https://github.com/RedHatProductSecurity/Certificates-Shipped/ Hanno Böck (Nov 25)
- Re: Announcing https://github.com/RedHatProductSecurity/Certificates-Shipped/ Kurt Seifried (Nov 25)
- Re: Announcing https://github.com/RedHatProductSecurity/Certificates-Shipped/ Gsunde Orangen (Nov 25)
- Re: Announcing https://github.com/RedHatProductSecurity/Certificates-Shipped/ Kurt Seifried (Nov 25)
- Re: Announcing https://github.com/RedHatProductSecurity/Certificates-Shipped/ Josh Matthews (Nov 30)
- Re: Announcing https://github.com/RedHatProductSecurity/Certificates-Shipped/ Kurt Seifried (Nov 30)
- Re: Announcing https://github.com/RedHatProductSecurity/Certificates-Shipped/ Daniel Micay (Nov 30)
- Re: Announcing https://github.com/RedHatProductSecurity/Certificates-Shipped/ Gsunde Orangen (Nov 26)
- Re: Announcing https://github.com/RedHatProductSecurity/Certificates-Shipped/ Kurt Seifried (Nov 25)
- Re: CVE request: XSS to RCE in PHP-Fusion 9 cve-assign (Nov 29)
- Re: CVE request for keepassx password database export cve-assign (Nov 30)
- Re: Re: CVE request for keepassx password database export Reinhard Tartler (Dec 03)
- Re: Re: CVE request for keepassx password database export Felix Geyer (Dec 08)
- Re: Re: CVE request for keepassx password database export Reinhard Tartler (Dec 03)
- Re: CVE Request: dhcpcd 3.x, potentially other versions too cve-assign (Dec 01)
- Re: Re: CVE Request: dhcpcd 3.x, potentially other versions too Seth Arnold (Dec 01)
- Re: Re: CVE Request: dhcpcd 3.x, potentially other versions too Sebastian Krahmer (Dec 02)
- Re: Re: CVE Request: dhcpcd 3.x, potentially other versions too Seth Arnold (Dec 01)
- Re: CVE Request: dhcpcd 3.x, potentially other versions too cve-assign (Dec 02)
- Re: shellinabox - DNS rebinding attack due to HTTP fallback cve-assign (Dec 02)
- Re: User man Local Root Exploit/Linux Kernel setgid Directory Privilege Escalation/PAM Owner Check Weakness halfdog (Dec 13)
- Re: User man Local Root Exploit/Linux Kernel setgid Directory Privilege Escalation/PAM Owner Check Weakness Dag-Erling Smørgrav (Dec 14)
- Re: User man Local Root Exploit/Linux Kernel setgid Directory Privilege Escalation/PAM Owner Check Weakness halfdog (Dec 14)
- Re: User man Local Root Exploit/Linux Kernel setgid Directory Privilege Escalation/PAM Owner Check Weakness Solar Designer (Dec 14)
- Re: User man Local Root Exploit/Linux Kernel setgid Directory Privilege Escalation/PAM Owner Check Weakness halfdog (Dec 20)
- Re: User man Local Root Exploit/Linux Kernel setgid Directory Privilege Escalation/PAM Owner Check Weakness Dag-Erling Smørgrav (Dec 15)
- Re: User man Local Root Exploit/Linux Kernel setgid Directory Privilege Escalation/PAM Owner Check Weakness halfdog (Dec 15)
- Re: User man Local Root Exploit/Linux Kernel setgid Directory Privilege Escalation/PAM Owner Check Weakness cve-assign (Dec 15)
- Re: User man Local Root Exploit/Linux Kernel setgid Directory Privilege Escalation/PAM Owner Check Weakness Florian Weimer (Dec 14)
- Re: User man Local Root Exploit/Linux Kernel setgid Directory Privilege Escalation/PAM Owner Check Weakness cve-assign (Dec 14)
- Re: User man Local Root Exploit/Linux Kernel setgid Directory Privilege Escalation/PAM Owner Check Weakness Dag-Erling Smørgrav (Dec 14)
- <Possible follow-ups>
- OpenStack Ironic does not honor clean steps (CVE-2015-7514) Devananda van der Veen (Dec 03)
- Re: Status of CVE-2015-8126: libpng buffer overflow in png_set_PLTE cve-assign (Dec 04)
- Re: CVE request - Redmine: open redirect vulnerability (fixed earlier this year) cve-assign (Dec 04)
- Re: CVE Request: Magento SWF XSS cve-assign (Dec 04)
- Re: CVE Request: PHPMailer Message Injection Vulnerability cve-assign (Dec 04)
- <Possible follow-ups>
- Xen Security Advisory 158 (CVE-2015-8338) - long running memory operations on ARM Xen . org security team (Dec 10)
- Re: CVE request: Qemu: ui: vnc: avoid floating point exception cve-assign (Dec 08)
- RE: CVE for git issue - please use CVE-2015-7545 Evans, Jonathan L. (Dec 09)
- Re: CVE for git issue - please use CVE-2015-7545 Kurt Seifried (Dec 09)
- Re: CVE for git issue - please use CVE-2015-7545 cve-assign (Dec 11)
- Re: CVE request: Redmine - Data disclosure in atom feed cve-assign (Dec 09)
- CVE request - Linux kernel - Fix handling of stored error in a negatively instantiated user key xiaoqixue_1 (Dec 09)
- CVE request - a out of bound read bug is found in libdwarf xiaoqixue_1 (Dec 09)
- Re: CVE request - a out of bound read bug is found in libdwarf cve-assign (Dec 09)
- CVE request - read underflow in libpng 1.2.55, 1.0.65, 1.4.18, and 1.5.25 (pngwutil.c) xiaoqixue_1 (Dec 10)
- Re: CVE request - read underflow in libpng 1.2.55, 1.0.65, 1.4.18, and 1.5.25 (pngwutil.c) Glenn Randers-Pehrson (Dec 10)
- Re: CVE request - read underflow in libpng 1.2.55, 1.0.65, 1.4.18, and 1.5.25 (pngwutil.c) Glenn Randers-Pehrson (Dec 17)
- Re: CVE request - read underflow in libpng 1.2.55, 1.0.65, 1.4.18, and 1.5.25 (pngwutil.c) cve-assign (Dec 11)
- Re: Re: CVE request - read underflow in libpng 1.2.55, 1.0.65, 1.4.18, and 1.5.25 (pngwutil.c) Glenn Randers-Pehrson (Dec 11)
- CVE request - a out of bound read bug is found in libdwarf xiaoqixue_1 (Dec 09)
- Re: CVE request - Linux kernel - Fix handling of stored error in a negatively instantiated user key cve-assign (Dec 09)
- Re: CVE request - Android kernel - IPv6 connect cause a denial of service Hannes Frederic Sowa (Dec 09)
- Re: CVE request - Android kernel - IPv6 connect cause a denial of service Robert Święcki (Dec 09)
- Re: CVE request - Android kernel - IPv6 connect cause a denial of service cve-assign (Dec 11)
- Re: Re: CVE request - Android kernel - IPv6 connect cause a denial of service Hannes Frederic Sowa (Dec 11)
- Re: Re: CVE request - Android kernel - IPv6 connect cause a denial of service Hannes Frederic Sowa (Dec 14)
- Re: Re: CVE request - Android kernel - IPv6 connect cause a denial of service Robert Święcki (Dec 14)
- Re: Re: CVE request - Android kernel - IPv6 connect cause a denial of service Hannes Frederic Sowa (Dec 14)
- Re: CVE request: Remote DoS in Quassel cve-assign (Dec 12)
- Re: CVE-2015-8088: Heap Overflow Vulnerability in the HIFI Driver of Huawei Smart Phone Dan Rosenberg (Dec 17)
- <Possible follow-ups>
- CVE Request: Local Privilege Escalation in QEMU virtfs-proxy-helper Jason A. Donenfeld (Dec 14)
- Re: CVE Request: Local Privilege Escalation in QEMU virtfs-proxy-helper cve-assign (Dec 14)
- Re: CVE request: Shell Injection in Pygments FontManager._get_nix_font_path cve-assign (Dec 14)
- Re: Re: CVE request: Shell Injection in Pygments FontManager._get_nix_font_path Stefan Cornelius (Dec 15)
- Re: CVE request Qemu: usb: infinite loop in ehci_advance_state results in DoS cve-assign (Dec 14)
- Re: Chef: knife bootstrap leaks validator privkey into system logs cve-assign (Dec 14)
- Re: Re: Chef: knife bootstrap leaks validator privkey into system logs Jan Schaumann (Dec 14)
- Re: CVE request Qemu: net: vmxnet3: host memory leakage cve-assign (Dec 15)
- Re: Re: CVE request Qemu: net: vmxnet3: host memory leakage P J P (Dec 15)
- Re: CVE Request: Linux Kernel: information leak from getsockname cve-assign (Dec 15)
- Re: Re: CVE Request: Linux Kernel: information leak from getsockname Marcus Meissner (Dec 16)
- Re: CVE Request: Linux Kernel: information leak from getsockname cve-assign (Dec 16)
- Re: Re: CVE Request: Linux Kernel: information leak from getsockname Marcus Meissner (Dec 16)
- <Possible follow-ups>
- Xen Security Advisory 155 (CVE-2015-8550) - paravirtualized drivers incautious about shared memory contents Xen . org security team (Dec 17)
- Re: CVE Request: Linux kernel: privilege escalation in user namespaces Jann Horn (Dec 17)
- Re: Re: CVE Request: Linux kernel: privilege escalation in user namespaces Serge Hallyn (Dec 17)
- Re: CVE Request: Linux kernel: privilege escalation in user namespaces Solar Designer (Dec 17)
- AW: CVE Request: Linux kernel: privilege escalation in user namespaces Fiedler Roman (Dec 18)
- Re: AW: CVE Request: Linux kernel: privilege escalation in user namespaces Marc Deslauriers (Dec 18)
- Re: CVE Request: Linux kernel: privilege escalation in user namespaces Salvatore Bonaccorso (Dec 27)
- Re: CVE Request: Linux kernel: privilege escalation in user namespaces cve-assign (Dec 31)
- <Possible follow-ups>
- Re: CVE Request: Linux kernel: privilege escalation in user namespaces Fiedler Roman (Dec 21)
- Re: CVE request: Blueman: Privilege escalation in blueman dbus API cve-assign (Dec 18)
- Re: CVE request for math/big.Exp Florian Weimer (Dec 21)
- Re: CVE request for math/big.Exp cve-assign (Dec 22)
- Re: CVE request for math/big.Exp Jason Buberel (Dec 22)
- Re: Re: CVE request for math/big.Exp Jessie Frazelle (Dec 22)
- Re: CVE request for math/big.Exp Jason Buberel (Dec 22)
- Re: CVE requests for MediaWiki 1.26.1, 1.25.4, 1.24.5 and 1.23.12 cve-assign (Dec 23)
- Re: mail-client/claws-mail-3.13.1: Stack Overflow - CVE needed? cve-assign (Dec 21)
- Re: mail-client/claws-mail-3.13.1: Stack Overflow - CVE needed? Ben Hutchings (Dec 30)
- Re: mail-client/claws-mail-3.13.1: Stack Overflow - CVE needed? cve-assign (Dec 31)
- Re: mail-client/claws-mail-3.13.1: Stack Overflow - CVE needed? Ben Hutchings (Dec 30)
- Re: CVE Request: Use after free in PHP Collator::sortWithSortKeys function cve-assign (Dec 22)
- Re: CVE request Qemu: hmp: stack based OOB write in hmp_sendkey routine cve-assign (Dec 22)
- Re: CVE-request: ~/.t_coffee/ is world-writable cve-assign (Dec 23)
- Re: CVE request -- linux kernel: overlay: fix permission checking for setattr cve-assign (Dec 23)
- Re: Use after free in nghttp2 cve-assign (Dec 23)
- Re: CVE request Qemu: acpi: heap based buffer overrun during VM migration cve-assign (Dec 24)
- Re: CVE request -- Out-of-bounds Read in libtiff cve-assign (Dec 24)
- Re: CVE request libtiff: out-of-bounds read in CIE Lab image format Solar Designer (Dec 25)
- Re: CVE request libtiff: out-of-bounds read in CIE Lab image format cve-assign (Dec 25)
- Re: Being vulnerable to POODLE gremlin (Dec 26)
- Re: Being vulnerable to POODLE Gsunde Orangen (Dec 26)
- Re: Being vulnerable to POODLE Sevan Janiyan (Dec 26)
- Re: Being vulnerable to POODLE Gsunde Orangen (Dec 26)
- Re: Being vulnerable to POODLE Florian Weimer (Dec 28)
- Re: Being vulnerable to POODLE Sevan Janiyan (Dec 28)
- Re: Being vulnerable to POODLE Florian Weimer (Dec 28)
- Re: Being vulnerable to POODLE Sevan Janiyan (Dec 29)
- Re: Being vulnerable to POODLE Sevan Janiyan (Dec 28)
- Re: CVE Request: Stalin: Insecure use of temporary files cve-assign (Dec 27)
- Re: CVE request Qemu net: rocker: fix an incorrect array bounds check cve-assign (Dec 28)
- Re: Inspircd <2.0.19 DoS cve-assign (Dec 29)
- Re: CVE Request: Squashfs 4.2 Race Condition cve-assign (Dec 30)
- Re: CVE Request: Squashfs 4.2 Race Condition Jihyeok Seo (Dec 30)
- Re: Re: CVE Request: Squashfs 4.2 Race Condition Jeremy Stanley (Dec 31)
- Re: CVE Request: Squashfs 4.2 Race Condition Jihyeok Seo (Dec 30)
- Re: CVE request: pngcrush-1.3.35 through 1.7.88 segfault when run with "-loco" option cve-assign (Dec 31)
- Re: CVE request: pngcrush-1.3.35 through 1.7.88 segfault when run with "-loco" option Glenn Randers-Pehrson (Dec 31)