oss-sec: by thread
199 messages
starting Jan 01 19 and
ending Mar 28 19
Date index |
Thread index |
Author index
- wget / chromium: URL metadata and potential password leaks via extended filesystem attributes Hanno Böck (Jan 01)
- Re: Asserts considered harmful (or GMP spills its sensitive information) Matthew Fernandez (Jan 01)
- Disabling ptrace (was Re: [oss-security] Asserts considered harmful (or GMP spills its sensitive information)) Niels Möller (Jan 01)
- Re: Disabling ptrace Jakub Wilk (Jan 02)
- Re: Disabling ptrace Niels Möller (Jan 02)
- Re: Disabling ptrace Jakub Wilk (Jan 02)
- <Possible follow-ups>
- Re: Asserts considered harmful (or GMP spills its sensitive information) Niels Möller (Jan 01)
- Re: Re: Asserts considered harmful (or GMP spills its sensitive information) Simon McVittie (Jan 01)
- Re: Re: Asserts considered harmful (or GMP spills its sensitive information) halfdog (Jan 01)
- Re: Re: Asserts considered harmful (or GMP spills its sensitive information) Jeffrey Walton (Jan 02)
- Re: Re: Asserts considered harmful (or GMP spills its sensitive information) halfdog (Jan 02)
- Re: Re: Asserts considered harmful (or GMP spills its sensitive information) Simon McVittie (Jan 01)
- Re: Asserts considered harmful (or GMP spills its sensitive information) Vincent Lefevre (Jan 01)
- Re: Asserts considered harmful (or GMP spills its sensitive information) Niels Möller (Jan 01)
- Re: Asserts considered harmful (or GMP spills its sensitive information) Torbjörn Granlund (Jan 01)
- Re: Asserts considered harmful (or GMP spills its sensitive information) Jeffrey Walton (Jan 01)
- Re: Asserts considered harmful (or GMP spills its sensitive information) Jeffrey Walton (Jan 01)
- Re: Asserts considered harmful (or GMP spills its sensitive information) Niels Möller (Jan 06)
- Re: Asserts considered harmful (or GMP spills its sensitive information) Jeffrey Walton (Jan 06)
- Re: Asserts considered harmful (or GMP spills its sensitive information) Niels Möller (Jan 01)
- Re: Asserts considered harmful (or GMP spills its sensitive information) halfdog (Jan 01)
- Re: Asserts considered harmful (or GMP spills its sensitive information) Marco Bodrato (Jan 03)
- Re: Asserts considered harmful (or GMP spills its sensitive information) Jeffrey Walton (Jan 03)
- Re: Asserts considered harmful (or GMP spills its sensitive information) Torbjörn Granlund (Jan 03)
- Re: Asserts considered harmful (or GMP spills its sensitive information) Jeffrey Walton (Jan 03)
- Re: Asserts considered harmful (or GMP spills its sensitive information) Jeffrey Walton (Jan 03)
- Disabling ptrace (was Re: [oss-security] Asserts considered harmful (or GMP spills its sensitive information)) Niels Möller (Jan 01)
- aria2 leaks passwords for HTTP based authentication Dhiraj Mishra (Jan 02)
- Django security releases issued: 2.1.5, 2.0.10, and 1.11.18 Tim Graham (Jan 04)
- [SECURITY] New security advisory for CVE-2018-11788 released for Apache Karaf Jean-Baptiste Onofré (Jan 06)
- New pagecache based sidechannel attack published Marcus Meissner (Jan 06)
- Re: New pagecache based sidechannel attack published Marcus Meissner (Jan 07)
- [SECURITY] CVE-2018-1320 Announcement James E. King III (Jan 07)
- Re: [SECURITY] CVE-2018-1320 Apache Thrift SASL negotiation vulnerability (update) James E. King III (Mar 13)
- [SECURITY] CVE-2018-11798 Announcement James E. King III (Jan 07)
- Sandbox bypass in multiple Jenkins plugins Daniel Beck (Jan 08)
- Re: Sandbox bypass in multiple Jenkins plugins Daniel Beck (Jan 23)
- Linux Kernel 4.20(21) deadlock vulnerability. Entropy Moe (Jan 08)
- Re: Linux Kernel 4.20(21) deadlock vulnerability. Eric Dumazet (Jan 08)
- Re: Re: Linux Kernel 4.20(21) deadlock vulnerability. Michael Ellerman (Jan 09)
- Re: Linux Kernel 4.20(21) deadlock vulnerability. Greg KH (Jan 08)
- Re: Linux Kernel 4.20(21) deadlock vulnerability. Entropy Moe (Jan 08)
- Re: Linux Kernel 4.20(21) deadlock vulnerability. Greg KH (Jan 08)
- Re: Linux Kernel 4.20(21) deadlock vulnerability. Entropy Moe (Jan 08)
- Re: Linux Kernel 4.20(21) deadlock vulnerability. Entropy Moe (Jan 08)
- Re: Linux Kernel 4.20(21) deadlock vulnerability. Eric Dumazet (Jan 08)
- KASAN stack out of bound bug Entropy Moe (Jan 08)
- Re: KASAN stack out of bound bug Entropy Moe (Jan 08)
- Re: KASAN stack out of bound bug Greg KH (Jan 08)
- Re: KASAN stack out of bound bug Entropy Moe (Jan 08)
- Re: KASAN stack out of bound bug Eric Dumazet (Jan 08)
- Re: KASAN stack out of bound bug Entropy Moe (Jan 08)
- Re: KASAN stack out of bound bug Entropy Moe (Jan 08)
- Xen Security Advisory 277 v3 (CVE-2018-19964) - x86: incorrect error handling for guest p2m page removals Xen . org security team (Jan 08)
- Xen Security Advisory 279 v3 (CVE-2018-19965) - x86: DoS from attempting to use INVPCID with a non-canonical addresses Xen . org security team (Jan 08)
- Xen Security Advisory 276 v3 (CVE-2018-19963) - resource accounting issues in x86 IOREQ server handling Xen . org security team (Jan 08)
- Xen Security Advisory 280 v3 (CVE-2018-19966) - Fix for XSA-240 conflicts with shadow paging Xen . org security team (Jan 08)
- Xen Security Advisory 275 v3 (CVE-2018-19961,CVE-2018-19962) - insufficient TLB flushing / improper large page mappings with AMD IOMMUs Xen . org security team (Jan 08)
- Xen Security Advisory 282 v2 (CVE-2018-19967) - guest use of HLE constructs may lock up host Xen . org security team (Jan 08)
- RCE, CSRF and Information leak vulnerabilities against Airflow <= 1.8.2 (CVE-2017-15720, CVE-2017-17835, CVE-2017-17836) Ash Berlin-Taylor (Jan 08)
- CVE-2018-20245: Apache Airflow LDAP auth backend did not validate SSL certificate for <= 1.10.0 Ash Berlin-Taylor (Jan 08)
- Fastbin double free issue in MP4v2 2.0.0 Purushottam Choudhary (Jan 09)
- System Down: A systemd-journald exploit Qualys Security Advisory (Jan 09)
- Irssi 1.1.2: CVE-2019-5882 Ailin Nemui (Jan 10)
- X41 D-Sec GmbH Security Advisory X41-2018-009: ReDoS Vulnerability in UA-Parser X41 D-Sec GmbH Advisories (Jan 10)
- [CVE-2018-17198] Server-side Request Forgery (SSRF) and File Enumeration vulnerability in Apache Roller Dave (Jan 11)
- Linux kernel: Bluetooth: two remote infoleaks (CVE-2019-3459, CVE-2019-3460) Solar Designer (Jan 11)
- Re: Linux kernel: Bluetooth: two remote infoleaks (CVE-2019-3459, CVE-2019-3460) Michael Ellerman (Jan 14)
- Memory leak in libiec61850 protocol Dhiraj Mishra (Jan 11)
- Memory leak in libiec61850 Dhiraj Mishra (Jan 11)
- NULL pointer dereference in lib60870 protocol Dhiraj Mishra (Jan 11)
- SEGV in libIEC61850 protocol Dhiraj Mishra (Jan 11)
- SCP client multiple vulnerabilities Harry Sintonen (Jan 14)
- CVE-2018-16886 etcd: Improper Authentication in auth/store.go:AuthInfoFromTLS() via gRPC-gateway Paul Harvey (Jan 14)
- Statistics for distros lists updated for 2018Q4 Kristian Fiskerstrand (Jan 14)
- Heap based buffer overflow in wolfSSL Dhiraj Mishra (Jan 16)
- Re: Heap based buffer overflow in wolfSSL Alexander Potapenko (Jan 16)
- CVE-2018-11790: Apache OpenOffice: Arithmetic overflow and wrap around during string length calculation Peter Kovacs (Jan 16)
- Multiple vulnerabilities in Jenkins Daniel Beck (Jan 16)
- Re: Multiple vulnerabilities in Jenkins Daniel Beck (Jan 23)
- <Possible follow-ups>
- Re: Multiple vulnerabilities in Jenkins Daniel Beck (Jan 23)
- Apache web server use after free bugs (unfixed) Hanno Böck (Jan 21)
- Re: Apache web server use after free bugs (unfixed) Florian Weimer (Jan 21)
- Re: Apache web server use after free bugs (unfixed) Craig Young (Jan 21)
- Re: Apache web server use after free bugs (unfixed) Florian Weimer (Jan 21)
- GattLib 0.2 has a stack-based buffer - CVE-2019-6498 Dhiraj Mishra (Jan 21)
- Unfixed FreeBSD uninitialized memory disclosures Vlad Tsyrklevich (Jan 21)
- Xen Security Advisory 289 v2 - Spectre V1 gadgets exploitable with L1TF Xen . org security team (Jan 21)
- PowerDNS Security Advisories 2011-01 and 2019-02 Remi Gacogne (Jan 21)
- Xen Security Advisory 289 v3 - Cache-load gadgets exploitable with L1TF Xen . org security team (Jan 21)
- Re: Re: ghostscript: 1Policy operator gives access to .forceput CVE-2018-18284 Thomas Jarosch (Jan 22)
- CVE-2018-17189: mod_http2, DoS via slow, unneeded request bodies Daniel Ruggeri (Jan 22)
- CVE-2018-17199: mod_session_cookie does not respect expiry time Daniel Ruggeri (Jan 22)
- CVE-2019-0190: mod_ssl 2.4.37 remote DoS when used with OpenSSL 1.1.1 Daniel Ruggeri (Jan 22)
- [CVE-2018-11803] Apache Subversion Denial of Service Vulnerability Troy Curtis (Jan 23)
- ghostscript: subroutines within pseudo-operators must themselves be pseudo-operators Tavis Ormandy (Jan 23)
- Linux Kernel: Missing access_ok() checks in IOCTL function (gpu/drm/i915 Driver) Timothy Michaud (Jan 23)
- Re: Linux Kernel: Missing access_ok() checks in IOCTL function (gpu/drm/i915 Driver) Yves-Alexis Perez (Jan 24)
- <Possible follow-ups>
- Re: Linux Kernel: Missing access_ok() checks in IOCTL function (gpu/drm/i915 Driver) Ben Hutchings (Feb 07)
- Re: Linux Kernel: Missing access_ok() checks in IOCTL function (gpu/drm/i915 Driver) Timothy Michaud (Feb 07)
- CVE-2019-6501 QEMU: scsi-generic: possible OOB access while handling inquiry request P J P (Jan 23)
- CVE-2018-1340: Apache Guacamole: Secure flag missing from session cookie Mike Jumper (Jan 23)
- Re: CVE-2018-1340: Apache Guacamole: Secure flag missing from session cookie Salvatore Bonaccorso (Feb 01)
- Re: CVE-2018-1340: Apache Guacamole: Secure flag missing from session cookie Mike Jumper (Feb 02)
- Re: CVE-2018-1340: Apache Guacamole: Secure flag missing from session cookie Salvatore Bonaccorso (Feb 02)
- Re: CVE-2018-1340: Apache Guacamole: Secure flag missing from session cookie Mike Jumper (Feb 02)
- Re: CVE-2018-1340: Apache Guacamole: Secure flag missing from session cookie Salvatore Bonaccorso (Feb 01)
- CVE-2018-1296: Apache Hadoop HDFS Permissive listXAttr Authorization Akira Ajisaka (Jan 23)
- CVE-2019-6778 QEMU: slirp: heap buffer overflow in tcp_emu() P J P (Jan 24)
- CVE-2018-16880 Linux kernel: oob-write in drivers/vhost/net.c:get_rx_bufs() Vladis Dronov (Jan 25)
- Multiple vulnerabilities in Jenkins plugins Daniel Beck (Jan 28)
- Re: Multiple vulnerabilities in Jenkins plugins Daniel Beck (Feb 06)
- <Possible follow-ups>
- Multiple vulnerabilities in Jenkins plugins Daniel Beck (Feb 19)
- Re: Multiple vulnerabilities in Jenkins plugins Daniel Beck (Feb 23)
- Multiple vulnerabilities in Jenkins plugins Daniel Beck (Mar 06)
- Multiple vulnerabilities in Jenkins plugins Daniel Beck (Mar 25)
- Re: Multiple vulnerabilities in Jenkins plugins Daniel Beck (Mar 25)
- Re: Multiple vulnerabilities in Jenkins plugins Daniel Beck (Mar 28)
- CVE-2019-3813: spice: Off-by-one error in array access in spice/server/memslot.c Scott Gayou (Jan 28)
- Re: CVE-2019-3813: spice: Off-by-one error in array access in spice/server/memslot.c Peter Korsgaard (Jan 28)
- CVE-2018-11760: Apache Spark local privilege escalation vulnerability Imran Rashid (Jan 29)
- [CVE-2018-14013] Reflected Cross-Site Scripting (XSS) vulnerabilities in Zimbra Collaboration Sysdream Labs (Jan 30)
- [CVE-2018-20242] Apache JSPWiki Cross-site scripting vulnerability on Apache JSPWiki Juan Pablo Santos Rodríguez (Jan 31)
- Re: [CVE-2018-20242] Apache JSPWiki Cross-site scripting vulnerability on Apache JSPWiki Henri Salo (Jan 31)
- Re: [CVE-2018-20242] Apache JSPWiki Cross-site scripting vulnerability on Apache JSPWiki Juan Pablo Santos Rodríguez (Feb 01)
- Re: [CVE-2018-20242] Apache JSPWiki Cross-site scripting vulnerability on Apache JSPWiki Henri Salo (Jan 31)
- Linux kernel: BPF spectre v1 mitigation bypass (CVE-2019-7308, fixed in 4.19.19 and 4.20.6) Jann Horn (Feb 02)
- CVE-2019-3814: Suitable client certificate can be used to login as other user Aki Tuomi (Feb 05)
- Notes on fuzzing ImageMagick and GraphicsMagick Alex Gaynor (Feb 05)
- Re: Notes on fuzzing ImageMagick and GraphicsMagick Hanno Böck (Feb 06)
- [SECURITY ADVISORY] curl: NTLM type-2 out-of-bounds buffer read Daniel Stenberg (Feb 05)
- [SECURITY ADVISORY] curl: NTLMv2 type-3 header stack buffer overflow Daniel Stenberg (Feb 05)
- [SECURITY ADVISORY] curl: SMTP end-of-response out-of-bounds read Daniel Stenberg (Feb 05)
- CVE-2019-7628: Pagure version 5.2 leaks API keys by e-mail Randy Barlow (Feb 08)
- WebKitGTK+ and WPE WebKit Security Advisory WSA-2019-0001 Michael Catanzaro (Feb 09)
- CVE-2019-6975 -- Django fixed memory exhaustion in utils.numberformat.format(). Carlton Gibson (Feb 11)
- CVE-2019-5736: runc container breakout (all versions) Aleksa Sarai (Feb 11)
- Re: CVE-2019-5736: runc container breakout (all versions) Florian Weimer (Feb 12)
- Re: CVE-2019-5736: runc container breakout (all versions) Aleksa Sarai (Feb 12)
- Re: CVE-2019-5736: runc container breakout (all versions) Steve Grubb (Feb 12)
- Re: CVE-2019-5736: runc container breakout (all versions) Aleksa Sarai (Feb 12)
- Re: CVE-2019-5736: runc container breakout (all versions) Solar Designer (Feb 12)
- Re: CVE-2019-5736: runc container breakout (all versions) Aleksa Sarai (Feb 13)
- Re: CVE-2019-5736: runc container breakout (all versions) Loganaden Velvindron (Feb 13)
- Re: CVE-2019-5736: runc container breakout (all versions) Aleksa Sarai (Feb 13)
- Re: CVE-2019-5736: runc container breakout (all versions) Aleksa Sarai (Feb 13)
- Re: CVE-2019-5736: runc container breakout (all versions) Florian Weimer (Feb 12)
- Two more LXC breakouts (both privileged), apparmor issue? Alexander E. Patrakov (Feb 12)
- CVE-2017-3164: Apache Solr: SSRF issue Tomas Fernandez Lobbe (Feb 12)
- CVE-2019-5736: runc container breakout exploit code Aleksa Sarai (Feb 13)
- Re: CVE-2019-5736: runc container breakout exploit code EJ Campbell (Feb 13)
- Re: CVE-2019-5736: runc container breakout exploit code Aleksa Sarai (Feb 13)
- Re: CVE-2019-5736: runc container breakout exploit code Aleksa Sarai (Feb 13)
- Re: CVE-2019-5736: runc container breakout exploit code EJ Campbell (Feb 13)
- Re: CVE-2019-5736: runc container breakout exploit code Aleksa Sarai (Feb 13)
- Re: CVE-2019-5736: runc container breakout exploit code EJ Campbell (Feb 13)
- [CVE-2018-11783] Apache Traffic Server vulnerability with sslheader plugin Bryan Call (Feb 13)
- Railroader: static analysis tool for Ruby on Rails (OSS fork of Brakeman) David A. Wheeler (Feb 13)
- MatrixSSL stack buffer overflow Tavis Ormandy (Feb 14)
- CVE-2019-3812 - qemu - Out-of-bounds read in hw/i2c/i2c-ddc.c allows for memory disclosure Wade Mealing (Feb 17)
- Linux kernel: three KVM bugs (CVE-2019-6974, CVE-2019-7221, CVE-2019-7222) Jann Horn (Feb 18)
- CVE-2019-6454: systemd (PID1) crash with specially crafted D-Bus message Chris Coulson (Feb 18)
- Re: CVE-2019-6454: systemd (PID1) crash with specially crafted D-Bus message Simon McVittie (Feb 19)
- CVE-2019-8934 QEMU: ppc64: sPAPR emulator leaks the host hardware identity P J P (Feb 21)
- Kernel local root in SCTP / CVE-2019-8956 Marcus Meissner (Feb 21)
- CVE-2018-1002161 - Koji - SQL injection in multiple remote calls Patrick Uiterwijk (Feb 21)
- Multiple BIND CVEs disclosed (CVE-2018-5744, CVE-2018-5745, CVE-2019-6465) Michael McNally (Feb 21)
- Xen Security Advisory 283 v2 - Withdrawn Xen Security Advisory number Xen . org security team (Feb 22)
- ikiwiki: CVE-2019-9187: Server-side request forgery Simon McVittie (Feb 28)
- Squirrelmail XSS Fixes Hanno Böck (Mar 01)
- Re: Squirrelmail XSS Fixes Hanno Böck (Mar 01)
- [SECURITY] CVE-2019-0200: Apache Qpid Broker-J Denial of Service due to malformed AMQP 0-8 to 0-10 commands Alex Rudyy (Mar 01)
- [SECURITY] CVE-2019-0187: Apache JMeter Missing client auth for RMI connection when distributed test is used Philippe Mouawad (Mar 02)
- Open Redirect in Tiny Tiny RSS (tt-rss) Hanno Böck (Mar 03)
- Re: Open Redirect in Tiny Tiny RSS (tt-rss) Mark Steward (Mar 03)
- CVE-2018-11793: Mesos components might crash when parsing deeply nested JSON structures. Alex R (Mar 04)
- Xen Security Advisory 284 v2 - grant table transfer issues on large hosts Xen . org security team (Mar 05)
- Xen Security Advisory 285 v2 - race with pass-through device hotplug Xen . org security team (Mar 05)
- Xen Security Advisory 291 v2 - x86/PV: page type reference counting issue with failed IOMMU update Xen . org security team (Mar 05)
- Xen Security Advisory 287 v2 - x86: steal_page violates page_struct access discipline Xen . org security team (Mar 05)
- Xen Security Advisory 292 v2 - x86: insufficient TLB flushing when using PCID Xen . org security team (Mar 05)
- Xen Security Advisory 288 v2 - x86: Inconsistent PV IOMMU discipline Xen . org security team (Mar 05)
- Xen Security Advisory 290 v2 - missing preemption in x86 PV page table unvalidation Xen . org security team (Mar 05)
- Xen Security Advisory 293 v3 - x86: PV kernel context switch corruption Xen . org security team (Mar 05)
- Xen Security Advisory 294 v2 - x86 shadow: Insufficient TLB flushing when using PCID Xen . org security team (Mar 05)
- Linux kernel: OOB R/W in SNMP NAT module (CVE-2019-9162); virtual address 0 mappable (CVE-2019-9213) Jann Horn (Mar 06)
- Transient execution attacks leveraging port contention Mathias Payer (Mar 06)
- CVE-2019-0192 Deserialization of untrusted data via jmx.serviceUrl in Apache Solr Tomas Fernandez Lobbe (Mar 07)
- [CVE-2018-11789] Apache Incubator Heron file access vulnerability Neng Lu (Mar 07)
- [SECURITY] New security advisory for CVE-2019-0191 released for Apache Karaf Jean-Baptiste Onofré (Mar 07)
- CVE-2018-11767: Apache Hadoop KMS ACL regression Akira Ajisaka (Mar 11)
- Stack/Heap Clashing on Linux >=4.13 when loader directly invoked Ali Saidi (Mar 13)
- [CVE-2019-5420] Possible Remote Code Execution Exploit in Rails Development Mode Aaron Patterson (Mar 13)
- [CVE-2019-5419] Denial of Service Vulnerability in Action View Aaron Patterson (Mar 13)
- [CVE-2019-5418] File Content Disclosure in Action View Aaron Patterson (Mar 13)
- libseccomp: incorrect generation of syscall argument filters Paul Moore (Mar 15)
- Fwd: [ANNOUNCE] libXdmcp 1.1.3 [fix for CVE-2017-2625] Alan Coopersmith (Mar 16)
- CVE-2019-9573 / CVE-2019-9574: WordPress plugin hrm missing server side authorization checks Henri Salo (Mar 17)
- CVE-2019-9824 QEMU: Slirp: information leakage in tcp_emu() due to uninitialized stack variables P J P (Mar 18)
- [OSSA-2019-001] Unsupported dport option prevents applying security groups in OpenStack Neutron (CVE-2019-9735) Jeremy Stanley (Mar 18)
- [SECURITY ADVISORIES] libssh2 Daniel Stenberg (Mar 18)
- Re: [SECURITY ADVISORIES] libssh2 Riccardo Schirone (Mar 19)
- PowerDNS Security Advisory 2019-03 Erik Winkels (Mar 18)
- ghostscript: 2 -dSAFER bypass: CVE-2019-3835 & CVE-2019-3838 Cedric Buissart (Mar 21)
- [CVE-2019-5418] Amendment: Possible Remote Code Execution Exploit in Action View Aaron Patterson (Mar 22)
- CVE-2019-0204: Some Mesos components can be overwritten making arbitrary code execution possible. Alex R (Mar 23)
- [CVE-2019-0224] Apache JSPWiki Cross-site scripting vulnerability Juan Pablo Santos Rodríguez (Mar 26)
- [CVE-2019-0225] Apache JSPWiki Local File Inclusion (limited ROOT folder) vulnerability leads to user information disclosure Juan Pablo Santos Rodríguez (Mar 26)
- CVE-2018-20815 QEMU: device_tree: heap buffer overflow while loading device tree blob P J P (Mar 27)
- [ANNOUNCE] CVE-2019-0222 - Apache ActiveMQ: Corrupt MQTT frame can cause broker shutdown Dejan Bosanac (Mar 27)
- [CVE-2019-0212] Apache HBase REST Server incorrect user authorization Josh Elser (Mar 27)
- CVE-2019-7524: Buffer overflow when reading extension header from dovecot index files Aki Tuomi (Mar 28)