oss-sec: by thread
219 messages
starting Apr 01 20 and
ending Jun 30 20
Date index |
Thread index |
Author index
- Re: pam-krb5 security advisory (4.9 and earlier) Jason Bishop (Apr 01)
- CVE-2020-1954: Apache CXF JMX Integration is vulnerable to a MITM attack Colm O hEigeartaigh (Apr 01)
- CVE-2019-11254: Kubernetes: denial of service vulnerability from malicious YAML payloads CJ Cullen (Apr 01)
- CVE-2020-1927: mod_rewrite configurations vulnerable to open redirect Daniel Ruggeri (Apr 01)
- Re: CVE-2020-1927: mod_rewrite configurations vulnerable to open redirect Alan Coopersmith (Apr 03)
- Re: CVE-2020-1927: mod_rewrite configurations vulnerable to open redirect Daniel Ruggeri (Apr 04)
- Re: CVE-2020-1927: mod_rewrite configurations vulnerable to open redirect Alan Coopersmith (Apr 03)
- CVE-2020-1934: mod_proxy_ftp use of uninitialized value Daniel Ruggeri (Apr 01)
- [CVE-2020-1958]: Apache Druid LDAP injection vulnerability Jonathan Wei (Apr 01)
- Deficient engineering processes Jeffrey Walton (Apr 01)
- Re: Deficient engineering processes Michael Orlitzky (Apr 01)
- Re: Deficient engineering processes Russ Allbery (Apr 01)
- Re: Deficient engineering processes Seth Arnold (Apr 01)
- Re: Deficient engineering processes Ulisses Albuquerque (Apr 02)
- Re: Deficient engineering processes Reed Black (Apr 02)
- CVE-2020-11102 QEMU: tulip: OOB access in tulip_copy_tx_buffers P J P (Apr 06)
- CVE-2020-8834: Linux kernel Power8 conflicting use of HSTATE_HOST_R1 vulnerability Steve Beattie (Apr 06)
- CVE-2020-1760 ceph: header-splitting in RGW GetObject has a possible XSS Hardik Vyas (Apr 07)
- CVE-2020-1759 ceph: secure mode of msgr2 breaks both confidentiality and integrity aspects for long-lived sessions Hardik Vyas (Apr 07)
- Multiple vulnerabilities in Jenkins plugins Daniel Beck (Apr 07)
- <Possible follow-ups>
- Multiple vulnerabilities in Jenkins plugins Daniel Beck (Apr 16)
- Multiple vulnerabilities in Jenkins plugins Daniel Beck (May 06)
- Multiple vulnerabilities in Jenkins plugins Daniel Beck (Jun 03)
- Re: [CVE-2019-16782] Possible Information Leak / Session Hijack Vulnerability in Rack Brian May (Apr 08)
- Re: [CVE-2019-16782] Possible Information Leak / Session Hijack Vulnerability in Rack Stuart D Gathman (Apr 09)
- libssh - CVE-2020-1730 Huzaifa Sidhpurwala (Apr 09)
- Xen Security Advisory 313 v3 (CVE-2020-11740,CVE-2020-11741) - multiple xenoprof issues Xen . org security team (Apr 14)
- Xen Security Advisory 314 v3 (CVE-2020-11739) - Missing memory barriers in read-write unlock paths Xen . org security team (Apr 14)
- Xen Security Advisory 316 v3 (CVE-2020-11743) - Bad error path in GNTTABOP_map_grant Xen . org security team (Apr 14)
- Xen Security Advisory 318 v3 (CVE-2020-11742) - Bad continuation handling in GNTTABOP_copy Xen . org security team (Apr 14)
- CVE-2020-11669: Linux kernel 4.10 to 5.1: powerpc: guest can cause DoS on POWER9 KVM hosts Andrew Donnellan (Apr 15)
- Re: CVE-2020-11669: Linux kernel 4.10 to 5.1: powerpc: guest can cause DoS on POWER9 KVM hosts Michal Suchánek (Apr 15)
- Re: CVE-2020-11669: Linux kernel 4.10 to 5.1: powerpc: guest can cause DoS on POWER9 KVM hosts Paul Mackerras (Apr 15)
- Re: CVE-2020-11669: Linux kernel 4.10 to 5.1: powerpc: guest can cause DoS on POWER9 KVM hosts Michal Suchánek (Apr 15)
- CVE-2020-2771, CVE-2020-2851, CVE-2020-2944 - Multiple vulnerabilities in Oracle Solaris Marco Ivaldi (Apr 15)
- CVE-2020-10942 Kernel: vhost-net: stack overflow in get_raw_socket while checking sk_family field P J P (Apr 15)
- CVE-2020-5260: Git: malicious URLs may cause Git to present stored credentials to the wrong server Solar Designer (Apr 15)
- CVE-2020-1964: Apache Heron (incubating) information disclosure vulnerability Josh Fischer (Apr 15)
- WebKitGTK and WPE WebKit Security Advisory WSA-2020-0004 Carlos Alberto Lopez Perez (Apr 16)
- CVE-2020-10708 kernel: race condition in kernel/audit.c may allow low privilege users trigger kernel panic 陈伟宸(田各) (Apr 17)
- re2c: heap overflow in Scanner::fill (scanner.cc) Agostino Sarubbo (Apr 19)
- Re: re2c: heap overflow in Scanner::fill (scanner.cc) Henri Salo (Apr 19)
- Re: re2c: heap overflow in Scanner::fill (scanner.cc) Henri Salo (Apr 21)
- CVE-2020-11008: Git: Malicious URLs can still cause Git to send a stored credential to the wrong server Taylor Blau (Apr 20)
- CVE-2020-10690 kernel: use-after-free in cdev_put() when a PTP device is removed while it's chardev is open Rohit Keshri (Apr 21)
- Pacman package manager - taking untrusted input jellicent () protonmail com (Apr 21)
- Re: Pacman package manager - taking untrusted input Santiago Torres (Apr 21)
- Re: Pacman package manager - taking untrusted input Amin Vakil (Apr 21)
- Re: Pacman package manager - taking untrusted input jellicent () protonmail com (Apr 21)
- Re: Pacman package manager - taking untrusted input Simon McVittie (Apr 21)
- Re: Pacman package manager - taking untrusted input Jelle van der Waa (Apr 21)
- Re: Pacman package manager - taking untrusted input Morten Linderud (Apr 21)
- Re: Pacman package manager - taking untrusted input Eli Schwartz (Apr 22)
- [CVE-2020-1967] OpenSSL 1.1.1d+ Segmentation fault in SSL_check_chain Mark J Cox (Apr 22)
- [ADVISORY] SQUID-2019:12 Multiple issues in ESI Response processing Amos Jeffries (Apr 23)
- [ADVISORY] SQUID-2020:4 Multiple issues in HTTP Digest authentication Amos Jeffries (Apr 23)
- spoofing of local email sender via a homoglyph attack PromiseLabs Pentest Research (Apr 23)
- Re: spoofing of local email sender via a homoglyph attack Solar Designer (Apr 23)
- Re: spoofing of local email sender via a homoglyph attack PromiseLabs Pentest Research (Apr 23)
- Re: spoofing of local email sender via a homoglyph attack Solar Designer (Apr 23)
- Re: spoofing of local email sender via a homoglyph attack PromiseLabs Pentest Research (Apr 23)
- Re: spoofing of local email sender via a homoglyph attack Solar Designer (Apr 23)
- Re: spoofing of local email sender via a homoglyph attack Jeremy Stanley (Apr 23)
- Re: spoofing of local email sender via a homoglyph attack John Haxby (Apr 23)
- Re: spoofing of local email sender via a homoglyph attack Wietse Venema (Apr 23)
- Re: spoofing of local email sender via a homoglyph attack Claus Assmann (Apr 23)
- Re: spoofing of local email sender via a homoglyph attack Stuart D. Gathman (Apr 23)
- Re: spoofing of local email sender via a homoglyph attack PromiseLabs Pentest Research (Apr 23)
- Re: spoofing of local email sender via a homoglyph attack Solar Designer (Apr 23)
- Exuberant Ctags and x2vpn format string vulnerabilities Jasper Lievisse Adriaanse (Apr 23)
- Re: mailman 2.x: XSS via file attachments in list archives Stefan Cornelius (Apr 23)
- Re: mailman 2.x: XSS via file attachments in list archives Salvatore Bonaccorso (Apr 24)
- [CVE-2020-9489] Denial of Service (DOS) Vulnerabilities in Some of Apache Tika's Parsers Tim Allison (Apr 24)
- CVE-2020-11869 qemu: integer overflow in ati_2d_blt() in hw/display/ati-2d.c could lead to DoS Mauro Matteo Cascella (Apr 24)
- [CVE-2020-9488] Improper validation of certificate with host mismatch in Apache Log4j SMTP appender Matt Sicker (Apr 25)
- [CVE-2020-1952] Apache IoTDB (incubating) Remote Code execution vulnerability Dawei Liu (Apr 27)
- re2c: infinite loop Agostino Sarubbo (Apr 27)
- Re: re2c: infinite loop Agostino Sarubbo (May 14)
- WebKitGTK and WPE WebKit Security Advisory WSA-2020-0005 Carlos Alberto Lopez Perez (Apr 27)
- [CVE-2020-9482] Apache NiFi Registry user log out issue Nathan Gough (Apr 27)
- Check your pre/post install scripts in rpm/deb/... packages for security issues Johannes Segitz (Apr 30)
- Re: Check your pre/post install scripts in rpm/deb/... packages for security issues Michael Orlitzky (Apr 30)
- [CVE-2019-12425] Apache OFBiz Host Header Injection Jacques Le Roux (Apr 30)
- [CVE-2019-0235 ] Apache OFBiz multiple CSRF vulnerabilities Jacques Le Roux (Apr 30)
- Linux kernel SELinux/netlink missing access check Paul Moore (Apr 30)
- [CVE-2019-17557] Enduser UI XSS Francesco Chicchiriccò (May 02)
- [CVE-2020-1959] Apache Syncope: Multiple Remote Code Execution Vulnerabilities Francesco Chicchiriccò (May 02)
- [CVE-2020-1961] Apache Syncope: Server-Side Template Injection on mail templates Francesco Chicchiriccò (May 02)
- CVE-2020-10717 QEMU: virtiofsd: guest may open maximum file descriptor to cause DoS P J P (May 03)
- [CVE-2020-12114] Linux kernel denial of service by corrupting mountpoint reference counter Piotr Krysiuk (May 04)
- Re: CoreOS leaving distros/linux-distros on May 26, handing off responsibilities Solar Designer (May 05)
- Re: CoreOS leaving distros/linux-distros on May 26, handing off responsibilities Igor Seletskiy (May 06)
- Re: CoreOS leaving distros/linux-distros on May 26, handing off responsibilities Benjamin Gilbert (May 07)
- Re: CoreOS leaving distros/linux-distros on May 26, handing off responsibilities Benjamin Gilbert (May 27)
- Re: CoreOS leaving distros/linux-distros on May 26, handing off responsibilities Vincent Batts (May 27)
- Re: CoreOS leaving distros/linux-distros on May 26, handing off responsibilities Benjamin Gilbert (May 27)
- CVE-2020-10732 kernel: uninitialized kernel data leak in userspace coredumps Wade Mealing (May 05)
- [OSSA-2020-003] Keystone: Keystone does not check signature TTL of the EC2 credential auth method (CVE PENDING) Gage Hugo (May 06)
- [OSSA-2020-004] Keystone: Keystone credential endpoints allow owner modification and are not protected from a scoped context (CVE PENDING) Gage Hugo (May 06)
- [OSSA-2020-005] Keystone: OAuth1 request token authorize silently ignores roles parameter (CVE PENDING) Gage Hugo (May 06)
- Linux kernel: two buffer overflow in the marvell wifi driver qing xu (May 08)
- Incentives for pre-release reporting Florian Weimer (May 08)
- Re: Incentives for pre-release reporting Henri Salo (May 08)
- [CVE-2018-1285] XXE vulnerability in Apache log4net Matt Sicker (May 10)
- oddjob: mkhomedir: CVE-2020-10737: race condition when copying skeleton tree Matthias Gerstner (May 11)
- [CVE-2020-1939] Apache NuttX optional/example ftpd program NULL pointer bug Brennan Ashton (May 11)
- CVE-2020-10711 Kernel: NetLabel: null pointer dereference while receiving CIPSO packet with null category P J P (May 12)
- [CVE-2020-1945] Apache Ant insecure temporary file vulnerability Stefan Bodewig (May 13)
- [CVE-2020-1960] Apache Flink JMX information disclosure vulnerability Chesnay Schepler (May 13)
- [CVE-2020-1941] XSS in ActiveMQ WebConsole Jean-Baptiste Onofre (May 13)
- Hypermail XSS via attachment Hanno Böck (May 14)
- XSS in BigBlueButton < 2.2.6 Hanno Böck (May 14)
- [SECURITY][CVE-2019-17572] Apache RocketMQ directory traversal vulnerability ShannonDing (May 14)
- CVE-2019-17562 buffer overflow in baremetal plugin. Daan Hoogland (May 14)
- [SECURITY] New security advisory CVE-2020-11971 released for Apache Camel Andrea Cosentino (May 14)
- [SECURITY] New security advisory CVE-2020-11972 released for Apache Camel Andrea Cosentino (May 14)
- Re: [SECURITY] New security advisory CVE-2020-11972 released for Apache Camel Andrea Cosentino (May 14)
- [SECURITY] New security advisory CVE-2020-11973 released for Apache Camel Andrea Cosentino (May 14)
- Python Beaker - Deserialization of Untrasted Data which can lead to Arbitrary code execution Matheus Bratfisch (May 14)
- [test case][kunit] CVE-2020-10711 Kernel netLabel Singh, Balbir (May 15)
- Re: [test case][kunit] CVE-2020-10711 Kernel netLabel P J P (May 14)
- Re: [test case][kunit] CVE-2020-10711 Kernel netLabel Singh, Balbir (May 15)
- Re: [test case][kunit] CVE-2020-10711 Kernel netLabel P J P (May 14)
- Multiple vulnerabilities in Dovecot IMAP server Aki Tuomi (May 18)
- DPDK security advisory for multiple vhost related issues Ferruh Yigit (May 18)
- CVE-2020-10736 ceph: authorization bypass in monitor and manager daemons Hardik Vyas (May 19)
- [CVE-2020-12667] Knot Resolver 5.1.1 NXNSAttack mitigation Petr Špaček (May 19)
- PowerDNS Recursor 4.3.1, 4.2.2. and 4.1.16 released fixing multiple vulnerabilities Otto Moerbeek (May 19)
- Two vulnerabilities disclosed in BIND (CVE-2020-8616 and CVE-2020-8617) ISC Security Officer (May 19)
- Unbound - CVE-2020-12662, CVE-2020-12663 Ralph Dolmans (May 19)
- CVE-2020-12888 Kernel: vfio: access to disabled MMIO space of some devices may lead to DoS scenario P J P (May 19)
- [CVE-2020-1955] Apache CouchDB Remote Privilege Escalation Jan Lehnardt (May 19)
- Remote Code Execution in qmail (CVE-2005-1513) Qualys Security Advisory (May 19)
- Re: Remote Code Execution in qmail (CVE-2005-1513) Georgi Guninski (May 20)
- Re: Remote Code Execution in qmail (CVE-2005-1513) Qualys Security Advisory (May 20)
- Re: Remote Code Execution in qmail (CVE-2005-1513) Qualys Security Advisory (Jun 16)
- Re: Remote Code Execution in qmail (CVE-2005-1513) Georgi Guninski (May 20)
- qmail: short/int vs. gid_t Qualys Security Advisory (May 19)
- [CVE-2020-1956] Apache Kylin command injection vulnerability George Ni (May 19)
- Multiple Security Issues in the TrouSerS tpm1.2 tscd Daemon Matthias Gerstner (May 20)
- CVE-2020-9484 Apache Tomcat Remote Code Execution via session persistence Mark Thomas (May 20)
- Short notes on qmail security guarantee Georgi Guninski (May 21)
- Re: Short notes on qmail security guarantee Solar Designer (May 22)
- Re: Short notes on qmail security guarantee Michal Zalewski (May 22)
- Re: Short notes on qmail security guarantee Georgi Guninski (May 22)
- Re: Short notes on qmail security guarantee Arrigo Triulzi (May 22)
- Re: Short notes on qmail security guarantee Perry E. Metzger (May 22)
- Re: Short notes on qmail security guarantee Jeffrey Walton (May 22)
- Re: Short notes on qmail security guarantee Solar Designer (May 22)
- Announce: OpenSSH 8.3 released Damien Miller (May 26)
- CVE-2020-13253 QEMU: sd: OOB access could crash the guest resulting in DoS P J P (May 27)
- CVE-2020-10751 - Linux kernel: SELinux netlink permission check bypass Ondrej Mosnacek (May 27)
- CVE-2020-13361 QEMU: es1370: OOB access due to incorrect frame count leads to DoS P J P (May 27)
- CVE-2020-13362 QEMU: megasas: OOB read access due to invalid index leads to DoS P J P (May 27)
- Exploitability of the integer overflows in djbdns 1.05? Georgi Guninski (Jun 01)
- Re: Exploitability of the integer overflows in djbdns 1.05? Solar Designer (Jun 01)
- Re: Exploitability of the integer overflows in djbdns 1.05? Georgi Guninski (Jun 02)
- Re: Exploitability of the integer overflows in djbdns 1.05? Georgi Guninski (Jun 03)
- Re: Exploitability of the integer overflows in djbdns 1.05? Solar Designer (Jun 01)
- CVE-2020-13659 QEMU: exec: address_space_map returns NULL without setting length to zero may lead to DoS P J P (Jun 01)
- CVE-2020-8555: Kubernetes: Half-Blind SSRF in kube-controller-manager Tim Allclair (Jun 01)
- Kubernetes: IPv4 only clusters susceptible to MitM attacks via IPv6 rogue router advertisements Joel Smith (Jun 01)
- CVE-2020-13754 QEMU: msix: OOB access during mmio operations may lead to DoS P J P (Jun 01)
- Django security releases issued: 3.0.7, and 2.2.13 for CVE-2020-13254 & CVE-2020-13596. Carlton Gibson (Jun 03)
- [CVE-2020-1963] Apache Ignite access to file system disclosure vulnerability Юрий (Jun 03)
- Grafana 6.7.4 and 7.0.2 released with fix for CVE-2020-13379 Richard Hartmann (Jun 03)
- Re: Grafana 6.7.4 and 7.0.2 released with fix for CVE-2020-13379 Richard Hartmann (Jun 09)
- CVE-2020-13765 QEMU: loader: OOB access while loading registered ROM may lead to code execution P J P (Jun 03)
- CVE-2020-13791 QEMU: ati-vga: OOB access while reading PCI configuration may lead to DoS P J P (Jun 03)
- CVE-2020-13800 QEMU: ati-vga: infinite recursion in ati_mm_read/write calls may lead to DoS P J P (Jun 03)
- CVE-2020-12049: dbus: denial of service via file descriptor leak Simon McVittie (Jun 04)
- CVE-2020-10757 Linux kernel: mremap hugepage mmaped DAX nvdimm may cause corrupted page table Fan Yang (Jun 04)
- linux-pam: pam_setquota.so vulnerability facilitated through fusermount setuid-root program Matthias Gerstner (Jun 04)
- xawtv: CVE-2020-13696: v4l-conf setuid-root program allows file existence tests and open(..., O_RDRW) on arbitrary files Matthias Gerstner (Jun 04)
- [SECURITY][ANNOUNCEMENT] Fix for CVE-2020-11975 in Apache Unomi 1.5.1 Serge Huber (Jun 05)
- CVE-2020-13881: pam_tacplus 1.3.8 through 1.5.1, the TACACS+ shared secret gets logged via syslog if configured with debug parameter Gollub, Daniel (Jun 08)
- hostapd: UPnP SUBSCRIBE misbehavior in hostapd WPS AP Jouni Malinen (Jun 08)
- CVE-2020-10761 QEMU: nbd: reachable assertion failure innbd_negotiate_send_rep_verr via remote client P J P (Jun 08)
- Xen Security Advisory 320 v1 (CVE-2020-0543) - Special Register Buffer speculative side channel Xen . org security team (Jun 09)
- kernel: Multiple SSBD related flaws CVE-2020-10766 , CVE-2020-10767, CVE-2020-10768 Wade Mealing (Jun 10)
- Re: kernel: Multiple SSBD related flaws CVE-2020-10766 , CVE-2020-10767, CVE-2020-10768 Greg KH (Jun 10)
- Re: kernel: Multiple SSBD related flaws CVE-2020-10766 , CVE-2020-10767, CVE-2020-10768 Wade Mealing (Jun 10)
- Re: kernel: Multiple SSBD related flaws CVE-2020-10766 , CVE-2020-10767, CVE-2020-10768 Monsieur Francis Perron (Jun 10)
- Re: kernel: Multiple SSBD related flaws CVE-2020-10766 , CVE-2020-10767, CVE-2020-10768 Greg KH (Jun 10)
- Xen Security Advisory 320 v2 (CVE-2020-0543) - Special Register Buffer speculative side channel Xen . org security team (Jun 11)
- adns (dns resolver library) multiple vulns Ian Jackson (Jun 11)
- icinga2: CVE-2020-14004: prepare-dirs script allows for symlink attack in the icinga user context Matthias Gerstner (Jun 12)
- Re: icinga2: CVE-2020-14004: prepare-dirs script allows for symlink attack in the icinga user context Michael Orlitzky (Jun 12)
- [CVE-2020-11980] A remote client could create MBeans from arbitrary URLs Jean-Baptiste Onofre (Jun 12)
- lockdown bypass on ubuntu 18.04's 4.15 kernel for loading unsigned modules Jason A. Donenfeld (Jun 13)
- Re: lockdown bypass on ubuntu 18.04's 4.15 kernel for loading unsigned modules Jason A. Donenfeld (Jun 15)
- [CVE-2020-9483] Apache SkyWalking SQL injection vulnerability Sheng Wu (Jun 15)
- [CVE-2019-17566] Apache XML Graphics Batik SSRF vulnerability Simon Steiner (Jun 15)
- lockdown bypass on mainline kernel for loading unsigned modules Jason A. Donenfeld (Jun 15)
- Re: lockdown bypass on mainline kernel for loading unsigned modules John Haxby (Jun 15)
- Re: lockdown bypass on mainline kernel for loading unsigned modules Jann Horn (Jun 15)
- Re: lockdown bypass on mainline kernel for loading unsigned modules Jason A. Donenfeld (Jun 15)
- Re: lockdown bypass on mainline kernel for loading unsigned modules Jann Horn (Jun 15)
- Re: lockdown bypass on mainline kernel for loading unsigned modules Jason A. Donenfeld (Jun 15)
- Re: lockdown bypass on mainline kernel for loading unsigned modules John Haxby (Jun 15)
- CVE-2020-11969 Apache TomEE - useJMX attribute on ActiveMQ resource adapter URI causes authenticated JMX port to be open Jonathan Gallimore (Jun 15)
- ISC announces two medium-severity vulnerabilities, CVE-2020-8618 and CVE-2020-8619 Michael McNally (Jun 17)
- CVE-2020-10781 kernel: zram sysfs resource consumption Wade Mealing (Jun 17)
- [SECURITY] CVE-2020-9495: Apache Archiva login service is vulnerable to LDAP injection Martin (Jun 19)
- Squirrelmail: Use of unserialize() on user data Hanno Böck (Jun 20)
- [CVE-2020-11989] Apache Shiro authentication bypass vulnerability Brian Demers (Jun 22)
- CVE-2020-9480: Apache Spark RCE vulnerability in auth-enabled standalone master Sean Owen (Jun 22)
- CVE-2020-10769 kernel: Buffer over-read in crypto_authenc_extractkeys() when a payload longer than 4 bytes is not aligned. Rohit Keshri (Jun 23)
- [SECURITY ADVISORY] curl: Partial password leak over DNS on HTTP redirect Daniel Stenberg (Jun 23)
- [SECURITY ADVISORY] curl: overwrite local file with -J Daniel Stenberg (Jun 23)
- Requesting a CVE id for Trojitá, an e-mail client: Improper Certificate Validation Jan Kundrát (Jun 25)
- Re: Requesting a CVE id for Trojitá, an e-mail client: Improper Certificate Validation Agostino Sarubbo (Jun 25)
- Re: Requesting a CVE id for Trojitá, an e-mail client: Improper Certificate Validation Johannes Segitz (Jun 25)
- [cve-request () mitre org: Re: [scr916814] net-snmp - Perhaps only unreleased development versions; fix appears to be in v5.8.1.pre1] Seth Arnold (Jun 25)
- CVE-2020-10753 ceph: radosgw: HTTP header injection via CORS ExposeHeader tag Przemyslaw Roguski (Jun 25)
- CVE-2020-11996 Apache Tomcat HTTP/2 Denial of Service Mark Thomas (Jun 25)
- default behavior in unzip more dangerous then -^ Dennis Goodlett (Jun 30)
- libvncserver: old websocket decoding patch Stefan Cornelius (Jun 30)
- Re: libvncserver: old websocket decoding patch Stefan Cornelius (Jun 30)