oss-sec: by author

• RSS Feed
• About List
• All Lists

Previous period

Next period

402 messages starting Jul 31 08 and ending Aug 22 08
Date index | Thread index | Author index

Alexander Konovalenko

SVG vulnerability affecting Firefox, evince, eog, Gimp? Alexander Konovalenko (Jul 31)

Andrea Barisani

[oCERT-2008-007] libpoppler uninitialized pointer Andrea Barisani (Jul 07)
[oCERT-2008-009] libxslt heap overflow Andrea Barisani (Jul 31)
[oCERT-2008-013] MPlayer Real demuxer heap overflow Andrea Barisani (Sep 29)

Andreas Jellinghaus

OpenSC Security Advisory Andreas Jellinghaus (Jul 31)
opensc 0.11.6 with fixed security update Andreas Jellinghaus (Aug 27)

Bernhard R. Link

Re: DNS vulnerability: other relevant software Bernhard R. Link (Jul 11)

Bram Moolenaar

Re: More arbitrary code executions in Netrw version 125, Vim 7.2a.10 Bram Moolenaar (Jul 07)

Christian Hoffmann

Re: CVE request: lighttpd issues Christian Hoffmann (Sep 30)
CVE request: php-5.2.6 overflow issues Christian Hoffmann (Aug 08)
Re: CVE Request (mercurial) Christian Hoffmann (Sep 29)
Re: CVE request: php-5.2.6 overflow issues Christian Hoffmann (Aug 13)
Re: CVE request: php-5.2.6 overflow issues Christian Hoffmann (Aug 08)
Re: CVE request: lighttpd issues Christian Hoffmann (Sep 30)

Emanuele Gentili

CVE request for Joomla multiple vuln. Emanuele Gentili (Sep 11)
Joomla 1.5.x core. Emanuele Gentili (Aug 12)

Eugene Teo

CVE request: kernel: open() call allows setgid bit when user is not in new file's group Eugene Teo (Sep 24)
Re: DNS vulnerability: other relevant software Eugene Teo (Jul 09)
Re: 2.6.25.10 security fixes, please assign CVE id Eugene Teo (Jul 08)
CVE-2008-3526 Linux kernel sctp_setsockopt_auth_key() integer overflow Eugene Teo (Aug 26)
CVE-2008-3276 Linux kernel dccp_setsockopt_change() integer overflow Eugene Teo (Aug 15)
Re: DNS vulnerability: other relevant software Eugene Teo (Jul 09)
Re: DNS vulnerability: other relevant software Eugene Teo (Jul 10)
CVE request: kernel: nfsd: fix buffer overrun decoding NFSv4 acl Eugene Teo (Sep 04)
CVE request: kernel: sunrpc: fix possible overrun on read of /proc/sys/sunrpc/transports Eugene Teo (Sep 03)
CVE-2008-3525 kernel: missing capability checks in sbni_ioctl() Eugene Teo (Aug 28)
Re: CVE request: kernel: local keyboard DoS through LED switching Eugene Teo (Sep 09)
CVE request: kernel: splice: fix bad unlock_page() in error case Eugene Teo (Sep 16)
CVE-2008-2931 kernel: missing check before setting mount propagation Eugene Teo (Jul 08)
Re: CVE request: kernel: local keyboard DoS through LED switching Eugene Teo (Sep 09)
CVE-2008-3528 Linux kernel ext[234] directory corruption DoS Eugene Teo (Sep 17)
Re: CVE-2008-3526 Linux kernel sctp_setsockopt_auth_key() integer overflow Eugene Teo (Aug 28)
Re: CVE-2008-4113 update: kernel: sctp: fix random memory dereference with SCTP_HMAC_IDENT option Eugene Teo (Sep 26)
Re: DNS vulnerability: other relevant software Eugene Teo (Jul 09)
CVE request: kernel: dio: zero struct dio with kzalloc instead of manually Eugene Teo (Sep 03)
CVE request: kernel: sctp: fix potential panics in the SCTP-AUTH API Eugene Teo (Aug 25)
CVE request: pam_mount: conf: re-add luserconf security checks Eugene Teo (Sep 05)
Re: CVE-2008-4113 update: kernel: sctp: fix random memory dereference with SCTP_HMAC_IDENT option Eugene Teo (Sep 26)
Re: CVE-2008-2931 kernel: missing check before setting mount propagation Eugene Teo (Jul 08)
Re: CVE request: kernel: sctp: fix potential panics in the SCTP-AUTH API Eugene Teo (Aug 26)
CVE request: kernel: local keyboard DoS through LED switching Eugene Teo (Sep 05)
CVE-2008-4113 update: kernel: sctp: fix random memory dereference with SCTP_HMAC_IDENT option Eugene Teo (Sep 24)
Re: CVE-2008-4113 update: kernel: sctp: fix random memory dereference with SCTP_HMAC_IDENT option Eugene Teo (Sep 29)

Florian Weimer

Re: [vendor-sec] Re: [oss-security] Re: libxml2 denial of service flaw (CVE-2008-3281) Florian Weimer (Aug 25)
Re: DNS vulnerability: other relevant software Florian Weimer (Jul 09)
CVE request: PowerDNS recursor source port randomization Florian Weimer (Jul 09)
Re: DNS vulnerability: other relevant software Florian Weimer (Jul 13)
Re: GNU ed heap overflow Florian Weimer (Sep 04)
GNU ed heap overflow Florian Weimer (Aug 31)
Re: GNU ed heap overflow Florian Weimer (Sep 01)
Re: Major DNS vulnerability announced [CVE Question] Florian Weimer (Jul 09)
Re: CVE request: PowerDNS recursor source port randomization Florian Weimer (Jul 16)
Re: DNS vulnerability: other relevant software Florian Weimer (Jul 12)

Hanno Böck

CVE request: phpwebgallery < 1.7.2 Hanno Böck (Jul 31)
CVE request: mybb < 1.4.1 Hanno Böck (Sep 09)
CVE request: tikiwiki < 2.0 Hanno Böck (Aug 12)
CVE request: mybb Hanno Böck (Jul 06)
CVE request: Contenido < 4.8.7, < 4.6.24 Hanno Böck (Aug 02)
CVE request: drupal 5.10/6.4 Hanno Böck (Aug 14)
CVE request: Wordpress XSS Hanno Böck (Jul 15)
CVE request: wordpress < 2.6.2 Hanno Böck (Sep 11)
wordpress 2.6.1 Hanno Böck (Aug 19)
CVE request: moodle xss in < 1.8.5 Hanno Böck (Jul 06)
CVE request: punbb < 1.2.19 Hanno Böck (Jul 20)
CVE requests: crashers by zzuf Hanno Böck (Jul 13)
CVE request: phpmyadmin < 2.11.8 Hanno Böck (Jul 28)
Re: CVE Request (gallery2) Hanno Böck (Sep 18)
Re: CVE request: phpmyadmin < 2.11.7.1 Hanno Böck (Jul 16)
horde webmail edition < 1.1.1 Hanno Böck (Aug 12)
CVE request: dotclear < 1.2.8 Hanno Böck (Jul 14)
Re: request for CVE: clamav 0.94 release Hanno Böck (Sep 04)
CVE request: vtigercrm < 5.0.4 Hanno Böck (Jul 31)
CVE requests: joomla <1.5.4 Hanno Böck (Jul 12)
cve request: punbb < 1.2.20 xss Hanno Böck (Sep 09)
CVE request: pam_mount < 0.47 missing security checks Hanno Böck (Sep 06)
CVE request: mybb < 1.2.14 Hanno Böck (Jul 20)
Re: CVE request: moodle xss in < 1.8.5 Hanno Böck (Jul 08)
CVE request: joomla < 1.5.7 Hanno Böck (Sep 11)
CVE request: phpbb < 3.0.2 Hanno Böck (Jul 12)
CVE request: multiple drupal issues in < 6.3,5.8 Hanno Böck (Jul 09)
CVE request: phpmyadmin < 2.11.7.1 Hanno Böck (Jul 15)
CVE req: phpmyadmin < 2.11.9.2 xss Hanno Böck (Sep 22)
CVE request: simple machines forum Hanno Böck (Jul 06)

Jamie Strandboge

Re: CVE request for dnsmasq DoS Jamie Strandboge (Jul 03)
Re: CVE request for dnsmasq DoS Jamie Strandboge (Jul 12)
Re: CVE request for dnsmasq DoS Jamie Strandboge (Jul 08)

Jan Lieskovsky

CVE Request (gpicview) Jan Lieskovsky (Aug 25)
[oss-list] CVE request (vim) Jan Lieskovsky (Sep 11)
CVE Request (samba) Jan Lieskovsky (Aug 26)
Re: CVE Request (gpicview) Jan Lieskovsky (Aug 26)
Re: CVE Request (gpicview) Jan Lieskovsky (Aug 31)
CVE Request (python) Jan Lieskovsky (Sep 15)
Re: SVG vulnerability affecting Firefox, evince, eog, Gimp? Jan Lieskovsky (Aug 04)
CVE Request (ruby -- DNS spoofing vulnerability in resolv.rb) Jan Lieskovsky (Sep 03)
CVE Request (openswan, emacspeak, cman) Jan Lieskovsky (Sep 18)
CVE id request: byacc Jan Lieskovsky (Jul 15)
CVE Request (ruby) Jan Lieskovsky (Aug 25)
Multiple CVE Request (ruby) Jan Lieskovsky (Aug 11)

Jan Minář

Re: Re: More arbitrary code executions in Netrw version 125, Vim 7.2a.10 Jan Minář (Jul 21)
Re: Re: More arbitrary code executions in Netrw version 125, Vim 7.2a.10 Jan Minář (Jul 12)
Re: Re: More arbitrary code executions in Netrw version 125, Vim 7.2a.10 Jan Minář (Jul 16)
Re: Re: More arbitrary code executions in Netrw version 125, Vim 7.2a.10 Jan Minář (Jul 21)
Re: [oss-list] CVE request (vim) Jan Minář (Sep 11)
Re: Re: More arbitrary code executions in Netrw version 125, Vim 7.2a.10 Jan Minář (Jul 16)

Joe Orton

Re: CVE request: php-5.2.6 overflow issues Joe Orton (Aug 08)
Re: CVE request: php-5.2.6 overflow issues Joe Orton (Aug 08)
CVE request for neon Joe Orton (Aug 15)
Re: CVE request for neon Joe Orton (Aug 20)

Jonathan Smith

Re: More arbitrary code executions in Netrw version 125, Vim 7.2a.10 Jonathan Smith (Jul 07)
Re: vsftpd CVE-2007-5962 (Red Hat / Fedora specific) Jonathan Smith (Jul 20)
Re: More arbitrary code executions in Netrw version 125, Vim 7.2a.10 Jonathan Smith (Jul 07)
Re: Major DNS vulnerability announced [CVE Question] Jonathan Smith (Jul 08)
Re: Re: More arbitrary code executions in Netrw version 125, Vim 7.2a.10 Jonathan Smith (Jul 20)

Josh Bressers

CVE Request (mercurial) Josh Bressers (Sep 17)
Re: CVE id request: ftpd Josh Bressers (Sep 30)
Re: SVG vulnerability affecting Firefox, evince, eog, Gimp? Josh Bressers (Jul 31)
CVE Request (ipsec-tools) Josh Bressers (Aug 11)
Re: CVE request for dnsmasq DoS Josh Bressers (Jul 23)
CVE Request (xen) Josh Bressers (Sep 30)
viewvc security flaw? Josh Bressers (Sep 19)
CVE-2008-4182 clarification Josh Bressers (Sep 26)
CVE Request (gallery2) Josh Bressers (Sep 18)
CVE Request (ipsec-tools again) Josh Bressers (Aug 12)
Re: CVE id request: faad2 Josh Bressers (Sep 26)
Re: Re: CVE Request (pidgin) Josh Bressers (Jul 03)
Re: Re: CVE Request (pidgin) Josh Bressers (Jul 03)
CVE Request (pidgin) Josh Bressers (Aug 05)
Re: openldap DoS Josh Bressers (Jul 01)
CVE Request (lighttpd) Josh Bressers (Sep 26)

Ludwig Nussel

Re: openldap DoS Ludwig Nussel (Jul 01)
Re: CVE Request (mercurial) Ludwig Nussel (Sep 29)
Re: opensc 0.11.6 with fixed security update Ludwig Nussel (Sep 05)
CVE id request: moodle XSS and CSRF Ludwig Nussel (Jul 25)

Marcus Meissner

Re: CVE-2008-2365 kernel: ptrace: Crash on PTRACE_{ATTACH,DETACH} race -- affecting kernel versions <= 2.6.25 Marcus Meissner (Jul 14)
Mono ASP.net cross site scripting issue Marcus Meissner (Jul 31)
request for CVE: clamav 0.94 release Marcus Meissner (Sep 03)
CVE request: mono Sys.Web header injection Marcus Meissner (Aug 27)
swfdec 0.6.8 stable update Marcus Meissner (Aug 19)
2.6.25.10 security fixes, please assign CVE id Marcus Meissner (Jul 03)
Re: swfdec 0.6.8 stable update Marcus Meissner (Aug 23)

Mark J Cox

Re: DNS vulnerability: other relevant software Mark J Cox (Jul 09)
CVE request: condor < 7.0.4 Mark J Cox (Jul 30)
CVE-2008-2939 low severity Apache httpd XSS Mark J Cox (Aug 06)

Matthias Andree

Re: Major DNS vulnerability announced [CVE Question] Matthias Andree (Jul 09)

Matthias Geerdsen

DNS vulnerability: other relevant software Matthias Geerdsen (Jul 09)

Michail Litvak

Re: vsftpd CVE-2007-5962 (Red Hat / Fedora specific) Michail Litvak (Jul 17)

Miklos Vajna

CVE request: drupal issue in < 5.9 Miklos Vajna (Jul 26)
Re: CVE request: drupal issue in < 5.9 Miklos Vajna (Jul 26)
Re: CVE request: drupal issue in < 5.9 Miklos Vajna (Jul 27)
CVE request for bitlbee Miklos Vajna (Aug 29)
Re: CVE request: drupal issue in < 5.9 Miklos Vajna (Jul 27)

Morris, John R. (SSRT)

FW: CVE-2008-1668 - ftpd 2.4 - unauthorized root access - patch details Morris, John R. (SSRT) (Aug 20)

Nathanael Hoyle

Re: DNS vulnerability: other relevant software Nathanael Hoyle (Jul 10)
Re: DNS vulnerability: other relevant software Nathanael Hoyle (Jul 11)

Nico Golde

Re: horde webmail edition < 1.1.1 Nico Golde (Aug 13)
Re: CVE id request: horde3/turba2 Nico Golde (Jul 28)
Re: CVE id request: newsbeuter Nico Golde (Sep 04)
Re: CVE id request: mktemp Nico Golde (Aug 18)
Re: Re: CVE Request (pidgin) Nico Golde (Jul 03)
Re: CVE id requests: gmanedit Nico Golde (Sep 09)
Re: CVE id request: awstats Nico Golde (Aug 27)
Re: CVE id request: newsbeuter Nico Golde (Sep 02)
Re: horde webmail edition < 1.1.1 Nico Golde (Aug 16)
Re: CVE request for dnsmasq DoS Nico Golde (Jul 02)
Re: CVE Request (gpicview) Nico Golde (Sep 04)
Re: horde webmail edition < 1.1.1 Nico Golde (Aug 13)
Re: Links < 2.1 security issue Nico Golde (Jul 28)
Re: CVE id request: vlc Nico Golde (Aug 24)
Re: Re: source for CVE feed (was: Re: [oss-security] CVE request: httrack buffer overflow) Nico Golde (Aug 04)
CVE id request: newsbeuter Nico Golde (Sep 01)
Re: CVE request: moodle xss in < 1.8.5 Nico Golde (Jul 08)
Re: CVE id request: mktemp Nico Golde (Aug 18)
Re: CVE request: moodle xss in < 1.8.5 Nico Golde (Jul 06)
Re: swfdec 0.6.8 stable update Nico Golde (Aug 23)
Re: CVE id request: newsbeuter Nico Golde (Sep 04)
CVE id request: git Nico Golde (Aug 07)
Re: CVE request: moodle xss in < 1.8.5 Nico Golde (Jul 11)
Re: swfdec 0.6.8 stable update Nico Golde (Aug 19)
Re: Joomla 1.5.x core. Nico Golde (Aug 13)
Re: CVE request: Wordpress XSS Nico Golde (Jul 16)
CVE id request: openttd Nico Golde (Aug 04)
CVE id request: op Nico Golde (Jul 12)
Re: CVE id request mercurial:Insufficient input validation Nico Golde (Jul 01)
Re: CVE id request: openttd Nico Golde (Aug 05)
Re: CVE request: moodle xss in < 1.8.5 Nico Golde (Jul 08)
Re: CVE id request: mktemp Nico Golde (Aug 18)
Re: openldap DoS Nico Golde (Jul 13)
CVE id request: horde3/turba2 Nico Golde (Jul 27)
Re: CVE Request (gpicview) Nico Golde (Sep 04)
CVE id request: vlc Nico Golde (Aug 23)
Re: Re: libxml2 denial of service flaw (CVE-2008-3281) Nico Golde (Aug 24)
Re: Re: CVE Request (pidgin) Nico Golde (Jul 05)
Re: Re: libxml2 denial of service flaw (CVE-2008-3281) Nico Golde (Aug 24)
Re: CVE id request: awstats Nico Golde (Aug 27)
CVE id request: awstats Nico Golde (Aug 27)
Re: CVE request: drupal issue in < 5.9 Nico Golde (Jul 26)
Re: CVE Request: Critical vuln in Firefox 3.0 Nico Golde (Jul 16)
CVE id request: dns2tcp Nico Golde (Sep 03)
Re: CVE Request (gpicview) Nico Golde (Aug 30)
Re: CVE request: drupal issue in < 5.9 Nico Golde (Jul 27)
CVE id request: projectl Nico Golde (Jul 09)
CVE id request: mktemp Nico Golde (Aug 15)
Re: CVE request: phpmyadmin < 2.11.8 Nico Golde (Aug 08)
Re: CVE id request: libavformat Nico Golde (Jul 16)
Re: CVE request: drupal issue in < 5.9 Nico Golde (Jul 27)

Pierre-Yves Rofes

Links < 2.1 security issue Pierre-Yves Rofes (Jul 27)
Re: CVE request: phpwebgallery < 1.7.2 Pierre-Yves Rofes (Aug 01)
CVE request: Opera < 9.52 multiple vulnerabilities Pierre-Yves Rofes (Sep 19)

Pınar Yanardağ

Re: Pardus Bugs / Patches, Was: Re: [oss-security] CVE id request: vlc Pınar Yanardağ (Aug 25)
Re: CVE id request: vlc Pınar Yanardağ (Aug 24)
Re: CVE Request (ruby) Pınar Yanardağ (Aug 26)
CVE request (libpng) Pınar Yanardağ (Sep 09)
Re: CVE id request: vlc Pınar Yanardağ (Aug 24)
Re: [oss-list] CVE request (vim) Pınar Yanardağ (Sep 11)

Raphael Marichez

HAVP 0.89 fixes a crash Raphael Marichez (Aug 14)

Robert Buchholz

Re: CVE id request: ftpd Robert Buchholz (Sep 29)
Re: CVE Request (gpicview) Robert Buchholz (Sep 02)
Re: CVE request for dnsmasq DoS Robert Buchholz (Jul 23)
Re: ssmtp =2.62 unitialized memory disclosure Robert Buchholz (Sep 11)
CVE request: openfire login page XSS (JM-629) Robert Buchholz (Aug 14)
Re: Re: CVE Request (pidgin) Robert Buchholz (Jul 03)
CVE request: pdnsd <1.2.7 Denial of Service Robert Buchholz (Sep 19)
ssmtp =2.62 unitialized memory disclosure Robert Buchholz (Sep 09)
Re: CVE request for dnsmasq DoS Robert Buchholz (Jul 23)
Re: Two remote DoS issues in linuxdcpp Robert Buchholz (Jul 01)
CVE request: MySQL empty bit-string literal server crash Robert Buchholz (Sep 09)
Re: CVE Request (mercurial) Robert Buchholz (Sep 29)
CVE request: Ruby on Rails <2.1.1 :limit and :offset SQL injection Robert Buchholz (Sep 13)
Re: CVE Request (gpicview) Robert Buchholz (Sep 13)
Re: CVE id request: openttd Robert Buchholz (Aug 04)
Re: cups patches for CVE-2008-0597 and CVE-2008-0596 Robert Buchholz (Jul 27)
Re: CVE id request: fraud2 Robert Buchholz (Sep 24)
Pardus Bugs / Patches, Was: Re: [oss-security] CVE id request: vlc Robert Buchholz (Aug 25)
Re: viewvc security flaw? Robert Buchholz (Sep 20)
Re: DNS vulnerability: other relevant software Robert Buchholz (Jul 09)
Re: libxml2 denial of service flaw (CVE-2008-3281) Robert Buchholz (Aug 23)

Rob Holland

[oCERT-2008-014] WordNet stack and heap overflows Rob Holland (Sep 01)

Sebastian Krahmer

Re: CVE id request: mktemp Sebastian Krahmer (Aug 18)

security curmudgeon

Major DNS vulnerability announced [CVE Question] security curmudgeon (Jul 08)

Steffen Joeris

CVE id request: faad2 Steffen Joeris (Sep 26)
CVE id requests: gmanedit Steffen Joeris (Sep 05)
Re: CVE id request: faad2 Steffen Joeris (Sep 26)
CVE id request: libavformat Steffen Joeris (Jul 09)
CVE id request: proftpd Steffen Joeris (Sep 22)
cups patches for CVE-2008-0597 and CVE-2008-0596 Steffen Joeris (Jul 27)
CVE id requests: ruby Steffen Joeris (Aug 11)
CVE id request: ftpd Steffen Joeris (Sep 29)
CVE id request: fraud2 Steffen Joeris (Sep 23)

Steve Kemp

Re: CVE id request: awstats Steve Kemp (Aug 27)

Steven M. Christey

Re: CVE id request: horde3/turba2 Steven M. Christey (Jul 28)
Re: CVE request: mybb < 1.2.14 Steven M. Christey (Jul 27)
Re: GNU ed heap overflow Steven M. Christey (Sep 04)
Re: CVE id request: git Steven M. Christey (Aug 07)
Re: [oCERT-2008-014] WordNet stack and heap overflows Steven M. Christey (Sep 04)
Re: CVE request: phpmyadmin < 2.11.8 Steven M. Christey (Aug 04)
Re: CVE id request: moodle XSS and CSRF Steven M. Christey (Jul 25)
Re: Joomla 1.5.x core. Steven M. Christey (Aug 14)
Re: source for CVE feed (was: Re: [oss-security] CVE request: httrack buffer overflow) Steven M. Christey (Aug 04)
Re: HAVP 0.89 fixes a crash Steven M. Christey (Aug 14)
Re: CVE request: mono Sys.Web header injection Steven M. Christey (Sep 04)
Re: CVE request: drupal 5.10/6.4 Steven M. Christey (Aug 20)
Re: Links < 2.1 security issue Steven M. Christey (Jul 27)
Re: source for CVE feed (was: Re: [oss-security] CVE request: httrack buffer overflow) Steven M. Christey (Aug 04)
Re: CVE request for neon Steven M. Christey (Aug 20)
Re: CVE request: mybb Steven M. Christey (Jul 08)
Re: CVE Request (ruby -- DNS spoofing vulnerability in resolv.rb) Steven M. Christey (Sep 04)
Re: CVE id requests: gmanedit Steven M. Christey (Sep 09)
Re: CVE request: kernel: nfsd: fix buffer overrun decoding NFSv4 acl Steven M. Christey (Sep 04)
Re: CVE request: phpmyadmin < 2.11.7 XSS Steven M. Christey (Jul 02)
Re: CVE Request (python) Steven M. Christey (Sep 15)
Re: CVE Request (pidgin) Steven M. Christey (Jul 01)
Re: CVE request: moodle xss in < 1.8.5 Steven M. Christey (Jul 08)
Re: CVE request (libpng) Steven M. Christey (Sep 09)
Re: CVE request: condor < 7.0.4 Steven M. Christey (Jul 31)
Re: openldap DoS Steven M. Christey (Jul 01)
Re: CVE request: kernel: sunrpc: fix possible overrun on read of /proc/sys/sunrpc/transports Steven M. Christey (Sep 04)
Re: ssmtp =2.62 unitialized memory disclosure Steven M. Christey (Sep 09)
Re: CVE request: kernel: sctp: fix potential panics in the SCTP-AUTH API Steven M. Christey (Aug 26)
Re: CVE request: httrack buffer overflow Steven M. Christey (Aug 04)
Re: CVE id request: horde3/turba2 Steven M. Christey (Jul 27)
Re: CVE request: kernel: local keyboard DoS through LED switching Steven M. Christey (Sep 09)
Re: CVE id request: newsbeuter Steven M. Christey (Sep 04)
Re: CVE request: phpmyadmin < 2.11.8 Steven M. Christey (Aug 12)
Re: CVE id request: checkinstall Steven M. Christey (Jul 01)
Re: CVE request: joomla < 1.5.7 Steven M. Christey (Sep 15)
Re: CVE Request (gallery2) Steven M. Christey (Sep 23)
Re: CVE Request (gpicview) Steven M. Christey (Sep 04)
Re: CVE Request (ruby -- DNS spoofing vulnerability in resolv.rb) Steven M. Christey (Sep 15)
Re: [oss-list] CVE request (vim) Steven M. Christey (Sep 15)
Re: CVE request: MySQL incomplete fix for CVE-2008-2079 Steven M. Christey (Sep 15)
Re: opensc 0.11.6 with fixed security update Steven M. Christey (Sep 09)
Re: CVE id request: byacc Steven M. Christey (Jul 16)
Re: CVE request: vtigercrm < 5.0.4 Steven M. Christey (Aug 04)
Re: CVE request: Ruby on Rails <2.1.1 :limit and :offset SQL injection Steven M. Christey (Sep 15)
Re: CVE request: Opera < 9.52 multiple vulnerabilities Steven M. Christey (Sep 23)
Re: CVE request: OpenVPN (client) 2.1-beta14 through 2.1-rc8 Steven M. Christey (Aug 04)
Re: CVE Request (samba) Steven M. Christey (Aug 26)
Re: CVE request: wordpress < 2.6.2 Steven M. Christey (Sep 15)
Re: CVE id request: op Steven M. Christey (Jul 18)
Re: CVE request: pdnsd <1.2.7 Denial of Service Steven M. Christey (Sep 23)
Re: CVE request: simple machines forum Steven M. Christey (Jul 08)
Re: Mono ASP.net cross site scripting issue Steven M. Christey (Jul 31)
Re: CVE id request: mktemp Steven M. Christey (Aug 18)
Re: phpMyAdmin code execution (CVE request) Steven M. Christey (Sep 15)
Re: CVE id request: vlc Steven M. Christey (Aug 26)
Re: django CSRF vuln Steven M. Christey (Sep 04)
Re: CVE id requests: ruby Steven M. Christey (Aug 12)
Re: CVE-2008-4113 update: kernel: sctp: fix random memory dereference with SCTP_HMAC_IDENT option Steven M. Christey (Sep 26)
Re: CVE Request (pidgin) Steven M. Christey (Aug 07)
Re: CVE request: php-5.2.6 overflow issues Steven M. Christey (Aug 12)
Re: GNU ed heap overflow Steven M. Christey (Sep 04)
Re: CVE request for dnsmasq DoS Steven M. Christey (Jul 01)
Re: CVE requests: joomla <1.5.4 Steven M. Christey (Jul 18)
Re: CVE request: tikiwiki < 2.0 Steven M. Christey (Aug 12)
Re: horde webmail edition < 1.1.1 Steven M. Christey (Aug 14)
Re: Two remote DoS issues in linuxdcpp Steven M. Christey (Jul 01)
Re: amarok temp file vuln Steven M. Christey (Aug 14)
Re: CVE id request: ftpd Steven M. Christey (Sep 30)
Re: CVE request: openfire login page XSS (JM-629) Steven M. Christey (Aug 14)
Re: CVE request: kernel: local keyboard DoS through LED switching Steven M. Christey (Sep 09)
Re: CVE id request: projectl Steven M. Christey (Jul 18)
Re: request for CVE: clamav 0.94 release Steven M. Christey (Sep 04)
Re: CVE id request: newsbeuter Steven M. Christey (Sep 04)
Re: Major DNS vulnerability announced [CVE Question] Steven M. Christey (Jul 08)
Re: CVE request: MySQL empty bit-string literal server crash Steven M. Christey (Sep 09)
Re: CVE request: punbb < 1.2.19 Steven M. Christey (Jul 27)
Re: CVE id request: dns2tcp Steven M. Christey (Sep 04)
Re: CVE request: kernel: dio: zero struct dio with kzalloc instead of manually Steven M. Christey (Sep 04)
Re: CVE request: kernel: open() call allows setgid bit when user is not in new file's group Steven M. Christey (Sep 24)
Re: wordpress 2.6.1 Steven M. Christey (Aug 20)
Re: CVE request: Contenido < 4.8.7, < 4.6.24 Steven M. Christey (Aug 04)
Re: CVE request: pam_mount < 0.47 missing security checks Steven M. Christey (Sep 09)
Re: Re: More arbitrary code executions in Netrw version 125, Vim 7.2a.10 Steven M. Christey (Jul 31)
Re: CVE id request: openttd Steven M. Christey (Aug 07)
Re: CVE request: phpbb < 3.0.2 Steven M. Christey (Jul 18)
Re: horde webmail edition < 1.1.1 Steven M. Christey (Aug 12)
Re: CVE id requests: ruby Steven M. Christey (Aug 14)
Re: CVE id request: Clamav Steven M. Christey (Jul 18)
Re: 2.6.25.10 security fixes, please assign CVE id Steven M. Christey (Jul 08)
Re: CVE request: mantis < 1.1.2 Steven M. Christey (Jul 27)
Re: cve request: punbb < 1.2.20 xss Steven M. Christey (Sep 09)
Re: CVE Request (gpicview) Steven M. Christey (Aug 26)
Re: CVE Request (ruby) Steven M. Christey (Aug 26)
Re: CVE Request (openswan, emacspeak, cman) Steven M. Christey (Sep 23)
Re: CVE request: drupal issue in < 5.9 Steven M. Christey (Jul 26)
Re: CVE id request: fraud2 Steven M. Christey (Sep 24)
Re: More arbitrary code executions in Netrw version 125, Vim 7.2a.10 Steven M. Christey (Jul 08)
Re: CVE id request: ftpd Steven M. Christey (Sep 30)
Re: CVE request: mybb < 1.4.1 Steven M. Christey (Sep 09)
Re: CVE Request (ipsec-tools) Steven M. Christey (Aug 12)
Re: CVE request for bitlbee Steven M. Christey (Sep 09)
Re: CVE request: php 5.2.6 ext/imap buffer overflows Steven M. Christey (Jul 01)
Re: [oss-list] CVE request (vim) Steven M. Christey (Sep 15)
Re: CVE Request (ipsec-tools again) Steven M. Christey (Aug 12)
Re: CVE request: phpmyadmin < 2.11.7.1 Steven M. Christey (Jul 16)
Re: Re: CVE request: lighttpd issues Steven M. Christey (Sep 30)
Re: CVE request: multiple drupal issues in < 6.3,5.8 Steven M. Christey (Jul 18)

Tavis Ormandy

Re: GNU ed heap overflow Tavis Ormandy (Sep 01)

The Fungi

Re: DNS vulnerability: other relevant software The Fungi (Jul 09)
Re: Major DNS vulnerability announced [CVE Question] The Fungi (Jul 08)

Thijs Kinkhorst

Re: CVE request: httrack buffer overflow Thijs Kinkhorst (Aug 04)
source for CVE feed (was: Re: [oss-security] CVE request: httrack buffer overflow) Thijs Kinkhorst (Aug 04)
CVE request: httrack buffer overflow Thijs Kinkhorst (Aug 04)
Re: CVE request: phpmyadmin < 2.11.7.1 Thijs Kinkhorst (Jul 16)
phpMyAdmin code execution (CVE request) Thijs Kinkhorst (Sep 15)

Thomas Biege

Re: DNS vulnerability: other relevant software Thomas Biege (Jul 10)

Tim Brown

Re: OpenSSH key blacklisting Tim Brown (Sep 04)

Todd C. Miller

Re: CVE id request: mktemp Todd C. Miller (Aug 15)
Re: CVE id request: mktemp Todd C. Miller (Aug 18)
Re: CVE id request: mktemp Todd C. Miller (Aug 18)

Tomas Hoger

Re: CVE request: httrack buffer overflow Tomas Hoger (Aug 04)
Re: CVE request: Wordpress XSS Tomas Hoger (Jul 16)
Re: cups patches for CVE-2008-0597 and CVE-2008-0596 Tomas Hoger (Jul 28)
Re: Re: More arbitrary code executions in Netrw version 125, Vim 7.2a.10 Tomas Hoger (Jul 16)
Re: CVE id request: Clamav Tomas Hoger (Jul 08)
Re: Re: More arbitrary code executions in Netrw version 125, Vim 7.2a.10 Tomas Hoger (Jul 15)
Re: Re: More arbitrary code executions in Netrw version 125, Vim 7.2a.10 Tomas Hoger (Jul 21)
Re: CVE id request: git Tomas Hoger (Aug 07)
Re: CVE Id request: vim Tomas Hoger (Jul 15)
Re: Re: libxml2 denial of service flaw (CVE-2008-3281) Tomas Hoger (Aug 25)
Re: CVE id request: Clamav Tomas Hoger (Jul 15)
CVE request: mantis < 1.1.2 Tomas Hoger (Jul 21)
Re: Re: More arbitrary code executions in Netrw version 125, Vim 7.2a.10 Tomas Hoger (Jul 20)
Re: CVE id request: horde3/turba2 Tomas Hoger (Jul 28)
Re: CVE request for bitlbee Tomas Hoger (Sep 08)
Re: Re: More arbitrary code executions in Netrw version 125, Vim 7.2a.10 Tomas Hoger (Aug 05)
Re: horde webmail edition < 1.1.1 Tomas Hoger (Aug 13)
Re: Re: More arbitrary code executions in Netrw version 125, Vim 7.2a.10 Tomas Hoger (Jul 10)
Re: CVE Request (ruby -- DNS spoofing vulnerability in resolv.rb) Tomas Hoger (Sep 11)
CVE request: OpenVPN (client) 2.1-beta14 through 2.1-rc8 Tomas Hoger (Aug 03)
More ruby integer overflows (rb_ary_fill / Array#fill) Tomas Hoger (Jul 02)
Re: CVE request: MySQL incomplete fix for CVE-2008-2079 Tomas Hoger (Sep 09)
Re: horde webmail edition < 1.1.1 Tomas Hoger (Aug 13)

Vincent Danen

amarok temp file vuln Vincent Danen (Aug 13)
django CSRF vuln Vincent Danen (Sep 03)
Re: Re: CVE Request (pidgin) Vincent Danen (Jul 03)
Re: Re: [vendor-sec] Re: [oss-security] Re: libxml2 denial of service flaw (CVE-2008-3281) Vincent Danen (Aug 25)
Re: Re: libxml2 denial of service flaw (CVE-2008-3281) Vincent Danen (Aug 25)
Re: Re: CVE Request (pidgin) Vincent Danen (Jul 08)
Re: Re: libxml2 denial of service flaw (CVE-2008-3281) Vincent Danen (Aug 25)

Will Drewry

[oCERT-2008-012] Horde, Popoon frameworks common input sanitization errors (XSS) Will Drewry (Sep 10)
[oCERT-2008-008] multiple heap overflows in xine-lib Will Drewry (Aug 22)

Previous period

Next period