oss-sec: by date
RSS Feed
About List
All Lists
Previous period
465 messages
starting Jul 01 10 and
ending Sep 30 10
Date index |
Thread index |
Author index
Thursday, 01 July
Re: CVE requests: LibTIFF Tomas Hoger
CVE request: moin multiple XSS Raphael Geissert
CVE request: ZNC NULL pointer dereference Raphael Geissert
Re: CVE requests: LibTIFF Steven M. Christey
Re: CVE Request -- PHP strrchr() Interruption Information Leak Vulnerability Péter Veres
Friday, 02 July
CVE Request [Microsoft Windows Ruby-v1.9.x] -- Buffer over-run leading to ACE Jan Lieskovsky
CVE Request -- Mumble server (Murmur) / Qt SQLite -- Remotely exploitable DoS (murmur termination) due QueryUsers Qt SQLite database bug Jan Lieskovsky
CVE Request -- Roundup: XSS by processing PageTemplate template for a named page Jan Lieskovsky
Re: CVE Request -- Mumble server (Murmur) / Qt SQLite -- Remotely exploitable DoS (murmur termination) due QueryUsers Qt SQLite database bug Luigi Auriemma
Re: CVE Request -- Mumble server (Murmur) / Qt SQLite -- Remotely exploitable DoS (murmur termination) due QueryUsers Qt SQLite database bug Raphael Geissert
Re: CVE Request -- PHP strrchr() Interruption Information Leak Vulnerability Josh Bressers
Re: CVE request: simplemachinesforum Josh Bressers
Re: CVE request: moin multiple XSS Josh Bressers
Re: CVE request: ZNC NULL pointer dereference Josh Bressers
Re: CVE Request [Microsoft Windows Ruby-v1.9.x] -- Buffer over-run leading to ACE Josh Bressers
Re: CVE Request -- Mumble server (Murmur) / Qt SQLite -- Remotely exploitable DoS (murmur termination) due QueryUsers Qt SQLite database bug Josh Bressers
Re: CVE Request -- Roundup: XSS by processing PageTemplate template for a named page Josh Bressers
Saturday, 03 July
Request CVE ID for bogofilter base64 decoder heap corruption Matthias Andree
Sunday, 04 July
CVE request for browser IFRAME/file download DoS Kurt Seifried
Re: kernel: l2tp: Fix oops in pppol2tp_xmit Moritz Muehlenhoff
Re: CVE Request: kernel: l2tp: Fix oops in pppol2tp_xmit Eugene Teo
Re: CVE Request -- mlmmj -- Directory traversal flaw by editing and saving list entries via php-admin web interface Christoph Thiel
[HITB-Announce] HITB Magazine Issue 003 + HITBSecConf2010 - Amsterdam Hafez Kamal
Monday, 05 July
Re: Request CVE ID for bogofilter base64 decoder heap corruption Eren Türkay
Re: CVE Request -- libpng v1.4.3 and v1.2.44 -- memory leak while processing PNG image with malformed sCAL chunks Marcus Meissner
RE: [png-mng-implement] [oss-security] CVE Request -- libpng v1.4.3 and v1.2.44 -- memory leak while processing PNG image with malformed sCAL chunks John Bowler
Re: [png-mng-implement] [oss-security] CVE Request -- libpng v1.4.3 and v1.2.44 -- memory leak while processing PNG image with malformed sCAL chunks Glenn Randers-Pehrson
Re: CVE Request -- mlmmj -- Directory traversal flaw by editing and saving list entries via php-admin web interface Ben Schmidt
Tuesday, 06 July
REPOST: CVE request for bogofilter Matthias Andree
CVE request: Apache Axis2 Session Fixation Matthias Weckbecker
Re: CVE request: Apache Axis2 Session Fixation security curmudgeon
patch for remote buffer overflows and local message spoofing in mipv6 daemon Sebastian Krahmer
Bugzilla 3.7.1 CVE request Kurt Seifried
CVE Request: kernel: hvc_console: Fix race between hvc_close and hvc_remove dann frazier
Re: CVE request: Apache Axis2 Session Fixation Marcus Meissner
Re: Request CVE ID for bogofilter base64 decoder heap corruption Josh Bressers
Re: CVE request for browser IFRAME/file download DoS Josh Bressers
Re: kernel: l2tp: Fix oops in pppol2tp_xmit Josh Bressers
Re: CVE request: Apache Axis2 Session Fixation Josh Bressers
CVE request - kernel: nfsd4: bug in read_buf Eugene Teo
Re: Bugzilla 3.7.1 CVE request Reed Loden
Wednesday, 07 July
Re: patch for remote buffer overflows and local message spoofing in mipv6 daemon Josh Bressers
Re: patch for remote buffer overflows and local message spoofing in mipv6 daemon Sebastian Krahmer
Re: kernel: hvc_console: Fix race between hvc_close and hvc_remove Steven M. Christey
kernel: bridge br_multicast null ptr deref Eugene Teo
Thursday, 08 July
Re: patch for remote buffer overflows and local message spoofing in mipv6 daemon Arnaud Ebalard
Re: Bugzilla 3.7.1 CVE request Moritz Muehlenhoff
Re: patch for remote buffer overflows and local message spoofing in mipv6 daemon Josh Bressers
Re: CVE request - kernel: nfsd4: bug in read_buf Josh Bressers
kernel: gfs2 acl issue Eugene Teo
Re: kernel: gfs2 acl issue Dan Rosenberg
Re: kernel: gfs2 acl issue Eugene Teo
Friday, 09 July
Re: kernel: gfs2 acl issue Josh Bressers
Re: kernel: gfs2 acl issue Dan Rosenberg
Re: kernel: gfs2 acl issue akuster
Saturday, 10 July
Re: Re: Stefan Esser's 0day PHP SysCan flaw Nico Golde
Monday, 12 July
CVE request: ghostscript Marc Deslauriers
Re: CVE request: ghostscript Dan Rosenberg
Re: CVE request: ghostscript Vincent Danen
Re: CVE request: ghostscript Dan Rosenberg
Re: CVE request: ghostscript Marc Deslauriers
CVE request: NetSMB BSD kernel module (minor) Dan Rosenberg
Re: CVE request: ghostscript Josh Bressers
Tuesday, 13 July
CVE request, php var_export Pierre Joye
Multiple bugs in freetype Robert Święcki
znc id: CVE-2010-2448 or CVE-2010-2488? Raphael Geissert
Wednesday, 14 July
Re: Multiple bugs in freetype Pierre Joye
Re: Multiple bugs in freetype Josh Bressers
Re: CVE request, php var_export Pierre Joye
Thursday, 15 July
CVE request: lxsession-logout Matthias Weckbecker
Friday, 16 July
Re: Qt SSL endless loop Ludwig Nussel
Re: CVE request: NetSMB BSD kernel module (minor) Josh Bressers
Re: Re: CVE request, php var_export Josh Bressers
Re: CVE request: lxsession-logout Josh Bressers
Re: Qt SSL endless loop Josh Bressers
Re: Re: CVE request, php var_export Pierre Joye
Re: Qt SSL endless loop Vincent Danen
Monday, 19 July
Re: Qt SSL endless loop Ludwig Nussel
Re: CVE request: ghostscript and gv Tomas Hoger
Re: Qt SSL endless loop Vincent Danen
Tuesday, 20 July
CVE request for OpenTTD Matthijs Kooijman
[oCERT-2010-002] Joomla input sanitization errors (XSS) Andrea Barisani
CVE for Intel INTEL-SA-00025 Kurt Seifried
Wednesday, 21 July
Re: CVE for Intel INTEL-SA-00025 Mike O'Connor
Universal XSS in Rekonq Tim Brown
CVE request: kernel: btrfs Dan Rosenberg
Re: CVE for Intel INTEL-SA-00025 Josh Bressers
Re: CVE request for OpenTTD Josh Bressers
CVE id request: mapserver Nico Golde
Re: [oCERT-2010-002] Joomla input sanitization errors (XSS) Josh Bressers
Re: Universal XSS in Rekonq Josh Bressers
Re: CVE request: kernel: btrfs Josh Bressers
Re: CVE id request: mapserver Josh Bressers
CVE request: git Greg Brockman
Thursday, 22 July
Cacti XSS fixes in 0.8.7g Tomas Hoger
Another freetype-demos buffer overflow Josh Bressers
Re: CVE request: git Josh Bressers
Friday, 23 July
mikmod incomplete fix for CVE-2009-3995 Tomas Hoger
Re: Another freetype-demos buffer overflow Werner LEMBERG
CVE assignment notification -- CVE-2010-2474 -- JBossESB Marc Schoenefeld
CVE request: GnuPG 2 Florian Weimer
Monday, 26 July
CVE-2008-id Request -- ssmtp -- standardise() -- Buffer overflow Jan Lieskovsky
Re: Cacti XSS fixes in 0.8.7g Josh Bressers
Re: mikmod incomplete fix for CVE-2009-3995 Josh Bressers
Re: CVE request: GnuPG 2 Josh Bressers
Re: CVE-2008-id Request -- ssmtp -- standardise() -- Buffer overflow Josh Bressers
Wednesday, 28 July
CVE Request -- KVIrc -- Remote CTCP commands execution via specially-crafted CTCP parameter Jan Lieskovsky
CVE Request: Piwik < 0.6.4 Arbitrary file inclusion Anthon Pang
CVE request: mediawiki Raphael Geissert
CVE request: zabbix Raphael Geissert
Thursday, 29 July
Re: CVE Request -- KVIrc -- Remote CTCP commands execution via specially-crafted CTCP parameter Josh Bressers
Re: CVE Request: Piwik < 0.6.4 Arbitrary file inclusion Josh Bressers
Re: CVE request: mediawiki Josh Bressers
Re: CVE request: zabbix Josh Bressers
[HITB-Ann] Reminder: HITB2010 Malaysia Call for Papers Closing August 9th Hafez Kamal
Friday, 30 July
CVE-2010-2791: mod_proxy information leak affecting 2.2.9 only Joe Orton
Saturday, 31 July
Re: CVE request: lxr Nico Golde
Re: CVE request: lxr Dan Rosenberg
Sunday, 01 August
CVE Request -- OpenConnect < v2.25 did not verify SSL server certificates Jan Lieskovsky
CVE request: cmsmadesimple < 1.8.1 Hanno Böck
CVE request: joomla < 1.5.20 Hanno Böck
CVE request: kernel: gfs2: rename cases kernel panic Eugene Teo
CVE-2010-2524 kernel: dns_resolver upcall security issue Eugene Teo
Monday, 02 August
CVE Request -- Socat -- Stack overflow by lexical scanning of nested character patterns Jan Lieskovsky
CVE Request [two ids] -- cabextract -- 1, Infinite loop in MS-ZIP and Quantum decoders (minor) 2, Integer wrap-around (crash) by processing certain *.cab files in test archive mode Jan Lieskovsky
RFC: squid: Fix free memory corruption and off-by-on error when comparing SNMP OIDs Thomas Biege
Re: CVE-2008-id Request -- ssmtp -- standardise() -- Buffer overflow Steven M. Christey
Re: CVE Request -- OpenConnect < v2.25 did not verify SSL server certificates Josh Bressers
Re: CVE request: cmsmadesimple < 1.8.1 Josh Bressers
Re: CVE request: joomla < 1.5.20 Josh Bressers
Re: CVE request: kernel: gfs2: rename cases kernel panic Josh Bressers
Re: CVE Request -- Socat -- Stack overflow by lexical scanning of nested character patterns Josh Bressers
Re: CVE Request [two ids] -- cabextract -- 1, Infinite loop in MS-ZIP and Quantum decoders (minor) 2, Integer wrap-around (crash) by processing certain *.cab files in test archive mode Josh Bressers
Re: CVE-2010-2524 kernel: dns_resolver upcall security issue akuster
Re: CVE Request [two ids] -- cabextract -- 1, Infinite loop in MS-ZIP and Quantum decoders (minor) 2, Integer wrap-around (crash) by processing certain *.cab files in test archive mode Dan Rosenberg
Re: CVE Request [two ids] -- cabextract -- 1, Infinite loop in MS-ZIP and Quantum decoders (minor) 2, Integer wrap-around (crash) by processing certain *.cab files in test archive mode Josh Bressers
CVE request: Attachment XSS in mantis < 1.2.2 Hanno Böck
CVE 2009 request: twiki before 4.3.2 CSRF Hanno Böck
kernel: [PARISC] led.c - fix potential stack overflow in led_proc_write() Eugene Teo
Re: CVE-2010-2524 kernel: dns_resolver upcall security issue Eugene Teo
Re: kernel: [PARISC] led.c - fix potential stack overflow in led_proc_write() Moritz Muehlenhoff
Tuesday, 03 August
CVE request - kernel: [PARISC] led.c - fix potential stack overflow in led_proc_write() Eugene Teo
2 vulnerabilties in phpCAS Joachim Fritschi
Re: kernel: [PARISC] led.c - fix potential stack overflow in led_proc_write() Josh Bressers
Re: CVE request: Attachment XSS in mantis < 1.2.2 Josh Bressers
Re: CVE 2009 request: twiki before 4.3.2 CSRF Josh Bressers
Wednesday, 04 August
Re: CVE Request [two ids] -- cabextract -- 1, Infinite loop in MS-ZIP and Quantum decoders (minor) 2, Integer wrap-around (crash) by processing certain *.cab files in test archive mode Steven M. Christey
Re: CVE-2010-2791: mod_proxy information leak affecting 2.2.9 only Steven M. Christey
Friday, 06 August
CVE Request -- FreeType -- Memory corruption flaw by processing certain LWFN fonts Jan Lieskovsky
Re: CVE Request -- FreeType -- Memory corruption flaw by processing certain LWFN fonts + three more Jan Lieskovsky
CVE request: uzbl before 2010.08.05: User-assisted execution of arbitrary commands caused by faulty default config Alex Legler
Re: CVE Request -- FreeType -- Memory corruption flaw by processing certain LWFN fonts + three more Josh Bressers
Re: CVE request: uzbl before 2010.08.05: User-assisted execution of arbitrary commands caused by faulty default config Josh Bressers
Monday, 09 August
CVE request: Lynx Dan Rosenberg
Re: CVE Request -- FreeType -- Memory corruption flaw by processing certain LWFN fonts + three more Braden Thomas
Re: CVE request: Lynx Josh Bressers
Re: CVE Request -- FreeType -- Memory corruption flaw by processing certain LWFN fonts + three more Werner LEMBERG
Re: CVE Request -- FreeType -- Memory corruption flaw by processing certain LWFN fonts + three more Robert Święcki
CVE Request - ZNC Kurt Seifried
Re: CVE Request - ZNC Kurt Seifried
Re: CVE Request -- FreeType -- Memory corruption flaw by processing certain LWFN fonts + three more Werner LEMBERG
Re: kernel: [PARISC] led.c - fix potential stack overflow in led_proc_write() Hui Zhu
CVE ID Request For 2Wire Broadband Router Session Hijacking Vulnerability YGN Ethical Hacker Group
Tuesday, 10 August
Re: CVE ID Request For 2Wire Broadband Router Session Hijacking Vulnerability Josh Bressers
Re: Re: CVE Request - ZNC Josh Bressers
Wednesday, 11 August
CVE Request -- OpenOffice.org [two ids]: 1, integer truncation error 2, short integer overflow Jan Lieskovsky
CVE Request: openssl double free Ludwig Nussel
CVE request: VideoLAN advisory 1004 Rémi Denis-Courmont
Re: CVE Request -- OpenOffice.org [two ids]: 1, integer truncation error 2, short integer overflow Josh Bressers
Re: CVE request: VideoLAN advisory 1004 Josh Bressers
Re: CVE Request: openssl double free Solar Designer
Thursday, 12 August
opera 10.61 fixes 3 security bugs Thomas Biege
Re: CVE Request -- FreeType -- Memory corruption flaw by processing certain LWFN fonts + three more Robert Święcki
Re: opera 10.61 fixes 3 security bugs Carsten H. Eiram
Re: CVE Request: openssl double free Josh Bressers
Re: RFC: squid: Fix free memory corruption and off-by-on error when comparing SNMP OIDs Josh Bressers
Friday, 13 August
Re: RFC: squid: Fix free memory corruption and off-by-on error when comparing SNMP OIDs Thomas Biege
Re: RFC: squid: Fix free memory corruption and off-by-on error when comparing SNMP OIDs Henrik Nordström
Re: kernel: [PARISC] led.c - fix potential stack overflow in led_proc_write() dann frazier
Re: kernel: [PARISC] led.c - fix potential stack overflow in led_proc_write() Eugene Teo
Re: kernel: [PARISC] led.c - fix potential stack overflow in led_proc_write() Ben Hutchings
Re: kernel: [PARISC] led.c - fix potential stack overflow in led_proc_write() Eugene Teo
Sunday, 15 August
CVE request - kernel: integer overflow in ext4_ext_get_blocks() Eugene Teo
Monday, 16 August
Minor security flaw with pam_xauth Tim Brown
Re: CVE request - kernel: integer overflow in ext4_ext_get_blocks() Steven M. Christey
Re: Minor security flaw with pam_xauth Steven M. Christey
Re: CVE request - kernel: integer overflow in ext4_ext_get_blocks() Eugene Teo
Tuesday, 17 August
Re: [oCERT-2010-001] multiple http client unexpected download filename vulnerability Solar Designer
CVE request - kernel: net sched memleak Eugene Teo
CVE request - kernel: xfs: stale data exposure Eugene Teo
Wednesday, 18 August
CVE request: zope-ldapuser Sébastien Delafond
Thursday, 19 August
Re: CVE request: PHP MOPS-2010-56..60 Tomas Hoger
Re: CVE request: PHP MOPS-2010-56..60 Moritz Muehlenhoff
Re: CVE request: PHP MOPS-2010-56..60 pierre.php () gmail com
Re: CVE request - kernel: net sched memleak Josh Bressers
Re: CVE request - kernel: xfs: stale data exposure Josh Bressers
Re: CVE-2008-id Request -- ssmtp -- standardise() -- Buffer overflow Steven M. Christey
Re: CVE request: zope-ldapuser Josh Bressers
CVE Request: SLiM insecure PATH assignment Niels Heinen
Friday, 20 August
CVE request - kernel: jfs: don't allow os2 xattr namespace overlap with others Eugene Teo
CVE-2010-2959 kernel: can: add limit for nframes and clean up signed/unsigned variables Eugene Teo
Re: CVE request: PHP MOPS-2010-56..60 Tomas Hoger
Re: CVE request: PHP MOPS-2010-56..60 Pierre Joye
CVE Request: heap-based buffer overflow in libHX Thomas Biege
Re: CVE request: PHP MOPS-2010-56..60 Tomas Hoger
Re: CVE request: PHP MOPS-2010-56..60 Pierre Joye
Re: CVE request: PHP MOPS-2010-56..60 Pierre Joye
Re: CVE request: PHP MOPS-2010-56..60 Steven M. Christey
Re: CVE Request: SLiM insecure PATH assignment Josh Bressers
Re: CVE request - kernel: jfs: don't allow os2 xattr namespace overlap with others Josh Bressers
Re: CVE Request: heap-based buffer overflow in libHX Josh Bressers
Re: CVE request: lxr Steven M. Christey
Re: Qt SSL endless loop Steven M. Christey
Re: Qt SSL endless loop Vincent Danen
Monday, 23 August
Re: CVE request: PHP MOPS-2010-56..60 Pierre Joye
Re: CVE request: PHP MOPS-2010-56..60 Moritz Muehlenhoff
Re: CVE request: PHP MOPS-2010-56..60 Pierre Joye
Tuesday, 24 August
Re: CVE request: PHP MOPS-2010-56..60 Thomas Biege
Re: CVE request: PHP MOPS-2010-56..60 Pierre Joye
CVE Request -- Quagga (bgpd) [two ids] -- 1, Stack buffer overflow by processing crafted Refresh-Route msgs 2, NULL ptr deref by parsing certain AS paths by BGP update request Jan Lieskovsky
Re: CVE request: PHP MOPS-2010-56..60 Tomas Hoger
Re: CVE request: PHP MOPS-2010-56..60 Steven M. Christey
CVE Request -- Squid v3.1.6 -- DoS (crash) while processing large DNS replies with no IPv6 resolver present Jan Lieskovsky
Re: CVE Request -- Squid v3.1.6 -- DoS (crash) while processing large DNS replies with no IPv6 resolver present Stephen Thorne
Wednesday, 25 August
Re: CVE request: ghostscript and gv Tomas Hoger
Re: CVE Request -- Squid v3.1.6 -- DoS (crash) while processing large DNS replies with no IPv6 resolver present Amos Jeffries
Re: CVE request: ghostscript and gv Ludwig Nussel
Re: CVE Request -- Quagga (bgpd) [two ids] -- 1, Stack buffer overflow by processing crafted Refresh-Route msgs 2, NULL ptr deref by parsing certain AS paths by BGP update request Josh Bressers
Re: CVE request: PHP MOPS-2010-56..60 Josh Bressers
Re: Re: CVE Request -- Squid v3.1.6 -- DoS (crash) while processing large DNS replies with no IPv6 resolver present Josh Bressers
CVE request: CouchDB insecure library loading (Debian/Ubuntu only) Dan Rosenberg
CVE id request: libc fortify source information disclosure Nico Golde
CVE request: VLC media player - DLL preloading vulnerability Geoffroy Couprie
Re: CVE request: VLC media player - DLL preloading vulnerability Steven M. Christey
Thursday, 26 August
Re: CVE request: CouchDB insecure library loading (Debian/Ubuntu only) Tomas Hoger
Re: CVE request: VLC media player - DLL preloading vulnerability Geoffroy Couprie
Re: CVE request: ghostscript and gv Tomas Hoger
[HITB-Announce] HITB2010 SIGNINT Sessions Hafez Kamal
Re: CVE request: CouchDB insecure library loading (Debian/Ubuntu only) Josh Bressers
Friday, 27 August
[PATCH] exec argument expansion can inappropriately trigger OOM-killer Kees Cook
Saturday, 28 August
CVE Request: BGP protocol vulnerability Florian Weimer
Re: CVE Request: BGP protocol vulnerability Kurt Seifried
Sunday, 29 August
Re: CVE Request: BGP protocol vulnerability Florian Weimer
CVE request: serendipity < 1.5.4 xss Hanno Böck
Hardening the linker (was Re: [oss-security] CVE request: CouchDB insecure library loading (Debian/Ubuntu only)) Tim Brown
Re: [PATCH] exec argument expansion can inappropriately trigger OOM-killer KOSAKI Motohiro
Re: [PATCH] exec argument expansion can inappropriately trigger OOM-killer Roland McGrath
Re: [PATCH] exec argument expansion can inappropriately trigger OOM-killer Solar Designer
Monday, 30 August
Re: CVE Request: BGP protocol vulnerability Josh Bressers
Re: [PATCH] exec argument expansion can inappropriately trigger OOM-killer Roland McGrath
Re: [PATCH] exec argument expansion can inappropriately trigger OOM-killer Solar Designer
Re: [PATCH] exec argument expansion can inappropriately trigger OOM-killer Solar Designer
CVE Request -- MySQL v5.1.49 -- multiple DoS flaws Jan Lieskovsky
Re: [PATCH] exec argument expansion can inappropriately trigger OOM-killer Brad Spengler
Tuesday, 31 August
CVE-2010-2955 kernel: wireless: fix 64K kernel heap content leak via ioctl Eugene Teo
Re: [PATCH] exec argument expansion can inappropriately trigger OOM-killer Roland McGrath
Re: [PATCH] exec argument expansion can inappropriately trigger OOM-killer Solar Designer
Re: [PATCH] exec argument expansion can inappropriately triggerOOM-killer Tetsuo Handa
Re: CVE request: serendipity < 1.5.4 xss Josh Bressers
Re: CVE id request: libc fortify source information disclosure Josh Bressers
Re: CVE id request: libc fortify source information disclosure Steven M. Christey
Re: CVE Request: BGP protocol vulnerability Steven M. Christey
CVE-2010-2954 kernel: irda null ptr deref Eugene Teo
Wednesday, 01 September
CVE Request -- phpMyAdmin - v3.6.6 -- XSS attack using debugging messages (CVE-2010-3056 discussion) Jan Lieskovsky
Re: CVE Request -- phpMyAdmin - v3.6.6 -- XSS attack using debugging messages (CVE-2010-3056 discussion) Josh Bressers
CVE-2010-2960 kernel: keyctl_session_to_parent null ptr deref Eugene Teo
Thursday, 02 September
Re: CVE id request: libc fortify source information disclosure Tomas Hoger
Re: CVE id request: libc fortify source information disclosure Dan Rosenberg
Re: CVE id request: libc fortify source information disclosure Tomas Hoger
Re: CVE id request: libc fortify source information disclosure Dan Rosenberg
Friday, 03 September
CVE Request 1, NSS 2, Qt: Doesn't handle wildcards in Common Name properly Jan Lieskovsky
CVE request: XSS in nusoap Raphael Geissert
Re: CVE Request 1, NSS 2, Qt: Doesn't handle wildcards in Common Name properly Reed Loden
Re: CVE Request 1, NSS 2, Qt: Doesn't handle wildcards in Common Name properly Julien Cristau
Re: CVE Request 1, NSS 2, Qt: Doesn't handle wildcards in Common Name properly Reed Loden
Saturday, 04 September
Re: CVE Request 1, NSS 2, Qt: Doesn't handle wildcards in Common Name properly Joe Orton
Sunday, 05 September
CVE Request -- Bip -- Remote Dos (crash) by exchanging user credentials Jan Lieskovsky
CVE Request -- Squid -- Denial of service due internal error in string handling (SQUID-2010:3) Jan Lieskovsky
CVE Request -- EncFS / fuse-encfs [three ids] -- Multiple Vulnerabilities in EncFS Jan Lieskovsky
Re: CVE Request 1, NSS 2, Qt: Doesn't handle wildcards in Common Name properly Richard Moore
CVE request: smbind Sql Injection Giuseppe Iuculano
Monday, 06 September
Re: CVE Request -- EncFS / fuse-encfs [three ids] -- Multiple Vulnerabilities in EncFS Valient Gough
CVE Request -- Horde v3.3.8 -- XSS in icon_browser.php due improper sanitization of 'subdir' URL parameter Jan Lieskovsky
Re: CVE Request 1, NSS 2, Qt: Doesn't handle wildcards in Common Name properly Florian Weimer
CVE request: kernel: xfs: XFS_IOC_FSGETXATTR ioctl memory leak Eugene Teo
Tuesday, 07 September
/proc infoleaks Sebastian Krahmer
Re: [Security] /proc infoleaks Sebastian Krahmer
Re: CVE request: XSS in nusoap Josh Bressers
Re: [Security] /proc infoleaks Andrew Morton
Re: CVE Request -- Bip -- Remote Dos (crash) by exchanging user credentials Josh Bressers
Re: CVE Request -- Squid -- Denial of service due internal error in string handling (SQUID-2010:3) Josh Bressers
Re: CVE Request -- EncFS / fuse-encfs [three ids] -- Multiple Vulnerabilities in EncFS Josh Bressers
Re: Re: [Security] /proc infoleaks Marcus Meissner
Re: CVE request: smbind Sql Injection Josh Bressers
Re: CVE Request -- Horde v3.3.8 -- XSS in icon_browser.php due improper sanitization of 'subdir' URL parameter Josh Bressers
Re: CVE request: kernel: xfs: XFS_IOC_FSGETXATTR ioctl memory leak Josh Bressers
Re: Re: [Security] /proc infoleaks Jon Oberheide
Re: Re: [Security] /proc infoleaks Andrew Morton
Re: [Security] [oss-security] Re: /proc infoleaks Andrew Morton
Re: [Security] [oss-security] Re: /proc infoleaks Brad Spengler
Re: [Security] [oss-security] Re: /proc infoleaks Linus Torvalds
[PATCH 0/3] execve argument-copying fixes Roland McGrath
[PATCH 1/3] setup_arg_pages: diagnose excessive argument size Roland McGrath
[PATCH 2/3] execve: improve interactivity with large arguments Roland McGrath
[PATCH 3/3] execve: make responsive to SIGKILL with large arguments Roland McGrath
Re: [PATCH 0/3] execve argument-copying fixes KOSAKI Motohiro
Re: Re: [Security] [oss-security] Re: /proc infoleaks Sebastian Krahmer
Wednesday, 08 September
CVE-2010-3080 kernel: /dev/sequencer open failure is not handled correctly Eugene Teo
Re: Re: [Security] [oss-security] Re: /proc infoleaks Brad Spengler
CVE Request -- phpMyAdmin (x < v3.3.7) -- XSS in setup script (PMASA-2010-7) Jan Lieskovsky
Re: CVE Request -- phpMyAdmin (x < v3.3.7) -- XSS in setup script (PMASA-2010-7) Steven M. Christey
CVE request: kernel: niu buffer overflow for ETHTOOL_GRXCLSRLALL Eugene Teo
Thursday, 09 September
[PATCH 0/2] execve memory exhaust of argument-copying fixes KOSAKI Motohiro
[PATCH 1/2] oom: don't ignore rss in nascent mm KOSAKI Motohiro
[PATCH 2/2] execve: check the VM has enough memory at first KOSAKI Motohiro
Re: [PATCH 1/3] setup_arg_pages: diagnose excessive argument size KOSAKI Motohiro
CVE Request -- Python -- accept() implementation in async core is broken => more subcases Jan Lieskovsky
CVE Assignment: django Josh Bressers
CVE request: mednafen stack manipulation Hanno Böck
Friday, 10 September
Re: [PATCH 1/3] setup_arg_pages: diagnose excessive argument size Roland McGrath
Re: [PATCH 1/3] setup_arg_pages: diagnose excessive argument size Roland McGrath
Re: [PATCH 1/3] setup_arg_pages: diagnose excessive argument size Roland McGrath
Re: [PATCH 1/2] oom: don't ignore rss in nascent mm Roland McGrath
Re: [PATCH 1/3] setup_arg_pages: diagnose excessive argument size KOSAKI Motohiro
[PATCH] move cred_guard_mutex from task_struct to signal_struct KOSAKI Motohiro
Re: [PATCH 2/2] execve: check the VM has enough memory at first Linus Torvalds
Re: [PATCH] move cred_guard_mutex from task_struct to signal_struct Oleg Nesterov
Re: CVE request: kernel: niu buffer overflow for ETHTOOL_GRXCLSRLALL Josh Bressers
Re: CVE Request -- Python -- accept() implementation in async core is broken => more subcases Josh Bressers
Re: CVE request: mednafen stack manipulation Josh Bressers
Re: CVE Request -- MySQL v5.1.49 -- multiple DoS flaws Josh Bressers
CVE id requests: drupal Steffen Joeris
Saturday, 11 September
Re: [PATCH 1/3] setup_arg_pages: diagnose excessive argument size pageexec
Re: [PATCH 1/3] setup_arg_pages: diagnose excessive argument size pageexec
CVE request: mailscanner, multiple vulnerabilities Raphael Geissert
Sunday, 12 September
CVE Request: pidgin-knotify remote command injection Alex Legler
Monday, 13 September
CVE Request: mailman Huzaifa Sidhpurwala
CVE id request for non disclosed issue? Pierre Joye
Re: CVE id request for non disclosed issue? Kyle Bader
Re: CVE Request: pidgin-knotify remote command injection Josh Bressers
Re: CVE Request: mailman Josh Bressers
Re: CVE id request for non disclosed issue? Josh Bressers
Re: CVE id requests: drupal Josh Bressers
Re: CVE Request: mailman Steven M. Christey
Re: CVE request: mailscanner, multiple vulnerabilities Josh Bressers
Re: CVE Request: mailman Josh Bressers
Re: [Security] [oss-security] Re: /proc infoleaks Willy Tarreau
Re: CVE Request: mailman Steven M. Christey
CVE request: xss in pecl-apc before 3.1.4 Hanno Böck
CVE request: kernel: numerous infoleaks Eugene Teo
Re: [PATCH 2/2] execve: check the VM has enough memory at first KOSAKI Motohiro
Tuesday, 14 September
CVE request: padding oracle attack: ruby on rails 2.3, owasp esapi Thomas Biege
Re: [PATCH 1/3] setup_arg_pages: diagnose excessive argument size Roland McGrath
Re: CVE request: xss in pecl-apc before 3.1.4 Josh Bressers
Re: CVE request: kernel: numerous infoleaks Josh Bressers
Re: CVE request: xss in pecl-apc before 3.1.4 Pierre Joye
Re: [PATCH 1/3] setup_arg_pages: diagnose excessive argument size Roland McGrath
Re: CVE request: padding oracle attack: ruby on rails 2.3, owasp esapi Josh Bressers
Re: [PATCH 1/3] setup_arg_pages: diagnose excessive argument size pageexec
CVE request: mantis before 1.2.3 (XSS) Hanno Böck
Re: CVE request: mantis before 1.2.3 (XSS) Hanno Böck
Re: [PATCH 1/3] setup_arg_pages: diagnose excessive argument size Roland McGrath
Re: [PATCH 1/3] setup_arg_pages: diagnose excessive argument size pageexec
Re: [PATCH 1/3] setup_arg_pages: diagnose excessive argument size pageexec
Re: [PATCH 1/3] setup_arg_pages: diagnose excessive argument size Roland McGrath
Re: CVE request: mantis before 1.2.3 (XSS) Kurt Seifried
Re: CVE request: mantis before 1.2.3 (XSS) Kurt Seifried
Wednesday, 15 September
Re: [PATCH 1/3] setup_arg_pages: diagnose excessive argument size pageexec
Re: CVE request: kernel: numerous infoleaks Dan Rosenberg
CVE-2010-3301 kernel: IA32 System Call Entry Point Vulnerability Eugene Teo
CVE-2010-3081 kernel: 64-bit Compatibility Mode Stack Pointer Underflow Eugene Teo
Re: CVE-2010-3301 kernel: IA32 System Call Entry Point Vulnerability Eugene Teo
Re: [PATCH] move cred_guard_mutex from task_struct to signal_struct KOSAKI Motohiro
Re: [PATCH 2/2] execve: check the VM has enough memory at first KOSAKI Motohiro
[PATCH 0/4] oom fixes for 2.6.36 KOSAKI Motohiro
[PATCH 3/4] move cred_guard_mutex from task_struct to signal_struct KOSAKI Motohiro
[PATCH 1/4] oom: remove totalpage normalization from oom_badness() KOSAKI Motohiro
[PATCH 2/4] Revert "oom: deprecate oom_adj tunable" KOSAKI Motohiro
[PATCH 4/4] oom: don't ignore rss in nascent mm KOSAKI Motohiro
Re: [PATCH 1/4] oom: remove totalpage normalization from oom_badness() David Rientjes
Thursday, 16 September
Re: [PATCH 1/4] oom: remove totalpage normalization from oom_badness() KOSAKI Motohiro
Re: [PATCH 1/4] oom: remove totalpage normalization from oom_badness() Pekka Enberg
CVE-identifier request for Dovecot ACL security bug Henri Salo
Re: [PATCH 4/4] oom: don't ignore rss in nascent mm Oleg Nesterov
Re: CVE request: mantis before 1.2.3 (XSS) Josh Bressers
Re: CVE-identifier request for Dovecot ACL security bug Josh Bressers
CVE request: pixelpost Raphael Geissert
Re: [PATCH 2/2] execve: check the VM has enough memory at first Linus Torvalds
CVE request: weborf: directory traversal Raphael Geissert
Friday, 17 September
[oCERT-2010-003] Free Simple CMS path sanitization errors Andrea Barisani
CVE request: epiphany not checking ssl certs Hanno Böck
Re: CVE request: epiphany not checking ssl certs Tomas Hoger
Re: CVE request: pixelpost Josh Bressers
Re: CVE request: weborf: directory traversal Josh Bressers
Re: CVE request: pixelpost Raphael Geissert
Re: CVE request: epiphany not checking ssl certs Josh Bressers
Re: [oCERT-2010-003] Free Simple CMS path sanitization errors Josh Bressers
Re: CVE request: epiphany not checking ssl certs Steven M. Christey
Re: CVE request: epiphany not checking ssl certs Michael Gilbert
Monday, 20 September
CVE request: egroupware remote code and xss Hanno Böck
Re: CVE request: epiphany not checking ssl certs Ludwig Nussel
CVE request: kernel: Heap corruption in ROSE Dan Rosenberg
Re: CVE request: kernel: Heap corruption in ROSE Eugene Teo
Tuesday, 21 September
Re: Minor security flaw with pam_xauth Solar Designer
bzip2 CVE-2010-0405 integer overflow Solar Designer
Re: CVE request: epiphany not checking ssl certs Josh Bressers
Re: CVE request: padding oracle attack: ruby on rails 2.3, owasp esapi Thomas Biege
Re: CVE request: egroupware remote code and xss Josh Bressers
Re: Minor security flaw with pam_xauth Josh Bressers
Re: Minor security flaw with pam_xauth Steven M. Christey
Re: Minor security flaw with pam_xauth Josh Bressers
Re: Minor security flaw with pam_xauth Solar Designer
Re: Minor security flaw with pam_xauth Josh Bressers
Re: CVE request: padding oracle attack: ruby on rails 2.3, owasp esapi Michael Koziarski
Re: CVE request: padding oracle attack: ruby on rails 2.3, owasp esapi Steven M. Christey
Re: CVE request: padding oracle attack: ruby on rails 2.3, owasp esapi Michael Koziarski
Wednesday, 22 September
CVE request: clamav < 0.96.3 pdf bounds checking Hanno Böck
Re: CVE Request -- MySQL v5.1.49 -- multiple DoS flaws Josh Bressers
Re: CVE Request -- Python -- accept() implementation in async core is broken => more subcases Josh Bressers
Friday, 24 September
CVE Request -- Linux/SCTP DoS in sctp_packet_config() dann frazier
Re: Minor security flaw with pam_xauth Solar Designer
Re: CVE Request -- Python -- accept() implementation in async core is broken => more subcases Steven M. Christey
Interesting kernel bug Dan Rosenberg
Re: CVE Request -- Linux/SCTP DoS in sctp_packet_config() Eugene Teo
Saturday, 25 September
CVE request: multiple kernel stack memory disclosures Dan Rosenberg
Sunday, 26 September
Re: CVE Request -- Linux/SCTP DoS in sctp_packet_config() Kurt Seifried
Re: [PATCH 4/4] oom: don't ignore rss in nascent mm KOSAKI Motohiro
Monday, 27 September
Re: CVE Request 1, NSS 2, Qt: Doesn't handle wildcards in Common Name properly Tomas Hoger
Re: Minor security flaw with pam_xauth Vincent Danen
Re: Minor security flaw with pam_xauth Vincent Danen
Re: CVE request: clamav < 0.96.3 pdf bounds checking Josh Bressers
Re: Minor security flaw with pam_xauth Solar Designer
Re: Minor security flaw with pam_xauth Josh Bressers
Re: CVE request: multiple kernel stack memory disclosures Josh Bressers
Re: Minor security flaw with pam_xauth Solar Designer
CVE requests: POE::Component::IRC, Alien Arena, Babiloo, Typo3, abcm2ps, ModSecurity, Linux kernel Moritz Muehlenhoff
Re: CVE requests: POE::Component::IRC, Alien Arena, Babiloo, Typo3, abcm2ps, ModSecurity, Linux kernel Eugene Teo
Tuesday, 28 September
CVE request - kernel: pktcdvd ioctl dev_minor missing range check Eugene Teo
Re: CVE request: clamav < 0.96.3 pdf bounds checking Ludwig Nussel
[oCERT-2010-004] FFmpeg/libavcodec arbitrary offset dereference Andrea Barisani
Re: CVE request: clamav < 0.96.3 pdf bounds checking Ludwig Nussel
Re: CVE request - kernel: pktcdvd ioctl dev_minor missing range check Josh Bressers
Re: CVE requests: POE::Component::IRC, Alien Arena, Babiloo, Typo3, abcm2ps, ModSecurity, Linux kernel Josh Bressers
Re: CVE requests: POE::Component::IRC, Alien Arena, Babiloo, Typo3, abcm2ps, ModSecurity, Linux kernel Steven M. Christey
Re: CVE requests: POE::Component::IRC, Alien Arena, Babiloo, Typo3, abcm2ps, ModSecurity, Linux kernel Steven M. Christey
Re: CVE Request -- MySQL v5.1.49 -- multiple DoS flaws Steven M. Christey
RFC: changing the behaviour of ld.so(8) regarding empty items on LD_LIBRARY_PATH Raphael Geissert
CVE request - kernel: prevent heap corruption in snd_ctl_new() Eugene Teo
Wednesday, 29 September
Re: CVE request - kernel: prevent heap corruption in snd_ctl_new() Marcus Meissner
Re: CVE request - kernel: prevent heap corruption in snd_ctl_new() Eugene Teo
Re: RFC: changing the behaviour of ld.so(8) regarding empty items on LD_LIBRARY_PATH Tim Brown
CVE request - phpCAS: prevent symlink attacks, directory traversal and XSS during a proxy callback Joachim Fritschi
Re: CVE requests: POE::Component::IRC, Alien Arena, Babiloo, Typo3, abcm2ps, ModSecurity, Linux kernel Moritz Muehlenhoff
CVE requests: Poppler, Quassel, Pyfribidi, Overkill, DocUtils, FireGPG, Wireshark Moritz Muehlenhoff
Re: CVE request - kernel: prevent heap corruption in snd_ctl_new() Josh Bressers
Re: CVE requests: Poppler, Quassel, Pyfribidi, Overkill, DocUtils, FireGPG, Wireshark Josh Bressers
CVE request: Horde Gollem <1.1.2 XSS in view.php Alex Legler
Re: CVE requests: POE::Component::IRC, Alien Arena, Babiloo, Typo3, abcm2ps, ModSecurity, Linux kernel Eugene Teo
Small exposure in ocfs2 fast symlinks. Joel Becker
Re: Small exposure in ocfs2 fast symlinks. Greg KH
Thursday, 30 September
Re: Small exposure in ocfs2 fast symlinks. Joel Becker
Re: CVE request: Horde Gollem <1.1.2 XSS in view.php Josh Bressers
Re: CVE requests: POE::Component::IRC, Alien Arena, Babiloo, Typo3, abcm2ps, ModSecurity, Linux kernel Josh Bressers
Re: CVE request: Horde Gollem <1.1.2 XSS in view.php Moritz Muehlenhoff
Re: CVE request: Horde Gollem <1.1.2 XSS in view.php Alex Legler