oss-sec: by date

• RSS Feed
• About List
• All Lists

Previous period

Next period

738 messages starting Apr 01 11 and ending Jun 30 11
Date index | Thread index | Author index

Friday, 01 April

BSD derived RFC3173 IPComp encapsulation will expand arbitrarily nested payload Tavis Ormandy
Re: Suid mount helpers fail to anticipate RLIMIT_FSIZE Ludwig Nussel
CVE Request -- perl -- lc(), uc() routines are laundering tainted data Jan Lieskovsky
6-year FreeBSD-SA-05:02.sendfile exploit Solar Designer
Closed list Josh Bressers
Re: Closed list Reed Loden
Re: Closed list Patrick J. Volkerding
Re: Closed list Marc Deslauriers
Re: Closed list Charles Blas
Re: Closed list Solar Designer
Re: Closed list Dan Rosenberg
Re: Closed list Steve Beattie
Re: Closed list zardoz
Re: Closed list Solar Designer
Re: Closed list Mike O'Connor
Re: Closed list Kees Cook
Re: Closed list Dmitry V. Levin
Re: Closed list Marcus Meissner
Re: Closed list Mike O'Connor
Re: Closed list Josh Bressers
Re: Closed list Dan Rosenberg

Saturday, 02 April

Re: Closed list Alex Legler
Re: Closed list Moritz Muehlenhoff
Re: Closed list Mike O'Connor
Re: Closed list klondike
Re: Closed list Es gibt immer etwas zu tratschen
Closed list R P Herrold
Re: Closed list Thijs Kinkhorst
Re: Closed list ArkanoiD
Re: Closed list Elliot Peele

Sunday, 03 April

Re: Closed list Miklos Vajna
Re: Closed list AK
Re: Closed list Solar Designer
Re: Closed list Mark J Cox
Re: Closed list Solar Designer
Re: Closed list Solar Designer
Re: Closed list Solar Designer
Re: Closed list Solar Designer
Re: Closed list Ben Laurie
Re: Closed list Solar Designer
Re: Closed list Solar Designer
Re: Closed list Solar Designer
Re: Closed list Solar Designer
Re: Closed list Solar Designer
Re: Closed list Steve Kemp
Re: Closed list Solar Designer
Re: Closed list Solar Designer
Re: Closed list Solar Designer
Re: Closed list Solar Designer
Re: Closed list Steve Kemp
Re: Closed list Solar Designer
Re: Closed list ArkanoiD
Re: Closed list ArkanoiD
Re: Closed list Solar Designer
Re: Closed list Solar Designer
Re: Closed list Solar Designer
Re: Closed list Solar Designer
Re: Closed list Solar Designer
Re: Closed list Solar Designer
Re: Closed list Solar Designer
Re: Closed list Solar Designer
Re: Closed list Solar Designer
Re: Closed list Benji
Re: Closed list Solar Designer
Re: Closed list Solar Designer
Re: Closed list Solar Designer
Re: Closed list Dan Rosenberg
Re: Closed list Josh Bressers
Re: Closed list Patrick J. Volkerding
Re: Closed list Solar Designer
Re: Closed list Michael Gilbert
Re: Closed list Josh Bressers
Re: Closed list Solar Designer
Re: Closed list Solar Designer
Re: Closed list Michael Gilbert
Re: Closed list Michael Gilbert
Re: Closed list Michael Gilbert
Re: Closed list Eugene Teo
Re: Closed list Huzaifa Sidhpurwala
Re: Closed list Oden Eriksson

Monday, 04 April

Re: Closed list Mark J Cox
Re: Closed list Marcus Meissner
Re: Closed list Marc Deslauriers
Re: Closed list Nico Golde
Re: Closed list Micah Gersten
Re: CVE Request -- Erlang/OTP R14, Erlang/OTP R14B01, Erlang/OTP R14B02 -- multiple security fixes Hans Bolinder
Re: Closed list Benji
Re: Closed list ksha
Re: Closed list Solar Designer
Re: Closed list Solar Designer
Re: Closed list Solar Designer
Re: Closed list Marcus Meissner
Re: Closed list Ben Laurie
Re: Closed list phocean
my key Sebastian Krahmer
Re: Closed list Ludwig Nussel
CVE request: libvirt: error reporting in libvirtd is not thread safe Petr Matousek
Re: Closed list Nico Golde
Re: Closed list Eugene Teo
Re: Local memory disclosure (was: libpurple CVE UnRequest) Tomas Hoger
Re: Closed list Tomas Hoger
Re: Closed list Miklos Vajna
Closed list R P Herrold
Re: CVE request: libvirt: error reporting in libvirtd is not thread safe Josh Bressers
Re: CVE Request -- perl -- lc(), uc() routines are laundering tainted data Josh Bressers
Re: Closed list Solar Designer
Re: Closed list Solar Designer
Re: Closed list Solar Designer
Re: Closed list Dmitry V. Levin
Re: my key Solar Designer
Re: CVE Request: rsyslogd memory leaks Josh Bressers
Re: Closed list Solar Designer
Re: CVE request: kernel: multiple issues in ROSE Josh Bressers
Re: CVE request: kernel: multiple issues in ROSE Dan Rosenberg
Re: Closed list Solar Designer
Re: Closed list Solar Designer
Re: Closed list Solar Designer
Re: Closed list Solar Designer
Re: Closed list Solar Designer
Re: CVE request: roundcube < 0.5.1 CSRF Josh Bressers
Re: CVE request: kernel: multiple issues in ROSE Josh Bressers
Re: Closed list Yves-Alexis Perez
Re: Closed list Solar Designer
Re: Web of trust Yves-Alexis Perez
Re: Closed list Jeffrey Czerniak
Re: Closed list klondike
Re: Closed list Solar Designer
Re: Closed list Solar Designer
Re: Web of trust Solar Designer
Re: Closed list Jeffrey Czerniak

Tuesday, 05 April

Vouching system (was Re: [oss-security] Closed list) Eugene Teo
Re: Closed list Matthias Andree
Re: Closed list Matthias Andree
Re: Closed list Josh Bressers
Re: Closed list Benji
A new way of writing secure data backups, combining RAID and one time pads. Gareth Randall
CVE re-request Sebastian Krahmer
Re: Closed list Thomas Biege
Re: Closed list Thomas Biege
Re: Vouching system (was Re: [oss-security] Closed list) Solar Designer
Re: CVE re-request Josh Bressers
Re: Closed list Solar Designer
Re: Closed list Josh Bressers
Re: Closed list Solar Designer
Re: CVE request: kernel: multiple issues in ROSE Steven M. Christey
Re: CVE request: kernel: multiple issues in ROSE Steven M. Christey
Re: CVE request: kernel: multiple issues in ROSE Steven M. Christey
Re: Closed list Tim Zingelman
Re: CVE re-request Steven M. Christey
Re: Closed list Solar Designer
Re: CVE request: kernel: multiple issues in ROSE Dan Rosenberg
Re: Closed list Solar Designer
Re: Closed list Vincent Danen
Re: Closed list Andrea Barisani
Re: Closed list Tomas Hoger
Re: Closed list Solar Designer
Re: Closed list Solar Designer
Re: Closed list Vincent Danen
Re: Closed list Vincent Danen
CVE request: kernel: two issues in mpt2sas Dan Rosenberg
Re: A new way of writing secure data backups, combining RAID and one time pads. klondike
Re: A new way of writing secure data backups, combining RAID and one time pads. Yves-Alexis Perez
Re: Closed list Jamie Strandboge
Re: Closed list Solar Designer
CVE id request: tmux (debian specific) Nico Golde
Re: Closed list Mike O'Connor

Wednesday, 06 April

Re: CVE request: kernel: two issues in mpt2sas Eugene Teo
CVE for ruby on rails XSS fixes Sebastian Krahmer
Re: Closed list Milan Berger
Re: Closed list Jeremy Stanley
Re: CVE requests : Liferay 6.0.6 Nicolas Grégoire
Re: Closed list akuster
Re: Closed list Solar Designer
Re: Closed list Solar Designer
CVE Request -- dhcp: DoS (excessive CPU use) by opening an OMAPI connection Jan Lieskovsky
Re: Closed list Solar Designer
Re: CVE id request: tmux (debian specific) Josh Bressers
Re: CVE for ruby on rails XSS fixes Josh Bressers
Moonlight release 2.4.1 with security fixes Marcus Meissner
Re: CVE Request -- dhcp: DoS (excessive CPU use) by opening an OMAPI connection Jan Lieskovsky
Re: Closed list akuster
Re: Closed list Stefan Behte
Re: Closed list Michael Gilbert
Re: Closed list Michael Gilbert

Thursday, 07 April

Re: Closed list akuster
consolekit security flaw heads up Josh Bressers
Re: Possible security fixes in 5.05? Vincent Danen
Re: Possible security fixes in 5.05? Christos Zoulas
Apache HttpClient CVE request [VU#153049] Chad Dougherty
Re: Possible security fixes in 5.05? Vincent Danen
CVE request: tinyproxy runs as an open proxy when attempting to restrict allowable IP ranges Vincent Danen

Friday, 08 April

Re: Apache HttpClient CVE request [VU#153049] Mark J Cox
CVE request for pithos information disclosure Luke Faraone
Re: CVE request: tinyproxy runs as an open proxy when attempting to restrict allowable IP ranges Josh Bressers
Re: CVE request for pithos information disclosure Josh Bressers
Re: CVE requests : Liferay 6.0.6 Josh Bressers
Re: Closed list akuster

Saturday, 09 April

CVE id request: gitolite Nico Golde
Re: Closed list Solar Designer

Sunday, 10 April

Re: CVE request: kernel: inotify memory leak Eugene Teo
CVE-2011-1479 (was Re: [oss-security] CVE request: kernel: inotify memory leak) Eugene Teo

Monday, 11 April

pure-ftpd STARTTLS command injection / new CVE? Sebastian Krahmer
CVE request - kernel: sctp: fix to calc the INIT/INIT-ACK chunk length correctly to set Eugene Teo
Re: Closed list akuster
CVE request for libmodplug Vincent Danen
Re: pure-ftpd STARTTLS command injection / new CVE? Mike O'Connor
Re: pure-ftpd STARTTLS command injection / new CVE? Steven M. Christey
Re: CVE requests : Liferay 6.0.6 Josh Bressers
Re: Closed list Josh Bressers
Re: CVE id request: gitolite Josh Bressers
Re: CVE request - kernel: sctp: fix to calc the INIT/INIT-ACK chunk length correctly to set Josh Bressers
Re: CVE request for libmodplug Josh Bressers
Re: pure-ftpd STARTTLS command injection / new CVE? Josh Bressers
Re: Closed list Moritz Muehlenhoff
CVE requests: Three Linux kernel issues Moritz Muehlenhoff
CVE id request: vlc Nico Golde
Re: CVE requests: Three Linux kernel issues Dan Rosenberg
Re: CVE request: kernel: multiple issues in ROSE Dan Rosenberg
Re: CVE requests: Three Linux kernel issues Eugene Teo
Re: CVE requests: Three Linux kernel issues Eugene Teo

Tuesday, 12 April

RE: [security-vendor] [oss-security] Closed list Zhao, Zhenfeng
Re: CVE requests: Three Linux kernel issues Vasiliy Kulikov
Re: CVE request: kernel: fs/partitions: Kernel heap overflow via corrupted LDM partition tables Timo Warns
Re: Closed list akuster
Re: Closed list Onur Küçük
Re: Closed list Petr Matousek
libtiff CVE assignments Josh Bressers
Re: Closed list Solar Designer
Re: Closed list Solar Designer
Re: Closed list Solar Designer
Re: Closed list Solar Designer
Re: Closed list akuster
Re: Closed list akuster
CVE Request: kernel: fs/partitions: Corrupted GUID partition tables can cause kernel oops Timo Warns
Re: Closed list akuster
Re: Closed list Michael Gilbert
Re: CVE Request: kernel: fs/partitions: Corrupted GUID partition tables can cause kernel oops Eugene Teo
CVE request: mediawiki 1.16.3 Vincent Danen
Re: CVE request: mediawiki 1.16.3 Kurt Seifried
CVE request - kernel: bonding: Incorrect TX queue offset Eugene Teo
Re: CVE request: mediawiki 1.16.3 Eugene Teo

Wednesday, 13 April

Re: Closed list Josh Bressers
CVE id request: mahara / HTML Purifier Joey Schulze
Re: Closed list Ronald van den Blink
Re: Closed list akuster
Re: Closed list akuster
Re: Closed list Dan Rosenberg
Re: Closed list akuster
Re: Closed list Vincent Danen
Re: CVE id request: vlc Josh Bressers
Re: CVE request: mediawiki 1.16.3 Josh Bressers
Re: CVE request - kernel: bonding: Incorrect TX queue offset Josh Bressers
Re: CVE id request: vlc Steven M. Christey
Re: Closed list Ronald van den Blink
CVE request: dotclear before 2.2.3 Hanno Böck
Re: Closed list Mike O'Connor
CVE request for SAP issues Kurt Seifried
Re: CVE request for SAP issues Solar Designer
Re: CVE request for SAP issues Kurt Seifried

Thursday, 14 April

Re: Closed list Tomas Hoger
Re: Closed list Tomas Hoger
Re: RE: [security-vendor] [oss-security] Closed list Tomas Hoger
Re: Closed list Josh Bressers
Re: CVE request: dotclear before 2.2.3 Franck Paul
[security-vendor] Re: [oss-security] Closed list Zhao, Zhenfeng
Re: Re: Closed list Meltem Parmaksız
CVE request: mediawiki 1.16.4, incomplete fix of CVE-2011-1578 Vincent Danen
Re: Closed list akuster
Re: Closed list akuster
Re: Closed list Patrick J. Volkerding

Friday, 15 April

CVE Request: cifs session reuse Ludwig Nussel
[security-vendor] Re: [oss-security] Closed list Zhao, Zhenfeng
CVE Request: incomplete fix for CVE-2010-1000 in KDE network Jamie Strandboge
CVE request for Thunar (format string errors) Yves-Alexis Perez
Re: CVE request for Thunar (format string errors) Tomas Hoger
Re: CVE request for Thunar (format string errors) Yves-Alexis Perez
Re: CVE request: dotclear before 2.2.3 Josh Bressers
Re: CVE Request: cifs session reuse Josh Bressers
Re: CVE Request: incomplete fix for CVE-2010-1000 in KDE network Josh Bressers
Re: CVE request: kernel: a collection of world-writable debugfs bugs Vasiliy Kulikov
Re: CVE request: dotclear before 2.2.3 JcDenis
Re: CVE request: kernel: a collection of world-writable debugfs bugs akuster

Saturday, 16 April

CVE request: Mojolicious directory traversal vulnerability Vincent Danen

Sunday, 17 April

Re: CVE request: kernel: a collection of world-writable debugfs bugs Eugene Teo

Monday, 18 April

Wireshark 1.2.16 / 1.4.5 Huzaifa Sidhpurwala
CVE request: Mojolicious Moritz Muehlenhoff
Re: CVE id request: mahara / HTML Purifier Josh Bressers
Re: CVE request: mediawiki 1.16.4, incomplete fix of CVE-2011-1578 Josh Bressers
Re: CVE request for Thunar (format string errors) Josh Bressers
Re: CVE request: Mojolicious directory traversal vulnerability Josh Bressers
Re: Wireshark 1.2.16 / 1.4.5 Josh Bressers

Tuesday, 19 April

CVE request -- kernel: proc: signedness issue in next_pidmap() Petr Matousek
CVE Request -- atop: Symlink attacks via process accounting file Jan Lieskovsky
Re: CVE Request -- atop: Symlink attacks via process accounting file Jan Lieskovsky
CVE Request -- gnome-desktop3: Switching users dialog does not lock the screen for the original user account Jan Lieskovsky
CVE Request -- OpenVAS Manager v2.0.3 Jan Lieskovsky
Re: CVE request -- kernel: proc: signedness issue in next_pidmap() Eugene Teo
CVE request: kernel: missing socket check in can/bcm release Eugene Teo

Wednesday, 20 April

rdesktop CVE - CVE-2011-1595 Josh Bressers
Re: CVE Request -- gnome-desktop3: Switching users dialog does not lock the screen for the original user account Josh Bressers
Re: CVE Request -- OpenVAS Manager v2.0.3 Josh Bressers
Re: CVE request: kernel: missing socket check in can/bcm release Josh Bressers
Re: CVE request: kernel: missing socket check in can/bcm release Eugene Teo
Re: CVE request: kernel: missing socket check in can/bcm release Eugene Teo
Re: CVE request: kernel: missing socket check in can/bcm release Eugene Teo
Re: Closed list Drew Yao

Thursday, 21 April

CVE request: kernel: buffer overflow and DoS issues in agp Vasiliy Kulikov
CVE Request -- Asterisk Security Vulnerability Matthew Nicholson
CVE request: CVE-2011-1089-like flaw in mount.nfs Vincent Danen
Re: CVE request: kernel: missing socket check in can/bcm release akuster
Re: RE: [security-vendor] [oss-security] Closed list Jason A. Donenfeld
Re: CVE request: kernel: missing socket check in can/bcm release Eugene Teo

Friday, 22 April

CVE request -- qemu-kvm: virtio-blk: heap buffer overflow caused by unaligned requests Petr Matousek
Re: CVE Request -- Asterisk Security Vulnerability Jan Lieskovsky
Re: CVE Request -- Asterisk Security Vulnerability Matthew Nicholson
Re: CVE Request -- Asterisk Security Vulnerability Jan Lieskovsky
Re: CVE request: kernel: buffer overflow and DoS issues in agp Petr Matousek
Re: CVE request: kernel: buffer overflow and DoS issues in agp Vasiliy Kulikov
Re: CVE request: kernel: buffer overflow and DoS issues in agp Petr Matousek
Re: CVE request: kernel: buffer overflow and DoS issues in agp Vasiliy Kulikov
Re: CVE request: kernel: buffer overflow and DoS issues in agp akuster

Sunday, 24 April

Re: Closed list Solar Designer
Re: Closed list Solar Designer
Re: Closed list Solar Designer
Re: Closed list Solar Designer
Re: Closed list Solar Designer
Re: Closed list Solar Designer
Re: Closed list Michael Gilbert

Monday, 25 April

Re: Closed list Mike O'Connor
Re: Closed list Josh Bressers
Re: CVE request: kernel: missing socket check in can/bcm release Josh Bressers
Re: CVE request: CVE-2011-1089-like flaw in mount.nfs Josh Bressers
Re: CVE request -- qemu-kvm: virtio-blk: heap buffer overflow caused by unaligned requests Josh Bressers

Tuesday, 26 April

Re: Closed list Vincent Danen
Re: Closed list Jeff Mitchell
Re: Closed list Oracle Security Alerts

Wednesday, 27 April

Re: Suid mount helpers fail to anticipate RLIMIT_FSIZE Tomas Hoger
Re: Suid mount helpers fail to anticipate RLIMIT_FSIZE Dan Rosenberg
Re: Suid mount helpers fail to anticipate RLIMIT_FSIZE Tomas Hoger
Re: Suid mount helpers fail to anticipate RLIMIT_FSIZE Dan Rosenberg
Re: Suid mount helpers fail to anticipate RLIMIT_FSIZE Tomas Hoger
Re: Closed list Michael Gilbert
Re: Closed list Hui Zhu

Thursday, 28 April

Re: Closed list Mike O'Connor

Friday, 29 April

CVE Request -- fail2ban -- Use of insecure default temporary file when unbanning an IP (tmpfile = /tmp/fail2ban-mail.txt) Jan Lieskovsky
CVE request: kernel (ARM): heap corruption in OABI semtimedop Dan Rosenberg
CVE Request -- oprofile -- Local privilege escalation via crafted opcontrol event parameter when authorized by sudo Jan Lieskovsky
vulnerability in sssd 1.5.0+ (CVE-2011-1758) Vincent Danen

Saturday, 30 April

Re: Closed list Jeff Mitchell
Re: Closed list Solar Designer
Re: Closed list Solar Designer
Re: Closed list Jeff Mitchell
Re: Closed list Solar Designer
Re: Closed list Solar Designer

Sunday, 01 May

Re: CVE Request -- oprofile -- Local privilege escalation via crafted opcontrol event parameter when authorized by sudo William Cohen
Re: CVE Request -- oprofile -- Local privilege escalation via crafted opcontrol event parameter when authorized by sudo William Cohen
CVE request: libmodplugin stack-buffer overflow Huzaifa Sidhpurwala

Monday, 02 May

Re: CVE Request -- gnome-desktop3: Switching users dialog does not lock the screen for the original user account Huzaifa Sidhpurwala
CVE Request -- WordPress v3.1.2 Jan Lieskovsky
Re: Closed list akuster
Re: Closed list Solar Designer
Re: Closed list akuster
Re: Closed list Solar Designer
Re: Closed list akuster
Re: [security-vendor] Re: [oss-security] Closed list Mark Hatle
Re: [security-vendor] Re: [oss-security] Closed list Mark Hatle
Re: Re: [security-vendor] Re: [oss-security] Closed list Josh Bressers
Re: Closed list Solar Designer
Re: Closed list Solar Designer
Re: Closed list Solar Designer
Re: Closed list Josh Bressers
Re: CVE request: kernel (ARM): heap corruption in OABI semtimedop Josh Bressers
Re: CVE Request -- oprofile -- Local privilege escalation via crafted opcontrol event parameter when authorized by sudo Josh Bressers
Re: CVE Request -- fail2ban -- Use of insecure default temporary file when unbanning an IP (tmpfile = /tmp/fail2ban-mail.txt) Josh Bressers
Re: CVE request: libmodplugin stack-buffer overflow Josh Bressers
Re: CVE Request -- WordPress v3.1.2 Josh Bressers

Tuesday, 03 May

Re: Re: CVE Request -- oprofile -- Local privilege escalation via crafted opcontrol event parameter when authorized by sudo Huzaifa Sidhpurwala
Re: CVE Request -- oprofile -- Local privilege escalation via crafted opcontrol event parameter when authorized by sudo Stephane Chauveau
Re: Closed list Mark J Cox
CVE request: openssh Vincent Danen

Wednesday, 04 May

CVE request: mediawiki Kurt Seifried

Thursday, 05 May

Symlinks and filesystem recursion vulnerabilities: Action needed or ignore? halfdog
Re: CVE requests - kernel network vulns Eugene Teo
Re: Symlinks and filesystem recursion vulnerabilities: Action needed or ignore? Steven M. Christey
Re: CVE request: mediawiki Josh Bressers
Re: CVE requests - kernel network vulns Josh Bressers

Friday, 06 May

CVE request: tigervnc Vincent Danen
CVE request: libarchive, multiple overflows Thomas Biege
CVE request -- virt-v2v: vnc password protection is missing after vm conversion Petr Matousek
Re: Symlinks and filesystem recursion vulnerabilities: Action needed or ignore? halfdog

Sunday, 08 May

CVE request: kernel: DCCP invalid options Dan Rosenberg
Bluetooth: l2cap and rfcomm: fix 1 byte infoleak to userspace. Filip Palian
Re: CVE request: kernel: DCCP invalid options Eugene Teo
CVE-2011-1771 kernel: cifs oops when creating file with O_DIRECT set Eugene Teo
CVE request: kernel: validate size of EFI GUID partition entries Eugene Teo

Monday, 09 May

CVE request : client-side file creation via XSLT in Webkit Nicolas Grégoire
Re: CVE request -- virt-v2v: vnc password protection is missing after vm conversion Josh Bressers
Re: CVE request : client-side file creation via XSLT in Webkit Josh Bressers
Re: CVE request: tigervnc Josh Bressers
Re: CVE request : client-side file creation via XSLT in Webkit Steven M. Christey
Re: CVE request: kernel: validate size of EFI GUID partition entries Josh Bressers
Re: CVE request : client-side file creation via XSLT in Webkit Deb Mazurek
Re: CVE request : client-side file creation via XSLT in Webkit Steven M. Christey
Re: CVE request: libarchive, multiple overflows Josh Bressers

Tuesday, 10 May

Re: CVE request: kernel: validate size of EFI GUID partition entries Sebastian Krahmer
Re: CVE request: kernel: validate size of EFI GUID partition entries Eugene Teo
Re: CVE request: kernel: validate size of EFI GUID partition entries Sebastian Krahmer
Re: CVE request: kernel: validate size of EFI GUID partition entries Timo Warns
CVE request: keepalived pid file permissions issue Yves-Alexis Perez
Re: Re: CVE Request -- oprofile -- Local privilege escalation via crafted opcontrol event parameter when authorized by sudo William Cohen
Re: Re: CVE Request -- oprofile -- Local privilege escalation via crafted opcontrol event parameter when authorized by sudo William Cohen
Re: Re: CVE Request -- oprofile -- Local privilege escalation via crafted opcontrol event parameter when authorized by sudo Huzaifa Sidhpurwala

Wednesday, 11 May

Re: CVE request : client-side file creation via XSLT in Webkit Nicolas Grégoire
Re: Closed list Solar Designer
[security-vendor] Re: [oss-security] Closed list Zhao, Zhenfeng

Monday, 16 May

Multiple libraries privilege checking Sebastian Krahmer
CVE Request -- pmake -- Use of insecure temporary file for 'depend' target Jan Lieskovsky
Re: Closed list Jan Lieskovsky
CVE requests; issues fixed in MySQL 5.1.52 Vincent Danen
Re: Closed list Solar Designer
Re: Multiple libraries privilege checking Solar Designer
Re: CVE request: keepalived pid file permissions issue Josh Bressers
Re: CVE Request -- pmake -- Use of insecure temporary file for 'depend' target Josh Bressers
CVE request: polarssl Vincent Danen
CVE request: DoS in tor Vincent Danen
Re: Multiple libraries privilege checking Dmitry V. Levin

Tuesday, 17 May

CVE request: nbd-server Thijs Kinkhorst
CVE Request -- Cyrus-IMAP STARTTLS issue -- [was: Re: [oss-security] pure-ftpd STARTTLS command injection / new CVE?] Jan Lieskovsky
Re: Closed list Tomas Hoger
Re: Closed list Tomas Hoger
Re: Multiple libraries privilege checking Sebastian Krahmer
Re: CVE request : client-side file creation via XSLT in Webkit Nicolas Grégoire
Re: CVE request: nbd-server Vincent Danen
Re: Closed list Oracle Security Alerts
Re: CVE request: nbd-server Wouter Verhelst
Re: CVE requests; issues fixed in MySQL 5.1.52 Josh Bressers
Re: CVE request: nbd-server Vincent Danen
Re: CVE request: polarssl Josh Bressers
Re: CVE request: DoS in tor Josh Bressers
Re: CVE request: nbd-server Josh Bressers
Re: CVE Request -- Cyrus-IMAP STARTTLS issue -- [was: Re: [oss-security] pure-ftpd STARTTLS command injection / new CVE?] Josh Bressers
CVE request: kernel: net: ip_expire() must revalidate route Eugene Teo

Wednesday, 18 May

Re: CVE request: kernel: net: ip_expire() must revalidate route Josh Bressers
Re: Multiple libraries privilege checking yersinia
Dovecot releases Henri Salo
Re: Multiple libraries privilege checking Solar Designer
CVE requests: ffmpeg/widelands/jifty::db/lilo/libpcap Moritz Muehlenhoff
[klibc] CVE request: klibc: ipconfig sh script with unescaped DHCP options maximilian attems
Re: [klibc] CVE request: klibc: ipconfig sh script with unescaped DHCP options Dan Rosenberg
Re: [klibc] [oss-security] CVE request: klibc: ipconfig sh script with unescaped DHCP options Dan Rosenberg
Re: Multiple libraries privilege checking Solar Designer
Re: [klibc] [oss-security] CVE request: klibc: ipconfig sh script with unescaped DHCP options maximilian attems
CVE request: Several Moodle issues Moritz Muehlenhoff
Re: CVE request: Several Moodle issues Josh Bressers

Thursday, 19 May

CVE Request: viewvc DoS Ludwig Nussel
CVE-2011-1751 qemu: acpi_piix4: missing hotplug check during device removal Petr Matousek
Re: Dovecot releases Ludwig Nussel
Re: CVE requests; issues fixed in MySQL 5.1.52 Henri Salo
CVE request: DoS in apr due to CVE-2011-0419 fix Vincent Danen
Re: Dovecot releases Josh Bressers
Re: [klibc] CVE request: klibc: ipconfig sh script with unescaped DHCP options Josh Bressers
Re: Dovecot releases Henri Salo
Re: CVE Request: viewvc DoS Josh Bressers
Re: CVE request: DoS in apr due to CVE-2011-0419 fix Vincent Danen
Re: CVE requests: ffmpeg/widelands/jifty::db/lilo/libpcap Josh Bressers
Re: CVE requests: ffmpeg/widelands/jifty::db/lilo/libpcap Ludwig Nussel

Friday, 20 May

systemtap divide-by-zero issues (CVE-2011-1769, CVE-2011-1781) Tomas Hoger
CVE Request: exim STARTTLS fix Marcus Meissner
CVE Request: GeoIP Directory traversal weakness in geoipupdate Anthon Pang

Saturday, 21 May

Re: CVE requests: ffmpeg/widelands/jifty::db/lilo/libpcap Moritz Muehlenhoff
CVE Request: Webmin Local Privilege Escalation Vulnerability Javier Bassi

Sunday, 22 May

Re: Multiple libraries privilege checking Sebastian Krahmer

Monday, 23 May

CVE request: PHP socket_connect() - stack buffer overflow Felipe Pena
CVE Request -- Zend Framework -- SQL injection when using PDO_MySql Jan Lieskovsky
Re: CVE request : client-side file creation via XSLT in Webkit Nicolas Grégoire
CVE Request -- phpMyAdmin -- PMASA-2011-3 & PMASA-2011-4 Jan Lieskovsky

Tuesday, 24 May

Re: CVE Request: exim STARTTLS fix Josh Bressers
Re: CVE Request: exim STARTTLS fix Marcus Meissner
Re: CVE Request: Webmin Local Privilege Escalation Vulnerability Josh Bressers
Re: CVE Request: exim STARTTLS fix Michael Tokarev
Re: CVE request: PHP socket_connect() - stack buffer overflow Josh Bressers
Re: CVE Request -- Zend Framework -- SQL injection when using PDO_MySql Josh Bressers
Re: CVE Request -- phpMyAdmin -- PMASA-2011-3 & PMASA-2011-4 Josh Bressers
CVE Request: Post Revolution multiple security vulnerabilities Javier Bassi

Wednesday, 25 May

list archive Solar Designer

Thursday, 26 May

CVE Request -- syslog-ng -- Possible DoS Szalay Attila
Re: Closed list akuster
Re: Closed list Dan Rosenberg
Re: Closed list akuster

Friday, 27 May

Re: Closed list Miklos Vajna

Saturday, 28 May

CVE request: movabletype-opensource Steffen Joeris

Monday, 30 May

CVE request for fetchmail STARTTLS hang (Denial of Service) Matthias Andree
CVE request: libgnomesu privilege escalation Sebastian Krahmer

Tuesday, 31 May

CVE-2011-1763 kernel: xen: improper upper boundary check in get_free_port() function Eugene Teo
CVE request: multiple libraries getenv() misuse Sebastian Krahmer
CVE request: openssl timing attack Thomas Biege
CVE request: firefox doesn't (re)validate certificates when loading HTTPS page Thomas Biege
CVE request: libxml vulnerability and interesting integer issues Thomas Biege
CVE request: NetworkManager-openvpn logs cert password Thomas Biege
Re: CVE request: NetworkManager-openvpn logs cert password Josh Bressers
Re: CVE request: libxml vulnerability and interesting integer issues Josh Bressers
Re: CVE request: firefox doesn't (re)validate certificates when loading HTTPS page Josh Bressers
Re: CVE request: openssl timing attack Josh Bressers
Re: CVE request: libgnomesu privilege escalation Josh Bressers
Re: CVE request for fetchmail STARTTLS hang (Denial of Service) Josh Bressers
Re: CVE request: movabletype-opensource Josh Bressers
Re: CVE request: firefox doesn't (re)validate certificates when loading HTTPS page Reed Loden
Re: CVE Request -- syslog-ng -- Possible DoS Josh Bressers
Re: CVE Request: Post Revolution multiple security vulnerabilities Josh Bressers
Re: CVE request for fetchmail STARTTLS hang (Denial of Service) Matthias Andree
Re: CVE request: firefox doesn't (re)validate certificates when loading HTTPS page Reed Loden
CVE request for Wireshark 1.4.5 TCP DoS issue Kurt Seifried
CVE request for Wireshark 1.4.6/1.2.16 Multiple DoS issues Kurt Seifried
Re: CVE request for Wireshark 1.4.6/1.2.16 Multiple DoS issues Huzaifa Sidhpurwala

Wednesday, 01 June

Re: CVE request for fetchmail STARTTLS hang (Denial of Service) Matthias Andree
CVE Request -- OpenOffice.org -- InteVyDis Demo of OpenOffice 0day. Released with VulnDisco 8.8 pack (release date May,2009) Jan Lieskovsky
Re: CVE request: openssl timing attack Solar Designer
CVE request -- libvirt: regression introduced in disk probe logic Petr Matousek
Re: Closed list Solar Designer
Re: Closed list Solar Designer
Re: Closed list akuster
Re: CVE request for Wireshark 1.4.5 TCP DoS issue Josh Bressers
CVE request: XSS in nagios Vincent Danen
Re: CVE request for Wireshark 1.4.6/1.2.16 Multiple DoS issues Josh Bressers

Thursday, 02 June

CVE request: Multiple security vulnerabilities in ARSC Really Simple Chat Henri Salo
CVE Request -- Cherokee -- server admin vulnerable to csrf Jan Lieskovsky
CVE request -- coreutils -- tty hijacking possible in "su" via TIOCSTI ioctl Jan Lieskovsky
Re: CVE Request -- OpenOffice.org -- InteVyDis Demo of OpenOffice 0day. Released with VulnDisco 8.8 pack (release date May,2009) Josh Bressers
Re: CVE request -- libvirt: regression introduced in disk probe logic Josh Bressers
Re: CVE request: XSS in nagios Josh Bressers
Re: CVE request: Multiple security vulnerabilities in ARSC Really Simple Chat Josh Bressers
CVE request: kernel: ksm: race between ksmd and exiting task Eugene Teo
CVE request: kernel: set cred->user_ns in key_replace_session_keyring Eugene Teo
Re: CVE request: kernel: fs/partitions: Kernel heap overflow via corrupted LDM partition tables Eugene Teo

Friday, 03 June

Re: CVE Request -- Cherokee -- server admin vulnerable to csrf dave b
CVE Request -- fabric -- Use of insecure temporary file by uploading templates and projects to remote hosts Jan Lieskovsky
Security issue in cherokee Jamie Strandboge
Security issue in gitweb Jamie Strandboge
CVE Request / Discussion -- dirmngr -- Improper dealing with blocking system calls, when verifying a certificate Jan Lieskovsky
Re: XSS security issue in gitweb for 'blob_plain' view with HTML files Jakub Narebski
CVE Request -- xscreensaver -- exits when activated Jan Lieskovsky
Re: XSS security issue in gitweb for 'blob_plain' view with HTML files dave b
Re: Linux kernel proactive security hardening Solar Designer

Saturday, 04 June

Re: XSS security issue in gitweb for 'blob_plain' view with HTML files Jakub Narebski
Re: CVE request: openssl timing attack Michael Gilbert
Re: CVE request: openssl timing attack Solar Designer

Sunday, 05 June

Re: CVE request: kernel: fs/partitions: Kernel heap overflow via corrupted LDM partition tables Timo Warns
Re: CVE request: kernel: ksm: race between ksmd and exiting task Huzaifa Sidhpurwala
Re: CVE request: kernel: set cred->user_ns in key_replace_session_keyring Huzaifa Sidhpurwala

Monday, 06 June

CVE request: pam_ssh not dropping root gid(s) Sebastian Krahmer
CVE Request -- LuaExpat -- Prone to XML "billion laughs attack" Jan Lieskovsky
fetchmail 6.3.20 release to fix CVE-2011-1947 (was: CVE request for fetchmail STARTTLS hang (Denial of Service)) Matthias Andree
Re: CVE request: pam_ssh not dropping root gid(s) Jan Lieskovsky
Re: CVE request: pam_ssh not dropping root gid(s) Thomas Biege
CVE Request -- vsftpd -- Do not create network namespace per connection Jan Lieskovsky
Re: CVE Request -- vsftpd -- Do not create network namespace per connection Greg KH
Re: CVE Request -- vsftpd -- Do not create network namespace per connection Chris Evans
Re: CVE request -- coreutils -- tty hijacking possible in "su" via TIOCSTI ioctl Josh Bressers
Re: CVE Request -- fabric -- Use of insecure temporary file by uploading templates and projects to remote hosts Josh Bressers
Re: Security issue in cherokee Alvaro Lopez Ortega
Re: CVE Request -- vsftpd -- Do not create network namespace per connection Jan Lieskovsky
Re: Security issue in gitweb Josh Bressers
Re: CVE Request / Discussion -- dirmngr -- Improper dealing with blocking system calls, when verifying a certificate Josh Bressers
Re: CVE Request -- xscreensaver -- exits when activated Josh Bressers
Re: CVE request: pam_ssh not dropping root gid(s) Josh Bressers
Re: CVE Request -- LuaExpat -- Prone to XML "billion laughs attack" Josh Bressers
Re: CVE Request -- vsftpd -- Do not create network namespace per connection Josh Bressers
Re: CVE Request -- Cherokee -- server admin vulnerable to csrf Josh Bressers
Re: Security issue in cherokee Josh Bressers
Re: CVE request -- coreutils -- tty hijacking possible in "su" via TIOCSTI ioctl Michael Gilbert
Re: CVE request -- coreutils -- tty hijacking possible in "su" via TIOCSTI ioctl daniel () ruoso com
CVE-2011-1576 kernel: net: Fix memory leak/corruption on VLAN GRO_DROP Petr Matousek
Re: CVE Request -- vsftpd -- Do not create network namespace per connection Eugene Teo

Tuesday, 07 June

Re: CVE request: pam_ssh not dropping root gid(s) Sebastian Krahmer
CVE request: vlc Marc Deslauriers
CVE Request -- WebSVN -- execCommand() remote commands injection vulnerability Jan Lieskovsky
Re: CVE request: Multiple security vulnerabilities in ARSC Really Simple Chat Steven M. Christey

Wednesday, 08 June

CVE Request -- Coppermine Photo Gallery -- cpg1.4.27 / cpg1.5.12 -- XSS flaw Jan Lieskovsky
Re: CVE request -- coreutils -- tty hijacking possible in "su" via TIOCSTI ioctl Josh Bressers
Re: CVE request: vlc Josh Bressers
Re: CVE Request -- WebSVN -- execCommand() remote commands injection vulnerability Josh Bressers
Re: CVE Request -- Coppermine Photo Gallery -- cpg1.4.27 / cpg1.5.12 -- XSS flaw Josh Bressers

Thursday, 09 June

Re: CVE request -- coreutils -- tty hijacking possible in "su" via TIOCSTI ioctl Ludwig Nussel
CVE Request: Ruby on Rails 3/rails_xss XSS Ludwig Nussel
CVE Request -- vte -- Excessive memory and CPU use by processing certain character sequences Jan Lieskovsky

Friday, 10 June

Re: CVE request -- coreutils -- tty hijacking possible in "su" via TIOCSTI ioctl Ludwig Nussel
Re: CVE request -- coreutils -- tty hijacking possible in "su" via TIOCSTI ioctl Bernhard Rosenkraenzer

Saturday, 11 June

CVE request: buffer overflow in tftp-hpa Timo Warns

Sunday, 12 June

CVE Request -- dbus -- Local DoS via messages with non-native byte order Jan Lieskovsky
Bug#629938: Info received (CVE Request -- dbus -- Local DoS via messages with non-native byte order) Debian Bug Tracking System
CVE Request -- Data-FormValidator -- Reports invalid field as valid when untaint_all_constraints used Jan Lieskovsky
Bug#629511: Info received (CVE Request -- Data-FormValidator -- Reports invalid field as valid when untaint_all_constraints used) Debian Bug Tracking System
CVE Request: PHP File upload filename Felipe Pena
CVE request: kernel: hfs_find_init() sb->ext_tree NULL pointer dereference Eugene Teo
CVE request: kernel: alpha: fix several security issues Eugene Teo

Monday, 13 June

CVE Request -- libvoikko -- DoS of application linked against libvoikko due improper handling of embedded null characters in input strings Jan Lieskovsky
CVE-request: XSS in Webmin 1.540 Henri Salo
Re: CVE Request -- Data-FormValidator -- Reports invalid field as valid when untaint_all_constraints used Mark Stosberg
Re: CVE-request: XSS in Webmin 1.540 Javier Bassi
Re: CVE-request: XSS in Webmin 1.540 Jamie Cameron
Re: Re: CVE-request: XSS in Webmin 1.540 Josh Bressers
Re: CVE Request: Ruby on Rails 3/rails_xss XSS Josh Bressers
Re: CVE Request -- vte -- Excessive memory and CPU use by processing certain character sequences Josh Bressers
Re: CVE request: buffer overflow in tftp-hpa Josh Bressers
Re: CVE Request -- dbus -- Local DoS via messages with non-native byte order Josh Bressers
Re: CVE Request -- Data-FormValidator -- Reports invalid field as valid when untaint_all_constraints used Josh Bressers
CVE request: Alpha kernel issues Moritz Muehlenhoff
Re: CVE Request: PHP File upload filename Josh Bressers
Re: CVE request: kernel: hfs_find_init() sb->ext_tree NULL pointer dereference Josh Bressers
Re: CVE Request -- libvoikko -- DoS of application linked against libvoikko due improper handling of embedded null characters in input strings Josh Bressers

Tuesday, 14 June

Re: CVE request: Alpha kernel issues Eugene Teo
Re: Re: XSS security issue in gitweb for 'blob_plain' view with HTML files Ludwig Nussel
Re: [CVE-2011-2186] XSS security issue in gitweb for 'blob_plain' view with HTML files Ludwig Nussel
Re: [CVE-2011-2186] XSS security issue in gitweb for 'blob_plain' view with HTML files Jakub Narebski
[CVE-2011-2186] [PATCH] gitweb: Enable $prevent_xss by default Jakub Narebski
CVE Request: prosody DoS, djabberd external entity injection Wouter Coekaerts

Wednesday, 15 June

Re: /bin/su (was: CVE request -- coreutils -- tty hijacking possible in "su" via TIOCSTI ioctl) Ludwig Nussel
Re: /bin/su (was: CVE request -- coreutils -- tty hijacking possible in "su" via TIOCSTI ioctl) Luka Marinko
Re: CVE Request / Discussion -- dirmngr -- Improper dealing with blocking system calls, when verifying a certificate Bernhard Reiter
Re: /bin/su (was: CVE request -- coreutils -- tty hijacking possible in "su" via TIOCSTI ioctl) Ondrej Vasik
Re: CVE Request: prosody DoS, djabberd external entity injection Josh Bressers
Re: CVE Request / Discussion -- dirmngr -- Improper dealing with blocking system calls, when verifying a certificate Josh Bressers
Re: CVE request: kernel: alpha: fix several security issues Josh Bressers
CVE request: FreeBSD/NetBSD 802.11 kernel memory disclosure Dan Rosenberg
Re: /bin/su (was: CVE request -- coreutils -- tty hijacking possible in "su" via TIOCSTI ioctl) Nicolas François
Re: /bin/su (was: CVE request -- coreutils -- tty hijacking possible in "su" via TIOCSTI ioctl) Nicolas François

Thursday, 16 June

Re: CVE request: Several Moodle issues Moritz Mühlenhoff
Re: list archive Tomas Hoger
Re: Closed list Tomas Hoger
Re: Closed list Tomas Hoger

Sunday, 19 June

Re: Multiple libraries privilege checking Florian Weimer
CVE request: kernel: inet_diag: fix inet_diag_bc_audit() Eugene Teo
CVE request: crypt_blowfish 8-bit character mishandling Solar Designer

Monday, 20 June

Re: CVE request: crypt_blowfish 8-bit character mishandling Daniel Godás
Re: /bin/su (was: CVE request -- coreutils -- tty hijacking possible in "su" via TIOCSTI ioctl) Karel Zak
Re: CVE request: FreeBSD/NetBSD 802.11 kernel memory disclosure Dan Rosenberg
Re: CVE request: crypt_blowfish 8-bit character mishandling Solar Designer
Re: CVE request: crypt_blowfish 8-bit character mishandling The Fungi
Re: CVE request: crypt_blowfish 8-bit character mishandling Solar Designer
Re: CVE request: crypt_blowfish 8-bit character mishandling The Fungi
CVE request: kernel: thp: madvise on top of /dev/zero private mapping can lead to panic Petr Matousek
Re: CVE request: FreeBSD/NetBSD 802.11 kernel memory disclosure Josh Bressers
Re: CVE request: FreeBSD/NetBSD 802.11 kernel memory disclosure Dan Rosenberg
Re: CVE request: kernel: inet_diag: fix inet_diag_bc_audit() Josh Bressers
Re: CVE request: kernel: thp: madvise on top of /dev/zero private mapping can lead to panic Josh Bressers
Re: CVE request: FreeBSD/NetBSD 802.11 kernel memory disclosure Josh Bressers
Re: CVE request: kernel: inet_diag: fix inet_diag_bc_audit() Dan Rosenberg
CVE request: Joomla unspecified information disclosure vulnerability Henri Salo

Tuesday, 21 June

Re: CVE request -- coreutils -- tty hijacking possible in "su" via TIOCSTI ioctl Ludwig Nussel
Re: CVE request: crypt_blowfish 8-bit character mishandling Solar Designer
Re: CVE request: crypt_blowfish 8-bit character mishandling Josh Bressers
Re: CVE request: crypt_blowfish 8-bit character mishandling Ludwig Nussel
Re: CVE request -- coreutils -- tty hijacking possible in "su" via TIOCSTI ioctl Josh Bressers
Re: CVE request: crypt_blowfish 8-bit character mishandling Vincent Danen
Re: CVE request: crypt_blowfish 8-bit character mishandling Solar Designer
Re: CVE request: crypt_blowfish 8-bit character mishandling Vincent Danen
Re: CVE request: crypt_blowfish 8-bit character mishandling Solar Designer
Re: CVE request: crypt_blowfish 8-bit character mishandling Vincent Danen
Re: CVE request: crypt_blowfish 8-bit character mishandling Solar Designer
taskstats authorized_keys presence infoleak PoC Vasiliy Kulikov
Re: CVE request: crypt_blowfish 8-bit character mishandling Vincent Danen
Re: taskstats authorized_keys presence infoleak PoC Josh Bressers
Re: taskstats authorized_keys presence infoleak PoC Vasiliy Kulikov
Re: CVE request: crypt_blowfish 8-bit character mishandling Solar Designer

Wednesday, 22 June

CVE request: kernel: taskstats local DoS Vasiliy Kulikov
Re: CVE request: kernel: taskstats local DoS Eugene Teo
Re: CVE request: crypt_blowfish 8-bit character mishandling Ludwig Nussel
Re: CVE request -- coreutils -- tty hijacking possible in "su" via TIOCSTI ioctl Ludwig Nussel
Re: CVE request -- coreutils -- tty hijacking possible in "su" via TIOCSTI ioctl Todd C. Miller
CVE requests: opie off by one and setuid() failure Sebastian Krahmer
Re: CVE requests: opie off by one and setuid() failure Vasiliy Kulikov
NetworkManager: did not honour PolicyKit auth_admin action element by creation of Ad-Hoc wireless networks Huzaifa Sidhpurwala

Thursday, 23 June

CVE request: kernel: NLM: Don't hang forever on NLM unlock requests Eugene Teo
Re: CVE request: crypt_blowfish 8-bit character mishandling Solar Designer
Re: CVE request: Joomla unspecified information disclosure vulnerability Josh Bressers
Re: CVE requests: opie off by one and setuid() failure Josh Bressers
Re: CVE request: kernel: NLM: Don't hang forever on NLM unlock requests Josh Bressers
CVE request: kernel: ext4: init timer earlier to avoid a kernel panic in __save_error_info Kees Cook
Re: CVE request: crypt_blowfish 8-bit character mishandling Solar Designer
CVE request: kernel: bluetooth: l2cap and rfcomm: fix 1 byte infoleak to userspace Eugene Teo
Re: CVE request: kernel: bluetooth: l2cap and rfcomm: fix 1 byte infoleak to userspace Murray McAllister
Re: CVE request: kernel: ext4: init timer earlier to avoid a kernel panic in __save_error_info Eugene Teo

Friday, 24 June

CVE-2011-2485 assignment notification -- gdk-pixbuf Jan Lieskovsky
CVE request: kernel: taskstats/procfs io infoleak (was: taskstats authorized_keys presence infoleak PoC) Vasiliy Kulikov
Re: CVE request: crypt_blowfish 8-bit character mishandling Djalal Harouni
CVE request: kernel: mm: avoid wrapping vm_pgoff in mremap() and stack expansions Petr Matousek
CVE request: kernel: remote buffer overflow in bluetooth Dan Rosenberg

Saturday, 25 June

Re: CVE request: kernel: taskstats/procfs io infoleak Vasiliy Kulikov

Sunday, 26 June

Re: CVE request: kernel: taskstats/procfs io infoleak Eugene Teo
Re: CVE request: kernel: mm: avoid wrapping vm_pgoff in mremap() and stack expansions Eugene Teo
Re: CVE request: kernel: remote buffer overflow in bluetooth Eugene Teo
Re: [Security] CVE request: kernel: taskstats/procfs io infoleak (was: taskstats authorized_keys presence infoleak PoC) Linus Torvalds

Monday, 27 June

CVE Request: Mambo CMS 4.6.x | Multiple Cross Site Scripting Vulnerabilities YGN Ethical Hacker Group
Re: CVE request: Joomla unspecified information disclosure vulnerability YGN Ethical Hacker Group
CVE Request: nfs-utils Ludwig Nussel
Re: CVE request: Joomla unspecified information disclosure vulnerability Henri Salo
Re: CVE request: crypt_blowfish 8-bit character mishandling Ludwig Nussel
Re: CVE request: crypt_blowfish 8-bit character mishandling Michael Matz
Re: CVE request: crypt_blowfish 8-bit character mishandling Solar Designer
Re: CVE request: crypt_blowfish 8-bit character mishandling Solar Designer
CVE request for libpng regression (CVE-2004-0421) Vincent Danen
CVE request: kernel: oom: use pte pages in OOM score Eugene Teo
CVE Request: phpMyAdmin 3.4 Multiple Vulnerabilities Mango
Re: CVE request: kernel: oom: use pte pages in OOM score Huzaifa Sidhpurwala
CVE Request: Joomla! 1.6.3 and lower | Multiple Cross Site Scripting (XSS) Vulnerabilities YGN Ethical Hacker Group

Tuesday, 28 June

CVE Request -- DokuWiki -- XSS in DokuWiki's RSS embedding mechanism Jan Lieskovsky
Re: CVE Request: phpMyAdmin 3.4 Multiple Vulnerabilities Jan Lieskovsky
Bug#631818: Info received (CVE Request -- DokuWiki -- XSS in DokuWiki's RSS embedding mechanism) Debian Bug Tracking System
Re: [Phpmyadmin-security] [oss-security] CVE Request: phpMyAdmin 3.4 Multiple Vulnerabilities Herman van Rink
CVE request: libvirt: integer overflow in VirDomainGetVcpus Petr Matousek
Re: CVE request: crypt_blowfish 8-bit character mishandling Michael Matz
Re: CVE request -- coreutils -- tty hijacking possible in "su" via TIOCSTI ioctl Ludwig Nussel
nspluginwrapper CVE id Josh Bressers
CVE request: qemu-kvm: OOB memory access caused by negative vq notifies Petr Matousek
Re: CVE request: kernel: taskstats/procfs io infoleak (was: taskstats authorized_keys presence infoleak PoC) Josh Bressers
Re: CVE Request: Mambo CMS 4.6.x | Multiple Cross Site Scripting Vulnerabilities Josh Bressers
Re: CVE request for libpng regression (CVE-2004-0421) Josh Bressers
Re: CVE Request: nfs-utils Josh Bressers
Re: [Security] CVE request: kernel: taskstats/procfs io infoleak (was: taskstats authorized_keys presence infoleak PoC) Andrew Morton
Re: [Security] CVE request: kernel: taskstats/procfs io infoleak (was: taskstats authorized_keys presence infoleak PoC) Linus Torvalds
Re: [Security] CVE request: kernel: taskstats/procfs io infoleak (was: taskstats authorized_keys presence infoleak PoC) Linus Torvalds
Re: CVE request: kernel: taskstats/procfs io infoleak (was: taskstats authorized_keys presence infoleak PoC) Eugene Teo

Wednesday, 29 June

Re: [Security] CVE request: kernel: taskstats/procfs io infoleak (was: taskstats authorized_keys presence infoleak PoC) Vasiliy Kulikov
Re: [Security] CVE request: kernel: taskstats/procfs io infoleak (was: taskstats authorized_keys presence infoleak PoC) Vasiliy Kulikov
Re: [Security] CVE request: kernel: taskstats/procfs io infoleak (was: taskstats authorized_keys presence infoleak PoC) Vasiliy Kulikov
Re: [Security] CVE request: kernel: taskstats/procfs io infoleak (was: taskstats authorized_keys presence infoleak PoC) Vasiliy Kulikov
Re: [Security] CVE request: kernel: taskstats/procfs io infoleak (was: taskstats authorized_keys presence infoleak PoC) Linus Torvalds
Re: [Security] CVE request: kernel: taskstats/procfs io infoleak (was: taskstats authorized_keys presence infoleak PoC) Vasiliy Kulikov
Re: [Security] CVE request: kernel: taskstats/procfs io infoleak (was: taskstats authorized_keys presence infoleak PoC) Vasiliy Kulikov
Re: CVE Request: phpMyAdmin 3.4 Multiple Vulnerabilities Josh Bressers
Re: CVE Request: Joomla! 1.6.3 and lower | Multiple Cross Site Scripting (XSS) Vulnerabilities Josh Bressers
Re: CVE Request -- DokuWiki -- XSS in DokuWiki's RSS embedding mechanism Josh Bressers
Re: CVE request: libvirt: integer overflow in VirDomainGetVcpus Josh Bressers
Re: CVE request: qemu-kvm: OOB memory access caused by negative vq notifies Josh Bressers
Re: CVE request: crypt_blowfish 8-bit character mishandling Solar Designer

Thursday, 30 June

CVE request: kernel: tomoyo: oops in tomoyo_mount_acl() Petr Matousek
Re: CVE request: kernel: taskstats local DoS Vasiliy Kulikov
Re: CVE request: Joomla unspecified information disclosure vulnerability YGN Ethical Hacker Group

Previous period

Next period