oss-sec: by date
241 messages
starting Oct 01 20 and
ending Dec 29 20
Date index |
Thread index |
Author index
Thursday, 01 October
[ANNOUNCE] Apache NiFi CVE-2020-9486, CVE-2020-9487, CVE-2020-9491, CVE-2020-13940 Andy LoPresto
Friday, 02 October
CVE-2020-25637 libvirt: double free in qemuAgentGetInterfaces() in qemu_agent.c Mauro Matteo Cascella
Sunday, 04 October
the Bugtraq list archives before 2000 Georgi Guninski
Re: the Bugtraq list archives before 2000 Solar Designer
Monday, 05 October
major changes if gnu/linux dominates the desktop and/or mobile market? Georgi Guninski
Re: major changes if gnu/linux dominates the desktop and/or mobile market? Greg KH
Re: major changes if gnu/linux dominates the desktop and/or mobile market? Ian Zimmerman
Re: Re: major changes if gnu/linux dominates the desktop and/or mobile market? Stephen John Smoogen
Re: major changes if gnu/linux dominates the desktop and/or mobile market? Solar Designer
Re: major changes if gnu/linux dominates the desktop and/or mobile market? Steve Grubb
Tuesday, 06 October
Re: major changes if gnu/linux dominates the desktop and/or mobile market? Greg KH
Re: major changes if gnu/linux dominates the desktop and/or mobile market? Stephen John Smoogen
Re: major changes if gnu/linux dominates the desktop and/or mobile market? Grant Taylor
Re: major changes if gnu/linux dominates the desktop and/or mobile market? Daniel Sprouse
Re: major changes if gnu/linux dominates the desktop and/or mobile market? Eli Schwartz
Re: major changes if gnu/linux dominates the desktop and/or mobile market? Georgi Guninski
Re: major changes if gnu/linux dominates the desktop and/or mobile market? Michael Ellerman
Re: CVE-2020-25641 kernel: soft lockup when submitting zero length bvecs. Michael Ellerman
CVE-2020-14355 spice: multiple buffer overflow vulnerabilities in QUIC decoding code Mauro Matteo Cascella
Re: major changes if gnu/linux dominates the desktop and/or mobile market? Simon McVittie
Re: major changes if gnu/linux dominates the desktop and/or mobile market? Simon McVittie
Re: major changes if gnu/linux dominates the desktop and/or mobile market? Brian May
Re: major changes if gnu/linux dominates the desktop and/or mobile market? Steve Grubb
Wednesday, 07 October
Re: major changes if gnu/linux dominates the desktop and/or mobile market? Greg KH
Re: major changes if gnu/linux dominates the desktop and/or mobile market? Georgi Guninski
Re: [CVE-2019-14899] Inferring and hijacking VPN-tunneled TCP connections. caveman رجل الكهف
Debian FEATURE: /home/loser is with permissions 755, default umask 0022 Georgi Guninski
Re: Debian FEATURE: /home/loser is with permissions 755, default umask 0022 Jeremy Stanley
Re: Debian FEATURE: /home/loser is with permissions 755, default umask 0022 Noel Kuntze
Re: Debian FEATURE: /home/loser is with permissions 755, default umask 0022 Brian May
Re: Debian FEATURE: /home/loser is with permissions 755, default umask 0022 Bob Friesenhahn
Re: Debian FEATURE: /home/loser is with permissions 755, default umask 0022 Seth Arnold
Re: Debian FEATURE: /home/loser is with permissions 755, default umask 0022 Jeffrey Walton
Thursday, 08 October
Re: Debian FEATURE: /home/loser is with permissions 755, default umask 0022 Giacomo Catenazzi
[CVE-2020-13956] Apache HttpClient incorrect handling of malformed URI authority component Oleg Kalnichevski
Multiple vulnerabilities in Jenkins plugins Daniel Beck
Re: Debian FEATURE: /home/loser is with permissions 755, default umask 0022 Bob Friesenhahn
Re: Debian FEATURE: /home/loser is with permissions 755, default umask 0022 Georgi Guninski
Re: Debian FEATURE: /home/loser is with permissions 755, default umask 0022 Seth Arnold
Friday, 09 October
Linux kernel: powerpc: RTAS calls can be used to compromise kernel integrity Andrew Donnellan
[CVE-2020-13955] Apache Calcite Disabled HTTPS Hostname Verification Stamatis Zampetakis
CVE-2018-20243: Apache Fineract: password passed in URL, not via POST James Dailey
Monday, 12 October
[SECURITY] CVE-2020-13943 Apache Tomcat HTTP/2 Request mix-up Mark Thomas
Gentoo's "contributing back" linux-distros tasks Solar Designer
Re: Gentoo's "contributing back" linux-distros tasks Anthony Liguori
Linux kernel: crypto: bcm - Verify GCM/CCM key length in setkey 尹亮
Re: Gentoo's "contributing back" linux-distros tasks Yury German
[CVE-2020-13957] The checks added to unauthenticated configset uploads in Apache Solr can be circumvented Tomas Fernandez Lobbe
Re: Debian FEATURE: /home/loser is with permissions 755, default umask 0022 Solar Designer
Re: Debian FEATURE: /home/loser is with permissions 755, default umask 0022 Kurt H Maier
Re: Debian FEATURE: /home/loser is with permissions 755, default umask 0022 Jeffrey Walton
Re: You are using an old email address "@stahl.de". Please note our new email addresses "@r-stahl.com" Jeffrey Walton
Re: Debian FEATURE: /home/loser is with permissions 755, default umask 0022 Brian May
Re: Debian FEATURE: /home/loser is with permissions 755, default umask 0022 Russ Allbery
Tuesday, 13 October
Re: Debian FEATURE: /home/loser is with permissions 755, default umask 0022 Eli Schwartz
PowerDNS Recursor 4.3.5, 4.2.5. and 4.1.18 released fixing a cache pollution issue (CVE-2020-25829) Otto Moerbeek
kdeconnect: CVE-2020-26164: multiple security issues in kdeconnectd network daemon Matthias Gerstner
Re: kdeconnect: CVE-2020-26164: multiple security issues in kdeconnectd network daemon Solar Designer
CVE-2020-16120 - incorrect unprivileged overlayfs permission checking Steve Beattie
CVE-2020-16119 - Linux kernel DCCP CCID structure use-after-free Steve Beattie
Wednesday, 14 October
Re: kdeconnect: CVE-2020-26164: multiple security issues in kdeconnectd network daemon Matthias Gerstner
Re: CVE-2020-16120 - incorrect unprivileged overlayfs permission checking Jordan Glover
Thursday, 15 October
CVE-2020-15157: containerd v1.2.x can be coerced into leaking credentials during image pull Karp, Samuel
CVE-2020-25656: Linux kernel concurrency UAF in vt_do_kdgkb_ioctl Minh Yuan
Kubernetes: Multiple secret leaks when verbose logging is enabled Sam Fowler
Friday, 16 October
Re: CVE-2020-25656: Linux kernel concurrency UAF in vt_do_kdgkb_ioctl Jiri Slaby
Re: CVE-2020-25656: Linux kernel concurrency UAF in vt_do_kdgkb_ioctl Greg KH
[OSSA-2020-007] Blazar: Remote code execution in blazar-dashboard (CVE-2020-26943) Pierre Riteau
Monday, 19 October
Re: major changes if gnu/linux dominates the desktop and/or mobile market? Solar Designer
[SECURITY][CVE-2020-13937] Unauthenticated Configuration Disclosure Xiaoxiang Yu
Re: major changes if gnu/linux dominates the desktop and/or mobile market? Ian Zimmerman
Re: major changes if gnu/linux dominates the desktop and/or mobile market? Simon McVittie
Tuesday, 20 October
Xen Security Advisory 331 v2 - Race condition in Linux event handler may crash dom0 Xen . org security team
Xen Security Advisory 286 v4 - x86 PV guest INVLPG-like flushes may leave stale TLB entries Xen . org security team
Xen Security Advisory 332 v3 - Rogue guests can cause DoS of Dom0 via high frequency events Xen . org security team
Xen Security Advisory 345 v3 - x86: Race condition in Xen mapping code Xen . org security team
Xen Security Advisory 346 v2 - undue deferral of IOMMU TLB flushes Xen . org security team
Xen Security Advisory 347 v2 - unsafe AMD IOMMU page table updates Xen . org security team
CVE-2020-15999 fixed in FreeType 2.10.4 Alan Coopersmith
Re: CVE-2020-15999 fixed in FreeType 2.10.4 Werner LEMBERG
[CVE-2018-11764] Apache Hadoop Privilege escalation in web endpoint Akira Ajisaka
Thursday, 22 October
CVE-2019-16127, CVE-2019-16128 and CVE-2019-16129 for Microchip code Dimitrios Glynos
Friday, 23 October
CVE-2020-27174: Firecracker serial console emulation may allocate an unbounded amount of memory Iordache, Alexandra
Tuesday, 27 October
CVE-2020-25654 pacemaker: ACL restrictions bypass Huzaifa Sidhpurwala
Friday, 30 October
CVE-2020-25668: Linux kernel concurrency use-after-free in vt Minh Yuan
Sunday, 01 November
[CVE-2020-25670,CVE-2020-25671,CVE-2020-25672,CVE-2020-25673]Linux kernel: many bugs in nfc socket 尹亮
Monday, 02 November
CVE-2020-27617 QEMU: net: an assert failure via eth_get_gso_type P J P
[CVE-2020-26521][CVE-2020-26892] NATS JWT vulnerabilities Phil Pennock
Tuesday, 03 November
CVE-2020-27152 Kernel: KVM: host stack overflow via loop due to lazy update IOAPIC P J P
CVE-2020-27616 QEMU: ati-vga: potential crash via invalid x y parameter values P J P
Xen Security Advisory 286 v5 - x86 PV guest INVLPG-like flushes may leave stale TLB entries Xen . org security team
Wednesday, 04 November
Security Issues in the spice-vdagentd daemon Matthias Gerstner
sddm: CVE-2020-28049: local privilege escalation due to race condition in creation of the Xauthority file Matthias Gerstner
Re: CVE-2020-25668: Linux kernel concurrency use-after-free in vt Minh Yuan
Re: Linux kernel: crypto: bcm - Verify GCM/CCM key length in setkey Mohammad Tausif Siddiqui
RE: Linux kernel: crypto: bcm - Verify GCM/CCM key length in setkey(Internet mail) 尹亮
Multiple vulnerabilities in Jenkins plugins Daniel Beck
[CVE-2020-17510] Apache Shiro Authentication Bypass Vulnerability Brian Demers
Git LFS (git-lfs) - Remote Code Execution (RCE) exploit CVE-2020-27955 - Clone to Pwn Dawid Golunski
CVE-2020-25669: Linux Kernel use-after-free in sunkbd_reinit - Nop
Thursday, 05 November
CVE-2020-27347: tmux buffer overflow in escape sequence parser snizovtsev
Friday, 06 November
Advisory: ES2020-02 - Asterisk crash due to INVITE flood over TCP Sandro Gauci
RE: Linux kernel: crypto: bcm - Verify GCM/CCM key length in setkey(Internet mail) P J P
Monday, 09 November
[CVE-2020-25704] Linux kernel: perf_event_parse_addr_filter memory leak 尹亮
Linux kernel slab-out-of-bounds Read in fbcon Minh Yuan
The importance of mutual authentication: Local Privilege Escalation in X11 Demi M. Obenour
Tuesday, 10 November
[CVE-2020-13927] - Insecure Default Configuration for Experimental API in Airflow < 1.10.11 Kaxil Naik
Re: The importance of mutual authentication: Local Privilege Escalation in X11 Vladimir D. Seleznev
Re: The importance of mutual authentication: Local Privilege Escalation in X11 Demi M. Obenour
Xen Security Advisory 351 v1 - Information leak via power sidechannel Xen . org security team
CVE-2020-8694 RAPL power meter, Linux intel_powercap Len Brown
Re: The importance of mutual authentication: Local Privilege Escalation in X11 Vladimir D. Seleznev
Re: The importance of mutual authentication: Local Privilege Escalation in X11 Demi M. Obenour
Re: The importance of mutual authentication: Local Privilege Escalation in X11 Alan Coopersmith
[CVE-2020-13958] Apache OpenOffice - Unrestricted actions leads to arbitrary code execution in crafted documents Dave Fisher
Wednesday, 11 November
Dash executes code when noexec ("-n") is specified Eric Pruitt
Re: [CVE-2020-13958] Apache OpenOffice - Unrestricted actions leads to arbitrary code execution in crafted documents Imre Rad
Re: Dash executes code when noexec ("-n") is specified Jakub Wilk
Re: Dash executes code when noexec ("-n") is specified Michael Orlitzky
Re: Dash executes code when noexec ("-n") is specified Michael Orlitzky
Thursday, 12 November
CVE-2020-13954: Apache CXF Reflected XSS in the services listing page via the styleSheetPath Colm O hEigeartaigh
CVE-2014-4508 John Haxby
Friday, 13 November
Buffer Overflow in raptor widely unfixed in Linux distros Hanno Böck
Re: Buffer Overflow in raptor widely unfixed in Linux distros David A. Wheeler
Saturday, 14 November
Re: Buffer Overflow in raptor widely unfixed in Linux distros Dave Horsfall
Re: Buffer Overflow in raptor widely unfixed in Linux distros Marcus Meissner
Re: Buffer Overflow in raptor widely unfixed in Linux distros Dave Horsfall
Sunday, 15 November
Linux kernel: net/x25: a couple of overflows 尹亮
Monday, 16 November
Re: Buffer Overflow in raptor widely unfixed in Linux distros Salvatore Bonaccorso
Re: Buffer Overflow in raptor widely unfixed in Linux distros David A. Wheeler
Re: Buffer Overflow in raptor widely unfixed in Linux distros Stephen John Smoogen
Re: Buffer Overflow in raptor widely unfixed in Linux distros Marius Bakke
Re: Buffer Overflow in raptor widely unfixed in Linux distros Sam James
Re: Buffer Overflow in raptor widely unfixed in Linux distros Jeremy Stanley
Re: Buffer Overflow in raptor widely unfixed in Linux distros Sam James
Re: Buffer Overflow in raptor widely unfixed in Linux distros Seth Arnold
Tuesday, 17 November
Re: Buffer Overflow in raptor widely unfixed in Linux distros Marcus Meissner
Re: Buffer Overflow in raptor widely unfixed in Linux distros Morten Linderud
CVE-2020-25677 ceph: CEPHX_V2 replay attack protection lost Ana McTaggart
Re: CVE-2020-25677 ceph: CEPHX_V2 replay attack protection lost Ana McTaggart
CVE-2019-12412: libapreq2 null pointer dereference Joe Orton
Wednesday, 18 November
Polipo: denial-of-service using range chinarulezzz
Re: libass ass_outline.c signed integer overflow Ian Zimmerman
Re: Buffer Overflow in raptor widely unfixed in Linux distros Ian Zimmerman
Thursday, 19 November
Linux kernel NULL-ptr deref bug in spk_ttyio_ldisc_close Shisong Qin
Unpatched XSS in Redmine 4.1 sjw
Re: Linux kernel NULL-ptr deref bug in spk_ttyio_ldisc_close Marcus Meissner
Re: libass ass_outline.c signed integer overflow David A. Wheeler
Re: libass ass_outline.c signed integer overflow Moritz Mühlenhoff
Re: libass ass_outline.c signed integer overflow Ian Zimmerman
Re: Re: libass ass_outline.c signed integer overflow Salvatore Bonaccorso
Friday, 20 November
CVE-2020-4788: Speculation on incompletely validated data on IBM Power9 Daniel Axtens
CVE-2020-28928: musl libc: wcsnrtombs destination buffer overflow Rich Felker
Re: CVE-2020-25669: Linux Kernel use-after-free in sunkbd_reinit - Nop
Sunday, 22 November
Re: CVE-2020-4788: Speculation on incompletely validated data on IBM Power9 Daniel Axtens
Monday, 23 November
Re: Linux kernel: powerpc: RTAS calls can be used to compromise kernel integrity Andrew Donnellan
WebKitGTK and WPE WebKit Security Advisory WSA-2020-0008 Carlos Alberto Lopez Perez
Tuesday, 24 November
Xen Security Advisory 355 v2 - stack corruption from XSA-346 change Xen . org security team
Re: Xen Security Advisory 355 v2 - stack corruption from XSA-346 change Roger Pau Monné
Heads up: PAM 1.5.0 has a auth bypass under some conditions Marcus Meissner
OpenSC 0.21.0 released Frank Morgner
CVE-2020-13942: Remote Code Execution in Apache Unomi Serge Huber
Re: Heads up: PAM 1.5.0 has a auth bypass under some conditions John Helmert III
Re: Heads up: PAM 1.5.0 has a auth bypass under some conditions Dmitry V. Levin
Re: Heads up: PAM 1.5.0 has a auth bypass under some conditions Érico Nogueira
Re: Linux kernel slab-out-of-bounds Read in fbcon Srivatsa S. Bhat
Thursday, 26 November
Xen Security Advisory 351 v2 (CVE-2020-28368) - Information leak via power sidechannel Xen . org security team
Friday, 27 November
CVE-2020-29129 CVE-2020-29130 QEMU: slirp: out-of-bounds access while processing ARP/NCSI packets P J P
Sunday, 29 November
Multiple memory leaks fixed in Privoxy 3.0.29 stable Fabian Keil
Monday, 30 November
Re: kdeconnect: CVE-2020-26164: multiple security issues in kdeconnectd network daemon Matthias Gerstner
Re: Xen Security Advisory 355 v2 - stack corruption from XSA-346 change Mauro Matteo Cascella
Re: Xen Security Advisory 355 v2 - stack corruption from XSA-346 change Andrew Cooper
WebKitGTK and WPE WebKit Security Advisory WSA-2020-0009 Carlos Alberto Lopez Perez
CVE-2020-27815 Linux kernel: jfs: array-index-out-of-bounds in dbAdjTree butt3rflyh4ck
CVE-2020-15257: containerd-shim API exposed to host network containers Karp, Samuel
Linux Kernel: ALSA: use-after-free Write in snd_rawmidi_kernel_write1 butt3rflyh4ck
Tuesday, 01 December
CVE-2020-28916 QEMU: e1000e: infinite loop scenario in case of null packet descriptor P J P
X.Org server security advisory: December 1, 2020 Matthieu Herrb
Some mitigation for openssh CVE-2020-14145 Marcus Meissner
Thursday, 03 December
Re: Linux Kernel: ALSA: use-after-free Write in snd_rawmidi_kernel_write1 butt3rflyh4ck
Multiple vulnerabilities in Jenkins Daniel Beck
[SECURITY] CVE-2020-17527 Apache Tomcat HTTP/2 Request header mix-up Mark Thomas
Saturday, 05 December
Re: Security fixes from Android 10 release which are relevant outside the Android ecosystem? Salvatore Bonaccorso
Sunday, 06 December
[CVE-2020-17521]: Apache Groovy Information Disclosure Paul King
Linux kernel NULL-ptr deref bug in spk_ttyio_receive_buf2 Shisong Qin
Monday, 07 December
Re: Linux kernel NULL-ptr deref bug in spk_ttyio_receive_buf2 John Haxby
Re: Linux kernel NULL-ptr deref bug in spk_ttyio_receive_buf2 - Nop
[SECURITY] CVE-2020-13945: Apache APISIX's Admin API default access token vulnerability YuanSheng Wang
[kubernetes] CVE-2020-8554: Man in the middle using LoadBalancer or ExternalIPs Tim Allclair
Re: Linux kernel NULL-ptr deref bug in spk_ttyio_receive_buf2 Marcus Meissner
Tuesday, 08 December
[OSSA-2020-008] horizon: Open redirect in workflow forms (CVE-2020-29565) Gage Hugo
Apache Struts 2: CVE-2020-17530: Potential RCE when using forced evaluation Lukasz Lenart
Re: Linux kernel NULL-ptr deref bug in spk_ttyio_receive_buf2 - Nop
Bugs found by Cryptofuzz - some missing CVEs or too low impact for CVE? yersinia
Re: Bugs found by Cryptofuzz - some missing CVEs or too low impact for CVE? Eric Biggers
Re: Bugs found by Cryptofuzz - some missing CVEs or too low impact for CVE? Robert Watson
Re: Bugs found by Cryptofuzz - some missing CVEs or too low impact for CVE? Seth Arnold
[SECURITY ADVISORY] curl: trusting FTP PASV responses Daniel Stenberg
[SECURITY ADVISORY] libcurl: FTP wildcard stack overflow Daniel Stenberg
[SECURITY ADVISORY] curl: Inferior OCSP verification Daniel Stenberg
Wednesday, 09 December
CVE-2020-17528: Apache NuttX (incubating) Out of Bound Write from invalid TCP Urgent length Brennan Ashton
CVE-2020-17529: Apache NuttX (incubating) Out of Bound Write from invalid fragmentation offset value specified in the IP header Brennan Ashton
Thursday, 10 December
2 kernel issues Marcus Meissner
Re: Linux kernel: powerpc: RTAS calls can be used to compromise kernel integrity Andrew Donnellan
Friday, 11 December
CVE-2020-27825 kernel: use-after-free in the ftrace ring buffer resizing logic due to a race condition Rohit Keshri
CVE-2020-17515: Apache Airflow Reflected XSS via Origin Parameter Kaxil Naik
CVE-2020-17511: Apache Airflow Admin password gets logged in plain text Kaxil Naik
CVE-2020-17513: Apache Airflow Server-Side Request Forgery (SSRF) in Charts & Query View Kaxil Naik
Tuesday, 15 December
Re: Bugs found by Cryptofuzz - some missing CVEs or too low impact for CVE? Douglas Bagnall
Xen Security Advisory 115 v4 (CVE-2020-29480) - xenstore watch notifications lacking permission checks Xen . org security team
Xen Security Advisory 322 v4 (CVE-2020-29481) - Xenstore: new domains inheriting existing node permissions Xen . org security team
Xen Security Advisory 325 v3 (CVE-2020-29483) - Xenstore: guests can disturb domain cleanup Xen . org security team
Xen Security Advisory 324 v3 (CVE-2020-29484) - Xenstore: guests can crash xenstored via watchs Xen . org security team
Xen Security Advisory 323 v3 (CVE-2020-29482) - Xenstore: wrong path length check Xen . org security team
Xen Security Advisory 330 v3 (CVE-2020-29485) - oxenstored memory leak in reset_watches Xen . org security team
Xen Security Advisory 348 v3 (CVE-2020-29566) - undue recursion in x86 HVM context switch code Xen . org security team
Xen Security Advisory 350 v4 (CVE-2020-29569) - Use after free triggered by block frontend in Linux blkback Xen . org security team
Xen Security Advisory 349 v3 (CVE-2020-29568) - Frontends can trigger OOM in Backends by update a watched path Xen . org security team
Xen Security Advisory 354 v4 (CVE-2020-29487) - XAPI: guest-triggered excessive memory usage Xen . org security team
Xen Security Advisory 352 v3 (CVE-2020-29486) - oxenstored: node ownership can be changed by unprivileged clients Xen . org security team
Xen Security Advisory 353 v4 (CVE-2020-29479) - oxenstored: permissions not checked on root node Xen . org security team
Xen Security Advisory 358 v4 (CVE-2020-29570) - FIFO event channels control block related ordering Xen . org security team
Xen Security Advisory 356 v3 (CVE-2020-29567) - infinite loop when cleaning up IRQ vectors Xen . org security team
Xen Security Advisory 359 v3 (CVE-2020-29571) - FIFO event channels control structure ordering Xen . org security team
Wednesday, 16 December
[ANNOUNCE] qemu-security mailing list P J P
CVE-2020-13931 Apache TomEE - Incorrect config on JMS Resource Adapter can lead to JMX being enabled Jonathan Gallimore
Xen Security Advisory 322 v5 (CVE-2020-29481) - Xenstore: new domains inheriting existing node permissions Xen . org security team
Xen Security Advisory 358 v5 (CVE-2020-29570) - FIFO event channels control block related ordering Xen . org security team
Xen Security Advisory 343 v5 (CVE-2020-25599) - races with evtchn_reset() Xen . org security team
CVE-2020-27821 QEMU: heap buffer overflow in msix_table_mmio_write() in hw/pci/msix.c Mauro Matteo Cascella
CVE-2020-27781 User credentials can be manipulated and stolen by Native CephFS consumers of OpenStack Manila Ana McTaggart
Thursday, 17 December
CVE-2020-17520 Apache Pulsar Manager Information Disclosure (bypass admin interceptor) Guangning E
Monday, 21 December
CVE-2020-17526: Apache Airflow Incorrect Session Validation in Airflow Webserver with default config Kaxil Naik
Tuesday, 22 December
CVE-2020-25723 QEMU: assertion failure through usb_packet_unmap() in hw/usb/hcd-ehci.c Mauro Matteo Cascella
Wednesday, 23 December
CVE request experience (was: Multiple memory leaks fixed in Privoxy 3.0.29 stable) Fabian Keil
Re: CVE request experience (was: Multiple memory leaks fixed in Privoxy 3.0.29 stable) Nick Tait
Friday, 25 December
Re: CVE request experience (was: Multiple memory leaks fixed in Privoxy 3.0.29 stable) Jeffrey Walton
More CVE request experience (Fwd: Automatic reply: [EXT] Need a CVE for Crypto++) Jeffrey Walton
Re: More CVE request experience (Fwd: Automatic reply: [EXT] Need a CVE for Crypto++) Noel Kuntze
Monday, 28 December
Re: CVE-2020-27815 Linux kernel: jfs: array-index-out-of-bounds in dbAdjTree butt3rflyh4ck
Tuesday, 29 December
CVE-2020-17533: Apache Accumulo Improper Handling of Insufficient Permissions Billie Rinaldi