oss-sec: by date
RSS Feed
About List
All Lists
Previous period
250 messages
starting Jan 03 09 and
ending Mar 31 09
Date index |
Thread index |
Author index
Saturday, 03 January
Re: CVE id request: audiofile Nico Golde
Sunday, 04 January
CVE request: kernel: sctp: memory overflow when FWD-TSN chunk is received with bad stream ID Eugene Teo
Tuesday, 06 January
Fwd: Using xdg-open in /etc/mailcap causes hole in Firefox (Demonstration/Exploit included) Josh Bressers
Wednesday, 07 January
Re: Fwd: Using xdg-open in /etc/mailcap causes hole in Firefox (Demonstration/Exploit included) Bernhard R. Link
[oCERT-2008-016] Multiple OpenSSL signature verification API misuses Will Drewry
CFP: COLSEC 2009 Patrice CLEMENTE
CFPs on this list (was: CFP: COLSEC 2009) Solar Designer
clarification on CVE-2008-5687 (mediawiki) Nico Golde
Re: clarification on CVE-2008-5687 (mediawiki) Steven M. Christey
Re: CVE id request: audiofile Steven M. Christey
Re: CVE request: kernel: sctp: memory overflow when FWD-TSN chunk is received with bad stream ID Steven M. Christey
Re: CFPs on this list (was: CFP: COLSEC 2009) Josh Bressers
Re: Fwd: Using xdg-open in /etc/mailcap causes hole in Firefox (Demonstration/Exploit included) Steven M. Christey
Re: CVE request - pdfjam Steven M. Christey
Re: CFPs on this list (was: CFP: COLSEC 2009) Nico Golde
Thursday, 08 January
CVE request: ktorrent Moritz Muehlenhoff
Friday, 09 January
libpng non issue Josh Bressers
Sunday, 11 January
CVE-2009-0024 kernel: local privilege escalation in sys_remap_file_pages Eugene Teo
Monday, 12 January
SyScan'09 Call For Paper - Shanghai, Hong Kong, Singapore, Taipei organiser () syscan org
CVE request: xrdp Thomas Biege
CVE Request -- tsqllib, slurm-llnl, libnasl, libcrypt-openssl-dsa-perl, erlang, boinc-client, m2crypto Jan Lieskovsky
Tuesday, 13 January
CVE-2008-4307 kernel: local denial of service in locks_remove_flock Eugene Teo
CVE Request -- libmikmod Jan Lieskovsky
update on CVE-2008-5718 Nico Golde
Wednesday, 14 January
Re: update on CVE-2008-5718 Thomas Biege
CVE Request -- amarok Jan Lieskovsky
Re: update on CVE-2008-5718 Nico Golde
Re: update on CVE-2008-5718 Thomas Biege
Thursday, 15 January
CVE request -- git Florian Weimer
CVE request - ganglia Tomas Hoger
Sunday, 18 January
Re: libpng non issue Nico Golde
CVE request: WebSVN Florian Weimer
Monday, 19 January
Re: CVE Request -- amarok Marcus Meissner
Re: CVE Request -- amarok Tomas Hoger
Re: CVE Request -- amarok Marcus Meissner
CVE-2009-0031 kernel: local denial of service in keyctl_join_session_keyring Mark J Cox
Re: CVE request -- git Florian Weimer
Tuesday, 20 January
Re: CVE request -- git Tomas Hoger
Re: CVE request -- git Sebastian Krahmer
Re: CVE request -- git Tomas Hoger
Re: CVE request -- git Sebastian Krahmer
CVE request - horde XSS Tomas Hoger
Re: CVE Request -- amarok Steven M. Christey
Re: CVE request -- git Steven M. Christey
Re: CVE request - horde XSS Steven M. Christey
Re: CVE request: WebSVN Steven M. Christey
Re: CVE request - ganglia Steven M. Christey
Re: CVE request: xrdp Steven M. Christey
Re: CVE Request -- tsqllib, slurm-llnl, libnasl, libcrypt-openssl-dsa-perl, erlang, boinc-client, m2crypto Steven M. Christey
Wednesday, 21 January
Re: CVE request -- git Tomas Hoger
COLSEC 2009 CFP: **Update** COLSEC Organizers
CVE Request -- openoffice.org (CVE-2008-4841) Jan Lieskovsky
mod-auth-mysql: SQL injection Steffen Joeris
Thursday, 22 January
CVE id request: typo3 SA-2009-001 Nico Golde
Re: CVE id request: typo3 SA-2009-001 Steven M. Christey
Re: CVE request -- git Steven M. Christey
Re: mod-auth-mysql: SQL injection Steven M. Christey
Re: CVE Request -- openoffice.org (CVE-2008-4841) Steven M. Christey
Friday, 23 January
CVE Request -- gstreamer-plugins-good Jan Lieskovsky
Re: CVE request -- git Tomas Hoger
CVE request: Tor <0.2.0.33 Heap corruption Robert Buchholz
Re: CVE id request: typo3 SA-2009-001 Nico Golde
Monday, 26 January
Re: CVE request - ganglia Tomas Hoger
CVE request -- Python < 2.6 PySys_SetArgv issues (epiphany, csound, dia, eog, gedit, xchat, vim, nautilus-python, Gnumeric) Jan Lieskovsky
CVE request -- Linux kernel irda driver buffer overflow Miklos Vajna
Re: CVE request -- Linux kernel irda driver buffer overflow Mark J Cox
Tuesday, 27 January
Re: CVE request -- Linux kernel irda driver buffer overflow Miklos Vajna
CVE Request: winetricks symlink problem Marcus Meissner
CVE Request: MoinMoin Jamie Strandboge
Re: CVE Request: MoinMoin Steven M. Christey
Re: CVE request -- Python < 2.6 PySys_SetArgv issues (epiphany, csound, dia, eog, gedit, xchat, vim, nautilus-python, Gnumeric) Steven M. Christey
Re: CVE Request: winetricks symlink problem Steven M. Christey
Wednesday, 28 January
CVE request - horde, imp Tomas Hoger
Re: CVE request -- Python < 2.6 PySys_SetArgv issues (epiphany, csound, dia, eog, gedit, xchat, vim, nautilus-python, Gnumeric) Robert Buchholz
Re: update on CVE-2008-5718 Thomas Biege
Re: update on CVE-2008-5718 Steven M. Christey
Re: update on CVE-2008-5718 Thomas Biege
Re: update on CVE-2008-5718 Steven M. Christey
Re: update on CVE-2008-5718 Nico Golde
CVE id request: php5 Steffen Joeris
Re: CVE id request: php5 Josh Bressers
Re: CVE id request: php5 Raphael Geissert
Thursday, 29 January
Re: Re: CVE id request: php5 Joe Orton
CVE Request -- (sor of urgent) gstreamer-plugins, gstreamer-plugins-good (repost) Jan Lieskovsky
CVE Request -- (sort of urgent) gstreamer-plugins-good (repost) (more details about affected versions -- final version) Jan Lieskovsky
Re: Re: CVE id request: php5 Steven M. Christey
CVE Request (trickle) Josh Bressers
CVE Request - php (PHP BZ#27421) Jan Lieskovsky
Friday, 30 January
Re: CVE request -- Python < 2.6 PySys_SetArgv issues (epiphany, csound, dia, eog, gedit, xchat, vim, nautilus-python, Gnumeric) Jan Lieskovsky
Tuesday, 03 February
CVE Request: sblim-sfcb genSslCert.sh temp race Marcus Meissner
Re: CVE Request -- (sort of urgent) gstreamer-plugins-good (repost) (more details about affected versions -- final version) Steven M. Christey
Re: CVE Request - php (PHP BZ#27421) Steven M. Christey
Re: CVE request -- Python < 2.6 PySys_SetArgv issues (epiphany, csound, dia, eog, gedit, xchat, vim, nautilus-python, Gnumeric) Steven M. Christey
Re: CVE request - ganglia Steven M. Christey
Re: CVE request: Tor <0.2.0.33 Heap corruption Steven M. Christey
Wednesday, 04 February
CVS request - Moodle Dan Poltawski
CVE request: Audacity <1.3.6 Buffer overflow Robert Buchholz
CVE request: Openfire <3.6.3 XSS vulnerabilities Robert Buchholz
CVE request: Squid <2.7.6, 3.0.13, 3.1.0.5 DoS Robert Buchholz
CVE request: ffmpeg <r16846 Type conversion vulnerability Robert Buchholz
Re: CVE request: ffmpeg <r16846 Type conversion vulnerability Tomas Hoger
CVE requests: Bugzilla Moritz Muehlenhoff
CVE id request: mahara Steffen Joeris
Friday, 06 February
CVE request: XSS in Phorum < 5.2.10 Hanno Böck
CVE request: phpbb < 3.0.4 Hanno Böck
Re: CVE request: Squid <2.7.6, 3.0.13, 3.1.0.5 DoS Josh Bressers
CVE Request - Wicd <= 1.5.8 Robby Workman
Re: CVE request: jhead Tomas Hoger
Re: CVE requests: Bugzilla Tomas Hoger
Saturday, 07 February
CVE Request: pycrypto Pinar Yanardag
[oCERT-2009-002] OpenCORE insufficient bounds checking during MP3 decoding Will Drewry
Re: CVE request: Squid <2.7.6, 3.0.13, 3.1.0.5 DoS Robert Buchholz
Sunday, 08 February
CVE-2008-6049 is bogus Nico Golde
Re: CVE request: Squid <2.7.6, 3.0.13, 3.1.0.5 DoS Steven M. Christey
Re: CVE request: Squid <2.7.6, 3.0.13, 3.1.0.5 DoS Josh Bressers
Monday, 09 February
Debian's list of embedded code copies Solar Designer
local list archive Solar Designer
Re: CVE requests: Bugzilla Steven M. Christey
Re: CVE id request: mahara Steven M. Christey
Re: CVE request: XSS in Phorum < 5.2.10 Steven M. Christey
Re: CVE Request - Wicd <= 1.5.8 Steven M. Christey
CVE Request (mediawiki) Josh Bressers
Re: CVE request: Audacity <1.3.6 Buffer overflow Steven M. Christey
Re: CVE request: Openfire <3.6.3 XSS vulnerabilities Steven M. Christey
Re: CVE request: ffmpeg <r16846 Type conversion vulnerability Steven M. Christey
Re: CVS request - Moodle Steven M. Christey
Tuesday, 10 February
CVE request: SimpleMachinesForum (SMF) < 1.1.8: HTML injection Hanno Böck
CVE request: typo3 xss (typo3-sa-2009-002) Hanno Böck
CVE Request -- evolution Jan Lieskovsky
libvirt_proxy heads up Josh Bressers
Wednesday, 11 February
CVE request for proftpd Vincent Danen
Re: CVE request for proftpd TJ Saunders
Re: CVE request for proftpd Vincent Danen
Re: CVE request for proftpd Vincent Danen
Re: CVE request for proftpd TJ Saunders
Re: CVE request for proftpd Vincent Danen
Thursday, 12 February
CVE-2008-5621 is a duplicate (was: Re: [oss-security] CVE request: phpMyAdmin < 3.1.1.0 (SQL injection through XSRF on several pages )) Thijs Kinkhorst
CVE Request -- net-snmp (sensitive host information disclosure) Jan Lieskovsky
Re: CVE request for proftpd Steven M. Christey
Re: CVE Request -- net-snmp (sensitive host information disclosure) Steven M. Christey
Re: CVE Request: pycrypto Steven M. Christey
CVE request: libpng memory leak Robert Buchholz
Re: CVE Request -- net-snmp (sensitive host information disclosure) Jan Lieskovsky
CVE Request (ruby) Josh Bressers
http://www.securityfocus.com/bid/33672/info kernel issue Marcus Meissner
Re: http://www.securityfocus.com/bid/33672/info kernel issue Mark J Cox
Re: http://www.securityfocus.com/bid/33672/info kernel issue Marcus Meissner
Re: CVE Request -- net-snmp (sensitive host information disclosure) Robert Buchholz
Friday, 13 February
CVE Request: Poppler -Two Denial of Service Vulnerabilities Pinar Yanardag
Re: CVE Request -- net-snmp (sensitive host information disclosure) Jan Lieskovsky
Wednesday, 18 February
Re: SyScan'09 Call For Paper - Shanghai, Hong Kong, Singapore, Taipei organiser () syscan org
Thursday, 19 February
CVE request for yaws Jamie Strandboge
Re: CVE Request: Poppler -Two Denial of Service Vulnerabilities Michael K. Johnson
CVE request: kernel: memory disclosure in SO_BSDCOMPAT gsopt Eugene Teo
CVE request: kernel: skfp_ioctl inverted logic flaw Eugene Teo
Saturday, 21 February
Re: Vim CVE issues cleanup (plugins tar.vim, zip.vim) - CVE-2008-3074 and CVE-2008-3075 Steven M. Christey
Re: CVE request - Vim netrw.plugin Steven M. Christey
Re: CVE request (vim) Steven M. Christey
Sunday, 22 February
Re: CVE request: kernel: skfp_ioctl inverted logic flaw Steven M. Christey
Re: CVE request: kernel: memory disclosure in SO_BSDCOMPAT gsopt Steven M. Christey
Monday, 23 February
CVE request: mldonkey arbitrary file download vulnerability Florian Weimer
Re: CVE request: kernel: memory disclosure in SO_BSDCOMPAT gsopt Eugene Teo
Tuesday, 24 February
CVE request: optipng security release Marcus Meissner
new dns2tcp buffer overflow in 0.4.2? Steven M. Christey
Re: CVE request: kernel: memory disclosure in SO_BSDCOMPAT gsopt Eugene Teo
Wednesday, 25 February
Re: CVE Request - php (PHP BZ#27421) Josh Bressers
Re: CVE request: optipng security release Robert Buchholz
CVE request: Psi <0.12.1 DoS Alex Legler
Thursday, 26 February
OpenSC Security Advisory Andreas Jellinghaus
Added protection in KMail when accessing URLs to executables Jamie Strandboge
Sunday, 01 March
CVE id request: dkim-milter Steffen Joeris
CVE id request: znc Florian Weimer
CVE id request: Tor <0.2.0.34 multiple DoS Raphael Marichez
CVE id request: tinydns crafted zone file cache poisoning vulnerability Florian Weimer
CVE id request: avahi Steffen Joeris
CVE request: kernel: x86-64: seccomp: 32/64 syscall hole Eugene Teo
CVE request: kernel: x86-64: syscall-audit: 32/64 syscall hole Eugene Teo
Monday, 02 March
CVE Request: mpfr (Buffer Overflow) Pinar Yanardag
Re: CVE request: optipng security release Steven M. Christey
Re: CVE request: kernel: memory disclosure in SO_BSDCOMPAT gsopt Steven M. Christey
Re: CVE request: kernel: memory disclosure in SO_BSDCOMPAT gsopt Eugene Teo
Tuesday, 03 March
Re: CVE request: kernel: memory disclosure in SO_BSDCOMPAT gsopt Eugene Teo
Wednesday, 04 March
Re: CVE request: kernel: memory disclosure in SO_BSDCOMPAT gsopt Florian Weimer
lxc-sshd security issues? Michael K. Johnson
Thursday, 05 March
CVE Request -- pam Jan Lieskovsky
Re: lxc-sshd security issues? Michael K. Johnson
Friday, 06 March
CVE request: kernel: shm: fix shmctl(SHM_INFO) lockup with !CONFIG_SHMEM Eugene Teo
CVE request: kernel: inotify local DoS Eugene Teo
Saturday, 07 March
CVE Request: Opera <9.64: Execution of arbitrary code Alex Legler
Sunday, 08 March
CVE request: dotclear < 2.1.5 XSS Hanno Böck
CVE request: nucleus cms < 3.40 (3.33 and below) directory traversal Hanno Böck
Tuesday, 10 March
CVE Request: courier-authlib < 0.62.0 SQL Injection Pierre-Yves Rofes
CVE-2009-0028 Linux kernel minor signal handling vulnerability Eugene Teo
CVE-2009-0778 kernel: rt_cache leak Eugene Teo
Re: CVE Request: courier-authlib < 0.62.0 SQL Injection Steffen Joeris
Wednesday, 11 March
CVE request -- postgresql Vincent Danen
Thursday, 12 March
Re: CVE request - horde, imp Ludwig Nussel
[oCERT-2008-015] glib and glib-predecessor heap overflows Will Drewry
Sunday, 15 March
CVE-2009-0876 (VirtualBox) references Robert Buchholz
Monday, 16 March
CVE request: XSS in MUC logs of ejabberd Hanno Böck
Re: [oCERT-2008-015] glib and glib-predecessor heap overflows Robert Buchholz
Re: CVE id request: tinydns crafted zone file cache poisoning vulnerability Steven M. Christey
Tuesday, 17 March
Re: CVE-2009-0876 (VirtualBox) references Nico Golde
Re: CVE request -- postgresql Steven M. Christey
CVE request -- firefox, vlc, WeeChat Jan Lieskovsky
Re: CVE-2009-0876 (VirtualBox) references Steven M. Christey
Re: lxc-sshd security issues? Steven M. Christey
Re: CVE request: nucleus cms < 3.40 (3.33 and below) directory traversal Steven M. Christey
Re: CVE request -- firefox, vlc, WeeChat Moritz Muehlenhoff
Re: CVE request - horde, imp Steven M. Christey
Re: CVE-2009-0876 (VirtualBox) references Nico Golde
Re: CVE id request: Tor <0.2.0.34 multiple DoS Steven M. Christey
Re: CVE request: XSS in MUC logs of ejabberd Steven M. Christey
Re: CVE request: kernel: inotify local DoS Steven M. Christey
Wednesday, 18 March
Re: lxc-sshd security issues? Michael K. Johnson
Re: CVE request: kernel: inotify local DoS Michael K. Johnson
Re: CVE request: kernel: inotify local DoS Eugene Teo
Thursday, 19 March
Re: CVE request: kernel: inotify local DoS Michael K. Johnson
Re: CVE request: jhead Steven M. Christey
Re: CVE-2008-5621 is a duplicate (was: Re: [oss-security] CVE request: phpMyAdmin < 3.1.1.0 (SQL injection through XSRF on several pages )) Steven M. Christey
Friday, 20 March
[oCERT-2009-003] LittleCMS integer errors Andrea Barisani
Saturday, 21 March
CVE request - openfire Matti Bickel
Sunday, 22 March
CVE request: kernel: nfsd did not drop CAP_MKNOD for non-root Eugene Teo
Monday, 23 March
CVE request: API key disclosure in piwik Hanno Böck
CVE request -- ucd-snmp / net-snmp, libnss-ldapd / nss_ldap Jan Lieskovsky
Re: CVE request -- ucd-snmp / net-snmp, libnss-ldapd / nss_ldap Nico Golde
Tuesday, 24 March
Re: CVE request -- ucd-snmp / net-snmp, libnss-ldapd / nss_ldap yersinia
Re: CVE request -- ucd-snmp / net-snmp, libnss-ldapd / nss_ldap Vincent Danen
Lua 5.1.4 Kees Cook
CVE id request: ldns Nico Golde
Re: Lua 5.1.4 Steven M. Christey
Re: CVE request - openfire Steven M. Christey
Re: CVE request: kernel: nfsd did not drop CAP_MKNOD for non-root Steven M. Christey
Re: CVE request -- ucd-snmp / net-snmp, libnss-ldapd / nss_ldap Steven M. Christey
Re: CVE request -- ucd-snmp / net-snmp, libnss-ldapd / nss_ldap Vincent Danen
Wednesday, 25 March
Re: Lua 5.1.4 Florian Weimer
CVE id request: phpMyAdmin Thijs Kinkhorst
CVE request -- zsh, XFree86-xfs/xorg-x11-xfs, screen Jan Lieskovsky
Re: CVE id request: ldns Steven M. Christey
Re: CVE request: API key disclosure in piwik Steven M. Christey
Friday, 27 March
CVE request: < tikiwiki 2.3: XSS Hanno Böck
Monday, 30 March
CVE id request: auth2db Steffen Joeris
[Fwd: Cross-Site Scripting in Banshee DAAP Extension] Anthony
Re: [Fwd: Cross-Site Scripting in Banshee DAAP Extension] Steven M. Christey
Re: CVE id request: phpMyAdmin Steven M. Christey
Tuesday, 31 March
Re: CVE request -- zsh, XFree86-xfs/xorg-x11-xfs, screen Steven M. Christey
Re: CVE request: < tikiwiki 2.3: XSS Steven M. Christey
CVE request: kernel: KVM: VMX: Dont allow uninhibited access to EFER on i386 Eugene Teo
CVE request: kernel: udp: Wrong locking code in udp seq_file infrastructure Eugene Teo
CVE Request: Wireshark DoS Pinar Yanardag