oss-security mailing list - 2010/09

Follow @Openwall on Twitter for new release announcements and other news

[<prev month] [next month>] [year] [list]

oss-security mailing list - 2010/09

Mon	Tue	Wed	Thu	Fri	Sat	Sun
		¹ 3	² 5	³ 5	⁴ 1	⁵ 5
⁶ 3	⁷ 17	⁸ 10	⁹ 8	¹⁰ 8	¹¹ 8	¹² 1
¹³ 12	¹⁴ 19	¹⁵ 2	¹⁶ 17	¹⁷ 13	¹⁸	¹⁹
²⁰ 2	²¹ 15	²² 3	²³	²⁴ 4	²⁵ 2	²⁶
²⁷ 11	²⁸ 10	²⁹ 11	³⁰ 8

Messages by day:

September 1 (3 messages)

CVE-2010-2954 kernel: irda null ptr deref (Eugene Teo <eugene@...hat.com>)
CVE Request -- phpMyAdmin - v3.6.6 -- XSS attack using debugging messages (CVE-2010-3056 discussion) (Jan Lieskovsky <jlieskov@...hat.com>)
Re: CVE Request -- phpMyAdmin - v3.6.6 -- XSS attack using debugging messages (CVE-2010-3056 discussion) (Josh Bressers <bressers@...hat.com>)

September 2 (5 messages)

CVE-2010-2960 kernel: keyctl_session_to_parent null ptr deref (Eugene Teo <eugene@...hat.com>)
Re: CVE id request: libc fortify source information disclosure (Tomas Hoger <thoger@...hat.com>)
Re: CVE id request: libc fortify source information disclosure (Dan Rosenberg <dan.j.rosenberg@...il.com>)
Re: CVE id request: libc fortify source information disclosure (Tomas Hoger <thoger@...hat.com>)
Re: CVE id request: libc fortify source information disclosure (Dan Rosenberg <dan.j.rosenberg@...il.com>)

September 3 (5 messages)

CVE Request 1, NSS 2, Qt: Doesn't handle wildcards in Common Name properly (Jan Lieskovsky <jlieskov@...hat.com>)
CVE request: XSS in nusoap (Raphael Geissert <geissert@...ian.org>)
Re: CVE Request 1, NSS 2, Qt: Doesn't handle wildcards in Common Name properly (Reed Loden <reed@...dloden.com>)
Re: CVE Request 1, NSS 2, Qt: Doesn't handle wildcards in Common Name properly (Julien Cristau <jcristau@...ian.org>)
Re: CVE Request 1, NSS 2, Qt: Doesn't handle wildcards in Common Name properly (Reed Loden <reed@...dloden.com>)

September 4 (1 message)

Re: CVE Request 1, NSS 2, Qt: Doesn't handle wildcards in Common Name properly (Joe Orton <jorton@...hat.com>)

September 5 (5 messages)

CVE Request -- Bip -- Remote Dos (crash) by exchanging user credentials (Jan Lieskovsky <jlieskov@...hat.com>)
CVE Request -- Squid -- Denial of service due internal error in string handling (SQUID-2010:3) (Jan Lieskovsky <jlieskov@...hat.com>)
CVE Request -- EncFS / fuse-encfs [three ids] -- Multiple Vulnerabilities in EncFS (Jan Lieskovsky <jlieskov@...hat.com>)
Re: CVE Request 1, NSS 2, Qt: Doesn't handle wildcards in Common Name properly (Richard Moore <rich@...tpoint.ltd.uk>)
CVE request: smbind Sql Injection (Giuseppe Iuculano <iuculano@...ian.org>)

September 6 (3 messages)

Re: CVE Request -- EncFS / fuse-encfs [three ids] -- Multiple Vulnerabilities in EncFS (Valient Gough <valient@...il.com>)
CVE Request -- Horde v3.3.8 -- XSS in icon_browser.php due improper sanitization of 'subdir' URL parameter (Jan Lieskovsky <jlieskov@...hat.com>)
Re: CVE Request 1, NSS 2, Qt: Doesn't handle wildcards in Common Name properly (Florian Weimer <fw@...eb.enyo.de>)

September 7 (17 messages)

CVE request: kernel: xfs: XFS_IOC_FSGETXATTR ioctl memory leak (Eugene Teo <eugene@...hat.com>)
/proc infoleaks (Sebastian Krahmer <krahmer@...e.de>)
Re: [Security] /proc infoleaks (Sebastian Krahmer <krahmer@...e.de>)
Re: CVE request: XSS in nusoap (Josh Bressers <bressers@...hat.com>)
Re: [Security] /proc infoleaks (Andrew Morton <akpm@...ux-foundation.org>)
Re: CVE Request -- Bip -- Remote Dos (crash) by exchanging user credentials (Josh Bressers <bressers@...hat.com>)
Re: CVE Request -- Squid -- Denial of service due internal error in string handling (SQUID-2010:3) (Josh Bressers <bressers@...hat.com>)
Re: CVE Request -- EncFS / fuse-encfs [three ids] -- Multiple Vulnerabilities in EncFS (Josh Bressers <bressers@...hat.com>)
Re: Re: [Security] /proc infoleaks (Marcus Meissner <meissner@...e.de>)
Re: CVE request: smbind Sql Injection (Josh Bressers <bressers@...hat.com>)
Re: CVE Request -- Horde v3.3.8 -- XSS in icon_browser.php due improper sanitization of 'subdir' URL parameter (Josh Bressers <bressers@...hat.com>)
Re: CVE request: kernel: xfs: XFS_IOC_FSGETXATTR ioctl memory leak (Josh Bressers <bressers@...hat.com>)
Re: Re: [Security] /proc infoleaks (Jon Oberheide <jon@...rheide.org>)
Re: Re: [Security] /proc infoleaks (Andrew Morton <akpm@...ux-foundation.org>)
Re: [Security] Re: /proc infoleaks (Andrew Morton <akpm@...ux-foundation.org>)
Re: [Security] Re: /proc infoleaks (Brad Spengler <spender@...ecurity.net>)
Re: [Security] Re: /proc infoleaks (Linus Torvalds <torvalds@...ux-foundation.org>)

September 8 (10 messages)

[PATCH 0/3] execve argument-copying fixes (Roland McGrath <roland@...hat.com>)
[PATCH 1/3] setup_arg_pages: diagnose excessive argument size (Roland McGrath <roland@...hat.com>)
[PATCH 2/3] execve: improve interactivity with large arguments (Roland McGrath <roland@...hat.com>)
[PATCH 3/3] execve: make responsive to SIGKILL with large arguments (Roland McGrath <roland@...hat.com>)
Re: [PATCH 0/3] execve argument-copying fixes (KOSAKI Motohiro <kosaki.motohiro@...fujitsu.com>)
Re: Re: [Security] Re: /proc infoleaks (Sebastian Krahmer <krahmer@...e.de>)
CVE-2010-3080 kernel: /dev/sequencer open failure is not handled correctly (Eugene Teo <eugene@...hat.com>)
Re: Re: [Security] Re: /proc infoleaks (Brad Spengler <spender@...ecurity.net>)
CVE Request -- phpMyAdmin (x < v3.3.7) -- XSS in setup script (PMASA-2010-7) (Jan Lieskovsky <jlieskov@...hat.com>)
Re: CVE Request -- phpMyAdmin (x < v3.3.7) -- XSS in setup script (PMASA-2010-7) ("Steven M. Christey" <coley@...us.mitre.org>)

September 9 (8 messages)

CVE request: kernel: niu buffer overflow for ETHTOOL_GRXCLSRLALL (Eugene Teo <eugene@...hat.com>)
[PATCH 1/2] oom: don't ignore rss in nascent mm (KOSAKI Motohiro <kosaki.motohiro@...fujitsu.com>)
[PATCH 0/2] execve memory exhaust of argument-copying fixes (KOSAKI Motohiro <kosaki.motohiro@...fujitsu.com>)
[PATCH 2/2] execve: check the VM has enough memory at first (KOSAKI Motohiro <kosaki.motohiro@...fujitsu.com>)
Re: [PATCH 1/3] setup_arg_pages: diagnose excessive argument size (KOSAKI Motohiro <kosaki.motohiro@...fujitsu.com>)
CVE Request -- Python -- accept() implementation in async core is broken => more subcases (Jan Lieskovsky <jlieskov@...hat.com>)
CVE Assignment: django (Josh Bressers <bressers@...hat.com>)
CVE request: mednafen stack manipulation (Hanno Böck <hanno@...eck.de>)

September 10 (8 messages)

Re: [PATCH 1/3] setup_arg_pages: diagnose excessive argument size (Roland McGrath <roland@...hat.com>)
Re: [PATCH 1/3] setup_arg_pages: diagnose excessive argument size (Roland McGrath <roland@...hat.com>)
Re: [PATCH 1/3] setup_arg_pages: diagnose excessive argument size (Roland McGrath <roland@...hat.com>)
Re: [PATCH 1/2] oom: don't ignore rss in nascent mm (Roland McGrath <roland@...hat.com>)
Re: [PATCH 1/3] setup_arg_pages: diagnose excessive argument size (KOSAKI Motohiro <kosaki.motohiro@...fujitsu.com>)
[PATCH] move cred_guard_mutex from task_struct to signal_struct (KOSAKI Motohiro <kosaki.motohiro@...fujitsu.com>)
Re: [PATCH 2/2] execve: check the VM has enough memory at first (Linus Torvalds <torvalds@...ux-foundation.org>)
Re: [PATCH] move cred_guard_mutex from task_struct to signal_struct (Oleg Nesterov <oleg@...hat.com>)

September 11 (8 messages)

Re: CVE request: kernel: niu buffer overflow for ETHTOOL_GRXCLSRLALL (Josh Bressers <bressers@...hat.com>)
Re: CVE Request -- Python -- accept() implementation in async core is broken => more subcases (Josh Bressers <bressers@...hat.com>)
Re: CVE request: mednafen stack manipulation (Josh Bressers <bressers@...hat.com>)
Re: CVE Request -- MySQL v5.1.49 -- multiple DoS flaws (Josh Bressers <bressers@...hat.com>)
CVE id requests: drupal (Steffen Joeris <steffen.joeris@...lelinux.de>)
Re: [PATCH 1/3] setup_arg_pages: diagnose excessive argument size (pageexec@...email.hu)
Re: [PATCH 1/3] setup_arg_pages: diagnose excessive argument size (pageexec@...email.hu)
CVE request: mailscanner, multiple vulnerabilities (Raphael Geissert <geissert@...ian.org>)

September 12 (1 message)

CVE Request: pidgin-knotify remote command injection (Alex Legler <a3li@...too.org>)

September 13 (12 messages)

CVE Request: mailman (Huzaifa Sidhpurwala <huzaifas@...hat.com>)
CVE id request for non disclosed issue? (Pierre Joye <pierre.php@...il.com>)
Re: CVE id request for non disclosed issue? (Kyle Bader <kyle.bader@...il.com>)
Re: CVE Request: pidgin-knotify remote command injection (Josh Bressers <bressers@...hat.com>)
Re: CVE Request: mailman (Josh Bressers <bressers@...hat.com>)
Re: CVE id request for non disclosed issue? (Josh Bressers <bressers@...hat.com>)
Re: CVE id requests: drupal (Josh Bressers <bressers@...hat.com>)
Re: CVE Request: mailman ("Steven M. Christey" <coley@...us.mitre.org>)
Re: CVE request: mailscanner, multiple vulnerabilities (Josh Bressers <bressers@...hat.com>)
Re: CVE Request: mailman (Josh Bressers <bressers@...hat.com>)
Re: [Security] Re: /proc infoleaks (Willy Tarreau <w@....eu>)
Re: CVE Request: mailman ("Steven M. Christey" <coley@...us.mitre.org>)

September 14 (19 messages)

CVE request: xss in pecl-apc before 3.1.4 (Hanno Böck <hanno@...eck.de>)
CVE request: kernel: numerous infoleaks (Eugene Teo <eugene@...hat.com>)
Re: [PATCH 2/2] execve: check the VM has enough memory at first (KOSAKI Motohiro <kosaki.motohiro@...fujitsu.com>)
CVE request: padding oracle attack: ruby on rails 2.3, owasp esapi (Thomas Biege <thomas@...e.de>)
Re: [PATCH 1/3] setup_arg_pages: diagnose excessive argument size (Roland McGrath <roland@...hat.com>)
Re: CVE request: xss in pecl-apc before 3.1.4 (Josh Bressers <bressers@...hat.com>)
Re: CVE request: kernel: numerous infoleaks (Josh Bressers <bressers@...hat.com>)
Re: CVE request: xss in pecl-apc before 3.1.4 (Pierre Joye <pierre.php@...il.com>)
Re: [PATCH 1/3] setup_arg_pages: diagnose excessive argument size (Roland McGrath <roland@...hat.com>)
Re: CVE request: padding oracle attack: ruby on rails 2.3, owasp esapi (Josh Bressers <bressers@...hat.com>)
Re: [PATCH 1/3] setup_arg_pages: diagnose excessive argument size (pageexec@...email.hu)
CVE request: mantis before 1.2.3 (XSS) (Hanno Böck <hanno@...eck.de>)
Re: CVE request: mantis before 1.2.3 (XSS) (Hanno Böck <hanno@...eck.de>)
Re: [PATCH 1/3] setup_arg_pages: diagnose excessive argument size (Roland McGrath <roland@...hat.com>)
Re: [PATCH 1/3] setup_arg_pages: diagnose excessive argument size (pageexec@...email.hu)
Re: [PATCH 1/3] setup_arg_pages: diagnose excessive argument size (pageexec@...email.hu)
Re: [PATCH 1/3] setup_arg_pages: diagnose excessive argument size (Roland McGrath <roland@...hat.com>)
Re: CVE request: mantis before 1.2.3 (XSS) (Kurt Seifried <kurt@...fried.org>)
Re: CVE request: mantis before 1.2.3 (XSS) (Kurt Seifried <kurt@...fried.org>)

September 15 (2 messages)

Re: [PATCH 1/3] setup_arg_pages: diagnose excessive argument size (pageexec@...email.hu)
Re: CVE request: kernel: numerous infoleaks (Dan Rosenberg <dan.j.rosenberg@...il.com>)

September 16 (17 messages)

CVE-2010-3301 kernel: IA32 System Call Entry Point Vulnerability (Eugene Teo <eugeneteo@...nel.sg>)
CVE-2010-3081 kernel: 64-bit Compatibility Mode Stack Pointer Underflow (Eugene Teo <eugeneteo@...nel.sg>)
Re: CVE-2010-3301 kernel: IA32 System Call Entry Point Vulnerability (Eugene Teo <eugeneteo@...nel.sg>)
Re: [PATCH] move cred_guard_mutex from task_struct to signal_struct (KOSAKI Motohiro <kosaki.motohiro@...fujitsu.com>)
Re: [PATCH 2/2] execve: check the VM has enough memory at first (KOSAKI Motohiro <kosaki.motohiro@...fujitsu.com>)
[PATCH 0/4] oom fixes for 2.6.36 (KOSAKI Motohiro <kosaki.motohiro@...fujitsu.com>)
[PATCH 3/4] move cred_guard_mutex from task_struct to signal_struct (KOSAKI Motohiro <kosaki.motohiro@...fujitsu.com>)
[PATCH 1/4] oom: remove totalpage normalization from oom_badness() (KOSAKI Motohiro <kosaki.motohiro@...fujitsu.com>)
[PATCH 2/4] Revert "oom: deprecate oom_adj tunable" (KOSAKI Motohiro <kosaki.motohiro@...fujitsu.com>)
[PATCH 4/4] oom: don't ignore rss in nascent mm (KOSAKI Motohiro <kosaki.motohiro@...fujitsu.com>)
Re: [PATCH 1/4] oom: remove totalpage normalization from oom_badness() (David Rientjes <rientjes@...gle.com>)
Re: [PATCH 1/4] oom: remove totalpage normalization from oom_badness() (KOSAKI Motohiro <kosaki.motohiro@...fujitsu.com>)
Re: [PATCH 1/4] oom: remove totalpage normalization from oom_badness() (Pekka Enberg <penberg@...nel.org>)
CVE-identifier request for Dovecot ACL security bug (Henri Salo <henri@...v.fi>)
Re: [PATCH 4/4] oom: don't ignore rss in nascent mm (Oleg Nesterov <oleg@...hat.com>)
Re: CVE request: mantis before 1.2.3 (XSS) (Josh Bressers <bressers@...hat.com>)
Re: CVE-identifier request for Dovecot ACL security bug (Josh Bressers <bressers@...hat.com>)

September 17 (13 messages)

CVE request: pixelpost (Raphael Geissert <geissert@...ian.org>)
Re: [PATCH 2/2] execve: check the VM has enough memory at first (Linus Torvalds <torvalds@...ux-foundation.org>)
CVE request: weborf: directory traversal (Raphael Geissert <geissert@...ian.org>)
[oCERT-2010-003] Free Simple CMS path sanitization errors (Andrea Barisani <lcars@...rt.org>)
CVE request: epiphany not checking ssl certs (Hanno Böck <hanno@...eck.de>)
Re: CVE request: epiphany not checking ssl certs (Tomas Hoger <thoger@...hat.com>)
Re: CVE request: pixelpost (Josh Bressers <bressers@...hat.com>)
Re: CVE request: weborf: directory traversal (Josh Bressers <bressers@...hat.com>)
Re: CVE request: pixelpost (Raphael Geissert <geissert@...ian.org>)
Re: CVE request: epiphany not checking ssl certs (Josh Bressers <bressers@...hat.com>)
Re: [oCERT-2010-003] Free Simple CMS path sanitization errors (Josh Bressers <bressers@...hat.com>)
Re: CVE request: epiphany not checking ssl certs ("Steven M. Christey" <coley@...us.mitre.org>)
Re: CVE request: epiphany not checking ssl certs (Michael Gilbert <michael.s.gilbert@...il.com>)

September 20 (2 messages)

CVE request: egroupware remote code and xss (Hanno Böck <hanno@...eck.de>)
Re: CVE request: epiphany not checking ssl certs (Ludwig Nussel <ludwig.nussel@...e.de>)

September 21 (15 messages)

CVE request: kernel: Heap corruption in ROSE (Dan Rosenberg <dan.j.rosenberg@...il.com>)
Re: CVE request: kernel: Heap corruption in ROSE (Eugene Teo <eugene@...hat.com>)
Re: Minor security flaw with pam_xauth (Solar Designer <solar@...nwall.com>)
bzip2 CVE-2010-0405 integer overflow (Solar Designer <solar@...nwall.com>)
Re: CVE request: epiphany not checking ssl certs (Josh Bressers <bressers@...hat.com>)
Re: CVE request: padding oracle attack: ruby on rails 2.3, owasp esapi (Thomas Biege <thomas@...e.de>)
Re: CVE request: egroupware remote code and xss (Josh Bressers <bressers@...hat.com>)
Re: Minor security flaw with pam_xauth (Josh Bressers <bressers@...hat.com>)
Re: Minor security flaw with pam_xauth ("Steven M. Christey" <coley@...us.mitre.org>)
Re: Minor security flaw with pam_xauth (Josh Bressers <bressers@...hat.com>)
Re: Minor security flaw with pam_xauth (Solar Designer <solar@...nwall.com>)
Re: Minor security flaw with pam_xauth (Josh Bressers <bressers@...hat.com>)
Re: CVE request: padding oracle attack: ruby on rails 2.3, owasp esapi (Michael Koziarski <michael@...iarski.com>)
Re: CVE request: padding oracle attack: ruby on rails 2.3, owasp esapi ("Steven M. Christey" <coley@...us.mitre.org>)
Re: CVE request: padding oracle attack: ruby on rails 2.3, owasp esapi (Michael Koziarski <michael@...iarski.com>)

September 22 (3 messages)

CVE request: clamav < 0.96.3 pdf bounds checking (Hanno Böck <hanno@...eck.de>)
Re: CVE Request -- MySQL v5.1.49 -- multiple DoS flaws (Josh Bressers <bressers@...hat.com>)
Re: CVE Request -- Python -- accept() implementation in async core is broken => more subcases (Josh Bressers <bressers@...hat.com>)

September 24 (4 messages)

CVE Request -- Linux/SCTP DoS in sctp_packet_config() (dann frazier <dannf@...ian.org>)
Re: Minor security flaw with pam_xauth (Solar Designer <solar@...nwall.com>)
Re: CVE Request -- Python -- accept() implementation in async core is broken => more subcases ("Steven M. Christey" <coley@...us.mitre.org>)
Interesting kernel bug (Dan Rosenberg <dan.j.rosenberg@...il.com>)

September 25 (2 messages)

Re: CVE Request -- Linux/SCTP DoS in sctp_packet_config() (Eugene Teo <eugene@...hat.com>)
CVE request: multiple kernel stack memory disclosures (Dan Rosenberg <dan.j.rosenberg@...il.com>)

September 27 (11 messages)

Re: CVE Request -- Linux/SCTP DoS in sctp_packet_config() (Kurt Seifried <kurt@...fried.org>)
Re: [PATCH 4/4] oom: don't ignore rss in nascent mm (KOSAKI Motohiro <kosaki.motohiro@...fujitsu.com>)
Re: CVE Request 1, NSS 2, Qt: Doesn't handle wildcards in Common Name properly (Tomas Hoger <thoger@...hat.com>)
Re: Minor security flaw with pam_xauth (Vincent Danen <vdanen@...hat.com>)
Re: Minor security flaw with pam_xauth (Vincent Danen <vdanen@...hat.com>)
Re: CVE request: clamav < 0.96.3 pdf bounds checking (Josh Bressers <bressers@...hat.com>)
Re: Minor security flaw with pam_xauth (Solar Designer <solar@...nwall.com>)
Re: Minor security flaw with pam_xauth (Josh Bressers <bressers@...hat.com>)
Re: CVE request: multiple kernel stack memory disclosures (Josh Bressers <bressers@...hat.com>)
Re: Minor security flaw with pam_xauth (Solar Designer <solar@...nwall.com>)
CVE requests: POE::Component::IRC, Alien Arena, Babiloo, Typo3, abcm2ps, ModSecurity, Linux kernel (Moritz Muehlenhoff <jmm@...ian.org>)

September 28 (10 messages)

Re: CVE requests: POE::Component::IRC, Alien Arena, Babiloo, Typo3, abcm2ps, ModSecurity, Linux kernel (Eugene Teo <eugene@...hat.com>)
CVE request - kernel: pktcdvd ioctl dev_minor missing range check (Eugene Teo <eugeneteo@...nel.sg>)
Re: CVE request: clamav < 0.96.3 pdf bounds checking (Ludwig Nussel <ludwig.nussel@...e.de>)
[oCERT-2010-004] FFmpeg/libavcodec arbitrary offset dereference (Andrea Barisani <lcars@...rt.org>)
Re: CVE request: clamav < 0.96.3 pdf bounds checking (Ludwig Nussel <ludwig.nussel@...e.de>)
Re: CVE request - kernel: pktcdvd ioctl dev_minor missing range check (Josh Bressers <bressers@...hat.com>)
Re: CVE requests: POE::Component::IRC, Alien Arena, Babiloo, Typo3, abcm2ps, ModSecurity, Linux kernel (Josh Bressers <bressers@...hat.com>)
Re: CVE requests: POE::Component::IRC, Alien Arena, Babiloo, Typo3, abcm2ps, ModSecurity, Linux kernel ("Steven M. Christey" <coley@...us.mitre.org>)
Re: CVE requests: POE::Component::IRC, Alien Arena, Babiloo, Typo3, abcm2ps, ModSecurity, Linux kernel ("Steven M. Christey" <coley@...us.mitre.org>)
Re: CVE Request -- MySQL v5.1.49 -- multiple DoS flaws ("Steven M. Christey" <coley@...us.mitre.org>)

September 29 (11 messages)

RFC: changing the behaviour of ld.so(8) regarding empty items on LD_LIBRARY_PATH (Raphael Geissert <geissert@...ian.org>)
CVE request - kernel: prevent heap corruption in snd_ctl_new() (Eugene Teo <eugene@...hat.com>)
Re: CVE request - kernel: prevent heap corruption in snd_ctl_new() (Marcus Meissner <meissner@...e.de>)
Re: CVE request - kernel: prevent heap corruption in snd_ctl_new() (Eugene Teo <eugene@...hat.com>)
Re: RFC: changing the behaviour of ld.so(8) regarding empty items on LD_LIBRARY_PATH (Tim Brown <timb@...-dimension.org.uk>)
CVE request - phpCAS: prevent symlink attacks, directory traversal and XSS during a proxy callback (Joachim Fritschi <fritschi@....tu-darmstadt.de>)
Re: CVE requests: POE::Component::IRC, Alien Arena, Babiloo, Typo3, abcm2ps, ModSecurity, Linux kernel (Moritz Muehlenhoff <jmm@...til.org>)
CVE requests: Poppler, Quassel, Pyfribidi, Overkill, DocUtils, FireGPG, Wireshark (Moritz Muehlenhoff <jmm@...ian.org>)
Re: CVE request - kernel: prevent heap corruption in snd_ctl_new() (Josh Bressers <bressers@...hat.com>)
Re: CVE requests: Poppler, Quassel, Pyfribidi, Overkill, DocUtils, FireGPG, Wireshark (Josh Bressers <bressers@...hat.com>)
CVE request: Horde Gollem <1.1.2 XSS in view.php (Alex Legler <a3li@...too.org>)

September 30 (8 messages)

Re: CVE requests: POE::Component::IRC, Alien Arena, Babiloo, Typo3, abcm2ps, ModSecurity, Linux kernel (Eugene Teo <eugene@...hat.com>)
Small exposure in ocfs2 fast symlinks. (Joel Becker <Joel.Becker@...cle.com>)
Re: Small exposure in ocfs2 fast symlinks. (Greg KH <greg@...ah.com>)
Re: Small exposure in ocfs2 fast symlinks. (Joel Becker <Joel.Becker@...cle.com>)
Re: CVE request: Horde Gollem <1.1.2 XSS in view.php (Josh Bressers <bressers@...hat.com>)
Re: CVE requests: POE::Component::IRC, Alien Arena, Babiloo, Typo3, abcm2ps, ModSecurity, Linux kernel (Josh Bressers <bressers@...hat.com>)
Re: CVE request: Horde Gollem <1.1.2 XSS in view.php (Moritz Muehlenhoff <jmm@...ian.org>)
Re: CVE request: Horde Gollem <1.1.2 XSS in view.php (Alex Legler <a3li@...too.org>)

203 messages

Powered by blists - more mailing lists

Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.

Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.