| Subject | Author | Date |
| Re: [oss-security] CVE request: Horde Gollem <1.1.2 XSS in view.php | Alex Legler | |
| Re: [oss-security] CVE request: Horde Gollem <1.1.2 XSS in view.php | Moritz Muehlenhoff | |
| Re: [oss-security] CVE requests: POE::Component::IRC, Alien Arena, Babiloo, Typo3, abcm2ps, ModSecurity, Linux kernel | Josh Bressers | |
| Re: [oss-security] CVE request: Horde Gollem <1.1.2 XSS in view.php | Josh Bressers | |
| Re: [oss-security] Small exposure in ocfs2 fast symlinks. | Joel Becker | |
| Re: [oss-security] Small exposure in ocfs2 fast symlinks. | Greg KH | |
| [oss-security] Small exposure in ocfs2 fast symlinks. | Joel Becker | |
| Re: [oss-security] CVE requests: POE::Component::IRC, Alien Arena, Babiloo, Typo3, abcm2ps, ModSecurity, Linux kernel | Eugene Teo | |
| [oss-security] CVE request: Horde Gollem <1.1.2 XSS in view.php | Alex Legler | |
| Re: [oss-security] CVE requests: Poppler, Quassel, Pyfribidi, Overkill, DocUtils, FireGPG, Wireshark | Josh Bressers | |
| Re: [oss-security] CVE request - kernel: prevent heap corruption in snd_ctl_new() | Josh Bressers | |
| [oss-security] CVE requests: Poppler, Quassel, Pyfribidi, Overkill, DocUtils, FireGPG, Wireshark | Moritz Muehlenhoff | |
| Re: [oss-security] CVE requests: POE::Component::IRC, Alien Arena, Babiloo, Typo3, abcm2ps, ModSecurity, Linux kernel | Moritz Muehlenhoff | |
| [oss-security] CVE request - phpCAS: prevent symlink attacks, directory traversal and XSS during a proxy callback | Joachim Fritschi | |
| Re: [oss-security] RFC: changing the behaviour of ld.so(8) regarding empty items on LD_LIBRARY_PATH | Tim Brown | |
| Re: [oss-security] CVE request - kernel: prevent heap corruption in snd_ctl_new() | Eugene Teo | |
| Re: [oss-security] CVE request - kernel: prevent heap corruption in snd_ctl_new() | Marcus Meissner | |
| [oss-security] CVE request - kernel: prevent heap corruption in snd_ctl_new() | Eugene Teo | |
| [oss-security] RFC: changing the behaviour of ld.so(8) regarding empty items on LD_LIBRARY_PATH | Raphael Geissert | |
| Re: [oss-security] CVE Request -- MySQL v5.1.49 -- multiple DoS flaws | Steven M. Christey | |
| Re: [oss-security] CVE requests: POE::Component::IRC, Alien Arena, Babiloo, Typo3, abcm2ps, ModSecurity, Linux kernel | Steven M. Christey | |
| Re: [oss-security] CVE requests: POE::Component::IRC, Alien Arena, Babiloo, Typo3, abcm2ps, ModSecurity, Linux kernel | Steven M. Christey | |
| Re: [oss-security] CVE requests: POE::Component::IRC, Alien Arena, Babiloo, Typo3, abcm2ps, ModSecurity, Linux kernel | Josh Bressers | |
| Re: [oss-security] CVE request - kernel: pktcdvd ioctl dev_minor missing range check | Josh Bressers | |
| Re: [oss-security] CVE request: clamav < 0.96.3 pdf bounds checking | Ludwig Nussel | |
| [oss-security] [oCERT-2010-004] FFmpeg/libavcodec arbitrary offset dereference | Andrea Barisani | |
| Re: [oss-security] CVE request: clamav < 0.96.3 pdf bounds checking | Ludwig Nussel | |
| [oss-security] CVE request - kernel: pktcdvd ioctl dev_minor missing range check | Eugene Teo | |
| Re: [oss-security] CVE requests: POE::Component::IRC, Alien Arena, Babiloo, Typo3, abcm2ps, ModSecurity, Linux kernel | Eugene Teo | |
| [oss-security] CVE requests: POE::Component::IRC, Alien Arena, Babiloo, Typo3, abcm2ps, ModSecurity, Linux kernel | Moritz Muehlenhoff | |
| Re: [oss-security] Minor security flaw with pam_xauth | Solar Designer | |
| Re: [oss-security] CVE request: multiple kernel stack memory disclosures | Josh Bressers | |
| Re: [oss-security] Minor security flaw with pam_xauth | Josh Bressers | |
| Re: [oss-security] Minor security flaw with pam_xauth | Solar Designer | |
| Re: [oss-security] CVE request: clamav < 0.96.3 pdf bounds checking | Josh Bressers | |
| Re: [oss-security] Minor security flaw with pam_xauth | Vincent Danen | |
| Re: [oss-security] Minor security flaw with pam_xauth | Vincent Danen | |
| Re: [oss-security] CVE Request 1, NSS 2, Qt: Doesn't handle wildcards in Common Name properly | Tomas Hoger | |
| [oss-security] Re: [PATCH 4/4] oom: don't ignore rss in nascent mm | KOSAKI Motohiro | |
| Re: [oss-security] CVE Request -- Linux/SCTP DoS in sctp_packet_config() | Kurt Seifried | |
| [oss-security] CVE request: multiple kernel stack memory disclosures | Dan Rosenberg | |
| Re: [oss-security] CVE Request -- Linux/SCTP DoS in sctp_packet_config() | Eugene Teo | |
| [oss-security] Interesting kernel bug | Dan Rosenberg | |
| Re: [oss-security] CVE Request -- Python -- accept() implementation in async core is broken => more subcases | Steven M. Christey | |
| Re: [oss-security] Minor security flaw with pam_xauth | Solar Designer | |
| [oss-security] CVE Request -- Linux/SCTP DoS in sctp_packet_config() | dann frazier | |
| Re: [oss-security] CVE Request -- Python -- accept() implementation in async core is broken => more subcases | Josh Bressers | |
| Re: [oss-security] CVE Request -- MySQL v5.1.49 -- multiple DoS flaws | Josh Bressers | |
| [oss-security] CVE request: clamav < 0.96.3 pdf bounds checking | Hanno Böck | |
| Re: [oss-security] CVE request: padding oracle attack: ruby on rails 2.3, owasp esapi | Michael Koziarski | |
| Re: [oss-security] CVE request: padding oracle attack: ruby on rails 2.3, owasp esapi | Steven M. Christey | |
| Re: [oss-security] CVE request: padding oracle attack: ruby on rails 2.3, owasp esapi | Michael Koziarski | |
| Re: [oss-security] Minor security flaw with pam_xauth | Josh Bressers | |
| Re: [oss-security] Minor security flaw with pam_xauth | Solar Designer | |
| Re: [oss-security] Minor security flaw with pam_xauth | Josh Bressers | |
| Re: [oss-security] Minor security flaw with pam_xauth | Steven M. Christey | |
| Re: [oss-security] Minor security flaw with pam_xauth | Josh Bressers | |
| Re: [oss-security] CVE request: egroupware remote code and xss | Josh Bressers | |
| Re: [oss-security] CVE request: padding oracle attack: ruby on rails 2.3, owasp esapi | Thomas Biege | |
| Re: [oss-security] CVE request: epiphany not checking ssl certs | Josh Bressers | |
| [oss-security] bzip2 CVE-2010-0405 integer overflow | Solar Designer | |
| Re: [oss-security] Minor security flaw with pam_xauth | Solar Designer | |
| Re: [oss-security] CVE request: kernel: Heap corruption in ROSE | Eugene Teo | |
| [oss-security] CVE request: kernel: Heap corruption in ROSE | Dan Rosenberg | |
| Re: [oss-security] CVE request: epiphany not checking ssl certs | Ludwig Nussel | |
| [oss-security] CVE request: egroupware remote code and xss | Hanno Böck | |
| Re: [oss-security] CVE request: epiphany not checking ssl certs | Michael Gilbert | |
| Re: [oss-security] CVE request: epiphany not checking ssl certs | Steven M. Christey | |
| Re: [oss-security] [oCERT-2010-003] Free Simple CMS path sanitization errors | Josh Bressers | |
| Re: [oss-security] CVE request: epiphany not checking ssl certs | Josh Bressers | |
| [oss-security] Re: CVE request: pixelpost | Raphael Geissert | |
| Re: [oss-security] CVE request: weborf: directory traversal | Josh Bressers | |
| Re: [oss-security] CVE request: pixelpost | Josh Bressers | |
| Re: [oss-security] CVE request: epiphany not checking ssl certs | Tomas Hoger | |
| [oss-security] CVE request: epiphany not checking ssl certs | Hanno Böck | |
| [oss-security] [oCERT-2010-003] Free Simple CMS path sanitization errors | Andrea Barisani | |
| [oss-security] CVE request: weborf: directory traversal | Raphael Geissert | |
| [oss-security] Re: [PATCH 2/2] execve: check the VM has enough memory at first | Linus Torvalds | |
| [oss-security] CVE request: pixelpost | Raphael Geissert | |
| Re: [oss-security] CVE-identifier request for Dovecot ACL security bug | Josh Bressers | |
| Re: [oss-security] CVE request: mantis before 1.2.3 (XSS) | Josh Bressers | |
| [oss-security] Re: [PATCH 4/4] oom: don't ignore rss in nascent mm | Oleg Nesterov | |
| [oss-security] CVE-identifier request for Dovecot ACL security bug | Henri Salo | |
| [oss-security] Re: [PATCH 1/4] oom: remove totalpage normalization from oom_badness() | Pekka Enberg | |
| [oss-security] Re: [PATCH 1/4] oom: remove totalpage normalization from oom_badness() | KOSAKI Motohiro | |
| [oss-security] Re: [PATCH 1/4] oom: remove totalpage normalization from oom_badness() | David Rientjes | |
| [oss-security] [PATCH 4/4] oom: don't ignore rss in nascent mm | KOSAKI Motohiro | |
| [oss-security] [PATCH 2/4] Revert "oom: deprecate oom_adj tunable" | KOSAKI Motohiro | |
| [oss-security] [PATCH 1/4] oom: remove totalpage normalization from oom_badness() | KOSAKI Motohiro | |
| [oss-security] [PATCH 3/4] move cred_guard_mutex from task_struct to signal_struct | KOSAKI Motohiro | |
| [oss-security] [PATCH 0/4] oom fixes for 2.6.36 | KOSAKI Motohiro | |
| [oss-security] Re: [PATCH 2/2] execve: check the VM has enough memory at first | KOSAKI Motohiro | |
| [oss-security] Re: [PATCH] move cred_guard_mutex from task_struct to signal_struct | KOSAKI Motohiro | |
| Re: [oss-security] CVE-2010-3301 kernel: IA32 System Call Entry Point Vulnerability | Eugene Teo | |
| [oss-security] CVE-2010-3081 kernel: 64-bit Compatibility Mode Stack Pointer Underflow | Eugene Teo | |
| [oss-security] CVE-2010-3301 kernel: IA32 System Call Entry Point Vulnerability | Eugene Teo | |
| Re: [oss-security] CVE request: kernel: numerous infoleaks | Dan Rosenberg | |
| [oss-security] Re: [PATCH 1/3] setup_arg_pages: diagnose excessive argument size | pageexec_at_nospam | |
| Re: [oss-security] CVE request: mantis before 1.2.3 (XSS) | Kurt Seifried | |
| Re: [oss-security] CVE request: mantis before 1.2.3 (XSS) | Kurt Seifried | |
| [oss-security] Re: [PATCH 1/3] setup_arg_pages: diagnose excessive argument size | Roland McGrath | |
| [oss-security] Re: [PATCH 1/3] setup_arg_pages: diagnose excessive argument size | pageexec_at_nospam | |
| [oss-security] Re: [PATCH 1/3] setup_arg_pages: diagnose excessive argument size | pageexec_at_nospam | |
| [oss-security] Re: [PATCH 1/3] setup_arg_pages: diagnose excessive argument size | Roland McGrath | |
| Re: [oss-security] CVE request: mantis before 1.2.3 (XSS) | Hanno Böck | |
| [oss-security] CVE request: mantis before 1.2.3 (XSS) | Hanno Böck | |
| [oss-security] Re: [PATCH 1/3] setup_arg_pages: diagnose excessive argument size | pageexec_at_nospam | |
| Re: [oss-security] CVE request: padding oracle attack: ruby on rails 2.3, owasp esapi | Josh Bressers | |
| [oss-security] Re: [PATCH 1/3] setup_arg_pages: diagnose excessive argument size | Roland McGrath | |
| Re: [oss-security] CVE request: xss in pecl-apc before 3.1.4 | Pierre Joye | |
| Re: [oss-security] CVE request: kernel: numerous infoleaks | Josh Bressers | |
| Re: [oss-security] CVE request: xss in pecl-apc before 3.1.4 | Josh Bressers | |
| [oss-security] Re: [PATCH 1/3] setup_arg_pages: diagnose excessive argument size | Roland McGrath | |
| [oss-security] CVE request: padding oracle attack: ruby on rails 2.3, owasp esapi | Thomas Biege | |
| [oss-security] Re: [PATCH 2/2] execve: check the VM has enough memory at first | KOSAKI Motohiro | |
| [oss-security] CVE request: kernel: numerous infoleaks | Eugene Teo | |
| [oss-security] CVE request: xss in pecl-apc before 3.1.4 | Hanno Böck | |
| Re: [oss-security] CVE Request: mailman | Steven M. Christey | |
| [oss-security] Re: [Security] [oss-security] Re: /proc infoleaks | Willy Tarreau | |
| Re: [oss-security] CVE Request: mailman | Josh Bressers | |
| Re: [oss-security] CVE request: mailscanner, multiple vulnerabilities | Josh Bressers | |
| Re: [oss-security] CVE Request: mailman | Steven M. Christey | |
| Re: [oss-security] CVE id requests: drupal | Josh Bressers | |
| Re: [oss-security] CVE id request for non disclosed issue? | Josh Bressers | |
| Re: [oss-security] CVE Request: mailman | Josh Bressers | |
| Re: [oss-security] CVE Request: pidgin-knotify remote command injection | Josh Bressers | |
| Re: [oss-security] CVE id request for non disclosed issue? | Kyle Bader | |
| [oss-security] CVE id request for non disclosed issue? | Pierre Joye | |
| [oss-security] CVE Request: mailman | Huzaifa Sidhpurwala | |
| [oss-security] CVE Request: pidgin-knotify remote command injection | Alex Legler | |
| [oss-security] CVE request: mailscanner, multiple vulnerabilities | Raphael Geissert | |
| [oss-security] Re: [PATCH 1/3] setup_arg_pages: diagnose excessive argument size | pageexec_at_nospam | |
| [oss-security] Re: [PATCH 1/3] setup_arg_pages: diagnose excessive argument size | pageexec_at_nospam | |
| [oss-security] CVE id requests: drupal | Steffen Joeris | |
| Re: [oss-security] CVE Request -- MySQL v5.1.49 -- multiple DoS flaws | Josh Bressers | |
| Re: [oss-security] CVE request: mednafen stack manipulation | Josh Bressers | |
| Re: [oss-security] CVE Request -- Python -- accept() implementation in async core is broken => more subcases | Josh Bressers | |
| Re: [oss-security] CVE request: kernel: niu buffer overflow for ETHTOOL_GRXCLSRLALL | Josh Bressers | |
| [oss-security] Re: [PATCH] move cred_guard_mutex from task_struct to signal_struct | Oleg Nesterov | |
| [oss-security] Re: [PATCH 2/2] execve: check the VM has enough memory at first | Linus Torvalds | |
| [oss-security] [PATCH] move cred_guard_mutex from task_struct to signal_struct | KOSAKI Motohiro | |
| [oss-security] Re: [PATCH 1/3] setup_arg_pages: diagnose excessive argument size | KOSAKI Motohiro | |
| [oss-security] Re: [PATCH 1/2] oom: don't ignore rss in nascent mm | Roland McGrath | |
| [oss-security] Re: [PATCH 1/3] setup_arg_pages: diagnose excessive argument size | Roland McGrath | |
| [oss-security] Re: [PATCH 1/3] setup_arg_pages: diagnose excessive argument size | Roland McGrath | |
| [oss-security] Re: [PATCH 1/3] setup_arg_pages: diagnose excessive argument size | Roland McGrath | |
| [oss-security] CVE request: mednafen stack manipulation | Hanno Böck | |
| [oss-security] CVE Assignment: django | Josh Bressers | |
| [oss-security] CVE Request -- Python -- accept() implementation in async core is broken => more subcases | Jan Lieskovsky | |
| [oss-security] Re: [PATCH 1/3] setup_arg_pages: diagnose excessive argument size | KOSAKI Motohiro | |
| [oss-security] [PATCH 2/2] execve: check the VM has enough memory at first | KOSAKI Motohiro | |
| [oss-security] [PATCH 1/2] oom: don't ignore rss in nascent mm | KOSAKI Motohiro | |
| [oss-security] [PATCH 0/2] execve memory exhaust of argument-copying fixes | KOSAKI Motohiro | |
| [oss-security] CVE request: kernel: niu buffer overflow for ETHTOOL_GRXCLSRLALL | Eugene Teo | |
| Re: [oss-security] CVE Request -- phpMyAdmin (x < v3.3.7) -- XSS in setup script (PMASA-2010-7) | Steven M. Christey | |
| [oss-security] CVE Request -- phpMyAdmin (x < v3.3.7) -- XSS in setup script (PMASA-2010-7) | Jan Lieskovsky | |
| Re: [oss-security] Re: [Security] [oss-security] Re: /proc infoleaks | Brad Spengler | |
| [oss-security] CVE-2010-3080 kernel: /dev/sequencer open failure is not handled correctly | Eugene Teo | |
| Re: [oss-security] Re: [Security] [oss-security] Re: /proc infoleaks | Sebastian Krahmer | |
| [oss-security] Re: [PATCH 0/3] execve argument-copying fixes | KOSAKI Motohiro | |
| [oss-security] [PATCH 3/3] execve: make responsive to SIGKILL with large arguments | Roland McGrath | |
| [oss-security] [PATCH 2/3] execve: improve interactivity with large arguments | Roland McGrath | |
| [oss-security] [PATCH 1/3] setup_arg_pages: diagnose excessive argument size | Roland McGrath | |
| [oss-security] [PATCH 0/3] execve argument-copying fixes | Roland McGrath | |
| [oss-security] Re: [Security] [oss-security] Re: /proc infoleaks | Linus Torvalds | |
| [oss-security] Re: [Security] [oss-security] Re: /proc infoleaks | Brad Spengler | |
| [oss-security] Re: [Security] [oss-security] Re: /proc infoleaks | Andrew Morton | |
| Re: [oss-security] Re: [Security] /proc infoleaks | Andrew Morton | |
| Re: [oss-security] Re: [Security] /proc infoleaks | Jon Oberheide | |
| Re: [oss-security] CVE request: kernel: xfs: XFS_IOC_FSGETXATTR ioctl memory leak | Josh Bressers | |
| Re: [oss-security] CVE Request -- Horde v3.3.8 -- XSS in icon_browser.php due improper sanitization of 'subdir' URL parameter | Josh Bressers | |
| Re: [oss-security] CVE request: smbind Sql Injection | Josh Bressers | |
| Re: [oss-security] Re: [Security] /proc infoleaks | Marcus Meissner | |
| Re: [oss-security] CVE Request -- EncFS / fuse-encfs [three ids] -- Multiple Vulnerabilities in EncFS | Josh Bressers | |
| Re: [oss-security] CVE Request -- Squid -- Denial of service due internal error in string handling (SQUID-2010:3) | Josh Bressers | |
| Re: [oss-security] CVE Request -- Bip -- Remote Dos (crash) by exchanging user credentials | Josh Bressers | |
| [oss-security] Re: [Security] /proc infoleaks | Andrew Morton | |
| Re: [oss-security] CVE request: XSS in nusoap | Josh Bressers | |
| [oss-security] Re: [Security] /proc infoleaks | Sebastian Krahmer | |
| [oss-security] /proc infoleaks | Sebastian Krahmer | |
| [oss-security] CVE request: kernel: xfs: XFS_IOC_FSGETXATTR ioctl memory leak | Eugene Teo | |
| Re: [oss-security] CVE Request 1, NSS 2, Qt: Doesn't handle wildcards in Common Name properly | Florian Weimer | |
| [oss-security] CVE Request -- Horde v3.3.8 -- XSS in icon_browser.php due improper sanitization of 'subdir' URL parameter | Jan Lieskovsky | |
| [oss-security] Re: CVE Request -- EncFS / fuse-encfs [three ids] -- Multiple Vulnerabilities in EncFS | Valient Gough | |
| [oss-security] CVE request: smbind Sql Injection | Giuseppe Iuculano | |
| Re: [oss-security] CVE Request 1, NSS 2, Qt: Doesn't handle wildcards in Common Name properly | Richard Moore | |
| [oss-security] CVE Request -- EncFS / fuse-encfs [three ids] -- Multiple Vulnerabilities in EncFS | Jan Lieskovsky | |
| [oss-security] CVE Request -- Squid -- Denial of service due internal error in string handling (SQUID-2010:3) | Jan Lieskovsky | |
| [oss-security] CVE Request -- Bip -- Remote Dos (crash) by exchanging user credentials | Jan Lieskovsky | |
| Re: [oss-security] CVE Request 1, NSS 2, Qt: Doesn't handle wildcards in Common Name properly | Joe Orton | |
| Re: [oss-security] CVE Request 1, NSS 2, Qt: Doesn't handle wildcards in Common Name properly | Reed Loden | |
| Re: [oss-security] CVE Request 1, NSS 2, Qt: Doesn't handle wildcards in Common Name properly | Julien Cristau | |
| Re: [oss-security] CVE Request 1, NSS 2, Qt: Doesn't handle wildcards in Common Name properly | Reed Loden | |
| [oss-security] CVE request: XSS in nusoap | Raphael Geissert | |
| [oss-security] CVE Request 1, NSS 2, Qt: Doesn't handle wildcards in Common Name properly | Jan Lieskovsky | |
| Re: [oss-security] CVE id request: libc fortify source information disclosure | Dan Rosenberg | |
| Re: [oss-security] CVE id request: libc fortify source information disclosure | Tomas Hoger | |
| Re: [oss-security] CVE id request: libc fortify source information disclosure | Dan Rosenberg | |
| Re: [oss-security] CVE id request: libc fortify source information disclosure | Tomas Hoger | |
| [oss-security] CVE-2010-2960 kernel: keyctl_session_to_parent null ptr deref | Eugene Teo | |
| Re: [oss-security] CVE Request -- phpMyAdmin - v3.6.6 -- XSS attack using debugging messages (CVE-2010-3056 discussion) | Josh Bressers | |
| [oss-security] CVE Request -- phpMyAdmin - v3.6.6 -- XSS attack using debugging messages (CVE-2010-3056 discussion) | Jan Lieskovsky | |
| [oss-security] CVE-2010-2954 kernel: irda null ptr deref | Eugene Teo | |
