oss-security September 2010 archive
Main Archive Page > Month Archives  > oss-security archives
oss-security: By Date

oss-security By Date

SubjectAuthorDate
Re: [oss-security] CVE request: Horde Gollem <1.1.2 XSS in view.phpAlex Legler
Re: [oss-security] CVE request: Horde Gollem <1.1.2 XSS in view.phpMoritz Muehlenhoff
Re: [oss-security] CVE requests: POE::Component::IRC, Alien Arena, Babiloo, Typo3, abcm2ps, ModSecurity, Linux kernelJosh Bressers
Re: [oss-security] CVE request: Horde Gollem <1.1.2 XSS in view.phpJosh Bressers
Re: [oss-security] Small exposure in ocfs2 fast symlinks.Joel Becker
Re: [oss-security] Small exposure in ocfs2 fast symlinks.Greg KH
[oss-security] Small exposure in ocfs2 fast symlinks.Joel Becker
Re: [oss-security] CVE requests: POE::Component::IRC, Alien Arena, Babiloo, Typo3, abcm2ps, ModSecurity, Linux kernelEugene Teo
[oss-security] CVE request: Horde Gollem <1.1.2 XSS in view.phpAlex Legler
Re: [oss-security] CVE requests: Poppler, Quassel, Pyfribidi, Overkill, DocUtils, FireGPG, WiresharkJosh Bressers
Re: [oss-security] CVE request - kernel: prevent heap corruption in snd_ctl_new()Josh Bressers
[oss-security] CVE requests: Poppler, Quassel, Pyfribidi, Overkill, DocUtils, FireGPG, WiresharkMoritz Muehlenhoff
Re: [oss-security] CVE requests: POE::Component::IRC, Alien Arena, Babiloo, Typo3, abcm2ps, ModSecurity, Linux kernelMoritz Muehlenhoff
[oss-security] CVE request - phpCAS: prevent symlink attacks, directory traversal and XSS during a proxy callbackJoachim Fritschi
Re: [oss-security] RFC: changing the behaviour of ld.so(8) regarding empty items on LD_LIBRARY_PATHTim Brown
Re: [oss-security] CVE request - kernel: prevent heap corruption in snd_ctl_new()Eugene Teo
Re: [oss-security] CVE request - kernel: prevent heap corruption in snd_ctl_new()Marcus Meissner
[oss-security] CVE request - kernel: prevent heap corruption in snd_ctl_new()Eugene Teo
[oss-security] RFC: changing the behaviour of ld.so(8) regarding empty items on LD_LIBRARY_PATHRaphael Geissert
Re: [oss-security] CVE Request -- MySQL v5.1.49 -- multiple DoS flawsSteven M. Christey
Re: [oss-security] CVE requests: POE::Component::IRC, Alien Arena, Babiloo, Typo3, abcm2ps, ModSecurity, Linux kernelSteven M. Christey
Re: [oss-security] CVE requests: POE::Component::IRC, Alien Arena, Babiloo, Typo3, abcm2ps, ModSecurity, Linux kernelSteven M. Christey
Re: [oss-security] CVE requests: POE::Component::IRC, Alien Arena, Babiloo, Typo3, abcm2ps, ModSecurity, Linux kernelJosh Bressers
Re: [oss-security] CVE request - kernel: pktcdvd ioctl dev_minor missing range checkJosh Bressers
Re: [oss-security] CVE request: clamav < 0.96.3 pdf bounds checkingLudwig Nussel
[oss-security] [oCERT-2010-004] FFmpeg/libavcodec arbitrary offset dereferenceAndrea Barisani
Re: [oss-security] CVE request: clamav < 0.96.3 pdf bounds checkingLudwig Nussel
[oss-security] CVE request - kernel: pktcdvd ioctl dev_minor missing range checkEugene Teo
Re: [oss-security] CVE requests: POE::Component::IRC, Alien Arena, Babiloo, Typo3, abcm2ps, ModSecurity, Linux kernelEugene Teo
[oss-security] CVE requests: POE::Component::IRC, Alien Arena, Babiloo, Typo3, abcm2ps, ModSecurity, Linux kernelMoritz Muehlenhoff
Re: [oss-security] Minor security flaw with pam_xauthSolar Designer
Re: [oss-security] CVE request: multiple kernel stack memory disclosuresJosh Bressers
Re: [oss-security] Minor security flaw with pam_xauthJosh Bressers
Re: [oss-security] Minor security flaw with pam_xauthSolar Designer
Re: [oss-security] CVE request: clamav < 0.96.3 pdf bounds checkingJosh Bressers
Re: [oss-security] Minor security flaw with pam_xauthVincent Danen
Re: [oss-security] Minor security flaw with pam_xauthVincent Danen
Re: [oss-security] CVE Request 1, NSS 2, Qt: Doesn't handle wildcards in Common Name properlyTomas Hoger
[oss-security] Re: [PATCH 4/4] oom: don't ignore rss in nascent mmKOSAKI Motohiro
Re: [oss-security] CVE Request -- Linux/SCTP DoS in sctp_packet_config()Kurt Seifried
[oss-security] CVE request: multiple kernel stack memory disclosuresDan Rosenberg
Re: [oss-security] CVE Request -- Linux/SCTP DoS in sctp_packet_config()Eugene Teo
[oss-security] Interesting kernel bugDan Rosenberg
Re: [oss-security] CVE Request -- Python -- accept() implementation in async core is broken => more subcasesSteven M. Christey
Re: [oss-security] Minor security flaw with pam_xauthSolar Designer
[oss-security] CVE Request -- Linux/SCTP DoS in sctp_packet_config()dann frazier
Re: [oss-security] CVE Request -- Python -- accept() implementation in async core is broken => more subcasesJosh Bressers
Re: [oss-security] CVE Request -- MySQL v5.1.49 -- multiple DoS flawsJosh Bressers
[oss-security] CVE request: clamav < 0.96.3 pdf bounds checkingHanno Böck
Re: [oss-security] CVE request: padding oracle attack: ruby on rails 2.3, owasp esapiMichael Koziarski
Re: [oss-security] CVE request: padding oracle attack: ruby on rails 2.3, owasp esapiSteven M. Christey
Re: [oss-security] CVE request: padding oracle attack: ruby on rails 2.3, owasp esapiMichael Koziarski
Re: [oss-security] Minor security flaw with pam_xauthJosh Bressers
Re: [oss-security] Minor security flaw with pam_xauthSolar Designer
Re: [oss-security] Minor security flaw with pam_xauthJosh Bressers
Re: [oss-security] Minor security flaw with pam_xauthSteven M. Christey
Re: [oss-security] Minor security flaw with pam_xauthJosh Bressers
Re: [oss-security] CVE request: egroupware remote code and xssJosh Bressers
Re: [oss-security] CVE request: padding oracle attack: ruby on rails 2.3, owasp esapiThomas Biege
Re: [oss-security] CVE request: epiphany not checking ssl certsJosh Bressers
[oss-security] bzip2 CVE-2010-0405 integer overflowSolar Designer
Re: [oss-security] Minor security flaw with pam_xauthSolar Designer
Re: [oss-security] CVE request: kernel: Heap corruption in ROSEEugene Teo
[oss-security] CVE request: kernel: Heap corruption in ROSEDan Rosenberg
Re: [oss-security] CVE request: epiphany not checking ssl certsLudwig Nussel
[oss-security] CVE request: egroupware remote code and xssHanno Böck
Re: [oss-security] CVE request: epiphany not checking ssl certsMichael Gilbert
Re: [oss-security] CVE request: epiphany not checking ssl certsSteven M. Christey
Re: [oss-security] [oCERT-2010-003] Free Simple CMS path sanitization errorsJosh Bressers
Re: [oss-security] CVE request: epiphany not checking ssl certsJosh Bressers
[oss-security] Re: CVE request: pixelpostRaphael Geissert
Re: [oss-security] CVE request: weborf: directory traversalJosh Bressers
Re: [oss-security] CVE request: pixelpostJosh Bressers
Re: [oss-security] CVE request: epiphany not checking ssl certsTomas Hoger
[oss-security] CVE request: epiphany not checking ssl certsHanno Böck
[oss-security] [oCERT-2010-003] Free Simple CMS path sanitization errorsAndrea Barisani
[oss-security] CVE request: weborf: directory traversalRaphael Geissert
[oss-security] Re: [PATCH 2/2] execve: check the VM has enough memory at firstLinus Torvalds
[oss-security] CVE request: pixelpostRaphael Geissert
Re: [oss-security] CVE-identifier request for Dovecot ACL security bugJosh Bressers
Re: [oss-security] CVE request: mantis before 1.2.3 (XSS)Josh Bressers
[oss-security] Re: [PATCH 4/4] oom: don't ignore rss in nascent mmOleg Nesterov
[oss-security] CVE-identifier request for Dovecot ACL security bugHenri Salo
[oss-security] Re: [PATCH 1/4] oom: remove totalpage normalization from oom_badness()Pekka Enberg
[oss-security] Re: [PATCH 1/4] oom: remove totalpage normalization from oom_badness()KOSAKI Motohiro
[oss-security] Re: [PATCH 1/4] oom: remove totalpage normalization from oom_badness()David Rientjes
[oss-security] [PATCH 4/4] oom: don't ignore rss in nascent mmKOSAKI Motohiro
[oss-security] [PATCH 2/4] Revert "oom: deprecate oom_adj tunable"KOSAKI Motohiro
[oss-security] [PATCH 1/4] oom: remove totalpage normalization from oom_badness()KOSAKI Motohiro
[oss-security] [PATCH 3/4] move cred_guard_mutex from task_struct to signal_structKOSAKI Motohiro
[oss-security] [PATCH 0/4] oom fixes for 2.6.36KOSAKI Motohiro
[oss-security] Re: [PATCH 2/2] execve: check the VM has enough memory at firstKOSAKI Motohiro
[oss-security] Re: [PATCH] move cred_guard_mutex from task_struct to signal_structKOSAKI Motohiro
Re: [oss-security] CVE-2010-3301 kernel: IA32 System Call Entry Point VulnerabilityEugene Teo
[oss-security] CVE-2010-3081 kernel: 64-bit Compatibility Mode Stack Pointer UnderflowEugene Teo
[oss-security] CVE-2010-3301 kernel: IA32 System Call Entry Point VulnerabilityEugene Teo
Re: [oss-security] CVE request: kernel: numerous infoleaksDan Rosenberg
[oss-security] Re: [PATCH 1/3] setup_arg_pages: diagnose excessive argument sizepageexec_at_nospam
Re: [oss-security] CVE request: mantis before 1.2.3 (XSS)Kurt Seifried
Re: [oss-security] CVE request: mantis before 1.2.3 (XSS)Kurt Seifried
[oss-security] Re: [PATCH 1/3] setup_arg_pages: diagnose excessive argument sizeRoland McGrath
[oss-security] Re: [PATCH 1/3] setup_arg_pages: diagnose excessive argument sizepageexec_at_nospam
[oss-security] Re: [PATCH 1/3] setup_arg_pages: diagnose excessive argument sizepageexec_at_nospam
[oss-security] Re: [PATCH 1/3] setup_arg_pages: diagnose excessive argument sizeRoland McGrath
Re: [oss-security] CVE request: mantis before 1.2.3 (XSS)Hanno Böck
[oss-security] CVE request: mantis before 1.2.3 (XSS)Hanno Böck
[oss-security] Re: [PATCH 1/3] setup_arg_pages: diagnose excessive argument sizepageexec_at_nospam
Re: [oss-security] CVE request: padding oracle attack: ruby on rails 2.3, owasp esapiJosh Bressers
[oss-security] Re: [PATCH 1/3] setup_arg_pages: diagnose excessive argument sizeRoland McGrath
Re: [oss-security] CVE request: xss in pecl-apc before 3.1.4Pierre Joye
Re: [oss-security] CVE request: kernel: numerous infoleaksJosh Bressers
Re: [oss-security] CVE request: xss in pecl-apc before 3.1.4Josh Bressers
[oss-security] Re: [PATCH 1/3] setup_arg_pages: diagnose excessive argument sizeRoland McGrath
[oss-security] CVE request: padding oracle attack: ruby on rails 2.3, owasp esapiThomas Biege
[oss-security] Re: [PATCH 2/2] execve: check the VM has enough memory at firstKOSAKI Motohiro
[oss-security] CVE request: kernel: numerous infoleaksEugene Teo
[oss-security] CVE request: xss in pecl-apc before 3.1.4Hanno Böck
Re: [oss-security] CVE Request: mailmanSteven M. Christey
[oss-security] Re: [Security] [oss-security] Re: /proc infoleaksWilly Tarreau
Re: [oss-security] CVE Request: mailmanJosh Bressers
Re: [oss-security] CVE request: mailscanner, multiple vulnerabilitiesJosh Bressers
Re: [oss-security] CVE Request: mailmanSteven M. Christey
Re: [oss-security] CVE id requests: drupalJosh Bressers
Re: [oss-security] CVE id request for non disclosed issue?Josh Bressers
Re: [oss-security] CVE Request: mailmanJosh Bressers
Re: [oss-security] CVE Request: pidgin-knotify remote command injectionJosh Bressers
Re: [oss-security] CVE id request for non disclosed issue?Kyle Bader
[oss-security] CVE id request for non disclosed issue?Pierre Joye
[oss-security] CVE Request: mailmanHuzaifa Sidhpurwala
[oss-security] CVE Request: pidgin-knotify remote command injectionAlex Legler
[oss-security] CVE request: mailscanner, multiple vulnerabilitiesRaphael Geissert
[oss-security] Re: [PATCH 1/3] setup_arg_pages: diagnose excessive argument sizepageexec_at_nospam
[oss-security] Re: [PATCH 1/3] setup_arg_pages: diagnose excessive argument sizepageexec_at_nospam
[oss-security] CVE id requests: drupalSteffen Joeris
Re: [oss-security] CVE Request -- MySQL v5.1.49 -- multiple DoS flawsJosh Bressers
Re: [oss-security] CVE request: mednafen stack manipulationJosh Bressers
Re: [oss-security] CVE Request -- Python -- accept() implementation in async core is broken => more subcasesJosh Bressers
Re: [oss-security] CVE request: kernel: niu buffer overflow for ETHTOOL_GRXCLSRLALLJosh Bressers
[oss-security] Re: [PATCH] move cred_guard_mutex from task_struct to signal_structOleg Nesterov
[oss-security] Re: [PATCH 2/2] execve: check the VM has enough memory at firstLinus Torvalds
[oss-security] [PATCH] move cred_guard_mutex from task_struct to signal_structKOSAKI Motohiro
[oss-security] Re: [PATCH 1/3] setup_arg_pages: diagnose excessive argument sizeKOSAKI Motohiro
[oss-security] Re: [PATCH 1/2] oom: don't ignore rss in nascent mmRoland McGrath
[oss-security] Re: [PATCH 1/3] setup_arg_pages: diagnose excessive argument sizeRoland McGrath
[oss-security] Re: [PATCH 1/3] setup_arg_pages: diagnose excessive argument sizeRoland McGrath
[oss-security] Re: [PATCH 1/3] setup_arg_pages: diagnose excessive argument sizeRoland McGrath
[oss-security] CVE request: mednafen stack manipulationHanno Böck
[oss-security] CVE Assignment: djangoJosh Bressers
[oss-security] CVE Request -- Python -- accept() implementation in async core is broken => more subcasesJan Lieskovsky
[oss-security] Re: [PATCH 1/3] setup_arg_pages: diagnose excessive argument sizeKOSAKI Motohiro
[oss-security] [PATCH 2/2] execve: check the VM has enough memory at firstKOSAKI Motohiro
[oss-security] [PATCH 1/2] oom: don't ignore rss in nascent mmKOSAKI Motohiro
[oss-security] [PATCH 0/2] execve memory exhaust of argument-copying fixesKOSAKI Motohiro
[oss-security] CVE request: kernel: niu buffer overflow for ETHTOOL_GRXCLSRLALLEugene Teo
Re: [oss-security] CVE Request -- phpMyAdmin (x < v3.3.7) -- XSS in setup script (PMASA-2010-7)Steven M. Christey
[oss-security] CVE Request -- phpMyAdmin (x < v3.3.7) -- XSS in setup script (PMASA-2010-7)Jan Lieskovsky
Re: [oss-security] Re: [Security] [oss-security] Re: /proc infoleaksBrad Spengler
[oss-security] CVE-2010-3080 kernel: /dev/sequencer open failure is not handled correctlyEugene Teo
Re: [oss-security] Re: [Security] [oss-security] Re: /proc infoleaksSebastian Krahmer
[oss-security] Re: [PATCH 0/3] execve argument-copying fixesKOSAKI Motohiro
[oss-security] [PATCH 3/3] execve: make responsive to SIGKILL with large argumentsRoland McGrath
[oss-security] [PATCH 2/3] execve: improve interactivity with large argumentsRoland McGrath
[oss-security] [PATCH 1/3] setup_arg_pages: diagnose excessive argument sizeRoland McGrath
[oss-security] [PATCH 0/3] execve argument-copying fixesRoland McGrath
[oss-security] Re: [Security] [oss-security] Re: /proc infoleaksLinus Torvalds
[oss-security] Re: [Security] [oss-security] Re: /proc infoleaksBrad Spengler
[oss-security] Re: [Security] [oss-security] Re: /proc infoleaksAndrew Morton
Re: [oss-security] Re: [Security] /proc infoleaksAndrew Morton
Re: [oss-security] Re: [Security] /proc infoleaksJon Oberheide
Re: [oss-security] CVE request: kernel: xfs: XFS_IOC_FSGETXATTR ioctl memory leakJosh Bressers
Re: [oss-security] CVE Request -- Horde v3.3.8 -- XSS in icon_browser.php due improper sanitization of 'subdir' URL parameterJosh Bressers
Re: [oss-security] CVE request: smbind Sql InjectionJosh Bressers
Re: [oss-security] Re: [Security] /proc infoleaksMarcus Meissner
Re: [oss-security] CVE Request -- EncFS / fuse-encfs [three ids] -- Multiple Vulnerabilities in EncFSJosh Bressers
Re: [oss-security] CVE Request -- Squid -- Denial of service due internal error in string handling (SQUID-2010:3)Josh Bressers
Re: [oss-security] CVE Request -- Bip -- Remote Dos (crash) by exchanging user credentialsJosh Bressers
[oss-security] Re: [Security] /proc infoleaksAndrew Morton
Re: [oss-security] CVE request: XSS in nusoapJosh Bressers
[oss-security] Re: [Security] /proc infoleaksSebastian Krahmer
[oss-security] /proc infoleaksSebastian Krahmer
[oss-security] CVE request: kernel: xfs: XFS_IOC_FSGETXATTR ioctl memory leakEugene Teo
Re: [oss-security] CVE Request 1, NSS 2, Qt: Doesn't handle wildcards in Common Name properlyFlorian Weimer
[oss-security] CVE Request -- Horde v3.3.8 -- XSS in icon_browser.php due improper sanitization of 'subdir' URL parameterJan Lieskovsky
[oss-security] Re: CVE Request -- EncFS / fuse-encfs [three ids] -- Multiple Vulnerabilities in EncFSValient Gough
[oss-security] CVE request: smbind Sql InjectionGiuseppe Iuculano
Re: [oss-security] CVE Request 1, NSS 2, Qt: Doesn't handle wildcards in Common Name properlyRichard Moore
[oss-security] CVE Request -- EncFS / fuse-encfs [three ids] -- Multiple Vulnerabilities in EncFSJan Lieskovsky
[oss-security] CVE Request -- Squid -- Denial of service due internal error in string handling (SQUID-2010:3)Jan Lieskovsky
[oss-security] CVE Request -- Bip -- Remote Dos (crash) by exchanging user credentialsJan Lieskovsky
Re: [oss-security] CVE Request 1, NSS 2, Qt: Doesn't handle wildcards in Common Name properlyJoe Orton
Re: [oss-security] CVE Request 1, NSS 2, Qt: Doesn't handle wildcards in Common Name properlyReed Loden
Re: [oss-security] CVE Request 1, NSS 2, Qt: Doesn't handle wildcards in Common Name properlyJulien Cristau
Re: [oss-security] CVE Request 1, NSS 2, Qt: Doesn't handle wildcards in Common Name properlyReed Loden
[oss-security] CVE request: XSS in nusoapRaphael Geissert
[oss-security] CVE Request 1, NSS 2, Qt: Doesn't handle wildcards in Common Name properlyJan Lieskovsky
Re: [oss-security] CVE id request: libc fortify source information disclosureDan Rosenberg
Re: [oss-security] CVE id request: libc fortify source information disclosureTomas Hoger
Re: [oss-security] CVE id request: libc fortify source information disclosureDan Rosenberg
Re: [oss-security] CVE id request: libc fortify source information disclosureTomas Hoger
[oss-security] CVE-2010-2960 kernel: keyctl_session_to_parent null ptr derefEugene Teo
Re: [oss-security] CVE Request -- phpMyAdmin - v3.6.6 -- XSS attack using debugging messages (CVE-2010-3056 discussion)Josh Bressers
[oss-security] CVE Request -- phpMyAdmin - v3.6.6 -- XSS attack using debugging messages (CVE-2010-3056 discussion)Jan Lieskovsky
[oss-security] CVE-2010-2954 kernel: irda null ptr derefEugene Teo