oss-security December 2011 archive
Main Archive Page > Month Archives  > oss-security archives
oss-security: By Thread

oss-security By Thread

SubjectAuthor Date
[oss-security] mpack 1.6 allows eavesdropping on mails sent by other usersSebastian Pipping31 Dec 2011
Re: [oss-security] mpack 1.6 allows eavesdropping on mails sent by other usersKurt Seifried31 Dec 2011
--> Re: [oss-security] mpack 1.6 allows eavesdropping on mails sent by other usersSebastian Pipping31 Dec 2011
[oss-security] CVE-request: Elxis CMS two XSS-vulnerabilitiesHenri Salo30 Dec 2011
Re: [oss-security] CVE-request: Elxis CMS two XSS-vulnerabilitiesKurt Seifried31 Dec 2011
Re: [oss-security] Closed listSolar Designer29 Dec 2011
[oss-security] [oCERT-2011-003] multiple implementations denial-of-service via hash algorithm collisionAndrea Barisani28 Dec 2011
[oss-security] More CVEs? (was Re: [oss-security] [oCERT-2011-003] multiple implementations denial-of-service via hash algorithm collision)Hanno Böck29 Dec 2011
--> Re: [oss-security] More CVEs? (was Re: [oss-security] [oCERT-2011-003] multiple implementations denial-of-service via hash algorithm collision)Kurt Seifried29 Dec 2011
--> Re: [oss-security] More CVEs? (was Re: [oss-security] [oCERT-2011-003] multiple implementations denial-of-service via hash algorithm collision)David Jorm29 Dec 2011
--> Re: [oss-security] More CVEs? (was Re: [oss-security] [oCERT-2011-003] multiple implementations denial-of-service via hash algorithm collision)Andrea Barisani29 Dec 2011
--> [oss-security] Re: More CVEs? (was Re: [oCERT-2011-003] multiple implementations denial-of-service via hash algorithm collision)cve-assign_at_nospam30 Dec 2011
--> Re: [oss-security] More CVEs? (was Re: [oss-security] [oCERT-2011-003] multiple implementations denial-of-service via hash algorithm collision)Tomas Hoger30 Dec 2011
--> Re: [oss-security] More CVEs? (was Re: [oss-security] [oCERT-2011-003] multiple implementations denial-of-service via hash algorithm collision)Hanno Böck30 Dec 2011
Re: [oss-security] [oCERT-2011-003] multiple implementations denial-of-service via hash algorithm collisionSolar Designer29 Dec 2011
[oss-security] Re: [oCERT-2011-003] multiple implementations denial-of-service via hash algorithm collisionAndrea Barisani29 Dec 2011
Re: [oss-security] CVE request: kernel: multiple issues in ROSEKurt Seifried28 Dec 2011
[oss-security] Re: closed-listKurt Seifried28 Dec 2011
[oss-security] Re: closed-listSolar Designer29 Dec 2011
[oss-security] CVE-2011-4862 is not BSD-specificFlorian Weimer25 Dec 2011
Re: [oss-security] CVE-2011-4862 is not BSD-specificKurt Seifried25 Dec 2011
Re: [oss-security] CVE-2011-4862 is not BSD-specificHuzaifa Sidhpurwala26 Dec 2011
--> Re: [oss-security] CVE-2011-4862 is not BSD-specificFlorian Weimer26 Dec 2011
--> Re: [oss-security] CVE-2011-4862 is not BSD-specificHuzaifa Sidhpurwala26 Dec 2011
[oss-security] CVE-request: Joomla com_mailto automated mail timeout bypass (2009)Henri Salo25 Dec 2011
Re: [oss-security] CVE-request: Joomla com_mailto automated mail timeout bypass (2009)Kurt Seifried25 Dec 2011
[oss-security] CVE-request for three 2009 Joomla issues (second part)Henri Salo25 Dec 2011
Re: [oss-security] CVE-request for three 2009 Joomla issues (second part)Kurt Seifried25 Dec 2011
[oss-security] CVE Request for Apache ActiveMQ DoSDavid Jorm25 Dec 2011
Re: [oss-security] CVE Request for Apache ActiveMQ DoSKurt Seifried25 Dec 2011
[oss-security] CVE-request for three 2009 Joomla issuesHenri Salo25 Dec 2011
Re: [oss-security] CVE-request for three 2009 Joomla issuesKurt Seifried25 Dec 2011
[oss-security] CVE-request 2006: Joomla Web Link Submission title Parameter SQL injectionHenri Salo24 Dec 2011
Re: [oss-security] CVE-request 2006: Joomla Web Link Submission title Parameter SQL injectionKurt Seifried24 Dec 2011
[oss-security] CVE request: simplesamlphp / Typo3Moritz Muehlenhoff23 Dec 2011
Re: [oss-security] CVE request: simplesamlphp / Typo3Kurt Seifried23 Dec 2011
--> Re: [oss-security] CVE request: simplesamlphp / Typo3Moritz Mühlenhoff23 Dec 2011
--> Re: [oss-security] CVE request: simplesamlphp / Typo3Kurt Seifried24 Dec 2011
[oss-security] CVE-request: WordPress flash-album-gallery plugin facebook.php XSSHenri Salo22 Dec 2011
Re: [oss-security] CVE-request: WordPress flash-album-gallery plugin facebook.php XSSKurt Seifried23 Dec 2011
[oss-security] CVE-2011-4127 kernel: possible privilege escalation via SG_IO ioctlPetr Matousek22 Dec 2011
[oss-security] Status of two Linux kernel issues w/o CVE assignmentsMoritz Muehlenhoff22 Dec 2011
Re: [oss-security] Status of two Linux kernel issues w/o CVE assignmentsKurt Seifried23 Dec 2011
--> Re: [oss-security] Status of two Linux kernel issues w/o CVE assignmentsMichael Gilbert23 Dec 2011
--> Re: [oss-security] Status of two Linux kernel issues w/o CVE assignmentsSolar Designer23 Dec 2011
--> Re: [oss-security] Status of two Linux kernel issues w/o CVE assignmentsEugene Teo24 Dec 2011
--> Re: [oss-security] Status of two Linux kernel issues w/o CVE assignmentsVasiliy Kulikov27 Dec 2011
--> Re: [oss-security] Status of two Linux kernel issues w/o CVE assignmentsKurt Seifried28 Dec 2011
--> Re: [oss-security] Status of two Linux kernel issues w/o CVE assignmentsKurt Seifried28 Dec 2011
--> Re: [oss-security] Status of two Linux kernel issues w/o CVE assignmentsEugene Teo24 Dec 2011
[oss-security] CVE Request -- rsyslog -- DoS due integer signedness error while extending rsyslog counted string bufferJan Lieskovsky22 Dec 2011
Re: [oss-security] CVE Request -- rsyslog -- DoS due integer signedness error while extending rsyslog counted string bufferKurt Seifried22 Dec 2011
Re: [oss-security] CVE Request -- rsyslog -- DoS due integer signedness error while extending rsyslog counted string bufferKyle Creyts22 Dec 2011
--> Re: [oss-security] CVE Request -- rsyslog -- DoS due integer signedness error while extending rsyslog counted string bufferJan Lieskovsky22 Dec 2011
[oss-security] kernel: kvm: pit timer with no irqchip crashes the systemPetr Matousek21 Dec 2011
Re: [oss-security] kernel: kvm: pit timer with no irqchip crashes the systemPetr Matousek21 Dec 2011
--> Re: [oss-security] kernel: kvm: pit timer with no irqchip crashes the systemKurt Seifried21 Dec 2011
[oss-security] CVE Request -- kernel: tight loop and no preemption can cause system stallPetr Matousek21 Dec 2011
Re: [oss-security] CVE Request -- kernel: tight loop and no preemption can cause system stallKurt Seifried21 Dec 2011
[oss-security] plib ulSetError() buffer overflow - CVE-2011-4620Kurt Seifried21 Dec 2011
[oss-security] CVE request -- coreutils -- tty hijacking possible in "su" via TIOCSTI, ioctlKurt Seifried20 Dec 2011
[oss-security] CVE assignment from previous yearsTim Sammut20 Dec 2011
Re: [oss-security] CVE assignment from previous yearsKurt Seifried20 Dec 2011
--> Re: [oss-security] CVE assignment from previous yearsSteven M. Christey20 Dec 2011
--> Re: [oss-security] CVE assignment from previous yearsKurt Seifried21 Dec 2011
[oss-security] CVE id request: python-virtualenvNico Golde19 Dec 2011
Re: [oss-security] CVE id request: python-virtualenvKurt Seifried19 Dec 2011
--> Re: [oss-security] CVE id request: python-virtualenvNico Golde19 Dec 2011
--> Re: [oss-security] CVE id request: python-virtualenvKurt Seifried19 Dec 2011
[oss-security] CVE for HTML-Template-Pro 0.9506 XSSKurt Seifried19 Dec 2011
[oss-security] CVE-request: WordPress advanced-text-widget XSS advancedtext.php?page=Henri Salo18 Dec 2011
Re: [oss-security] CVE-request: WordPress advanced-text-widget XSS advancedtext.php?page=Kurt Seifried19 Dec 2011
[oss-security] CVE request: zabbix persistent XSS flawVincent Danen16 Dec 2011
Re: [oss-security] CVE request: zabbix persistent XSS flawKurt Seifried16 Dec 2011
[oss-security] TYPO3 typo3-core-sa-2011-004Kurt Seifried16 Dec 2011
[oss-security] Security issue in icecastJamie Strandboge15 Dec 2011
[oss-security] RE: [Icecast-dev] Security issue in icecastThomas.Rucker_at_nospam15 Dec 2011
--> Re: [oss-security] RE: [Icecast-dev] Security issue in icecastJamie Strandboge15 Dec 2011
Re: [oss-security] Security issue in icecastKurt Seifried15 Dec 2011
[oss-security] CVE request: bypass default security level of the X wrapper (xserver-xorg <= 1:7.5+8)vladz15 Dec 2011
Re: [oss-security] CVE request: bypass default security level of the X wrapper (xserver-xorg <= 1:7.5+8)Kurt Seifried15 Dec 2011
[oss-security] CVE request - kernel: perf, powerpc: Handle events that raise an exception without overflowingEugene Teo15 Dec 2011
Re: [oss-security] CVE request - kernel: perf, powerpc: Handle events that raise an exception without overflowingKurt Seifried15 Dec 2011
Re: [oss-security] linux-distros list setup updateSolar Designer13 Dec 2011
[oss-security] OpenIPMI: IPMI event daemon creates PID file with world writeable permissionsHuzaifa Sidhpurwala13 Dec 2011
[oss-security] CVE request: putty does not wipe keyboard-interactive replies from memory after authenticationVincent Danen12 Dec 2011
Re: [oss-security] CVE request: putty does not wipe keyboard-interactive replies from memory after authenticationKurt Seifried12 Dec 2011
[oss-security] CVE request: rocksndiamonds world-writable working/config directoryVincent Danen12 Dec 2011
Re: [oss-security] CVE request: rocksndiamonds world-writable working/config directoryKurt Seifried12 Dec 2011
Fwd: Re: [oss-security] cve request: bat_socket_read memory corruptionKurt Seifried12 Dec 2011
[oss-security] cve request: bat_socket_read memory corruptionPaul10 Dec 2011
Re: [oss-security] cve request: bat_socket_read memory corruptionKurt Seifried10 Dec 2011
--> Re: [oss-security] cve request: bat_socket_read memory corruptionPaul10 Dec 2011
[oss-security] CVE request: Pidgin crashMark Doliner10 Dec 2011
Re: [oss-security] CVE request: Pidgin crashKurt Seifried10 Dec 2011
[oss-security] CVE Request -- Asterisk -- AST-2011-013 and AST-2011-014Jan Lieskovsky09 Dec 2011
Re: [oss-security] CVE Request -- Asterisk -- AST-2011-013 and AST-2011-014Kurt Seifried09 Dec 2011
[oss-security] CVE Request: icu out of bounds accessLudwig Nussel09 Dec 2011
Re: [oss-security] CVE Request: icu out of bounds accessKurt Seifried09 Dec 2011
Re: [oss-security] non-Linux advance notification listSolar Designer09 Dec 2011
[oss-security] CVE Request -- kernel: send(m)msg: user pointer dereferencesPetr Matousek08 Dec 2011
Re: [oss-security] CVE Request -- kernel: send(m)msg: user pointer dereferencesKurt Seifried08 Dec 2011
[oss-security] CVE-request WordPress pretty-link plugin 1.5.2 XSSHenri Salo08 Dec 2011
Re: [oss-security] CVE-request WordPress pretty-link plugin 1.5.2 XSSKurt Seifried08 Dec 2011
[oss-security] CVE request: Moodle 1.9.15/2.0.6/2.1.3 releasesVincent Danen07 Dec 2011
Re: [oss-security] CVE request: Moodle 1.9.15/2.0.6/2.1.3 releasesKurt Seifried07 Dec 2011
[oss-security] Disputing CVE-2011-4122Jeff Mitchell07 Dec 2011
Re: [oss-security] Disputing CVE-2011-4122Kurt Seifried07 Dec 2011
--> Re: [oss-security] Disputing CVE-2011-4122Jeff Mitchell08 Dec 2011
--> Re: [oss-security] Disputing CVE-2011-4122Kurt Seifried08 Dec 2011
--> Re: [oss-security] Disputing CVE-2011-4122Jeff Mitchell08 Dec 2011
--> Re: [oss-security] Disputing CVE-2011-4122Kurt Seifried08 Dec 2011
--> Re: [oss-security] Disputing CVE-2011-4122Jeff Mitchell08 Dec 2011
Re: [oss-security] Disputing CVE-2011-4122Solar Designer23 Dec 2011
--> Re: [oss-security] Disputing CVE-2011-4122Jeff Mitchell27 Dec 2011
--> Re: [oss-security] Disputing CVE-2011-4122Solar Designer27 Dec 2011
--> Re: [oss-security] Disputing CVE-2011-4122Sebastian Krahmer28 Dec 2011
Re: [oss-security] CVE request: includeViewParameters re-evaluates param/model values as EL expressions on Mojarra/MyFacesKurt Seifried07 Dec 2011
[oss-security] acpid - possible issue in socket handlingKurt Seifried06 Dec 2011
[oss-security] CVE request: acpidMoritz Muehlenhoff06 Dec 2011
Re: [oss-security] CVE request: acpidKurt Seifried06 Dec 2011
[oss-security] C|Net Download.Com is now bundling Nmap with malware!Henri Salo06 Dec 2011
[oss-security] CVE request: glibc: timezone integer overflowMatthias Weckbecker05 Dec 2011
Re: [oss-security] CVE request: glibc: timezone integer overflowKurt Seifried07 Dec 2011
ezmlm warningoss-security-help_at_nospam04 Dec 2011
[oss-security] CVE Request: ffmpegMarc Deslauriers04 Dec 2011
Re: [oss-security] CVE Request: ffmpegKurt Seifried04 Dec 2011
--> Re: [oss-security] CVE Request: ffmpegMarc Deslauriers05 Dec 2011
--> Re: [oss-security] CVE Request: ffmpegKurt Seifried07 Dec 2011
[oss-security] CVE request: CSRF in xt:commerce 3.04 SP2.1dishix03 Dec 2011
Re: [oss-security] CVE request: CSRF in xt:commerce 3.04 SP2.1Kurt Seifried04 Dec 2011
[oss-security] CSRF in the JBoss AS 7 administration console & HTTP management API - CVE-2011-3609David Jorm02 Dec 2011
[oss-security] DOM based XSS in the JBoss AS 7 administration console - CVE-2011-3606David Jorm02 Dec 2011
[oss-security] CVE-2011-4354 OpenSSL 0.9.8g (32-bit builds) bug leaks ECC private keysBilly Brumley01 Dec 2011
[oss-security] CVE-request: Serendipity 'serendipity[filter][bp.ALT]' Cross-Site Scripting vulnerabilityHenri Salo01 Dec 2011
Re: [oss-security] CVE-request: Serendipity 'serendipity[filter][bp.ALT]' Cross-Site Scripting vulnerabilityHenri Salo01 Dec 2011
--> Re: [oss-security] CVE-request: Serendipity 'serendipity[filter][bp.ALT]' Cross-Site Scripting vulnerabilityKurt Seifried01 Dec 2011
--> Re: [oss-security] CVE-request: Serendipity 'serendipity[filter][bp.ALT]' Cross-Site Scripting vulnerabilityKurt Seifried01 Dec 2011
Re: [oss-security] CVE-request: Serendipity 'serendipity[filter][bp.ALT]' Cross-Site Scripting vulnerabilityKurt Seifried01 Dec 2011
--> Re: [oss-security] CVE-request: Serendipity 'serendipity[filter][bp.ALT]' Cross-Site Scripting vulnerabilityKurt Seifried01 Dec 2011
--> Re: [oss-security] CVE-request: Serendipity 'serendipity[filter][bp.ALT]' Cross-Site Scripting vulnerabilityHanno Böck04 Dec 2011
--> Re: [oss-security] CVE-request: Serendipity 'serendipity[filter][bp.ALT]' Cross-Site Scripting vulnerabilityKurt Seifried04 Dec 2011
RE: [oss-security] CVE-request: Serendipity 'serendipity[filter][bp.ALT]' Cross-Site Scripting vulnerabilitySecunia Research01 Dec 2011
--> Re: [oss-security] CVE-request: Serendipity 'serendipity[filter][bp.ALT]' Cross-Site Scripting vulnerabilityHenri Salo01 Dec 2011