oss-security March 2012 archive
Main Archive Page > Month Archives  > oss-security archives
oss-security: By Subject

oss-security By Subject

SubjectAuthor Date
[Full-disclosure] CVE-2012-0037: libraptor - XXE in RDF/XML File Interpretation (Multiple office products affected)
 VSR Advisories 27 Mar 2012
[oss-security] [Notification] CVE-2012-1174 systemd: TOCTOU race condition by removing user session
 Jan Lieskovsky 16 Mar 2012
[oss-security] Android CVE identifiers
 Dan Rosenberg 15 Mar 2012
[oss-security] atheme.org Security Advisory ASA-2012-03-01: Improper cleanup of CertFP entries may result in undefined behaviour
 Kurt Seifried 22 Mar 2012
 William Pitcock 21 Mar 2012
[oss-security] Attack on badly configured Netfilter-based firewalls
 Jussi Eronen 21 Mar 2012
 Kurt Seifried 10 Mar 2012
 Eric Leblond 09 Mar 2012
 ArkanoiD 09 Mar 2012
 Eric Leblond 09 Mar 2012
 Kurt Seifried 02 Mar 2012
 Jussi Eronen 02 Mar 2012
[oss-security] Case YVS Image Gallery
 Kurt Seifried 19 Mar 2012
[oss-security] CVE 2012-1565 Insecure object reference
 Luc ABRIC 28 Mar 2012
[oss-security] CVE DISPUTE notification: postgresql-jdbc: SQL injection due improper escaping of JDBC statement parameters
 Jan Lieskovsky 30 Mar 2012
[oss-security] CVE for OpenBSD random() bug?
 Kurt Seifried 23 Mar 2012
 Todd C. Miller 22 Mar 2012
 Kurt Seifried 22 Mar 2012
[oss-security] CVE id request: cifs-utils
 Kurt Seifried 27 Mar 2012
 Nico Golde 27 Mar 2012
[oss-security] CVE Request -- Asterisk: AST-2012-002 and AST-2012-003 flaws
 Matthew Jordan 16 Mar 2012
 Kurt Seifried 16 Mar 2012
 Jan Lieskovsky 16 Mar 2012
[oss-security] CVE Request -- FreeType: Multiple security flaws to be fixed in v2.4.9
 Werner LEMBERG 07 Mar 2012
 Kurt Seifried 06 Mar 2012
 Jan Lieskovsky 06 Mar 2012
[oss-security] CVE request -- kernel: execshield: predictable ascii armour base address
 Petr Matousek 21 Mar 2012
 Kurt Seifried 20 Mar 2012
 Marcus Meissner 20 Mar 2012
 Nick Kralevich 20 Mar 2012
 Eugene Teo 20 Mar 2012
 Petr Matousek 20 Mar 2012
[oss-security] CVE request -- kernel: kvm: irqchip_in_kernel() and vcpu->arch.apic inconsistency
 Kurt Seifried 30 Mar 2012
 Petr Matousek 29 Mar 2012
[oss-security] CVE request -- kernel: mm: memcg: unregistring of events attached to the same eventfd can lead to oops
 Kurt Seifried 07 Mar 2012
 Petr Matousek 07 Mar 2012
[oss-security] CVE Request -- LDAP Account Manager Pro / PhpLDAPadmin -- Multiple XSS flaws
 Roland Gruber 12 Mar 2012
 Jan Lieskovsky 12 Mar 2012
 Kurt Seifried 05 Mar 2012
 Jan Lieskovsky 05 Mar 2012
[oss-security] CVE Request -- libdbd-pg-perl / perl-DBD-Pg && libyaml-libyaml-perl / perl-YAML-LibYAML: Multiple format string flaws
 Kurt Seifried 10 Mar 2012
 Jan Lieskovsky 09 Mar 2012
[oss-security] CVE Request -- openldap (slapd): Assertion failure by processing search queries requesting only attributes for particular entry
 Kurt Seifried 12 Mar 2012
 Jan Lieskovsky 12 Mar 2012
[oss-security] CVE Request -- Ruby on Rails (v3.0.12) / rubygem-actionpack: Two XSS flaws
 Kurt Seifried 03 Mar 2012
 Jan Lieskovsky 02 Mar 2012
[oss-security] CVE request for bitlebee
 Kurt Seifried 19 Mar 2012
 David Black 19 Mar 2012
[oss-security] CVE request for PHP 5.3.x Corrupted $_FILES indices lead to security concern
 Huzaifa Sidhpurwala 13 Mar 2012
 Kurt Seifried 08 Mar 2012
 Kurt Seifried 08 Mar 2012
[oss-security] CVE request: distutils creates ~/.pypirc insecurely
 Vincent Danen 27 Mar 2012
 Kurt Seifried 27 Mar 2012
 Vincent Danen 27 Mar 2012
 Vincent Danen 27 Mar 2012
 Kurt Seifried 27 Mar 2012
 Jakub Wilk 27 Mar 2012
 Vincent Danen 27 Mar 2012
[oss-security] CVE request: egroupware before 1.8.002 various security issues
 Kurt Seifried 30 Mar 2012
 Hanno Böck 29 Mar 2012
 Kurt Seifried 29 Mar 2012
 Hanno Böck 28 Mar 2012
[oss-security] CVE request: eZ Publish XSS
 Kurt Seifried 29 Mar 2012
 Luc ABRIC 28 Mar 2012
[oss-security] CVE request: eZ Publish: insecure direct object reference
 Luc ABRIC 20 Mar 2012
 Kurt Seifried 20 Mar 2012
 Kurt Seifried 19 Mar 2012
 Luc ABRIC 19 Mar 2012
[oss-security] CVE request: eZ Publish: unspecified vulnerability
 Solar Designer 15 Mar 2012
 Kurt Seifried 15 Mar 2012
 Luc ABRIC 15 Mar 2012
[oss-security] CVE Request: Geeklog 1.7.1 <= Cross Site Scripting Vulnerability
 Kurt Seifried 23 Mar 2012
 Henri Salo 23 Mar 2012
[oss-security] CVE request: gnash integer overflow
 Kurt Seifried 14 Mar 2012
 Vincent Danen 14 Mar 2012
[oss-security] CVE request: GnuTLS TLS record handling issue / MU-201202-01
 Tomas Hoger 21 Mar 2012
 Stefan Cornelius 21 Mar 2012
[oss-security] CVE request: init script x11-common creates directories in insecure manners
 Jason A. Donenfeld 01 Mar 2012
 vladz 01 Mar 2012
[oss-security] CVE Request: ldm (LTSP display manager)
 Kurt Seifried 12 Mar 2012
 Marc Deslauriers 12 Mar 2012
[oss-security] CVE Request: libgdata did not verify SSL certificates
 Kurt Seifried 14 Mar 2012
 Marc Deslauriers 14 Mar 2012
 Ludwig Nussel 14 Mar 2012
[oss-security] CVE request: libtasn1 "asn1_get_length_der()" DER decoding issue
 Kurt Seifried 20 Mar 2012
 Stefan Cornelius 20 Mar 2012
[oss-security] CVE Request: lightdm
 Kurt Seifried 05 Mar 2012
 Marc Deslauriers 05 Mar 2012
[oss-security] CVE request: mantisbt before 1.2.9
 Kurt Seifried 06 Mar 2012
 David Hicks 06 Mar 2012
 Hanno Böck 06 Mar 2012
[oss-security] CVE request: maradns deleted domain record cache persistance flaw
 Kurt Seifried 20 Mar 2012
 Vincent Danen 20 Mar 2012
[oss-security] CVE Request: Multiple wireshark security flaws resolved in 1.4.12 and 1.6.6
 Kurt Seifried 28 Mar 2012
 Huzaifa Sidhpurwala 28 Mar 2012
[oss-security] CVE request: mwlib < 0.13.5 DoS flaw
 Kurt Seifried 05 Mar 2012
 Vincent Danen 05 Mar 2012
[oss-security] CVE Request: NetworkManager arbitrary file access
 Kurt Seifried 02 Mar 2012
[oss-security] CVE Request: nginx fix for malformed HTTP responses from upstream servers
 Kurt Seifried 15 Mar 2012
 Andrew Alexeev 15 Mar 2012
[oss-security] CVE request: notmuch
 Florian Weimer 05 Mar 2012
 Kurt Seifried 05 Mar 2012
 Moritz Mühlenhoff 04 Mar 2012
[oss-security] CVE request: openssl: null pointer dereference issue
 Tomas Hoger 13 Mar 2012
 Kurt Seifried 12 Mar 2012
 Kurt Seifried 12 Mar 2012
 Tomas Hoger 12 Mar 2012
[oss-security] CVE request: phppgadmin before 5.0.4 XSS
 Henri Salo 30 Mar 2012
 Kurt Seifried 29 Mar 2012
 Hanno Böck 28 Mar 2012
[oss-security] CVE request: piwik before 1.6
 Kurt Seifried 19 Mar 2012
 Henri Salo 18 Mar 2012
[oss-security] CVE Request: PolicyKit change allows users in "wheel" group to become root without a password
 Kurt Seifried 28 Mar 2012
 Tim Sammut 28 Mar 2012
[oss-security] CVE request: pyfribidi buffer overflow flaw
 Kurt Seifried 14 Mar 2012
 Vincent Danen 14 Mar 2012
[oss-security] CVE Request: Python Hash DoS (Issue 13703)
 Kurt Seifried 10 Mar 2012
 Kurt Seifried 10 Mar 2012
[oss-security] CVE request: quake3 reflective DoS
 Florian Weimer 26 Mar 2012
[oss-security] CVE request: smokeping XSS
 Vincent Danen 06 Mar 2012
[oss-security] CVE request: Struts2 xsltResult local code execution flaw
 Kurt Seifried 28 Mar 2012
 David Jorm 28 Mar 2012
[oss-security] CVE request: Two Pidgin crashes
 Kurt Seifried 14 Mar 2012
 Mark Doliner 14 Mar 2012
[oss-security] CVE request: TYPO3-CORE-SA-2012-001
 Kurt Seifried 30 Mar 2012
 Florian Weimer 29 Mar 2012
[oss-security] CVE Request: XML entity expansion in the XML::Atom Perl module
 Kurt Seifried 05 Mar 2012
 Florian Weimer 04 Mar 2012
 Florian Weimer 04 Mar 2012
[oss-security] CVE request: XML::Atom Perl module
 Adam D. Barratt 04 Mar 2012
 Moritz Muehlenhoff 04 Mar 2012
[oss-security] CVE Requests
 Andreas Ericsson 19 Mar 2012
 Eugene Teo 19 Mar 2012
 Tim Brown 16 Mar 2012
 Kurt Seifried 16 Mar 2012
 Kurt Seifried 16 Mar 2012
 Kurt Seifried 16 Mar 2012
 Mark Stanislav 16 Mar 2012
 Tim Brown 16 Mar 2012
 Mark Stanislav 16 Mar 2012
 Kurt Seifried 16 Mar 2012
 Mark Stanislav 16 Mar 2012
 Adam D. Barratt 16 Mar 2012
 Solar Designer 16 Mar 2012
 Andreas Ericsson 16 Mar 2012
 Mark Stanislav 16 Mar 2012
 Kurt Seifried 16 Mar 2012
 Mark Stanislav 16 Mar 2012
 Kurt Seifried 16 Mar 2012
 Mark Stanislav 16 Mar 2012
 Kurt Seifried 16 Mar 2012
 Mark Stanislav 15 Mar 2012
[oss-security] CVE Requests for phpCAS
 Kurt Seifried 05 Mar 2012
 Joachim Fritschi 04 Mar 2012
[oss-security] CVE-2010 Request: quake3 / openarena-server: DDoS by processing 'getstatus' and 'rcon' packets
 Kurt Seifried 26 Mar 2012
 Jan Lieskovsky 26 Mar 2012
[oss-security] CVE-2011-3593 kernel: vlan: fix panic when handling priority tagged frames
 Eugene Teo 05 Mar 2012
[oss-security] CVE-2011-4348 kernel: incomplete fix for CVE-2011-2482
 Eugene Teo 05 Mar 2012
[oss-security] CVE-2012-1097 kernel: regset: Prevent null pointer reference on readonly regsets
 Eugene Teo 05 Mar 2012
[oss-security] CVE-2012-1106 assignment notification -- abrt: Setuid process core dump archived with unsafe GID permissions
 Stefan Cornelius 05 Mar 2012
[oss-security] CVE-2012-1162 / -1163: Incorrect loop construct and numeric overflow in libzip
 Timo Warns 29 Mar 2012
 Timo Warns 21 Mar 2012
[oss-security] CVE-2012-1179 kernel: thp: __split_huge_page() mapcount != page_mapcount BUG_ON()
 Petr Matousek 15 Mar 2012
[oss-security] CVE-2012-1185 / CVE-2012-1186 assignment notification - incomplete ImageMagick fixes for CVE-2012-0247 / CVE-2012-0248
 Stefan Cornelius 19 Mar 2012
[oss-security] CVE-Request taglib vulnerabilities
 Kurt Seifried 26 Mar 2012
 Ludwig Nussel 26 Mar 2012
 Zubin Mithra 21 Mar 2012
 Ludwig Nussel 21 Mar 2012
 Kurt Seifried 21 Mar 2012
 Kurt Seifried 05 Mar 2012
 Zubin Mithra 05 Mar 2012
 Kurt Seifried 05 Mar 2012
 Zubin Mithra 04 Mar 2012
[oss-security] CVE-request: apache's mod-fcgid does not respect configured FcgidMaxProcessesPerClass in VirtualHost
 Kurt Seifried 16 Mar 2012
 Daniel Kahn Gillmor 15 Mar 2012
[oss-security] CVE-request: appRain CMF uploadify.php File Upload Remote PHP Code Execution
 Kurt Seifried 10 Mar 2012
 Henri Salo 09 Mar 2012
[oss-security] CVE-request: Ariadne 2.7.6 XSS
 Kurt Seifried 10 Mar 2012
 Henri Salo 09 Mar 2012
[oss-security] CVE-request: clamav floating point exception in OLE2 scanner DoS (2007)
 Kurt Seifried 29 Mar 2012
 Henri Salo 28 Mar 2012
[oss-security] CVE-request: Coppermine 1.5.18 waraxe-2012-SA#081
 Kurt Seifried 30 Mar 2012
 Henri Salo 30 Mar 2012
 Henri Salo 30 Mar 2012
[oss-security] CVE-request: Drupal Finder SA-CONTRIB-2012-017
 Kurt Seifried 19 Mar 2012
 Henri Salo 16 Mar 2012
[oss-security] CVE-request: e107 HTB23004
 Kurt Seifried 29 Mar 2012
 Henri Salo 28 Mar 2012
[oss-security] CVE-request: ImpressPages CMS Unspecified Remote Code Execution
 Kurt Seifried 23 Mar 2012
 Henri Salo 23 Mar 2012
[oss-security] CVE-request: Joomla 20120305 / 20120306
 Kurt Seifried 29 Mar 2012
 Henri Salo 28 Mar 2012
[oss-security] CVE-request: Joomla core information disclosure 1.7.1
 Henri Salo 02 Mar 2012
 Kurt Seifried 02 Mar 2012
 Kurt Seifried 02 Mar 2012
 Henri Salo 02 Mar 2012
 Kurt Seifried 02 Mar 2012
 Henri Salo 01 Mar 2012
 Henri Salo 01 Mar 2012
[oss-security] CVE-request: Joomla core information disclosure 372-20111003
 Henri Salo 28 Mar 2012
[oss-security] CVE-request: Joomla! Security News 2012-03
 Kurt Seifried 06 Mar 2012
 Kurt Seifried 06 Mar 2012
 Henri Salo 06 Mar 2012
[oss-security] CVE-request: Kish Guest Posting Plugin for WordPress File Upload Remote PHP Code Execution
 Henri Salo 08 Mar 2012
 Kurt Seifried 06 Mar 2012
 Henri Salo 06 Mar 2012
[oss-security] CVE-request: MyBB 1.6 <= SQL Injection
 Henri Salo 25 Mar 2012
 Kurt Seifried 23 Mar 2012
 Henri Salo 23 Mar 2012
[oss-security] CVE-request: NextBBS 0.6.0 waraxe-2012-SA#080
 Kurt Seifried 30 Mar 2012
 Henri Salo 29 Mar 2012
[oss-security] CVE-request: OpenKM 5.1.7 Privilege Escalation / OS Command Execution (XSRF based)
 Kurt Seifried 23 Mar 2012
 Henri Salo 23 Mar 2012
[oss-security] CVE-request: Parallels Plesk Panel admin/plib/api-rpc/Agent.php Unspecified SQL Injection
 Henri Salo 09 Mar 2012
 Kurt Seifried 08 Mar 2012
 Henri Salo 08 Mar 2012
[oss-security] CVE-request: phpMyFAQ index.php URI XSS
 Kurt Seifried 08 Mar 2012
 Henri Salo 08 Mar 2012
[oss-security] CVE-request: phxEventManager search.php search_terms Parameter SQL Injection
 Kurt Seifried 06 Mar 2012
 Henri Salo 06 Mar 2012
[oss-security] CVE-request: systemd local denial of login or local users can create arbitrary services
 Kurt Seifried 05 Mar 2012
 Henri Salo 04 Mar 2012
[oss-security] CVEs for MediaWiki security and maintenance release 1.18.2
 Kurt Seifried 24 Mar 2012
[oss-security] Drupal CORE and Drupal Contrib
 Kurt Seifried 16 Mar 2012
[oss-security] Etano 1.x <= Multiple Cross Site Scripting Vulnerabilities
 Kurt Seifried 05 Mar 2012
 YGN Ethical Hacker Group 05 Mar 2012
[oss-security] expat 2.1.0beta fixes 5 Denial of Service attacks, CVE's/details inside
 Kurt Seifried 09 Mar 2012
 Kurt Seifried 09 Mar 2012
[oss-security] Fwd: CVE-2012-0037: libraptor - XXE in RDF/XML File Interpretation (Multiple office products affected)
 Solar Designer 27 Mar 2012
[oss-security] glibc crypt(3), crypt_r(3), PHP crypt() may use alloca()
 Jeff Law 30 Mar 2012
 Solar Designer 30 Mar 2012
 Jeff Law 30 Mar 2012
 Solar Designer 30 Mar 2012
 Jeff Law 30 Mar 2012
 Solar Designer 30 Mar 2012
 Tomas Hoger 30 Mar 2012
[oss-security] Interesting blog entry - Finding v6 hosts by efficiently mapping ip6.arpa
 Florian Weimer 29 Mar 2012
 Kurt Seifried 29 Mar 2012
[oss-security] Joomla! Security News 2012-03-16
 Kurt Seifried 19 Mar 2012
 Henri Salo 16 Mar 2012
[oss-security] LinuxMint - temp file creation vulns in mintNanny and mintUpdate
 Kurt Seifried 19 Mar 2012
[oss-security] MediaWiki security and maintenance release 1.18.2
 Kurt Seifried 23 Mar 2012
 Henri Salo 22 Mar 2012
[oss-security] Open-Realty CMS 2.5.8 (2.x.x) <= "select_users_template" Local File Inclusion Vulnerability
 Kurt Seifried 05 Mar 2012
 YGN Ethical Hacker Group 05 Mar 2012
[oss-security] openssl security issue or not? (CVE Request?)
 Jan Lieskovsky 23 Mar 2012
 Marcus Meissner 23 Mar 2012
[oss-security] Partial ASLR bypass
 Tim Brown 02 Mar 2012
[oss-security] postgresql-jdbc 8.1 SQL injection with postgresql server 9.1
 Florian Weimer 30 Mar 2012
 Ludwig Nussel 30 Mar 2012
[oss-security] Ruby on Rails github compromise
 Kurt Seifried 05 Mar 2012
[oss-security] running the distros lists
 Josh Bressers 19 Mar 2012
 Solar Designer 16 Mar 2012
 Josh Bressers 15 Mar 2012
 Kurt Seifried 15 Mar 2012
 Tim Brown 14 Mar 2012
 Solar Designer 14 Mar 2012
 Kurt Seifried 14 Mar 2012
 Solar Designer 13 Mar 2012
 Thomas Klausner 13 Mar 2012
 Solar Designer 13 Mar 2012
 Solar Designer 12 Mar 2012
[oss-security] SQL injection attack possible when connecting to PostgreSQL 9.1 with version 8.1 JDBC driver
 Kurt Seifried 31 Mar 2012
 Steffen Dettmer 31 Mar 2012
[oss-security] Vulnerabilities reported in ClamAV 0.96.4
 Vincent Danen 21 Mar 2012
[oss-security] Was a CVE ever assigned for Python SimpleHTTPServer.py XSS?
 Kurt Seifried 15 Mar 2012
 Vincent Danen 14 Mar 2012
[pgsql-security] postgresql-jdbc 8.1 SQL injection with postgresql server 9.1
 Robert Haas 30 Mar 2012
 Robert Haas 30 Mar 2012
[security] Drupal CORE and Drupal Contrib
 Kurt Seifried 22 Mar 2012
 Moritz Muehlenhoff 21 Mar 2012
 Greg Knaddison 20 Mar 2012
 Kurt Seifried 19 Mar 2012
 Greg Knaddison 16 Mar 2012
atheme.org Security Advisory ASA-2012-03-01: Improper cleanup of CertFP entries may result in undefined behaviour
 The Fungi 23 Mar 2012
 Kurt Seifried 23 Mar 2012
 William Pitcock 22 Mar 2012
Bugs in "file" program VU#621745
 Kurt Seifried 20 Mar 2012
 Jan Lieskovsky 20 Mar 2012
CVE Request (minor) -- osc: Improper sanitization of terminal emulator escape sequences when displaying build log and build status
 Kurt Seifried 02 Mar 2012
CVE Request -- LDAP Account Manager Pro / PhpLDAPadmin -- Multiple XSS flaws
 Dmitry Butskoy 06 Mar 2012
 Roland Gruber 05 Mar 2012
CVE-2012-0037: libraptor - XXE in RDF/XML File Interpretation (Multiple office products affected)
 Solar Designer 29 Mar 2012
 Timothy D. Morgan 27 Mar 2012
 Solar Designer 27 Mar 2012
openssl security issue or not? (CVE Request?)
 Marcus Meissner 23 Mar 2012
 Ivan Nestlerode 23 Mar 2012
TORCS 1.3.2 xml buffer overflow - CVE-2012-1189
 Andres Gomez 09 Mar 2012
 Tomas Hoger 06 Mar 2012
 Andres Gomez 06 Mar 2012
 Andres Gomez 05 Mar 2012
Vulnerabilities reported in ClamAV 0.96.4
 Török Edwin 21 Mar 2012
 Matt Watchinski 21 Mar 2012
 Vincent Danen 21 Mar 2012