oss-security September 2010 archive
Main Archive Page > Month Archives  > oss-security archives
oss-security: By Author

oss-security By Author

AuthorSubject Date
Alex Legler
 Re: [oss-security] CVE request: Horde Gollem <1.1.2 XSS in view.php30 Sep 2010
 [oss-security] CVE request: Horde Gollem <1.1.2 XSS in view.php29 Sep 2010
 [oss-security] CVE Request: pidgin-knotify remote command injection12 Sep 2010
Andrea Barisani
 [oss-security] [oCERT-2010-004] FFmpeg/libavcodec arbitrary offset dereference28 Sep 2010
 [oss-security] [oCERT-2010-003] Free Simple CMS path sanitization errors17 Sep 2010
Andrew Morton
 [oss-security] Re: [Security] [oss-security] Re: /proc infoleaks07 Sep 2010
 Re: [oss-security] Re: [Security] /proc infoleaks07 Sep 2010
 [oss-security] Re: [Security] /proc infoleaks07 Sep 2010
Brad Spengler
 Re: [oss-security] Re: [Security] [oss-security] Re: /proc infoleaks08 Sep 2010
 [oss-security] Re: [Security] [oss-security] Re: /proc infoleaks07 Sep 2010
Dan Rosenberg
 [oss-security] CVE request: multiple kernel stack memory disclosures25 Sep 2010
 [oss-security] Interesting kernel bug24 Sep 2010
 [oss-security] CVE request: kernel: Heap corruption in ROSE21 Sep 2010
 Re: [oss-security] CVE request: kernel: numerous infoleaks15 Sep 2010
 Re: [oss-security] CVE id request: libc fortify source information disclosure02 Sep 2010
 Re: [oss-security] CVE id request: libc fortify source information disclosure02 Sep 2010
dann frazier
 [oss-security] CVE Request -- Linux/SCTP DoS in sctp_packet_config()24 Sep 2010
David Rientjes
 [oss-security] Re: [PATCH 1/4] oom: remove totalpage normalization from oom_badness()16 Sep 2010
Eugene Teo
 Re: [oss-security] CVE requests: POE::Component::IRC, Alien Arena, Babiloo, Typo3, abcm2ps, ModSecurity, Linux kernel30 Sep 2010
 Re: [oss-security] CVE request - kernel: prevent heap corruption in snd_ctl_new()29 Sep 2010
 [oss-security] CVE request - kernel: prevent heap corruption in snd_ctl_new()29 Sep 2010
 [oss-security] CVE request - kernel: pktcdvd ioctl dev_minor missing range check28 Sep 2010
 Re: [oss-security] CVE requests: POE::Component::IRC, Alien Arena, Babiloo, Typo3, abcm2ps, ModSecurity, Linux kernel28 Sep 2010
 Re: [oss-security] CVE Request -- Linux/SCTP DoS in sctp_packet_config()25 Sep 2010
 Re: [oss-security] CVE request: kernel: Heap corruption in ROSE21 Sep 2010
 Re: [oss-security] CVE-2010-3301 kernel: IA32 System Call Entry Point Vulnerability16 Sep 2010
 [oss-security] CVE-2010-3081 kernel: 64-bit Compatibility Mode Stack Pointer Underflow16 Sep 2010
 [oss-security] CVE-2010-3301 kernel: IA32 System Call Entry Point Vulnerability16 Sep 2010
 [oss-security] CVE request: kernel: numerous infoleaks14 Sep 2010
 [oss-security] CVE request: kernel: niu buffer overflow for ETHTOOL_GRXCLSRLALL09 Sep 2010
 [oss-security] CVE-2010-3080 kernel: /dev/sequencer open failure is not handled correctly08 Sep 2010
 [oss-security] CVE request: kernel: xfs: XFS_IOC_FSGETXATTR ioctl memory leak07 Sep 2010
 [oss-security] CVE-2010-2960 kernel: keyctl_session_to_parent null ptr deref02 Sep 2010
 [oss-security] CVE-2010-2954 kernel: irda null ptr deref01 Sep 2010
Florian Weimer
 Re: [oss-security] CVE Request 1, NSS 2, Qt: Doesn't handle wildcards in Common Name properly06 Sep 2010
Giuseppe Iuculano
 [oss-security] CVE request: smbind Sql Injection05 Sep 2010
Greg KH
 Re: [oss-security] Small exposure in ocfs2 fast symlinks.30 Sep 2010
Hanno Böck
 [oss-security] CVE request: clamav < 0.96.3 pdf bounds checking22 Sep 2010
 [oss-security] CVE request: egroupware remote code and xss20 Sep 2010
 [oss-security] CVE request: epiphany not checking ssl certs17 Sep 2010
 Re: [oss-security] CVE request: mantis before 1.2.3 (XSS)14 Sep 2010
 [oss-security] CVE request: mantis before 1.2.3 (XSS)14 Sep 2010
 [oss-security] CVE request: xss in pecl-apc before 3.1.414 Sep 2010
 [oss-security] CVE request: mednafen stack manipulation09 Sep 2010
Henri Salo
 [oss-security] CVE-identifier request for Dovecot ACL security bug16 Sep 2010
Huzaifa Sidhpurwala
 [oss-security] CVE Request: mailman13 Sep 2010
Jan Lieskovsky
 [oss-security] CVE Request -- Python -- accept() implementation in async core is broken => more subcases09 Sep 2010
 [oss-security] CVE Request -- phpMyAdmin (x < v3.3.7) -- XSS in setup script (PMASA-2010-7)08 Sep 2010
 [oss-security] CVE Request -- Horde v3.3.8 -- XSS in icon_browser.php due improper sanitization of 'subdir' URL parameter06 Sep 2010
 [oss-security] CVE Request -- EncFS / fuse-encfs [three ids] -- Multiple Vulnerabilities in EncFS05 Sep 2010
 [oss-security] CVE Request -- Squid -- Denial of service due internal error in string handling (SQUID-2010:3)05 Sep 2010
 [oss-security] CVE Request -- Bip -- Remote Dos (crash) by exchanging user credentials05 Sep 2010
 [oss-security] CVE Request 1, NSS 2, Qt: Doesn't handle wildcards in Common Name properly03 Sep 2010
 [oss-security] CVE Request -- phpMyAdmin - v3.6.6 -- XSS attack using debugging messages (CVE-2010-3056 discussion)01 Sep 2010
Joachim Fritschi
 [oss-security] CVE request - phpCAS: prevent symlink attacks, directory traversal and XSS during a proxy callback29 Sep 2010
Joe Orton
 Re: [oss-security] CVE Request 1, NSS 2, Qt: Doesn't handle wildcards in Common Name properly04 Sep 2010
Joel Becker
 Re: [oss-security] Small exposure in ocfs2 fast symlinks.30 Sep 2010
 [oss-security] Small exposure in ocfs2 fast symlinks.30 Sep 2010
Jon Oberheide
 Re: [oss-security] Re: [Security] /proc infoleaks07 Sep 2010
Josh Bressers
 Re: [oss-security] CVE requests: POE::Component::IRC, Alien Arena, Babiloo, Typo3, abcm2ps, ModSecurity, Linux kernel30 Sep 2010
 Re: [oss-security] CVE request: Horde Gollem <1.1.2 XSS in view.php30 Sep 2010
 Re: [oss-security] CVE requests: Poppler, Quassel, Pyfribidi, Overkill, DocUtils, FireGPG, Wireshark29 Sep 2010
 Re: [oss-security] CVE request - kernel: prevent heap corruption in snd_ctl_new()29 Sep 2010
 Re: [oss-security] CVE requests: POE::Component::IRC, Alien Arena, Babiloo, Typo3, abcm2ps, ModSecurity, Linux kernel28 Sep 2010
 Re: [oss-security] CVE request - kernel: pktcdvd ioctl dev_minor missing range check28 Sep 2010
 Re: [oss-security] CVE request: multiple kernel stack memory disclosures27 Sep 2010
 Re: [oss-security] Minor security flaw with pam_xauth27 Sep 2010
 Re: [oss-security] CVE request: clamav < 0.96.3 pdf bounds checking27 Sep 2010
 Re: [oss-security] CVE Request -- Python -- accept() implementation in async core is broken => more subcases22 Sep 2010
 Re: [oss-security] CVE Request -- MySQL v5.1.49 -- multiple DoS flaws22 Sep 2010
 Re: [oss-security] Minor security flaw with pam_xauth21 Sep 2010
 Re: [oss-security] Minor security flaw with pam_xauth21 Sep 2010
 Re: [oss-security] Minor security flaw with pam_xauth21 Sep 2010
 Re: [oss-security] CVE request: egroupware remote code and xss21 Sep 2010
 Re: [oss-security] CVE request: epiphany not checking ssl certs21 Sep 2010
 Re: [oss-security] [oCERT-2010-003] Free Simple CMS path sanitization errors17 Sep 2010
 Re: [oss-security] CVE request: epiphany not checking ssl certs17 Sep 2010
 Re: [oss-security] CVE request: weborf: directory traversal17 Sep 2010
 Re: [oss-security] CVE request: pixelpost17 Sep 2010
 Re: [oss-security] CVE-identifier request for Dovecot ACL security bug16 Sep 2010
 Re: [oss-security] CVE request: mantis before 1.2.3 (XSS)16 Sep 2010
 Re: [oss-security] CVE request: padding oracle attack: ruby on rails 2.3, owasp esapi14 Sep 2010
 Re: [oss-security] CVE request: kernel: numerous infoleaks14 Sep 2010
 Re: [oss-security] CVE request: xss in pecl-apc before 3.1.414 Sep 2010
 Re: [oss-security] CVE Request: mailman13 Sep 2010
 Re: [oss-security] CVE request: mailscanner, multiple vulnerabilities13 Sep 2010
 Re: [oss-security] CVE id requests: drupal13 Sep 2010
 Re: [oss-security] CVE id request for non disclosed issue?13 Sep 2010
 Re: [oss-security] CVE Request: mailman13 Sep 2010
 Re: [oss-security] CVE Request: pidgin-knotify remote command injection13 Sep 2010
 Re: [oss-security] CVE Request -- MySQL v5.1.49 -- multiple DoS flaws11 Sep 2010
 Re: [oss-security] CVE request: mednafen stack manipulation11 Sep 2010
 Re: [oss-security] CVE Request -- Python -- accept() implementation in async core is broken => more subcases11 Sep 2010
 Re: [oss-security] CVE request: kernel: niu buffer overflow for ETHTOOL_GRXCLSRLALL11 Sep 2010
 [oss-security] CVE Assignment: django09 Sep 2010
 Re: [oss-security] CVE request: kernel: xfs: XFS_IOC_FSGETXATTR ioctl memory leak07 Sep 2010
 Re: [oss-security] CVE Request -- Horde v3.3.8 -- XSS in icon_browser.php due improper sanitization of 'subdir' URL parameter07 Sep 2010
 Re: [oss-security] CVE request: smbind Sql Injection07 Sep 2010
 Re: [oss-security] CVE Request -- EncFS / fuse-encfs [three ids] -- Multiple Vulnerabilities in EncFS07 Sep 2010
 Re: [oss-security] CVE Request -- Squid -- Denial of service due internal error in string handling (SQUID-2010:3)07 Sep 2010
 Re: [oss-security] CVE Request -- Bip -- Remote Dos (crash) by exchanging user credentials07 Sep 2010
 Re: [oss-security] CVE request: XSS in nusoap07 Sep 2010
 Re: [oss-security] CVE Request -- phpMyAdmin - v3.6.6 -- XSS attack using debugging messages (CVE-2010-3056 discussion)01 Sep 2010
Julien Cristau
 Re: [oss-security] CVE Request 1, NSS 2, Qt: Doesn't handle wildcards in Common Name properly03 Sep 2010
KOSAKI Motohiro
 [oss-security] Re: [PATCH 4/4] oom: don't ignore rss in nascent mm27 Sep 2010
 [oss-security] Re: [PATCH 1/4] oom: remove totalpage normalization from oom_badness()16 Sep 2010
 [oss-security] [PATCH 4/4] oom: don't ignore rss in nascent mm16 Sep 2010
 [oss-security] [PATCH 2/4] Revert "oom: deprecate oom_adj tunable"16 Sep 2010
 [oss-security] [PATCH 1/4] oom: remove totalpage normalization from oom_badness()16 Sep 2010
 [oss-security] [PATCH 3/4] move cred_guard_mutex from task_struct to signal_struct16 Sep 2010
 [oss-security] [PATCH 0/4] oom fixes for 2.6.3616 Sep 2010
 [oss-security] Re: [PATCH 2/2] execve: check the VM has enough memory at first16 Sep 2010
 [oss-security] Re: [PATCH] move cred_guard_mutex from task_struct to signal_struct16 Sep 2010
 [oss-security] Re: [PATCH 2/2] execve: check the VM has enough memory at first14 Sep 2010
 [oss-security] [PATCH] move cred_guard_mutex from task_struct to signal_struct10 Sep 2010
 [oss-security] Re: [PATCH 1/3] setup_arg_pages: diagnose excessive argument size10 Sep 2010
 [oss-security] Re: [PATCH 1/3] setup_arg_pages: diagnose excessive argument size09 Sep 2010
 [oss-security] [PATCH 2/2] execve: check the VM has enough memory at first09 Sep 2010
 [oss-security] [PATCH 1/2] oom: don't ignore rss in nascent mm09 Sep 2010
 [oss-security] [PATCH 0/2] execve memory exhaust of argument-copying fixes09 Sep 2010
 [oss-security] Re: [PATCH 0/3] execve argument-copying fixes08 Sep 2010
Kurt Seifried
 Re: [oss-security] CVE Request -- Linux/SCTP DoS in sctp_packet_config()27 Sep 2010
 Re: [oss-security] CVE request: mantis before 1.2.3 (XSS)14 Sep 2010
 Re: [oss-security] CVE request: mantis before 1.2.3 (XSS)14 Sep 2010
Kyle Bader
 Re: [oss-security] CVE id request for non disclosed issue?13 Sep 2010
Linus Torvalds
 [oss-security] Re: [PATCH 2/2] execve: check the VM has enough memory at first16 Sep 2010
 [oss-security] Re: [PATCH 2/2] execve: check the VM has enough memory at first10 Sep 2010
 [oss-security] Re: [Security] [oss-security] Re: /proc infoleaks07 Sep 2010
Ludwig Nussel
 Re: [oss-security] CVE request: clamav < 0.96.3 pdf bounds checking28 Sep 2010
 Re: [oss-security] CVE request: clamav < 0.96.3 pdf bounds checking28 Sep 2010
 Re: [oss-security] CVE request: epiphany not checking ssl certs20 Sep 2010
Marcus Meissner
 Re: [oss-security] CVE request - kernel: prevent heap corruption in snd_ctl_new()29 Sep 2010
 Re: [oss-security] Re: [Security] /proc infoleaks07 Sep 2010
Michael Gilbert
 Re: [oss-security] CVE request: epiphany not checking ssl certs17 Sep 2010
Michael Koziarski
 Re: [oss-security] CVE request: padding oracle attack: ruby on rails 2.3, owasp esapi21 Sep 2010
 Re: [oss-security] CVE request: padding oracle attack: ruby on rails 2.3, owasp esapi21 Sep 2010
Moritz Muehlenhoff
 Re: [oss-security] CVE request: Horde Gollem <1.1.2 XSS in view.php30 Sep 2010
 [oss-security] CVE requests: Poppler, Quassel, Pyfribidi, Overkill, DocUtils, FireGPG, Wireshark29 Sep 2010
 Re: [oss-security] CVE requests: POE::Component::IRC, Alien Arena, Babiloo, Typo3, abcm2ps, ModSecurity, Linux kernel29 Sep 2010
 [oss-security] CVE requests: POE::Component::IRC, Alien Arena, Babiloo, Typo3, abcm2ps, ModSecurity, Linux kernel27 Sep 2010
Oleg Nesterov
 [oss-security] Re: [PATCH 4/4] oom: don't ignore rss in nascent mm16 Sep 2010
 [oss-security] Re: [PATCH] move cred_guard_mutex from task_struct to signal_struct10 Sep 2010
pageexec_at_nospam
 [oss-security] Re: [PATCH 1/3] setup_arg_pages: diagnose excessive argument size15 Sep 2010
 [oss-security] Re: [PATCH 1/3] setup_arg_pages: diagnose excessive argument size14 Sep 2010
 [oss-security] Re: [PATCH 1/3] setup_arg_pages: diagnose excessive argument size14 Sep 2010
 [oss-security] Re: [PATCH 1/3] setup_arg_pages: diagnose excessive argument size14 Sep 2010
 [oss-security] Re: [PATCH 1/3] setup_arg_pages: diagnose excessive argument size11 Sep 2010
 [oss-security] Re: [PATCH 1/3] setup_arg_pages: diagnose excessive argument size11 Sep 2010
Pekka Enberg
 [oss-security] Re: [PATCH 1/4] oom: remove totalpage normalization from oom_badness()16 Sep 2010
Pierre Joye
 Re: [oss-security] CVE request: xss in pecl-apc before 3.1.414 Sep 2010
 [oss-security] CVE id request for non disclosed issue?13 Sep 2010
Raphael Geissert
 [oss-security] RFC: changing the behaviour of ld.so(8) regarding empty items on LD_LIBRARY_PATH28 Sep 2010
 [oss-security] Re: CVE request: pixelpost17 Sep 2010
 [oss-security] CVE request: weborf: directory traversal17 Sep 2010
 [oss-security] CVE request: pixelpost17 Sep 2010
 [oss-security] CVE request: mailscanner, multiple vulnerabilities11 Sep 2010
 [oss-security] CVE request: XSS in nusoap03 Sep 2010
Reed Loden
 Re: [oss-security] CVE Request 1, NSS 2, Qt: Doesn't handle wildcards in Common Name properly03 Sep 2010
 Re: [oss-security] CVE Request 1, NSS 2, Qt: Doesn't handle wildcards in Common Name properly03 Sep 2010
Richard Moore
 Re: [oss-security] CVE Request 1, NSS 2, Qt: Doesn't handle wildcards in Common Name properly05 Sep 2010
Roland McGrath
 [oss-security] Re: [PATCH 1/3] setup_arg_pages: diagnose excessive argument size14 Sep 2010
 [oss-security] Re: [PATCH 1/3] setup_arg_pages: diagnose excessive argument size14 Sep 2010
 [oss-security] Re: [PATCH 1/3] setup_arg_pages: diagnose excessive argument size14 Sep 2010
 [oss-security] Re: [PATCH 1/3] setup_arg_pages: diagnose excessive argument size14 Sep 2010
 [oss-security] Re: [PATCH 1/2] oom: don't ignore rss in nascent mm10 Sep 2010
 [oss-security] Re: [PATCH 1/3] setup_arg_pages: diagnose excessive argument size10 Sep 2010
 [oss-security] Re: [PATCH 1/3] setup_arg_pages: diagnose excessive argument size10 Sep 2010
 [oss-security] Re: [PATCH 1/3] setup_arg_pages: diagnose excessive argument size10 Sep 2010
 [oss-security] [PATCH 3/3] execve: make responsive to SIGKILL with large arguments08 Sep 2010
 [oss-security] [PATCH 2/3] execve: improve interactivity with large arguments08 Sep 2010
 [oss-security] [PATCH 1/3] setup_arg_pages: diagnose excessive argument size08 Sep 2010
 [oss-security] [PATCH 0/3] execve argument-copying fixes08 Sep 2010
Sebastian Krahmer
 Re: [oss-security] Re: [Security] [oss-security] Re: /proc infoleaks08 Sep 2010
 [oss-security] Re: [Security] /proc infoleaks07 Sep 2010
 [oss-security] /proc infoleaks07 Sep 2010
Solar Designer
 Re: [oss-security] Minor security flaw with pam_xauth27 Sep 2010
 Re: [oss-security] Minor security flaw with pam_xauth27 Sep 2010
 Re: [oss-security] Minor security flaw with pam_xauth24 Sep 2010
 Re: [oss-security] Minor security flaw with pam_xauth21 Sep 2010
 [oss-security] bzip2 CVE-2010-0405 integer overflow21 Sep 2010
 Re: [oss-security] Minor security flaw with pam_xauth21 Sep 2010
Steffen Joeris
 [oss-security] CVE id requests: drupal11 Sep 2010
Steven M. Christey
 Re: [oss-security] CVE Request -- MySQL v5.1.49 -- multiple DoS flaws28 Sep 2010
 Re: [oss-security] CVE requests: POE::Component::IRC, Alien Arena, Babiloo, Typo3, abcm2ps, ModSecurity, Linux kernel28 Sep 2010
 Re: [oss-security] CVE requests: POE::Component::IRC, Alien Arena, Babiloo, Typo3, abcm2ps, ModSecurity, Linux kernel28 Sep 2010
 Re: [oss-security] CVE Request -- Python -- accept() implementation in async core is broken => more subcases24 Sep 2010
 Re: [oss-security] CVE request: padding oracle attack: ruby on rails 2.3, owasp esapi21 Sep 2010
 Re: [oss-security] Minor security flaw with pam_xauth21 Sep 2010
 Re: [oss-security] CVE request: epiphany not checking ssl certs17 Sep 2010
 Re: [oss-security] CVE Request: mailman13 Sep 2010
 Re: [oss-security] CVE Request: mailman13 Sep 2010
 Re: [oss-security] CVE Request -- phpMyAdmin (x < v3.3.7) -- XSS in setup script (PMASA-2010-7)08 Sep 2010
Thomas Biege
 Re: [oss-security] CVE request: padding oracle attack: ruby on rails 2.3, owasp esapi21 Sep 2010
 [oss-security] CVE request: padding oracle attack: ruby on rails 2.3, owasp esapi14 Sep 2010
Tim Brown
 Re: [oss-security] RFC: changing the behaviour of ld.so(8) regarding empty items on LD_LIBRARY_PATH29 Sep 2010
Tomas Hoger
 Re: [oss-security] CVE Request 1, NSS 2, Qt: Doesn't handle wildcards in Common Name properly27 Sep 2010
 Re: [oss-security] CVE request: epiphany not checking ssl certs17 Sep 2010
 Re: [oss-security] CVE id request: libc fortify source information disclosure02 Sep 2010
 Re: [oss-security] CVE id request: libc fortify source information disclosure02 Sep 2010
Valient Gough
 [oss-security] Re: CVE Request -- EncFS / fuse-encfs [three ids] -- Multiple Vulnerabilities in EncFS06 Sep 2010
Vincent Danen
 Re: [oss-security] Minor security flaw with pam_xauth27 Sep 2010
 Re: [oss-security] Minor security flaw with pam_xauth27 Sep 2010
Willy Tarreau
 [oss-security] Re: [Security] [oss-security] Re: /proc infoleaks13 Sep 2010