| Author | Subject | Date |
| Anthon Pang |
| | [oss-security] Re: CVE Request: OpenWebAnalytics < 1.2.4 - remote/local file inclusion vulnerability | 31 Dec 2010 |
| | [oss-security] CVE Request: CrawlTrack < 3.2.7 - remote php code execution | 31 Dec 2010 |
| | [oss-security] CVE Request: OpenWebAnalytics < 1.2.4 - remote/local file inclusion vulnerability | 31 Dec 2010 |
| | Re: [oss-security] CVE request: openx unknown vulnerability before 2.8.7 | 06 Dec 2010 |
| Bhadrinath |
| | [oss-security] Re: Interesting behavior with struct initiailization | 05 Dec 2010 |
| | [oss-security] Re: Interesting behavior with struct initiailization | 05 Dec 2010 |
| | [oss-security] Re: Interesting behavior with struct initiailization | 05 Dec 2010 |
| Dan Rosenberg |
| | [oss-security] CVE request: kernel: buffer overflow in OSS load_mixer_volumes | 31 Dec 2010 |
| | Re: [oss-security] CVE request: kernel: CAN information leak, 2nd attempt | 20 Dec 2010 |
| | Re: [oss-security] CVE request: kernel: CAN information leak, 2nd attempt | 20 Dec 2010 |
| | Re: [oss-security] Re: Interesting behavior with struct initiailization | 05 Dec 2010 |
| | Re: [oss-security] kernel: Dangerous interaction between clear_child_tid, set_fs(), and kernel oopses | 02 Dec 2010 |
| | [oss-security] CVE request: kernel: failure to revert address limit override in OOPS error path | 02 Dec 2010 |
| dave b |
| | [oss-security] Re: CVE Request -- OfflineIMAP -- 1), failed to validate remote SSL server certificate 2), allows SSLv2 protocol | 23 Dec 2010 |
| David Hicks |
| | [oss-security] CVE request: MantisBT <=1.2.3 (db_type) Local File Inclusion Vulnerability | 15 Dec 2010 |
| | [oss-security] CVE request: MantisBT <=1.2.3 (db_type) Cross-Site Scripting & Path Disclosure Vulnerability | 15 Dec 2010 |
| Earl Hood |
| | [oss-security] Fix for CVE-2010-4524 and CVE-2010-1677 ready for verfication | 30 Dec 2010 |
| | [oss-security] Re: CVE Request -- MHonArc: Improper escaping of certain HTML sequences (XSS) | 30 Dec 2010 |
| | [oss-security] Re: CVE Request -- MHonArc: Improper escaping of certain HTML sequences (XSS) | 21 Dec 2010 |
| Eugene Teo |
| | [oss-security] CVE request: kernel: irda: prevent integer underflow in IRLMP_ENUMDEVICES | 23 Dec 2010 |
| | Re: [oss-security] CVE Request: local privilege escalation via /sys/kernel/debug/acpi/custom_method | 15 Dec 2010 |
| | Re: [oss-security] CVE request: kernel: NULL pointer dereference in AF_ECONET | 09 Dec 2010 |
| | [oss-security] CVE request: kernel: bfa driver sysfs crash | 08 Dec 2010 |
| | Re: [oss-security] CVE request: libvirt when compiled with openvz support has a potential security hole | 08 Dec 2010 |
| | [oss-security] CVE request: kernel: igb panics when receiving tag vlan packet | 06 Dec 2010 |
| Eygene Ryabinkin |
| | Re: [oss-security] Re: CVE-2010-2094: PECL's phar code is vulnerable too | 26 Dec 2010 |
| | [oss-security] CVE-2010-2094: PECL's phar code is vulnerable too | 26 Dec 2010 |
| Felipe Pena |
| | Re: [oss-security] Re: CVE-2010-2094: PECL's phar code is vulnerable too | 26 Dec 2010 |
| | [oss-security] Re: CVE-2010-2094: PECL's phar code is vulnerable too | 26 Dec 2010 |
| Geoff Keating |
| | Re: [oss-security] Interesting behavior with struct initiailization | 03 Dec 2010 |
| Hanno Böck |
| | [oss-security] CVE request: wordpress before 3.0.4 XSS | 30 Dec 2010 |
| | [oss-security] CVE request: Drupal views module CSRF/XSS before 2.11, XSS before 2.12 | 16 Dec 2010 |
| | [oss-security] CVE request: openx unknown vulnerability before 2.8.7 | 06 Dec 2010 |
| | Re: [oss-security] CVE request: mybb before 1.4.11 and before 1.4.12 | 06 Dec 2010 |
| | [oss-security] CVE request: vanilla forums before 2.0.10, xss | 06 Dec 2010 |
| | Re: [oss-security] clamav 0.96.5 released | 03 Dec 2010 |
| Havoc Pennington |
| | [oss-security] Re: Clarifications on the D-Bus specification | 13 Dec 2010 |
| Huzaifa Sidhpurwala |
| | Re: [oss-security] CVE Request -- Pidgin v2.7.6 <= x <= v2.7.8 -- MSN DirectConnect DoS (crash due NULL ptr dereference) after receiving a short P2P message | 31 Dec 2010 |
| | Re: [oss-security] CVE request: kernel: buffer overflow in OSS load_mixer_volumes | 31 Dec 2010 |
| Jamie Nguyen |
| | [oss-security] Re: Breaking the links: Exploiting the linker | 22 Dec 2010 |
| | [oss-security] Re: Breaking the links: Exploiting the linker | 22 Dec 2010 |
| Jamie Strandboge |
| | Re: [oss-security] CVE request: opensc buffer overflow | 21 Dec 2010 |
| Jan Lieskovsky |
| | [oss-security] CVE Request -- Pidgin v2.7.6 <= x <= v2.7.8 -- MSN DirectConnect DoS (crash due NULL ptr dereference) after receiving a short P2P message | 27 Dec 2010 |
| | [oss-security] CVE Request -- Django 1.2.4, Django 1.1.3 and Django 1.3 beta 1 -- addressing two security flaws | 23 Dec 2010 |
| | [oss-security] CVE Request -- OfflineIMAP -- 1), failed to validate remote SSL server certificate 2), allows SSLv2 protocol | 23 Dec 2010 |
| | [oss-security] CVE Request -- 1, ccid -- int.overflow leading to array index error 2, pcsc-lite stack-based buffer overflow in ATR decoder [was: [oss-security] CVE request: opensc buffer overflow ] | 22 Dec 2010 |
| | [oss-security] FYI -- Tor v0.2.1.28 addressing CVE-2010-1676 -- remotely exploitable heap-based buffer overflow | 21 Dec 2010 |
| | [oss-security] CVE Request -- MHonArc: Improper escaping of certain HTML sequences (XSS) | 21 Dec 2010 |
| | Re: Re: [oss-security] CVE Request -- D-BUS -- Stack frame overflow by validating message with excessive number of nested variants | 21 Dec 2010 |
| | [oss-security] CVE Request -- D-BUS -- Stack frame overflow by validating message with excessive number of nested variants | 16 Dec 2010 |
| | [oss-security] CVE Request -- Xfig: Stack-based buffer overflow by processing FIG image with crafted color definition | 03 Dec 2010 |
| | [oss-security] CVE Request -- FontForge: Stack-based buffer overflow by processing specially-crafted CHARSET_REGISTRY font file header | 02 Dec 2010 |
| | [oss-security] CVE Request -- Wordpress v3.0.2 SQL injection flaw + two minor XSS issues | 02 Dec 2010 |
| | [oss-security] CVE Request -- perl-CGI two ids, perl-CGI-Simple one id (CVE-2010-3172 already assigned for Bugzilla part) | 01 Dec 2010 |
| Jeff Breidenbach |
| | [oss-security] Re: CVE Request -- MHonArc: Improper escaping of certain HTML sequences (XSS) | 30 Dec 2010 |
| Johannes Stezenbach |
| | [oss-security] Re: CVE Request -- OfflineIMAP -- 1), failed to validate remote SSL server certificate 2), allows SSLv2 protocol | 23 Dec 2010 |
| John Goerzen |
| | [oss-security] Re: CVE Request -- OfflineIMAP -- 1), failed to validate remote SSL server certificate 2), allows SSLv2 protocol | 23 Dec 2010 |
| Josh Bressers |
| | Re: [oss-security] CVE Request -- MHonArc: Improper escaping of certain HTML sequences (XSS) | 22 Dec 2010 |
| | Re: [oss-security] CVE request: opensc buffer overflow | 22 Dec 2010 |
| | Re: [oss-security] CVE Request: MyBB XSS bugs | 22 Dec 2010 |
| | Re: [oss-security] CVE request: Drupal views module CSRF/XSS before 2.11, XSS before 2.12 | 22 Dec 2010 |
| | Re: [oss-security] CVE Request -- D-BUS -- Stack frame overflow by validating message with excessive number of nested variants | 16 Dec 2010 |
| | Re: [oss-security] CVE request: MantisBT <=1.2.3 (db_type) Local File Inclusion Vulnerability | 16 Dec 2010 |
| | Re: [oss-security] CVE request: MantisBT <=1.2.3 (db_type) Cross-Site Scripting & Path Disclosure Vulnerability | 16 Dec 2010 |
| | Re: [oss-security] Subject: [oss-security] CVE request: kernel: install_special_mapping skips security_file_mmap check | 10 Dec 2010 |
| | Re: [oss-security] CVE request: kernel: bfa driver sysfs crash | 09 Dec 2010 |
| | Re: [oss-security] CVE requests: IO::Socket::SSL, cakephp, collectd, gnash, ocrodjvu, hypermail, libcloud, piwigo | 07 Dec 2010 |
| | Re: [oss-security] CVE request: vanilla forums before 2.0.10, xss | 07 Dec 2010 |
| | Re: [oss-security] CVE request: openx unknown vulnerability before 2.8.7 | 06 Dec 2010 |
| | Re: [oss-security] CVE request: vanilla forums before 2.0.10, xss | 06 Dec 2010 |
| | Re: [oss-security] CVE request: kernel: igb panics when receiving tag vlan packet | 06 Dec 2010 |
| | Re: [oss-security] CVE Request -- Xfig: Stack-based buffer overflow by processing FIG image with crafted color definition | 06 Dec 2010 |
| | Re: [oss-security] clamav 0.96.5 released | 03 Dec 2010 |
| | Re: [oss-security] CVE Request -- FontForge: Stack-based buffer overflow by processing specially-crafted CHARSET_REGISTRY font file header | 02 Dec 2010 |
| | Re: [oss-security] CVE request: kernel: failure to revert address limit override in OOPS error path | 02 Dec 2010 |
| | Re: [oss-security] CVE Request -- Wordpress v3.0.2 SQL injection flaw + two minor XSS issues | 02 Dec 2010 |
| Justin Ossevoort |
| | Re: [oss-security] Breaking the links: Exploiting the linker | 15 Dec 2010 |
| Ludwig Nussel |
| | [oss-security] CVE request: opensc buffer overflow | 21 Dec 2010 |
| | Re: [oss-security] Re: CVE Request -- perl-CGI two ids, perl-CGI-Simple one id (CVE-2010-3172 already assigned for Bugzilla part) | 16 Dec 2010 |
| | Re: [oss-security] CVE requests: IO::Socket::SSL, cakephp, collectd, gnash, ocrodjvu, hypermail, libcloud, piwigo | 09 Dec 2010 |
| Maksymilian Arciemowicz |
| | [oss-security] Re: CVE request (PHP 5.3.x getSymbol() DoS; CERT VU#479900) | 08 Dec 2010 |
| | [oss-security] Re: CVE request (PHP 5.3.x getSymbol() DoS; CERT VU#479900) | 07 Dec 2010 |
| Marcus Meissner |
| | [oss-security] CVE Request: local privilege escalation via /sys/kernel/debug/acpi/custom_method | 15 Dec 2010 |
| Mark J Cox |
| | [oss-security] Exim remote root | 10 Dec 2010 |
| Mark Stosberg |
| | [oss-security] Re: CVE Request -- perl-CGI two ids, perl-CGI-Simple one id (CVE-2010-3172 already assigned for Bugzilla part) | 01 Dec 2010 |
| Moritz Muehlenhoff |
| | [oss-security] IO::Socket::SSL perl module: CVE-2010-4501/CVE-2010-4334 dupe | 24 Dec 2010 |
| Nelson Elhage |
| | [oss-security] CVE request: kernel: NULL pointer dereference in AF_ECONET | 09 Dec 2010 |
| | Re: [oss-security] kernel: Dangerous interaction between clear_child_tid, set_fs(), and kernel oopses | 08 Dec 2010 |
| | [oss-security] kernel: Dangerous interaction between clear_child_tid, set_fs(), and kernel oopses | 02 Dec 2010 |
| Nicolas Sebrecht |
| | [oss-security] Re: CVE Request -- OfflineIMAP -- 1), failed to validate remote SSL server certificate 2), allows SSLv2 protocol | 23 Dec 2010 |
| nigel_at_nospam |
| | [oss-security] Exim security issue in historical release | 13 Dec 2010 |
| Petr Matousek |
| | Re: [oss-security] CVE request: kernel: CAN information leak, 2nd attempt | 20 Dec 2010 |
| | [oss-security] CVE request: kernel: CAN information leak, 2nd attempt | 20 Dec 2010 |
| | [oss-security] Subject: [oss-security] CVE request: kernel: install_special_mapping skips security_file_mmap check | 10 Dec 2010 |
| Pierre Joye |
| | Re: [oss-security] Issues without CVE names in PHP 5.3.4/5.2.15 release | 13 Dec 2010 |
| | Re: [oss-security] Issues without CVE names in PHP 5.3.4/5.2.15 release | 13 Dec 2010 |
| | Re: [oss-security] Re: NULL byte poisoning fix in php 5.3.4+ | 09 Dec 2010 |
| | Re: [oss-security] Re: NULL byte poisoning fix in php 5.3.4+ | 09 Dec 2010 |
| | Re: [oss-security] Re: NULL byte poisoning fix in php 5.3.4+ | 09 Dec 2010 |
| | Re: [oss-security] CVE request (PHP 5.3.x getSymbol() DoS; CERT VU#479900) | 08 Dec 2010 |
| Ralf Wildenhues |
| | [oss-security] Re: Breaking the links: Exploiting the linker | 16 Dec 2010 |
| Raphael Geissert |
| | [oss-security] Re: CVE Request -- MHonArc: Improper escaping of certain HTML sequences (XSS) | 22 Dec 2010 |
| | [oss-security] Re: Issues without CVE names in PHP 5.3.4/5.2.15 release | 13 Dec 2010 |
| | [oss-security] CVE requests: IO::Socket::SSL, cakephp, collectd, gnash, ocrodjvu, hypermail, libcloud, piwigo | 07 Dec 2010 |
| Reed Loden |
| | [oss-security] Re: CVE Request -- perl-CGI two ids, perl-CGI-Simple one id (CVE-2010-3172 already assigned for Bugzilla part) | 01 Dec 2010 |
| Robert Seacord |
| | RE: [oss-security] Interesting behavior with struct initiailization | 03 Dec 2010 |
| Rémi Denis-Courmont |
| | [oss-security] Re: Clarifications on the D-Bus specification | 11 Dec 2010 |
| Solar Designer |
| | Re: [oss-security] kernel: Dangerous interaction between clear_child_tid, set_fs(), and kernel oopses | 09 Dec 2010 |
| | Re: [oss-security] [taviso@cmpxchg8b.com: [PATCH] install_special_mapping skips security_file_mmap check.] | 09 Dec 2010 |
| | Re: [oss-security] kernel: Dangerous interaction between clear_child_tid, set_fs(), and kernel oopses | 09 Dec 2010 |
| | Re: [oss-security] kernel: Dangerous interaction between clear_child_tid, set_fs(), and kernel oopses | 08 Dec 2010 |
| | Re: [oss-security] kernel: Dangerous interaction between clear_child_tid, set_fs(), and kernel oopses | 08 Dec 2010 |
| Steven M. Christey |
| | Re: [oss-security] CVE request: kernel: CAN information leak, 2nd attempt | 20 Dec 2010 |
| | Re: [oss-security] Re: NULL byte poisoning fix in php 5.3.4+ | 09 Dec 2010 |
| | Re: [oss-security] Re: NULL byte poisoning fix in php 5.3.4+ | 09 Dec 2010 |
| | Re: [oss-security] CVE requests: IO::Socket::SSL, cakephp, collectd, gnash, ocrodjvu, hypermail, libcloud, piwigo | 09 Dec 2010 |
| | Re: [oss-security] CVE request: vanilla forums before 2.0.10, xss | 06 Dec 2010 |
| | Re: [oss-security] CVE request (PHP 5.3.x getSymbol() DoS; CERT VU#479900) | 06 Dec 2010 |
| | Re: [oss-security] Can I request a cve for pfsense regarding --> "pfSense "graph.php" Cross-Site Scripting Vulnerabilities" | 06 Dec 2010 |
| Tavis Ormandy |
| | [oss-security] [taviso@cmpxchg8b.com: [PATCH] install_special_mapping skips security_file_mmap check.] | 09 Dec 2010 |
| Thomas Biege |
| | [oss-security] clamav 0.96.5 released | 03 Dec 2010 |
| Tim Brown |
| | Re: [oss-security] Re: Breaking the links: Exploiting the linker | 22 Dec 2010 |
| | Re: [oss-security] Re: Breaking the links: Exploiting the linker | 16 Dec 2010 |
| | Re: [oss-security] Breaking the links: Exploiting the linker | 16 Dec 2010 |
| | [oss-security] Breaking the links: Exploiting the linker | 15 Dec 2010 |
| Tomas Hoger |
| | Re: [oss-security] IO::Socket::SSL perl module: CVE-2010-4501/CVE-2010-4334 dupe | 29 Dec 2010 |
| | Re: [oss-security] Breaking the links: Exploiting the linker | 15 Dec 2010 |
| | Re: [oss-security] CVE request (PHP 5.3.x getSymbol() DoS; CERT VU#479900) | 09 Dec 2010 |
| | Re: [oss-security] Re: CVE request (PHP 5.3.x getSymbol() DoS; CERT VU#479900) | 08 Dec 2010 |
| | Re: [oss-security] Re: CVE request (PHP 5.3.x getSymbol() DoS; CERT VU#479900) | 08 Dec 2010 |
| | Re: [oss-security] CVE request (PHP 5.3.x getSymbol() DoS; CERT VU#479900) | 07 Dec 2010 |
| Ulrik Persson |
| | [oss-security] CVE Request: Wireshark | 31 Dec 2010 |
| | [oss-security] CVE Request: MyBB XSS bugs | 20 Dec 2010 |
| Vincent Danen |
| | Re: [oss-security] Issues without CVE names in PHP 5.3.4/5.2.15 release | 13 Dec 2010 |
| | [oss-security] Issues without CVE names in PHP 5.3.4/5.2.15 release | 13 Dec 2010 |
| | Re: [oss-security] CVE request: libvirt when compiled with openvz support has a potential security hole | 08 Dec 2010 |
| | [oss-security] CVE request: libvirt when compiled with openvz support has a potential security hole | 08 Dec 2010 |
| | Re: [oss-security] CVE request (PHP 5.3.x getSymbol() DoS; CERT VU#479900) | 06 Dec 2010 |
| | [oss-security] CVE request (PHP 5.3.x getSymbol() DoS; CERT VU#479900) | 06 Dec 2010 |
