oss-security December 2011 archive
Main Archive Page > Month Archives  > oss-security archives
oss-security: By Author

oss-security By Author

AuthorSubject Date
Andrea Barisani
 Re: [oss-security] More CVEs? (was Re: [oss-security] [oCERT-2011-003] multiple implementations denial-of-service via hash algorithm collision)29 Dec 2011
 [oss-security] Re: [oCERT-2011-003] multiple implementations denial-of-service via hash algorithm collision29 Dec 2011
 [oss-security] [oCERT-2011-003] multiple implementations denial-of-service via hash algorithm collision28 Dec 2011
Billy Brumley
 [oss-security] CVE-2011-4354 OpenSSL 0.9.8g (32-bit builds) bug leaks ECC private keys01 Dec 2011
cve-assign_at_nospam
 [oss-security] Re: More CVEs? (was Re: [oCERT-2011-003] multiple implementations denial-of-service via hash algorithm collision)30 Dec 2011
David Jorm
 Re: [oss-security] More CVEs? (was Re: [oss-security] [oCERT-2011-003] multiple implementations denial-of-service via hash algorithm collision)29 Dec 2011
 [oss-security] CVE Request for Apache ActiveMQ DoS25 Dec 2011
 [oss-security] CSRF in the JBoss AS 7 administration console & HTTP management API - CVE-2011-360902 Dec 2011
 [oss-security] DOM based XSS in the JBoss AS 7 administration console - CVE-2011-360602 Dec 2011
dishix
 [oss-security] CVE request: CSRF in xt:commerce 3.04 SP2.103 Dec 2011
Eugene Teo
 Re: [oss-security] Status of two Linux kernel issues w/o CVE assignments24 Dec 2011
 Re: [oss-security] Status of two Linux kernel issues w/o CVE assignments24 Dec 2011
 [oss-security] CVE request - kernel: perf, powerpc: Handle events that raise an exception without overflowing15 Dec 2011
Florian Weimer
 Re: [oss-security] CVE-2011-4862 is not BSD-specific26 Dec 2011
 [oss-security] CVE-2011-4862 is not BSD-specific25 Dec 2011
Hanno Böck
 Re: [oss-security] More CVEs? (was Re: [oss-security] [oCERT-2011-003] multiple implementations denial-of-service via hash algorithm collision)30 Dec 2011
 [oss-security] More CVEs? (was Re: [oss-security] [oCERT-2011-003] multiple implementations denial-of-service via hash algorithm collision)29 Dec 2011
 Re: [oss-security] CVE-request: Serendipity 'serendipity[filter][bp.ALT]' Cross-Site Scripting vulnerability04 Dec 2011
Henri Salo
 [oss-security] CVE-request: Elxis CMS two XSS-vulnerabilities30 Dec 2011
 [oss-security] CVE-request: Joomla com_mailto automated mail timeout bypass (2009)25 Dec 2011
 [oss-security] CVE-request for three 2009 Joomla issues (second part)25 Dec 2011
 [oss-security] CVE-request for three 2009 Joomla issues25 Dec 2011
 [oss-security] CVE-request 2006: Joomla Web Link Submission title Parameter SQL injection24 Dec 2011
 [oss-security] CVE-request: WordPress flash-album-gallery plugin facebook.php XSS22 Dec 2011
 [oss-security] CVE-request: WordPress advanced-text-widget XSS advancedtext.php?page=18 Dec 2011
 [oss-security] CVE-request WordPress pretty-link plugin 1.5.2 XSS08 Dec 2011
 [oss-security] C|Net Download.Com is now bundling Nmap with malware!06 Dec 2011
 Re: [oss-security] CVE-request: Serendipity 'serendipity[filter][bp.ALT]' Cross-Site Scripting vulnerability01 Dec 2011
 Re: [oss-security] CVE-request: Serendipity 'serendipity[filter][bp.ALT]' Cross-Site Scripting vulnerability01 Dec 2011
 [oss-security] CVE-request: Serendipity 'serendipity[filter][bp.ALT]' Cross-Site Scripting vulnerability01 Dec 2011
Huzaifa Sidhpurwala
 Re: [oss-security] CVE-2011-4862 is not BSD-specific26 Dec 2011
 Re: [oss-security] CVE-2011-4862 is not BSD-specific26 Dec 2011
 [oss-security] OpenIPMI: IPMI event daemon creates PID file with world writeable permissions13 Dec 2011
Jamie Strandboge
 Re: [oss-security] RE: [Icecast-dev] Security issue in icecast15 Dec 2011
 [oss-security] Security issue in icecast15 Dec 2011
Jan Lieskovsky
 Re: [oss-security] CVE Request -- rsyslog -- DoS due integer signedness error while extending rsyslog counted string buffer22 Dec 2011
 [oss-security] CVE Request -- rsyslog -- DoS due integer signedness error while extending rsyslog counted string buffer22 Dec 2011
 [oss-security] CVE Request -- Asterisk -- AST-2011-013 and AST-2011-01409 Dec 2011
Jeff Mitchell
 Re: [oss-security] Disputing CVE-2011-412227 Dec 2011
 Re: [oss-security] Disputing CVE-2011-412208 Dec 2011
 Re: [oss-security] Disputing CVE-2011-412208 Dec 2011
 Re: [oss-security] Disputing CVE-2011-412208 Dec 2011
 [oss-security] Disputing CVE-2011-412207 Dec 2011
Kurt Seifried
 Re: [oss-security] mpack 1.6 allows eavesdropping on mails sent by other users31 Dec 2011
 Re: [oss-security] CVE-request: Elxis CMS two XSS-vulnerabilities31 Dec 2011
 Re: [oss-security] More CVEs? (was Re: [oss-security] [oCERT-2011-003] multiple implementations denial-of-service via hash algorithm collision)29 Dec 2011
 Re: [oss-security] Status of two Linux kernel issues w/o CVE assignments28 Dec 2011
 Re: [oss-security] Status of two Linux kernel issues w/o CVE assignments28 Dec 2011
 Re: [oss-security] CVE request: kernel: multiple issues in ROSE28 Dec 2011
 [oss-security] Re: closed-list28 Dec 2011
 Re: [oss-security] CVE-2011-4862 is not BSD-specific25 Dec 2011
 Re: [oss-security] CVE-request: Joomla com_mailto automated mail timeout bypass (2009)25 Dec 2011
 Re: [oss-security] CVE-request for three 2009 Joomla issues (second part)25 Dec 2011
 Re: [oss-security] CVE-request for three 2009 Joomla issues25 Dec 2011
 Re: [oss-security] CVE Request for Apache ActiveMQ DoS25 Dec 2011
 Re: [oss-security] CVE-request 2006: Joomla Web Link Submission title Parameter SQL injection24 Dec 2011
 Re: [oss-security] CVE request: simplesamlphp / Typo324 Dec 2011
 Re: [oss-security] Status of two Linux kernel issues w/o CVE assignments23 Dec 2011
 Re: [oss-security] CVE-request: WordPress flash-album-gallery plugin facebook.php XSS23 Dec 2011
 Re: [oss-security] CVE request: simplesamlphp / Typo323 Dec 2011
 Re: [oss-security] CVE Request -- rsyslog -- DoS due integer signedness error while extending rsyslog counted string buffer22 Dec 2011
 Re: [oss-security] kernel: kvm: pit timer with no irqchip crashes the system21 Dec 2011
 Re: [oss-security] CVE Request -- kernel: tight loop and no preemption can cause system stall21 Dec 2011
 [oss-security] plib ulSetError() buffer overflow - CVE-2011-462021 Dec 2011
 Re: [oss-security] CVE assignment from previous years21 Dec 2011
 Re: [oss-security] CVE assignment from previous years20 Dec 2011
 [oss-security] CVE request -- coreutils -- tty hijacking possible in "su" via TIOCSTI, ioctl20 Dec 2011
 Re: [oss-security] CVE-request: WordPress advanced-text-widget XSS advancedtext.php?page=19 Dec 2011
 Re: [oss-security] CVE id request: python-virtualenv19 Dec 2011
 Re: [oss-security] CVE id request: python-virtualenv19 Dec 2011
 [oss-security] CVE for HTML-Template-Pro 0.9506 XSS19 Dec 2011
 Re: [oss-security] CVE request: zabbix persistent XSS flaw16 Dec 2011
 [oss-security] TYPO3 typo3-core-sa-2011-00416 Dec 2011
 Re: [oss-security] CVE request: bypass default security level of the X wrapper (xserver-xorg <= 1:7.5+8)15 Dec 2011
 Re: [oss-security] Security issue in icecast15 Dec 2011
 Re: [oss-security] CVE request - kernel: perf, powerpc: Handle events that raise an exception without overflowing15 Dec 2011
 Re: [oss-security] CVE request: putty does not wipe keyboard-interactive replies from memory after authentication12 Dec 2011
 Re: [oss-security] CVE request: rocksndiamonds world-writable working/config directory12 Dec 2011
 Fwd: Re: [oss-security] cve request: bat_socket_read memory corruption12 Dec 2011
 Re: [oss-security] cve request: bat_socket_read memory corruption10 Dec 2011
 Re: [oss-security] CVE request: Pidgin crash10 Dec 2011
 Re: [oss-security] CVE Request: icu out of bounds access09 Dec 2011
 Re: [oss-security] CVE Request -- Asterisk -- AST-2011-013 and AST-2011-01409 Dec 2011
 Re: [oss-security] Disputing CVE-2011-412208 Dec 2011
 Re: [oss-security] Disputing CVE-2011-412208 Dec 2011
 Re: [oss-security] CVE-request WordPress pretty-link plugin 1.5.2 XSS08 Dec 2011
 Re: [oss-security] CVE Request -- kernel: send(m)msg: user pointer dereferences08 Dec 2011
 Re: [oss-security] CVE request: Moodle 1.9.15/2.0.6/2.1.3 releases07 Dec 2011
 Re: [oss-security] CVE request: glibc: timezone integer overflow07 Dec 2011
 Re: [oss-security] Disputing CVE-2011-412207 Dec 2011
 Re: [oss-security] CVE request: includeViewParameters re-evaluates param/model values as EL expressions on Mojarra/MyFaces07 Dec 2011
 Re: [oss-security] CVE Request: ffmpeg07 Dec 2011
 [oss-security] acpid - possible issue in socket handling06 Dec 2011
 Re: [oss-security] CVE request: acpid06 Dec 2011
 Re: [oss-security] CVE-request: Serendipity 'serendipity[filter][bp.ALT]' Cross-Site Scripting vulnerability04 Dec 2011
 Re: [oss-security] CVE request: CSRF in xt:commerce 3.04 SP2.104 Dec 2011
 Re: [oss-security] CVE Request: ffmpeg04 Dec 2011
 Re: [oss-security] CVE-request: Serendipity 'serendipity[filter][bp.ALT]' Cross-Site Scripting vulnerability01 Dec 2011
 Re: [oss-security] CVE-request: Serendipity 'serendipity[filter][bp.ALT]' Cross-Site Scripting vulnerability01 Dec 2011
 Re: [oss-security] CVE-request: Serendipity 'serendipity[filter][bp.ALT]' Cross-Site Scripting vulnerability01 Dec 2011
 Re: [oss-security] CVE-request: Serendipity 'serendipity[filter][bp.ALT]' Cross-Site Scripting vulnerability01 Dec 2011
Kyle Creyts
 Re: [oss-security] CVE Request -- rsyslog -- DoS due integer signedness error while extending rsyslog counted string buffer22 Dec 2011
Ludwig Nussel
 [oss-security] CVE Request: icu out of bounds access09 Dec 2011
Marc Deslauriers
 Re: [oss-security] CVE Request: ffmpeg05 Dec 2011
 [oss-security] CVE Request: ffmpeg04 Dec 2011
Mark Doliner
 [oss-security] CVE request: Pidgin crash10 Dec 2011
Matthias Weckbecker
 [oss-security] CVE request: glibc: timezone integer overflow05 Dec 2011
Michael Gilbert
 Re: [oss-security] Status of two Linux kernel issues w/o CVE assignments23 Dec 2011
Moritz Muehlenhoff
 [oss-security] CVE request: simplesamlphp / Typo323 Dec 2011
 [oss-security] Status of two Linux kernel issues w/o CVE assignments22 Dec 2011
 [oss-security] CVE request: acpid06 Dec 2011
Moritz Mühlenhoff
 Re: [oss-security] CVE request: simplesamlphp / Typo323 Dec 2011
Nico Golde
 Re: [oss-security] CVE id request: python-virtualenv19 Dec 2011
 [oss-security] CVE id request: python-virtualenv19 Dec 2011
oss-security-help_at_nospam
 ezmlm warning04 Dec 2011
Paul
 Re: [oss-security] cve request: bat_socket_read memory corruption10 Dec 2011
 [oss-security] cve request: bat_socket_read memory corruption10 Dec 2011
Petr Matousek
 [oss-security] CVE-2011-4127 kernel: possible privilege escalation via SG_IO ioctl22 Dec 2011
 Re: [oss-security] kernel: kvm: pit timer with no irqchip crashes the system21 Dec 2011
 [oss-security] kernel: kvm: pit timer with no irqchip crashes the system21 Dec 2011
 [oss-security] CVE Request -- kernel: tight loop and no preemption can cause system stall21 Dec 2011
 [oss-security] CVE Request -- kernel: send(m)msg: user pointer dereferences08 Dec 2011
Sebastian Krahmer
 Re: [oss-security] Disputing CVE-2011-412228 Dec 2011
Sebastian Pipping
 Re: [oss-security] mpack 1.6 allows eavesdropping on mails sent by other users31 Dec 2011
 [oss-security] mpack 1.6 allows eavesdropping on mails sent by other users31 Dec 2011
Secunia Research
 RE: [oss-security] CVE-request: Serendipity 'serendipity[filter][bp.ALT]' Cross-Site Scripting vulnerability01 Dec 2011
Solar Designer
 Re: [oss-security] Closed list29 Dec 2011
 Re: [oss-security] [oCERT-2011-003] multiple implementations denial-of-service via hash algorithm collision29 Dec 2011
 [oss-security] Re: closed-list29 Dec 2011
 Re: [oss-security] Disputing CVE-2011-412227 Dec 2011
 Re: [oss-security] Disputing CVE-2011-412223 Dec 2011
 Re: [oss-security] Status of two Linux kernel issues w/o CVE assignments23 Dec 2011
 Re: [oss-security] linux-distros list setup update13 Dec 2011
 Re: [oss-security] non-Linux advance notification list09 Dec 2011
Steven M. Christey
 Re: [oss-security] CVE assignment from previous years20 Dec 2011
Thomas.Rucker_at_nospam
 [oss-security] RE: [Icecast-dev] Security issue in icecast15 Dec 2011
Tim Sammut
 [oss-security] CVE assignment from previous years20 Dec 2011
Tomas Hoger
 Re: [oss-security] More CVEs? (was Re: [oss-security] [oCERT-2011-003] multiple implementations denial-of-service via hash algorithm collision)30 Dec 2011
Vasiliy Kulikov
 Re: [oss-security] Status of two Linux kernel issues w/o CVE assignments27 Dec 2011
Vincent Danen
 [oss-security] CVE request: zabbix persistent XSS flaw16 Dec 2011
 [oss-security] CVE request: putty does not wipe keyboard-interactive replies from memory after authentication12 Dec 2011
 [oss-security] CVE request: rocksndiamonds world-writable working/config directory12 Dec 2011
 [oss-security] CVE request: Moodle 1.9.15/2.0.6/2.1.3 releases07 Dec 2011
vladz
 [oss-security] CVE request: bypass default security level of the X wrapper (xserver-xorg <= 1:7.5+8)15 Dec 2011