oss-security September 2010 archive
Main Archive Page > Month Archives  > oss-security archives
oss-security: By Subject

oss-security By Subject

SubjectAuthor Date
/proc infoleaks
 Willy Tarreau 13 Sep 2010
 Brad Spengler 08 Sep 2010
 Sebastian Krahmer 08 Sep 2010
 Linus Torvalds 07 Sep 2010
 Brad Spengler 07 Sep 2010
 Andrew Morton 07 Sep 2010
[oss-security] /proc infoleaks
 Sebastian Krahmer 07 Sep 2010
[oss-security] [oCERT-2010-003] Free Simple CMS path sanitization errors
 Josh Bressers 17 Sep 2010
 Andrea Barisani 17 Sep 2010
[oss-security] [oCERT-2010-004] FFmpeg/libavcodec arbitrary offset dereference
 Andrea Barisani 28 Sep 2010
[oss-security] [PATCH 0/2] execve memory exhaust of argument-copying fixes
 KOSAKI Motohiro 09 Sep 2010
[oss-security] [PATCH 0/3] execve argument-copying fixes
 Roland McGrath 08 Sep 2010
[oss-security] [PATCH 0/4] oom fixes for 2.6.36
 KOSAKI Motohiro 16 Sep 2010
[oss-security] [PATCH 1/2] oom: don't ignore rss in nascent mm
 KOSAKI Motohiro 09 Sep 2010
[oss-security] [PATCH 1/3] setup_arg_pages: diagnose excessive argument size
 Roland McGrath 08 Sep 2010
[oss-security] [PATCH 1/4] oom: remove totalpage normalization from oom_badness()
 KOSAKI Motohiro 16 Sep 2010
[oss-security] [PATCH 2/2] execve: check the VM has enough memory at first
 KOSAKI Motohiro 09 Sep 2010
[oss-security] [PATCH 2/3] execve: improve interactivity with large arguments
 Roland McGrath 08 Sep 2010
[oss-security] [PATCH 2/4] Revert "oom: deprecate oom_adj tunable"
 KOSAKI Motohiro 16 Sep 2010
[oss-security] [PATCH 3/3] execve: make responsive to SIGKILL with large arguments
 Roland McGrath 08 Sep 2010
[oss-security] [PATCH 3/4] move cred_guard_mutex from task_struct to signal_struct
 KOSAKI Motohiro 16 Sep 2010
[oss-security] [PATCH 4/4] oom: don't ignore rss in nascent mm
 KOSAKI Motohiro 16 Sep 2010
[oss-security] [PATCH] move cred_guard_mutex from task_struct to signal_struct
 KOSAKI Motohiro 10 Sep 2010
[oss-security] bzip2 CVE-2010-0405 integer overflow
 Solar Designer 21 Sep 2010
[oss-security] CVE Assignment: django
 Josh Bressers 09 Sep 2010
[oss-security] CVE id request for non disclosed issue?
 Josh Bressers 13 Sep 2010
 Kyle Bader 13 Sep 2010
 Pierre Joye 13 Sep 2010
[oss-security] CVE id request: libc fortify source information disclosure
 Dan Rosenberg 02 Sep 2010
 Tomas Hoger 02 Sep 2010
 Dan Rosenberg 02 Sep 2010
 Tomas Hoger 02 Sep 2010
[oss-security] CVE id requests: drupal
 Josh Bressers 13 Sep 2010
 Steffen Joeris 11 Sep 2010
[oss-security] CVE request - kernel: pktcdvd ioctl dev_minor missing range check
 Josh Bressers 28 Sep 2010
 Eugene Teo 28 Sep 2010
[oss-security] CVE request - kernel: prevent heap corruption in snd_ctl_new()
 Josh Bressers 29 Sep 2010
 Eugene Teo 29 Sep 2010
 Marcus Meissner 29 Sep 2010
 Eugene Teo 29 Sep 2010
[oss-security] CVE request - phpCAS: prevent symlink attacks, directory traversal and XSS during a proxy callback
 Joachim Fritschi 29 Sep 2010
[oss-security] CVE Request -- Bip -- Remote Dos (crash) by exchanging user credentials
 Josh Bressers 07 Sep 2010
 Jan Lieskovsky 05 Sep 2010
[oss-security] CVE Request -- EncFS / fuse-encfs [three ids] -- Multiple Vulnerabilities in EncFS
 Josh Bressers 07 Sep 2010
 Jan Lieskovsky 05 Sep 2010
[oss-security] CVE Request -- Horde v3.3.8 -- XSS in icon_browser.php due improper sanitization of 'subdir' URL parameter
 Josh Bressers 07 Sep 2010
 Jan Lieskovsky 06 Sep 2010
[oss-security] CVE Request -- Linux/SCTP DoS in sctp_packet_config()
 Kurt Seifried 27 Sep 2010
 Eugene Teo 25 Sep 2010
 dann frazier 24 Sep 2010
[oss-security] CVE Request -- MySQL v5.1.49 -- multiple DoS flaws
 Steven M. Christey 28 Sep 2010
 Josh Bressers 22 Sep 2010
 Josh Bressers 11 Sep 2010
[oss-security] CVE Request -- phpMyAdmin (x < v3.3.7) -- XSS in setup script (PMASA-2010-7)
 Steven M. Christey 08 Sep 2010
 Jan Lieskovsky 08 Sep 2010
[oss-security] CVE Request -- phpMyAdmin - v3.6.6 -- XSS attack using debugging messages (CVE-2010-3056 discussion)
 Josh Bressers 01 Sep 2010
 Jan Lieskovsky 01 Sep 2010
[oss-security] CVE Request -- Python -- accept() implementation in async core is broken => more subcases
 Steven M. Christey 24 Sep 2010
 Josh Bressers 22 Sep 2010
 Josh Bressers 11 Sep 2010
 Jan Lieskovsky 09 Sep 2010
[oss-security] CVE Request -- Squid -- Denial of service due internal error in string handling (SQUID-2010:3)
 Josh Bressers 07 Sep 2010
 Jan Lieskovsky 05 Sep 2010
[oss-security] CVE Request 1, NSS 2, Qt: Doesn't handle wildcards in Common Name properly
 Tomas Hoger 27 Sep 2010
 Florian Weimer 06 Sep 2010
 Richard Moore 05 Sep 2010
 Joe Orton 04 Sep 2010
 Reed Loden 03 Sep 2010
 Julien Cristau 03 Sep 2010
 Reed Loden 03 Sep 2010
 Jan Lieskovsky 03 Sep 2010
[oss-security] CVE request: clamav < 0.96.3 pdf bounds checking
 Ludwig Nussel 28 Sep 2010
 Ludwig Nussel 28 Sep 2010
 Josh Bressers 27 Sep 2010
 Hanno Böck 22 Sep 2010
[oss-security] CVE request: egroupware remote code and xss
 Josh Bressers 21 Sep 2010
 Hanno Böck 20 Sep 2010
[oss-security] CVE request: epiphany not checking ssl certs
 Josh Bressers 21 Sep 2010
 Ludwig Nussel 20 Sep 2010
 Michael Gilbert 17 Sep 2010
 Steven M. Christey 17 Sep 2010
 Josh Bressers 17 Sep 2010
 Tomas Hoger 17 Sep 2010
 Hanno Böck 17 Sep 2010
[oss-security] CVE request: Horde Gollem <1.1.2 XSS in view.php
 Alex Legler 30 Sep 2010
 Moritz Muehlenhoff 30 Sep 2010
 Josh Bressers 30 Sep 2010
 Alex Legler 29 Sep 2010
[oss-security] CVE request: kernel: Heap corruption in ROSE
 Eugene Teo 21 Sep 2010
 Dan Rosenberg 21 Sep 2010
[oss-security] CVE request: kernel: niu buffer overflow for ETHTOOL_GRXCLSRLALL
 Josh Bressers 11 Sep 2010
 Eugene Teo 09 Sep 2010
[oss-security] CVE request: kernel: numerous infoleaks
 Dan Rosenberg 15 Sep 2010
 Josh Bressers 14 Sep 2010
 Eugene Teo 14 Sep 2010
[oss-security] CVE request: kernel: xfs: XFS_IOC_FSGETXATTR ioctl memory leak
 Josh Bressers 07 Sep 2010
 Eugene Teo 07 Sep 2010
[oss-security] CVE Request: mailman
 Steven M. Christey 13 Sep 2010
 Josh Bressers 13 Sep 2010
 Steven M. Christey 13 Sep 2010
 Josh Bressers 13 Sep 2010
 Huzaifa Sidhpurwala 13 Sep 2010
[oss-security] CVE request: mailscanner, multiple vulnerabilities
 Josh Bressers 13 Sep 2010
 Raphael Geissert 11 Sep 2010
[oss-security] CVE request: mantis before 1.2.3 (XSS)
 Josh Bressers 16 Sep 2010
 Kurt Seifried 14 Sep 2010
 Kurt Seifried 14 Sep 2010
 Hanno Böck 14 Sep 2010
 Hanno Böck 14 Sep 2010
[oss-security] CVE request: mednafen stack manipulation
 Josh Bressers 11 Sep 2010
 Hanno Böck 09 Sep 2010
[oss-security] CVE request: multiple kernel stack memory disclosures
 Josh Bressers 27 Sep 2010
 Dan Rosenberg 25 Sep 2010
[oss-security] CVE request: padding oracle attack: ruby on rails 2.3, owasp esapi
 Michael Koziarski 21 Sep 2010
 Steven M. Christey 21 Sep 2010
 Michael Koziarski 21 Sep 2010
 Thomas Biege 21 Sep 2010
 Josh Bressers 14 Sep 2010
 Thomas Biege 14 Sep 2010
[oss-security] CVE Request: pidgin-knotify remote command injection
 Josh Bressers 13 Sep 2010
 Alex Legler 12 Sep 2010
[oss-security] CVE request: pixelpost
 Josh Bressers 17 Sep 2010
 Raphael Geissert 17 Sep 2010
[oss-security] CVE request: smbind Sql Injection
 Josh Bressers 07 Sep 2010
 Giuseppe Iuculano 05 Sep 2010
[oss-security] CVE request: weborf: directory traversal
 Josh Bressers 17 Sep 2010
 Raphael Geissert 17 Sep 2010
[oss-security] CVE request: XSS in nusoap
 Josh Bressers 07 Sep 2010
 Raphael Geissert 03 Sep 2010
[oss-security] CVE request: xss in pecl-apc before 3.1.4
 Pierre Joye 14 Sep 2010
 Josh Bressers 14 Sep 2010
 Hanno Böck 14 Sep 2010
[oss-security] CVE requests: POE::Component::IRC, Alien Arena, Babiloo, Typo3, abcm2ps, ModSecurity, Linux kernel
 Josh Bressers 30 Sep 2010
 Eugene Teo 30 Sep 2010
 Moritz Muehlenhoff 29 Sep 2010
 Steven M. Christey 28 Sep 2010
 Steven M. Christey 28 Sep 2010
 Josh Bressers 28 Sep 2010
 Eugene Teo 28 Sep 2010
 Moritz Muehlenhoff 27 Sep 2010
[oss-security] CVE requests: Poppler, Quassel, Pyfribidi, Overkill, DocUtils, FireGPG, Wireshark
 Josh Bressers 29 Sep 2010
 Moritz Muehlenhoff 29 Sep 2010
[oss-security] CVE-2010-2954 kernel: irda null ptr deref
 Eugene Teo 01 Sep 2010
[oss-security] CVE-2010-2960 kernel: keyctl_session_to_parent null ptr deref
 Eugene Teo 02 Sep 2010
[oss-security] CVE-2010-3080 kernel: /dev/sequencer open failure is not handled correctly
 Eugene Teo 08 Sep 2010
[oss-security] CVE-2010-3081 kernel: 64-bit Compatibility Mode Stack Pointer Underflow
 Eugene Teo 16 Sep 2010
[oss-security] CVE-2010-3301 kernel: IA32 System Call Entry Point Vulnerability
 Eugene Teo 16 Sep 2010
 Eugene Teo 16 Sep 2010
[oss-security] CVE-identifier request for Dovecot ACL security bug
 Josh Bressers 16 Sep 2010
 Henri Salo 16 Sep 2010
[oss-security] Interesting kernel bug
 Dan Rosenberg 24 Sep 2010
[oss-security] Minor security flaw with pam_xauth
 Solar Designer 27 Sep 2010
 Josh Bressers 27 Sep 2010
 Solar Designer 27 Sep 2010
 Vincent Danen 27 Sep 2010
 Vincent Danen 27 Sep 2010
 Solar Designer 24 Sep 2010
 Josh Bressers 21 Sep 2010
 Solar Designer 21 Sep 2010
 Josh Bressers 21 Sep 2010
 Steven M. Christey 21 Sep 2010
 Josh Bressers 21 Sep 2010
 Solar Designer 21 Sep 2010
[oss-security] RFC: changing the behaviour of ld.so(8) regarding empty items on LD_LIBRARY_PATH
 Tim Brown 29 Sep 2010
 Raphael Geissert 28 Sep 2010
[oss-security] Small exposure in ocfs2 fast symlinks.
 Joel Becker 30 Sep 2010
 Greg KH 30 Sep 2010
 Joel Becker 30 Sep 2010
[PATCH 0/3] execve argument-copying fixes
 KOSAKI Motohiro 08 Sep 2010
[PATCH 1/2] oom: don't ignore rss in nascent mm
 Roland McGrath 10 Sep 2010
[PATCH 1/3] setup_arg_pages: diagnose excessive argument size
 pageexec_at_nospam 15 Sep 2010
 Roland McGrath 14 Sep 2010
 pageexec_at_nospam 14 Sep 2010
 pageexec_at_nospam 14 Sep 2010
 Roland McGrath 14 Sep 2010
 pageexec_at_nospam 14 Sep 2010
 Roland McGrath 14 Sep 2010
 Roland McGrath 14 Sep 2010
 pageexec_at_nospam 11 Sep 2010
 pageexec_at_nospam 11 Sep 2010
 KOSAKI Motohiro 10 Sep 2010
 Roland McGrath 10 Sep 2010
 Roland McGrath 10 Sep 2010
 Roland McGrath 10 Sep 2010
 KOSAKI Motohiro 09 Sep 2010
[PATCH 1/4] oom: remove totalpage normalization from oom_badness()
 Pekka Enberg 16 Sep 2010
 KOSAKI Motohiro 16 Sep 2010
 David Rientjes 16 Sep 2010
[PATCH 2/2] execve: check the VM has enough memory at first
 Linus Torvalds 16 Sep 2010
 KOSAKI Motohiro 16 Sep 2010
 KOSAKI Motohiro 14 Sep 2010
 Linus Torvalds 10 Sep 2010
[PATCH 4/4] oom: don't ignore rss in nascent mm
 KOSAKI Motohiro 27 Sep 2010
 Oleg Nesterov 16 Sep 2010
[PATCH] move cred_guard_mutex from task_struct to signal_struct
 KOSAKI Motohiro 16 Sep 2010
 Oleg Nesterov 10 Sep 2010
[Security] /proc infoleaks
 Andrew Morton 07 Sep 2010
 Jon Oberheide 07 Sep 2010
 Marcus Meissner 07 Sep 2010
 Andrew Morton 07 Sep 2010
 Sebastian Krahmer 07 Sep 2010
CVE Request -- EncFS / fuse-encfs [three ids] -- Multiple Vulnerabilities in EncFS
 Valient Gough 06 Sep 2010
CVE request: pixelpost
 Raphael Geissert 17 Sep 2010