oss-security June 2011 archive
| Main Archive Page > Month Archives > oss-security archives |
oss-security By Subject
| Subject | Author | Date |
| [oss-security] /bin/su (was: CVE request -- coreutils -- tty hijacking possible in "su" via TIOCSTI ioctl) | ||
| Karel Zak | 20 Jun 2011 | |
| Nicolas François | 15 Jun 2011 | |
| Nicolas François | 15 Jun 2011 | |
| Ondrej Vasik | 15 Jun 2011 | |
| Luka Marinko | 15 Jun 2011 | |
| Ludwig Nussel | 15 Jun 2011 | |
| [oss-security] [CVE-2011-2186] [PATCH] gitweb: Enable $prevent_xss by default | ||
| Jakub Narebski | 14 Jun 2011 | |
| [oss-security] [CVE-2011-2186] XSS security issue in gitweb for 'blob_plain' view with HTML files | ||
| Jakub Narebski | 14 Jun 2011 | |
| Ludwig Nussel | 14 Jun 2011 | |
| [oss-security] Bug#629511: Info received (CVE Request -- Data-FormValidator -- Reports invalid field as valid when untaint_all_constraints used) | ||
| Debian Bug Tracking System | 12 Jun 2011 | |
| [oss-security] Bug#629938: Info received (CVE Request -- dbus -- Local DoS via messages with non-native byte order) | ||
| Debian Bug Tracking System | 12 Jun 2011 | |
| [oss-security] Bug#631818: Info received (CVE Request -- DokuWiki -- XSS in DokuWiki's RSS embedding mechanism) | ||
| Debian Bug Tracking System | 28 Jun 2011 | |
| [oss-security] Closed list | ||
| Tomas Hoger | 16 Jun 2011 | |
| Tomas Hoger | 16 Jun 2011 | |
| akuster | 01 Jun 2011 | |
| Solar Designer | 01 Jun 2011 | |
| Solar Designer | 01 Jun 2011 | |
| [oss-security] CVE Request -- Cherokee -- server admin vulnerable to csrf | ||
| Josh Bressers | 06 Jun 2011 | |
| dave b | 03 Jun 2011 | |
| Jan Lieskovsky | 02 Jun 2011 | |
| [oss-security] CVE Request -- Coppermine Photo Gallery -- cpg1.4.27 / cpg1.5.12 -- XSS flaw | ||
| Josh Bressers | 08 Jun 2011 | |
| Jan Lieskovsky | 08 Jun 2011 | |
| [oss-security] CVE request -- coreutils -- tty hijacking possible in "su" via TIOCSTI ioctl | ||
| Ludwig Nussel | 28 Jun 2011 | |
| Todd C. Miller | 22 Jun 2011 | |
| Ludwig Nussel | 22 Jun 2011 | |
| Josh Bressers | 21 Jun 2011 | |
| Ludwig Nussel | 21 Jun 2011 | |
| Bernhard Rosenkraenzer | 10 Jun 2011 | |
| Ludwig Nussel | 10 Jun 2011 | |
| Ludwig Nussel | 09 Jun 2011 | |
| Josh Bressers | 08 Jun 2011 | |
| daniel_at_nospam | 06 Jun 2011 | |
| Michael Gilbert | 06 Jun 2011 | |
| Josh Bressers | 06 Jun 2011 | |
| Jan Lieskovsky | 02 Jun 2011 | |
| [oss-security] CVE Request -- Data-FormValidator -- Reports invalid field as valid when untaint_all_constraints used | ||
| Josh Bressers | 13 Jun 2011 | |
| Jan Lieskovsky | 12 Jun 2011 | |
| [oss-security] CVE Request -- dbus -- Local DoS via messages with non-native byte order | ||
| Josh Bressers | 13 Jun 2011 | |
| Jan Lieskovsky | 12 Jun 2011 | |
| [oss-security] CVE Request -- DokuWiki -- XSS in DokuWiki's RSS embedding mechanism | ||
| Josh Bressers | 29 Jun 2011 | |
| Jan Lieskovsky | 28 Jun 2011 | |
| [oss-security] CVE Request -- fabric -- Use of insecure temporary file by uploading templates and projects to remote hosts | ||
| Josh Bressers | 06 Jun 2011 | |
| Jan Lieskovsky | 03 Jun 2011 | |
| [oss-security] CVE request -- libvirt: regression introduced in disk probe logic | ||
| Josh Bressers | 02 Jun 2011 | |
| Petr Matousek | 01 Jun 2011 | |
| [oss-security] CVE Request -- libvoikko -- DoS of application linked against libvoikko due improper handling of embedded null characters in input strings | ||
| Josh Bressers | 13 Jun 2011 | |
| Jan Lieskovsky | 13 Jun 2011 | |
| [oss-security] CVE Request -- LuaExpat -- Prone to XML "billion laughs attack" | ||
| Josh Bressers | 06 Jun 2011 | |
| Jan Lieskovsky | 06 Jun 2011 | |
| [oss-security] CVE Request -- OpenOffice.org -- InteVyDis Demo of OpenOffice 0day. Released with VulnDisco 8.8 pack (release date May,2009) | ||
| Josh Bressers | 02 Jun 2011 | |
| Jan Lieskovsky | 01 Jun 2011 | |
| [oss-security] CVE Request -- vsftpd -- Do not create network namespace per connection | ||
| Eugene Teo | 06 Jun 2011 | |
| Josh Bressers | 06 Jun 2011 | |
| Jan Lieskovsky | 06 Jun 2011 | |
| Jan Lieskovsky | 06 Jun 2011 | |
| [oss-security] CVE Request -- vte -- Excessive memory and CPU use by processing certain character sequences | ||
| Josh Bressers | 13 Jun 2011 | |
| Jan Lieskovsky | 09 Jun 2011 | |
| [oss-security] CVE Request -- WebSVN -- execCommand() remote commands injection vulnerability | ||
| Josh Bressers | 08 Jun 2011 | |
| Jan Lieskovsky | 07 Jun 2011 | |
| [oss-security] CVE Request -- xscreensaver -- exits when activated | ||
| Josh Bressers | 06 Jun 2011 | |
| Jan Lieskovsky | 03 Jun 2011 | |
| [oss-security] CVE Request / Discussion -- dirmngr -- Improper dealing with blocking system calls, when verifying a certificate | ||
| Josh Bressers | 15 Jun 2011 | |
| Bernhard Reiter | 15 Jun 2011 | |
| Josh Bressers | 06 Jun 2011 | |
| Jan Lieskovsky | 03 Jun 2011 | |
| [oss-security] CVE request for fetchmail STARTTLS hang (Denial of Service) | ||
| Matthias Andree | 01 Jun 2011 | |
| [oss-security] CVE request for libpng regression (CVE-2004-0421) | ||
| Josh Bressers | 28 Jun 2011 | |
| Vincent Danen | 27 Jun 2011 | |
| [oss-security] CVE request for Wireshark 1.4.5 TCP DoS issue | ||
| Josh Bressers | 01 Jun 2011 | |
| [oss-security] CVE request for Wireshark 1.4.6/1.2.16 Multiple DoS issues | ||
| Josh Bressers | 01 Jun 2011 | |
| Huzaifa Sidhpurwala | 01 Jun 2011 | |
| [oss-security] CVE request: Alpha kernel issues | ||
| Eugene Teo | 14 Jun 2011 | |
| Moritz Muehlenhoff | 13 Jun 2011 | |
| [oss-security] CVE request: buffer overflow in tftp-hpa | ||
| Josh Bressers | 13 Jun 2011 | |
| Timo Warns | 11 Jun 2011 | |
| [oss-security] CVE request: crypt_blowfish 8-bit character mishandling | ||
| Solar Designer | 29 Jun 2011 | |
| Michael Matz | 28 Jun 2011 | |
| Solar Designer | 27 Jun 2011 | |
| Solar Designer | 27 Jun 2011 | |
| Michael Matz | 27 Jun 2011 | |
| Ludwig Nussel | 27 Jun 2011 | |
| Djalal Harouni | 24 Jun 2011 | |
| Solar Designer | 24 Jun 2011 | |
| Solar Designer | 23 Jun 2011 | |
| Ludwig Nussel | 22 Jun 2011 | |
| Solar Designer | 21 Jun 2011 | |
| Vincent Danen | 21 Jun 2011 | |
| Solar Designer | 21 Jun 2011 | |
| Vincent Danen | 21 Jun 2011 | |
| Solar Designer | 21 Jun 2011 | |
| Vincent Danen | 21 Jun 2011 | |
| Solar Designer | 21 Jun 2011 | |
| Vincent Danen | 21 Jun 2011 | |
| Ludwig Nussel | 21 Jun 2011 | |
| Josh Bressers | 21 Jun 2011 | |
| Solar Designer | 21 Jun 2011 | |
| The Fungi | 20 Jun 2011 | |
| Solar Designer | 20 Jun 2011 | |
| The Fungi | 20 Jun 2011 | |
| Solar Designer | 20 Jun 2011 | |
| Daniel Godás | 20 Jun 2011 | |
| Solar Designer | 20 Jun 2011 | |
| [oss-security] CVE request: FreeBSD/NetBSD 802.11 kernel memory disclosure | ||
| Josh Bressers | 20 Jun 2011 | |
| Dan Rosenberg | 20 Jun 2011 | |
| Josh Bressers | 20 Jun 2011 | |
| Dan Rosenberg | 16 Jun 2011 | |
| [oss-security] CVE request: Joomla unspecified information disclosure vulnerability | ||
| Henri Salo | 27 Jun 2011 | |
| YGN Ethical Hacker Group | 27 Jun 2011 | |
| Josh Bressers | 23 Jun 2011 | |
| Henri Salo | 20 Jun 2011 | |
| [oss-security] CVE Request: Joomla! 1.6.3 and lower | Multiple Cross Site Scripting (XSS) Vulnerabilities | ||
| Josh Bressers | 29 Jun 2011 | |
| YGN Ethical Hacker Group | 28 Jun 2011 | |
| [oss-security] CVE request: kernel: alpha: fix several security issues | ||
| Josh Bressers | 15 Jun 2011 | |
| Eugene Teo | 13 Jun 2011 | |
| [oss-security] CVE request: kernel: bluetooth: l2cap and rfcomm: fix 1 byte infoleak to userspace | ||
| Murray McAllister | 24 Jun 2011 | |
| Eugene Teo | 24 Jun 2011 | |
| [oss-security] CVE request: kernel: ext4: init timer earlier to avoid a kernel panic in __save_error_info | ||
| Eugene Teo | 24 Jun 2011 | |
| Kees Cook | 23 Jun 2011 | |
| [oss-security] CVE request: kernel: fs/partitions: Kernel heap overflow via corrupted LDM partition tables | ||
| Timo Warns | 05 Jun 2011 | |
| Eugene Teo | 03 Jun 2011 | |
| [oss-security] CVE request: kernel: hfs_find_init() sb->ext_tree NULL pointer dereference | ||
| Josh Bressers | 13 Jun 2011 | |
| Eugene Teo | 13 Jun 2011 | |
| [oss-security] CVE request: kernel: inet_diag: fix inet_diag_bc_audit() | ||
| Dan Rosenberg | 20 Jun 2011 | |
| Josh Bressers | 20 Jun 2011 | |
| Eugene Teo | 20 Jun 2011 | |
| [oss-security] CVE request: kernel: ksm: race between ksmd and exiting task | ||
| Huzaifa Sidhpurwala | 06 Jun 2011 | |
| Eugene Teo | 03 Jun 2011 | |
| [oss-security] CVE request: kernel: mm: avoid wrapping vm_pgoff in mremap() and stack expansions | ||
| Petr Matousek | 24 Jun 2011 | |
| [oss-security] CVE request: kernel: NLM: Don't hang forever on NLM unlock requests | ||
| Josh Bressers | 23 Jun 2011 | |
| Eugene Teo | 23 Jun 2011 | |
| [oss-security] CVE request: kernel: oom: use pte pages in OOM score | ||
| Huzaifa Sidhpurwala | 28 Jun 2011 | |
| Eugene Teo | 28 Jun 2011 | |
| [oss-security] CVE request: kernel: remote buffer overflow in bluetooth | ||
| Eugene Teo | 27 Jun 2011 | |
| Dan Rosenberg | 24 Jun 2011 | |
| [oss-security] CVE request: kernel: set cred->user_ns in key_replace_session_keyring | ||
| Huzaifa Sidhpurwala | 06 Jun 2011 | |
| Eugene Teo | 03 Jun 2011 | |
| [oss-security] CVE request: kernel: taskstats local DoS | ||
| Vasiliy Kulikov | 30 Jun 2011 | |
| Eugene Teo | 22 Jun 2011 | |
| Vasiliy Kulikov | 22 Jun 2011 | |
| [oss-security] CVE request: kernel: taskstats/procfs io infoleak | ||
| Eugene Teo | 27 Jun 2011 | |
| [oss-security] CVE request: kernel: taskstats/procfs io infoleak (was: taskstats authorized_keys presence infoleak PoC) | ||
| Eugene Teo | 29 Jun 2011 | |
| Josh Bressers | 28 Jun 2011 | |
| Vasiliy Kulikov | 24 Jun 2011 | |
| [oss-security] CVE request: kernel: thp: madvise on top of /dev/zero private mapping can lead to panic | ||
| Josh Bressers | 20 Jun 2011 | |
| Petr Matousek | 20 Jun 2011 | |
| [oss-security] CVE request: kernel: tomoyo: oops in tomoyo_mount_acl() | ||
| Petr Matousek | 30 Jun 2011 | |
| [oss-security] CVE request: libvirt: integer overflow in VirDomainGetVcpus | ||
| Josh Bressers | 29 Jun 2011 | |
| Petr Matousek | 28 Jun 2011 | |
| [oss-security] CVE Request: Mambo CMS 4.6.x | Multiple Cross Site Scripting Vulnerabilities | ||
| Josh Bressers | 28 Jun 2011 | |
| YGN Ethical Hacker Group | 27 Jun 2011 | |
| [oss-security] CVE request: Multiple security vulnerabilities in ARSC Really Simple Chat | ||
| Steven M. Christey | 08 Jun 2011 | |
| Josh Bressers | 02 Jun 2011 | |
| Henri Salo | 02 Jun 2011 | |
| [oss-security] CVE Request: nfs-utils | ||
| Josh Bressers | 28 Jun 2011 | |
| Ludwig Nussel | 27 Jun 2011 | |
| [oss-security] CVE request: openssl timing attack | ||
| Solar Designer | 04 Jun 2011 | |
| Michael Gilbert | 04 Jun 2011 | |
| Solar Designer | 01 Jun 2011 | |
| [oss-security] CVE request: pam_ssh not dropping root gid(s) | ||
| Sebastian Krahmer | 07 Jun 2011 | |
| Josh Bressers | 06 Jun 2011 | |
| Thomas Biege | 06 Jun 2011 | |
| Jan Lieskovsky | 06 Jun 2011 | |
| Sebastian Krahmer | 06 Jun 2011 | |
| [oss-security] CVE Request: PHP File upload filename | ||
| Josh Bressers | 13 Jun 2011 | |
| Felipe Pena | 12 Jun 2011 | |
| [oss-security] CVE Request: phpMyAdmin 3.4 Multiple Vulnerabilities | ||
| Josh Bressers | 29 Jun 2011 | |
| Jan Lieskovsky | 28 Jun 2011 | |
| Mango | 28 Jun 2011 | |
| [oss-security] CVE Request: prosody DoS, djabberd external entity injection | ||
| Josh Bressers | 15 Jun 2011 | |
| Wouter Coekaerts | 14 Jun 2011 | |
| [oss-security] CVE request: qemu-kvm: OOB memory access caused by negative vq notifies | ||
| Josh Bressers | 29 Jun 2011 | |
| Petr Matousek | 28 Jun 2011 | |
| [oss-security] CVE Request: Ruby on Rails 3/rails_xss XSS | ||
| Josh Bressers | 13 Jun 2011 | |
| Ludwig Nussel | 09 Jun 2011 | |
| [oss-security] CVE request: Several Moodle issues | ||
| Moritz Mühlenhoff | 16 Jun 2011 | |
| [oss-security] CVE request: vlc | ||
| Josh Bressers | 08 Jun 2011 | |
| Marc Deslauriers | 07 Jun 2011 | |
| [oss-security] CVE request: XSS in nagios | ||
| Josh Bressers | 02 Jun 2011 | |
| Vincent Danen | 01 Jun 2011 | |
| [oss-security] CVE requests: opie off by one and setuid() failure | ||
| Josh Bressers | 23 Jun 2011 | |
| Vasiliy Kulikov | 22 Jun 2011 | |
| Sebastian Krahmer | 22 Jun 2011 | |
| [oss-security] CVE-2011-1576 kernel: net: Fix memory leak/corruption on VLAN GRO_DROP | ||
| Petr Matousek | 06 Jun 2011 | |
| [oss-security] CVE-2011-2485 assignment notification -- gdk-pixbuf | ||
| Jan Lieskovsky | 24 Jun 2011 | |
| [oss-security] CVE-request: XSS in Webmin 1.540 | ||
| Henri Salo | 13 Jun 2011 | |
| [oss-security] fetchmail 6.3.20 release to fix CVE-2011-1947 (was: CVE request for fetchmail STARTTLS hang (Denial of Service)) | ||
| Matthias Andree | 06 Jun 2011 | |
| [oss-security] Linux kernel proactive security hardening | ||
| Solar Designer | 03 Jun 2011 | |
| [oss-security] list archive | ||
| Tomas Hoger | 16 Jun 2011 | |
| [oss-security] Multiple libraries privilege checking | ||
| Florian Weimer | 19 Jun 2011 | |
| [oss-security] NetworkManager: did not honour PolicyKit auth_admin action element by creation of Ad-Hoc wireless networks | ||
| Huzaifa Sidhpurwala | 23 Jun 2011 | |
| [oss-security] nspluginwrapper CVE id | ||
| Josh Bressers | 28 Jun 2011 | |
| [oss-security] Security issue in cherokee | ||
| Josh Bressers | 06 Jun 2011 | |
| Jamie Strandboge | 03 Jun 2011 | |
| [oss-security] Security issue in gitweb | ||
| Josh Bressers | 06 Jun 2011 | |
| Jamie Strandboge | 03 Jun 2011 | |
| [oss-security] taskstats authorized_keys presence infoleak PoC | ||
| Vasiliy Kulikov | 21 Jun 2011 | |
| Josh Bressers | 21 Jun 2011 | |
| Vasiliy Kulikov | 21 Jun 2011 | |
| [Phpmyadmin-security] [oss-security] CVE Request: phpMyAdmin 3.4 Multiple Vulnerabilities | ||
| Herman van Rink | 28 Jun 2011 | |
| [Security] CVE request: kernel: taskstats/procfs io infoleak (was: taskstats authorized_keys presence infoleak PoC) | ||
| Vasiliy Kulikov | 29 Jun 2011 | |
| Vasiliy Kulikov | 29 Jun 2011 | |
| Linus Torvalds | 29 Jun 2011 | |
| Vasiliy Kulikov | 29 Jun 2011 | |
| Vasiliy Kulikov | 29 Jun 2011 | |
| Vasiliy Kulikov | 29 Jun 2011 | |
| Vasiliy Kulikov | 29 Jun 2011 | |
| Linus Torvalds | 29 Jun 2011 | |
| Linus Torvalds | 29 Jun 2011 | |
| Andrew Morton | 28 Jun 2011 | |
| Linus Torvalds | 27 Jun 2011 | |
| CVE Request -- Data-FormValidator -- Reports invalid field as valid when untaint_all_constraints used | ||
| Mark Stosberg | 13 Jun 2011 | |
| CVE Request -- vsftpd -- Do not create network namespace per connection | ||
| Chris Evans | 06 Jun 2011 | |
| Greg KH | 06 Jun 2011 | |
| CVE request: FreeBSD/NetBSD 802.11 kernel memory disclosure | ||
| Dan Rosenberg | 20 Jun 2011 | |
| CVE request: kernel: mm: avoid wrapping vm_pgoff in mremap() and stack expansions | ||
| Eugene Teo | 27 Jun 2011 | |
| CVE request: kernel: taskstats/procfs io infoleak | ||
| Vasiliy Kulikov | 25 Jun 2011 | |
| CVE-request: XSS in Webmin 1.540 | ||
| Josh Bressers | 13 Jun 2011 | |
| Jamie Cameron | 13 Jun 2011 | |
| Javier Bassi | 13 Jun 2011 | |
| Security issue in cherokee | ||
| Alvaro Lopez Ortega | 06 Jun 2011 | |
| XSS security issue in gitweb for 'blob_plain' view with HTML files | ||
| Ludwig Nussel | 14 Jun 2011 | |
| Jakub Narebski | 04 Jun 2011 | |
| dave b | 03 Jun 2011 | |
| Jakub Narebski | 03 Jun 2011 | |
- Last message date: 30 Jun 2011
- Archived on: 01 Jul 2011 GMT