Products Openwall GNU/*/Linux   server OS Linux Kernel Runtime Guard John the Ripper   password cracker Free & Open Source for any platform Pro for Linux Pro for Mac OS X Wordlists   for password cracking passwdqc   policy enforcement Free & Open Source for Unix Pro for Windows (Active Directory) yescrypt   KDF & password hashing yespower   Proof-of-Work (PoW) crypt_blowfish   password hashing phpass   ditto in PHP tcb   better password shadowing Pluggable Authentication Modules scanlogd   port scan detector popa3d   tiny POP3 daemon blists   web interface to mailing lists msulogin   single user mode login php_mt_seed   mt_rand() cracker Services Publications Articles Presentations Resources Mailing lists Community wiki Source code repository (CVSweb) File archive & mirrors How to verify digital signatures OVE IDs What's new

oss-security mailing list

• 2019/07/19 #2: stack buffer overflow in fbdev (Tavis Ormandy <taviso@...il.com>)
• 2019/07/19 #1: Xen Security Advisory 300 v2 - Linux: No grant table and foreign mapping limits (Xen.org security team <security@....org>)
• 2019/07/17 #2: Multiple vulnerabilities in Jenkins (Wadeck Follonier <wfollonier@...udbees.com>)
• 2019/07/17 #1: CVE-2019-10198: Authorization bypass in Foreman tasks plugin (Tomer Brisker <tbrisker@...hat.com>)
• 2019/07/15 #3: Re: Contributing Back (Solar Designer <solar@...nwall.com>)
• 2019/07/15 #2: Re: Contributing Back (Anthony Liguori <anthony@...emonkey.ws>)
• 2019/07/15 #1: Re: Contributing Back (Joe McManus <joe.mcmanus@...onical.com>)
• 2019/07/14 #3: Fwd: [ANNOUNCE] libICE 1.0.10 (Alan Coopersmith <alan.coopersmith@...cle.com>)
• 2019/07/14 #2: Re: Contributing Back (Solar Designer <solar@...nwall.com>)
• 2019/07/14 #1: Knot Resolver 4.1.0 security release (Vladimír Čunát <vladimir.cunat@....cz>)
• 2019/07/12 #7: Re: Privileged File Access from Desktop Applications (Steffen Nurpmeso <steffen@...oden.eu>)
• 2019/07/12 #6: Re: Privileged File Access from Desktop Applications ("Perry E. Metzger" <perry@...rmont.com>)
• 2019/07/12 #5: Re: Privileged File Access from Desktop Applications ("Perry E. Metzger" <perry@...rmont.com>)
• 2019/07/12 #4: Re: Privileged File Access from Desktop Applications (Jordan Glover <Golden_Miller83@...tonmail.ch>)
• 2019/07/12 #3: Re: linux-distros membership application - Microsoft (Sasha Levin <sashal@...nel.org>)
• 2019/07/12 #2: [CVE-2019-0234] Reflected Cross-site Scripting (XSS) Vulnerabiulity in Apache Roller (Dave <snoopdave@...il.com>)
• 2019/07/12 #1: Re: Privileged File Access from Desktop Applications ("Perry E. Metzger" <perry@...rmont.com>)
• 2019/07/11 #15: Re: linux-distros membership application - Microsoft (Kristian Fiskerstrand <k_f@...too.org>)
• 2019/07/11 #14: Re: Privileged File Access from Desktop Applications (Steffen Nurpmeso <steffen@...oden.eu>)
• 2019/07/11 #13: Re: Privileged File Access from Desktop Applications (Martin Steigerwald <martin@...htvoll.de>)
• 2019/07/11 #12: Re: Privileged File Access from Desktop Applications (Simon McVittie <smcv@...ian.org>)
• 2019/07/11 #11: Re: Privileged File Access from Desktop Applications (Simon McVittie <smcv@...ian.org>)
• 2019/07/11 #10: Re: Privileged File Access from Desktop Applications (John Haxby <john.haxby@...cle.com>)
• 2019/07/11 #9: Re: Privileged File Access from Desktop Applications (Bob Friesenhahn <bfriesen@...ple.dallas.tx.us>)
• 2019/07/11 #8: Re: Privileged File Access from Desktop Applications (Simon McVittie <smcv@...ian.org>)
• 2019/07/11 #7: Re: Privileged File Access from Desktop Applications ("Perry E. Metzger" <perry@...rmont.com>)
• 2019/07/11 #6: Re: Privileged File Access from Desktop Applications (Malte Kraus <malte.kraus@...e.com>)
• 2019/07/11 #5: Re: Privileged File Access from Desktop Applications (Matthias Gerstner <mgerstner@...e.de>)
• 2019/07/11 #4: Multiple vulnerabilities in Jenkins plugins (Daniel Beck <ml@...kweb.net>)
• 2019/07/11 #3: Re: Privileged File Access from Desktop Applications ("Perry E. Metzger" <perry@...rmont.com>)
• 2019/07/11 #2: Re: Privileged File Access from Desktop Applications (Malte Kraus <malte.kraus@...e.com>)
• 2019/07/11 #1: CVE-2018-17196: Potential to bypass transaction/idempotent ACL checks in Apache Kafka (Jason Gustafson <jason@...fluent.io>)
• 2019/07/10 #2: Re: Privileged File Access from Desktop Applications ("Perry E. Metzger" <perry@...rmont.com>)
• 2019/07/10 #1: Contributing Back (Joe McManus <joe.mcmanus@...onical.com>)
• 2019/07/09 #4: Re: Privileged File Access from Desktop Applications ("Perry E. Metzger" <perry@...rmont.com>)
• 2019/07/09 #3: Privileged File Access from Desktop Applications (Malte Kraus <malte.kraus@...e.com>)
• 2019/07/09 #2: Data exfiltration with FPM servers (HHVM and rarely PHP) (Hanno Böck <hanno@...eck.de>)
• 2019/07/09 #1: Xen Security Advisory 300 v1 - Linux: No grant table and foreign mapping limits (Xen.org security team <security@....org>)
• 2019/07/08 #6: CVE-2019-13132: zeromq/libzmq: denial of service via stack overflow with arbitrary data (Luca Boccassi <bluca@...ian.org>)
• 2019/07/08 #5: Re: linux-distros membership application - Microsoft ("David A. Wheeler" <dwheeler@...eeler.com>)
• 2019/07/08 #4: Re: linux-distros membership application - Microsoft (Solar Designer <solar@...nwall.com>)
• 2019/07/08 #3: CVE-2019-13313, CVE-2019-13314: password disclosure via command line arguments (P J P <ppandit@...hat.com>)
• 2019/07/08 #2: Re: linux-distros membership application - Microsoft ("Stuart D. Gathman" <stuart@...hman.org>)
• 2019/07/08 #1: Re: [CVE-2019-0231] MINA SSLFilter security Issue (Doran Moppert <dmoppert@...hat.com>)
• 2019/07/07 #3: Re: linux-distros membership application - Microsoft (Solar Designer <solar@...nwall.com>)
• 2019/07/07 #2: Re: linux-distros membership application - Microsoft (Georgi Guninski <gguninski@...il.com>)
• 2019/07/07 #1: Re: linux-distros membership application - Microsoft (Moritz Muehlenhoff <jmm@...til.org>)
• 2019/07/06 #4: Re: linux-distros membership application - Microsoft (Sasha Levin <sashal@...nel.org>)
• 2019/07/06 #3: Re: linux-distros membership application - Microsoft (Solar Designer <solar@...nwall.com>)
• 2019/07/06 #2: Re: linux-distros membership application - Microsoft (Solar Designer <solar@...nwall.com>)
• 2019/07/06 #1: Re: linux-distros membership application - Microsoft (Georgi Guninski <gguninski@...il.com>)
• 2019/07/05 #1: CVE-2019-13122: Patchwork: XSS via Message-ID (Daniel Axtens <dja@...ens.net>)
• 2019/07/04 #1: deepin-clone: various symlink attacks (Matthias Gerstner <mgerstner@...e.de>)
• 2019/07/03 #1: CVE-2019-10183 virt-install: unattended option leaks password via command line argument (P J P <ppandit@...hat.com>)
• 2019/07/02 #2: CVE-2019-13164 Qemu: qemu-bridge-helper ACL bypassed with long interface names (P J P <ppandit@...hat.com>)
• 2019/07/02 #1: Re: linux-distros membership application - Microsoft (Michael Ellerman <mpe@...erman.id.au>)
• 2019/07/01 #4: Re: Thousands of vulnerabilities, almost no CVEs: OSS-Fuzz (Adrien Nader <adrien@...k.org>)
• 2019/07/01 #3: Django: CVE-2019-12781: Incorrect HTTP detection with reverse-proxy connecting via HTTPS (Mariusz Felisiak <felisiak.mariusz@...il.com>)
• 2019/07/01 #2: pari/gp arbitrary file write (Georgi Guninski <gguninski@...il.com>)
• 2019/07/01 #1: Re: linux-distros membership application - Microsoft (Simon Lees <sflees@...e.de>)
• 2019/06/29 #1: Irssi 1.2.1/1.1.3/1.0.8: CVE-2019-13045 (Ailin Nemui <ailin.nemui@...il.com>)
• 2019/06/28 #2: Re: linux-distros membership application - Microsoft (Sasha Levin <sashal@...nel.org>)
• 2019/06/28 #1: Re: linux-distros membership application - Microsoft (Solar Designer <solar@...nwall.com>)
• 2019/06/27 #9: Re: linux-distros membership application - Microsoft (John Haxby <john.haxby@...cle.com>)
• 2019/06/27 #8: Re: linux-distros membership application - Microsoft (Tyler Hicks <tyhicks@...onical.com>)
• 2019/06/27 #7: Re: linux-distros membership application - Microsoft (Sasha Levin <sashal@...nel.org>)
• 2019/06/27 #6: Re: linux-distros membership application - Microsoft (Greg KH <greg@...ah.com>)
• 2019/06/27 #5: Re: linux-distros membership application - Microsoft (Anthony Liguori <anthony@...emonkey.ws>)
• 2019/06/27 #4: Re: linux-distros membership application - Microsoft (Tyler Hicks <tyhicks@...onical.com>)
• 2019/06/27 #3: Re: linux-distros membership application - Microsoft (Greg KH <greg@...ah.com>)
• 2019/06/27 #2: Re: linux-distros membership application - Microsoft (Solar Designer <solar@...nwall.com>)
• 2019/06/27 #1: Re: linux-distros membership application - Microsoft (Greg KH <gregkh@...uxfoundation.org>)
• 2019/06/26 #2: linux-distros membership application - Microsoft (Sasha Levin <sashal@...nel.org>)
• 2019/06/26 #1: Re: Thousands of vulnerabilities, almost no CVEs: OSS-Fuzz (Martin Carpenter <martin.carpenter@...il.com>)
• 2019/06/25 #12: Re: Thousands of vulnerabilities, almost no CVEs: OSS-Fuzz (Jeffrey Walton <noloader@...il.com>)
• 2019/06/25 #11: Re: Thousands of vulnerabilities, almost no CVEs: OSS-Fuzz (Pascal Cuoq <cuoq@...st-in-soft.com>)
• 2019/06/25 #10: Re: Thousands of vulnerabilities, almost no CVEs: OSS-Fuzz (Jeff Law <law@...hat.com>)
• 2019/06/25 #9: Re: Thousands of vulnerabilities, almost no CVEs: OSS-Fuzz (Bob Friesenhahn <bfriesen@...ple.dallas.tx.us>)
• 2019/06/25 #8: Re: Thousands of vulnerabilities, almost no CVEs: OSS-Fuzz (Florian Weimer <fweimer@...hat.com>)
• 2019/06/25 #7: Re: Thousands of vulnerabilities, almost no CVEs: OSS-Fuzz (Jeff Law <law@...hat.com>)
• 2019/06/25 #6: Re: Thousands of vulnerabilities, almost no CVEs: OSS-Fuzz (Matthew Fernandez <matthew.fernandez@...il.com>)
• 2019/06/25 #5: Re: Thousands of vulnerabilities, almost no CVEs: OSS-Fuzz (Alexander Potapenko <glider@...gle.com>)
• 2019/06/25 #4: Re: Thousands of vulnerabilities, almost no CVEs: OSS-Fuzz (Alex Gaynor <alex.gaynor@...il.com>)
• 2019/06/25 #3: Re: Thousands of vulnerabilities, almost no CVEs: OSS-Fuzz (Bob Friesenhahn <bfriesen@...ple.dallas.tx.us>)
• 2019/06/25 #2: Re: Thousands of vulnerabilities, almost no CVEs: OSS-Fuzz (Matthew Fernandez <matthew.fernandez@...il.com>)
• 2019/06/25 #1: Re: Thousands of vulnerabilities, almost no CVEs: OSS-Fuzz (Seth Arnold <seth.arnold@...onical.com>)
• 2019/06/24 #14: Re: Thousands of vulnerabilities, almost no CVEs: OSS-Fuzz (Alex Gaynor <alex.gaynor@...il.com>)
• 2019/06/24 #13: Re: Thousands of vulnerabilities, almost no CVEs: OSS-Fuzz (Simon McVittie <smcv@...ian.org>)
• 2019/06/24 #12: Re: Thousands of vulnerabilities, almost no CVEs: OSS-Fuzz (John Haxby <john.haxby@...cle.com>)
• 2019/06/24 #11: Re: Thousands of vulnerabilities, almost no CVEs: OSS-Fuzz ("David A. Wheeler" <dwheeler@...eeler.com>)
• 2019/06/24 #10: Re: Thousands of vulnerabilities, almost no CVEs: OSS-Fuzz (Bob Friesenhahn <bfriesen@...ple.dallas.tx.us>)
• 2019/06/24 #9: Re: Thousands of vulnerabilities, almost no CVEs: OSS-Fuzz (Bob Friesenhahn <bfriesen@...ple.dallas.tx.us>)
• 2019/06/24 #8: Re: Thousands of vulnerabilities, almost no CVEs: OSS-Fuzz (Alexander Potapenko <glider@...gle.com>)
• 2019/06/24 #7: Re: Thousands of vulnerabilities, almost no CVEs: OSS-Fuzz ("Stuart D. Gathman" <stuart@...hman.org>)
• 2019/06/24 #6: Re: Thousands of vulnerabilities, almost no CVEs: OSS-Fuzz (Bob Friesenhahn <bfriesen@...ple.dallas.tx.us>)
• 2019/06/24 #5: CVE-2019-12817: Linux kernel: powerpc: Unrelated processes may be able to read/write to each other's virtual memory (Michael Ellerman <mpe@...erman.id.au>)
• 2019/06/24 #4: Re: Thousands of vulnerabilities, almost no CVEs: OSS-Fuzz (Dmitry Vyukov <dvyukov@...gle.com>)
• 2019/06/24 #3: Re: Thousands of vulnerabilities, almost no CVEs: OSS-Fuzz (Jakub Wilk <jwilk@...lk.net>)
• 2019/06/24 #2: Re: curl: Windows OpenSSL engine code injection (Jakub Wilk <jwilk@...lk.net>)
• 2019/06/24 #1: curl: Windows OpenSSL engine code injection (Daniel Stenberg <daniel@...x.se>)

25324 messages

Powered by blists - more mailing lists

Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.

Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.