CVE Reference Map for Source MLIST

Source MLIST
Description generic reference form for miscellaneous mailing lists
Notes This is used for identifying miscellaneous mailing lists.

This reference map lists the various references for MLIST and provides the associated CVE entries or candidates. It uses data from CVE version 20061101 and candidates that were active as of 2024-06-25.

Note that the list of references may not be complete.

MLIST:20040507 Bug in IO bitmap handling? Probably exploitable (2.6.5) CVE-2004-2536
MLIST:20040507 Re: Bug in IO bitmap handling? Probably exploitable (2.6.5) CVE-2004-2536
MLIST:20041026 [Mimedefang] SECURITY: Patch for MIME-tools CVE-2004-1098
MLIST:20050422 Chora 1.2.3 (final) CVE-2005-1317
MLIST:20071021 [Xen-ia64-devel] PATCH: check r2 value for VTi mov rr[r3]=r2 CVE-2007-6207
MLIST:CVE-2019-11248: /debug/pprof exposed on kubelet's healthz port CVE-2019-11248
MLIST:CVE-2019-11253: denial of service vulnerability from malicious YAML or JSON payloads CVE-2019-11253
MLIST:MLIST [oss-security] 20190124 CVE-2019-6501 QEMU: scsi-generic: possible OOB access while handling inquiry request CVE-2019-6501
MLIST:MLIST: [oss-security] 20100628 Re: CVE Request -- Drupal v6.16 / v5.22 SA-CORE-2010-001 CVE-2010-2472
MLIST:MLIST: [oss-security] 20130103 Re: CVE request (maybe): magento before 1.7.0.2 CVE-2012-6091
MLIST:Multiple secret leaks when verbose logging is enabled CVE-2020-8563 CVE-2020-8564 CVE-2020-8565 CVE-2020-8566
MLIST:Re: [SECURITY] [CVE-2021-22160] Authentication with JWT allows use of “none”-algorithm CVE-2021-22160
MLIST:Security release of kubectl versions v1.16.0 / 1.15.4 / 1.14.7 and 1.13.11 - CVE-2019-11251 CVE-2019-11251
MLIST:Security release of kubernetes-csi sidecars - CVE-2019-11255 CVE-2019-11255
MLIST:VIM 20070130 Source VERIFY: nsGalPHP RFI CVE-2007-0573
MLIST:[0day] 20041208 Ability Server 2.25 - 2.34 FTP => 'APPE' Buffer Overflow - PnK:: DCN3T CVE-2004-1627
MLIST:[ANNOUNCE] 20070907 balsa-2.3.20 released CVE-2007-5007
MLIST:[ANNOUNCE] Incomplete fixes for CVE-2019-1002101, kubectl cp potential directory traversal - CVE-2019-11246 CVE-2019-11246
MLIST:[AWFFULL] 20070123 Regarding the fixes in 3.7.2 CVE-2007-0510
MLIST:[AWFFULL] 20070505 awffull 3.7.1 bug with search string keywords CVE-2007-3299
MLIST:[AWFFULL] 20070507 Announcing AWFFull v3.7.4 CVE-2007-3299
MLIST:[Acl-Devel] 20050205 [FIX] Long-standing xattr sharing bug CVE-2005-2801
MLIST:[Announce] 20080326 GnuPG 1.4.9 released CVE-2008-1530
MLIST:[Announce] 20090723 ANNOUNCE: strongswan-2.8.11 and strongswan-4.2.17 released CVE-2009-2661
MLIST:[Announce] 20121130 Qt Project Security Advisory: QML XmlHttpRequest Insecure Redirection CVE-2012-5624
MLIST:[Announcements] 20071206 MySQL 5.0.51 has been released CVE-2007-5969
MLIST:[Backup-manager-commits] 20070102 r528 - in backup-manager/trunk: . doc lib man po CVE-2007-2766
MLIST:[BackupPC-devel] 20110118 XSS's in Browse.pm CVE-2011-3361
MLIST:[Bug-cpio] 20150108 cpio: directory traversal vulnerability via symlinks CVE-2015-1197
MLIST:[Bug-ed] 20170108 invalid free on malformed commands CVE-2017-5357
MLIST:[Bug-readline] 20140331 Readline-6.3 Official Patch 3 CVE-2014-2524
MLIST:[Bug-readline] 20160524 INPUTRC issues CVE-2016-7091
MLIST:[Buildbot-devel] 20090812 [SECURITY ALERT] Cross-site scripting vulnerability CVE-2009-2959
MLIST:[Buildbot-devel] 20090813 Re: Cross-site scripting vulnerability CVE-2009-2967
MLIST:[CGit] 20130527 [ANNOUNCE] CGIT v0.9.2 Released CVE-2013-2117
MLIST:[CGit] 20160113 XSS in cgit CVE-2016-1899 CVE-2016-1900
MLIST:[CGit] 20160114 [ANNOUNCE] CGIT v0.12 Released CVE-2016-1899 CVE-2016-1900 CVE-2016-1901
MLIST:[CVE-2019-0186] The input fields of the Chat Room demo are vulnerable to Cross-Site Scripting (XSS) attacks CVE-2019-0186
MLIST:[CVE-2019-0186] The input fields of the Chat Room demo are vulnerable to Cross-Site Scripting (XSS) attacks CVE-2019-0186
MLIST:[Cache-News] 20040303 Security Alert CVE-2004-2683
MLIST:[Cache-News] 20040305 Security Alert Correction CVE-2004-2683
MLIST:[Cache-News] 20040309 Security Alert - %template CVE-2004-2684
MLIST:[Cache-News] 20040310 Updated Security Alert - %template CVE-2004-2684
MLIST:[Cache-News] 20070718 Security Alert: User passed parameter values via CSP CVE-2007-4427
MLIST:[Chicken-hackers] 20140517 [PATCH] Bound read-u8vector! to dest vector's size when no length is given CVE-2014-3776
MLIST:[Chicken-hackers] 20141214 [PATCH] Fix buffer overrun in substring-index[-ci] CVE-2014-9651
MLIST:[Chicken-users] 20150112 [SECURITY] Fix buffer overrun in substring-index[-ci] CVE-2014-9651
MLIST:[Clamav-announce] 20070530 announcing ClamAV 0.90.3 CVE-2007-3023 CVE-2007-3024 CVE-2007-3025 CVE-2007-3122 CVE-2007-3123
MLIST:[Commits] 20130305 Rev 3682: TODO-424 geometry query crashes server. in file:///home/hf/wmar/todo-424/ CVE-2013-1861
MLIST:[Cyrus-CVS] 20090902 src/sieve by brong CVE-2009-2632
MLIST:[Dailydave] 20040323 dtlogin advisory CVE-2004-0368
MLIST:[Dailydave] 20040514 Mozilla bug might even get fixed! CVE-2004-0478
MLIST:[Dailydave] 20050704 !!! pre-authenticated remote code inclusion vulnerability inside phppgadmin !!! CVE-2005-2256
MLIST:[Dailydave] 20050714 SPIKE actually scores. CVE-2005-1218
MLIST:[Dailydave] 20051129 Webmin miniserv.pl format string vulnerability CVE-2005-3912
MLIST:[Dailydave] 20060105 WMF goes away :< CVE-2006-0106
MLIST:[Dailydave] 20060203 ProtoVer vs Lotus Domino Server 7.0 CVE-2006-0580
MLIST:[Dailydave] 20060207 ProFTPD bug CVE-2005-4816
MLIST:[Dailydave] 20060208 Sun Directory Server 5.2 fun CVE-2006-0647
MLIST:[Dailydave] 20060210 ??? Sun Directory Server 5.2 fun ??? CVE-2006-0647
MLIST:[Dailydave] 20060211 IBM Tivoli Directory Server 0day CVE-2006-0717
MLIST:[Dailydave] 20060213 eddy 0day CVE-2006-0710
MLIST:[Dailydave] 20060214 MailSite (WorldMail) fun CVE-2006-0790
MLIST:[Dailydave] 20060221 word dos 4fun CVE-2006-0935
MLIST:[Dailydave] 20060226 fun with FreeBSD kernel CVE-2006-0900
MLIST:[Dailydave] 20060430 Non disclosure from security vendors: Truecrypt exemple CVE-2006-2183
MLIST:[Dailydave] 20060721 GnuPG 1.4.4 fun CVE-2006-3746
MLIST:[Dailydave] 20061208 Madwifi SIOCSIWSCAN vulnerability (CVE-2006-6332) CVE-2006-6332
MLIST:[Dailydave] 20080101 0day RealPlayer exploit demo CVE-2008-0098
MLIST:[Darklab] 20060131 SAP security/auditing CVE-2005-4815
MLIST:[Darklab] 20060905 SAP security/auditing CVE-2005-4815
MLIST:[Darklab] 20060907 Re: SAP security/auditing CVE-2005-4815
MLIST:[Darklab] 20060908 Re: SAP security/auditing CVE-2005-4815
MLIST:[Dbmail-dev] 20071216 [DBMail 0000662]: Ability to bypass authentication. CVE-2007-6714
MLIST:[Dbmail] 20030725 WARNING SECURITY FLAW IN IMAPSERVER CVE-2003-1523
MLIST:[Debian-audit] 20041229 More temporary filenames/dirs related bugs CVE-2004-2605
MLIST:[Dnsmasq-discuss] 20150407 dnsmsaq potential vulnerability CVE-2015-3294
MLIST:[Dnsmasq-discuss] 20160418 Dnsmasq 2.75 on Ubuntu 16.04 crashes reproducibly CVE-2015-8899
MLIST:[Dnsmasq-discuss] 20160503 Dnsmasq 2.75 on Ubuntu 16.04 crashes reproducibly CVE-2015-8899
MLIST:[Dovecot-news] 20061119 Security hole #2: Off-by-one buffer overflow with mmap_disable=yes CVE-2006-5973
MLIST:[Dovecot-news] 20071221 Security hole #4: Specific LDAP + auth cache configuration may mix up user logins CVE-2007-6598
MLIST:[Dovecot-news] 20071229 v1.0.10 released CVE-2007-6598
MLIST:[Dovecot-news] 20080309 Security hole #6: Some passdbs allowed users to log in without a valid password CVE-2008-1218
MLIST:[Dovecot-news] 20080309 v1.0.13 and v1.1.rc3 released CVE-2008-1218
MLIST:[Dovecot-news] 20080504 v1.0.11 released CVE-2008-1199
MLIST:[Dovecot-news] 20081030 v1.1.6 released CVE-2008-4907
MLIST:[Dovecot-news] 20090914 Security holes in CMU Sieve plugin CVE-2009-2632 CVE-2009-3235
MLIST:[Dovecot-news] 20091119 1.0.rc15 released CVE-2006-5973
MLIST:[Dovecot-news] 20130520 v2.2.2 released CVE-2013-2111
MLIST:[Dovecot-news] 20131103 v2.2.7 released CVE-2013-6171
MLIST:[Dovecot-news] 20140511 v2.2.13 released CVE-2014-3430
MLIST:[Dovecot] 20060208 1.0beta3 released CVE-2006-0730
MLIST:[Dovecot] 20081117 ManageSieve SECURITY hole: virtual users can edit scripts of other virtual users (all versions) CVE-2008-5301
MLIST:[El-errata] 20140611 Oracle Linux Security Advisory ELSA-2014-0747 CVE-2014-1402
MLIST:[Enlightenment-announce] 20160501 imlib2 1.4.9 CVE-2011-5326 CVE-2016-3993 CVE-2016-3994 CVE-2016-4024
MLIST:[Ethereal-dev] 20040416 Possibly incorrect CVE entry CAN-2004-0367 CVE-2004-0367
MLIST:[Ethereal-users] 20040503 Re: HotSIP sip-messages crasching ethereal CVE-2004-0504
MLIST:[Exim] 20021204 Minor security problem in both Exim 3 and 4 CVE-2002-1381
MLIST:[Exim] 20030814 Minor security bug CVE-2003-0743
MLIST:[Exim] 20030815 Minor security bug CVE-2003-0743
MLIST:[Expat-discuss] 20120304 Announcement: Expat 2.1.0 Beta can be tested CVE-2012-0876
MLIST:[File] 20141216 file 5.21 is now available CVE-2014-9620 CVE-2014-9621
MLIST:[File] 20150102 file 5.22 is now available CVE-2014-9620 CVE-2014-9621
MLIST:[Forensics] 20050511 DCO discovery & removal, capabilities of imaging & wiping tools CVE-2005-1578
MLIST:[FreeNX-kNX] 20050217 Security: Serious bug in authority handling found and fixed CVE-2005-0579
MLIST:[Freeipa-interest] 20151008 Announcing FreeIPA 4.2.2 CVE-2015-5284
MLIST:[Freeipmi-devel] 20130222 The Infamous Cipher Zero, I presume? CVE-2013-4782 CVE-2013-4783 CVE-2013-4784
MLIST:[Full Disclosure] 20150619 Cross-Site Request Forgery in Google Analyticator Wordpress Plugin v6.4.9.3 before rev @1183563 CVE-2015-4697
MLIST:[Full Disclosure] 20160815 php-gettext php code execution in select_string, ngettext, npgettext count parameter <1.0.12 CVE-2015-8980
MLIST:[Ganglia-developers] 20090113 patches for: [Sec] Gmetad server BoF and network overload + [Feature] multiple requests per conn on interactive port CVE-2009-0241 CVE-2009-0242
MLIST:[Ganglia-developers] 20090123 Re: CVE CVE-2009-0242
MLIST:[Gnump3d-users] 20051028 New release - security fixes. CVE-2005-3123 CVE-2005-3424
MLIST:[Gnupg-announce] 20131005 [Announce] [security fix] GnuPG 1.4.15 released CVE-2013-4402
MLIST:[Gnupg-announce] 20131005 [Announce] [security fix] GnuPG 2.0.22 released CVE-2013-4402
MLIST:[Gnupg-devel] 20060725 Re: [Dailydave] GnuPG 1.4.4 fun CVE-2006-3746
MLIST:[Gpsd-announce] 20050127 Announcing release 2.8 of gpsd CVE-2004-1388
MLIST:[Greasemonkey] 20050718 greasemonkey for secure data over insecure networks / sites CVE-2005-2455
MLIST:[Horde-announce] 20051113 Horde 2.2.9 (final) CVE-2005-3570
MLIST:[HostAP] 20050213 wpa_supplicant - new stable releases v0.3.8 and v0.2.7 CVE-2005-0470
MLIST:[IRCServices] 20070324 Regarding Founder Passwords CVE-2007-3246
MLIST:[IRCServices] 20070324 Services 5.0.60 released CVE-2007-3246
MLIST:[IRCServices] 20070608 NS REGISTER and LINK CVE-2007-3245
MLIST:[IRCServices] 20070610 NS REGISTER and LINK CVE-2007-3245
MLIST:[IRCServices] 20070610 Services 5.1pre3 / 5.0.62 released CVE-2007-3245
MLIST:[IRCServices] 20071121 Services 5.0.63 released CVE-2007-6122
MLIST:[IRCServices] 20071121 Services 5.1.7 released CVE-2007-6122
MLIST:[IRCServices] 20071121 Services 5.1.9 released CVE-2007-6123
MLIST:[ISN] 20070326 Windows weakness can lead to network traffic hijacks CVE-2007-1692
MLIST:[ISSForum] 20040128 Third party BlackICE advisory CVE-2004-2125
MLIST:[Icecast-dev] 20150408 Icecast 2.4.2 - security release CVE-2015-3026
MLIST:[Info-gnu-radius] 20040915 GNU Radius 1.2.94. CVE-2004-0849
MLIST:[Ipsec-tools-devel] 20070406 Ipsec-tools 0.6.7 released CVE-2007-1841
MLIST:[KVIrc] 20100517 Proposal for a stable release of kvirc4 CVE-2010-2451 CVE-2010-2452
MLIST:[Koha] 20140122 SECURITY release: MARC::File::XML 1.0.2 CVE-2014-1626
MLIST:[Libevent-users] 20150105 Advisory: integer overflow in evbuffers for Libevent <= 1.4.14b,2.0.21,2.1.4-alpha [CVE-2014-6272] CVE-2014-6272 CVE-2015-6525
MLIST:[Libguestfs] 20131017 ANNOUNCE: CVE-2013-4419: insecure temporary directory handling for guestfish's network socket CVE-2013-4419
MLIST:[Libguestfs] 20141029 [libhivex] Undefined behavior when accessing invalid (too small) registry hives CVE-2014-9273
MLIST:[LightDM] 20111102 Version 1.0.6 released CVE-2011-4105
MLIST:[Lurker-users] 20060302 Serious security vulnerabilities found CVE-2006-1062 CVE-2006-1063 CVE-2006-1064
MLIST:[MARC] 20100706 [Important] Wink security advisory CVE-2010-2245 CVE-2010-2245
MLIST:[MPlayer-announce] 20070605 MPlayer 1.0rc1try3 released CVE-2007-2948
MLIST:[Macsec] 20011229 MacOSX ppp CVE-2001-1565
MLIST:[Magick-announce] 20070917 ImageMagick 6.3.5-9, important security updates CVE-2007-4985 CVE-2007-4986 CVE-2007-4987 CVE-2007-4988
MLIST:[Mailman-Announce] 20031231 RELEASED Mailman 2.1.4 CVE-2003-0965
MLIST:[Mailman-Announce] 20040208 RELEASED: Mailman 2.0.14 patch-only release CVE-2003-0991
MLIST:[Mailman-Announce] 20040515 RELEASED Mailman 2.1.5 CVE-2004-0412
MLIST:[Mailman-Announce] 20060407 Released: Mailman 2.1.8 release candidate CVE-2006-1712
MLIST:[Mailman-Announce] 20060913 RELEASED: Mailman 2.1.9 CVE-2006-2191 CVE-2006-4624
MLIST:[Mailman-Announce] 20080203 Mailman 2.1.10b3 Released (was: Re: Mailman 2.1.10b1 Released) CVE-2008-0564
MLIST:[Mailman-Announce] 20150327 Mailman 2.1.20 release CVE-2015-2775
MLIST:[Mailman-Developers] 20150327 Security patch and Mailman 2.1.20 to be released on 31 March CVE-2015-2775
MLIST:[Mailman-Developers] 20150331 Security patch and Mailman 2.1.20 to be released on 31 March CVE-2015-2775
MLIST:[Mailman-Users] 20050912 Uncaught runner exception: 'utf8' codeccan'tdecode bytes in position 1-4: invalid data CVE-2005-3573
MLIST:[MediaWiki-announce] 20060327 MediaWiki 1.5.8, 1.4.15 released [SECURITY] CVE-2006-1498
MLIST:[MediaWiki-announce] 20060606 MediaWiki 1.6.7 released CVE-2006-2895
MLIST:[MediaWiki-announce] 20070204 MediaWiki 1.9.2 released CVE-2007-0788
MLIST:[MediaWiki-announce] 20070910 MediaWiki 1.11.0, 1.10.2, 1.9.4, 1.8.5 released CVE-2007-4828 CVE-2007-4883
MLIST:[MediaWiki-announce] 20080124 MediaWiki 1.11.1, 1.10.3, 1.9.5 released CVE-2008-0460
MLIST:[MediaWiki-announce] 20080307 MediaWiki 1.11.2 released (security) CVE-2008-1318
MLIST:[MediaWiki-announce] 20081002 MediaWiki 1.13.2, 1.12.1 security update CVE-2008-4408
MLIST:[MediaWiki-announce] 20090207 MediaWiki releases: security update and new major branch CVE-2009-0737
MLIST:[MediaWiki-announce] 20100303 MediaWiki security update: 1.15.2 CVE-2010-1189 CVE-2010-1190
MLIST:[MediaWiki-announce] 20110201 MediaWiki security release 1.16.2 CVE-2011-0047
MLIST:[MediaWiki-announce] 20120322 MediaWiki security and maintenance release 1.17.3 CVE-2012-1582 CVE-2012-4885
MLIST:[MediaWiki-announce] 20120322 MediaWiki security and maintenance release 1.18.2 CVE-2012-1582 CVE-2012-4885
MLIST:[MediaWiki-announce] 20120831 MediaWiki security release: 1.19.2 and 1.18.5 CVE-2012-4377 CVE-2012-4378 CVE-2012-4379 CVE-2012-4380 CVE-2012-4382
MLIST:[MediaWiki-announce] 20121130 MediaWiki security release: 1.20.1, 1.19.3 and 1.18.6 CVE-2012-5391 CVE-2012-5395
MLIST:[MediaWiki-announce] 20130430 MediaWiki Security Release: 1.20.5 and 1.19.6 CVE-2013-2031 CVE-2013-2032
MLIST:[MediaWiki-announce] 20130521 MediaWiki Security Release: 1.20.6 and 1.19.7 CVE-2013-2114
MLIST:[MediaWiki-announce] 20130903 MediaWiki Security Release: 1.21.2, 1.20.7 and 1.19.8 CVE-2013-4301 CVE-2013-4302 CVE-2013-4304 CVE-2013-4305 CVE-2013-4306 CVE-2013-4307 CVE-2013-4308
MLIST:[MediaWiki-announce] 20131114 MediaWiki Security Release: 1.21.3, 1.20.8 and 1.19.9 CVE-2012-5394 CVE-2013-4567 CVE-2013-4568 CVE-2013-4569 CVE-2013-4573
MLIST:[MediaWiki-announce] 20140114 MediaWiki Security Releases: 1.22.1, 1.21.4 and 1.19.10 CVE-2013-4570 CVE-2013-4571 CVE-2013-4574 CVE-2013-6452 CVE-2013-6453 CVE-2013-6454 CVE-2013-6472 CVE-2014-3454 CVE-2014-3455
MLIST:[MediaWiki-announce] 20140128 MediaWiki Security Releases: 1.22.2, 1.21.5 and 1.19.11 CVE-2014-1610
MLIST:[MediaWiki-announce] 20140424 MediaWiki Security and Maintenance Releases: 1.22.6 and 1.21.9 CVE-2014-2853
MLIST:[MediaWiki-announce] 20140529 MediaWiki Security and Maintenance Releases: 1.19.16, 1.21.10 and 1.22.7 CVE-2014-3966
MLIST:[MediaWiki-announce] 20140730 MediaWiki Security and Maintenance Releases: 1.19.18, 1.22.9 and 1.23.2 CVE-2014-5241 CVE-2014-5242 CVE-2014-5243
MLIST:[MediaWiki-announce] 20140924 MediaWiki Security and Maintenance Releases: 1.19.19, 1.22.11 and 1.23.4 CVE-2014-7199
MLIST:[MediaWiki-announce] 20141002 MediaWiki Security and Maintenance Releases: 1.19.20, 1.22.12 and 1.23.5 CVE-2014-7295
MLIST:[MediaWiki-announce] 20141127 MediaWiki Security and Maintenance Releases: 1.23.7, 1.22.14 and 1.19.22 CVE-2014-9276 CVE-2014-9277 CVE-2014-9507
MLIST:[MediaWiki-announce] 20141217 MediaWiki Security and Maintenance Releases: 1.24.1, 1.23.8, 1.22.15 and 1.19.23 CVE-2014-9475 CVE-2014-9476 CVE-2014-9477 CVE-2014-9478 CVE-2014-9479 CVE-2014-9480 CVE-2014-9487
MLIST:[MediaWiki-announce] 20150331 MediaWiki Security and Maintenance Releases: 1.19.24, 1.23.9, and 1.24.2 CVE-2014-9714 CVE-2015-2931 CVE-2015-2932 CVE-2015-2933 CVE-2015-2934 CVE-2015-2935 CVE-2015-2936 CVE-2015-2937 CVE-2015-2938 CVE-2015-2939 CVE-2015-2940 CVE-2015-2941 CVE-2015-2942
MLIST:[MediaWiki-announce] 20150810 MediaWiki Security and Maintenance Releases: 1.25.2, 1.24.3, 1.23.10 CVE-2013-7444 CVE-2015-6727 CVE-2015-6728 CVE-2015-6729 CVE-2015-6730 CVE-2015-6731 CVE-2015-6732 CVE-2015-6733 CVE-2015-6734 CVE-2015-6735 CVE-2015-6736 CVE-2015-6737
MLIST:[MediaWiki-announce] 20151016 Extension Security Release: OAuth, Echo, PageTriage CVE-2015-8006 CVE-2015-8007 CVE-2015-8008
MLIST:[MediaWiki-announce] 20151016 Security Release: 1.25.3, 1.24.4 and 1.23.11 CVE-2015-8001 CVE-2015-8002 CVE-2015-8003 CVE-2015-8004 CVE-2015-8005
MLIST:[MediaWiki-announce] 20151221 [MediaWiki-announce] Security Release: 1.26.1, 1.25.4, 1.24.5 and 1.23.12 CVE-2015-8622 CVE-2015-8623 CVE-2015-8624 CVE-2015-8625 CVE-2015-8626 CVE-2015-8627 CVE-2015-8628
MLIST:[MediaWiki-announce] 20160823 Security Release - 1.27.1, 1.26.4, 1.23.15 CVE-2016-6331 CVE-2016-6332 CVE-2016-6333 CVE-2016-6334 CVE-2016-6335 CVE-2016-6336 CVE-2016-6337
MLIST:[Mongrel] 20071228 Arbitrary system files readable in 1.0.4 - 1.1.2 CVE-2007-6612
MLIST:[Mongrel] 20071229 Regarding the 1.1.3 security release CVE-2007-6612
MLIST:[Mongrel] [SECURITY] Must Fix This Now! (Re: Arbitrary system files readable in 1.0.4 - 1.1.2) CVE-2007-6612
MLIST:[Monotone-devel] 20060308 [ANNOUNCE] Monotone 0.25.2 -- security fix release CVE-2006-1166
MLIST:[Nbd] 20130128 NBD server terminates on SIGPIPE during negotiation CVE-2013-7441
MLIST:[Nbd] 20150507 [PATCH] nbd-server: fix unsafe signal handling CVE-2015-0847
MLIST:[Ntop-dev] 20050331 Minor security issue w/ ntop.init (RedHat Packages directory) CVE-2005-3387
MLIST:[OATH-Toolkit-help] 20131209 libpam-oath vulnerable to replay of OTP as result of incorrectly parsing comments in users file? CVE-2013-7322
MLIST:[OATH-Toolkit-help] 20131214 Re: libpam-oath vulnerable to replay of OTP as result of incorrectly parsing comments in users file? CVE-2013-7322
MLIST:[OPEN-ILS-GENERAL] 20140121 SECURITY release: MARC::File::XML 1.0.2 CVE-2014-1626
MLIST:[OTR-users] 20160309 New releases of libotr (4.1.1) and pidgin-otr (4.0.2) available CVE-2015-8833
MLIST:[OTR-users] 20160309 Security Advisory: upgrade to libotr 4.1.1 CVE-2016-2851
MLIST:[OpenAFS-announce] 20070319 OpenAFS 1.4.4 available CVE-2007-1507
MLIST:[OpenAFS-announce] 20070319 OpenAFS 1.5.17 release available CVE-2007-1507
MLIST:[OpenAFS-announce] 20070320 OpenAFS Security Advisory 2007-001: privilege escalation in Unix-based clients CVE-2007-1507
MLIST:[OpenAFS-announce] 20071220 OpenAFS Security Advisory 2007-003: denial of service in OpenAFS fileserver CVE-2007-6599
MLIST:[OpenAFS-announce] 20150730 SECURITY RELEASE: 1.6.13 now available CVE-2015-3282 CVE-2015-3283 CVE-2015-3284 CVE-2015-3285 CVE-2015-3286 CVE-2015-6587
MLIST:[OpenAFS-announce] 20151028 OpenAFS security release 1.6.15 available CVE-2015-7762 CVE-2015-7763
MLIST:[OpenAFS-announce] 20160316 OpenAFS security release 1.6.17 available CVE-2016-2860 CVE-2016-4536
MLIST:[OpenBSD] 20011202 Code that crashes kernel at will + proposed patch CVE-2001-1559
MLIST:[OpenJDK] 20120612 IcedTea6 1.10.8 & 1.11.3 Released CVE-2012-1711 CVE-2012-1713 CVE-2012-1716 CVE-2012-1717 CVE-2012-1718 CVE-2012-1719 CVE-2012-1723 CVE-2012-1724 CVE-2012-1725
MLIST:[Openstack] 20150728 [Security][LP# 1471161] Designate mDNS DoS through incorrect handling of large RecordSets CVE-2015-5695
MLIST:[Openswan Users] 20140221 Openswan 2.6.41 released CVE-2014-2037
MLIST:[Openvas-announce] 20131108 Security Releases for OpenVAS-5 and OpenVAS-6 CVE-2013-6765 CVE-2013-6766
MLIST:[Operators] 20141013 ejabberd: compression allows circumvention of encryption CVE-2014-8760
MLIST:[PEAR-CVS] 20070503 cvs: pear /MDB2 MDB2.php package.php /MDB2/MDB2/Driver mysql.php mysqli.php oci8.php pgs CVE-2007-5934
MLIST:[Packetfence-announce] 20120413 PacketFence 3.3.0 released! CVE-2012-4740 CVE-2012-4741
MLIST:[Pen-Test] 20051104 Paros 3.2.7 release CVE-2005-4668
MLIST:[Pixman] 20140409 [PATCH] create_bits(): Cast the result of height * stride to size_t CVE-2014-9766
MLIST:[Postfixbuch-users] 20110222 proxy-reject: END-OF-MESSAGE: 451 4.3.0 Error: queue file write error CVE-2010-4777
MLIST:[Qemu-devel] 20070428 Qemu crashes on AAM 0 CVE-2007-1366
MLIST:[Qemu-devel] 20070429 Re: Qemu crashes on AAM 0 CVE-2007-1366
MLIST:[Qemu-devel] 20080428 [4277] add format= to drive options (CVE-2008-2004) CVE-2008-2004
MLIST:[Qemu-devel] 20150331 [PATCH][XSA-126] xen: limit guest control of PCI command register CVE-2015-2756
MLIST:[Qemu-devel] 20180112 Re: [Qemu-devel] [PATCH v3] vga: check the validation of memory addr when draw text CVE-2018-5683
MLIST:[Qemu-devel] 20181103 [PATCH v2] ppc/pnv: check size before data buffer access CVE-2018-18954
MLIST:[Qemu-devel][PATCH] 20190111 scsi-generic: avoid possible out-of-bounds access to r->buf CVE-2019-6501
MLIST:[Qt-interest] 20020915 assistant leaves port unfiltered CVE-2002-1883
MLIST:[Remind-Fans] 20150727 Remind 3.1.15 is released CVE-2015-5957
MLIST:[Rt-announce] 20080623 Security vulnerability in RT 3.0 and up CVE-2008-3502
MLIST:[SAP DB Dev] 20030422 Security Alert: Development Tools CVE-2003-1033
MLIST:[SECURITY] CVE-2019-0223: Apache Qpid Proton TLS Man in the Middle Vulnerability CVE-2019-0223
MLIST:[SECURITY] [DLA 1675-1] 20190214 python-gnupg security update CVE-2019-6690
MLIST:[SECURITY] [DLA 1684-1] 20190219 systemd security update CVE-2019-6454
MLIST:[SSSD] 20140513 On POSIX and non-POSIX groups CVE-2014-0249
MLIST:[ScryMUD] 20070223 ScryMUD 2.1.11 (stable) has been released. CVE-2007-1098
MLIST:[Security Advisory] CVE-2020-8557: Node disk DOS by writing to container /etc/hosts CVE-2020-8557
MLIST:[Security Advisory] CVE-2020-8558: Kubernetes: Node setting allows for neighboring hosts to bypass localhost boundary CVE-2020-8558
MLIST:[Security-announce] 20080107 VMSA-2008-0001 Moderate OpenPegasus PAM Authentication Buffer Overflow and updated service console packages CVE-2007-5116 CVE-2007-5135 CVE-2007-5191 CVE-2007-5360 CVE-2007-5398
MLIST:[Security-announce] 20080107 VMSA-2008-0002 Low severity security update for VirtualCenter and ESX Server 3.0.2, and ESX 3.0.1 CVE-2005-2090 CVE-2007-2788
MLIST:[Security-announce] 20080221 VMSA-2008-0003 Moderate: Updated aacraid driver and samba and python service console updates CVE-2007-2052 CVE-2007-4308 CVE-2007-4965 CVE-2007-6015
MLIST:[Security-announce] 20080415 VMSA-2008-0007 Moderate Updated Service Console packages pcre, net-snmp, and OpenPegasus CVE-2007-1660 CVE-2008-0003
MLIST:[Security-announce] 20080728 VMSA-2008-00011 Updated ESX service console packages for Samba and vmnix CVE-2007-6151 CVE-2007-6206 CVE-2008-1105 CVE-2008-1367
MLIST:[Security-announce] 20081106 VMSA-2008-0018 VMware Hosted products and patches for ESX and ESXi resolve two security issues CVE-2008-4281 CVE-2008-4915
MLIST:[Server-cvs] 20070131 protocol/rtsp rtspprot.cpp,1.80,1.81 CVE-2006-6026
MLIST:[Shorewall-announce] 20040628 URGENT: Shorewall Security Vulnerability CVE-2004-0647
MLIST:[Siteframe-Announce] 20051030 URGENT: additional security vulnerability, release 3.2.2 CVE-2005-4824
MLIST:[Siteframe-Announce] 20060621 WARNING: Security Vulnerability identified in Siteframe 3.x CVE-2005-1965
MLIST:[Snort-announce] 20011129 Snort 1.8.3 Released CVE-2001-1558
MLIST:[Snort-devel] 20060531 Snort Uricontent Bypass Vulnerability CVE-2006-2769
MLIST:[Speex-dev] 20080406 libfishsound 0.9.1 Release CVE-2008-1686
MLIST:[Spip-en] 20120423 New stable releases SPIP 1.9.2o, 2.0.18 et 2.1.13 are availables CVE-2012-2151 CVE-2012-4331
MLIST:[Swan-announce] 20130514 CVE-2013-2052: Libreswan remote buffer overflow in atodn() CVE-2013-2052
MLIST:[Swan-announce] 20131211 Libreswan 3.7 released CVE-2013-4564 CVE-2013-7283 CVE-2013-7294
MLIST:[Swfdec] 20080409 Swfdec 0.6.4 released CVE-2008-1834
MLIST:[TLS] 20050602 ANNOUNCE: PureTLS 0.9b5 CVE-2005-4839
MLIST:[TYPO3-announce] 20061219 Pre-announcement for important security update CVE-2006-6690
MLIST:[TYPO3-announce] 20061220 TYPO3 Security Bulletin TYPO3-20061220-1: Remote Command Execution in TYPO3 CVE-2006-6690
MLIST:[TYPO3-announce] 20120417 Announcing TYPO3 4.4.15, 4.5.15 and 4.6.8 CVE-2012-2112
MLIST:[TYPO3-announce] 20120417 Cross-Site Scripting Vulnerability in TYPO3 Core CVE-2012-2112
MLIST:[Telepathy] 20130304 Announce: telepathy-gabble 0.16.5 CVE-2013-1769
MLIST:[Telepathy] 20130304 Announce: telepathy-gabble 0.17.3 CVE-2013-1769
MLIST:[Trac] 20051205 SECURITY: Trac 0.9.2 Released CVE-2005-4065
MLIST:[Uim] 20050928 uim 0.5.0.1 released CVE-2005-3149
MLIST:[Uim] 20050928 uim-0.4.9.1 released CVE-2005-3149
MLIST:[Unbound-users] 20091007 Release of unbound 1.3.4 CVE-2009-3602
MLIST:[Users] 20070822 New version: 0.8.3 beta CVE-2007-4500 CVE-2007-4501
MLIST:[Users] 20070822 SECURITY: root privilege escalation / trivial reveal of stored passwords CVE-2007-4500 CVE-2007-4501
MLIST:[Users] 20070823 New version: 0.8.3 beta CVE-2007-4500 CVE-2007-4501
MLIST:[Users] 20130729 [strongSwan] charon crash right after xauth+rsa client connects (strongswan-5.0.4, ubuntu 12.04) CVE-2013-5018
MLIST:[VIM] 20070911 MIL 4383 CVE-2007-4817
MLIST:[VIM] 20100203 Re: disputed: CVE-2010-0158 JoomlaBamboo (JB) Simpla Admin SQL injection CVE-2010-0158
MLIST:[VIM] 20100203 disputed: CVE-2010-0158 JoomlaBamboo (JB) Simpla Admin SQL injection CVE-2010-0158
MLIST:[VIM] 20101109 osTicket 1.6 - Local File Inclusion CVE-2010-4634
MLIST:[VOIPSEC] 20070319 Asterisk SDP DOS vulnerability CVE-2007-1561 CVE-2007-1594
MLIST:[VOIPSEC] 20071216 Trixbox Arbitrary Command Execution Vulnerability CVE-2007-6424
MLIST:[VOIPSEC] 20071219 trixbox vuln (CVE-2007-6424) - PoC exploit code CVE-2007-6424
MLIST:[VOIPSEC] 20071219 trixbox vulnerability fluff CVE-2007-6424
MLIST:[Vortex] 20070530 [ANN] Vortex Library 1.0.3 "Hands open release" is ready! CVE-2007-3046
MLIST:[Vserver] 20031218 SMP oops 2.4.23 v1.22 CVE-2003-1288
MLIST:[Vserver] 20031219 Re: SMP oops 2.4.23 v1.22 CVE-2003-1288
MLIST:[Vserver] 20031220 Re: SMP oops 2.4.23 v1.22 CVE-2003-1288
MLIST:[Vserver] 20050108 [Advisory] procfs in vserver CVE-2004-2613
MLIST:[Vserver] 20060428 [SECURITY] ccaps not limited to root inside a guest CVE-2006-2110
MLIST:[Vtigercrm-developers] 20140316 IMP: forgot password and re-installation security fix CVE-2014-2268 CVE-2014-2269
MLIST:[WWW-Mobile-Code] 20030706 can - IIS Version Disclosure CVE-2003-1306
MLIST:[Webcollab-announce] 20131018 Webcollab 3.31 Released CVE-2013-2652
MLIST:[Wikitech-l] 20060523 MediaWiki 1.6.5 JavaScript Execution Vulnerability # 2 CVE-2006-2611
MLIST:[X2Go-Announcement] 20130519 X2Go Server (4.0.0.2) released CVE-2013-4376
MLIST:[Xen-announce] 20120612 Xen Security Advisory 8 (CVE-2012-0218) - syscall/enter guest DoS CVE-2012-0218
MLIST:[Xen-announce] 20120612 [Xen-announce] Xen Security Advisory 9 (CVE-2012-2934) - PV guest host DoS (AMD erratum #121) CVE-2012-2934
MLIST:[Xen-announce] 20120905 Xen Security Advisory 15 (CVE-2012-3497) - multiple TMEM hypercall vulnerabilities CVE-2012-6030 CVE-2012-6031 CVE-2012-6032 CVE-2012-6033 CVE-2012-6034 CVE-2012-6035 CVE-2012-6036
MLIST:[Xen-devel] 20071029 [PATCH] x86: allow pv guests to disable TSC for applications CVE-2007-5907
MLIST:[Xen-devel] 20071031 [PATCH, fixed] x86: fix debug register handling CVE-2007-5906
MLIST:[Xen-devel] 20090513 [PATCH] linux/i386: hypervisor_callback adjustments CVE-2009-1758
MLIST:[Xen-devel] 20110509 Re: Xen security advisory CVE-2011-1583 - pv kernel image validation CVE-2011-3262
MLIST:[Xen-devel] 20110509 Xen security advisory CVE-2011-1583 - pv kernel image validation CVE-2011-3262
MLIST:[Xen-devel] 20110616 IOMMU faults CVE-2011-3131
MLIST:[Xen-devel] 20110812 Xen Advisory 5 (CVE-2011-3131) IOMMU fault livelock CVE-2011-3131
MLIST:[Xorg] 20040613 DRI merging CVE-2006-6730
MLIST:[Xymon] 20160208 Xymon 4.3.25 - Important Security Update CVE-2016-2054
MLIST:[Zope-Annce] 20060821 Hotfix for Further reST Integration Issue CVE-2006-4684
MLIST:[Zope-announce] 20060706 Serious security problem with Zope 2 CVE-2006-3458
MLIST:[Zope-dev] 20090706 zope.html with FCKEditor security fix CVE-2009-2265
MLIST:[Zope] 20080812 Script (Python) insecure ? CVE-2008-5102
MLIST:[accumulo-commits] 20190404 [accumulo] branch master updated: Update jetty to latest (CVE-2018-12545) CVE-2018-12545
MLIST:[accumulo-commits] 20190424 [accumulo-website] branch master updated: Update Jekyll (CVE-2018-17567) CVE-2018-17567
MLIST:[accumulo-commits] 20190605 [accumulo] branch 2.0 updated: Update ZooKeeper (CVE-2019-0201) CVE-2019-0201
MLIST:[accumulo-commits] 20190723 [accumulo] branch 2.0 updated: Fix CVE-2019-12814 Use jackson-databind 2.9.9.1 CVE-2019-12814
MLIST:[accumulo-notifications] 20190402 [GitHub] [accumulo] milleruntime opened a new pull request #1072: Upgrade jetty to fix CVE CVE-2018-12545
MLIST:[accumulo-notifications] 20190612 [GitHub] [accumulo-testing] milleruntime opened a new pull request #80: Update checkstyle CVE-2019-9658
MLIST:[accumulo-notifications] 20200108 [GitHub] [accumulo] milleruntime opened a new pull request #1469: Update hibernate-validator. Fixes CVE-2019-10219 CVE-2019-10219
MLIST:[accumulo-notifications] 20200109 [GitHub] [accumulo] milleruntime closed pull request #1469: Update hibernate-validator. Fixes CVE-2019-10219 CVE-2019-10219
MLIST:[accumulo-notifications] 20200109 [GitHub] [accumulo] milleruntime commented on issue #1469: Update hibernate-validator. Fixes CVE-2019-10219 CVE-2019-10219
MLIST:[activemq-commits] 20190327 [CONF] Apache ActiveMQ > Security Advisories CVE-2017-15709 CVE-2018-11775 CVE-2018-8006 CVE-2019-0222
MLIST:[activemq-commits] 20190327 svn commit: r1042603 - /websites/production/activemq/content/security-advisories.data/CVE-2019-0222-announcement.txt CVE-2019-0222
MLIST:[activemq-commits] 20190327 svn commit: r1042639 - in /websites/production/activemq/content/activemq-website: ./ projects/artemis/download/ projects/classic/download/ projects/cms/download/ security-advisories.data/ CVE-2014-3576 CVE-2014-3579 CVE-2014-3600 CVE-2015-5254 CVE-2016-0734 CVE-2016-0782 CVE-2016-3088 CVE-2016-6810 CVE-2017-15709 CVE-2018-11775 CVE-2018-8006 CVE-2019-0222
MLIST:[activemq-commits] 20200514 [activemq-website] branch master updated: Publish CVE-2020-1941 security advisory CVE-2018-11775 CVE-2018-8006 CVE-2019-0222
MLIST:[activemq-commits] 20200910 [activemq-website] branch master updated: Publish CVE-2020-11998 CVE-2019-0222 CVE-2020-1941
MLIST:[activemq-commits] 20210127 [activemq-website] branch master updated: Publish CVE-2021-26117 CVE-2020-11998 CVE-2020-13920 CVE-2020-13932 CVE-2020-1941
MLIST:[activemq-commits] 20210127 [activemq-website] branch master updated: Publish CVE-2021-26118 CVE-2020-13932
MLIST:[activemq-commits] 20210128 [activemq-website] branch master updated: CVE-2021-26117 - add mitigation section CVE-2021-26117
MLIST:[activemq-commits] 20210208 [activemq-website] branch master updated: Publish CVE-2020-13947 CVE-2018-8006 CVE-2019-0222 CVE-2020-11998 CVE-2020-13920 CVE-2020-1941 CVE-2021-26117
MLIST:[activemq-commits] 20210211 [activemq-website] branch master updated: Update 5.15.x fix version on CVE-2020-13947 CVE-2020-13947
MLIST:[activemq-dev] 20190327 CVE-2019-0222 - Apache ActiveMQ: Corrupt MQTT frame can cause broker shutdown CVE-2019-0222
MLIST:[activemq-dev] 20190327 Re: Website CVE-2017-15709 CVE-2018-11775 CVE-2018-8006 CVE-2019-0222
MLIST:[activemq-dev] 20190328 Re: Website CVE-2017-15709 CVE-2018-11775 CVE-2018-8006 CVE-2019-0222
MLIST:[activemq-dev] 20191018 Re: NIST CVEs for ActiveMQ CVE-2015-5183 CVE-2015-5184
MLIST:[activemq-dev] 20200225 CVE-2015-5183 CVE-2015-5183
MLIST:[activemq-dev] 20200226 Re: CVE-2015-5183 CVE-2015-5183
MLIST:[activemq-dev] 20210105 Re: CVE-2015-5183 CVE-2015-5183 CVE-2015-5184
MLIST:[activemq-dev] 20210211 Re: CVE-2020-13947 - XSS in WebConsole CVE-2020-13947
MLIST:[activemq-gitbox] 20190530 [GitHub] [activemq-artemis] brusdev opened a new pull request #2687: ARTEMIS-2359 Upgrade to Guava 24.1 CVE-2018-10237
MLIST:[activemq-gitbox] 20191021 [GitHub] [activemq-website] clebertsuconic commented on a change in pull request #17: Fix the ordering in the security advisories page CVE-2017-15709 CVE-2018-8006
MLIST:[activemq-gitbox] 20191022 [GitHub] [activemq-website] coheigea commented on a change in pull request #17: Fix the ordering in the security advisories page CVE-2017-15709 CVE-2018-8006
MLIST:[activemq-gitbox] 20210210 [GitHub] [activemq] ehossack-aws opened a new pull request #614: Update shiro to 1.7.1 CVE-2020-17523
MLIST:[activemq-gitbox] 20210303 [GitHub] [activemq] ehossack-aws opened a new pull request #616: Upgrade to Jetty 9.4.38.v20210224 CVE-2020-27223
MLIST:[activemq-gitbox] 20210323 [GitHub] [activemq-artemis] trevorlinton opened a new pull request #3515: Update activmq5 version to fix CVE-2021-26117 CVE-2021-26117
MLIST:[activemq-gitbox] 20210409 [GitHub] [activemq-artemis] brusdev closed pull request #3515: Update activmq5 version to fix CVE-2021-26117 CVE-2021-26117
MLIST:[activemq-gitbox] 20210409 [GitHub] [activemq-artemis] brusdev commented on pull request #3515: Update activmq5 version to fix CVE-2021-26117 CVE-2021-26117
MLIST:[activemq-issues] 20190516 [jira] [Created] (AMQ-7208) Security Issue related to Guava 18.0 CVE-2018-10237
MLIST:[activemq-issues] 20190529 [jira] [Commented] (ARTEMIS-2363) spring-core-5.0.1.RELEASE.jar vulnerable to CVE-2018-15756 CVE-2018-15756
MLIST:[activemq-issues] 20190529 [jira] [Created] (ARTEMIS-2363) spring-core-5.0.1.RELEASE.jar vulnerable to CVE-2018-15756 CVE-2018-15756
MLIST:[activemq-issues] 20190529 [jira] [Updated] (ARTEMIS-2363) spring-core-5.0.1.RELEASE.jar vulnerable to CVE-2018-15756 CVE-2018-15756
MLIST:[activemq-issues] 20190626 [jira] [Assigned] (ARTEMIS-2363) spring-core-5.0.1.RELEASE.jar vulnerable to CVE-2018-15756 CVE-2018-15756
MLIST:[activemq-issues] 20190626 [jira] [Work logged] (ARTEMIS-2363) spring-core-5.0.1.RELEASE.jar vulnerable to CVE-2018-15756 CVE-2018-15756
MLIST:[activemq-issues] 20190703 [jira] [Created] (AMQ-7236) SEV-1 Security vulnerability in spring-expression-4.3.11.RELEASE.jar (spring framework) CVE-2018-1199 CVE-2018-1270 CVE-2018-1275
MLIST:[activemq-issues] 20190703 [jira] [Updated] (AMQ-7236) SEV-1 Security vulnerability in spring-expression-4.3.11.RELEASE.jar (spring framework) and xstream-1.4.10.jar CVE-2018-1199 CVE-2018-1270 CVE-2018-1275
MLIST:[activemq-issues] 20190716 [jira] [Commented] (ARTEMIS-2363) spring-core-5.0.1.RELEASE.jar vulnerable to CVE-2018-15756 CVE-2018-15756
MLIST:[activemq-issues] 20190718 [jira] [Updated] (AMQ-7236) SEV-1 Security vulnerability in spring-expression-4.3.11.RELEASE.jar (spring framework) and xstream-1.4.10.jar CVE-2013-7285 CVE-2018-1199 CVE-2018-1270 CVE-2018-1275
MLIST:[activemq-issues] 20190723 [jira] [Created] (AMQ-7249) Security Vulnerabilities in the ActiveMQ dependent jars. CVE-2017-6056 CVE-2018-8014 CVE-2018-8034 CVE-2019-0188 CVE-2019-10241 CVE-2019-10247
MLIST:[activemq-issues] 20190820 [jira] [Created] (AMQ-7279) Security Vulnerabilities in Libraries - jackson-databind-2.9.8.jar, tomcat-servlet-api-8.0.53.jar, tomcat-websocket-api-8.0.53.jar, zookeeper-3.4.6.jar, guava-18.0.jar, jetty-all-9.2.26.v20180806.jar, scala-library-2.11.0.jar CVE-2016-5017 CVE-2017-15288 CVE-2017-5637 CVE-2017-7656 CVE-2017-7657 CVE-2017-7658 CVE-2017-9735 CVE-2018-10237 CVE-2018-12536 CVE-2018-8012 CVE-2019-0201 CVE-2019-10241 CVE-2019-10247
MLIST:[activemq-issues] 20190826 [jira] [Closed] (ARTEMIS-2363) spring-core-5.0.1.RELEASE.jar vulnerable to CVE-2018-15756 CVE-2018-15756
MLIST:[activemq-issues] 20190826 [jira] [Created] (AMQ-7288) Security Vulnerabilities in ActiveMQ dependent libraries. CVE-2013-7285 CVE-2018-1270
MLIST:[activemq-issues] 20190826 [jira] [Reopened] (ARTEMIS-2363) spring-core-5.0.1.RELEASE.jar vulnerable to CVE-2018-15756 CVE-2018-15756
MLIST:[activemq-issues] 20190826 [jira] [Updated] (ARTEMIS-2363) spring-core-5.0.1.RELEASE.jar vulnerable to CVE-2018-15756 CVE-2018-15756
MLIST:[activemq-issues] 20190925 [jira] [Created] (AMQ-7310) Security Vulnerabilities in Tomcat-websocket-api.jar CVE-2017-6056
MLIST:[activemq-issues] 20191226 [jira] [Created] (AMQ-7370) log4j 1.2 version used by AMQ 5.15.10 / 5.15.11 is vulnerable to CVE-2019-17571 CVE-2017-5645 CVE-2019-17571
MLIST:[activemq-issues] 20191230 [jira] [Created] (AMQ-7372) [9.8] [CVE-2019-17571] [activemq-all] [5.15.10] CVE-2017-5645 CVE-2019-17571
MLIST:[activemq-issues] 20200102 [jira] [Created] (AMQ-7373) jolokia-core-1.6.0.jar is vulnerable to CVE-2018-10899 CVE-2018-10899
MLIST:[activemq-issues] 20200120 [jira] [Work logged] (AMQ-7373) jolokia-core-1.6.0.jar is vulnerable to CVE-2018-10899 CVE-2018-10899
MLIST:[activemq-issues] 20200122 [jira] [Assigned] (AMQ-7370) log4j 1.2 version used by AMQ 5.15.10 / 5.15.11 is vulnerable to CVE-2019-17571 CVE-2017-5645 CVE-2019-17571
MLIST:[activemq-issues] 20200122 [jira] [Assigned] (AMQ-7372) [9.8] [CVE-2019-17571] [activemq-all] [5.15.10] CVE-2017-5645 CVE-2019-17571
MLIST:[activemq-issues] 20200122 [jira] [Assigned] (AMQ-7373) jolokia-core-1.6.0.jar is vulnerable to CVE-2018-10899 CVE-2018-10899
MLIST:[activemq-issues] 20200122 [jira] [Commented] (AMQ-7373) jolokia-core-1.6.0.jar is vulnerable to CVE-2018-10899 CVE-2018-10899
MLIST:[activemq-issues] 20200122 [jira] [Resolved] (AMQ-7372) [9.8] [CVE-2019-17571] [activemq-all] [5.15.10] CVE-2017-5645 CVE-2019-17571
MLIST:[activemq-issues] 20200122 [jira] [Resolved] (AMQ-7373) jolokia-core-1.6.0.jar is vulnerable to CVE-2018-10899 CVE-2018-10899
MLIST:[activemq-issues] 20200122 [jira] [Updated] (AMQ-7370) log4j 1.2 version used by AMQ 5.15.10 / 5.15.11 is vulnerable to CVE-2019-17571 CVE-2017-5645 CVE-2019-17571
MLIST:[activemq-issues] 20200122 [jira] [Updated] (AMQ-7372) [9.8] [CVE-2019-17571] [activemq-all] [5.15.10] CVE-2017-5645 CVE-2019-17571
MLIST:[activemq-issues] 20200122 [jira] [Updated] (AMQ-7373) jolokia-core-1.6.0.jar is vulnerable to CVE-2018-10899 CVE-2018-10899
MLIST:[activemq-issues] 20200122 [jira] [Work logged] (AMQ-7373) jolokia-core-1.6.0.jar is vulnerable to CVE-2018-10899 CVE-2018-10899
MLIST:[activemq-issues] 20200127 [jira] [Commented] (AMQ-7370) log4j 1.2 version used by AMQ 5.15.10 / 5.15.11 is vulnerable to CVE-2019-17571 CVE-2017-5645 CVE-2019-17571
MLIST:[activemq-issues] 20200208 [jira] [Commented] (AMQ-7370) log4j 1.2 version used by AMQ 5.15.10 / 5.15.11 is vulnerable to CVE-2019-17571 CVE-2017-5645 CVE-2019-17571
MLIST:[activemq-issues] 20200228 [jira] [Commented] (AMQ-7370) log4j 1.2 version used by AMQ 5.15.10 / 5.15.11 is vulnerable to CVE-2019-17571 CVE-2017-5645 CVE-2019-17571
MLIST:[activemq-issues] 20200228 [jira] [Resolved] (AMQ-7370) log4j 1.2 version used by AMQ 5.15.10 / 5.15.11 is vulnerable to CVE-2019-17571 CVE-2017-5645 CVE-2019-17571
MLIST:[activemq-issues] 20200228 [jira] [Updated] (AMQ-7370) log4j 1.2 version used by AMQ 5.15.10 / 5.15.11 is vulnerable to CVE-2019-17571 CVE-2017-5645 CVE-2019-17571
MLIST:[activemq-issues] 20200601 [jira] [Created] (AMQ-7492) CVE-2020-11971 needs AMQ to upgrade to Apache Camel 3.2.0 CVE-2020-11971
MLIST:[activemq-issues] 20200622 [jira] [Assigned] (AMQ-7492) CVE-2020-11971 needs AMQ to upgrade to Apache Camel 3.2.0 CVE-2020-11971
MLIST:[activemq-issues] 20200622 [jira] [Commented] (AMQ-7492) CVE-2020-11971 needs AMQ to upgrade to Apache Camel 3.2.0 CVE-2020-11971
MLIST:[activemq-issues] 20200730 [jira] [Commented] (AMQ-7370) log4j 1.2 version used by AMQ 5.15.10 / 5.15.11 is vulnerable to CVE-2019-17571 CVE-2017-5645 CVE-2019-17571
MLIST:[activemq-issues] 20201122 [jira] [Commented] (AMQ-7492) CVE-2020-11971 needs AMQ to upgrade to Apache Camel 3.2.0 CVE-2020-11971
MLIST:[activemq-issues] 20201122 [jira] [Updated] (AMQ-7492) CVE-2020-11971 needs AMQ to upgrade to Apache Camel 2.25.2 CVE-2020-11971
MLIST:[activemq-issues] 20201230 [jira] [Created] (AMQ-8107) Does ActiveMQ use the affected functionality within Xstream libraries for CVE-2020-26217 CVE-2020-26217
MLIST:[activemq-issues] 20201230 [jira] [Updated] (AMQ-8107) Does ActiveMQ use the affected functionality within Xstream libraries for CVE-2020-26217 CVE-2020-26217
MLIST:[activemq-issues] 20210104 [jira] [Resolved] (AMQ-8107) Does ActiveMQ use the affected functionality within Xstream libraries for CVE-2020-26217 CVE-2020-26217
MLIST:[activemq-issues] 20210301 [jira] [Created] (AMQ-8159) High severity security issues found in Apache Shiro v.1.7.0 CVE-2020-17523
MLIST:[activemq-issues] 20210421 [jira] [Created] (AMQ-8244) CVE-2021-26117 on AMQ 5.16.1 CVE-2021-26117
MLIST:[activemq-issues] 20210421 [jira] [Created] (AMQ-8245) CVE-2021-26117 on AMQ 5.16.1 CVE-2021-26117
MLIST:[activemq-issues] 20210421 [jira] [Created] (AMQ-8246) CVE-2021-26117 still exists on 5.16.1 CVE-2021-26117
MLIST:[activemq-issues] 20210421 [jira] [Updated] (AMQ-8246) CVE-2021-26117 still exists on 5.16.1 CVE-2021-26117
MLIST:[activemq-issues] 20210509 [jira] [Commented] (AMQ-8246) CVE-2021-26117 still exists on 5.16.1 CVE-2021-26117
MLIST:[activemq-issues] 20210509 [jira] [Deleted] (AMQ-8244) CVE-2021-26117 on AMQ 5.16.1 CVE-2021-26117
MLIST:[activemq-issues] 20210509 [jira] [Deleted] (AMQ-8245) CVE-2021-26117 on AMQ 5.16.1 CVE-2021-26117
MLIST:[activemq-users] 20190327 CVE-2019-0222 - Apache ActiveMQ: Corrupt MQTT frame can cause broker shutdown CVE-2019-0222
MLIST:[activemq-users] 20190703 Re: ActiveMQ cve vulnerabilities seen in latest version CVE-2016-3088
MLIST:[activemq-users] 20200721 Re: [ANNOUNCE] CVE-2020-13932 Apache ActiveMQ Artemis - Remote XSS in Web console Diagram Plugin CVE-2020-13932
MLIST:[activemq-users] 20210211 Re: CVE-2020-13947 - XSS in WebConsole CVE-2020-13947
MLIST:[activemq-users] 20210427 Re: Release date for ActiveMQ v5.16.2 to fix CVEs CVE-2019-17571
MLIST:[activemq-users] 20210427 Release date for ActiveMQ v5.16.2 to fix CVEs CVE-2019-17571 CVE-2020-17523 CVE-2021-21341 CVE-2021-21342 CVE-2021-21343 CVE-2021-21344 CVE-2021-21345 CVE-2021-21346 CVE-2021-21347 CVE-2021-21348 CVE-2021-21349 CVE-2021-21350 CVE-2021-21351
MLIST:[activemq-users] 20210715 Next ActiveMQ Artemis Release - CVE-2021-21290 vulnerability CVE-2021-21290
MLIST:[activemq-users] 20210830 Security issues CVE-2019-17571 CVE-2020-11971 CVE-2020-13936
MLIST:[activemq-users] 20210831 RE: Security issues CVE-2019-17571 CVE-2020-11971 CVE-2020-13936
MLIST:[airflow-commits] 20190410 [GitHub] [airflow] XD-DENG commented on issue #5075: [AIRFLOW-XXX] Change allowed version of Jinja2 to fix CVE-2019-10906 CVE-2019-10906
MLIST:[airflow-commits] 20190410 [GitHub] [airflow] XD-DENG opened a new pull request #5075: [AIRFLOW-XXX] Change allowed version of Jinja2 to fix CVE-2019-10906 CVE-2019-10906
MLIST:[airflow-commits] 20190410 [GitHub] [airflow] ashb commented on issue #5075: [AIRFLOW-XXX] Change allowed version of Jinja2 to fix CVE-2019-10906 CVE-2019-10906
MLIST:[airflow-commits] 20190410 [GitHub] [airflow] ashb merged pull request #5075: [AIRFLOW-XXX] Change allowed version of Jinja2 to fix CVE-2019-10906 CVE-2019-10906
MLIST:[airflow-commits] 20190428 [GitHub] [airflow] XD-DENG commented on issue #5197: [AIRFLOW-XXX] Fix CVE-2019-11358 CVE-2019-11358
MLIST:[airflow-commits] 20190428 [GitHub] [airflow] XD-DENG merged pull request #5197: [AIRFLOW-XXX] Fix CVE-2019-11358 CVE-2019-11358
MLIST:[airflow-commits] 20190428 [GitHub] [airflow] codecov-io commented on issue #5197: [AIRFLOW-XXX] Fix CVE-2019-11358 CVE-2019-11358
MLIST:[airflow-commits] 20190428 [GitHub] [airflow] feng-tao commented on issue #5197: [AIRFLOW-XXX] Fix CVE-2019-11358 CVE-2019-11358
MLIST:[airflow-commits] 20190428 [GitHub] [airflow] feng-tao opened a new pull request #5197: [AIRFLOW-XXX] Fix CVE-2019-11358 CVE-2019-11358
MLIST:[airflow-commits] 20200820 [GitHub] [airflow] breser opened a new issue #10429: jquery dependency needs to be updated to 3.5.0 or newer CVE-2020-11022
MLIST:[airflow-commits] 20210511 [GitHub] [airflow] github-actions[bot] commented on pull request #15782: Bump ``trim`` to fix ``CVE-2020-7753`` CVE-2020-7753
MLIST:[airflow-commits] 20210511 [GitHub] [airflow] kaxil closed pull request #15782: Bump ``trim`` to fix ``CVE-2020-7753`` CVE-2020-7753
MLIST:[airflow-commits] 20210511 [GitHub] [airflow] kaxil opened a new pull request #15782: Bump ``trim`` to fix ``CVE-2020-7753`` CVE-2020-7753
MLIST:[airflow-commits] 20210511 [GitHub] [airflow] ryanahamilton closed pull request #15782: Bump ``trim`` to fix ``CVE-2020-7753`` CVE-2020-7753
MLIST:[airflow-commits] 20210511 [GitHub] [airflow] ryanahamilton commented on pull request #15782: Bump ``trim`` to fix ``CVE-2020-7753`` CVE-2020-7753
MLIST:[airflow-commits] 20210712 [GitHub] [airflow] ashb commented on pull request #16942: Relax version constraint on ``Flask-Appbuilder`` CVE-2021-29621
MLIST:[airflow-commits] 20210920 [GitHub] [airflow] beltran-rubo opened a new issue #18383: CVE-2019-17495 for swagger-ui CVE-2019-17495
MLIST:[airflow-commits] 20210920 [GitHub] [airflow] boring-cyborg[bot] commented on issue #18383: CVE-2019-17495 for swagger-ui CVE-2019-17495
MLIST:[airflow-commits] 20210920 [GitHub] [airflow] uranusjr commented on issue #18383: CVE-2019-17495 for swagger-ui CVE-2019-17495
MLIST:[airflow-commits] 20210921 [GitHub] [airflow] beltran-rubo closed issue #18383: CVE-2019-17495 for swagger-ui CVE-2019-17495
MLIST:[airflow-commits] 20210921 [GitHub] [airflow] beltran-rubo commented on issue #18383: CVE-2019-17495 for swagger-ui CVE-2019-17495
MLIST:[airflow-dev] 20190410 CVE-2019-0216, CVE-2019-0229 vulnerabilities affecting Apache Airflow <= 1.10.2 webserver component CVE-2018-20244
MLIST:[airflow-dev] 20200114 [CVE-2019-12398] Apache Airflow Stored XSS vulnerability in classic UI CVE-2019-12398
MLIST:[airflow-dev] 20201211 Apache Airflow Security Vulnerabilities fixed in v1.10.13: CVE-2020-17515 CVE-2020-13944 CVE-2020-17515
MLIST:[airflow-dev] 20210217 CVE-2021-26697: Apache Airflow: Lineage API endpoint for Experimental API missed authentication check CVE-2021-26697
MLIST:[airflow-users] 20191030 [CVE-2019-12417] Apache Airflow stored xss and local file disclosure vulnerability <= 1.10.5 CVE-2019-12417
MLIST:[airflow-users] 20200114 [CVE-2019-12398] Apache Airflow Stored XSS vulnerability in classic UI CVE-2019-12398
MLIST:[airflow-users] 20201211 Apache Airflow Security Vulnerabilities fixed in v1.10.13: CVE-2020-17515 CVE-2020-13944 CVE-2020-17515
MLIST:[airflow-users] 20201211 CVE-2020-17515: Apache Airflow Reflected XSS via Origin Parameter CVE-2020-13944 CVE-2020-17515
MLIST:[airflow-users] 20210217 CVE-2021-26697: Apache Airflow: Lineage API endpoint for Experimental API missed authentication check CVE-2021-26697
MLIST:[airflow-users] 20210501 CVE-2021-28359: Apache Airflow Reflected XSS via Origin Query Argument in URL CVE-2020-13944 CVE-2020-17515 CVE-2021-23336
MLIST:[alerts] 20070530 VMS83A_PASRTL-V0100, ECO Kit Release CVE-2007-2998
MLIST:[alerts] 20070530 VMS83I_PASRTL-V0100, ECO Kit Release CVE-2007-2998
MLIST:[alerts] 20080820 VMS732_SMGRTL-V0100, ECO Kit Release CVE-2008-4052
MLIST:[alerts] 20080820 VMS821I_SMGRTL-V0100, ECO Kit Release CVE-2008-4052
MLIST:[alerts] 20080820 VMS82A_SMGRTL-V0100, ECO Kit Release CVE-2008-4052
MLIST:[alerts] 20080820 VMS831H1I_SMGRTL-V0100, ECO Kit Release CVE-2008-4052
MLIST:[alerts] 20080820 VMS83A_SMGRTL-V0100, ECO Kit Release CVE-2008-4052
MLIST:[alerts] 20080820 VMS83I_SMGRTL-V0100, ECO Kit Release CVE-2008-4052
MLIST:[allura-commits] 20200521 [allura] branch master updated: Upgrade httplib2 for CVE-2020-11078 CVE-2020-11078
MLIST:[alsa-devel] 20171011 [PATCH] ALSA: seq: Fix use-after-free at creating a port CVE-2017-15265
MLIST:[alsa-devel] 20180214 [PATCH] ALSA: seq: Fix racy pool initializations CVE-2018-7566
MLIST:[ambari-commits] 20190813 [ambari] branch branch-2.7 updated: AMBARI-25352 : Upgrade fasterxml jackson dependency due to CVE-2019-14379 (#3066) CVE-2019-14379
MLIST:[ambari-commits] 20190813 [ambari] branch trunk updated: AMBARI-25352 : Upgrade fasterxml jackson dependency due to CVE-2019-14379(trunk) (#3067) CVE-2019-14379
MLIST:[ambari-commits] 20201019 [ambari] branch branch-2.7 updated: AMBARI-25571. Vulnerable Spring components in Ambari - CVE-2020-5398, CVE-2020-5421 (dlysnichenko) (#3246) CVE-2020-5398 CVE-2020-5421
MLIST:[ambari-commits] 20210125 [ambari] branch branch-2.7 updated: AMBARI-25547 Update Grafana version to 6.7.4 to avoid CVE-2020-13379 (#3279) CVE-2020-13379
MLIST:[ambari-dev] 20201019 [GitHub] [ambari] dlysnichenko merged pull request #3246: AMBARI-25571. Vulnerable Spring components in Ambari - CVE-2020-5398, CVE-2020-5421 CVE-2020-5398 CVE-2020-5421
MLIST:[ambari-dev] 20201019 [GitHub] [ambari] dlysnichenko opened a new pull request #3246: AMBARI-25571. Vulnerable Spring components in Ambari - CVE-2020-5398, CVE-2020-5421 CVE-2020-5398 CVE-2020-5421
MLIST:[ambari-dev] 20210121 [GitHub] [ambari] dvitiiuk commented on a change in pull request #3279: AMBARI-25547 Update Grafana version to 6.7.4 to avoid CVE-2020-13379 CVE-2020-13379
MLIST:[ambari-dev] 20210121 [GitHub] [ambari] payert commented on a change in pull request #3279: AMBARI-25547 Update Grafana version to 6.7.4 to avoid CVE-2020-13379 CVE-2020-13379
MLIST:[ambari-dev] 20210121 [GitHub] [ambari] payert opened a new pull request #3279: AMBARI-25547 Update Grafana version to 6.7.4 to avoid CVE-2020-13379 CVE-2020-13379
MLIST:[ambari-dev] 20210122 [GitHub] [ambari] dvitiiuk commented on a change in pull request #3279: AMBARI-25547 Update Grafana version to 6.7.4 to avoid CVE-2020-13379 CVE-2020-13379
MLIST:[ambari-dev] 20210122 [GitHub] [ambari] payert commented on a change in pull request #3279: AMBARI-25547 Update Grafana version to 6.7.4 to avoid CVE-2020-13379 CVE-2020-13379
MLIST:[ambari-dev] 20210122 [GitHub] [ambari] payert opened a new pull request #3279: AMBARI-25547 Update Grafana version to 6.7.4 to avoid CVE-2020-13379 CVE-2020-13379
MLIST:[ambari-dev] 20210125 [GitHub] [ambari] payert merged pull request #3279: AMBARI-25547 Update Grafana version to 6.7.4 to avoid CVE-2020-13379 CVE-2020-13379
MLIST:[ambari-issues] 20200220 [jira] [Created] (AMBARI-25482) solr dependence CVE-2019-17558 CVE-2019-17558
MLIST:[ambari-issues] 20200903 [jira] [Assigned] (AMBARI-25547) Update Grafana version to 6.7.4 to avoid CVE-2020-13379 CVE-2020-13379
MLIST:[ambari-issues] 20200903 [jira] [Created] (AMBARI-25547) Update Grafana version to 6.7.4 to avoid CVE-2020-13379 CVE-2020-13379
MLIST:[ambari-issues] 20201013 [jira] [Created] (AMBARI-25571) Vulnerable Spring components in Ambari - CVE-2020-5398, CVE-2020-5421 CVE-2020-5398 CVE-2020-5421
MLIST:[ambari-issues] 20201021 [jira] [Resolved] (AMBARI-25571) Vulnerable Spring components in Ambari - CVE-2020-5398, CVE-2020-5421 CVE-2020-5398 CVE-2020-5421
MLIST:[ambari-issues] 20210121 [jira] [Updated] (AMBARI-25547) Update Grafana version to 6.7.4 to avoid CVE-2020-13379 CVE-2020-13379
MLIST:[ambari-issues] 20210127 [jira] [Resolved] (AMBARI-25547) Update Grafana version to 6.7.4 to avoid CVE-2020-13379 CVE-2020-13379
MLIST:[android-security-updates] 20150812 Nexus Security Bulletin (August 2015) CVE-2015-1536 CVE-2015-1538 CVE-2015-1539 CVE-2015-1541 CVE-2015-3824 CVE-2015-3826 CVE-2015-3827 CVE-2015-3828 CVE-2015-3829 CVE-2015-3831 CVE-2015-3832 CVE-2015-3833 CVE-2015-3834 CVE-2015-3835 CVE-2015-3836 CVE-2015-3837 CVE-2015-3842 CVE-2015-3843 CVE-2015-3844 CVE-2015-6575
MLIST:[android-security-updates] 20150909 Nexus Security Bulletin (September 2015) CVE-2015-1528 CVE-2015-3845 CVE-2015-3849 CVE-2015-3858 CVE-2015-3860 CVE-2015-3861 CVE-2015-3863 CVE-2015-3864
MLIST:[android-security-updates] 20151005 Nexus Security Bulletin (October 2015) CVE-2015-3823 CVE-2015-3847 CVE-2015-3862 CVE-2015-3865 CVE-2015-3867 CVE-2015-3868 CVE-2015-3869 CVE-2015-3870 CVE-2015-3871 CVE-2015-3872 CVE-2015-3873 CVE-2015-3874 CVE-2015-3875 CVE-2015-3877 CVE-2015-3878 CVE-2015-3879 CVE-2015-6596 CVE-2015-6598 CVE-2015-6599 CVE-2015-6600 CVE-2015-6601 CVE-2015-6603 CVE-2015-6604 CVE-2015-6605 CVE-2015-6606 CVE-2015-6607 CVE-2015-7716 CVE-2015-7717 CVE-2015-7718
MLIST:[android-security-updates] 20151102 Nexus Security Bulletin (November 2015) CVE-2015-6608 CVE-2015-6609 CVE-2015-6610 CVE-2015-6611 CVE-2015-6612 CVE-2015-6613 CVE-2015-6614 CVE-2015-8072 CVE-2015-8073 CVE-2015-8074
MLIST:[announce@apache.org] 20170801 CVE-2017-9801: Apache Commons Email SMTP header injection vulnerabilty CVE-2017-9801
MLIST:[announce@httpd.apache.org] 20170619 [SECURITY] CVE-2017-7659: mod_http2 null pointer dereference CVE-2017-7659
MLIST:[announce] 20061013 ViewVC 1.0.3 released [SECURITY FIXES] CVE-2006-5442
MLIST:[announce] 20070314 Horde 3.1.4 (final) CVE-2007-1473 CVE-2007-1474
MLIST:[announce] 20070314 IMP H3 (4.1.4) (final) CVE-2007-1515
MLIST:[announce] 20070712 MySQL Community Server 5.0.45 has been released! CVE-2007-2691 CVE-2007-2692 CVE-2007-3780 CVE-2007-3781 CVE-2007-3782
MLIST:[announce] 20080109 Horde 3.1.6 (final) CVE-2007-6018 CVE-2008-7218
MLIST:[announce] 20080109 Horde Groupware 1.0.3 (final) CVE-2007-6018 CVE-2008-7218 CVE-2008-7219
MLIST:[announce] 20080109 Kronolith H3 (2.1.7) (final) CVE-2008-7218 CVE-2008-7219
MLIST:[announce] 20080109 Mnemo H3 (2.1.2) (final) CVE-2008-7218 CVE-2008-7219
MLIST:[announce] 20080109 Nag H3 (2.1.4) (final) CVE-2008-7218 CVE-2008-7219
MLIST:[announce] 20080109 Turba H3 (2.1.6) (final) CVE-2008-7218
MLIST:[announce] 20080110 Horde Groupware Webmail Edition 1.0.4 (final) CVE-2007-6018 CVE-2008-7218 CVE-2008-7219
MLIST:[announce] 20080122 Horde 3.2-RC2 CVE-2008-7218
MLIST:[announce] 20080122 Kronolith H3 (2.2-RC2) CVE-2008-7218 CVE-2008-7219
MLIST:[announce] 20080122 Mnemo H3 (2.2-RC2) CVE-2008-7218 CVE-2008-7219
MLIST:[announce] 20080122 Nag H3 (2.2-RC2) CVE-2008-7218 CVE-2008-7219
MLIST:[announce] 20080122 Turba H3 (2.2-RC2) CVE-2008-7218
MLIST:[announce] 20080206 Horde Groupware 1.1-RC2 CVE-2008-7218 CVE-2008-7219
MLIST:[announce] 20080206 Horde Groupware Webmail Edition 1.1-RC2 CVE-2008-7218 CVE-2008-7219
MLIST:[announce] 20080215 Horde Groupware 1.0.4 (final) CVE-2008-0807
MLIST:[announce] 20080215 Horde Groupware Webmail Edition 1.0.5 (final) CVE-2008-0807
MLIST:[announce] 20080215 Turba H3 (2.1.7) (final) CVE-2008-0807
MLIST:[announce] 20080215 Turba H3 (2.2-RC3) CVE-2008-0807
MLIST:[announce] 20080307 Horde Groupware 1.0.5 (final) CVE-2008-1284
MLIST:[announce] 20080307 Horde Groupware Webmail Edition 1.0.6 (final) CVE-2008-1284
MLIST:[announce] 20080307 Horde 3.1.7 (final) CVE-2008-1284
MLIST:[announce] 20080613 Turba H3 (2.2.1) (final) CVE-2008-6746
MLIST:[announce] 20081210 Turba 2.3.1 (final) CVE-2008-4182
MLIST:[announce] 20090127 Horde 3.2.4 (final) CVE-2009-0931 CVE-2009-0932
MLIST:[announce] 20090127 Horde 3.3.3 (final) CVE-2009-0931 CVE-2009-0932
MLIST:[announce] 20090127 Horde Groupware 1.1.5 (final) CVE-2009-0931 CVE-2009-0932
MLIST:[announce] 20090127 IMP 4.2.2 (final) CVE-2009-0930
MLIST:[announce] 20090127 IMP 4.3.3 (final) CVE-2009-0930
MLIST:[announce] 20090705 Passwd H3 (3.1.1) (final) CVE-2009-2360
MLIST:[announce] 20091208 NTP 4.2.4p8 Released CVE-2009-3563
MLIST:[announce] 20091215 Horde 3.3.6 (final) CVE-2009-3701 CVE-2009-4363
MLIST:[announce] 20091216 Horde Groupware 1.2.5 (final) CVE-2009-3701 CVE-2009-4363
MLIST:[announce] 20091217 Horde Groupware Webmail Edition 1.2.5 (final) CVE-2009-3701 CVE-2009-4363
MLIST:[announce] 20100928 DIMP H3 (1.1.5) (final) CVE-2010-3693
MLIST:[announce] 20100928 Gollem H3 (1.1.2) (final) CVE-2010-3447
MLIST:[announce] 20100928 Horde Groupware Webmail Edition 1.2.7 (final) CVE-2010-3693
MLIST:[announce] 20110302 [SECURITY] Tomcat 7 ignores @ServletSecurity annotations CVE-2011-1419
MLIST:[announce] 20110824 Advisory: Range header DoS vulnerability Apache HTTPD 1.3/2.x \(CVE-2011-3192\) CVE-2011-3192
MLIST:[announce] 20111005 Advisory: mod_proxy reverse proxy exposure (CVE-2011-3368) CVE-2011-3368
MLIST:[announce] 20111228 [SECURITY] Apache Tomcat and the hashtable collision DoS vulnerability CVE-2011-4858
MLIST:[announce] 20120514 Kronolith H4 (3.0.17) (final) CVE-2012-6620
MLIST:[announce] 20120529 Horde Groupware Webmail Edition 4.0.8 (final) CVE-2012-5566
MLIST:[announce] 20120626 IMP H4 (5.0.22) (final) CVE-2012-6640
MLIST:[announce] 20120821 [ANNOUNCEMENT] Apache HTTP Server 2.4.3 Released CVE-2012-2687 CVE-2012-3502
MLIST:[announce] 20121114 Horde Groupware Webmail Edition 4.0.9 (final) CVE-2012-5565 CVE-2012-6640
MLIST:[announce] 20121114 IMP H4 (5.0.24) (final) CVE-2012-5565
MLIST:[announce] 20121114 Kronolith H4 (3.0.18) (final) CVE-2012-5567
MLIST:[announce] 20140707 [SECURITY] Horde Groupware Webmail Edition 5.1.5 (final) CVE-2014-4945 CVE-2014-4946
MLIST:[announce] 20140707 [SECURITY] IMP 6.1.8 (final) CVE-2014-4945 CVE-2014-4946
MLIST:[announce] 20151021 [SECURITY] Horde 5.2.8 (final) CVE-2015-7984
MLIST:[announce] 20151022 [SECURITY] Horde Groupware 5.2.11 (final) CVE-2015-7984
MLIST:[announce] 20151022 [SECURITY] Horde Groupware Webmail Edition 5.2.11 (final) CVE-2015-7984
MLIST:[announce] 20160202 [announce] [SECURITY] Horde Groupware 5.2.12 (final) CVE-2015-8807 CVE-2016-2228
MLIST:[announce] 20160202 [announce] [SECURITY] Horde Groupware Webmail Edition 5.2.12 (final) CVE-2015-8807 CVE-2016-2228
MLIST:[announce] 20161027 [SECURITY] CVE-2016-0762 Apache Tomcat Realm Timing Attack CVE-2016-0762
MLIST:[announce] 20161027 [SECURITY] CVE-2016-5018 Apache Tomcat Security Manager Bypass CVE-2016-5018
MLIST:[announce] 20161027 [SECURITY] CVE-2016-6794 Apache Tomcat Security System Property Disclosure CVE-2016-6794
MLIST:[announce] 20161027 [SECURITY] CVE-2016-6796 Apache Tomcat Security Manager Bypass CVE-2016-6796
MLIST:[announce] 20161027 [SECURITY] CVE-2016-6797 Apache Tomcat Unrestricted Access to Global Resources CVE-2016-6797
MLIST:[announce] 20161122 [SECURITY] CVE-2016-6817 Apache Tomcat Denial of Service CVE-2016-6817
MLIST:[announce] 20161129 [SECURITY] Apache Subversion 1.9.5 released CVE-2016-8734
MLIST:[announce] 20170105 [SECURITY][UPDATE] CVE-2016-8745 Apache Tomcat Information Disclosure CVE-2016-8745
MLIST:[announce] 20170707 [SECURITY] CVE-2017-7660: Security Vulnerability in secure inter-node communication in Apache Solr CVE-2017-7660
MLIST:[announce] 20170713 CVE-2017-9788: Uninitialized memory reflection in mod_auth_digest CVE-2017-9788
MLIST:[announce] 20170713 CVE-2017-9789: Apache httpd 2.4 Read after free in mod_http2 CVE-2017-9789
MLIST:[announce] 20170810 [SECURITY] CVE-2017-7674 Apache Tomcat Cache Poisoning CVE-2017-7674
MLIST:[announce] 20170810 [SECURITY][ANNOUNCE] Apache Subversion 1.9.7 released CVE-2017-9800
MLIST:[announce] 20170810 [UPDATE][SECURITY] CVE-2017-7675 Apache Tomcat Security Constraint Bypass CVE-2017-7675
MLIST:[announce] 20170919 [SECURITY] CVE-2017-12615 Apache Tomcat Remote Code Execution via JSP upload CVE-2017-12615
MLIST:[announce] 20170919 [SECURITY] CVE-2017-12616 Apache Tomcat Information Disclosure CVE-2017-12616
MLIST:[announce] 20170929 CVE-2017-9792 Apache Impala (incubating) Information Disclosure CVE-2017-9792
MLIST:[announce] 20171003 [SECURITY] CVE-2017-12617 Apache Tomcat Remote Code Execution via JSP upload CVE-2017-12617
MLIST:[announce] 20171023 Apache Portable Runtime APR 1.6.3, APR-util 1.6.1 and APR-iconv 1.2.2 Released CVE-2017-12613 CVE-2017-12618
MLIST:[announce] 20180131 [SECURITY] CVE-2017-15698 Apache Tomcat Native Connector - OCSP check omitted CVE-2017-15698
MLIST:[announce] 20180131 [SECURITY] CVE-2017-15706 Apache Tomcat Incorrectly documented CGI search algorithm CVE-2017-15706
MLIST:[announce] 20180816 [CVE-2018-11771] Apache Commons Compress 1.7 to 1.17 denial of service vulnerability CVE-2018-11771
MLIST:[announce] 20180916 [SECURITY] Apache SpamAssassin 3.4.2 resolves CVE-2017-15705, CVE-2016-1238, CVE-2018-11780 & CVE-2018-11781 CVE-2016-1238 CVE-2017-15705 CVE-2018-11780 CVE-2018-11781
MLIST:[announce] 20181003 [SECURITY] CVE-2018-11784 Apache Tomcat - Open Redirect CVE-2018-11784
MLIST:[announce] 20181005 [CVE-2018-11797] DoS vulnerability in Apache PDFBox parser CVE-2018-11797
MLIST:[announce] 20181006 [UPDATE][CVE-2018-11797] DoS vulnerability in Apache PDFBox parser CVE-2018-11797
MLIST:[announce] 20181105 [SECURITY] Immediately upgrade commons-fileupload to version 1.3.3 when running Struts 2.3.36 or prior CVE-2016-1000031
MLIST:[announce] 20190326 [CVE-2019-0225] Apache JSPWiki Local File Inclusion (limited ROOT folder) vulnerability leads to user information disclosure CVE-2019-0225
MLIST:[announce] 20190423 [SECURITY] CVE-2019-0223: Apache Qpid Proton TLS Man in the Middle Vulnerability CVE-2019-0223
MLIST:[announce] 20190430 [SECURITY] CVE-2019-0213: Apache Archiva Stored XSS CVE-2019-0213
MLIST:[announce] 20190430 [SECURITY] CVE-2019-0214: Apache Archiva arbitrary file write and delete on the server CVE-2019-0214
MLIST:[announce] 20190618 CVE-2019-10085 Apache Allura XSS vulnerability CVE-2019-10085
MLIST:[announce] 20190620 [SECURITY] CVE-2019-10072 Apache Tomcat HTTP/2 DoS CVE-2019-0199
MLIST:[announce] 20190620 [SECURITY][CORRECTION] CVE-2019-10072 Apache Tomcat HTTP/2 DoS CVE-2019-0199
MLIST:[announce] 20190724 [CVE-2018-1320] Apache Storm vulnerable Thrift version CVE-2018-1320
MLIST:[announce] 20190729 [CVE-2018-11772] Apache VCL SQL injection attack in privilege management CVE-2018-11772
MLIST:[announce] 20190729 [CVE-2018-11773] Apache VCL improper form validation in block allocation management CVE-2018-11773
MLIST:[announce] 20190729 [CVE-2018-11774] Apache VCL SQL injection attack in VM management CVE-2018-11774
MLIST:[announce] 20190909 [SECURITY] CVE-2019-12401: XML Bomb in Apache Solr versions prior to 5.0 CVE-2019-12401
MLIST:[announce] 20191016 [CVE-2016-4977] Apache Fineract remote code execution vulnerabilities fixed in v1.3.0 CVE-2016-4977
MLIST:[announce] 20191108 [CVE-2019-12408][CVE-2019-12410] Uninitialized Memory Vulnerabilities fixed in Apache Arrow 0.15.1 CVE-2019-12408 CVE-2019-12410
MLIST:[announce] 20191118 [CVE-2019-12409] Apache Solr RCE vulnerability due to bad config default CVE-2019-12409
MLIST:[announce] 20191212 [SECURITY] Apache SpamAssassin v3.4.3 released with fix for CVE-2018-11805 CVE-2018-11805
MLIST:[announce] 20191212 [SECURITY] Apache SpamAssassin v3.4.3 released with fix for CVE-2019-12420 CVE-2019-12420
MLIST:[announce] 20191218 [CVE-2019-17571] Apache Log4j 1.2 deserialization of untrusted data in SocketServer CVE-2017-5645
MLIST:[announce] 20191218 [SECURITY] CVE-2019-12418 Local Privilege Escalation CVE-2019-2684
MLIST:[announce] 20200113 CVE-2019-12399: Apache Kafka Connect REST API may expose plaintext secrets in tasks endpoint CVE-2019-12399
MLIST:[announce] 20200116 [CVE-2019-12423] - Apache CXF OpenId Connect JWK Keys service returns private/secret credentials if configured with a jwk keystore CVE-2019-12423
MLIST:[announce] 20200116 [CVE-2019-17573] Apache CXF Reflected XSS in the services listing page CVE-2019-17573
MLIST:[announce] 20200130 [CVE-2020-1930] Apache SpamAssassin Nefarious rule configuration (.cf) files can be configured to run system commands CVE-2018-11805 CVE-2020-1930
MLIST:[announce] 20200130 [CVE-2020-1931] Apache SpamAssassin Nefarious rule configuration (.cf) files can be configured to run system commands with warnings. CVE-2018-11805
MLIST:[announce] 20200131 Apache Software Foundation Security Report: 2019 CVE-2016-3088 CVE-2017-12615 CVE-2017-5638 CVE-2018-11776 CVE-2019-0211 CVE-2019-0221 CVE-2019-0227 CVE-2019-0232 CVE-2019-17554
MLIST:[announce] 20200206 [SECURITY] CVE-2019-12426 information disclosure vulnerability in Apache OFBiz CVE-2019-12426
MLIST:[announce] 20200401 [CVE-2020-1958]: Apache Druid LDAP injection vulnerability CVE-2020-1958
MLIST:[announce] 20200615 CVE-2020-11969 Apache TomEE - useJMX attribute on ActiveMQ resource adapter URI causes authenticated JMX port to be open CVE-2020-11969
MLIST:[announce] 20200619 [SECURITY] CVE-2020-9495: Apache Archiva login service is vulnerable to LDAP injection CVE-2020-9495
MLIST:[announce] 20200701 [SECURITY] CVE-2020-9497: Apache Guacamole: Improper input validation of RDP static virtual channels CVE-2020-9497
MLIST:[announce] 20200701 [SECURITY] CVE-2020-9498: Apache Guacamole: Dangling pointer in RDP static virtual channel handling CVE-2020-9498
MLIST:[announce] 20200713 [SECURITY][CVE-2020-13925] Apache Kylin command injection vulnerability CVE-2020-1956
MLIST:[announce] 20200715 [CVE-2020-13923] IDOR in Apache OFBiz CVE-2020-13923
MLIST:[announce] 20200715 [CVE-2020-9496] Apache OFBiz XML-RPC requests vulnerable without authentication CVE-2020-9496
MLIST:[announce] 20200930 [CVE-2020-11979] Apache Ant insecure temporary file vulnerability CVE-2020-1945
MLIST:[announce] 20201105 [CVE-2020-17510] Apache Shiro 1.7.0 released CVE-2020-17510
MLIST:[announce] 20201112 CVE-2020-13954: Apache CXF Reflected XSS in the services listing page via the styleSheetPath CVE-2019-17573 CVE-2020-13954
MLIST:[announce] 20201124 CVE-2020-13942: Remote Code Execution in Apache Unomi CVE-2020-13942
MLIST:[announce] 20201203 [SECURITY] CVE-2020-17527 Apache Tomcat HTTP/2 Request header mix-up CVE-2020-17527
MLIST:[announce] 20201205 [SECURITY] CVE-2020-17521: Apache Groovy Information Disclosure CVE-2020-15824 CVE-2020-1945
MLIST:[announce] 20201211 Apache Airflow Security Vulnerabilities fixed in v1.10.13: CVE-2020-17515 CVE-2020-13944 CVE-2020-17515
MLIST:[announce] 20210105 [CVE-2020-17518] Apache Flink directory traversal attack: remote file writing through the REST API CVE-2020-17518
MLIST:[announce] 20210105 [CVE-2020-17519] Apache Flink directory traversal attack: reading remote files through the REST API CVE-2020-17519
MLIST:[announce] 20210114 [SECURITY] CVE-2021-24122 Apache Tomcat Information Disclosure CVE-2021-24122
MLIST:[announce] 20210119 Re: [SECURITY][CORRECTION] CVE-2020-17527 Apache Tomcat HTTP/2 Request header mix-up CVE-2020-17527
MLIST:[announce] 20210124 CVE-2021-23901: An XML external entity (XXE) injection vulnerability exists in the Nutch DmozParser CVE-2021-23901
MLIST:[announce] 20210125 Apache Software Foundation Security Report: 2020 CVE-2017-5638 CVE-2019-0230 CVE-2019-0235 CVE-2020-13951 CVE-2020-17518 CVE-2020-17519 CVE-2020-1938 CVE-2020-9497 CVE-2020-9498
MLIST:[announce] 20210125 [CVE-2020-9492] Apache Hadoop Potential privilege escalation CVE-2020-9492
MLIST:[announce] 20210127 CVE-2021-26118: Flaw in ActiveMQ Artemis OpenWire support CVE-2021-26118
MLIST:[announce] 20210128 CVE-2021-26117: ActiveMQ: LDAP-Authentication does not verify passwords on servers with anonymous bind CVE-2021-26117
MLIST:[announce] 20210129 Subject: [CVE-2021-25646] Apache Druid remote code execution vulnerability CVE-2021-25646
MLIST:[announce] 20210217 CVE-2021-26559: Apache Airflow: CWE-284 Privilege Escalation Attack CVE-2021-26559
MLIST:[announce] 20210217 CVE-2021-26697: Apache Airflow: Lineage API endpoint for Experimental API missed authentication check CVE-2021-26697
MLIST:[announce] 20210223 Re: Apache Software Foundation Security Report: 2020 CVE-2017-5638 CVE-2019-0230 CVE-2019-0235 CVE-2020-13951 CVE-2020-17518 CVE-2020-17519 CVE-2020-1938 CVE-2020-9497 CVE-2020-9498
MLIST:[announce] 20210301 [SECURITY] CVE-2021-25122 Apache Tomcat h2c request mix-up CVE-2021-25122
MLIST:[announce] 20210301 [SECURITY] CVE-2021-25329 Apache Tomcat Incomplete fix for CVE-2020-9484 (RCE via session persistence) CVE-2020-9484 CVE-2021-25329
MLIST:[announce] 20210310 CVE-2020-13936: Velocity Sandbox Bypass CVE-2020-13936
MLIST:[announce] 20210310 CVE-2020-13959: Velocity Tools XSS Vulnerability CVE-2020-13959
MLIST:[announce] 20210320 CVE-2021-27807: Apache PDFBox: a carefully crafted PDF file can trigger an infinite loop while loading the file CVE-2021-27807
MLIST:[announce] 20210320 CVE-2021-27906: Apache PDFBox: a carefully crafted PDF file can trigger an OutOfMemory-Exception while loading the file CVE-2021-27906
MLIST:[announce] 20210402 [Apache CXF] CVE-2021-22696: OAuth 2 authorization service vulnerable to DDos attacks CVE-2021-22696
MLIST:[announce] 20210415 CVE-2021-30245: Code execution in Apache OpenOffice via non-http(s) schemes in Hyperlinks CVE-2021-30245
MLIST:[announce] 20210423 CVE-2021-26291: Apache Maven: block repositories using http by default CVE-2021-26291
MLIST:[announce] 20210427 [CVE-2021-29200] RCE vulnerability in latest Apache OFBiz due to Java serialisation using RMI CVE-2021-29200
MLIST:[announce] 20210427 [CVE-2021-30128] Unsafe deserialization in OFBiz CVE-2021-30128
MLIST:[announce] 20210501 Apache Airflow CVE: CVE-2021-28359: Apache Airflow Reflected XSS via Origin Query Argument in URL CVE-2020-13944 CVE-2020-17515 CVE-2021-23336 CVE-2021-28359
MLIST:[announce] 20210612 CVE-2021-31811: Apache PDFBox: A carefully crafted PDF file can trigger an OutOfMemory-Exception while loading a tiny file CVE-2021-31811
MLIST:[announce] 20210612 CVE-2021-31812: Apache PDFBox: A carefully crafted PDF file can trigger an infinite loop while loading the file CVE-2021-31812
MLIST:[announce] 20210615 CVE-2020-9493: Apache Chainsaw: Java deserialization in Chainsaw CVE-2020-9493
MLIST:[announce] 20210616 CVE-2021-30468: Apache CXF Denial of service vulnerability in parsing JSON via JsonMapObjectReaderWriter CVE-2021-30468
MLIST:[announce] 20210618 Apache Airflow CVE: CVE-2021-29621: User enumeration in database authentication in Flask-AppBuilder <= 3.2.3. CVE-2021-29621
MLIST:[announce] 20210623 Success at Apache: Security in Practice CVE-2020-17526 CVE-2021-29621
MLIST:[announce] 20210701 CVE-2021-26920: Apache Druid: The HTTP inputSource allows authenticated users to read data from other sources than intended CVE-2021-26920
MLIST:[announce] 20210712 CVE-2021-30129: DoS/OOM leak vulnerability in Apache Mina SSHD Server CVE-2021-30129
MLIST:[announce] 20210713 CVE-2021-35515: Apache Commons Compress 1.6 to 1.20 denial of service vulnerability CVE-2021-35515
MLIST:[announce] 20210713 CVE-2021-35516: Apache Commons Compress 1.6 to 1.20 denial of service vulnerability CVE-2021-35516
MLIST:[announce] 20210713 CVE-2021-35517: Apache Commons Compress 1.1 to 1.20 denial of service vulnerability CVE-2021-35517
MLIST:[announce] 20210713 CVE-2021-36090: Apache Commons Compress 1.0 to 1.20 denial of service vulnerability CVE-2021-36090
MLIST:[announce] 20210713 CVE-2021-36373: Apache Ant TAR archive denial of service vulnerability CVE-2021-35517
MLIST:[announce] 20210713 CVE-2021-36374: Apache Ant ZIP, and ZIP based, archive denial of service vulerability CVE-2021-36090
MLIST:[announce] 20210722 CVE-2021-28131: Apache Impala: Impala logs contain secrets CVE-2021-28131
MLIST:[announce] 20210809 CVE-2021-21501: Apache ServiceComb: ServiceComb ServiceCenter Directory Traversal CVE-2021-21501
MLIST:[announce] 20210823 CVE-2021-35940: Apache Portable Runtime (APR): Regression of CVE-2017-12613 CVE-2017-12613 CVE-2021-35940
MLIST:[announce] 20210824 CVE-2021-33191: Apache NiFi - MiNiFi C++: MiNiFi CPP arbitrary script execution is possible on the agent's host machine through the c2 protocol CVE-2021-33191
MLIST:[announce] 20210902 CVE-2019-10095: Apache Zeppelin: bash command injection in spark interpreter CVE-2019-10095
MLIST:[announce] 20210902 CVE-2020-13929: Apache Zeppelin: Notebook permissions bypass CVE-2020-13929
MLIST:[announce] 20210902 CVE-2021-27578: Apache Zeppelin: Cross Site Scripting in markdown interpreter CVE-2021-27578
MLIST:[announce] 20210909 CVE-2021-38540: Apache Airflow: Variable Import endpoint missed authentication check CVE-2021-38540
MLIST:[announce] 20210916 CVE-2021-39239: Apache Jena: XML External Entity (XXE) vulnerability CVE-2021-39239
MLIST:[announce] 20210923 CVE-2021-36749: Apache Druid: The HTTP inputSource allows authenticated users to read data from other sources than intended (incomplete fix of CVE-2021-26920) CVE-2021-26920 CVE-2021-36749
MLIST:[announce] 20211005 CVE-2021-41773: Path traversal and file disclosure vulnerability in Apache HTTP Server 2.4.49 CVE-2021-41773
MLIST:[announce] 20211007 CVE-2021-28129: DEB packaging for Apache OpenOffice 4.1.8 installed with a non-root userid and groupid CVE-2021-28129
MLIST:[announce] 20211007 CVE-2021-33035: Apache OpenOffice: Buffer overflow from a crafted DBF file CVE-2021-33035
MLIST:[announce] 20211007 CVE-2021-40439: Apache OpenOffice: Billion Laughs CVE-2021-40439
MLIST:[announce] 20211007 CVE-2021-42013: Path Traversal and Remote Code Execution in Apache HTTP Server 2.4.49 and 2.4.50 (incomplete fix of CVE-2021-41773) CVE-2021-41773 CVE-2021-42013
MLIST:[announce] 20211010 CVE-2021-41830: Apache OpenOffice: Double Certificate Attack CVE-2021-41830
MLIST:[announce] 20211010 CVE-2021-41831: Apache OpenOffice: Timestamp Manipulation with Signature Wrapping CVE-2021-41831
MLIST:[announce] 20211010 CVE-2021-41832: Apache OpenOffice: Content Manipulation with Certificate Validation Attack CVE-2021-41832
MLIST:[announce] 20211013 Re: CVE-2021-42009: Apache Traffic Control Arbitrary Email Content Insertion in /deliveryservices/request CVE-2021-42009
MLIST:[announcements@aurora.apache.org] 20171101 Apache Aurora information disclosure vulnerability CVE-2016-4437
MLIST:[announcements] 20170713 Apache Struts 2.5.12 GA with Security Fixes Release CVE-2017-7672 CVE-2017-9787
MLIST:[announcements] 20170810 [ANN] Apache Struts: S2-049 Security Bulletin update CVE-2017-9787
MLIST:[ant-dev] 20200930 [CVE-2020-11979] Apache Ant insecure temporary file vulnerability CVE-2020-1945
MLIST:[ant-user] 20200930 [CVE-2020-11979] Apache Ant insecure temporary file vulnerability CVE-2020-1945
MLIST:[ant-user] 20210713 CVE-2021-36373: Apache Ant TAR archive denial of service vulnerability CVE-2021-35517
MLIST:[ant-user] 20210713 CVE-2021-36374: Apache Ant ZIP, and ZIP based, archive denial of service vulerability CVE-2021-36090
MLIST:[apache-cvs] 20040307 cvs commit: apache-1.3/src/modules/standard mod_access.c CVE-2003-0993
MLIST:[apache-cvs] 20040307 cvs commit: httpd-2.0/modules/ssl ssl_engine_io.c CVE-2004-0113
MLIST:[apache-db-general] 20100519 [ANNOUNCE] Apache Derby 10.6.1.0 released CVE-2009-4269
MLIST:[apache-httpd-announce] 20030120 [ANNOUNCE] Apache 2.0.44 Released CVE-2003-0016
MLIST:[apache-httpd-dev] 20020925 CGI bucket needed CVE-2002-1850
MLIST:[apache-httpd-dev] 20070622 Re: PID table changes (was Re: svn commit: r547987 - in /httpd/httpd/trunk) CVE-2007-3304
MLIST:[apache-httpd-dev] 20070629 Re: [PATCH] pid safety checks for 2.2.x CVE-2007-3304
MLIST:[apache-modssl] 20040716 [ANNOUNCE] mod_ssl 2.8.19 for Apache 1.3.31 CVE-2004-0700
MLIST:[apache-qpid-users] 20161228 [CVE-2016-8741] Apache Qpid Broker for Java - Information Leakage CVE-2016-8741
MLIST:[apisix-dev] 20210608 CVE-2021-33190: Apache APISIX Dashboard: Bypass network access control CVE-2021-33190
MLIST:[apisix-notifications] 20210428 [GitHub] [apisix-docker] starsz merged pull request #166: fix: upgrade alpine version due to CVE-2020-28928 CVE-2020-28928
MLIST:[apisix-notifications] 20210428 [GitHub] [apisix-docker] tao12345666333 opened a new pull request #166: fix: upgrade alpine version due to CVE-2020-28928 CVE-2020-28928
MLIST:[apisix-notifications] 20210428 [apisix-docker] branch master updated: fix: upgrade alpine version due to CVE-2020-28928 (#166) CVE-2020-28928
MLIST:[apisix-notifications] 20210607 [GitHub] [apisix-website] Serendipity96 opened a new pull request #362: feat: add new blog CVE-2021-23017
MLIST:[apisix-notifications] 20210608 [GitHub] [apisix-website] liuxiran commented on a change in pull request #362: docs: added "Apache APISIX not affected by NGINX CVE-2021-23017" CVE-2021-23017
MLIST:[apisix-notifications] 20210608 [GitHub] [apisix-website] liuxiran merged pull request #362: docs: added "Apache APISIX not affected by NGINX CVE-2021-23017" CVE-2021-23017
MLIST:[apisix-notifications] 20210608 [GitHub] [apisix-website] netlify[bot] edited a comment on pull request #362: docs: added "Apache APISIX not affected by NGINX CVE-2021-23017" CVE-2021-23017
MLIST:[apisix-notifications] 20210608 [apisix-website] branch master updated: docs: added "Apache APISIX not affected by NGINX CVE-2021-23017" (#362) CVE-2021-23017
MLIST:[apr-commits] 20120115 svn commit: r1231605 - /apr/apr/trunk/tables/apr_hash.c CVE-2012-0840
MLIST:[apr-commits] 20210816 svn commit: r1892358 - /apr/apr/branches/1.7.x/CHANGES CVE-2017-12613
MLIST:[apr-commits] 20210820 svn commit: r49582 - /release/apr/patches/apr-1.7.0-CVE-2021-35940.patch CVE-2017-12613
MLIST:[apr-dev] 20090602 [PATCH] prevent "billion laughs" attack against expat CVE-2009-1955
MLIST:[apr-dev] 20210823 CVE-2021-35940: Apache Portable Runtime (APR): Regression of CVE-2017-12613 CVE-2017-12613 CVE-2021-35940
MLIST:[apr-dev] 20210831 APR 1.7.1 release? CVE-2021-35940
MLIST:[apr-dev] 20210831 Re: APR 1.7.1 release? CVE-2021-35940
MLIST:[apr-dev] 20210901 Re: APR 1.7.1 release? CVE-2021-35940
MLIST:[apr-dev] 20210916 Re: CVE-2021-35940: Apache Portable Runtime (APR): Regression of CVE-2017-12613 CVE-2017-12613 CVE-2021-35940
MLIST:[archiva-dev] 20200619 [SECURITY] CVE-2020-9495: Apache Archiva login service is vulnerable to LDAP injection CVE-2020-9495
MLIST:[archiva-issues] 20190501 [jira] [Created] (MRM-1987) Port security fixes for 2.2.4 to 3.0.0 CVE-2019-0213 CVE-2019-0214
MLIST:[archiva-users] 20101129 Apache Archiva CSRF Vulnerability CVE-2010-3449 CVE-2010-4408
MLIST:[archiva-users] 20190430 [SECURITY] CVE-2019-0213: Apache Archiva Stored XSS CVE-2019-0213
MLIST:[archiva-users] 20190430 [SECURITY] CVE-2019-0214: Apache Archiva arbitrary file write and delete on the server CVE-2019-0214
MLIST:[archiva-users] 20200619 [SECURITY] CVE-2020-9495: Apache Archiva login service is vulnerable to LDAP injection CVE-2020-9495
MLIST:[arrow-dev] 20191024 [jira] [Created] (ARROW-6984) Update LZ4 to 1.9.2 for CVE-2019-17543 CVE-2019-17543
MLIST:[arrow-dev] 20191108 [CVE-2019-12408][CVE-2019-12410] Uninitialized Memory Vulnerabilities fixed in Apache Arrow 0.15.1 CVE-2019-12410
MLIST:[arrow-github] 20200527 [GitHub] [arrow] BinduAggarwal opened a new pull request #7294: upgrading pip/wheel/setuptools CVE-2018-20225
MLIST:[arrow-github] 20210610 [GitHub] [arrow] projjal opened a new pull request #10501: ARROW-13032: Update guava version CVE-2018-10237
MLIST:[arrow-issues] 20191024 [jira] [Assigned] (ARROW-6984) [C++] Update LZ4 to 1.9.2 for CVE-2019-17543 CVE-2019-17543
MLIST:[arrow-issues] 20191024 [jira] [Created] (ARROW-6984) Update LZ4 to 1.9.2 for CVE-2019-17543 CVE-2019-17543
MLIST:[arrow-issues] 20191024 [jira] [Updated] (ARROW-6984) [C++] Update LZ4 to 1.9.2 for CVE-2019-17543 CVE-2019-17543
MLIST:[arrow-issues] 20191025 [jira] [Commented] (ARROW-6984) [C++] Update LZ4 to 1.9.2 for CVE-2019-17543 CVE-2019-17543
MLIST:[arrow-issues] 20191106 [jira] [Resolved] (ARROW-6984) [C++] Update LZ4 to 1.9.2 for CVE-2019-17543 CVE-2019-17543
MLIST:[asterixdb-dev] 20210301 Re: [EXT] Re: CVE Publication Service Request 941606 CVE-2020-9479
MLIST:[asyncssh-announce] 20180310 AsyncSSH 1.12.1 released, with important security fix! CVE-2018-7749
MLIST:[atlas-commits] 20200915 [atlas] branch master updated: ATLAS-3940 : Upgrade snakeyaml to a version without CVE-2017-18640 (#110) CVE-2017-18640
MLIST:[atlas-commits] 20200916 [atlas] 02/02: ATLAS-3940 : Upgrade snakeyaml to a version without CVE-2017-18640 (#110) CVE-2017-18640
MLIST:[atlas-commits] 20201023 [atlas] 01/05: ATLAS-4002 : Upgrade commons-beanutils to 1.9.4 due to CVE-2019-10086 CVE-2019-10086
MLIST:[atlas-dev] 20191117 [CVE-2019-10070] Apache Atlas Stored XSS Vulnerability CVE-2019-10070
MLIST:[atlas-dev] 20200907 [GitHub] [atlas] crazylab closed pull request #109: Upgrade snakeyaml to a version without CVE-2017-18640 CVE-2017-18640
MLIST:[atlas-dev] 20200907 [GitHub] [atlas] crazylab opened a new pull request #109: Upgrade snakeyaml to a version without CVE-2017-18640 CVE-2017-18640
MLIST:[atlas-dev] 20200907 [GitHub] [atlas] crazylab opened a new pull request #110: Upgrade snakeyaml to a version without CVE-2017-18640 CVE-2017-18640
MLIST:[atlas-dev] 20200914 [GitHub] [atlas] nixonrodrigues commented on pull request #110: ATLAS-3940 : Upgrade snakeyaml to a version without CVE-2017-18640 CVE-2017-18640
MLIST:[atlas-dev] 20200914 [jira] [Created] (ATLAS-3940) Upgrade snakeyaml to a version without CVE-2017-18640 CVE-2017-18640
MLIST:[atlas-dev] 20200914 [jira] [Updated] (ATLAS-3940) Upgrade snakeyaml to a version without CVE-2017-18640 CVE-2017-18640
MLIST:[atlas-dev] 20200915 [GitHub] [atlas] nixonrodrigues merged pull request #110: ATLAS-3940 : Upgrade snakeyaml to a version without CVE-2017-18640 CVE-2017-18640
MLIST:[atlas-dev] 20200915 [jira] [Commented] (ATLAS-3940) Upgrade snakeyaml to a version without CVE-2017-18640 CVE-2017-18640
MLIST:[atlas-dev] 20200916 [jira] [Commented] (ATLAS-3940) Upgrade snakeyaml to a version without CVE-2017-18640 CVE-2017-18640
MLIST:[atlas-dev] 20201022 Re: Review Request 72983: ATLAS-4002 : Upgrade commons-beanutils to 1.9.4 due to CVE-2019-10086 CVE-2019-10086
MLIST:[atlas-dev] 20201022 [jira] [Created] (ATLAS-4002) Upgrade commons-beanutils to 1.9.4 due to CVE-2019-10086 CVE-2019-10086
MLIST:[atlas-dev] 20201023 Re: Review Request 72983: ATLAS-4002 : Upgrade commons-beanutils to 1.9.4 due to CVE-2019-10086 CVE-2019-10086
MLIST:[atlas-dev] 20201023 [jira] [Commented] (ATLAS-4002) Upgrade commons-beanutils to 1.9.4 due to CVE-2019-10086 CVE-2019-10086
MLIST:[atlas-dev] 20201023 [jira] [Updated] (ATLAS-4002) Upgrade commons-beanutils to 1.9.4 due to CVE-2019-10086 CVE-2019-10086
MLIST:[atlas-dev] 20201026 [jira] [Updated] (ATLAS-4002) Upgrade commons-beanutils to 1.9.4 due to CVE-2019-10086 CVE-2019-10086
MLIST:[atlas-dev] 20210422 [jira] [Created] (ATLAS-4257) Atlas - Upgrade groovy to 2.4.21+, 2.5.14+, 3.0.7+, or 4.0.0-alpha-2+ due to CVE-2020-17521 CVE-2020-17521
MLIST:[atlas-dev] 20210422 [jira] [Updated] (ATLAS-4257) Atlas - Upgrade groovy to 2.4.21+, 2.5.14+, 3.0.7+, or 4.0.0-alpha-2+ due to CVE-2020-17521 CVE-2020-17521
MLIST:[audacity-devel] 20090110 Audacity "String_parse::get_nonspace_quoted()" Buffer Overflow CVE-2009-0490
MLIST:[aufs] 20150910 Re: concurrent msync triggers NULL pointer dereference CVE-2015-7312
MLIST:[aufs] 20160219 aufs3 and aufs4 GIT release CVE-2016-2853 CVE-2016-2854
MLIST:[avahi-tickets] 20061106 [Avahi] #69: Avahi needs to check the originating process of netlink messages CVE-2006-5461
MLIST:[avro-dev] 20200619 [jira] [Created] (AVRO-2865) Security vulnerability caused by plexus-utils:1.5.6 CVE-2017-1000487
MLIST:[avro-dev] 20210415 [jira] [Created] (AVRO-3111) CVE-2019-17195 CVE-2019-17195
MLIST:[avro-dev] 20210416 [jira] [Commented] (AVRO-3111) CVE-2019-17195 CVE-2019-17195
MLIST:[axis-java-dev] 20180708 [jira] [Created] (AXIS-2924) CVE-2018-8032 XSS vulnerability CVE-2018-8032
MLIST:[axis-java-dev] 20190503 [jira] [Comment Edited] (AXIS-2905) Insecure certificate validation CVE-2014-3596 CVE-2012-5784
MLIST:[axis-java-dev] 20190503 [jira] [Commented] (AXIS-2905) Insecure certificate validation CVE-2014-3596 CVE-2012-5784
MLIST:[axis-java-dev] 20190907 [jira] [Commented] (AXIS-2905) Insecure certificate validation CVE-2014-3596 CVE-2012-5784
MLIST:[axis-java-dev] 20190909 [jira] [Commented] (AXIS-2905) Insecure certificate validation CVE-2014-3596 CVE-2012-5784
MLIST:[axis-java-dev] 20190909 [jira] [Resolved] (AXIS-2905) Insecure certificate validation CVE-2014-3596 CVE-2012-5784
MLIST:[axis-java-dev] 20190925 [jira] [Commented] (AXIS-2924) CVE-2018-8032 XSS vulnerability CVE-2018-8032
MLIST:[axis-java-dev] 20190929 [jira] [Commented] (AXIS-2924) CVE-2018-8032 XSS vulnerability CVE-2018-8032
MLIST:[axis-java-dev] 20210228 axis2 1.7.9 is exposed to CVE-2020-8022 via tomcat dependency CVE-2020-8022
MLIST:[axis-java-dev] 20210307 Re: axis2 1.7.9 is exposed to CVE-2020-8022 via tomcat dependency CVE-2020-8022
MLIST:[axis-java-dev] 20210312 Re: xmlbeans 2.6.0 and CVE-2021-23926 CVE-2021-23926
MLIST:[axis-java-dev] 20210312 xmlbeans 2.6.0 and CVE-2021-23926 CVE-2021-23926
MLIST:[axis-java-dev] 20210622 [jira] [Created] (AXIS2-6004) AXIS 2 1.7.9 geronimo jars with vulnerability CVE-2011-5034 CVE-2011-5034
MLIST:[axis-java-dev] 20210622 [jira] [Updated] (AXIS2-6004) AXIS 2 1.7.9 geronimo jars with vulnerability CVE-2011-5034 CVE-2011-5034
MLIST:[axis-java-dev] 20210623 [jira] [Resolved] (AXIS2-6004) AXIS 2 1.7.9 geronimo jars with vulnerability CVE-2011-5034 CVE-2011-5034
MLIST:[axis-java-user] 20210928 [Axis2] Migration Issues CVE-2019-0227
MLIST:[axtls-general] 20181105 Re: Problems of PKCS#1 v1.5 RSA Signature Verification CVE-2018-16149 CVE-2018-16150 CVE-2018-16253
MLIST:[b.a.t.m.a.n] 20141118 kernel BUG at net/core/skbuff.c:100 CVE-2014-9428
MLIST:[balsa-list] 20070704 balsa-2.3.17 released CVE-2007-1558
MLIST:[beam-github] 20210701 [GitHub] [beam] codecov[bot] commented on pull request #15113: [BEAM-12422] Upgrade log4j version not affected by CVE-2017-5645 CVE-2017-5645
MLIST:[beam-github] 20210701 [GitHub] [beam] codecov[bot] edited a comment on pull request #15113: [BEAM-12422] Upgrade log4j version not affected by CVE-2017-5645 CVE-2017-5645
MLIST:[beam-github] 20210701 [GitHub] [beam] lukecwik commented on pull request #15113: [BEAM-12422] Upgrade log4j version not affected by CVE-2017-5645 CVE-2017-5645
MLIST:[beam-github] 20210701 [GitHub] [beam] lukecwik opened a new pull request #15113: [BEAM-12422] Upgrade log4j version not affected by CVE-2017-5645 CVE-2017-5645
MLIST:[beam-github] 20210701 [GitHub] [beam] suztomo commented on pull request #15113: [BEAM-12422] Upgrade log4j version not affected by CVE-2017-5645 CVE-2017-5645
MLIST:[beam-issues] 20200421 [jira] [Closed] (BEAM-3873) Current version of commons-compress is DOS vulnerable CVE-2018-1324 CVE-2018-1324
MLIST:[beam-issues] 20200602 [jira] [Created] (BEAM-10180) Upgrade httplib2 to > 0.18.0 to resolve CVE-2020-11078 CVE-2020-11078
MLIST:[beam-issues] 20200802 [jira] [Commented] (BEAM-10180) Upgrade httplib2 to > 0.18.0 to resolve CVE-2020-11078 CVE-2020-11078
MLIST:[beam-issues] 20200802 [jira] [Updated] (BEAM-10180) Upgrade httplib2 to > 0.18.0 to resolve CVE-2020-11078 CVE-2020-11078
MLIST:[beam-issues] 20200816 [jira] [Commented] (BEAM-10180) Upgrade httplib2 to > 0.18.0 to resolve CVE-2020-11078 CVE-2020-11078
MLIST:[beam-issues] 20200816 [jira] [Updated] (BEAM-10180) Upgrade httplib2 to > 0.18.0 to resolve CVE-2020-11078 CVE-2020-11078
MLIST:[beam-issues] 20201110 [jira] [Updated] (BEAM-11227) Upgrade beam-vendor-grpc-1_26_0-0.3 to fix CVE-2020-27216 CVE-2020-27216
MLIST:[beam-issues] 20201211 [jira] [Commented] (BEAM-11227) Upgrade beam-vendor-grpc-1_26_0-0.3 to fix CVE-2020-27216 CVE-2020-27216
MLIST:[beam-issues] 20201211 [jira] [Updated] (BEAM-11227) Upgrade beam-vendor-grpc-1_26_0-0.3 to fix CVE-2020-27216 CVE-2020-27216
MLIST:[beam-issues] 20201218 [jira] [Assigned] (BEAM-11227) Upgrade beam-vendor-grpc-1_26_0-0.3 to fix CVE-2020-27216 CVE-2020-27216
MLIST:[beam-issues] 20201218 [jira] [Commented] (BEAM-11227) Upgrade beam-vendor-grpc-1_26_0-0.3 to fix CVE-2020-27216 CVE-2020-27216
MLIST:[beam-issues] 20201218 [jira] [Updated] (BEAM-11227) Upgrade beam-vendor-grpc-1_26_0-0.3 to fix CVE-2020-27216 CVE-2020-27216
MLIST:[beam-issues] 20210126 [jira] [Updated] (BEAM-11227) Upgrade beam-vendor-grpc-1_26_0-0.3 to fix CVE-2020-27216 CVE-2020-27216
MLIST:[beam-issues] 20210127 [jira] [Updated] (BEAM-11227) Upgrade beam-vendor-grpc-1_26_0-0.3 to fix CVE-2020-27216 CVE-2020-27216
MLIST:[beam-issues] 20210219 [jira] [Commented] (BEAM-11227) Upgrade beam-vendor-grpc-1_26_0-0.3 to fix CVE-2020-27216 CVE-2020-27216
MLIST:[beam-issues] 20210219 [jira] [Updated] (BEAM-11227) Upgrade beam-vendor-grpc-1_26_0-0.3 to fix CVE-2020-27216 CVE-2020-27216
MLIST:[beam-issues] 20210219 [jira] [Work logged] (BEAM-11227) Upgrade beam-vendor-grpc-1_26_0-0.3 to fix CVE-2020-27216 CVE-2020-27216
MLIST:[beam-issues] 20210220 [jira] [Commented] (BEAM-11227) Upgrade beam-vendor-grpc-1_26_0-0.3 to fix CVE-2020-27216 CVE-2020-27216
MLIST:[beam-issues] 20210220 [jira] [Work logged] (BEAM-11227) Upgrade beam-vendor-grpc-1_26_0-0.3 to fix CVE-2020-27216 CVE-2020-27216
MLIST:[beam-issues] 20210222 [jira] [Commented] (BEAM-11227) Upgrade beam-vendor-grpc-1_26_0-0.3 to fix CVE-2020-27216 CVE-2020-27216
MLIST:[beam-issues] 20210223 [jira] [Comment Edited] (BEAM-11227) Upgrade beam-vendor-grpc-1_26_0-0.3 to fix CVE-2020-27216 CVE-2020-27216
MLIST:[beam-issues] 20210223 [jira] [Commented] (BEAM-11227) Upgrade beam-vendor-grpc-1_26_0-0.3 to fix CVE-2020-27216 CVE-2020-27216
MLIST:[beam-issues] 20210223 [jira] [Work logged] (BEAM-11227) Upgrade beam-vendor-grpc-1_26_0-0.3 to fix CVE-2020-27216 CVE-2020-27216
MLIST:[beam-issues] 20210302 [jira] [Commented] (BEAM-11227) Upgrade beam-vendor-grpc-1_26_0-0.3 to fix CVE-2020-27216 CVE-2020-27216
MLIST:[beam-issues] 20210302 [jira] [Work logged] (BEAM-11227) Upgrade beam-vendor-grpc-1_26_0-0.3 to fix CVE-2020-27216 CVE-2020-27216
MLIST:[beam-issues] 20210303 [jira] [Comment Edited] (BEAM-11227) Upgrade beam-vendor-grpc-1_26_0-0.3 to fix CVE-2020-27216 CVE-2020-27216
MLIST:[beam-issues] 20210303 [jira] [Commented] (BEAM-11227) Upgrade beam-vendor-grpc-1_26_0-0.3 to fix CVE-2020-27216 CVE-2020-27216
MLIST:[beam-issues] 20210303 [jira] [Work logged] (BEAM-11227) Upgrade beam-vendor-grpc-1_26_0-0.3 to fix CVE-2020-27216 CVE-2020-27216
MLIST:[beam-issues] 20210304 [jira] [Work logged] (BEAM-11227) Upgrade beam-vendor-grpc-1_26_0-0.3 to fix CVE-2020-27216 CVE-2020-27216
MLIST:[beam-issues] 20210305 [jira] [Comment Edited] (BEAM-11227) Upgrade beam-vendor-grpc-1_26_0-0.3 to fix CVE-2020-27216 CVE-2020-27216
MLIST:[beam-issues] 20210305 [jira] [Work logged] (BEAM-11227) Upgrade beam-vendor-grpc-1_26_0-0.3 to fix CVE-2020-27216 CVE-2020-27216
MLIST:[beam-issues] 20210308 [jira] [Work logged] (BEAM-11227) Upgrade beam-vendor-grpc-1_26_0-0.3 to fix CVE-2020-27216 CVE-2020-27216
MLIST:[beam-issues] 20210309 [jira] [Work logged] (BEAM-11227) Upgrade beam-vendor-grpc-1_26_0-0.3 to fix CVE-2020-27216 CVE-2020-27216
MLIST:[beam-issues] 20210310 [jira] [Comment Edited] (BEAM-11227) Upgrade beam-vendor-grpc-1_26_0-0.3 to fix CVE-2020-27216 CVE-2020-27216
MLIST:[beam-issues] 20210310 [jira] [Work logged] (BEAM-11227) Upgrade beam-vendor-grpc-1_26_0-0.3 to fix CVE-2020-27216 CVE-2020-27216
MLIST:[beam-issues] 20210311 [jira] [Assigned] (BEAM-11227) Upgrade beam-vendor-grpc-1_26_0-0.3 to fix CVE-2020-27216 CVE-2020-27216
MLIST:[beam-issues] 20210311 [jira] [Comment Edited] (BEAM-11227) Upgrade beam-vendor-grpc-1_26_0-0.3 to fix CVE-2020-27216 CVE-2020-27216
MLIST:[beam-issues] 20210311 [jira] [Work logged] (BEAM-11227) Upgrade beam-vendor-grpc-1_26_0-0.3 to fix CVE-2020-27216 CVE-2020-27216
MLIST:[beam-issues] 20210312 [jira] [Assigned] (BEAM-11227) Upgrade beam-vendor-grpc-1_26_0-0.3 to fix CVE-2020-27216 CVE-2020-27216
MLIST:[beam-issues] 20210312 [jira] [Comment Edited] (BEAM-11227) Upgrade beam-vendor-grpc-1_26_0-0.3 to fix CVE-2020-27216 CVE-2020-27216
MLIST:[beam-issues] 20210312 [jira] [Commented] (BEAM-11227) Upgrade beam-vendor-grpc-1_26_0-0.3 to fix CVE-2020-27216 CVE-2020-27216
MLIST:[beam-issues] 20210312 [jira] [Updated] (BEAM-11227) Upgrade beam-vendor-grpc-1_26_0-0.3 to fix CVE-2020-27216 CVE-2020-27216
MLIST:[beam-issues] 20210312 [jira] [Work logged] (BEAM-11227) Upgrade beam-vendor-grpc-1_26_0-0.3 to fix CVE-2020-27216 CVE-2020-27216
MLIST:[beam-issues] 20210313 [jira] [Work logged] (BEAM-11227) Upgrade beam-vendor-grpc-1_26_0-0.3 to fix CVE-2020-27216 CVE-2020-27216
MLIST:[beam-issues] 20210315 [jira] [Comment Edited] (BEAM-11227) Upgrade beam-vendor-grpc-1_26_0-0.3 to fix CVE-2020-27216 CVE-2020-27216
MLIST:[beam-issues] 20210315 [jira] [Commented] (BEAM-11227) Upgrade beam-vendor-grpc-1_26_0-0.3 to fix CVE-2020-27216 CVE-2020-27216
MLIST:[beam-issues] 20210315 [jira] [Work logged] (BEAM-11227) Upgrade beam-vendor-grpc-1_26_0-0.3 to fix CVE-2020-27216 CVE-2020-27216
MLIST:[beam-issues] 20210316 [jira] [Commented] (BEAM-11227) Upgrade beam-vendor-grpc-1_26_0-0.3 to fix CVE-2020-27216 CVE-2020-27216
MLIST:[beam-issues] 20210316 [jira] [Work logged] (BEAM-11227) Upgrade beam-vendor-grpc-1_26_0-0.3 to fix CVE-2020-27216 CVE-2020-27216
MLIST:[beam-issues] 20210322 [jira] [Commented] (BEAM-11227) Upgrade beam-vendor-grpc-1_26_0-0.3 to fix CVE-2020-27216 CVE-2020-27216
MLIST:[beam-issues] 20210322 [jira] [Work logged] (BEAM-11227) Upgrade beam-vendor-grpc-1_26_0-0.3 to fix CVE-2020-27216 CVE-2020-27216
MLIST:[beam-issues] 20210323 [jira] [Work logged] (BEAM-11227) Upgrade beam-vendor-grpc-1_26_0-0.3 to fix CVE-2020-27216 CVE-2020-27216
MLIST:[beam-issues] 20210324 [jira] [Work logged] (BEAM-11227) Upgrade beam-vendor-grpc-1_26_0-0.3 to fix CVE-2020-27216 CVE-2020-27216
MLIST:[beam-issues] 20210325 [jira] [Work logged] (BEAM-11227) Upgrade beam-vendor-grpc-1_26_0-0.3 to fix CVE-2020-27216 CVE-2020-27216
MLIST:[beam-issues] 20210326 [jira] [Work logged] (BEAM-11227) Upgrade beam-vendor-grpc-1_26_0-0.3 to fix CVE-2020-27216 CVE-2020-27216
MLIST:[beam-issues] 20210327 [jira] [Work logged] (BEAM-11227) Upgrade beam-vendor-grpc-1_26_0-0.3 to fix CVE-2020-27216 CVE-2020-27216
MLIST:[beam-issues] 20210329 [jira] [Work logged] (BEAM-11227) Upgrade beam-vendor-grpc-1_26_0-0.3 to fix CVE-2020-27216 CVE-2020-27216
MLIST:[beam-issues] 20210330 [jira] [Work logged] (BEAM-11227) Upgrade beam-vendor-grpc-1_26_0-0.3 to fix CVE-2020-27216 CVE-2020-27216
MLIST:[beam-issues] 20210331 [jira] [Work logged] (BEAM-11227) Upgrade beam-vendor-grpc-1_26_0-0.3 to fix CVE-2020-27216 CVE-2020-27216
MLIST:[beam-issues] 20210402 [jira] [Updated] (BEAM-11227) Upgrade beam-vendor-grpc-1_26_0-0.3 to fix CVE-2020-27216 CVE-2020-27216
MLIST:[beam-issues] 20210402 [jira] [Work logged] (BEAM-11227) Upgrade beam-vendor-grpc-1_26_0-0.3 to fix CVE-2020-27216 CVE-2020-27216
MLIST:[beam-issues] 20210405 [jira] [Work logged] (BEAM-11227) Upgrade beam-vendor-grpc-1_26_0-0.3 to fix CVE-2020-27216 CVE-2020-27216
MLIST:[beam-issues] 20210406 [jira] [Work logged] (BEAM-11227) Upgrade beam-vendor-grpc-1_26_0-0.3 to fix CVE-2020-27216 CVE-2020-27216
MLIST:[beam-issues] 20210407 [jira] [Work logged] (BEAM-11227) Upgrade beam-vendor-grpc-1_26_0-0.3 to fix CVE-2020-27216 CVE-2020-27216
MLIST:[beam-issues] 20210408 [jira] [Work logged] (BEAM-11227) Upgrade beam-vendor-grpc-1_26_0-0.3 to fix CVE-2020-27216 CVE-2020-27216
MLIST:[beam-issues] 20210409 [jira] [Comment Edited] (BEAM-11227) Upgrade beam-vendor-grpc-1_26_0-0.3 to fix CVE-2020-27216 CVE-2020-27216
MLIST:[beam-issues] 20210409 [jira] [Reopened] (BEAM-11227) Upgrade beam-vendor-grpc-1_26_0-0.3 to fix CVE-2020-27216 CVE-2020-27216
MLIST:[beam-issues] 20210409 [jira] [Work logged] (BEAM-11227) Upgrade beam-vendor-grpc-1_26_0-0.3 to fix CVE-2020-27216 CVE-2020-27216
MLIST:[beam-issues] 20210410 [jira] [Comment Edited] (BEAM-11227) Upgrade beam-vendor-grpc-1_26_0-0.3 to fix CVE-2020-27216 CVE-2020-27216
MLIST:[beam-issues] 20210410 [jira] [Work logged] (BEAM-11227) Upgrade beam-vendor-grpc-1_26_0-0.3 to fix CVE-2020-27216 CVE-2020-27216
MLIST:[beam-issues] 20210415 [jira] [Updated] (BEAM-11227) Upgrade beam-vendor-grpc-1_26_0-0.3 to fix CVE-2020-27216 CVE-2020-27216
MLIST:[beam-issues] 20210416 [jira] [Commented] (BEAM-11227) Upgrade beam-vendor-grpc-1_26_0-0.3 to fix CVE-2020-27216 CVE-2020-27216
MLIST:[beam-issues] 20210422 [jira] [Work logged] (BEAM-11227) Upgrade beam-vendor-grpc-1_26_0-0.3 to fix CVE-2020-27216 CVE-2020-27216
MLIST:[beam-issues] 20210423 [jira] [Work logged] (BEAM-11227) Upgrade beam-vendor-grpc-1_26_0-0.3 to fix CVE-2020-27216 CVE-2020-27216
MLIST:[beam-issues] 20210426 [jira] [Work logged] (BEAM-11227) Upgrade beam-vendor-grpc-1_26_0-0.3 to fix CVE-2020-27216 CVE-2020-27216
MLIST:[beam-issues] 20210510 [jira] [Commented] (BEAM-11227) Upgrade beam-vendor-grpc-1_26_0-0.3 to fix CVE-2020-27216 CVE-2020-27216
MLIST:[beam-issues] 20210510 [jira] [Work logged] (BEAM-11227) Upgrade beam-vendor-grpc-1_26_0-0.3 to fix CVE-2020-27216 CVE-2020-27216
MLIST:[beam-issues] 20210511 [jira] [Work logged] (BEAM-11227) Upgrade beam-vendor-grpc-1_26_0-0.3 to fix CVE-2020-27216 CVE-2020-27216
MLIST:[beam-issues] 20210512 [jira] [Work logged] (BEAM-11227) Upgrade beam-vendor-grpc-1_26_0-0.3 to fix CVE-2020-27216 CVE-2020-27216
MLIST:[beam-issues] 20210513 [jira] [Work logged] (BEAM-11227) Upgrade beam-vendor-grpc-1_26_0-0.3 to fix CVE-2020-27216 CVE-2020-27216
MLIST:[beam-issues] 20210514 [jira] [Work logged] (BEAM-11227) Upgrade beam-vendor-grpc-1_26_0-0.3 to fix CVE-2020-27216 CVE-2020-27216
MLIST:[beam-issues] 20210517 [jira] [Work logged] (BEAM-11227) Upgrade beam-vendor-grpc-1_26_0-0.3 to fix CVE-2020-27216 CVE-2020-27216
MLIST:[beam-issues] 20210519 [jira] [Work logged] (BEAM-11227) Upgrade beam-vendor-grpc-1_26_0-0.3 to fix CVE-2020-27216 CVE-2020-27216
MLIST:[beam-issues] 20210520 [jira] [Updated] (BEAM-11227) Upgrade beam-vendor-grpc-1_26_0-0.3 to fix CVE-2020-27216 CVE-2020-27216
MLIST:[beam-issues] 20210520 [jira] [Work logged] (BEAM-11227) Upgrade beam-vendor-grpc-1_26_0-0.3 to fix CVE-2020-27216 CVE-2020-27216
MLIST:[beam-issues] 20210521 [jira] [Work logged] (BEAM-11227) Upgrade beam-vendor-grpc-1_26_0-0.3 to fix CVE-2020-27216 CVE-2020-27216
MLIST:[beam-issues] 20210524 [jira] [Commented] (BEAM-11227) Upgrade beam-vendor-grpc-1_26_0-0.3 to fix CVE-2020-27216 CVE-2020-27216
MLIST:[beam-issues] 20210525 [jira] [Commented] (BEAM-11227) Upgrade beam-vendor-grpc-1_26_0-0.3 to fix CVE-2020-27216 CVE-2020-27216
MLIST:[beam-issues] 20210525 [jira] [Updated] (BEAM-11227) Upgrade beam-vendor-grpc-1_26_0-0.3 to fix CVE-2020-27216 CVE-2020-27216
MLIST:[beam-issues] 20210526 [jira] [Commented] (BEAM-11227) Upgrade beam-vendor-grpc-1_26_0-0.3 to fix CVE-2020-27216 CVE-2020-27216
MLIST:[beam-issues] 20210526 [jira] [Updated] (BEAM-11227) Upgrade beam-vendor-grpc-1_26_0-0.3 to fix CVE-2020-27216 CVE-2020-27216
MLIST:[beam-issues] 20210528 [jira] [Created] (BEAM-12422) Vendored gRPC 1.36.0 is using a log4j version with security issues CVE-2017-5645
MLIST:[beam-user] 20200115 [CVE-2020-1929] Apache Beam MongoDB IO connector disables certificate trust verification CVE-2020-1929
MLIST:[beast] 20061228 ANNOUNCE: BEAST/BSE v0.7.1 CVE-2006-2916 CVE-2006-4447
MLIST:[bigtop-commits] 20210301 [bigtop] branch master updated: BIGTOP-3507: CVE-2020-13957 mitigation backport (#743) CVE-2020-13957
MLIST:[bigtop-dev] 20210221 [jira] [Created] (BIGTOP-3507) Solr: CVE-2020-13957 mitigation backport CVE-2020-13957
MLIST:[bigtop-dev] 20210225 [GitHub] [bigtop] JunHe77 opened a new pull request #743: BIGTOP-3507: CVE-2020-13957 mitigation backport CVE-2020-13957
MLIST:[bigtop-dev] 20210301 [GitHub] [bigtop] JunHe77 commented on pull request #743: BIGTOP-3507: CVE-2020-13957 mitigation backport CVE-2020-13957
MLIST:[bigtop-dev] 20210301 [GitHub] [bigtop] iwasakims merged pull request #743: BIGTOP-3507: CVE-2020-13957 mitigation backport CVE-2020-13957
MLIST:[bigtop-issues] 20210221 [jira] [Created] (BIGTOP-3507) Solr: CVE-2020-13957 mitigation backport CVE-2020-13957
MLIST:[bigtop-issues] 20210222 [jira] [Assigned] (BIGTOP-3507) Solr: CVE-2020-13957 mitigation backport CVE-2020-13957
MLIST:[bigtop-issues] 20210301 [jira] [Resolved] (BIGTOP-3507) Solr: CVE-2020-13957 mitigation backport CVE-2020-13957
MLIST:[bind-announce] 20070125 Internet Systems Consortium Security Advisory. CVE-2007-0494
MLIST:[bind-announce] 20080919 BIND 9.3.5-P2-W2 is now available. CVE-2008-4163
MLIST:[bind-announce] 20080919 BIND 9.4.2-P2-W2 is now available. CVE-2008-4163
MLIST:[bind-announce] 20080919 BIND 9.5.0-P2-W2 is now available. CVE-2008-4163
MLIST:[bind-announce] 20100928 Security Advisory Regarding Unexpected ACL Behavior in BIND 9.7.2 CVE-2010-0218
MLIST:[bitcoin-development] 20120228 Duplicate transactions vulnerability CVE-2012-1909
MLIST:[bk-commits-head] 20050629 [NETLINK]: Missing initializations in dumped data CVE-2005-4881
MLIST:[bluez-devel] 20050804 Possible security vulnerability in hcid when calling pin helper CVE-2005-2547
MLIST:[boinc_projects] 20130227 security patches for scheduler CVE-2013-2298
MLIST:[bookkeeper-commits] 20210817 [bookkeeper] 01/03: [Security] Upgrade vertx to 3.9.8, addresses CVE-2018-12541 (#2693) CVE-2018-12541
MLIST:[bookkeeper-commits] 20211014 [bookkeeper] branch master updated: Issue 2815: Upgrade to log4j2 to get rid of CVE-2019-17571 (#2816) CVE-2019-17571
MLIST:[bookkeeper-issues] 20190531 [GitHub] [bookkeeper] eolivelli opened a new issue #2106: Update ZookKeeper dependency to 3.5.5 CVE-2019-0201
MLIST:[bookkeeper-issues] 20200729 [GitHub] [bookkeeper] padma81 opened a new issue #2387: Security vulnerabilities in the apache/bookkeeper-4.9.2 image CVE-2016-5556 CVE-2016-5568 CVE-2016-5582 CVE-2017-5645 CVE-2017-6519 CVE-2017-7657 CVE-2017-7658 CVE-2018-12538 CVE-2018-14647 CVE-2018-15686 CVE-2018-16402 CVE-2018-19360 CVE-2018-19361 CVE-2018-19362 CVE-2019-13565 CVE-2019-14379 CVE-2019-14540 CVE-2019-14892 CVE-2019-14893 CVE-2019-16056 CVE-2019-16335 CVE-2019-16942 CVE-2019-16943 CVE-2019-17267 CVE-2019-17531 CVE-2019-17571 CVE-2019-20330 CVE-2019-20444 CVE-2019-20445 CVE-2019-5010 CVE-2019-9948 CVE-2020-8840
MLIST:[bookkeeper-issues] 20210330 [GitHub] [bookkeeper] eolivelli opened a new issue #2669: Update Netty to 4.1.60.final CVE-2021-21290 CVE-2021-21295
MLIST:[bookkeeper-issues] 20210419 [GitHub] [bookkeeper] lhotari opened a new pull request #2693: [Security] Upgrade vertx to 3.9.7, addresses CVE-2018-12541 CVE-2018-12541
MLIST:[bookkeeper-issues] 20210421 [GitHub] [bookkeeper] lhotari commented on pull request #2693: [Security] Upgrade vertx to 3.9.7, addresses CVE-2018-12541 CVE-2018-12541
MLIST:[bookkeeper-issues] 20210507 [GitHub] [bookkeeper] dlg99 commented on pull request #2693: [Security] Upgrade vertx to 3.9.7, addresses CVE-2018-12541 CVE-2018-12541
MLIST:[bookkeeper-issues] 20210618 [GitHub] [bookkeeper] lhotari commented on pull request #2693: [Security] Upgrade vertx to 3.9.8, addresses CVE-2018-12541 CVE-2018-12541
MLIST:[bookkeeper-issues] 20210623 [GitHub] [bookkeeper] sijie merged pull request #2693: [Security] Upgrade vertx to 3.9.8, addresses CVE-2018-12541 CVE-2018-12541
MLIST:[bookkeeper-issues] 20210628 [GitHub] [bookkeeper] padma81 opened a new issue #2746: Security Vulnerabilities in CentOS 7 image, Upgrade image to CentOS 8 CVE-2009-5155 CVE-2014-9114 CVE-2015-8540 CVE-2015-8948 CVE-2015-8982 CVE-2016-10087 CVE-2016-10109 CVE-2016-1234 CVE-2016-4483 CVE-2016-5300 CVE-2016-6261 CVE-2016-6262 CVE-2016-6263 CVE-2016-8615 CVE-2016-8617 CVE-2016-8623 CVE-2016-8624 CVE-2016-8625 CVE-2016-9586 CVE-2017-0663 CVE-2017-1000254 CVE-2017-10684 CVE-2017-10790 CVE-2017-13728 CVE-2017-13729 CVE-2017-13730 CVE-2017-13731 CVE-2017-13732 CVE-2017-13733 CVE-2017-16879 CVE-2017-16932 CVE-2017-18078 CVE-2017-6004 CVE-2017-6891 CVE-2017-7501 CVE-2017-9047 CVE-2017-9048 CVE-2017-9049 CVE-2017-9050 CVE-2017-9233 CVE-2018-1123 CVE-2018-16429 CVE-2018-6003 CVE-2018-6954 CVE-2018-8740 CVE-2019-13012 CVE-2019-13050 CVE-2019-13115 CVE-2019-13117 CVE-2019-13118 CVE-2019-13565 CVE-2019-19906 CVE-2019-19924 CVE-2019-3842 CVE-2019-3843 CVE-2019-3844 CVE-2019-9923 CVE-2020-1752 CVE-2020-23922 CVE-2020-25709 CVE-2020-25710 CVE-2020-27619 CVE-2020-28196 CVE-2020-29361 CVE-2020-36221 CVE-2020-36222 CVE-2020-36223 CVE-2020-36224 CVE-2020-36225 CVE-2020-36226 CVE-2020-36227 CVE-2020-36228 CVE-2020-36229 CVE-2020-36230 CVE-2020-8231 CVE-2020-8285 CVE-2021-20294 CVE-2021-23240 CVE-2021-23840 CVE-2021-27212 CVE-2021-27218 CVE-2021-3517 CVE-2021-3518
MLIST:[bookkeeper-issues] 20210629 [GitHub] [bookkeeper] padma81 opened a new issue #2746: Security Vulnerabilities in CentOS 7 image, Upgrade image to CentOS 8 CVE-2009-5155 CVE-2014-9114 CVE-2015-8540 CVE-2015-8948 CVE-2015-8982 CVE-2016-10087 CVE-2016-10109 CVE-2016-1234 CVE-2016-4483 CVE-2016-5300 CVE-2016-6261 CVE-2016-6262 CVE-2016-6263 CVE-2016-8615 CVE-2016-8617 CVE-2016-8623 CVE-2016-8624 CVE-2016-8625 CVE-2016-9586 CVE-2017-0663 CVE-2017-1000254 CVE-2017-10684 CVE-2017-10790 CVE-2017-13728 CVE-2017-13729 CVE-2017-13730 CVE-2017-13731 CVE-2017-13732 CVE-2017-13733 CVE-2017-16879 CVE-2017-16932 CVE-2017-18078 CVE-2017-6004 CVE-2017-6891 CVE-2017-7501 CVE-2017-9047 CVE-2017-9048 CVE-2017-9049 CVE-2017-9050 CVE-2017-9233 CVE-2018-1123 CVE-2018-16429 CVE-2018-6003 CVE-2018-6954 CVE-2018-8740 CVE-2019-13012 CVE-2019-13050 CVE-2019-13115 CVE-2019-13117 CVE-2019-13118 CVE-2019-13565 CVE-2019-19906 CVE-2019-19924 CVE-2019-3842 CVE-2019-3843 CVE-2019-3844 CVE-2019-9923 CVE-2020-1752 CVE-2020-23922 CVE-2020-25709 CVE-2020-25710 CVE-2020-27619 CVE-2020-28196 CVE-2020-29361 CVE-2020-36221 CVE-2020-36222 CVE-2020-36223 CVE-2020-36224 CVE-2020-36225 CVE-2020-36226 CVE-2020-36227 CVE-2020-36228 CVE-2020-36229 CVE-2020-36230 CVE-2020-8231 CVE-2020-8285 CVE-2021-20294 CVE-2021-23240 CVE-2021-23840 CVE-2021-27212 CVE-2021-27218 CVE-2021-3517 CVE-2021-3518
MLIST:[bookkeeper-issues] 20210914 [GitHub] [bookkeeper] nicoloboschi opened a new pull request #2793: Upgrade httpclient from 4.5.5 to 4.5.13 to address CVE-2020-13956 CVE-2020-13956
MLIST:[bookkeeper-issues] 20210917 [GitHub] [bookkeeper] nicoloboschi commented on pull request #2793: Upgrade httpclient from 4.5.5 to 4.5.13 to address CVE-2020-13956 CVE-2020-13956
MLIST:[bookkeeper-issues] 20211006 [GitHub] [bookkeeper] RaulGracia opened a new issue #2815: Upgrade to log4j2 to get rid of CVE-2019-17571 CVE-2019-17571
MLIST:[bookkeeper-issues] 20211006 [GitHub] [bookkeeper] RaulGracia opened a new pull request #2816: Issue 2815: Upgrade to log4j2 to get rid of CVE-2019-17571 CVE-2019-17571
MLIST:[bookkeeper-issues] 20211006 [GitHub] [bookkeeper] eolivelli commented on a change in pull request #2816: Issue 2815: Upgrade to log4j2 to get rid of CVE-2019-17571 CVE-2019-17571
MLIST:[bookkeeper-issues] 20211007 [GitHub] [bookkeeper] RaulGracia commented on a change in pull request #2816: Issue 2815: Upgrade to log4j2 to get rid of CVE-2019-17571 CVE-2019-17571
MLIST:[bookkeeper-issues] 20211007 [GitHub] [bookkeeper] RaulGracia commented on pull request #2816: Issue 2815: Upgrade to log4j2 to get rid of CVE-2019-17571 CVE-2019-17571
MLIST:[bookkeeper-issues] 20211007 [GitHub] [bookkeeper] eolivelli commented on a change in pull request #2816: Issue 2815: Upgrade to log4j2 to get rid of CVE-2019-17571 CVE-2019-17571
MLIST:[bookkeeper-issues] 20211013 [GitHub] [bookkeeper] eolivelli commented on pull request #2816: Issue 2815: Upgrade to log4j2 to get rid of CVE-2019-17571 CVE-2019-17571
MLIST:[bookkeeper-issues] 20211016 [GitHub] [bookkeeper] pkumar-singh commented on a change in pull request #2816: Issue 2815: Upgrade to log4j2 to get rid of CVE-2019-17571 CVE-2019-17571
MLIST:[bookkeeper-issues] 20211017 [GitHub] [bookkeeper] eolivelli commented on a change in pull request #2816: Issue 2815: Upgrade to log4j2 to get rid of CVE-2019-17571 CVE-2019-17571
MLIST:[bookkeeper-issues] 20211017 [GitHub] [bookkeeper] zymap commented on pull request #2816: Issue 2815: Upgrade to log4j2 to get rid of CVE-2019-17571 CVE-2019-17571
MLIST:[bookkeeper-issues] 20211018 [GitHub] [bookkeeper] RaulGracia commented on pull request #2816: Issue 2815: Upgrade to log4j2 to get rid of CVE-2019-17571 CVE-2019-17571
MLIST:[botan-devel] 20140411 Security Notification: Botan 1.10.8 + 1.11.9 released CVE-2014-9742
MLIST:[botan-devel] 20160201 Botan 1.11.28 and 1.10.11 released with security fixes CVE-2016-2194 CVE-2016-2195 CVE-2016-2196
MLIST:[botan-devel] 20160203 Botan 1.10.12 released CVE-2016-2194
MLIST:[botan-devel] 20160321 Botan 1.11.29 released CVE-2016-2850
MLIST:[botan-devel] 20160428 Botan 1.10.13 released CVE-2015-7827 CVE-2016-2849
MLIST:[brooklyn-dev] 20200403 [GitHub] [brooklyn-server] nakomis opened a new pull request #1089: Bumps commons-compress version CVE-2019-12402
MLIST:[brooklyn-dev] 20200420 [GitHub] [brooklyn-server] duncangrant opened a new pull request #1091: Update library versions due to CVEs CVE-2017-5929 CVE-2019-10086
MLIST:[bug-anubis] 20040228 Important security update CVE-2004-0353 CVE-2004-0354
MLIST:[bug-bash] 20160916 Bash-4.4 Release available CVE-2016-7543
MLIST:[bug-binutils] 20060418 [Bug binutils/2584] New: SIGSEGV in strings tool when the file is crafted. CVE-2006-2362
MLIST:[bug-cvs] 20170810 CVS and ssh command injection (see CVE-2017-1000117, etc.) CVE-2017-12836
MLIST:[bug-ed] 20080821 Version 1.0 of GNU ed released CVE-2008-3916
MLIST:[bug-gnu-chess] 20151029 Buffer overflow issue in gnuchess CVE-2015-8972
MLIST:[bug-gnu-utils] 19990625 Re: bug in gzip: segfault when doing "gzip -t" on a broken file CVE-2005-2458
MLIST:[bug-grep] 20121217 Re: Exploit in grep.. CVE-2012-5667
MLIST:[bug-gzip] 20091002 gzip-1.3.13 released [major] CVE-2009-2624
MLIST:[bug-unrtf] 20141124 out-of-bounds memory access in unrtf CVE-2014-9274
MLIST:[bug-wget] 20090922 Release: GNU Wget 1.12 CVE-2009-3490
MLIST:[bug-wget] 20100520 Re: security risk of unexpected download filenames CVE-2010-2252
MLIST:[bug-wget] 20100520 security risk of unexpected download filenames CVE-2010-2252
MLIST:[bug-wget] 20100521 Re: security risk of unexpected download filenames CVE-2010-2252
MLIST:[bug-wget] 20141027 GNU wget 1.16 released CVE-2014-4877
MLIST:[bug-wget] 20150810 FTP PORT command code in v1.16.3? CVE-2015-7665
MLIST:[busybox] 20130722 1.21.0 is released CVE-2013-1813
MLIST:[cacti-announce] 20050701 Cacti 0.8.6f Released CVE-2005-2148 CVE-2005-2149
MLIST:[cadaver] 20070123 release 0.22.5 CVE-2007-0157
MLIST:[cairo-announce] 20150310 cairo release 1.14.2 now available CVE-2016-3190
MLIST:[camel-commits] 20190430 [camel] branch master updated: Added CVE-2019-0194 details CVE-2019-0194
MLIST:[camel-commits] 20190430 svn commit: r1044347 - in /websites/production/camel/content: cache/main.pageCache security-advisories.data/CVE-2019-0194.txt.asc security-advisories.html CVE-2015-0263 CVE-2015-0264 CVE-2015-5344 CVE-2015-5348 CVE-2016-8749 CVE-2017-12633 CVE-2017-12634 CVE-2017-3159 CVE-2017-5643 CVE-2018-8027 CVE-2018-8041 CVE-2019-0194
MLIST:[camel-commits] 20190524 [camel] 02/02: CVE-2019-0188 - Changed the title in security advisories CVE-2019-0194
MLIST:[camel-commits] 20190524 [camel] branch master updated: Added security advisory for CVE-2019-0188 CVE-2019-0194
MLIST:[camel-commits] 20190524 svn commit: r1045395 - in /websites/production/camel/content: cache/main.pageCache security-advisories.data/CVE-2019-0188.txt.asc security-advisories.html CVE-2015-0263 CVE-2015-0264 CVE-2015-5344 CVE-2015-5348 CVE-2016-8749 CVE-2017-12633 CVE-2017-12634 CVE-2017-3159 CVE-2017-5643 CVE-2018-8027 CVE-2018-8041 CVE-2019-0194
MLIST:[camel-commits] 20200220 [camel] branch camel-2.25.x updated: Updating Spring due to CVE-2020-5398 CVE-2020-5398
MLIST:[camel-commits] 20200313 [camel] branch camel-3.1.x updated: Update Commons Configuration 2 due to CVE-2020-1953 CVE-2020-1953
MLIST:[camel-commits] 20200325 [camel] branch camel-3.0.x updated: Updating Shiro to 1.5.2 due to CVE-2020-1957 CVE-2020-1957
MLIST:[camel-commits] 20200520 [camel] branch camel-2.25.x updated: Updating htmlunit due to CVE-2020-5529 CVE-2020-5529
MLIST:[camel-commits] 20200522 [camel-website] 01/02: CVE-2020-11971 - Amend the fix version CVE-2020-11971
MLIST:[camel-commits] 20200522 [camel-website] 02/02: CVE-2020-11971 - Amended fix version CVE-2020-11971
MLIST:[camel-commits] 20200522 [camel-website] branch CVE-2020-11971-amend created (now 2a753f7) CVE-2020-11971
MLIST:[camel-commits] 20200723 [GitHub] [camel] mmelko opened a new pull request #4037: Update pgjdbc driver verion, that includes fix for CVE-2020-13692 CVE-2020-13692
MLIST:[camel-commits] 20200723 [GitHub] [camel] mmelko opened a new pull request #4038: Update pgjdbc driver verion, that includes fix for CVE-2020-13692 CVE-2020-13692
MLIST:[camel-commits] 20200723 [GitHub] [camel] oscerd commented on pull request #4038: Update pgjdbc driver version, that includes fix for CVE-2020-13692 CVE-2020-13692
MLIST:[camel-commits] 20200723 [GitHub] [camel] oscerd merged pull request #4037: Update pgjdbc driver version, that includes fix for CVE-2020-13692 CVE-2020-13692
MLIST:[camel-commits] 20200723 [GitHub] [camel] oscerd merged pull request #4038: Update pgjdbc driver version, that includes fix for CVE-2020-13692 CVE-2020-13692
MLIST:[camel-commits] 20200723 [camel] branch camel-3.4.x updated: Update pgjdbc driver version, that includes fix for CVE-2020-13692 (#4038) CVE-2020-13692
MLIST:[camel-commits] 20200723 [camel] branch master updated: Update pgjdbc driver version, that includes fix for CVE-2020-13692 (#4037) CVE-2020-13692
MLIST:[camel-commits] 20200921 [camel] 01/03: Updating Deltaspike to 1.9.4 due to CVE-2019-12416 CVE-2019-12416
MLIST:[camel-commits] 20201120 [camel] branch camel-2.25.x updated: Updating Netty to 4.1.48.Final to fix some CVEs (e.g. CVE-2019-16869, CVE-2019-20444) CVE-2019-16869 CVE-2019-20444
MLIST:[camel-commits] 20210823 [GitHub] [camel] zhfeng commented on pull request #5976: Upgrade thrift to 0.14.1 include the fix of CVE-2020-13949 CVE-2020-13949
MLIST:[camel-commits] 20210823 [GitHub] [camel] zhfeng merged pull request #5976: Upgrade thrift to 0.14.1 include the fix of CVE-2020-13949 CVE-2020-13949
MLIST:[camel-commits] 20210823 [GitHub] [camel] zhfeng opened a new pull request #5976: Upgrade thrift to 0.14.1 include the fix of CVE-2020-13949 CVE-2020-13949
MLIST:[camel-commits] 20210823 [camel] branch main updated: CAMEL-16880: camel-thrift - Upgrade thrift to 0.14.1 include the fix of CVE-2020-13949 (#5976) CVE-2020-13949
MLIST:[camel-commits] 20210824 [GitHub] [camel] oscerd commented on pull request #5976: Upgrade thrift to 0.14.1 include the fix of CVE-2020-13949 CVE-2020-13949
MLIST:[camel-commits] 20210824 [GitHub] [camel] zhfeng commented on pull request #5976: Upgrade thrift to 0.14.1 include the fix of CVE-2020-13949 CVE-2020-13949
MLIST:[camel-commits] 20211006 [camel] branch main updated: Camel-XStream: Added a test about CVE-2020-26217 CVE-2020-26217
MLIST:[camel-dev] 20180731 [SECURITY] New security advisory CVE-2018-8027 released for Apache Camel CVE-2018-8027
MLIST:[camel-users] 20190430 [SECURITY] New security advisory CVE-2019-0194 released for Apache Camel CVE-2019-0194
MLIST:[camel-users] 20190524 [SECURITY][ERRATA-CORRIGE] New security advisory CVE-2019-0188 released for Apache Camel CVE-2019-0188
MLIST:[caml-list] 20170623 OCaml release 4.04.2 CVE-2017-9779
MLIST:[cas-dev] 20140401 CAS 3.5.2.1 and 3.4.12.1 Security Releases CVE-2014-2296
MLIST:[cassandra-commits] 20190612 [jira] [Assigned] (CASSANDRA-14760) CVE-2018-10237 Security vulnerability in 3.11.3 CVE-2018-10237
MLIST:[cassandra-commits] 20190919 [jira] [Created] (CASSANDRA-15328) Bump jackson version to >= 2.9.9.3 to address security vulnerabilities CVE-2019-12086 CVE-2019-12384 CVE-2019-12814 CVE-2019-14439
MLIST:[cassandra-commits] 20191112 [jira] [Created] (CASSANDRA-15411) [9.8] [CVE-2017-5929] [Cassandra] [2.2.5] CVE-2017-5929
MLIST:[cassandra-commits] 20191112 [jira] [Created] (CASSANDRA-15412) Security vulnerability CVE-2016-4970 for Netty CVE-2016-4970
MLIST:[cassandra-commits] 20191112 [jira] [Updated] (CASSANDRA-15411) [9.8] [CVE-2017-5929] [Cassandra] [2.2.5] CVE-2017-5929
MLIST:[cassandra-commits] 20191113 [jira] [Created] (CASSANDRA-15415) CVE-2019-0205 (Apache Thrift all versions up to and including 0.12.0 vulnerable) of severity 7.5 CVE-2019-0205
MLIST:[cassandra-commits] 20191113 [jira] [Created] (CASSANDRA-15416) CVE-2017-7525 ( jackson-databind is vulnerable to Remote Code Execution) on version 3.11.4 CVE-2017-4995 CVE-2017-7525
MLIST:[cassandra-commits] 20191113 [jira] [Created] (CASSANDRA-15417) CVE-2019-16869(Netty is vulnerable to HTTP Request Smuggling) of severity 7.5 CVE-2019-16869
MLIST:[cassandra-commits] 20191113 [jira] [Created] (CASSANDRA-15418) CVE-2019-16869(Netty is vulnerable to HTTP Request Smuggling) of severity 7.5 for Cassendra 2.2.5 CVE-2019-16869
MLIST:[cassandra-commits] 20191113 [jira] [Created] (CASSANDRA-15420) CVE-2019-0205(Apache Thrift all versions up to and including 0.12.0) on version Cassendra 3.11.4 CVE-2019-0205
MLIST:[cassandra-commits] 20191113 [jira] [Created] (CASSANDRA-15421) CVE-2017-5929(QOS.ch Logback before 1.2.0 has a serialization vulnerability affecting the SocketServer and ServerSocketReceiver components.) CVE-2017-5929
MLIST:[cassandra-commits] 20191113 [jira] [Created] (CASSANDRA-15422) CVE-2018-1320(The libthrift component is vulnerable to Improper Access Control) on Cassendra 3.11.4 CVE-2018-1320
MLIST:[cassandra-commits] 20191113 [jira] [Created] (CASSANDRA-15423) CVE-2015-2156 (Netty is vulnerable to Information Disclosure) CVE-2015-2156
MLIST:[cassandra-commits] 20191113 [jira] [Created] (CASSANDRA-15424) CVE-2018-1320 (The libthrift component is vulnerable to Improper Access Control) CVE-2018-1320
MLIST:[cassandra-commits] 20191114 [jira] [Commented] (CASSANDRA-15423) CVE-2015-2156 (Netty is vulnerable to Information Disclosure) CVE-2015-2156
MLIST:[cassandra-commits] 20191119 [jira] [Assigned] (CASSANDRA-15424) CVE-2018-1320 (The libthrift component is vulnerable to Improper Access Control) CVE-2018-1320
MLIST:[cassandra-commits] 20191119 [jira] [Updated] (CASSANDRA-15424) CVE-2018-1320 (The libthrift component is vulnerable to Improper Access Control) CVE-2018-1320
MLIST:[cassandra-commits] 20200218 [jira] [Created] (CASSANDRA-15590) Upgrade io.netty_netty-all dependency to fix security vulnerabilities CVE-2019-16869 CVE-2019-20444 CVE-2019-20445
MLIST:[cassandra-commits] 20200407 [jira] [Created] (CASSANDRA-15701) Does Cassandra 3.11.3/3.11.5 is affected by CVE-2019-10712 or not ? CVE-2019-10712
MLIST:[cassandra-commits] 20200413 [jira] [Commented] (CASSANDRA-15701) Does Cassandra 3.11.3/3.11.5 is affected by CVE-2019-10712 or not ? CVE-2019-10712
MLIST:[cassandra-commits] 20200420 [jira] [Commented] (CASSANDRA-15701) Does Cassandra 3.11.3/3.11.5 is affected by CVE-2019-10712 or not ? CVE-2019-10712
MLIST:[cassandra-commits] 20200420 [jira] [Updated] (CASSANDRA-15701) Does Cassandra 3.11.3/3.11.5 is affected by CVE-2019-10712 or not ? CVE-2019-10712
MLIST:[cassandra-commits] 20200604 [jira] [Created] (CASSANDRA-15856) Security vulnerabilities with dependency jars of Cassandra 3.11.6 CVE-2016-5397 CVE-2018-1320 CVE-2019-0205 CVE-2019-16869 CVE-2019-20444 CVE-2019-20445
MLIST:[cassandra-commits] 20200901 [jira] [Commented] (CASSANDRA-15701) Does Cassandra 3.11.3/3.11.5 is affected by CVE-2019-10712 or not ? CVE-2019-10712
MLIST:[cassandra-commits] 20200930 [jira] [Comment Edited] (CASSANDRA-16150) Upgrade to snakeyaml >= 1.26 version for CVE-2017-18640 fix CVE-2017-18640
MLIST:[cassandra-commits] 20200930 [jira] [Commented] (CASSANDRA-16150) Upgrade to snakeyaml >= 1.26 version for CVE-2017-18640 fix CVE-2017-18640
MLIST:[cassandra-commits] 20200930 [jira] [Created] (CASSANDRA-16150) Upgrade to snakeyaml >= 1.26 version for CVE-2017-18640 fix CVE-2017-18640
MLIST:[cassandra-commits] 20200930 [jira] [Updated] (CASSANDRA-16150) Upgrade to snakeyaml >= 1.26 version for CVE-2017-18640 fix CVE-2017-18640
MLIST:[cassandra-commits] 20201001 [jira] [Commented] (CASSANDRA-16150) Upgrade to snakeyaml >= 1.26 version for CVE-2017-18640 fix CVE-2017-18640
MLIST:[cassandra-commits] 20201002 [jira] [Comment Edited] (CASSANDRA-16150) Upgrade to snakeyaml >= 1.26 version for CVE-2017-18640 fix CVE-2017-18640
MLIST:[cassandra-commits] 20201002 [jira] [Commented] (CASSANDRA-16150) Upgrade to snakeyaml >= 1.26 version for CVE-2017-18640 fix CVE-2017-18640
MLIST:[cassandra-commits] 20201007 [jira] [Commented] (CASSANDRA-16150) Upgrade to snakeyaml >= 1.26 version for CVE-2017-18640 fix CVE-2017-18640
MLIST:[cassandra-commits] 20201007 [jira] [Updated] (CASSANDRA-16150) Upgrade to snakeyaml >= 1.26 version for CVE-2017-18640 fix CVE-2017-18640
MLIST:[cassandra-commits] 20201009 [cassandra] branch trunk updated: Upgrade to snakeyaml >= 1.26 version for CVE-2017-18640 fix CVE-2017-18640
MLIST:[cassandra-commits] 20201009 [jira] [Comment Edited] (CASSANDRA-16150) Upgrade to snakeyaml >= 1.26 version for CVE-2017-18640 fix CVE-2017-18640
MLIST:[cassandra-commits] 20201009 [jira] [Commented] (CASSANDRA-16150) Upgrade to snakeyaml >= 1.26 version for CVE-2017-18640 fix CVE-2017-18640
MLIST:[cassandra-commits] 20201009 [jira] [Updated] (CASSANDRA-16150) Upgrade to snakeyaml >= 1.26 version for CVE-2017-18640 fix CVE-2017-18640
MLIST:[cassandra-commits] 20210108 [jira] [Commented] (CASSANDRA-15829) Upgrade to logback 1.2.3 to address CVE-2017-5929 CVE-2017-5929
MLIST:[cassandra-commits] 20210108 [jira] [Updated] (CASSANDRA-15421) CVE-2017-5929 in 3.11.x (QOS.ch Logback before 1.2.0 has a serialization vulnerability affecting the SocketServer and ServerSocketReceiver components.) CVE-2017-5929
MLIST:[cassandra-commits] 20210108 [jira] [Updated] (CASSANDRA-15829) Upgrade to logback 1.2.3 to address CVE-2017-5929 CVE-2017-5929
MLIST:[cassandra-commits] 20210111 [jira] [Assigned] (CASSANDRA-15829) Upgrade to logback 1.2.3 to address CVE-2017-5929 CVE-2017-5929
MLIST:[cassandra-commits] 20210111 [jira] [Commented] (CASSANDRA-15829) Upgrade to logback 1.2.3 to address CVE-2017-5929 CVE-2017-5929
MLIST:[cassandra-commits] 20210111 [jira] [Updated] (CASSANDRA-15411) [9.8] [CVE-2017-5929] [Cassandra] [2.2.5] CVE-2017-5929
MLIST:[cassandra-commits] 20210111 [jira] [Updated] (CASSANDRA-15421) CVE-2017-5929 in 3.11.x (QOS.ch Logback before 1.2.0 has a serialization vulnerability affecting the SocketServer and ServerSocketReceiver components.) CVE-2017-5929
MLIST:[cassandra-commits] 20210111 [jira] [Updated] (CASSANDRA-15829) Upgrade to logback 1.2.3 to address CVE-2017-5929 CVE-2017-5929
MLIST:[cassandra-commits] 20210217 [jira] [Created] (CASSANDRA-16455) CVE-2020-17516 mitigation in 2.2.x branch CVE-2020-17516
MLIST:[cassandra-commits] 20210323 [jira] [Updated] (CASSANDRA-15424) CVE-2018-1320 (The libthrift component is vulnerable to Improper Access Control) CVE-2018-1320
MLIST:[cassandra-commits] 20210415 [jira] [Comment Edited] (CASSANDRA-15424) CVE-2018-1320 (The libthrift component is vulnerable to Improper Access Control) CVE-2018-1320
MLIST:[cassandra-commits] 20210415 [jira] [Commented] (CASSANDRA-15420) CVE-2019-0205(Apache Thrift all versions up to and including 0.12.0) on version Cassendra 3.11.4 CVE-2019-0205
MLIST:[cassandra-commits] 20210415 [jira] [Commented] (CASSANDRA-15424) CVE-2018-1320 (The libthrift component is vulnerable to Improper Access Control) CVE-2018-1320
MLIST:[cassandra-commits] 20210415 [jira] [Updated] (CASSANDRA-15420) CVE-2019-0205(Apache Thrift all versions up to and including 0.12.0) on version Cassendra 3.11.4 CVE-2019-0205
MLIST:[cassandra-commits] 20210415 [jira] [Updated] (CASSANDRA-15424) CVE-2018-1320 (The libthrift component is vulnerable to Improper Access Control) CVE-2018-1320
MLIST:[cassandra-commits] 20210523 [jira] [Updated] (CASSANDRA-16455) CVE-2020-17516 mitigation in 2.2.x branch CVE-2020-17516
MLIST:[cassandra-commits] 20210526 [jira] [Created] (CASSANDRA-16698) Security vulnerability CVE-2019-9518 for Netty CVE-2019-9518
MLIST:[cassandra-commits] 20210526 [jira] [Created] (CASSANDRA-16699) Security vulnerability CVE-2020-7238 for Netty CVE-2019-16869 CVE-2020-7238
MLIST:[cassandra-commits] 20210526 [jira] [Updated] (CASSANDRA-16698) Security vulnerability CVE-2019-9518 for Netty CVE-2019-9518
MLIST:[cassandra-commits] 20210526 [jira] [Updated] (CASSANDRA-16699) Security vulnerability CVE-2020-7238 for Netty CVE-2019-16869 CVE-2020-7238
MLIST:[cassandra-commits] 20210816 [jira] [Created] (CASSANDRA-16857) Security vulnerability CVE-2020-8492 CVE-2020-8492
MLIST:[cassandra-commits] 20210816 [jira] [Updated] (CASSANDRA-16857) Security vulnerability CVE-2020-8492 CVE-2020-8492
MLIST:[cassandra-commits] 20210915 [jira] [Updated] (CASSANDRA-16455) CVE-2020-17516 mitigation in 2.2.x branch CVE-2020-17516
MLIST:[cassandra-commits] 20210923 [jira] [Updated] (CASSANDRA-15829) Upgrade to logback 1.2.3 to address CVE-2017-5929 CVE-2017-5929
MLIST:[cassandra-commits] 20210924 [jira] [Assigned] (CASSANDRA-15420) CVE-2019-0205(Apache Thrift all versions up to and including 0.12.0) on version Cassendra 3.11.4 CVE-2019-0205
MLIST:[cassandra-commits] 20210924 [jira] [Commented] (CASSANDRA-15417) CVE-2019-16869(Netty is vulnerable to HTTP Request Smuggling) of severity 7.5 CVE-2019-16869
MLIST:[cassandra-commits] 20210924 [jira] [Commented] (CASSANDRA-16990) Update jbcrypt library to 0.4 from 0.3m to resolve CVE-2015-0886 CVE-2015-0886
MLIST:[cassandra-commits] 20210924 [jira] [Created] (CASSANDRA-16990) Update jbcrypt library to 0.4 from 0.3m to resolve CVE-2015-0886 CVE-2015-0886
MLIST:[cassandra-commits] 20210924 [jira] [Updated] (CASSANDRA-15417) CVE-2019-16869(Netty is vulnerable to HTTP Request Smuggling) of severity 7.5 CVE-2019-16869
MLIST:[cassandra-commits] 20210924 [jira] [Updated] (CASSANDRA-15420) CVE-2019-0205(Apache Thrift all versions up to and including 0.12.0) on version Cassendra 3.11.4 CVE-2019-0205
MLIST:[cassandra-commits] 20210924 [jira] [Updated] (CASSANDRA-15424) CVE-2018-1320 (The libthrift component is vulnerable to Improper Access Control) CVE-2018-1320
MLIST:[cassandra-commits] 20210924 [jira] [Updated] (CASSANDRA-16990) Update jbcrypt library to 0.4 from 0.3m to resolve CVE-2015-0886 CVE-2015-0886
MLIST:[cassandra-commits] 20210927 [jira] [Commented] (CASSANDRA-15416) CVE-2017-7525 ( jackson-databind is vulnerable to Remote Code Execution) on version 3.11.4 CVE-2017-4995 CVE-2017-7525
MLIST:[cassandra-commits] 20210927 [jira] [Updated] (CASSANDRA-15416) CVE-2017-7525 ( jackson-databind is vulnerable to Remote Code Execution) on version 3.11.4 CVE-2017-4995 CVE-2017-7525
MLIST:[cassandra-dev] 20200831 CVE-2016-3427 Apache Cassandra Unspecified vulnerability related to JMX CVE-2016-3427
MLIST:[cassandra-dev] 20200901 CVE-2020-13946 Apache Cassandra RMI Rebind Vulnerability CVE-2019-2684
MLIST:[cassandra-pr] 20200907 [GitHub] [cassandra] crazylab opened a new pull request #736: Upgrade to a snakeyaml version without CVE CVE-2017-18640
MLIST:[cassandra-user] 20190809 cassandra does not start with new systemd version CVE-2018-16888
MLIST:[cassandra-user] 20200831 CVE-2016-3427 Apache Cassandra Unspecified vulnerability related to JMX CVE-2016-3427
MLIST:[cassandra-user] 20200901 CVE-2020-13946 Apache Cassandra RMI Rebind Vulnerability CVE-2019-2684
MLIST:[cassandra-user] 20200901 Re: CVE-2020-13946 Apache Cassandra RMI Rebind Vulnerability CVE-2019-2684 CVE-2020-13946
MLIST:[cassandra-user] 20200902 Re: CVE-2020-13946 Apache Cassandra RMI Rebind Vulnerability CVE-2019-2684 CVE-2020-13946
MLIST:[cassandra-user] 20200911 Re: CVE-2020-13946 Apache Cassandra RMI Rebind Vulnerability CVE-2019-2684 CVE-2020-13946
MLIST:[cassandra-user] 20211004 Re: Vulnerability in libthrift library (CVE-2019-0205) CVE-2019-0205
MLIST:[cassandra-user] 20211004 Vulnerability in libthrift library (CVE-2019-0205) CVE-2019-0205
MLIST:[cassandra-user] 20211005 Re: Vulnerability in libthrift library (CVE-2019-0205) CVE-2019-0205
MLIST:[cayenne-user] 20180822 CVE-2018-11758: Apache Cayenne XXE Vulnerability in CayenneModeler GUI tool CVE-2018-11758
MLIST:[cf-dev] 20160201 CVE-2016-0713 Gorouter XSS CVE-2016-0713
MLIST:[cf-dev] 20160630 CVE-2016-4468 UAA SQL Injection CVE-2016-4468
MLIST:[cgiirc-general] 20110207 CGI:IRC 0.5.10 released to fix XSS issue (CVE-2011-0050) CVE-2011-0050
MLIST:[chicken-announce] 20140518 [SECURITY] Buffer-overrun in some uses of read-u8vect CVE-2014-3776
MLIST:[chicken-announce] 20150615 [Chicken-announce] [SECURITY] Potential buffer overrun in string-translate* CVE-2015-4556
MLIST:[chicken-announce] 20151111 Spiffy path traversal vulnerability CVE-2015-8235
MLIST:[chicken-announce] 20160721 [SECURITY] spiffy-cgi-handlers and http-client updated to prevent "httpoxy" attack CVE-2016-6286 CVE-2016-6287
MLIST:[chicken-hackers] 20150614 [Chicken-hackers] [PATCH] [SECURITY] Fix buffer overrun in string-translate* CVE-2015-4556
MLIST:[chromium-reviews] 20160217 FileURLToFilePath: Don't unescape '/' and '\\'. (issue 1704163003 by mmenke@chromium.org) CVE-2016-1671
MLIST:[chrony-announce] 20130808 chrony-1.29 released (security) CVE-2012-4502 CVE-2012-4503
MLIST:[cisco-nsp] 20070817 About the posting entitled "Heads up: "sh ip bgp regexp" crashing router" CVE-2007-4430
MLIST:[cisco-nsp] 20070817 Heads up: "sh ip bgp regexp" crashing router CVE-2007-4430
MLIST:[cisco-nsp] 20120202 Ambiguous ACL "log" in 12.2(58)SE2? CVE-2012-0362
MLIST:[clamav-announce] 20081126 announcing ClamAV 0.94.2 CVE-2008-5314
MLIST:[clamav-devel] 20070418 Bug in OLE2 file parser CVE-2007-2650
MLIST:[claws-mail] 20140526 Claws Mail 3.10.0 Unleashed!!! CVE-2014-2576
MLIST:[client-cvs] 20080117 core rtspprotocol.cpp,1.55.2.18,1.55.2.19 CVE-2009-4248
MLIST:[client-cvs] 20080117 core rtspprotocol.cpp,1.85,1.86 CVE-2009-4248
MLIST:[client-dev] 20080117 CR: fix for bug 211210 CVE-2009-4248
MLIST:[cloudstack-announce] 20161027 Apache CloudStack Security Releases 4.8.1.1, 4.9.0.1 CVE-2016-6813
MLIST:[cloudstack-dev] 20121007 [CVE-2012-4501] CloudStack security announcement CVE-2012-4501
MLIST:[cloudstack-dev] 20130424 Apache CloudStack Security Advisory: Multiple vulnerabilities in Apache CloudStack CVE-2013-2756 CVE-2013-2758
MLIST:[cloudstack-dev] 20210910 CVE-2021-40346 (haproxy 2.x) CVE-2021-40346
MLIST:[cloudstack-dev] 20210910 Re: CVE-2021-40346 (haproxy 2.x) CVE-2021-40346
MLIST:[cloudstack-users] 20160205 CVE-2015-3251: Apache CloudStack VM Credential Exposure CVE-2015-3251
MLIST:[cloudstack-users] 20160205 CVE-2015-3252: Apache CloudStack VNC authentication issue CVE-2015-3252
MLIST:[cluster-devel] 20070619 cluster/cman/daemon daemon.c CVE-2007-3373 CVE-2007-3374
MLIST:[cluster-devel] 20110912 [PATCH] GFS2: rewrite fallocate code to write blocks directly CVE-2011-4098
MLIST:[commits] 20060504 bk commit into 4.1 tree (bar:1.2474) CVE-2006-4226
MLIST:[commits] 20060620 bk commit into 5.0 tree (kroki:1.2168) BUG#18630 CVE-2006-4227
MLIST:[commits] 20081124 bzr commit into mysql-6.0-backup branch (ingo.struewing:2744) Bug#39277 CVE-2008-7247
MLIST:[commits] 20100113 bzr commit into mysql-5.0-bugteam branch (ramil:2838) Bug#50227 CVE-2009-4484
MLIST:[commits] 20100824 Horde branch master updated. 025a1bfbe69622036f8e3a27a6edd39c02dcd4ea CVE-2010-3447
MLIST:[commons-commits] 20190827 [commons-compress] branch master updated: record CVE-2019-12402 CVE-2018-11771
MLIST:[commons-dev] 20140206 [SECURITY] CVE-2014-0050 Apache Commons FileUpload and Apache Tomcat DoS CVE-2014-0050
MLIST:[commons-dev] 20190503 [CVE-2018-17201]: Apache Commons Imaging information disclosure vulnerability CVE-2018-17201
MLIST:[commons-dev] 20190503 [CVE-2018-17202]: Apache Commons Imaging information disclosure vulnerability CVE-2018-17202
MLIST:[commons-dev] 20210414 Re: [all] OSS Fuzz CVE-2021-29425
MLIST:[commons-dev] 20210415 Re: [all] OSS Fuzz CVE-2021-29425
MLIST:[commons-issues] 20190906 [jira] [Closed] (CONFIGURATION-755) [CVE-2014-0114] Update Apache Commons BeanUtils from 1.9.3 to 1.9.4. CVE-2019-10086
MLIST:[commons-issues] 20190906 [jira] [Updated] (CONFIGURATION-755) [CVE-2014-0114] Update Apache Commons BeanUtils from 1.9.3 to 1.9.4. CVE-2019-10086
MLIST:[commons-issues] 20190925 [GitHub] [commons-validator] jeff-schram opened a new pull request #18: Update pom.xml CVE-2019-10086
MLIST:[commons-issues] 20200918 [jira] [Created] (LANG-1607) To aid with CVE-2019-16303, consider upgrading RandomStringUtils default RNG CVE-2019-16303
MLIST:[commons-issues] 20200919 [jira] [Commented] (LANG-1607) To aid with CVE-2019-16303, consider upgrading RandomStringUtils default RNG CVE-2019-16303
MLIST:[commons-issues] 20200921 [jira] [Commented] (LANG-1607) To aid with CVE-2019-16303, consider upgrading RandomStringUtils default RNG CVE-2019-16303
MLIST:[commons-notifications] 20190827 svn commit: r1049290 - in /websites/production/commons/content/proper/commons-compress: changes-report.html security-reports.html CVE-2018-11771
MLIST:[commons-user] 20210709 Re: commons-fileupload dependency and CVE CVE-2021-29425
MLIST:[commons-user] 20210709 commons-fileupload dependency and CVE CVE-2021-29425
MLIST:[community-dev] 20190411 CVE-2019-0211 applicable to versions 2.2.x? CVE-2019-0211
MLIST:[community-dev] 20190411 RE: CVE-2019-0211 applicable to versions 2.2.x? CVE-2019-0211
MLIST:[community-dev] 20190411 Re: CVE-2019-0211 applicable to versions 2.2.x? CVE-2019-0211
MLIST:[condor-users] 20171114 HTCondor Security Release: 8.6.8 and 8.7.5 CVE-2017-16816
MLIST:[conquest] 20070303 Re: security bugs in conquest CVE-2007-1371
MLIST:[containers] 20150402 [PATCH review 0/19] Locked mount and loopback mount fixes CVE-2014-9717
MLIST:[containers] 20150403 [PATCH review 17/19] vfs: Test for and handle paths that are unreachable from their mnt_root CVE-2015-2925
MLIST:[containers] 20150403 [PATCH review 19/19] vfs: Do not allow escaping from bind mounts. CVE-2015-2925
MLIST:[continuum-users] 20110210 [SECURITY] CVE-2010-3449: Apache Continuum CSRF vulnerability CVE-2010-3449
MLIST:[continuum-users] 20110210 [SECURITY] CVE-2011-0533: Apache Continuum cross-site scripting vulnerability CVE-2011-0533
MLIST:[cordova-commits] 20201117 [cordova-plugin-inappbrowser] branch master updated: fix(android): Add mitigation strategy for CVE-2020-6506 (#792) CVE-2020-6506
MLIST:[cordova-dev] 20140304 [CVE-2014-0072] Apache Cordova File-Transfer insecure defaults CVE-2014-0072
MLIST:[cordova-dev] 20140304 [CVE-2014-0073] Apache Cordova In-App-Browser privilege escalation CVE-2014-0073
MLIST:[cordova-dev] 20191128 CVE-2019-0219: Apache Cordova InAppBrowser Privilege Escalation (Android) CVE-2019-0219
MLIST:[cordova-issues] 20200929 [GitHub] [cordova-docs] purplecabbage merged pull request #1123: Added Security Advisory CVE-2020-6506 CVE-2020-6506
MLIST:[cordova-issues] 20200929 [GitHub] [cordova-docs] purplecabbage opened a new pull request #1123: Added Security Advisory CVE-2020-6506 CVE-2020-6506
MLIST:[cordova-issues] 20201001 [GitHub] [cordova-docs] dpogue commented on issue #1022: Document warnings on using remote source for <content> CVE-2020-6506
MLIST:[cordova-issues] 20201007 [GitHub] [cordova-plugin-inappbrowser] carlpoole opened a new pull request #792: fix(android): Add mitigation strategy for CVE-2020-6506 CVE-2020-6506
MLIST:[cordova-issues] 20201116 [GitHub] [cordova-plugin-inappbrowser] NiklasMerz commented on pull request #792: fix(android): Add mitigation strategy for CVE-2020-6506 CVE-2020-6506
MLIST:[cordova-issues] 20201117 [GitHub] [cordova-plugin-inappbrowser] NiklasMerz merged pull request #792: fix(android): Add mitigation strategy for CVE-2020-6506 CVE-2020-6506
MLIST:[cordova-issues] 20210224 [GitHub] [cordova-cli] iva2k opened a new issue #549: update systeminformation package to >=5.3.1 CVE-2021-21315
MLIST:[cordova-issues] 20210414 [GitHub] [cordova-common] RichardMcSorley commented on issue #163: Security Vulnerability in underscore <= 1.12.0 CVE-2021-23358 CVE-2021-23358
MLIST:[cordova-issues] 20210414 [GitHub] [cordova-common] RichardMcSorley edited a comment on issue #163: Security Vulnerability in underscore <= 1.12.0 CVE-2021-23358 CVE-2021-23358
MLIST:[cordova-issues] 20210414 [GitHub] [cordova-common] RichardMcSorley opened a new issue #163: Security Vulnerability in underscore <= 1.12.0 CVE-2021-23358 CVE-2021-23358
MLIST:[cordova-issues] 20210414 [GitHub] [cordova-common] breautek closed issue #163: Security Vulnerability in underscore <= 1.12.0 CVE-2021-23358 CVE-2021-23358
MLIST:[cordova-issues] 20210414 [GitHub] [cordova-common] breautek commented on issue #163: Security Vulnerability in underscore <= 1.12.0 CVE-2021-23358 CVE-2021-23358
MLIST:[cosmo-dev] 20071207 Chandler Server (Cosmo) 0.10.1 released CVE-2007-6383
MLIST:[couchdb-announce] 20180710 Apache CouchDB 1.7.2 released CVE-2018-8007
MLIST:[couchdb-announce] 20180710 Apache CouchDB 2.1.2 released CVE-2018-8007
MLIST:[couchdb-dev] 20161208 http://mail-archives.apache.org/mod_mbox/couchdb-dev/201612.mbox/%3C825F65E1-0E5F-4E1F-8053-CF2C6200C526%40apache.org%3E CVE-2016-8742
MLIST:[couchdb-user] 20130114 CVE-2012-5650 Apache CouchDB DOM based Cross-Site Scripting via Futon UI CVE-2012-5650
MLIST:[courier-announce] 20080608 courier-authlib 0.60.6 released CVE-2008-2667
MLIST:[courier-users] 20050824 Re: [SECUNIA] Vulnerability in SqWebMail CVE-2005-2724
MLIST:[courier-users] 20080314 Re: [courier-users] [Fwd: Re: authmysql vs apostrophe] CVE-2008-2667
MLIST:[creadur-commits] 20191022 [creadur-rat] branch master updated: RAT-258: Update to latest commons-compress to fix CVE-2019-12402 CVE-2019-12402
MLIST:[creadur-commits] 20200518 [creadur-rat] 03/03: RAT-269: Update Apache ANT to fix CVE-2020-1945 CVE-2020-1945
MLIST:[creadur-commits] 20200518 [creadur-rat] branch master updated: RAT-269: Update Apache ANT to fix CVE-2020-1945 CVE-2020-1945
MLIST:[creadur-commits] 20201014 [creadur-rat] 01/02: RAT-277: Update junit to fix CVE-2020-15250 CVE-2020-15250
MLIST:[creadur-commits] 20201014 [creadur-tentacles] branch master updated: Update junit to fix CVE-2020-15250 CVE-2020-15250
MLIST:[creadur-commits] 20201014 [creadur-whisker] branch master updated: Update junit to fix CVE-2020-15250 CVE-2020-15250
MLIST:[creadur-commits] 20210608 [jira] [Assigned] (TENTACLES-13) Upgrade httpclient to circumvent CVE-2020-13956 CVE-2020-13956
MLIST:[creadur-commits] 20210608 [jira] [Commented] (TENTACLES-13) Upgrade httpclient to circumvent CVE-2020-13956 CVE-2020-13956
MLIST:[creadur-commits] 20210608 [jira] [Created] (TENTACLES-13) Upgrade httpclient to circumvent CVE-2020-13956 CVE-2020-13956
MLIST:[creadur-commits] 20210608 [jira] [Resolved] (TENTACLES-13) Upgrade httpclient to circumvent CVE-2020-13956 CVE-2020-13956
MLIST:[creadur-commits] 20210608 [jira] [Work started] (TENTACLES-13) Upgrade httpclient to circumvent CVE-2020-13956 CVE-2020-13956
MLIST:[creadur-commits] 20210621 [creadur-rat] 02/13: RAT-277: Update junit to fix CVE-2020-15250 CVE-2020-15250
MLIST:[creadur-dev] 20190530 [Discuss] RAT-244 - update to language level 1.7 due to CVE issues in RAT CVE-2018-11771 CVE-2018-1324
MLIST:[creadur-dev] 20200518 [jira] [Assigned] (RAT-269) Fix CVE-2020-1945: Apache Ant insecure temporary file vulnerability by updating to latest ANT CVE-2020-1945
MLIST:[creadur-dev] 20200518 [jira] [Closed] (RAT-269) Fix CVE-2020-1945: Apache Ant insecure temporary file vulnerability by updating to latest ANT CVE-2020-1945
MLIST:[creadur-dev] 20200518 [jira] [Commented] (RAT-269) Fix CVE-2020-1945: Apache Ant insecure temporary file vulnerability by updating to latest ANT CVE-2020-1945
MLIST:[creadur-dev] 20200518 [jira] [Created] (RAT-269) Fix CVE-2020-1945: Apache Ant insecure temporary file vulnerability by updating to latest ANT CVE-2020-1945
MLIST:[creadur-dev] 20200703 [jira] [Commented] (RAT-269) Fix CVE-2020-1945: Apache Ant insecure temporary file vulnerability by updating to latest ANT CVE-2020-1945
MLIST:[creadur-dev] 20200930 [jira] [Created] (RAT-274) Update to latest Ant in order to fix CVE-2020-11979 CVE-2020-1945
MLIST:[creadur-dev] 20200930 [jira] [Updated] (RAT-274) Update to at least Ant 1.10.8/1.9.15 in order to fix CVE-2020-11979 CVE-2020-1945
MLIST:[creadur-dev] 20201006 [jira] [Assigned] (RAT-274) Update to at least Ant 1.10.8/1.9.15 in order to fix CVE-2020-11979 CVE-2020-11979 CVE-2020-1945
MLIST:[creadur-dev] 20201006 [jira] [Commented] (RAT-274) Update to at least Ant 1.10.8/1.9.15 in order to fix CVE-2020-11979 CVE-2020-11979 CVE-2020-1945
MLIST:[creadur-dev] 20201006 [jira] [Resolved] (RAT-274) Update to at least Ant 1.10.8/1.9.15 in order to fix CVE-2020-11979 / raise compiler level to JDK8 CVE-2020-11979 CVE-2020-1945
MLIST:[creadur-dev] 20201006 [jira] [Updated] (RAT-274) Update to at least Ant 1.10.8/1.9.15 in order to fix CVE-2020-11979 CVE-2020-11979 CVE-2020-1945
MLIST:[creadur-dev] 20201006 [jira] [Updated] (RAT-274) Update to at least Ant 1.10.8/1.9.15 in order to fix CVE-2020-11979 / raise compiler level to JDK8 CVE-2020-11979 CVE-2020-1945
MLIST:[creadur-dev] 20201013 [jira] [Created] (RAT-277) Update junit in all Creadur projects in order to fix CVE-2020-15250 (Low severity) CVE-2020-15250
MLIST:[creadur-dev] 20201014 [jira] [Assigned] (RAT-277) Update junit in all Creadur projects in order to fix CVE-2020-15250 (Low severity) CVE-2020-15250
MLIST:[creadur-dev] 20201014 [jira] [Closed] (RAT-277) Update junit in all Creadur projects in order to fix CVE-2020-15250 (Low severity) CVE-2020-15250
MLIST:[creadur-dev] 20201014 [jira] [Commented] (RAT-277) Update junit in all Creadur projects in order to fix CVE-2020-15250 (Low severity) CVE-2020-15250
MLIST:[creadur-dev] 20201014 [jira] [Updated] (RAT-277) Update junit in all Creadur projects in order to fix CVE-2020-15250 (Low severity) CVE-2020-15250
MLIST:[creadur-dev] 20210419 [jira] [Commented] (RAT-274) Update to at least Ant 1.10.8/1.9.15 in order to fix CVE-2020-11979 / raise compiler level to JDK8 CVE-2020-11979 CVE-2020-1945
MLIST:[creadur-dev] 20210427 [jira] [Closed] (RAT-281) Update commons-io to fix CVE-2021-29425 Moderate severity CVE-2021-29425
MLIST:[creadur-dev] 20210427 [jira] [Commented] (RAT-281) Update commons-io to fix CVE-2021-29425 Moderate severity CVE-2021-29425
MLIST:[creadur-dev] 20210427 [jira] [Created] (RAT-281) Update commons-io to fix CVE-2021-29425 Moderate severity CVE-2021-29425
MLIST:[creadur-dev] 20210427 [jira] [Updated] (RAT-281) Update commons-io to fix CVE-2021-29425 Moderate severity CVE-2021-29425
MLIST:[creadur-dev] 20210518 [jira] [Assigned] (WHISKER-19) Update commons-io to fix CVE-2021-29425 CVE-2021-29425
MLIST:[creadur-dev] 20210518 [jira] [Commented] (WHISKER-19) Update commons-io to fix CVE-2021-29425 CVE-2021-29425
MLIST:[creadur-dev] 20210518 [jira] [Created] (WHISKER-19) Update commons-io to fix CVE-2021-29425 CVE-2021-29425
MLIST:[creadur-dev] 20210518 [jira] [Updated] (WHISKER-19) Update commons-io to fix CVE-2021-29425 CVE-2021-29425
MLIST:[creadur-dev] 20210621 [jira] [Commented] (RAT-274) Update to at least Ant 1.10.8/1.9.15 in order to fix CVE-2020-11979 / raise compiler level to JDK8 CVE-2020-11979 CVE-2020-1945
MLIST:[creadur-dev] 20210621 [jira] [Commented] (RAT-281) Update commons-io to fix CVE-2021-29425 Moderate severity CVE-2021-29425
MLIST:[creadur-dev] 20210621 [jira] [Updated] (RAT-275) Update httpclient to fix CVE-2020-13956 once a new doxia-core release is available CVE-2020-13956
MLIST:[crosswalk-help] 20160728 Crosswalk Security Advisory CVE-2016-5672
MLIST:[cscope-cvs] 20090410 CVS: cscope/src snprintf.c, NONE, 1.1 build.c, 1.14, 1.15 command.c, 1.32, 1.33 dir.c, 1.30, 1.31 display.c, 1.29, 1.30 edit.c, 1.6, 1.7 exec.c, 1.11, 1.12 find.c, 1.20, 1.21 global.h, 1.36, 1.37 main.c, 1.45, 1.46 Makefile.am, 1.12, 1.13 Makefile.in, 1.15, 1.16 vpaccess.c, 1.2, 1.3 vpfopen.c, 1.3, 1.4 vpopen.c, 1.4, 1.5 CVE-2009-0148
MLIST:[curl-users] 20030529 Re: https, redirection and authentication using POST CVE-2003-1311 CVE-2003-1312
MLIST:[current-users] 20061110 [Security Fix] ptrace insufficient bounds checking CVE-2006-6014
MLIST:[cvs-all] 20081102 cvs commit: ports/emulators/qemu Makefile ports/emulators/qemu/files patch-CVE-2008-4539 ports/emulators/qemu-devel Makefile ports/emulators/qemu-devel/files patch-CVE-2008-4539 CVE-2008-4539
MLIST:[cvs] 20090320 CVS update [SJSAS91_FCS_BRANCH]: /glassfish/admin-gui/src/docroot/ CVE-2009-1553
MLIST:[cvs] 20090320 CVS update [SJSAS91_FCS_BRANCH]: /glassfish/admin-gui/src/java/com/sun/enterprise/tools/admingui/handlers/CommonHandlers.java CVE-2009-1553
MLIST:[cvs] 20090321 CVS update: /woodstock/webui/src/runtime/com/sun/webui/theme/ThemeServlet.java CVE-2009-1554
MLIST:[cvs] 20090322 CVS update [SJSAS91_FCS_BRANCH]: /glassfish/admin-gui/src/docroot/configuration/ CVE-2009-1553
MLIST:[cxf-commits] 20200116 svn commit: r1055336 - in /websites/production/cxf/content: cache/main.pageCache security-advisories.data/CVE-2019-12423.txt.asc security-advisories.data/CVE-2019-17573.txt.asc security-advisories.html CVE-2013-2160 CVE-2014-0034 CVE-2014-0035 CVE-2014-0109 CVE-2014-0110 CVE-2014-3577 CVE-2014-3584 CVE-2014-3623 CVE-2015-5175 CVE-2015-5253 CVE-2016-4464 CVE-2016-6812 CVE-2016-8739 CVE-2017-12624 CVE-2017-12631 CVE-2017-3156 CVE-2017-5653 CVE-2017-5656 CVE-2017-7661 CVE-2017-7662 CVE-2018-8038 CVE-2018-8039 CVE-2019-12406 CVE-2019-12419
MLIST:[cxf-commits] 20200319 svn commit: r1058035 - in /websites/production/cxf/content: cache/main.pageCache security-advisories.data/CVE-2019-17573.txt.asc security-advisories.html CVE-2013-2160 CVE-2014-0034 CVE-2014-0035 CVE-2014-0109 CVE-2014-0110 CVE-2014-3577 CVE-2014-3584 CVE-2014-3623 CVE-2015-5175 CVE-2015-5253 CVE-2016-4464 CVE-2016-6812 CVE-2016-8739 CVE-2017-12624 CVE-2017-12631 CVE-2017-3156 CVE-2017-5653 CVE-2017-5656 CVE-2017-7661 CVE-2017-7662 CVE-2018-8038 CVE-2018-8039 CVE-2019-12406 CVE-2019-12419 CVE-2019-12423 CVE-2019-17573
MLIST:[cxf-commits] 20200401 svn commit: r1058573 - in /websites/production/cxf/content: cache/main.pageCache index.html security-advisories.data/CVE-2020-1954.txt.asc security-advisories.html CVE-2013-2160 CVE-2014-0034 CVE-2014-0035 CVE-2014-0109 CVE-2014-0110 CVE-2014-3577 CVE-2014-3584 CVE-2014-3623 CVE-2015-5175 CVE-2015-5253 CVE-2016-4464 CVE-2016-6812 CVE-2016-8739 CVE-2017-12624 CVE-2017-12631 CVE-2017-3156 CVE-2017-5653 CVE-2017-5656 CVE-2017-7661 CVE-2017-7662 CVE-2018-8038 CVE-2018-8039 CVE-2019-12406 CVE-2019-12419 CVE-2019-12423 CVE-2019-17573
MLIST:[cxf-commits] 20201112 svn commit: r1067927 - in /websites/production/cxf/content: cache/main.pageCache security-advisories.data/CVE-2020-13954.txt.asc security-advisories.html CVE-2013-2160 CVE-2014-0034 CVE-2014-0035 CVE-2014-0109 CVE-2014-0110 CVE-2014-3577 CVE-2014-3584 CVE-2014-3623 CVE-2015-5175 CVE-2015-5253 CVE-2016-4464 CVE-2016-6812 CVE-2016-8739 CVE-2017-12624 CVE-2017-12631 CVE-2017-3156 CVE-2017-5653 CVE-2017-5656 CVE-2017-7661 CVE-2017-7662 CVE-2018-8038 CVE-2018-8039 CVE-2019-12406 CVE-2019-12419 CVE-2019-12423 CVE-2019-17573 CVE-2020-13954 CVE-2020-1954
MLIST:[cxf-commits] 20210402 svn commit: r1073270 - in /websites/production/cxf/content: cache/main.pageCache security-advisories.data/CVE-2021-22696.txt.asc security-advisories.html CVE-2013-2160 CVE-2014-0034 CVE-2014-0035 CVE-2014-0109 CVE-2014-0110 CVE-2014-3577 CVE-2014-3584 CVE-2014-3623 CVE-2015-5175 CVE-2015-5253 CVE-2016-4464 CVE-2016-6812 CVE-2016-8739 CVE-2017-12624 CVE-2017-12631 CVE-2017-3156 CVE-2017-5653 CVE-2017-5656 CVE-2017-7661 CVE-2017-7662 CVE-2018-8038 CVE-2018-8039 CVE-2019-12406 CVE-2019-12419 CVE-2019-12423 CVE-2019-17573 CVE-2020-13954 CVE-2020-1954 CVE-2021-22696
MLIST:[cxf-commits] 20210616 svn commit: r1075801 - in /websites/production/cxf/content: cache/main.pageCache index.html security-advisories.data/CVE-2021-30468.txt.asc security-advisories.html CVE-2013-2160 CVE-2014-0034 CVE-2014-0035 CVE-2014-0109 CVE-2014-0110 CVE-2014-3577 CVE-2014-3584 CVE-2014-3623 CVE-2015-5175 CVE-2015-5253 CVE-2016-4464 CVE-2016-6812 CVE-2016-8739 CVE-2017-12624 CVE-2017-12631 CVE-2017-3156 CVE-2017-5653 CVE-2017-5656 CVE-2017-7661 CVE-2017-7662 CVE-2018-0008 CVE-2018-8038 CVE-2018-8039 CVE-2019-12406 CVE-2019-12419 CVE-2019-12423 CVE-2019-17573 CVE-2020-13954 CVE-2020-1954 CVE-2021-22696
MLIST:[cxf-dev] 20150826 New security vulnerability for Apache CXF Fediz - CVE-2015-5175 CVE-2015-5175
MLIST:[cxf-dev] 20180704 Apache CXF Fediz 1.4.4 is released CVE-2018-8038
MLIST:[cxf-dev] 20200206 [GitHub] [cxf] davidkarlsen opened a new pull request #638: upgrade guava, CVE-2018-10237 CVE-2018-10237
MLIST:[cxf-dev] 20200206 [GitHub] [cxf] reta commented on a change in pull request #638: upgrade guava, CVE-2018-10237 CVE-2018-10237
MLIST:[cxf-dev] 20200211 [GitHub] [cxf] coheigea commented on a change in pull request #638: upgrade guava, CVE-2018-10237 CVE-2018-10237
MLIST:[cxf-dev] 20200420 [GitHub] [cxf] andrei-ivanov commented on a change in pull request #638: upgrade guava, CVE-2018-10237 CVE-2018-10237
MLIST:[cxf-dev] 20200420 [GitHub] [cxf] coheigea commented on a change in pull request #638: upgrade guava, CVE-2018-10237 CVE-2018-10237
MLIST:[cxf-dev] 20200420 [GitHub] [cxf] reta commented on a change in pull request #638: upgrade guava, CVE-2018-10237 CVE-2018-10237
MLIST:[cxf-dev] 20201030 CVE-2019-12419 CVE-2019-12419
MLIST:[cxf-dev] 20201102 Re: CVE-2019-12419 CVE-2019-12419
MLIST:[cxf-dev] 20201103 Re: CVE-2019-12419 CVE-2019-12419
MLIST:[cxf-dev] 20201112 CVE-2020-13954: Apache CXF Reflected XSS in the services listing page via the styleSheetPath CVE-2019-17573 CVE-2020-13954
MLIST:[cxf-dev] 20210129 Undertow CVE CVE-2020-10687
MLIST:[cxf-dev] 20210402 CVE-2021-22696: OAuth 2 authorization service vulnerable to DDos attacks CVE-2021-22696
MLIST:[cxf-dev] 20210616 CVE-2021-30468: Apache CXF Denial of service vulnerability in parsing JSON via JsonMapObjectReaderWriter CVE-2021-30468
MLIST:[cxf-issues] 20200618 [jira] [Created] (FEDIZ-249) Relying party rejects a valid security token and redirects back to ADFS when using Fediz 1.4.6 with Tomcat 8.5.56 CVE-2019-17563
MLIST:[cxf-issues] 20200820 [jira] [Commented] (CXF-8328) CVE-2019-12406 not fixed in 3.1 branch CVE-2019-12406
MLIST:[cxf-issues] 20200820 [jira] [Created] (CXF-8328) CVE-2019-12406 not fixed in 3.1 branch CVE-2019-12406
MLIST:[cxf-issues] 20200821 [jira] [Comment Edited] (CXF-8328) CVE-2019-12406 not fixed in 3.1 branch CVE-2019-12406
MLIST:[cxf-issues] 20200821 [jira] [Commented] (CXF-8328) CVE-2019-12406 not fixed in 3.1 branch CVE-2019-12406
MLIST:[cxf-issues] 20211027 [jira] [Created] (CXF-8613) High Security issues reported with Apache Santuario library bundled in CXF 3.4.4 CVE-2021-40690
MLIST:[cxf-user] 20171130 Apache CXF Fediz 1.4.3 and 1.3.3 released with a new security advisory CVE-2017-12631 CVE-2017-12631
MLIST:[cxf-user] 20180628 Apache CXF 3.2.6 and 3.1.16 are released CVE-2018-8039
MLIST:[cxf-users] 20201112 CVE-2020-13954: Apache CXF Reflected XSS in the services listing page via the styleSheetPath CVE-2019-17573 CVE-2020-13954
MLIST:[cxf-users] 20201125 RE: CVE-2020-13954: Apache CXF Reflected XSS in the services listing page via the styleSheetPath CVE-2019-17573 CVE-2020-13954
MLIST:[cxf-users] 20210402 CVE-2021-22696: OAuth 2 authorization service vulnerable to DDos attacks CVE-2021-22696
MLIST:[cxf-users] 20210616 CVE-2021-30468: Apache CXF Denial of service vulnerability in parsing JSON via JsonMapObjectReaderWriter CVE-2021-30468
MLIST:[cygwin-announce] 20080805 Updated: Setup.exe updated to version 2.573.2.3 CVE-2008-3323
MLIST:[cygwin-announce] 20160218 TEST RELEASE: Cygwin 2.5.0-0.4 CVE-2016-3067
MLIST:[cygwin-announce] 20160411 Cygwin 2.5.0-1 CVE-2016-3067
MLIST:[cygwin-announce] 20160419 CVE-2016-3067: network privilege escalation in Cygwin set(e)ui CVE-2016-3067
MLIST:[cygwin-developers] 20071108 Re: cygwin1.dll up to 1.5.22 overflow CVE-2007-6181
MLIST:[cygwin-developers] 20071120 Re: cygwin1.dll up to 1.5.22 overflow CVE-2007-6181
MLIST:[cygwin] 20160208 Possible Security Hole in SSHD w/ CYGWIN? CVE-2016-3067
MLIST:[cyrus-announce] 20041122 Cyrus IMAPd 2.2.9 Released CVE-2004-1011 CVE-2004-1012 CVE-2004-1013
MLIST:[cyrus-announce] 20041123 Cyrus IMAPd 2.2.10 Released CVE-2004-1015
MLIST:[cyrus-announce] 20110908 Cyrus 2.3.17 Released CVE-2011-3208
MLIST:[cyrus-announce] 20110908 Cyrus 2.4.11 Released CVE-2011-3208
MLIST:[dailydave] 20070110 Algorithmic Bugs CVE-2006-6931
MLIST:[dailydave] 20070130 Vista speach recognition CVE-2007-0675
MLIST:[dailydave] 20070131 Vista speach recognition CVE-2007-0675
MLIST:[dailydave] 20070216 Minor Virtualization Vulnerability CVE-2007-1222
MLIST:[dailydave] 20070227 Wow, free kernel zero day? CVE-2007-1189
MLIST:[dailydave] 20070406 AOL Nullsoft Winamp IT Module "IN_MOD.DLL" Remote Heap Memory Corruption CVE-2007-1922
MLIST:[dailydave] 20070406 AOL Nullsoft Winamp LIBSNDFILE.DLL Remote Memory Corruption (Off By Zero) CVE-2007-1921
MLIST:[dailydave] 20070406 AOL Nullsoft Winamp S3M Module "IN_MOD.DLL" Remote Heap Memory Corruption CVE-2007-1922
MLIST:[dailydave] 20070706 (no subject) CVE-2007-3634 CVE-2007-3637
MLIST:[dailydave] 20070708 SquirrelMail GPG Plugin vuln CVE-2007-3634 CVE-2007-3778
MLIST:[dailydave] 20070709 SquirrelMail GPG Plugin vuln CVE-2007-3634 CVE-2007-3636 CVE-2007-3778
MLIST:[dailydave] 20080811 A new datapoint for 0day lifetime CVE-2008-4434
MLIST:[dailydave] 20081002 TCP Resource Exhaustion DoS Attack Speculation CVE-2008-4609
MLIST:[dailydave] 20081107 All Ur WiFi(WPA) R Belong 2 PacSec CVE-2008-5230
MLIST:[dailydave] 20090219 SSL MITM fun. CVE-2009-0652
MLIST:[dailydave] 20090220 SSL MITM fun. CVE-2009-0652
MLIST:[dailydave] 20100106 0day demos CVE-2009-4484
MLIST:[dailydave] 20100119 We hold these axioms to be self evident CVE-2010-0232
MLIST:[dailydave] 20100120 Sun Web Server digest auth overflow CVE-2010-0387
MLIST:[dailydave] 20100126 New db bugs CVE-2009-4484
MLIST:[dailydave] 20100304 Perforce CVE-2010-0929 CVE-2010-0930 CVE-2010-0931 CVE-2010-0932 CVE-2010-0933 CVE-2010-0934 CVE-2010-0935
MLIST:[dailydave] 20100401 0day, it may not be CVE-2009-4764 CVE-2010-1240 CVE-2010-1241
MLIST:[dailydave] 20100402 0day, it may not be CVE-2009-0836
MLIST:[dailydave] 20110404 SLAAC Attack - 0day Windows Network Interception Configuration Vulnerability CVE-2011-1652
MLIST:[dailydave] 20110415 Another Microsoft (and other) IPv6 security issue: sniffer detection CVE-2010-4562 CVE-2010-4563
MLIST:[dailydave] 20111130 The Vampire Diaries CVE-2011-4161
MLIST:[dailydave] 20111206 Flash 0day CVE-2011-4693 CVE-2011-4694 CVE-2011-4695
MLIST:[dailydave] 20120106 Apache Struts CVE-2012-0392
MLIST:[dailydave] 20160915 Deep down the certificate pinning rabbit hole of "Tor Browser Exposed" CVE-2016-5284
MLIST:[datatype-cvs] 20080722 image/gif/common gifcodec.cpp, 1.6, 1.7 gifimage.cpp, 1.5, 1.6 CVE-2009-4245
MLIST:[datatype-cvs] 20080909 image/gif/common gifcodec.cpp,1.7,1.8 CVE-2009-4242
MLIST:[datatype-cvs] 20080916 smil/common smlpkt.cpp,1.11,1.12 CVE-2009-4257
MLIST:[db-torque-dev] 20200715 Build failed in Jenkins: Torque4-trunk #685 CVE-2020-9488
MLIST:[db-torque-dev] 20200715 svn commit: r1879896 - in /db/torque/torque4/trunk: ./ torque-ant-tasks/ torque-ant-tasks/src/test/java/org/apache/torque/ant/task/ torque-generator/src/main/java/org/apache/torque/generator/control/ torque-generator/src/main/java/org/apache/torque/gen... CVE-2020-1945
MLIST:[db-torque-dev] 20210127 Re: Items for our (delayed) quarterly report to the board? CVE-2020-9488
MLIST:[db-torque-dev] 20210128 Antwort: Re: Items for our (delayed) quarterly report to the board? CVE-2020-9488
MLIST:[dbus] 20070317 D-Bus daemon endianness issue CVE-2011-2200
MLIST:[dbus] 20080227 [ANNOUNCE] CVE-2008-0595 D-Bus Security Releases - D-Bus 1.0.3 and D-Bus 1.1.20 CVE-2008-0595
MLIST:[dbus] 20110530 D-Bus daemon big and little endian issue CVE-2011-2200
MLIST:[dbus] 20130613 CVE-2013-2168: dbus: DoS in system services caused by _dbus_printf_string_upper_bound CVE-2013-2168
MLIST:[dccp] 20070328 [PATCH 1/1] getsockopt: Fix DCCP_SOCKOPT_[SEND,RECV]_CSCOV CVE-2007-1730
MLIST:[debian-apache] 20050119 Bug#290974: marked as done (apache: Temporary usage bugs that can be used in symlink attacks) CVE-2004-1387
MLIST:[debian-bugs-dist] 20190817 Bug#934973: libstb: CVE-2019-15058 CVE-2019-15058
MLIST:[debian-bugs-rc] 20080805 Bug#484305: bicyclerepair: bike.vim imports untrusted python files from cwd CVE-2008-5983 CVE-2009-0316
MLIST:[debian-bugs-rc] 20090430 Bug#526258: CVE-2009-1339: CSRF Vulnerability with Image Tag CVE-2009-1339
MLIST:[debian-bugs] 20081112 Bug#493937: [Patch] Prevent loading of Python modules in working directory CVE-2008-5983
MLIST:[debian-changes] 20100128 Accepted lintian 1.24.2.1+lenny1 (source all) CVE-2009-4013 CVE-2009-4014 CVE-2009-4015
MLIST:[debian-devel-changes] 20030909 Accepted kdbg 1.2.9-1 (i386 source) CVE-2003-0644
MLIST:[debian-devel-changes] 20081101 Accepted qemu 0.9.1+svn20081101-1 (source amd64) CVE-2008-4539
MLIST:[debian-devel-changes] 20100105 Accepted transmission 1.77-1 (source all amd64) CVE-2010-0012
MLIST:[debian-devel-changes] 20131025 Accepted ikiwiki-hosting 0.20131025 (source all amd64) CVE-2013-6047
MLIST:[debian-devel] 20080811 Possible mass bug filing: The possibility of attack with the help of symlinks in some Debian packages CVE-2008-4474 CVE-2008-4475
MLIST:[debian-devel] 20080811 Re: Possible mass bug filing: The possibility of attack with the help of symlinks in some Debian packages CVE-2008-5135 CVE-2008-5136 CVE-2008-5137 CVE-2008-5138 CVE-2008-5139 CVE-2008-5140 CVE-2008-5141 CVE-2008-5142 CVE-2008-5143 CVE-2008-5144 CVE-2008-5145 CVE-2008-5366 CVE-2008-5367 CVE-2008-5368 CVE-2008-5369 CVE-2008-5370 CVE-2008-5371 CVE-2008-5372 CVE-2008-5378 CVE-2008-5379 CVE-2008-5380 CVE-2008-6398
MLIST:[debian-devel] 20080812 Re: Possible mass bug filing: The possibility of attack with the help of symlinks in some Debian packages CVE-2008-4476 CVE-2008-4477 CVE-2008-6397
MLIST:[debian-devel] 20080813 Re: Possible mass bug filing: The possibility of attack with the help of symlinks in some Debian packages CVE-2008-5146 CVE-2008-5147 CVE-2008-5148 CVE-2008-5149 CVE-2008-5150 CVE-2008-5151 CVE-2008-5152 CVE-2008-5153 CVE-2008-5154 CVE-2008-5155 CVE-2008-5156 CVE-2008-5157 CVE-2008-5373 CVE-2008-5374 CVE-2008-5375 CVE-2008-5376 CVE-2008-5377
MLIST:[debian-kernel] 20050809 Re: ACL patches in Debian 2.4 series kernel. CVE-2005-2801
MLIST:[debian-lts-announce] 20161122 [SECURITY] [DLA 718-1] vim security update CVE-2016-1248
MLIST:[debian-lts-announce] 20161216 [SECURITY] [DLA 745-1] most security update CVE-2016-1253
MLIST:[debian-lts-announce] 20170101 [SECURITY] [DLA-774-1] postgresql-common security update CVE-2016-1255
MLIST:[debian-lts-announce] 20171101 [SECURITY] [DLA 1153-1] icedove/thunderbird security update CVE-2017-7793 CVE-2017-7805 CVE-2017-7810 CVE-2017-7814 CVE-2017-7818 CVE-2017-7819 CVE-2017-7823 CVE-2017-7824 CVE-2017-7825
MLIST:[debian-lts-announce] 20171102 [SECURITY] [DLA 1158-1] bchunk security update CVE-2017-15953 CVE-2017-15954 CVE-2017-15955
MLIST:[debian-lts-announce] 20171103 [SECURITY] [DLA 1159-1] graphicsmagick security update CVE-2017-16352 CVE-2017-16353
MLIST:[debian-lts-announce] 20171104 [SECURITY] [DLA 1160-1] wordpress security update CVE-2017-16510
MLIST:[debian-lts-announce] 20171105 [SECURITY] [DLA 1161-1] redis security update CVE-2016-1051
MLIST:[debian-lts-announce] 20171106 [SECURITY] [DLA 1162-1] apr security update CVE-2017-12613
MLIST:[debian-lts-announce] 20171106 [SECURITY] [DLA 1163-1] apr-util security update CVE-2017-12618
MLIST:[debian-lts-announce] 20171107 [SECURITY] [DLA 1164-1] mupdf security update CVE-2017-14687 CVE-2017-15587
MLIST:[debian-lts-announce] 20171107 [SECURITY] [DLA 1166-1] tomcat7 security update CVE-2017-12617
MLIST:[debian-lts-announce] 20171108 [SECURITY] [DLA 1167-1] ruby-yajl security update CVE-2017-16516
MLIST:[debian-lts-announce] 20171109 [SECURITY] [DLA-1157-1] openssl security update CVE-2017-3735
MLIST:[debian-lts-announce] 20171110 [SECURITY] [DLA 1168-1] graphicsmagick security update CVE-2017-16669
MLIST:[debian-lts-announce] 20171114 [SECURITY] [DLA 1170-1] graphicsmagick security update CVE-2017-13134 CVE-2017-16547
MLIST:[debian-lts-announce] 20171114 [SECURITY] [DLA 1171-1] libxml-libxml-perl security update CVE-2017-10672
MLIST:[debian-lts-announce] 20171115 [SECURITY] [DLA 1172-1] firefox-esr security update CVE-2017-7826 CVE-2017-7828 CVE-2017-7830
MLIST:[debian-lts-announce] 20171118 [SECURITY] [DLA 1173-1] procmail security update CVE-2017-16844
MLIST:[debian-lts-announce] 20171118 [SECURITY] [DLA 1174-1] konversation security update CVE-2017-15923
MLIST:[debian-lts-announce] 20171118 [SECURITY] [DLA 1175-1] lynx-cur security update CVE-2017-1000211
MLIST:[debian-lts-announce] 20171118 [SECURITY] [DLA 1176-1] ming security update CVE-2017-11733 CVE-2017-9988 CVE-2017-9989
MLIST:[debian-lts-announce] 20171118 [SECURITY] [DLA 1177-1] poppler security update CVE-2017-14975 CVE-2017-14976 CVE-2017-14977 CVE-2017-15565
MLIST:[debian-lts-announce] 20171118 [SECURITY] [DLA 1178-1] opensaml2 security update CVE-2017-16853
MLIST:[debian-lts-announce] 20171118 [SECURITY] [DLA 1179-1] shibboleth-sp2 security update CVE-2017-16852
MLIST:[debian-lts-announce] 20171119 [SECURITY] [DLA 1180-1] libspring-ldap-java security update CVE-2017-8028
MLIST:[debian-lts-announce] 20171120 [SECURITY] [DLA 1181-1] xen security update CVE-2017-15588 CVE-2017-15589 CVE-2017-15592 CVE-2017-15593 CVE-2017-15595
MLIST:[debian-lts-announce] 20171121 [SECURITY] [DLA 1182-1] ldns security update CVE-2017-1000231
MLIST:[debian-lts-announce] 20171121 [SECURITY] [DLA 1183-1] samba security update CVE-2017-15275
MLIST:[debian-lts-announce] 20171121 [SECURITY] [DLA 1184-1] optipng security update CVE-2017-1000229
MLIST:[debian-lts-announce] 20171122 [SECURITY] [DLA 1185-1] sam2p security update CVE-2017-16663
MLIST:[debian-lts-announce] 20171122 [SECURITY] [DLA 1186-1] xorg-server security update CVE-2017-12176 CVE-2017-12177 CVE-2017-12178 CVE-2017-12180 CVE-2017-12182 CVE-2017-12183 CVE-2017-12184 CVE-2017-12185 CVE-2017-12187 CVE-2017-13723
MLIST:[debian-lts-announce] 20171123 [SECURITY] [DLA 1187-1] openjdk-7 security update CVE-2017-10274 CVE-2017-10281 CVE-2017-10285 CVE-2017-10295 CVE-2017-10345 CVE-2017-10346 CVE-2017-10347 CVE-2017-10348 CVE-2017-10349 CVE-2017-10350 CVE-2017-10355 CVE-2017-10356 CVE-2017-10357 CVE-2017-10388
MLIST:[debian-lts-announce] 20171123 [SECURITY] [DLA 1188-1] libxml2 security update CVE-2017-5130
MLIST:[debian-lts-announce] 20171124 [SECURITY] [DLA 1189-1] python2.7 security update CVE-2017-1000158
MLIST:[debian-lts-announce] 20171124 [SECURITY] [DLA 1190-1] python2.6 security update CVE-2017-1000158
MLIST:[debian-lts-announce] 20171124 [SECURITY] [DLA 1191-1] python-werkzeug security update CVE-2016-10516
MLIST:[debian-lts-announce] 20171126 [SECURITY] [DLA 1192-1] libofx security update CVE-2017-14731 CVE-2017-2816
MLIST:[debian-lts-announce] 20171128 [SECURITY] [DLA 1193-1] roundcube security update CVE-2017-16651
MLIST:[debian-lts-announce] 20171130 [SECURITY] [DLA 1194-1] libxml2 security update CVE-2017-16931 CVE-2017-16932
MLIST:[debian-lts-announce] 20171130 [SECURITY] [DLA 1195-1] curl security update CVE-2017-8817
MLIST:[debian-lts-announce] 20171130 [SECURITY] [DLA 1196-1] optipng security update CVE-2017-16938
MLIST:[debian-lts-announce] 20171130 [SECURITY] [DLA 1197-1] sox security update CVE-2017-11332 CVE-2017-11358 CVE-2017-11359 CVE-2017-15370 CVE-2017-15371 CVE-2017-15372 CVE-2017-15642
MLIST:[debian-lts-announce] 20171204 [SECURITY] [DLA 1198-1] libextractor security update CVE-2017-15266 CVE-2017-15267 CVE-2017-15600 CVE-2017-15601 CVE-2017-15602 CVE-2017-15922
MLIST:[debian-lts-announce] 20171209 [SECURITY] [DLA 1199-1] thunderbird security update CVE-2017-7826 CVE-2017-7828 CVE-2017-7830
MLIST:[debian-lts-announce] 20171210 [SECURITY] [DLA 1200-1] linux security update CVE-2016-10208 CVE-2017-1000407 CVE-2017-13080 CVE-2017-14051 CVE-2017-15265 CVE-2017-15299 CVE-2017-15649 CVE-2017-15868 CVE-2017-16525 CVE-2017-16527 CVE-2017-16529 CVE-2017-16531 CVE-2017-16532 CVE-2017-16533 CVE-2017-16535 CVE-2017-16536 CVE-2017-16537 CVE-2017-16643 CVE-2017-16649 CVE-2017-16939 CVE-2017-8824 CVE-2017-8831
MLIST:[debian-lts-announce] 20171210 [SECURITY] [DLA 1201-1] libxcursor security update CVE-2017-16612
MLIST:[debian-lts-announce] 20171210 [SECURITY] [DLA 1202-1] firefox-esr security update CVE-2017-7843
MLIST:[debian-lts-announce] 20171211 [SECURITY] [DLA 1203-1] xrdp security update CVE-2017-16927
MLIST:[debian-lts-announce] 20171211 [SECURITY] [DLA 1204-1] evince security update CVE-2017-1000159
MLIST:[debian-lts-announce] 20171212 [SECURITY] [DLA 1205-1] simplesamlphp security update CVE-2017-12867 CVE-2017-12868 CVE-2017-12869 CVE-2017-12872 CVE-2017-12873 CVE-2017-12874
MLIST:[debian-lts-announce] 20171213 [SECURITY] [DLA 1206-1] tiff security update CVE-2017-9935
MLIST:[debian-lts-announce] 20171215 [SECURITY] [DLA 1207-1] erlang security update CVE-2017-1000385
MLIST:[debian-lts-announce] 20171215 [SECURITY] [DLA 1209-1] sensible-utils security update CVE-2017-17512
MLIST:[debian-lts-announce] 20171216 [SECURITY] [DLA 1210-1] kildclient security update CVE-2017-17511
MLIST:[debian-lts-announce] 20171218 [SECURITY] [DLA 1211-1] libxml2 security update CVE-2017-15412
MLIST:[debian-lts-announce] 20171219 [SECURITY] [DLA 1212-1] otrs2 security update CVE-2017-15864 CVE-2017-16664 CVE-2017-16854 CVE-2017-16921
MLIST:[debian-lts-announce] 20171220 [SECURITY] [DLA 1213-1] openafs security update CVE-2017-17432
MLIST:[debian-lts-announce] 20171220 [SECURITY] [DLA 1214-1] libreoffice security update CVE-2017-12607 CVE-2017-12608
MLIST:[debian-lts-announce] 20171220 [SECURITY] [DLA 1215-1] otrs2 security update CVE-2017-17476
MLIST:[debian-lts-announce] 20171221 [SECURITY] [DLA 1216-1] wordpress security update CVE-2017-17091 CVE-2017-17092 CVE-2017-17093 CVE-2017-17094
MLIST:[debian-lts-announce] 20171222 [SECURITY] [DLA 1218-1] rsync security update CVE-2017-16548 CVE-2017-17433 CVE-2017-17434
MLIST:[debian-lts-announce] 20171223 [SECURITY] [DLA 1217-1] irssi security update CVE-2017-15227 CVE-2017-15228 CVE-2017-15721 CVE-2017-15722 CVE-2017-5193 CVE-2017-5194 CVE-2017-5356
MLIST:[debian-lts-announce] 20171223 [SECURITY] [DLA 1219-1] enigmail security update CVE-2017-17843 CVE-2017-17844 CVE-2017-17845 CVE-2017-17846 CVE-2017-17847 CVE-2017-17848
MLIST:[debian-lts-announce] 20171223 [SECURITY] [DLA 1220-1] gimp security update CVE-2017-17784 CVE-2017-17785 CVE-2017-17786 CVE-2017-17787 CVE-2017-17788 CVE-2017-17789
MLIST:[debian-lts-announce] 20171225 [SECURITY] [DLA 1221-1] ruby1.9.1 security update CVE-2017-17405 CVE-2017-17790
MLIST:[debian-lts-announce] 20171225 [SECURITY] [DLA 1222-1] ruby1.8 security update CVE-2017-17405 CVE-2017-17790
MLIST:[debian-lts-announce] 20171227 [SECURITY] [DLA 1223-1] thunderbird security update CVE-2017-7829 CVE-2017-7846 CVE-2017-7847 CVE-2017-7848
MLIST:[debian-lts-announce] 20171228 [SECURITY] [DLA 1224-1] mercurial security update CVE-2017-17458
MLIST:[debian-lts-announce] 20171230 [SECURITY] [DLA 1225-1] asterisk security update CVE-2017-17090
MLIST:[debian-lts-announce] 20171231 [SECURITY] [DLA 1226-1] wireshark security update CVE-2017-11408 CVE-2017-17083 CVE-2017-17084 CVE-2017-17085
MLIST:[debian-lts-announce] 20180101 [SECURITY] [DLA 1227-1] imagemagick security update CVE-2017-17504 CVE-2017-17682 CVE-2017-17879 CVE-2017-17914
MLIST:[debian-lts-announce] 20180103 [SECURITY] [DLA 1228-1] poppler security update CVE-2017-1000456
MLIST:[debian-lts-announce] 20180104 [SECURITY] [DLA 1229-1] imagemagick security update CVE-2017-1000445 CVE-2017-1000476
MLIST:[debian-lts-announce] 20180105 [SECURITY] [DLA 1230-1] xen security update CVE-2017-17044 CVE-2017-17045 CVE-2017-17563 CVE-2017-17564 CVE-2017-17565 CVE-2017-17566
MLIST:[debian-lts-announce] 20180107 [SECURITY] [DLA 1232-1] linux security update CVE-2017-17558 CVE-2017-17741 CVE-2017-17805 CVE-2017-17806 CVE-2017-17807 CVE-2017-5754
MLIST:[debian-lts-announce] 20180108 [SECURITY] [DLA 1231-1] graphicsmagick security update CVE-2017-17498 CVE-2017-17500 CVE-2017-17501 CVE-2017-17502 CVE-2017-17503 CVE-2017-17782 CVE-2017-17912 CVE-2017-17915
MLIST:[debian-lts-announce] 20180108 [SECURITY] [DLA 1233-1] gifsicle security update CVE-2017-1000421
MLIST:[debian-lts-announce] 20180108 [SECURITY] [DLA 1234-1] gdk-pixbuf security update CVE-2017-1000422
MLIST:[debian-lts-announce] 20180108 [SECURITY] [DLA 1235-1] opencv security update CVE-2017-1000450 CVE-2017-17760
MLIST:[debian-lts-announce] 20180109 [SECURITY] [DLA 1236-1] plexus-utils security update CVE-2017-1000487
MLIST:[debian-lts-announce] 20180109 [SECURITY] [DLA 1237-1] plexus-utils2 security update CVE-2017-1000487
MLIST:[debian-lts-announce] 20180110 [SECURITY] [DLA 1238-1] awstats security update CVE-2017-1000501
MLIST:[debian-lts-announce] 20180110 [SECURITY] [DLA 1239-1] poco security update CVE-2017-1000472
MLIST:[debian-lts-announce] 20180111 [SECURITY] [DLA 1240-1] ming security update CVE-2017-11732 CVE-2017-16883 CVE-2017-16898
MLIST:[debian-lts-announce] 20180114 [SECURITY] [DLA 1241-1] libkohana2-php security update CVE-2016-10510
MLIST:[debian-lts-announce] 20180114 [SECURITY] [DLA 1242-1] xmltooling security update CVE-2018-0486
MLIST:[debian-lts-announce] 20180116 [SECURITY] [DLA 1243-1] xbmc security update CVE-2017-8314
MLIST:[debian-lts-announce] 20180116 [SECURITY] [DLA 1245-1] graphicsmagick security update CVE-2018-5685
MLIST:[debian-lts-announce] 20180118 [SECURITY] [DLA 1246-1] transmission security update CVE-2018-5702
MLIST:[debian-lts-announce] 20180119 [SECURITY] [DLA 1247-1] rsync security update CVE-2018-5764
MLIST:[debian-lts-announce] 20180119 [SECURITY] [DLA 1248-1] libgd2 security update CVE-2018-5711
MLIST:[debian-lts-announce] 20180119 [SECURITY] [DLA 1249-1] smarty3 security update CVE-2017-1000480
MLIST:[debian-lts-announce] 20180119 [SECURITY] [DLA 1250-1] mysql-5.5 security update CVE-2018-2562 CVE-2018-2622 CVE-2018-2640 CVE-2018-2665 CVE-2018-2668
MLIST:[debian-lts-announce] 20180120 [SECURITY] [DLA 1251-1] php5 security update CVE-2018-5712
MLIST:[debian-lts-announce] 20180121 [SECURITY] [DLA 1252-1] couchdb security update CVE-2017-12635 CVE-2017-12636
MLIST:[debian-lts-announce] 20180121 [SECURITY] [DLA 1253-1] openocd security update CVE-2018-5704
MLIST:[debian-lts-announce] 20180121 [SECURITY] [DLA 1254-1] lucene-solr security update CVE-2017-12629
MLIST:[debian-lts-announce] 20180124 [SECURITY] [DLA 1256-1] firefox-esr security update CVE-2018-5089 CVE-2018-5091 CVE-2018-5095 CVE-2018-5096 CVE-2018-5097 CVE-2018-5098 CVE-2018-5099 CVE-2018-5102 CVE-2018-5103 CVE-2018-5104 CVE-2018-5117
MLIST:[debian-lts-announce] 20180126 [SECURITY] [DLA 1257-1] openssh security update CVE-2016-10708
MLIST:[debian-lts-announce] 20180126 [SECURITY] [DLA 1258-1] wireshark security update CVE-2018-5334 CVE-2018-5335 CVE-2018-5336
MLIST:[debian-lts-announce] 20180127 [SECURITY] [DLA 1259-1] tiff security update CVE-2017-18013
MLIST:[debian-lts-announce] 20180127 [SECURITY] [DLA 1260-1] tiff3 security update CVE-2017-18013
MLIST:[debian-lts-announce] 20180128 [SECURITY] [DLA 1261-1] clamav security update CVE-2017-12374 CVE-2017-12375 CVE-2017-12376 CVE-2017-12377 CVE-2017-12378 CVE-2017-12379 CVE-2017-12380
MLIST:[debian-lts-announce] 20180129 [SECURITY] [DLA 1262-1] thunderbird security update CVE-2018-5089 CVE-2018-5095 CVE-2018-5096 CVE-2018-5097 CVE-2018-5098 CVE-2018-5099 CVE-2018-5102 CVE-2018-5103 CVE-2018-5104 CVE-2018-5117
MLIST:[debian-lts-announce] 20180129 [SECURITY] [DLA 1263-1] curl security update CVE-2018-1000007
MLIST:[debian-lts-announce] 20180130 [SECURITY] [DLA 1264-1] unbound security update CVE-2017-15105
MLIST:[debian-lts-announce] 20180131 [SECURITY] [DLA 1265-1] krb5 security update CVE-2013-1418 CVE-2014-5351 CVE-2014-5353 CVE-2014-5355 CVE-2016-3119 CVE-2016-3120
MLIST:[debian-lts-announce] 20180201 [SECURITY] [DLA 1249-2] smarty3 regression update CVE-2017-1000480
MLIST:[debian-lts-announce] 20180202 [SECURITY] [DLA 1266-1] squid3 security update CVE-2018-1000024 CVE-2018-1000027
MLIST:[debian-lts-announce] 20180202 [SECURITY] [DLA 1267-1] squid security update CVE-2018-1000027
MLIST:[debian-lts-announce] 20180202 [SECURITY] [DLA 1268-1] p7zip security update CVE-2017-17969
MLIST:[debian-lts-announce] 20180204 [SECURITY] [DLA 1269-1] dokuwiki security update CVE-2017-18123
MLIST:[debian-lts-announce] 20180206 [SECURITY] [DLA 1270-1] xen security update CVE-2016-9603 CVE-2016-9637 CVE-2017-2620
MLIST:[debian-lts-announce] 20180207 [SECURITY] [DLA-1271-1] postgresql-9.1 security update CVE-2018-1053
MLIST:[debian-lts-announce] 20180209 [SECURITY] [DLA 1272-1] mailman security update CVE-2018-5950
MLIST:[debian-lts-announce] 20180209 [SECURITY] [DLA 1273-1] simplesamlphp security update CVE-2017-18121 CVE-2017-18122 CVE-2018-6521
MLIST:[debian-lts-announce] 20180210 [SECURITY] [DLA 1274-1] exim4 security update CVE-2018-6789
MLIST:[debian-lts-announce] 20180210 [SECURITY] [DLA 1275-1] uwsgi security update CVE-2018-6758
MLIST:[debian-lts-announce] 20180211 [SECURITY] [DLA 1276-1] tomcat-native security update CVE-2017-15698
MLIST:[debian-lts-announce] 20180212 [SECURITY] [DLA 1277-1] audacity security update CVE-2016-2540
MLIST:[debian-lts-announce] 20180212 [SECURITY] [DLA 1278-1] librsvg security update CVE-2018-1000041
MLIST:[debian-lts-announce] 20180212 [SECURITY] [DLA 1279-1] clamav security update CVE-2017-11423 CVE-2017-6419
MLIST:[debian-lts-announce] 20180212 [SECURITY] [DLA 1280-1] pound security update CVE-2016-10711
MLIST:[debian-lts-announce] 20180213 [SECURITY] [DLA 1281-1] advancecomp security update CVE-2018-1056
MLIST:[debian-lts-announce] 20180214 [SECURITY] [DLA 1282-1] graphicsmagick security update CVE-2018-6799
MLIST:[debian-lts-announce] 20180215 [SECURITY] [DLA 1283-1] python-crypto security update CVE-2018-6594
MLIST:[debian-lts-announce] 20180215 [SECURITY] [DLA 1284-1] leptonlib security update CVE-2018-3836
MLIST:[debian-lts-announce] 20180216 [SECURITY] [DLA 1286-1] quagga security update CVE-2018-5379 CVE-2018-5380 CVE-2018-5381
MLIST:[debian-lts-announce] 20180220 [SECURITY] [DLA 1287-1] zziplib security update CVE-2018-6869
MLIST:[debian-lts-announce] 20180222 [SECURITY] [DLA 1288-1] cups security update CVE-2017-18190
MLIST:[debian-lts-announce] 20180224 [SECURITY] [DLA 1290-1] libvpx security update CVE-2017-13194
MLIST:[debian-lts-announce] 20180225 [SECURITY] [DLA 1293-1] imagemagick security update CVE-2018-7443
MLIST:[debian-lts-announce] 20180225 [SECURITY] [DLA 1294-1] golang security update CVE-2018-7187
MLIST:[debian-lts-announce] 20180228 [SECURITY] [DLA 1295-1] drupal7 security update CVE-2017-6927 CVE-2017-6928 CVE-2017-6929 CVE-2017-6932
MLIST:[debian-lts-announce] 20180228 [SECURITY] [DLA 1296-1] xmltooling security update CVE-2018-0489
MLIST:[debian-lts-announce] 20180301 [SECURITY] [DLA 1297-1] freexl security update CVE-2018-7435 CVE-2018-7436 CVE-2018-7437 CVE-2018-7438 CVE-2018-7439
MLIST:[debian-lts-announce] 20180302 [SECURITY] [DLA 1297-1] simplesamlphp security update CVE-2016-9814 CVE-2016-9955
MLIST:[debian-lts-announce] 20180304 [SECURITY] [DLA 1299-1] libjgraphx-java security update CVE-2017-18197
MLIST:[debian-lts-announce] 20180306 [SECURITY] [DLA 1300-1] xen security update CVE-2018-7540 CVE-2018-7541
MLIST:[debian-lts-announce] 20180306 [SECURITY] [DLA 1301-1] tomcat7 security update CVE-2018-1304 CVE-2018-1305
MLIST:[debian-lts-announce] 20180307 [SECURITY] [DLA 1302-1] leptonlib security update CVE-2018-7186 CVE-2018-7440
MLIST:[debian-lts-announce] 20180308 [SECURITY] [DLA 1303-1] python-django security update CVE-2018-7536 CVE-2018-7537
MLIST:[debian-lts-announce] 20180311 [SECURITY] [DLA 1305-1] ming security update CVE-2018-5251 CVE-2018-5294 CVE-2018-6315 CVE-2018-6359
MLIST:[debian-lts-announce] 20180311 [SECURITY] [DLA 1306-1] vips security update CVE-2018-7998
MLIST:[debian-lts-announce] 20180315 [SECURITY] [DLA 1308-1] firefox-esr security update CVE-2018-5125 CVE-2018-5127 CVE-2018-5129 CVE-2018-5130 CVE-2018-5131 CVE-2018-5144 CVE-2018-5145
MLIST:[debian-lts-announce] 20180316 [SECURITY] [DLA 1307-1] clamav security update CVE-2018-0202 CVE-2018-1000085
MLIST:[debian-lts-announce] 20180318 [SECURITY] [DLA 1309-1] curl security update CVE-2018-1000120 CVE-2018-1000121 CVE-2018-1000122
MLIST:[debian-lts-announce] 20180321 [SECURITY] [DLA 1310-1] exempi security update CVE-2017-18233 CVE-2017-18234 CVE-2017-18236 CVE-2017-18238 CVE-2018-7728 CVE-2018-7730
MLIST:[debian-lts-announce] 20180322 [SECURITY] [DLA 1311-1] adminer security update CVE-2018-7667
MLIST:[debian-lts-announce] 20180322 [SECURITY] [DLA 1312-1] libvorbisidec security update CVE-2018-5147
MLIST:[debian-lts-announce] 20180322 [SECURITY] [DLA 1313-1] isc-dhcp security update CVE-2018-5733
MLIST:[debian-lts-announce] 20180323 [SECURITY] [DLA 1314-1] simplesamlphp security update CVE-2018-7711
MLIST:[debian-lts-announce] 20180324 [SECURITY] [DLA 1315-1] libvirt security update CVE-2018-1064 CVE-2018-5748
MLIST:[debian-lts-announce] 20180324 [SECURITY] [DLA 1316-1] freeplane security update CVE-2018-1000069
MLIST:[debian-lts-announce] 20180326 [SECURITY] [DLA 1317-1] net-snmp security update CVE-2018-1000116
MLIST:[debian-lts-announce] 20180326 [SECURITY] [DLA 1318-1] irssi security update CVE-2018-7051
MLIST:[debian-lts-announce] 20180326 [SECURITY] [DLA 1319-1] firefox-esr security update CVE-2018-5146 CVE-2018-5147
MLIST:[debian-lts-announce] 20180327 [SECURITY] [DLA 1320-1] samba security update CVE-2018-1050
MLIST:[debian-lts-announce] 20180327 [SECURITY] [DLA 1321-1] firefox-esr security update CVE-2018-5148
MLIST:[debian-lts-announce] 20180328 [SECURITY] [DLA 1322-1] graphicsmagick security update CVE-2017-18219 CVE-2017-18220 CVE-2017-18229 CVE-2017-18230 CVE-2017-18231 CVE-2018-9018
MLIST:[debian-lts-announce] 20180328 [SECURITY] [DLA 1325-1] drupal7 security update CVE-2018-7600
MLIST:[debian-lts-announce] 20180329 [SECURITY] [DLA 1326-1] php5 security update CVE-2018-7584
MLIST:[debian-lts-announce] 20180329 [SECURITY] [DLA 1327-1] thunderbird security update CVE-2018-5125 CVE-2018-5127 CVE-2018-5129 CVE-2018-5144 CVE-2018-5145 CVE-2018-5146
MLIST:[debian-lts-announce] 20180329 [SECURITY] [DLA 1328-1] xerces-c security update CVE-2017-12627
MLIST:[debian-lts-announce] 20180329 [SECURITY] [DLA 1329-1] memcached security update CVE-2018-1000127
MLIST:[debian-lts-announce] 20180330 [SECURITY] [DLA 1330-1] openssl security update CVE-2018-0739
MLIST:[debian-lts-announce] 20180330 [SECURITY] [DLA 1331-1] mercurial security update CVE-2018-1000132
MLIST:[debian-lts-announce] 20180330 [SECURITY] [DLA 1332-1] libvncserver security update CVE-2018-7225
MLIST:[debian-lts-announce] 20180331 [SECURITY] [DLA 1333-1] dovecot security update CVE-2017-14461 CVE-2017-15130 CVE-2017-15132
MLIST:[debian-lts-announce] 20180331 [SECURITY] [DLA 1334-1] mosquitto security update CVE-2017-7651 CVE-2017-7652
MLIST:[debian-lts-announce] 20180331 [SECURITY] [DLA 1335-1] zsh security update CVE-2018-1083
MLIST:[debian-lts-announce] 20180401 [SECURITY] [DLA 1336-1] rubygems security update CVE-2018-1000075 CVE-2018-1000076 CVE-2018-1000077 CVE-2018-1000078
MLIST:[debian-lts-announce] 20180402 [SECURITY] [DLA 1337-1] jruby security update CVE-2018-1000075 CVE-2018-1000076 CVE-2018-1000077 CVE-2018-1000078
MLIST:[debian-lts-announce] 20180403 [SECURITY] [DLA 1338-1] beep security update CVE-2018-0492
MLIST:[debian-lts-announce] 20180403 [SECURITY] [DLA 1339-1] openjdk-7 security update CVE-2018-2579 CVE-2018-2588 CVE-2018-2599 CVE-2018-2602 CVE-2018-2603 CVE-2018-2618 CVE-2018-2629 CVE-2018-2633 CVE-2018-2634 CVE-2018-2637 CVE-2018-2641 CVE-2018-2663 CVE-2018-2677 CVE-2018-2678
MLIST:[debian-lts-announce] 20180406 [SECURITY] [DLA 1340-1] sam2p security update CVE-2018-7487 CVE-2018-7551 CVE-2018-7552 CVE-2018-7553 CVE-2018-7554
MLIST:[debian-lts-announce] 20180406 [SECURITY] [DLA 1341-1] sdl-image1.2 security update CVE-2017-12122 CVE-2017-14440 CVE-2017-14441 CVE-2017-14442 CVE-2017-14448 CVE-2017-14450
MLIST:[debian-lts-announce] 20180409 [SECURITY] [DLA 1342-1] ldap-account-manager security update CVE-2018-8763
MLIST:[debian-lts-announce] 20180409 [SECURITY] [DLA 1343-1] ming security update CVE-2018-6358 CVE-2018-7867 CVE-2018-7868 CVE-2018-7870 CVE-2018-7871 CVE-2018-7872 CVE-2018-7875 CVE-2018-9165
MLIST:[debian-lts-announce] 20180414 [SECURITY] [DLA 1345-1] perl security update CVE-2018-6913
MLIST:[debian-lts-announce] 20180416 [SECURITY] [DLA 1344-1] squirrelmail security update CVE-2018-8741
MLIST:[debian-lts-announce] 20180416 [SECURITY] [DLA 1346-1] tiff security update CVE-2018-7456
MLIST:[debian-lts-announce] 20180416 [SECURITY] [DLA 1347-1] tiff3 security update CVE-2018-7456
MLIST:[debian-lts-announce] 20180416 [SECURITY] [DLA 1348-1] patch security update CVE-2018-1000156
MLIST:[debian-lts-announce] 20180417 [SECURITY] [DLA 1350-1] qemu-kvm security update CVE-2018-7550
MLIST:[debian-lts-announce] 20180417 [SECURITY] [DLA 1351-1] qemu security update CVE-2018-7550
MLIST:[debian-lts-announce] 20180417 [SECURITY] [DLA 1352-1] jruby security update CVE-2018-1000074
MLIST:[debian-lts-announce] 20180418 [SECURITY] [DLA 1353-1] wireshark security update CVE-2018-7322 CVE-2018-7323 CVE-2018-7324 CVE-2018-7332 CVE-2018-7334 CVE-2018-7335 CVE-2018-7336 CVE-2018-7337 CVE-2018-7417 CVE-2018-7418 CVE-2018-7419 CVE-2018-7420
MLIST:[debian-lts-announce] 20180418 [SECURITY] [DLA 1354-1] opencv security update CVE-2018-5268 CVE-2018-5269
MLIST:[debian-lts-announce] 20180419 [SECURITY] [DLA 1355-1] mysql-5.5 security update CVE-2018-2755 CVE-2018-2761 CVE-2018-2771 CVE-2018-2773 CVE-2018-2781 CVE-2018-2813 CVE-2018-2817 CVE-2018-2818 CVE-2018-2819
MLIST:[debian-lts-announce] 20180419 [SECURITY] [DLA 1356-1] libreoffice security update CVE-2018-10119 CVE-2018-10120
MLIST:[debian-lts-announce] 20180422 [SECURITY] [DLA 1357-1] gunicorn security update CVE-2018-1000164
MLIST:[debian-lts-announce] 20180423 [SECURITY] [DLA 1358-1] ruby1.9.1 security update CVE-2017-17742 CVE-2018-1000075 CVE-2018-1000076 CVE-2018-1000077 CVE-2018-1000078 CVE-2018-6914 CVE-2018-8777 CVE-2018-8778 CVE-2018-8779 CVE-2018-8780
MLIST:[debian-lts-announce] 20180423 [SECURITY] [DLA 1359-1] ruby1.8 security update CVE-2017-17742 CVE-2018-6914 CVE-2018-8777 CVE-2018-8778 CVE-2018-8779 CVE-2018-8780
MLIST:[debian-lts-announce] 20180424 [SECURITY] [DLA 1360-1] lucene-solr security update CVE-2018-1308
MLIST:[debian-lts-announce] 20180424 [SECURITY] [DLA 1361-1] psensor security update CVE-2014-10073
MLIST:[debian-lts-announce] 20180425 [SECURITY] [DLA 1363-1] ghostscript security update CVE-2018-10194
MLIST:[debian-lts-announce] 20180425 [SECURITY] [DLA 1364-1] openslp-dfsg security update CVE-2017-17833
MLIST:[debian-lts-announce] 20180426 [SECURITY] [DLA 1365-1] drupal7 security update CVE-2018-7602
MLIST:[debian-lts-announce] 20180427 [SECURITY] [DLA 1366-1] wordpress security update CVE-2018-10100 CVE-2018-10102
MLIST:[debian-lts-announce] 20180428 [SECURITY] [DLA 1367-1] slurm-llnl security update CVE-2018-7033
MLIST:[debian-lts-announce] 20180430 [SECURITY] [DLA 1368-1] libvorbis security update CVE-2017-11333 CVE-2017-14632 CVE-2017-14633 CVE-2018-5146
MLIST:[debian-lts-announce] 20180502 [SECURITY] [DLA 1369-1] linux security update CVE-2017-0861 CVE-2017-13166 CVE-2017-16526 CVE-2017-16911 CVE-2017-16912 CVE-2017-16913 CVE-2017-16914 CVE-2017-18017 CVE-2017-18203 CVE-2017-18216 CVE-2017-5715 CVE-2018-1000004 CVE-2018-1000199 CVE-2018-1068 CVE-2018-5332 CVE-2018-5333 CVE-2018-5750 CVE-2018-5803 CVE-2018-6927 CVE-2018-7492 CVE-2018-7566 CVE-2018-7740 CVE-2018-7757 CVE-2018-7995 CVE-2018-8781 CVE-2018-8822
MLIST:[debian-lts-announce] 20180504 [SECURITY] [DLA 1370-1] quassel security update CVE-2018-1000178
MLIST:[debian-lts-announce] 20180509 [SECURITY] [DLA 1373-1] php5 security update CVE-2018-10545 CVE-2018-10547 CVE-2018-10548
MLIST:[debian-lts-announce] 20180511 [SECURITY] [DLA 1374-1] firebird2.5 security update CVE-2017-11509
MLIST:[debian-lts-announce] 20180511 [SECURITY] [DLA 1375-1] wget security update CVE-2018-0494
MLIST:[debian-lts-announce] 20180511 [SECURITY] [DLA 1376-1] firefox-esr security update CVE-2018-5150 CVE-2018-5154 CVE-2018-5155 CVE-2018-5157 CVE-2018-5158 CVE-2018-5159 CVE-2018-5168 CVE-2018-5178 CVE-2018-5183
MLIST:[debian-lts-announce] 20180514 [SECURITY] [DLA 1377-1] tiff security update CVE-2018-8905
MLIST:[debian-lts-announce] 20180514 [SECURITY] [DLA 1378-1] tiff3 security update CVE-2018-8905
MLIST:[debian-lts-announce] 20180516 [SECURITY] [DLA 1379-1] curl security update CVE-2018-1000301
MLIST:[debian-lts-announce] 20180518 [SECURITY] [DLA 1380-1] libmad security update CVE-2017-8372 CVE-2017-8373 CVE-2017-8374
MLIST:[debian-lts-announce] 20180523 [SECURITY] [DLA 1381-1] imagemagick security update CVE-2017-18271 CVE-2017-18273 CVE-2018-11251
MLIST:[debian-lts-announce] 20180525 [SECURITY] [DLA 1382-1] thunderbird security update CVE-2018-5150 CVE-2018-5154 CVE-2018-5155 CVE-2018-5159 CVE-2018-5161 CVE-2018-5162 CVE-2018-5168 CVE-2018-5170 CVE-2018-5178 CVE-2018-5183 CVE-2018-5184 CVE-2018-5185
MLIST:[debian-lts-announce] 20180525 [SECURITY] [DLA 1383-1] xen security update CVE-2018-10981 CVE-2018-10982 CVE-2018-8897
MLIST:[debian-lts-announce] 20180525 [SECURITY] [DLA 1384-1] xdg-utils security update CVE-2017-18266
MLIST:[debian-lts-announce] 20180525 [SECURITY] [DLA 1385-1] batik security update CVE-2018-8013
MLIST:[debian-lts-announce] 20180526 [SECURITY] [DLA 1386-1] ming security update CVE-2018-7866 CVE-2018-7873 CVE-2018-7876 CVE-2018-9009 CVE-2018-9132
MLIST:[debian-lts-announce] 20180526 [SECURITY] [DLA 1387-1] cups security update CVE-2017-18248
MLIST:[debian-lts-announce] 20180528 [SECURITY] [DLA 1388-1] wireshark security update CVE-2018-11358 CVE-2018-11362 CVE-2018-9258 CVE-2018-9260 CVE-2018-9261 CVE-2018-9263 CVE-2018-9268 CVE-2018-9269 CVE-2018-9270
MLIST:[debian-lts-announce] 20180530 [SECURITY] [DLA 1389-1] apache2 security update CVE-2017-15710 CVE-2018-1301 CVE-2018-1312
MLIST:[debian-lts-announce] 20180531 [SECURITY] [DLA 1390-1] procps security update CVE-2018-1122 CVE-2018-1123 CVE-2018-1124 CVE-2018-1125 CVE-2018-1126
MLIST:[debian-lts-announce] 20180531 [SECURITY] [DLA 1391-1] tiff security update CVE-2017-11613 CVE-2018-5784
MLIST:[debian-lts-announce] 20180601 [SECURITY] [DLA 1392-1] linux security update CVE-2018-10940 CVE-2018-1130 CVE-2018-8897
MLIST:[debian-lts-announce] 20180626 [SECURITY] [DLA 1394-1] imagemagick security update CVE-2018-11251 CVE-2018-12599 CVE-2018-12600
MLIST:[debian-lts-announce] 20180626 [SECURITY] [DLA 1397-1] php5 security update CVE-2018-10545 CVE-2018-10546 CVE-2018-10547 CVE-2018-10548 CVE-2018-10549 CVE-2018-7584
MLIST:[debian-lts-announce] 20180627 [SECURITY] [DLA 1398-1] php-horde-crypt security update CVE-2017-7413 CVE-2017-7414
MLIST:[debian-lts-announce] 20180627 [SECURITY] [DLA 1399-1] ruby-passenger security update CVE-2015-7519 CVE-2018-12029
MLIST:[debian-lts-announce] 20180627 [SECURITY] [DLA 1400-1] tomcat7 security update CVE-2017-12616 CVE-2017-7674 CVE-2018-1304 CVE-2018-1305 CVE-2018-8014
MLIST:[debian-lts-announce] 20180627 [SECURITY] [DLA 1401-1] graphicsmagick security update CVE-2016-5241 CVE-2016-7446 CVE-2016-7447 CVE-2016-7448 CVE-2016-7449 CVE-2017-11636 CVE-2017-11643 CVE-2017-12937 CVE-2017-13063 CVE-2017-13064 CVE-2017-13065 CVE-2017-13134 CVE-2017-14314 CVE-2017-14733 CVE-2017-16353 CVE-2017-16669 CVE-2017-17498 CVE-2017-17500 CVE-2017-17501 CVE-2017-17502 CVE-2017-17503 CVE-2017-17782 CVE-2017-17912 CVE-2017-17915
MLIST:[debian-lts-announce] 20180628 [SECURITY] [DLA 1402-1] exiv2 security update CVE-2018-10958 CVE-2018-10998 CVE-2018-10999 CVE-2018-11531 CVE-2018-12264 CVE-2018-12265
MLIST:[debian-lts-announce] 20180628 [SECURITY] [DLA 1403-1] zendframework security update CVE-2016-4861
MLIST:[debian-lts-announce] 20180628 [SECURITY] [DLA 1404-1] lava-server security update CVE-2018-12564
MLIST:[debian-lts-announce] 20180629 [SECURITY] [DLA 1405-1] libgcrypt20 security update CVE-2018-0495
MLIST:[debian-lts-announce] 20180629 [SECURITY] [DLA 1406-1] firefox-esr security update CVE-2018-12359 CVE-2018-12360 CVE-2018-12362 CVE-2018-12363 CVE-2018-12364 CVE-2018-12365 CVE-2018-12366 CVE-2018-5156 CVE-2018-5188
MLIST:[debian-lts-announce] 20180629 [SECURITY] [DLA 1407-1] mariadb-10.0 security update CVE-2017-10268 CVE-2017-10378 CVE-2018-2562 CVE-2018-2612 CVE-2018-2622 CVE-2018-2640 CVE-2018-2665 CVE-2018-2668 CVE-2018-2755 CVE-2018-2761 CVE-2018-2766 CVE-2018-2771 CVE-2018-2781 CVE-2018-2782 CVE-2018-2784 CVE-2018-2787 CVE-2018-2813 CVE-2018-2817 CVE-2018-2819
MLIST:[debian-lts-announce] 20180629 [SECURITY] [DLA 1408-1] simplesamlphp security update CVE-2017-12868 CVE-2017-12872
MLIST:[debian-lts-announce] 20180629 [SECURITY] [DLA 1409-1] mosquitto security update CVE-2017-7651 CVE-2017-7652
MLIST:[debian-lts-announce] 20180701 [SECURITY] [DLA 1410-1] python-pysaml2 security update CVE-2017-1000433
MLIST:[debian-lts-announce] 20180702 [SECURITY] [DLA 1411-1] tiff security update CVE-2017-11613 CVE-2018-10963 CVE-2018-5784 CVE-2018-7456 CVE-2018-8905
MLIST:[debian-lts-announce] 20180703 [SECURITY] [DLA 1412-1] cups security update CVE-2017-18190 CVE-2017-18248
MLIST:[debian-lts-announce] 20180705 [SECURITY] [DLA 1413-1] dokuwiki security update CVE-2017-18123
MLIST:[debian-lts-announce] 20180705 [SECURITY] [DLA 1414-1] mercurial security update CVE-2017-17458 CVE-2017-9462 CVE-2018-1000132
MLIST:[debian-lts-announce] 20180706 [SECURITY] [DLA 1415-1] phpmyadmin security update CVE-2016-6609 CVE-2016-6614 CVE-2016-6615 CVE-2016-6616 CVE-2016-6618 CVE-2016-6619 CVE-2016-6620 CVE-2016-6621 CVE-2016-6622 CVE-2016-9865 CVE-2017-18264
MLIST:[debian-lts-announce] 20180706 [SECURITY] [DLA 1416-1] libsoup2.4 security update CVE-2018-12910
MLIST:[debian-lts-announce] 20180707 [SECURITY] [DLA 1418-1] bouncycastle security update CVE-2016-1000338 CVE-2016-1000339 CVE-2016-1000341 CVE-2016-1000342 CVE-2016-1000343 CVE-2016-1000345 CVE-2016-1000346
MLIST:[debian-lts-announce] 20180713 [SECURITY] [DLA-1420-1] cinnamon security update CVE-2018-13054
MLIST:[debian-lts-announce] 20180714 [SECURITY] [DLA 1421-1] ruby2.1 security update CVE-2015-9096 CVE-2016-2339 CVE-2016-7798 CVE-2017-0898 CVE-2017-0899 CVE-2017-0900 CVE-2017-0901 CVE-2017-0902 CVE-2017-0903 CVE-2017-10784 CVE-2017-14033 CVE-2017-14064 CVE-2017-17405 CVE-2017-17742 CVE-2017-17790 CVE-2018-1000075 CVE-2018-1000076 CVE-2018-1000077 CVE-2018-1000078 CVE-2018-1000079 CVE-2018-6914 CVE-2018-8777 CVE-2018-8778 CVE-2018-8779 CVE-2018-8780
MLIST:[debian-lts-announce] 20180714 [SECURITY] [DLA 1422-1] linux security update CVE-2017-5715 CVE-2017-5753 CVE-2018-1000204 CVE-2018-1066 CVE-2018-10853 CVE-2018-10940 CVE-2018-1130 CVE-2018-11506 CVE-2018-12233 CVE-2018-3665 CVE-2018-5814 CVE-2018-9422
MLIST:[debian-lts-announce] 20180714 [SECURITY] [DLA 1425-1] thunderbird security update CVE-2018-12359 CVE-2018-12360 CVE-2018-12362 CVE-2018-12363 CVE-2018-12364 CVE-2018-12365 CVE-2018-12366 CVE-2018-12372 CVE-2018-12373 CVE-2018-12374 CVE-2018-5188
MLIST:[debian-lts-announce] 20180714 [SECURITY] [DLA 1426-1] cups security update CVE-2018-4180 CVE-2018-4181 CVE-2018-6553
MLIST:[debian-lts-announce] 20180715 [SECURITY] [DLA 1422-2] linux security update CVE-2017-5715 CVE-2017-5753 CVE-2018-1000204 CVE-2018-1066 CVE-2018-10853 CVE-2018-10940 CVE-2018-1130 CVE-2018-11506 CVE-2018-12233 CVE-2018-3665 CVE-2018-5814 CVE-2018-9422
MLIST:[debian-lts-announce] 20180715 [SECURITY] [DLA 1428-1] 389-ds-base security update CVE-2017-15134 CVE-2018-1054 CVE-2018-10850 CVE-2018-1089
MLIST:[debian-lts-announce] 20180716 [SECURITY] [DLA 1429-1] sssd security update CVE-2018-10852
MLIST:[debian-lts-announce] 20180718 [SECURITY] [DLA 1423-1] linux-4.9 new package CVE-2017-18255 CVE-2017-5753 CVE-2018-1000204 CVE-2018-10021 CVE-2018-10087 CVE-2018-10124 CVE-2018-10853 CVE-2018-10940 CVE-2018-1120 CVE-2018-1130 CVE-2018-11506 CVE-2018-12233 CVE-2018-3639 CVE-2018-5814
MLIST:[debian-lts-announce] 20180718 [SECURITY] [DLA 1430-1] taglib security update CVE-2018-11439
MLIST:[debian-lts-announce] 20180719 [SECURITY] [DLA 1432-1] gpac security update CVE-2018-13005 CVE-2018-13006
MLIST:[debian-lts-announce] 20180719 [SECURITY] [DLA 1433-1] openjpeg2 security update CVE-2015-1239 CVE-2016-5139
MLIST:[debian-lts-announce] 20180720 [SECURITY] [DLA 1436-1] gosa security update CVE-2018-1000528
MLIST:[debian-lts-announce] 20180721 [SECURITY] [DLA 1437-1] slurm-llnl security update CVE-2018-10995 CVE-2018-7033
MLIST:[debian-lts-announce] 20180722 [SECURITY] [DLA 1438-1] opencv security update CVE-2016-1516 CVE-2017-1000450 CVE-2017-12597 CVE-2017-12598 CVE-2017-12599 CVE-2017-12601 CVE-2017-12603 CVE-2017-12604 CVE-2017-12605 CVE-2017-12606 CVE-2017-12862 CVE-2017-12863 CVE-2017-12864 CVE-2017-14136 CVE-2017-17760 CVE-2018-5268 CVE-2018-5269
MLIST:[debian-lts-announce] 20180724 [SECURITY] [DLA 1439-1] resiprocate security update CVE-2017-11521 CVE-2018-12584
MLIST:[debian-lts-announce] 20180724 [SECURITY] [DLA 1440-1] libarchive-zip-perl security update CVE-2018-10860
MLIST:[debian-lts-announce] 20180724 [SECURITY] [DLA 1441-1] sympa security update CVE-2018-1000550
MLIST:[debian-lts-announce] 20180724 [SECURITY] [DLA 1442-1] mailman security update CVE-2018-0618 CVE-2018-13796
MLIST:[debian-lts-announce] 20180726 [SECURITY] [DLA 1444-1] vim-syntastic security update CVE-2018-11319
MLIST:[debian-lts-announce] 20180727 [SECURITY] [DLA 1414-2] mercurial regression update CVE-2017-17458
MLIST:[debian-lts-announce] 20180727 [SECURITY] [DLA 1445-1] busybox security update CVE-2011-5325 CVE-2014-9645 CVE-2015-9261 CVE-2017-15873 CVE-2017-16544 CVE-2018-1000517
MLIST:[debian-lts-announce] 20180727 [SECURITY] [DLA 1446-1] intel-microcode security update CVE-2018-3639 CVE-2018-3640
MLIST:[debian-lts-announce] 20180727 [SECURITY] [DLA 1447-1] libidn security update CVE-2017-14062
MLIST:[debian-lts-announce] 20180728 [SECURITY] [DLA 1449-1] openssl security update CVE-2018-0732 CVE-2018-0737
MLIST:[debian-lts-announce] 20180728 [SECURITY] [DLA-1448-1] policykit-1 security update CVE-2018-1116
MLIST:[debian-lts-announce] 20180729 [SECURITY] [DLA 1450-1] tomcat8 security update CVE-2018-1304 CVE-2018-1305
MLIST:[debian-lts-announce] 20180729 [SECURITY] [DLA 1451-1] wireshark security update CVE-2018-14339 CVE-2018-14340 CVE-2018-14341 CVE-2018-14342 CVE-2018-14343 CVE-2018-14368 CVE-2018-14369
MLIST:[debian-lts-announce] 20180730 [SECURITY] [DLA 1452-1] wordpress security update CVE-2016-5836 CVE-2018-12895
MLIST:[debian-lts-announce] 20180730 [SECURITY] [DLA 1453-1] tomcat7 security update CVE-2018-8034
MLIST:[debian-lts-announce] 20180731 [SECURITY] [DLA 1454-1] network-manager-vpnc security update CVE-2018-10900
MLIST:[debian-lts-announce] 20180802 [SECURITY] [DLA 1455-1] mutt security update CVE-2018-14349 CVE-2018-14350 CVE-2018-14351 CVE-2018-14352 CVE-2018-14353 CVE-2018-14354 CVE-2018-14355 CVE-2018-14356 CVE-2018-14357 CVE-2018-14358 CVE-2018-14359 CVE-2018-14360 CVE-2018-14361 CVE-2018-14362 CVE-2018-14363
MLIST:[debian-lts-announce] 20180803 [SECURITY] [DLA 1456-1] graphicsmagick security update CVE-2016-5239 CVE-2017-11102 CVE-2017-11140 CVE-2017-11403 CVE-2017-11637 CVE-2017-11638 CVE-2017-11641 CVE-2017-11642 CVE-2017-12935 CVE-2017-12936 CVE-2017-13737 CVE-2017-13775 CVE-2017-13776 CVE-2017-13777 CVE-2017-14504 CVE-2017-14994 CVE-2017-14997 CVE-2017-15277 CVE-2017-15930 CVE-2017-16352 CVE-2017-16545 CVE-2017-16547 CVE-2017-18219 CVE-2017-18220 CVE-2017-18229 CVE-2017-18230 CVE-2017-18231 CVE-2017-6335 CVE-2017-9098 CVE-2018-5685 CVE-2018-6799 CVE-2018-9018
MLIST:[debian-lts-announce] 20180806 [SECURITY] [DLA-1459-1] cgit security update CVE-2018-14912
MLIST:[debian-lts-announce] 20180806 [SECURITY] [DLA-1460-1] libmspack security update CVE-2018-14679 CVE-2018-14680 CVE-2018-14681 CVE-2018-14682
MLIST:[debian-lts-announce] 20180808 [SECURITY] [DLA 1437-2] slurm-llnl regression update CVE-2018-10995
MLIST:[debian-lts-announce] 20180809 [SECURITY] [DLA 1462-1] wpa security update CVE-2018-14526
MLIST:[debian-lts-announce] 20180810 [SECURITY] [DLA 1463-1] sam2p security update CVE-2018-12578 CVE-2018-12601
MLIST:[debian-lts-announce] 20180813 [SECURITY] [DLA 1465-1] blender security update CVE-2017-12081 CVE-2017-12082 CVE-2017-12086 CVE-2017-12099 CVE-2017-12100 CVE-2017-12101 CVE-2017-12102 CVE-2017-12103 CVE-2017-12104 CVE-2017-12105 CVE-2017-2899 CVE-2017-2900 CVE-2017-2901 CVE-2017-2902 CVE-2017-2903 CVE-2017-2904 CVE-2017-2905 CVE-2017-2906 CVE-2017-2907 CVE-2017-2908 CVE-2017-2918
MLIST:[debian-lts-announce] 20180815 [SECURITY] [DLA 1464-1] postgresql-9.4 security update CVE-2018-10915
MLIST:[debian-lts-announce] 20180815 [SECURITY] [DLA 1466-1] linux-4.9 security update CVE-2018-13405 CVE-2018-5390 CVE-2018-5391
MLIST:[debian-lts-announce] 20180815 [SECURITY] [DLA 1467-1] ruby-zip security update CVE-2018-1000544
MLIST:[debian-lts-announce] 20180815 [SECURITY] [DLA 1468-1] fuse security update CVE-2018-10906
MLIST:[debian-lts-announce] 20180818 [SECURITY] [DLA 1470-1] confuse security update CVE-2018-14447
MLIST:[debian-lts-announce] 20180818 [SECURITY] [DLA-1469-1] libxcursor security update CVE-2015-9262
MLIST:[debian-lts-announce] 20180819 [SECURITY] [DLA 1471-1] kamailio security update CVE-2018-14767
MLIST:[debian-lts-announce] 20180820 [SECURITY] [DLA 1461-1] clamav security update CVE-2018-0360 CVE-2018-0361
MLIST:[debian-lts-announce] 20180820 [SECURITY] [DLA 1472-1] libcgroup security update CVE-2018-14348
MLIST:[debian-lts-announce] 20180821 [SECURITY] [DLA 1473-1] otrs2 security update CVE-2018-14593
MLIST:[debian-lts-announce] 20180821 [SECURITY] [DLA-1474-1] openssh security update CVE-2018-15473
MLIST:[debian-lts-announce] 20180822 [SECURITY] [DLA 1475-1] tomcat-native security update CVE-2018-8019 CVE-2018-8020
MLIST:[debian-lts-announce] 20180825 [SECURITY] [DLA 1477-1] libgit2 security update CVE-2018-10887 CVE-2018-10888 CVE-2018-15501
MLIST:[debian-lts-announce] 20180826 [SECURITY] [DLA-1478-1] libextractor security update CVE-2018-14346 CVE-2018-14347
MLIST:[debian-lts-announce] 20180827 [SECURITY] [DLA 1476-1] dropbear security update CVE-2018-15599
MLIST:[debian-lts-announce] 20180827 [SECURITY] [DLA 1479-1] twitter-bootstrap3 security update CVE-2018-14040
MLIST:[debian-lts-announce] 20180827 [SECURITY] [DLA 1480-1] ruby2.1 security update CVE-2016-2337 CVE-2018-1000073 CVE-2018-1000074
MLIST:[debian-lts-announce] 20180828 [SECURITY] [DLA 1481-1] linux-4.9 security update CVE-2018-3620 CVE-2018-3646
MLIST:[debian-lts-announce] 20180829 [SECURITY] [DLA 1482-1] libx11 security update CVE-2018-14598 CVE-2018-14599 CVE-2018-14600
MLIST:[debian-lts-announce] 20180830 [SECURITY] [DLA 1483-1] 389-ds-base security update CVE-2018-10871 CVE-2018-10935
MLIST:[debian-lts-announce] 20180830 [SECURITY] [DLA 1485-1] bind9 security update CVE-2018-5740
MLIST:[debian-lts-announce] 20180831 [SECURITY] [DLA 1486-1] spice security update CVE-2018-10873
MLIST:[debian-lts-announce] 20180831 [SECURITY] [DLA 1487-1] libtirpc security update CVE-2018-14622
MLIST:[debian-lts-announce] 20180831 [SECURITY] [DLA 1488-1] mariadb-10.0 security update CVE-2018-3058 CVE-2018-3063 CVE-2018-3064 CVE-2018-3066
MLIST:[debian-lts-announce] 20180831 [SECURITY] [DLA 1488-1] spice security update CVE-2018-10873
MLIST:[debian-lts-announce] 20180831 [SECURITY] [DLA 1489-1] spice-gtk security update CVE-2018-10873
MLIST:[debian-lts-announce] 20180901 [SECURITY] [DLA 1490-1] php5 security update CVE-2018-14851 CVE-2018-14883
MLIST:[debian-lts-announce] 20180902 [SECURITY] [DLA 1491-1] tomcat8 security update CVE-2018-1336 CVE-2018-8034
MLIST:[debian-lts-announce] 20180903 [SECURITY] [DLA 1492-1] dojo security update CVE-2018-15494
MLIST:[debian-lts-announce] 20180905 [SECURITY] [DLA 1494-1] gdm3 security update CVE-2018-14424
MLIST:[debian-lts-announce] 20180905 [SECURITY] [DLA 1495-1] git-annex security update CVE-2017-12976
MLIST:[debian-lts-announce] 20180906 [SECURITY] [DLA 1493-1] xen security update CVE-2016-4963 CVE-2017-14431
MLIST:[debian-lts-announce] 20180906 [SECURITY] [DLA 1496-1] lcms2 security update CVE-2018-16435
MLIST:[debian-lts-announce] 20180906 [SECURITY] [DLA 1497-1] qemu security update CVE-2016-10155 CVE-2016-9602 CVE-2016-9603 CVE-2017-10806 CVE-2017-10911 CVE-2017-11434 CVE-2017-14167 CVE-2017-15038 CVE-2017-15289 CVE-2017-16845 CVE-2017-18030 CVE-2017-18043 CVE-2017-2620 CVE-2017-5715 CVE-2017-5973 CVE-2017-5987 CVE-2017-6505 CVE-2017-7377 CVE-2017-7718 CVE-2017-7980 CVE-2017-8086 CVE-2017-8112 CVE-2017-8309 CVE-2017-8379 CVE-2017-9330 CVE-2017-9373 CVE-2017-9374 CVE-2017-9503 CVE-2018-5683 CVE-2018-7550
MLIST:[debian-lts-announce] 20180908 [SECURITY] [DLA 1499-1] discount security update CVE-2018-11468 CVE-2018-11503 CVE-2018-11504 CVE-2018-12495
MLIST:[debian-lts-announce] 20180910 [SECURITY] [DLA 1500-1] openssh security update CVE-2015-5352 CVE-2015-5600 CVE-2015-6563 CVE-2015-6564 CVE-2016-10009 CVE-2016-10011 CVE-2016-10012 CVE-2016-10708 CVE-2016-1908 CVE-2016-3115 CVE-2016-6515 CVE-2017-15906
MLIST:[debian-lts-announce] 20180911 [SECURITY] [DLA 1501-1] libextractor security update CVE-2018-16430
MLIST:[debian-lts-announce] 20180912 [SECURITY] [DLA 1502-1] mgetty security update CVE-2018-16741
MLIST:[debian-lts-announce] 20180912 [SECURITY] [DLA 1503-1] kamailio security update CVE-2018-16657
MLIST:[debian-lts-announce] 20180913 [SECURITY] [DLA 1504-1] ghostscript security update CVE-2018-11645 CVE-2018-15908 CVE-2018-15909 CVE-2018-15910 CVE-2018-15911 CVE-2018-16509 CVE-2018-16511 CVE-2018-16513 CVE-2018-16539 CVE-2018-16540 CVE-2018-16541 CVE-2018-16542 CVE-2018-16585 CVE-2018-16802
MLIST:[debian-lts-announce] 20180915 [SECURITY] [DLA 1505-1] zutils security update CVE-2018-1000637
MLIST:[debian-lts-announce] 20180916 [SECURITY] [DLA 1506-1] intel-microcode security update CVE-2017-5715 CVE-2018-3615 CVE-2018-3620 CVE-2018-3639 CVE-2018-3640 CVE-2018-3646
MLIST:[debian-lts-announce] 20180918 [SECURITY] [DLA 1507-1] libapache2-mod-perl2 security update CVE-2011-2767
MLIST:[debian-lts-announce] 20180919 [SECURITY] [DLA 1508-1] suricata security update CVE-2016-10728
MLIST:[debian-lts-announce] 20180920 [SECURITY] [DLA 1509-1] php5 security update CVE-2018-17082
MLIST:[debian-lts-announce] 20180920 [SECURITY] [DLA 1510-1] glusterfs security update CVE-2018-10904 CVE-2018-10907 CVE-2018-10911 CVE-2018-10913 CVE-2018-10914 CVE-2018-10923 CVE-2018-10926 CVE-2018-10927 CVE-2018-10928 CVE-2018-10929 CVE-2018-10930
MLIST:[debian-lts-announce] 20180921 [SECURITY] [DLA 1512-1] sympa security update CVE-2018-1000671
MLIST:[debian-lts-announce] 20180921 [SECURITY] [DLA 1513-1] openafs security update CVE-2018-16947 CVE-2018-16948 CVE-2018-16949
MLIST:[debian-lts-announce] 20180922 [SECURITY] [DLA 1515-1] hylafax security update CVE-2018-17141
MLIST:[debian-lts-announce] 20180923 [SECURITY] [DLA 1516-1] okular security update CVE-2018-1000801
MLIST:[debian-lts-announce] 20180924 [SECURITY] [DLA 1517-1] dom4j security update CVE-2018-1000632
MLIST:[debian-lts-announce] 20180925 [SECURITY] [DLA 1518-1] polarssl security update CVE-2013-0169 CVE-2018-0497 CVE-2018-0498 CVE-2018-9988 CVE-2018-9989
MLIST:[debian-lts-announce] 20180925 [SECURITY] [DLA 1519-1] python2.7 security update CVE-2017-1000158 CVE-2018-1000802 CVE-2018-1060 CVE-2018-1061
MLIST:[debian-lts-announce] 20180926 [SECURITY] [DLA 1520-1] python3.4 security update CVE-2017-1000158 CVE-2018-1000802 CVE-2018-1060 CVE-2018-1061
MLIST:[debian-lts-announce] 20180926 [SECURITY] [DLA 1521-1] otrs2 security update CVE-2018-16586 CVE-2018-16587
MLIST:[debian-lts-announce] 20180926 [SECURITY] [DLA 1522-1] strongswan security update CVE-2018-16151 CVE-2018-16152
MLIST:[debian-lts-announce] 20180927 [SECURITY] [DLA 1523-1] asterisk security update CVE-2018-17281
MLIST:[debian-lts-announce] 20180927 [SECURITY] [DLA 1524-1] libxml2 security update CVE-2017-18258 CVE-2018-14404 CVE-2018-14567 CVE-2018-9251
MLIST:[debian-lts-announce] 20180928 [SECURITY] [DLA 1525-1] mosquitto security update CVE-2017-7653 CVE-2017-7654 CVE-2017-9868
MLIST:[debian-lts-announce] 20180930 [SECURITY] [DLA 1527-1] ghostscript security update CVE-2018-16543 CVE-2018-17183
MLIST:[debian-lts-announce] 20181002 [SECURITY] [DLA 1528-1] strongswan security update CVE-2018-17540
MLIST:[debian-lts-announce] 20181003 [SECURITY] [DLA 1530-1] imagemagick security update CVE-2018-16412 CVE-2018-16413 CVE-2018-16642 CVE-2018-16643 CVE-2018-16644 CVE-2018-16645 CVE-2018-16749
MLIST:[debian-lts-announce] 20181003 [SECURITY] [DLA 1531-1] linux-4.9 security update CVE-2018-10938 CVE-2018-13099 CVE-2018-14609 CVE-2018-14617 CVE-2018-14678 CVE-2018-14734 CVE-2018-15572 CVE-2018-15594 CVE-2018-16276 CVE-2018-16658 CVE-2018-17182 CVE-2018-6554 CVE-2018-6555 CVE-2018-7755 CVE-2018-9363 CVE-2018-9516
MLIST:[debian-lts-announce] 20181014 [SECURITY] [DLA 1544-1] tomcat7 security update CVE-2018-11784
MLIST:[debian-lts-announce] 20181015 [SECURITY] [DLA 1545-1] tomcat8 security update CVE-2018-11784
MLIST:[debian-lts-announce] 20181015 [SECURITY] [DLA 1546-1] moin security update CVE-2017-5934
MLIST:[debian-lts-announce] 20181016 [SECURITY] [DLA 1547-1] libpdfbox-java security update CVE-2018-11797
MLIST:[debian-lts-announce] 20181018 [SECURITY] [DLA 1548-1] libssh security update CVE-2018-10933
MLIST:[debian-lts-announce] 20181018 [SECURITY] [DLA 1549-1] xen security update CVE-2017-14316 CVE-2017-14317 CVE-2017-14319 CVE-2017-15588 CVE-2017-15589 CVE-2017-15590 CVE-2017-15597 CVE-2017-17046 CVE-2017-17563 CVE-2017-17564 CVE-2017-17565 CVE-2017-17566 CVE-2018-10471 CVE-2018-10982
MLIST:[debian-lts-announce] 20181021 [SECURITY] [DLA 1551-1] exiv2 security update CVE-2018-10958 CVE-2018-10999 CVE-2018-16336
MLIST:[debian-lts-announce] 20181022 [SECURITY] [DLA 1552-1] ghostscript security update CVE-2018-17961 CVE-2018-18073 CVE-2018-18284
MLIST:[debian-lts-announce] 20181024 [SECURITY] [DLA 1553-1] clamav security update CVE-2018-15378
MLIST:[debian-lts-announce] 20181025 [SECURITY] [DLA 1554-1] 389-ds-base security update CVE-2018-14648
MLIST:[debian-lts-announce] 20181026 [SECURITY] [DLA 1555-1] libmspack security update CVE-2018-18584 CVE-2018-18585
MLIST:[debian-lts-announce] 20181027 [SECURITY] [DLA 1556-1] paramiko security update CVE-2018-1000805 CVE-2018-7750
MLIST:[debian-lts-announce] 20181028 [SECURITY] [DLA 1557-1] tiff security update CVE-2018-17100 CVE-2018-17101 CVE-2018-18557
MLIST:[debian-lts-announce] 20181028 [SECURITY] [DLA 1558-1] ruby2.1 security update CVE-2018-16395 CVE-2018-16396
MLIST:[debian-lts-announce] 20181030 [SECURITY] [DLA 1559-1] xen security update CVE-2017-15592 CVE-2017-15593 CVE-2017-15594 CVE-2017-15595 CVE-2017-17044 CVE-2017-17045 CVE-2018-10472 CVE-2018-10981
MLIST:[debian-lts-announce] 20181031 [SECURITY] [DLA 1561-1] phpldapadmin security update CVE-2017-11107
MLIST:[debian-lts-announce] 20181031 [SECURITY] [DLA 1562-1] poppler security update CVE-2017-18267 CVE-2018-10768 CVE-2018-13988 CVE-2018-16646
MLIST:[debian-lts-announce] 20181101 [SECURITY] [DLA 1564-1] mono security update CVE-2009-0689
MLIST:[debian-lts-announce] 20181105 [SECURITY] [DLA 1566-1] mysql-5.5 security update CVE-2018-2767 CVE-2018-3058 CVE-2018-3063 CVE-2018-3066 CVE-2018-3070 CVE-2018-3081 CVE-2018-3133 CVE-2018-3174 CVE-2018-3282
MLIST:[debian-lts-announce] 20181105 [SECURITY] [DLA 1567-1] gthumb security update CVE-2018-18718
MLIST:[debian-lts-announce] 20181106 [SECURITY] [DLA 1568-1] curl security update CVE-2016-7141 CVE-2016-7167 CVE-2016-9586 CVE-2018-16839 CVE-2018-16842
MLIST:[debian-lts-announce] 20181107 [SECURITY] [DLA 1570-1] mariadb-10.0 security update CVE-2018-3143 CVE-2018-3156 CVE-2018-3174 CVE-2018-3251 CVE-2018-3282
MLIST:[debian-lts-announce] 20181107 [SECURITY] [DLA 1571-1] firefox-esr security update CVE-2018-12389 CVE-2018-12390 CVE-2018-12392 CVE-2018-12393 CVE-2018-12395 CVE-2018-12396 CVE-2018-12397
MLIST:[debian-lts-announce] 20181108 [SECURITY] [DLA 1572-1] nginx security update CVE-2018-16845
MLIST:[debian-lts-announce] 20181112 [SECURITY] [DLA 1574-1] imagemagick security update CVE-2018-18025
MLIST:[debian-lts-announce] 20181112 [SECURITY] [DLA 1575-1] thunderbird security update CVE-2017-16541 CVE-2018-12361 CVE-2018-12367 CVE-2018-12376 CVE-2018-12377 CVE-2018-12378 CVE-2018-12379 CVE-2018-12383 CVE-2018-12385 CVE-2018-12389 CVE-2018-12390 CVE-2018-12392 CVE-2018-12393 CVE-2018-5156 CVE-2018-5187
MLIST:[debian-lts-announce] 20181112 [SECURITY] [DLA 1576-1] ansible security update CVE-2018-16837
MLIST:[debian-lts-announce] 20181112 [SECURITY] [DLA 1577-1] xen security update CVE-2018-12891 CVE-2018-12893 CVE-2018-15469 CVE-2018-15470 CVE-2018-7540 CVE-2018-7541 CVE-2018-8897
MLIST:[debian-lts-announce] 20181113 [SECURITY] [DLA 1573-1] firmware-nonfree security update CVE-2016-0801 CVE-2017-0561 CVE-2017-13077 CVE-2017-13078 CVE-2017-13079 CVE-2017-13080 CVE-2017-13081 CVE-2017-9417
MLIST:[debian-lts-announce] 20181113 [SECURITY] [DLA 1578-1] spamassassin security update CVE-2016-1238 CVE-2017-15705 CVE-2018-11780 CVE-2018-11781
MLIST:[debian-lts-announce] 20181119 [SECURITY] [DLA 1580-1] systemd security update CVE-2018-1049 CVE-2018-15686 CVE-2018-15688
MLIST:[debian-lts-announce] 20181120 [SECURITY] [DLA 1579-1] openjpeg2 security update CVE-2017-17480 CVE-2018-18088
MLIST:[debian-lts-announce] 20181120 [SECURITY] [DLA 1581-1] uriparser security update CVE-2018-19198 CVE-2018-19199 CVE-2018-19200
MLIST:[debian-lts-announce] 20181120 [SECURITY] [DLA 1582-1] liblivemedia security update CVE-2018-4013
MLIST:[debian-lts-announce] 20181121 [SECURITY] [DLA 1583-1] jasper security update CVE-2015-5203 CVE-2015-5221 CVE-2016-8690 CVE-2017-13748 CVE-2017-14132
MLIST:[debian-lts-announce] 20181121 [SECURITY] [DLA 1584-1] ruby-i18n security update CVE-2014-10077
MLIST:[debian-lts-announce] 20181121 [SECURITY] [DLA 1585-1] ruby-rack security update CVE-2018-16471
MLIST:[debian-lts-announce] 20181121 [SECURITY] [DLA 1586-1] openssl security update CVE-2018-0735 CVE-2018-5407
MLIST:[debian-lts-announce] 20181122 [SECURITY] [DLA 1590-1] openjdk-7 security update CVE-2018-2952 CVE-2018-3136 CVE-2018-3139 CVE-2018-3149 CVE-2018-3169 CVE-2018-3180 CVE-2018-3214
MLIST:[debian-lts-announce] 20181123 [SECURITY] [DLA 1592-1] otrs2 security update CVE-2018-19141 CVE-2018-19143
MLIST:[debian-lts-announce] 20181124 [SECURITY] [DLA 1593-1] phpbb3 security update CVE-2018-19274
MLIST:[debian-lts-announce] 20181125 [SECURITY] [DLA 1595-1] gnuplot5 security update CVE-2018-19490 CVE-2018-19491 CVE-2018-19492
MLIST:[debian-lts-announce] 20181126 [SECURITY] [DLA 1596-1] squid3 security update CVE-2018-19132
MLIST:[debian-lts-announce] 20181126 [SECURITY] [DLA 1597-1] gnuplot security update CVE-2018-19490 CVE-2018-19491 CVE-2018-19492
MLIST:[debian-lts-announce] 20181126 [SECURITY] [DLA-1588-1] icecast2 security update CVE-2018-18820
MLIST:[debian-lts-announce] 20181126 [SECURITY] [DLA-1589-1] keepalived security update CVE-2018-19115
MLIST:[debian-lts-announce] 20181128 [SECURITY] [DLA 1598-1] ghostscript security update CVE-2018-19409 CVE-2018-19475 CVE-2018-19476 CVE-2018-19477
MLIST:[debian-lts-announce] 20181129 [SECURITY] [DLA 1600-1] libarchive security update CVE-2015-8915 CVE-2016-10209 CVE-2016-10349 CVE-2016-10350 CVE-2016-8687 CVE-2016-8688 CVE-2016-8689 CVE-2017-14166 CVE-2017-14501 CVE-2017-14502 CVE-2017-14503 CVE-2017-5601
MLIST:[debian-lts-announce] 20181130 [SECURITY] [DLA 1562-2] poppler security update CVE-2018-16646
MLIST:[debian-lts-announce] 20181130 [SECURITY] [DLA 1599-1] qemu security update CVE-2016-6888 CVE-2016-7155 CVE-2016-7156 CVE-2016-7161 CVE-2017-10664 CVE-2018-17962 CVE-2018-17963
MLIST:[debian-lts-announce] 20181130 [SECURITY] [DLA 1601-1] perl security update CVE-2018-18311
MLIST:[debian-lts-announce] 20181130 [SECURITY] [DLA 1602-1] nsis security update CVE-2015-9267 CVE-2015-9268
MLIST:[debian-lts-announce] 20181204 [SECURITY] [DLA 1603-1] suricata security update CVE-2017-15377 CVE-2017-7177 CVE-2018-6794
MLIST:[debian-lts-announce] 20181210 [SECURITY] [DLA 1604-1] lxml security update CVE-2018-19787
MLIST:[debian-lts-announce] 20181213 [SECURITY] [DLA 1605-1] firefox-esr security update CVE-2018-12405 CVE-2018-17466 CVE-2018-18492 CVE-2018-18493 CVE-2018-18494 CVE-2018-18498
MLIST:[debian-lts-announce] 20181214 [SECURITY] [DLA 1562-3] poppler regression update CVE-2018-16646
MLIST:[debian-lts-announce] 20181215 [SECURITY] [DLA 1607-1] samba security update CVE-2018-14629 CVE-2018-16851
MLIST:[debian-lts-announce] 20181217 [SECURITY] [DLA 1608-1] php5 security update CVE-2018-19518 CVE-2018-19935
MLIST:[debian-lts-announce] 20181217 [SECURITY] [DLA 1609-1] libapache-mod-jk security update CVE-2018-11759
MLIST:[debian-lts-announce] 20181217 [SECURITY] [DLA 1610-1] sleuthkit security update CVE-2018-19497
MLIST:[debian-lts-announce] 20181220 [SECURITY] [DLA 1611-1] libav security update CVE-2014-9317 CVE-2015-6761 CVE-2015-6818 CVE-2015-6820 CVE-2015-6821 CVE-2015-6822 CVE-2015-6825 CVE-2015-6826 CVE-2015-8216 CVE-2015-8217 CVE-2015-8363 CVE-2015-8364 CVE-2015-8661 CVE-2015-8662 CVE-2015-8663 CVE-2016-10190 CVE-2016-10191
MLIST:[debian-lts-announce] 20181221 [SECURITY] [DLA 1611-2] libav security update CVE-2015-6822 CVE-2015-6823 CVE-2015-6824
MLIST:[debian-lts-announce] 20181221 [SECURITY] [DLA 1612-1] libarchive security update CVE-2018-1000877 CVE-2018-1000878
MLIST:[debian-lts-announce] 20181222 [SECURITY] [DLA 1613-1] sqlite3 security update CVE-2018-20346
MLIST:[debian-lts-announce] 20181222 [SECURITY] [DLA 1614-1] openjpeg2 security update CVE-2018-14423 CVE-2018-6616
MLIST:[debian-lts-announce] 20181224 [SECURITY] [DLA 1615-1] nagios3 security update CVE-2013-7108 CVE-2013-7205 CVE-2014-1878 CVE-2016-9566 CVE-2018-18245
MLIST:[debian-lts-announce] 20181224 [SECURITY] [DLA 1616-1] libextractor security update CVE-2018-20430 CVE-2018-20431
MLIST:[debian-lts-announce] 20181226 [SECURITY] [DLA 1618-1] libsndfile security update CVE-2017-14245 CVE-2017-14246 CVE-2017-14634 CVE-2017-8361 CVE-2017-8362 CVE-2017-8363 CVE-2017-8365 CVE-2018-13139 CVE-2018-19432 CVE-2018-19661 CVE-2018-19662
MLIST:[debian-lts-announce] 20181227 [SECURITY] [DLA 1617-1] libvncserver security update CVE-2018-15127 CVE-2018-20019 CVE-2018-20020 CVE-2018-20021 CVE-2018-20022 CVE-2018-20023 CVE-2018-20024 CVE-2018-6307
MLIST:[debian-lts-announce] 20181227 [SECURITY] [DLA 1619-1] graphicsmagick security update CVE-2018-20184 CVE-2018-20185 CVE-2018-20189
MLIST:[debian-lts-announce] 20181227 [SECURITY] [DLA 1620-1] ghostscript security update CVE-2018-19134 CVE-2018-19478
MLIST:[debian-lts-announce] 20181228 [SECURITY] [DLA 1591-2] libphp-phpmailer regression update CVE-2018-19296
MLIST:[debian-lts-announce] 20181228 [SECURITY] [DLA 1621-1] c3p0 security update CVE-2018-20433
MLIST:[debian-lts-announce] 20181231 [SECURITY] [DLA 1623-1] tar security update CVE-2018-20482
MLIST:[debian-lts-announce] 20190102 [SECURITY] [DLA 1628-1] jasper security update CVE-2018-18873 CVE-2018-19139 CVE-2018-19539 CVE-2018-19540 CVE-2018-19541 CVE-2018-19542 CVE-2018-20570 CVE-2018-20584 CVE-2018-20622
MLIST:[debian-lts-announce] 20190103 [SECURITY] [DLA 1627-1] qtbase-opensource-src security update CVE-2018-15518 CVE-2018-19870 CVE-2018-19873
MLIST:[debian-lts-announce] 20190106 [SECURITY] [DLA 1629-1] python-django security update CVE-2019-3498
MLIST:[debian-lts-announce] 20190107 [SECURITY] [DLA 1630-1] libav security update CVE-2017-14055 CVE-2017-14056 CVE-2017-14057 CVE-2017-14170 CVE-2017-14171 CVE-2017-14767 CVE-2017-15672 CVE-2017-17130 CVE-2017-9993 CVE-2017-9994 CVE-2018-14394 CVE-2018-1999010 CVE-2018-6621 CVE-2018-7557
MLIST:[debian-lts-announce] 20190109 [SECURITY] [DLA 1631-1] libcaca security update CVE-2018-20544 CVE-2018-20546 CVE-2018-20547 CVE-2018-20549
MLIST:[debian-lts-announce] 20190110 [SECURITY] [DLA 1632-1] libsndfile security update CVE-2018-19758
MLIST:[debian-lts-announce] 20190111 [SECURITY] [DLA 1633-1] sqlite3 security update CVE-2017-10989 CVE-2017-2518 CVE-2017-2519 CVE-2017-2520 CVE-2018-8740
MLIST:[debian-lts-announce] 20190115 [SECURITY] [DLA 1634-1] wireshark security update CVE-2017-11406 CVE-2017-11407 CVE-2017-11409 CVE-2017-13765 CVE-2017-15191 CVE-2017-17935 CVE-2017-17997 CVE-2017-7700 CVE-2017-7703 CVE-2017-7746 CVE-2017-7747 CVE-2017-9766 CVE-2018-11356 CVE-2018-11357 CVE-2018-11359 CVE-2018-16057 CVE-2018-16058 CVE-2018-19622 CVE-2018-19623 CVE-2018-19624 CVE-2018-19625 CVE-2018-19626 CVE-2018-7322 CVE-2018-7323 CVE-2018-7324 CVE-2018-7325 CVE-2018-7331 CVE-2018-7336 CVE-2018-7417 CVE-2018-7418 CVE-2018-7420 CVE-2018-9256 CVE-2018-9259 CVE-2018-9260 CVE-2018-9262 CVE-2018-9263 CVE-2018-9265 CVE-2018-9267 CVE-2018-9268 CVE-2018-9269 CVE-2018-9270
MLIST:[debian-lts-announce] 20190122 [SECURITY] [DLA 1636-1] aria2 security update CVE-2019-3500
MLIST:[debian-lts-announce] 20190122 [SECURITY] [DLA 1637-1] apt security update CVE-2019-3462
MLIST:[debian-lts-announce] 20190122 [SECURITY] [DLA 1637-1] apt security update (amended) CVE-2019-3462
MLIST:[debian-lts-announce] 20190122 [SECURITY] [DLA 1638-1] libjpeg-turbo security update CVE-2016-3616 CVE-2018-11212 CVE-2018-11213 CVE-2018-11214 CVE-2018-1152
MLIST:[debian-lts-announce] 20190124 [SECURITY] [DLA 1640-1] tmpreaper security update CVE-2019-3461
MLIST:[debian-lts-announce] 20190125 [SECURITY] [DLA 1641-1] mxml security update CVE-2016-4570 CVE-2016-4571 CVE-2018-20004
MLIST:[debian-lts-announce] 20190125 [SECURITY] [DLA 1643-1] krb5 security update CVE-2018-20217 CVE-2018-5729 CVE-2018-5730
MLIST:[debian-lts-announce] 20190128 [SECURITY] [DLA 1644-1] policykit-1 security update CVE-2018-19788 CVE-2019-6133
MLIST:[debian-lts-announce] 20190128 [SECURITY] [DLA 1645-1] wireshark security update CVE-2019-5716 CVE-2019-5717 CVE-2019-5719
MLIST:[debian-lts-announce] 20190129 [SECURITY] [DLA 1646-1] qemu security update CVE-2018-17958 CVE-2018-19364 CVE-2018-19489
MLIST:[debian-lts-announce] 20190129 [SECURITY] [DLA 1647-1] apache2 security update CVE-2018-17199
MLIST:[debian-lts-announce] 20190130 [SECURITY] [DLA 1648-1] firefox-esr security update CVE-2018-18500 CVE-2018-18501 CVE-2018-18505
MLIST:[debian-lts-announce] 20190130 [SECURITY] [DLA 1649-1] spice security update CVE-2019-3813
MLIST:[debian-lts-announce] 20190130 [SECURITY] [DLA 1650-1] rssh security update CVE-2019-1000018
MLIST:[debian-lts-announce] 20190130 [SECURITY] [DLA 1651-1] libgd2 security update CVE-2018-1000222 CVE-2018-5711 CVE-2019-6977 CVE-2019-6978
MLIST:[debian-lts-announce] 20190131 [SECURITY] [DLA 1652-1] libvncserver security update CVE-2018-15126 CVE-2018-20748 CVE-2018-20749 CVE-2018-20750
MLIST:[debian-lts-announce] 20190131 [SECURITY] [DLA 1653-1] postgis security update CVE-2017-18359
MLIST:[debian-lts-announce] 20190201 [SECURITY] [DLA 1655-1] mariadb-10.0 security update CVE-2019-2529 CVE-2019-2537
MLIST:[debian-lts-announce] 20190201 [SECURITY] [DLA 1656-1] agg security update CVE-2019-6245
MLIST:[debian-lts-announce] 20190201 [SECURITY] [DLA 1658-1] phpmyadmin security update CVE-2018-19968 CVE-2018-19970
MLIST:[debian-lts-announce] 20190202 [SECURITY] [DLA 1659-1] drupal7 security update CVE-2019-6339
MLIST:[debian-lts-announce] 20190206 [SECURITY] [DLA 1654-1] libav security update CVE-2014-8542 CVE-2015-1207 CVE-2017-14169 CVE-2017-14223 CVE-2017-7863 CVE-2017-7865
MLIST:[debian-lts-announce] 20190206 [SECURITY] [DLA 1660-1] rssh security update CVE-2019-3463 CVE-2019-3464
MLIST:[debian-lts-announce] 20190206 [SECURITY] [DLA 1661-1] mumble security update CVE-2018-20743
MLIST:[debian-lts-announce] 20190206 [SECURITY] [DLA 1662-1] libthrift-java security update CVE-2018-1320
MLIST:[debian-lts-announce] 20190206 [SECURITY] [DLA 1664-1] golang security update CVE-2019-6486
MLIST:[debian-lts-announce] 20190207 [SECURITY] [DLA 1663-1] python3.4 security update CVE-2016-5636 CVE-2018-20406
MLIST:[debian-lts-announce] 20190207 [SECURITY] [DLA 1668-1] libarchive security update CVE-2019-1000019 CVE-2019-1000020
MLIST:[debian-lts-announce] 20190209 [SECURITY] [DLA 1666-1] freerdp security update CVE-2018-8786 CVE-2018-8787 CVE-2018-8788 CVE-2018-8789
MLIST:[debian-lts-announce] 20190211 [SECURITY] [DLA 1670-1] ghostscript security update CVE-2019-6116
MLIST:[debian-lts-announce] 20190211 [SECURITY] [DLA 1671-1] coturn security update CVE-2018-4056
MLIST:[debian-lts-announce] 20190211 [SECURITY] [DLA 1673-1] wordpress security update CVE-2018-20147 CVE-2018-20148 CVE-2018-20149 CVE-2018-20150 CVE-2018-20151 CVE-2018-20152 CVE-2018-20153
MLIST:[debian-lts-announce] 20190212 [SECURITY] [DLA 1674-1] php5 security update CVE-2018-1000888
MLIST:[debian-lts-announce] 20190214 [SECURITY] [DLA 1676-1] unbound security update CVE-2017-15105
MLIST:[debian-lts-announce] 20190215 [SECURITY] [DLA 1677-1] firefox-esr security update CVE-2018-18356
MLIST:[debian-lts-announce] 20190216 [SECURITY] [DLA 1678-1] thunderbird security update CVE-2018-18356 CVE-2018-18500 CVE-2018-18501 CVE-2018-18505
MLIST:[debian-lts-announce] 20190218 [SECURITY] [DLA 1680-1] tiff security update CVE-2018-17000 CVE-2018-19210 CVE-2019-7663
MLIST:[debian-lts-announce] 20190218 [SECURITY] [DLA 1681-1] gsoap security update CVE-2019-7659
MLIST:[debian-lts-announce] 20190218 [SECURITY] [DLA 1682-1] uriparser security update CVE-2018-20721
MLIST:[debian-lts-announce] 20190219 [SECURITY] [DLA 1683-1] rdesktop security update CVE-2018-20174 CVE-2018-20175 CVE-2018-20176 CVE-2018-20177 CVE-2018-20178 CVE-2018-20179 CVE-2018-20180 CVE-2018-20181 CVE-2018-20182 CVE-2018-8791 CVE-2018-8792 CVE-2018-8793 CVE-2018-8794 CVE-2018-8795 CVE-2018-8796 CVE-2018-8797 CVE-2018-8798 CVE-2018-8799 CVE-2018-8800
MLIST:[debian-lts-announce] 20190220 [SECURITY] [DLA 1685-1] drupal7 security update CVE-2019-6338
MLIST:[debian-lts-announce] 20190224 [SECURITY] [DLA 1686-1] freedink-dfarc security update CVE-2018-0496
MLIST:[debian-lts-announce] 20190225 [SECURITY] [DLA 1689-1] elfutils security update CVE-2017-7608 CVE-2017-7610 CVE-2017-7611 CVE-2017-7612 CVE-2017-7613 CVE-2018-16062 CVE-2018-18310 CVE-2018-18520 CVE-2018-18521 CVE-2019-7149 CVE-2019-7150 CVE-2019-7665
MLIST:[debian-lts-announce] 20190226 [SECURITY] [DLA 1690-1] liblivemedia security update CVE-2019-6256 CVE-2019-7314
MLIST:[debian-lts-announce] 20190226 [SECURITY] [DLA 1691-1] exiv2 security update CVE-2018-17581 CVE-2018-19107 CVE-2018-19108 CVE-2018-19535 CVE-2018-20097
MLIST:[debian-lts-announce] 20190227 [SECURITY] [DLA 1692-1] phpmyadmin security update CVE-2019-6799
MLIST:[debian-lts-announce] 20190227 [SECURITY] [DLA 1693-1] gpac security update CVE-2018-20760 CVE-2018-20761 CVE-2018-20762 CVE-2018-20763 CVE-2018-7752
MLIST:[debian-lts-announce] 20190228 [SECURITY] [DLA 1694-1] qemu security update CVE-2018-12617
MLIST:[debian-lts-announce] 20190228 [SECURITY] [DLA 1695-1] sox security update CVE-2017-15370 CVE-2017-15372 CVE-2017-15642 CVE-2017-18189
MLIST:[debian-lts-announce] 20190228 [SECURITY] [DLA 1698-1] file security update CVE-2019-8905 CVE-2019-8907
MLIST:[debian-lts-announce] 20190301 [SECURITY] [DLA 1696-1] ceph security update CVE-2018-14662 CVE-2018-16846
MLIST:[debian-lts-announce] 20190301 [SECURITY] [DLA 1699-1] ldb security update CVE-2019-3824
MLIST:[debian-lts-announce] 20190301 [SECURITY] [DLA 1700-1] uw-imap security update CVE-2018-19518
MLIST:[debian-lts-announce] 20190301 [SECURITY] [DLA 1701-1] openssl security update CVE-2019-1559
MLIST:[debian-lts-announce] 20190302 [SECURITY] [DLA 1702-1] advancecomp security update CVE-2018-1056 CVE-2019-9210
MLIST:[debian-lts-announce] 20190304 [SECURITY] [DLA 1703-1] jackson-databind security update CVE-2018-14718 CVE-2018-14719 CVE-2018-14720 CVE-2018-14721 CVE-2018-19360 CVE-2018-19361 CVE-2018-19362
MLIST:[debian-lts-announce] 20190305 [SECURITY] [DLA 1705-1] sox security update CVE-2017-11332 CVE-2017-11358 CVE-2017-11359 CVE-2017-15371
MLIST:[debian-lts-announce] 20190308 [SECURITY] [DLA 1706-1] poppler security update CVE-2018-19058 CVE-2018-20481 CVE-2018-20662 CVE-2019-7310 CVE-2019-9200
MLIST:[debian-lts-announce] 20190310 [SECURITY] [DLA 1707-1] symfony security update CVE-2017-16652 CVE-2017-16654 CVE-2018-11385 CVE-2018-11408 CVE-2018-14773 CVE-2018-19789 CVE-2018-19790
MLIST:[debian-lts-announce] 20190311 [SECURITY] [DLA 1708-1] zabbix security update CVE-2016-10742 CVE-2017-2826
MLIST:[debian-lts-announce] 20190313 [SECURITY] [DLA 1713-1] libsdl1.2 security update CVE-2019-7572 CVE-2019-7573 CVE-2019-7574 CVE-2019-7575 CVE-2019-7576 CVE-2019-7577 CVE-2019-7578 CVE-2019-7635 CVE-2019-7636 CVE-2019-7637 CVE-2019-7638
MLIST:[debian-lts-announce] 20190313 [SECURITY] [DLA 1714-1] libsdl2 security update CVE-2019-7572 CVE-2019-7573 CVE-2019-7574 CVE-2019-7575 CVE-2019-7576 CVE-2019-7577 CVE-2019-7578 CVE-2019-7635 CVE-2019-7636 CVE-2019-7637 CVE-2019-7638
MLIST:[debian-lts-announce] 20190315 [SECURITY] [DLA 1715-1] linux-4.9 security update CVE-2017-18249 CVE-2018-1128 CVE-2018-1129 CVE-2018-12896 CVE-2018-13053 CVE-2018-13096 CVE-2018-13097 CVE-2018-13100 CVE-2018-13406 CVE-2018-14610 CVE-2018-14611 CVE-2018-14612 CVE-2018-14613 CVE-2018-14614 CVE-2018-14616 CVE-2018-15471 CVE-2018-17972 CVE-2018-18281 CVE-2018-18690 CVE-2018-18710 CVE-2018-19407 CVE-2018-3639 CVE-2018-5391 CVE-2018-5848 CVE-2018-6554
MLIST:[debian-lts-announce] 20190318 [SECURITY] [DLA 1716-1] ikiwiki security update CVE-2019-9187
MLIST:[debian-lts-announce] 20190318 [SECURITY] [DLA 1717-1] rdflib security update CVE-2019-7653
MLIST:[debian-lts-announce] 20190318 [SECURITY] [DLA 1718-1] sqlalchemy security update CVE-2019-7164 CVE-2019-7548
MLIST:[debian-lts-announce] 20190318 [SECURITY] [DLA 1719-1] libjpeg-turbo security update CVE-2018-14498
MLIST:[debian-lts-announce] 20190318 [SECURITY] [DLA 1720-1] liblivemedia security update CVE-2019-9215
MLIST:[debian-lts-announce] 20190319 [SECURITY] [DLA 1721-1] otrs2 security update CVE-2019-9752
MLIST:[debian-lts-announce] 20190321 [SECURITY] [DLA 1722-1] firefox-esr security update CVE-2018-18506
MLIST:[debian-lts-announce] 20190321 [SECURITY] [DLA 1723-1] cron security update CVE-2017-9525 CVE-2019-9704 CVE-2019-9705 CVE-2019-9706
MLIST:[debian-lts-announce] 20190324 [SECURITY] [DLA 1725-1] rsync security update CVE-2016-9840 CVE-2016-9841 CVE-2016-9842 CVE-2016-9843 CVE-2018-5764
MLIST:[debian-lts-announce] 20190325 [SECURITY] [DLA 1726-1] bash security update CVE-2016-9401 CVE-2019-9924
MLIST:[debian-lts-announce] 20190325 [SECURITY] [DLA 1728-1] openssh security update CVE-2018-20685 CVE-2019-6109 CVE-2019-6111
MLIST:[debian-lts-announce] 20190325 [SECURITY] [DLA 1729-1] wireshark security update CVE-2017-9344 CVE-2017-9349 CVE-2019-9209
MLIST:[debian-lts-announce] 20190326 [SECURITY] [DLA 1730-1] libssh2 security update CVE-2019-3855 CVE-2019-3856 CVE-2019-3857 CVE-2019-3858 CVE-2019-3859 CVE-2019-3860 CVE-2019-3861 CVE-2019-3862 CVE-2019-3863
MLIST:[debian-lts-announce] 20190327 [SECURITY] [DLA 1731-1] linux security update CVE-2016-10741 CVE-2017-13305 CVE-2017-5753 CVE-2018-12896 CVE-2018-13053 CVE-2018-17972 CVE-2018-18281 CVE-2018-18690 CVE-2018-18710 CVE-2018-19824 CVE-2018-19985 CVE-2018-20169 CVE-2018-20511 CVE-2018-3639 CVE-2018-5848 CVE-2018-5953 CVE-2019-3701 CVE-2019-6974 CVE-2019-7221 CVE-2019-7222 CVE-2019-9213
MLIST:[debian-lts-announce] 20190327 [SECURITY] [DLA 1732-1] openjdk-7 security update CVE-2019-2422
MLIST:[debian-lts-announce] 20190328 [SECURITY] [DLA 1733-1] wpa security update CVE-2016-10743
MLIST:[debian-lts-announce] 20190328 [SECURITY] [DLA 1734-1] libraw security update CVE-2018-5800 CVE-2018-5801 CVE-2018-5802 CVE-2018-5808 CVE-2018-5817 CVE-2018-5818 CVE-2018-5819
MLIST:[debian-lts-announce] 20190329 [SECURITY] [DLA 1736-1] dovecot security update CVE-2019-7524
MLIST:[debian-lts-announce] 20190329 [SECURITY] [DLA 1737-1] pdns security update CVE-2019-3871
MLIST:[debian-lts-announce] 20190330 [SECURITY] [DLA 1738-1] gpsd security update CVE-2018-17937
MLIST:[debian-lts-announce] 20190330 [SECURITY] [DLA 1740-1] libav security update CVE-2015-1872 CVE-2017-1000460 CVE-2017-14058 CVE-2018-1999012 CVE-2018-6392
MLIST:[debian-lts-announce] 20190331 [SECURITY] [DLA 1739-1] rails security update CVE-2019-5418 CVE-2019-5419
MLIST:[debian-lts-announce] 20190331 [SECURITY] [DLA 1741-1] php5 security update CVE-2019-9022 CVE-2019-9637 CVE-2019-9638 CVE-2019-9639 CVE-2019-9640 CVE-2019-9641
MLIST:[debian-lts-announce] 20190331 [SECURITY] [DLA 1742-1] wordpress security update CVE-2019-8942 CVE-2019-9787
MLIST:[debian-lts-announce] 20190401 [SECURITY] [DLA 1731-2] linux regression update CVE-2016-10741 CVE-2017-13305 CVE-2017-5753 CVE-2018-12896 CVE-2018-13053 CVE-2018-17972 CVE-2018-18281 CVE-2018-18690 CVE-2018-18710 CVE-2018-19824 CVE-2018-19985 CVE-2018-20169 CVE-2018-20511 CVE-2018-3639 CVE-2018-5848 CVE-2018-5953 CVE-2019-3701 CVE-2019-6974 CVE-2019-7221 CVE-2019-7222 CVE-2019-9213
MLIST:[debian-lts-announce] 20190401 [SECURITY] [DLA 1743-1] thunderbird security update CVE-2018-18506
MLIST:[debian-lts-announce] 20190401 [SECURITY] [DLA 1746-1] drupal7 security update CVE-2019-6341
MLIST:[debian-lts-announce] 20190402 [SECURITY] [DLA 1730-2] libssh2 regression update CVE-2019-3859
MLIST:[debian-lts-announce] 20190402 [SECURITY] [DLA 1747-1] firmware-nonfree security update CVE-2018-5383
MLIST:[debian-lts-announce] 20190403 [SECURITY] [DLA 1748-1] apache2 security update CVE-2019-0217 CVE-2019-0220
MLIST:[debian-lts-announce] 20190403 [SECURITY] [DLA 1749-1] golang security update CVE-2019-9741
MLIST:[debian-lts-announce] 20190407 [SECURITY] [DLA 1750-1] roundup security update CVE-2019-10904
MLIST:[debian-lts-announce] 20190408 [SECURITY] [DLA 1751-1] suricata security update CVE-2018-10242 CVE-2018-10243
MLIST:[debian-lts-announce] 20190408 [SECURITY] [DLA 1752-1] poppler security update CVE-2019-9631
MLIST:[debian-lts-announce] 20190409 [SECURITY] [DLA 1754-1] samba security update CVE-2017-9461 CVE-2018-1050 CVE-2019-3880
MLIST:[debian-lts-announce] 20190413 [SECURITY] [DLA 1755-1] graphicsmagick security update CVE-2017-10799 CVE-2019-11006 CVE-2019-11007 CVE-2019-11008 CVE-2019-11009 CVE-2019-11010
MLIST:[debian-lts-announce] 20190415 [SECURITY] [DLA 1756-1] libxslt security update CVE-2019-11068
MLIST:[debian-lts-announce] 20190416 [SECURITY] [DLA 1757-1] cacti security update CVE-2019-11025
MLIST:[debian-lts-announce] 20190422 [SECURITY] [DLA 1759-1] clamav security update CVE-2019-1787 CVE-2019-1788
MLIST:[debian-lts-announce] 20190423 [SECURITY] [DLA 1761-1] ghostscript security update CVE-2019-3835 CVE-2019-3838
MLIST:[debian-lts-announce] 20190424 [SECURITY] [DLA 1762-1] systemd security update CVE-2017-18078 CVE-2019-3842
MLIST:[debian-lts-announce] 20190424 [SECURITY] [DLA 1763-1] putty security update CVE-2019-9894 CVE-2019-9897 CVE-2019-9898
MLIST:[debian-lts-announce] 20190425 [SECURITY] [DLA 1764-1] mercurial security update CVE-2019-3902
MLIST:[debian-lts-announce] 20190425 [SECURITY] [DLA 1765-1] gpac security update CVE-2019-11221 CVE-2019-11222
MLIST:[debian-lts-announce] 20190426 [SECURITY] [DLA 1766-1] evolution security update CVE-2018-15587
MLIST:[debian-lts-announce] 20190426 [SECURITY] [DLA 1767-1] monit security update CVE-2019-11454 CVE-2019-11455
MLIST:[debian-lts-announce] 20190428 [SECURITY] [DLA 1768-1] checkstyle security update CVE-2019-9658
MLIST:[debian-lts-announce] 20190428 [SECURITY] [DLA 1769-1] gst-plugins-base0.10 security update CVE-2019-9928
MLIST:[debian-lts-announce] 20190428 [SECURITY] [DLA 1770-1] gst-plugins-base1.0 security update CVE-2019-9928
MLIST:[debian-lts-announce] 20190430 [SECURITY] [DLA 1772-1] libvirt security update CVE-2016-10746
MLIST:[debian-lts-announce] 20190501 [SECURITY] [DLA 1773-1] signing-party security update CVE-2019-11627
MLIST:[debian-lts-announce] 20190503 [SECURITY] [DLA 1771-1] linux-4.9 security update CVE-2018-1000026 CVE-2018-19824 CVE-2018-19985 CVE-2018-20169 CVE-2019-3459 CVE-2019-3460 CVE-2019-3701 CVE-2019-6974 CVE-2019-7221 CVE-2019-7222 CVE-2019-8980 CVE-2019-9213
MLIST:[debian-lts-announce] 20190504 [SECURITY] [DLA 1775-1] phpbb3 security update CVE-2019-9826
MLIST:[debian-lts-announce] 20190505 [SECURITY] [DLA 1776-1] librecad security update CVE-2018-19105
MLIST:[debian-lts-announce] 20190506 [SECURITY] [DLA 1777-1] jquery security update CVE-2019-11358
MLIST:[debian-lts-announce] 20190506 [SECURITY] [DLA 1779-1] 389-ds-base security update CVE-2019-3883
MLIST:[debian-lts-announce] 20190509 [SECURITY] [DLA 1781-1] qemu security update CVE-2018-11806 CVE-2018-18849
MLIST:[debian-lts-announce] 20190510 [SECURITY] [DLA 1782-1] openjdk-7 security update CVE-2019-2602 CVE-2019-2684 CVE-2019-2698
MLIST:[debian-lts-announce] 20190512 [SECURITY] [DLA 1783-1] atftp security update CVE-2019-11365 CVE-2019-11366
MLIST:[debian-lts-announce] 20190514 [SECURITY] [DLA 1785-1] imagemagick security update CVE-2017-1000445 CVE-2017-1000476 CVE-2017-11446 CVE-2017-11523 CVE-2017-11537 CVE-2017-12140 CVE-2017-12430 CVE-2017-12432 CVE-2017-12435 CVE-2017-12563 CVE-2017-12587 CVE-2017-12643 CVE-2017-12670 CVE-2017-12674 CVE-2017-12691 CVE-2017-12692 CVE-2017-12693 CVE-2017-12875 CVE-2017-13133 CVE-2017-13142 CVE-2017-13145 CVE-2017-13658 CVE-2017-13768 CVE-2017-14060 CVE-2017-14172 CVE-2017-14173 CVE-2017-14174 CVE-2017-14175 CVE-2017-14249 CVE-2017-14341 CVE-2017-14400 CVE-2017-14505 CVE-2017-14532 CVE-2017-14624 CVE-2017-14625 CVE-2017-14626 CVE-2017-14739 CVE-2017-14741 CVE-2017-15015 CVE-2017-15017 CVE-2017-15281 CVE-2017-17682 CVE-2017-17914 CVE-2017-18271 CVE-2017-18273 CVE-2017-9500 CVE-2019-10650 CVE-2019-11597 CVE-2019-11598 CVE-2019-9956
MLIST:[debian-lts-announce] 20190514 [SECURITY] [DLA 1786-1] qt4-x11 security update CVE-2018-15518 CVE-2018-19869 CVE-2018-19870 CVE-2018-19871 CVE-2018-19873
MLIST:[debian-lts-announce] 20190519 [SECURITY] [DLA 1791-1] faad2 security update CVE-2018-20194 CVE-2018-20197 CVE-2018-20198 CVE-2018-20362
MLIST:[debian-lts-announce] 20190519 [SECURITY] [DLA 1792-1] ghostscript security update CVE-2019-3839
MLIST:[debian-lts-announce] 20190519 [SECURITY] [DLA 1793-1] dhcpcd5 security update CVE-2019-11579
MLIST:[debian-lts-announce] 20190520 [SECURITY] [DLA 1794-1] libspring-security-2.0-java security update CVE-2019-3795
MLIST:[debian-lts-announce] 20190520 [SECURITY] [DLA 1795-1] graphicsmagick security update CVE-2019-11473 CVE-2019-11474 CVE-2019-11505 CVE-2019-11506
MLIST:[debian-lts-announce] 20190520 [SECURITY] [DLA 1796-1] jruby security update CVE-2018-1000074 CVE-2018-1000075 CVE-2018-1000076 CVE-2018-1000077 CVE-2018-1000078
MLIST:[debian-lts-announce] 20190520 [SECURITY] [DLA 1797-1] drupal7 security update CVE-2019-11358 CVE-2019-11831
MLIST:[debian-lts-announce] 20190521 [SECURITY] [DLA 1798-1] jackson-databind security update CVE-2019-12086
MLIST:[debian-lts-announce] 20190523 [SECURITY] [DLA 1800-1] firefox-esr security update CVE-2018-18511 CVE-2019-7317 CVE-2019-9797
MLIST:[debian-lts-announce] 20190524 [SECURITY] [DLA 1801-1] zookeeper security update CVE-2019-0201
MLIST:[debian-lts-announce] 20190525 [SECURITY] [DLA 1802-1] wireshark security update CVE-2019-10894 CVE-2019-10895 CVE-2019-10899 CVE-2019-10901 CVE-2019-10903
MLIST:[debian-lts-announce] 20190525 [SECURITY] [DLA 1803-1] php5 security update CVE-2019-11034 CVE-2019-11035 CVE-2019-11036
MLIST:[debian-lts-announce] 20190526 [SECURITY] [DLA 1805-1] minissdpd security update CVE-2019-12106
MLIST:[debian-lts-announce] 20190527 [SECURITY] [DLA 1806-1] thunderbird security update CVE-2018-18511 CVE-2019-5798 CVE-2019-7317 CVE-2019-9797
MLIST:[debian-lts-announce] 20190527 [SECURITY] [DLA 1807-1] vcftools security update CVE-2018-11099 CVE-2018-11129 CVE-2018-11130
MLIST:[debian-lts-announce] 20190528 [SECURITY] [DLA 1799-1] linux security update CVE-2018-5995 CVE-2019-11190 CVE-2019-11486 CVE-2019-11599 CVE-2019-3459 CVE-2019-3460 CVE-2019-6133
MLIST:[debian-lts-announce] 20190528 [SECURITY] [DLA 1799-2] linux security update CVE-2018-5995 CVE-2019-11190 CVE-2019-11486 CVE-2019-11599 CVE-2019-3459 CVE-2019-3460 CVE-2019-6133
MLIST:[debian-lts-announce] 20190528 [SECURITY] [DLA 1808-1] sox security update CVE-2019-8354 CVE-2019-8355 CVE-2019-8356 CVE-2019-8357
MLIST:[debian-lts-announce] 20190529 [SECURITY] [DLA 1809-1] libav security update CVE-2018-15822 CVE-2019-11338
MLIST:[debian-lts-announce] 20190530 [SECURITY] [DLA 1810-1] tomcat7 security update CVE-2019-0221
MLIST:[debian-lts-announce] 20190530 [SECURITY] [DLA 1811-1] miniupnpd security update CVE-2017-1000494 CVE-2019-12107 CVE-2019-12108 CVE-2019-12109 CVE-2019-12110 CVE-2019-12111
MLIST:[debian-lts-announce] 20190531 [SECURITY] [DLA 1812-1] doxygen security update CVE-2016-10245
MLIST:[debian-lts-announce] 20190605 [SECURITY] [DLA 1814-1] python-django security update CVE-2019-12308
MLIST:[debian-lts-announce] 20190606 [SECURITY] [DLA 1815-1] poppler security update CVE-2019-10872 CVE-2019-12293 CVE-2019-12360
MLIST:[debian-lts-announce] 20190611 [SECURITY] [DLA 1817-1] libgd2 security update CVE-2019-11038
MLIST:[debian-lts-announce] 20190614 [SECURITY] [DLA 1818-1] dbus security update CVE-2019-12749
MLIST:[debian-lts-announce] 20190616 [SECURITY] [DLA 1819-1] pyxdg security update CVE-2019-12761
MLIST:[debian-lts-announce] 20190616 [SECURITY] [DLA 1822-1] php-horde-form security update CVE-2019-9858
MLIST:[debian-lts-announce] 20190617 [SECURITY] [DLA 1821-1] phpmyadmin security update CVE-2016-6606 CVE-2016-6607 CVE-2016-6611 CVE-2016-6612 CVE-2016-6613 CVE-2016-6624 CVE-2016-6626 CVE-2016-6627 CVE-2016-6628 CVE-2016-6630 CVE-2016-6631 CVE-2016-6632 CVE-2016-9849 CVE-2016-9850 CVE-2016-9861 CVE-2016-9864 CVE-2019-12616
MLIST:[debian-lts-announce] 20190617 [SECURITY] [DLA 1823-1] linux security update CVE-2019-11810 CVE-2019-11833 CVE-2019-11884 CVE-2019-5489
MLIST:[debian-lts-announce] 20190618 [SECURITY] [DLA 1824-1] linux-4.9 security update CVE-2019-11486 CVE-2019-11599 CVE-2019-11815 CVE-2019-11833 CVE-2019-11884 CVE-2019-5489
MLIST:[debian-lts-announce] 20190618 [SECURITY] [DLA 1825-1] kdepim security update CVE-2019-10732
MLIST:[debian-lts-announce] 20190618 [SECURITY] [DLA 1826-1] glib2.0 security update CVE-2019-12450
MLIST:[debian-lts-announce] 20190619 [SECURITY] [DLA 1827-1] gvfs security update CVE-2019-12795
MLIST:[debian-lts-announce] 20190620 [SECURITY] [DLA 1789-2] intel-microcode security update CVE-2018-12126 CVE-2018-12127 CVE-2018-12130 CVE-2019-11091
MLIST:[debian-lts-announce] 20190620 [SECURITY] [DLA 1828-1] python-urllib3 security update CVE-2019-11236
MLIST:[debian-lts-announce] 20190620 [SECURITY] [DLA 1830-1] znc security update CVE-2019-12816
MLIST:[debian-lts-announce] 20190621 [SECURITY] [DLA 1831-1] jackson-databind security update CVE-2019-12384 CVE-2019-12814
MLIST:[debian-lts-announce] 20190624 [SECURITY] [DLA 1833-1] bzip2 security update CVE-2016-3189 CVE-2019-12900
MLIST:[debian-lts-announce] 20190625 [SECURITY] [DLA 1834-1] python2.7 security update CVE-2018-14647 CVE-2019-9636 CVE-2019-9740 CVE-2019-9947 CVE-2019-9948
MLIST:[debian-lts-announce] 20190625 [SECURITY] [DLA 1835-1] python3.4 security update CVE-2018-14647 CVE-2019-9636 CVE-2019-9740 CVE-2019-9947
MLIST:[debian-lts-announce] 20190625 [SECURITY] [DLA 1835-2] python3.4 regression update CVE-2019-9740 CVE-2019-9947
MLIST:[debian-lts-announce] 20190628 [SECURITY] [DLA 1838-1] mupdf security update CVE-2018-5686 CVE-2018-6192 CVE-2019-6130
MLIST:[debian-lts-announce] 20190629 [SECURITY] [DLA 1839-1] expat security update CVE-2018-20843
MLIST:[debian-lts-announce] 20190630 [SECURITY] [DLA 1840-1] golang-go.crypto security update CVE-2019-11840
MLIST:[debian-lts-announce] 20190630 [SECURITY] [DLA 1841-1] gpac security update CVE-2019-12481 CVE-2019-12482 CVE-2019-12483
MLIST:[debian-lts-announce] 20190701 [SECURITY] [DLA 1842-1] python-django security update CVE-2019-12308
MLIST:[debian-lts-announce] 20190704 [SECURITY] [DLA 1844-1] lemonldap-ng security update CVE-2019-13031
MLIST:[debian-lts-announce] 20190707 [SECURITY] [DLA 1845-1] dosbox security update CVE-2019-12594 CVE-2019-7165
MLIST:[debian-lts-announce] 20190707 [SECURITY] [DLA 1846-1] unzip security update CVE-2019-13232
MLIST:[debian-lts-announce] 20190707 [SECURITY] [DLA 1847-1] squid3 security update CVE-2019-13345
MLIST:[debian-lts-announce] 20190708 [SECURITY] [DLA 1849-1] zeromq3 security update CVE-2019-13132
MLIST:[debian-lts-announce] 20190709 [SECURITY] [DLA 1848-1] libspring-security-2.0-java security update CVE-2019-11272
MLIST:[debian-lts-announce] 20190710 [SECURITY] [DLA 1851-1] openjpeg2 security update CVE-2016-9112 CVE-2018-20847
MLIST:[debian-lts-announce] 20190711 [SECURITY] [DLA 1852-1] python3.4 security update CVE-2019-9948
MLIST:[debian-lts-announce] 20190713 [SECURITY] [DLA 1853-1] libspring-java security update CVE-2014-3578 CVE-2014-3625 CVE-2015-3192 CVE-2015-5211 CVE-2016-9878
MLIST:[debian-lts-announce] 20190717 [SECURITY] [DLA 1854-1] libonig security update CVE-2019-13224
MLIST:[debian-lts-announce] 20190718 [SECURITY] [DLA 1833-2] bzip2 regression update CVE-2019-12900
MLIST:[debian-lts-announce] 20190719 [SECURITY] [DLA 1855-1] exiv2 security update CVE-2019-13504
MLIST:[debian-lts-announce] 20190719 [SECURITY] [DLA 1856-1] patch security update CVE-2019-13636
MLIST:[debian-lts-announce] 20190720 [SECURITY] [DLA 1858-1] squid3 security update CVE-2019-12525 CVE-2019-12529
MLIST:[debian-lts-announce] 20190722 [SECURITY] [DLA 1860-1] libxslt security update CVE-2016-4609 CVE-2016-4610 CVE-2019-13117 CVE-2019-13118
MLIST:[debian-lts-announce] 20190722 [SECURITY] [DLA 1861-1] libsdl2-image security update CVE-2018-3977 CVE-2019-12216 CVE-2019-12217 CVE-2019-12218 CVE-2019-12219 CVE-2019-12220 CVE-2019-12221 CVE-2019-12222 CVE-2019-5052 CVE-2019-7635
MLIST:[debian-lts-announce] 20190723 [SECURITY] [DLA 1862-1] linux security update CVE-2019-10639 CVE-2019-13272 CVE-2019-2101
MLIST:[debian-lts-announce] 20190723 [SECURITY] [DLA 1863-1] linux-4.9 security update CVE-2019-13272
MLIST:[debian-lts-announce] 20190725 [SECURITY] [DLA 1730-3] libssh2 regression update CVE-2019-13115 CVE-2019-3859
MLIST:[debian-lts-announce] 20190727 [SECURITY] [DLA 1865-1] sdl-image1.2 security update CVE-2018-3977 CVE-2019-12216 CVE-2019-12217 CVE-2019-12218 CVE-2019-12219 CVE-2019-12220 CVE-2019-12221 CVE-2019-12222 CVE-2019-5051 CVE-2019-5052 CVE-2019-7635
MLIST:[debian-lts-announce] 20190728 [SECURITY] [DLA 1846-2] unzip regression update CVE-2019-13232
MLIST:[debian-lts-announce] 20190730 [SECURITY] [DLA 1730-4] libssh2 regression update CVE-2019-3860
MLIST:[debian-lts-announce] 20190731 [SECURITY] [DLA 1866-1] glib2.0 security update CVE-2018-16428 CVE-2018-16429 CVE-2019-13012
MLIST:[debian-lts-announce] 20190731 [SECURITY] [DLA 1867-1] wpa security update CVE-2019-11555 CVE-2019-9495 CVE-2019-9497 CVE-2019-9498 CVE-2019-9499
MLIST:[debian-lts-announce] 20190801 [SECURITY] [DLA 1868-1] squirrelmail security update CVE-2019-12970
MLIST:[debian-lts-announce] 20190802 [SECURITY] [DLA 1869-1] firefox-esr security update CVE-2019-11709 CVE-2019-11711 CVE-2019-11712 CVE-2019-11713 CVE-2019-11715 CVE-2019-11717 CVE-2019-11730 CVE-2019-9811
MLIST:[debian-lts-announce] 20190802 [SECURITY] [DLA 1870-1] thunderbird security update CVE-2019-11709 CVE-2019-11711 CVE-2019-11712 CVE-2019-11713 CVE-2019-11715 CVE-2019-11717 CVE-2019-11730 CVE-2019-9811
MLIST:[debian-lts-announce] 20190803 [SECURITY] [DLA 1871-1] vim security update CVE-2017-11109 CVE-2017-17087 CVE-2019-12735
MLIST:[debian-lts-announce] 20190805 [SECURITY] [DLA 1866-2] glib2.0 regression update CVE-2019-13012
MLIST:[debian-lts-announce] 20190807 [SECURITY] [DLA 1873-1] proftpd-dfsg security update CVE-2019-12815
MLIST:[debian-lts-announce] 20190812 [SECURITY] [DLA 1878-1] php5 security update CVE-2019-11041 CVE-2019-11042
MLIST:[debian-lts-announce] 20190812 [SECURITY] [DLA 1879-1] jackson-databind security update CVE-2019-14379 CVE-2019-14439
MLIST:[debian-lts-announce] 20190813 [SECURITY] [DLA 1881-1] evince security update CVE-2017-1000159 CVE-2019-1010006 CVE-2019-11459
MLIST:[debian-lts-announce] 20190813 [SECURITY] [DLA 1882-1] atril security update CVE-2017-1000159 CVE-2019-1010006 CVE-2019-11459
MLIST:[debian-lts-announce] 20190813 [SECURITY] [DLA 1883-1] tomcat8 security update CVE-2018-8014 CVE-2019-0221
MLIST:[debian-lts-announce] 20190814 [SECURITY] [DLA 1877-1] otrs2 security update CVE-2018-11563
MLIST:[debian-lts-announce] 20190814 [SECURITY] [DLA 1884-1] linux security update CVE-2017-18509 CVE-2018-20836 CVE-2019-10638 CVE-2019-13631 CVE-2019-14283 CVE-2019-14284
MLIST:[debian-lts-announce] 20190814 [SECURITY] [DLA 1885-1] linux-4.9 security update CVE-2017-18509 CVE-2018-20836 CVE-2018-20856 CVE-2018-5995 CVE-2019-10638 CVE-2019-10639 CVE-2019-13631 CVE-2019-13648 CVE-2019-14283 CVE-2019-14284
MLIST:[debian-lts-announce] 20190815 [SECURITY] [DLA 1886-1] openjdk-7 security update CVE-2019-2745 CVE-2019-2762 CVE-2019-2769 CVE-2019-2816
MLIST:[debian-lts-announce] 20190815 [SECURITY] [DLA 1887-1] freetype security update CVE-2015-9290
MLIST:[debian-lts-announce] 20190816 [SECURITY] [DLA 1888-1] imagemagick security update CVE-2019-12974 CVE-2019-13135 CVE-2019-13295 CVE-2019-13297 CVE-2019-13304 CVE-2019-13305 CVE-2019-13306
MLIST:[debian-lts-announce] 20190817 [SECURITY] [DLA 1889-1] python3.4 security update CVE-2018-20852
MLIST:[debian-lts-announce] 20190818 [SECURITY] [DLA 1890-1] kde4libs security update CVE-2019-14744
MLIST:[debian-lts-announce] 20190818 [SECURITY] [DLA 1891-1] openldap security update CVE-2019-13057 CVE-2019-13565
MLIST:[debian-lts-announce] 20190820 [SECURITY] [DLA 1892-1] flask security update CVE-2018-1000656
MLIST:[debian-lts-announce] 20190823 [SECURITY] [DLA 1894-1] libapache2-mod-auth-openidc security CVE-2019-1010247
MLIST:[debian-lts-announce] 20190823 [SECURITY] [DLA 1895-1] libmspack security update CVE-2019-1010305
MLIST:[debian-lts-announce] 20190824 [SECURITY] [DLA 1896-1] commons-beanutils security update CVE-2019-10086
MLIST:[debian-lts-announce] 20190825 [SECURITY] [DLA 1897-1] tiff security update CVE-2019-14973
MLIST:[debian-lts-announce] 20190828 [SECURITY] [DLA 1899-1] faad2 security update CVE-2018-19502 CVE-2018-20196 CVE-2018-20199 CVE-2018-20360 CVE-2019-15296 CVE-2019-6956
MLIST:[debian-lts-announce] 20190828 [SECURITY] [DLA 1900-1] apache2 security update CVE-2019-10092
MLIST:[debian-lts-announce] 20190829 [SECURITY] [DLA 1901-1] dovecot security update CVE-2019-11500
MLIST:[debian-lts-announce] 20190829 [SECURITY] [DLA 1902-1] djvulibre security update CVE-2019-15142 CVE-2019-15143 CVE-2019-15144 CVE-2019-15145
MLIST:[debian-lts-announce] 20190830 [SECURITY] [DLA 1904-1] libextractor security update CVE-2019-15531
MLIST:[debian-lts-announce] 20190831 [SECURITY] [DLA 1906-1] python2.7 security update CVE-2018-20852
MLIST:[debian-lts-announce] 20190902 [SECURITY] [DLA 1907-1] libav security update CVE-2017-9987 CVE-2018-11102 CVE-2018-5766 CVE-2019-14372 CVE-2019-14442
MLIST:[debian-lts-announce] 20190904 [SECURITY] [DLA 1909-1] freetype security update CVE-2015-9381 CVE-2015-9382 CVE-2015-9383
MLIST:[debian-lts-announce] 20190906 [SECURITY] [DLA 1911-1] exim4 security update CVE-2019-15846
MLIST:[debian-lts-announce] 20190907 [SECURITY] [DLA 1913-1] memcached security update CVE-2019-15026
MLIST:[debian-lts-announce] 20190909 [SECURITY] [DLA 1915-1] ghostscript security update CVE-2019-14811 CVE-2019-14813 CVE-2019-14817
MLIST:[debian-lts-announce] 20190911 [SECURITY] [DLA 1916-1] opensc security update CVE-2018-16391 CVE-2018-16392 CVE-2018-16393 CVE-2018-16418 CVE-2018-16419 CVE-2018-16420 CVE-2018-16421 CVE-2018-16422 CVE-2018-16423 CVE-2018-16424 CVE-2018-16425 CVE-2018-16426 CVE-2018-16427 CVE-2019-15945 CVE-2019-15946
MLIST:[debian-lts-announce] 20190912 [SECURITY] [DLA 1918-1] libonig security update CVE-2019-16163
MLIST:[debian-lts-announce] 20190913 [SECURITY] [DLA 1920-1] golang-go.crypto security update CVE-2019-11841
MLIST:[debian-lts-announce] 20190913 [SECURITY] [DLA 1921-1] dnsmasq security update CVE-2019-14513
MLIST:[debian-lts-announce] 20190914 [SECURITY] [DLA 1919-1] linux-4.9 security update CVE-2019-0136 CVE-2019-11487 CVE-2019-15211 CVE-2019-15212 CVE-2019-15215 CVE-2019-15216 CVE-2019-15218 CVE-2019-15219 CVE-2019-15220 CVE-2019-15221 CVE-2019-15292 CVE-2019-15538 CVE-2019-15666 CVE-2019-15807 CVE-2019-15924 CVE-2019-15926 CVE-2019-9506
MLIST:[debian-lts-announce] 20190915 [SECURITY] [DLA 1919-2] linux-4.9 security update CVE-2019-0136 CVE-2019-11487 CVE-2019-15211 CVE-2019-15212 CVE-2019-15215 CVE-2019-15216 CVE-2019-15218 CVE-2019-15219 CVE-2019-15220 CVE-2019-15221 CVE-2019-15292 CVE-2019-15538 CVE-2019-15666 CVE-2019-15807 CVE-2019-15924 CVE-2019-15926 CVE-2019-9506
MLIST:[debian-lts-announce] 20190916 [SECURITY] [DLA 1922-1] wpa security update CVE-2019-16275
MLIST:[debian-lts-announce] 20190916 [SECURITY] [DLA 1923-1] ansible security update CVE-2015-3908 CVE-2015-6240 CVE-2018-10875 CVE-2019-10156
MLIST:[debian-lts-announce] 20190916 [SECURITY] [DLA 1924-1] python3.4 security update CVE-2019-16056
MLIST:[debian-lts-announce] 20190916 [SECURITY] [DLA 1925-1] python2.7 security update CVE-2019-16056
MLIST:[debian-lts-announce] 20190920 [SECURITY] [DLA 1927-1] qemu security update CVE-2017-9375 CVE-2019-12068 CVE-2019-12155 CVE-2019-13164 CVE-2019-14378 CVE-2019-15890
MLIST:[debian-lts-announce] 20190920 [SECURITY] [DLA 1929-1] php-pecl-http security update CVE-2016-7398
MLIST:[debian-lts-announce] 20190924 [SECURITY] [DLA 1931-1] libgcrypt20 security update CVE-2019-13627
MLIST:[debian-lts-announce] 20190925 [SECURITY] [DLA 1930-1] linux security update CVE-2016-10905 CVE-2018-20976 CVE-2018-21008 CVE-2019-0136 CVE-2019-15117 CVE-2019-15118 CVE-2019-15211 CVE-2019-15212 CVE-2019-15215 CVE-2019-15218 CVE-2019-15219 CVE-2019-15220 CVE-2019-15221 CVE-2019-15292 CVE-2019-15807 CVE-2019-15917 CVE-2019-15926 CVE-2019-9506
MLIST:[debian-lts-announce] 20190925 [SECURITY] [DLA 1932-1] openssl security update CVE-2019-1547 CVE-2019-1563
MLIST:[debian-lts-announce] 20190926 [SECURITY] [DLA 1933-1] ruby-nokogiri security update CVE-2019-5477
MLIST:[debian-lts-announce] 20190928 [SECURITY] [DLA 1934-1] cimg security update CVE-2018-7588 CVE-2018-7589 CVE-2018-7637 CVE-2018-7638 CVE-2018-7639 CVE-2018-7640 CVE-2018-7641 CVE-2019-1010174
MLIST:[debian-lts-announce] 20190928 [SECURITY] [DLA 1935-1] e2fsprogs security update CVE-2019-5094
MLIST:[debian-lts-announce] 20190928 [SECURITY] [DLA 1936-1] cups security update CVE-2018-4300
MLIST:[debian-lts-announce] 20190928 [SECURITY] [DLA 1937-1] httpie security update CVE-2019-10751
MLIST:[debian-lts-announce] 20190930 [SECURITY] [DLA 1900-2] apache2 regression update CVE-2019-10092
MLIST:[debian-lts-announce] 20190930 [SECURITY] [DLA 1938-1] file-roller security update CVE-2019-16680
MLIST:[debian-lts-announce] 20190930 [SECURITY] [DLA 1939-1] poppler security update CVE-2018-20650 CVE-2018-21009 CVE-2019-12493
MLIST:[debian-lts-announce] 20190930 [SECURITY] [DLA 1941-1] netty security update CVE-2019-16869
MLIST:[debian-lts-announce] 20190930 [SECURITY] [DLA 1942-1] phpbb3 security update CVE-2019-16993
MLIST:[debian-lts-announce] 20191001 [SECURITY] [DLA 1940-1] linux-4.9 security update CVE-2019-15117 CVE-2019-15118 CVE-2019-15902
MLIST:[debian-lts-announce] 20191002 [SECURITY] [DLA 1943-1] jackson-databind security update CVE-2019-14540 CVE-2019-16335 CVE-2019-16942 CVE-2019-16943
MLIST:[debian-lts-announce] 20191004 [SECURITY] [DLA 1945-1] openconnect security update CVE-2019-16239
MLIST:[debian-lts-announce] 20191005 [SECURITY] [DLA 1946-1] novnc security update CVE-2017-18635
MLIST:[debian-lts-announce] 20191006 [SECURITY] [DLA 1947-1] libreoffice security update CVE-2019-9848 CVE-2019-9849 CVE-2019-9850 CVE-2019-9851 CVE-2019-9852 CVE-2019-9853 CVE-2019-9854
MLIST:[debian-lts-announce] 20191007 [SECURITY] [DLA 1942-2] phpbb3 regression update CVE-2019-16993
MLIST:[debian-lts-announce] 20191007 [SECURITY] [DLA 1948-1] ruby-mini-magick security update CVE-2019-13574
MLIST:[debian-lts-announce] 20191008 [SECURITY] [DLA 1949-1] xen security update CVE-2018-19961 CVE-2018-19962 CVE-2018-19966
MLIST:[debian-lts-announce] 20191008 [SECURITY] [DLA 1950-1] openjpeg2 security update CVE-2018-21010
MLIST:[debian-lts-announce] 20191009 [SECURITY] [DLA 1951-1] libtomcrypt security update CVE-2019-17362
MLIST:[debian-lts-announce] 20191010 [SECURITY] [DLA 1953-1] clamav security update CVE-2019-12900
MLIST:[debian-lts-announce] 20191010 [SECURITY] [DLA 1954-1] lucene-solr security update CVE-2019-0193
MLIST:[debian-lts-announce] 20191011 [SECURITY] [DLA 1955-1] tcpdump security update CVE-2018-10103 CVE-2018-10105 CVE-2018-14461 CVE-2018-14462 CVE-2018-14463 CVE-2018-14464 CVE-2018-14465 CVE-2018-14466 CVE-2018-14467 CVE-2018-14468 CVE-2018-14469 CVE-2018-14470 CVE-2018-14879 CVE-2018-14880 CVE-2018-14881 CVE-2018-14882 CVE-2018-16227 CVE-2018-16228 CVE-2018-16229 CVE-2018-16230 CVE-2018-16300 CVE-2018-16451 CVE-2018-16452 CVE-2019-15166
MLIST:[debian-lts-announce] 20191011 [SECURITY] [DLA 1956-1] ruby-openid security update CVE-2019-11027
MLIST:[debian-lts-announce] 20191014 [SECURITY] [DLA 1953-2] clamav regression update CVE-2019-12900
MLIST:[debian-lts-announce] 20191014 [SECURITY] [DLA 1959-1] xtrlock security update CVE-2016-10894
MLIST:[debian-lts-announce] 20191017 [SECURITY] [DLA 1713-2] libsdl1.2 regression update CVE-2019-7572 CVE-2019-7573 CVE-2019-7574 CVE-2019-7575 CVE-2019-7576 CVE-2019-7577 CVE-2019-7578 CVE-2019-7635 CVE-2019-7636 CVE-2019-7637 CVE-2019-7638
MLIST:[debian-lts-announce] 20191017 [SECURITY] [DLA 1714-2] libsdl2 regression update CVE-2019-7572 CVE-2019-7573 CVE-2019-7574 CVE-2019-7575 CVE-2019-7576 CVE-2019-7577 CVE-2019-7578 CVE-2019-7635 CVE-2019-7636 CVE-2019-7637 CVE-2019-7638
MLIST:[debian-lts-announce] 20191017 [SECURITY] [DLA 1960-1] wordpress security update CVE-2019-16217 CVE-2019-16218 CVE-2019-16219 CVE-2019-16220 CVE-2019-16221 CVE-2019-16222 CVE-2019-16223
MLIST:[debian-lts-announce] 20191017 [SECURITY] [DLA 1963-1] poppler security update CVE-2019-10871 CVE-2019-9959
MLIST:[debian-lts-announce] 20191017 [SECURITY] [DLA 1964-1] sudo security update CVE-2019-14287
MLIST:[debian-lts-announce] 20191018 [SECURITY] [DLA 1963-2] poppler regression update CVE-2019-10871
MLIST:[debian-lts-announce] 20191019 [SECURITY] [DLA 1965-1] nfs-utils security update CVE-2019-3689
MLIST:[debian-lts-announce] 20191019 [SECURITY] [DLA 1966-1] aspell security update CVE-2019-17544
MLIST:[debian-lts-announce] 20191021 [SECURITY] [DLA 1961-1] milkytracker security update CVE-2019-14464 CVE-2019-14496 CVE-2019-14497
MLIST:[debian-lts-announce] 20191021 [SECURITY] [DLA 1962-1] graphite-web security update CVE-2017-18638
MLIST:[debian-lts-announce] 20191021 [SECURITY] [DLA 1967-1] libpcap security update CVE-2019-15165
MLIST:[debian-lts-announce] 20191021 [SECURITY] [DLA 1968-1] imagemagick security update CVE-2019-11470 CVE-2019-14981 CVE-2019-15139 CVE-2019-15140
MLIST:[debian-lts-announce] 20191023 [SECURITY] [DLA 1969-1] file security update CVE-2019-18218
MLIST:[debian-lts-announce] 20191026 [SECURITY] [DLA 1971-1] libarchive security update CVE-2019-18408
MLIST:[debian-lts-announce] 20191026 [SECURITY] [DLA 1972-1] mosquitto security update CVE-2017-7655 CVE-2018-12550 CVE-2018-12551 CVE-2019-11779
MLIST:[debian-lts-announce] 20191027 [SECURITY] [DLA 1973-1] libxslt security update CVE-2019-18197
MLIST:[debian-lts-announce] 20191027 [SECURITY] [DLA 1974-1] proftpd-dfsg security update CVE-2019-18217
MLIST:[debian-lts-announce] 20191028 [SECURITY] [DLA 1975-1] spip security update CVE-2019-16391 CVE-2019-16392 CVE-2019-16393 CVE-2019-16394
MLIST:[debian-lts-announce] 20191030 [SECURITY] [DLA 1976-1] imapfilter security update CVE-2016-10937
MLIST:[debian-lts-announce] 20191030 [SECURITY] [DLA 1977-1] libvncserver security update CVE-2019-15681
MLIST:[debian-lts-announce] 20191030 [SECURITY] [DLA 1979-1] italc security update CVE-2014-6051 CVE-2014-6052 CVE-2014-6053 CVE-2014-6054 CVE-2014-6055 CVE-2016-9941 CVE-2016-9942 CVE-2018-15126 CVE-2018-15127 CVE-2018-20019 CVE-2018-20020 CVE-2018-20021 CVE-2018-20022 CVE-2018-20023 CVE-2018-20024 CVE-2018-20748 CVE-2018-20749 CVE-2018-20750 CVE-2018-6307 CVE-2018-7225 CVE-2019-15681
MLIST:[debian-lts-announce] 20191105 [SECURITY] [DLA 1980-1] wordpress security update CVE-2019-17669 CVE-2019-17670 CVE-2019-17671 CVE-2019-17675
MLIST:[debian-lts-announce] 20191106 [SECURITY] [DLA 1982-1] openafs security update CVE-2019-18601 CVE-2019-18602 CVE-2019-18603
MLIST:[debian-lts-announce] 20191106 [SECURITY] [DLA 1983-1] simplesamlphp security update CVE-2019-3465
MLIST:[debian-lts-announce] 20191108 [SECURITY] [DLA 1985-1] djvulibre security update CVE-2019-18804
MLIST:[debian-lts-announce] 20191109 [SECURITY] [DLA 1984-1] gdal security update CVE-2019-17545
MLIST:[debian-lts-announce] 20191110 [SECURITY] [DLA 1986-1] ruby-haml security update CVE-2017-1002201
MLIST:[debian-lts-announce] 20191110 [SECURITY] [DLA 1987-1] firefox-esr security update CVE-2019-15903
MLIST:[debian-lts-announce] 20191111 [SECURITY] [DLA 1988-1] ampache security update CVE-2019-12385 CVE-2019-12386
MLIST:[debian-lts-announce] 20191113 [SECURITY] [DLA 1991-1] libssh2 security update CVE-2019-17498
MLIST:[debian-lts-announce] 20191115 [SECURITY] [DLA 1993-1] mesa security update CVE-2019-5068
MLIST:[debian-lts-announce] 20191118 [SECURITY] [DLA 1997-1] thunderbird security update CVE-2019-11755 CVE-2019-15903
MLIST:[debian-lts-announce] 20191118 [SECURITY] [DLA 1998-1] python-psutil security update CVE-2019-18874
MLIST:[debian-lts-announce] 20191123 [SECURITY] [DLA 2000-1] pam-python security update CVE-2019-16729
MLIST:[debian-lts-announce] 20191123 [SECURITY] [DLA 2001-1] libofx security update CVE-2019-9656
MLIST:[debian-lts-announce] 20191124 [SECURITY] [DLA 2003-1] isc-dhcp security update CVE-2016-2774
MLIST:[debian-lts-announce] 20191125 [SECURITY] [DLA 2007-1] ruby2.1 security update CVE-2019-15845
MLIST:[debian-lts-announce] 20191126 [SECURITY] [DLA 2009-1] tiff security update CVE-2017-17095 CVE-2018-12900 CVE-2018-18661 CVE-2019-17546 CVE-2019-6128
MLIST:[debian-lts-announce] 20191126 [SECURITY] [DLA 2010-1] bsdiff security update CVE-2014-9862
MLIST:[debian-lts-announce] 20191126 [SECURITY] [DLA 2011-1] xmlrpc-epi security update CVE-2016-6296
MLIST:[debian-lts-announce] 20191126 [SECURITY] [DLA 2012-1] libvpx security update CVE-2019-9232 CVE-2019-9433
MLIST:[debian-lts-announce] 20191127 [SECURITY] [DLA 2013-1] libvorbis security update CVE-2017-14160 CVE-2018-10392 CVE-2018-10393
MLIST:[debian-lts-announce] 20191129 [SECURITY] [DLA 2005-1] tnef security update CVE-2019-18849
MLIST:[debian-lts-announce] 20191129 [SECURITY] [DLA 2014-1] vino security update CVE-2014-6053 CVE-2018-7225 CVE-2019-15681
MLIST:[debian-lts-announce] 20191129 [SECURITY] [DLA 2016-1] ssvnc security update CVE-2018-20020 CVE-2018-20021 CVE-2018-20022 CVE-2018-20024
MLIST:[debian-lts-announce] 20191130 [SECURITY] [DLA 2017-1] asterisk security update CVE-2019-13161 CVE-2019-18610 CVE-2019-18790
MLIST:[debian-lts-announce] 20191130 [SECURITY] [DLA 2018-1] proftpd-dfsg security update CVE-2019-19269
MLIST:[debian-lts-announce] 20191202 [SECURITY] [DLA 2019-1] exiv2 security update CVE-2019-17402
MLIST:[debian-lts-announce] 20191204 [SECURITY] [DLA 2020-1] libonig security update CVE-2019-19012 CVE-2019-19204 CVE-2019-19246
MLIST:[debian-lts-announce] 20191205 [SECURITY] [DLA 2021-1] libav security update CVE-2017-17127 CVE-2017-18245 CVE-2018-19128 CVE-2018-19130 CVE-2019-14443 CVE-2019-17542
MLIST:[debian-lts-announce] 20191206 [SECURITY] [DLA 2022-1] librabbitmq security update CVE-2019-18609
MLIST:[debian-lts-announce] 20191207 [SECURITY] [DLA 2023-1] openjdk-7 security update CVE-2019-2894 CVE-2019-2933 CVE-2019-2945 CVE-2019-2949 CVE-2019-2958 CVE-2019-2962 CVE-2019-2964 CVE-2019-2973 CVE-2019-2978 CVE-2019-2981 CVE-2019-2983 CVE-2019-2987 CVE-2019-2988 CVE-2019-2989 CVE-2019-2992 CVE-2019-2999
MLIST:[debian-lts-announce] 20191208 [SECURITY] [DLA 2024-1] phpmyadmin security update CVE-2019-19617
MLIST:[debian-lts-announce] 20191209 [SECURITY] [DLA 2026-1] htmldoc security update CVE-2019-19630
MLIST:[debian-lts-announce] 20191210 [SECURITY] [DLA 2027-1] jruby security update CVE-2017-17742 CVE-2019-16201 CVE-2019-16254 CVE-2019-16255
MLIST:[debian-lts-announce] 20191210 [SECURITY] [DLA 2028-1] squid3 security update CVE-2019-12526 CVE-2019-18677 CVE-2019-18678 CVE-2019-18679
MLIST:[debian-lts-announce] 20191210 [SECURITY] [DLA 2030-1] jackson-databind security update CVE-2019-17267 CVE-2019-17531
MLIST:[debian-lts-announce] 20191210 [SECURITY] [DLA 2031-1] freeimage security update CVE-2019-12211 CVE-2019-12213
MLIST:[debian-lts-announce] 20191214 [SECURITY] [DLA 2033-1] php-horde security update CVE-2019-12095
MLIST:[debian-lts-announce] 20191214 [SECURITY] [DLA 2034-1] davical security update CVE-2019-18345 CVE-2019-18346 CVE-2019-18347
MLIST:[debian-lts-announce] 20191215 [SECURITY] [DLA 2035-1] libpgf security update CVE-2015-6673
MLIST:[debian-lts-announce] 20191216 [SECURITY] [DLA 2037-1] spamassassin security update CVE-2018-11805 CVE-2019-12420
MLIST:[debian-lts-announce] 20191217 [SECURITY] [DLA 2038-1] libssh security update CVE-2019-14889
MLIST:[debian-lts-announce] 20191217 [SECURITY] [DLA 2039-1] libvorbis security update CVE-2017-11333 CVE-2017-14633
MLIST:[debian-lts-announce] 20191217 [SECURITY] [DLA 2040-1] harfbuzz security update CVE-2015-8947
MLIST:[debian-lts-announce] 20191218 [SECURITY] [DLA 2041-1] debian-edu-config security update CVE-2019-3467
MLIST:[debian-lts-announce] 20191219 [SECURITY] [DLA 2043-1] gdk-pixbuf security update CVE-2016-6352 CVE-2017-2870 CVE-2017-6312 CVE-2017-6313 CVE-2017-6314
MLIST:[debian-lts-announce] 20191220 [SECURITY] [DLA 2044-1] cyrus-sasl2 security update CVE-2019-19906
MLIST:[debian-lts-announce] 20191221 [SECURITY] [DLA 2045-1] tightvnc security update CVE-2014-6053 CVE-2018-20021 CVE-2018-20022 CVE-2018-7225 CVE-2019-15678 CVE-2019-15679 CVE-2019-15680 CVE-2019-15681 CVE-2019-8287
MLIST:[debian-lts-announce] 20191222 [SECURITY] [DLA 2047-1] cups security update CVE-2019-2228
MLIST:[debian-lts-announce] 20191226 [SECURITY] [DLA 2046-1] opensc security update CVE-2019-19479
MLIST:[debian-lts-announce] 20191228 [SECURITY] [DLA 2048-1] libxml2 security update CVE-2019-19956
MLIST:[debian-lts-announce] 20191229 [SECURITY] [DLA 2049-1] imagemagick security update CVE-2019-19948 CVE-2019-19949
MLIST:[debian-lts-announce] 20191229 [SECURITY] [DLA 2050-1] php5 security update CVE-2019-11045 CVE-2019-11046 CVE-2019-11047 CVE-2019-11050
MLIST:[debian-lts-announce] 20191230 [SECURITY] [DLA 2051-1] intel-microcode security update CVE-2019-11135 CVE-2019-11139
MLIST:[debian-lts-announce] 20191230 [SECURITY] [DLA 2052-1] libbsd security update CVE-2016-2090
MLIST:[debian-lts-announce] 20191231 [SECURITY] [DLA 2054-1] jhead security update CVE-2018-16554 CVE-2018-17088 CVE-2019-1010301 CVE-2019-1010302
MLIST:[debian-lts-announce] 20191231 [SECURITY] [DLA 2055-1] igraph security update CVE-2018-20349
MLIST:[debian-lts-announce] 20200101 [SECURITY] [DLA 1931-2] libgcrypt20 regression update CVE-2019-13627
MLIST:[debian-lts-announce] 20200101 [SECURITY] [DLA 2053-1] otrs2 security update CVE-2019-18179
MLIST:[debian-lts-announce] 20200109 [SECURITY] [DLA 2061-1] firefox-esr security update CVE-2019-17016 CVE-2019-17017 CVE-2019-17022 CVE-2019-17024
MLIST:[debian-lts-announce] 20200109 [SECURITY] [DLA 2062-1] sa-exim security update CVE-2019-19920
MLIST:[debian-lts-announce] 20200110 [SECURITY] [DLA 2064-1] ldm security update CVE-2019-20373
MLIST:[debian-lts-announce] 20200112 [SECURITY] [DLA 2065-1] apache-log4j1.2 security update CVE-2019-17571
MLIST:[debian-lts-announce] 20200114 [SECURITY] [DLA 2067-1] wordpress security update CVE-2019-20041
MLIST:[debian-lts-announce] 20200115 [SECURITY] [DLA 2060-1] phpmyadmin security update CVE-2020-5504
MLIST:[debian-lts-announce] 20200115 [SECURITY] [DLA 2063-1] debian-lan-config security update CVE-2019-3467
MLIST:[debian-lts-announce] 20200118 [SECURITY] [DLA 2068-1] linux security update CVE-2019-15098 CVE-2019-15217 CVE-2019-15291 CVE-2019-15505 CVE-2019-16746 CVE-2019-17052 CVE-2019-17053 CVE-2019-17054 CVE-2019-17055 CVE-2019-17056 CVE-2019-17133 CVE-2019-17666 CVE-2019-19051 CVE-2019-19052 CVE-2019-19056 CVE-2019-19057 CVE-2019-19062 CVE-2019-19066 CVE-2019-19227 CVE-2019-19523 CVE-2019-19524 CVE-2019-19527 CVE-2019-19530 CVE-2019-19531 CVE-2019-19532 CVE-2019-19533 CVE-2019-19534 CVE-2019-19536 CVE-2019-19537 CVE-2019-19767 CVE-2019-19922 CVE-2019-19947 CVE-2019-19965 CVE-2019-19966 CVE-2019-2215
MLIST:[debian-lts-announce] 20200118 [SECURITY] [DLA 2069-1] cacti security update CVE-2020-7106
MLIST:[debian-lts-announce] 20200119 [SECURITY] [DLA 2070-1] ruby-excon security update CVE-2019-16779
MLIST:[debian-lts-announce] 20200120 [SECURITY] [DLA 2071-1] thunderbird security update CVE-2019-17016 CVE-2019-17017 CVE-2019-17022 CVE-2019-17024
MLIST:[debian-lts-announce] 20200120 [SECURITY] [DLA 2072-1] gpac security update CVE-2018-21015 CVE-2018-21016 CVE-2019-13618 CVE-2019-20161 CVE-2019-20162 CVE-2019-20163 CVE-2019-20165 CVE-2019-20170 CVE-2019-20171 CVE-2019-20208
MLIST:[debian-lts-announce] 20200121 [SECURITY] [DLA 2073-1] transfig security update CVE-2018-16140 CVE-2019-14275 CVE-2019-19555
MLIST:[debian-lts-announce] 20200123 [SECURITY] [DLA 2059-1] git security update CVE-2019-1387
MLIST:[debian-lts-announce] 20200126 [SECURITY] [DLA 2075-1] jsoup security update CVE-2015-6748
MLIST:[debian-lts-announce] 20200126 [SECURITY] [DLA 2076-1] slirp security update CVE-2020-7039
MLIST:[debian-lts-announce] 20200127 [SECURITY] [DLA 2077-1] tomcat7 security update CVE-2019-12418 CVE-2019-17563
MLIST:[debian-lts-announce] 20200127 [SECURITY] [DLA 2080-1] iperf3 security update CVE-2016-4303
MLIST:[debian-lts-announce] 20200128 [SECURITY] [DLA 2081-1] openjpeg2 security update CVE-2020-6851
MLIST:[debian-lts-announce] 20200128 [SECURITY] [DLA 2082-1] unzip security update CVE-2018-1000035
MLIST:[debian-lts-announce] 20200129 [SECURITY] [DLA 2079-1] otrs2 security update CVE-2020-1765 CVE-2020-1766 CVE-2020-1767
MLIST:[debian-lts-announce] 20200129 [SECURITY] [DLA 2083-1] hiredis security update CVE-2020-7105
MLIST:[debian-lts-announce] 20200129 [SECURITY] [DLA 2084-1] graphicsmagick security update CVE-2019-19950 CVE-2019-19951 CVE-2019-19953
MLIST:[debian-lts-announce] 20200129 [SECURITY] [DLA 2085-1] zlib security update CVE-2016-9840 CVE-2016-9841 CVE-2016-9842 CVE-2016-9843
MLIST:[debian-lts-announce] 20200130 [SECURITY] [DLA 2078-1] libxmlrpc3-java security update CVE-2019-17570
MLIST:[debian-lts-announce] 20200130 [SECURITY] [DLA 2087-1] suricata security update CVE-2019-18625 CVE-2019-18792
MLIST:[debian-lts-announce] 20200130 [SECURITY] [DLA 2088-1] libsolv security update CVE-2019-20387
MLIST:[debian-lts-announce] 20200130 [SECURITY] [DLA 2089-1] openjpeg2 security update CVE-2020-8112
MLIST:[debian-lts-announce] 20200131 [SECURITY] [DLA 2090-1] qemu security update CVE-2020-7039
MLIST:[debian-lts-announce] 20200131 [SECURITY] [DLA 2091-1] libjackson-json-java security update CVE-2017-15095 CVE-2017-7525
MLIST:[debian-lts-announce] 20200201 [SECURITY] [DLA 2094-1] sudo security update CVE-2019-18634
MLIST:[debian-lts-announce] 20200205 [SECURITY] [DLA 2095-1] storebackup security update CVE-2020-7040
MLIST:[debian-lts-announce] 20200206 [SECURITY] [DLA 2096-1] ruby-rack-cors security update CVE-2019-18978
MLIST:[debian-lts-announce] 20200209 [SECURITY] [DLA 2097-1] ppp security update CVE-2020-8597
MLIST:[debian-lts-announce] 20200209 [SECURITY] [DLA 2098-1] ipmitool security update CVE-2020-5208
MLIST:[debian-lts-announce] 20200210 [SECURITY] [DLA 2099-1] checkstyle security update CVE-2019-10782
MLIST:[debian-lts-announce] 20200210 [SECURITY] [DLA 2100-1] libexif security update CVE-2019-9278
MLIST:[debian-lts-announce] 20200212 [SECURITY] [DLA 2101-1] libemail-address-list-perl security update CVE-2018-18898
MLIST:[debian-lts-announce] 20200218 [SECURITY] [DLA 2106-1] libgd2 security update CVE-2018-14553
MLIST:[debian-lts-announce] 20200218 [SECURITY] [DLA 2107-1] spamassassin security update CVE-2020-1930 CVE-2020-1931
MLIST:[debian-lts-announce] 20200218 [SECURITY] [DLA 2108-1] clamav security update CVE-2019-15961
MLIST:[debian-lts-announce] 20200219 [SECURITY] [DLA 2109-1] netty security update CVE-2019-20444 CVE-2019-20445 CVE-2020-7238
MLIST:[debian-lts-announce] 20200219 [SECURITY] [DLA 2110-1] netty-3.9 security update CVE-2014-3488 CVE-2019-16869 CVE-2019-20444 CVE-2019-20445 CVE-2020-7238
MLIST:[debian-lts-announce] 20200220 [SECURITY] [DLA 2111-1] jackson-databind security update CVE-2019-20330 CVE-2020-8840
MLIST:[debian-lts-announce] 20200220 [SECURITY] [DLA 2112-1] python-reportlab security update CVE-2019-17626
MLIST:[debian-lts-announce] 20200221 [SECURITY] [DLA 2113-1] cloud-init security update CVE-2020-8631 CVE-2020-8632
MLIST:[debian-lts-announce] 20200221 [SECURITY] [DLA 2115-1] proftpd-dfsg security update CVE-2020-9273
MLIST:[debian-lts-announce] 20200222 [SECURITY] [DLA 2116-1] libpam-radius-auth security update CVE-2015-9542
MLIST:[debian-lts-announce] 20200224 [SECURITY] [DLA 2118-1] otrs2 security update CVE-2019-11358
MLIST:[debian-lts-announce] 20200226 [SECURITY] [DLA 2119-1] python-pysaml2 security update CVE-2020-5390
MLIST:[debian-lts-announce] 20200226 [SECURITY] [DLA 2120-1] rake security update CVE-2020-8130
MLIST:[debian-lts-announce] 20200227 [SECURITY] [DLA 2121-1] libimobiledevice security update CVE-2016-5104
MLIST:[debian-lts-announce] 20200227 [SECURITY] [DLA 2122-1] libusbmuxd security update CVE-2016-5104
MLIST:[debian-lts-announce] 20200228 [SECURITY] [DLA 2123-1] pure-ftpd security update CVE-2020-9274
MLIST:[debian-lts-announce] 20200228 [SECURITY] [DLA 2124-1] php5 security update CVE-2020-7059 CVE-2020-7060
MLIST:[debian-lts-announce] 20200228 [SECURITY] [DLA 2125-1] collabtive security update CVE-2015-0258
MLIST:[debian-lts-announce] 20200228 [SECURITY] [DLA 2126-1] gst-plugins-base0.10 security update CVE-2016-9811 CVE-2017-5837 CVE-2017-5844
MLIST:[debian-lts-announce] 20200229 [SECURITY] [DLA 2127-1] dojo security update CVE-2019-10785
MLIST:[debian-lts-announce] 20200229 [SECURITY] [DLA 2128-1] openjdk-7 security update CVE-2020-2583 CVE-2020-2590 CVE-2020-2593 CVE-2020-2601 CVE-2020-2604 CVE-2020-2654 CVE-2020-2659
MLIST:[debian-lts-announce] 20200229 [SECURITY] [DLA 2129-1] firebird2.5 security update CVE-2017-11509
MLIST:[debian-lts-announce] 20200229 [SECURITY] [DLA 2130-1] libapache2-mod-auth-openidc security CVE-2019-20479
MLIST:[debian-lts-announce] 20200301 [SECURITY] [DLA 2131-1] rrdtool security update CVE-2014-6262
MLIST:[debian-lts-announce] 20200302 [SECURITY] [DLA 2114-1] linux-4.9 security update CVE-2018-13093 CVE-2018-13094 CVE-2018-20976 CVE-2018-21008 CVE-2019-0136 CVE-2019-14615 CVE-2019-15098 CVE-2019-15217 CVE-2019-15291 CVE-2019-15505 CVE-2019-15917 CVE-2019-16746 CVE-2019-17052 CVE-2019-17053 CVE-2019-17054 CVE-2019-17055 CVE-2019-17056 CVE-2019-17075 CVE-2019-17133 CVE-2019-17666 CVE-2019-18282 CVE-2019-18683 CVE-2019-18809 CVE-2019-19037 CVE-2019-19051 CVE-2019-19052 CVE-2019-19056 CVE-2019-19057 CVE-2019-19062 CVE-2019-19066 CVE-2019-19068 CVE-2019-19227 CVE-2019-19447 CVE-2019-19523 CVE-2019-19524 CVE-2019-19525 CVE-2019-19527 CVE-2019-19530 CVE-2019-19531 CVE-2019-19532 CVE-2019-19533 CVE-2019-19534 CVE-2019-19535 CVE-2019-19536 CVE-2019-19537 CVE-2019-19767 CVE-2019-19947 CVE-2019-19965 CVE-2019-20096 CVE-2019-2215
MLIST:[debian-lts-announce] 20200302 [SECURITY] [DLA 2115-2] proftpd-dfsg regression update CVE-2020-9273
MLIST:[debian-lts-announce] 20200302 [SECURITY] [DLA 2117-1] zsh security update CVE-2019-20044
MLIST:[debian-lts-announce] 20200302 [SECURITY] [DLA 2131-2] rrdtool regression update CVE-2014-6262
MLIST:[debian-lts-announce] 20200304 [SECURITY] [DLA 2132-1] libzypp security update CVE-2019-18900
MLIST:[debian-lts-announce] 20200304 [SECURITY] [DLA 2133-1] tomcat7 security update CVE-2019-17569 CVE-2020-1935 CVE-2020-1938
MLIST:[debian-lts-announce] 20200305 [SECURITY] [DLA 2134-1] pdfresurrect security update CVE-2020-9549
MLIST:[debian-lts-announce] 20200305 [SECURITY] [DLA 2135-1] jackson-databind security update CVE-2020-9546 CVE-2020-9547 CVE-2020-9548
MLIST:[debian-lts-announce] 20200311 [SECURITY] [DLA 2137-1] sleuthkit security update CVE-2020-10232
MLIST:[debian-lts-announce] 20200311 [SECURITY] [DLA 2138-1] wpa security update CVE-2019-10064
MLIST:[debian-lts-announce] 20200311 [SECURITY] [DLA 2139-1] dojo security update CVE-2020-5258 CVE-2020-5259
MLIST:[debian-lts-announce] 20200311 [SECURITY] [DLA 2140-1] firefox-esr security update CVE-2019-20503
MLIST:[debian-lts-announce] 20200312 [SECURITY] [DLA 2141-1] yubikey-val security update CVE-2020-10184 CVE-2020-10185
MLIST:[debian-lts-announce] 20200313 [SECURITY] [DLA 2142-1] slirp security update CVE-2020-8608
MLIST:[debian-lts-announce] 20200316 [SECURITY] [DLA 2143-1] slurm-llnl security update CVE-2019-12838 CVE-2019-6438
MLIST:[debian-lts-announce] 20200316 [SECURITY] [DLA 2144-1] qemu security update CVE-2020-1711 CVE-2020-8608
MLIST:[debian-lts-announce] 20200318 [SECURITY] [DLA 2147-1] gdal security update CVE-2019-17546
MLIST:[debian-lts-announce] 20200320 [SECURITY] [DLA 2148-1] amd64-microcode security update CVE-2017-5715
MLIST:[debian-lts-announce] 20200320 [SECURITY] [DLA 2149-1] rails security update CVE-2020-5267
MLIST:[debian-lts-announce] 20200320 [SECURITY] [DLA 2150-1] thunderbird security update CVE-2019-20503
MLIST:[debian-lts-announce] 20200320 [SECURITY] [DLA 2151-1] icu security update CVE-2020-10531
MLIST:[debian-lts-announce] 20200321 [SECURITY] [DLA 2152-1] graphicsmagick security update CVE-2019-12921
MLIST:[debian-lts-announce] 20200322 [SECURITY] [DLA 2153-1] jackson-databind security update CVE-2020-10672 CVE-2020-10673
MLIST:[debian-lts-announce] 20200322 [SECURITY] [DLA 2154-1] phpmyadmin security update CVE-2020-10802 CVE-2020-10803
MLIST:[debian-lts-announce] 20200324 [SECURITY] [DLA 2155-1] tomcat8 security update CVE-2019-12418
MLIST:[debian-lts-announce] 20200324 [SECURITY] [DLA 2156-1] e2fsprogs security update CVE-2019-5188
MLIST:[debian-lts-announce] 20200324 [SECURITY] [DLA 2157-1] weechat security update CVE-2020-8955 CVE-2020-9760
MLIST:[debian-lts-announce] 20200325 [SECURITY] [DLA 2158-1] ruby2.1 security update CVE-2016-2338
MLIST:[debian-lts-announce] 20200325 [SECURITY] [DLA 2159-1] okular security update CVE-2020-9359
MLIST:[debian-lts-announce] 20200326 [SECURITY] [DLA 2160-1] php5 security update CVE-2020-7062 CVE-2020-7063
MLIST:[debian-lts-announce] 20200328 [SECURITY] [DLA 2161-1] tika security update CVE-2020-1950 CVE-2020-1951
MLIST:[debian-lts-announce] 20200329 [SECURITY] [DLA 2162-1] php-horde-form security update CVE-2020-8866
MLIST:[debian-lts-announce] 20200331 [SECURITY] [DLA 2163-1] tinyproxy security update CVE-2017-11747
MLIST:[debian-lts-announce] 20200331 [SECURITY] [DLA 2164-1] gst-plugins-bad0.10 security update CVE-2015-0797 CVE-2016-9809 CVE-2017-5843 CVE-2017-5848
MLIST:[debian-lts-announce] 20200331 [SECURITY] [DLA 2165-1] apng2gif security update CVE-2017-6960
MLIST:[debian-lts-announce] 20200401 [SECURITY] [DLA 2166-1] libpam-krb5 security update CVE-2020-10595
MLIST:[debian-lts-announce] 20200402 [SECURITY] [DLA 2168-1] libplist security update CVE-2017-5209 CVE-2017-5545 CVE-2017-5834 CVE-2017-5835 CVE-2017-6435 CVE-2017-6436 CVE-2017-6439 CVE-2017-7982
MLIST:[debian-lts-announce] 20200405 [SECURITY] [DLA 2169-1] libmtp security update CVE-2017-9831 CVE-2017-9832
MLIST:[debian-lts-announce] 20200415 [SECURITY] [DLA 2173-1] graphicsmagick security update CVE-2020-10938
MLIST:[debian-lts-announce] 20200415 [SECURITY] [DLA 2174-1] php-horde-data security update CVE-2020-8518
MLIST:[debian-lts-announce] 20200415 [SECURITY] [DLA 2175-1] php-horde-trean security update CVE-2020-8865
MLIST:[debian-lts-announce] 20200415 [SECURITY] [DLA 2177-1] git security update CVE-2020-5260
MLIST:[debian-lts-announce] 20200417 [SECURITY] [DLA 2178-1] awl security update CVE-2020-11728 CVE-2020-11729
MLIST:[debian-lts-announce] 20200417 [SECURITY] [DLA 2179-1] jackson-databind security update CVE-2020-10968 CVE-2020-10969 CVE-2020-11111 CVE-2020-11112 CVE-2020-11113 CVE-2020-11619 CVE-2020-11620
MLIST:[debian-lts-announce] 20200417 [SECURITY] [DLA 2180-1] file-roller security update CVE-2020-11736
MLIST:[debian-lts-announce] 20200419 [SECURITY] [DLA 2181-1] shiro security update CVE-2020-1957
MLIST:[debian-lts-announce] 20200424 [SECURITY] [DLA 2182-1] git security update CVE-2020-11008
MLIST:[debian-lts-announce] 20200425 [SECURITY] [DLA 2183-1] libgsf security update CVE-2016-9888
MLIST:[debian-lts-announce] 20200425 [SECURITY] [DLA 2184-1] jsch security update CVE-2016-5725
MLIST:[debian-lts-announce] 20200425 [SECURITY] [DLA 2185-1] eog security update CVE-2016-6855
MLIST:[debian-lts-announce] 20200425 [SECURITY] [DLA 2186-1] ncmpc security update CVE-2018-9240
MLIST:[debian-lts-announce] 20200425 [SECURITY] [DLA 2187-1] radicale security update CVE-2017-8342
MLIST:[debian-lts-announce] 20200426 [SECURITY] [DLA 2188-1] php5 security update CVE-2020-7064 CVE-2020-7066
MLIST:[debian-lts-announce] 20200426 [SECURITY] [DLA 2189-1] rzip security update CVE-2017-8364
MLIST:[debian-lts-announce] 20200429 [SECURITY] [DLA 2193-1] openjdk-7 security update CVE-2020-2756 CVE-2020-2757 CVE-2020-2773 CVE-2020-2781 CVE-2020-2800 CVE-2020-2803 CVE-2020-2805 CVE-2020-2830
MLIST:[debian-lts-announce] 20200430 [SECURITY] [DLA 2192-1] ruby2.1 security update CVE-2020-10663
MLIST:[debian-lts-announce] 20200430 [SECURITY] [DLA 2194-1] yodl security update CVE-2016-10375
MLIST:[debian-lts-announce] 20200430 [SECURITY] [DLA 2195-1] w3m security update CVE-2018-6196 CVE-2018-6197
MLIST:[debian-lts-announce] 20200430 [SECURITY] [DLA 2196-1] pound security update CVE-2016-10711
MLIST:[debian-lts-announce] 20200430 [SECURITY] [DLA 2197-1] miniupnpc security update CVE-2017-8798
MLIST:[debian-lts-announce] 20200501 [SECURITY] [DLA 2198-1] otrs2 security update CVE-2020-1770 CVE-2020-1772 CVE-2020-1774
MLIST:[debian-lts-announce] 20200502 [SECURITY] [DLA 2199-1] openldap security update CVE-2020-12243
MLIST:[debian-lts-announce] 20200503 [SECURITY] [DLA 2196-2] pound regression update CVE-2016-10711
MLIST:[debian-lts-announce] 20200503 [SECURITY] [DLA 2200-1] mailman security update CVE-2020-12137
MLIST:[debian-lts-announce] 20200505 [SECURITY] [DLA 2201-1] ntp security update CVE-2020-11868
MLIST:[debian-lts-announce] 20200505 [SECURITY] [DLA 2202-1] ansible security update CVE-2019-14846 CVE-2020-1733 CVE-2020-1739 CVE-2020-1740
MLIST:[debian-lts-announce] 20200505 [SECURITY] [DLA 2203-1] sqlite3 security update CVE-2020-11655
MLIST:[debian-lts-announce] 20200507 [SECURITY] [DLA 2204-1] mailman security update CVE-2020-12108
MLIST:[debian-lts-announce] 20200510 [SECURITY] [DLA 2207-1] libntlm security update CVE-2019-17455
MLIST:[debian-lts-announce] 20200511 [SECURITY] [DLA 2208-1] wordpress security update CVE-2020-11026 CVE-2020-11027 CVE-2020-11028 CVE-2020-11029
MLIST:[debian-lts-announce] 20200514 [SECURITY] [DLA 2176-1] inetutils security update CVE-2020-10188
MLIST:[debian-lts-announce] 20200516 [SECURITY] [DLA 2212-1] openconnect security update CVE-2020-12823
MLIST:[debian-lts-announce] 20200518 [SECURITY] [DLA 2213-1] exim4 security update CVE-2020-12783
MLIST:[debian-lts-announce] 20200518 [SECURITY] [DLA 2214-1] libexif security update CVE-2018-20030 CVE-2020-0093 CVE-2020-12767
MLIST:[debian-lts-announce] 20200519 [SECURITY] [DLA 2215-1] clamav security update CVE-2020-3327 CVE-2020-3341
MLIST:[debian-lts-announce] 20200523 [SECURITY] [DLA 2217-1] tomcat7 security update CVE-2020-9484
MLIST:[debian-lts-announce] 20200524 [SECURITY] [DLA 2218-1] transmission security update CVE-2018-10756
MLIST:[debian-lts-announce] 20200524 [SECURITY] [DLA 2219-1] feh security update CVE-2017-7875
MLIST:[debian-lts-announce] 20200526 [SECURITY] [DLA 2221-1] sqlite3 CVE-2020-13434
MLIST:[debian-lts-announce] 20200528 [SECURITY] [DLA 2209-1] tomcat8 security update CVE-2019-17563 CVE-2020-1935 CVE-2020-1938 CVE-2020-9484
MLIST:[debian-lts-announce] 20200528 [SECURITY] [DLA 2222-1] libexif security update CVE-2018-20030 CVE-2020-13112 CVE-2020-13113 CVE-2020-13114
MLIST:[debian-lts-announce] 20200530 [SECURITY] [DLA 2223-1] salt security update CVE-2020-11651 CVE-2020-11652
MLIST:[debian-lts-announce] 20200530 [SECURITY] [DLA 2224-1] dosfstools security update CVE-2015-8872 CVE-2016-4804
MLIST:[debian-lts-announce] 20200530 [SECURITY] [DLA 2225-1] gst-plugins-good0.10 security update CVE-2016-10198 CVE-2017-5840
MLIST:[debian-lts-announce] 20200530 [SECURITY] [DLA 2226-1] gst-plugins-ugly0.10 security update CVE-2017-5846 CVE-2017-5847
MLIST:[debian-lts-announce] 20200530 [SECURITY] [DLA 2227-1] bind9 security update CVE-2020-8616 CVE-2020-8617
MLIST:[debian-lts-announce] 20200531 [SECURITY] [DLA 2228-1] json-c security update CVE-2020-12762
MLIST:[debian-lts-announce] 20200531 [SECURITY] [DLA 2228-2] json-c regression update CVE-2020-12762
MLIST:[debian-lts-announce] 20200531 [SECURITY] [DLA 2229-1] php-horde-gollem security update CVE-2020-8034
MLIST:[debian-lts-announce] 20200531 [SECURITY] [DLA 2230-1] php-horde security update CVE-2020-8035
MLIST:[debian-lts-announce] 20200601 [SECURITY] [DLA 2232-1] python-httplib2 security update CVE-2020-11078
MLIST:[debian-lts-announce] 20200604 [SECURITY] [DLA 2234-1] netqmail security update CVE-2005-1513 CVE-2005-1514 CVE-2005-1515 CVE-2020-3811 CVE-2020-3812
MLIST:[debian-lts-announce] 20200607 [SECURITY] [DLA 2236-1] graphicsmagick security update CVE-2020-12672
MLIST:[debian-lts-announce] 20200608 [SECURITY] [DLA 2238-1] libupnp security update CVE-2020-13848
MLIST:[debian-lts-announce] 20200608 [SECURITY] [DLA 2239-1] libpam-tacplus security update CVE-2020-13881
MLIST:[debian-lts-announce] 20200609 [SECURITY] [DLA 2240-1] bluez security update CVE-2020-0556
MLIST:[debian-lts-announce] 20200609 [SECURITY] [DLA 2241-1] linux security update CVE-2015-8839 CVE-2018-14610 CVE-2018-14611 CVE-2018-14612 CVE-2018-14613 CVE-2019-19319 CVE-2019-19447 CVE-2019-19768 CVE-2019-20636 CVE-2019-5108 CVE-2020-0009 CVE-2020-10690 CVE-2020-10942 CVE-2020-11494 CVE-2020-11565 CVE-2020-11608 CVE-2020-11609 CVE-2020-11668 CVE-2020-12114 CVE-2020-12464 CVE-2020-12652 CVE-2020-12653 CVE-2020-12654 CVE-2020-12769 CVE-2020-12770 CVE-2020-12826 CVE-2020-13143 CVE-2020-2732 CVE-2020-8647 CVE-2020-8648 CVE-2020-8649 CVE-2020-9383
MLIST:[debian-lts-announce] 20200610 [SECURITY] [DLA 2241-2] linux security update CVE-2015-8839 CVE-2018-14610 CVE-2018-14611 CVE-2018-14612 CVE-2018-14613 CVE-2019-19319 CVE-2019-19447 CVE-2019-19768 CVE-2019-20636 CVE-2019-5108 CVE-2020-0009 CVE-2020-10690 CVE-2020-10942 CVE-2020-11494 CVE-2020-11565 CVE-2020-11608 CVE-2020-11609 CVE-2020-11668 CVE-2020-12114 CVE-2020-12464 CVE-2020-12652 CVE-2020-12653 CVE-2020-12654 CVE-2020-12769 CVE-2020-12770 CVE-2020-12826 CVE-2020-13143 CVE-2020-2732 CVE-2020-8647 CVE-2020-8648 CVE-2020-8649 CVE-2020-9383
MLIST:[debian-lts-announce] 20200610 [SECURITY] [DLA 2242-1] linux-4.9 security update CVE-2019-19319 CVE-2019-19462 CVE-2019-19768 CVE-2019-20806 CVE-2019-20811 CVE-2019-2182 CVE-2019-5108 CVE-2020-10711 CVE-2020-10942 CVE-2020-11494 CVE-2020-11565 CVE-2020-11608 CVE-2020-11609 CVE-2020-11668 CVE-2020-12114 CVE-2020-12464 CVE-2020-12652 CVE-2020-12653 CVE-2020-12654 CVE-2020-12770 CVE-2020-13143 CVE-2020-2732 CVE-2020-8428 CVE-2020-8647 CVE-2020-8648 CVE-2020-8649 CVE-2020-9383
MLIST:[debian-lts-announce] 20200611 [SECURITY] [DLA 2244-1] libphp-phpmailer security update CVE-2020-13625
MLIST:[debian-lts-announce] 20200611 [SECURITY] [DLA 2245-1] mysql-connector-java security update CVE-2020-2875 CVE-2020-2933 CVE-2020-2934
MLIST:[debian-lts-announce] 20200612 [SECURITY] [DLA 2233-2] python-django regression update CVE-2020-13254
MLIST:[debian-lts-announce] 20200612 [SECURITY] [DLA 2246-1] xawtv security update CVE-2020-13696
MLIST:[debian-lts-announce] 20200613 [SECURITY] [DLA 2248-1] intel-microcode security update CVE-2020-0548 CVE-2020-0549
MLIST:[debian-lts-announce] 20200613 [SECURITY] [DLA 2249-1] libexif security update CVE-2020-0182 CVE-2020-0198
MLIST:[debian-lts-announce] 20200619 [SECURITY] [DLA 2251-1] rails security update CVE-2020-8164 CVE-2020-8165
MLIST:[debian-lts-announce] 20200621 [SECURITY] [DLA 2252-1] ngircd security update CVE-2020-14148
MLIST:[debian-lts-announce] 20200621 [SECURITY] [DLA 2253-1] lynis security update CVE-2019-13033
MLIST:[debian-lts-announce] 20200625 [SECURITY] [DLA 2254-1] alpine security update CVE-2020-14929
MLIST:[debian-lts-announce] 20200628 [SECURITY] [DLA 2255-1] libtasn1-6 security update CVE-2017-10790
MLIST:[debian-lts-announce] 20200628 [SECURITY] [DLA 2256-1] libtirpc security update CVE-2016-4429
MLIST:[debian-lts-announce] 20200628 [SECURITY] [DLA 2257-1] pngquant security update CVE-2016-5735
MLIST:[debian-lts-announce] 20200628 [SECURITY] [DLA 2258-1] zziplib security update CVE-2018-16548 CVE-2018-6381 CVE-2018-6484 CVE-2018-6540 CVE-2018-6541 CVE-2018-6869 CVE-2018-7725 CVE-2018-7726
MLIST:[debian-lts-announce] 20200628 [SECURITY] [DLA 2259-1] picocom security update CVE-2015-9059
MLIST:[debian-lts-announce] 20200628 [SECURITY] [DLA 2260-1] mcabber security update CVE-2016-9928
MLIST:[debian-lts-announce] 20200629 [SECURITY] [DLA 2261-1] php5 security update CVE-2019-11048
MLIST:[debian-lts-announce] 20200629 [SECURITY] [DLA 2262-1] qemu security update CVE-2020-13361 CVE-2020-13362 CVE-2020-13765 CVE-2020-1983
MLIST:[debian-lts-announce] 20200630 [SECURITY] [DLA 2264-1] libvncserver security update CVE-2019-20839 CVE-2020-14397 CVE-2020-14399 CVE-2020-14400 CVE-2020-14401 CVE-2020-14402 CVE-2020-14403 CVE-2020-14404 CVE-2020-14405
MLIST:[debian-lts-announce] 20200630 [SECURITY] [DLA 2265-1] mailman security update CVE-2020-15011
MLIST:[debian-lts-announce] 20200630 [SECURITY] [DLA 2267-1] libmatio security update CVE-2019-17533
MLIST:[debian-lts-announce] 20200630 [SECURITY] [DLA 2268-1] mutt security update CVE-2020-14093 CVE-2020-14954
MLIST:[debian-lts-announce] 20200630 [SECURITY] [DLA 2268-2] mutt regression update CVE-2020-14093 CVE-2020-14954
MLIST:[debian-lts-announce] 20200701 [SECURITY] [DLA 2269-1] wordpress security update CVE-2020-4046 CVE-2020-4047 CVE-2020-4048 CVE-2020-4049 CVE-2020-4050
MLIST:[debian-lts-announce] 20200701 [SECURITY] [DLA 2270-1] jackson-databind security update CVE-2020-14060 CVE-2020-14061 CVE-2020-14062 CVE-2020-14195
MLIST:[debian-lts-announce] 20200701 [SECURITY] [DLA 2271-1] coturn security update CVE-2020-4067
MLIST:[debian-lts-announce] 20200710 [SECURITY] [DLA 2275-1] ruby-rack security update CVE-2020-8161 CVE-2020-8184
MLIST:[debian-lts-announce] 20200710 [SECURITY] [DLA 2276-1] mailman security update CVE-2020-12108 CVE-2020-15011
MLIST:[debian-lts-announce] 20200710 [SECURITY] [DLA 2277-1] openjpeg2 security update CVE-2019-12973 CVE-2020-15389 CVE-2020-6851 CVE-2020-8112
MLIST:[debian-lts-announce] 20200710 [SECURITY] [DLA 2278-1] squid3 security update CVE-2018-19132 CVE-2019-12519 CVE-2019-12520 CVE-2019-12521 CVE-2019-12523 CVE-2019-12524 CVE-2019-12525 CVE-2019-12526 CVE-2019-12528 CVE-2019-12529 CVE-2019-13345 CVE-2019-18676 CVE-2019-18677 CVE-2019-18678 CVE-2019-18679 CVE-2019-18860 CVE-2020-11945 CVE-2020-8449 CVE-2020-8450
MLIST:[debian-lts-announce] 20200712 [SECURITY] [DLA 2279-1] tomcat8 security update CVE-2020-11996 CVE-2020-9484
MLIST:[debian-lts-announce] 20200715 [SECURITY] [DLA 2280-1] python3.5 security update CVE-2018-20406 CVE-2018-20852 CVE-2019-16056 CVE-2019-16935 CVE-2019-18348 CVE-2019-5010 CVE-2019-9636 CVE-2019-9740 CVE-2019-9947 CVE-2019-9948 CVE-2020-14422 CVE-2020-8492
MLIST:[debian-lts-announce] 20200720 [SECURITY] [DLA 2282-1] rails security update CVE-2020-8163 CVE-2020-8164 CVE-2020-8165
MLIST:[debian-lts-announce] 20200720 [SECURITY] [DLA 2283-1] nginx security update CVE-2020-11724
MLIST:[debian-lts-announce] 20200722 [SECURITY] [DLA 2285-1] librsvg security update CVE-2017-11464 CVE-2019-20446
MLIST:[debian-lts-announce] 20200722 [SECURITY] [DLA 2286-1] tomcat8 security update CVE-2020-13934 CVE-2020-13935
MLIST:[debian-lts-announce] 20200723 [SECURITY] [DLA 2287-1] poppler security update CVE-2017-18267 CVE-2018-16646 CVE-2018-20481 CVE-2018-21009 CVE-2019-10872 CVE-2019-12293 CVE-2019-9200 CVE-2019-9631
MLIST:[debian-lts-announce] 20200725 [SECURITY] [DLA 2289-1] mupdf security update CVE-2018-16647 CVE-2018-16648 CVE-2018-18662 CVE-2019-13290 CVE-2019-6130
MLIST:[debian-lts-announce] 20200726 [SECURITY] [DLA 2288-1] qemu security update CVE-2017-9503 CVE-2019-12068 CVE-2019-20382 CVE-2020-10756 CVE-2020-13361 CVE-2020-13362 CVE-2020-13659 CVE-2020-13754 CVE-2020-13765 CVE-2020-1983 CVE-2020-8608
MLIST:[debian-lts-announce] 20200726 [SECURITY] [DLA 2290-1] e2fsprogs security update CVE-2019-5188
MLIST:[debian-lts-announce] 20200727 [SECURITY] [DLA 2291-1] ffmpeg security update CVE-2019-13390 CVE-2019-17542 CVE-2020-13904
MLIST:[debian-lts-announce] 20200727 [SECURITY] [DLA 2292-1] milkytracker security update CVE-2019-14464 CVE-2019-14496 CVE-2019-14497 CVE-2020-15569
MLIST:[debian-lts-announce] 20200728 [SECURITY] [DLA 2294-1] salt security update CVE-2018-15750 CVE-2018-15751
MLIST:[debian-lts-announce] 20200728 [SECURITY] [DLA 2296-1] luajit security update CVE-2020-15890
MLIST:[debian-lts-announce] 20200729 [SECURITY] [DLA 2297-1] firefox-esr security update CVE-2020-6463 CVE-2020-6514
MLIST:[debian-lts-announce] 20200729 [SECURITY] [DLA 2298-1] libapache2-mod-auth-openidc security update CVE-2019-1010247 CVE-2019-14857 CVE-2019-20479
MLIST:[debian-lts-announce] 20200730 [SECURITY] [DLA 2300-1] kdepim-runtime security update CVE-2020-15954
MLIST:[debian-lts-announce] 20200730 [SECURITY] [DLA 2301-1] json-c security update CVE-2020-12762
MLIST:[debian-lts-announce] 20200731 [SECURITY] [DLA 2293-1] mercurial security update CVE-2017-17458 CVE-2018-1000132 CVE-2018-13346 CVE-2018-13347 CVE-2018-13348 CVE-2019-3902
MLIST:[debian-lts-announce] 20200731 [SECURITY] [DLA 2302-1] libjpeg-turbo security update CVE-2018-1152 CVE-2018-14498 CVE-2020-13790 CVE-2020-14152
MLIST:[debian-lts-announce] 20200731 [SECURITY] [DLA 2303-1] libssh security update CVE-2020-16135
MLIST:[debian-lts-announce] 20200801 [SECURITY] [DLA 2304-1] libpam-radius-auth security update CVE-2015-9542
MLIST:[debian-lts-announce] 20200801 [SECURITY] [DLA 2305-1] transmission security update CVE-2018-10756
MLIST:[debian-lts-announce] 20200801 [SECURITY] [DLA 2307-1] ruby-zip security update CVE-2018-1000544
MLIST:[debian-lts-announce] 20200801 [SECURITY] [DLA 2308-1] libopenmpt security update CVE-2019-17113
MLIST:[debian-lts-announce] 20200802 [SECURITY] [DLA 2306-1] libphp-phpmailer security update CVE-2020-13625
MLIST:[debian-lts-announce] 20200802 [SECURITY] [DLA 2309-1] evolution-data-server security update CVE-2020-16117
MLIST:[debian-lts-announce] 20200802 [SECURITY] [DLA 2310-1] thunderbird security update CVE-2020-6463 CVE-2020-6514
MLIST:[debian-lts-announce] 20200803 [SECURITY] [DLA 2311-1] zabbix security update CVE-2020-15803
MLIST:[debian-lts-announce] 20200806 [SECURITY] [DLA 2314-1] clamav security update CVE-2020-3327 CVE-2020-3350 CVE-2020-3481
MLIST:[debian-lts-announce] 20200806 [SECURITY] [DLA 2315-1] gupnp security update CVE-2020-12695
MLIST:[debian-lts-announce] 20200808 [SECURITY] [DLA 2317-1] pillow security update CVE-2020-10177
MLIST:[debian-lts-announce] 20200808 [SECURITY] [DLA 2318-1] wpa security update CVE-2019-10064 CVE-2020-12695
MLIST:[debian-lts-announce] 20200809 [SECURITY] [DLA 2316-1] ruby-kramdown security update CVE-2020-14001
MLIST:[debian-lts-announce] 20200809 [SECURITY] [DLA 2319-1] xrdp security update CVE-2020-4044
MLIST:[debian-lts-announce] 20200811 [SECURITY] [DLA 2320-1] golang-github-seccomp-libseccomp-golang security update CVE-2017-18367
MLIST:[debian-lts-announce] 20200812 [SECURITY] [DLA 2323-1] linux-4.19 new package CVE-2019-18814 CVE-2019-18885 CVE-2019-20810 CVE-2020-12655 CVE-2020-12771 CVE-2020-13974 CVE-2020-15393
MLIST:[debian-lts-announce] 20200813 [SECURITY] [DLA 2325-1] openjdk-8 security update CVE-2020-14556 CVE-2020-14577 CVE-2020-14578 CVE-2020-14579 CVE-2020-14581 CVE-2020-14583 CVE-2020-14593 CVE-2020-14621
MLIST:[debian-lts-announce] 20200815 [SECURITY] [DLA 2326-1] htmlunit security update CVE-2020-5529
MLIST:[debian-lts-announce] 20200815 [SECURITY] [DLA 2328-1] dovecot security update CVE-2020-12100 CVE-2020-12673 CVE-2020-12674
MLIST:[debian-lts-announce] 20200816 [SECURITY] [DLA 2327-1] lucene-solr security update CVE-2019-0193
MLIST:[debian-lts-announce] 20200816 [SECURITY] [DLA 2329-1] libetpan security update CVE-2020-15953
MLIST:[debian-lts-announce] 20200816 [SECURITY] [DLA 2330-1] jruby security update CVE-2017-17742 CVE-2019-16201 CVE-2019-16254 CVE-2019-16255 CVE-2019-8320 CVE-2019-8321 CVE-2019-8322 CVE-2019-8323 CVE-2019-8324 CVE-2019-8325
MLIST:[debian-lts-announce] 20200817 [SECURITY] [DLA 2332-1] sane-backends security update CVE-2020-12862 CVE-2020-12863 CVE-2020-12865 CVE-2020-12867
MLIST:[debian-lts-announce] 20200818 [SECURITY] [DLA 2333-1] imagemagick security update CVE-2017-12805 CVE-2017-17681 CVE-2017-18252 CVE-2018-10177 CVE-2018-14551 CVE-2018-18024 CVE-2018-20467 CVE-2018-7443 CVE-2018-8804 CVE-2018-8960 CVE-2018-9133 CVE-2019-10131 CVE-2019-11470 CVE-2019-11472 CVE-2019-11597 CVE-2019-12974 CVE-2019-12977 CVE-2019-12978 CVE-2019-12979 CVE-2019-13295 CVE-2019-13297 CVE-2019-13454 CVE-2019-14981 CVE-2019-19949
MLIST:[debian-lts-announce] 20200819 [SECURITY] [DLA 2334-1] ruby-websocket-extensions security update CVE-2020-7663
MLIST:[debian-lts-announce] 20200820 [SECURITY] [DLA 2335-1] ghostscript security update CVE-2020-16287 CVE-2020-16288 CVE-2020-16289 CVE-2020-16290 CVE-2020-16291 CVE-2020-16292 CVE-2020-16293 CVE-2020-16294 CVE-2020-16295 CVE-2020-16296 CVE-2020-16297 CVE-2020-16298 CVE-2020-16299 CVE-2020-16300 CVE-2020-16301 CVE-2020-16302 CVE-2020-16303 CVE-2020-16304 CVE-2020-16305 CVE-2020-16306 CVE-2020-16307 CVE-2020-16308 CVE-2020-16309 CVE-2020-16310 CVE-2020-17538
MLIST:[debian-lts-announce] 20200822 [SECURITY] [DLA 2336-1] firejail security update CVE-2020-17367 CVE-2020-17368
MLIST:[debian-lts-announce] 20200822 [SECURITY] [DLA 2337-1] python2.7 security update CVE-2018-20852 CVE-2019-16056 CVE-2019-20907 CVE-2019-5010 CVE-2019-9636 CVE-2019-9740 CVE-2019-9947 CVE-2019-9948
MLIST:[debian-lts-announce] 20200822 [SECURITY] [DLA 2340-1] sqlite3 security update CVE-2018-20346 CVE-2018-20506 CVE-2018-8740 CVE-2019-16168 CVE-2019-20218 CVE-2019-5827 CVE-2019-9936 CVE-2019-9937 CVE-2020-11655 CVE-2020-13434 CVE-2020-13630 CVE-2020-13632 CVE-2020-13871
MLIST:[debian-lts-announce] 20200824 [SECURITY] [DLA 2341-1] inetutils security update CVE-2020-10188
MLIST:[debian-lts-announce] 20200824 [SECURITY] [DLA 2342-1] libjackson-json-java security update CVE-2017-7525
MLIST:[debian-lts-announce] 20200824 [SECURITY] [DLA 2343-1] icingaweb2 security update CVE-2020-24368
MLIST:[debian-lts-announce] 20200828 [SECURITY] [DLA 2347-1] libvncserver security update CVE-2019-20839 CVE-2020-14397 CVE-2020-14399 CVE-2020-14400 CVE-2020-14401 CVE-2020-14402 CVE-2020-14403 CVE-2020-14404 CVE-2020-14405
MLIST:[debian-lts-announce] 20200829 [SECURITY] [DLA 2348-1] php-horde-core security update CVE-2017-16907
MLIST:[debian-lts-announce] 20200829 [SECURITY] [DLA 2349-1] php-horde security update CVE-2017-16907
MLIST:[debian-lts-announce] 20200829 [SECURITY] [DLA 2350-1] php-horde-kronolith security update CVE-2017-16908
MLIST:[debian-lts-announce] 20200829 [SECURITY] [DLA 2351-1] php-horde-kronolith security update CVE-2017-16906
MLIST:[debian-lts-announce] 20200829 [SECURITY] [DLA 2352-1] php-horde-gollem security update CVE-2017-15235
MLIST:[debian-lts-announce] 20200829 [SECURITY] [DLA 2353-1] bacula security update CVE-2020-11061
MLIST:[debian-lts-announce] 20200829 [SECURITY] [DLA 2354-1] ndpi security update CVE-2020-15476
MLIST:[debian-lts-announce] 20200829 [SECURITY] [DLA 2355-1] bind9 security update CVE-2020-8622 CVE-2020-8623
MLIST:[debian-lts-announce] 20200829 [SECURITY] [DLA 2356-1] freerdp security update CVE-2014-0791 CVE-2020-11042 CVE-2020-11045 CVE-2020-11046 CVE-2020-11048 CVE-2020-11058 CVE-2020-11521 CVE-2020-11522 CVE-2020-11523 CVE-2020-11525 CVE-2020-11526 CVE-2020-13396 CVE-2020-13397 CVE-2020-13398
MLIST:[debian-lts-announce] 20200830 [SECURITY] [DLA 2358-1] openexr security update CVE-2017-12596 CVE-2017-9110 CVE-2017-9111 CVE-2017-9112 CVE-2017-9113 CVE-2017-9114 CVE-2017-9115 CVE-2017-9116 CVE-2020-11758 CVE-2020-11759 CVE-2020-11760 CVE-2020-11761 CVE-2020-11762 CVE-2020-11763 CVE-2020-11764 CVE-2020-11765 CVE-2020-15305 CVE-2020-15306
MLIST:[debian-lts-announce] 20200830 [SECURITY] [DLA 2359-1] xorg-server security update CVE-2020-14347
MLIST:[debian-lts-announce] 20200902 [SECURITY] [DLA 2362-1] uwsgi security update CVE-2020-11984
MLIST:[debian-lts-announce] 20200902 [SECURITY] [DLA 2363-1] asyncpg security update CVE-2020-17446
MLIST:[debian-lts-announce] 20200904 [SECURITY] [DLA 2364-1] netty security update CVE-2019-20444 CVE-2019-20445 CVE-2020-11612 CVE-2020-7238
MLIST:[debian-lts-announce] 20200904 [SECURITY] [DLA 2365-1] netty-3.9 security update CVE-2019-16869 CVE-2019-20444 CVE-2019-20445
MLIST:[debian-lts-announce] 20200907 [SECURITY] [DLA 2366-1] imagemagick security update CVE-2017-1000445 CVE-2017-1000476 CVE-2017-12140 CVE-2017-12429 CVE-2017-12430 CVE-2017-12435 CVE-2017-12563 CVE-2017-12643 CVE-2017-12670 CVE-2017-12674 CVE-2017-12691 CVE-2017-12692 CVE-2017-12693 CVE-2017-12806 CVE-2017-12875 CVE-2017-13061 CVE-2017-13133 CVE-2017-13658 CVE-2017-13768 CVE-2017-14060 CVE-2017-14172 CVE-2017-14173 CVE-2017-14174 CVE-2017-14175 CVE-2017-14249 CVE-2017-14341 CVE-2017-14400 CVE-2017-14505 CVE-2017-14532 CVE-2017-14624 CVE-2017-14625 CVE-2017-14626 CVE-2017-14739 CVE-2017-14741 CVE-2017-15015 CVE-2017-15017 CVE-2017-15281 CVE-2017-17682 CVE-2017-17914 CVE-2017-18209 CVE-2017-18211 CVE-2017-18271 CVE-2017-18273 CVE-2018-16643 CVE-2018-16749 CVE-2018-18025 CVE-2019-11598 CVE-2019-13135 CVE-2019-13308 CVE-2019-13391 CVE-2019-15139
MLIST:[debian-lts-announce] 20200909 [SECURITY] [DLA 2368-1] grunt security update CVE-2020-7729
MLIST:[debian-lts-announce] 20200909 [SECURITY] [DLA 2369-1] libxml2 security update CVE-2017-18258 CVE-2017-8872 CVE-2018-14404 CVE-2018-14567 CVE-2019-19956 CVE-2019-20388 CVE-2020-24977 CVE-2020-7595
MLIST:[debian-lts-announce] 20200911 [SECURITY] [DLA 2370-1] python-pip security update CVE-2019-20916
MLIST:[debian-lts-announce] 20200911 [SECURITY] [DLA 2371-1] wordpress security update CVE-2019-17670 CVE-2020-4047 CVE-2020-4048 CVE-2020-4049 CVE-2020-4050
MLIST:[debian-lts-announce] 20200912 [SECURITY] [DLA 2372-1] libproxy security update CVE-2020-25219
MLIST:[debian-lts-announce] 20200913 [SECURITY] [DLA 2373-1] qemu security update CVE-2020-13253 CVE-2020-14364 CVE-2020-16092 CVE-2020-1711
MLIST:[debian-lts-announce] 20200915 [SECURITY] [DLA 2374-1] gnome-shell security update CVE-2020-17489
MLIST:[debian-lts-announce] 20200920 [SECURITY] [DLA 2375-1] inspircd security update CVE-2019-20917 CVE-2020-25269
MLIST:[debian-lts-announce] 20200925 [SECURITY] [DLA 2378-1] openssl1.0 security update CVE-2020-1968
MLIST:[debian-lts-announce] 20200926 [SECURITY] [DLA 2380-1] ruby-gon security update CVE-2020-25739
MLIST:[debian-lts-announce] 20200926 [SECURITY] [DLA 2381-1] lua5.3 security update CVE-2020-24370
MLIST:[debian-lts-announce] 20200926 [SECURITY] [DLA 2383-1] nfdump security update CVE-2019-1010057 CVE-2019-14459
MLIST:[debian-lts-announce] 20200926 [SECURITY] [DLA 2384-1] yaws security update CVE-2020-24379 CVE-2020-24916
MLIST:[debian-lts-announce] 20200928 [SECURITY] [DLA 2376-1] qtbase-opensource-src security update CVE-2018-19872 CVE-2020-17507
MLIST:[debian-lts-announce] 20200928 [SECURITY] [DLA 2377-1] qt4-x11 security update CVE-2018-15518 CVE-2018-19869 CVE-2018-19870 CVE-2018-19871 CVE-2018-19872 CVE-2018-19873 CVE-2020-17507
MLIST:[debian-lts-announce] 20200928 [SECURITY] [DLA 2385-1] linux-4.19 security update CVE-2019-19448 CVE-2019-19813 CVE-2019-19816 CVE-2020-10781 CVE-2020-12888 CVE-2020-14314 CVE-2020-14356 CVE-2020-14385 CVE-2020-14386 CVE-2020-16166 CVE-2020-25212 CVE-2020-25284 CVE-2020-25285 CVE-2020-26088
MLIST:[debian-lts-announce] 20200928 [SECURITY] [DLA 2386-1] libdbi-perl security update CVE-2019-20919 CVE-2020-14392 CVE-2020-14393
MLIST:[debian-lts-announce] 20200929 [SECURITY] [DLA 2388-1] nss security update CVE-2018-12404 CVE-2019-11719 CVE-2019-11729 CVE-2019-11745 CVE-2020-12399 CVE-2020-12402
MLIST:[debian-lts-announce] 20201001 [SECURITY] [DLA 2389-1] ruby-rack-cors security update CVE-2019-18978
MLIST:[debian-lts-announce] 20201001 [SECURITY] [DLA 2390-1] ruby-json-jwt security update CVE-2019-18848
MLIST:[debian-lts-announce] 20201002 [SECURITY] [DLA 2393-1] snmptt security update CVE-2020-24361
MLIST:[debian-lts-announce] 20201002 [SECURITY] [DLA 2394-1] squid3 security update CVE-2020-15049 CVE-2020-15810 CVE-2020-15811 CVE-2020-24606
MLIST:[debian-lts-announce] 20201006 [SECURITY] [DLA 2396-1] tigervnc security update CVE-2020-26117
MLIST:[debian-lts-announce] 20201006 [SECURITY] [DLA 2397-1] php7.0 security update CVE-2020-7070
MLIST:[debian-lts-announce] 20201007 [SECURITY] [DLA 2332-2] sane-backends regression update CVE-2020-12862 CVE-2020-12863 CVE-2020-12865 CVE-2020-12867
MLIST:[debian-lts-announce] 20201007 [SECURITY] [DLA 2398-1] puma security update CVE-2020-11076 CVE-2020-11077
MLIST:[debian-lts-announce] 20201007 [SECURITY] [DLA 2400-1] activemq security update CVE-2020-13920
MLIST:[debian-lts-announce] 20201007 [SECURITY] [DLA 2401-1] sympa security update CVE-2020-10936
MLIST:[debian-lts-announce] 20201007 [SECURITY] [DLA 2402-1] golang-go.crypto security update CVE-2019-11840 CVE-2019-11841 CVE-2020-9283
MLIST:[debian-lts-announce] 20201009 [SECURITY] [DLA 2403-1] rails security update CVE-2020-15169
MLIST:[debian-lts-announce] 20201009 [SECURITY] [DLA 2404-1] eclipse-wtp security update CVE-2019-17637
MLIST:[debian-lts-announce] 20201014 [SECURITY] [DLA 2407-1] tomcat8 security update CVE-2020-13943
MLIST:[debian-lts-announce] 20201016 [SECURITY] [DLA 2408-1] thunderbird security update CVE-2020-15673 CVE-2020-15676 CVE-2020-15677 CVE-2020-15678
MLIST:[debian-lts-announce] 20201021 [SECURITY] [DLA 2409-1] mariadb-10.1 security update CVE-2020-15180
MLIST:[debian-lts-announce] 20201021 [SECURITY] [DLA 2410-1] bluez security update CVE-2020-27153
MLIST:[debian-lts-announce] 20201025 [SECURITY] [DLA 2413-1] phpmyadmin security update CVE-2019-19617 CVE-2020-26934 CVE-2020-26935
MLIST:[debian-lts-announce] 20201025 [SECURITY] [DLA-2414-1] fastd security update CVE-2020-27638
MLIST:[debian-lts-announce] 20201027 [SECURITY] [DLA 2416-1] thunderbird security update CVE-2020-15683
MLIST:[debian-lts-announce] 20201028 [SECURITY] [DLA 2417-1] linux-4.19 security update CVE-2020-25211 CVE-2020-25643 CVE-2020-25645
MLIST:[debian-lts-announce] 20201029 [SECURITY] [DLA 2418-1] libsndfile security update CVE-2017-14245 CVE-2017-14246 CVE-2017-14634 CVE-2017-6892 CVE-2018-19661 CVE-2018-19662 CVE-2018-19758
MLIST:[debian-lts-announce] 20201029 [SECURITY] [DLA 2419-1] dompurify.js security update CVE-2019-16728 CVE-2020-26870
MLIST:[debian-lts-announce] 20201030 [SECURITY] [DLA 2412-1] openjdk-8 security update CVE-2020-14779 CVE-2020-14781 CVE-2020-14782 CVE-2020-14792 CVE-2020-14796 CVE-2020-14797 CVE-2020-14798 CVE-2020-14803
MLIST:[debian-lts-announce] 20201030 [SECURITY] [DLA 2420-1] linux security update CVE-2019-19073 CVE-2019-19074 CVE-2019-19448 CVE-2019-9445 CVE-2020-12655 CVE-2020-12771 CVE-2020-12888 CVE-2020-14314 CVE-2020-14356 CVE-2020-14386 CVE-2020-14390 CVE-2020-15393 CVE-2020-16166 CVE-2020-25211 CVE-2020-25212 CVE-2020-25220 CVE-2020-25284 CVE-2020-25285 CVE-2020-25641 CVE-2020-25643 CVE-2020-26088
MLIST:[debian-lts-announce] 20201030 [SECURITY] [DLA 2421-1] cimg security update CVE-2018-7588 CVE-2018-7589 CVE-2018-7637 CVE-2018-7638 CVE-2018-7639 CVE-2018-7640 CVE-2018-7641 CVE-2019-1010174
MLIST:[debian-lts-announce] 20201031 [SECURITY] [DLA 2420-2] linux regression update CVE-2019-19073 CVE-2019-19074 CVE-2019-19448 CVE-2019-9445 CVE-2020-12655 CVE-2020-12771 CVE-2020-12888 CVE-2020-14314 CVE-2020-14356 CVE-2020-14386 CVE-2020-14390 CVE-2020-15393 CVE-2020-16166 CVE-2020-25211 CVE-2020-25212 CVE-2020-25220 CVE-2020-25284 CVE-2020-25285 CVE-2020-25641 CVE-2020-25643 CVE-2020-26088
MLIST:[debian-lts-announce] 20201031 [SECURITY] [DLA 2422-1] qtsvg-opensource-src security update CVE-2018-19869
MLIST:[debian-lts-announce] 20201031 [SECURITY] [DLA 2423-1] wireshark security update CVE-2019-10894 CVE-2019-10895 CVE-2019-10896 CVE-2019-10899 CVE-2019-10901 CVE-2019-10903 CVE-2019-12295
MLIST:[debian-lts-announce] 20201101 [SECURITY] [DLA 2426-1] junit4 security update CVE-2020-15250
MLIST:[debian-lts-announce] 20201101 [SECURITY] [DLA 2427-1] spice security update CVE-2020-14355
MLIST:[debian-lts-announce] 20201101 [SECURITY] [DLA 2428-1] spice-gtk security update CVE-2020-14355
MLIST:[debian-lts-announce] 20201103 [SECURITY] [DLA 2429-1] wordpress security update CVE-2020-28032 CVE-2020-28033 CVE-2020-28034 CVE-2020-28035 CVE-2020-28036 CVE-2020-28037 CVE-2020-28038 CVE-2020-28039 CVE-2020-28040
MLIST:[debian-lts-announce] 20201103 [SECURITY] [DLA 2430-1] blueman security update CVE-2020-15238
MLIST:[debian-lts-announce] 20201106 [SECURITY] [DLA 2435-1] guacamole-server security update CVE-2020-9497 CVE-2020-9498
MLIST:[debian-lts-announce] 20201106 [SECURITY] [DLA 2436-1] sddm security update CVE-2020-28049
MLIST:[debian-lts-announce] 20201107 [SECURITY] [DLA 2437-1] krb5 security update CVE-2020-28196
MLIST:[debian-lts-announce] 20201107 [SECURITY] [DLA 2438-1] raptor2 security update CVE-2017-18926
MLIST:[debian-lts-announce] 20201108 [SECURITY] [DLA 2440-1] poppler security update CVE-2017-14926 CVE-2017-14928 CVE-2018-19058 CVE-2018-20650 CVE-2018-20662 CVE-2019-10018 CVE-2019-14494 CVE-2019-7310 CVE-2019-9959
MLIST:[debian-lts-announce] 20201109 [SECURITY] [DLA 2441-1] sympa security update CVE-2018-1000671 CVE-2020-26880
MLIST:[debian-lts-announce] 20201109 [SECURITY] [DLA 2442-1] obfs4proxy security update CVE-2019-11840
MLIST:[debian-lts-announce] 20201110 [SECURITY] [DLA 2443-1] zeromq3 security update CVE-2020-15166
MLIST:[debian-lts-announce] 20201110 [SECURITY] [DLA 2444-1] tcpdump security update CVE-2020-8037
MLIST:[debian-lts-announce] 20201110 [SECURITY] [DLA 2445-1] libmaxminddb security update CVE-2020-28241
MLIST:[debian-lts-announce] 20201110 [SECURITY] [DLA 2446-1] moin security update CVE-2020-25074
MLIST:[debian-lts-announce] 20201113 [SECURITY] [DLA 2450-1] libproxy security update CVE-2020-26154
MLIST:[debian-lts-announce] 20201116 [SECURITY] [DLA 2453-1] restic security update CVE-2020-9283
MLIST:[debian-lts-announce] 20201118 [SECURITY] [DLA 2454-1] rclone security update CVE-2019-11840
MLIST:[debian-lts-announce] 20201118 [SECURITY] [DLA 2455-1] packer security update CVE-2020-9283
MLIST:[debian-lts-announce] 20201119 [SECURITY] [DLA 2432-1] jupyter-notebook security update CVE-2018-19351 CVE-2018-21030 CVE-2018-8768
MLIST:[debian-lts-announce] 20201119 [SECURITY] [DLA 2456-1] python3.5 security update CVE-2019-20907 CVE-2020-26116
MLIST:[debian-lts-announce] 20201121 [SECURITY] [DLA 2459-1] golang-1.7 security update CVE-2020-15586 CVE-2020-16845
MLIST:[debian-lts-announce] 20201121 [SECURITY] [DLA 2460-1] golang-1.8 security update CVE-2020-15586 CVE-2020-16845
MLIST:[debian-lts-announce] 20201121 [SECURITY] [DLA 2461-1] zabbix security update CVE-2016-10742 CVE-2020-11800
MLIST:[debian-lts-announce] 20201123 [SECURITY] [DLA 2463-1] samba security update CVE-2020-10704 CVE-2020-10730 CVE-2020-10745 CVE-2020-10760 CVE-2020-14303 CVE-2020-14323
MLIST:[debian-lts-announce] 20201126 [SECURITY] [DLA 2467-1] lxml security update CVE-2018-19787
MLIST:[debian-lts-announce] 20201127 [SECURITY] [DLA 2466-1] drupal7 security update CVE-2020-28948 CVE-2020-28949
MLIST:[debian-lts-announce] 20201128 [SECURITY] [DLA 2468-1] tcpflow security update CVE-2018-14938
MLIST:[debian-lts-announce] 20201129 [SECURITY] [DLA 2469-1] qemu security update CVE-2020-25085 CVE-2020-25625 CVE-2020-27617
MLIST:[debian-lts-announce] 20201130 [SECURITY] [DLA 2472-1] mutt security update CVE-2020-28896
MLIST:[debian-lts-announce] 20201130 [SECURITY] [DLA 2473-1] vips security update CVE-2020-20739
MLIST:[debian-lts-announce] 20201130 [SECURITY] [DLA 2474-1] musl security update CVE-2020-28928
MLIST:[debian-lts-announce] 20201201 [SECURITY] [DLA 2470-1] zsh security update CVE-2017-18206 CVE-2018-0502 CVE-2018-1083 CVE-2018-13259 CVE-2019-20044
MLIST:[debian-lts-announce] 20201201 [SECURITY] [DLA 2471-1] libxstream-java security update CVE-2020-26217
MLIST:[debian-lts-announce] 20201201 [SECURITY] [DLA 2475-1] pdfresurrect security update CVE-2019-14934 CVE-2020-20740
MLIST:[debian-lts-announce] 20201201 [SECURITY] [DLA 2476-1] brotli security update CVE-2020-8927
MLIST:[debian-lts-announce] 20201202 [SECURITY] [DLA 2477-1] jupyter-notebook security update CVE-2020-26215
MLIST:[debian-lts-announce] 20201202 [SECURITY] [DLA 2478-1] postgresql-9.6 security update CVE-2020-25694 CVE-2020-25695 CVE-2020-25696
MLIST:[debian-lts-announce] 20201204 [SECURITY] [DLA 2480-1] salt security update CVE-2020-16846 CVE-2020-17490 CVE-2020-25592
MLIST:[debian-lts-announce] 20201204 [SECURITY] [DLA 2481-1] openldap security update CVE-2020-25709 CVE-2020-25710
MLIST:[debian-lts-announce] 20201208 [SECURITY] [DLA 2485-1] golang-golang-x-net-dev security update CVE-2019-9512 CVE-2019-9514
MLIST:[debian-lts-announce] 20201210 [SECURITY] [DLA 2340-2] sqlite3 regression update CVE-2019-20218
MLIST:[debian-lts-announce] 20201210 [SECURITY] [DLA 2483-1] linux-4.19 security update CVE-2019-19039 CVE-2019-19377 CVE-2019-19770 CVE-2019-19816 CVE-2020-0423 CVE-2020-14351 CVE-2020-25656 CVE-2020-25668 CVE-2020-25669 CVE-2020-25704 CVE-2020-27673 CVE-2020-27675 CVE-2020-28941 CVE-2020-28974 CVE-2020-8694
MLIST:[debian-lts-announce] 20201210 [SECURITY] [DLA 2489-1] minidlna security update CVE-2020-12695 CVE-2020-28926
MLIST:[debian-lts-announce] 20201210 [SECURITY] [DLA 2490-1] x11vnc security update CVE-2020-29074
MLIST:[debian-lts-announce] 20201214 [SECURITY] [DLA 2492-1] openssl security update CVE-2020-1971
MLIST:[debian-lts-announce] 20201214 [SECURITY] [DLA 2493-1] openssl1.0 security update CVE-2020-1971
MLIST:[debian-lts-announce] 20201216 [SECURITY] [DLA 2495-1] tomcat8 security update CVE-2020-17527
MLIST:[debian-lts-announce] 20201217 [SECURITY] [DLA 2498-1] xerces-c security update CVE-2018-1311
MLIST:[debian-lts-announce] 20201217 [SECURITY] [DLA 2499-1] sympa security update CVE-2020-29668
MLIST:[debian-lts-announce] 20201218 [SECURITY] [DLA 2467-2] lxml regression update CVE-2020-27783
MLIST:[debian-lts-announce] 20201218 [SECURITY] [DLA 2494-1] linux security update CVE-2020-0427 CVE-2020-14351 CVE-2020-25645 CVE-2020-25656 CVE-2020-25668 CVE-2020-25669 CVE-2020-25704 CVE-2020-27673 CVE-2020-27675 CVE-2020-28974 CVE-2020-8694
MLIST:[debian-lts-announce] 20201219 [SECURITY] [DLA 2500-1] curl security update CVE-2020-8284 CVE-2020-8285 CVE-2020-8286
MLIST:[debian-lts-announce] 20201220 [SECURITY] [DLA 2501-1] influxdb security update CVE-2019-20933
MLIST:[debian-lts-announce] 20201220 [SECURITY] [DLA 2502-1] postsrsd security update CVE-2020-35573
MLIST:[debian-lts-announce] 20201221 [SECURITY] [DLA 2503-1] node-ini security update CVE-2020-7788
MLIST:[debian-lts-announce] 20201223 [SECURITY] [DLA 2504-1] mediawiki security update CVE-2020-15005 CVE-2020-35477 CVE-2020-35479 CVE-2020-35480
MLIST:[debian-lts-announce] 20201223 [SECURITY] [DLA 2505-1] spip security update CVE-2020-28984
MLIST:[debian-lts-announce] 20201223 [SECURITY] [DLA 2506-1] awstats security update CVE-2020-29600 CVE-2020-35176
MLIST:[debian-lts-announce] 20201230 [SECURITY] [DLA 2511-1] highlight.js security update CVE-2020-26237
MLIST:[debian-lts-announce] 20201231 [SECURITY] [DLA 2507-1] libxstream-java security update CVE-2020-26258 CVE-2020-26259
MLIST:[debian-lts-announce] 20210103 [SECURITY] [DLA 2512-1] libhibernate3-java security update CVE-2020-25638
MLIST:[debian-lts-announce] 20210104 [SECURITY] [DLA 2513-1] p11-kit security update CVE-2020-29361 CVE-2020-29362
MLIST:[debian-lts-announce] 20210104 [SECURITY] [DLA 2514-1] flac security update CVE-2017-6888 CVE-2020-0499
MLIST:[debian-lts-announce] 20210104 [SECURITY] [DLA 2515-1] csync2 security update CVE-2019-15523
MLIST:[debian-lts-announce] 20210104 [SECURITY] [DLA 2516-1] gssproxy security update CVE-2020-12658
MLIST:[debian-lts-announce] 20210106 [SECURITY] [DLA 2519-1] pacemaker security update CVE-2018-16877 CVE-2018-16878 CVE-2020-25654
MLIST:[debian-lts-announce] 20210106 [SECURITY] [DLA 2520-1] golang-websocket security update CVE-2020-27813
MLIST:[debian-lts-announce] 20210112 [SECURITY] [DLA 2523-1] imagemagick security update CVE-2017-14528 CVE-2020-19667 CVE-2020-25665 CVE-2020-25674 CVE-2020-27560 CVE-2020-27750 CVE-2020-27760 CVE-2020-27763 CVE-2020-27765 CVE-2020-27773 CVE-2020-29599
MLIST:[debian-lts-announce] 20210113 [SECURITY] [DLA 2524-1] spice-vdagent security update CVE-2020-25650 CVE-2020-25651 CVE-2020-25652 CVE-2020-25653
MLIST:[debian-lts-announce] 20210115 [SECURITY] [DLA 2525-1] wavpack security update CVE-2018-19840 CVE-2018-19841 CVE-2019-1010315 CVE-2019-1010317 CVE-2019-1010319 CVE-2019-11498 CVE-2020-35738
MLIST:[debian-lts-announce] 20210115 [SECURITY] [DLA 2526-1] ruby-redcarpet security update CVE-2020-26298
MLIST:[debian-lts-announce] 20210117 [SECURITY] [DLA 2527-1] snapd security update CVE-2019-11840
MLIST:[debian-lts-announce] 20210120 [SECURITY] [DLA 2529-1] mutt security update CVE-2021-3181
MLIST:[debian-lts-announce] 20210121 [SECURITY] [DLA-2530-1] drupal7 security update CVE-2020-36193
MLIST:[debian-lts-announce] 20210124 [SECURITY] [DLA 2531-1] python-bottle security update CVE-2020-28473
MLIST:[debian-lts-announce] 20210125 [SECURITY] [DLA 2533-1] crmsh security update CVE-2020-35459
MLIST:[debian-lts-announce] 20210126 [SECURITY] [DLA 2534-1] sudo security update CVE-2021-3156
MLIST:[debian-lts-announce] 20210127 [SECURITY] [DLA 2535-1] ansible security update CVE-2017-7481 CVE-2019-10156 CVE-2019-14846 CVE-2019-14904
MLIST:[debian-lts-announce] 20210130 [SECURITY] [DLA 2536-1] libsdl2 security update CVE-2019-13616 CVE-2019-7575 CVE-2019-7577 CVE-2019-7578 CVE-2019-7635 CVE-2019-7636 CVE-2019-7638 CVE-2020-14409 CVE-2020-14410
MLIST:[debian-lts-announce] 20210131 [SECURITY] [DLA 2537-1] ffmpeg security update CVE-2019-17539 CVE-2020-35965
MLIST:[debian-lts-announce] 20210131 [SECURITY] [DLA 2538-1] mariadb-10.1 security update CVE-2020-14765 CVE-2020-14812
MLIST:[debian-lts-announce] 20210202 [SECURITY] [DLA 2539-1] firefox-esr security update CVE-2020-26976
MLIST:[debian-lts-announce] 20210202 [SECURITY] [DLA 2541-1] thunderbird security update CVE-2020-26976
MLIST:[debian-lts-announce] 20210203 [SECURITY] [DLA 2544-1] openldap security update CVE-2020-36221 CVE-2020-36222 CVE-2020-36223 CVE-2020-36224 CVE-2020-36225 CVE-2020-36226 CVE-2020-36227 CVE-2020-36228 CVE-2020-36229 CVE-2020-36230
MLIST:[debian-lts-announce] 20210203 [SECURITY] [DLA 2545-1] open-build-service security update CVE-2020-8020 CVE-2020-8021
MLIST:[debian-lts-announce] 20210205 [SECURITY] [DLA 2546-1] intel-microcode security update CVE-2020-8695 CVE-2020-8696 CVE-2020-8698
MLIST:[debian-lts-announce] 20210206 [SECURITY] [DLA 2547-1] wireshark security update CVE-2019-13619 CVE-2019-16319 CVE-2019-19553 CVE-2020-11647 CVE-2020-13164 CVE-2020-15466 CVE-2020-25862 CVE-2020-25863 CVE-2020-26418 CVE-2020-26421 CVE-2020-26575 CVE-2020-28030 CVE-2020-7045 CVE-2020-9428 CVE-2020-9430 CVE-2020-9431
MLIST:[debian-lts-announce] 20210208 [SECURITY] [DLA 2549-1] gdisk security update CVE-2020-0256 CVE-2021-0308
MLIST:[debian-lts-announce] 20210208 [SECURITY] [DLA 2550-1] openjpeg2 security update CVE-2020-27814 CVE-2020-27823 CVE-2020-27824 CVE-2020-27841 CVE-2020-27844 CVE-2020-27845
MLIST:[debian-lts-announce] 20210209 [SECURITY] [DLA 2551-1] slirp security update CVE-2020-7039 CVE-2020-8608
MLIST:[debian-lts-announce] 20210209 [SECURITY] [DLA 2552-1] connman security update CVE-2021-26675 CVE-2021-26676
MLIST:[debian-lts-announce] 20210210 [SECURITY] [DLA 2553-1] xcftools security update CVE-2019-5086 CVE-2019-5087
MLIST:[debian-lts-announce] 20210211 [SECURITY] [DLA 2554-1] firejail security update CVE-2021-26910
MLIST:[debian-lts-announce] 20210211 [SECURITY] [DLA 2555-1] netty security update CVE-2021-21290
MLIST:[debian-lts-announce] 20210212 [SECURITY] [DLA 2556-1] unbound1.9 security update CVE-2020-12662 CVE-2020-12663 CVE-2020-28935
MLIST:[debian-lts-announce] 20210212 [SECURITY] [DLA 2557-1] linux-4.19 security update CVE-2020-27825 CVE-2020-27830 CVE-2020-28374 CVE-2020-29568 CVE-2020-29569 CVE-2020-29660 CVE-2020-29661 CVE-2020-36158 CVE-2021-3347
MLIST:[debian-lts-announce] 20210213 [SECURITY] [DLA 2558-1] xterm security update CVE-2021-27135
MLIST:[debian-lts-announce] 20210215 [SECURITY] [DLA 2559-1] busybox security update CVE-2011-5325 CVE-2015-9261 CVE-2017-15873 CVE-2017-16544 CVE-2018-1000517
MLIST:[debian-lts-announce] 20210216 [SECURITY] [DLA 2561-1] ruby-mechanize security update CVE-2021-21289
MLIST:[debian-lts-announce] 20210218 [SECURITY] [DLA 2560-1] qemu security update CVE-2020-15469 CVE-2020-15859 CVE-2020-25084 CVE-2020-28916 CVE-2020-29130 CVE-2020-29443
MLIST:[debian-lts-announce] 20210218 [SECURITY] [DLA 2562-1] mumble security update CVE-2021-27229
MLIST:[debian-lts-announce] 20210218 [SECURITY] [DLA 2566-1] libbsd security update CVE-2019-20367
MLIST:[debian-lts-announce] 20210218 [SECURITY] [DLA 2567-1] unrar-free security update CVE-2017-14120 CVE-2017-14121 CVE-2017-14122
MLIST:[debian-lts-announce] 20210219 [SECURITY] [DLA 2564-1] php-horde-text-filter security update CVE-2021-26929
MLIST:[debian-lts-announce] 20210219 [SECURITY] [DLA 2568-1] bind9 security update CVE-2020-8625
MLIST:[debian-lts-announce] 20210219 [SECURITY] [DLA 2569-1] python-django security update CVE-2021-23336
MLIST:[debian-lts-announce] 20210219 [SECURITY] [DLA 2570-1] screen security update CVE-2021-26937
MLIST:[debian-lts-announce] 20210219 [SECURITY] [DLA 2571-1] openvswitch security update CVE-2015-8011 CVE-2017-9214 CVE-2018-17204 CVE-2018-17206 CVE-2020-35498
MLIST:[debian-lts-announce] 20210220 [SECURITY] [DLA 2572-1] wpa security update CVE-2021-0326
MLIST:[debian-lts-announce] 20210220 [SECURITY] [DLA 2574-1] openldap security update CVE-2021-27212
MLIST:[debian-lts-announce] 20210226 [SECURITY] [DLA 2577-1] python-pysaml2 security update CVE-2017-1000433 CVE-2021-21239
MLIST:[debian-lts-announce] 20210301 [SECURITY] [DLA 2578-1] thunderbird security update CVE-2021-23968 CVE-2021-23969 CVE-2021-23973 CVE-2021-23978
MLIST:[debian-lts-announce] 20210302 [SECURITY] [DLA 2580-1] adminer security update CVE-2021-21311
MLIST:[debian-lts-announce] 20210302 [SECURITY] [DLA 2581-1] wpa security update CVE-2021-27803
MLIST:[debian-lts-announce] 20210305 [SECURITY] [DLA 2582-1] mqtt-client security update CVE-2019-0222
MLIST:[debian-lts-announce] 20210305 [SECURITY] [DLA 2583-1] activemq security update CVE-2017-15709 CVE-2018-11775 CVE-2019-0222 CVE-2021-26117
MLIST:[debian-lts-announce] 20210307 [SECURITY] [DLA 2584-1] libcaca security update CVE-2021-3410
MLIST:[debian-lts-announce] 20210307 [SECURITY] [DLA 2585-1] libupnp security update CVE-2020-13848
MLIST:[debian-lts-announce] 20210308 [SECURITY] [DLA 2553-2] xcftools regression update CVE-2019-5086 CVE-2019-5087
MLIST:[debian-lts-announce] 20210309 [SECURITY] [DLA 2586-1] linux security update CVE-2019-19318 CVE-2019-19813 CVE-2019-19816 CVE-2020-27825 CVE-2020-28374 CVE-2020-29568 CVE-2020-29569 CVE-2020-29660 CVE-2020-29661 CVE-2020-36158 CVE-2021-26930 CVE-2021-26931 CVE-2021-26932 CVE-2021-27363 CVE-2021-27364 CVE-2021-27365 CVE-2021-28038 CVE-2021-3178 CVE-2021-3347
MLIST:[debian-lts-announce] 20210309 [SECURITY] [DLA 2587-1] privoxy security update CVE-2021-20272 CVE-2021-20273 CVE-2021-20275 CVE-2021-20276
MLIST:[debian-lts-announce] 20210311 [SECURITY] [DLA 2589-1] mupdf security update CVE-2020-26519
MLIST:[debian-lts-announce] 20210313 [SECURITY] [DLA 2591-1] golang-1.7 security update CVE-2017-15041 CVE-2018-16873 CVE-2018-16874 CVE-2019-16276 CVE-2019-17596 CVE-2019-9741 CVE-2021-3114
MLIST:[debian-lts-announce] 20210313 [SECURITY] [DLA 2592-1] golang-1.8 security update CVE-2017-15041 CVE-2018-16873 CVE-2018-16874 CVE-2019-16276 CVE-2019-17596 CVE-2019-9741 CVE-2021-3114
MLIST:[debian-lts-announce] 20210316 [SECURITY] [DLA 2596-1] tomcat8 security update CVE-2021-24122 CVE-2021-25122 CVE-2021-25329
MLIST:[debian-lts-announce] 20210317 [SECURITY] [DLA 2595-1] velocity security update CVE-2020-13936
MLIST:[debian-lts-announce] 20210317 [SECURITY] [DLA 2596-1] shadow security update CVE-2017-12424 CVE-2017-20002
MLIST:[debian-lts-announce] 20210317 [SECURITY] [DLA 2597-1] velocity-tools security update CVE-2020-13959
MLIST:[debian-lts-announce] 20210319 [SECURITY] [DLA 2600-1] pygments security update CVE-2021-27291
MLIST:[debian-lts-announce] 20210322 [SECURITY] [DLA 2604-1] dnsmasq security update CVE-2020-25681 CVE-2020-25682 CVE-2020-25683 CVE-2020-25684 CVE-2020-25687
MLIST:[debian-lts-announce] 20210323 [SECURITY] [DLA 2602-1] imagemagick security update CVE-2020-25666 CVE-2020-25675 CVE-2020-25676 CVE-2020-27754 CVE-2020-27757 CVE-2020-27758 CVE-2020-27759 CVE-2020-27761 CVE-2020-27762 CVE-2020-27764 CVE-2020-27766 CVE-2020-27767 CVE-2020-27768 CVE-2020-27770 CVE-2020-27771 CVE-2020-27772 CVE-2020-27774 CVE-2020-27775 CVE-2021-20176 CVE-2021-20241 CVE-2021-20244 CVE-2021-20246
MLIST:[debian-lts-announce] 20210323 [SECURITY] [DLA 2605-1] mariadb-10.1 security update CVE-2021-27928
MLIST:[debian-lts-announce] 20210324 [SECURITY] [DLA 2606-1] lxml security update CVE-2021-28957
MLIST:[debian-lts-announce] 20210326 [SECURITY] [DLA 2608-1] jquery security update CVE-2020-11022 CVE-2020-11023
MLIST:[debian-lts-announce] 20210330 [SECURITY] [DLA 2610-1] linux-4.19 security update CVE-2020-27170 CVE-2020-27171 CVE-2021-26930 CVE-2021-26931 CVE-2021-26932 CVE-2021-27363 CVE-2021-27364 CVE-2021-27365 CVE-2021-28038 CVE-2021-28660 CVE-2021-3348
MLIST:[debian-lts-announce] 20210331 [SECURITY] [DLA 2611-1] ldb security update CVE-2020-27840 CVE-2021-20277
MLIST:[debian-lts-announce] 20210331 [SECURITY] [DLA 2612-1] leptonlib security update CVE-2020-36277 CVE-2020-36278 CVE-2020-36279 CVE-2020-36281
MLIST:[debian-lts-announce] 20210331 [SECURITY] [DLA 2613-1] underscore security update CVE-2021-23358
MLIST:[debian-lts-announce] 20210401 [SECURITY] [DLA 2614-1] busybox security update CVE-2021-28831
MLIST:[debian-lts-announce] 20210401 [SECURITY] [DLA 2615-1] spamassassin security update CVE-2020-1946
MLIST:[debian-lts-announce] 20210403 [SECURITY] [DLA 2616-1] libxstream-java security update CVE-2021-21341 CVE-2021-21342 CVE-2021-21343 CVE-2021-21344 CVE-2021-21345 CVE-2021-21346 CVE-2021-21347 CVE-2021-21348 CVE-2021-21349 CVE-2021-21350 CVE-2021-21351
MLIST:[debian-lts-announce] 20210404 [SECURITY] [DLA 2617-1] php-nette security update CVE-2020-15227
MLIST:[debian-lts-announce] 20210405 [SECURITY] [DLA 2618-1] smarty3 security update CVE-2018-13982 CVE-2021-26119 CVE-2021-26120
MLIST:[debian-lts-announce] 20210405 [SECURITY] [DLA 2619-1] python3.5 security update CVE-2021-23336 CVE-2021-3177 CVE-2021-3426
MLIST:[debian-lts-announce] 20210408 [SECURITY] [DLA 2621-1] php-pear security update CVE-2020-36193
MLIST:[debian-lts-announce] 20210409 [SECURITY] [DLA 2622-1] python-django security update CVE-2021-28658
MLIST:[debian-lts-announce] 20210410 [SECURITY] [DLA 2623-1] qemu security update CVE-2020-17380 CVE-2021-3392
MLIST:[debian-lts-announce] 20210412 [SECURITY] [DLA 2624-1] libpano13 security update CVE-2021-20307
MLIST:[debian-lts-announce] 20210414 [SECURITY] [DLA 2625-1] courier-authlib security update CVE-2021-28374
MLIST:[debian-lts-announce] 20210414 [SECURITY] [DLA 2626-1] clamav security update CVE-2021-1405
MLIST:[debian-lts-announce] 20210415 [SECURITY] [DLA 2627-1] xorg-server security update CVE-2021-3472
MLIST:[debian-lts-announce] 20210416 [SECURITY] [DLA 2618-2] smarty3 regression update CVE-2018-13982 CVE-2021-26119 CVE-2021-26120
MLIST:[debian-lts-announce] 20210417 [SECURITY] [DLA 2628-1] python2.7 security update CVE-2019-16935 CVE-2021-23336
MLIST:[debian-lts-announce] 20210418 [SECURITY] [DLA 2629-1] libebml security update CVE-2021-3405
MLIST:[debian-lts-announce] 20210421 [SECURITY] [DLA 2630-1] wordpress security update CVE-2021-29447 CVE-2021-29450
MLIST:[debian-lts-announce] 20210421 [SECURITY] [DLA 2631-1] zabbix security update CVE-2019-15132 CVE-2020-15803
MLIST:[debian-lts-announce] 20210422 [SECURITY] [DLA 2632-1] thunderbird security update CVE-2021-23961
MLIST:[debian-lts-announce] 20210423 [SECURITY] [DLA 2633-1] firefox-esr security update CVE-2021-23961
MLIST:[debian-lts-announce] 20210423 [SECURITY] [DLA 2634-1] openjdk-8 security update CVE-2021-2161 CVE-2021-2163
MLIST:[debian-lts-announce] 20210423 [SECURITY] [DLA 2635-1] libspring-java security update CVE-2018-11039 CVE-2018-11040 CVE-2018-1270 CVE-2018-15756
MLIST:[debian-lts-announce] 20210423 [SECURITY] [DLA 2636-1] pjproject security update CVE-2021-21375
MLIST:[debian-lts-announce] 20210424 [SECURITY] [DLA 2638-1] jackson-databind security update CVE-2020-24616 CVE-2020-24750 CVE-2020-35490 CVE-2020-35491 CVE-2020-35728 CVE-2020-36179 CVE-2020-36180 CVE-2020-36181 CVE-2020-36182 CVE-2020-36183 CVE-2020-36184 CVE-2020-36185 CVE-2020-36186 CVE-2020-36187 CVE-2020-36188 CVE-2020-36189 CVE-2021-20190
MLIST:[debian-lts-announce] 20210425 [SECURITY] [DLA 2639-1] opendmarc security update CVE-2020-12460
MLIST:[debian-lts-announce] 20210426 [SECURITY] [DLA 2640-1] gst-plugins-good1.0 security update CVE-2021-3497
MLIST:[debian-lts-announce] 20210429 [SECURITY] [DLA 2645-1] edk2 security update CVE-2019-0161 CVE-2019-14558 CVE-2019-14559 CVE-2019-14562 CVE-2019-14563 CVE-2019-14575 CVE-2019-14586 CVE-2019-14587
MLIST:[debian-lts-announce] 20210504 [SECURITY] [DLA 2646-1] subversion security update CVE-2020-17525
MLIST:[debian-lts-announce] 20210504 [SECURITY] [DLA 2647-1] bind9 security update CVE-2021-25214 CVE-2021-25215 CVE-2021-25216
MLIST:[debian-lts-announce] 20210505 [SECURITY] [DLA 2648-1] mediawiki security update CVE-2021-20270 CVE-2021-27291 CVE-2021-30152 CVE-2021-30155 CVE-2021-30158 CVE-2021-30159
MLIST:[debian-lts-announce] 20210505 [SECURITY] [DLA 2649-1] cgal security update CVE-2020-28601 CVE-2020-28636 CVE-2020-35628
MLIST:[debian-lts-announce] 20210506 [SECURITY] [DLA 2648-2] mediawiki regression update CVE-2021-20270 CVE-2021-27291 CVE-2021-30152 CVE-2021-30155 CVE-2021-30158 CVE-2021-30159
MLIST:[debian-lts-announce] 20210506 [SECURITY] [DLA 2651-1] python-django security update CVE-2021-31542
MLIST:[debian-lts-announce] 20210506 [SECURITY] [DLA 2652-1] unbound1.9 security update CVE-2019-25031 CVE-2019-25032 CVE-2019-25033 CVE-2019-25034 CVE-2019-25035 CVE-2019-25036 CVE-2019-25037 CVE-2019-25038 CVE-2019-25039 CVE-2019-25040 CVE-2019-25041 CVE-2019-25042
MLIST:[debian-lts-announce] 20210510 [SECURITY] [DLA 2653-1] libxml2 security update CVE-2021-3516 CVE-2021-3517 CVE-2021-3518 CVE-2021-3537
MLIST:[debian-lts-announce] 20210511 [SECURITY] [DLA 2654-1] composer security update CVE-2021-29472
MLIST:[debian-lts-announce] 20210511 [SECURITY] [DLA 2656-1] hivex security update CVE-2021-3504
MLIST:[debian-lts-announce] 20210513 [SECURITY] [DLA 2658-1] redmine security update CVE-2019-25026 CVE-2020-36306 CVE-2020-36307 CVE-2020-36308 CVE-2021-30163 CVE-2021-30164 CVE-2021-31863 CVE-2021-31864 CVE-2021-31865 CVE-2021-31866
MLIST:[debian-lts-announce] 20210513 [SECURITY] [DLA 2659-1] graphviz security update CVE-2018-10196 CVE-2020-18032
MLIST:[debian-lts-announce] 20210514 [SECURITY] [DLA 2661-1] jetty9 security update CVE-2017-9735 CVE-2018-12536 CVE-2019-10241 CVE-2019-10247 CVE-2020-27216
MLIST:[debian-lts-announce] 20210516 [SECURITY] [DLA 2663-1] libimage-exiftool-perl security update CVE-2021-22204
MLIST:[debian-lts-announce] 20210517 [SECURITY] [DLA 2664-1] curl security update CVE-2021-22876
MLIST:[debian-lts-announce] 20210523 [SECURITY] [DLA 2665-1] ring security update CVE-2021-21375
MLIST:[debian-lts-announce] 20210524 [SECURITY] [DLA 2666-1] libx11 security update CVE-2021-31535
MLIST:[debian-lts-announce] 20210526 [SECURITY] [DLA 2667-1] djvulibre security update CVE-2019-15142 CVE-2019-15143 CVE-2019-15144 CVE-2019-15145 CVE-2019-18804
MLIST:[debian-lts-announce] 20210529 [SECURITY] [DLA 2668-1] samba security update CVE-2019-10218 CVE-2019-14833 CVE-2019-14847 CVE-2019-14861 CVE-2019-14870 CVE-2019-14902 CVE-2019-14907 CVE-2021-20254
MLIST:[debian-lts-announce] 20210530 [SECURITY] [DLA 2671-1] rxvt-unicode security update CVE-2021-33477
MLIST:[debian-lts-announce] 20210603 [SECURITY] [DLA 2672-1] imagemagick security update CVE-2020-27751 CVE-2021-20243 CVE-2021-20245 CVE-2021-20309 CVE-2021-20312 CVE-2021-20313
MLIST:[debian-lts-announce] 20210603 [SECURITY] [DLA 2674-1] isc-dhcp security update CVE-2021-25217
MLIST:[debian-lts-announce] 20210605 [SECURITY] [DLA 2672-1] libwebp security update CVE-2020-36328 CVE-2020-36329 CVE-2020-36330 CVE-2020-36331
MLIST:[debian-lts-announce] 20210606 [SECURITY] [DLA 2677-1] libwebp security update CVE-2020-36328 CVE-2020-36329 CVE-2020-36330 CVE-2020-36331
MLIST:[debian-lts-announce] 20210606 [SECURITY] [DLA 2678-1] ruby-nokogiri security update CVE-2020-26247
MLIST:[debian-lts-announce] 20210607 [SECURITY] [DLA 2680-1] nginx security update CVE-2017-20005
MLIST:[debian-lts-announce] 20210609 [SECURITY] [DLA 2681-1] eterm security update CVE-2021-33477
MLIST:[debian-lts-announce] 20210609 [SECURITY] [DLA 2682-1] mrxvt security update CVE-2021-33477
MLIST:[debian-lts-announce] 20210609 [SECURITY] [DLA 2683-1] rxvt security update CVE-2021-33477
MLIST:[debian-lts-announce] 20210610 [SECURITY] [DLA 2684-1] lasso security update CVE-2021-28091
MLIST:[debian-lts-announce] 20210614 [SECURITY] [DLA 2685-1] squid3 security update CVE-2021-28651 CVE-2021-28652 CVE-2021-31806 CVE-2021-31807 CVE-2021-31808 CVE-2021-33620
MLIST:[debian-lts-announce] 20210615 [SECURITY] [DLA 2686-1] python-urllib3 security update CVE-2018-20060 CVE-2019-11236 CVE-2019-11324 CVE-2020-26137
MLIST:[debian-lts-announce] 20210616 [SECURITY] [DLA 2687-1] prosody security update CVE-2021-32917 CVE-2021-32921
MLIST:[debian-lts-announce] 20210617 [SECURITY] [DLA 2688-1] jetty9 security update CVE-2021-28169
MLIST:[debian-lts-announce] 20210619 [SECURITY] [DLA 2687-2] prosody regression update CVE-2021-32921
MLIST:[debian-lts-announce] 20210623 [SECURITY] [DLA 2689-1] linux security update CVE-2020-24586 CVE-2020-24587 CVE-2020-24588 CVE-2020-26139 CVE-2020-26147 CVE-2020-26558 CVE-2020-29374 CVE-2020-36322 CVE-2021-0129 CVE-2021-20292 CVE-2021-23133 CVE-2021-23134 CVE-2021-28660 CVE-2021-28688 CVE-2021-28950 CVE-2021-28964 CVE-2021-28971 CVE-2021-29154 CVE-2021-29265 CVE-2021-29647 CVE-2021-29650 CVE-2021-30002 CVE-2021-31916 CVE-2021-32399 CVE-2021-33034 CVE-2021-3483
MLIST:[debian-lts-announce] 20210623 [SECURITY] [DLA 2690-1] linux-4.19 security update CVE-2020-24586 CVE-2020-24587 CVE-2020-24588 CVE-2020-26139 CVE-2020-26147 CVE-2020-26558 CVE-2020-29374 CVE-2021-0129 CVE-2021-23133 CVE-2021-23134 CVE-2021-28688 CVE-2021-28964 CVE-2021-28971 CVE-2021-29154 CVE-2021-29264 CVE-2021-29647 CVE-2021-29650 CVE-2021-31829 CVE-2021-31916 CVE-2021-32399 CVE-2021-33034 CVE-2021-3483 CVE-2021-3506
MLIST:[debian-lts-announce] 20210624 [SECURITY] [DLA 2691-1] libgcrypt20 security update CVE-2021-33560
MLIST:[debian-lts-announce] 20210626 [SECURITY] [DLA 2692-1] bluez security update CVE-2020-26558 CVE-2021-0129
MLIST:[debian-lts-announce] 20210627 [SECURITY] [DLA 2694-1] tiff security update CVE-2020-35523 CVE-2020-35524
MLIST:[debian-lts-announce] 20210628 [SECURITY] [DLA 2693-1] xmlbeans security update CVE-2021-23926
MLIST:[debian-lts-announce] 20210628 [SECURITY] [DLA 2695-1] klibc security update CVE-2021-31870 CVE-2021-31871 CVE-2021-31872 CVE-2021-31873
MLIST:[debian-lts-announce] 20210629 [SECURITY] [DLA 2696-1] libjdom2-java security update CVE-2021-33813
MLIST:[debian-lts-announce] 20210629 [SECURITY] [DLA 2697-1] fluidsynth security update CVE-2021-21417
MLIST:[debian-lts-announce] 20210630 [SECURITY] [DLA 2698-1] node-bl security update CVE-2020-8244
MLIST:[debian-lts-announce] 20210630 [SECURITY] [DLA 2699-1] ipmitool security update CVE-2020-5208
MLIST:[debian-lts-announce] 20210701 [SECURITY] [DLA 2700-1] htmldoc security update CVE-2019-19630
MLIST:[debian-lts-announce] 20210703 [SECURITY] [DLA 2701-1] openexr security update CVE-2020-16587 CVE-2021-20296 CVE-2021-23215 CVE-2021-26260 CVE-2021-3474 CVE-2021-3475 CVE-2021-3476 CVE-2021-3477 CVE-2021-3478 CVE-2021-3479
MLIST:[debian-lts-announce] 20210703 [SECURITY] [DLA 2702-1] djvulibre security update CVE-2021-3630
MLIST:[debian-lts-announce] 20210705 [SECURITY] [DLA 2704-1] libxstream-java security update CVE-2021-29505
MLIST:[debian-lts-announce] 20210708 [SECURITY] [DLA 2705-1] scilab security update CVE-2021-30485 CVE-2021-31229 CVE-2021-31347 CVE-2021-31348 CVE-2021-31598
MLIST:[debian-lts-announce] 20210709 [SECURITY] [DLA 2706-1] apache2 security update CVE-2020-1927 CVE-2020-1934 CVE-2020-35452 CVE-2021-26690 CVE-2021-26691 CVE-2021-30641 CVE-2021-31618
MLIST:[debian-lts-announce] 20210712 [SECURITY] [DLA 2707-1] sogo security update CVE-2021-33054
MLIST:[debian-lts-announce] 20210715 [SECURITY] [DLA 2708-1] php7.0 security update CVE-2019-18218 CVE-2020-7071 CVE-2021-21702
MLIST:[debian-lts-announce] 20210715 [SECURITY] [DLA 2709-1] firefox-esr security update CVE-2021-30547
MLIST:[debian-lts-announce] 20210719 [SECURITY] [DLA 2710-1] rabbitmq-server security update CVE-2017-4965 CVE-2017-4966 CVE-2017-4967 CVE-2019-11281 CVE-2019-11287 CVE-2021-22116
MLIST:[debian-lts-announce] 20210719 [SECURITY] [DLA 2711-1] thunderbird security update CVE-2021-30547
MLIST:[debian-lts-announce] 20210720 [SECURITY] [DLA 2712-1] libjdom1-java security update CVE-2021-33813
MLIST:[debian-lts-announce] 20210720 [SECURITY] [DLA 2713-1] linux security update CVE-2021-33909 CVE-2021-34693
MLIST:[debian-lts-announce] 20210720 [SECURITY] [DLA 2713-2] linux security update CVE-2021-33909 CVE-2021-34693
MLIST:[debian-lts-announce] 20210720 [SECURITY] [DLA 2714-1] linux-4.19 security update CVE-2020-36311 CVE-2021-33909 CVE-2021-34693
MLIST:[debian-lts-announce] 20210722 [SECURITY] [DLA 2716-1] pillow security update CVE-2020-35653 CVE-2021-25290 CVE-2021-28676 CVE-2021-28677 CVE-2021-34552
MLIST:[debian-lts-announce] 20210722 [SECURITY] [DLA 2717-1] redis security update CVE-2021-32761
MLIST:[debian-lts-announce] 20210723 [SECURITY] [DLA 2719-1] ruby-actionpack-page-caching security update CVE-2020-8159
MLIST:[debian-lts-announce] 20210725 [SECURITY] [DLA 2720-1] aspell security update CVE-2019-17544 CVE-2019-25051
MLIST:[debian-lts-announce] 20210726 [SECURITY] [DLA 2718-1] intel-microcode security update CVE-2020-24489 CVE-2020-24511 CVE-2020-24512 CVE-2020-24513
MLIST:[debian-lts-announce] 20210726 [SECURITY] [DLA 2721-1] drupal7 security update CVE-2021-32610
MLIST:[debian-lts-announce] 20210729 [SECURITY] [DLA 2722-1] libsndfile security update CVE-2021-3246
MLIST:[debian-lts-announce] 20210731 [SECURITY] [DLA 2723-1] linuxptp security update CVE-2021-3570
MLIST:[debian-lts-announce] 20210801 [SECURITY] [DLA 2724-1] condor security update CVE-2019-18823
MLIST:[debian-lts-announce] 20210801 [SECURITY] [DLA 2725-1] lrzip security update CVE-2017-8844 CVE-2017-8846 CVE-2017-9928 CVE-2017-9929 CVE-2018-10685 CVE-2018-11496 CVE-2018-5650 CVE-2018-5747 CVE-2018-5786
MLIST:[debian-lts-announce] 20210802 [SECURITY] [DLA 2726-1] shiro security update CVE-2020-13933 CVE-2020-17510
MLIST:[debian-lts-announce] 20210803 [SECURITY] [DLA 2727-1] pyxdg security update CVE-2019-12761
MLIST:[debian-lts-announce] 20210804 [SECURITY] [DLA 2729-1] asterisk security update CVE-2021-32558
MLIST:[debian-lts-announce] 20210804 [SECURITY] [DLA 2730-1] libpam-tacplus security update CVE-2020-13881
MLIST:[debian-lts-announce] 20210805 [SECURITY] [DLA 2733-1] tomcat8 security update CVE-2021-30640 CVE-2021-33037
MLIST:[debian-lts-announce] 20210809 [SECURITY] [DLA 2736-1] lynx security update CVE-2021-38165
MLIST:[debian-lts-announce] 20210809 [SECURITY] [DLA 2737-1] openjdk-8 security update CVE-2021-2341 CVE-2021-2369 CVE-2021-2388
MLIST:[debian-lts-announce] 20210810 [SECURITY] [DLA 2735-1] ceph security update CVE-2018-14662 CVE-2018-16846 CVE-2020-10753 CVE-2020-1760 CVE-2021-3524
MLIST:[debian-lts-announce] 20210812 [SECURITY] [DLA 2741-1] commons-io security update CVE-2021-29425
MLIST:[debian-lts-announce] 20210813 [SECURITY] [DLA 2734-1] curl security update CVE-2021-22898 CVE-2021-22924
MLIST:[debian-lts-announce] 20210815 [SECURITY] [DLA 2742-1] ffmpeg security update CVE-2020-21041 CVE-2020-22015 CVE-2020-22016 CVE-2020-22020 CVE-2020-22021 CVE-2020-22022 CVE-2020-22023 CVE-2020-22025 CVE-2020-22026 CVE-2020-22028 CVE-2020-22031 CVE-2020-22032 CVE-2020-22036 CVE-2021-3566 CVE-2021-38114
MLIST:[debian-lts-announce] 20210816 [SECURITY] [DLA 2743-1] amd64-microcode security update CVE-2017-5715
MLIST:[debian-lts-announce] 20210821 [SECURITY] [DLA 2746-1] scrollz security update CVE-2021-29376
MLIST:[debian-lts-announce] 20210822 [SECURITY] [DLA 2747-1] ircii security update CVE-2021-29376
MLIST:[debian-lts-announce] 20210823 [SECURITY] [DLA 2748-1] tnef security update CVE-2019-18849
MLIST:[debian-lts-announce] 20210827 [SECURITY] [DLA 2717-2] redis security update CVE-2021-32761
MLIST:[debian-lts-announce] 20210829 [SECURITY] [DLA 2749-1] gthumb security update CVE-2019-20326
MLIST:[debian-lts-announce] 20210830 [SECURITY] [DLA 2750-1] exiv2 security update CVE-2019-20421 CVE-2021-29457 CVE-2021-29473 CVE-2021-31292 CVE-2021-3482
MLIST:[debian-lts-announce] 20210831 [SECURITY] [DLA 2751-1] postgresql-9.6 security update CVE-2021-3449
MLIST:[debian-lts-announce] 20210831 [SECURITY] [DLA 2752-1] squashfs-tools security update CVE-2021-40153
MLIST:[debian-lts-announce] 20210902 [SECURITY] [DLA 2753-1] qemu security update CVE-2021-3592 CVE-2021-3594 CVE-2021-3595 CVE-2021-3682 CVE-2021-3713
MLIST:[debian-lts-announce] 20210904 [SECURITY] [DLA 2754-1] pywps security update CVE-2021-39371
MLIST:[debian-lts-announce] 20210905 [SECURITY] [DLA 2755-1] btrbk security update CVE-2021-38173
MLIST:[debian-lts-announce] 20210911 [SECURITY] [DLA 2753-2] qemu regression update CVE-2021-3592
MLIST:[debian-lts-announce] 20210918 [SECURITY] [DLA 2760-1] nettle security update CVE-2021-20305 CVE-2021-3580
MLIST:[debian-lts-announce] 20210921 [SECURITY] [DLA 2762-1] grilo security update CVE-2021-39365
MLIST:[debian-lts-announce] 20210922 [SECURITY] [DLA 2763-1] ruby-kaminari security update CVE-2020-11082
MLIST:[debian-lts-announce] 20210922 [SECURITY] [DLA 2764-1] tomcat8 security update CVE-2021-41079
MLIST:[debian-lts-announce] 20210923 [SECURITY] [DLA 2765-1] mupdf security update CVE-2016-10246 CVE-2016-10247 CVE-2017-6060 CVE-2018-1000036 CVE-2018-10289 CVE-2020-19609
MLIST:[debian-lts-announce] 20210926 [SECURITY] [DLA 2766-1] openssl security update CVE-2021-3712
MLIST:[debian-lts-announce] 20210927 [SECURITY] [DLA 2767-1] libxml-security-java security update CVE-2021-40690
MLIST:[debian-lts-announce] 20210929 [SECURITY] [DLA 2768-1] uwsgi security update CVE-2021-36160
MLIST:[debian-lts-announce] 20210929 [SECURITY] [DLA 2769-1] libxstream-java security update CVE-2021-39139 CVE-2021-39140 CVE-2021-39141 CVE-2021-39144 CVE-2021-39145 CVE-2021-39146 CVE-2021-39147 CVE-2021-39148 CVE-2021-39149 CVE-2021-39150 CVE-2021-39151 CVE-2021-39152 CVE-2021-39153 CVE-2021-39154
MLIST:[debian-lts-announce] 20210930 [SECURITY] [DLA 2770-1] weechat security update CVE-2020-8955 CVE-2020-9759 CVE-2020-9760 CVE-2021-40516
MLIST:[debian-lts-announce] 20210930 [SECURITY] [DLA 2771-1] krb5 security update CVE-2018-20217 CVE-2018-5729 CVE-2018-5730 CVE-2021-37750
MLIST:[debian-lts-announce] 20210930 [SECURITY] [DLA 2772-1] taglib security update CVE-2017-12678 CVE-2018-11439
MLIST:[debian-lts-announce] 20210930 [SECURITY] [DLA 2773-1] curl security update CVE-2021-22946 CVE-2021-22947
MLIST:[debian-lts-announce] 20210930 [SECURITY] [DLA 2774-1] openssl1.0 security update CVE-2021-3712
MLIST:[debian-lts-announce] 20211002 [SECURITY] [DLA 2775-1] plib security update CVE-2021-38714
MLIST:[debian-lts-announce] 20211002 [SECURITY] [DLA 2776-1] apache2 security update CVE-2021-34798 CVE-2021-39275 CVE-2021-40438
MLIST:[debian-lts-announce] 20211004 [SECURITY] [DLA 2778-1] fig2dev security update CVE-2019-19797 CVE-2020-21529 CVE-2020-21530 CVE-2020-21531 CVE-2020-21532 CVE-2020-21533 CVE-2020-21534 CVE-2020-21535 CVE-2020-21675 CVE-2020-21676 CVE-2021-32280
MLIST:[debian-lts-announce] 20211009 [SECURITY] [DLA 2777-1] tiff security update CVE-2020-19131 CVE-2020-19144
MLIST:[debian-lts-announce] 20211009 [SECURITY] [DLA 2779-1] mediawiki security update CVE-2021-35197
MLIST:[debian-lts-announce] 20211011 [SECURITY] [DLA 2781-1] neutron security update CVE-2021-40085
MLIST:[debian-lts-announce] 20211012 [SECURITY] [DLA 2783-1] hiredis security update CVE-2021-32765
MLIST:[debian-lts-announce] 20211012 [SECURITY] [DLA 2784-1] icu security update CVE-2020-21913
MLIST:[debian-lts-announce] 20211013 [SECURITY] [DLA 2780-1] ruby2.3 security update CVE-2021-31799 CVE-2021-31810 CVE-2021-32066
MLIST:[debian-lts-announce] 20211015 [SECURITY] [DLA 2785-1] linux-4.19 security update CVE-2020-16119 CVE-2020-3702 CVE-2021-33624 CVE-2021-3444 CVE-2021-34556 CVE-2021-35039 CVE-2021-35477 CVE-2021-3612 CVE-2021-3653 CVE-2021-3655 CVE-2021-3679 CVE-2021-37159 CVE-2021-38160 CVE-2021-38198 CVE-2021-38199 CVE-2021-38205 CVE-2021-40490
MLIST:[debian-lts-announce] 20211017 [SECURITY] [DLA 2786-1] nghttp2 security update CVE-2018-1000168 CVE-2020-11080
MLIST:[debian-lts-announce] 20211018 [SECURITY] [DLA 2787-1] redmine security update CVE-2021-42326
MLIST:[debian-lts-announce] 20211019 [SECURITY] [DLA 2788-1] strongswan security update CVE-2021-41991
MLIST:[debian-lts-announce] 20211020 [SECURITY] [DLA 2618-3] smarty3 regression update CVE-2018-13982
MLIST:[debian-lts-announce] 20211020 [SECURITY] [DLA 2768-2] uwsgi regression update CVE-2021-36160
MLIST:[debian-lts-announce] 20211020 [SECURITY] [DLA 2789-1] squashfs-tools security update CVE-2021-41072
MLIST:[debian-lts-announce] 20211021 [SECURITY] [DLA 2790-1] python-babel security update CVE-2021-42771
MLIST:[debian-lts-announce] 20211024 [SECURITY] [DLA 2792-1] faad2 security update CVE-2018-20199 CVE-2018-20360 CVE-2019-6956 CVE-2021-32274 CVE-2021-32276 CVE-2021-32277 CVE-2021-32278
MLIST:[debian-lts-announce] 20211027 [SECURITY] [DLA 2793-1] mosquitto security update CVE-2017-7655
MLIST:[debian-lts-announce] 20211027 [SECURITY] [DLA 2794-1] php7.0 security update CVE-2021-21703
MLIST:[debian-lts-announce] 20211028 [SECURITY] [DLA 2796-1] jbig2dec security update CVE-2017-9216 CVE-2020-12268
MLIST:[debian-lts-announce] 20211029 [SECURITY] [DLA 2795-1] gpsd security update CVE-2018-17937
MLIST:[debian-lts-announce] 20211030 [SECURITY] [DLA 2799-1] opencv security update CVE-2016-1516 CVE-2017-1000450 CVE-2017-12597 CVE-2017-12598 CVE-2017-12599 CVE-2017-12601 CVE-2017-12603 CVE-2017-12604 CVE-2017-12605 CVE-2017-12606 CVE-2017-12862 CVE-2017-12863 CVE-2017-12864 CVE-2017-17760 CVE-2018-5268 CVE-2018-5269 CVE-2019-14493 CVE-2019-15939
MLIST:[debian-lts-announce] 20211030 [SECURITY] [DLA 2800-1] cups security update CVE-2020-10001
MLIST:[debian-lts-announce] 20211030 [SECURITY] [DLA 2801-1] cron security update CVE-2017-9525 CVE-2019-9704 CVE-2019-9705 CVE-2019-9706
MLIST:[debian-lts-announce] 20211030 [SECURITY] [DLA 2802-1] elfutils security update CVE-2018-16062 CVE-2018-16402 CVE-2018-18310 CVE-2018-18520 CVE-2018-18521 CVE-2019-7150 CVE-2019-7665
MLIST:[debian-lts-announce] 20211031 [SECURITY] [DLA 2803-1] libsdl2 security update CVE-2017-2888 CVE-2019-7637
MLIST:[debian-lts-announce] 20211031 [SECURITY] [DLA 2804-1] libsdl1.2 security update CVE-2019-13616 CVE-2019-7572 CVE-2019-7573 CVE-2019-7574 CVE-2019-7575 CVE-2019-7576 CVE-2019-7577 CVE-2019-7578 CVE-2019-7635 CVE-2019-7636 CVE-2019-7637 CVE-2019-7638
MLIST:[debian-lts-announce] 20211031 [SECURITY] [DLA 2805-1] libmspack security update CVE-2019-1010305
MLIST:[debian-lts-announce] 20211101 [SECURITY] [DLA 2806-1] glusterfs security update CVE-2018-10904 CVE-2018-10907 CVE-2018-10911 CVE-2018-10913 CVE-2018-10914 CVE-2018-10923 CVE-2018-10926 CVE-2018-10927 CVE-2018-10928 CVE-2018-10929 CVE-2018-10930
MLIST:[debian-lts-announce] 20211102 [SECURITY] [DLA 2807-1] bind9 security update CVE-2018-5740 CVE-2021-25219
MLIST:[debian-lts-announce] 20211106 [SECURITY] [DLA 2811-1] sqlalchemy security update CVE-2019-7164 CVE-2019-7548
MLIST:[debian-lts-announce] 20211108 [SECURITY] [DLA 2812-1] botan1.10 security update CVE-2017-14737
MLIST:[debian-lts-announce] 20211109 [SECURITY] [DLA 2813-1] ckeditor security update CVE-2021-33829 CVE-2021-37695
MLIST:[debian-lts-announce] 20211109 [SECURITY] [DLA 2814-1] openjdk-8 security update CVE-2021-35550 CVE-2021-35556 CVE-2021-35559 CVE-2021-35561 CVE-2021-35564 CVE-2021-35565 CVE-2021-35567 CVE-2021-35578 CVE-2021-35586 CVE-2021-35588 CVE-2021-35603
MLIST:[debian-lts-announce] 20211110 [SECURITY] [DLA 2815-1] salt security update CVE-2020-28243 CVE-2020-28972 CVE-2020-35662 CVE-2021-25281 CVE-2021-25282 CVE-2021-25283 CVE-2021-25284 CVE-2021-3144 CVE-2021-3148 CVE-2021-31607 CVE-2021-3197
MLIST:[debian-lts-announce] 20211110 [SECURITY] [DLA 2816-1] icinga2 security update CVE-2021-32739 CVE-2021-32743 CVE-2021-37698
MLIST:[debian-lts-announce] 20211114 [SECURITY] [DLA 2818-1] ffmpeg security update CVE-2020-20445 CVE-2020-20446 CVE-2020-20451 CVE-2020-20453 CVE-2020-22037 CVE-2020-22041 CVE-2020-22044 CVE-2020-22046 CVE-2020-22048 CVE-2020-22049 CVE-2020-22054 CVE-2021-38171 CVE-2021-38291
MLIST:[debian-lts-announce] 20211116 [SECURITY] [DLA 2819-1] ntfs-3g security update CVE-2021-33285 CVE-2021-33286 CVE-2021-33287 CVE-2021-33289 CVE-2021-35266 CVE-2021-35267 CVE-2021-35268 CVE-2021-35269 CVE-2021-39251 CVE-2021-39252 CVE-2021-39253 CVE-2021-39254 CVE-2021-39255 CVE-2021-39256 CVE-2021-39257 CVE-2021-39258 CVE-2021-39259 CVE-2021-39260 CVE-2021-39261 CVE-2021-39262 CVE-2021-39263
MLIST:[debian-lts-announce] 20211117 [SECURITY] [DLA 2820-1] atftp security update CVE-2020-6097 CVE-2021-41054
MLIST:[debian-lts-announce] 20211117 [SECURITY] [DLA 2821-1] axis security update CVE-2018-8032
MLIST:[debian-lts-announce] 20211118 [SECURITY] [DLA 2822-1] netkit-rsh security update CVE-2019-7282 CVE-2019-7283
MLIST:[debian-lts-announce] 20211119 [SECURITY] [DLA 2823-1] salt security update CVE-2021-21996
MLIST:[debian-lts-announce] 20211120 [SECURITY] [DLA 2824-1] firebird3.0 security update CVE-2017-11509
MLIST:[debian-lts-announce] 20211121 [SECURITY] [DLA 2823-2] salt regression update CVE-2021-21996
MLIST:[debian-lts-announce] 20211122 [SECURITY] [DLA 2825-1] libmodbus security update CVE-2019-14462 CVE-2019-14463
MLIST:[debian-lts-announce] 20211123 [SECURITY] [DLA 2826-1] mbedtls security update CVE-2018-9988 CVE-2018-9989
MLIST:[debian-lts-announce] 20211127 [SECURITY] [DLA 2827-1] bluez security update CVE-2021-41229
MLIST:[debian-lts-announce] 20211127 [SECURITY] [DLA 2828-1] libvorbis security update CVE-2017-14160 CVE-2018-10392 CVE-2018-10393
MLIST:[debian-lts-announce] 20211127 [SECURITY] [DLA 2829-1] libvpx security update CVE-2020-0034
MLIST:[debian-lts-announce] 20211128 [SECURITY] [DLA 2830-1] tar security update CVE-2018-20482
MLIST:[debian-lts-announce] 20211128 [SECURITY] [DLA 2831-1] libntlm security update CVE-2019-17455
MLIST:[debian-lts-announce] 20211129 [SECURITY] [DLA 2832-1] opensc security update CVE-2019-15945 CVE-2019-15946 CVE-2019-19479 CVE-2020-26570 CVE-2020-26571 CVE-2020-26572
MLIST:[debian-lts-announce] 20211130 [SECURITY] [DLA 2833-1] rsync security update CVE-2018-5764
MLIST:[debian-lts-announce] 20211130 [SECURITY] [DLA 2834-1] uriparser security update CVE-2018-20721
MLIST:[debian-lts-announce] 20211130 [SECURITY] [DLA 2835-1] rsyslog security update CVE-2019-17041 CVE-2019-17042
MLIST:[debian-lts-announce] 20211202 [SECURITY] [DLA 2837-1] gmp security update CVE-2021-43618
MLIST:[debian-lts-announce] 20211203 [SECURITY] [DLA 2838-1] librecad security update CVE-2021-21898 CVE-2021-21899 CVE-2021-21900
MLIST:[debian-lts-announce] 20211203 [SECURITY] [DLA 2839-1] gerbv security update CVE-2021-40391
MLIST:[debian-lts-announce] 20211206 [SECURITY] [DLA 2840-1] roundcube security update CVE-2021-44025 CVE-2021-44026
MLIST:[debian-lts-announce] 20211206 [SECURITY] [DLA 2841-1] runc security update CVE-2021-43784
MLIST:[debian-lts-announce] 20211212 [SECURITY] [DLA 2842-1] apache-log4j2 security update CVE-2021-44228
MLIST:[debian-lts-announce] 20211214 [SECURITY] [DLA 2845-1] libsamplerate security update CVE-2017-7697
MLIST:[debian-lts-announce] 20211214 [SECURITY] [DLA 2846-1] raptor2 security update CVE-2020-25713
MLIST:[debian-lts-announce] 20211216 [SECURITY] [DLA 2843-1] linux security update CVE-2020-16119 CVE-2020-3702 CVE-2021-0920 CVE-2021-20317 CVE-2021-3612 CVE-2021-3653 CVE-2021-3655 CVE-2021-3679 CVE-2021-37159 CVE-2021-38160 CVE-2021-38198 CVE-2021-38199 CVE-2021-38204 CVE-2021-38205 CVE-2021-40490 CVE-2021-41864 CVE-2021-42008 CVE-2021-43389
MLIST:[debian-lts-announce] 20211217 [SECURITY] [DLA 2848-1] libssh2 security update CVE-2019-13115 CVE-2019-17498
MLIST:[debian-lts-announce] 20211226 [SECURITY] [DLA 2849-1] wireshark security update CVE-2021-22207 CVE-2021-22235 CVE-2021-39921 CVE-2021-39922 CVE-2021-39923 CVE-2021-39924 CVE-2021-39925 CVE-2021-39928 CVE-2021-39929
MLIST:[debian-lts-announce] 20211226 [SECURITY] [DLA 2850-1] libpcap security update CVE-2019-15165
MLIST:[debian-lts-announce] 20211226 [SECURITY] [DLA 2851-1] libextractor security update CVE-2019-15531
MLIST:[debian-lts-announce] 20211226 [SECURITY] [DLA 2852-1] apache-log4j2 security update CVE-2020-9488
MLIST:[debian-lts-announce] 20211227 [SECURITY] [DLA 2855-1] monit security update CVE-2019-11454 CVE-2019-11455
MLIST:[debian-lts-announce] 20211227 [SECURITY] [DLA 2856-1] okular security update CVE-2020-9359
MLIST:[debian-lts-announce] 20211227 [SECURITY] [DLA 2857-1] postgis security update CVE-2017-18359
MLIST:[debian-lts-announce] 20211228 [SECURITY] [DLA 2854-1] novnc security update CVE-2017-18635
MLIST:[debian-lts-announce] 20211228 [SECURITY] [DLA 2858-1] libzip security update CVE-2017-14107
MLIST:[debian-lts-announce] 20211228 [SECURITY] [DLA 2859-1] zziplib security update CVE-2020-18442
MLIST:[debian-lts-announce] 20211228 [SECURITY] [DLA 2860-1] paramiko security update CVE-2018-1000805 CVE-2018-7750
MLIST:[debian-lts-announce] 20211228 [SECURITY] [DLA 2861-1] rdflib security update CVE-2019-7653
MLIST:[debian-lts-announce] 20211228 [SECURITY] [DLA 2862-1] python-gnupg security update CVE-2018-12020 CVE-2019-6690
MLIST:[debian-lts-announce] 20211229 [SECURITY] [DLA 2863-1] firefox-esr security update CVE-2021-38503 CVE-2021-38504 CVE-2021-38506 CVE-2021-38507 CVE-2021-38508 CVE-2021-38509 CVE-2021-43534 CVE-2021-43535 CVE-2021-43536 CVE-2021-43537 CVE-2021-43538 CVE-2021-43539 CVE-2021-43541 CVE-2021-43542 CVE-2021-43543 CVE-2021-43545 CVE-2021-43546
MLIST:[debian-lts-announce] 20211229 [SECURITY] [DLA 2864-1] ruby-haml security update CVE-2017-1002201
MLIST:[debian-lts-announce] 20211229 [SECURITY] [DLA 2865-1] resiprocate security update CVE-2017-11521 CVE-2018-12584
MLIST:[debian-lts-announce] 20211229 [SECURITY] [DLA 2866-1] uw-imap security update CVE-2018-19518
MLIST:[debian-lts-announce] 20211229 [SECURITY] [DLA 2868-1] advancecomp security update CVE-2018-1056 CVE-2019-8379 CVE-2019-8383 CVE-2019-9210
MLIST:[debian-lts-announce] 20211229 [SECURITY] [DLA 2869-1] xorg-server security update CVE-2021-4008 CVE-2021-4009 CVE-2021-4011
MLIST:[debian-lts-announce] 20211229 [SECURITY] [DLA 2870-1] apache-log4j2 security update CVE-2021-44832
MLIST:[debian-lts-announce] 20211230 [SECURITY] [DLA 2871-1] lxml security update CVE-2021-43818
MLIST:[debian-lts-announce] 20211230 [SECURITY] [DLA 2872-1] agg security update CVE-2019-6245
MLIST:[debian-lts-announce] 20211230 [SECURITY] [DLA 2873-1] aria2 security update CVE-2019-3500
MLIST:[debian-lts-announce] 20220103 [SECURITY] [DLA 2480-2] salt regression update CVE-2020-16846 CVE-2020-28243 CVE-2021-25282 CVE-2021-25284 CVE-2021-3197
MLIST:[debian-lts-announce] 20220104 [SECURITY] [DLA 2874-1] thunderbird security update CVE-2021-38496 CVE-2021-38500 CVE-2021-38502 CVE-2021-38503 CVE-2021-38504 CVE-2021-38506 CVE-2021-38507 CVE-2021-38508 CVE-2021-38509 CVE-2021-43528 CVE-2021-43534 CVE-2021-43535 CVE-2021-43536 CVE-2021-43537 CVE-2021-43538 CVE-2021-43539 CVE-2021-43541 CVE-2021-43542 CVE-2021-43543 CVE-2021-43545 CVE-2021-43546 CVE-2021-44538
MLIST:[debian-lts-announce] 20220110 [SECURITY] [DLA 2876-1] vim security update CVE-2017-17087 CVE-2019-20807 CVE-2021-3778 CVE-2021-3796
MLIST:[debian-lts-announce] 20220112 [SECURITY] [DLA 2877-1] gdal security update CVE-2019-17545 CVE-2021-45943
MLIST:[debian-lts-announce] 20220112 [SECURITY] [DLA 2878-1] roundcube security update CVE-2021-46144
MLIST:[debian-lts-announce] 20220114 [SECURITY] [DLA 2879-1] ghostscript security update CVE-2021-45944 CVE-2021-45949
MLIST:[debian-lts-announce] 20220117 [SECURITY] [DLA 2882-1] sphinxsearch security update CVE-2020-29050
MLIST:[debian-lts-announce] 20220117 [SECURITY] [DLA 2886-1] slurm-llnl security update CVE-2019-12838 CVE-2020-12693 CVE-2020-27745 CVE-2021-31215
MLIST:[debian-lts-announce] 20220118 [SECURITY] [DLA 2879-1] lighttpd security update CVE-2018-19052
MLIST:[debian-lts-announce] 20220118 [SECURITY] [DLA 2888-1] nvidia-graphics-drivers security update CVE-2021-1056 CVE-2021-1076 CVE-2021-1093 CVE-2021-1094 CVE-2021-1095
MLIST:[debian-lts-announce] 20220121 [SECURITY] [DLA 2890-1] libspf2 security update CVE-2021-33912 CVE-2021-33913
MLIST:[debian-lts-announce] 20220121 [SECURITY] [DLA 2891-1] golang-1.8 security update CVE-2021-33196 CVE-2021-36221 CVE-2021-41771 CVE-2021-44716 CVE-2021-44717
MLIST:[debian-lts-announce] 20220121 [SECURITY] [DLA 2892-1] golang-1.7 security update CVE-2021-33196 CVE-2021-36221 CVE-2021-41771 CVE-2021-44716 CVE-2021-44717
MLIST:[debian-lts-announce] 20220123 [SECURITY] [DLA 2884-1] wordpress security update CVE-2022-21661 CVE-2022-21662 CVE-2022-21663 CVE-2022-21664
MLIST:[debian-lts-announce] 20220123 [SECURITY] [DLA 2885-1] qtsvg-opensource-src security update CVE-2021-45930
MLIST:[debian-lts-announce] 20220123 [SECURITY] [DLA 2893-1] pillow security update CVE-2022-22815 CVE-2022-22816 CVE-2022-22817
MLIST:[debian-lts-announce] 20220124 [SECURITY] [DLA 2895-1] qt4-x11 security update CVE-2021-45930
MLIST:[debian-lts-announce] 20220124 [SECURITY] [DLA 2896-1] ipython security update CVE-2022-21699
MLIST:[debian-lts-announce] 20220124 [SECURITY] [DLA 2897-1] apr security update CVE-2017-12613
MLIST:[debian-lts-announce] 20220125 [SECURITY] [DLA 2894-1] aide security update CVE-2021-45417
MLIST:[debian-lts-announce] 20220125 [SECURITY] [DLA 2900-1] lrzsz security update CVE-2018-10195
MLIST:[debian-lts-announce] 20220125 [SECURITY] [DLA 2901-1] libxfont security update CVE-2017-16611
MLIST:[debian-lts-announce] 20220126 [SECURITY] [DLA 2883-2] uriparser security update CVE-2021-46141
MLIST:[debian-lts-announce] 20220206 [SECURITY] [DLA 2912-1] libphp-adodb security update CVE-2021-3850
MLIST:[debian-lts-announce] 20220207 [SECURITY] [DLA 2913-1] xterm security update CVE-2022-24130
MLIST:[debian-lts-announce] 20220207 [SECURITY] [DLA 2914-1] zabbix security update CVE-2022-23134
MLIST:[debian-lts-announce] 20220209 [SECURITY] [DLA 2915-1] connman security update CVE-2021-33833 CVE-2022-23096 CVE-2022-23097 CVE-2022-23098
MLIST:[debian-lts-announce] 20220210 [SECURITY] [DLA 2917-1] openjdk-8 security update CVE-2022-21349
MLIST:[debian-lts-announce] 20220211 [SECURITY] [DLA 2918-1] debian-edu-config security update CVE-2021-20001
MLIST:[debian-lts-announce] 20220212 [SECURITY] [DLA 2919-1] python2.7 security update CVE-2021-3177
MLIST:[debian-lts-announce] 20220214 [SECURITY] [DLA 2920-1] varnish security update CVE-2022-23959
MLIST:[debian-lts-announce] 20220214 [SECURITY] [DLA 2922-1] pgbouncer security update CVE-2021-3935
MLIST:[debian-lts-announce] 20220215 [SECURITY] [DLA 2923-1] h2database security update CVE-2021-42392 CVE-2022-23221
MLIST:[debian-lts-announce] 20220215 [SECURITY] [DLA 2924-1] libxstream-java security update CVE-2021-43859
MLIST:[debian-lts-announce] 20220218 [SECURITY] [DLA 2926-1] zsh security update CVE-2021-45444
MLIST:[debian-lts-announce] 20220219 [SECURITY] [DLA 2927-1] twisted security update CVE-2020-10108 CVE-2020-10109 CVE-2022-21712
MLIST:[debian-lts-announce] 20220226 [SECURITY] [DLA 2928-1] htmldoc security update CVE-2021-40985 CVE-2021-43579 CVE-2022-0534
MLIST:[debian-lts-announce] 20220226 [SECURITY] [DLA 2929-1] ujson security update CVE-2021-45958
MLIST:[debian-lts-announce] 20220306 [SECURITY] [DLA 2931-1] cyrus-sasl2 security update CVE-2022-24407
MLIST:[debian-lts-announce] 20220306 [SECURITY] [DLA 2932-1] tiff security update CVE-2022-0561 CVE-2022-0562 CVE-2022-22844
MLIST:[debian-lts-announce] 20220307 [SECURITY] [DLA 2934-1] freecad security update CVE-2021-45844
MLIST:[debian-lts-announce] 20220307 [SECURITY] [DLA 2935-1] expat security update CVE-2022-23852 CVE-2022-25235 CVE-2022-25236 CVE-2022-25313 CVE-2022-25315
MLIST:[debian-lts-announce] 20220307 [SECURITY] [DLA 2937-1] gif2apng security update CVE-2021-45909 CVE-2021-45910 CVE-2021-45911
MLIST:[debian-lts-announce] 20220308 [SECURITY] [DLA 2938-1] twisted security update CVE-2022-21716
MLIST:[debian-lts-announce] 20220309 [SECURITY] [DLA 2940-1] linux security update CVE-2021-28711 CVE-2021-28712 CVE-2021-28713 CVE-2021-28714 CVE-2021-28715 CVE-2021-29264 CVE-2021-33033 CVE-2021-3752 CVE-2021-4002 CVE-2021-4083 CVE-2021-43976 CVE-2021-45095 CVE-2022-0487 CVE-2022-0492 CVE-2022-0617 CVE-2022-24448 CVE-2022-25258 CVE-2022-25375
MLIST:[debian-lts-announce] 20220309 [SECURITY] [DLA 2941-1] linux-4.19 security update CVE-2020-29374 CVE-2020-36322 CVE-2021-20317 CVE-2021-20321 CVE-2021-20322 CVE-2021-22600 CVE-2021-28711 CVE-2021-28712 CVE-2021-28713 CVE-2021-28714 CVE-2021-28715 CVE-2021-28950 CVE-2021-3752 CVE-2021-3760 CVE-2021-38300 CVE-2021-4002 CVE-2021-4083 CVE-2021-41864 CVE-2021-43389 CVE-2021-43975 CVE-2021-43976 CVE-2021-44733 CVE-2021-45095 CVE-2021-45469 CVE-2021-45480 CVE-2022-0487 CVE-2022-0492 CVE-2022-0617 CVE-2022-24448 CVE-2022-24959 CVE-2022-25258 CVE-2022-25375
MLIST:[debian-lts-announce] 20220310 [SECURITY] [DLA 2943-1] ruby-sidekiq security update CVE-2021-30151 CVE-2022-23837
MLIST:[debian-lts-announce] 20220310 [SECURITY] [DLA 2944-1] nbd security update CVE-2022-26495
MLIST:[debian-lts-announce] 20220310 [SECURITY] [DLA 2945-1] tryton-server security update CVE-2022-26661 CVE-2022-26662
MLIST:[debian-lts-announce] 20220311 [SECURITY] [DLA 2946-1] tryton-proteus security update CVE-2022-26661 CVE-2022-26662
MLIST:[debian-lts-announce] 20220311 [SECURITY] [DLA 2947-1] vim security update CVE-2021-3872 CVE-2021-3927 CVE-2021-3928 CVE-2021-3973 CVE-2021-3974 CVE-2021-3984 CVE-2021-4019 CVE-2021-4069 CVE-2021-4192 CVE-2021-4193 CVE-2022-0213 CVE-2022-0319 CVE-2022-0359 CVE-2022-0361 CVE-2022-0368 CVE-2022-0408 CVE-2022-0554 CVE-2022-0685 CVE-2022-0714 CVE-2022-0729
MLIST:[debian-lts-announce] 20220315 [SECURITY] [DLA 2949-1] spip security update CVE-2022-26846 CVE-2022-26847
MLIST:[debian-lts-announce] 20220316 [SECURITY] [DLA 2950-1] python-scrapy security update CVE-2021-41125 CVE-2022-0577
MLIST:[debian-lts-announce] 20220316 [SECURITY] [DLA 2951-1] flac security update CVE-2021-0561
MLIST:[debian-lts-announce] 20220317 [SECURITY] [DLA 2952-1] openssl security update CVE-2019-1551 CVE-2022-0778
MLIST:[debian-lts-announce] 20220317 [SECURITY] [DLA 2953-1] openssl1.0 security update CVE-2022-0778
MLIST:[debian-lts-announce] 20220318 [SECURITY] [DLA 2954-1] python-treq security update CVE-2022-23607
MLIST:[debian-lts-announce] 20220320 [SECURITY] [DLA 2957-1] libpano13 security update CVE-2021-33293
MLIST:[debian-lts-announce] 20220320 [SECURITY] [DLA 2958-1] usbredir security update CVE-2021-3700
MLIST:[debian-lts-announce] 20220321 [SECURITY] [DLA 2936-1] libgit2 security update CVE-2018-10887 CVE-2018-10888 CVE-2018-15501 CVE-2018-8098 CVE-2018-8099 CVE-2020-12278 CVE-2020-12279
MLIST:[debian-lts-announce] 20220321 [SECURITY] [DLA 2959-1] paramiko security update CVE-2022-24302
MLIST:[debian-lts-announce] 20220322 [SECURITY] [DLA 2960-1] apache2 security update CVE-2022-22719 CVE-2022-22720 CVE-2022-22721 CVE-2022-23943
MLIST:[debian-lts-announce] 20220328 [SECURITY] [DLA 2962-1] pjproject security update CVE-2021-32686 CVE-2021-37706 CVE-2021-41141 CVE-2021-43299 CVE-2021-43300 CVE-2021-43301 CVE-2021-43302 CVE-2021-43303 CVE-2021-43804 CVE-2021-43845 CVE-2022-21722 CVE-2022-21723 CVE-2022-23608 CVE-2022-24754 CVE-2022-24764
MLIST:[debian-lts-announce] 20220329 [SECURITY] [DLA 2965-1] cacti security update CVE-2018-10060 CVE-2018-10061 CVE-2019-11025 CVE-2020-13230 CVE-2020-23226 CVE-2020-7106
MLIST:[debian-lts-announce] 20220330 [SECURITY] [DLA 2966-1] libgc security update CVE-2016-9427
MLIST:[debian-lts-announce] 20220331 [SECURITY] [DLA 2962-2] pjproject regression update CVE-2022-23608
MLIST:[debian-lts-announce] 20220331 [SECURITY] [DLA 2967-1] wireshark security update CVE-2021-22191 CVE-2021-4181 CVE-2021-4184 CVE-2021-4185 CVE-2022-0581 CVE-2022-0582 CVE-2022-0583 CVE-2022-0585 CVE-2022-0586
MLIST:[debian-lts-announce] 20220402 [SECURITY] [DLA 2968-1] zlib security update CVE-2018-25032
MLIST:[debian-lts-announce] 20220403 [SECURITY] [DLA 2969-1] asterisk security update CVE-2019-13161 CVE-2019-18610 CVE-2019-18790 CVE-2019-18976 CVE-2020-28242
MLIST:[debian-lts-announce] 20220404 [SECURITY] [DLA 2970-1] qemu security update CVE-2021-3593 CVE-2021-3748 CVE-2021-3930
MLIST:[debian-lts-announce] 20220407 [SECURITY] [DLA 2971-1] firefox-esr security update CVE-2022-24713
MLIST:[debian-lts-announce] 20220408 [SECURITY] [DLA 2972-1] libxml2 security update CVE-2016-9318 CVE-2017-16932 CVE-2017-5130 CVE-2017-5969 CVE-2022-23308
MLIST:[debian-lts-announce] 20220409 [SECURITY] [DLA 2973-1] minidlna security update CVE-2022-26505
MLIST:[debian-lts-announce] 20220410 [SECURITY] [DLA 2975-1] openjpeg2 security update CVE-2020-27842 CVE-2020-27843 CVE-2021-29338
MLIST:[debian-lts-announce] 20220411 [SECURITY] [DLA 2978-1] thunderbird security update CVE-2022-24713
MLIST:[debian-lts-announce] 20220411 [SECURITY] [DLA 2979-1] usbguard security update CVE-2019-25058
MLIST:[debian-lts-announce] 20220412 [SECURITY] [DLA 2980-1] zabbix security update CVE-2022-24349 CVE-2022-24917 CVE-2022-24919
MLIST:[debian-lts-announce] 20220413 [SECURITY] [DLA 2981-1] lrzip security update CVE-2018-5786 CVE-2020-25467 CVE-2021-27345 CVE-2021-27347 CVE-2022-26291
MLIST:[debian-lts-announce] 20220414 [SECURITY] [DLA 2982-1] python-django security update CVE-2022-28346
MLIST:[debian-lts-announce] 20220417 [SECURITY] [DLA 2983-1] abcm2ps security update CVE-2018-10753 CVE-2018-10771 CVE-2019-1010069 CVE-2021-32434 CVE-2021-32435 CVE-2021-32436
MLIST:[debian-lts-announce] 20220419 [SECURITY] [DLA 2984-1] condor security update CVE-2022-26110
MLIST:[debian-lts-announce] 20220428 [SECURITY] [DLA 2985-1] golang-1.7 security update CVE-2022-23772 CVE-2022-23806 CVE-2022-24921
MLIST:[debian-lts-announce] 20220428 [SECURITY] [DLA 2986-1] golang-1.8 security update CVE-2022-23772 CVE-2022-23806 CVE-2022-24921
MLIST:[debian-lts-announce] 20220430 [SECURITY] [DLA 2987-1] libarchive security update CVE-2019-19221
MLIST:[debian-lts-announce] 20220430 [SECURITY] [DLA 2988-1] tinyxml security update CVE-2021-42260
MLIST:[debian-lts-announce] 20220501 [SECURITY] [DLA 2989-1] ghostscript security update CVE-2019-25059
MLIST:[debian-lts-announce] 20220502 [SECURITY] [DLA 2990-1] jackson-databind security update CVE-2020-36518
MLIST:[debian-lts-announce] 20220503 [SECURITY] [DLA 2991-1] twisted security update CVE-2022-24801
MLIST:[debian-lts-announce] 20220503 [SECURITY] [DLA 2992-1] openvpn security update CVE-2017-12166 CVE-2020-11810 CVE-2020-15078 CVE-2022-0547
MLIST:[debian-lts-announce] 20220505 [SECURITY] [DLA 2995-1] smarty3 security update CVE-2021-21408 CVE-2021-29454
MLIST:[debian-lts-announce] 20220506 [SECURITY] [DLA 2996-1] mruby security update CVE-2017-9527 CVE-2018-10191 CVE-2018-11743 CVE-2018-12249 CVE-2018-14337 CVE-2020-15866
MLIST:[debian-lts-announce] 20220507 [SECURITY] [DLA 2993-1] libz-mingw-w64 security update CVE-2018-25032
MLIST:[debian-lts-announce] 20220507 [SECURITY] [DLA 2997-1] ecdsautils security update CVE-2022-24884
MLIST:[debian-lts-announce] 20220510 [SECURITY] [DLA 2998-1] kicad security update CVE-2022-23803 CVE-2022-23804 CVE-2022-23946 CVE-2022-23947
MLIST:[debian-lts-announce] 20220512 [SECURITY] [DLA 3000-1] waitress security update CVE-2019-16785 CVE-2019-16786 CVE-2019-16789 CVE-2019-16792 CVE-2022-24761
MLIST:[debian-lts-announce] 20220513 [SECURITY] [DLA 3001-1] libgoogle-gson-java security update CVE-2022-25647
MLIST:[debian-lts-announce] 20220513 [SECURITY] [DLA 3002-1] adminer security update CVE-2021-43008
MLIST:[debian-lts-announce] 20220513 [SECURITY] [DLA 3003-1] ruby-nokogiri security update CVE-2022-24836
MLIST:[debian-lts-announce] 20220513 [SECURITY] [DLA 3004-1] htmldoc security update CVE-2022-27114
MLIST:[debian-lts-announce] 20220514 [SECURITY] [DLA 3005-1] lrzip security update CVE-2022-28044
MLIST:[debian-lts-announce] 20220514 [SECURITY] [DLA 3006-1] openjdk-8 security update CVE-2022-21426 CVE-2022-21434 CVE-2022-21443 CVE-2022-21476 CVE-2022-21496
MLIST:[debian-lts-announce] 20220514 [SECURITY] [DLA-3007-1] imagemagick security update CVE-2021-3596 CVE-2022-28463
MLIST:[debian-lts-announce] 20220515 [SECURITY] [DLA 3008-1] openssl security update CVE-2022-1292
MLIST:[debian-lts-announce] 20220516 [SECURITY] [DLA 3009-1] cifs-utils security update CVE-2022-27239 CVE-2022-29869
MLIST:[debian-lts-announce] 20220516 [SECURITY] [DLA 3011-1] vim security update CVE-2022-0261 CVE-2022-0351 CVE-2022-0413 CVE-2022-0443 CVE-2022-0572 CVE-2022-1154 CVE-2022-1616 CVE-2022-1619 CVE-2022-1621
MLIST:[debian-lts-announce] 20220516 [SECURITY] [DLA 3012-1] libxml2 security update CVE-2022-29824
MLIST:[debian-lts-announce] 20220518 [SECURITY] [DLA 3013-1] needrestart security update CVE-2022-30688
MLIST:[debian-lts-announce] 20220518 [SECURITY] [DLA 3014-1] elog security update CVE-2020-8659
MLIST:[debian-lts-announce] 20220520 [SECURITY] [DLA 3015-1] ark security update CVE-2020-16116 CVE-2020-24654
MLIST:[debian-lts-announce] 20220520 [SECURITY] [DLA 3016-1] rsyslog security update CVE-2018-16881 CVE-2022-24903
MLIST:[debian-lts-announce] 20220520 [SECURITY] [DLA 3018-1] libpgjava security update CVE-2022-21724
MLIST:[debian-lts-announce] 20220523 [SECURITY] [DLA 3019-1] admesh security update CVE-2018-25033
MLIST:[debian-lts-announce] 20220524 [SECURITY] [DLA 3017-1] openldap security update CVE-2022-29155
MLIST:[debian-lts-announce] 20220525 [SECURITY] [DLA 3023-1] puma security update CVE-2019-16770 CVE-2020-5247 CVE-2022-23634
MLIST:[debian-lts-announce] 20220526 [SECURITY] [DLA 3024-1] python-django security update CVE-2020-9402
MLIST:[debian-lts-announce] 20220526 [SECURITY] [DLA 3026-1] filezilla security update CVE-2019-5429
MLIST:[debian-lts-announce] 20220526 [SECURITY] [DLA 3027-1] neutron security update CVE-2021-40085
MLIST:[debian-lts-announce] 20220527 [SECURITY] [DLA 3028-1] atftp security update CVE-2021-46671
MLIST:[debian-lts-announce] 20220527 [SECURITY] [DLA 3029-1] cups security update CVE-2022-26691
MLIST:[debian-lts-announce] 20220527 [SECURITY] [DLA 3030-1] zipios++ security update CVE-2019-13453
MLIST:[debian-lts-announce] 20220528 [SECURITY] [DLA 3031-1] modsecurity-apache security update CVE-2021-42717
MLIST:[debian-lts-announce] 20220529 [SECURITY] [DLA 3032-1] pngcheck security update CVE-2020-27818
MLIST:[debian-lts-announce] 20220529 [SECURITY] [DLA 3033-1] smarty3 security update CVE-2022-29221
MLIST:[debian-lts-announce] 20220530 [SECURITY] [DLA 3034-1] haproxy security update CVE-2018-20102 CVE-2018-20103 CVE-2019-18277
MLIST:[debian-lts-announce] 20220530 [SECURITY] [DLA 3035-1] libdbi-perl security update CVE-2014-10402
MLIST:[debian-lts-announce] 20220531 [SECURITY] [DLA 3036-1] pjproject security update CVE-2022-24763 CVE-2022-24792 CVE-2022-24793
MLIST:[debian-lts-announce] 20220531 [SECURITY] [DLA 3037-1] libjpeg-turbo security update CVE-2019-2201
MLIST:[debian-lts-announce] 20220603 [SECURITY] [DLA 3039-1] pypdf2 security update CVE-2022-24859
MLIST:[debian-lts-announce] 20220603 [SECURITY] [DLA 3042-1] clamav security update CVE-2022-20770 CVE-2022-20771 CVE-2022-20785 CVE-2022-20796
MLIST:[debian-lts-announce] 20220606 [SECURITY] [DLA 3043-1] pidgin security update CVE-2022-26491
MLIST:[debian-lts-announce] 20220606 [SECURITY] [DLA 3044-1] glib2.0 security update CVE-2021-27218 CVE-2021-27219 CVE-2021-28153
MLIST:[debian-lts-announce] 20220606 [SECURITY] [DLA 3045-1] php-horde-mime-viewer security update CVE-2022-26874
MLIST:[debian-lts-announce] 20220607 [SECURITY] [DLA 3046-1] librecad security update CVE-2021-21897
MLIST:[debian-lts-announce] 20220607 [SECURITY] [DLA 3047-1] avahi security update CVE-2021-26720
MLIST:[debian-lts-announce] 20220608 [SECURITY] [DLA 3048-1] python-bottle security update CVE-2022-31799
MLIST:[debian-lts-announce] 20220609 [SECURITY] [DLA 3049-1] mailman security update CVE-2021-43331 CVE-2021-43332 CVE-2021-44227
MLIST:[debian-lts-announce] 20220610 [SECURITY] [DLA 3050-1] vlc security update CVE-2020-26664
MLIST:[debian-lts-announce] 20220619 [SECURITY] [DLA 3052-1] cyrus-imapd security update CVE-2019-18928 CVE-2021-33582
MLIST:[debian-lts-announce] 20220620 [SECURITY] [DLA 3053-1] vim security update CVE-2021-3903 CVE-2022-0417 CVE-2022-0943 CVE-2022-1720 CVE-2022-1851 CVE-2022-1898 CVE-2022-1968 CVE-2022-2124 CVE-2022-2126
MLIST:[debian-lts-announce] 20220620 [SECURITY] [DLA 3054-1] sleuthkit security update CVE-2017-13755 CVE-2017-13756 CVE-2017-13760 CVE-2018-19497 CVE-2019-1010065 CVE-2020-10232
MLIST:[debian-lts-announce] 20220621 [SECURITY] [DLA 3055-1] ntfs-3g security update CVE-2022-30783 CVE-2022-30784 CVE-2022-30785 CVE-2022-30786 CVE-2022-30787 CVE-2022-30788 CVE-2022-30789
MLIST:[debian-lts-announce] 20220622 [SECURITY] [DLA 3056-1] exo security update CVE-2022-32278
MLIST:[debian-lts-announce] 20220623 [SECURITY] [DLA 3057-1] request-tracker4 security update CVE-2021-38562
MLIST:[debian-lts-announce] 20220628 [SECURITY] [DLA 3058-1] libsndfile security update CVE-2017-12562 CVE-2021-4156
MLIST:[debian-lts-announce] 20220628 [SECURITY] [DLA 3060-1] blender security update CVE-2022-0544 CVE-2022-0545 CVE-2022-0546
MLIST:[debian-lts-announce] 20220629 [SECURITY] [DLA 3061-1] firejail security update CVE-2022-31214
MLIST:[debian-lts-announce] 20220629 [SECURITY] [DLA 3062-1] ublock-origin security update CVE-2021-36773
MLIST:[debian-lts-announce] 20220630 [SECURITY] [DLA 3063-1] systemd security update CVE-2020-1712
MLIST:[debian-lts-announce] 20220701 [SECURITY] [DLA 3065-1] linux security update CVE-2018-1108 CVE-2021-39713 CVE-2021-4149 CVE-2022-0494 CVE-2022-0854 CVE-2022-1011 CVE-2022-1353 CVE-2022-1516 CVE-2022-1734 CVE-2022-21123 CVE-2022-21125 CVE-2022-21166 CVE-2022-23036 CVE-2022-23037 CVE-2022-23038 CVE-2022-23039 CVE-2022-23040 CVE-2022-23041 CVE-2022-23042 CVE-2022-23960 CVE-2022-24958 CVE-2022-26490 CVE-2022-26966 CVE-2022-27223 CVE-2022-28356 CVE-2022-28390 CVE-2022-30594 CVE-2022-32250 CVE-2022-32296 CVE-2022-33981
MLIST:[debian-lts-announce] 20220701 [SECURITY] [DLA 3066-1] isync security update CVE-2021-20247 CVE-2021-3578 CVE-2021-3657
MLIST:[debian-lts-announce] 20220809 [SECURITY] [DLA 3069-1] gst-plugins-good1.0 security update CVE-2022-1920 CVE-2022-1921 CVE-2022-1922 CVE-2022-1923 CVE-2022-1924 CVE-2022-1925 CVE-2022-2122
MLIST:[debian-lts-announce] 20220812 [SECURITY] [DLA 3070-1] gnutls28 security update CVE-2022-2509
MLIST:[debian-lts-announce] 20220812 [SECURITY] [DLA 3071-1] libtirpc security update CVE-2021-46828
MLIST:[debian-lts-announce] 20220818 [SECURITY] [DLA 3074-1] epiphany-browser security update CVE-2021-45085 CVE-2021-45087 CVE-2021-45088 CVE-2022-29536
MLIST:[debian-lts-announce] 20220818 [SECURITY] [DLA 3076-1] freecad security update CVE-2021-45844
MLIST:[debian-lts-announce] 20220818 [SECURITY] [DLA 3077-1] ruby-tzinfo security update CVE-2022-31163
MLIST:[debian-lts-announce] 20220820 [SECURITY] [DLA 3078-1] kicad security update CVE-2022-23803 CVE-2022-23804 CVE-2022-23946 CVE-2022-23947
MLIST:[debian-lts-announce] 20220821 [SECURITY] [DLA 3079-1] jetty9 security update CVE-2022-2047 CVE-2022-2048
MLIST:[debian-lts-announce] 20220825 [SECURITY] [DLA 3081-1] open-vm-tools security update CVE-2022-31676
MLIST:[debian-lts-announce] 20220827 [SECURITY] [DLA 3082-1] exim4 security update CVE-2022-37452
MLIST:[debian-lts-announce] 20220827 [SECURITY] [DLA 3083-1] puma security update CVE-2021-29509 CVE-2021-41136 CVE-2022-23634 CVE-2022-24790
MLIST:[debian-lts-announce] 20220828 [SECURITY] [DLA 3084-1] ndpi security update CVE-2020-15472 CVE-2020-15476
MLIST:[debian-lts-announce] 20220828 [SECURITY] [DLA 3085-1] curl security update CVE-2021-22898 CVE-2021-22924 CVE-2021-22946 CVE-2021-22947 CVE-2022-22576 CVE-2022-27776 CVE-2022-27781 CVE-2022-27782 CVE-2022-32206 CVE-2022-32208
MLIST:[debian-lts-announce] 20220830 [SECURITY] [DLA 3087-1] webkit2gtk security update CVE-2022-32893
MLIST:[debian-lts-announce] 20220831 [SECURITY] [DLA 3089-1] php-horde-mime-viewer security update CVE-2022-26874
MLIST:[debian-lts-announce] 20220831 [SECURITY] [DLA 3090-1] php-horde-turba security update CVE-2022-30287
MLIST:[debian-lts-announce] 20220902 [SECURITY] [DLA 3091-1] sofia-sip security update CVE-2022-31001 CVE-2022-31002 CVE-2022-31003
MLIST:[debian-lts-announce] 20220902 [SECURITY] [DLA 3092-1] dpdk security update CVE-2022-2132
MLIST:[debian-lts-announce] 20220903 [SECURITY] [DLA 3093-1] rails security update CVE-2022-21831 CVE-2022-22577 CVE-2022-23633 CVE-2022-27777
MLIST:[debian-lts-announce] 20220903 [SECURITY] [DLA 3094-1] flac security update CVE-2021-0561
MLIST:[debian-lts-announce] 20220905 [SECURITY] [DLA 3099-1] qemu security update CVE-2020-13253 CVE-2020-15469 CVE-2020-15859 CVE-2020-25084 CVE-2020-25085 CVE-2020-25624 CVE-2020-25625 CVE-2020-25723 CVE-2020-27617 CVE-2020-27821 CVE-2020-28916 CVE-2020-29129 CVE-2020-29443 CVE-2020-35504 CVE-2020-35505 CVE-2021-3392 CVE-2021-3582 CVE-2021-3607 CVE-2021-3608 CVE-2021-3682 CVE-2021-3713 CVE-2021-3748 CVE-2021-3930 CVE-2021-4206 CVE-2021-4207 CVE-2022-35414
MLIST:[debian-lts-announce] 20220907 [SECURITY] [DLA 3100-1] libgoogle-gson-java security update CVE-2022-25647
MLIST:[debian-lts-announce] 20220909 [SECURITY] [DLA 3101-1] libxslt security update CVE-2019-5815 CVE-2021-30560
MLIST:[debian-lts-announce] 20220911 [SECURITY] [DLA 3102-1] linux-5.10 new package CVE-2022-26373 CVE-2022-29900 CVE-2022-29901 CVE-2022-36879 CVE-2022-36946
MLIST:[debian-lts-announce] 20220912 [SECURITY] [DLA 3104-1] paramiko security update CVE-2022-24302
MLIST:[debian-lts-announce] 20220915 [SECURITY] [DLA 3109-1] nova security update CVE-2019-14433
MLIST:[debian-lts-announce] 20220915 [SECURITY] [DLA 3110-1] glib2.0 security update CVE-2021-3800
MLIST:[debian-lts-announce] 20220915 [SECURITY] [DLA 3111-1] mod-wsgi security update CVE-2022-2255
MLIST:[debian-lts-announce] 20220916 [SECURITY] [DLA 3113-1] libraw security update CVE-2020-35530 CVE-2020-35531 CVE-2020-35532 CVE-2020-35533
MLIST:[debian-lts-announce] 20220916 [SECURITY] [DLA 3114-1] mariadb-10.3 security update CVE-2018-25032 CVE-2021-46669 CVE-2022-21427 CVE-2022-27376 CVE-2022-27377 CVE-2022-27378 CVE-2022-27379 CVE-2022-27380 CVE-2022-27381 CVE-2022-27383 CVE-2022-27384 CVE-2022-27386 CVE-2022-27387 CVE-2022-27445 CVE-2022-27447 CVE-2022-27448 CVE-2022-27449 CVE-2022-27452 CVE-2022-27456 CVE-2022-27458 CVE-2022-32083 CVE-2022-32084 CVE-2022-32085 CVE-2022-32087 CVE-2022-32088 CVE-2022-32091
MLIST:[debian-lts-announce] 20220921 [SECURITY] [DLA 3116-1] mako security update CVE-2022-40023
MLIST:[debian-lts-announce] 20220922 [SECURITY] [DLA 3117-1] mediawiki security update CVE-2022-28201 CVE-2022-28202 CVE-2022-28203 CVE-2022-34911 CVE-2022-34912
MLIST:[debian-lts-announce] 20220925 [SECURITY] [DLA 3119-1] expat security update CVE-2022-40674
MLIST:[debian-lts-announce] 20220925 [SECURITY] [DLA 3120-1] poppler security update CVE-2018-18897 CVE-2018-19058 CVE-2018-20650 CVE-2019-14494 CVE-2019-9903 CVE-2019-9959 CVE-2020-27778 CVE-2022-27337 CVE-2022-38784
MLIST:[debian-lts-announce] 20220927 [SECURITY] [DLA 3122-1] dovecot security update CVE-2021-33515 CVE-2022-30550
MLIST:[debian-lts-announce] 20220929 [SECURITY] [DLA 3125-1] libvncserver security update CVE-2020-25708 CVE-2020-29260
MLIST:[debian-lts-announce] 20220929 [SECURITY] [DLA 3126-1] libsndfile security update CVE-2021-4156
MLIST:[debian-lts-announce] 20220930 [SECURITY] [DLA 3127-1] libhttp-daemon-perl security update CVE-2022-31081
MLIST:[debian-lts-announce] 20220930 [SECURITY] [DLA 3128-1] node-thenify security update CVE-2020-7677
MLIST:[debian-lts-announce] 20220930 [SECURITY] [DLA 3129-1] gdal security update CVE-2019-17545 CVE-2021-45943
MLIST:[debian-lts-announce] 20220930 [SECURITY] [DLA 3130-1] tinyxml security update CVE-2021-42260
MLIST:[debian-lts-announce] 20221002 [SECURITY] [DLA 3131-1] linux security update CVE-2021-33655 CVE-2021-33656 CVE-2022-1462 CVE-2022-1679 CVE-2022-2153 CVE-2022-2318 CVE-2022-26365 CVE-2022-26373 CVE-2022-3028 CVE-2022-33740 CVE-2022-33741 CVE-2022-33742 CVE-2022-33744 CVE-2022-36879 CVE-2022-36946 CVE-2022-39188 CVE-2022-39842 CVE-2022-40307
MLIST:[debian-lts-announce] 20221002 [SECURITY] [DLA 3132-1] snakeyaml security update CVE-2022-25857 CVE-2022-38749 CVE-2022-38750 CVE-2022-38751
MLIST:[debian-lts-announce] 20221003 [SECURITY] [DLA 3133-1] lighttpd security update CVE-2022-37797
MLIST:[debian-lts-announce] 20221005 [SECURITY] [DLA 3137-1] nodejs security update CVE-2021-22930 CVE-2021-22939 CVE-2021-22940 CVE-2022-21824
MLIST:[debian-lts-announce] 20221005 [SECURITY] [DLA 3138-1] bind9 security update CVE-2022-2795 CVE-2022-38177 CVE-2022-38178
MLIST:[debian-lts-announce] 20221008 [SECURITY] [DLA 3139-1] knot-resolver security update CVE-2022-40188
MLIST:[debian-lts-announce] 20221008 [SECURITY] [DLA 3140-1] libpgjava security update CVE-2022-31197
MLIST:[debian-lts-announce] 20221010 [SECURITY] [DLA 3141-1] wordpress security update CVE-2019-17670
MLIST:[debian-lts-announce] 20221010 [SECURITY] [DLA 3145-1] git security update CVE-2021-21300 CVE-2021-40330
MLIST:[debian-lts-announce] 20221010 [SECURITY] [DLA 3146-1] isc-dhcp security update CVE-2022-2928 CVE-2022-2929
MLIST:[debian-lts-announce] 20221011 [SECURITY] [DLA 3147-1] twig security update CVE-2022-39261
MLIST:[debian-lts-announce] 20221012 [SECURITY] [DLA 3149-1] ruby-nokogiri security update CVE-2019-5477 CVE-2020-26247 CVE-2022-24836
MLIST:[debian-lts-announce] 20221012 [SECURITY] [DLA 3150-1] rexical security update CVE-2019-5477
MLIST:[debian-lts-announce] 20221017 [SECURITY] [DLA 3152-1] glibc security update CVE-2016-10228 CVE-2019-19126 CVE-2019-25013 CVE-2020-10029 CVE-2020-1752 CVE-2020-27618 CVE-2020-6096 CVE-2021-27645 CVE-2021-3326 CVE-2021-33574 CVE-2021-35942 CVE-2022-23218 CVE-2022-23219
MLIST:[debian-lts-announce] 20221018 [SECURITY] [DLA 3154-1] node-xmldom security update CVE-2022-37616
MLIST:[debian-lts-announce] 20221024 [SECURITY] [DLA 3157-1] bluez security update CVE-2019-8921 CVE-2019-8922 CVE-2021-41229 CVE-2021-43400 CVE-2022-0204 CVE-2022-39176 CVE-2022-39177
MLIST:[debian-lts-announce] 20221024 [SECURITY] [DLA 3158-1] wkhtmltopdf security update CVE-2020-21365
MLIST:[debian-lts-announce] 20221026 [SECURITY] [DLA 3160-1] tomcat9 security update CVE-2021-43980 CVE-2022-23181 CVE-2022-29885
MLIST:[debian-lts-announce] 20221028 [SECURITY] [DLA 3165-1] expat security update CVE-2022-43680
MLIST:[debian-lts-announce] 20221028 [SECURITY] [DLA 3166-1] ruby-sinatra security update CVE-2022-29970
MLIST:[debian-lts-announce] 20221029 [SECURITY] [DLA 3167-1] ncurses security update CVE-2022-29458
MLIST:[debian-lts-announce] 20221029 [SECURITY] [DLA 3168-1] openvswitch security update CVE-2022-32166
MLIST:[debian-lts-announce] 20221029 [SECURITY] [DLA 3169-1] batik security update CVE-2022-41704 CVE-2022-42890
MLIST:[debian-lts-announce] 20221101 [SECURITY] [DLA 3173-1] linux-5.10 security update CVE-2021-4037 CVE-2022-0171 CVE-2022-1679 CVE-2022-20421 CVE-2022-20422 CVE-2022-2153 CVE-2022-2905 CVE-2022-3028 CVE-2022-3061 CVE-2022-3176 CVE-2022-3303 CVE-2022-3586 CVE-2022-3621 CVE-2022-3625 CVE-2022-3635 CVE-2022-3646 CVE-2022-3649 CVE-2022-39188 CVE-2022-39190 CVE-2022-39842 CVE-2022-40307 CVE-2022-41222 CVE-2022-41674 CVE-2022-42719 CVE-2022-42720 CVE-2022-42721 CVE-2022-42722 CVE-2022-43750
MLIST:[debian-lts-announce] 20221104 [SECURITY] [DLA 3176-1] clickhouse security update CVE-2021-42387 CVE-2021-42388 CVE-2021-43304 CVE-2021-43305
MLIST:[debian-lts-announce] 20221107 [SECURITY] [DLA 3179-1] pixman security update CVE-2022-44638
MLIST:[debian-lts-announce] 20221107 [SECURITY] [DLA 3180-1] python-scciclient security update CVE-2022-2996
MLIST:[debian-lts-announce] 20221107 [SECURITY] [DLA 3181-1] sudo security update CVE-2021-23239
MLIST:[debian-lts-announce] 20221108 [SECURITY] [DLA 3182-1] vim security update CVE-2021-3927 CVE-2021-3928 CVE-2021-3974 CVE-2021-3984 CVE-2021-4019 CVE-2021-4069 CVE-2021-4192 CVE-2021-4193 CVE-2022-0213 CVE-2022-0261 CVE-2022-0319 CVE-2022-0351 CVE-2022-0359 CVE-2022-0361 CVE-2022-0368 CVE-2022-0408 CVE-2022-0413 CVE-2022-0417 CVE-2022-0443 CVE-2022-0554 CVE-2022-0572 CVE-2022-0685 CVE-2022-0714 CVE-2022-0729 CVE-2022-0943 CVE-2022-1154 CVE-2022-1616 CVE-2022-1720 CVE-2022-1851 CVE-2022-1898 CVE-2022-1968 CVE-2022-2285 CVE-2022-2304 CVE-2022-2946 CVE-2022-3099 CVE-2022-3134 CVE-2022-3234 CVE-2022-3324 CVE-2022-3705
MLIST:[debian-lts-announce] 20221109 [SECURITY] [DLA 3183-1] webkit2gtk security update CVE-2022-42799 CVE-2022-42823 CVE-2022-42824
MLIST:[debian-lts-announce] 20221110 [SECURITY] [DLA 3184-1] libjettison-java security update CVE-2022-40149
MLIST:[debian-lts-announce] 20221110 [SECURITY] [DLA 3185-1] xorg-server security update CVE-2022-3550 CVE-2022-3551
MLIST:[debian-lts-announce] 20221110 [SECURITY] [DLA 3186-1] exiv2 security update CVE-2017-11683 CVE-2020-19716 CVE-2022-3756
MLIST:[debian-lts-announce] 20221113 [SECURITY] [DLA 3187-1] dropbear security update CVE-2021-36369
MLIST:[debian-lts-announce] 20221113 [SECURITY] [DLA 3188-1] sysstat security update CVE-2019-16167 CVE-2019-19725 CVE-2022-39377
MLIST:[debian-lts-announce] 20221117 [SECURITY] [DLA 3192-1] lava security update CVE-2022-42902
MLIST:[debian-lts-announce] 20221117 [SECURITY] [DLA 3193-1] joblib security update CVE-2022-21797
MLIST:[debian-lts-announce] 20221117 [SECURITY] [DLA 3194-1] asterisk security update CVE-2021-37706 CVE-2021-43299 CVE-2021-43300 CVE-2021-43301 CVE-2021-43302 CVE-2021-43303 CVE-2021-43804 CVE-2021-43845 CVE-2021-46837 CVE-2022-21722 CVE-2022-21723 CVE-2022-23608 CVE-2022-24763 CVE-2022-24764 CVE-2022-24786 CVE-2022-24792 CVE-2022-24793 CVE-2022-26498 CVE-2022-26499 CVE-2022-26651
MLIST:[debian-lts-announce] 20221117 [SECURITY] [DLA 3195-1] jupyter-core security update CVE-2022-39286
MLIST:[debian-lts-announce] 20221117 [SECURITY] [DLA 3197-1] phpseclib security update CVE-2021-30130
MLIST:[debian-lts-announce] 20221117 [SECURITY] [DLA 3198-1] php-phpseclib security update CVE-2021-30130
MLIST:[debian-lts-announce] 20221121 [SECURITY] [DLA 3200-1] graphicsmagick security update CVE-2022-1270
MLIST:[debian-lts-announce] 20221121 [SECURITY] [DLA 3201-1] ntfs-3g security update CVE-2022-40284
MLIST:[debian-lts-announce] 20221122 [SECURITY] [DLA 3202-1] libarchive security update CVE-2019-19221 CVE-2021-23177 CVE-2021-31566
MLIST:[debian-lts-announce] 20221122 [SECURITY] [DLA 3203-1] nginx security update CVE-2021-3618 CVE-2022-41741 CVE-2022-41742
MLIST:[debian-lts-announce] 20221124 [SECURITY] [DLA 3204-1] vim security update CVE-2022-0318 CVE-2022-0392 CVE-2022-0629 CVE-2022-0696 CVE-2022-1619 CVE-2022-1621 CVE-2022-1785 CVE-2022-1897 CVE-2022-1942 CVE-2022-2000 CVE-2022-2129 CVE-2022-3235 CVE-2022-3256 CVE-2022-3352
MLIST:[debian-lts-announce] 20221125 [SECURITY] [DLA 3205-1] inetutils security update CVE-2019-0053 CVE-2021-40491 CVE-2022-39028
MLIST:[debian-lts-announce] 20221126 [SECURITY] [DLA 3206-1] heimdal security update CVE-2019-14870 CVE-2021-3671 CVE-2022-41916
MLIST:[debian-lts-announce] 20221127 [SECURITY] [DLA 3207-1] jackson-databind security update CVE-2020-36518 CVE-2022-42003 CVE-2022-42004
MLIST:[debian-lts-announce] 20221127 [SECURITY] [DLA 3208-1] varnish security update CVE-2020-11653 CVE-2022-45060
MLIST:[debian-lts-announce] 20221128 [SECURITY] [DLA 3209-1] ini4j security update CVE-2022-41404
MLIST:[debian-lts-announce] 20221128 [SECURITY] [DLA 3211-1] frr security update CVE-2022-37032
MLIST:[debian-lts-announce] 20221128 [SECURITY] [DLA 3212-1] twisted security update CVE-2022-39348
MLIST:[debian-lts-announce] 20221130 [SECURITY] [DLA 3214-1] libraw security update CVE-2020-15503
MLIST:[debian-lts-announce] 20221202 [SECURITY] [DLA 3217-1] g810-led security update CVE-2022-46338
MLIST:[debian-lts-announce] 20221202 [SECURITY] [DLA 3218-1] libpgjava security update CVE-2022-41946
MLIST:[debian-lts-announce] 20221204 [SECURITY] [DLA 3219-1] jhead security update CVE-2021-34055 CVE-2022-41751
MLIST:[debian-lts-announce] 20221204 [SECURITY] [DLA 3221-1] node-cached-path-relative security update CVE-2018-16472 CVE-2021-23518
MLIST:[debian-lts-announce] 20221205 [SECURITY] [DLA 3222-1] node-fetch security update CVE-2022-0235
MLIST:[debian-lts-announce] 20221205 [SECURITY] [DLA 3223-1] giflib security update CVE-2018-11490 CVE-2019-15133
MLIST:[debian-lts-announce] 20221205 [SECURITY] [DLA 3224-1] http-parser security update CVE-2020-8287
MLIST:[debian-lts-announce] 20221205 [SECURITY] [DLA 3225-1] awstats security update CVE-2022-46391
MLIST:[debian-lts-announce] 20221206 [SECURITY] [DLA 3226-1] cgal security update CVE-2020-28601 CVE-2020-28602 CVE-2020-28603 CVE-2020-28604 CVE-2020-28605 CVE-2020-28606 CVE-2020-28607 CVE-2020-28608 CVE-2020-28609 CVE-2020-28610 CVE-2020-28611 CVE-2020-28612 CVE-2020-28613 CVE-2020-28614 CVE-2020-28615 CVE-2020-28616 CVE-2020-28617 CVE-2020-28618 CVE-2020-28619 CVE-2020-28620 CVE-2020-28621 CVE-2020-28622 CVE-2020-28623 CVE-2020-28624 CVE-2020-28625 CVE-2020-28626 CVE-2020-28627 CVE-2020-28628 CVE-2020-28629 CVE-2020-28630 CVE-2020-28631 CVE-2020-28632 CVE-2020-28633 CVE-2020-28634 CVE-2020-28635 CVE-2020-28636 CVE-2020-35628 CVE-2020-35629 CVE-2020-35630 CVE-2020-35631 CVE-2020-35632 CVE-2020-35633 CVE-2020-35634 CVE-2020-35635 CVE-2020-35636
MLIST:[debian-lts-announce] 20221206 [SECURITY] [DLA 3227-1] ruby-rails-html-sanitizer security update CVE-2022-32209
MLIST:[debian-lts-announce] 20221206 [SECURITY] [DLA 3228-1] node-json-schema security update CVE-2021-3918
MLIST:[debian-lts-announce] 20221206 [SECURITY] [DLA 3229-1] node-log4js security update CVE-2022-21704
MLIST:[debian-lts-announce] 20221207 [SECURITY] [DLA 3230-1] jqueryui security update CVE-2022-31160
MLIST:[debian-lts-announce] 20221207 [SECURITY] [DLA 3231-1] dlt-daemon security update CVE-2020-29394 CVE-2020-36244 CVE-2022-31291
MLIST:[debian-lts-announce] 20221207 [SECURITY] [DLA 3232-1] virglrenderer security update CVE-2019-18388 CVE-2019-18389 CVE-2019-18390 CVE-2019-18391 CVE-2020-8002 CVE-2020-8003
MLIST:[debian-lts-announce] 20221208 [SECURITY] [DLA 3233-1] leptonlib security update CVE-2022-38266
MLIST:[debian-lts-announce] 20221210 [SECURITY] [DLA 3234-1] hsqldb security update CVE-2022-41853
MLIST:[debian-lts-announce] 20221211 [SECURITY] [DLA 3236-1] openexr security update CVE-2020-16587 CVE-2020-16588 CVE-2020-16589 CVE-2021-20296 CVE-2021-20298 CVE-2021-20299 CVE-2021-20300 CVE-2021-20302 CVE-2021-20303 CVE-2021-23215 CVE-2021-26260 CVE-2021-3474 CVE-2021-3475 CVE-2021-3476 CVE-2021-3477 CVE-2021-3478 CVE-2021-3479 CVE-2021-3598 CVE-2021-3605 CVE-2021-3933 CVE-2021-3941 CVE-2021-45942
MLIST:[debian-lts-announce] 20221212 [SECURITY] [DLA 3237-1] node-tar security update CVE-2021-37701 CVE-2021-37712
MLIST:[debian-lts-announce] 20221213 [SECURITY] [DLA 3238-1] pngcheck security update CVE-2020-35511
MLIST:[debian-lts-announce] 20221213 [SECURITY] [DLA 3239-1] git security update CVE-2022-24765 CVE-2022-29187 CVE-2022-39253 CVE-2022-39260
MLIST:[debian-lts-announce] 20221215 [SECURITY] [DLA 3240-1] libde265 security update CVE-2020-21599 CVE-2021-35452 CVE-2021-36408 CVE-2021-36409 CVE-2021-36410 CVE-2021-36411
MLIST:[debian-lts-announce] 20221215 [SECURITY] [DLA 3243-1] php7.3 security update CVE-2021-21707 CVE-2022-31625 CVE-2022-31626 CVE-2022-31628 CVE-2022-31629
MLIST:[debian-lts-announce] 20221222 [SECURITY] [DLA 3244-1] linux-5.10 security update CVE-2021-3759 CVE-2022-3435 CVE-2022-3521 CVE-2022-3524 CVE-2022-3564 CVE-2022-3565 CVE-2022-3594 CVE-2022-3640 CVE-2022-3643 CVE-2022-41849 CVE-2022-41850 CVE-2022-42328 CVE-2022-42329 CVE-2022-47518 CVE-2022-47519 CVE-2022-47520 CVE-2022-47521
MLIST:[debian-lts-announce] 20221223 [SECURITY] [DLA 3245-1] linux security update CVE-2022-20369 CVE-2022-2978 CVE-2022-29901 CVE-2022-3521 CVE-2022-3524 CVE-2022-3564 CVE-2022-3565 CVE-2022-3594 CVE-2022-3621 CVE-2022-3640 CVE-2022-3643 CVE-2022-3646 CVE-2022-3649 CVE-2022-40768 CVE-2022-41849 CVE-2022-41850 CVE-2022-42328 CVE-2022-42329 CVE-2022-43750
MLIST:[debian-lts-announce] 20221223 [SECURITY] [DLA 3247-1] node-trim-newlines security update CVE-2021-33623
MLIST:[debian-lts-announce] 20221224 [SECURITY] [DLA 3248-1] libksba security update CVE-2022-47629
MLIST:[debian-lts-announce] 20221229 [SECURITY] [DLA 3250-1] multipath-tools security update CVE-2022-41973 CVE-2022-41974
MLIST:[debian-lts-announce] 20221229 [SECURITY] [DLA 3251-1] libcommons-net-java security update CVE-2021-37533
MLIST:[debian-lts-announce] 20221231 [SECURITY] [DLA 3252-1] cacti security update CVE-2020-23226 CVE-2020-25706 CVE-2020-8813
MLIST:[debian-lts-announce] 20221231 [SECURITY] [DLA 3255-1] mplayer security update CVE-2022-38850 CVE-2022-38851 CVE-2022-38855 CVE-2022-38858 CVE-2022-38860 CVE-2022-38861 CVE-2022-38863 CVE-2022-38864 CVE-2022-38865 CVE-2022-38866
MLIST:[debian-lts-announce] 20221231 [SECURITY] [DLA 3257-1] emacs security update CVE-2022-45939
MLIST:[debian-lts-announce] 20221231 [SECURITY] [DLA 3258-1] node-loader-utils security update CVE-2022-37601
MLIST:[debian-lts-announce] 20221231 [SECURITY] [DLA 3259-1] libjettison-java security update CVE-2022-40150 CVE-2022-45685 CVE-2022-45693
MLIST:[debian-lts-announce] 20230101 [SECURITY] [DLA 3260-1] node-xmldom security update CVE-2021-21366 CVE-2022-39353
MLIST:[debian-lts-announce] 20230105 [SECURITY] [DLA 3262-1] smarty3 security update CVE-2018-25047
MLIST:[debian-lts-announce] 20230109 [SECURITY] [DLA 3263-1] libtasn1-6 security update CVE-2021-46848
MLIST:[debian-lts-announce] 20230110 [SECURITY] [DLA 3264-1] ruby-sinatra security update CVE-2022-45442
MLIST:[debian-lts-announce] 20230110 [SECURITY] [DLA 3265-1] exiv2 security update CVE-2017-11591 CVE-2017-14859 CVE-2017-14862 CVE-2017-14864 CVE-2017-17669 CVE-2017-18005 CVE-2018-17581 CVE-2018-19107 CVE-2018-19108 CVE-2018-19535 CVE-2018-20097 CVE-2018-8976 CVE-2019-13110 CVE-2019-13112 CVE-2019-13114 CVE-2019-13504 CVE-2019-14369 CVE-2019-14370 CVE-2019-17402 CVE-2020-18771 CVE-2021-29458 CVE-2021-32815 CVE-2021-34334 CVE-2021-37620 CVE-2021-37621 CVE-2021-37622
MLIST:[debian-lts-announce] 20230111 [SECURITY] [DLA 3268-1] netty security update CVE-2021-37136 CVE-2021-37137 CVE-2021-43797 CVE-2022-41881 CVE-2022-41915
MLIST:[debian-lts-announce] 20230114 [SECURITY] [DLA 3269-1] libapreq2 security update CVE-2022-22728
MLIST:[debian-lts-announce] 20230115 [SECURITY] [DLA 3270-1] net-snmp security update CVE-2022-44792 CVE-2022-44793
MLIST:[debian-lts-announce] 20230115 [SECURITY] [DLA 3271-1] node-minimatch security update CVE-2022-3517
MLIST:[debian-lts-announce] 20230118 [SECURITY] [DLA 3272-1] sudo security update CVE-2023-22809
MLIST:[debian-lts-announce] 20230118 [SECURITY] [DLA 3273-1] libitext5-java security update CVE-2021-43113
MLIST:[debian-lts-announce] 20230119 [SECURITY] [DLA 3275-1] firefox-esr security update CVE-2022-46871 CVE-2022-46877
MLIST:[debian-lts-announce] 20230119 [SECURITY] [DLA 3276-1] lava security update CVE-2022-44641
MLIST:[debian-lts-announce] 20230120 [SECURITY] [DLA 3277-1] powerline-gitstatus security update CVE-2022-42906
MLIST:[debian-lts-announce] 20230120 [SECURITY] [DLA 3278-1] tiff security update CVE-2022-2056 CVE-2022-2057 CVE-2022-2058 CVE-2022-2867 CVE-2022-2868 CVE-2022-2869 CVE-2022-34526 CVE-2022-3570 CVE-2022-3597 CVE-2022-3598 CVE-2022-3599 CVE-2022-3626 CVE-2022-3627 CVE-2022-3970
MLIST:[debian-lts-announce] 20230123 [SECURITY] [DLA 3279-1] trafficserver security update CVE-2021-37150 CVE-2022-28129 CVE-2022-31780
MLIST:[debian-lts-announce] 20230124 [SECURITY] [DLA 3280-1] libde265 security update CVE-2020-21596 CVE-2020-21597 CVE-2020-21598 CVE-2022-43235 CVE-2022-43236 CVE-2022-43237 CVE-2022-43238 CVE-2022-43239 CVE-2022-43240 CVE-2022-43241 CVE-2022-43242 CVE-2022-43243 CVE-2022-43244 CVE-2022-43245 CVE-2022-43248 CVE-2022-43249 CVE-2022-43250 CVE-2022-43252 CVE-2022-43253 CVE-2022-47655
MLIST:[debian-lts-announce] 20230125 [SECURITY] [DLA 3281-1] swift security update CVE-2022-47950
MLIST:[debian-lts-announce] 20230126 [SECURITY] [DLA 3283-1] modsecurity-apache security update CVE-2022-48279 CVE-2023-24021
MLIST:[debian-lts-announce] 20230128 [SECURITY] [DLA 3284-1] libapache-session-ldap-perl security update CVE-2020-36658
MLIST:[debian-lts-announce] 20230128 [SECURITY] [DLA 3285-1] libapache-session-browseable-perl security update CVE-2020-36659
MLIST:[debian-lts-announce] 20230128 [SECURITY] [DLA 3286-1] tor security update CVE-2023-23589
MLIST:[debian-lts-announce] 20230128 [SECURITY] [DLA 3287-1] lemonldap-ng security update CVE-2020-16093
MLIST:[debian-lts-announce] 20230128 [SECURITY] [DLA 3288-1] curl security update CVE-2022-27774 CVE-2022-32221 CVE-2022-35252
MLIST:[debian-lts-announce] 20230129 [SECURITY] [DLA 3289-1] dojo security update CVE-2020-4051 CVE-2021-23450
MLIST:[debian-lts-announce] 20230129 [SECURITY] [DLA 3291-1] node-object-path security update CVE-2021-23434 CVE-2021-3805
MLIST:[debian-lts-announce] 20230130 [SECURITY] [DLA 3293-1] modsecurity-crs security update CVE-2018-16384 CVE-2020-22669 CVE-2021-35368 CVE-2022-39955 CVE-2022-39956 CVE-2022-39957 CVE-2022-39958
MLIST:[debian-lts-announce] 20230130 [SECURITY] [DLA 3294-1] libarchive security update CVE-2022-36227
MLIST:[debian-lts-announce] 20230130 [SECURITY] [DLA 3295-1] node-moment security update CVE-2022-24785 CVE-2022-31129
MLIST:[debian-lts-announce] 20230130 [SECURITY] [DLA 3296-1] libhtml-stripscripts-perl security update CVE-2023-24038
MLIST:[debian-lts-announce] 20230130 [SECURITY] [DLA 3297-1] tiff security update CVE-2022-48281
MLIST:[debian-lts-announce] 20230130 [SECURITY] [DLA 3298-1] ruby-rack security update CVE-2020-8161 CVE-2020-8184
MLIST:[debian-lts-announce] 20230130 [SECURITY] [DLA 3299-1] node-qs security update CVE-2022-24999
MLIST:[debian-lts-announce] 20230130 [SECURITY] [DLA 3300-1] glance security update CVE-2022-47951
MLIST:[debian-lts-announce] 20230130 [SECURITY] [DLA 3301-1] cinder security update CVE-2022-47951
MLIST:[debian-lts-announce] 20230130 [SECURITY] [DLA 3302-1] nova security update CVE-2022-47951
MLIST:[debian-lts-announce] 20230130 [SECURITY] [DLA 3303-1] ruby-git security update CVE-2022-25648 CVE-2022-46648 CVE-2022-47318
MLIST:[debian-lts-announce] 20230131 [SECURITY] [DLA 3304-1] fig2dev security update CVE-2020-21529 CVE-2020-21531 CVE-2020-21532 CVE-2020-21676 CVE-2021-32280
MLIST:[debian-lts-announce] 20230131 [SECURITY] [DLA 3305-1] libstb security update CVE-2018-16981 CVE-2019-13217 CVE-2019-13218 CVE-2019-13219 CVE-2019-13220 CVE-2019-13221 CVE-2019-13222 CVE-2019-13223 CVE-2021-28021 CVE-2021-37789 CVE-2021-42715 CVE-2022-28041 CVE-2022-28042
MLIST:[debian-lts-announce] 20230201 [SECURITY] [DLA 3306-1] python-django security update CVE-2023-23969
MLIST:[debian-lts-announce] 20230208 [SECURITY] [DLA 3313-1] wireshark security update CVE-2022-4345 CVE-2023-0411 CVE-2023-0412 CVE-2023-0413 CVE-2023-0415 CVE-2023-0417
MLIST:[debian-lts-announce] 20230208 [SECURITY] [DLA 3314-1] libsdl2 security update CVE-2019-13616 CVE-2019-13626 CVE-2019-7572 CVE-2019-7573 CVE-2019-7574 CVE-2019-7575 CVE-2019-7576 CVE-2019-7577 CVE-2019-7578 CVE-2019-7635 CVE-2019-7636 CVE-2019-7638 CVE-2020-14409 CVE-2020-14410 CVE-2021-33657 CVE-2022-4743
MLIST:[debian-lts-announce] 20230210 [SECURITY] [DLA 3315-1] sox security update CVE-2019-13590 CVE-2021-40426 CVE-2022-31650 CVE-2022-31651
MLIST:[debian-lts-announce] 20230210 [SECURITY] [DLA 3317-1] snort security update CVE-2020-3299 CVE-2020-3315 CVE-2021-1223 CVE-2021-1224 CVE-2021-1236 CVE-2021-1495 CVE-2021-34749 CVE-2021-40114
MLIST:[debian-lts-announce] 20230214 [SECURITY] [DLA 3318-1] haproxy security update CVE-2023-25725
MLIST:[debian-lts-announce] 20230218 [SECURITY] [DLA 3321-1] gnutls28 security update CVE-2023-0361
MLIST:[debian-lts-announce] 20230218 [SECURITY] [DLA 3322-1] golang-github-opencontainers-selinux security update CVE-2019-16884
MLIST:[debian-lts-announce] 20230220 [SECURITY] [DLA 3324-1] thunderbird security update CVE-2022-46871 CVE-2022-46877
MLIST:[debian-lts-announce] 20230220 [SECURITY] [DLA 3325-1] openssl security update CVE-2022-2097
MLIST:[debian-lts-announce] 20230220 [SECURITY] [DLA 3327-1] nss security update CVE-2020-12400 CVE-2020-12401 CVE-2020-12403 CVE-2020-6829
MLIST:[debian-lts-announce] 20230220 [SECURITY] [DLA 3329-1] python-django security update CVE-2023-24580
MLIST:[debian-lts-announce] 20230221 [SECURITY] [DLA 3330-1] amanda security update CVE-2022-37704
MLIST:[debian-lts-announce] 20230221 [SECURITY] [DLA 3333-1] tiff security update CVE-2023-0795 CVE-2023-0796 CVE-2023-0797 CVE-2023-0798 CVE-2023-0799 CVE-2023-0800 CVE-2023-0801 CVE-2023-0802 CVE-2023-0803 CVE-2023-0804
MLIST:[debian-lts-announce] 20230222 [SECURITY] [DLA 3334-1] sofia-sip security update CVE-2022-47516
MLIST:[debian-lts-announce] 20230222 [SECURITY] [DLA 3335-1] asterisk security update CVE-2022-31031 CVE-2022-37325 CVE-2022-39244 CVE-2022-39269 CVE-2022-42705 CVE-2022-42706
MLIST:[debian-lts-announce] 20230223 [SECURITY] [DLA 3336-1] node-url-parse security update CVE-2021-27515 CVE-2021-3664 CVE-2022-0512 CVE-2022-0639 CVE-2022-0686 CVE-2022-0691
MLIST:[debian-lts-announce] 20230223 [SECURITY] [DLA 3340-1] libgit2 security update CVE-2020-12278 CVE-2020-12279
MLIST:[debian-lts-announce] 20230224 [SECURITY] [DLA 3341-1] curl security update CVE-2023-23916
MLIST:[debian-lts-announce] 20230225 [SECURITY] [DLA 3343-1] mono security update CVE-2023-26314
MLIST:[debian-lts-announce] 20230226 [SECURITY] [DLA 3344-1] nodejs security update CVE-2022-43548 CVE-2023-23920
MLIST:[debian-lts-announce] 20230228 [SECURITY] [DLA 3348-1] syslog-ng security update CVE-2022-38725
MLIST:[debian-lts-announce] 20230302 [SECURITY] [DLA 3349-1] linux-5.10 security update CVE-2022-2873 CVE-2022-3545 CVE-2022-3623 CVE-2022-36280 CVE-2022-41218 CVE-2022-45934 CVE-2022-47929 CVE-2023-0394 CVE-2023-23454 CVE-2023-23455
MLIST:[debian-lts-announce] 20230303 [SECURITY] [DLA 3350-1] node-css-what security update CVE-2021-33587 CVE-2022-21222
MLIST:[debian-lts-announce] 20230303 [SECURITY] [DLA 3351-1] apache2 security update CVE-2021-33193
MLIST:[debian-lts-announce] 20230304 [SECURITY] [DLA 3352-1] libde265 security update CVE-2023-24751 CVE-2023-24752 CVE-2023-24754 CVE-2023-24755 CVE-2023-24756 CVE-2023-24757 CVE-2023-24758 CVE-2023-25221
MLIST:[debian-lts-announce] 20230305 [SECURITY] [DLA 3353-1] xfig security update CVE-2021-40241
MLIST:[debian-lts-announce] 20230306 [SECURITY] [DLA 3354-1] kopanocore security update CVE-2019-19907 CVE-2022-26562
MLIST:[debian-lts-announce] 20230311 [SECURITY] [DLA 3357-1] imagemagick security update CVE-2020-19667 CVE-2020-25665 CVE-2020-25666 CVE-2020-25674 CVE-2020-25675 CVE-2020-25676 CVE-2020-27560 CVE-2020-27750 CVE-2020-27751 CVE-2020-27754 CVE-2020-27756 CVE-2020-27757 CVE-2020-27758 CVE-2020-27759 CVE-2020-27760 CVE-2020-27761 CVE-2020-27762 CVE-2020-27763 CVE-2020-27764 CVE-2020-27765 CVE-2020-27766 CVE-2020-27767 CVE-2020-27768 CVE-2020-27769 CVE-2020-27770 CVE-2020-27771 CVE-2020-27772 CVE-2020-27773 CVE-2020-27774 CVE-2020-27775 CVE-2020-27776 CVE-2020-29599 CVE-2021-20224 CVE-2021-3574 CVE-2021-3596 CVE-2022-44267 CVE-2022-44268
MLIST:[debian-lts-announce] 20230312 [SECURITY] [DLA 3358-1] mpv security update CVE-2020-19824
MLIST:[debian-lts-announce] 20230312 [SECURITY] [DLA 3359-1] libapache2-mod-auth-mellon security update CVE-2019-13038
MLIST:[debian-lts-announce] 20230312 [SECURITY] [DLA 3360-1] ruby-sidekiq security update CVE-2021-30151 CVE-2022-23837
MLIST:[debian-lts-announce] 20230314 [SECURITY] [DLA 3362-1] qemu security update CVE-2020-14394 CVE-2020-29130 CVE-2021-3592 CVE-2021-3593 CVE-2021-3594 CVE-2021-3595 CVE-2022-1050
MLIST:[debian-lts-announce] 20230316 [SECURITY] [DLA 3363-1] pcre2 security update CVE-2019-20454 CVE-2022-1586 CVE-2022-1587
MLIST:[debian-lts-announce] 20230327 [SECURITY] [DLA 3369-1] runc security update CVE-2019-16884 CVE-2019-19921 CVE-2021-30465 CVE-2022-29162 CVE-2023-27561
MLIST:[debian-lts-announce] 20230329 [SECURITY] [DLA 3371-1] unbound security update CVE-2020-28935 CVE-2022-30698 CVE-2022-30699 CVE-2022-3204
MLIST:[debian-lts-announce] 20230330 [SECURITY] [DLA 3193-2] joblib security update CVE-2022-21797
MLIST:[debian-lts-announce] 20230330 [SECURITY] [DLA 3374-1] libmicrohttpd security update CVE-2023-27371
MLIST:[debian-lts-announce] 20230331 [SECURITY] [DLA 3373-1] json-smart security update CVE-2021-31684
MLIST:[debian-lts-announce] 20230331 [SECURITY] [DLA 3377-1] systemd security update CVE-2023-26604
MLIST:[debian-lts-announce] 20230331 [SECURITY] [DLA 3378-1] duktape security update CVE-2021-46322
MLIST:[debian-lts-announce] 20230401 [SECURITY] [DLA 3376-1] svgpp security update CVE-2019-6245 CVE-2019-6247 CVE-2021-44960
MLIST:[debian-lts-announce] 20230401 [SECURITY] [DLA 3379-1] intel-microcode security update CVE-2022-21233
MLIST:[debian-lts-announce] 20230401 [SECURITY] [DLA 3380-1] firmware-nonfree LTS new upstream version (security updates and newer firmware for Linux 5.10) CVE-2020-12362 CVE-2020-12363 CVE-2020-12364 CVE-2020-24586 CVE-2020-24587 CVE-2020-24588 CVE-2021-23168 CVE-2021-23223 CVE-2021-37409 CVE-2021-44545 CVE-2022-21181
MLIST:[debian-lts-announce] 20230404 [SECURITY] [DLA 3381-1] ghostscript security update CVE-2023-28879
MLIST:[debian-lts-announce] 20230405 [SECURITY] [DLA 3383-1] grunt security update CVE-2022-1537
MLIST:[debian-lts-announce] 20230405 [SECURITY] [DLA 3385-1] trafficserver security update CVE-2022-31778
MLIST:[debian-lts-announce] 20230406 [SECURITY] [DLA 3386-1] grunt security update CVE-2022-0436
MLIST:[debian-lts-announce] 20230407 [SECURITY] [DLA 3387-1] udisks2 security update CVE-2021-3802
MLIST:[debian-lts-announce] 20230410 [SECURITY] [DLA 3388-1] keepalived security update CVE-2021-44225
MLIST:[debian-lts-announce] 20230412 [SECURITY] [DLA 3390-1] zabbix security update CVE-2019-15132 CVE-2020-15803 CVE-2021-27927 CVE-2022-24349 CVE-2022-24917 CVE-2022-24919 CVE-2022-35229 CVE-2022-35230
MLIST:[debian-lts-announce] 20230417 [SECURITY] [DLA 3392-1] ruby-rack security update CVE-2023-27530
MLIST:[debian-lts-announce] 20230418 [SECURITY] [DLA 3393-1] protobuf security update CVE-2021-22569 CVE-2021-22570 CVE-2022-1941
MLIST:[debian-lts-announce] 20230418 [SECURITY] [DLA 3394-1] asterisk security update CVE-2023-27585
MLIST:[debian-lts-announce] 20230419 [SECURITY] [DLA 3395-1] golang-1.11 security update CVE-2021-33196 CVE-2021-36221 CVE-2021-38297 CVE-2021-39293 CVE-2021-41771 CVE-2021-44716 CVE-2021-44717 CVE-2022-23806 CVE-2022-24921
MLIST:[debian-lts-announce] 20230421 [SECURITY] [DLA 3396-1] redis security update CVE-2023-28856
MLIST:[debian-lts-announce] 20230421 [SECURITY] [DLA 3397-1] connman security update CVE-2023-28488
MLIST:[debian-lts-announce] 20230421 [SECURITY] [DLA 3398-1] curl security update CVE-2023-27533 CVE-2023-27535 CVE-2023-27536 CVE-2023-27538
MLIST:[debian-lts-announce] 20230424 [SECURITY] [DLA 3399-1] 389-ds-base security update CVE-2019-10224 CVE-2019-14824 CVE-2019-3883 CVE-2021-3514 CVE-2021-3652 CVE-2021-4091 CVE-2022-0918 CVE-2022-0996 CVE-2022-2850
MLIST:[debian-lts-announce] 20230424 [SECURITY] [DLA 3400-1] thunderbird security update CVE-2023-28427
MLIST:[debian-lts-announce] 20230424 [SECURITY] [DLA 3401-1] apache2 security update CVE-2023-25690 CVE-2023-27522
MLIST:[debian-lts-announce] 20230429 [SECURITY] [DLA 3402-1] wireshark security update CVE-2023-1161 CVE-2023-1992 CVE-2023-1993 CVE-2023-1994
MLIST:[debian-lts-announce] 20230430 [SECURITY] [DLA 3405-1] libxml2 security update CVE-2023-28484 CVE-2023-29469
MLIST:[debian-lts-announce] 20230430 [SECURITY] [DLA 3406-1] sniproxy security update CVE-2023-25076
MLIST:[debian-lts-announce] 20230430 [SECURITY] [DLA 3407-1] jackson-databind security update CVE-2020-10650
MLIST:[debian-lts-announce] 20230430 [SECURITY] [DLA 3408-1] jruby security update CVE-2017-17742 CVE-2019-16201 CVE-2019-16254 CVE-2019-16255 CVE-2020-25613 CVE-2021-31810 CVE-2021-32066 CVE-2023-28755 CVE-2023-28756
MLIST:[debian-lts-announce] 20230430 [SECURITY] [DLA 3409-1] libapache2-mod-auth-openidc security update CVE-2019-20479 CVE-2021-32785 CVE-2021-32786 CVE-2021-32791 CVE-2021-32792 CVE-2023-28625
MLIST:[debian-lts-announce] 20230501 [SECURITY] [DLA 3410-1] openvswitch security update CVE-2023-1668
MLIST:[debian-lts-announce] 20230502 [SECURITY] [DLA 3404-1] linux-5.10 security update CVE-2022-2196 CVE-2022-3424 CVE-2022-3707 CVE-2022-4129 CVE-2022-4379 CVE-2023-0045 CVE-2023-0458 CVE-2023-0461 CVE-2023-1073 CVE-2023-1074 CVE-2023-1076 CVE-2023-1077 CVE-2023-1078 CVE-2023-1079 CVE-2023-1118 CVE-2023-1281 CVE-2023-1513 CVE-2023-1611 CVE-2023-1670 CVE-2023-1829 CVE-2023-1855 CVE-2023-1872 CVE-2023-1989 CVE-2023-1990 CVE-2023-1998 CVE-2023-2162 CVE-2023-2194 CVE-2023-22998 CVE-2023-23004 CVE-2023-23559 CVE-2023-25012 CVE-2023-26545 CVE-2023-28328 CVE-2023-28466 CVE-2023-30456
MLIST:[debian-lts-announce] 20230503 [SECURITY] [DLA 3403-1] linux security update CVE-2022-2873 CVE-2022-3424 CVE-2022-3545 CVE-2022-36280 CVE-2022-3707 CVE-2022-41218 CVE-2022-45934 CVE-2022-4744 CVE-2022-47929 CVE-2023-0045 CVE-2023-0266 CVE-2023-0394 CVE-2023-0458 CVE-2023-0461 CVE-2023-1073 CVE-2023-1074 CVE-2023-1078 CVE-2023-1079 CVE-2023-1118 CVE-2023-1281 CVE-2023-1513 CVE-2023-1670 CVE-2023-1829 CVE-2023-1855 CVE-2023-1989 CVE-2023-1990 CVE-2023-1998 CVE-2023-2162 CVE-2023-2194 CVE-2023-23454 CVE-2023-23455 CVE-2023-23559 CVE-2023-26545 CVE-2023-28328 CVE-2023-30456 CVE-2023-30772
MLIST:[debian-lts-announce] 20230509 [SECURITY] [DLA 3416-1] emacs security update CVE-2022-48337 CVE-2022-48339 CVE-2023-28617
MLIST:[debian-lts-announce] 20230511 [SECURITY] [DLA 3418-1] nvidia-graphics-drivers-legacy-390xx security update CVE-2022-34670 CVE-2022-34674 CVE-2022-34675 CVE-2022-34677 CVE-2022-34680 CVE-2022-42257 CVE-2022-42258 CVE-2022-42259
MLIST:[debian-lts-announce] 20230512 [SECURITY] [DLA 3419-1] webkit2gtk security update CVE-2022-0108
MLIST:[debian-lts-announce] 20230513 [SECURITY] [DLA 3420-1] golang-websocket security update CVE-2020-27813
MLIST:[debian-lts-announce] 20230515 [SECURITY] [DLA 3423-1] epiphany-browser security update CVE-2023-26081
MLIST:[debian-lts-announce] 20230515 [SECURITY] [DLA 3424-1] python-ipaddress security update CVE-2020-14422
MLIST:[debian-lts-announce] 20230516 [SECURITY] [DLA 3425-1] sqlparse security update CVE-2023-30608
MLIST:[debian-lts-announce] 20230516 [SECURITY] [DLA 3426-1] netatalk security update CVE-2021-31439 CVE-2022-0194 CVE-2022-23121 CVE-2022-23122 CVE-2022-23123 CVE-2022-23124 CVE-2022-23125 CVE-2022-43634 CVE-2022-45188
MLIST:[debian-lts-announce] 20230521 [SECURITY] [DLA 3429-1] imagemagick security update CVE-2021-20176 CVE-2021-20241 CVE-2021-20243 CVE-2021-20244 CVE-2021-20245 CVE-2021-20246 CVE-2021-20309 CVE-2021-20312 CVE-2021-20313 CVE-2021-39212 CVE-2022-28463 CVE-2022-32545 CVE-2022-32546 CVE-2022-32547
MLIST:[debian-lts-announce] 20230521 [SECURITY] [DLA 3430-1] cups-filters security update CVE-2023-24805
MLIST:[debian-lts-announce] 20230522 [SECURITY] [DLA 3428-1] node-nth-check security update CVE-2021-3803
MLIST:[debian-lts-announce] 20230522 [SECURITY] [DLA 3431-1] sqlite security update CVE-2016-6153 CVE-2018-8740
MLIST:[debian-lts-announce] 20230524 [SECURITY] [DLA 3432-1] python2.7 security update CVE-2015-20107 CVE-2019-20907 CVE-2020-26116 CVE-2020-8492 CVE-2021-3177 CVE-2021-3733 CVE-2021-3737 CVE-2021-4189 CVE-2022-45061
MLIST:[debian-lts-announce] 20230527 [SECURITY] [DLA 3433-1] libraw security update CVE-2021-32142 CVE-2023-1729
MLIST:[debian-lts-announce] 20230527 [SECURITY] [DLA 3434-1] sysstat security update CVE-2023-33204
MLIST:[debian-lts-announce] 20230527 [SECURITY] [DLA 3435-1] rainloop security update CVE-2019-13389 CVE-2022-29360
MLIST:[debian-lts-announce] 20230529 [SECURITY] [DLA 3436-1] sssd security update CVE-2018-16838 CVE-2019-3811 CVE-2021-3621 CVE-2022-4254
MLIST:[debian-lts-announce] 20230529 [SECURITY] [DLA 3437-1] libssh security update CVE-2019-14889 CVE-2023-1667
MLIST:[debian-lts-announce] 20230530 [SECURITY] [DLA 3438-1] kamailio security update CVE-2020-27507
MLIST:[debian-lts-announce] 20230531 [SECURITY] [DLA 3427-2] texlive-bin regression update CVE-2019-18604
MLIST:[debian-lts-announce] 20230601 [SECURITY] [DLA 3426-2] netatalk regression update CVE-2022-23121
MLIST:[debian-lts-announce] 20230601 [SECURITY] [DLA 3440-1] cups security update CVE-2023-32324
MLIST:[debian-lts-announce] 20230602 [SECURITY] [DLA 3441-1] sofia-sip security update CVE-2023-32307
MLIST:[debian-lts-announce] 20230603 [SECURITY] [DLA 3442-1] nbconvert security update CVE-2021-32862
MLIST:[debian-lts-announce] 20230603 [SECURITY] [DLA 3443-1] wireshark security update CVE-2023-2856 CVE-2023-2858 CVE-2023-2879 CVE-2023-2952
MLIST:[debian-lts-announce] 20230604 [SECURITY] [DLA 3444-1] mariadb-10.3 security update CVE-2022-47015
MLIST:[debian-lts-announce] 20230604 [SECURITY] [DLA 3445-1] cpio security update CVE-2019-14866 CVE-2021-38185
MLIST:[debian-lts-announce] 20230605 [SECURITY] [DLA 3446-1] linux-5.10 security update CVE-2023-0386 CVE-2023-31436 CVE-2023-32233
MLIST:[debian-lts-announce] 20230608 [SECURITY] [DLA 3449-1] openssl security update CVE-2023-0464 CVE-2023-0465 CVE-2023-0466 CVE-2023-2650
MLIST:[debian-lts-announce] 20230609 [SECURITY] [DLA 3450-1] ruby2.5 security update CVE-2021-33621 CVE-2022-28739
MLIST:[debian-lts-announce] 20230609 [SECURITY] [DLA 3451-1] pypdf2 security update CVE-2022-24859
MLIST:[debian-lts-announce] 20230612 [SECURITY] [DLA 3453-1] vim security update CVE-2022-4141 CVE-2023-0054 CVE-2023-1175 CVE-2023-2610
MLIST:[debian-lts-announce] 20230613 [SECURITY] [DLA 3454-1] ffmpeg security update CVE-2022-3109 CVE-2022-3341
MLIST:[debian-lts-announce] 20230616 [SECURITY] [DLA 3455-1] golang-go.crypto security update CVE-2019-11840 CVE-2019-11841 CVE-2020-9283
MLIST:[debian-lts-announce] 20230618 [SECURITY] [DLA 3456-1] requests security update CVE-2023-32681
MLIST:[debian-lts-announce] 20230619 [SECURITY] [DLA 3457-1] maradns security update CVE-2022-30256 CVE-2023-31137
MLIST:[debian-lts-announce] 20230620 [SECURITY] [DLA 3459-1] libxpm security update CVE-2022-44617 CVE-2022-46285 CVE-2022-4883
MLIST:[debian-lts-announce] 20230620 [SECURITY] [DLA 3460-1] python-mechanize security update CVE-2021-32837
MLIST:[debian-lts-announce] 20230620 [SECURITY] [DLA 3461-1] libfastjson security update CVE-2020-12762
MLIST:[debian-lts-announce] 20230620 [SECURITY] [DLA 3462-1] wordpress security update CVE-2023-2745
MLIST:[debian-lts-announce] 20230621 [SECURITY] [DLA 3463-1] opensc security update CVE-2019-6502 CVE-2021-42779 CVE-2021-42780 CVE-2021-42781 CVE-2021-42782 CVE-2023-2977
MLIST:[debian-lts-announce] 20230621 [SECURITY] [DLA 3465-1] minidlna security update CVE-2023-33476
MLIST:[debian-lts-announce] 20230621 [SECURITY] [DLA 3466-1] avahi security update CVE-2021-3468
MLIST:[debian-lts-announce] 20230622 [SECURITY] [DLA 3469-1] lua5.3 security update CVE-2019-6706 CVE-2020-24370
MLIST:[debian-lts-announce] 20230625 [SECURITY] [DLA 3470-1] owslib security update CVE-2023-27476
MLIST:[debian-lts-announce] 20230626 [SECURITY] [DLA 3471-1] c-ares security update CVE-2023-31130 CVE-2023-32067
MLIST:[debian-lts-announce] 20230629 [SECURITY] [DLA 3473-1] docker-registry security update CVE-2023-2253
MLIST:[debian-lts-announce] 20230629 [SECURITY] [DLA 3474-1] systemd security update CVE-2022-3821
MLIST:[debian-lts-announce] 20230629 [SECURITY] [DLA 3475-1] trafficserver security update CVE-2022-47184 CVE-2023-30631 CVE-2023-33933
MLIST:[debian-lts-announce] 20230630 [SECURITY] [DLA 3476-1] cups security update CVE-2023-34241
MLIST:[debian-lts-announce] 20230630 [SECURITY] [DLA 3477-1] python3.7 security update CVE-2015-20107 CVE-2020-10735 CVE-2021-3426 CVE-2021-3733 CVE-2021-3737 CVE-2021-4189 CVE-2022-45061
MLIST:[debian-lts-announce] 20230702 [SECURITY] [DLA 3478-1] yajl security update CVE-2023-33460
MLIST:[debian-lts-announce] 20230705 [SECURITY] [DLA 3479-1] golang-yaml.v2 security update CVE-2021-4235 CVE-2022-3064
MLIST:[debian-lts-announce] 20230706 [SECURITY] [DLA 3480-1] ruby-redcloth security update CVE-2023-31606
MLIST:[debian-lts-announce] 20230706 [SECURITY] [DLA 3481-1] libusrsctp security update CVE-2019-20503
MLIST:[debian-lts-announce] 20230707 [SECURITY] [DLA 3483-1] nsis security update CVE-2023-37378
MLIST:[debian-lts-announce] 20230707 [SECURITY] [DLA 3484-1] firefox-esr security update CVE-2023-37201 CVE-2023-37202 CVE-2023-37207 CVE-2023-37211
MLIST:[debian-lts-announce] 20230708 [SECURITY] [DLA 3485-1] php-cas security update CVE-2022-39369
MLIST:[debian-lts-announce] 20230708 [SECURITY] [DLA 3487-1] fusiondirectory security update and rebuild for php-cas CVE-2022-36179 CVE-2022-36180
MLIST:[debian-lts-announce] 20230710 [SECURITY] [DLA 3488-1] node-tough-cookie security update CVE-2023-26136
MLIST:[debian-lts-announce] 20230710 [SECURITY] [DLA 3489-1] mediawiki security update CVE-2022-47927
MLIST:[debian-lts-announce] 20230711 [SECURITY] [DLA 3491-1] erlang security update CVE-2022-37026
MLIST:[debian-lts-announce] 20230711 [SECURITY] [DLA 3492-1] yajl security update CVE-2017-16516 CVE-2022-24795 CVE-2023-33460
MLIST:[debian-lts-announce] 20230711 [SECURITY] [DLA 3493-1] symfony security update CVE-2021-21424 CVE-2022-24894 CVE-2022-24895
MLIST:[debian-lts-announce] 20230712 [SECURITY] [DLA 3490-1] thunderbird security update CVE-2023-37201 CVE-2023-37202 CVE-2023-37207 CVE-2023-37211
MLIST:[debian-lts-announce] 20230712 [SECURITY] [DLA 3494-1] ruby-doorkeeper security update CVE-2023-34246
MLIST:[debian-lts-announce] 20230713 [SECURITY] [DLA 3495-1] php-dompdf security update CVE-2022-2400
MLIST:[debian-lts-announce] 20230714 [SECURITY] [DLA 3496-1] lemonldap-ng security update CVE-2023-28862
MLIST:[debian-lts-announce] 20230714 [SECURITY] [DLA 3497-1] pypdf2 security update CVE-2023-36810
MLIST:[debian-lts-announce] 20230718 [SECURITY] [DLA 3499-1] libapache2-mod-auth-openidc security update CVE-2021-39191 CVE-2022-23527
MLIST:[debian-lts-announce] 20230719 [SECURITY] [DLA 3498-1] bind9 security update CVE-2023-2828
MLIST:[debian-lts-announce] 20230719 [SECURITY] [DLA 3500-1] python-django security update CVE-2023-36053
MLIST:[debian-lts-announce] 20230725 [SECURITY] [DLA 3501-1] renderdoc security update CVE-2023-33863 CVE-2023-33864 CVE-2023-33865
MLIST:[debian-lts-announce] 20230725 [SECURITY] [DLA 3502-1] python-git security update CVE-2022-24439
MLIST:[debian-lts-announce] 20230725 [SECURITY] [DLA 3506-1] iperf3 security update CVE-2023-38403
MLIST:[debian-lts-announce] 20230725 [SECURITY] [DLA 3507-1] pandoc security update CVE-2023-35936 CVE-2023-38745
MLIST:[debian-lts-announce] 20230727 [SECURITY] [DLA 3508-1] linux security update CVE-2023-1380 CVE-2023-2002 CVE-2023-2007 CVE-2023-20593 CVE-2023-2269 CVE-2023-3090 CVE-2023-31084 CVE-2023-3111 CVE-2023-3141 CVE-2023-32233 CVE-2023-3268 CVE-2023-3338 CVE-2023-34256 CVE-2023-35788 CVE-2023-35823 CVE-2023-35824 CVE-2023-35828
MLIST:[debian-lts-announce] 20230731 [SECURITY] [DLA 3510-1] thunderbird security update CVE-2023-3417
MLIST:[debian-lts-announce] 20230731 [SECURITY] [DLA 3511-1] amd64-microcode security update CVE-2023-20593
MLIST:[debian-lts-announce] 20230731 [SECURITY] [DLA 3513-1] tiff security update CVE-2023-25433 CVE-2023-26965 CVE-2023-26966 CVE-2023-3316
MLIST:[debian-lts-announce] 20230802 [SECURITY] [DLA 3512-1] linux-5.10 security update CVE-2023-20593 CVE-2023-2156 CVE-2023-31248 CVE-2023-3390 CVE-2023-35001 CVE-2023-3610
MLIST:[debian-lts-announce] 20230802 [SECURITY] [DLA 3514-1] bouncycastle security update CVE-2023-33201
MLIST:[debian-lts-announce] 20230804 [SECURITY] [DLA 3515-1] cjose security update CVE-2023-37464
MLIST:[debian-lts-announce] 20230805 [SECURITY] [DLA 3516-1] burp security update CVE-2017-16516 CVE-2022-24795 CVE-2023-33460
MLIST:[debian-lts-announce] 20230806 [SECURITY] [DLA 3517-1] pdfcrack security update CVE-2020-22336
MLIST:[debian-lts-announce] 20230806 [SECURITY] [DLA 3518-1] openimageio security update CVE-2022-41649 CVE-2022-41684 CVE-2022-41794 CVE-2022-41837 CVE-2023-24472 CVE-2023-36183
MLIST:[debian-lts-announce] 20230807 [SECURITY] [DLA 3520-1] libhtmlcleaner-java security update CVE-2023-34624
MLIST:[debian-lts-announce] 20230808 [SECURITY] [DLA 3521-1] thunderbird security update CVE-2023-4045 CVE-2023-4046 CVE-2023-4047 CVE-2023-4048 CVE-2023-4049 CVE-2023-4050 CVE-2023-4055 CVE-2023-4056
MLIST:[debian-lts-announce] 20230809 [SECURITY] [DLA 3522-1] hdf5 security update CVE-2018-11206 CVE-2018-17233 CVE-2018-17234 CVE-2018-17237 CVE-2018-17434 CVE-2018-17437
MLIST:[debian-lts-announce] 20230809 [SECURITY] [DLA 3523-1] firefox-esr security update CVE-2023-4045 CVE-2023-4046 CVE-2023-4047 CVE-2023-4048 CVE-2023-4049 CVE-2023-4050 CVE-2023-4055 CVE-2023-4056
MLIST:[debian-lts-announce] 20230811 [SECURITY] [DLA 3525-1] linux-5.10 security update CVE-2022-40982 CVE-2023-20569
MLIST:[debian-lts-announce] 20230813 [SECURITY] [DLA 3426-3] netatalk regression update CVE-2022-23123
MLIST:[debian-lts-announce] 20230813 [SECURITY] [DLA 3526-1] libreoffice security update CVE-2023-0950 CVE-2023-2255
MLIST:[debian-lts-announce] 20230813 [SECURITY] [DLA 3527-1] sox security update CVE-2023-32627
MLIST:[debian-lts-announce] 20230814 [SECURITY] [DLA 3528-1] poppler security update CVE-2020-36023 CVE-2020-36024
MLIST:[debian-lts-announce] 20230815 [SECURITY] [DLA 3529-1] datatables.js security update CVE-2021-23445
MLIST:[debian-lts-announce] 20230816 [SECURITY] [DLA 3530-1] openssl security update CVE-2023-3446 CVE-2023-3817
MLIST:[debian-lts-announce] 20230816 [SECURITY] [DLA 3531-1] open-vm-tools security update CVE-2023-20867
MLIST:[debian-lts-announce] 20230817 [SECURITY] [DLA 3532-1] openssh security update CVE-2023-38408
MLIST:[debian-lts-announce] 20230817 [SECURITY] [DLA 3534-1] rar security update CVE-2022-30333
MLIST:[debian-lts-announce] 20230817 [SECURITY] [DLA 3535-1] unrar-nonfree security update CVE-2022-48579
MLIST:[debian-lts-announce] 20230820 [SECURITY] [DLA 3536-1] flask security update CVE-2023-30861
MLIST:[debian-lts-announce] 20230821 [SECURITY] [DLA 3533-1] lxc security update CVE-2022-47952
MLIST:[debian-lts-announce] 20230822 [SECURITY] [DLA 3537-1] intel-microcode security update CVE-2022-40982 CVE-2022-41804 CVE-2023-23908
MLIST:[debian-lts-announce] 20230822 [SECURITY] [DLA 3538-1] zabbix security update CVE-2013-7484 CVE-2019-17382 CVE-2022-35229 CVE-2022-43515 CVE-2023-29450 CVE-2023-29451 CVE-2023-29454 CVE-2023-29455 CVE-2023-29456 CVE-2023-29457
MLIST:[debian-lts-announce] 20230822 [SECURITY] [DLA 3539-1] qt4-x11 security update CVE-2021-3481 CVE-2021-45930 CVE-2023-32573 CVE-2023-32763 CVE-2023-34410 CVE-2023-37369 CVE-2023-38197
MLIST:[debian-lts-announce] 20230822 [SECURITY] [DLA 3540-1] mediawiki security update CVE-2023-29141
MLIST:[debian-lts-announce] 20230824 [SECURITY] [DLA 3541-1] w3m security update CVE-2022-38223
MLIST:[debian-lts-announce] 20230828 [SECURITY] [DLA 3545-1] flask-security security update CVE-2021-23385
MLIST:[debian-lts-announce] 20230828 [SECURITY] [DLA 3546-1] opendmarc security update CVE-2020-12272
MLIST:[debian-lts-announce] 20230829 [SECURITY] [DLA 3548-1] qpdf security update CVE-2018-18020 CVE-2021-25786 CVE-2021-36978
MLIST:[debian-lts-announce] 20230829 [SECURITY] [DLA 3549-1] ring security update CVE-2021-37706 CVE-2021-43299 CVE-2021-43300 CVE-2021-43301 CVE-2021-43302 CVE-2021-43303 CVE-2021-43804 CVE-2021-43845 CVE-2022-21722 CVE-2022-21723 CVE-2022-23537 CVE-2022-23547 CVE-2022-23608 CVE-2022-24754 CVE-2022-24763 CVE-2022-24764 CVE-2022-24793 CVE-2022-31031 CVE-2022-39244 CVE-2023-27585
MLIST:[debian-lts-announce] 20230831 [SECURITY] [DLA 3551-1] otrs2 security update CVE-2019-11358 CVE-2019-12248 CVE-2019-12497 CVE-2019-12746 CVE-2019-13458 CVE-2019-16375 CVE-2019-18179 CVE-2019-18180 CVE-2020-11022 CVE-2020-11023 CVE-2020-1765 CVE-2020-1766 CVE-2020-1767 CVE-2020-1769 CVE-2020-1770 CVE-2020-1771 CVE-2020-1772 CVE-2020-1773 CVE-2020-1774 CVE-2020-1776 CVE-2021-21252 CVE-2021-21439 CVE-2021-21440 CVE-2021-21441 CVE-2021-21443 CVE-2021-36091 CVE-2021-36100 CVE-2021-41182 CVE-2021-41183 CVE-2021-41184 CVE-2022-4427 CVE-2023-38060
MLIST:[debian-lts-announce] 20230905 [SECURITY] [DLA 3555-1] php7.3 security update CVE-2023-3823 CVE-2023-3824
MLIST:[debian-lts-announce] 20230905 [SECURITY] [DLA 3556-1] aom security update CVE-2020-36130 CVE-2020-36131 CVE-2020-36133 CVE-2020-36135 CVE-2021-30473 CVE-2021-30474 CVE-2021-30475
MLIST:[debian-lts-announce] 20230907 [SECURITY] [DLA 3557-1] memcached security update CVE-2022-48571
MLIST:[debian-lts-announce] 20230908 [SECURITY] [DLA 3559-1] libssh2 security update CVE-2019-13115 CVE-2019-17498 CVE-2020-22218
MLIST:[debian-lts-announce] 20230910 [SECURITY] [DLA 3560-1] libraw security update CVE-2020-22628
MLIST:[debian-lts-announce] 20230912 [SECURITY] [DLA 3561-1] node-cookiejar security update CVE-2022-25901
MLIST:[debian-lts-announce] 20230912 [SECURITY] [DLA 3562-1] orthanc security update CVE-2023-33466
MLIST:[debian-lts-announce] 20230912 [SECURITY] [DLA 3564-1] e2guardian security update CVE-2021-44273
MLIST:[debian-lts-announce] 20230913 [SECURITY] [DLA 3565-1] ruby-loofah security update CVE-2022-23514 CVE-2022-23515 CVE-2022-23516
MLIST:[debian-lts-announce] 20230913 [SECURITY] [DLA 3566-1] ruby-rails-html-sanitizer security update CVE-2022-23517 CVE-2022-23518 CVE-2022-23519 CVE-2022-23520
MLIST:[debian-lts-announce] 20230914 [SECURITY] [DLA 3563-1] samba security update CVE-2016-2124 CVE-2019-10218 CVE-2019-14833 CVE-2019-14847 CVE-2019-14902 CVE-2019-14907 CVE-2019-19344
MLIST:[debian-lts-announce] 20230915 [SECURITY] [DLA 3567-1] c-ares security update CVE-2020-22217
MLIST:[debian-lts-announce] 20230919 [SECURITY] [DLA 3571-1] openjdk-11 security update CVE-2023-21930 CVE-2023-21937 CVE-2023-21938 CVE-2023-21939 CVE-2023-21954 CVE-2023-21967 CVE-2023-21968 CVE-2023-22006 CVE-2023-22036 CVE-2023-22041 CVE-2023-22045 CVE-2023-22049
MLIST:[debian-lts-announce] 20230919 [SECURITY] [DLA 3572-1] libyang security update CVE-2019-20391 CVE-2019-20392 CVE-2019-20393 CVE-2019-20394 CVE-2019-20395 CVE-2019-20396 CVE-2019-20397 CVE-2019-20398
MLIST:[debian-lts-announce] 20230919 [SECURITY] [DLA 3573-1] frr security update CVE-2022-36440 CVE-2022-40302 CVE-2022-40318 CVE-2022-43681 CVE-2023-31490 CVE-2023-38802 CVE-2023-41358 CVE-2023-41360 CVE-2023-41361 CVE-2023-41909
MLIST:[debian-lts-announce] 20230920 [SECURITY] [DLA 3574-1] mutt security update CVE-2023-4874 CVE-2023-4875
MLIST:[debian-lts-announce] 20230920 [SECURITY] [DLA 3575-1] python2.7 security update CVE-2021-23336 CVE-2022-0391 CVE-2022-48560 CVE-2022-48565 CVE-2022-48566 CVE-2023-24329 CVE-2023-40217
MLIST:[debian-lts-announce] 20230921 [SECURITY] [DLA 3576-1] gsl security update CVE-2020-35357
MLIST:[debian-lts-announce] 20230922 [SECURITY] [DLA 3577-1] roundcube security update CVE-2023-43770
MLIST:[debian-lts-announce] 20230922 [SECURITY] [DLA 3578-1] lldpd security update CVE-2023-41910
MLIST:[debian-lts-announce] 20230923 [SECURITY] [DLA 3579-1] elfutils security update CVE-2020-21047
MLIST:[debian-lts-announce] 20230925 [SECURITY] [DLA 3581-1] flac security update CVE-2020-22219
MLIST:[debian-lts-announce] 20230925 [SECURITY] [DLA 3582-1] ghostscript security update CVE-2020-21710 CVE-2020-21890
MLIST:[debian-lts-announce] 20230925 [SECURITY] [DLA 3583-1] glib2.0 security update CVE-2023-29499 CVE-2023-32611 CVE-2023-32665
MLIST:[debian-lts-announce] 20230925 [SECURITY] [DLA 3584-1] netatalk security update CVE-2023-42464
MLIST:[debian-lts-announce] 20230925 [SECURITY] [DLA 3585-1] exempi security update CVE-2020-18651 CVE-2020-18652 CVE-2021-36045 CVE-2021-36046 CVE-2021-36047 CVE-2021-36048 CVE-2021-36050 CVE-2021-36051 CVE-2021-36052 CVE-2021-36053 CVE-2021-36054 CVE-2021-36055 CVE-2021-36056 CVE-2021-36057 CVE-2021-36058 CVE-2021-36064 CVE-2021-39847 CVE-2021-40716 CVE-2021-40732 CVE-2021-42528 CVE-2021-42529 CVE-2021-42530 CVE-2021-42531 CVE-2021-42532
MLIST:[debian-lts-announce] 20230928 [SECURITY] [DLA 3586-1] ncurses security update CVE-2020-19189
MLIST:[debian-lts-announce] 20230929 [SECURITY] [DLA 3587-1] firefox-esr security update CVE-2023-5169 CVE-2023-5171 CVE-2023-5176
MLIST:[debian-lts-announce] 20230929 [SECURITY] [DLA 3588-1] vim security update CVE-2023-4752 CVE-2023-4781
MLIST:[debian-lts-announce] 20230929 [SECURITY] [DLA 3589-1] python-git security update CVE-2023-41040
MLIST:[debian-lts-announce] 20230929 [SECURITY] [DLA 3590-1] python-reportlab security update CVE-2019-19450 CVE-2020-28463
MLIST:[debian-lts-announce] 20230930 [SECURITY] [DLA 3591-1] firefox-esr security update CVE-2023-5217
MLIST:[debian-lts-announce] 20230930 [SECURITY] [DLA 3592-1] jetty9 security update CVE-2023-26048 CVE-2023-26049 CVE-2023-36479 CVE-2023-40167
MLIST:[debian-lts-announce] 20230930 [SECURITY] [DLA 3593-1] gerbv security update CVE-2021-40393 CVE-2021-40394
MLIST:[debian-lts-announce] 20230930 [SECURITY] [DLA 3594-1] cups security update CVE-2023-32360 CVE-2023-4504
MLIST:[debian-lts-announce] 20230930 [SECURITY] [DLA 3595-1] trafficserver security update CVE-2022-47185 CVE-2023-33934
MLIST:[debian-lts-announce] 20230930 [SECURITY] [DLA 3596-1] firmware-nonfree security update CVE-2022-27635 CVE-2022-36351 CVE-2022-38076 CVE-2022-40964 CVE-2022-46329
MLIST:[debian-lts-announce] 20231001 [SECURITY] [DLA 3598-1] libvpx security update CVE-2023-44488 CVE-2023-5217
MLIST:[debian-lts-announce] 20231005 [SECURITY] [DLA 3604-1] qemu security update CVE-2020-24165 CVE-2023-3180
MLIST:[debian-lts-announce] 20231007 [SECURITY] [DLA 3606-1] freerdp2 security update CVE-2020-11017 CVE-2020-11018 CVE-2020-11019 CVE-2020-11038 CVE-2020-11039 CVE-2020-11040 CVE-2020-11041 CVE-2020-11042 CVE-2020-11043 CVE-2020-11044 CVE-2020-11045 CVE-2020-11046 CVE-2020-11047 CVE-2020-11048 CVE-2020-11049 CVE-2020-11058 CVE-2020-11085 CVE-2020-11086 CVE-2020-11087 CVE-2020-11088 CVE-2020-11089 CVE-2020-11095 CVE-2020-11096 CVE-2020-11097 CVE-2020-11098 CVE-2020-11099 CVE-2020-13396 CVE-2020-13397 CVE-2020-13398 CVE-2020-15103 CVE-2020-4030 CVE-2020-4031 CVE-2020-4032 CVE-2020-4033 CVE-2023-39350 CVE-2023-39351 CVE-2023-39352 CVE-2023-39353 CVE-2023-39354 CVE-2023-39355 CVE-2023-39356 CVE-2023-40181 CVE-2023-40186 CVE-2023-40188 CVE-2023-40567 CVE-2023-40569 CVE-2023-40589
MLIST:[debian-lts-announce] 20231008 [SECURITY] [DLA 3609-1] prometheus-alertmanager security update CVE-2023-40577
MLIST:[debian-lts-announce] 20231008 [SECURITY] [DLA 3610-1] python-urllib3 security update CVE-2019-11236 CVE-2019-11324 CVE-2020-26137 CVE-2023-43804
MLIST:[debian-lts-announce] 20231008 [SECURITY] [DLA 3611-1] inetutils security update CVE-2019-0053 CVE-2023-40303
MLIST:[debian-lts-announce] 20231008 [SECURITY] [DLA 3612-1] lemonldap-ng security update CVE-2023-44469
MLIST:[debian-lts-announce] 20231009 [SECURITY] [DLA 3601-1] thunderbird security update CVE-2023-5169 CVE-2023-5171 CVE-2023-5176 CVE-2023-5217
MLIST:[debian-lts-announce] 20231011 [SECURITY] [DLA 3613-1] curl security update CVE-2023-28321
MLIST:[debian-lts-announce] 20231011 [SECURITY] [DLA 3614-1] python3.7 security update CVE-2022-48560 CVE-2022-48564 CVE-2022-48565 CVE-2022-48566 CVE-2023-40217
MLIST:[debian-lts-announce] 20231011 [SECURITY] [DLA 3615-1] libcue security update CVE-2023-43641
MLIST:[debian-lts-announce] 20231012 [SECURITY] [DLA 3616-1] org-mode security update CVE-2023-28617
MLIST:[debian-lts-announce] 20231013 [SECURITY] [DLA 3617-1] tomcat9 security update CVE-2023-24998 CVE-2023-41080 CVE-2023-42795 CVE-2023-44487 CVE-2023-45648
MLIST:[debian-lts-announce] 20231014 [SECURITY] [DLA 3619-1] batik security update CVE-2020-11987 CVE-2022-38398 CVE-2022-38648 CVE-2022-40146 CVE-2022-44729 CVE-2022-44730
MLIST:[debian-lts-announce] 20231016 [SECURITY] [DLA 3617-2] tomcat9 regression update CVE-2023-44487
MLIST:[debian-lts-announce] 20231016 [SECURITY] [DLA 3620-1] poppler security update CVE-2020-23804 CVE-2022-37050 CVE-2022-37051
MLIST:[debian-lts-announce] 20231016 [SECURITY] [DLA 3621-1] nghttp2 security update CVE-2020-11080 CVE-2023-44487
MLIST:[debian-lts-announce] 20231017 [SECURITY] [DLA 3622-1] axis security update CVE-2023-40743
MLIST:[debian-lts-announce] 20231019 [SECURITY] [DLA 3618-1] node-babel security update CVE-2023-45133
MLIST:[debian-lts-announce] 20231019 [SECURITY] [DLA 3623-1] linux-5.10 security update CVE-2022-39189 CVE-2022-4269 CVE-2023-1206 CVE-2023-1380 CVE-2023-2002 CVE-2023-2007 CVE-2023-20588 CVE-2023-2124 CVE-2023-21255 CVE-2023-21400 CVE-2023-2269 CVE-2023-2898 CVE-2023-3090 CVE-2023-31084 CVE-2023-3111 CVE-2023-3141 CVE-2023-3212 CVE-2023-3268 CVE-2023-3338 CVE-2023-3389 CVE-2023-34256 CVE-2023-35788 CVE-2023-35823 CVE-2023-35824 CVE-2023-3609 CVE-2023-3611 CVE-2023-3776 CVE-2023-3863 CVE-2023-40283 CVE-2023-4244 CVE-2023-4622 CVE-2023-4623 CVE-2023-4921
MLIST:[debian-lts-announce] 20231021 [SECURITY] [DLA 3624-1] zookeeper security update CVE-2023-44981
MLIST:[debian-lts-announce] 20231022 [SECURITY] [DLA 3626-1] krb5 security update CVE-2023-36054
MLIST:[debian-lts-announce] 20231023 [SECURITY] [DLA 3627-1] redis security update CVE-2023-45145
MLIST:[debian-lts-announce] 20231023 [SECURITY] [DLA 3628-1] dbus security update CVE-2023-34969
MLIST:[debian-lts-announce] 20231023 [SECURITY] [DLA 3629-1] ceph security update CVE-2019-10222 CVE-2020-10753 CVE-2020-12059 CVE-2020-1700 CVE-2020-1760 CVE-2020-25678 CVE-2020-27781 CVE-2021-20288 CVE-2021-3524 CVE-2021-3531 CVE-2021-3979
MLIST:[debian-lts-announce] 20231024 [SECURITY] [DLA 3630-1] roundcube security update CVE-2023-5631
MLIST:[debian-lts-announce] 20231027 [SECURITY] [DLA 3632-1] firefox-esr security update CVE-2023-5721 CVE-2023-5724 CVE-2023-5725 CVE-2023-5728 CVE-2023-5730 CVE-2023-5732
MLIST:[debian-lts-announce] 20231028 [SECURITY] [DLA 3634-1] nss security update CVE-2020-25648
MLIST:[debian-lts-announce] 20231029 [SECURITY] [DLA 3635-1] node-browserify-sign security update CVE-2023-46234
MLIST:[debian-lts-announce] 20231029 [SECURITY] [DLA 3637-1] thunderbird security update CVE-2023-5721 CVE-2023-5724 CVE-2023-5725 CVE-2023-5728 CVE-2023-5730 CVE-2023-5732
MLIST:[debian-lts-announce] 20231030 [SECURITY] [DLA 3641-1] jetty9 security update CVE-2020-27218 CVE-2023-36478 CVE-2023-44487
MLIST:[debian-lts-announce] 20231031 [SECURITY] [DLA 3638-1] h2o security update CVE-2023-44487
MLIST:[debian-lts-announce] 20231031 [SECURITY] [DLA 3643-1] pmix security update CVE-2023-41915
MLIST:[debian-lts-announce] 20231103 [SECURITY] [DLA 3644-1] phppgadmin security update CVE-2023-40619
MLIST:[debian-lts-announce] 20231105 [SECURITY] [DLA 3645-1] trafficserver security update CVE-2023-41752 CVE-2023-44487
MLIST:[debian-lts-announce] 20231105 [SECURITY] [DLA 3646-1] open-vm-tools security update CVE-2023-34059
MLIST:[debian-lts-announce] 20231107 [SECURITY] [DLA 3648-1] tang security update CVE-2023-1672
MLIST:[debian-lts-announce] 20231108 [SECURITY] [DLA 3649-1] python-urllib3 security update CVE-2023-43803
MLIST:[debian-lts-announce] 20231112 [SECURITY] [DLA 3650-1] audiofile security update CVE-2019-13147 CVE-2022-24599
MLIST:[debian-lts-announce] 20231114 [SECURITY] [DLA 3652-1] ruby-sanitize security update CVE-2023-36823
MLIST:[debian-lts-announce] 20231117 [SECURITY] [DLA 3654-1] freerdp2 security update CVE-2021-41160 CVE-2022-24883 CVE-2022-39282 CVE-2022-39283 CVE-2022-39316 CVE-2022-39318 CVE-2022-39319 CVE-2022-39347 CVE-2022-41877
MLIST:[debian-lts-announce] 20231118 [SECURITY] [DLA 3655-1] lwip security update CVE-2020-22283
MLIST:[debian-lts-announce] 20231119 [SECURITY] [DLA 3656-1] netty security update CVE-2023-44487
MLIST:[debian-lts-announce] 20231120 [SECURITY] [DLA 3657-1] activemq security update CVE-2020-13920 CVE-2021-26117
MLIST:[debian-lts-announce] 20231120 [SECURITY] [DLA 3658-1] wordpress security update CVE-2023-39999 CVE-2023-5561
MLIST:[debian-lts-announce] 20231121 [SECURITY] [DLA 3659-1] gimp security update CVE-2022-30067
MLIST:[debian-lts-announce] 20231123 [SECURITY] [DLA 3661-1] firefox-esr security update CVE-2023-6204 CVE-2023-6205 CVE-2023-6206 CVE-2023-6207 CVE-2023-6208 CVE-2023-6209 CVE-2023-6212
MLIST:[debian-lts-announce] 20231124 [SECURITY] [DLA 3664-1] symfony security update CVE-2023-46734
MLIST:[debian-lts-announce] 20231125 [SECURITY] [DLA 3662-1] freeimage security update CVE-2020-21427 CVE-2020-21428 CVE-2020-22524
MLIST:[debian-lts-announce] 20231125 [SECURITY] [DLA 3665-1] node-json5 security update CVE-2022-46175
MLIST:[debian-lts-announce] 20231127 [SECURITY] [DLA 3669-1] cryptojs security update CVE-2023-46233
MLIST:[debian-lts-announce] 20231127 [SECURITY] [DLA 3670-1] minizip security update CVE-2023-45853
MLIST:[debian-lts-announce] 20231128 [SECURITY] [DLA 3671-1] mediawiki security update CVE-2023-3550 CVE-2023-45362 CVE-2023-45363
MLIST:[debian-lts-announce] 20231130 [SECURITY] [DLA 3674-1] thunderbird security update CVE-2023-6204 CVE-2023-6205 CVE-2023-6206 CVE-2023-6207 CVE-2023-6208 CVE-2023-6209 CVE-2023-6212
MLIST:[debian-lts-announce] 20231130 [SECURITY] [DLA 3676-1] horizon security update CVE-2022-45582
MLIST:[debian-lts-announce] 20231130 [SECURITY] [DLA 3676-1] libde265 security update CVE-2023-27102 CVE-2023-27103 CVE-2023-43887 CVE-2023-47471
MLIST:[debian-lts-announce] 20231130 [SECURITY] [DLA 3679-1] vlc security update CVE-2023-47359 CVE-2023-47360
MLIST:[debian-lts-announce] 20231201 [SECURITY] [DLA 3675-1] zbar security update CVE-2023-40889 CVE-2023-40890
MLIST:[debian-lts-announce] 20231201 [SECURITY] [DLA 3678-1] horizon security update - CORRECTED ANNOUNCEMENT CVE-2022-45582
MLIST:[debian-lts-announce] 20231203 [SECURITY] [DLA 3680-1] opendkim security update CVE-2022-48521
MLIST:[debian-lts-announce] 20231203 [SECURITY] [DLA 3681-1] amanda security update CVE-2022-37703 CVE-2022-37705 CVE-2023-30577
MLIST:[debian-lts-announce] 20231203 [SECURITY] [DLA 3682-1] ncurses security update CVE-2021-39537 CVE-2023-29491
MLIST:[debian-lts-announce] 20231204 [SECURITY] [DLA 3683-1] roundcube security update CVE-2023-47272
MLIST:[debian-lts-announce] 20231213 [SECURITY] [DLA 3687-1] rabbitmq-server security update CVE-2023-46118
MLIST:[debian-lts-announce] 20231214 [SECURITY] [DLA 3688-1] haproxy security update CVE-2023-45539
MLIST:[debian-lts-announce] 20231215 [SECURITY] [DLA 3689-1] bluez security update CVE-2023-45866
MLIST:[debian-lts-announce] 20231216 [SECURITY] [DLA 3690-1] intel-microcode security update CVE-2023-23583
MLIST:[debian-lts-announce] 20231222 [SECURITY] [DLA 3692-1] curl security update CVE-2023-28322 CVE-2023-46218
MLIST:[debian-lts-announce] 20231223 [SECURITY] [DLA 3693-1] osslsigncode security update CVE-2023-36377
MLIST:[debian-lts-announce] 20231226 [SECURITY] [DLA 3694-1] openssh security update CVE-2021-41617 CVE-2023-48795 CVE-2023-51385
MLIST:[debian-lts-announce] 20231228 [SECURITY] [DLA 3695-1] ansible security update CVE-2019-10206 CVE-2021-20178 CVE-2021-20191 CVE-2021-3447 CVE-2021-3583 CVE-2021-3620 CVE-2022-3697
MLIST:[debian-lts-announce] 20231228 [SECURITY] [DLA 3696-1] asterisk security update CVE-2023-37457 CVE-2023-38703 CVE-2023-49294 CVE-2023-49786
MLIST:[debian-lts-announce] 20231229 [SECURITY] [DLA 3697-1] firefox-esr security update CVE-2023-6856 CVE-2023-6857 CVE-2023-6858 CVE-2023-6859 CVE-2023-6860 CVE-2023-6861 CVE-2023-6862 CVE-2023-6863 CVE-2023-6865 CVE-2023-6867
MLIST:[debian-lts-announce] 20231229 [SECURITY] [DLA 3698-1] thunderbird security update CVE-2023-50761 CVE-2023-50762 CVE-2023-6856 CVE-2023-6857 CVE-2023-6858 CVE-2023-6859 CVE-2023-6860 CVE-2023-6861 CVE-2023-6862 CVE-2023-6873
MLIST:[debian-lts-announce] 20231230 [SECURITY] [DLA 3699-1] libde265 security update CVE-2023-49465 CVE-2023-49467 CVE-2023-49468
MLIST:[debian-lts-announce] 20231230 [SECURITY] [DLA 3700-1] cjson security update CVE-2023-50471
MLIST:[debian-lts-announce] 20231230 [SECURITY] [DLA 3701-1] tinyxml security update CVE-2023-34194 CVE-2023-40462
MLIST:[debian-lts-announce] 20231231 [SECURITY] [DLA 3703-1] libreoffice security update CVE-2020-12801 CVE-2020-12802 CVE-2020-12803 CVE-2023-6185 CVE-2023-6186
MLIST:[debian-lts-announce] 20231231 [SECURITY] [DLA 3704-1] xerces-c security update CVE-2018-1311 CVE-2023-37536
MLIST:[debian-lts-announce] 20231231 [SECURITY] [DLA 3705-1] php-guzzlehttp-psr7 security update CVE-2023-29197
MLIST:[debian-lts-announce] 20240104 [SECURITY] [DLA 3706-1] netatalk security update CVE-2022-22995
MLIST:[debian-lts-announce] 20240105 [SECURITY] [DLA 3707-1] tomcat9 security update CVE-2023-46589
MLIST:[debian-lts-announce] 20240105 [SECURITY] [DLA 3708-1] exim4 security update CVE-2023-51766
MLIST:[debian-lts-announce] 20240109 [SECURITY] [DLA 3709-1] squid security update CVE-2023-49285 CVE-2023-49286 CVE-2023-50269
MLIST:[debian-lts-announce] 20240111 [SECURITY] [DLA 3710-1] linux security update CVE-2021-44879 CVE-2023-0590 CVE-2023-1077 CVE-2023-1206 CVE-2023-1989 CVE-2023-25775 CVE-2023-3212 CVE-2023-3390 CVE-2023-34319 CVE-2023-34324 CVE-2023-35001 CVE-2023-3609 CVE-2023-3611 CVE-2023-3776 CVE-2023-40283 CVE-2023-4206 CVE-2023-4207 CVE-2023-4208 CVE-2023-4244 CVE-2023-45863 CVE-2023-45871 CVE-2023-4622 CVE-2023-4623 CVE-2023-4921 CVE-2023-51780 CVE-2023-51781 CVE-2023-51782 CVE-2023-5717 CVE-2023-6931 CVE-2023-6932
MLIST:[debian-lts-announce] 20240111 [SECURITY] [DLA 3711-1] linux-5.10 security update CVE-2021-44879 CVE-2023-25775 CVE-2023-34324 CVE-2023-35827 CVE-2023-45863 CVE-2023-46813 CVE-2023-46862 CVE-2023-51780 CVE-2023-51781 CVE-2023-51782 CVE-2023-5197 CVE-2023-5717 CVE-2023-6817 CVE-2023-6931 CVE-2023-6932
MLIST:[debian-lts-announce] 20240121 [SECURITY] [DLA 3714-1] keystone security update CVE-2021-3563 CVE-2021-38155
MLIST:[debian-lts-announce] 20240123 [SECURITY] [DLA 3712-1] kodi security update CVE-2017-5982 CVE-2021-42917 CVE-2023-23082 CVE-2023-30207
MLIST:[debian-lts-announce] 20240123 [SECURITY] [DLA 3715-1] jinja2 security update CVE-2024-22195
MLIST:[debian-lts-announce] 20240123 [SECURITY] [DLA 3716-1] ruby-httparty security update CVE-2024-22049
MLIST:[debian-lts-announce] 20240124 [SECURITY] [DLA 3717-1] zabbix security update CVE-2023-32721 CVE-2023-32723 CVE-2023-32726
MLIST:[debian-lts-announce] 20240125 [SECURITY] [DLA 3718-1] php-phpseclib security update CVE-2023-48795
MLIST:[debian-lts-announce] 20240125 [SECURITY] [DLA 3719-1] phpseclib security update CVE-2023-48795
MLIST:[debian-lts-announce] 20240125 [SECURITY] [DLA 3720-1] thunderbird security update CVE-2024-0741 CVE-2024-0742 CVE-2024-0746 CVE-2024-0747 CVE-2024-0750 CVE-2024-0751 CVE-2024-0753 CVE-2024-0755
MLIST:[debian-lts-announce] 20240127 [SECURITY] [DLA 3722-1] mariadb-10.3 security update CVE-2023-22084
MLIST:[debian-lts-announce] 20240127 [SECURITY] [DLA 3723-1] libspreadsheet-parsexlsx-perl security update CVE-2024-22368 CVE-2024-23525
MLIST:[debian-lts-announce] 20240129 [SECURITY] [DLA 3724-1] pillow security update CVE-2023-50447
MLIST:[debian-lts-announce] 20240130 [SECURITY] [DLA 3725-1] postfix security update CVE-2023-51764
MLIST:[debian-lts-announce] 20240130 [SECURITY] [DLA 3726-1] bind9 security update CVE-2023-3341
MLIST:[debian-lts-announce] 20240131 [SECURITY] [DLA 3727-1] firefox-esr security update CVE-2024-0741 CVE-2024-0742 CVE-2024-0746 CVE-2024-0747 CVE-2024-0750 CVE-2024-0751 CVE-2024-0753 CVE-2024-0755
MLIST:[debian-lts-announce] 20240131 [SECURITY] [DLA 3728-1] openjdk-11 security update CVE-2024-20918 CVE-2024-20926 CVE-2024-20952
MLIST:[debian-lts-announce] 20240203 [SECURITY] [DLA 3732-1] sudo security update CVE-2023-28486 CVE-2023-28487 CVE-2023-7090
MLIST:[debian-lts-announce] 20240203 [SECURITY] [DLA 3733-1] rear security update CVE-2024-23301
MLIST:[debian-lts-announce] 20240218 [SECURITY] [DLA 3734-1] openvswitch security update CVE-2023-5366
MLIST:[debian-lts-announce] 20240219 [SECURITY] [DLA 3735-1] runc security update CVE-2021-43784 CVE-2024-21626
MLIST:[debian-lts-announce] 20240221 [SECURITY] [DLA 3736-1] unbound security update CVE-2023-50387 CVE-2023-50868
MLIST:[debian-lts-announce] 20240222 [SECURITY] [DLA 3737-1] imagemagick security update CVE-2023-1289 CVE-2023-34151
MLIST:[debian-lts-announce] 20240225 [SECURITY] [DLA 3739-1] libjwt security update CVE-2024-25189
MLIST:[debian-lts-announce] 20240226 [SECURITY] [DLA 3741-1] engrampa security update CVE-2023-52138
MLIST:[debian-lts-announce] 20240227 [SECURITY] [DLA 3742-1] libgit2 security update CVE-2024-24577
MLIST:[debian-lts-announce] 20240227 [SECURITY] [DLA 3743-1] wpa security update CVE-2023-52160
MLIST:[debian-lts-announce] 20240229 [SECURITY] [DLA 3745-1] gsoap security update CVE-2020-13574 CVE-2020-13575 CVE-2020-13576 CVE-2020-13577 CVE-2020-13578
MLIST:[debian-lts-announce] 20240229 [SECURITY] [DLA 3746-1] wireshark security update CVE-2023-4511 CVE-2023-4513 CVE-2024-0208
MLIST:[debian-lts-announce] 20240304 [SECURITY] [DLA 3747-1] firefox-esr security update CVE-2024-1546 CVE-2024-1547 CVE-2024-1548 CVE-2024-1549 CVE-2024-1550 CVE-2024-1551 CVE-2024-1552 CVE-2024-1553
MLIST:[debian-lts-announce] 20240304 [SECURITY] [DLA 3748-1] thunderbird security update CVE-2024-1546 CVE-2024-1547 CVE-2024-1548 CVE-2024-1549 CVE-2024-1550 CVE-2024-1551 CVE-2024-1552 CVE-2024-1553
MLIST:[debian-lts-announce] 20240305 [SECURITY] [DLA 3749-1] phpseclib security update CVE-2024-27354 CVE-2024-27355
MLIST:[debian-lts-announce] 20240305 [SECURITY] [DLA 3750-1] php-phpseclib security update CVE-2024-27354 CVE-2024-27355
MLIST:[debian-lts-announce] 20240305 [SECURITY] [DLA 3751-1] libapache2-mod-auth-openidc security update CVE-2024-24814
MLIST:[debian-lts-announce] 20240305 [SECURITY] [DLA 3752-1] libuv1 security update CVE-2024-24806
MLIST:[debian-lts-announce] 20240306 [SECURITY] [DLA 3753-1] yard security update CVE-2019-1020001 CVE-2024-27285
MLIST:[debian-lts-announce] 20240307 [SECURITY] [DLA 3754-1] fontforge security update CVE-2020-5395 CVE-2020-5496 CVE-2024-25081 CVE-2024-25082
MLIST:[debian-lts-announce] 20240311 [SECURITY] [DLA 3759-1] qemu security update CVE-2023-3354
MLIST:[debian-lts-announce] 20240314 [SECURITY] [DLA 3760-1] node-xml2js security update CVE-2023-0842
MLIST:[debian-lts-announce] 20240315 [SECURITY] [DLA 3761-1] spip security update CVE-2023-52322
MLIST:[debian-lts-announce] 20240315 [SECURITY] [DLA 3762-1] unadf security update CVE-2016-1243 CVE-2016-1244
MLIST:[debian-lts-announce] 20240317 [SECURITY] [DLA 3763-1] curl security update CVE-2023-27534
MLIST:[debian-lts-announce] 20240318 [SECURITY] [DLA 3765-1] cacti security update CVE-2023-39357 CVE-2023-39360 CVE-2023-39361 CVE-2023-39362 CVE-2023-39364 CVE-2023-39365 CVE-2023-39513 CVE-2023-39515 CVE-2023-39516 CVE-2023-49084 CVE-2023-49085 CVE-2023-49088
MLIST:[debian-lts-announce] 20240318 [SECURITY] [DLA 3766-1] zfs-linux security update CVE-2013-20001 CVE-2023-49298
MLIST:[debian-lts-announce] 20240320 [SECURITY] [DLA 3767-1] imagemagick security update CVE-2022-48541
MLIST:[debian-lts-announce] 20240322 [SECURITY] [DLA 3768-1] pillow security update CVE-2021-23437 CVE-2022-22817 CVE-2023-44271
MLIST:[debian-lts-announce] 20240323 [SECURITY] [DLA 3769-1] thunderbird security update CVE-2023-5388 CVE-2024-0743 CVE-2024-1936 CVE-2024-2607 CVE-2024-2608 CVE-2024-2610 CVE-2024-2611 CVE-2024-2612 CVE-2024-2614 CVE-2024-2616
MLIST:[debian-lts-announce] 20240323 [SECURITY] [DLA 3770-1] libnet-cidr-lite-perl security update CVE-2021-47154
MLIST:[debian-lts-announce] 20240325 [SECURITY] [DLA 3774-1] gross security update CVE-2023-52159
MLIST:[debian-lts-announce] 20240325 [SECURITY] [DLA 3775-1] firefox-esr security update CVE-2023-5388 CVE-2024-0743 CVE-2024-2607 CVE-2024-2608 CVE-2024-2610 CVE-2024-2611 CVE-2024-2612 CVE-2024-2614 CVE-2024-2616 CVE-2024-29944
MLIST:[debian-lts-announce] 20240327 [SECURITY] [DLA 3776-1] nodejs security update CVE-2023-30590 CVE-2024-22025
MLIST:[debian-lts-announce] 20240327 [SECURITY] [DLA 3777-1] composer security update CVE-2023-43655
MLIST:[debian-lts-announce] 20240401 [SECURITY] [DLA 3778-1] libvirt security update CVE-2020-10703 CVE-2020-12430 CVE-2020-25637 CVE-2021-3631 CVE-2021-3667 CVE-2021-3975 CVE-2021-4147 CVE-2022-0897
MLIST:[debian-lts-announce] 20240406 [SECURITY] [DLA 3779-1] tomcat9 security update CVE-2024-23672 CVE-2024-24549
MLIST:[debian-lts-announce] 20240406 [SECURITY] [DLA 3780-1] jetty9 security update CVE-2024-22201
MLIST:[debian-lts-announce] 20240406 [SECURITY] [DLA 3781-1] libgd2 security update CVE-2018-14553 CVE-2021-38115 CVE-2021-40812
MLIST:[debian-lts-announce] 20240407 [SECURITY] [DLA 3782-1] util-linux security update CVE-2021-37600 CVE-2024-28085
MLIST:[debian-lts-announce] 20240407 [SECURITY] [DLA 3784-1] libcaca security update CVE-2021-30498 CVE-2021-30499
MLIST:[debian-lts-announce] 20240409 [SECURITY] [DLA 3783-1] expat security update CVE-2023-52425
MLIST:[debian-lts-announce] 20240409 [SECURITY] [DLA 3785-1] gtkwave security update CVE-2023-32650 CVE-2023-34087 CVE-2023-34436 CVE-2023-35004 CVE-2023-35057 CVE-2023-35128 CVE-2023-35702 CVE-2023-35703 CVE-2023-35704 CVE-2023-35955 CVE-2023-35956 CVE-2023-35957 CVE-2023-35958 CVE-2023-35959 CVE-2023-35960 CVE-2023-35961 CVE-2023-35962 CVE-2023-35963 CVE-2023-35964 CVE-2023-35969 CVE-2023-35970 CVE-2023-35989 CVE-2023-35992 CVE-2023-35994 CVE-2023-35995 CVE-2023-35996 CVE-2023-35997 CVE-2023-36746 CVE-2023-36747 CVE-2023-36861 CVE-2023-36864 CVE-2023-36915 CVE-2023-36916 CVE-2023-37282 CVE-2023-37416 CVE-2023-37417 CVE-2023-37418 CVE-2023-37419 CVE-2023-37420 CVE-2023-37442 CVE-2023-37443 CVE-2023-37444 CVE-2023-37445 CVE-2023-37446 CVE-2023-37447 CVE-2023-37573 CVE-2023-37574 CVE-2023-37575 CVE-2023-37576 CVE-2023-37577 CVE-2023-37578 CVE-2023-37921 CVE-2023-37922 CVE-2023-37923 CVE-2023-38583 CVE-2023-38618 CVE-2023-38619 CVE-2023-38620 CVE-2023-38621 CVE-2023-38622 CVE-2023-38623 CVE-2023-38648 CVE-2023-38649 CVE-2023-38650 CVE-2023-38651 CVE-2023-38652 CVE-2023-38653 CVE-2023-38657 CVE-2023-39234 CVE-2023-39235 CVE-2023-39270 CVE-2023-39271 CVE-2023-39272 CVE-2023-39273 CVE-2023-39274 CVE-2023-39275 CVE-2023-39316 CVE-2023-39317 CVE-2023-39413 CVE-2023-39414 CVE-2023-39443 CVE-2023-39444
MLIST:[debian-lts-announce] 20240410 [SECURITY] [DLA 3786-1] pillow security update CVE-2024-28219
MLIST:[debian-lts-announce] 20240422 [SECURITY] [DLA 3791-1] thunderbird security update CVE-2024-2609 CVE-2024-3852 CVE-2024-3854 CVE-2024-3857 CVE-2024-3859 CVE-2024-3861
MLIST:[debian-lts-announce] 20240422 [SECURITY] [DLA 3792-1] samba security update CVE-2020-14318 CVE-2020-14323 CVE-2020-14383 CVE-2022-32742 CVE-2022-3437
MLIST:[debian-lts-announce] 20240422 [SECURITY] [DLA 3793-1] openjdk-11 security update CVE-2024-21011 CVE-2024-21012 CVE-2024-21068 CVE-2024-21085 CVE-2024-21094
MLIST:[debian-lts-announce] 20240425 [SECURITY] [DLA 3794-1] putty security update CVE-2019-17069 CVE-2020-14002 CVE-2021-36367 CVE-2023-48795
MLIST:[debian-lts-announce] 20240426 [SECURITY] [DLA 3795-1] knot-resolver security update CVE-2019-10190 CVE-2019-10191 CVE-2019-19331 CVE-2020-12667
MLIST:[debian-lts-announce] 20240427 [SECURITY] [DLA 3796-1] mediawiki security update CVE-2023-51704
MLIST:[debian-lts-announce] 20240428 [SECURITY] [DLA 3797-1] frr security update CVE-2022-26125 CVE-2022-26126 CVE-2022-26127 CVE-2022-26128 CVE-2022-26129 CVE-2022-37035 CVE-2023-38406 CVE-2023-38407 CVE-2023-46752 CVE-2023-46753 CVE-2023-47234 CVE-2023-47235 CVE-2024-31948 CVE-2024-31949
MLIST:[debian-lts-announce] 20240428 [SECURITY] [DLA 3798-1] zabbix security update CVE-2024-22119
MLIST:[debian-lts-announce] 20240428 [SECURITY] [DLA 3799-1] trafficserver security update CVE-2024-31309
MLIST:[debian-lts-announce] 20240429 [SECURITY] [DLA 3800-1] ruby-rack security update CVE-2024-25126 CVE-2024-26141 CVE-2024-26146
MLIST:[debian-lts-announce] 20240429 [SECURITY] [DLA 3801-1] emacs security update CVE-2024-30203 CVE-2024-30204 CVE-2024-30205
MLIST:[debian-lts-announce] 20240430 [SECURITY] [DLA 3802-1] org-mode security update CVE-2024-30203 CVE-2024-30204 CVE-2024-30205
MLIST:[debian-lts-announce] 20240430 [SECURITY] [DLA 3804-1] nghttp2 security update CVE-2024-28182
MLIST:[debian-lts-announce] 20240430 [SECURITY] [DLA 3805-1] qtbase-opensource-src security update CVE-2023-24607 CVE-2023-32762 CVE-2023-32763 CVE-2023-33285 CVE-2023-37369 CVE-2023-38197 CVE-2023-51714
MLIST:[debian-lts-announce] 20240503 [SECURITY] [DLA 3807-1] glibc security update CVE-2024-2961
MLIST:[debian-lts-announce] 20240504 [SECURITY] [DLA 3808-1] intel-microcode security update CVE-2023-22655 CVE-2023-28746 CVE-2023-38575 CVE-2023-39368 CVE-2023-43490
MLIST:[debian-lts-announce] 20240505 [SECURITY] [DLA 3809-1] libkf5ksieve security update CVE-2023-52723
MLIST:[debian-lts-announce] 20240507 [SECURITY] [DLA 3810-1] php7.3 security update CVE-2024-2756 CVE-2024-3096
MLIST:[debian-lts-announce] 20240509 [SECURITY] [DLA 3812-1] libpgjava security update CVE-2024-1597
MLIST:[debian-lts-announce] 20240513 [SECURITY] [DLA 3814-1] glib2.0 security update CVE-2024-34397
MLIST:[debian-lts-announce] 20240514 [SECURITY] [DLA 3813-1] shim security update CVE-2023-40546 CVE-2023-40547 CVE-2023-40548 CVE-2023-40549 CVE-2023-40550 CVE-2023-40551
MLIST:[debian-lts-announce] 20240516 [SECURITY] [DLA 3815-1] firefox-esr security update CVE-2024-4367 CVE-2024-4767 CVE-2024-4768 CVE-2024-4769 CVE-2024-4770 CVE-2024-4777
MLIST:[debian-lts-announce] 20240517 [SECURITY] [DLA 3816-1] bind9 security update CVE-2023-50387 CVE-2023-50868
MLIST:[debian-lts-announce] 20240520 [SECURITY] [DLA 3817-1] thunderbird security update CVE-2024-4367 CVE-2024-4767 CVE-2024-4768 CVE-2024-4769 CVE-2024-4770 CVE-2024-4777
MLIST:[debian-lts-announce] 20240525 [SECURITY] [DLA 3818-1] apache2 security update CVE-2019-17567 CVE-2023-31122 CVE-2023-38709 CVE-2023-45802 CVE-2024-24795 CVE-2024-27316
MLIST:[debian-lts-announce] 20240525 [SECURITY] [DLA 3819-1] fossil security update CVE-2024-24795
MLIST:[debian-lts-announce] 20240525 [SECURITY] [DLA 3820-1] bluez security update CVE-2023-27349
MLIST:[debian-lts-announce] 20240526 [SECURITY] [DLA 3821-1] libreoffice security update CVE-2024-3044
MLIST:[debian-lts-announce] 20240527 [SECURITY] [DLA 3822-1] python-pymysql security update CVE-2024-36039
MLIST:[debian-lts-announce] 20240527 [SECURITY] [DLA 3823-1] less security update CVE-2022-48624 CVE-2024-32487
MLIST:[debian-lts-announce] 20240530 [SECURITY] [DLA 3824-1] gst-plugins-base1.0 security update CVE-2024-4453
MLIST:[debian-lts-announce] 20240613 [SECURITY] [DLA 3826-1] cups security update CVE-2024-35235
MLIST:[debian-lts-announce] 20240615 [SECURITY] [DLA 3828-1] atril security update CVE-2023-52076
MLIST:[debian-lts-announce] 20240615 [SECURITY] [DLA 3829-1] sendmail security update CVE-2023-51765
MLIST:[debian-lts-announce] 20240616 [SECURITY] [DLA 3830-1] libvpx security update CVE-2024-5197
MLIST:[debian-lts-announce] 20240617 [SECURITY] [DLA 3831-1] nano security update CVE-2024-5742
MLIST:[debian-lts-announce] 20240617 [SECURITY] [DLA 3832-1] pymongo security update CVE-2024-5629
MLIST:[debian-lts-announce] 20240617 [SECURITY] [DLA 3835-1] roundcube security update CVE-2024-37383 CVE-2024-37384
MLIST:[debian-lts-announce] 20240618 [SECURITY] [DLA 3833-1] php7.3 security update CVE-2024-5458
MLIST:[debian-lts-announce] 20240619 [SECURITY] [DLA 3836-1] thunderbird security update CVE-2024-5688 CVE-2024-5690 CVE-2024-5691 CVE-2024-5693 CVE-2024-5696 CVE-2024-5700 CVE-2024-5702
MLIST:[debian-lts-announce] 20240619 [SECURITY] [DLA 3837-1] libndp security update CVE-2024-5564
MLIST:[debian-lts-announce] 20240620 [SECURITY] [DLA 3839-1] putty security update CVE-2024-31497
MLIST:[debian-lts-announce] 20240621 [SECURITY] [DLA 3834-1] netty security update CVE-2024-29025
MLIST:[debian-openoffice] 20100212 ./packages/openofficeorg/3.1.1/unstable r1866: merge 1:3.1.1-15+squeeze1 CVE-2010-0136
MLIST:[debian-printing] 20151126 cups-filters 1.2.0 released! CVE-2015-8327
MLIST:[debian-printing] 20151201 Re: cups-filters 1.2.0 released! CVE-2015-8327
MLIST:[debian-security-announce] 20220211 [SECURITY] [DSA 5072-1] debian-edu-config security update CVE-2021-20001
MLIST:[debian-security-announce] 20220218 [SECURITY] [DSA 5081-1] redis security update CVE-2022-0543
MLIST:[debian-security-tracker] 20110908 Security Fix for mantis stable 1.1.8 CVE-2011-3356 CVE-2011-3357 CVE-2011-3358 CVE-2011-3578
MLIST:[debian-security-tracker] 20190412 CVE-2018-20509 CVE-2018-20509
MLIST:[debian-security] 20080219 qemu unchecked block read/write vulnerability CVE-2008-0928
MLIST:[debian-security] 20110510 Re: World writable pid and lock files. CVE-2011-2147
MLIST:[debian-security] 20110510 World writable pid and lock files. CVE-2011-2147
MLIST:[debian-sparc] 20060128 `date -s' on sparc64 CVE-2006-0482
MLIST:[debian-testing-security-announce] 20090211 Security update for Debian Testing - 2009-02-12 CVE-2009-0359
MLIST:[debian-testing-security-announce] 20090213 Security update for Debian Testing - 2009-02-14 CVE-2009-0363
MLIST:[deltaspike-dev] 20210816 Another XSS vulnerability of the same type as CVE-2017-17837 CVE-2017-17837
MLIST:[deltaspike-dev] 20210818 Re: Another XSS vulnerability of the same type as CVE-2017-17837 CVE-2017-17837
MLIST:[derby-user] 20180505 [ANNOUNCE] CVE-2018-1313: Apache Derby externally-controlled input vulnerability CVE-2018-1313
MLIST:[dev-crypto] 20071109 Bouncy Castle Crypto Provider Package version 1.36 now available CVE-2007-6721
MLIST:[dev-tech-nspr] 20131113 [ANNOUNCE] NSPR 4.10.2 Release CVE-2013-5607
MLIST:[dev-tech-nspr] 20160217 [ANNOUNCE] NSPR 4.12 Release CVE-2016-1951
MLIST:[dev] 20070813 Geronimo 2.0 Release suspended due to security issue found before release CVE-2007-4548
MLIST:[dev] 20090319 [DSECRG] Sun Glassfish Multiple Security Vulnerabilities CVE-2009-1553 CVE-2009-1554
MLIST:[dev] 20090411 Re: [DSECRG] Sun Glassfish Multiple Security Vulnerabilities CVE-2009-1553 CVE-2009-1554
MLIST:[dev] 20090424 Buffer overflow in apr_brigade_vprintf() ? CVE-2009-1956
MLIST:[dev] 20090424 Re: Buffer overflow in apr_brigade_vprintf() ? CVE-2009-1956
MLIST:[dev] 20110510 Re: Apache Portable Runtime 1.4.4 [...] Released CVE-2011-0419
MLIST:[dev] 20110510 Re: fnmatch rewrite in apr, apr 1.4.3 CVE-2011-0419
MLIST:[dev] 20110511 Re: Apache Portable Runtime 1.4.4 [...] Released CVE-2011-0419
MLIST:[dev] 20110823 Re: DoS with mod_deflate & range requests CVE-2011-3192
MLIST:[dev] 20120105 Hash collision vectors in APR? CVE-2012-0840
MLIST:[dev] 20120113 Re: Hash collision vectors in APR? CVE-2012-0840
MLIST:[dev] 20120114 Re: Hash collision vectors in APR? CVE-2012-0840
MLIST:[dev] 20120417 [ANNOUNCEMENT] Apache HTTP Server 2.4.2 Released CVE-2012-0883
MLIST:[dev] 20121022 [DISCUSS] - ActiveMQ out of the box - Should not include the demos CVE-2012-6551 CVE-2013-3060
MLIST:[dev] 20130327 [RCD] zero day vulnerability (tested on v8.0 to 9.0) CVE-2013-1904
MLIST:[dev] 20131008 [ANNOUNCE] mod_fcgid 2.3.9 released CVE-2013-4365
MLIST:[dev] 20140401 CVE-2013-5704, mod_headers and chunked trailer fields CVE-2013-5704
MLIST:[dev] 20150721 About CVE-2014-3576 CVE-2014-3576
MLIST:[dev] 20160621 CVE-2016-3092: Apache Commons Fileupload information disclosure vulnerability CVE-2016-3092
MLIST:[dev] 20170210 [SECURITY] CVE-2016-8737: Cross-site request forgery vulnerability in Apache Brooklyn CVE-2016-8737
MLIST:[dev] 20170210 [SECURITY] CVE-2016-8744: Apache Brooklyn, SnakeYAML configuration potentially allows remote code execution CVE-2016-8744
MLIST:[dev] 20170210 [SECURITY] CVE-2017-3165: Cross-site vulnerabilities in Apache Brooklyn CVE-2017-3165
MLIST:[dev] 20170507 CVE updates: fixes in Apache Atlas 0.7.1-incubating CVE-2017-3150 CVE-2017-3151 CVE-2017-3152 CVE-2017-3153 CVE-2017-3154 CVE-2017-3155
MLIST:[dev] 20170509 CVE-2016-6799: Internal system information leak CVE-2016-6799
MLIST:[dev] 20170523 CVE updates: fixes in Apache Atlas 0.8-incubating CVE-2016-8752
MLIST:[dev] 20170524 CVE-2016-3083: Apache Hive SSL vulnerability bug disclosure CVE-2016-3083
MLIST:[dev] 20170611 [ANNOUNCE] Apache NiFi CVE-2017-7667 and CVE-2017-7665 CVE-2017-7665 CVE-2017-7667
MLIST:[dev] 20170619 CVE-2017-3167: ap_get_basic_auth_pw authentication bypass CVE-2017-3167
MLIST:[dev] 20170619 CVE-2017-3169: mod_ssl null pointer dereference CVE-2017-3169
MLIST:[dev] 20170619 CVE-2017-7668: ap_find_token buffer overread CVE-2017-7668
MLIST:[dev] 20170619 CVE-2017-7679: mod_mime buffer overread CVE-2017-7679
MLIST:[dev] 20170710 CVE-2017-5640 Apache Impala (incubating) Information Disclosure CVE-2017-5640
MLIST:[dev] 20170710 [SECURITY] CVE-2017-5652 Apache Impala (incubating) Information Disclosure CVE-2017-5652
MLIST:[dev] 20170712 CVE-2017-7678 Apache Spark XSS web UI MHTML vulnerability CVE-2017-7678
MLIST:[dev] 20170809 [CVE-2017-9799] Apache Storm Possible Code Execution As A Different User CVE-2017-9799
MLIST:[dev] 20170814 CVE-2017-9802: Apache Sling XSS vulnerability CVE-2017-9802
MLIST:[dev] 20170926 CVE-2017-7687: Libprocess might crash when decoding a malformed request. CVE-2017-7687
MLIST:[dev] 20170926 CVE-2017-9790: Libprocess might crash when decoding an HTTP request with absent path. CVE-2017-9790
MLIST:[dev] 20170927 [SECURITY] CVE-2017-12621 Apache Commons Jelly connects to URL with custom doctype definitions. CVE-2017-12621
MLIST:[dev] 20171009 [SECURITY] CVE-2017-5637: DOS attack on wchp/wchc four letter words (4lw) CVE-2017-5637
MLIST:[dev] 20171114 Apache CouchDB CVE-2017-12635 and CVE-2017-12636 CVE-2017-12635 CVE-2017-12636
MLIST:[dev] 20171130 [SECURITY] [CVE-2017-15701] Apache Qpid Broker-J Denial of Service Vulnerability CVE-2017-15701
MLIST:[dev] 20171130 [SECURITY] [CVE-2017-15702] Apache Qpid Broker-J Authentication Vulnerability on HTTP Ports CVE-2017-15702
MLIST:[dev] 20171210 [CVE-2017-15708] Apache Synapse Remote Code Execution Vulnerability CVE-2017-15708
MLIST:[dev] 20171213 [SECURITY] CVE-2017-5663: Apache Fineract SQL Injection Vulnerability CVE-2017-5663
MLIST:[dev] 20171218 CVE-2017-15700 - Apache Sling Authentication Service vulnerability CVE-2017-15700
MLIST:[dev] 20171218 [SECURITY] CVE-2017-12630 Apache Drill XSS vulnerability CVE-2017-12630
MLIST:[dev] 20180108 CVE-2012-3353: Apache Sling Content Loading Vulnerability CVE-2012-3353
MLIST:[dev] 20180126 CVE-2017-12626 - Denial of Service Vulnerabilities in Apache POI < 3.17 CVE-2017-12626
MLIST:[dev] 20180206 [SECURITY] CVE-2018-1299 Apache Allura directory traversal vulnerability CVE-2018-1299
MLIST:[dev] 20180215 [CVE-2017-15712] Apache Oozie Server vulnerability CVE-2017-15712
MLIST:[dev] 20180227 [ANNOUNCE] Apache Traffic Server host header and line folding - CVE-2017-5660 CVE-2017-5660
MLIST:[dev] 20180227 [ANNOUNCE] Apache Traffic Server vulnerability with TLS handshake - CVE-2017-7671 CVE-2017-7671
MLIST:[dev] 20180315 [SECURITY] CVE-2018-1319 Apache Allura HTTP response splitting CVE-2018-1319
MLIST:[dev] 20180316 [CVE-2018-1324] Apache Commons Compress denial of service vulnerability CVE-2018-1324
MLIST:[dev] 20180402 [CVE-2018-1295]: Possible Execution of Arbitrary Code Within Deserialization Endpoints of Apache Ignite CVE-2018-1295
MLIST:[dev] 20180404 [SECURITY] CVE-2018-1282 JDBC driver is susceptible to SQL injection attack if the input parameters are not properly cleaned CVE-2018-1282
MLIST:[dev] 20180404 [SECURITY] CVE-2018-1284: Hive UDF series UDFXPathXXXX allow users to pass carefully crafted XML to access CVE-2018-1284
MLIST:[dev] 20180404 [SECURITY] CVE-2018-1315 'COPY FROM FTP' statement in HPL/SQL can write to arbitrary location if the FTP server is compromised CVE-2018-1315
MLIST:[dev] 20180419 [SECURITY] CVE-2018-1289: Apache Fineract SQL Injection Vulnerability by orderBy and sortOrder parameters CVE-2018-1289
MLIST:[dev] 20180419 [SECURITY] CVE-2018-1290: Apache Fineract SQL Injection Vulnerability - Single quotation escape caused by two continuous SQL parameters CVE-2018-1290
MLIST:[dev] 20180419 [SECURITY] CVE-2018-1291: Apache Fineract SQL Injection Vulnerability - Order by injection via Order Param CVE-2018-1291
MLIST:[dev] 20180419 [SECURITY] CVE-2018-1292: Apache Fineract SQL Injection Vulnerability - Injection via reportName parameter CVE-2018-1292
MLIST:[dev] 20180425 [CVE-2018-1335] Command Injection Vulnerability in Apache Tika's tika-server module CVE-2018-1335
MLIST:[dev] 20180425 [CVE-2018-1338] DoS (Infinite Loop) Vulnerability in Apache Tika's BPGParser CVE-2018-1338
MLIST:[dev] 20180425 [CVE-2018-1339] DoS (Infinite Loop) Vulnerability in Apache Tika's ChmParser CVE-2018-1339
MLIST:[dev] 20180711 CVE-2018-1334 Apache Spark local privilege escalation vulnerability CVE-2018-1334
MLIST:[dev] 20180711 CVE-2018-8024 Apache Spark XSS vulnerability in UI CVE-2018-8024
MLIST:[dev] 20180806 CVE-2017-12614 XSS Vulnerability in Airflow < 1.9 CVE-2017-12614
MLIST:[dev] 20180913 CVE-2018-1330: Libprocess might crash when decoding malformed HTTP requests or malformed JSON payload. CVE-2018-1330
MLIST:[dev] 20180921 CVE-2018-8023: A remote attacker can exploit a vulnerability in the JWT implementation to gain unauthenticated access to Mesos Executor HTTP API. CVE-2018-8023
MLIST:[dev] 20181004 [NOTICE] CVE-2017-5658: Derived information disclosure by Apache Pony Mail CVE-2017-5658
MLIST:[devel] 20090910 New version available [was: Is there a specific security contact address?] CVE-2009-2937
MLIST:[dhcp-users] 20101207 nagios check_tcp kills failover, then dhcp failure. CVE-2010-3616
MLIST:[dhcpcd-discuss] 20110406 [CVE-2011-996] dhcpcd does not strip or escape shell meta characters CVE-2011-0996
MLIST:[directfb-dev] 20140327 IDirectFBSurface Dispatch_Write bugs CVE-2014-2977 CVE-2014-2978
MLIST:[directory-commits] 20201104 [directory-server] branch master updated: Updating Jetty to 9.4.33 to fix CVE-2020-27216 CVE-2020-27216
MLIST:[directory-commits] 20210513 [directory-fortress-commander] branch master updated: FC-293 - CVE-2020-11976 - upgrade wicket core -> 8.9.0 CVE-2020-11976
MLIST:[directory-commits] 20210724 [directory-site] branch master updated: Publish CVE-2021-33900 CVE-2015-5349
MLIST:[directory-dev] 20180710 [Annoucement] CVE-2018-1337 Plaintext Password Disclosure in Secured Channel CVE-2018-1337
MLIST:[directory-dev] 20210513 [jira] [Created] (FC-293) [fortress-web] CVE-2020-11976 CVE-2020-11976
MLIST:[directory-dev] 20210514 [jira] [Closed] (FC-293) [fortress-web] CVE-2020-11976 CVE-2020-11976
MLIST:[directory-dev] 20210626 [jira] [Closed] (FC-293) [fortress-web] CVE-2020-11976 CVE-2020-11976
MLIST:[directory-dev] 20210626 [jira] [Reopened] (FC-293) [fortress-web] CVE-2020-11976 CVE-2020-11976
MLIST:[directory-dev] 20210626 [jira] [Resolved] (FC-293) [fortress-web] CVE-2020-11976 CVE-2020-11976
MLIST:[directory-dev] 20210626 [jira] [Updated] (FC-293) [fortress-web] CVE-2020-11976 CVE-2020-11976
MLIST:[directory-users] 20161029 Security vulnerability in Groovy LDAP API CVE-2016-6497
MLIST:[distcc] 20040826 Exploit in distcc ( got compromised ;( ) CVE-2004-2687
MLIST:[distributor-list] 20180820 A critical pango fix CVE-2018-15120
MLIST:[distro-pkg-dev] 20110720 IcedTea-Web 1.0.4 and 1.1.1 (security releases) released CVE-2011-2513 CVE-2011-2514
MLIST:[distro-pkg-dev] 20110720 [SECURITY] IcedTea6 1.8.9 & 1.9.9 Released! CVE-2011-2513 CVE-2011-2514
MLIST:[distro-pkg-dev] 20121107 IcedTea-Web 1.1.7, 1.2.2 and 1.3.1 [security releases] released! CVE-2012-4540
MLIST:[distro-pkg-dev] 20130304 [SECURITY] IcedTea6 1.11.9 and 1.12.4 Released! CVE-2013-0809 CVE-2013-1493
MLIST:[distro-pkg-dev] 20130417 IcedTea-Web 1.3.2 and 1.2.3 released! CVE-2013-1926 CVE-2013-1927
MLIST:[distro-pkg-dev] 20130417 [SECURITY] IcedTea 1.11.10 for OpenJDK 6 Released! CVE-2013-0401 CVE-2013-1488 CVE-2013-1518 CVE-2013-1537 CVE-2013-1557 CVE-2013-1569 CVE-2013-2383 CVE-2013-2384 CVE-2013-2415 CVE-2013-2417 CVE-2013-2419 CVE-2013-2420 CVE-2013-2421 CVE-2013-2422 CVE-2013-2424 CVE-2013-2426 CVE-2013-2429 CVE-2013-2430 CVE-2013-2431
MLIST:[distro-pkg-dev] 20130708 [SECURITY] IcedTea 2.4.1 for OpenJDK 7 Released! CVE-2013-4160
MLIST:[distro-pkg-dev] 20130919 IcedTea-Web 1.4.1 released! CVE-2012-4540
MLIST:[distro-pkg-dev] 20140305 IcedTea-Web 1.4.2 released! CVE-2013-6493
MLIST:[distro-pkg-dev] 20150911 IcedTea-Web 1.6.1 and 1.5.3 released CVE-2015-5234 CVE-2015-5235
MLIST:[djabberd] 20110604 CVE-2011-1757: djabberd billion laughs vulnerability CVE-2011-1757
MLIST:[djabberd] 20110613 Security Release DJabberd 0.85 CVE-2011-2206
MLIST:[django-developers] 20130914 Set a reasonable upper bound on password length CVE-2013-1443
MLIST:[dl-ticket-service] 20100311 dl 0.7 released CVE-2010-0963
MLIST:[dlab-dev] 20190524 [jira] [Created] (DLAB-723) Runc vulnerability CVE-2019-5736 CVE-2019-5736
MLIST:[dlab-dev] 20190524 [jira] [Updated] (DLAB-723) Runc vulnerability CVE-2019-5736 CVE-2019-5736
MLIST:[dlab-dev] 20190923 [jira] [Assigned] (DLAB-723) Runc vulnerability CVE-2019-5736 CVE-2019-5736
MLIST:[dlab-dev] 20200525 [jira] [Deleted] (DLAB-723) Runc vulnerability CVE-2019-5736 CVE-2019-5736
MLIST:[dns] 20090225 djbdns misformats some long response packets; patch and example CVE-2009-0858
MLIST:[dns] 20090304 djbdns<=1.05 lets AXFRed subdomains overwrite domains CVE-2009-0858
MLIST:[dnsmasq-discuss] 20080720 dnsmasq 2.44 available. CVE-2008-3350
MLIST:[dnsmasq-discuss] 20171002 Announce: dnsmasq-2.78. CVE-2017-13704 CVE-2017-14491 CVE-2017-14492 CVE-2017-14493 CVE-2017-14494 CVE-2017-14495 CVE-2017-14496
MLIST:[dnsmasq-discuss] 20171002 IMPORTANT SECURITY INFORMATION. CVE-2017-13704 CVE-2017-14491 CVE-2017-14492 CVE-2017-14493 CVE-2017-14494 CVE-2017-14495 CVE-2017-14496
MLIST:[dokuwiki] 20140918 Fwd: Dokuwiki (maybe) security issue: Null byte poisoning in LDAP authentication CVE-2014-8763 CVE-2014-8764
MLIST:[dolphinscheduler-commits] 20210121 [GitHub] [incubator-dolphinscheduler] c-f-cooper commented on pull request #4525: [Improvement-4506][LICENSE] upgrade the version of the commons-beanutils CVE-2019-10086
MLIST:[dolphinscheduler-commits] 20210121 [GitHub] [incubator-dolphinscheduler] lgcareer commented on pull request #4525: [Improvement-4506][LICENSE] upgrade the version of the commons-beanutils CVE-2019-10086
MLIST:[dolphinscheduler-commits] 20210223 [GitHub] [incubator-dolphinscheduler] CalvinKirs opened a new pull request #4851: [FIX-CVE-2020-11974] fix MySQLDataSource Security CVE-2020-11974
MLIST:[dolphinscheduler-commits] 20210223 [GitHub] [incubator-dolphinscheduler] sonarcloud[bot] commented on pull request #4851: [FIX-CVE-2020-11974] fix MySQLDataSource Security CVE-2020-11974
MLIST:[dolphinscheduler-commits] 20210223 [GitHub] [incubator-dolphinscheduler] sonarcloud[bot] removed a comment on pull request #4851: [FIX-CVE-2020-11974] fix MySQLDataSource Security CVE-2020-11974
MLIST:[dolphinscheduler-commits] 20210316 [GitHub] [incubator-dolphinscheduler] CalvinKirs opened a new pull request #5063: [1.3.6-prepare][#4851]fix MySQL datasource jdbc connect parameters #4851 CVE-2020-11974
MLIST:[dolphinscheduler-dev] 20211101 CVE-2021-27644: Apache DolphinScheduler: DolphinScheduler mysql jdbc connector parameters deserialize remote code execution CVE-2021-27644
MLIST:[doris-commits] 20210402 [GitHub] [incubator-doris] zh0122 opened a new pull request #5593: [FE][Bug] Update Spark version to fix a security issue CVE-2020-9480
MLIST:[doris-commits] 20210402 [GitHub] [incubator-doris] zh0122 opened a new pull request #5594: [FE][Bug]Update log4j-web to fix a security issue CVE-2017-5645
MLIST:[doris-commits] 20210402 [GitHub] [incubator-doris] zh0122 opened a new pull request #5595: [FE][Fix]Update commons-collections to fix a security issue CVE-2017-15708
MLIST:[dovecot-cvs] 20070330 dovecot/src/lib-storage/index/mbox mbox-storage.c, 1.145.2.14, 1.145.2.15 CVE-2007-2231
MLIST:[dovecot-news] 20070330 Security hole #3: zlib plugin allows opening any gziped mboxes CVE-2007-2231
MLIST:[dovecot-news] 20070801 v1.0.3 released CVE-2007-4211
MLIST:[dovecot-news] 20150513 [Dovecot-news] v2.2.17 released CVE-2015-3420
MLIST:[dovecot-news] 20161203 v2.2.27 released CVE-2016-8652
MLIST:[dovecot-news] 20170410 v2.2.29 released CVE-2017-2669
MLIST:[dovecot-news] 20180228 v2.2.34 released CVE-2017-14461 CVE-2017-15130 CVE-2017-15132
MLIST:[dovecot-news] 20190418 CVE-2019-10691: JSON encoder in Dovecot 2.3 incorrecty assert-crashes when encountering invalid UTF-8 characters. CVE-2019-10691
MLIST:[dovecot] 20101002 ACL handling bugs in v1.2.8+ and v2.0 CVE-2010-3779
MLIST:[dovecot] 20101002 v1.2.15 released CVE-2010-3779 CVE-2010-3780
MLIST:[dovecot] 20110511 v2.0.13 released CVE-2011-2166 CVE-2011-2167
MLIST:[dovecot] 20140508 Denial of Service attacks against Dovecot v1.1+ CVE-2014-3430
MLIST:[dovecot] 20150424 [patch] TLS Handshake failures can crash imap-login CVE-2015-3420
MLIST:[drat-dev] 20191029 [GitHub] [drat] ottlinger opened a new issue #202: Fix security issue in set-value CVE-2019-10747
MLIST:[drill-commits] 20210604 [drill] branch master updated: DRILL-7946: Bump HttpClient from 4.5.12 to 4.5.13 for CVE-2020-13956 (#2250) CVE-2020-13956
MLIST:[drill-commits] 20210804 [drill] branch master updated: Bump commons-compress from 1.20 to 1.21 for CVE-2021-36090 CVE-2021-36090
MLIST:[drill-dev] 20191017 Dependencies used by Drill contain known vulnerabilities CVE-2012-6708 CVE-2014-0107 CVE-2014-3577 CVE-2015-1832 CVE-2015-9251 CVE-2017-12610 CVE-2017-15288 CVE-2018-1000850 CVE-2018-1000873 CVE-2018-10237 CVE-2018-11307 CVE-2018-12022 CVE-2018-12023 CVE-2018-1288 CVE-2018-1313 CVE-2018-1320 CVE-2018-14040 CVE-2018-14041 CVE-2018-14042 CVE-2018-14718 CVE-2018-14719 CVE-2018-14720 CVE-2018-14721 CVE-2018-17196 CVE-2018-19360 CVE-2018-19361 CVE-2018-19362 CVE-2018-20200 CVE-2019-0201 CVE-2019-0212 CVE-2019-10086 CVE-2019-11358 CVE-2019-12086 CVE-2019-12384 CVE-2019-12814 CVE-2019-14379 CVE-2019-14439 CVE-2019-14540 CVE-2019-16335 CVE-2019-16869 CVE-2019-16942 CVE-2019-16943 CVE-2019-17267 CVE-2019-8331
MLIST:[drill-dev] 20191021 [jira] [Created] (DRILL-7416) Updates required to dependencies to resolve potential security vulnerabilities CVE-2012-6708 CVE-2014-0107 CVE-2014-3577 CVE-2015-1832 CVE-2015-9251 CVE-2017-12610 CVE-2017-15288 CVE-2017-9735 CVE-2018-1000850 CVE-2018-1000873 CVE-2018-10237 CVE-2018-11307 CVE-2018-12022 CVE-2018-12023 CVE-2018-1288 CVE-2018-1313 CVE-2018-1320 CVE-2018-14040 CVE-2018-14041 CVE-2018-14042 CVE-2018-14718 CVE-2018-14719 CVE-2018-14720 CVE-2018-14721 CVE-2018-17196 CVE-2018-19360 CVE-2018-19361 CVE-2018-19362 CVE-2018-20200 CVE-2019-0201 CVE-2019-0212 CVE-2019-10086 CVE-2019-10241 CVE-2019-10247 CVE-2019-11358 CVE-2019-12086 CVE-2019-12384 CVE-2019-12814 CVE-2019-14379 CVE-2019-14439 CVE-2019-14540 CVE-2019-16335 CVE-2019-16869 CVE-2019-16942 CVE-2019-16943 CVE-2019-17267 CVE-2019-8331
MLIST:[drill-dev] 20210604 [GitHub] [drill] cgivre commented on pull request #2250: DRILL-7946: Bump HttpClient from 4.5.12 to 4.5.13 for CVE-2020-13956 CVE-2020-13956
MLIST:[drill-dev] 20210604 [GitHub] [drill] laurentgo merged pull request #2250: DRILL-7946: Bump HttpClient from 4.5.12 to 4.5.13 for CVE-2020-13956 CVE-2020-13956
MLIST:[drill-dev] 20210604 [GitHub] [drill] luocooong commented on pull request #2250: DRILL-7946: Bump HttpClient from 4.5.12 to 4.5.13 for CVE-2020-13956 CVE-2020-13956
MLIST:[drill-dev] 20210604 [GitHub] [drill] luocooong opened a new pull request #2250: DRILL-7946: Bump HttpClient from 4.5.12 to 4.5.13 for CVE-2020-13956 CVE-2020-13956
MLIST:[drill-dev] 20210604 [jira] [Created] (DRILL-7946) Bump HttpClient from 4.5.12 to 4.5.13 for CVE-2020-13956 CVE-2020-13956
MLIST:[drill-dev] 20210604 [jira] [Resolved] (DRILL-7946) Bump HttpClient from 4.5.12 to 4.5.13 for CVE-2020-13956 CVE-2020-13956
MLIST:[drill-dev] 20210803 [jira] [Created] (DRILL-7981) Bump commons-compress from 1.20 to 1.21 for CVE-2021-36090 CVE-2021-36090
MLIST:[drill-dev] 20210804 [GitHub] [drill] luocooong merged pull request #2285: DRILL-7981: Bump commons-compress from 1.20 to 1.21 for CVE-2021-36090 CVE-2021-36090
MLIST:[drill-dev] 20210804 [GitHub] [drill] luocooong opened a new pull request #2285: Bump commons-compress from 1.20 to 1.21 for CVE-2021-36090 CVE-2021-36090
MLIST:[drill-dev] 20210805 [GitHub] [drill] luocooong merged pull request #2285: DRILL-7981: Bump commons-compress from 1.20 to 1.21 for CVE-2021-36090 CVE-2021-36090
MLIST:[drill-dev] 20210810 [GitHub] [drill] ssainz opened a new issue #2294: CVE-2018-21234 in Hive 3.1.2, should upgrade to 3.21.3 CVE-2018-21234
MLIST:[drill-issues] 20191021 [jira] [Created] (DRILL-7416) Updates required to dependencies to resolve potential security vulnerabilities CVE-2012-6708 CVE-2014-3577 CVE-2015-1832 CVE-2015-9251 CVE-2017-12610 CVE-2017-15288 CVE-2017-9735 CVE-2018-1000850 CVE-2018-1000873 CVE-2018-10237 CVE-2018-11307 CVE-2018-12022 CVE-2018-12023 CVE-2018-1288 CVE-2018-1313 CVE-2018-1320 CVE-2018-14040 CVE-2018-14041 CVE-2018-14042 CVE-2018-14718 CVE-2018-14719 CVE-2018-14720 CVE-2018-14721 CVE-2018-17196 CVE-2018-19360 CVE-2018-19361 CVE-2018-19362 CVE-2018-20200 CVE-2019-0201 CVE-2019-0212 CVE-2019-10086 CVE-2019-10241 CVE-2019-10247 CVE-2019-11358 CVE-2019-12086 CVE-2019-12384 CVE-2019-12814 CVE-2019-14379 CVE-2019-14439 CVE-2019-14540 CVE-2019-16335 CVE-2019-16869 CVE-2019-16942 CVE-2019-16943 CVE-2019-17267 CVE-2019-8331
MLIST:[drill-issues] 20210604 [jira] [Commented] (DRILL-7946) Bump HttpClient from 4.5.12 to 4.5.13 for CVE-2020-13956 CVE-2020-13956
MLIST:[drill-issues] 20210604 [jira] [Created] (DRILL-7946) Bump HttpClient from 4.5.12 to 4.5.13 for CVE-2020-13956 CVE-2020-13956
MLIST:[drill-issues] 20210604 [jira] [Resolved] (DRILL-7946) Bump HttpClient from 4.5.12 to 4.5.13 for CVE-2020-13956 CVE-2020-13956
MLIST:[drill-issues] 20210803 [jira] [Created] (DRILL-7981) Bump commons-compress from 1.20 to 1.21 for CVE-2021-36090 CVE-2021-36090
MLIST:[drill-issues] 20210804 [jira] [Commented] (DRILL-7981) Bump commons-compress from 1.20 to 1.21 for CVE-2021-36090 CVE-2021-36090
MLIST:[drill-issues] 20210805 [jira] [Commented] (DRILL-7981) Bump commons-compress from 1.20 to 1.21 for CVE-2021-36090 CVE-2021-36090
MLIST:[dropbear] 20051211 Dropbear 0.47 (and security fix) CVE-2005-4178
MLIST:[druid-commits] 20191115 [GitHub] [incubator-druid] ccaominh opened a new pull request #8878: Address security vulnerabilities CVE-2014-8147 CVE-2015-2156 CVE-2017-1000487 CVE-2017-12972 CVE-2017-12974 CVE-2017-3166 CVE-2017-5645 CVE-2017-7525 CVE-2017-7536 CVE-2017-7656 CVE-2017-7657 CVE-2017-7658 CVE-2018-10936 CVE-2018-11767 CVE-2018-12545 CVE-2019-12402 CVE-2019-16869 CVE-2019-9518
MLIST:[druid-commits] 20200114 [GitHub] [druid] ccaominh opened a new pull request #9189: Suppress CVE-2019-20330 for htrace-core-4.0.1 CVE-2019-20330
MLIST:[druid-commits] 20200115 [GitHub] [druid] ccaominh opened a new pull request #9191: [Backport] Suppress CVE-2019-20330 for htrace-core-4.0.1 (#9189) CVE-2019-20330
MLIST:[druid-commits] 20200115 [GitHub] [druid] clintropolis merged pull request #9189: Suppress CVE-2019-20330 for htrace-core-4.0.1 CVE-2019-20330
MLIST:[druid-commits] 20200115 [GitHub] [druid] clintropolis merged pull request #9191: [Backport] Suppress CVE-2019-20330 for htrace-core-4.0.1 (#9189) CVE-2019-20330
MLIST:[druid-commits] 20200115 [druid] branch 0.17.0 updated: Suppress CVE-2019-20330 for htrace-core-4.0.1 (#9189) (#9191) CVE-2019-16943 CVE-2019-17267 CVE-2019-17531 CVE-2019-20330
MLIST:[druid-commits] 20200126 [GitHub] [druid] clintropolis commented on a change in pull request #9259: fix build by updating kafka client to 2.2.2 for CVE-2019-12399 CVE-2019-12399
MLIST:[druid-commits] 20200126 [GitHub] [druid] clintropolis commented on issue #9259: fix build by updating kafka client to 2.2.2 for CVE-2019-12399 CVE-2019-12399
MLIST:[druid-commits] 20200126 [GitHub] [druid] clintropolis opened a new pull request #9259: fix build by updating kafka client to 2.2.2 for CVE-2019-12399 CVE-2019-12399
MLIST:[druid-commits] 20200126 [GitHub] [druid] suneet-s commented on a change in pull request #9259: fix build by updating kafka client to 2.2.2 for CVE-2019-12399 CVE-2019-12399
MLIST:[druid-commits] 20200127 [GitHub] [druid] ccaominh closed pull request #9261: Address CVE-2019-12399 CVE-2019-12399
MLIST:[druid-commits] 20200127 [GitHub] [druid] ccaominh commented on issue #9259: fix build by updating kafka client to 2.2.2 for CVE-2019-12399 CVE-2019-12399
MLIST:[druid-commits] 20200127 [GitHub] [druid] ccaominh commented on issue #9261: Address CVE-2019-12399 CVE-2019-12399
MLIST:[druid-commits] 20200127 [GitHub] [druid] ccaominh opened a new pull request #9261: Address CVE-2019-12399 CVE-2019-12399
MLIST:[druid-commits] 20200127 [GitHub] [druid] clintropolis commented on a change in pull request #9259: fix build by updating kafka client to 2.2.2 for CVE-2019-12399 CVE-2019-12399
MLIST:[druid-commits] 20200127 [GitHub] [druid] clintropolis commented on a change in pull request #9261: Address CVE-2019-12399 CVE-2019-12399
MLIST:[druid-commits] 20200127 [GitHub] [druid] clintropolis commented on issue #9259: fix build by updating kafka client to 2.2.2 for CVE-2019-12399 CVE-2019-12399
MLIST:[druid-commits] 20200127 [GitHub] [druid] jihoonson merged pull request #9259: fix build by updating kafka client to 2.2.2 for CVE-2019-12399 CVE-2019-12399
MLIST:[druid-commits] 20200127 [GitHub] [druid] suneet-s commented on a change in pull request #9259: fix build by updating kafka client to 2.2.2 for CVE-2019-12399 CVE-2019-12399
MLIST:[druid-commits] 20200131 [GitHub] [druid] ccaominh commented on a change in pull request #9300: Fix / suppress netty CVEs CVE-2019-20445 and CVE-2019-20444 CVE-2019-16869 CVE-2019-20444 CVE-2019-20445
MLIST:[druid-commits] 20200131 [GitHub] [druid] gianm merged pull request #9300: Fix / suppress netty CVEs CVE-2019-20445 and CVE-2019-20444 CVE-2019-20444 CVE-2019-20445
MLIST:[druid-commits] 20200131 [GitHub] [druid] zachjsh opened a new pull request #9300: Fix / suppress netty CVEs CVE-2019-20445 and CVE-2019-20444 CVE-2019-20444 CVE-2019-20445
MLIST:[druid-commits] 20200219 [GitHub] [druid] ccaominh opened a new pull request #9379: Suppress CVE-2020-8840 for htrace-core-4.0.1 CVE-2020-8840
MLIST:[druid-commits] 20200219 [GitHub] [druid] suneet-s commented on issue #9379: Suppress CVE-2020-8840 for htrace-core-4.0.1 CVE-2020-8840
MLIST:[druid-commits] 20200221 [GitHub] [druid] ccaominh merged pull request #9379: Suppress CVE-2020-8840 for htrace-core-4.0.1 CVE-2020-8840
MLIST:[druid-commits] 20200401 [GitHub] [druid] jihoonson merged pull request #9600: Fix for [CVE-2020-1958] Apache Druid LDAP injection vulnerability CVE-2020-1958
MLIST:[druid-commits] 20200401 [GitHub] [druid] lgtm-com[bot] commented on issue #9600: Fix for [CVE-2020-1958] Apache Druid LDAP injection vulnerability CVE-2020-1958
MLIST:[druid-commits] 20200401 [druid] branch master updated: Fix for [CVE-2020-1958]: Apache Druid LDAP injection vulnerability (#9600) CVE-2020-1958
MLIST:[druid-commits] 20200403 [GitHub] [druid] jon-wei opened a new pull request #9612: [Backport] Fix for [CVE-2020-1958]: Apache Druid LDAP injection vulnerability (#9600) CVE-2020-1958
MLIST:[druid-commits] 20200404 [GitHub] [druid] clintropolis merged pull request #9612: [Backport] Fix for [CVE-2020-1958]: Apache Druid LDAP injection vulnerability (#9600) CVE-2020-1958
MLIST:[druid-commits] 20200404 [druid] branch 0.18.0 updated: Fix for [CVE-2020-1958]: Apache Druid LDAP injection vulnerability (#9600) (#9612) CVE-2020-1958
MLIST:[druid-commits] 20200406 [GitHub] [druid] ccaominh commented on issue #9579: Add Apache Ranger Authorization CVE-2018-17196 CVE-2019-12399 CVE-2019-17571
MLIST:[druid-commits] 20200408 [GitHub] [druid] ccaominh opened a new pull request #9651: Upgrade netty 4 to fix CVE-2020-11612 CVE-2020-11612
MLIST:[druid-commits] 20200409 [GitHub] [druid] ccaominh commented on issue #9654: [Backport] Upgrade netty 4 to fix CVE-2020-11612 (#9651) CVE-2020-11612
MLIST:[druid-commits] 20200409 [GitHub] [druid] ccaominh opened a new pull request #9654: [Backport] Upgrade netty 4 to fix CVE-2020-11612 (#9651) CVE-2020-11612
MLIST:[druid-commits] 20200409 [GitHub] [druid] jon-wei merged pull request #9651: Upgrade netty 4 to fix CVE-2020-11612 CVE-2020-11612
MLIST:[druid-commits] 20200409 [GitHub] [druid] jon-wei merged pull request #9654: [Backport] Upgrade netty 4 to fix CVE-2020-11612 (#9651) CVE-2020-11612
MLIST:[druid-commits] 20200409 [druid] branch 0.18.0 updated: Upgrade netty 4 to fix CVE-2020-11612 (#9651) (#9654) CVE-2020-11612
MLIST:[druid-commits] 20200520 [GitHub] [druid] ccaominh opened a new pull request #9903: Suppress CVEs for openstack-keystone CVE-2020-12689 CVE-2020-12690 CVE-2020-12691
MLIST:[druid-commits] 20200724 [GitHub] [druid] suneet-s opened a new pull request #10214: Suppress CVE-2020-7692 CVE-2020-7692
MLIST:[druid-commits] 20200727 [druid] branch master updated: Suppress CVE-2020-7692 (#10214) CVE-2020-7692
MLIST:[druid-commits] 20201007 [GitHub] [druid] jon-wei opened a new pull request #10485: Suppress CVE-2018-11765 for hadoop dependencies CVE-2018-11765
MLIST:[druid-commits] 20201008 [GitHub] [druid] jon-wei merged pull request #10485: Suppress CVE-2018-11765 for hadoop dependencies CVE-2018-11765
MLIST:[druid-commits] 20201008 [GitHub] [druid] jon-wei merged pull request #10492: [Backport] Suppress CVE-2018-11765 for hadoop dependencies (#10485) CVE-2018-11765
MLIST:[druid-commits] 20201008 [GitHub] [druid] jon-wei opened a new pull request #10492: [Backport] Suppress CVE-2018-11765 for hadoop dependencies (#10485) CVE-2018-11765
MLIST:[druid-commits] 20201008 [druid] branch 0.20.0 updated: Suppress CVE-2018-11765 for hadoop dependencies (#10485) (#10492) CVE-2018-11765 CVE-2018-8009 CVE-2018-8029
MLIST:[druid-commits] 20201008 [druid] branch master updated: Suppress CVE-2018-11765 for hadoop dependencies (#10485) CVE-2018-11765 CVE-2018-8009 CVE-2018-8029
MLIST:[druid-commits] 20201009 [GitHub] [druid] jon-wei merged pull request #10485: Suppress CVE-2018-11765 for hadoop dependencies CVE-2018-11765
MLIST:[druid-commits] 20201009 [GitHub] [druid] jon-wei merged pull request #10492: [Backport] Suppress CVE-2018-11765 for hadoop dependencies (#10485) CVE-2018-11765
MLIST:[druid-commits] 20201009 [GitHub] [druid] jon-wei opened a new pull request #10492: [Backport] Suppress CVE-2018-11765 for hadoop dependencies (#10485) CVE-2018-11765
MLIST:[druid-commits] 20201106 [GitHub] [druid] suneet-s opened a new pull request #10563: Bump jetty to latest version CVE-2020-27216
MLIST:[druid-commits] 20201208 [GitHub] [druid] jihoonson opened a new pull request #10655: Bump up jackson-databind to 2.10.5.1 CVE-2020-25649
MLIST:[druid-commits] 20210107 [GitHub] [druid] clintropolis merged pull request #10733: Update deps for CVE-2020-28168 and CVE-2020-28052 CVE-2020-28052 CVE-2020-28168
MLIST:[druid-commits] 20210107 [GitHub] [druid] jon-wei opened a new pull request #10733: Update deps for CVE-2020-28168 and CVE-2020-28052 CVE-2020-28052 CVE-2020-28168
MLIST:[druid-commits] 20210127 [druid] 01/02: Update deps for CVE-2020-28168 and CVE-2020-28052 (#10733) CVE-2020-28052 CVE-2020-28168
MLIST:[druid-commits] 20210201 [GitHub] [druid] jon-wei opened a new pull request #10826: Address CVE-2020-8570, suppress CVE-2020-8554 CVE-2020-8554 CVE-2020-8570
MLIST:[druid-commits] 20210202 [GitHub] [druid] jon-wei opened a new pull request #10826: Address CVE-2020-8570, suppress CVE-2020-8554 CVE-2020-8554 CVE-2020-8570
MLIST:[druid-commits] 20210203 [GitHub] [druid] jihoonson commented on pull request #10826: Address CVE-2020-8570, suppress CVE-2020-8554 CVE-2020-8554 CVE-2020-8570
MLIST:[druid-commits] 20210203 [GitHub] [druid] jihoonson commented on pull request #10847: Suppress CVE-2020-9492 for hadoop-mapreduce-client-core CVE-2020-9492
MLIST:[druid-commits] 20210203 [GitHub] [druid] jihoonson merged pull request #10826: Address CVE-2020-8570, suppress CVE-2020-8554 CVE-2020-8554 CVE-2020-8570
MLIST:[druid-commits] 20210203 [GitHub] [druid] jihoonson merged pull request #10847: Suppress CVE-2020-9492 for hadoop-mapreduce-client-core CVE-2020-9492
MLIST:[druid-commits] 20210203 [GitHub] [druid] jihoonson opened a new pull request #10847: Suppress CVE-2020-9492 for hadoop-mapreduce-client-core CVE-2020-9492
MLIST:[druid-commits] 20210204 [GitHub] [druid] jihoonson commented on pull request #10818: Fix CVE-2021-25646 CVE-2021-25646
MLIST:[druid-commits] 20210204 [GitHub] [druid] jihoonson merged pull request #10818: Fix CVE-2021-25646 CVE-2021-25646
MLIST:[druid-commits] 20210204 [GitHub] [druid] jihoonson merged pull request #10854: [Backport] Fix CVE-2021-25646 CVE-2021-25646
MLIST:[druid-commits] 20210204 [GitHub] [druid] jihoonson opened a new pull request #10854: [Backport] Fix CVE-2021-25646 CVE-2021-25646
MLIST:[druid-commits] 20210204 [druid] branch 0.21.0 updated: Fix CVE-2021-25646 (#10818) (#10854) CVE-2021-25646
MLIST:[druid-commits] 20210205 [GitHub] [druid] jihoonson commented on pull request #10818: Fix CVE-2021-25646 CVE-2021-25646
MLIST:[druid-commits] 20210205 [GitHub] [druid] jihoonson merged pull request #10818: Fix CVE-2021-25646 CVE-2021-25646
MLIST:[druid-commits] 20210205 [GitHub] [druid] jihoonson merged pull request #10854: [Backport] Fix CVE-2021-25646 CVE-2021-25646
MLIST:[druid-commits] 20210205 [GitHub] [druid] jihoonson opened a new pull request #10854: [Backport] Fix CVE-2021-25646 CVE-2021-25646
MLIST:[druid-commits] 20210225 [GitHub] [druid] liangrui1988 commented on pull request #10847: Suppress CVE-2020-9492 for hadoop-mapreduce-client-core CVE-2020-9492
MLIST:[druid-commits] 20210226 [GitHub] [druid] kingnj opened a new issue #10926: Hello, are there any plans to fix the CVE-2017-7657 and CVE-2017-7658 vulnerabilities of Jetty CVE-2017-7657 CVE-2017-7658
MLIST:[druid-commits] 20210302 [GitHub] [druid] a2l007 opened a new pull request #10937: Upgrade jetty to latest version CVE-2020-27223
MLIST:[druid-commits] 20210302 [GitHub] [druid] abhishekagarwal87 opened a new pull request #10933: Suppress CVE-2017-15288 and upgrade bcprov-ext-jdk15on CVE-2017-15288
MLIST:[druid-commits] 20210302 [GitHub] [druid] maytasm merged pull request #10933: Suppress CVE-2017-15288 and upgrade bcprov-ext-jdk15on CVE-2017-15288
MLIST:[druid-commits] 20210304 [GitHub] [druid] suneet-s closed issue #10926: Hello, are there any plans to fix the CVE-2017-7657 and CVE-2017-7658 vulnerabilities of Jetty CVE-2017-7657 CVE-2017-7658
MLIST:[druid-commits] 20210304 [GitHub] [druid] suneet-s commented on issue #10926: Hello, are there any plans to fix the CVE-2017-7657 and CVE-2017-7658 vulnerabilities of Jetty CVE-2017-7657 CVE-2017-7658
MLIST:[druid-commits] 20210316 [GitHub] [druid] clintropolis opened a new pull request #11002: suppress CVE check for security fix CVE-2020-13936
MLIST:[druid-commits] 20210324 [GitHub] [druid] jihoonson opened a new issue #11028: Bump Thrift library version CVE-2020-13949
MLIST:[druid-commits] 20210324 [GitHub] [druid] jihoonson opened a new pull request #11030: Suppress cves CVE-2018-14718 CVE-2018-7489 CVE-2019-0193 CVE-2019-17558 CVE-2020-13941 CVE-2020-13949 CVE-2020-13957
MLIST:[druid-commits] 20210401 [GitHub] [druid] jihoonson merged pull request #11047: Allow list for JDBC connection properties to address CVE-2021-26919 CVE-2021-26919
MLIST:[druid-commits] 20210412 [GitHub] [druid] jihoonson merged pull request #11100: [Backport] Allow list for JDBC connection properties to address CVE-2021-26919 CVE-2021-26919
MLIST:[druid-commits] 20210412 [GitHub] [druid] jihoonson opened a new pull request #11100: [Backport] Allow list for JDBC connection properties to address CVE-2021-26919 CVE-2021-26919
MLIST:[druid-commits] 20210506 [GitHub] [druid] clintropolis opened a new pull request #11217: [Backport] Suppressing false positive CVE-2020-7791 CVE-2020-7791
MLIST:[druid-commits] 20210506 [GitHub] [druid] jihoonson commented on a change in pull request #11215: Suppressing false positive CVE-2020-7791 CVE-2019-17195 CVE-2020-7791
MLIST:[druid-commits] 20210506 [GitHub] [druid] maytasm commented on a change in pull request #11215: Suppressing false positive CVE-2020-7791 CVE-2019-17195 CVE-2020-7791
MLIST:[druid-commits] 20210506 [GitHub] [druid] maytasm merged pull request #11215: Suppressing false positive CVE-2020-7791 CVE-2020-7791
MLIST:[druid-commits] 20210506 [GitHub] [druid] maytasm opened a new pull request #11215: Suppressing false positive CVE-2020-7791 CVE-2020-7791
MLIST:[druid-commits] 20210507 [GitHub] [druid] clintropolis commented on pull request #11217: [Backport] Suppressing false positive CVE-2020-7791 CVE-2020-7791
MLIST:[druid-commits] 20210507 [GitHub] [druid] clintropolis merged pull request #11217: [Backport] Suppressing false positive CVE-2020-7791 CVE-2020-7791
MLIST:[druid-commits] 20210507 [druid] branch 0.21.1 updated: Suppressing false positive CVE-2020-7791 (#11215) (#11217) CVE-2019-17195 CVE-2020-7791
MLIST:[druid-commits] 20210513 [GitHub] [druid] clintropolis commented on pull request #11251: [Backport] suppress CVE-2020-13949 again for a time CVE-2020-13949
MLIST:[druid-commits] 20210513 [GitHub] [druid] clintropolis merged pull request #11250: suppress CVE-2020-13949 again for a time CVE-2020-13949
MLIST:[druid-commits] 20210513 [GitHub] [druid] clintropolis merged pull request #11251: [Backport] suppress CVE-2020-13949 again for a time CVE-2020-13949
MLIST:[druid-commits] 20210513 [GitHub] [druid] clintropolis opened a new pull request #11250: suppress CVE-2020-13949 again for a time CVE-2020-13949
MLIST:[druid-commits] 20210513 [GitHub] [druid] clintropolis opened a new pull request #11251: [Backport] suppress CVE-2020-13949 again for a time CVE-2020-13949
MLIST:[druid-commits] 20210712 [GitHub] [druid] zachjsh merged pull request #11438: Suppress CVE-2021-27568 from json-smart 2.3 dependency CVE-2021-27568
MLIST:[druid-commits] 20210712 [GitHub] [druid] zachjsh opened a new pull request #11438: Suppress CVE-2021-27568 from json-smart 2.3 dependency CVE-2021-27568
MLIST:[druid-commits] 20210712 [druid] branch master updated: Suppress CVE-2021-27568 from json-smart 2.3 dependency (#11438) CVE-2020-12690 CVE-2020-12691 CVE-2021-27568
MLIST:[druid-commits] 20210726 [GitHub] [druid] suneet-s merged pull request #11496: Address CVE-2021-35515 CVE-2021-36090 CVE-2021-35515 CVE-2021-36090
MLIST:[druid-commits] 20210726 [GitHub] [druid] suneet-s opened a new pull request #11496: Address CVE-2021-35515 CVE-2021-36090 CVE-2021-35515 CVE-2021-36090
MLIST:[druid-commits] 20210726 [druid] branch master updated: Address CVE-2021-35515 CVE-2021-36090 (#11496) CVE-2021-35515 CVE-2021-36090
MLIST:[druid-commits] 20210809 [GitHub] [druid] abhishekagarwal87 merged pull request #11562: suppress CVE-2021-26291 on kafka-clients CVE-2021-26291
MLIST:[druid-commits] 20210809 [GitHub] [druid] abhishekagarwal87 opened a new pull request #11562: suppress CVE-2021-26291 on kafka-clients CVE-2021-26291
MLIST:[druid-commits] 20210809 [GitHub] [druid] jihoonson commented on pull request #11562: suppress CVE-2021-26291 on kafka-clients CVE-2021-26291
MLIST:[druid-commits] 20211008 [GitHub] [druid] andreacyc closed pull request #11786: Fix CVE-2021-3749 reported in security vulnerabilities job CVE-2021-3749
MLIST:[druid-commits] 20211008 [GitHub] [druid] andreacyc opened a new pull request #11786: Fix CVE-2021-3749 reported in security vulnerabilities job CVE-2021-3749
MLIST:[druid-commits] 20211008 [GitHub] [druid] jihoonson commented on pull request #11786: Fix CVE-2021-3749 reported in security vulnerabilities job CVE-2021-3749
MLIST:[druid-commits] 20211009 [GitHub] [druid] andreacyc commented on pull request #11786: Fix CVE-2021-3749 reported in security vulnerabilities job CVE-2021-3749
MLIST:[druid-commits] 20211009 [GitHub] [druid] andreacyc opened a new pull request #11786: Fix CVE-2021-3749 reported in security vulnerabilities job CVE-2021-3749
MLIST:[druid-commits] 20211009 [GitHub] [druid] jihoonson closed pull request #11786: Fix CVE-2021-3749 reported in security vulnerabilities job CVE-2021-3749
MLIST:[druid-commits] 20211009 [GitHub] [druid] jihoonson commented on pull request #11786: Fix CVE-2021-3749 reported in security vulnerabilities job CVE-2021-3749
MLIST:[druid-commits] 20211009 [GitHub] [druid] jihoonson merged pull request #11786: Fix CVE-2021-3749 reported in security vulnerabilities job CVE-2021-3749
MLIST:[druid-commits] 20211009 [druid] branch master updated: Fix CVE-2021-3749 reported in security vulnerabilities job (#11786) CVE-2021-3749
MLIST:[druid-commits] 20211025 [GitHub] [druid] a2l007 commented on pull request #11844: Bump netty4 to 4.1.68; suppress CVE-2021-37136 and CVE-2021-37137 for netty3 CVE-2021-37136 CVE-2021-37137
MLIST:[druid-commits] 20211025 [GitHub] [druid] jihoonson commented on pull request #11844: Bump netty4 to 4.1.68; suppress CVE-2021-37136 and CVE-2021-37137 for netty3 CVE-2021-37136 CVE-2021-37137
MLIST:[druid-commits] 20211025 [GitHub] [druid] jihoonson opened a new pull request #11844: Bump netty4 to 4.1.68; suppress CVE-2021-37136 and CVE-2021-37137 for netty3 CVE-2021-32626 CVE-2021-37136 CVE-2021-37137
MLIST:[druid-commits] 20211026 [GitHub] [druid] clintropolis merged pull request #11844: Bump netty4 to 4.1.68; suppress CVE-2021-37136 and CVE-2021-37137 for netty3 CVE-2021-37136 CVE-2021-37137
MLIST:[druid-commits] 20211026 [GitHub] [druid] jihoonson commented on pull request #11844: Bump netty4 to 4.1.68; suppress CVE-2021-37136 and CVE-2021-37137 for netty3 CVE-2021-37136 CVE-2021-37137
MLIST:[druid-dev] 20201007 [CANCEL][VOTE] Release Apache Druid 0.20.0 [RC1] CVE-2018-11765
MLIST:[druid-dev] 20210129 Re: CVE-2021-25646: Authenticated users can override system configurations in their requests which allows them to execute arbitrary code. CVE-2021-25646
MLIST:[druid-dev] 20210129 Re: [druid-user] Re: CVE-2021-25646: Authenticated users can override system configurations in their requests which allows them to execute arbitrary code. CVE-2021-25646
MLIST:[druid-dev] 20210331 Regarding the 0.21.0 release CVE-2021-25646 CVE-2021-26919
MLIST:[druid-dev] 20210401 Re: Subject: [CVE-2021-26919] Authenticated users can execute arbitrary code from malicious MySQL database systems CVE-2021-26919
MLIST:[druid-dev] 20210405 Re: Regarding the CVSS score for CVE-2021-26919 CVE-2021-26919
MLIST:[druid-dev] 20210405 Regarding the CVSS score for CVE-2021-26919 CVE-2021-26919
MLIST:[druid-dev] 20210414 Re: Regarding the CVSS score for CVE-2021-26919 CVE-2021-26919
MLIST:[druid-dev] 20210923 CVE-2021-36749: Apache Druid: The HTTP inputSource allows authenticated users to read data from other sources than intended (incomplete fix of CVE-2021-26920) CVE-2021-26920
MLIST:[druid-dev] 20211009 [CRON] Passed: apache/druid#33528 (master - adb2237) CVE-2021-3749
MLIST:[dtcannounce] 20110303 Fwd: [SECURITY] [DSA 2179-1] dtc security update CVE-2011-0434 CVE-2011-0435 CVE-2011-0436 CVE-2011-0437
MLIST:[dubbo-dev] 20210531 [CVE-2021-25640] Open Redirect or SSRF vulnerability usage of parseURL CVE-2021-25640
MLIST:[dubbo-dev] 20210531 [CVE-2021-30179]Pre-auth RCE via Java deserialization in the Generic filter CVE-2021-30179
MLIST:[dubbo-notifications] 20211101 [GitHub] [dubbo] AlbumenJ opened a new issue #9177: Upgrade Zookeeper dependency CVE-2016-5017
MLIST:[dulwich-users] 20141219 Re: Git vulnerability CVE-2014-9390 CVE-2014-9706
MLIST:[ebd-devel] 20060502 actualización de seguridad CVE-2006-2349
MLIST:[ecryptfs-devel] 20081222 Re: [PATCH, v5] eCryptfs: check readlink result was not an error before using it CVE-2009-0269
MLIST:[egroupware-german] 20110805 new EGroupware SECURITY & maintenance release 1.8.001.20110805 CVE-2011-4948 CVE-2011-4949 CVE-2011-4950 CVE-2011-4951
MLIST:[ekiga-list] 20070917 [ANNOUNCE] Ekiga 2.0.10 released CVE-2007-4924
MLIST:[elfutils-devel] 20140409 [PATCH] CVE-2014-0172 Check for overflow before calling malloc to uncompress data. CVE-2014-0172
MLIST:[elfutils-devel] 20141227 Directory traversal in `ar` CVE-2014-9447
MLIST:[elfutils-devel] 20161021 [PATCH] libelf: Sanity check offset and size before trying to malloc and read data. CVE-2016-10255
MLIST:[elfutils-devel] 20161024 [PATCH] libelf: Always set ELF maxsize when reading an ELF file for sanity checks. CVE-2016-10254
MLIST:[elinks-users] 20080204 [ANNOUNCE] ELinks 0.11.4rc0 CVE-2008-7224
MLIST:[emacs-devel] 20071003 temp file hole? CVE-2007-5377
MLIST:[emacs-devel] 20071004 Re: temp file hole? CVE-2007-5377
MLIST:[emacs-devel] 20080510 [mwelinder@bogus.example.com: Emacs security bug] CVE-2008-2142
MLIST:[emacs-devel] 20080905 Vulnerability in Emacs python integration CVE-2008-3949
MLIST:[emacs-diffs] 20140506 emacs-24 r117066: * gnus-fun.el (gnus-grab-cam-face): Do not use predictable temp-file name. CVE-2014-3421
MLIST:[emacs-diffs] 20140506 emacs-24 r117067: find-gc.el misc fixes CVE-2014-3422
MLIST:[emacs-diffs] 20140506 emacs-24 r117068: browse-url.el comment CVE-2014-3423 CVE-2014-3425 CVE-2014-3426
MLIST:[emacs-diffs] 20140506 emacs-24 r117071: Fix Bug#17415. CVE-2014-3424
MLIST:[emdros-announce] 20061201 Emdros version 1.2.0.pre231 released CVE-2006-6395
MLIST:[enomalism] 20081212 ECP 2.1.1 Released CVE-2008-4990
MLIST:[eoc] 20061213 EoC 1.2.4 -- security problem fixed, please upgrade immediately CVE-2006-5875
MLIST:[erlang-questions] 20171123 Patch Package: OTP 18.3.4.7 CVE-2017-1000385
MLIST:[erlang-questions] 20171123 Patch Package: OTP 19.3.6.4 CVE-2017-1000385
MLIST:[erlang-questions] 20171123 Patch Package: OTP 20.1.7 CVE-2017-1000385
MLIST:[esapi-dev] 20130821 ESAPI Java and Authenticated encryption implementation CVE-2013-5679 CVE-2013-5960
MLIST:[ethereal-dev] 20040318 ethereal radius dissector vulnerability CVE-2004-0365
MLIST:[ewg] 20101021 [PATCH] security fix in openibd script CVE-2010-1693
MLIST:[exim-announce] 20020219 Exim 3.35 released CVE-2002-0274
MLIST:[exim-announce] 20110509 Exim 4.76 Release CVE-2011-1407
MLIST:[exim-announce] 20110512 Exim 4.76 Release: updated impact assessment CVE-2011-1407
MLIST:[exim-announce] 20121026 Exim 4.80.1 Security Release CVE-2012-5671
MLIST:[exim-announce] 20140528 [exim] Exim 4.82.1 Security Release CVE-2014-2957
MLIST:[exim-dev] 20100524 Security issues in exim4 local delivery CVE-2010-2023 CVE-2010-2024
MLIST:[exim] 20050104 2 smallish security issues CVE-2005-0021 CVE-2005-0022
MLIST:[exim] 20140722 [exim] Exim 4.83 Released CVE-2014-2972
MLIST:[exim] 20140722 [exim] Exim Security Advisory CVE-2014-2972 CVE-2014-2972
MLIST:[expat-bugs] 20090117 [ expat-Bugs-1990430 ] Parser crash with specially formatted UTF-8 sequences CVE-2009-3720
MLIST:[expat-bugs] 20091108 [ expat-Bugs-2894085 ] expat: buffer over-read and crash in big2_toUtf8() CVE-2009-3560
MLIST:[exploits] 20061201 0-day BlazeHDTV v2.1 Malformed PLF Buffer Overflow Exploit CVE-2006-6199
MLIST:[fedora-announce-list] 20040311 Re: [SECURITY] Fedora Core 1 Update: tcpdump-3.7.2-8.fc1.1 CVE-2003-0989 CVE-2004-0055 CVE-2004-0057
MLIST:[fedora-announce] 20040422 Fedora alert FEDORA-2004-111 (kernel) CVE-2004-0394
MLIST:[fedora-desktop-list] 20070918 Re: fuse (Was Re: early-gdm redux) CVE-2007-5159
MLIST:[fedora-package-announce] 20070604 [SECURITY] Fedora 7 Update: NetworkManager-0.6.5-3.fc7 CVE-2007-2874
MLIST:[fedora-security-commits] 20080620 fedora-security/audit f10, 1.7, 1.8 f8, 1.225, 1.226 f9, 1.215, 1.216 CVE-2008-2725 CVE-2008-2726
MLIST:[fedora-security-list] 20090612 git daemon DoS CVE-2009-2108
MLIST:[felix-commits] 20201125 [felix-dev] branch master updated: FELIX-6364 Security vulnerability CVE-2020-27216 , update jetty (#63) CVE-2020-27216
MLIST:[felix-commits] 20201208 [felix-dev] branch master updated: FELIX-6366 1.0.3 < jQuery <3.4.0 is vulnerable to CVE-2020-11023 (#64) CVE-2020-11023
MLIST:[felix-dev] 20201125 [GitHub] [felix-dev] abhishekgarg18 opened a new pull request #63: FELIX-6364 Security vulnerability CVE-2020-27216 ,update jetty CVE-2020-27216
MLIST:[felix-dev] 20201125 [GitHub] [felix-dev] cziegeler merged pull request #63: FELIX-6364 Security vulnerability CVE-2020-27216 ,update jetty CVE-2020-27216
MLIST:[felix-dev] 20201125 [jira] [Assigned] (FELIX-6364) Security vulnerability CVE-2020-27216 ,update jetty CVE-2020-27216
MLIST:[felix-dev] 20201125 [jira] [Created] (FELIX-6364) Security vulnerability CVE-2020-27216 ,update jetty CVE-2020-27216
MLIST:[felix-dev] 20201125 [jira] [Resolved] (FELIX-6364) Security vulnerability CVE-2020-27216 ,update jetty CVE-2020-27216
MLIST:[felix-dev] 20201125 [jira] [Updated] (FELIX-6364) Security vulnerability CVE-2020-27216 ,update jetty CVE-2020-27216
MLIST:[felix-dev] 20201208 [GitHub] [felix-dev] abhishekgarg18 opened a new pull request #64: FELIX-6366 1.0.3 < jQuery <3.4.0 is vulnerable to CVE-2020-11023 CVE-2020-11023
MLIST:[felix-dev] 20201208 [GitHub] [felix-dev] cziegeler merged pull request #64: FELIX-6366 1.0.3 < jQuery <3.4.0 is vulnerable to CVE-2020-11023 CVE-2020-11023
MLIST:[felix-dev] 20201208 [jira] [Assigned] (FELIX-6366) 1.0.3 < jQuery <3.4.0 is vulnerable to CVE-2020-11023 CVE-2020-11023
MLIST:[felix-dev] 20201208 [jira] [Commented] (FELIX-6366) 1.0.3 < jQuery <3.4.0 is vulnerable to CVE-2020-11023 CVE-2020-11023
MLIST:[felix-dev] 20201208 [jira] [Created] (FELIX-6366) 1.0.3 < jQuery <3.4.0 is vulnerable to CVE-2020-11023 CVE-2020-11023
MLIST:[felix-dev] 20201208 [jira] [Updated] (FELIX-6366) 1.0.3 < jQuery <3.4.0 is vulnerable to CVE-2020-11023 CVE-2020-11023
MLIST:[felix-dev] 20201208 [jira] [Updated] (FELIX-6366) 1.0.3 < jQuery <3.5.0 is vulnerable to CVE-2020-11023 CVE-2020-11023
MLIST:[ffmpeg-cvslog] 20080812 r14714 - trunk/libavformat/utils.c CVE-2008-4866
MLIST:[ffmpeg-cvslog] 20080812 r14715 - trunk/libavformat/avformat.h CVE-2008-4866
MLIST:[ffmpeg-cvslog] 20080816 r14787 - trunk/libavcodec/utils.c CVE-2008-4868
MLIST:[ffmpeg-cvslog] 20080823 r14917 - trunk/libavcodec/dca.c CVE-2008-4867
MLIST:[ffmpeg-devel] 20101229 [PATCH] Fix a couple of errors with bad Vorbis headers CVE-2011-0480
MLIST:[ffmpeg-user] 20121204 Re: Unable to analyze/transcode mp3 CVE-2012-6618
MLIST:[file] 20070302 file-4.20 is now available CVE-2007-1536
MLIST:[file] 20090501 file 5.01 is now available CVE-2009-1515
MLIST:[file] 20090504 file-5.02 is now available CVE-2009-3930
MLIST:[file] 20120221 file-5.11 is now available CVE-2012-1571
MLIST:[file] 20140211 segfault in magic_buffer CVE-2014-1943
MLIST:[file] 20140213 segfault in magic_buffer CVE-2014-1943
MLIST:[file] 20140612 file-5.19 is now available CVE-2014-3538
MLIST:[file] 20141216 [PATCH] readelf.c: better checks for values returned by pread CVE-2014-9653
MLIST:[file] 20142010 segfault in magic_buffer CVE-2014-1943
MLIST:[fineract-dev] 20190509 [CVE-2018-11800] and [CVE-2018-11801] Apache Fineract SQL Injection Vulnerabilities fixed in v1.3.0 CVE-2018-11800 CVE-2018-11801
MLIST:[fineract-dev] 20191016 Re: [CVE-2016-4977] Apache Fineract remote code execution vulnerabilities fixed in v1.3.0 CVE-2016-4977
MLIST:[fineract-dev] 20191016 [CVE-2016-4977] Apache Fineract remote code execution vulnerabilities fixed in v1.3.0 CVE-2016-4977
MLIST:[fineract-dev] 20191021 Re: [CVE-2016-4977] Apache Fineract remote code execution vulnerabilities fixed in v1.3.0 CVE-2016-4977
MLIST:[fineract-dev] 20210527 Re: Release 1.5.0 fixed security issue CVE-2020-17514 CVE-2020-17514
MLIST:[fishcart] 20050521 Re: Concerned about security CVE-2005-1486
MLIST:[flex-dev] 20170327 [VOTE] Release Apache Flex BlazeDS 4.7.3 CVE-2017-5641
MLIST:[flink-dev] 20190811 Apache flink 1.7.2 security issues CVE-2015-9251 CVE-2016-4055 CVE-2019-8331
MLIST:[flink-dev] 20200513 [jira] [Created] (FLINK-17675) Resolve CVE-2019-11358 from jquery CVE-2019-11358
MLIST:[flink-dev] 20200806 Dependency vulnerabilities with Apache Flink 1.10.1 version CVE-2018-10237 CVE-2018-11768
MLIST:[flink-dev] 20200806 [jira] [Created] (FLINK-18841) CVE-2018-10237 and CWE-400 occurred in flink dependency CVE-2018-10237
MLIST:[flink-dev] 20200910 [jira] [Created] (FLINK-19195) question on security vulnerabilities in flink CVE-2019-16869 CVE-2019-20444 CVE-2019-20445 CVE-2020-11612
MLIST:[flink-dev] 20200930 [jira] [Created] (FLINK-19471) CVE-2020-7712 is reported for flink-streaming-java_2.11:jar:1.11.1 CVE-2020-7712
MLIST:[flink-dev] 20201105 [jira] [Created] (FLINK-20014) Resolve CVE-2020-11022 and CVE-2020-11023 in scala-compiler CVE-2020-11022 CVE-2020-11023
MLIST:[flink-dev] 20210105 [CVE-2020-17518] Apache Flink directory traversal attack: remote file writing through the REST API CVE-2020-17518
MLIST:[flink-dev] 20210105 [CVE-2020-17519] Apache Flink directory traversal attack: reading remote files through the REST API CVE-2020-17519
MLIST:[flink-dev] 20210106 [jira] [Created] (FLINK-20875) Could patch CVE-2020-17518 to version 1.10 CVE-2020-17518
MLIST:[flink-dev] 20210110 [jira] [Created] (FLINK-20916) Typo in test for CVE-2020-17519 CVE-2020-17519
MLIST:[flink-dev] 20210113 Re: [DISCUSS] Releasing Apache Flink 1.10.3 CVE-2020-17518 CVE-2020-17519
MLIST:[flink-dev] 20210115 Re: [DISCUSS] Releasing Apache Flink 1.10.3 CVE-2020-17518 CVE-2020-17519
MLIST:[flink-dev] 20210121 Re: [VOTE] Release 1.10.3, release candidate #1 CVE-2020-17518
MLIST:[flink-dev] 20210424 [jira] [Created] (FLINK-22441) In Flink v1.11.3 contains netty(version:3.10.6) netty(version:4.1.60) . There are many vulnerabilities, like CVE-2021-21409 etc. please confirm these version and fix. thx CVE-2021-21295 CVE-2021-21409
MLIST:[flink-dev] 20210720 [jira] [Created] (FLINK-23444) Slf4j 1.7.15 has the high-risk vulnerability CVE-2018-8088 CVE-2018-8088
MLIST:[flink-issues] 20200306 [GitHub] [flink] flinkbot commented on issue #11333: [FLINK-14121] Update commons-compress because of CVE-2019-12402 CVE-2019-12402
MLIST:[flink-issues] 20200306 [GitHub] [flink] flinkbot edited a comment on issue #11333: [FLINK-14121] Update commons-compress because of CVE-2019-12402 CVE-2019-12402
MLIST:[flink-issues] 20200306 [GitHub] [flink] nielsbasjes opened a new pull request #11333: [FLINK-14121] Update commons-compress because of CVE-2019-12402 CVE-2019-12402
MLIST:[flink-issues] 20200310 [GitHub] [flink] GJL commented on issue #11333: [FLINK-14121] Update commons-compress because of CVE-2019-12402 CVE-2019-12402
MLIST:[flink-issues] 20200311 [GitHub] [flink] GJL commented on issue #11333: [FLINK-14121] Update commons-compress because of CVE-2019-12402 CVE-2019-12402
MLIST:[flink-issues] 20200311 [GitHub] [flink] flinkbot edited a comment on issue #11333: [FLINK-14121] Update commons-compress because of CVE-2019-12402 CVE-2019-12402
MLIST:[flink-issues] 20200311 [GitHub] [flink] nielsbasjes commented on issue #11333: [FLINK-14121] Update commons-compress because of CVE-2019-12402 CVE-2019-12402
MLIST:[flink-issues] 20200311 [GitHub] [flink] nielsbasjes edited a comment on issue #11333: [FLINK-14121] Update commons-compress because of CVE-2019-12402 CVE-2019-12402
MLIST:[flink-issues] 20200312 [GitHub] [flink] GJL commented on issue #11333: [FLINK-14121] Update commons-compress because of CVE-2019-12402 CVE-2019-12402
MLIST:[flink-issues] 20200312 [GitHub] [flink] zentol commented on issue #11333: [FLINK-14121] Update commons-compress because of CVE-2019-12402 CVE-2019-12402
MLIST:[flink-issues] 20200313 [GitHub] [flink] GJL closed pull request #11333: [FLINK-14121] Update commons-compress because of CVE-2019-12402 CVE-2019-12402
MLIST:[flink-issues] 20200313 [GitHub] [flink] GJL commented on issue #11333: [FLINK-14121] Update commons-compress because of CVE-2019-12402 CVE-2019-12402
MLIST:[flink-issues] 20200313 [GitHub] [flink] zentol commented on issue #11333: [FLINK-14121] Update commons-compress because of CVE-2019-12402 CVE-2019-12402
MLIST:[flink-issues] 20200402 [GitHub] [flink] zentol opened a new pull request #11617: [FLINK-16389][kafka] Bump kafka version to 0.10.2.2 CVE-2018-1288
MLIST:[flink-issues] 20200513 [jira] [Created] (FLINK-17675) Resolve CVE-2019-11358 from jquery CVE-2019-11358
MLIST:[flink-issues] 20200518 [jira] [Assigned] (FLINK-17675) Resolve CVE-2019-11358 from jquery CVE-2019-11358
MLIST:[flink-issues] 20200518 [jira] [Commented] (FLINK-17675) Resolve CVE-2019-11358 from jquery CVE-2019-11358
MLIST:[flink-issues] 20200518 [jira] [Updated] (FLINK-17675) Resolve CVE-2019-11358 from jquery CVE-2019-11358
MLIST:[flink-issues] 20200520 [jira] [Closed] (FLINK-17675) Resolve CVE-2019-11358 from jquery CVE-2019-11358
MLIST:[flink-issues] 20200806 [jira] [Created] (FLINK-18841) CVE-2018-10237 and CWE-400 occurred in flink dependency CVE-2018-10237
MLIST:[flink-issues] 20200814 [jira] [Commented] (FLINK-18841) CVE-2018-10237 and CWE-400 occurred in flink dependency CVE-2018-10237
MLIST:[flink-issues] 20200910 [jira] [Created] (FLINK-19195) question on security vulnerabilities in flink CVE-2019-16869 CVE-2019-20444 CVE-2019-20445 CVE-2020-11612
MLIST:[flink-issues] 20200930 [jira] [Commented] (FLINK-19471) CVE-2020-7712 is reported for flink-streaming-java_2.11:jar:1.11.1 CVE-2020-7712
MLIST:[flink-issues] 20200930 [jira] [Created] (FLINK-19471) CVE-2020-7712 is reported for flink-streaming-java_2.11:jar:1.11.1 CVE-2020-7712
MLIST:[flink-issues] 20200930 [jira] [Updated] (FLINK-19471) CVE-2020-7712 is reported for flink-streaming-java_2.11:jar:1.11.1 CVE-2020-7712
MLIST:[flink-issues] 20201014 [jira] [Closed] (FLINK-19471) CVE-2020-7712 is reported for flink-streaming-java_2.11:jar:1.11.1 CVE-2020-7712
MLIST:[flink-issues] 20201023 [jira] [Assigned] (FLINK-19784) Upgrade okhttp to 3.13.0 or newer due to CVE-2018-20200 CVE-2018-20200
MLIST:[flink-issues] 20201023 [jira] [Commented] (FLINK-19784) Upgrade okhttp to 3.13.0 or newer due to CVE-2018-20200 CVE-2018-20200
MLIST:[flink-issues] 20201023 [jira] [Updated] (FLINK-19784) Upgrade okhttp to 3.13.0 or newer due to CVE-2018-20200 CVE-2018-20200
MLIST:[flink-issues] 20201026 [jira] [Closed] (FLINK-19784) Upgrade okhttp to 3.13.0 or newer due to CVE-2018-20200 CVE-2018-20200
MLIST:[flink-issues] 20201026 [jira] [Commented] (FLINK-19784) Upgrade okhttp to 3.13.0 or newer due to CVE-2018-20200 CVE-2018-20200
MLIST:[flink-issues] 20201105 [jira] [Created] (FLINK-20014) Resolve CVE-2020-11022 and CVE-2020-11023 in scala-compiler CVE-2020-11022 CVE-2020-11023
MLIST:[flink-issues] 20201129 [jira] [Commented] (FLINK-20014) Resolve CVE-2020-11022 and CVE-2020-11023 in scala-compiler CVE-2020-11022 CVE-2020-11023
MLIST:[flink-issues] 20210106 [GitHub] [flink-web] zentol commented on a change in pull request #408: Add security page for Flink CVE-2020-17518 CVE-2020-17519 CVE-2020-1960
MLIST:[flink-issues] 20210106 [jira] [Created] (FLINK-20875) Could patch CVE-2020-17518 to version 1.10 CVE-2020-17518
MLIST:[flink-issues] 20210107 [GitHub] [flink-web] rmetzger commented on a change in pull request #408: Add security page for Flink CVE-2020-1960
MLIST:[flink-issues] 20210107 [jira] [Closed] (FLINK-20875) Could patch CVE-2020-17518 to version 1.10 CVE-2020-17518
MLIST:[flink-issues] 20210107 [jira] [Commented] (FLINK-20875) Could patch CVE-2020-17518 to version 1.10 CVE-2020-17518
MLIST:[flink-issues] 20210107 [jira] [Updated] (FLINK-20875) Could patch CVE-2020-17518 to version 1.10 CVE-2020-17518
MLIST:[flink-issues] 20210110 [jira] [Created] (FLINK-20916) Typo in test for CVE-2020-17519 CVE-2020-17519
MLIST:[flink-issues] 20210110 [jira] [Updated] (FLINK-20916) Typo in test for CVE-2020-17519 CVE-2020-17519
MLIST:[flink-issues] 20210111 [jira] [Assigned] (FLINK-20916) Typo in test for CVE-2020-17519 CVE-2020-17519
MLIST:[flink-issues] 20210111 [jira] [Commented] (FLINK-20916) Typo in test for CVE-2020-17519 CVE-2020-17519
MLIST:[flink-issues] 20210112 [jira] [Commented] (FLINK-20875) Could patch CVE-2020-17518 to version 1.10 CVE-2020-17518
MLIST:[flink-issues] 20210114 [jira] [Closed] (FLINK-20875) Could patch CVE-2020-17518 to version 1.10 CVE-2020-17518
MLIST:[flink-issues] 20210114 [jira] [Comment Edited] (FLINK-20875) Could patch CVE-2020-17518 to version 1.10 CVE-2020-17518
MLIST:[flink-issues] 20210114 [jira] [Commented] (FLINK-20875) Could patch CVE-2020-17518 to version 1.10 CVE-2020-17518
MLIST:[flink-issues] 20210114 [jira] [Commented] (FLINK-20875) [CVE-2020-17518] Directory traversal attack: remote file writing through the REST API CVE-2020-17518
MLIST:[flink-issues] 20210114 [jira] [Reopened] (FLINK-20875) Could patch CVE-2020-17518 to version 1.10 CVE-2020-17518
MLIST:[flink-issues] 20210114 [jira] [Updated] (FLINK-20875) Could patch CVE-2020-17518 to version 1.10 CVE-2020-17518
MLIST:[flink-issues] 20210114 [jira] [Updated] (FLINK-20875) [CVE-2020-17518] Directory traversal attack: remote file writing through the REST API CVE-2020-17518
MLIST:[flink-issues] 20210121 [GitHub] [flink-shaded] HuangXingBo opened a new pull request #93: [FLINK-21020][jackson] Bump version to 2.12.1 CVE-2020-25649
MLIST:[flink-issues] 20210122 [GitHub] [flink-shaded] HuangXingBo opened a new pull request #93: [FLINK-21020][jackson] Bump version to 2.12.1 CVE-2020-25649
MLIST:[flink-issues] 20210209 [jira] [Comment Edited] (FLINK-20014) Resolve CVE-2020-11022 and CVE-2020-11023 in scala-compiler CVE-2020-11022 CVE-2020-11023
MLIST:[flink-issues] 20210209 [jira] [Commented] (FLINK-20014) Resolve CVE-2020-11022 and CVE-2020-11023 in scala-compiler CVE-2020-11022 CVE-2020-11023
MLIST:[flink-issues] 20210212 [jira] [Closed] (FLINK-18841) CVE-2018-10237 and CWE-400 occurred in flink dependency CVE-2018-10237
MLIST:[flink-issues] 20210422 [jira] [Commented] (FLINK-20014) Resolve CVE-2020-11022 and CVE-2020-11023 in scala-compiler CVE-2020-11022 CVE-2020-11023
MLIST:[flink-issues] 20210422 [jira] [Updated] (FLINK-20014) Resolve CVE-2020-11022 and CVE-2020-11023 in scala-compiler CVE-2020-11022 CVE-2020-11023
MLIST:[flink-issues] 20210424 [jira] [Created] (FLINK-22441) In Flink v1.11.3 contains netty(version:3.10.6) netty(version:4.1.60) . There are many vulnerabilities, like CVE-2021-21409 etc. please confirm these version and fix. thx CVE-2021-21295 CVE-2021-21409
MLIST:[flink-issues] 20210426 [jira] [Commented] (FLINK-22441) In Flink v1.11.3 contains netty(version:3.10.6) netty(version:4.1.60) . There are many vulnerabilities, like CVE-2021-21409 etc. please confirm these version and fix. thx CVE-2019-20444 CVE-2019-20445 CVE-2021-21295 CVE-2021-21409
MLIST:[flink-issues] 20210426 [jira] [Updated] (FLINK-22441) In Flink v1.11.3 contains netty(version:3.10.6) netty(version:4.1.60) . There are many vulnerabilities, like CVE-2021-21409 etc. please confirm these version and fix. thx CVE-2021-21295 CVE-2021-21409
MLIST:[flink-issues] 20210429 [jira] [Commented] (FLINK-20014) Resolve CVE-2020-11022 and CVE-2020-11023 in scala-compiler CVE-2020-11022 CVE-2020-11023
MLIST:[flink-issues] 20210429 [jira] [Updated] (FLINK-20014) Resolve CVE-2020-11022 and CVE-2020-11023 in scala-compiler CVE-2020-11022 CVE-2020-11023
MLIST:[flink-issues] 20210510 [GitHub] [flink] zentol opened a new pull request #15879: [FLINK-22407][build] Bump log4j to 2.24.1 CVE-2020-9488
MLIST:[flink-issues] 20210511 [jira] [Commented] (FLINK-22441) In Flink v1.11.3 contains netty(version:3.10.6) netty(version:4.1.60) . There are many vulnerabilities, like CVE-2021-21409 etc. please confirm these version and fix. thx CVE-2021-21295 CVE-2021-21409
MLIST:[flink-issues] 20210610 [jira] [Updated] (FLINK-22441) In Flink v1.11.3 contains netty(version:3.10.6) netty(version:4.1.60) . There are many vulnerabilities, like CVE-2021-21409 etc. please confirm these version and fix. thx CVE-2021-21295 CVE-2021-21409
MLIST:[flink-issues] 20210618 [jira] [Updated] (FLINK-22441) In Flink v1.11.3 contains netty(version:3.10.6) netty(version:4.1.60) . There are many vulnerabilities, like CVE-2021-21409 etc. please confirm these version and fix. thx CVE-2021-21295 CVE-2021-21409
MLIST:[flink-issues] 20210720 [jira] [Created] (FLINK-23444) Slf4j 1.7.15 has the high-risk vulnerability CVE-2018-8088 CVE-2018-8088
MLIST:[flink-issues] 20210721 [jira] [Commented] (FLINK-23444) Slf4j 1.7.15 has the high-risk vulnerability CVE-2018-8088 CVE-2018-8088
MLIST:[flink-issues] 20210725 [jira] [Commented] (FLINK-23444) Slf4j 1.7.15 has the high-risk vulnerability CVE-2018-8088 CVE-2018-8088
MLIST:[flink-issues] 20210804 [jira] [Closed] (FLINK-23444) Slf4j 1.7.15 has the high-risk vulnerability CVE-2018-8088 CVE-2018-8088
MLIST:[flink-issues] 20210908 [GitHub] [flink] MartijnVisser opened a new pull request #17194: [FLINK-24034] Upgrade commons-compress to 1.21 and other apache.commons updates CVE-2021-35517
MLIST:[flink-issues] 20211031 [jira] [Updated] (FLINK-20014) Resolve CVE-2020-11022 and CVE-2020-11023 in scala-compiler CVE-2020-11022 CVE-2020-11023
MLIST:[flink-user] 20190811 Apache flink 1.7.2 security issues CVE-2015-9251 CVE-2016-4055 CVE-2019-8331
MLIST:[flink-user] 20190813 Apache flink 1.7.2 security issues CVE-2015-9251 CVE-2016-4055 CVE-2019-8331
MLIST:[flink-user] 20190813 Re: Apache flink 1.7.2 security issues CVE-2015-9251 CVE-2016-4055 CVE-2019-8331
MLIST:[flink-user] 20200806 Dependency vulnerabilities with Apache Flink 1.10.1 version CVE-2018-10237 CVE-2018-11768
MLIST:[flink-user] 20201022 Dependency vulnerabilities with flink 1.11.1 version CVE-2018-20200 CVE-2018-8023
MLIST:[flink-user] 20210105 [CVE-2020-17518] Apache Flink directory traversal attack: remote file writing through the REST API CVE-2020-17518
MLIST:[flink-user] 20210105 [CVE-2020-17519] Apache Flink directory traversal attack: reading remote files through the REST API CVE-2020-17519
MLIST:[flink-user] 20210703 Re: owasp-dependency-check is flagging flink 1.13 for scala 2.12.7 CVE-2016-5001 CVE-2017-3161 CVE-2017-3162 CVE-2018-17196
MLIST:[flink-user] 20210716 Flink 1.13.1 - Vulnerabilities CVE-2019-12900 for librocksdbjni CVE-2019-12900
MLIST:[flink-user] 20210717 Re: Flink 1.13.1 - Vulnerabilities CVE-2019-12900 for librocksdbjni CVE-2019-12900
MLIST:[flume-issues] 20200410 [jira] [Created] (FLUME-3363) CVE-2019-20445 CVE-2019-20445
MLIST:[flume-issues] 20200415 [jira] [Updated] (FLUME-3363) CVE-2019-20445 CVE-2019-20445
MLIST:[flume-issues] 20200422 [jira] [Commented] (FLUME-3363) CVE-2019-20445 CVE-2019-20445
MLIST:[fluo-commits] 20190814 [fluo] branch fluo-parent updated: Update checkstyle (CVE-2019-9658) (#1073) CVE-2019-9658
MLIST:[fluo-notifications] 20190814 [GitHub] [fluo] ctubbsii merged pull request #1073: Update checkstyle (CVE-2019-9658) CVE-2019-9658
MLIST:[fluo-notifications] 20190815 Build failed in Jenkins: Fluo Parent Pom #101 CVE-2019-9658
MLIST:[fluo-notifications] 20200808 [GitHub] [fluo-website] ctubbsii opened a new pull request #194: Update gems CVE-2020-14001
MLIST:[fm-news] 20010713 Newsletter for Friday, July 13th 2001 CVE-2001-1081
MLIST:[fm-news] 20041001 Newsletter for Thursday, September 30th 2004 CVE-2004-2153
MLIST:[fm-news] 20041102 Newsletter for Monday, November 01st 2004 CVE-2004-2217
MLIST:[fm-news] 20041123 Newsletter for Monday, November 22nd 2004 CVE-2004-2485
MLIST:[fm-news] 20051208 Newsletter for Thursday, December 08th 2005 CVE-2005-4132
MLIST:[fm-news] 20060204 Newsletter for Friday, February 03rd 2006 CVE-2006-0751
MLIST:[fm-news] 20080113 Newsletter for Saturday, January 12th 2008 CVE-2008-7189 CVE-2008-7197
MLIST:[fm-news] 20080123 Newsletter for Tuesday, January 22nd 2008 CVE-2008-7198
MLIST:[fm-news] 20080126 Newsletter for Friday, January 25th 2008 CVE-2008-7196 CVE-2008-7202
MLIST:[fm-news] 20080206 Newsletter for Tuesday, February 05th 2008 CVE-2008-7228
MLIST:[focus-sun] 20031022 Information disclosure with SMC webserver on Solaris 9 CVE-2004-1354
MLIST:[foswiki-announce] 20090427 Security Alert CVE-2009-1434: Foswiki Page View Cross-Site Request Forgery (CSRF) CVE-2009-1434
MLIST:[foswiki-announce] 20101110 [ANNOUNCE] Foswiki Security Alert CVE-2010-4215 - User can alter topic preferences using the "Edit topic preference settings" feature and save them even though he has no privileges to edit the topic. CVE-2010-4215
MLIST:[foswiki-announce] 20121212 Security Alert CVE-2012-6329: Foswiki MAKETEXT Variable Allows Arbitrary Shell Command Execution CVE-2012-6329 CVE-2012-6330
MLIST:[freebsd-bugbusters] 20140212 freeradius denial of service in authentication flow CVE-2014-2015
MLIST:[freebsd-bugbusters] 20140213 freeradius denial of service in authentication flow CVE-2014-2015
MLIST:[freebsd-bugbusters] 20140214 freeradius denial of service in authentication flow CVE-2014-2015
MLIST:[freebsd-cvs-src] 20060520 cvs commit: src/sys/posix4 p1003_1b.c CVE-2006-5483
MLIST:[freebsd-cvs-src] 20060531 cvs commit: src/sys/ufs/ufs ufs_vnops.c CVE-2006-5482
MLIST:[freebsd-hackers] 20050304 Re: FW:FreeBSD hiding security stuff CVE-2005-0109
MLIST:[freebsd-security] 19961025 Vadim Kolontsov: BoS: Linux & BSD's lpr exploit CVE-1999-0032
MLIST:[freebsd-security] 20021109 Security issue in net/cvsup-mirror port CVE-2002-2382
MLIST:[freebsd-security] 20050304 [Fwd: Re: FW:FreeBSD hiding security stuff] CVE-2005-0109
MLIST:[freebsd-security] 20060728 Ruby vulnerability? CVE-2006-3694
MLIST:[freebsd-security] 20060730 Ruby vulnerability? CVE-2006-3694
MLIST:[freebsd-security] 20061002 FreeBSD Security Advisory FreeBSD-SA-06:22.openssh CVE-2006-5051
MLIST:[freebsd-security] 20061206 Intel LAN Driver Buffer Overflow Local Privilege Escalation CVE-2006-6385
MLIST:[freebsd-security] 20070114 MOAB advisories CVE-2006-5679 CVE-2006-5824 CVE-2007-0229 CVE-2007-0267
MLIST:[freebsd-security] 20111223 Merry Christmas from the FreeBSD Security Team CVE-2011-4862
MLIST:[freebsd-security] 20120820 [HEADSUP] geli(4) weak master key generation on -CURRENT CVE-2012-4578
MLIST:[freedesktop-xorg-announce] 20171128 libXcursor 1.1.15 CVE-2017-16612
MLIST:[freedesktop-xorg-announce] 20171128 libXfont 1.5.4 CVE-2017-16611
MLIST:[freedesktop-xorg-announce] 20171128 libXfont2 2.0.3 CVE-2017-16611
MLIST:[freemarker-notifications] 20210906 [jira] [Created] (FREEMARKER-190) The jar dom4j has known security issue that Freemarker compiles dependend on it CVE-2018-1000632 CVE-2020-10683
MLIST:[freeradius-users] 20090909 Version 1.1.8 has been released CVE-2009-3111
MLIST:[freetype-devel] 20110708 Re: details on iPhone exploit caused by FreeType? CVE-2011-0226
MLIST:[freetype-devel] 20110708 details on iPhone exploit caused by FreeType? CVE-2011-0226
MLIST:[freetype-devel] 20110709 Re: details on iPhone exploit caused by FreeType? CVE-2011-0226
MLIST:[freetype-devel] 20110711 Re: details on iPhone exploit caused by FreeType? CVE-2011-0226
MLIST:[frox-user] 20050204 Frox 0.7.18 - security fixes. CVE-2005-2808
MLIST:[frugalware-git] 20081014 kernel2627: ndiswrapper-1.53-6-i686 CVE-2008-4395
MLIST:[fulldisclosure] 20190106 Multiple Root RCE in Unibox Wifi Access Controller 0.x - 3.x CVE-2019-3495 CVE-2019-3496 CVE-2019-3497
MLIST:[funsec] 20060110 Another WMF flaw without a Microsoft patch CVE-2006-0020
MLIST:[funsec] 20060308 DOSing Outlook 2003 CVE-2006-1305
MLIST:[gcc-bugs] 20020506 c/6586: -ftrapv doesn't catch multiplication overflow CVE-2000-1219
MLIST:[gcc-bugs] 20060417 [Bug c/27180] New: pointer arithmetic overflow handling broken CVE-2006-1902
MLIST:[gcc-bugs] 20060417 [Bug middle-end/27180] New: pointer arithmetic overflow handling broken CVE-2006-1902
MLIST:[gcc-patches] 20080306 Re: [PATCH, i386]: Emit cld instruction when stringops are used CVE-2008-1367
MLIST:[gcc-patches] 20080306 [PATCH, i386]: Emit cld instruction when stringops are used CVE-2008-1367
MLIST:[gcc-patches] 20080307 Re: [PATCH, i386]: Emit cld instruction when stringops are used CVE-2008-1367
MLIST:[gcc-patches] 20160502 Fix for PR70909 in Libiberty Demangler (4) CVE-2016-4491
MLIST:[gcc-patches] 20160503 Fix for PR70926 in Libiberty Demangler (5) CVE-2016-4492 CVE-2016-4493
MLIST:[gcc-patches] 20160630 Fix fir PR71696 in Libiberty Demangler (6) CVE-2016-6131
MLIST:[gdcm-developers] 20151204 [Gdcm2] GDCM <2.6.1 two vulnerabilites CVE-2015-8396 CVE-2015-8397
MLIST:[gdcm-developers] 20151221 Re: [Gdcm2] GDCM <2.6.1 two vulnerabilites CVE-2015-8396 CVE-2015-8397
MLIST:[gdm-list] 20110328 GDM 2.32.1 released CVE-2011-0727
MLIST:[general] 20171108 [SECURITY] CVE-2017-3166: Apache Hadoop Privilege escalation vulnerability CVE-2017-3166
MLIST:[general] 20180119 CVE-2017-15713: Apache Hadoop MapReduce job history server vulnerability CVE-2017-15713
MLIST:[general] 20180124 CVE-2017-15718: Apache Hadoop YARN NodeManager vulnerability CVE-2017-15718
MLIST:[general] 20180501 CVE-2016-6811: Apache Hadoop Privilege escalation vulnerability CVE-2016-6811
MLIST:[geode-dev] 20190702 Re: [PROPOSAL]: Improve OQL Method Invocation Security CVE-2017-9795
MLIST:[geode-dev] 20190703 Re: [PROPOSAL]: Improve OQL Method Invocation Security CVE-2017-9795
MLIST:[geode-dev] 20200406 Proposal to bring GEODE-7941 to support/1.12 CVE-2020-1957
MLIST:[geode-dev] 20200407 JGroups vulnerabilty CVE-2016-2141
MLIST:[geode-dev] 20200407 Re: JGroups vulnerabilty CVE-2016-2141
MLIST:[geode-dev] 20200408 Proposal to bring GEODE-7969 to support/1.12 CVE-2019-20444 CVE-2019-20445
MLIST:[geode-dev] 20200408 Re: Proposal to bring GEODE-7969 to support/1.12 CVE-2019-20444 CVE-2019-20445
MLIST:[geode-dev] 20200410 Proposal to bring GEODE-7970 to support/1.12 CVE-2020-5398
MLIST:[geode-dev] 20200410 Re: Proposal to bring GEODE-7970 to support/1.12 CVE-2020-5398
MLIST:[geode-dev] 20200521 Proposal to backport GEODE-8167 CVE-2020-5407
MLIST:[geode-dev] 20200521 Re: Proposal to backport GEODE-8167 CVE-2020-5407
MLIST:[geode-dev] 20200630 Proposal to bring GEODE-8315 (shiro upgrade) to support branches CVE-2020-11989
MLIST:[geode-dev] 20200630 Re: Proposal to bring GEODE-8315 (shiro upgrade) to support branches CVE-2020-11989
MLIST:[geode-dev] 20200831 Proposal to bring GEODE-8456 (shiro upgrade) to support branches CVE-2020-13933
MLIST:[geode-dev] 20200901 Re: Proposal to bring GEODE-8456 (shiro upgrade) to support branches CVE-2020-13933
MLIST:[geode-issues] 20191008 [jira] [Commented] (GEODE-7255) Need to pick up CVE-2019-16942 CVE-2019-16942
MLIST:[geode-issues] 20191011 [jira] [Commented] (GEODE-7255) Need to pick up CVE-2019-16942 CVE-2019-16942
MLIST:[geode-issues] 20191230 [jira] [Closed] (GEODE-7255) Need to pick up CVE-2019-16942 CVE-2019-16942
MLIST:[geode-issues] 20200831 [jira] [Created] (GEODE-8471) Dependency security issues in geode-core-1.12 CVE-2017-5645 CVE-2018-1000613 CVE-2018-1270 CVE-2018-14719 CVE-2018-14720 CVE-2018-14721 CVE-2018-19360 CVE-2018-19361 CVE-2018-19362 CVE-2019-14379 CVE-2019-14540 CVE-2019-14892 CVE-2019-14893 CVE-2019-15752 CVE-2019-16335 CVE-2019-16942 CVE-2019-16943 CVE-2019-17267 CVE-2019-17531 CVE-2019-20330 CVE-2019-5736 CVE-2020-11619 CVE-2020-11620 CVE-2020-1938 CVE-2020-8840 CVE-2020-9546 CVE-2020-9547 CVE-2020-9548
MLIST:[geode-notifications] 20191007 [GitHub] [geode] jmelchio commented on issue #4102: Fix for GEODE-7255: Pickup Jackson CVE fix CVE-2019-12384 CVE-2019-12814
MLIST:[geode-notifications] 20211013 [GitHub] [geode] jdeppe-pivotal opened a new pull request #6994: GEODE-9676: Limit array and string sizes for unauthenticated Radish connections CVE-2021-32675
MLIST:[geode-user] 20170404 [CVE-2017-5649] Apache Geode information disclosure vulnerability CVE-2017-5649
MLIST:[geode-user] 20170929 [SECURITY] CVE-2017-9794 Apache Geode gfsh query vulnerability CVE-2017-9794
MLIST:[geode-user] 20170929 [SECURITY] CVE-2017-9797 Apache Geode client/server authentication vulnerability CVE-2017-9797
MLIST:[geode-user] 20180612 [SECURITY] CVE-2017-15695 Apache Geode remote code execution vulnerability CVE-2017-15695
MLIST:[geronimo-dev] 20210727 [jira] [Commented] (GERONIMO-6814) Improve Geronimo specs to mitigate CVE-2011-5034 CVE-2011-5034
MLIST:[geronimo-dev] 20210727 [jira] [Created] (GERONIMO-6814) Improve Geronimo specs to mitigate CVE-2011-5034 CVE-2011-5034
MLIST:[geronimo-dev] 20210728 [jira] [Commented] (GERONIMO-6814) Improve Geronimo specs to mitigate CVE-2011-5034 CVE-2011-5034
MLIST:[git-commits-head] 20080307 x86: clear DF before calling signal handler CVE-2008-1367
MLIST:[git-commits-head] 20080507 sparc: Fix mmap VA span checking. CVE-2008-2137
MLIST:[git-commits-head] 20090205 shm: fix shmctl(SHM_INFO) lockup with !CONFIG_SHMEM CVE-2009-0859
MLIST:[git] 20080716 [PATCH] Fix buffer overflow in git diff CVE-2008-3546
MLIST:[git] 20081220 [Security] gitweb local privilege escalation (fix) CVE-2008-5916
MLIST:[git] 20170510 [ANNOUNCE] Git v2.12.3 and others CVE-2017-8386
MLIST:[glbs-security-announce] 20070517 Globus Security Advisory 2007-03: Nexus vulnerability CVE-2007-2784
MLIST:[gmp-bugs] 20131216 out-of-bound write CVE-2014-9474
MLIST:[gnome-announce] 20020503 Patch for serious bug in 1.0.3 CVE-2002-1765
MLIST:[gnome-networkmanager-list] 20050728 format string bug in nm_info_handler CVE-2005-2410
MLIST:[gnome-networkmanager-list] 20050729 Re: format string bug in nm_info_handler CVE-2005-2410
MLIST:[gnupg-announce] 20060309 [Announce] GnuPG does not detect injection of unsigned data CVE-2006-0049
MLIST:[gnupg-announce] 20061127 GnuPG 1.4 and 2.0 buffer overflow CVE-2006-6169
MLIST:[gnupg-announce] 20130725 [Announce] [security fix] GnuPG 1.4.14 released CVE-2013-4242
MLIST:[gnupg-announce] 20140623 [security fix] GnuPG 1.4.17 released CVE-2014-4617
MLIST:[gnupg-announce] 20140624 [security fix] GnuPG 2.0.24 released CVE-2014-4617
MLIST:[gnupg-announce] 20140808 [security fix] Libgcrypt and GnuPG CVE-2014-5270
MLIST:[gnupg-announce] 20141125 [Announce] [security fix] Libksba 1.3.2 for GnuPG released CVE-2014-9087
MLIST:[gnupg-announce] 20160209 [Announce] Libgcrypt 1.6.5 with security fix released CVE-2015-7511
MLIST:[gnupg-announce] 20160817 [Announce] Security fixes for Libgcrypt and GnuPG 1.4 [CVE-2016-6316] CVE-2016-6313
MLIST:[gnupg-announce] 20170629 Libgcrypt 1.7.8 released to fix CVE-2017-7526 CVE-2017-7526
MLIST:[gnupg-announce] GnuPG: remotely controllable function pointer [CVE-2006-6235] CVE-2006-6235
MLIST:[gnupg-devel] 20131218 [Announce] [security fix] GnuPG 1.4.16 released CVE-2013-4576
MLIST:[gnupg-users] 20070306 [Announce] Multiple Messages Problem in GnuPG and GPGME CVE-2007-1263 CVE-2007-1264 CVE-2007-1265 CVE-2007-1266 CVE-2007-1267 CVE-2007-1268 CVE-2007-1269
MLIST:[gnutls-dev] 20040802 gnutls 1.0.17 CVE-2004-2531
MLIST:[gnutls-dev] 20050428 GnuTLS 1.2.3 and 1.0.25 CVE-2005-1431
MLIST:[gnutls-devel] 20080519 GnuTLS 2.2.4 - Security release [GNUTLS-SA-2008-1] CVE-2008-1948 CVE-2008-1949 CVE-2008-1950
MLIST:[gnutls-devel] 20080519 GnuTLS 2.2.5 - Brown paper bag release CVE-2008-1948 CVE-2008-1949 CVE-2008-1950
MLIST:[gnutls-devel] 20080519 Re: GnuTLS 2.2.4 - Security release [GNUTLS-SA-2008-1] CVE-2008-1948 CVE-2008-1949 CVE-2008-1950
MLIST:[gnutls-devel] 20081110 Analysis of vulnerability GNUTLS-SA-2008-3 CVE-2008-4989 CVE-2008-4989
MLIST:[gnutls-devel] 20081110 GnuTLS 2.6.1 - Security release [GNUTLS-SA-2008-3] CVE-2008-4989
MLIST:[gnutls-devel] 20090109 Re: gnutls fails to use Verisign CA cert without a Basic Constraint CVE-2009-5138
MLIST:[gnutls-devel] 20090423 Re: some crashes on using DSA keys CVE-2009-1415
MLIST:[gnutls-devel] 20090430 All DSA keys generated using GnuTLS 2.6.x are corrupt [GNUTLS-SA-2009-2] [CVE-2009-1416] CVE-2009-1416
MLIST:[gnutls-devel] 20090430 Certificate expiration not checked by gnutls-cli [GNUTLS-SA-2009-3] [CVE-2009-1417] CVE-2009-1417
MLIST:[gnutls-devel] 20090430 Double free and free of invalid pointer on certain errors [GNUTLS-SA-2009-1] [CVE-2009-1415] CVE-2009-1415
MLIST:[gnutls-devel] 20111108 Possible buffer overflow on gnutls_session_get_data CVE-2011-4128
MLIST:[gnutls-devel] 20120224 gnutls 3.0.14 CVE-2012-1663
MLIST:[gnutls-devel] 20120302 gnutls 2.12.16 CVE-2012-1573
MLIST:[gnutls-devel] 20120302 gnutls 3.0.15 CVE-2012-1573
MLIST:[gnutls-devel] 20120316 gnutls 3.0.16 CVE-2012-1569
MLIST:[gnutls-devel] 20131023 gnutls 3.1.15 CVE-2013-4466
MLIST:[gnutls-devel] 20131023 gnutls 3.2.5 CVE-2013-4466
MLIST:[gnutls-devel] 20160902 OCSP certificate check CVE-2016-7444
MLIST:[gnutls-help] 20140131 gnutls 3.1.20 CVE-2014-3465
MLIST:[gnutls-help] 20140131 gnutls 3.2.10 CVE-2014-3465
MLIST:[golang-announce] 20160113 [security] Go 1.5.3 is released CVE-2015-8618
MLIST:[golang-announce] 20160412 [security] Go 1.6.1 and 1.5.4 are released CVE-2016-3958 CVE-2016-3959
MLIST:[golang-announce] 20170523 [security] Go 1.7.6 and Go 1.8.2 are released CVE-2017-8932
MLIST:[golang-announce] 20180703 [security] Severe vulnerability in github.com/golang/gddo CVE-2018-12976
MLIST:[gosa] 20070115 GOsa 2.5.8 released (security fixes!) CVE-2007-0313
MLIST:[gpa-dev] 20050531 S/MIME signing fails on a SUSE 9.3 system CVE-2005-2023
MLIST:[gpa-dev] 20050603 Re: S/MIME signing fails on a SUSE 9.3 system CVE-2005-2023
MLIST:[gpsd-dev] 20130501 3.9 is released CVE-2013-2038
MLIST:[graphicsmagick-commit] 20150202 [GM-commit] GraphicsMagick: Assure that GIF decoder does not use unitialized... CVE-2015-8808
MLIST:[groovy-commits] 20201126 [groovy] branch GROOVY_2_4_X updated: GROOVY-9552: Bump Ant versions to address: [CVE-2020-1945] Apache Ant insecure temporary file vulnerability CVE-2020-1945
MLIST:[groovy-commits] 20210714 [groovy] 08/09: GROOVY-10169: Bump Ant version to 1.10.11 (incorporates CVE-2021-36373 and CVE-2021-36374) CVE-2021-36373 CVE-2021-36374
MLIST:[groovy-commits] 20210715 [groovy] 02/07: GROOVY-10169: Bump Ant version to 1.10.11 (incorporates CVE-2021-36373 and CVE-2021-36374) CVE-2021-36373 CVE-2021-36374
MLIST:[groovy-dev] 20201205 [SECURITY] CVE-2020-17521: Apache Groovy Information Disclosure CVE-2020-15824 CVE-2020-1945
MLIST:[groovy-notifications] 20200522 [jira] [Closed] (GROOVY-9552) Bump Ant versions to address: [CVE-2020-1945] Apache Ant insecure temporary file vulnerability CVE-2020-1945
MLIST:[groovy-notifications] 20201126 [jira] [Comment Edited] (GROOVY-9552) Bump Ant versions to address: [CVE-2020-1945] Apache Ant insecure temporary file vulnerability CVE-2020-1945
MLIST:[groovy-notifications] 20201126 [jira] [Updated] (GROOVY-9552) Bump Ant versions to address: [CVE-2020-1945] Apache Ant insecure temporary file vulnerability CVE-2020-1945
MLIST:[groovy-notifications] 20201207 [jira] [Closed] (GROOVY-9824) CVE-2020-17521 Apache Groovy Information Disclosure CVE-2020-15824 CVE-2020-17521 CVE-2020-1945
MLIST:[groovy-notifications] 20210715 [jira] [Resolved] (GROOVY-10169) Bump Ant version to 1.10.11 (incorporates CVE-2021-36373 and CVE-2021-36374) CVE-2021-36373 CVE-2021-36374
MLIST:[groovy-users] 20201205 [SECURITY] CVE-2020-17521: Apache Groovy Information Disclosure CVE-2020-15824 CVE-2020-1945
MLIST:[gs-cvs] 20100106 [gs-commits] rev 10590 - trunk/gs/base CVE-2010-4054
MLIST:[gtk-devel-list] 20030529 Algorimic Complexity Attack on GLIB 2.2.1 CVE-2012-0039
MLIST:[gtk-devel-list] 20071107 GLib 2.14.3 CVE-2007-1659 CVE-2007-1660 CVE-2007-1661 CVE-2007-1662 CVE-2007-4766 CVE-2007-4767 CVE-2007-4768
MLIST:[guacamole-issues] 20201206 [jira] [Commented] (GUACAMOLE-1229) Fix in Dockerhub for latest CVE-2020-17527 CVE-2020-17527
MLIST:[guacamole-issues] 20201206 [jira] [Created] (GUACAMOLE-1229) Fix in Dockerhub for latest CVE-2020-17527 CVE-2020-17527
MLIST:[guacamole-issues] 20210618 [jira] [Created] (GUACAMOLE-1368) Latest docker image fails security scans. CVE-2004-0971 CVE-2005-2541 CVE-2010-4051 CVE-2019-19603 CVE-2020-13631 CVE-2020-36226 CVE-2021-22898
MLIST:[guacamole-user] 20190912 Re: [Guacamole hack attack?] CVE-2019-11510
MLIST:[guacamole-user] 20200703 RE: [SECURITY] CVE-2020-9497: Apache Guacamole: Improper input validation of RDP static virtual channels CVE-2020-9497
MLIST:[guacamole-user] 20200703 Re: [SECURITY] CVE-2020-9497: Apache Guacamole: Improper input validation of RDP static virtual channels CVE-2020-9497
MLIST:[hadoop-common-commits] 20200309 [hadoop] branch branch-3.1 updated: HADOOP-16871. Upgrade Netty version to 4.1.45.Final to handle CVE-2019-20444, CVE-2019-16869 CVE-2019-16869 CVE-2019-20444
MLIST:[hadoop-common-commits] 20200309 [hadoop] branch branch-3.2 updated: HADOOP-16871. Upgrade Netty version to 4.1.45.Final to handle CVE-2019-20444, CVE-2019-16869 CVE-2019-16869 CVE-2019-20444
MLIST:[hadoop-common-commits] 20200309 [hadoop] branch trunk updated: HADOOP-16871. Upgrade Netty version to 4.1.45.Final to handle CVE-2019-20444, CVE-2019-16869 CVE-2019-16869 CVE-2019-20444
MLIST:[hadoop-common-commits] 20200824 [hadoop] branch branch-3.3 updated: HADOOP-17220. Upgrade slf4j to 1.7.30 ( To Address: CVE-2018-8088). Contributed by Brahma Reddy Battula. CVE-2018-8088
MLIST:[hadoop-common-commits] 20200824 [hadoop] branch trunk updated: HADOOP-17220. Upgrade slf4j to 1.7.30 ( To Address: CVE-2018-8088). Contributed by Brahma Reddy Battula. CVE-2018-8088
MLIST:[hadoop-common-commits] 20201028 [hadoop] branch branch-3.3 updated: HADOOP-17236. Bump up snakeyaml to 1.26 to mitigate CVE-2017-18640. Contributed by Brahma Reddy Battula. CVE-2017-18640
MLIST:[hadoop-common-commits] 20201028 [hadoop] branch trunk updated: HADOOP-17236. Bump up snakeyaml to 1.26 to mitigate CVE-2017-18640. Contributed by Brahma Reddy Battula. CVE-2017-18640
MLIST:[hadoop-common-commits] 20210924 [hadoop] branch branch-3.2 updated: HADOOP-17917. Backport HADOOP-15993 to branch-3.2 which address CVE-2014-4611. Contributed by Brahma Reddy Battula. CVE-2014-4611
MLIST:[hadoop-common-commits] 20210924 [hadoop] branch branch-3.2.3 updated: HADOOP-17917. Backport HADOOP-15993 to branch-3.2 which address CVE-2014-4611. Contributed by Brahma Reddy Battula. CVE-2014-4611
MLIST:[hadoop-common-commits] 20211008 [hadoop] branch branch-3.2 updated: HADOOP-17236. Bump up snakeyaml to 1.26 to mitigate CVE-2017-18640. Contributed by Brahma Reddy Battula. CVE-2017-18640
MLIST:[hadoop-common-commits] 20211008 [hadoop] branch branch-3.2.3 updated: HADOOP-17236. Bump up snakeyaml to 1.26 to mitigate CVE-2017-18640. Contributed by Brahma Reddy Battula. CVE-2017-18640
MLIST:[hadoop-common-dev] 20170425 CVE-2017-3161: Apache Hadoop NameNode XSS vulnerability CVE-2017-3161
MLIST:[hadoop-common-dev] 20170425 CVE-2017-3162: Apache Hadoop DataNode web UI vulnerability CVE-2017-3162
MLIST:[hadoop-common-dev] 20190318 [jira] [Created] (HADOOP-16200) Add regression test for CVE-2018-11767 CVE-2018-11767
MLIST:[hadoop-common-dev] 20190401 Update guava to 27.0-jre in hadoop-project CVE-2018-10237
MLIST:[hadoop-common-dev] 20191030 [jira] [Created] (HADOOP-16676) Security Vulnerability for dependency jetty-xml -please upgrade CVE-2017-9735
MLIST:[hadoop-common-dev] 20191107 [jira] [Created] (HADOOP-16690) Update dependency com.nimbusds:nimbus-jose-jwt due to security vulnerability CVE-2019-17195
MLIST:[hadoop-common-dev] 20200623 Update guava to 27.0-jre in hadoop branch-2.10 CVE-2018-10237
MLIST:[hadoop-common-dev] 20200824 [jira] [Created] (HADOOP-17220) Upgrade slf4j to 1.7.30 ( To Adress: CVE-2018-8088) CVE-2018-8088
MLIST:[hadoop-common-dev] 20200824 [jira] [Created] (HADOOP-17221) Upgrade log4j-1.2.17 to atlassian ( To Adress: CVE-2019-17571) CVE-2019-17571
MLIST:[hadoop-common-dev] 20200830 [jira] [Created] (HADOOP-17236) Bump up snakeyaml to 1.26 to mitigate CVE-2017-18640 CVE-2017-18640
MLIST:[hadoop-common-dev] 20210916 [jira] [Created] (HADOOP-17917) Backport HADOOP-15993 to branch-3.2 which Address CVE-2014-4611 CVE-2014-4611
MLIST:[hadoop-common-issues] 20190318 [jira] [Created] (HADOOP-16200) Add regression test for CVE-2018-11767 CVE-2018-11767
MLIST:[hadoop-common-issues] 20191030 [jira] [Created] (HADOOP-16676) Security Vulnerability for dependency jetty-xml -please upgrade CVE-2017-9735
MLIST:[hadoop-common-issues] 20191107 [jira] [Created] (HADOOP-16690) Update dependency com.nimbusds:nimbus-jose-jwt due to security vulnerability CVE-2019-17195
MLIST:[hadoop-common-issues] 20200219 [jira] [Assigned] (HADOOP-16871) Upgrade Netty version to 4.1.45.Final to handle CVE-2019-20444,CVE-2019-16869 CVE-2019-16869 CVE-2019-20444
MLIST:[hadoop-common-issues] 20200219 [jira] [Updated] (HADOOP-16871) Upgrade Netty version to 4.1.45.Final to handle CVE-2019-20444, CVE-2019-16869 CVE-2019-20444
MLIST:[hadoop-common-issues] 20200219 [jira] [Updated] (HADOOP-16871) Upgrade Netty version to 4.1.45.Final to handle CVE-2019-20444,CVE-2019-16869 CVE-2019-16869 CVE-2019-20444
MLIST:[hadoop-common-issues] 20200224 [jira] [Commented] (HADOOP-16871) Upgrade Netty version to 4.1.45.Final to handle CVE-2019-20444,CVE-2019-16869 CVE-2019-16869 CVE-2019-20444
MLIST:[hadoop-common-issues] 20200225 [jira] [Commented] (HADOOP-16871) Upgrade Netty version to 4.1.45.Final to handle CVE-2019-20444,CVE-2019-16869 CVE-2019-16869 CVE-2019-20444
MLIST:[hadoop-common-issues] 20200309 [jira] [Commented] (HADOOP-16871) Upgrade Netty version to 4.1.45.Final to handle CVE-2019-20444,CVE-2019-16869 CVE-2019-16869 CVE-2019-20444
MLIST:[hadoop-common-issues] 20200309 [jira] [Updated] (HADOOP-16871) Upgrade Netty version to 4.1.45.Final to handle CVE-2019-20444,CVE-2019-16869 CVE-2019-16869 CVE-2019-20444
MLIST:[hadoop-common-issues] 20200310 [jira] [Commented] (HADOOP-16871) Upgrade Netty version to 4.1.45.Final to handle CVE-2019-20444,CVE-2019-16869 CVE-2019-16869 CVE-2019-20444
MLIST:[hadoop-common-issues] 20200824 [jira] [Assigned] (HADOOP-17221) Upgrade log4j-1.2.17 to atlassian ( To Adress: CVE-2019-17571) CVE-2019-17571
MLIST:[hadoop-common-issues] 20200824 [jira] [Comment Edited] (HADOOP-17221) update log4j-1.2.17 to atlassian version( To Address: CVE-2019-17571) CVE-2019-17571
MLIST:[hadoop-common-issues] 20200824 [jira] [Comment Edited] (HADOOP-17221) update log4j-1.2.17 to atlassian version( To Adress: CVE-2019-17571) CVE-2019-17571
MLIST:[hadoop-common-issues] 20200824 [jira] [Commented] (HADOOP-17220) Upgrade slf4j to 1.7.30 ( To Adress: CVE-2018-8088) CVE-2018-8088
MLIST:[hadoop-common-issues] 20200824 [jira] [Commented] (HADOOP-17221) Upgrade log4j-1.2.17 to atlassian ( To Adress: CVE-2019-17571) CVE-2019-17571
MLIST:[hadoop-common-issues] 20200824 [jira] [Commented] (HADOOP-17221) update log4j-1.2.17 to atlassian version( To Address: CVE-2019-17571) CVE-2019-17571
MLIST:[hadoop-common-issues] 20200824 [jira] [Created] (HADOOP-17220) Upgrade slf4j to 1.7.30 ( To Adress: CVE-2018-8088) CVE-2018-8088
MLIST:[hadoop-common-issues] 20200824 [jira] [Created] (HADOOP-17221) Upgrade log4j-1.2.17 to atlassian ( To Adress: CVE-2019-17571) CVE-2019-17571
MLIST:[hadoop-common-issues] 20200824 [jira] [Updated] (HADOOP-17220) Upgrade slf4j to 1.7.30 ( To Address: CVE-2018-8088) CVE-2018-8088
MLIST:[hadoop-common-issues] 20200824 [jira] [Updated] (HADOOP-17220) Upgrade slf4j to 1.7.30 ( To Adress: CVE-2018-8088) CVE-2018-8088
MLIST:[hadoop-common-issues] 20200824 [jira] [Updated] (HADOOP-17221) update log4j-1.2.17 to atlassian version( To Address: CVE-2019-17571) CVE-2019-17571
MLIST:[hadoop-common-issues] 20200824 [jira] [Updated] (HADOOP-17221) update log4j-1.2.17 to atlassian version( To Adress: CVE-2019-17571) CVE-2019-17571
MLIST:[hadoop-common-issues] 20200830 [jira] [Created] (HADOOP-17236) Bump up snakeyaml to 1.26 to mitigate CVE-2017-18640 CVE-2017-18640
MLIST:[hadoop-common-issues] 20200830 [jira] [Updated] (HADOOP-17236) Bump up snakeyaml to 1.26 to mitigate CVE-2017-18640 CVE-2017-18640
MLIST:[hadoop-common-issues] 20200831 [jira] [Commented] (HADOOP-17236) Bump up snakeyaml to 1.26 to mitigate CVE-2017-18640 CVE-2017-18640
MLIST:[hadoop-common-issues] 20200909 [jira] [Commented] (HADOOP-17236) Bump up snakeyaml to 1.26 to mitigate CVE-2017-18640 CVE-2017-18640
MLIST:[hadoop-common-issues] 20201026 [jira] [Commented] (HADOOP-17236) Bump up snakeyaml to 1.26 to mitigate CVE-2017-18640 CVE-2017-18640
MLIST:[hadoop-common-issues] 20201027 [jira] [Commented] (HADOOP-17236) Bump up snakeyaml to 1.26 to mitigate CVE-2017-18640 CVE-2017-18640
MLIST:[hadoop-common-issues] 20201028 [jira] [Commented] (HADOOP-17236) Bump up snakeyaml to 1.26 to mitigate CVE-2017-18640 CVE-2017-18640
MLIST:[hadoop-common-issues] 20201028 [jira] [Updated] (HADOOP-17236) Bump up snakeyaml to 1.26 to mitigate CVE-2017-18640 CVE-2017-18640
MLIST:[hadoop-common-issues] 20210816 [GitHub] [hadoop] iwasakims opened a new pull request #3308: HADOOP-17850. Upgrade ZooKeeper to 3.4.14 in branch-3.2. CVE-2019-0201
MLIST:[hadoop-common-issues] 20210902 [jira] [Updated] (HADOOP-17860) Upgrade third party protobuf-java-2.5.0.jar to address vulnerabilities #CVE-2015-5237, CVE-2019-15544 CVE-2019-15544
MLIST:[hadoop-common-issues] 20210916 [jira] [Created] (HADOOP-17917) Backport HADOOP-15993 to branch-3.2 which Address CVE-2014-4611 CVE-2014-4611
MLIST:[hadoop-common-issues] 20210916 [jira] [Updated] (HADOOP-17917) Backport HADOOP-15993 to branch-3.2 which Address CVE-2014-4611 CVE-2014-4611
MLIST:[hadoop-common-issues] 20210920 [jira] [Commented] (HADOOP-17917) Backport HADOOP-15993 to branch-3.2 which Address CVE-2014-4611 CVE-2014-4611
MLIST:[hadoop-common-issues] 20210920 [jira] [Updated] (HADOOP-17917) Backport HADOOP-15993 to branch-3.2 which Address CVE-2014-4611 CVE-2014-4611
MLIST:[hadoop-common-issues] 20210921 [jira] [Comment Edited] (HADOOP-17917) Backport HADOOP-15993 to branch-3.2 which Address CVE-2014-4611 CVE-2014-4611
MLIST:[hadoop-common-issues] 20210921 [jira] [Commented] (HADOOP-17917) Backport HADOOP-15993 to branch-3.2 which Address CVE-2014-4611 CVE-2014-4611
MLIST:[hadoop-common-issues] 20210921 [jira] [Updated] (HADOOP-17917) Backport HADOOP-15993 to branch-3.2 which Address CVE-2014-4611 CVE-2014-4611
MLIST:[hadoop-common-issues] 20210924 [jira] [Commented] (HADOOP-17917) Backport HADOOP-15993 to branch-3.2 which address CVE-2014-4611 CVE-2014-4611
MLIST:[hadoop-common-issues] 20210924 [jira] [Updated] (HADOOP-17917) Backport HADOOP-15993 to branch-3.2 which address CVE-2014-4611 CVE-2014-4611
MLIST:[hadoop-common-issues] 20210928 [jira] [Commented] (HADOOP-17917) Backport HADOOP-15993 to branch-3.2 which address CVE-2014-4611 CVE-2014-4611
MLIST:[hadoop-common-issues] 20211006 [jira] [Commented] (HADOOP-17221) update log4j-1.2.17 to atlassian version( To Address: CVE-2019-17571) CVE-2019-17571
MLIST:[hadoop-common-issues] 20211006 [jira] [Commented] (HADOOP-17236) Bump up snakeyaml to 1.26 to mitigate CVE-2017-18640 CVE-2017-18640
MLIST:[hadoop-common-issues] 20211008 [jira] [Commented] (HADOOP-17236) Bump up snakeyaml to 1.26 to mitigate CVE-2017-18640 CVE-2017-18640
MLIST:[hadoop-common-issues] 20211008 [jira] [Updated] (HADOOP-17236) Bump up snakeyaml to 1.26 to mitigate CVE-2017-18640 CVE-2017-18640
MLIST:[hadoop-general] 20121012 [ANNOUNCE] Hadoop-1.0.4 release, with Security fix CVE-2012-4449
MLIST:[hadoop-general] 20141121 [ANNOUNCE] Apache Hadoop 2.5.2 released CVE-2014-3627
MLIST:[hadoop-general] 20160215 CVE-2015-1776: Apache Hadoop MapReduce, disclosure of encrypted data CVE-2015-1776
MLIST:[hadoop-general] 20170110 [SECURITY] CVE-2016-3086: Apache Hadoop YARN NodeManager vulnerability CVE-2016-3086
MLIST:[hadoop-general] 20190311 CVE-2018-11767: Apache Hadoop KMS ACL regression CVE-2018-11767
MLIST:[hadoop-general] 20191004 Re:CVE-2018-11768: HDFS FSImage Corruption CVE-2018-11768
MLIST:[hadoop-hdfs-dev] 20190401 Update guava to 27.0-jre in hadoop-project CVE-2018-10237
MLIST:[hadoop-hdfs-dev] 20191004 Re: CVE-2018-11768: HDFS FSImage Corruption CVE-2018-11768
MLIST:[hadoop-hdfs-dev] 20191004 Re:CVE-2018-11768: HDFS FSImage Corruption CVE-2018-11768
MLIST:[hadoop-hdfs-dev] 20191006 Re: CVE-2018-11768: HDFS FSImage Corruption CVE-2018-11768
MLIST:[hadoop-ozone-commits] 20201008 [hadoop-ozone] branch master updated: HDDS-4316. Upgrade to angular 1.8.0 due to CVE-2020-7676 (#1481) CVE-2020-7676
MLIST:[hadoop-ozone-issues] 20201006 [GitHub] [hadoop-ozone] dineshchitlangia commented on a change in pull request #1481: HDDS-4316. Upgrade to angular 1.8.0 due to CVE-2020-7676 CVE-2020-7676
MLIST:[hadoop-ozone-issues] 20201006 [GitHub] [hadoop-ozone] vivekratnavel opened a new pull request #1481: HDDS-4316. Upgrade to angular 1.8.0 due to CVE-2020-7676 CVE-2020-7676
MLIST:[hadoop-ozone-issues] 20201006 [jira] [Created] (HDDS-4316) Upgrade to angular 1.8.0 due to CVE-2020-7676 CVE-2020-7676
MLIST:[hadoop-ozone-issues] 20201006 [jira] [Updated] (HDDS-4316) Upgrade to angular 1.8.0 due to CVE-2020-7676 CVE-2020-7676
MLIST:[hadoop-ozone-issues] 20201007 [GitHub] [hadoop-ozone] vivekratnavel commented on pull request #1481: HDDS-4316. Upgrade to angular 1.8.0 due to CVE-2020-7676 CVE-2020-7676
MLIST:[hadoop-ozone-issues] 20201008 [GitHub] [hadoop-ozone] adoroszlai merged pull request #1481: HDDS-4316. Upgrade to angular 1.8.0 due to CVE-2020-7676 CVE-2020-7676
MLIST:[hadoop-ozone-issues] 20201008 [jira] [Updated] (HDDS-4316) Upgrade to angular 1.8.0 due to CVE-2020-7676 CVE-2020-7676
MLIST:[hadoop-ozone-issues] 20201009 [GitHub] [hadoop-ozone] adoroszlai merged pull request #1481: HDDS-4316. Upgrade to angular 1.8.0 due to CVE-2020-7676 CVE-2020-7676
MLIST:[hadoop-user] 20170602 CVE-2017-7669: Apache Hadoop privilege escalation CVE-2017-7669
MLIST:[hadoop-user] 20181122 CVE-2018-8009: Apache Hadoop distributed cache archive vulnerability CVE-2018-8009
MLIST:[hadoop-user] 20200604 Re: CVE-2017-3161 & CVE-2017-3162 | WhiteSource CVE-2017-3161 CVE-2017-3162
MLIST:[haproxy@formilux.org] 20190108 [ANNOUNCE] haproxy-1.8.17 CVE-2018-20615
MLIST:[haproxy] 20140805 segfault in http_skip_chunk_crlf after 16G of data has passed through haproxy CVE-2014-6269
MLIST:[haproxy] 20140902 [ANNOUNCE] haproxy-1.5.4 CVE-2014-6269
MLIST:[haproxy] 20180920 [ANNOUNCE] haproxy-1.8.14 - Security Update CVE-2018-14645
MLIST:[havp-devel] 20080715 Infinite loop which causes havp to block completely CVE-2008-3688
MLIST:[hbase-commits] 20190927 [hbase-connectors] 02/02: HBASE-23075 Upgrade jackson to version 2.9.10 due to CVE-2019-16335 and CVE-2019-14540 CVE-2019-14540 CVE-2019-16335
MLIST:[hbase-commits] 20210206 [hbase-thirdparty] branch master updated: HBASE-25552 Upgrade jetty jar to fix CVE-2020-27218 CVE-2020-27218
MLIST:[hbase-commits] 20210324 [hbase] branch branch-2.2 updated: HBASE-25568 Upgrade Thrift jar to fix CVE-2020-13949 (#3086) CVE-2020-13949
MLIST:[hbase-commits] 20210324 [hbase] branch branch-2.4 updated: HBASE-25568 Upgrade Thrift jar to fix CVE-2020-13949 (#3084) CVE-2020-13949
MLIST:[hbase-commits] 20210325 [hbase] branch branch-2.3 updated: HBASE-25568 Upgrade Thrift jar to fix CVE-2020-13949 (#3085) CVE-2020-13949
MLIST:[hbase-commits] 20210326 [hbase] branch branch-2 updated: HBASE-25568 Upgrade Thrift jar to fix CVE-2020-13949 (#3083) CVE-2020-13949
MLIST:[hbase-commits] 20210402 [hbase-thirdparty] branch master updated: HBASE-25728 [hbase-thirdparty] Upgrade Netty library to >= 4.1.60 due to security vulnerability CVE-2021-21295 (#48) CVE-2021-21295
MLIST:[hbase-commits] 20210408 [hbase-thirdparty] branch master updated: HBASE-25746 [hbase-thirdparty] Update jetty to >= 9.4.39 due to CVE-2021-28165 (#49) CVE-2021-28165
MLIST:[hbase-dev] 20190603 [jira] [Resolved] (HBASE-22499) Drop the support for several hadoop releases due to CVE-2018-8029 CVE-2018-8029
MLIST:[hbase-dev] 20210205 [jira] [Created] (HBASE-25552) [hbase-thirdparty] Update jetty version to fix CVE-2020-27218 CVE-2020-27218
MLIST:[hbase-dev] 20210206 [jira] [Resolved] (HBASE-25552) [hbase-thirdparty] Update jetty version to fix CVE-2020-27218 CVE-2020-27218
MLIST:[hbase-dev] 20210402 [jira] [Created] (HBASE-25728) [hbase-thirdparty] ZOOKEEPER-4272: Upgrade Netty library to > 4.1.60 due to security vulnerability CVE-2021-21295 CVE-2021-21295
MLIST:[hbase-dev] 20210407 [jira] [Created] (HBASE-25746) [hbase-thirdparty] Update jetty to >= 9.4.39 due to CVE-2021-28165 CVE-2021-28165
MLIST:[hbase-dev] 20210828 [jira] [Created] (HBASE-26234) Protobuf-java-2.5.0.jar Has Several Security Vulnerabilities,CVE-2015-5237,CVE-2019-15544 CVE-2019-15544
MLIST:[hbase-dev] 20210921 [jira] [Created] (HBASE-26292) Update jetty version to fix CVE-2021-34429 CVE-2021-34429
MLIST:[hbase-issues] 20190530 [jira] [Commented] (HBASE-22499) Drop the support for several hadoop releases due to CVE-2018-8029 CVE-2018-8029
MLIST:[hbase-issues] 20190603 [jira] [Resolved] (HBASE-22499) Drop the support for several hadoop releases due to CVE-2018-8029 CVE-2018-8029
MLIST:[hbase-issues] 20190925 [GitHub] [hbase] SteNicholas opened a new pull request #660: HBASE-23075 Upgrade jackson version CVE-2019-14540 CVE-2019-16335
MLIST:[hbase-issues] 20190926 [GitHub] [hbase-connectors] SteNicholas opened a new pull request #45: HBASE-23075 Upgrade jackson version CVE-2019-14540 CVE-2019-16335
MLIST:[hbase-issues] 20190926 [jira] [Commented] (HBASE-23075) Upgrade jackson to version 2.9.10 due to CVE-2019-16335 and CVE-2019-14540 CVE-2019-14540 CVE-2019-16335
MLIST:[hbase-issues] 20190926 [jira] [Updated] (HBASE-23075) Upgrade jackson to version 2.9.10 due to CVE-2019-16335 and CVE-2019-14540 CVE-2019-14540 CVE-2019-16335
MLIST:[hbase-issues] 20201116 [GitHub] [hbase] symat opened a new pull request #2661: HBASE-25261 Upgrade Bootstrap to 3.4.1 CVE-2018-14040 CVE-2018-14041 CVE-2018-14042 CVE-2019-8331
MLIST:[hbase-issues] 20210205 [GitHub] [hbase-thirdparty] Apache-HBase commented on pull request #46: HBASE-25552 Upgrade jetty jar to fix CVE-2020-27218 CVE-2020-27218
MLIST:[hbase-issues] 20210205 [GitHub] [hbase-thirdparty] busbey commented on a change in pull request #46: HBASE-25552 Upgrade jetty jar to fix CVE-2020-27218 CVE-2020-27218
MLIST:[hbase-issues] 20210205 [GitHub] [hbase-thirdparty] busbey commented on pull request #46: HBASE-25552 Upgrade jetty jar to fix CVE-2020-27218 CVE-2020-27218
MLIST:[hbase-issues] 20210205 [GitHub] [hbase-thirdparty] jojochuang commented on a change in pull request #46: HBASE-25552 Upgrade jetty jar to fix CVE-2020-27218 CVE-2020-27218
MLIST:[hbase-issues] 20210205 [GitHub] [hbase-thirdparty] pankaj72981 opened a new pull request #46: HBASE-25552 Upgrade jetty jar to fix CVE-2020-27218 CVE-2020-27218
MLIST:[hbase-issues] 20210205 [jira] [Created] (HBASE-25552) [hbase-thirdparty] Update jetty version to fix CVE-2020-27218 CVE-2020-27218
MLIST:[hbase-issues] 20210205 [jira] [Updated] (HBASE-25552) [hbase-thirdparty] Update jetty version to fix CVE-2020-27218 CVE-2020-27218
MLIST:[hbase-issues] 20210205 [jira] [Work started] (HBASE-25552) [hbase-thirdparty] Update jetty version to fix CVE-2020-27218 CVE-2020-27218
MLIST:[hbase-issues] 20210206 [GitHub] [hbase-thirdparty] Apache-HBase commented on pull request #46: HBASE-25552 Upgrade jetty jar to fix CVE-2020-27218 CVE-2020-27218
MLIST:[hbase-issues] 20210206 [GitHub] [hbase-thirdparty] busbey closed pull request #46: HBASE-25552 Upgrade jetty jar to fix CVE-2020-27218 CVE-2020-27218
MLIST:[hbase-issues] 20210206 [jira] [Resolved] (HBASE-25552) [hbase-thirdparty] Update jetty version to fix CVE-2020-27218 CVE-2020-27218
MLIST:[hbase-issues] 20210215 [GitHub] [hbase] Apache-HBase commented on pull request #2958: HBASE-25568 Upgrade Thrift jar to fix CVE-2020-13949 CVE-2020-13949
MLIST:[hbase-issues] 20210215 [GitHub] [hbase] apurtell commented on pull request #2958: HBASE-25568 Upgrade Thrift jar to fix CVE-2020-13949 CVE-2020-13949
MLIST:[hbase-issues] 20210215 [GitHub] [hbase] apurtell edited a comment on pull request #2958: HBASE-25568 Upgrade Thrift jar to fix CVE-2020-13949 CVE-2020-13949
MLIST:[hbase-issues] 20210215 [GitHub] [hbase] pankaj72981 commented on pull request #2958: HBASE-25568 Upgrade Thrift jar to fix CVE-2020-13949 CVE-2020-13949
MLIST:[hbase-issues] 20210215 [GitHub] [hbase] pankaj72981 edited a comment on pull request #2958: HBASE-25568 Upgrade Thrift jar to fix CVE-2020-13949 CVE-2020-13949
MLIST:[hbase-issues] 20210215 [GitHub] [hbase] pankaj72981 opened a new pull request #2958: HBASE-25568 Upgrade Thrift jar to fix CVE-2020-13949 CVE-2020-13949
MLIST:[hbase-issues] 20210215 [jira] [Commented] (HBASE-25568) Upgrade Thrift jar to fix CVE-2020-13949 CVE-2020-13949
MLIST:[hbase-issues] 20210215 [jira] [Work started] (HBASE-25568) Upgrade Thrift jar to fix CVE-2020-13949 CVE-2020-13949
MLIST:[hbase-issues] 20210216 [jira] [Commented] (HBASE-25568) Upgrade Thrift jar to fix CVE-2020-13949 CVE-2020-13949
MLIST:[hbase-issues] 20210301 [GitHub] [hbase] Apache-HBase commented on pull request #2958: HBASE-25568 Upgrade Thrift jar to fix CVE-2020-13949 CVE-2020-13949
MLIST:[hbase-issues] 20210302 [GitHub] [hbase] Apache-HBase commented on pull request #2958: HBASE-25568 Upgrade Thrift jar to fix CVE-2020-13949 CVE-2020-13949
MLIST:[hbase-issues] 20210302 [GitHub] [hbase] Apache9 commented on a change in pull request #2958: HBASE-25568 Upgrade Thrift jar to fix CVE-2020-13949 CVE-2020-13949
MLIST:[hbase-issues] 20210302 [GitHub] [hbase] pankaj72981 commented on a change in pull request #2958: HBASE-25568 Upgrade Thrift jar to fix CVE-2020-13949 CVE-2020-13949
MLIST:[hbase-issues] 20210302 [jira] [Commented] (HBASE-25568) Upgrade Thrift jar to fix CVE-2020-13949 CVE-2020-13949
MLIST:[hbase-issues] 20210302 [jira] [Updated] (HBASE-25568) Upgrade Thrift jar to fix CVE-2020-13949 CVE-2020-13949
MLIST:[hbase-issues] 20210303 [GitHub] [hbase] Apache-HBase commented on pull request #2958: HBASE-25568 Upgrade Thrift jar to fix CVE-2020-13949 CVE-2020-13949
MLIST:[hbase-issues] 20210308 [jira] [Commented] (HBASE-25568) Upgrade Thrift jar to fix CVE-2020-13949 CVE-2020-13949
MLIST:[hbase-issues] 20210309 [GitHub] [hbase] pankaj72981 commented on pull request #2958: HBASE-25568 Upgrade Thrift jar to fix CVE-2020-13949 CVE-2020-13949
MLIST:[hbase-issues] 20210310 [GitHub] [hbase] Apache-HBase commented on pull request #2958: HBASE-25568 Upgrade Thrift jar to fix CVE-2020-13949 CVE-2020-13949
MLIST:[hbase-issues] 20210310 [jira] [Commented] (HBASE-25568) Upgrade Thrift jar to fix CVE-2020-13949 CVE-2020-13949
MLIST:[hbase-issues] 20210311 [GitHub] [hbase] Apache-HBase commented on pull request #2958: HBASE-25568 Upgrade Thrift jar to fix CVE-2020-13949 CVE-2020-13949
MLIST:[hbase-issues] 20210311 [GitHub] [hbase] Apache-HBase commented on pull request #3043: HBASE-25568 Upgrade Thrift jar to fix CVE-2020-13949 CVE-2020-13949
MLIST:[hbase-issues] 20210311 [GitHub] [hbase] pankaj72981 closed pull request #2958: HBASE-25568 Upgrade Thrift jar to fix CVE-2020-13949 CVE-2020-13949
MLIST:[hbase-issues] 20210311 [GitHub] [hbase] pankaj72981 commented on pull request #2958: HBASE-25568 Upgrade Thrift jar to fix CVE-2020-13949 CVE-2020-13949
MLIST:[hbase-issues] 20210311 [GitHub] [hbase] pankaj72981 opened a new pull request #3043: HBASE-25568 Upgrade Thrift jar to fix CVE-2020-13949 CVE-2020-13949
MLIST:[hbase-issues] 20210312 [GitHub] [hbase] Apache-HBase commented on pull request #3043: HBASE-25568 Upgrade Thrift jar to fix CVE-2020-13949 CVE-2020-13949
MLIST:[hbase-issues] 20210312 [GitHub] [hbase] pankaj72981 commented on pull request #3043: HBASE-25568 Upgrade Thrift jar to fix CVE-2020-13949 CVE-2020-13949
MLIST:[hbase-issues] 20210315 [GitHub] [hbase] Apache-HBase commented on pull request #3043: HBASE-25568 Upgrade Thrift jar to fix CVE-2020-13949 CVE-2020-13949
MLIST:[hbase-issues] 20210315 [GitHub] [hbase] saintstack commented on pull request #3043: HBASE-25568 Upgrade Thrift jar to fix CVE-2020-13949 CVE-2020-13949
MLIST:[hbase-issues] 20210316 [GitHub] [hbase] pankaj72981 commented on pull request #3043: HBASE-25568 Upgrade Thrift jar to fix CVE-2020-13949 CVE-2020-13949
MLIST:[hbase-issues] 20210316 [GitHub] [hbase] pankaj72981 merged pull request #3043: HBASE-25568 Upgrade Thrift jar to fix CVE-2020-13949 CVE-2020-13949
MLIST:[hbase-issues] 20210316 [jira] [Commented] (HBASE-25568) Upgrade Thrift jar to fix CVE-2020-13949 CVE-2020-13949
MLIST:[hbase-issues] 20210317 [jira] [Commented] (HBASE-25568) Upgrade Thrift jar to fix CVE-2020-13949 CVE-2020-13949
MLIST:[hbase-issues] 20210318 [jira] [Commented] (HBASE-25568) Upgrade Thrift jar to fix CVE-2020-13949 CVE-2020-13949
MLIST:[hbase-issues] 20210319 [jira] [Comment Edited] (HBASE-25568) Upgrade Thrift jar to fix CVE-2020-13949 CVE-2020-13949
MLIST:[hbase-issues] 20210319 [jira] [Commented] (HBASE-25568) Upgrade Thrift jar to fix CVE-2020-13949 CVE-2020-13949
MLIST:[hbase-issues] 20210320 RE: [jira] [Work started] (HBASE-25568) Upgrade Thrift jar to fix CVE-2020-13949 CVE-2020-13949
MLIST:[hbase-issues] 20210324 [GitHub] [hbase] Apache-HBase commented on pull request #3083: HBASE-25568 Upgrade Thrift jar to fix CVE-2020-13949 (branch-2) CVE-2020-13949
MLIST:[hbase-issues] 20210324 [GitHub] [hbase] Apache-HBase commented on pull request #3084: HBASE-25568 Upgrade Thrift jar to fix CVE-2020-13949 (branch-2.4) CVE-2020-13949
MLIST:[hbase-issues] 20210324 [GitHub] [hbase] Apache-HBase commented on pull request #3085: HBASE-25568 Upgrade Thrift jar to fix CVE-2020-13949 (branch-2.3) CVE-2020-13949
MLIST:[hbase-issues] 20210324 [GitHub] [hbase] Apache-HBase commented on pull request #3086: HBASE-25568 Upgrade Thrift jar to fix CVE-2020-13949 (branch-2.2) CVE-2020-13949
MLIST:[hbase-issues] 20210324 [GitHub] [hbase] pankaj72981 merged pull request #3084: HBASE-25568 Upgrade Thrift jar to fix CVE-2020-13949 (branch-2.4) CVE-2020-13949
MLIST:[hbase-issues] 20210324 [GitHub] [hbase] pankaj72981 merged pull request #3086: HBASE-25568 Upgrade Thrift jar to fix CVE-2020-13949 (branch-2.2) CVE-2020-13949
MLIST:[hbase-issues] 20210324 [GitHub] [hbase] pankaj72981 opened a new pull request #3083: HBASE-25568 Upgrade Thrift jar to fix CVE-2020-13949 CVE-2020-13949
MLIST:[hbase-issues] 20210324 [GitHub] [hbase] pankaj72981 opened a new pull request #3084: HBASE-25568 Upgrade Thrift jar to fix CVE-2020-13949 (branch-2.4) CVE-2020-13949
MLIST:[hbase-issues] 20210324 [GitHub] [hbase] pankaj72981 opened a new pull request #3085: HBASE-25568 Upgrade Thrift jar to fix CVE-2020-13949 (branch-2.3) CVE-2020-13949
MLIST:[hbase-issues] 20210324 [GitHub] [hbase] pankaj72981 opened a new pull request #3086: HBASE-25568 Upgrade Thrift jar to fix CVE-2020-13949 (branch-2.2) CVE-2020-13949
MLIST:[hbase-issues] 20210324 [jira] [Commented] (HBASE-25568) Upgrade Thrift jar to fix CVE-2020-13949 CVE-2020-13949
MLIST:[hbase-issues] 20210325 [GitHub] [hbase] Apache-HBase commented on pull request #3083: HBASE-25568 Upgrade Thrift jar to fix CVE-2020-13949 (branch-2) CVE-2020-13949
MLIST:[hbase-issues] 20210325 [GitHub] [hbase] pankaj72981 commented on pull request #3085: HBASE-25568 Upgrade Thrift jar to fix CVE-2020-13949 (branch-2.3) CVE-2020-13949
MLIST:[hbase-issues] 20210325 [GitHub] [hbase] pankaj72981 merged pull request #3085: HBASE-25568 Upgrade Thrift jar to fix CVE-2020-13949 (branch-2.3) CVE-2020-13949
MLIST:[hbase-issues] 20210325 [jira] [Commented] (HBASE-25568) Upgrade Thrift jar to fix CVE-2020-13949 CVE-2020-13949
MLIST:[hbase-issues] 20210325 [jira] [Updated] (HBASE-25568) Upgrade Thrift jar to fix CVE-2020-13949 CVE-2020-13949
MLIST:[hbase-issues] 20210326 [GitHub] [hbase] pankaj72981 commented on pull request #3083: HBASE-25568 Upgrade Thrift jar to fix CVE-2020-13949 (branch-2) CVE-2020-13949
MLIST:[hbase-issues] 20210326 [GitHub] [hbase] pankaj72981 merged pull request #3083: HBASE-25568 Upgrade Thrift jar to fix CVE-2020-13949 (branch-2) CVE-2020-13949
MLIST:[hbase-issues] 20210326 [jira] [Commented] (HBASE-25568) Upgrade Thrift jar to fix CVE-2020-13949 CVE-2020-13949
MLIST:[hbase-issues] 20210326 [jira] [Updated] (HBASE-25568) Upgrade Thrift jar to fix CVE-2020-13949 CVE-2020-13949
MLIST:[hbase-issues] 20210402 [GitHub] [hbase-thirdparty] Apache-HBase commented on pull request #48: HBASE-25728 [hbase-thirdparty] Upgrade Netty library to >= 4.1.60 due to security vulnerability CVE-2021-21295 CVE-2021-21295
MLIST:[hbase-issues] 20210402 [GitHub] [hbase-thirdparty] HorizonNet commented on pull request #48: HBASE-25728 [hbase-thirdparty] Upgrade Netty library to >= 4.1.60 due to security vulnerability CVE-2021-21295 CVE-2021-21295
MLIST:[hbase-issues] 20210402 [GitHub] [hbase-thirdparty] apurtell commented on pull request #48: HBASE-25728 [hbase-thirdparty] Upgrade Netty library to >= 4.1.60 due to security vulnerability CVE-2021-21295 CVE-2021-21295
MLIST:[hbase-issues] 20210402 [GitHub] [hbase-thirdparty] apurtell merged pull request #48: HBASE-25728 [hbase-thirdparty] Upgrade Netty library to >= 4.1.60 due to security vulnerability CVE-2021-21295 CVE-2021-21295
MLIST:[hbase-issues] 20210402 [GitHub] [hbase-thirdparty] apurtell opened a new pull request #48: HBASE-25728 [hbase-thirdparty] Upgrade Netty library to >= 4.1.60 due to security vulnerability CVE-2021-21295 CVE-2021-21295
MLIST:[hbase-issues] 20210402 [jira] [Assigned] (HBASE-25728) [hbase-thirdparty] Upgrade Netty library to >= 4.1.60 due to security vulnerability CVE-2021-21295 CVE-2021-21295
MLIST:[hbase-issues] 20210402 [jira] [Created] (HBASE-25728) [hbase-thirdparty] ZOOKEEPER-4272: Upgrade Netty library to > 4.1.60 due to security vulnerability CVE-2021-21295 CVE-2021-21295
MLIST:[hbase-issues] 20210402 [jira] [Updated] (HBASE-25728) [hbase-thirdparty] Upgrade Netty library to > 4.1.60 due to security vulnerability CVE-2021-21295 CVE-2021-21295
MLIST:[hbase-issues] 20210402 [jira] [Updated] (HBASE-25728) [hbase-thirdparty] Upgrade Netty library to >= 4.1.60 due to security vulnerability CVE-2021-21295 CVE-2021-21295
MLIST:[hbase-issues] 20210407 [GitHub] [hbase-thirdparty] Apache-HBase commented on pull request #49: HBASE-25746 [hbase-thirdparty] Update jetty to >= 9.4.39 due to CVE-2021-28165 CVE-2021-28165
MLIST:[hbase-issues] 20210407 [GitHub] [hbase-thirdparty] apurtell opened a new pull request #49: HBASE-25746 [hbase-thirdparty] Update jetty to >= 9.4.39 due to CVE-2021-28165 CVE-2021-28165
MLIST:[hbase-issues] 20210407 [jira] [Created] (HBASE-25746) [hbase-thirdparty] Update jetty to >= 9.4.39 due to CVE-2021-28165 CVE-2021-28165
MLIST:[hbase-issues] 20210407 [jira] [Updated] (HBASE-25746) [hbase-thirdparty] Update jetty to >= 9.4.39 due to CVE-2021-28165 CVE-2021-28165
MLIST:[hbase-issues] 20210408 [GitHub] [hbase-thirdparty] apurtell merged pull request #49: HBASE-25746 [hbase-thirdparty] Update jetty to >= 9.4.39 due to CVE-2021-28165 CVE-2021-28165
MLIST:[hbase-issues] 20210408 [jira] [Updated] (HBASE-25746) [hbase-thirdparty] Update jetty to >= 9.4.39 due to CVE-2021-28165 CVE-2021-28165
MLIST:[hbase-issues] 20210415 [jira] [Commented] (HBASE-25568) Upgrade Thrift jar to fix CVE-2020-13949 CVE-2020-13949
MLIST:[hbase-issues] 20210828 [jira] [Commented] (HBASE-26234) Protobuf-java-2.5.0.jar Has Several Security Vulnerabilities,CVE-2015-5237,CVE-2019-15544 CVE-2019-15544
MLIST:[hbase-issues] 20210828 [jira] [Created] (HBASE-26234) Protobuf-java-2.5.0.jar Has Several Security Vulnerabilities,CVE-2015-5237,CVE-2019-15544 CVE-2019-15544
MLIST:[hbase-issues] 20210921 [jira] [Commented] (HBASE-26292) Update jetty version to fix CVE-2021-34429 CVE-2021-34429
MLIST:[hbase-issues] 20210921 [jira] [Created] (HBASE-26292) Update jetty version to fix CVE-2021-34429 CVE-2021-34429
MLIST:[heimdal-discuss] 20060206 Heimdal 0.7.2 and 0.6.6 CVE-2006-0582 CVE-2006-0677
MLIST:[helix-client-dev] 20090828 CR: 249097 - Security fix - urgent CR requested CVE-2009-4247
MLIST:[help-gnutls] 20090420 Encryption using DSA keys CVE-2009-1416
MLIST:[help-libidn] 20150709 out of bounds stack read in function idna_to_ascii_4i CVE-2016-6261
MLIST:[help-libidn] 20160720 Libidn 1.33 released CVE-2015-8948 CVE-2016-6261 CVE-2016-6262 CVE-2016-6263
MLIST:[help-libtasn1] 20120319 GNU Libtasn1 2.12 released CVE-2012-1569
MLIST:[help-libtasn1] 20120319 minimal fix to security issue CVE-2012-1569
MLIST:[help-libtasn1] 20140525 GNU Libtasn1 3.6 released CVE-2014-3467 CVE-2014-3468 CVE-2014-3469
MLIST:[help-libtasn1] 20150429 GNU Libtasn1 4.5 released CVE-2015-3622
MLIST:[help-libtasn1] 20160411 GNU Libtasn1 4.8 released CVE-2016-4008
MLIST:[heron-dev] 20190306 [CVE-2018-11789] Apache Incubator Heron file access vulnerability CVE-2018-11789
MLIST:[hive-commits] 20200915 [hive] branch master updated: HIVE-24039 : Update jquery version to mitigate CVE-2020-11023 (#1403) CVE-2020-11023
MLIST:[hive-dev] 20200116 [jira] [Created] (HIVE-22738) CVE-2019-0205 CVE-2019-0205
MLIST:[hive-dev] 20200530 [jira] [Created] (HIVE-23583) Fix CVE-2020-1945: Apache Ant insecure temporary file vulnerability by updating to latest ANT CVE-2020-1945
MLIST:[hive-dev] 20200813 [jira] [Created] (HIVE-24039) update jquery version to mitigate CVE-2020-11023 CVE-2020-11023
MLIST:[hive-dev] 20201022 [jira] [Created] (HIVE-24303) Upgrade spring framework to 4.3.29.RELEASE+ due to CVE-2020-5421 CVE-2020-5421
MLIST:[hive-dev] 20201207 [jira] [Created] (HIVE-24500) Hive - upgrade log4j 2.12.1 to 2.13.2+ due to CVE-2020-9488 CVE-2020-9488
MLIST:[hive-dev] 20210216 [jira] [Created] (HIVE-24787) Hive - upgrade log4j 2.12.1 to 2.13.2+ due to CVE-2020-9488 CVE-2020-9488
MLIST:[hive-dev] 20210223 [jira] [Created] (HIVE-24816) Upgrade jackson to 2.10.5.1 or 2.11.0+ due to CVE-2020-25649 CVE-2020-25649
MLIST:[hive-dev] 20210301 [jira] [Created] (HIVE-24837) Upgrade httpclient to 4.5.13+ due to CVE-2020-13956 CVE-2020-13956
MLIST:[hive-dev] 20210316 [jira] [Created] (HIVE-24890) Upgrade to cron-utils 9.1.3 due to CVE-2020-26238 CVE-2020-26238
MLIST:[hive-dev] 20210423 [jira] [Created] (HIVE-25054) Upgrade jodd-core due to CVE-2018-21234 CVE-2018-21234
MLIST:[hive-dev] 20210510 [jira] [Created] (HIVE-25098) [CVE-2020-13949] Upgrade thrift from 0.13.0 to 0.14.0 due CVE-2020-13949
MLIST:[hive-dev] 20211007 [jira] [Created] (HIVE-25597) Bump Apache Derby 10.14.1.0 to 10.14.2.0 CVE-2018-1313 CVE-2018-1313
MLIST:[hive-gitbox] 20200813 [GitHub] [hive] rajkrrsingh opened a new pull request #1403: Hive 24039 : Update jquery version to mitigate CVE-2020-11023 CVE-2020-11023
MLIST:[hive-gitbox] 20200911 [GitHub] [hive] rajkrrsingh closed pull request #1403: Hive 24039 : Update jquery version to mitigate CVE-2020-11023 CVE-2020-11023
MLIST:[hive-gitbox] 20200911 [GitHub] [hive] rajkrrsingh opened a new pull request #1403: Hive 24039 : Update jquery version to mitigate CVE-2020-11023 CVE-2020-11023
MLIST:[hive-gitbox] 20200912 [GitHub] [hive] rajkrrsingh closed pull request #1403: Hive 24039 : Update jquery version to mitigate CVE-2020-11023 CVE-2020-11023
MLIST:[hive-gitbox] 20200912 [GitHub] [hive] rajkrrsingh opened a new pull request #1403: Hive 24039 : Update jquery version to mitigate CVE-2020-11023 CVE-2020-11023
MLIST:[hive-gitbox] 20200915 [GitHub] [hive] kgyrtkirk merged pull request #1403: HIVE-24039 : Update jquery version to mitigate CVE-2020-11023 CVE-2020-11023
MLIST:[hive-gitbox] 20210301 [GitHub] [hive] hsnusonic opened a new pull request #2032: HIVE-24837 Upgrade httpclient to 4.5.13+ due to CVE-2020-13956 CVE-2020-13956
MLIST:[hive-gitbox] 20210302 [GitHub] [hive] hsnusonic closed pull request #2032: HIVE-24837 Upgrade httpclient to 4.5.13+ due to CVE-2020-13956 CVE-2020-13956
MLIST:[hive-gitbox] 20210316 [GitHub] [hive] achennagiri opened a new pull request #2081: HIVE-24890: Upgrade the cron-utils library from 8.1.1 to 9.1.3 due to CVE-2020-26238 CVE-2020-26238
MLIST:[hive-gitbox] 20210317 [GitHub] [hive] yongzhi merged pull request #2081: HIVE-24890: Upgrade the cron-utils library from 8.1.1 to 9.1.3 due to CVE-2020-26238 CVE-2020-26238
MLIST:[hive-gitbox] 20210423 [GitHub] [hive] achennagiri opened a new pull request #2217: HIVE:25054 Upgrade `jodd-core` dependency to get rid of CVE-2018-21234 CVE-2018-21234
MLIST:[hive-gitbox] 20210520 [GitHub] [hive] achennagiri commented on a change in pull request #2217: HIVE:25054 Upgrade `jodd-core` dependency to get rid of CVE-2018-21234 CVE-2018-21234
MLIST:[hive-gitbox] 20210521 [GitHub] [hive] jcamachor merged pull request #2217: HIVE:25054 Upgrade `jodd-core` dependency to get rid of CVE-2018-21234 CVE-2018-21234
MLIST:[hive-issues] 20200116 [jira] [Updated] (HIVE-22738) CVE-2019-0205 CVE-2019-0205
MLIST:[hive-issues] 20200530 [jira] [Assigned] (HIVE-23583) Fix CVE-2020-1945: Apache Ant insecure temporary file vulnerability by updating to latest ANT CVE-2020-1945
MLIST:[hive-issues] 20200530 [jira] [Commented] (HIVE-23583) Fix CVE-2020-1945: Apache Ant insecure temporary file vulnerability by updating to latest ANT CVE-2020-1945
MLIST:[hive-issues] 20200530 [jira] [Updated] (HIVE-23583) Fix CVE-2020-1945: Apache Ant insecure temporary file vulnerability by updating to latest ANT CVE-2020-1945
MLIST:[hive-issues] 20200621 [jira] [Commented] (HIVE-23583) Fix CVE-2020-1945: Apache Ant insecure temporary file vulnerability by updating to latest ANT CVE-2020-1945
MLIST:[hive-issues] 20200804 [jira] [Commented] (HIVE-23583) Fix CVE-2020-1945: Apache Ant insecure temporary file vulnerability by updating to latest ANT CVE-2020-1945
MLIST:[hive-issues] 20200813 [jira] [Assigned] (HIVE-24039) update jquery version to mitigate CVE-2020-11023 CVE-2020-11023
MLIST:[hive-issues] 20200813 [jira] [Updated] (HIVE-24039) Update jquery version to mitigate CVE-2020-11023 CVE-2020-11023
MLIST:[hive-issues] 20200902 [jira] [Assigned] (HIVE-24039) Update jquery version to mitigate CVE-2020-11023 CVE-2020-11023
MLIST:[hive-issues] 20200902 [jira] [Comment Edited] (HIVE-24039) Update jquery version to mitigate CVE-2020-11023 CVE-2020-11023
MLIST:[hive-issues] 20200902 [jira] [Commented] (HIVE-24039) Update jquery version to mitigate CVE-2020-11023 CVE-2020-11023
MLIST:[hive-issues] 20200902 [jira] [Work started] (HIVE-24039) Update jquery version to mitigate CVE-2020-11023 CVE-2020-11023
MLIST:[hive-issues] 20200904 [jira] [Assigned] (HIVE-24039) Update jquery version to mitigate CVE-2020-11023 CVE-2020-11023
MLIST:[hive-issues] 20200915 [jira] [Resolved] (HIVE-24039) Update jquery version to mitigate CVE-2020-11023 CVE-2020-11023
MLIST:[hive-issues] 20200915 [jira] [Updated] (HIVE-24039) Update jquery version to mitigate CVE-2020-11023 CVE-2020-11023
MLIST:[hive-issues] 20200915 [jira] [Work logged] (HIVE-24039) Update jquery version to mitigate CVE-2020-11023 CVE-2020-11023
MLIST:[hive-issues] 20201022 [jira] [Assigned] (HIVE-24303) Upgrade spring framework to 4.3.29.RELEASE+ due to CVE-2020-5421 CVE-2020-5421
MLIST:[hive-issues] 20201022 [jira] [Commented] (HIVE-23583) Fix CVE-2020-1945: Apache Ant insecure temporary file vulnerability by updating to latest ANT CVE-2020-1945
MLIST:[hive-issues] 20201022 [jira] [Updated] (HIVE-24303) Upgrade spring framework to 4.3.29.RELEASE+ due to CVE-2020-5421 CVE-2020-5421
MLIST:[hive-issues] 20201207 [jira] [Assigned] (HIVE-24500) Hive - upgrade log4j 2.12.1 to 2.13.2+ due to CVE-2020-9488 CVE-2020-9488
MLIST:[hive-issues] 20201207 [jira] [Updated] (HIVE-24500) Hive - upgrade log4j 2.12.1 to 2.13.2+ due to CVE-2020-9488 CVE-2020-9488
MLIST:[hive-issues] 20201207 [jira] [Work started] (HIVE-24500) Hive - upgrade log4j 2.12.1 to 2.13.2+ due to CVE-2020-9488 CVE-2020-9488
MLIST:[hive-issues] 20201208 [jira] [Updated] (HIVE-24500) Hive - upgrade log4j 2.12.1 to 2.13.2+ due to CVE-2020-9488 CVE-2020-9488
MLIST:[hive-issues] 20201208 [jira] [Work logged] (HIVE-24500) Hive - upgrade log4j 2.12.1 to 2.13.2+ due to CVE-2020-9488 CVE-2020-9488
MLIST:[hive-issues] 20210107 [jira] [Resolved] (HIVE-24303) Upgrade spring framework to 4.3.29.RELEASE+ due to CVE-2020-5421 CVE-2020-5421
MLIST:[hive-issues] 20210125 [jira] [Work logged] (HIVE-24500) Hive - upgrade log4j 2.12.1 to 2.13.2+ due to CVE-2020-9488 CVE-2020-9488
MLIST:[hive-issues] 20210209 [jira] [Resolved] (HIVE-24500) Hive - upgrade log4j 2.12.1 to 2.13.2+ due to CVE-2020-9488 CVE-2020-9488
MLIST:[hive-issues] 20210216 [jira] [Assigned] (HIVE-24787) Hive - upgrade log4j 2.12.1 to 2.13.2+ due to CVE-2020-9488 CVE-2020-9488
MLIST:[hive-issues] 20210216 [jira] [Resolved] (HIVE-24787) Hive - upgrade log4j 2.12.1 to 2.13.2+ due to CVE-2020-9488 CVE-2020-9488
MLIST:[hive-issues] 20210218 [jira] [Updated] (HIVE-24787) Hive - upgrade log4j 2.12.1 to 2.13.2+ due to CVE-2020-9488 CVE-2020-9488
MLIST:[hive-issues] 20210223 [jira] [Assigned] (HIVE-24816) Upgrade jackson to 2.10.5.1 or 2.11.0+ due to CVE-2020-25649 CVE-2020-25649
MLIST:[hive-issues] 20210223 [jira] [Updated] (HIVE-24816) Upgrade jackson to 2.10.5.1 or 2.11.0+ due to CVE-2020-25649 CVE-2020-25649
MLIST:[hive-issues] 20210223 [jira] [Work logged] (HIVE-24816) Upgrade jackson to 2.10.5.1 or 2.11.0+ due to CVE-2020-25649 CVE-2020-25649
MLIST:[hive-issues] 20210301 [jira] [Assigned] (HIVE-24837) Upgrade httpclient to 4.5.13+ due to CVE-2020-13956 CVE-2020-13956
MLIST:[hive-issues] 20210301 [jira] [Updated] (HIVE-24837) Upgrade httpclient to 4.5.13+ due to CVE-2020-13956 CVE-2020-13956
MLIST:[hive-issues] 20210301 [jira] [Work logged] (HIVE-24837) Upgrade httpclient to 4.5.13+ due to CVE-2020-13956 CVE-2020-13956
MLIST:[hive-issues] 20210315 [jira] [Work logged] (HIVE-24816) Upgrade jackson to 2.10.5.1 or 2.11.0+ due to CVE-2020-25649 CVE-2020-25649
MLIST:[hive-issues] 20210316 [jira] [Assigned] (HIVE-24890) Upgrade to cron-utils 9.1.3 due to CVE-2020-26238 CVE-2020-26238
MLIST:[hive-issues] 20210316 [jira] [Updated] (HIVE-24890) Upgrade to cron-utils 9.1.3 due to CVE-2020-26238 CVE-2020-26238
MLIST:[hive-issues] 20210316 [jira] [Work logged] (HIVE-24816) Upgrade jackson to 2.10.5.1 or 2.11.0+ due to CVE-2020-25649 CVE-2020-25649
MLIST:[hive-issues] 20210316 [jira] [Work logged] (HIVE-24890) Upgrade to cron-utils 9.1.3 due to CVE-2020-26238 CVE-2020-26238
MLIST:[hive-issues] 20210316 [jira] [Work started] (HIVE-24890) Upgrade to cron-utils 9.1.3 due to CVE-2020-26238 CVE-2020-26238
MLIST:[hive-issues] 20210317 [jira] [Commented] (HIVE-24890) Upgrade to cron-utils 9.1.3 due to CVE-2020-26238 CVE-2020-26238
MLIST:[hive-issues] 20210317 [jira] [Resolved] (HIVE-24890) Upgrade to cron-utils 9.1.3 due to CVE-2020-26238 CVE-2020-26238
MLIST:[hive-issues] 20210317 [jira] [Work logged] (HIVE-24890) Upgrade to cron-utils 9.1.3 due to CVE-2020-26238 CVE-2020-26238
MLIST:[hive-issues] 20210423 [jira] [Assigned] (HIVE-25054) Upgrade jodd-core due to CVE-2018-21234 CVE-2018-21234
MLIST:[hive-issues] 20210423 [jira] [Updated] (HIVE-25054) Upgrade jodd-core due to CVE-2018-21234 CVE-2018-21234
MLIST:[hive-issues] 20210423 [jira] [Work started] (HIVE-25054) Upgrade jodd-core due to CVE-2018-21234 CVE-2018-21234
MLIST:[hive-issues] 20210503 [jira] [Work logged] (HIVE-24816) Upgrade jackson to 2.10.5.1 or 2.11.0+ due to CVE-2020-25649 CVE-2020-25649
MLIST:[hive-issues] 20210510 [jira] [Assigned] (HIVE-25098) [CVE-2020-13949] Upgrade thrift from 0.13.0 to 0.14.0 due CVE-2020-13949
MLIST:[hive-issues] 20210510 [jira] [Updated] (HIVE-25098) [CVE-2020-13949] Upgrade thrift from 0.13.0 to 0.14.0 CVE-2020-13949
MLIST:[hive-issues] 20210510 [jira] [Work logged] (HIVE-24816) Upgrade jackson to 2.10.5.1 or 2.11.0+ due to CVE-2020-25649 CVE-2020-25649
MLIST:[hive-issues] 20210514 [jira] [Work logged] (HIVE-24816) Upgrade jackson to 2.10.5.1 or 2.11.0+ due to CVE-2020-25649 CVE-2020-25649
MLIST:[hive-issues] 20210517 [jira] [Updated] (HIVE-25098) [CVE-2020-13949] Upgrade thrift from 0.13.0 to 0.14.1 CVE-2020-13949
MLIST:[hive-issues] 20210518 [jira] [Commented] (HIVE-25054) Upgrade jodd-core due to CVE-2018-21234 CVE-2018-21234
MLIST:[hive-issues] 20210521 [jira] [Resolved] (HIVE-25054) Upgrade jodd-core due to CVE-2018-21234 CVE-2018-21234
MLIST:[hive-issues] 20210524 [jira] [Commented] (HIVE-25054) Upgrade jodd-core due to CVE-2018-21234 CVE-2018-21234
MLIST:[hive-issues] 20210530 [jira] [Updated] (HIVE-25098) [CVE-2020-13949] Upgrade thrift from 0.13.0 to 0.14.1 CVE-2020-13949
MLIST:[hive-issues] 20210530 [jira] [Work started] (HIVE-25098) [CVE-2020-13949] Upgrade thrift from 0.13.0 to 0.14.1 CVE-2020-13949
MLIST:[hive-issues] 20210609 [jira] [Resolved] (HIVE-25098) [CVE-2020-13949] Upgrade thrift from 0.13.0 to 0.14.1 CVE-2020-13949
MLIST:[hive-issues] 20210609 [jira] [Updated] (HIVE-25098) [CVE-2020-13949] Upgrade thrift from 0.13.0 to 0.14.1 CVE-2020-13949
MLIST:[hive-issues] 20210609 [jira] [Work logged] (HIVE-25098) [CVE-2020-13949] Upgrade thrift from 0.13.0 to 0.14.1 CVE-2020-13949
MLIST:[hive-issues] 20210915 [jira] [Resolved] (HIVE-22738) CVE-2019-0205 CVE-2019-0205
MLIST:[hive-issues] 20211007 [jira] [Assigned] (HIVE-25597) Bump Apache Derby 10.14.1.0 to 10.14.2.0 CVE-2018-1313 CVE-2018-1313
MLIST:[hive-issues] 20211007 [jira] [Commented] (HIVE-25597) Bump Apache Derby 10.14.1.0 to 10.14.2.0 CVE-2018-1313 CVE-2018-1313
MLIST:[hive-issues] 20211012 [jira] [Resolved] (HIVE-24816) Upgrade jackson to 2.10.5.1 or 2.11.0+ due to CVE-2020-25649 CVE-2020-25649
MLIST:[hive-issues] 20211012 [jira] [Updated] (HIVE-24816) Upgrade jackson to 2.10.5.1 or 2.11.0+ due to CVE-2020-25649 CVE-2020-25649
MLIST:[hive-user] 20140612 CVE-2014-0228: Apache Hive Authorization vulnerability CVE-2014-0228
MLIST:[hive-user] 20171031 [CVE-2017-12625] Apache Hive information disclosure vulnerability for column masking CVE-2017-12625
MLIST:[horde-announce] 20041026 Horde 2.2.7 (final) CVE-2004-2741
MLIST:[horde-announce] 20051122 Horde 3.0.7 (final) CVE-2005-3759
MLIST:[horde-announce] 20051211 Horde 3.0.8 (final) CVE-2005-4190
MLIST:[horde-announce] 20051211 Kronolith H3 (2.0.6) (final) CVE-2005-4189
MLIST:[horde-announce] 20051211 Mnemo H3 (2.0.3) (final) CVE-2005-4192
MLIST:[horde-announce] 20051211 Nag H3 (2.0.4) (final) CVE-2005-4191
MLIST:[horde-announce] 20051211 Turba H3 (2.0.5) (final) CVE-2005-4242
MLIST:[horde-announce] 20060817 Horde 3.1.3 (final) CVE-2006-4256
MLIST:[horde-announce] 20060817 IMP H3 (4.1.3) (final) CVE-2006-4255
MLIST:[horde-announce] 20061018 Ingo H3 (1.1.2) (final) CVE-2006-5449
MLIST:[horde-announce] 20061129 [SECURITY] Kronolith H3 (2.0.7) (final) CVE-2006-6175
MLIST:[horde-announce] 20061129 [SECURITY] Kronolith H3 (2.1.4) (final) CVE-2006-6175
MLIST:[horde-announce] 20070114 Horde Groupware 1.0 (final) CVE-2007-0579
MLIST:[horde-announce] 20070114 Horde Groupware Webmail Edition 1.0 (final) CVE-2007-0579
MLIST:[horde-announce] 20080614 [announce] Horde Groupware Webmail Edition 1.1.1 (final) CVE-2008-3650
MLIST:[horde-announce] 20090914 [announce] Horde Groupware 1.1.6 (final) CVE-2009-3236 CVE-2009-3237
MLIST:[horde-announce] 20090914 [announce] Horde Groupware 1.2.4 (final) CVE-2009-3236 CVE-2009-3237
MLIST:[horde-announce] 20090914 [announce] Horde Groupware Webmail Edition 1.1.6 (final) CVE-2009-3236 CVE-2009-3237
MLIST:[horde-announce] 20090914 [announce] Horde Groupware Webmail Edition 1.2.4 (final) CVE-2009-3236 CVE-2009-3237
MLIST:[horde-announce] 20090914 [announce] [SECURITY] Horde 3.2.5 (final) CVE-2009-3236 CVE-2009-3237
MLIST:[horde-announce] 20090914 [announce] [SECURITY] Horde 3.3.5 (final) CVE-2009-3236 CVE-2009-3237
MLIST:[horde-announce] 20120213 [SECURITY] Remote execution backdoor after server hack (CVE-2012-0209) CVE-2012-0209
MLIST:[horde-announce] 20140603 SECURITY: authentication bypass in Horde_Ldap CVE-2014-3999
MLIST:[horde-announce] 20160906 [SECURITY] Horde Groupware 5.2.16 (final) CVE-2016-5303
MLIST:[horde-announce] 20160906 [SECURITY] Horde Groupware Webmail Edition 5.2.16 (final) CVE-2016-5303
MLIST:[httpclient-users] 20110224 Proxy-Authorization header received on server side CVE-2011-1498
MLIST:[httpclient-users] 20110224 RE: Proxy-Authorization header received on server side CVE-2011-1498
MLIST:[httpclient-users] 20110224 Re: Proxy-Authorization header received on server side CVE-2011-1498
MLIST:[httpd-announce] 20190814 CVE-2019-10092: Limited cross-site scripting in mod_proxy CVE-2019-10092
MLIST:[httpd-announce] 20190814 CVE-2019-9517: mod_http2, DoS attack by exhausting h2 workers CVE-2019-9517
MLIST:[httpd-announce] 20210609 CVE-2019-17567: mod_proxy_wstunnel tunneling of non Upgraded connections CVE-2019-17567
MLIST:[httpd-announce] 20210609 CVE-2020-13938: Improper Handling of Insufficient Privileges CVE-2020-13938
MLIST:[httpd-announce] 20210609 CVE-2020-13950: mod_proxy_http NULL pointer dereference CVE-2020-13950
MLIST:[httpd-announce] 20210609 CVE-2020-35452: mod_auth_digest possible stack overflow by one nul byte CVE-2020-35452
MLIST:[httpd-announce] 20210609 CVE-2021-26690: mod_session NULL pointer dereference CVE-2021-26690
MLIST:[httpd-announce] 20210609 CVE-2021-26691: mod_session response handling heap overflow CVE-2021-26691
MLIST:[httpd-announce] 20210609 CVE-2021-30641: Unexpected URL matching with 'MergeSlashes OFF' CVE-2021-30641
MLIST:[httpd-bugs] 20200319 [Bug 53098] mod_proxy_ajp: patch to set worker secret passed to tomcat CVE-2020-1938
MLIST:[httpd-bugs] 20200325 [Bug 63437] MergeSlashes option breaks protocol specifier in URIs CVE-2019-0220
MLIST:[httpd-bugs] 20211005 [Bug 65616] CVE-2021-36160 regression CVE-2021-36160
MLIST:[httpd-bugs] 20211005 [Bug 65616] New: CVE-2021-36160 regression CVE-2021-36160
MLIST:[httpd-bugs] 20211006 [Bug 65616] CVE-2021-36160 regression CVE-2021-36160
MLIST:[httpd-bugs] 20211008 [Bug 65616] CVE-2021-36160 regression CVE-2021-36160 CVE-2021-40438
MLIST:[httpd-bugs] 20211009 [Bug 65616] CVE-2021-36160 regression CVE-2021-36160
MLIST:[httpd-bugs] 20211011 [Bug 65616] CVE-2021-36160 regression CVE-2021-36160
MLIST:[httpd-bugs] 20211012 [Bug 65616] CVE-2021-36160 regression CVE-2021-36160
MLIST:[httpd-cvs] 20190402 svn commit: r1856807 - /httpd/test/framework/trunk/t/security/CVE-2019-0215.t CVE-2019-0215
MLIST:[httpd-cvs] 20190611 svn commit: r1046148 - in /websites/production/httpd/content: ./ mail CVE-2019-0196
MLIST:[httpd-cvs] 20190611 svn commit: r1861068 - /httpd/site/trunk/content/security/vulnerabilities-httpd.xml CVE-2019-0196 CVE-2019-0211
MLIST:[httpd-cvs] 20190806 svn commit: r1864463 - /httpd/test/framework/trunk/t/security/CVE-2019-0215.t CVE-2019-0215
MLIST:[httpd-cvs] 20190815 svn commit: r1048742 [2/4] - in /websites/staging/httpd/trunk/content: ./ security/vulnerabilities-httpd.xml security/vulnerabilities_13.html security/vulnerabilities_20.html security/vulnerabilities_22.html security/vulnerabilities_24.html CVE-2002-0392 CVE-2002-0654 CVE-2002-0661 CVE-2002-0840 CVE-2002-1156 CVE-2002-1592 CVE-2002-1593 CVE-2003-0016 CVE-2003-0017 CVE-2003-0020 CVE-2003-0083 CVE-2003-0132 CVE-2003-0134 CVE-2003-0189 CVE-2003-0192 CVE-2003-0245 CVE-2003-0253 CVE-2003-0254 CVE-2003-0542 CVE-2003-0789 CVE-2004-0113 CVE-2004-0174 CVE-2004-0488 CVE-2004-0493 CVE-2004-0747 CVE-2004-0748 CVE-2004-0751 CVE-2004-0786 CVE-2004-0809 CVE-2004-0811 CVE-2004-0885 CVE-2004-0942 CVE-2004-1834 CVE-2005-2728 CVE-2005-3352 CVE-2006-5752 CVE-2007-3304 CVE-2007-5000 CVE-2007-6388 CVE-2008-0005 CVE-2009-3094 CVE-2009-3095 CVE-2009-3560 CVE-2009-3720 CVE-2010-0425 CVE-2011-0419 CVE-2011-3192 CVE-2011-3368 CVE-2011-3607 CVE-2012-0031 CVE-2012-0053 CVE-2013-1862
MLIST:[httpd-cvs] 20190815 svn commit: r1048742 [3/4] - in /websites/staging/httpd/trunk/content: ./ security/vulnerabilities-httpd.xml security/vulnerabilities_13.html security/vulnerabilities_20.html security/vulnerabilities_22.html security/vulnerabilities_24.html CVE-2006-5752 CVE-2007-1862 CVE-2007-3304 CVE-2007-5000 CVE-2007-6388 CVE-2007-6420 CVE-2007-6421 CVE-2007-6422 CVE-2008-0005 CVE-2008-0455 CVE-2008-0456 CVE-2009-1955 CVE-2009-1956 CVE-2009-2699 CVE-2009-3094 CVE-2009-3095 CVE-2009-3560 CVE-2009-3720 CVE-2010-0425 CVE-2011-0419 CVE-2011-3192 CVE-2011-3348 CVE-2011-3368 CVE-2011-3607 CVE-2011-4317 CVE-2012-0021 CVE-2012-0031 CVE-2012-0053 CVE-2012-0883 CVE-2012-2687 CVE-2012-3499 CVE-2012-4557 CVE-2012-4558 CVE-2013-1862 CVE-2013-5704 CVE-2013-6438 CVE-2014-0098 CVE-2014-0118 CVE-2014-0226 CVE-2014-0231 CVE-2015-3183 CVE-2016-4975 CVE-2016-5387 CVE-2016-8743 CVE-2017-3167 CVE-2017-3169 CVE-2017-7668 CVE-2017-7679 CVE-2017-9788 CVE-2017-9798
MLIST:[httpd-cvs] 20190815 svn commit: r1048742 [4/4] - in /websites/staging/httpd/trunk/content: ./ security/vulnerabilities-httpd.xml security/vulnerabilities_13.html security/vulnerabilities_20.html security/vulnerabilities_22.html security/vulnerabilities_24.html CVE-2008-0455 CVE-2012-0883 CVE-2012-2687 CVE-2012-3499 CVE-2012-3502 CVE-2012-4558 CVE-2013-2249 CVE-2013-4352 CVE-2013-5704 CVE-2013-6438 CVE-2014-0098 CVE-2014-0117 CVE-2014-0118 CVE-2014-0226 CVE-2014-0231 CVE-2014-3523 CVE-2014-3581 CVE-2014-3583 CVE-2015-0228 CVE-2015-0253 CVE-2015-3183 CVE-2015-3185 CVE-2016-0736 CVE-2016-1546 CVE-2016-2161 CVE-2016-4975 CVE-2016-4979 CVE-2016-5387 CVE-2016-8740 CVE-2016-8743 CVE-2017-15710 CVE-2017-15715 CVE-2017-3167 CVE-2017-3169 CVE-2017-7659 CVE-2017-7668 CVE-2017-7679 CVE-2017-9788 CVE-2017-9789 CVE-2017-9798 CVE-2018-11763 CVE-2018-1283 CVE-2018-1301 CVE-2018-1302 CVE-2018-1303 CVE-2018-1312 CVE-2018-1333 CVE-2018-17189 CVE-2018-17199 CVE-2018-8011 CVE-2019-0190 CVE-2019-0196 CVE-2019-0197 CVE-2019-0211 CVE-2019-0215 CVE-2019-0217 CVE-2019-0220
MLIST:[httpd-cvs] 20190815 svn commit: r1048743 [2/4] - in /websites/staging/httpd/trunk/content: ./ security/vulnerabilities-httpd.xml security/vulnerabilities_13.html security/vulnerabilities_20.html security/vulnerabilities_22.html security/vulnerabilities_24.html CVE-2002-0392 CVE-2002-0654 CVE-2002-0661 CVE-2002-0840 CVE-2002-1156 CVE-2002-1592 CVE-2002-1593 CVE-2003-0016 CVE-2003-0017 CVE-2003-0020 CVE-2003-0083 CVE-2003-0132 CVE-2003-0134 CVE-2003-0189 CVE-2003-0192 CVE-2003-0245 CVE-2003-0253 CVE-2003-0254 CVE-2003-0542 CVE-2003-0789 CVE-2004-0113 CVE-2004-0174 CVE-2004-0488 CVE-2004-0493 CVE-2004-0747 CVE-2004-0748 CVE-2004-0751 CVE-2004-0786 CVE-2004-0809 CVE-2004-0811 CVE-2004-0885 CVE-2004-0942 CVE-2004-1834 CVE-2005-2728 CVE-2005-3352 CVE-2006-5752 CVE-2007-3304 CVE-2007-5000 CVE-2007-6388 CVE-2008-0005 CVE-2009-3094 CVE-2009-3095 CVE-2009-3560 CVE-2009-3720 CVE-2010-0425 CVE-2011-0419 CVE-2011-3192 CVE-2011-3368 CVE-2011-3607 CVE-2012-0031 CVE-2012-0053 CVE-2013-1862
MLIST:[httpd-cvs] 20190815 svn commit: r1048743 [3/4] - in /websites/staging/httpd/trunk/content: ./ security/vulnerabilities-httpd.xml security/vulnerabilities_13.html security/vulnerabilities_20.html security/vulnerabilities_22.html security/vulnerabilities_24.html CVE-2006-5752 CVE-2007-1862 CVE-2007-3304 CVE-2007-5000 CVE-2007-6388 CVE-2007-6420 CVE-2007-6421 CVE-2007-6422 CVE-2008-0005 CVE-2008-0455 CVE-2008-0456 CVE-2009-1955 CVE-2009-1956 CVE-2009-2699 CVE-2009-3094 CVE-2009-3095 CVE-2009-3560 CVE-2009-3720 CVE-2010-0425 CVE-2011-0419 CVE-2011-3192 CVE-2011-3348 CVE-2011-3368 CVE-2011-3607 CVE-2011-4317 CVE-2012-0021 CVE-2012-0031 CVE-2012-0053 CVE-2012-0883 CVE-2012-2687 CVE-2012-3499 CVE-2012-4557 CVE-2012-4558 CVE-2013-1862 CVE-2013-5704 CVE-2013-6438 CVE-2014-0098 CVE-2014-0118 CVE-2014-0226 CVE-2014-0231 CVE-2015-3183 CVE-2016-4975 CVE-2016-5387 CVE-2016-8743 CVE-2017-3167 CVE-2017-3169 CVE-2017-7668 CVE-2017-7679 CVE-2017-9788 CVE-2017-9798
MLIST:[httpd-cvs] 20190815 svn commit: r1048743 [4/4] - in /websites/staging/httpd/trunk/content: ./ security/vulnerabilities-httpd.xml security/vulnerabilities_13.html security/vulnerabilities_20.html security/vulnerabilities_22.html security/vulnerabilities_24.html CVE-2008-0455 CVE-2012-0883 CVE-2012-2687 CVE-2012-3499 CVE-2012-3502 CVE-2012-4558 CVE-2013-2249 CVE-2013-4352 CVE-2013-5704 CVE-2013-6438 CVE-2014-0098 CVE-2014-0117 CVE-2014-0118 CVE-2014-0226 CVE-2014-0231 CVE-2014-3523 CVE-2014-3581 CVE-2014-3583 CVE-2015-0228 CVE-2015-0253 CVE-2015-3183 CVE-2015-3185 CVE-2016-0736 CVE-2016-1546 CVE-2016-2161 CVE-2016-4975 CVE-2016-4979 CVE-2016-5387 CVE-2016-8740 CVE-2016-8743 CVE-2017-15710 CVE-2017-15715 CVE-2017-3167 CVE-2017-3169 CVE-2017-7659 CVE-2017-7668 CVE-2017-7679 CVE-2017-9788 CVE-2017-9789 CVE-2017-9798 CVE-2018-11763 CVE-2018-1283 CVE-2018-1301 CVE-2018-1302 CVE-2018-1303 CVE-2018-1312 CVE-2018-1333 CVE-2018-17189 CVE-2018-17199 CVE-2018-8011 CVE-2019-0190 CVE-2019-0196 CVE-2019-0197 CVE-2019-0211 CVE-2019-0215 CVE-2019-0217 CVE-2019-0220 CVE-2019-10092 CVE-2019-9517
MLIST:[httpd-cvs] 20200401 svn commit: r1058586 [2/4] - in /websites/staging/httpd/trunk/content: ./ security/vulnerabilities-httpd.xml security/vulnerabilities_13.html security/vulnerabilities_20.html security/vulnerabilities_22.html security/vulnerabilities_24.html CVE-2002-0392 CVE-2002-0654 CVE-2002-0661 CVE-2002-0840 CVE-2002-1156 CVE-2002-1592 CVE-2002-1593 CVE-2003-0016 CVE-2003-0017 CVE-2003-0020 CVE-2003-0083 CVE-2003-0132 CVE-2003-0134 CVE-2003-0189 CVE-2003-0192 CVE-2003-0245 CVE-2003-0253 CVE-2003-0254 CVE-2003-0542 CVE-2003-0789 CVE-2004-0113 CVE-2004-0174 CVE-2004-0488 CVE-2004-0493 CVE-2004-0747 CVE-2004-0748 CVE-2004-0751 CVE-2004-0786 CVE-2004-0809 CVE-2004-0811 CVE-2004-0885 CVE-2004-0942 CVE-2004-1834 CVE-2005-2728 CVE-2005-3352 CVE-2006-5752 CVE-2007-3304 CVE-2007-5000 CVE-2007-6388 CVE-2008-0005 CVE-2009-3094 CVE-2009-3095 CVE-2009-3560 CVE-2009-3720 CVE-2010-0425 CVE-2011-0419 CVE-2011-3192 CVE-2011-3368 CVE-2011-3607 CVE-2012-0031 CVE-2012-0053 CVE-2013-1862
MLIST:[httpd-cvs] 20200401 svn commit: r1058586 [3/4] - in /websites/staging/httpd/trunk/content: ./ security/vulnerabilities-httpd.xml security/vulnerabilities_13.html security/vulnerabilities_20.html security/vulnerabilities_22.html security/vulnerabilities_24.html CVE-2006-5752 CVE-2007-1862 CVE-2007-3304 CVE-2007-5000 CVE-2007-6388 CVE-2007-6420 CVE-2007-6421 CVE-2007-6422 CVE-2008-0005 CVE-2008-0455 CVE-2008-0456 CVE-2009-1955 CVE-2009-1956 CVE-2009-2699 CVE-2009-3094 CVE-2009-3095 CVE-2009-3560 CVE-2009-3720 CVE-2010-0425 CVE-2011-0419 CVE-2011-3192 CVE-2011-3348 CVE-2011-3368 CVE-2011-3607 CVE-2011-4317 CVE-2012-0021 CVE-2012-0031 CVE-2012-0053 CVE-2012-0883 CVE-2012-2687 CVE-2012-3499 CVE-2012-4557 CVE-2012-4558 CVE-2013-1862 CVE-2013-5704 CVE-2013-6438 CVE-2014-0098 CVE-2014-0118 CVE-2014-0226 CVE-2014-0231 CVE-2015-3183 CVE-2016-4975 CVE-2016-5387 CVE-2016-8743 CVE-2017-3167 CVE-2017-3169 CVE-2017-7668 CVE-2017-7679 CVE-2017-9788 CVE-2017-9798
MLIST:[httpd-cvs] 20200401 svn commit: r1058586 [4/4] - in /websites/staging/httpd/trunk/content: ./ security/vulnerabilities-httpd.xml security/vulnerabilities_13.html security/vulnerabilities_20.html security/vulnerabilities_22.html security/vulnerabilities_24.html CVE-2008-0455 CVE-2012-0883 CVE-2012-2687 CVE-2012-3499 CVE-2012-3502 CVE-2012-4558 CVE-2013-2249 CVE-2013-4352 CVE-2013-5704 CVE-2013-6438 CVE-2014-0098 CVE-2014-0117 CVE-2014-0118 CVE-2014-0226 CVE-2014-0231 CVE-2014-3523 CVE-2014-3581 CVE-2014-3583 CVE-2015-0228 CVE-2015-0253 CVE-2015-3183 CVE-2015-3185 CVE-2016-0736 CVE-2016-1546 CVE-2016-2161 CVE-2016-4975 CVE-2016-4979 CVE-2016-5387 CVE-2016-8740 CVE-2016-8743 CVE-2017-15710 CVE-2017-15715 CVE-2017-3167 CVE-2017-3169 CVE-2017-7659 CVE-2017-7668 CVE-2017-7679 CVE-2017-9788 CVE-2017-9789 CVE-2017-9798 CVE-2018-11763 CVE-2018-1283 CVE-2018-1301 CVE-2018-1302 CVE-2018-1303 CVE-2018-1312 CVE-2018-1333 CVE-2018-17189 CVE-2018-17199 CVE-2018-8011 CVE-2019-0190 CVE-2019-0196 CVE-2019-0197 CVE-2019-0211 CVE-2019-0215 CVE-2019-0217 CVE-2019-0220 CVE-2019-10081 CVE-2019-10082 CVE-2019-10092 CVE-2019-10097 CVE-2019-10098 CVE-2019-9517
MLIST:[httpd-cvs] 20200401 svn commit: r1058587 [2/4] - in /websites/staging/httpd/trunk/content: ./ security/vulnerabilities-httpd.xml security/vulnerabilities_13.html security/vulnerabilities_20.html security/vulnerabilities_22.html security/vulnerabilities_24.html CVE-2002-0392 CVE-2002-0654 CVE-2002-0661 CVE-2002-0840 CVE-2002-1156 CVE-2002-1592 CVE-2002-1593 CVE-2003-0016 CVE-2003-0017 CVE-2003-0020 CVE-2003-0083 CVE-2003-0132 CVE-2003-0134 CVE-2003-0189 CVE-2003-0192 CVE-2003-0245 CVE-2003-0253 CVE-2003-0254 CVE-2003-0542 CVE-2003-0789 CVE-2004-0113 CVE-2004-0174 CVE-2004-0488 CVE-2004-0493 CVE-2004-0747 CVE-2004-0748 CVE-2004-0751 CVE-2004-0786 CVE-2004-0809 CVE-2004-0811 CVE-2004-0885 CVE-2004-0942 CVE-2004-1834 CVE-2005-2728 CVE-2005-3352 CVE-2006-5752 CVE-2007-3304 CVE-2007-5000 CVE-2007-6388 CVE-2008-0005 CVE-2009-3094 CVE-2009-3095 CVE-2009-3560 CVE-2009-3720 CVE-2010-0425 CVE-2011-0419 CVE-2011-3192 CVE-2011-3368 CVE-2011-3607 CVE-2012-0031 CVE-2012-0053 CVE-2013-1862
MLIST:[httpd-cvs] 20200401 svn commit: r1058587 [3/4] - in /websites/staging/httpd/trunk/content: ./ security/vulnerabilities-httpd.xml security/vulnerabilities_13.html security/vulnerabilities_20.html security/vulnerabilities_22.html security/vulnerabilities_24.html CVE-2006-5752 CVE-2007-1862 CVE-2007-3304 CVE-2007-5000 CVE-2007-6388 CVE-2007-6420 CVE-2007-6421 CVE-2007-6422 CVE-2008-0005 CVE-2008-0455 CVE-2008-0456 CVE-2009-1955 CVE-2009-1956 CVE-2009-2699 CVE-2009-3094 CVE-2009-3095 CVE-2009-3560 CVE-2009-3720 CVE-2010-0425 CVE-2011-0419 CVE-2011-3192 CVE-2011-3348 CVE-2011-3368 CVE-2011-3607 CVE-2011-4317 CVE-2012-0021 CVE-2012-0031 CVE-2012-0053 CVE-2012-0883 CVE-2012-2687 CVE-2012-3499 CVE-2012-4557 CVE-2012-4558 CVE-2013-1862 CVE-2013-5704 CVE-2013-6438 CVE-2014-0098 CVE-2014-0118 CVE-2014-0226 CVE-2014-0231 CVE-2015-3183 CVE-2016-4975 CVE-2016-5387 CVE-2016-8743 CVE-2017-3167 CVE-2017-3169 CVE-2017-7668 CVE-2017-7679 CVE-2017-9788 CVE-2017-9798
MLIST:[httpd-cvs] 20200401 svn commit: r1058587 [4/4] - in /websites/staging/httpd/trunk/content: ./ security/vulnerabilities-httpd.xml security/vulnerabilities_13.html security/vulnerabilities_20.html security/vulnerabilities_22.html security/vulnerabilities_24.html CVE-2012-2687 CVE-2012-3499 CVE-2012-3502 CVE-2012-4558 CVE-2013-2249 CVE-2013-4352 CVE-2013-5704 CVE-2013-6438 CVE-2014-0098 CVE-2014-0117 CVE-2014-0118 CVE-2014-0226 CVE-2014-0231 CVE-2014-3523 CVE-2014-3581 CVE-2014-3583 CVE-2015-0228 CVE-2015-0253 CVE-2015-3183 CVE-2015-3185 CVE-2016-0736 CVE-2016-1546 CVE-2016-2161 CVE-2016-4975 CVE-2016-4979 CVE-2016-5387 CVE-2016-8740 CVE-2016-8743 CVE-2017-15710 CVE-2017-15715 CVE-2017-3167 CVE-2017-3169 CVE-2017-7659 CVE-2017-7668 CVE-2017-7679 CVE-2017-9788 CVE-2017-9789 CVE-2017-9798 CVE-2018-11763 CVE-2018-1283 CVE-2018-1301 CVE-2018-1302 CVE-2018-1303 CVE-2018-1312 CVE-2018-1333 CVE-2018-17189 CVE-2018-17199 CVE-2018-8011 CVE-2019-0190 CVE-2019-0196 CVE-2019-0197 CVE-2019-0211 CVE-2019-0215 CVE-2019-0217 CVE-2019-0220 CVE-2019-10081 CVE-2019-10082 CVE-2019-10092 CVE-2019-10097 CVE-2019-10098 CVE-2019-9517
MLIST:[httpd-cvs] 20200411 svn commit: r1876405 - in /httpd/test/framework/trunk/t: conf/core.conf.in security/CVE-2020-1927.t CVE-2020-1927
MLIST:[httpd-cvs] 20200412 svn commit: r1876426 - /httpd/test/framework/trunk/t/security/CVE-2020-1927.t CVE-2020-1927
MLIST:[httpd-cvs] 20200420 svn commit: r1876764 - /httpd/httpd/branches/2.4.x/CHANGES CVE-2019-10098 CVE-2020-1934
MLIST:[httpd-cvs] 20210330 svn commit: r1073139 [1/13] - in /websites/staging/httpd/trunk/content: ./ security/json/ CVE-1999-1199 CVE-2000-0505 CVE-2000-0913 CVE-2000-1204 CVE-2000-1205 CVE-2000-1206 CVE-2001-0729 CVE-2001-0730 CVE-2001-0731 CVE-2001-0925 CVE-2001-1342 CVE-2002-0061 CVE-2002-0392 CVE-2002-0654 CVE-2002-0661 CVE-2002-0839 CVE-2002-0840 CVE-2002-0843 CVE-2002-1156 CVE-2002-1592 CVE-2002-1593 CVE-2003-0016 CVE-2003-0017 CVE-2003-0020 CVE-2003-0083 CVE-2003-0132 CVE-2003-0134 CVE-2003-0189 CVE-2003-0192 CVE-2003-0245 CVE-2003-0253 CVE-2003-0254 CVE-2003-0460 CVE-2003-0542 CVE-2003-0789 CVE-2003-0987 CVE-2003-0993 CVE-2004-0113 CVE-2004-0174 CVE-2004-0488 CVE-2004-0492 CVE-2004-0493 CVE-2004-0747 CVE-2004-0748 CVE-2004-0751 CVE-2004-0786 CVE-2004-0809 CVE-2004-0811 CVE-2004-0885 CVE-2004-0940 CVE-2004-0942 CVE-2004-1834 CVE-2005-2728 CVE-2005-3352 CVE-2006-3918 CVE-2006-5752 CVE-2007-1862 CVE-2007-3304 CVE-2007-5000 CVE-2007-6388 CVE-2007-6420 CVE-2007-6421 CVE-2007-6422 CVE-2008-0005 CVE-2008-0456 CVE-2009-1955 CVE-2009-1956 CVE-2009-2699 CVE-2009-3094 CVE-2009-3095 CVE-2009-3560 CVE-2009-3720 CVE-2010-0010 CVE-2010-0425 CVE-2011-0419 CVE-2011-3192 CVE-2011-3348 CVE-2011-3368 CVE-2011-3607 CVE-2011-4317 CVE-2012-0021 CVE-2012-0031 CVE-2012-0053 CVE-2012-0883 CVE-2012-2687 CVE-2012-3499 CVE-2012-3502 CVE-2012-4557 CVE-2012-4558 CVE-2013-1862 CVE-2013-2249 CVE-2013-4352 CVE-2013-5704 CVE-2013-6438 CVE-2014-0098 CVE-2014-0117 CVE-2014-0118 CVE-2014-0226 CVE-2014-0231 CVE-2014-3523 CVE-2014-3581 CVE-2014-3583 CVE-2015-0228 CVE-2015-0253 CVE-2015-3183 CVE-2015-3185 CVE-2016-0736 CVE-2016-1546 CVE-2016-2161 CVE-2016-4975 CVE-2016-4979 CVE-2016-5387 CVE-2016-8740 CVE-2016-8743 CVE-2017-15710 CVE-2017-15715 CVE-2017-3167 CVE-2017-3169 CVE-2017-7659 CVE-2017-7668 CVE-2017-7679 CVE-2017-9788 CVE-2017-9789 CVE-2017-9798 CVE-2018-11763 CVE-2018-1283 CVE-2018-1301 CVE-2018-1302 CVE-2018-1303 CVE-2018-1312 CVE-2018-1333 CVE-2018-17189 CVE-2018-17199 CVE-2018-8011 CVE-2019-0190 CVE-2019-0196 CVE-2019-0197 CVE-2019-0211 CVE-2019-0215 CVE-2019-0217 CVE-2019-0220 CVE-2019-10081 CVE-2019-10082 CVE-2019-10092 CVE-2019-10097 CVE-2019-10098 CVE-2019-9517 CVE-2020-11984 CVE-2020-11985 CVE-2020-11993 CVE-2020-1927 CVE-2020-1934 CVE-2020-9490
MLIST:[httpd-cvs] 20210330 svn commit: r1073139 [10/13] - in /websites/staging/httpd/trunk/content: ./ security/json/ CVE-2016-0736 CVE-2016-1546 CVE-2016-2161 CVE-2016-4975 CVE-2016-4979 CVE-2016-5387 CVE-2016-8740 CVE-2016-8743 CVE-2017-15710 CVE-2017-15715 CVE-2017-3167 CVE-2017-3169
MLIST:[httpd-cvs] 20210330 svn commit: r1073139 [11/13] - in /websites/staging/httpd/trunk/content: ./ security/json/ CVE-2017-7659 CVE-2017-7668 CVE-2017-7679 CVE-2017-9788 CVE-2017-9789 CVE-2017-9798 CVE-2018-11763 CVE-2018-1283 CVE-2018-1301 CVE-2018-1302 CVE-2018-1303 CVE-2018-1312 CVE-2018-1333 CVE-2018-17189
MLIST:[httpd-cvs] 20210330 svn commit: r1073139 [12/13] - in /websites/staging/httpd/trunk/content: ./ security/json/ CVE-2018-17199 CVE-2018-8011 CVE-2019-0190 CVE-2019-0196 CVE-2019-0197 CVE-2019-0211 CVE-2019-0215 CVE-2019-0217 CVE-2019-0220 CVE-2019-10081 CVE-2019-10082 CVE-2019-10092 CVE-2019-10097 CVE-2019-10098 CVE-2019-9517 CVE-2020-11984 CVE-2020-11985
MLIST:[httpd-cvs] 20210330 svn commit: r1073139 [13/13] - in /websites/staging/httpd/trunk/content: ./ security/json/ CVE-2020-11993 CVE-2020-1927 CVE-2020-1934 CVE-2020-9490
MLIST:[httpd-cvs] 20210330 svn commit: r1073139 [2/13] - in /websites/staging/httpd/trunk/content: ./ security/json/ CVE-2002-1592 CVE-2002-1593 CVE-2003-0016 CVE-2003-0017 CVE-2003-0020 CVE-2003-0083 CVE-2003-0132 CVE-2003-0134 CVE-2003-0189 CVE-2003-0192 CVE-2003-0245 CVE-2003-0253 CVE-2003-0254 CVE-2003-0460 CVE-2003-0542 CVE-2003-0789 CVE-2003-0987 CVE-2003-0993 CVE-2004-0113
MLIST:[httpd-cvs] 20210330 svn commit: r1073139 [3/13] - in /websites/staging/httpd/trunk/content: ./ security/json/ CVE-2004-0174 CVE-2004-0488 CVE-2004-0492 CVE-2004-0493 CVE-2004-0747 CVE-2004-0748 CVE-2004-0751 CVE-2004-0786 CVE-2004-0809 CVE-2004-0811 CVE-2004-0885 CVE-2004-0940 CVE-2004-0942 CVE-2004-1834
MLIST:[httpd-cvs] 20210330 svn commit: r1073139 [4/13] - in /websites/staging/httpd/trunk/content: ./ security/json/ CVE-2005-2728 CVE-2005-3352 CVE-2006-3918 CVE-2006-5752 CVE-2007-1862 CVE-2007-3304
MLIST:[httpd-cvs] 20210330 svn commit: r1073139 [5/13] - in /websites/staging/httpd/trunk/content: ./ security/json/ CVE-2007-5000 CVE-2007-6388 CVE-2007-6420 CVE-2007-6421 CVE-2007-6422 CVE-2008-0005 CVE-2008-0456
MLIST:[httpd-cvs] 20210330 svn commit: r1073139 [6/13] - in /websites/staging/httpd/trunk/content: ./ security/json/ CVE-2009-1955 CVE-2009-1956 CVE-2009-2699 CVE-2009-3094 CVE-2009-3095 CVE-2009-3560 CVE-2009-3720 CVE-2010-0010 CVE-2010-0425
MLIST:[httpd-cvs] 20210330 svn commit: r1073139 [7/13] - in /websites/staging/httpd/trunk/content: ./ security/json/ CVE-2011-0419 CVE-2011-3192 CVE-2011-3348 CVE-2011-3368 CVE-2011-3607
MLIST:[httpd-cvs] 20210330 svn commit: r1073139 [8/13] - in /websites/staging/httpd/trunk/content: ./ security/json/ CVE-2008-0455 CVE-2011-4317 CVE-2012-0021 CVE-2012-0031 CVE-2012-0053 CVE-2012-0883 CVE-2012-2687 CVE-2012-3499 CVE-2012-3502 CVE-2012-4557 CVE-2012-4558 CVE-2013-1862 CVE-2013-2249 CVE-2013-4352
MLIST:[httpd-cvs] 20210330 svn commit: r1073139 [9/13] - in /websites/staging/httpd/trunk/content: ./ security/json/ CVE-2013-5704 CVE-2013-6438 CVE-2014-0098 CVE-2014-0117 CVE-2014-0118 CVE-2014-0226 CVE-2014-0231 CVE-2014-3523 CVE-2014-3581 CVE-2014-3583 CVE-2015-0228 CVE-2015-0253 CVE-2015-3183 CVE-2015-3185
MLIST:[httpd-cvs] 20210330 svn commit: r1073140 [1/4] - in /websites/staging/httpd/trunk/content: ./ security/cvejsontohtml.py security/vulnerabilities_13.html security/vulnerabilities_20.html security/vulnerabilities_22.html security/vulnerabilities_24.html CVE-1999-1199 CVE-2000-0505 CVE-2000-0913 CVE-2000-1204 CVE-2000-1205 CVE-2000-1206 CVE-2001-0729 CVE-2001-0730 CVE-2001-0731 CVE-2001-0925 CVE-2001-1342 CVE-2002-0061 CVE-2002-0392 CVE-2002-0839 CVE-2002-0840 CVE-2002-0843 CVE-2003-0020 CVE-2003-0083 CVE-2003-0460 CVE-2003-0542 CVE-2003-0987 CVE-2003-0993 CVE-2004-0174 CVE-2004-0492 CVE-2004-0940 CVE-2005-3352 CVE-2006-3918 CVE-2006-5752 CVE-2007-3304 CVE-2007-5000 CVE-2007-6388 CVE-2010-0010 CVE-2011-3368
MLIST:[httpd-cvs] 20210330 svn commit: r1073140 [2/4] - in /websites/staging/httpd/trunk/content: ./ security/cvejsontohtml.py security/vulnerabilities_13.html security/vulnerabilities_20.html security/vulnerabilities_22.html security/vulnerabilities_24.html CVE-2002-0392 CVE-2002-0654 CVE-2002-0661 CVE-2002-0840 CVE-2002-1156 CVE-2002-1592 CVE-2002-1593 CVE-2003-0016 CVE-2003-0017 CVE-2003-0020 CVE-2003-0083 CVE-2003-0132 CVE-2003-0134 CVE-2003-0189 CVE-2003-0192 CVE-2003-0245 CVE-2003-0253 CVE-2003-0254 CVE-2003-0542 CVE-2003-0789 CVE-2004-0113 CVE-2004-0174 CVE-2004-0488 CVE-2004-0493 CVE-2004-0747 CVE-2004-0748 CVE-2004-0751 CVE-2004-0786 CVE-2004-0809 CVE-2004-0811 CVE-2004-0885 CVE-2004-0942 CVE-2004-1834 CVE-2005-2728 CVE-2005-3352 CVE-2006-5752 CVE-2007-3304 CVE-2007-5000 CVE-2007-6388 CVE-2008-0005 CVE-2009-3094 CVE-2009-3095 CVE-2009-3560 CVE-2009-3720 CVE-2010-0425 CVE-2011-0419 CVE-2011-3192 CVE-2011-3368 CVE-2011-3607 CVE-2012-0031 CVE-2012-0053 CVE-2013-1862
MLIST:[httpd-cvs] 20210330 svn commit: r1073140 [3/4] - in /websites/staging/httpd/trunk/content: ./ security/cvejsontohtml.py security/vulnerabilities_13.html security/vulnerabilities_20.html security/vulnerabilities_22.html security/vulnerabilities_24.html CVE-2006-5752 CVE-2007-1862 CVE-2007-3304 CVE-2007-5000 CVE-2007-6388 CVE-2007-6420 CVE-2007-6421 CVE-2007-6422 CVE-2008-0005 CVE-2008-0455 CVE-2008-0456 CVE-2009-1955 CVE-2009-1956 CVE-2009-2699 CVE-2009-3094 CVE-2009-3095 CVE-2009-3560 CVE-2009-3720 CVE-2010-0425 CVE-2011-0419 CVE-2011-3192 CVE-2011-3348 CVE-2011-3368 CVE-2011-3607 CVE-2011-4317 CVE-2012-0021 CVE-2012-0031 CVE-2012-0053 CVE-2012-0883 CVE-2012-2687 CVE-2012-3499 CVE-2012-4557 CVE-2012-4558 CVE-2013-1862 CVE-2013-5704 CVE-2013-6438 CVE-2014-0098 CVE-2014-0118 CVE-2014-0226 CVE-2014-0231 CVE-2015-3183 CVE-2016-4975 CVE-2016-5387 CVE-2016-8743 CVE-2017-3167 CVE-2017-3169 CVE-2017-7668 CVE-2017-7679 CVE-2017-9788 CVE-2017-9798
MLIST:[httpd-cvs] 20210330 svn commit: r1073140 [4/4] - in /websites/staging/httpd/trunk/content: ./ security/cvejsontohtml.py security/vulnerabilities_13.html security/vulnerabilities_20.html security/vulnerabilities_22.html security/vulnerabilities_24.html CVE-2013-4352 CVE-2013-5704 CVE-2013-6438 CVE-2014-0098 CVE-2014-0117 CVE-2014-0118 CVE-2014-0226 CVE-2014-0231 CVE-2014-3523 CVE-2014-3581 CVE-2014-3583 CVE-2015-0228 CVE-2015-0253 CVE-2015-3183 CVE-2015-3185 CVE-2016-0736 CVE-2016-1546 CVE-2016-2161 CVE-2016-4975 CVE-2016-4979 CVE-2016-5387 CVE-2016-8740 CVE-2016-8743 CVE-2017-15710 CVE-2017-15715 CVE-2017-3167 CVE-2017-3169 CVE-2017-7659 CVE-2017-7668 CVE-2017-7679 CVE-2017-9788 CVE-2017-9789 CVE-2017-9798 CVE-2018-11763 CVE-2018-1283 CVE-2018-1301 CVE-2018-1302 CVE-2018-1303 CVE-2018-1312 CVE-2018-1333 CVE-2018-17189 CVE-2018-17199 CVE-2018-8011 CVE-2019-0190 CVE-2019-0196 CVE-2019-0197 CVE-2019-0211 CVE-2019-0215 CVE-2019-0217 CVE-2019-0220 CVE-2019-10081 CVE-2019-10082 CVE-2019-10092 CVE-2019-10097 CVE-2019-10098 CVE-2019-9517 CVE-2020-11984 CVE-2020-11985 CVE-2020-11993 CVE-2020-1927 CVE-2020-1934 CVE-2020-9490
MLIST:[httpd-cvs] 20210330 svn commit: r1073143 [2/3] - in /websites/staging/httpd/trunk/content: ./ security/ CVE-2002-0392 CVE-2002-0654 CVE-2002-0661 CVE-2002-0840 CVE-2002-1156 CVE-2002-1592 CVE-2002-1593 CVE-2003-0016 CVE-2003-0017 CVE-2003-0020 CVE-2003-0083 CVE-2003-0132 CVE-2003-0134 CVE-2003-0189 CVE-2003-0192 CVE-2003-0245 CVE-2003-0253 CVE-2003-0254 CVE-2003-0542 CVE-2003-0789 CVE-2004-0113 CVE-2004-0174 CVE-2004-0488 CVE-2004-0493 CVE-2004-0747 CVE-2004-0748 CVE-2004-0751 CVE-2004-0786 CVE-2004-0809 CVE-2004-0811 CVE-2004-0885 CVE-2004-0942 CVE-2004-1834 CVE-2005-2728 CVE-2005-3352 CVE-2006-5752 CVE-2007-3304 CVE-2007-5000 CVE-2007-6388 CVE-2008-0005 CVE-2009-3094 CVE-2009-3095 CVE-2009-3560 CVE-2009-3720 CVE-2010-0425 CVE-2011-0419 CVE-2011-3192 CVE-2011-3368 CVE-2011-3607 CVE-2012-0031 CVE-2012-0053 CVE-2013-1862
MLIST:[httpd-cvs] 20210330 svn commit: r1073143 [3/3] - in /websites/staging/httpd/trunk/content: ./ security/ CVE-2017-15710 CVE-2017-15715 CVE-2018-11763 CVE-2018-1283 CVE-2018-1301 CVE-2018-1302 CVE-2018-1303 CVE-2018-1312 CVE-2018-1333 CVE-2018-17189 CVE-2018-17199 CVE-2018-8011 CVE-2019-0190 CVE-2019-0196 CVE-2019-0197 CVE-2019-0211 CVE-2019-0215 CVE-2019-0217 CVE-2019-0220 CVE-2019-10081 CVE-2019-10082 CVE-2019-10092 CVE-2019-10097 CVE-2019-10098 CVE-2019-9517 CVE-2020-11984 CVE-2020-11993 CVE-2020-1927 CVE-2020-1934 CVE-2020-9490
MLIST:[httpd-cvs] 20210330 svn commit: r1073146 [2/3] - in /websites/staging/httpd/trunk/content: ./ security/cvejsontohtml.py security/vulnerabilities-httpd.xml security/vulnerabilities_22.html security/vulnerabilities_24.html CVE-2005-3352 CVE-2006-5752 CVE-2007-1862 CVE-2007-3304 CVE-2007-5000 CVE-2007-6388 CVE-2007-6420 CVE-2007-6421 CVE-2007-6422 CVE-2008-0005 CVE-2008-0455 CVE-2008-0456 CVE-2009-1955 CVE-2009-1956 CVE-2009-2699 CVE-2009-3094 CVE-2009-3095 CVE-2009-3560 CVE-2009-3720 CVE-2010-0425 CVE-2011-0419 CVE-2011-3192 CVE-2011-3348 CVE-2011-3368 CVE-2011-3607 CVE-2011-4317 CVE-2012-0021 CVE-2012-0031 CVE-2012-0053 CVE-2012-0883 CVE-2012-2687 CVE-2012-3499 CVE-2012-4557 CVE-2012-4558 CVE-2013-1862 CVE-2013-5704 CVE-2013-6438 CVE-2014-0098 CVE-2014-0118 CVE-2014-0226 CVE-2014-0231 CVE-2015-3183 CVE-2016-4975 CVE-2016-5387 CVE-2016-8743 CVE-2017-3167 CVE-2017-3169 CVE-2017-7668 CVE-2017-7679 CVE-2017-9788 CVE-2017-9798
MLIST:[httpd-cvs] 20210330 svn commit: r1073146 [3/3] - in /websites/staging/httpd/trunk/content: ./ security/cvejsontohtml.py security/vulnerabilities-httpd.xml security/vulnerabilities_22.html security/vulnerabilities_24.html CVE-2008-0455 CVE-2012-0883 CVE-2012-2687 CVE-2012-3499 CVE-2012-3502 CVE-2012-4558 CVE-2013-2249 CVE-2013-4352 CVE-2013-5704 CVE-2013-6438 CVE-2014-0098 CVE-2014-0117 CVE-2014-0118 CVE-2014-0226 CVE-2014-0231 CVE-2014-3523 CVE-2014-3581 CVE-2014-3583 CVE-2015-0228 CVE-2015-0253 CVE-2015-3183 CVE-2015-3185 CVE-2016-0736 CVE-2016-1546 CVE-2016-2161 CVE-2016-4975 CVE-2016-4979 CVE-2016-5387 CVE-2016-8740 CVE-2016-8743 CVE-2017-3167 CVE-2017-3169 CVE-2017-7659 CVE-2017-7668 CVE-2017-7679 CVE-2017-9788 CVE-2017-9789 CVE-2017-9798 CVE-2020-11985
MLIST:[httpd-cvs] 20210330 svn commit: r1073148 - in /websites/staging/httpd/trunk/content: ./ security/json/CVE-2020-9490.json CVE-2020-9490
MLIST:[httpd-cvs] 20210330 svn commit: r1073149 [1/13] - in /websites/staging/httpd/trunk/content: ./ security/ security/json/ CVE-1999-1199 CVE-2000-0505 CVE-2000-0913 CVE-2000-1204 CVE-2000-1205 CVE-2000-1206 CVE-2001-0729 CVE-2001-0730 CVE-2001-0731 CVE-2001-0925 CVE-2001-1342 CVE-2002-0061 CVE-2002-0392 CVE-2002-0654 CVE-2002-0661 CVE-2002-0839 CVE-2002-0840 CVE-2002-0843 CVE-2002-1156 CVE-2002-1592 CVE-2002-1593 CVE-2003-0016 CVE-2003-0017 CVE-2003-0020 CVE-2003-0083 CVE-2003-0132 CVE-2003-0134 CVE-2003-0189 CVE-2003-0192 CVE-2003-0245 CVE-2003-0253 CVE-2003-0254 CVE-2003-0460 CVE-2003-0542 CVE-2003-0789 CVE-2003-0987 CVE-2003-0993 CVE-2004-0113 CVE-2004-0174 CVE-2004-0488 CVE-2004-0492 CVE-2004-0493 CVE-2004-0747 CVE-2004-0748 CVE-2004-0751 CVE-2004-0786 CVE-2004-0809 CVE-2004-0811 CVE-2004-0885 CVE-2004-0940 CVE-2004-0942 CVE-2004-1834 CVE-2005-2728 CVE-2005-3352 CVE-2006-3918 CVE-2006-5752 CVE-2007-1862 CVE-2007-3304 CVE-2007-5000 CVE-2007-6388 CVE-2007-6420 CVE-2007-6421 CVE-2007-6422 CVE-2008-0005 CVE-2008-0456 CVE-2009-1955 CVE-2009-1956 CVE-2009-2699 CVE-2009-3094 CVE-2009-3095 CVE-2009-3560 CVE-2009-3720 CVE-2010-0010 CVE-2010-0425 CVE-2011-0419 CVE-2011-3192 CVE-2011-3348 CVE-2011-3368 CVE-2011-3607 CVE-2011-4317 CVE-2012-0021 CVE-2012-0031 CVE-2012-0053 CVE-2012-0883 CVE-2012-2687 CVE-2012-3499 CVE-2012-3502 CVE-2012-4557 CVE-2012-4558 CVE-2013-1862 CVE-2013-2249 CVE-2013-4352 CVE-2013-5704 CVE-2013-6438 CVE-2014-0098 CVE-2014-0117 CVE-2014-0118 CVE-2014-0226 CVE-2014-0231 CVE-2014-3523 CVE-2014-3581 CVE-2014-3583 CVE-2015-0228 CVE-2015-0253 CVE-2015-3183 CVE-2015-3185 CVE-2016-0736 CVE-2016-1546 CVE-2016-2161 CVE-2016-4975 CVE-2016-4979 CVE-2016-5387 CVE-2016-8740 CVE-2016-8743 CVE-2017-15710 CVE-2017-15715 CVE-2017-3167 CVE-2017-3169 CVE-2017-7659 CVE-2017-7668 CVE-2017-7679 CVE-2017-9788 CVE-2017-9789 CVE-2017-9798 CVE-2018-11763 CVE-2018-1283 CVE-2018-1301 CVE-2018-1302 CVE-2018-1303 CVE-2018-1312 CVE-2018-1333 CVE-2018-17189 CVE-2018-17199 CVE-2018-8011 CVE-2019-0190 CVE-2019-0196 CVE-2019-0197 CVE-2019-0211 CVE-2019-0215 CVE-2019-0217 CVE-2019-0220 CVE-2019-10081 CVE-2019-10082 CVE-2019-10092 CVE-2019-10097 CVE-2019-10098 CVE-2019-9517 CVE-2020-11984 CVE-2020-11985 CVE-2020-11993 CVE-2020-1927 CVE-2020-1934 CVE-2020-9490
MLIST:[httpd-cvs] 20210330 svn commit: r1073149 [10/13] - in /websites/staging/httpd/trunk/content: ./ security/ security/json/ CVE-2014-3581 CVE-2014-3583 CVE-2015-0228 CVE-2015-0253 CVE-2015-3183 CVE-2015-3185 CVE-2016-0736 CVE-2016-1546 CVE-2016-2161 CVE-2016-4975 CVE-2016-4979 CVE-2016-5387 CVE-2016-8740
MLIST:[httpd-cvs] 20210330 svn commit: r1073149 [11/13] - in /websites/staging/httpd/trunk/content: ./ security/ security/json/ CVE-2016-8743 CVE-2017-15710 CVE-2017-15715 CVE-2017-3167 CVE-2017-3169 CVE-2017-7659 CVE-2017-7668 CVE-2017-7679 CVE-2017-9788 CVE-2017-9789 CVE-2017-9798 CVE-2018-11763 CVE-2018-1283 CVE-2018-1301
MLIST:[httpd-cvs] 20210330 svn commit: r1073149 [12/13] - in /websites/staging/httpd/trunk/content: ./ security/ security/json/ CVE-2018-1302 CVE-2018-1303 CVE-2018-1312 CVE-2018-1333 CVE-2018-17189 CVE-2018-17199 CVE-2018-8011 CVE-2019-0190 CVE-2019-0196 CVE-2019-0197 CVE-2019-0211 CVE-2019-0215 CVE-2019-0217 CVE-2019-0220
MLIST:[httpd-cvs] 20210330 svn commit: r1073149 [13/13] - in /websites/staging/httpd/trunk/content: ./ security/ security/json/ CVE-2019-10081 CVE-2019-10082 CVE-2019-10092 CVE-2019-10097 CVE-2019-10098 CVE-2019-9517 CVE-2020-11984 CVE-2020-11985 CVE-2020-11993 CVE-2020-1927 CVE-2020-1934 CVE-2020-9490
MLIST:[httpd-cvs] 20210330 svn commit: r1073149 [2/13] - in /websites/staging/httpd/trunk/content: ./ security/ security/json/ CVE-2002-0392 CVE-2002-0654 CVE-2002-0661 CVE-2002-0839 CVE-2002-0840 CVE-2002-0843 CVE-2002-1156 CVE-2002-1592 CVE-2002-1593 CVE-2003-0016 CVE-2003-0017 CVE-2003-0020 CVE-2003-0083 CVE-2003-0132
MLIST:[httpd-cvs] 20210330 svn commit: r1073149 [3/13] - in /websites/staging/httpd/trunk/content: ./ security/ security/json/ CVE-2003-0134 CVE-2003-0189 CVE-2003-0192 CVE-2003-0245 CVE-2003-0253 CVE-2003-0254 CVE-2003-0460 CVE-2003-0542 CVE-2003-0789 CVE-2003-0987 CVE-2003-0993 CVE-2004-0113 CVE-2004-0174 CVE-2004-0488
MLIST:[httpd-cvs] 20210330 svn commit: r1073149 [4/13] - in /websites/staging/httpd/trunk/content: ./ security/ security/json/ CVE-2004-0492 CVE-2004-0493 CVE-2004-0747 CVE-2004-0748 CVE-2004-0751 CVE-2004-0786 CVE-2004-0809 CVE-2004-0811 CVE-2004-0885 CVE-2004-0940 CVE-2004-0942 CVE-2004-1834
MLIST:[httpd-cvs] 20210330 svn commit: r1073149 [5/13] - in /websites/staging/httpd/trunk/content: ./ security/ security/json/ CVE-2005-2728 CVE-2005-3352 CVE-2006-3918 CVE-2006-5752 CVE-2007-1862 CVE-2007-3304 CVE-2007-5000
MLIST:[httpd-cvs] 20210330 svn commit: r1073149 [6/13] - in /websites/staging/httpd/trunk/content: ./ security/ security/json/ CVE-2007-6388 CVE-2007-6420 CVE-2007-6421 CVE-2007-6422 CVE-2008-0005 CVE-2008-0456 CVE-2009-1955
MLIST:[httpd-cvs] 20210330 svn commit: r1073149 [7/13] - in /websites/staging/httpd/trunk/content: ./ security/ security/json/ CVE-2009-1956 CVE-2009-2699 CVE-2009-3094 CVE-2009-3095 CVE-2009-3560 CVE-2009-3720 CVE-2010-0010 CVE-2010-0425
MLIST:[httpd-cvs] 20210330 svn commit: r1073149 [8/13] - in /websites/staging/httpd/trunk/content: ./ security/ security/json/ CVE-2011-0419 CVE-2011-3192 CVE-2011-3348 CVE-2011-3368 CVE-2011-3607 CVE-2011-4317 CVE-2012-0021 CVE-2012-0031 CVE-2012-0053 CVE-2012-0883 CVE-2012-2687 CVE-2012-3499 CVE-2012-3502
MLIST:[httpd-cvs] 20210330 svn commit: r1073149 [9/13] - in /websites/staging/httpd/trunk/content: ./ security/ security/json/ CVE-2012-4557 CVE-2012-4558 CVE-2013-1862 CVE-2013-2249 CVE-2013-4352 CVE-2013-5704 CVE-2013-6438 CVE-2014-0098 CVE-2014-0117 CVE-2014-0118 CVE-2014-0226 CVE-2014-0231 CVE-2014-3523
MLIST:[httpd-cvs] 20210330 svn commit: r1073157 - in /websites/staging/httpd/trunk/content: ./ security/json/CVE-2020-1934.json security/vulnerabilities_24.html CVE-2020-1934
MLIST:[httpd-cvs] 20210330 svn commit: r1073158 - in /websites/staging/httpd/trunk/content: ./ security/json/CVE-2020-1927.json security/vulnerabilities_24.html CVE-2020-1927
MLIST:[httpd-cvs] 20210330 svn commit: r1073161 - in /websites/staging/httpd/trunk/content: ./ security/json/CVE-2016-8743.json security/vulnerabilities_22.html security/vulnerabilities_24.html CVE-2016-8743
MLIST:[httpd-cvs] 20210330 svn commit: r1073163 - in /websites/staging/httpd/trunk/content: ./ security/json/CVE-2016-8743.json security/vulnerabilities_22.html security/vulnerabilities_24.html CVE-2016-8743
MLIST:[httpd-cvs] 20210330 svn commit: r1073171 - in /websites/staging/httpd/trunk/content: ./ security/json/CVE-2020-11984.json security/json/CVE-2020-11993.json security/vulnerabilities_24.html CVE-2020-11984 CVE-2020-11993
MLIST:[httpd-cvs] 20210330 svn commit: r1888194 [10/13] - /httpd/site/trunk/content/security/json/ CVE-2015-3185 CVE-2016-0736 CVE-2016-1546 CVE-2016-2161 CVE-2016-4975 CVE-2016-4979 CVE-2016-5387 CVE-2016-8740 CVE-2016-8743 CVE-2017-15710 CVE-2017-15715 CVE-2017-3167
MLIST:[httpd-cvs] 20210330 svn commit: r1888194 [11/13] - /httpd/site/trunk/content/security/json/ CVE-2017-3169 CVE-2017-7659 CVE-2017-7668 CVE-2017-7679 CVE-2017-9788 CVE-2017-9789 CVE-2017-9798 CVE-2018-11763 CVE-2018-1283 CVE-2018-1301 CVE-2018-1302 CVE-2018-1303 CVE-2018-1312
MLIST:[httpd-cvs] 20210330 svn commit: r1888194 [12/13] - /httpd/site/trunk/content/security/json/ CVE-2018-1333 CVE-2018-17189 CVE-2018-17199 CVE-2018-8011 CVE-2019-0190 CVE-2019-0196 CVE-2019-0197 CVE-2019-0211 CVE-2019-0215 CVE-2019-0217 CVE-2019-0220 CVE-2019-10081 CVE-2019-10082 CVE-2019-10092 CVE-2019-10097 CVE-2019-10098 CVE-2019-9517
MLIST:[httpd-cvs] 20210330 svn commit: r1888194 [13/13] - /httpd/site/trunk/content/security/json/ CVE-2020-11984 CVE-2020-11985 CVE-2020-11993 CVE-2020-1927 CVE-2020-1934 CVE-2020-9490
MLIST:[httpd-cvs] 20210330 svn commit: r1888194 [2/13] - /httpd/site/trunk/content/security/json/ CVE-2002-1592 CVE-2002-1593 CVE-2003-0016 CVE-2003-0017 CVE-2003-0020 CVE-2003-0083 CVE-2003-0132 CVE-2003-0134 CVE-2003-0189 CVE-2003-0192 CVE-2003-0245 CVE-2003-0253 CVE-2003-0254 CVE-2003-0460 CVE-2003-0542 CVE-2003-0789 CVE-2003-0987 CVE-2003-0993 CVE-2004-0113
MLIST:[httpd-cvs] 20210330 svn commit: r1888194 [3/13] - /httpd/site/trunk/content/security/json/ CVE-2004-0174 CVE-2004-0488 CVE-2004-0492 CVE-2004-0493 CVE-2004-0747 CVE-2004-0748 CVE-2004-0751 CVE-2004-0786 CVE-2004-0809 CVE-2004-0811 CVE-2004-0885 CVE-2004-0940 CVE-2004-0942 CVE-2004-1834
MLIST:[httpd-cvs] 20210330 svn commit: r1888194 [4/13] - /httpd/site/trunk/content/security/json/ CVE-2005-2728 CVE-2005-3352 CVE-2006-3918 CVE-2006-5752 CVE-2007-1862 CVE-2007-3304
MLIST:[httpd-cvs] 20210330 svn commit: r1888194 [5/13] - /httpd/site/trunk/content/security/json/ CVE-2007-5000 CVE-2007-6388 CVE-2007-6420 CVE-2007-6421 CVE-2007-6422 CVE-2008-0005 CVE-2008-0456
MLIST:[httpd-cvs] 20210330 svn commit: r1888194 [6/13] - /httpd/site/trunk/content/security/json/ CVE-2009-1955 CVE-2009-1956 CVE-2009-2699 CVE-2009-3094 CVE-2009-3095 CVE-2009-3560 CVE-2009-3720 CVE-2010-0010 CVE-2010-0425
MLIST:[httpd-cvs] 20210330 svn commit: r1888194 [7/13] - /httpd/site/trunk/content/security/json/ CVE-2011-0419 CVE-2011-3192 CVE-2011-3348 CVE-2011-3368 CVE-2011-3607
MLIST:[httpd-cvs] 20210330 svn commit: r1888194 [8/13] - /httpd/site/trunk/content/security/json/ CVE-2008-0455 CVE-2011-4317 CVE-2012-0021 CVE-2012-0031 CVE-2012-0053 CVE-2012-0883 CVE-2012-2687 CVE-2012-3499 CVE-2012-3502 CVE-2012-4557 CVE-2012-4558 CVE-2013-1862 CVE-2013-2249
MLIST:[httpd-cvs] 20210330 svn commit: r1888194 [9/13] - /httpd/site/trunk/content/security/json/ CVE-2013-4352 CVE-2013-5704 CVE-2013-6438 CVE-2014-0098 CVE-2014-0117 CVE-2014-0118 CVE-2014-0226 CVE-2014-0231 CVE-2014-3523 CVE-2014-3581 CVE-2014-3583 CVE-2015-0228 CVE-2015-0253 CVE-2015-3183
MLIST:[httpd-cvs] 20210330 svn commit: r1888199 - /httpd/site/trunk/content/security/vulnerabilities-httpd.xml CVE-2020-11984
MLIST:[httpd-cvs] 20210330 svn commit: r1888203 - /httpd/site/trunk/content/security/json/CVE-2020-9490.json CVE-2020-9490
MLIST:[httpd-cvs] 20210330 svn commit: r1888213 - /httpd/site/trunk/content/security/json/CVE-2020-1934.json CVE-2020-1934
MLIST:[httpd-cvs] 20210330 svn commit: r1888215 - /httpd/site/trunk/content/security/json/CVE-2020-1927.json CVE-2020-1927
MLIST:[httpd-cvs] 20210330 svn commit: r1888217 - /httpd/site/trunk/content/security/json/CVE-2016-8743.json CVE-2016-8743
MLIST:[httpd-cvs] 20210330 svn commit: r1888221 - /httpd/site/trunk/content/security/json/CVE-2016-8743.json CVE-2016-8743
MLIST:[httpd-cvs] 20210330 svn commit: r1888222 - in /httpd/site/trunk/content/security/json: CVE-2010-2068.json CVE-2010-2791.json CVE-2011-0419.json CVE-2011-3368.json CVE-2011-0419 CVE-2011-3368
MLIST:[httpd-cvs] 20210330 svn commit: r1888228 - in /httpd/site/trunk/content/security/json: CVE-2020-11984.json CVE-2020-11993.json CVE-2020-11984 CVE-2020-11993
MLIST:[httpd-cvs] 20210407 svn commit: r1073454 - in /websites/staging/httpd/trunk/content: ./ security/json/CVE-2020-9490.json security/vulnerabilities_24.html CVE-2020-9490
MLIST:[httpd-cvs] 20210407 svn commit: r1888469 - /httpd/site/trunk/content/security/json/CVE-2020-9490.json CVE-2020-9490
MLIST:[httpd-cvs] 20210422 svn commit: r1074079 [2/3] - in /websites/staging/httpd/trunk/content: ./ apreq/ contribute/ contributors/ dev/ docs-project/ docs/ info/ mod_fcgid/ mod_ftp/ mod_mbox/ mod_smtpd/ modules/ security/ test/ test/flood/ CVE-2002-0839 CVE-2004-0747 CVE-2004-1834 CVE-2017-9788
MLIST:[httpd-cvs] 20210603 svn commit: r1075355 - in /websites/staging/httpd/trunk/content: ./ security/ security/json/ CVE-2020-9490
MLIST:[httpd-cvs] 20210603 svn commit: r1075360 [1/3] - in /websites/staging/httpd/trunk/content: ./ security/json/CVE-2021-31618.json security/vulnerabilities_13.html security/vulnerabilities_20.html security/vulnerabilities_22.html security/vulnerabilities_24.html CVE-2000-0505 CVE-2000-0913 CVE-2000-1204 CVE-2000-1205 CVE-2000-1206 CVE-2001-0731 CVE-2001-1342 CVE-2002-0661 CVE-2002-0840 CVE-2002-0843 CVE-2002-1156 CVE-2003-0017 CVE-2003-0083 CVE-2003-0134 CVE-2003-0189 CVE-2003-0789 CVE-2003-0987 CVE-2003-0993 CVE-2004-0113 CVE-2004-0174 CVE-2004-0751 CVE-2006-3918 CVE-2007-3304 CVE-2007-6388 CVE-2008-0005 CVE-2009-3094 CVE-2009-3095 CVE-2009-3560 CVE-2009-3720 CVE-2010-0425 CVE-2011-3192 CVE-2011-3368 CVE-2011-3607 CVE-2012-0031 CVE-2012-0053 CVE-2013-1862
MLIST:[httpd-cvs] 20210603 svn commit: r1075360 [2/3] - in /websites/staging/httpd/trunk/content: ./ security/json/CVE-2021-31618.json security/vulnerabilities_13.html security/vulnerabilities_20.html security/vulnerabilities_22.html security/vulnerabilities_24.html CVE-2007-1862 CVE-2007-3304 CVE-2007-6388 CVE-2007-6421 CVE-2009-1955 CVE-2009-1956 CVE-2009-3094 CVE-2009-3095 CVE-2009-3720 CVE-2010-0425 CVE-2011-3607 CVE-2011-4317 CVE-2012-0021 CVE-2012-0053 CVE-2012-2687 CVE-2012-4557 CVE-2012-4558 CVE-2014-0098 CVE-2014-0118 CVE-2014-0226 CVE-2014-0231 CVE-2016-5387 CVE-2016-8743 CVE-2017-3169 CVE-2017-7668 CVE-2017-9788
MLIST:[httpd-cvs] 20210603 svn commit: r1075360 [3/3] - in /websites/staging/httpd/trunk/content: ./ security/json/CVE-2021-31618.json security/vulnerabilities_13.html security/vulnerabilities_20.html security/vulnerabilities_22.html security/vulnerabilities_24.html CVE-2012-3502 CVE-2012-4558 CVE-2013-2249 CVE-2014-0098 CVE-2014-0226 CVE-2014-0231 CVE-2014-3523 CVE-2014-3581 CVE-2014-3583 CVE-2015-0253 CVE-2015-3185 CVE-2016-2161 CVE-2016-4975 CVE-2016-5387 CVE-2016-8740 CVE-2017-15715 CVE-2017-3169 CVE-2017-7659 CVE-2017-9789 CVE-2018-1283 CVE-2018-1301 CVE-2018-1302 CVE-2018-1312 CVE-2019-0190 CVE-2019-0220 CVE-2019-10097 CVE-2020-11985 CVE-2020-1934
MLIST:[httpd-cvs] 20210606 svn commit: r1075467 [1/2] - in /websites/staging/httpd/trunk/content: ./ security/json/CVE-2021-31618.json security/vulnerabilities_13.html security/vulnerabilities_20.html security/vulnerabilities_22.html security/vulnerabilities_24.html CVE-2000-0505 CVE-2000-0913 CVE-2000-1204 CVE-2000-1206 CVE-2001-1342 CVE-2002-0661 CVE-2003-0017 CVE-2003-0189 CVE-2004-0751 CVE-2006-3918 CVE-2007-3304 CVE-2007-6388 CVE-2008-0005 CVE-2009-3094 CVE-2009-3095 CVE-2009-3560 CVE-2009-3720 CVE-2010-0425 CVE-2011-3192 CVE-2011-3368 CVE-2011-3607 CVE-2012-0031 CVE-2012-0053 CVE-2013-1862
MLIST:[httpd-cvs] 20210606 svn commit: r1075467 [2/2] - in /websites/staging/httpd/trunk/content: ./ security/json/CVE-2021-31618.json security/vulnerabilities_13.html security/vulnerabilities_20.html security/vulnerabilities_22.html security/vulnerabilities_24.html CVE-2007-1862 CVE-2007-3304 CVE-2007-6388 CVE-2007-6421 CVE-2009-1955 CVE-2009-3095 CVE-2009-3720 CVE-2011-3607 CVE-2011-4317 CVE-2012-0053 CVE-2012-2687 CVE-2012-3502 CVE-2012-4557 CVE-2012-4558 CVE-2013-2249 CVE-2014-0098 CVE-2014-0118 CVE-2014-0226 CVE-2014-0231 CVE-2014-3523 CVE-2014-3581 CVE-2015-3185 CVE-2016-5387 CVE-2016-8740 CVE-2016-8743 CVE-2017-3169 CVE-2017-7659 CVE-2017-7668 CVE-2017-9788 CVE-2017-9789 CVE-2020-11985
MLIST:[httpd-cvs] 20210606 svn commit: r1075470 [1/4] - in /websites/staging/httpd/trunk/content: ./ security/json/CVE-2020-13938.json security/vulnerabilities_13.html security/vulnerabilities_20.html security/vulnerabilities_22.html security/vulnerabilities_24.html CVE-1999-1199 CVE-2000-0505 CVE-2000-0913 CVE-2000-1204 CVE-2000-1205 CVE-2000-1206 CVE-2001-0729 CVE-2001-0730 CVE-2001-0731 CVE-2001-0925 CVE-2001-1342 CVE-2002-0061 CVE-2002-0392 CVE-2002-0839 CVE-2002-0840 CVE-2002-0843 CVE-2003-0020 CVE-2003-0083 CVE-2003-0460 CVE-2003-0542 CVE-2003-0987 CVE-2003-0993 CVE-2004-0174 CVE-2004-0492 CVE-2004-0940 CVE-2005-3352 CVE-2006-3918 CVE-2006-5752 CVE-2007-3304 CVE-2007-5000 CVE-2007-6388 CVE-2010-0010 CVE-2011-3368
MLIST:[httpd-cvs] 20210606 svn commit: r1075470 [2/4] - in /websites/staging/httpd/trunk/content: ./ security/json/CVE-2020-13938.json security/vulnerabilities_13.html security/vulnerabilities_20.html security/vulnerabilities_22.html security/vulnerabilities_24.html CVE-2002-0392 CVE-2002-0654 CVE-2002-0661 CVE-2002-0840 CVE-2002-1156 CVE-2002-1592 CVE-2002-1593 CVE-2003-0016 CVE-2003-0017 CVE-2003-0020 CVE-2003-0083 CVE-2003-0132 CVE-2003-0134 CVE-2003-0189 CVE-2003-0192 CVE-2003-0245 CVE-2003-0253 CVE-2003-0254 CVE-2003-0542 CVE-2003-0789 CVE-2004-0113 CVE-2004-0174 CVE-2004-0488 CVE-2004-0493 CVE-2004-0747 CVE-2004-0748 CVE-2004-0751 CVE-2004-0786 CVE-2004-0809 CVE-2004-0811 CVE-2004-0885 CVE-2004-0942 CVE-2004-1834 CVE-2005-2728 CVE-2005-3352 CVE-2006-5752 CVE-2007-3304 CVE-2007-5000 CVE-2007-6388 CVE-2008-0005 CVE-2009-3094 CVE-2009-3095 CVE-2009-3560 CVE-2009-3720 CVE-2010-0425 CVE-2011-0419 CVE-2011-3192 CVE-2011-3368 CVE-2011-3607 CVE-2012-0031 CVE-2012-0053 CVE-2013-1862
MLIST:[httpd-cvs] 20210606 svn commit: r1075470 [3/4] - in /websites/staging/httpd/trunk/content: ./ security/json/CVE-2020-13938.json security/vulnerabilities_13.html security/vulnerabilities_20.html security/vulnerabilities_22.html security/vulnerabilities_24.html CVE-2005-3352 CVE-2006-5752 CVE-2007-1862 CVE-2007-3304 CVE-2007-5000 CVE-2007-6388 CVE-2007-6420 CVE-2007-6421 CVE-2007-6422 CVE-2008-0005 CVE-2008-0455 CVE-2008-0456 CVE-2009-1955 CVE-2009-1956 CVE-2009-2699 CVE-2009-3094 CVE-2009-3095 CVE-2009-3560 CVE-2009-3720 CVE-2010-0425 CVE-2011-0419 CVE-2011-3192 CVE-2011-3348 CVE-2011-3368 CVE-2011-3607 CVE-2011-4317 CVE-2012-0021 CVE-2012-0031 CVE-2012-0053 CVE-2012-0883 CVE-2012-2687 CVE-2012-3499 CVE-2012-4557 CVE-2012-4558 CVE-2013-1862 CVE-2013-5704 CVE-2013-6438 CVE-2014-0098 CVE-2014-0118 CVE-2014-0226 CVE-2014-0231 CVE-2015-3183 CVE-2016-4975 CVE-2016-5387 CVE-2016-8743 CVE-2017-3167 CVE-2017-3169 CVE-2017-7668 CVE-2017-7679 CVE-2017-9788 CVE-2017-9798
MLIST:[httpd-cvs] 20210606 svn commit: r1075470 [4/4] - in /websites/staging/httpd/trunk/content: ./ security/json/CVE-2020-13938.json security/vulnerabilities_13.html security/vulnerabilities_20.html security/vulnerabilities_22.html security/vulnerabilities_24.html CVE-2008-0455 CVE-2012-0883 CVE-2012-2687 CVE-2012-3499 CVE-2012-3502 CVE-2012-4558 CVE-2013-2249 CVE-2013-4352 CVE-2013-5704 CVE-2013-6438 CVE-2014-0098 CVE-2014-0117 CVE-2014-0118 CVE-2014-0226 CVE-2014-0231 CVE-2014-3523 CVE-2014-3581 CVE-2014-3583 CVE-2015-0228 CVE-2015-0253 CVE-2015-3183 CVE-2015-3185 CVE-2016-0736 CVE-2016-1546 CVE-2016-2161 CVE-2016-4975 CVE-2016-4979 CVE-2016-5387 CVE-2016-8740 CVE-2016-8743 CVE-2017-15710 CVE-2017-15715 CVE-2017-3167 CVE-2017-3169 CVE-2017-7659 CVE-2017-7668 CVE-2017-7679 CVE-2017-9788 CVE-2017-9789 CVE-2017-9798 CVE-2018-11763 CVE-2018-1283 CVE-2018-1301 CVE-2018-1302 CVE-2018-1303 CVE-2018-1312 CVE-2018-1333 CVE-2018-17189 CVE-2018-17199 CVE-2018-8011 CVE-2019-0190 CVE-2019-0196 CVE-2019-0197 CVE-2019-0211 CVE-2019-0215 CVE-2019-0217 CVE-2019-0220 CVE-2019-10081 CVE-2019-10082 CVE-2019-10092 CVE-2019-10097 CVE-2019-10098 CVE-2019-9517 CVE-2020-11984 CVE-2020-11985 CVE-2020-11993 CVE-2020-1927 CVE-2020-1934 CVE-2020-9490
MLIST:[httpd-cvs] 20210615 svn commit: r1075782 - in /websites/staging/httpd/trunk/content: ./ security/json/CVE-2021-31618.json security/vulnerabilities_24.html CVE-2021-31618
MLIST:[httpd-cvs] 20210615 svn commit: r1890801 - /httpd/site/trunk/content/security/json/CVE-2021-31618.json CVE-2021-31618
MLIST:[httpd-cvs] 20210916 [httpd-site] branch main updated: Add descriptions for CVE-2021-33193 CVE-2021-36160 CVE-2021-33193 CVE-2021-36160
MLIST:[httpd-cvs] 20210916 [httpd-site] branch main updated: Revert "Add descriptions for CVE-2021-33193 CVE-2021-36160" CVE-2021-33193 CVE-2021-36160
MLIST:[httpd-cvs] 20211008 [httpd-site] branch main updated: * Align with CVE-2021-42013 based on the latest findings CVE-2021-41773 CVE-2021-42013
MLIST:[httpd-dev] 20190402 re: svn commit: r33393 - /release/httpd/CHANGES_2.4 CVE-2019-0217
MLIST:[httpd-dev] 20190804 Re: svn commit: r1856807 - /httpd/test/framework/trunk/t/security/CVE-2019-0215.t CVE-2019-0215
MLIST:[httpd-dev] 20190806 Re: svn commit: r1856807 - /httpd/test/framework/trunk/t/security/CVE-2019-0215.t CVE-2019-0215
MLIST:[httpd-dev] 20190817 CVE-2019-10097 vs. CHANGEs entry CVE-2019-9517
MLIST:[httpd-dev] 20190817 Re: CVE-2019-10097 vs. CHANGEs entry CVE-2019-9517
MLIST:[httpd-dev] 20200404 Odd vulnerabilities_24.html output CVE-2020-1927 CVE-2020-1934
MLIST:[httpd-dev] 20200404 Re: Odd vulnerabilities_24.html output CVE-2020-1927 CVE-2020-1934
MLIST:[httpd-dev] 20200808 Security announcements for CVE-2020-9490/CVE-2020-11993 ? CVE-2020-11993 CVE-2020-9490
MLIST:[httpd-dev] 20200811 Re: Which version fixed the CVE-2020-9490, CVE-2020-11984 and CVE-2020-11993 vulnerabilities? CVE-2020-11984 CVE-2020-11993 CVE-2020-9490
MLIST:[httpd-dev] 20200811 Which version fixed the CVE-2020-9490, CVE-2020-11984 and CVE-2020-11993 vulnerabilities? CVE-2020-11984 CVE-2020-11993 CVE-2020-9490
MLIST:[httpd-dev] 20210409 GSOC project Idea- fix for CVE-2013-3587 CVE-2013-3587
MLIST:[httpd-dev] 20210610 Re: svn commit: r1890598 - in /httpd/site/trunk/content/security/json: CVE-2019-17567.json CVE-2020-13938.json CVE-2020-13950.json CVE-2020-35452.json CVE-2021-26690.json CVE-2021-26691.json CVE-2021-30641.json CVE-2021-31618.json CVE-2019-17567 CVE-2020-13938 CVE-2020-13950 CVE-2020-35452 CVE-2021-26690 CVE-2021-26691 CVE-2021-30641
MLIST:[httpd-dev] 20210831 APR 1.7.1 release? CVE-2021-35940
MLIST:[httpd-python-dev] 20040416 Re: possible bug in filter.write() CVE-2004-2680
MLIST:[httpd-python-dev] 20040416 patch for filterobject.c CVE-2004-2680
MLIST:[httpd-python-dev] 20040416 possible bug in filter.write() CVE-2004-2680
MLIST:[httpd-users] 20190406 [users@httpd] CVE-2019-0211/0215/0217 CVE-2019-0211
MLIST:[httpd-users] 20200202 Re: [users@httpd] Small difference on error messages CVE-2019-10092
MLIST:[httpd-users] 20200814 [users@httpd] CVE NIST discrepancies CVE-1999-0070
MLIST:[httpd-users] 20210923 Re: [users@httpd] 2.4.49 security fixes: more info CVE-2021-34798 CVE-2021-36160 CVE-2021-39275 CVE-2021-40438
MLIST:[httpd-users] 20210923 Re: [users@httpd] Re: [External] : [users@httpd] 2.4.49 security fixes: more info CVE-2021-34798 CVE-2021-36160 CVE-2021-39275 CVE-2021-40438
MLIST:[httpd-users] 20210923 [users@httpd] 2.4.49 security fixes: more info CVE-2021-34798 CVE-2021-36160 CVE-2021-39275 CVE-2021-40438
MLIST:[httpd-users] 20210923 [users@httpd] Re: [External] : [users@httpd] 2.4.49 security fixes: more info CVE-2021-34798 CVE-2021-36160 CVE-2021-39275 CVE-2021-40438
MLIST:[httpd-users] 20211005 [users@httpd] CVE-2021-41773: Path traversal and file disclosure vulnerability in Apache HTTP Server 2.4.49 CVE-2021-41773
MLIST:[httpd-users] 20211007 [users@httpd] CVE-2021-42013: Path Traversal and Remote Code Execution in Apache HTTP Server 2.4.49 and 2.4.50 (incomplete fix of CVE-2021-41773) CVE-2021-41773 CVE-2021-42013
MLIST:[httpd-users] 20211019 Re: [users@httpd] Regarding CVE-2021-40438 CVE-2021-40438
MLIST:[httpd-users] 20211019 [users@httpd] Regarding CVE-2021-40438 CVE-2021-40438
MLIST:[hylafax-announce] 20050111 **ANOUNCE** hylafax-4.2.1 released CVE-2004-1182
MLIST:[hylafax-users] 20051212 Re: proceedure for hylafax setup for PAM authentiation CVE-2005-3538
MLIST:[iceberg-commits] 20191028 [incubator-iceberg] branch master updated: Update Jackson to 2.10.0 for CVE-2019-16943 (#583) CVE-2019-16943
MLIST:[iceberg-issues] 20191010 [GitHub] [incubator-iceberg] mccheah commented on issue #535: Update Jackson to 2.9.10 for CVE-2019-14379 CVE-2019-14379
MLIST:[iceberg-issues] 20191010 [GitHub] [incubator-iceberg] mccheah opened a new pull request #535: Update Jackson to 2.9.10 for CVE-2019-14379 CVE-2019-14379
MLIST:[iceberg-issues] 20191010 [GitHub] [incubator-iceberg] rdblue closed pull request #533: Update Jackson to 2.9.10 for CVE-2019-14379 CVE-2019-14379
MLIST:[iceberg-issues] 20191010 [GitHub] [incubator-iceberg] rdblue commented on issue #533: Update Jackson to 2.9.10 for CVE-2019-14379 CVE-2019-14379
MLIST:[iceberg-issues] 20191010 [GitHub] [incubator-iceberg] rdblue commented on issue #535: Update Jackson to 2.9.10 for CVE-2019-14379 CVE-2019-14379
MLIST:[iceberg-issues] 20191010 [GitHub] [incubator-iceberg] rdblue merged pull request #535: Update Jackson to 2.9.10 for CVE-2019-14379 CVE-2019-14379
MLIST:[iceberg-issues] 20191010 [GitHub] [incubator-iceberg] rdblue opened a new pull request #533: Update Jackson to 2.9.10 for CVE-2019-14379 CVE-2019-14379
MLIST:[iceberg-issues] 20191027 [GitHub] [incubator-iceberg] rdsr commented on issue #535: Update Jackson to 2.9.10 for CVE-2019-14379 CVE-2019-14379 CVE-2019-16943
MLIST:[iceberg-issues] 20210701 [GitHub] [iceberg] jackye1995 opened a new pull request #2776: Build: bump up DiffPlug Spotless version CVE-2019-9843
MLIST:[icu-support] 20080122 ICU Patch for bugs in Regular Expressions CVE-2007-4770 CVE-2007-4771
MLIST:[ignite-dev] 20180719 [CVE-2018-1273] Apache Ignite impacted by security vulnerability in Spring Data Commons CVE-2018-1273
MLIST:[ignite-dev] 20180719 [CVE-2018-8018] Possible Execution of Arbitrary Code via Apache Ignite GridClientJdkMarshaller CVE-2018-8018
MLIST:[ignite-dev] 20200603 RE: [CVE-2020-1963] Apache Ignite access to file system disclosure vulnerability CVE-2020-1963
MLIST:[ignite-dev] 20200605 Re: [CVE-2020-1963] Apache Ignite access to file system disclosure vulnerability CVE-2020-1963 CVE-2020-1964
MLIST:[ignite-dev] 20200608 Re: [CVE-2020-1963] Apache Ignite access to file system disclosure vulnerability CVE-2020-1963 CVE-2020-1964
MLIST:[ignite-dev] 20200615 Re: [CVE-2020-1963] Apache Ignite access to file system disclosure vulnerability CVE-2020-1963 CVE-2020-1964
MLIST:[ignite-dev] 20210413 [jira] [Created] (IGNITE-14527) CVE-2021-2816[3,4,5] in Jetty CVE-2021-28163 CVE-2021-28164 CVE-2021-28165
MLIST:[ignite-issues] 20210413 [jira] [Created] (IGNITE-14527) CVE-2021-2816[3,4,5] in Jetty CVE-2021-28163 CVE-2021-28164 CVE-2021-28165
MLIST:[ignite-issues] 20210426 [jira] [Commented] (IGNITE-14527) CVE-2021-2816[3,4,5] in Jetty CVE-2021-28163 CVE-2021-28164 CVE-2021-28165
MLIST:[ignite-issues] 20210426 [jira] [Updated] (IGNITE-14527) CVE-2021-2816[3,4,5] in Jetty CVE-2021-28163 CVE-2021-28164 CVE-2021-28165
MLIST:[ignite-issues] 20210426 [jira] [Updated] (IGNITE-14527) Upgrade Jetty version to fix CVE-2021-2816[3,4,5] in Jetty CVE-2021-28163 CVE-2021-28164 CVE-2021-28165
MLIST:[ignite-user] 20191213 Re: H2 version security concern CVE-2018-10054 CVE-2018-14335
MLIST:[ignite-user] 20200603 RE: [CVE-2020-1963] Apache Ignite access to file system disclosure vulnerability CVE-2020-1963
MLIST:[ignite-user] 20200609 Re: [CVE-2020-1963] Apache Ignite access to file system disclosure vulnerability CVE-2020-1963
MLIST:[ignite-user] 20200615 Re: [CVE-2020-1963] Apache Ignite access to file system disclosure vulnerability CVE-2020-1963 CVE-2020-1964
MLIST:[ignite-user] 20201117 Query on CVE-2020-5421 CVE-2020-5421
MLIST:[ignite-user] 20201119 Re: Query on CVE-2020-5421 CVE-2020-5421
MLIST:[imap-uw] 20081031 Security bug in tmail and dmail CVE-2008-5005
MLIST:[imapsync_list] 20140120 Re: [imapsync] STARTTLS support (#15) CVE-2014-2014
MLIST:[imapsync_list] 20140122 Re: [imapsync] Upon certificate issues STARTTLS is ignored and the password sent in plaintext (#15) CVE-2014-2014
MLIST:[imp] 20050422 IMP 3.2.8 (final) CVE-2005-1319
MLIST:[impala-dev] 20191104 [CVE-2019-10084] privilege escalation by authenticated Apache Impala users CVE-2019-10084
MLIST:[impala-user] 20210722 CVE-2021-28131: Apache Impala: Impala logs contain secrets CVE-2021-28131
MLIST:[incubator-cloudstack-users] 20130110 CVE-2012-5616: Apache CloudStack information disclosure vulnerability CVE-2012-5616
MLIST:[info-cyrus] 20050214 Cyrus IMAPd 2.2.11 Released CVE-2005-0546
MLIST:[info-gnu] 20160128 ANNOUNCE: Nettle-3.2 CVE-2015-8803 CVE-2015-8804
MLIST:[infra-devnull] 20190321 [GitHub] [tika] dadoonet opened pull request #268: Update slf4j to 1.8.0-beta4 CVE-2018-8088
MLIST:[infra-devnull] 20190321 [GitHub] [tika] grossws commented on issue #268: Update slf4j to 1.8.0-beta4 CVE-2018-8088
MLIST:[infra-devnull] 20190324 [GitHub] [thrift] luciferous opened pull request #1771: THRIFT-4506: fix use of assert for correctness in Java SASL negotiation CVE-2018-1320
MLIST:[infra-devnull] 20190329 [GitHub] [pulsar] massakam opened pull request #3938: Upgrade third party libraries with security vulnerabilities CVE-2018-19360 CVE-2018-19361 CVE-2018-19362
MLIST:[infra-devnull] 20190402 [GitHub] [accumulo] milleruntime opened pull request #1072: Upgrade jetty to fix CVE CVE-2018-12545
MLIST:[infra-devnull] 20190402 [GitHub] [flink] aloyszhang opened pull request #8100: [FLINK-12082] Bump up the jython-standalone version CVE-2016-4000
MLIST:[infra-devnull] 20190404 [GitHub] [incubator-openwhisk-runtime-ballerina] falkzoll commented on issue #15: Update to new base image jdk8u202-b08_openj9-0.12.1. CVE-2018-16839 CVE-2018-16890 CVE-2019-3462 CVE-2019-3822 CVE-2019-3823
MLIST:[infra-devnull] 20190410 [GitHub] [airflow] XD-DENG commented on issue #5075: [AIRFLOW-XXX] Change allowed version of Jinja2 to fix CVE-2019-10906 CVE-2019-10906
MLIST:[infra-devnull] 20190410 [GitHub] [airflow] XD-DENG opened pull request #5075: [AIRFLOW-XXX] Change allowed version of Jinja2 to fix CVE-2019-10906 CVE-2019-10906
MLIST:[infra-devnull] 20190410 [GitHub] [airflow] ashb closed pull request #5075: [AIRFLOW-XXX] Change allowed version of Jinja2 to fix CVE-2019-10906 CVE-2019-10906
MLIST:[infra-devnull] 20190410 [GitHub] [airflow] ashb commented on issue #5075: [AIRFLOW-XXX] Change allowed version of Jinja2 to fix CVE-2019-10906 CVE-2019-10906
MLIST:[interchange-announce] 20040329 Security Problem in Interchange CVE-2004-0374
MLIST:[interchange-announce] 20050922 Important: Security flaw found in Interchange demo catalog. CVE-2005-3073
MLIST:[interchange-announce] 20050923 Important: Security flaw found in Interchange demo - Addendum CVE-2005-3073
MLIST:[internals] 20120203 [PHP-DEV] The case of HTTP response splitting protection in PHP CVE-2011-1398
MLIST:[iotdb-commits] 20210308 [iotdb] branch master updated: [IOTDB-1181] Upgrade jetty jar to fix CVE-2020-27216 CVE-2020-27216
MLIST:[iotdb-commits] 20210325 [iotdb] branch master updated: [IOTDB-1256] upgrade Jackson to 2.11.0 because of loopholes CVE-2020-25649 (#2896) CVE-2020-25649
MLIST:[iotdb-commits] 20210328 [iotdb] branch master updated: [IOTDB-1258] jcl-over-slf4j have security vulnerabilities CVE-2018-8088 (#2906) CVE-2018-8088
MLIST:[iotdb-notifications] 20210303 [jira] [Created] (IOTDB-1181) Upgrade jetty jar to fix CVE-2020-27216 CVE-2020-27216
MLIST:[iotdb-notifications] 20210324 [jira] [Created] (IOTDB-1256) Jackson have loopholes CVE-2020-25649 CVE-2020-25649
MLIST:[iotdb-notifications] 20210325 [jira] [Created] (IOTDB-1258) jcl-over-slf4j have Security Vulnerabilities CVE-2018-8088 CVE-2018-8088
MLIST:[iotdb-reviews] 20210303 [GitHub] [iotdb] wangchao316 commented on pull request #2768: [IOTDB-1181] Upgrade jetty jar to fix CVE-2020-27216 CVE-2020-27216
MLIST:[iotdb-reviews] 20210303 [GitHub] [iotdb] wangchao316 opened a new pull request #2768: [IOTDB-1181] Upgrade jetty jar to fix CVE-2020-27216 CVE-2020-27216
MLIST:[iotdb-reviews] 20210308 [GitHub] [iotdb] jixuan1989 commented on pull request #2768: [IOTDB-1181] Upgrade jetty jar to fix CVE-2020-27216 CVE-2020-27216
MLIST:[iotdb-reviews] 20210308 [GitHub] [iotdb] jixuan1989 merged pull request #2768: [IOTDB-1181] Upgrade jetty jar to fix CVE-2020-27216 CVE-2020-27216
MLIST:[iotdb-reviews] 20210324 [GitHub] [iotdb] wangchao316 closed pull request #2896: [IOTDB-1256] Jackson have loopholes CVE-2020-25649 CVE-2020-25649
MLIST:[iotdb-reviews] 20210324 [GitHub] [iotdb] wangchao316 opened a new pull request #2896: [IOTDB-1256] Jackson have loopholes CVE-2020-25649 CVE-2020-25649
MLIST:[iotdb-reviews] 20210325 [GitHub] [iotdb] jixuan1989 merged pull request #2896: [IOTDB-1256] Jackson have loopholes CVE-2020-25649 CVE-2020-25649
MLIST:[iotdb-reviews] 20210325 [GitHub] [iotdb] wangchao316 opened a new pull request #2906: [IOTDB-1258] jcl-over-slf4j have security vulnerabilities CVE-2018-8088 CVE-2018-8088
MLIST:[iotdb-reviews] 20210327 [GitHub] [iotdb] wangchao316 closed pull request #2906: [IOTDB-1258] jcl-over-slf4j have security vulnerabilities CVE-2018-8088 CVE-2018-8088
MLIST:[iotdb-reviews] 20210327 [GitHub] [iotdb] wangchao316 opened a new pull request #2906: [IOTDB-1258] jcl-over-slf4j have security vulnerabilities CVE-2018-8088 CVE-2018-8088
MLIST:[iotdb-reviews] 20210328 [GitHub] [iotdb] HTHou merged pull request #2906: [IOTDB-1258] jcl-over-slf4j have security vulnerabilities CVE-2018-8088 CVE-2018-8088
MLIST:[ipsec-tools-announce] 20090422 Ipsec-tools 0.7.2 released CVE-2009-1632
MLIST:[ipython-dev] 20140713 Vulnerability in IPython Notebook ≤ 1.1 CVE-2014-3429
MLIST:[ircd-ratbox] 20070514 IMPORTANT: potential DoS found in ircd-ratbox CVE-2007-2786
MLIST:[ircd-ratbox] 20100125 ircd-ratbox-2.2.9 released CVE-2009-4016
MLIST:[isn] 20031215 The mysteriously persistently exploitable program explained. CVE-2004-2768
MLIST:[j-users] 20180503 [ANNOUNCEMENT]: Apache Xerces-J 2.12.0 now available CVE-2013-4002 CVE-2018-2799
MLIST:[jabberd2] 20110531 jabberd-2.2.14 release CVE-2011-1755
MLIST:[jabberd] 20040919 Jabberd 1.4 critical bug CVE-2004-1378
MLIST:[jackrabbit-announce] 20150521 CVE-2015-1833 (Jackrabbit WebDAV XXE vulnerability) CVE-2015-1833
MLIST:[jackrabbit-announce] 20200128 CVE-2020-1940: Apache Jackrabbit Oak sensitive information disclosure vulnerability CVE-2020-1940
MLIST:[jackrabbit-commits] 20200129 svn commit: r1873288 - /jackrabbit/site/trunk/src/site/markdown/index.md CVE-2020-1940
MLIST:[jackrabbit-commits] 20200129 svn commit: r1873291 - /jackrabbit/site/trunk/src/site/markdown/index.md CVE-2020-1940
MLIST:[jackrabbit-commits] 20200129 svn commit: r1873296 [3/3] - in /jackrabbit/site/live/oak/docs: ./ architecture/ coldstandby/ features/ nodestore/ nodestore/document/ nodestore/segment/ oak-mongo-js/ oak_api/ plugins/ query/ security/ security/accesscontrol/ security/authentication/ ... CVE-2020-1940
MLIST:[jackrabbit-commits] 20200206 svn commit: r1873705 [4/5] - in /jackrabbit/site/live/oak/docs: ./ META-INF/ architecture/ coldstandby/ features/ nodestore/ nodestore/document/ nodestore/segment/ oak_api/ plugins/ query/ security/ security/accesscontrol/ security/authentication/ secu... CVE-2020-1940
MLIST:[jackrabbit-commits] 20200227 svn commit: r1874583 [4/4] - in /jackrabbit/site/live/oak/docs: ./ architecture/ coldstandby/ features/ nodestore/ nodestore/document/ nodestore/segment/ oak-mongo-js/ oak_api/ plugins/ query/ security/ security/accesscontrol/ security/authentication/ ... CVE-2020-1940
MLIST:[jackrabbit-dev] 20210706 [GitHub] [jackrabbit-oak] reschke commented on pull request #310: OAK-9482: upgrade httpclient to 4.5.13 CVE-2020-13956
MLIST:[jackrabbit-dev] 20210706 [GitHub] [jackrabbit-oak] reschke removed a comment on pull request #310: OAK-9482: upgrade httpclient to 4.5.13 CVE-2020-13956
MLIST:[jackrabbit-dev] 20210709 [GitHub] [jackrabbit-oak] blackat opened a new pull request #321: Update netty to resolve CVE-2021-21295 and BDSA-2018-4022 CVE-2021-21295
MLIST:[jackrabbit-dev] 20210716 [GitHub] [jackrabbit-oak] nit0906 commented on pull request #326: OAK-9496 | Update zookeeper version to handle CVE-2018-8012 CVE-2018-8012
MLIST:[jackrabbit-dev] 20210716 [GitHub] [jackrabbit-oak] nit0906 opened a new pull request #326: OAK-9496 | Update zookeeper version to handle CVE-2018-8012 CVE-2018-8012
MLIST:[jackrabbit-dev] 20210720 [GitHub] [jackrabbit-oak] nit0906 merged pull request #326: OAK-9496 | Update zookeeper version to handle CVE-2018-8012 CVE-2018-8012
MLIST:[jackrabbit-dev] 20210730 [GitHub] [jackrabbit-oak] nit0906 merged pull request #334: OAK-9520 | Updating solr version to handle/fix CVE-2021-29262 CVE-2021-29262
MLIST:[jackrabbit-dev] 20210730 [GitHub] [jackrabbit-oak] nit0906 opened a new pull request #334: OAK-9520 | Updating solr version to handle/fix CVE-2021-29262 CVE-2021-29262
MLIST:[jackrabbit-oak-commits] 20200129 svn commit: r1873295 - in /jackrabbit/oak/trunk/oak-doc/src/site/markdown/security: overview.md reports.md CVE-2020-1940
MLIST:[jackrabbit-oak-commits] 20200129 svn commit: r1873303 - /jackrabbit/oak/trunk/oak-doc/src/site/markdown/security/reports.md CVE-2020-1940
MLIST:[jackrabbit-oak-commits] 20200205 svn commit: r1873622 - /jackrabbit/oak/trunk/oak-doc/src/site/markdown/security/reports.md CVE-2020-1940
MLIST:[jackrabbit-oak-commits] 20200221 svn commit: r1874301 - /jackrabbit/oak/trunk/oak-doc/src/site/markdown/security/reports.md CVE-2020-1940
MLIST:[jackrabbit-oak-commits] 20210720 [jackrabbit-oak] branch trunk updated: OAK-9496 | Update zookeeper version to handle CVE-2018-8012 (#326) CVE-2018-8012
MLIST:[jackrabbit-oak-commits] 20210730 [jackrabbit-oak] branch trunk updated: OAK-9520 | Updating solr version to handle/fix CVE-2021-29262 (#334) CVE-2021-29262
MLIST:[jackrabbit-oak-issues] 20210730 [jira] [Assigned] (OAK-9520) CVE-2021-29262 in oak-solr-osgi CVE-2021-29262
MLIST:[jackrabbit-oak-issues] 20210730 [jira] [Commented] (OAK-9520) CVE-2021-29262 in oak-solr-osgi CVE-2021-29262
MLIST:[jackrabbit-oak-issues] 20210730 [jira] [Created] (OAK-9520) CVE-2021-29262 in oak-solr-osgi CVE-2021-29262
MLIST:[jackrabbit-oak-issues] 20210730 [jira] [Resolved] (OAK-9520) CVE-2021-29262 in oak-solr-osgi CVE-2021-29262
MLIST:[jackrabbit-oak-issues] 20210730 [jira] [Updated] (OAK-9520) CVE-2021-29262 in oak-solr-osgi CVE-2021-29262
MLIST:[jackrabbit-oak-issues] 20210817 [jira] [Created] (OAK-9537) Security vulnerability in org/apache/lucene/queryparser/xml/CoreParser.java CVE-2017-12629
MLIST:[jackrabbit-oak-issues] 20211006 [jira] [Updated] (OAK-9520) CVE-2021-29262 in oak-solr-osgi CVE-2021-29262
MLIST:[james-notifications] 20210501 [GitHub] [james-project] chibenwa opened a new pull request #414: [UPGRADE] Adopt Apache Tika 1.26 CVE-2020-9489 CVE-2021-27807 CVE-2021-27906 CVE-2021-28657
MLIST:[james-notifications] 20210714 [GitHub] [james-project] chibenwa opened a new pull request #537: [UPGRADE] Security upgrade: common-compress to 1.21 CVE-2021-36090
MLIST:[james-notifications] 20210820 [GitHub] [james-project] chibenwa opened a new pull request #609: [UPGRADE] JSOUP 1.14.1 -> 1.14.2 to address CVE-2021-37714 CVE-2021-37714
MLIST:[james-notifications] 20210823 [GitHub] [james-project] chibenwa merged pull request #609: [UPGRADE] JSOUP 1.14.1 -> 1.14.2 to address CVE-2021-37714 CVE-2021-37714
MLIST:[james-notifications] 20210823 [james-project] branch master updated: [UPGRADE] JSOUP 1.14.1 -> 1.14.2 to address CVE-2021-37714 CVE-2021-37714
MLIST:[james-server-dev] 20190318 [james-project] 01/03: JAMES-2693 Update com.puppycrawl.tools:checkstyle to respond to CVE-2019-9658 CVE-2019-9658
MLIST:[james-server-dev] 20190708 [jira] [Created] (JAMES-2819) Upgrade pdfbox following CVE-2019-0228 CVE-2019-0228
MLIST:[james-server-dev] 20200618 [jira] [Closed] (JAMES-2819) Upgrade pdfbox following CVE-2019-0228 CVE-2019-0228
MLIST:[java-apache-users] 20000929 jserv wrapper error CVE-2000-1247
MLIST:[jena-dev] 20200318 Re: Logging (JENA-1005) CVE-2019-17571
MLIST:[jena-dev] 20210428 FYI: Maven CVE-2021-26291 CVE-2021-26291
MLIST:[jena-dev] 20210429 Re: FYI: Maven CVE-2021-26291 CVE-2021-26291
MLIST:[jena-dev] 20210921 CVE-2021-39239 notifications for Jena 4.2.0 CVE-2021-39239
MLIST:[jena-dev] 20210921 Re: CVE-2021-39239 notifications for Jena 4.2.0 CVE-2021-39239
MLIST:[jenkinsci-advisories] 20111109 Security advisory in Jenkins Core CVE-2011-4344
MLIST:[jenkinsci-advisories] 20161111 Re: Unauthenticated remote code execution vulnerability in Jenkins CVE-2016-9299
MLIST:[jenkinsci-advisories] 20161111 Unauthenticated remote code execution vulnerability in Jenkins CVE-2016-9299
MLIST:[jetty-announce] 20150224 Critical Security Release of Jetty 9.2.9.v20150224 CVE-2015-2080
MLIST:[jetty-announce] 20150225 CVE-2015-2080 : JetLeak Vulnerability Remote Leakage of Shared Buffers in Jetty CVE-2015-2080
MLIST:[jetty-announce] 20160531 [jetty-announce] Jetty 9.3.x/Windows Security Vulnerability CVE-2016-4800 CVE-2016-4800
MLIST:[jifty-devel] 20110415 Security weaknesses in Jifty::DBI CVE-2011-1933
MLIST:[jmeter-dev] 20210305 [GitHub] [jmeter] sseide opened a new pull request #648: update xmlgraphics-commons to 2.6 (from 2.3) CVE-2020-11988
MLIST:[jmeter-dev] 20210406 [GitHub] [jmeter] sseide opened a new pull request #655: update x-stream to 1.4.16 (from 1.4.15) CVE-2021-21341 CVE-2021-21342 CVE-2021-21343 CVE-2021-21344 CVE-2021-21345 CVE-2021-21346 CVE-2021-21347 CVE-2021-21348 CVE-2021-21349 CVE-2021-21350 CVE-2021-21351
MLIST:[jmeter-dev] 20210607 [GitHub] [jmeter] sseide opened a new pull request #667: update x-stream to 1.4.17 (from 1.4.16) CVE-2021-29505
MLIST:[jmeter-issues] 20190609 [Bug 62039] [CVE-2018-1287 & CVE-2018-1297] Distributed testing : Secure RMI connection by SSL and certificate and bind to host defined "java.rmi.server.hostname" system property CVE-2018-1287 CVE-2018-1297
MLIST:[jmeter-user] 20190302 [SECURITY] CVE-2019-0187: Apache JMeter Missing client auth for RMI connection when distributed test is used CVE-2019-0187
MLIST:[jspwiki-commits] 20190329 [jspwiki-site] branch jbake updated: add CVE-2019-0224 and CVE-2019-0225 vulnerability disclosures CVE-2018-20242 CVE-2019-0224 CVE-2019-0225
MLIST:[jspwiki-commits] 20190519 [jspwiki-site] branch jbake updated: added CVE-2019-10076, CVE-2019-10077 and CVE-2019-10078 vulnerability disclosures CVE-2018-20242 CVE-2019-0224 CVE-2019-0225 CVE-2019-10076 CVE-2019-10077 CVE-2019-10078
MLIST:[jspwiki-dev] 20190326 [CVE-2019-0224] Apache JSPWiki Cross-site scripting vulnerability CVE-2019-0224
MLIST:[jspwiki-dev] 20190326 [CVE-2019-0225] Apache JSPWiki Local File Inclusion (limited ROOT folder) vulnerability leads to user information disclosure CVE-2019-0225
MLIST:[jspwiki-dev] 20190519 [CVE-2019-10078] Apache JSPWiki Cross-site scripting vulnerability on Apache JSPWiki CVE-2019-10078
MLIST:[jspwiki-dev] 20190521 Re: [CVE-2019-10078] Apache JSPWiki Cross-site scripting vulnerability on Apache JSPWiki CVE-2019-10078
MLIST:[jspwiki-user] 20190326 [CVE-2019-0225] Apache JSPWiki Local File Inclusion (limited ROOT folder) vulnerability leads to user information disclosure CVE-2019-0225
MLIST:[juddi-dev] 20090811 [ANNOUNCE] Release jUDDI v2.0 and v.2.0.1 CVE-2009-1197 CVE-2009-1198
MLIST:[juddi-user] 20180208 [Announce] CVE-2009-4267 - vulnerability in jUDDI 3.0.0 console. CVE-2009-4267
MLIST:[kafka-commits] 20190802 [kafka-site] branch asf-site updated: Add CVE-2018-17196, fix some links. (#223) CVE-2018-1288 CVE-2018-17196
MLIST:[kafka-commits] 20200115 [kafka-site] branch asf-site updated: Add CVE-2019-12399 (#250) CVE-2018-17196 CVE-2019-12399
MLIST:[kafka-commits] 20210222 [kafka] branch 2.6 updated: KAFKA-12324: Upgrade jetty to fix CVE-2020-27218 CVE-2020-27218
MLIST:[kafka-commits] 20210222 [kafka] branch 2.7 updated: KAFKA-12324: Upgrade jetty to fix CVE-2020-27218 CVE-2020-27218
MLIST:[kafka-commits] 20210222 [kafka] branch 2.8 updated: KAFKA-12324: Upgrade jetty to fix CVE-2020-27218 CVE-2020-27218
MLIST:[kafka-commits] 20210302 [kafka] branch 2.6 updated: KAFKA-12389: Upgrade of netty-codec due to CVE-2021-21290 CVE-2021-21290
MLIST:[kafka-commits] 20210302 [kafka] branch 2.6 updated: KAFKA-12400: Upgrade jetty to fix CVE-2020-27223 CVE-2020-27223
MLIST:[kafka-commits] 20210302 [kafka] branch 2.7 updated: KAFKA-12389: Upgrade of netty-codec due to CVE-2021-21290 CVE-2021-21290
MLIST:[kafka-commits] 20210302 [kafka] branch 2.7 updated: KAFKA-12400: Upgrade jetty to fix CVE-2020-27223 CVE-2020-27223
MLIST:[kafka-commits] 20210302 [kafka] branch 2.8 updated: KAFKA-12400: Upgrade jetty to fix CVE-2020-27223 CVE-2020-27223
MLIST:[kafka-commits] 20210506 [kafka] branch 2.7 updated: KAFKA-12752: Bump Jersey deps to 2.34 due to CVE-2021-28168 (#10636) CVE-2021-28168
MLIST:[kafka-commits] 20210506 [kafka] branch 2.8 updated: KAFKA-12752: Bump Jersey deps to 2.34 due to CVE-2021-28168 (#10636) CVE-2021-28168
MLIST:[kafka-commits] 20210521 [kafka] branch 2.6 updated: KAFKA-12820: Upgrade maven-artifact dependency to resolve CVE-2021-26291 CVE-2021-26291
MLIST:[kafka-commits] 20210521 [kafka] branch 2.7 updated: KAFKA-12820: Upgrade maven-artifact dependency to resolve CVE-2021-26291 CVE-2021-26291
MLIST:[kafka-commits] 20210521 [kafka] branch 2.8 updated: KAFKA-12820: Upgrade maven-artifact dependency to resolve CVE-2021-26291 CVE-2021-26291
MLIST:[kafka-commits] 20210817 [kafka] branch 2.7 updated: KAFKA-13209: Upgrade jetty-server to fix CVE-2021-34429 CVE-2021-34429
MLIST:[kafka-commits] 20210817 [kafka] branch 2.8 updated: KAFKA-13209: Upgrade jetty-server to fix CVE-2021-34429 CVE-2021-34429
MLIST:[kafka-commits] 20210817 [kafka] branch 3.0 updated: KAFKA-13209: Upgrade jetty-server to fix CVE-2021-34429 CVE-2021-34429
MLIST:[kafka-commits] 20210921 [kafka-site] branch asf-site updated: Add CVE-2021-38153 (#375) CVE-2019-12399
MLIST:[kafka-dev] 20190501 [jira] [Created] (KAFKA-8308) Update jetty for security vulnerability CVE-2019-10241 CVE-2019-10241
MLIST:[kafka-dev] 20190503 [jira] [Resolved] (KAFKA-8308) Update jetty for security vulnerability CVE-2019-10241 CVE-2019-10241
MLIST:[kafka-dev] 20200105 [jira] [Created] (KAFKA-9366) please consider upgrade log4j to log4j2 due to critical security problem CVE-2019-17571 CVE-2019-17571
MLIST:[kafka-dev] 20200113 CVE-2019-12399: Apache Kafka Connect REST API may expose plaintext secrets in tasks endpoint CVE-2019-12399
MLIST:[kafka-dev] 20200413 [jira] [Created] (KAFKA-9858) CVE-2016-3189 Use-after-free vulnerability in bzip2recover in bzip2 1.0.6 allows remote attackers to cause a denial of service (crash) via a crafted bzip2 file, related to block ends set to before the start of the block. CVE-2016-3189
MLIST:[kafka-dev] 20200514 [jira] [Created] (KAFKA-9996) upgrade zookeeper to 3.5.8 to address security vulnerabilities CVE-2020-8840 CVE-2020-9488
MLIST:[kafka-dev] 20200514 [jira] [Created] (KAFKA-9997) upgrade log4j lib to address CVE-2020-9488 CVE-2020-9488
MLIST:[kafka-dev] 20200818 [jira] [Created] (KAFKA-10414) Upgrade api-util dependency - CVE-2018-1337 CVE-2018-1337
MLIST:[kafka-dev] 20200824 [jira] [Resolved] (KAFKA-10414) Upgrade api-util dependency - CVE-2018-1337 CVE-2018-1337
MLIST:[kafka-dev] 20201215 Re: [VOTE] 2.7.0 RC5 CVE-2020-25649
MLIST:[kafka-dev] 20210105 Re: [kafka-clients] Re: [VOTE] 2.6.1 RC3 CVE-2020-25649
MLIST:[kafka-dev] 20210211 [jira] [Created] (KAFKA-12324) Upgrade jetty to fix CVE-2020-27218 CVE-2020-27218
MLIST:[kafka-dev] 20210211 [jira] [Created] (KAFKA-12325) Update to secure versions of scala libraries due to CVE-2017-15288 CVE-2017-15288
MLIST:[kafka-dev] 20210215 [jira] [Resolved] (KAFKA-12325) Is Kafka affected by Scala security vulnerability (CVE-2017-15288)? CVE-2017-15288
MLIST:[kafka-dev] 20210222 [jira] [Resolved] (KAFKA-12324) Upgrade jetty to fix CVE-2020-27218 CVE-2020-27218
MLIST:[kafka-dev] 20210301 [jira] [Created] (KAFKA-12389) Upgrade of netty-codec due to CVE-2021-21290 CVE-2021-21290
MLIST:[kafka-dev] 20210302 [jira] [Created] (KAFKA-12400) Upgrade jetty to fix CVE-2020-27223 CVE-2020-27223
MLIST:[kafka-dev] 20210302 [jira] [Resolved] (KAFKA-12389) Upgrade of netty-codec due to CVE-2021-21290 CVE-2021-21290
MLIST:[kafka-dev] 20210302 [jira] [Resolved] (KAFKA-12400) Upgrade jetty to fix CVE-2020-27223 CVE-2020-27223
MLIST:[kafka-dev] 20210330 [jira] [Created] (KAFKA-12583) Upgrade of netty-codec due to CVE-2021-21295 CVE-2021-21290 CVE-2021-21295
MLIST:[kafka-dev] 20210401 [jira] [Resolved] (KAFKA-12583) Upgrade of netty-codec due to CVE-2021-21295 CVE-2021-21295
MLIST:[kafka-dev] 20210412 [jira] [Created] (KAFKA-12655) CVE-2021-28165 - Upgrade jetty to 9.4.39 CVE-2021-28165
MLIST:[kafka-dev] 20210413 [jira] [Resolved] (KAFKA-12655) CVE-2021-28165 - Upgrade jetty to 9.4.39 CVE-2021-28165
MLIST:[kafka-dev] 20210420 [jira] [Created] (KAFKA-12698) CVE-2019-25013 vulnerability reported in Kafka CVE-2019-25013
MLIST:[kafka-dev] 20210505 [jira] [Created] (KAFKA-12752) CVE-2021-28168 upgrade jersey to 2.34 or 3.02 CVE-2021-28168
MLIST:[kafka-dev] 20210506 [jira] [Resolved] (KAFKA-12752) CVE-2021-28168 upgrade jersey to 2.34 or 3.02 CVE-2021-28168
MLIST:[kafka-dev] 20210520 [jira] [Created] (KAFKA-12820) Upgrade maven-artifact dependency to resolve CVE-2021-26291 CVE-2021-26291
MLIST:[kafka-dev] 20210521 [jira] [Resolved] (KAFKA-12820) Upgrade maven-artifact dependency to resolve CVE-2021-26291 CVE-2021-26291
MLIST:[kafka-dev] 20210611 Re: [DISCUSS] KIP-719: Add Log4J2 Appender CVE-2019-17571
MLIST:[kafka-dev] 20210623 [jira] [Created] (KAFKA-12985) CVE-2021-28169 - Upgrade jetty to 9.4.41 CVE-2021-28169
MLIST:[kafka-dev] 20210722 [jira] [Resolved] (KAFKA-12985) CVE-2021-28169 - Upgrade jetty to 9.4.41 CVE-2021-28169
MLIST:[kafka-dev] 20210729 [jira] [Resolved] (KAFKA-9858) CVE-2016-3189 Use-after-free vulnerability in bzip2recover in bzip2 1.0.6 allows remote attackers to cause a denial of service (crash) via a crafted bzip2 file, related to block ends set to before the start of the block. CVE-2016-3189
MLIST:[kafka-dev] 20210817 [jira] [Resolved] (KAFKA-13209) Upgrade jetty-server to fix CVE-2021-34429 CVE-2021-34429
MLIST:[kafka-dev] 20210831 Security vulnerabilities in kafka:2.13-2.6.0/2.7.0 docker image CVE-2019-17571 CVE-2020-25649 CVE-2021-22922 CVE-2021-22924 CVE-2021-22926 CVE-2021-31535 CVE-2021-36159
MLIST:[kafka-dev] 20210901 Re: [EXTERNAL] Re: Security vulnerabilities in kafka:2.13-2.6.0/2.7.0 docker image CVE-2019-17571 CVE-2020-25649 CVE-2021-22922 CVE-2021-22924 CVE-2021-22926 CVE-2021-31535 CVE-2021-36159
MLIST:[kafka-dev] 20211007 Re: CVE Back Port? CVE-2018-1288 CVE-2021-38153
MLIST:[kafka-dev] 20211012 [VOTE] 2.6.3 RC0 CVE-2021-38153
MLIST:[kafka-dev] 20211012 [VOTE] 2.7.2 RC0 CVE-2021-38153
MLIST:[kafka-dev] 20211026 Re: [kafka-clients] [VOTE] 2.7.2 RC0 CVE-2021-38153
MLIST:[kafka-jira] 20190501 [jira] [Created] (KAFKA-8308) Update jetty for security vulnerability CVE-2019-10241 CVE-2019-10241
MLIST:[kafka-jira] 20190503 [jira] [Assigned] (KAFKA-8308) Update jetty for security vulnerability CVE-2019-10241 CVE-2019-10241
MLIST:[kafka-jira] 20190503 [jira] [Resolved] (KAFKA-8308) Update jetty for security vulnerability CVE-2019-10241 CVE-2019-10241
MLIST:[kafka-jira] 20200105 [jira] [Created] (KAFKA-9366) please consider upgrade log4j to log4j2 due to critical security problem CVE-2019-17571 CVE-2019-17571
MLIST:[kafka-jira] 20200105 [jira] [Updated] (KAFKA-9366) please consider upgrade log4j to log4j2 due to critical security problem CVE-2019-17571 CVE-2019-17571
MLIST:[kafka-jira] 20200106 [jira] [Assigned] (KAFKA-9366) please consider upgrade log4j to log4j2 due to critical security problem CVE-2019-17571 CVE-2019-17571
MLIST:[kafka-jira] 20200106 [jira] [Commented] (KAFKA-9366) please consider upgrade log4j to log4j2 due to critical security problem CVE-2019-17571 CVE-2019-17571
MLIST:[kafka-jira] 20200107 [jira] [Updated] (KAFKA-9366) please consider upgrade log4j to log4j2 due to critical security problem CVE-2019-17571 CVE-2019-17571
MLIST:[kafka-jira] 20200413 [jira] [Created] (KAFKA-9858) CVE-2016-3189 Use-after-free vulnerability in bzip2recover in bzip2 1.0.6 allows remote attackers to cause a denial of service (crash) via a crafted bzip2 file, related to block ends set to before the start of the block. CVE-2016-3189
MLIST:[kafka-jira] 20200413 [jira] [Updated] (KAFKA-9858) CVE-2016-3189 Use-after-free vulnerability in bzip2recover in bzip2 1.0.6 allows remote attackers to cause a denial of service (crash) via a crafted bzip2 file, related to block ends set to before the start of the block. CVE-2016-3189
MLIST:[kafka-jira] 20200414 [jira] [Commented] (KAFKA-9858) CVE-2016-3189 Use-after-free vulnerability in bzip2recover in bzip2 1.0.6 allows remote attackers to cause a denial of service (crash) via a crafted bzip2 file, related to block ends set to before the start of the block. CVE-2016-3189
MLIST:[kafka-jira] 20200514 [GitHub] [kafka] jeffhuang26 commented on pull request #7898: KAFKA-9366: please consider upgrade log4j to log4j2 due to critical security problem CVE-2019-17571 CVE-2019-17571
MLIST:[kafka-jira] 20200514 [jira] [Created] (KAFKA-9996) upgrade zookeeper to 3.5.8 to address security vulnerabilities CVE-2020-8840 CVE-2020-9488
MLIST:[kafka-jira] 20200514 [jira] [Created] (KAFKA-9997) upgrade log4j lib to address CVE-2020-9488 CVE-2020-9488
MLIST:[kafka-jira] 20200515 [jira] [Commented] (KAFKA-9997) upgrade log4j lib to address CVE-2020-9488 CVE-2020-9488
MLIST:[kafka-jira] 20200529 [GitHub] [kafka] ijuma commented on pull request #7898: KAFKA-9366: please consider upgrade log4j to log4j2 due to critical security problem CVE-2019-17571 CVE-2019-17571
MLIST:[kafka-jira] 20200602 [GitHub] [kafka] dongjinleekr commented on pull request #7898: KAFKA-9366: please consider upgrade log4j to log4j2 due to critical security problem CVE-2019-17571 CVE-2019-17571
MLIST:[kafka-jira] 20200624 [GitHub] [kafka] dongjinleekr commented on pull request #7898: KAFKA-9366: please consider upgrade log4j to log4j2 due to critical security problem CVE-2019-17571 CVE-2019-17571
MLIST:[kafka-jira] 20200625 [GitHub] [kafka] dongjinleekr commented on pull request #7898: KAFKA-9366: please consider upgrade log4j to log4j2 due to critical security problem CVE-2019-17571 CVE-2019-17571
MLIST:[kafka-jira] 20200818 [jira] [Assigned] (KAFKA-10414) Upgrade api-util dependency - CVE-2018-1337 CVE-2018-1337
MLIST:[kafka-jira] 20200818 [jira] [Created] (KAFKA-10414) Upgrade api-util dependency - CVE-2018-1337 CVE-2018-1337
MLIST:[kafka-jira] 20200819 [jira] [Updated] (KAFKA-10414) Upgrade api-util dependency - CVE-2018-1337 CVE-2018-1337
MLIST:[kafka-jira] 20200824 [jira] [Resolved] (KAFKA-10414) Upgrade api-util dependency - CVE-2018-1337 CVE-2018-1337
MLIST:[kafka-jira] 20201104 [GitHub] [kafka] niteshmor opened a new pull request #9556: MINOR: Update jetty to 9.4.33 CVE-2020-27216
MLIST:[kafka-jira] 20201205 [GitHub] [kafka] sirocchj opened a new pull request #9702: CVE-2020-25649: bumping jackson to patched version 2.10.5.1 CVE-2020-25649
MLIST:[kafka-jira] 20201209 [GitHub] [kafka] ijuma commented on pull request #9702: CVE-2020-25649: bumping jackson to patched version 2.10.5.1 CVE-2020-25649
MLIST:[kafka-jira] 20201209 [GitHub] [kafka] niteshmor commented on pull request #9702: CVE-2020-25649: bumping jackson to patched version 2.10.5.1 CVE-2020-25649
MLIST:[kafka-jira] 20201209 [GitHub] [kafka] sirocchj commented on pull request #9702: CVE-2020-25649: bumping jackson to patched version 2.10.5.1 CVE-2020-25649
MLIST:[kafka-jira] 20201209 [GitHub] [kafka] sirocchj edited a comment on pull request #9702: CVE-2020-25649: bumping jackson to patched version 2.10.5.1 CVE-2020-25649
MLIST:[kafka-jira] 20201210 [GitHub] [kafka] niteshmor commented on pull request #9702: CVE-2020-25649: bumping jackson to patched version 2.10.5.1 CVE-2020-25649
MLIST:[kafka-jira] 20201210 [GitHub] [kafka] niteshmor edited a comment on pull request #9702: CVE-2020-25649: bumping jackson to patched version 2.10.5.1 CVE-2020-25649
MLIST:[kafka-jira] 20201210 [GitHub] [kafka] sirocchj commented on pull request #9702: CVE-2020-25649: bumping jackson to patched version 2.10.5.1 CVE-2020-25649
MLIST:[kafka-jira] 20201215 [GitHub] [kafka] ijuma commented on pull request #9702: CVE-2020-25649: bumping jackson to patched version 2.10.5.1 CVE-2020-25649
MLIST:[kafka-jira] 20201215 [GitHub] [kafka] ijuma edited a comment on pull request #9702: CVE-2020-25649: bumping jackson to patched version 2.10.5.1 CVE-2020-25649
MLIST:[kafka-jira] 20201215 [GitHub] [kafka] ijuma merged pull request #9702: CVE-2020-25649: bumping jackson to patched version 2.10.5.1 CVE-2020-25649
MLIST:[kafka-jira] 20210107 [GitHub] [kafka] cyrusv opened a new pull request #9845: MINOR: Bump Bouncy Castle Dep to resolve CVE-2020-28052 CVE-2020-28052
MLIST:[kafka-jira] 20210211 [GitHub] [kafka] ch4rl353y commented on pull request #7898: KAFKA-9366: Change log4j dependency into log4j2 CVE-2019-17571
MLIST:[kafka-jira] 20210211 [jira] [Created] (KAFKA-12324) Upgrade jetty to fix CVE-2020-27218 CVE-2020-27218
MLIST:[kafka-jira] 20210211 [jira] [Created] (KAFKA-12325) Update to secure versions of scala libraries due to CVE-2017-15288 CVE-2017-15288
MLIST:[kafka-jira] 20210211 [jira] [Updated] (KAFKA-12325) Is Kafka affected by Scala security vulnerability (CVE-2017-15288)? CVE-2017-15288
MLIST:[kafka-jira] 20210212 [jira] [Assigned] (KAFKA-12324) Upgrade jetty to fix CVE-2020-27218 CVE-2020-27218
MLIST:[kafka-jira] 20210212 [jira] [Commented] (KAFKA-12324) Upgrade jetty to fix CVE-2020-27218 CVE-2020-27218
MLIST:[kafka-jira] 20210212 [jira] [Commented] (KAFKA-12325) Is Kafka affected by Scala security vulnerability (CVE-2017-15288)? CVE-2017-15288
MLIST:[kafka-jira] 20210214 [jira] [Commented] (KAFKA-12325) Is Kafka affected by Scala security vulnerability (CVE-2017-15288)? CVE-2017-15288
MLIST:[kafka-jira] 20210215 [jira] [Commented] (KAFKA-12325) Is Kafka affected by Scala security vulnerability (CVE-2017-15288)? CVE-2017-15288
MLIST:[kafka-jira] 20210215 [jira] [Resolved] (KAFKA-12325) Is Kafka affected by Scala security vulnerability (CVE-2017-15288)? CVE-2017-15288
MLIST:[kafka-jira] 20210222 [GitHub] [kafka] dongjinleekr commented on pull request #10177: KAFKA-12324: Upgrade jetty to fix CVE-2020-27218 CVE-2020-27218
MLIST:[kafka-jira] 20210222 [GitHub] [kafka] dongjinleekr opened a new pull request #10177: KAFKA-12324: Upgrade jetty to fix CVE-2020-27218 CVE-2020-27218
MLIST:[kafka-jira] 20210222 [GitHub] [kafka] ijuma commented on pull request #10177: KAFKA-12324: Upgrade jetty to fix CVE-2020-27218 CVE-2020-27218
MLIST:[kafka-jira] 20210222 [GitHub] [kafka] omkreddy closed pull request #10177: KAFKA-12324: Upgrade jetty to fix CVE-2020-27218 CVE-2020-27218
MLIST:[kafka-jira] 20210222 [jira] [Resolved] (KAFKA-12324) Upgrade jetty to fix CVE-2020-27218 CVE-2020-27218
MLIST:[kafka-jira] 20210301 [GitHub] [kafka] dongjinleekr commented on pull request #10235: KAFKA-12389: Upgrade of netty-codec due to CVE-2021-21290 CVE-2020-27218 CVE-2021-21290
MLIST:[kafka-jira] 20210301 [GitHub] [kafka] dongjinleekr opened a new pull request #10235: KAFKA-12389: Upgrade of netty-codec due to CVE-2021-21290 CVE-2021-21290
MLIST:[kafka-jira] 20210301 [jira] [Assigned] (KAFKA-12389) Upgrade of netty-codec due to CVE-2021-21290 CVE-2021-21290
MLIST:[kafka-jira] 20210301 [jira] [Created] (KAFKA-12389) Upgrade of netty-codec due to CVE-2021-21290 CVE-2021-21290
MLIST:[kafka-jira] 20210302 [GitHub] [kafka] ableegoldman commented on pull request #10245: KAFKA-12400: Upgrade jetty to fix CVE-2020-27223 CVE-2020-27223
MLIST:[kafka-jira] 20210302 [GitHub] [kafka] dongjinleekr commented on pull request #10235: KAFKA-12389: Upgrade of netty-codec due to CVE-2021-21290 CVE-2021-21290
MLIST:[kafka-jira] 20210302 [GitHub] [kafka] dongjinleekr commented on pull request #10245: KAFKA-12400: Upgrade jetty to fix CVE-2020-27223 CVE-2020-27218 CVE-2020-27223
MLIST:[kafka-jira] 20210302 [GitHub] [kafka] dongjinleekr opened a new pull request #10245: KAFKA-12400: Upgrade jetty to fix CVE-2020-27223 CVE-2020-27223
MLIST:[kafka-jira] 20210302 [GitHub] [kafka] omkreddy closed pull request #10235: KAFKA-12389: Upgrade of netty-codec due to CVE-2021-21290 CVE-2021-21290
MLIST:[kafka-jira] 20210302 [GitHub] [kafka] omkreddy closed pull request #10245: KAFKA-12400: Upgrade jetty to fix CVE-2020-27223 CVE-2020-27223
MLIST:[kafka-jira] 20210302 [jira] [Created] (KAFKA-12400) Upgrade jetty to fix CVE-2020-27223 CVE-2020-27223
MLIST:[kafka-jira] 20210302 [jira] [Resolved] (KAFKA-12389) Upgrade of netty-codec due to CVE-2021-21290 CVE-2021-21290
MLIST:[kafka-jira] 20210302 [jira] [Resolved] (KAFKA-12400) Upgrade jetty to fix CVE-2020-27223 CVE-2020-27223
MLIST:[kafka-jira] 20210330 [jira] [Created] (KAFKA-12583) Upgrade of netty-codec due to CVE-2021-21295 CVE-2021-21290 CVE-2021-21295
MLIST:[kafka-jira] 20210330 [jira] [Updated] (KAFKA-12583) Upgrade of netty-codec due to CVE-2021-21295 CVE-2021-21290 CVE-2021-21295
MLIST:[kafka-jira] 20210331 [GitHub] [kafka] dongjinleekr commented on pull request #10448: KAFKA-12583: Upgrade of netty-codec due to CVE-2021-21295 CVE-2021-21295
MLIST:[kafka-jira] 20210331 [GitHub] [kafka] dongjinleekr opened a new pull request #10448: KAFKA-12583: Upgrade of netty-codec due to CVE-2021-21295 CVE-2021-21295
MLIST:[kafka-jira] 20210401 [jira] [Commented] (KAFKA-12583) Upgrade of netty-codec due to CVE-2021-21295 CVE-2021-21295
MLIST:[kafka-jira] 20210401 [jira] [Resolved] (KAFKA-12583) Upgrade of netty-codec due to CVE-2021-21295 CVE-2021-21295
MLIST:[kafka-jira] 20210402 [jira] [Assigned] (KAFKA-12583) Upgrade of netty-codec due to CVE-2021-21295 CVE-2021-21295
MLIST:[kafka-jira] 20210412 [GitHub] [kafka] dongjinleekr commented on pull request #10526: KAFKA-12655: CVE-2021-28165 - Upgrade jetty to 9.4.39 CVE-2021-28165
MLIST:[kafka-jira] 20210412 [GitHub] [kafka] dongjinleekr opened a new pull request #10526: KAFKA-12655: CVE-2021-28165 - Upgrade jetty to 9.4.39 CVE-2021-28163 CVE-2021-28164 CVE-2021-28165
MLIST:[kafka-jira] 20210412 [jira] [Assigned] (KAFKA-12655) CVE-2021-28165 - Upgrade jetty to 9.4.39 CVE-2021-28165
MLIST:[kafka-jira] 20210412 [jira] [Created] (KAFKA-12655) CVE-2021-28165 - Upgrade jetty to 9.4.39 CVE-2021-28165
MLIST:[kafka-jira] 20210412 [jira] [Updated] (KAFKA-12655) CVE-2021-28165 - Upgrade jetty to 9.4.39 CVE-2021-28165
MLIST:[kafka-jira] 20210413 [GitHub] [kafka] chia7712 commented on pull request #10526: KAFKA-12655: CVE-2021-28165 - Upgrade jetty to 9.4.39 CVE-2021-28165
MLIST:[kafka-jira] 20210413 [GitHub] [kafka] chia7712 merged pull request #10526: KAFKA-12655: CVE-2021-28165 - Upgrade jetty to 9.4.39 CVE-2021-28165
MLIST:[kafka-jira] 20210413 [GitHub] [kafka] dongjinleekr commented on pull request #10526: KAFKA-12655: CVE-2021-28165 - Upgrade jetty to 9.4.39 CVE-2021-28165
MLIST:[kafka-jira] 20210413 [GitHub] [kafka] edwin092 commented on pull request #10526: KAFKA-12655: CVE-2021-28165 - Upgrade jetty to 9.4.39 CVE-2021-28165
MLIST:[kafka-jira] 20210413 [jira] [Resolved] (KAFKA-12655) CVE-2021-28165 - Upgrade jetty to 9.4.39 CVE-2021-28165
MLIST:[kafka-jira] 20210413 [jira] [Updated] (KAFKA-12655) CVE-2021-28165 - Upgrade jetty to 9.4.39 CVE-2021-28165
MLIST:[kafka-jira] 20210420 [jira] [Created] (KAFKA-12698) CVE-2019-25013 vulnerability reported in Kafka CVE-2019-25013
MLIST:[kafka-jira] 20210423 [jira] [Comment Edited] (KAFKA-12698) CVE-2019-25013 high priority vulnerability reported in Kafka CVE-2019-25013
MLIST:[kafka-jira] 20210423 [jira] [Commented] (KAFKA-12698) CVE-2019-25013 high priority vulnerability reported in Kafka CVE-2019-25013
MLIST:[kafka-jira] 20210423 [jira] [Updated] (KAFKA-12698) CVE-2019-25013 high priority vulnerability reported in Kafka CVE-2019-25013
MLIST:[kafka-jira] 20210429 [GitHub] [kafka] xjin-Confluent opened a new pull request #10614: MINOR: Upgrade jersey to 2.34 CVE-2021-28168
MLIST:[kafka-jira] 20210505 [GitHub] [kafka] shayelkin opened a new pull request #10636: MINOR: Bump Jersey deps to 2.34 due to CVE-2021-28168 CVE-2021-28168
MLIST:[kafka-jira] 20210505 [jira] [Created] (KAFKA-12752) CVE-2021-28168 upgrade jersey to 2.34 or 3.02 CVE-2021-28168
MLIST:[kafka-jira] 20210506 [GitHub] [kafka] dongjinleekr opened a new pull request #10641: KAFKA-12752: CVE-2021-28168 upgrade jersey to 2.34 or 3.02 CVE-2021-28168
MLIST:[kafka-jira] 20210506 [GitHub] [kafka] dongjinleekr opened a new pull request #10642: KAFKA-12756: Update Zookeeper to 3.6.3 or higher CVE-2021-21409
MLIST:[kafka-jira] 20210506 [GitHub] [kafka] omkreddy commented on pull request #10641: KAFKA-12752: CVE-2021-28168 upgrade jersey to 2.34 or 3.02 CVE-2021-28168
MLIST:[kafka-jira] 20210506 [GitHub] [kafka] omkreddy merged pull request #10636: MINOR: Bump Jersey deps to 2.34 due to CVE-2021-28168 CVE-2021-28168
MLIST:[kafka-jira] 20210506 [jira] [Assigned] (KAFKA-12752) CVE-2021-28168 upgrade jersey to 2.34 or 3.02 CVE-2021-28168
MLIST:[kafka-jira] 20210506 [jira] [Commented] (KAFKA-12752) CVE-2021-28168 upgrade jersey to 2.34 or 3.02 CVE-2021-28168
MLIST:[kafka-jira] 20210506 [jira] [Resolved] (KAFKA-12752) CVE-2021-28168 upgrade jersey to 2.34 or 3.02 CVE-2021-28168
MLIST:[kafka-jira] 20210507 [GitHub] [kafka] dongjinleekr closed pull request #10641: KAFKA-12752: CVE-2021-28168 upgrade jersey to 2.34 or 3.02 CVE-2021-28168
MLIST:[kafka-jira] 20210507 [GitHub] [kafka] dongjinleekr commented on pull request #10641: KAFKA-12752: CVE-2021-28168 upgrade jersey to 2.34 or 3.02 CVE-2021-28168
MLIST:[kafka-jira] 20210520 [GitHub] [kafka] dongjinleekr opened a new pull request #10739: KAFKA-12820: Upgrade maven-artifact dependency to resolve CVE-2021-26291 CVE-2021-26291
MLIST:[kafka-jira] 20210520 [jira] [Assigned] (KAFKA-12820) Upgrade maven-artifact dependency to resolve CVE-2021-26291 CVE-2021-26291
MLIST:[kafka-jira] 20210520 [jira] [Created] (KAFKA-12820) Upgrade maven-artifact dependency to resolve CVE-2021-26291 CVE-2021-26291
MLIST:[kafka-jira] 20210521 [GitHub] [kafka] omkreddy merged pull request #10739: KAFKA-12820: Upgrade maven-artifact dependency to resolve CVE-2021-26291 CVE-2021-26291
MLIST:[kafka-jira] 20210521 [jira] [Resolved] (KAFKA-12820) Upgrade maven-artifact dependency to resolve CVE-2021-26291 CVE-2021-26291
MLIST:[kafka-jira] 20210623 [GitHub] [kafka] dongjinleekr opened a new pull request #10919: KAFKA-12985: CVE-2021-28169 - Upgrade jetty to 9.4.41 CVE-2021-28169 CVE-2021-34428
MLIST:[kafka-jira] 20210623 [jira] [Created] (KAFKA-12985) CVE-2021-28169 - Upgrade jetty to 9.4.41 CVE-2021-28169
MLIST:[kafka-jira] 20210704 [GitHub] [kafka] ijuma commented on pull request #10919: KAFKA-12985: CVE-2021-28169 - Upgrade jetty to 9.4.42 CVE-2021-28169
MLIST:[kafka-jira] 20210704 [GitHub] [kafka] ijuma merged pull request #10919: KAFKA-12985: CVE-2021-28169 - Upgrade jetty to 9.4.42 CVE-2021-28169
MLIST:[kafka-jira] 20210715 [jira] [Commented] (KAFKA-12655) CVE-2021-28165 - Upgrade jetty to 9.4.39 CVE-2021-28165
MLIST:[kafka-jira] 20210722 [jira] [Resolved] (KAFKA-12985) CVE-2021-28169 - Upgrade jetty to 9.4.41 CVE-2021-28169
MLIST:[kafka-jira] 20210722 [jira] [Updated] (KAFKA-12985) CVE-2021-28169 - Upgrade jetty to 9.4.42 CVE-2021-28169
MLIST:[kafka-jira] 20210729 [jira] [Comment Edited] (KAFKA-9858) CVE-2016-3189 Use-after-free vulnerability in bzip2recover in bzip2 1.0.6 allows remote attackers to cause a denial of service (crash) via a crafted bzip2 file, related to block ends set to before the start of the block. CVE-2016-3189
MLIST:[kafka-jira] 20210729 [jira] [Commented] (KAFKA-9858) CVE-2016-3189 Use-after-free vulnerability in bzip2recover in bzip2 1.0.6 allows remote attackers to cause a denial of service (crash) via a crafted bzip2 file, related to block ends set to before the start of the block. CVE-2016-3189
MLIST:[kafka-jira] 20210729 [jira] [Resolved] (KAFKA-9858) CVE-2016-3189 Use-after-free vulnerability in bzip2recover in bzip2 1.0.6 allows remote attackers to cause a denial of service (crash) via a crafted bzip2 file, related to block ends set to before the start of the block. CVE-2016-3189
MLIST:[kafka-jira] 20210809 [jira] [Commented] (KAFKA-12820) Upgrade maven-artifact dependency to resolve CVE-2021-26291 CVE-2021-26291
MLIST:[kafka-jira] 20210817 [GitHub] [kafka] jolshan opened a new pull request #11224: KAFKA-13209: Upgrade jetty-server to fix CVE-2021-34429 CVE-2021-34429
MLIST:[kafka-jira] 20210817 [GitHub] [kafka] omkreddy merged pull request #11224: KAFKA-13209: Upgrade jetty-server to fix CVE-2021-34429 CVE-2021-34429
MLIST:[kafka-jira] 20210817 [jira] [Assigned] (KAFKA-13209) Upgrade jetty-server to fix CVE-2021-34429 CVE-2021-34429
MLIST:[kafka-jira] 20210817 [jira] [Resolved] (KAFKA-13209) Upgrade jetty-server to fix CVE-2021-34429 CVE-2021-34429
MLIST:[kafka-jira] 20210817 [jira] [Updated] (KAFKA-13209) Upgrade jetty-server to fix CVE-2021-34429 CVE-2021-34429
MLIST:[kafka-jira] 20210818 [GitHub] [kafka] jolshan opened a new pull request #11224: KAFKA-13209: Upgrade jetty-server to fix CVE-2021-34429 CVE-2021-34429
MLIST:[kafka-jira] 20210818 [GitHub] [kafka] omkreddy merged pull request #11224: KAFKA-13209: Upgrade jetty-server to fix CVE-2021-34429 CVE-2021-34429
MLIST:[kafka-users] 20180726 CVE-2017-12610: Authenticated Kafka clients may impersonate other users CVE-2017-12610
MLIST:[kafka-users] 20180726 CVE-2018-1288: Authenticated Kafka clients may interfere with data replication CVE-2018-1288
MLIST:[kafka-users] 20200113 CVE-2019-12399: Apache Kafka Connect REST API may expose plaintext secrets in tasks endpoint CVE-2019-12399
MLIST:[kafka-users] 20200413 CVEs for the dependency software guava and rocksdbjni of Kafka CVE-2016-3189 CVE-2018-10237 CVE-2019-12900
MLIST:[kafka-users] 20201215 Re: [VOTE] 2.7.0 RC5 CVE-2020-25649
MLIST:[kafka-users] 20210105 Re: [kafka-clients] Re: [VOTE] 2.6.1 RC3 CVE-2020-25649
MLIST:[kafka-users] 20210210 Security: CVE-2019-17571 (log4j) CVE-2019-17571
MLIST:[kafka-users] 20210617 vulnerabilities CVE-2017-18640 CVE-2019-17571 CVE-2020-29582 CVE-2020-9488 CVE-2021-26291 CVE-2021-28168 CVE-2021-28169 CVE-2021-29425
MLIST:[kafka-users] 20210831 Security vulnerabilities in kafka:2.13-2.6.0/2.7.0 docker image CVE-2019-17571 CVE-2020-25649 CVE-2021-22922 CVE-2021-22924 CVE-2021-22926 CVE-2021-31535 CVE-2021-36159
MLIST:[kafka-users] 20210901 Re: [EXTERNAL] Re: Security vulnerabilities in kafka:2.13-2.6.0/2.7.0 docker image CVE-2019-17571 CVE-2020-25649 CVE-2021-22922 CVE-2021-22924 CVE-2021-22926 CVE-2021-31535 CVE-2021-36159
MLIST:[kafka-users] 20211012 [VOTE] 2.6.3 RC0 CVE-2021-38153
MLIST:[kafka-users] 20211012 [VOTE] 2.7.2 RC0 CVE-2021-38153
MLIST:[kafka-users] 20211026 Re: [kafka-clients] [VOTE] 2.7.2 RC0 CVE-2021-38153
MLIST:[karaf-commits] 20190506 [karaf-site] branch trunk updated: Publish CVE-2019-0226 CVE-2019-0191
MLIST:[karaf-commits] 20200514 [GitHub] [karaf] coheigea commented on a change in pull request #1118: KARAF-6721 - Update Spring versions due to CVE-2020-5398 CVE-2020-5398
MLIST:[karaf-commits] 20200514 [GitHub] [karaf] coheigea opened a new pull request #1118: KARAF-6721 - Update Spring versions due to CVE-2020-5398 CVE-2020-5398
MLIST:[karaf-commits] 20200514 [GitHub] [karaf] skitt commented on a change in pull request #1118: KARAF-6721 - Update Spring versions due to CVE-2020-5398 CVE-2020-5398
MLIST:[karaf-commits] 20200517 [GitHub] [karaf] jbonofre commented on a change in pull request #1118: KARAF-6721 - Update Spring versions due to CVE-2020-5398 CVE-2020-5398
MLIST:[karaf-commits] 20200517 [GitHub] [karaf] jbonofre commented on pull request #1118: KARAF-6721 - Update Spring versions due to CVE-2020-5398 CVE-2020-5398
MLIST:[karaf-commits] 20200518 [GitHub] [karaf] jbonofre commented on pull request #1118: KARAF-6721 - Update Spring versions due to CVE-2020-5398 CVE-2020-5398
MLIST:[karaf-commits] 20200518 [GitHub] [karaf] jbonofre merged pull request #1118: KARAF-6721 - Update Spring versions due to CVE-2020-5398 CVE-2020-5398
MLIST:[karaf-commits] 20200518 [GitHub] [karaf] jbonofre removed a comment on pull request #1118: KARAF-6721 - Update Spring versions due to CVE-2020-5398 CVE-2020-5398
MLIST:[karaf-commits] 20200518 [karaf] branch karaf-4.2.x updated: KARAF-6721 - Update Spring versions due to CVE-2020-5398 CVE-2020-5398
MLIST:[karaf-commits] 20200518 [karaf] branch master updated: KARAF-6721 - Update Spring versions due to CVE-2020-5398 CVE-2020-5398
MLIST:[karaf-commits] 20200612 [karaf-site] branch trunk updated: Publish CVE-2020-11980 CVE-2019-0226
MLIST:[karaf-commits] 20210217 [GitHub] [karaf] jbonofre commented on pull request #1296: Update jackson-databind to fix CVE-2020-25649 / BDSA-2020-2965 CVE-2020-25649
MLIST:[karaf-commits] 20210217 [GitHub] [karaf] jbonofre merged pull request #1296: Update jackson-databind to fix CVE-2020-25649 / BDSA-2020-2965 CVE-2020-25649
MLIST:[karaf-commits] 20210217 [GitHub] [karaf] svogt opened a new pull request #1296: Update jackson-databind to fix CVE-2020-25649 / BDSA-2020-2965 CVE-2020-25649
MLIST:[karaf-commits] 20210217 [karaf] branch master updated: Update jackson-databind to fix CVE-2020-25649 / BDSA-2020-2965 CVE-2020-25649
MLIST:[karaf-dev] 20180918 [SECURITY] New security advisory for CVE-2018-11786 released for Apache Karaf CVE-2018-11786
MLIST:[karaf-dev] 20180918 [SECURITY] New security advisory for CVE-2018-11787 released for Apache Karaf CVE-2018-11787
MLIST:[karaf-dev] 20190506 [SECURITY] New security advisory for CVE-2019-0226 released for Apache Karaf CVE-2019-0226
MLIST:[karaf-issues] 20200514 [jira] [Commented] (KARAF-6721) Update Spring versions due to CVE-2020-5398 CVE-2020-5398
MLIST:[karaf-issues] 20200514 [jira] [Created] (KARAF-6721) Update Spring versions due to CVE-2020-5398 CVE-2020-5398
MLIST:[karaf-issues] 20200514 [jira] [Updated] (KARAF-6721) Update Spring versions due to CVE-2020-5398 CVE-2020-5398
MLIST:[karaf-issues] 20200517 [jira] [Assigned] (KARAF-6721) Update Spring versions due to CVE-2020-5398 CVE-2020-5398
MLIST:[karaf-issues] 20200517 [jira] [Commented] (KARAF-6721) Update Spring versions due to CVE-2020-5398 CVE-2020-5398
MLIST:[karaf-issues] 20200517 [jira] [Updated] (KARAF-6721) Update Spring versions due to CVE-2020-5398 CVE-2020-5398
MLIST:[karaf-issues] 20200517 [jira] [Updated] (KARAF-6721) Upgrade to Spring 5.1.14.RELEASE and 5.2.5.RELEASE due to CVE-2020-5398 CVE-2020-5398
MLIST:[karaf-issues] 20200518 [jira] [Commented] (KARAF-6721) Upgrade to Spring 5.1.14.RELEASE and 5.2.5.RELEASE due to CVE-2020-5398 CVE-2020-5398
MLIST:[karaf-issues] 20200518 [jira] [Resolved] (KARAF-6721) Upgrade to Spring 5.1.14.RELEASE and 5.2.5.RELEASE due to CVE-2020-5398 CVE-2020-5398
MLIST:[karaf-issues] 20210718 [jira] [Created] (KARAF-7223) Upgrade maven artifacts to mitigate CVE-2021-26291 CVE-2021-26291
MLIST:[karaf-issues] 20210718 [jira] [Created] (KARAF-7224) Impact of CVE-2021-26291 on Karaf CVE-2021-26291
MLIST:[karaf-issues] 20210719 [jira] [Assigned] (KARAF-7223) Upgrade maven artifacts to mitigate CVE-2021-26291 CVE-2021-26291
MLIST:[karaf-issues] 20210719 [jira] [Assigned] (KARAF-7224) Impact of CVE-2021-26291 on Karaf CVE-2021-26291
MLIST:[karaf-issues] 20210719 [jira] [Commented] (KARAF-7224) Impact of CVE-2021-26291 on Karaf CVE-2021-26291
MLIST:[karaf-issues] 20210720 [jira] [Commented] (KARAF-7224) Impact of CVE-2021-26291 on Karaf CVE-2021-26291
MLIST:[karaf-issues] 20210723 [jira] [Assigned] (KARAF-7227) Upgrade geronimo artifacts to mitigate CVE-2011-5034 CVE-2011-5034
MLIST:[karaf-issues] 20210723 [jira] [Comment Edited] (KARAF-7227) Upgrade geronimo artifacts to mitigate CVE-2011-5034 CVE-2011-5034
MLIST:[karaf-issues] 20210723 [jira] [Commented] (KARAF-7227) Upgrade geronimo artifacts to mitigate CVE-2011-5034 CVE-2011-5034
MLIST:[karaf-issues] 20210723 [jira] [Created] (KARAF-7227) Upgrade geronimo artifacts to mitigate CVE-2011-5034 CVE-2011-5034
MLIST:[karaf-issues] 20210726 [jira] [Resolved] (KARAF-7227) Upgrade geronimo artifacts to mitigate CVE-2011-5034 CVE-2011-5034
MLIST:[karaf-issues] 20210810 [jira] [Commented] (KARAF-7240) Upgrade bcprov artifacts to mitigate CVE-2020-28052 CVE-2020-0028 CVE-2020-28052 CVE-2021-26291
MLIST:[karaf-issues] 20210810 [jira] [Created] (KARAF-7240) Upgrade bcprov artifacts to mitigate CVE-2020-28052 CVE-2020-28052 CVE-2021-26291
MLIST:[karaf-issues] 20210810 [jira] [Updated] (KARAF-7240) Upgrade bcprov artifacts to mitigate CVE-2020-28052 CVE-2020-0028 CVE-2020-28052 CVE-2021-26291
MLIST:[karaf-issues] 20210816 [jira] [Updated] (KARAF-7240) Upgrade bcprov 1.69 artifacts to mitigate CVE-2020-28052 CVE-2020-0028 CVE-2020-28052 CVE-2021-26291
MLIST:[karaf-issues] 20210816 [jira] [Updated] (KARAF-7240) Upgrade bcprov artifacts to mitigate CVE-2020-28052 CVE-2020-0028 CVE-2020-28052 CVE-2021-26291
MLIST:[karaf-issues] 20210817 [jira] [Commented] (KARAF-7240) Upgrade bcprov 1.68 artifacts to mitigate CVE-2020-28052 CVE-2020-0028 CVE-2020-28052 CVE-2021-26291
MLIST:[karaf-issues] 20210817 [jira] [Updated] (KARAF-7240) Upgrade bcprov 1.68 artifacts to mitigate CVE-2020-28052 CVE-2020-0028 CVE-2020-28052 CVE-2021-26291
MLIST:[karaf-issues] 20210820 [jira] [Updated] (KARAF-7240) Upgrade bcprov 1.68 artifacts to mitigate CVE-2020-28052 CVE-2020-0028 CVE-2020-28052 CVE-2021-26291
MLIST:[karaf-issues] 20210824 [jira] [Commented] (KARAF-7240) Upgrade bcprov 1.68 artifacts to mitigate CVE-2020-28052 CVE-2020-0028 CVE-2020-28052 CVE-2021-26291
MLIST:[karaf-issues] 20210824 [jira] [Resolved] (KARAF-7240) Upgrade bcprov 1.68 artifacts to mitigate CVE-2020-28052 CVE-2020-0028 CVE-2020-28052 CVE-2021-26291
MLIST:[karaf-user] 20190307 [SECURITY] New security advisory for CVE-2019-0191 released for Apache Karaf CVE-2019-0191
MLIST:[karaf-user] 20210301 Re: Jetty security defect CVE-2020-27223
MLIST:[karrigell-main] 20050731 SECURITY: python namespace exposure CVE-2005-2483
MLIST:[karrigell-main] 20050802 Re: SECURITY: python namespace exposure CVE-2005-2483
MLIST:[kde-announce] 20070309 KTorrent 2.1.2 is out CVE-2007-1384 CVE-2007-1385
MLIST:[kerberos-announce] 20120531 krb5-1.10.2 is released CVE-2012-1013
MLIST:[kerberos] 20101222 LDAP handle unavailable: Can't contact LDAP server CVE-2011-0281
MLIST:[kernel-hardening] 20160406 Re: [PATCH] KERNEL: resource: Fix bug on leakage in /proc/iomem file CVE-2015-8944
MLIST:[kernel-svn-changes] 20050816 r3920 - in branches/dist/sarge-security: . kernel kernel/i386 kernel/source kernel/source/kernel-source-2.6.8-2.6.8/debian CVE-2005-0136
MLIST:[kernel-team] 20130731 [CVE-2013-1060] perf configuration file vunerability CVE-2013-1060
MLIST:[kernel-team] 20130731 [lucid CVE 1/1] UBUNTU: [Packaging] supply perf with appropriate prefix to ensure use of local config CVE-2013-1060
MLIST:[kmail-devel] 20050215 [Bug 96020] HTML Allows Spoofing of Emails Content CVE-2005-0404
MLIST:[knox-commits] 20211008 [knox] branch master updated: KNOX-2674 - Upgrade junit to 4.13.2 due to CVE-2020-15250 (#505) CVE-2020-15250
MLIST:[knox-dev] 20210601 [jira] [Created] (KNOX-2614) Upgrade Jackson due to CVE-2020-25649 CVE-2020-25649
MLIST:[knox-dev] 20210601 [jira] [Created] (KNOX-2615) Upgrade to jetty-webapp.9.4.33 due to CVE-2020-27216 CVE-2020-27216
MLIST:[knox-dev] 20210601 [jira] [Updated] (KNOX-2614) Upgrade jackson-databind to 2.10.5 due to CVE-2020-25649 CVE-2020-25649
MLIST:[knox-dev] 20211004 [GitHub] [knox] zeroflag commented on pull request #505: KNOX-2674 - Upgrade junit to 4.13.2 due to CVE-2020-15250 CVE-2020-15250
MLIST:[knox-dev] 20211004 [GitHub] [knox] zeroflag opened a new pull request #505: KNOX-2674 - Upgrade junit to 4.13.2 due to CVE-2020-15250 CVE-2020-15250
MLIST:[knox-dev] 20211004 [jira] [Created] (KNOX-2674) Upgrade junit to 4.13.2 due to CVE-2020-15250 CVE-2020-15250
MLIST:[knox-dev] 20211004 [jira] [Work logged] (KNOX-2674) Upgrade junit to 4.13.2 due to CVE-2020-15250 CVE-2020-15250
MLIST:[knox-dev] 20211008 [GitHub] [knox] smolnar82 merged pull request #505: KNOX-2674 - Upgrade junit to 4.13.2 due to CVE-2020-15250 CVE-2020-15250
MLIST:[knox-dev] 20211008 [jira] [Commented] (KNOX-2674) Upgrade junit to 4.13.2 due to CVE-2020-15250 CVE-2020-15250
MLIST:[knox-dev] 20211008 [jira] [Resolved] (KNOX-2674) Upgrade junit to 4.13.2 due to CVE-2020-15250 CVE-2020-15250
MLIST:[knox-dev] 20211008 [jira] [Work logged] (KNOX-2674) Upgrade junit to 4.13.2 due to CVE-2020-15250 CVE-2020-15250
MLIST:[knox-user] 20170526 [ANNOUNCE] CVE-2017-5646: Apache Knox Impersonation Issue for WebHDFS CVE-2017-5646
MLIST:[kolab-users] 20040420 Possible Kolab LDAP configuration information disclosure CVE-2004-1997
MLIST:[kronolith] 20050422 Kronolith 1.1.4 (final) CVE-2005-1314
MLIST:[kronolith] 20080427 Kronolith H3 (2.1.8) (final) CVE-2008-1974
MLIST:[kudu-issues] 20200621 [jira] [Updated] (KUDU-3156) Whether the CVE-2019-17543 vulnerability of lz affects kudu CVE-2019-17543
MLIST:[kudu-issues] 20200709 [jira] [Resolved] (KUDU-3156) Whether the CVE-2019-17543 vulnerability of lz affects kudu CVE-2019-17543
MLIST:[kudu-issues] 20210904 [jira] [Created] (KUDU-3313) There is a CVE-2021-21409 vulnerability in netty version 4.1.60 CVE-2021-21295 CVE-2021-21409
MLIST:[kudu-issues] 20210904 [jira] [Updated] (KUDU-3313) There is a CVE-2021-21409 vulnerability in netty version 4.1.60 CVE-2021-21295 CVE-2021-21409
MLIST:[kudu-issues] 20210907 [jira] [Commented] (KUDU-3313) There is a CVE-2021-21409 vulnerability in netty version 4.1.60 CVE-2021-21295 CVE-2021-21409
MLIST:[kudu-issues] 20210907 [jira] [Resolved] (KUDU-3313) There is a CVE-2021-21409 vulnerability in netty version 4.1.60 CVE-2021-21295 CVE-2021-21409
MLIST:[kudu-issues] 20210907 [jira] [Updated] (KUDU-3313) There is a CVE-2021-21409 vulnerability in netty version 4.1.60 CVE-2021-21295 CVE-2021-21409
MLIST:[kvm] 20141013 [PATCH 0/2] KVM: x86: Fixing clflush/hint_nop/prefetch CVE-2014-8480 CVE-2014-8481
MLIST:[kvm] 20170622 [PATCH] KVM: x86: fix singlestepping over syscall CVE-2017-7518
MLIST:[kvm] 20171201 [PATCH 1/2] KVM: VMX: remove I/O port 0x80 bypass on Intel hosts CVE-2017-1000407
MLIST:[kylin-commits] 20200713 svn commit: r1879845 - in /kylin/site: docs/security.html feed.xml CVE-2020-1937 CVE-2020-1956
MLIST:[kylin-commits] 20200715 svn commit: r1879879 - in /kylin/site: docs/security.html feed.xml CVE-2020-13925 CVE-2020-13926 CVE-2020-1937 CVE-2020-1956
MLIST:[kylin-dev] 20200713 [SECURITY][CVE-2020-13925] Apache Kylin command injection vulnerability CVE-2020-1956
MLIST:[kylin-user] 20200223 [CVE-2020-1937] Apache Kylin SQL injection vulnerability CVE-2020-1937
MLIST:[kylin-user] 20200713 [SECURITY][CVE-2020-13925] Apache Kylin command injection vulnerability CVE-2020-1956
MLIST:[libc-alpha] 20150206 The GNU C Library version 2.21 is now available CVE-2015-1472
MLIST:[libc-alpha] 20150814 The GNU C Library version 2.22 is now available CVE-2015-8983 CVE-2015-8984
MLIST:[libc-alpha] 20160219 The GNU C Library version 2.23 is now available CVE-2014-9761 CVE-2015-8776 CVE-2015-8778 CVE-2015-8779
MLIST:[libc-hacker] [PATCH] Fix LD_HWCAP_MASK handling CVE-2007-3508
MLIST:[libcdio-devel] 20071231 buffer overrun in cd-info and iso-info and a release? CVE-2007-6613
MLIST:[libcloud] 20100929 [jira] Closed: (LIBCLOUD-55) this python project is vulnerable to MITM as it fails to verify the ssl validity of the remote destination. CVE-2010-4340
MLIST:[libcloud] 20101108 SSL certs checking CVE-2010-4340
MLIST:[libexif-devel] 20120712 libexif project security advisory July 12, 2012 CVE-2012-2812 CVE-2012-2813 CVE-2012-2814 CVE-2012-2836 CVE-2012-2837 CVE-2012-2840 CVE-2012-2841 CVE-2012-2845
MLIST:[libgadu-devel] 20081024 libgadu 1.8.2 CVE-2008-4776
MLIST:[libgadu-devel] 20140507 libgadu 1.12.0-rc3 CVE-2014-3775
MLIST:[libgadu-devel] 20140508 libgadu 1.11.4 CVE-2014-3775
MLIST:[libnl] 20170503 ANN: libnl 3.3.0 released CVE-2017-0553
MLIST:[libtool] 20091116 Backport of libltdl changes to branch-1-5 CVE-2009-3736
MLIST:[libtool] 20091116 GNU Libtool 2.2.6b released CVE-2009-3736
MLIST:[libvir-list] 20180116 [PATCH] qemu: avoid denial of service reading from QEMU monitor (CVE-2018-xxxx) CVE-2018-5748
MLIST:[libvirt-announce] 20171016 LSN-2017-0002 - TLS certificate verification disabled for clients CVE-2017-1000256
MLIST:[libvirt] 20180205 [PATCH] virlog: determine the hostname on startup CVE-2018-XXX CVE-2018-6764
MLIST:[libzip-discuss] 20120320 libzip-0.10.1 security fix release CVE-2012-1162 CVE-2012-1163
MLIST:[linux-audit] 20080330 audit 1.7 released CVE-2008-1628
MLIST:[linux-bluetooth] 20190110 [PATCH 1/2] Bluetooth: check message types in l2cap_get_conf_opt CVE-2019-3459
MLIST:[linux-bluetooth] 20190110 [PATCH 2/2] Bluetooth: check the buffer size for some messages before parsing CVE-2019-3460
MLIST:[linux-cifs-client] 20090406 [PATCH] cifs: Fix insufficient memory allocation for nativeFileSystem field CVE-2009-1439
MLIST:[linux-ext4] 20141009 [PATCH] add aio/dio regression test race between write and fcntl CVE-2014-8086
MLIST:[linux-ext4] 20141009 [PATCH] ext4: fix race between write and fcntl(F_SETFL) CVE-2014-8086
MLIST:[linux-fsdevel] 20141008 [PATCH] mnt: Prevent pivot_root from creating a loop in the mount tree CVE-2014-7970
MLIST:[linux-ia64] 20040916 Re: [Patch] Per CPU MCA/INIT data save areas CVE-2005-0136
MLIST:[linux-ia64] [PATCH 1/1] ia64: perfmon.c trips BUG_ON in put_page_testzero CVE-2006-0558
MLIST:[linux-input] 20130828 [PATCH 01/14] HID: validate HID report id size CVE-2013-2888
MLIST:[linux-input] 20130828 [PATCH 03/14] HID: zeroplus: validate output report details CVE-2013-2889
MLIST:[linux-input] 20130828 [PATCH 04/14] HID: sony: validate HID output report details CVE-2013-2890
MLIST:[linux-input] 20130828 [PATCH 05/14] HID: steelseries: validate output report details CVE-2013-2891
MLIST:[linux-input] 20130828 [PATCH 06/14] HID: pantherlord: validate output report details CVE-2013-2892
MLIST:[linux-input] 20130828 [PATCH 07/14] HID: LG: validate HID output report details CVE-2013-2893
MLIST:[linux-input] 20130828 [PATCH 08/14] HID: lenovo-tpkbd: validate output report details CVE-2013-2894
MLIST:[linux-input] 20130828 [PATCH 09/14] HID: logitech-dj: validate output report details CVE-2013-2895
MLIST:[linux-input] 20130828 [PATCH 10/14] HID: ntrig: validate feature report details CVE-2013-2896
MLIST:[linux-input] 20130828 [PATCH 11/14] HID: multitouch: validate feature report details CVE-2013-2897
MLIST:[linux-input] 20130828 [PATCH 12/14] HID: sensor-hub: validate feature report details CVE-2013-2898
MLIST:[linux-input] 20130828 [PATCH 13/14] HID: picolcd_core: validate output report details CVE-2013-2899
MLIST:[linux-kernel] 20020417 Re: SSE related security hole CVE-2002-1571
MLIST:[linux-kernel] 20020417 SSE related security hole CVE-2002-1571
MLIST:[linux-kernel] 20020418 Re: SSE related security hole CVE-2002-1571
MLIST:[linux-kernel] 20020422 Re: SSE related security hole CVE-2002-1571
MLIST:[linux-kernel] 20031105 BK2CVS problem CVE-2003-1161
MLIST:[linux-kernel] 20031105 Re: BK2CVS problem CVE-2003-1161
MLIST:[linux-kernel] 20040105 linux-2.4.24 released CVE-2003-0985
MLIST:[linux-kernel] 20040219 Re: Oopsing cryptoapi (or loop device?) on 2.6.* CVE-2004-2135 CVE-2004-2136
MLIST:[linux-kernel] 20040402 Re: disable-cap-mlock CVE-2004-0491
MLIST:[linux-kernel] 20040408 [PATCH]: 2.4/2.6 do_fork() error path memory leak CVE-2004-0427
MLIST:[linux-kernel] 20040416 Re: [CHECKER] Probable security holes in 2.6.5 CVE-2004-2607
MLIST:[linux-kernel] 20040609 timer + fpu stuff locks my console race CVE-2004-0554
MLIST:[linux-kernel] 20040911 [PATCH] exec: fix posix-timers leak and pending signal loss CVE-2005-3271
MLIST:[linux-kernel] 20041111 a.out issue CVE-2004-1074
MLIST:[linux-kernel] 20041114 [PATCH] linux 2.9.10-rc1: Fix oops in unix_dgram_sendmsg when using CVE-2004-1069
MLIST:[linux-kernel] 20041130 Buffer overrun in arch/x86_64/sys_ia32.c:sys32_ni_syscall() CVE-2004-1151
MLIST:[linux-kernel] 20041216 [Coverity] Untrusted user data in kernel CVE-2005-0124
MLIST:[linux-kernel] 20050105 Re: [Coverity] Untrusted user data in kernel CVE-2005-0124
MLIST:[linux-kernel] 20050107 [PATCH 2.4.29-pre3-bk4] fs/coda Re: [Coverity] Untrusted user data in kernel CVE-2005-0124
MLIST:[linux-kernel] 20050107 [PATCH 2.6.10-mm2] fs/coda Re: [Coverity] Untrusted user data in kernel CVE-2005-0124
MLIST:[linux-kernel] 20050517 [PATCH] Fix root hole in pktcdvd CVE-2005-1589
MLIST:[linux-kernel] 20050805 [PATCH] Fix hugepage crash on failing mmap() CVE-2005-4811
MLIST:[linux-kernel] 20050817 [PATCH 2.6.12.5] NPTL signal delivery deadlock fix CVE-2005-3847
MLIST:[linux-kernel] 20050817 [PATCH] fix dst_entry leak in icmp_push_reply() CVE-2005-3848
MLIST:[linux-kernel] 20050818 Re: [PATCH] fix dst_entry leak in icmp_push_reply() CVE-2005-3848
MLIST:[linux-kernel] 20050826 [PATCH 2/7] [PATCH] NPTL signal delivery deadlock fix CVE-2005-3847
MLIST:[linux-kernel] 20050826 [PATCH 4/7] [IPV4]: Fix DST leak in icmp_push_reply() CVE-2005-3848
MLIST:[linux-kernel] 20050826 [PATCH 7/7] [IPV6]: Fix SKB leak in ip6_input_finish() CVE-2005-3858
MLIST:[linux-kernel] 20050829 Re: Linux 2.6.12.6 CVE-2005-3858
MLIST:[linux-kernel] 20050912 [PATCH] nfs client, kernel 2.4.31: readlink result overflow CVE-2005-4798
MLIST:[linux-kernel] 20051112 Re: local denial-of-service with file leases CVE-2005-3857
MLIST:[linux-kernel] 20051113 [GIT] Fix memory leak in lease code CVE-2005-3807 CVE-2005-3857
MLIST:[linux-kernel] 20051122 [patch 11/23] [PATCH] [NETFILTER] ctnetlink: check if protoinfo is present CVE-2005-3809
MLIST:[linux-kernel] 20051122 [patch 13/23] [PATCH] [NETFILTER] ctnetlink: Fix oops when no ICMP ID info in message CVE-2005-3810
MLIST:[linux-kernel] 20051123 32bit integer overflow in invalidate_inode_pages2() (local DoS) CVE-2005-3808
MLIST:[linux-kernel] 20051216 lockd: couldn't create RPC handle for (host) CVE-2006-5158
MLIST:[linux-kernel] 20051218 Re: lockd: couldn't create RPC handle for (host) CVE-2006-5158
MLIST:[linux-kernel] 20060104 [Patch 2.6] dm-crypt: Zero key material before free to avoid information leak CVE-2006-0095
MLIST:[linux-kernel] 20060104 [Patch 2.6] dm-crypt: zero key before freeing it CVE-2006-0095
MLIST:[linux-kernel] 20060207 [PATCH] arch/x86_64/kernel/traps.c PTRACE_SINGLESTEP oops CVE-2006-1066
MLIST:[linux-kernel] 20060411 [PATCH] __group_complete_signal: remove bogus BUG_ON CVE-2006-1523
MLIST:[linux-kernel] 20060526 PROBLEM: /proc (procfs) task exit race condition causes a kernelcrash CVE-2006-2629
MLIST:[linux-kernel] 20060613 [RFC][PATCH] Avoid race w/ posix-cpu-timer and exiting tasks CVE-2006-2445
MLIST:[linux-kernel] 20060717 [patch 25/45] splice: fix problems with sys_tee() CVE-2007-0997
MLIST:[linux-kernel] 20061105 Linux 2.6.16.31-rc1 CVE-2006-5174 CVE-2006-5619
MLIST:[linux-kernel] 20061219 BUG: wedged processes, test program supplied CVE-2006-6921
MLIST:[linux-kernel] 20061220 Re: BUG: wedged processes, test program supplied CVE-2006-6921
MLIST:[linux-kernel] 20070608 Linux 2.6.20.13 CVE-2007-2453 CVE-2007-2876
MLIST:[linux-kernel] 20070608 Linux 2.6.21.4 CVE-2007-2453 CVE-2007-2876
MLIST:[linux-kernel] 20070720 [PATCH] splice: fix bad unlock_page() in error case CVE-2008-4302
MLIST:[linux-kernel] 20070731 Re: [PATCH] add check do_direct_IO() return val CVE-2007-6716
MLIST:[linux-kernel] 20071108 Buffer overflow in CIFS VFS. CVE-2007-5904
MLIST:[linux-kernel] 20071108 [PATCH] time: fix sysfs_show_{available,current}_clocksources() buffer overflow problem CVE-2007-5908
MLIST:[linux-kernel] 20071109 Re: Fw: Buffer overflow in CIFS VFS. CVE-2007-5904
MLIST:[linux-kernel] 20071122 [PATCH] PPC: CHRP - fix possible NULL pointer dereference CVE-2007-6694
MLIST:[linux-kernel] 20071128 [PATCH] tmpfs: restore missing clear_highpage CVE-2007-6417
MLIST:[linux-kernel] 20071212 Re: [PATCH] tmpfs: restore missing clear_highpage CVE-2007-6417
MLIST:[linux-kernel] 20071215 Re: [PATCH] tmpfs: restore missing clear_highpage CVE-2007-6417
MLIST:[linux-kernel] 20080229 [BUG] soft lockup detected with ipcs CVE-2009-0859
MLIST:[linux-kernel] 20080305 Linux doesn't follow x86/x86-64 ABI wrt direction flag CVE-2008-1367
MLIST:[linux-kernel] 20080509 Re: When should kfree_skb be used? CVE-2008-2136
MLIST:[linux-kernel] 20080513 [patch 25/37] sparc: Fix mremap address range validation. CVE-2008-6107
MLIST:[linux-kernel] 20080723 Re: [PATCH 1/2] signals: kill(-1) should only signal processes in the same namespace CVE-2009-1338
MLIST:[linux-kernel] 20080726 tmpfs: kernel BUG at mm/shmem.c:814 CVE-2008-3534
MLIST:[linux-kernel] 20080730 2.6.27-rc1: IP: iov_iter_advance+0x2e/0x90 CVE-2008-3535
MLIST:[linux-kernel] 20080730 [patch 40/62] V4L: uvcvideo: Fix a buffer overflow in format descriptor parsing CVE-2008-3496
MLIST:[linux-kernel] 20080807 OOPS, ip -f inet6 route get fec0::1, linux-2.6.26, ip6_route_output, rt6_fill_node+0x175 CVE-2008-3686
MLIST:[linux-kernel] 20080808 Re: OOPS, ip -f inet6 route get fec0::1, linux-2.6.26, ip6_route_output, rt6_fill_node+0x175 CVE-2008-3686
MLIST:[linux-kernel] 20080823 [GIT]: Networking CVE-2008-3792
MLIST:[linux-kernel] 20080830 Re: buffer overflow in /proc/sys/sunrpc/transports CVE-2008-3911
MLIST:[linux-kernel] 20080830 buffer overflow in /proc/sys/sunrpc/transports CVE-2008-3911
MLIST:[linux-kernel] 20080903 [patch 05/16] nfsd: fix buffer overrun decoding NFSv4 acl CVE-2008-3915
MLIST:[linux-kernel] 20081005 [PATCH 04/19] ib700wdt: Fix off by one CVE-2008-5702
MLIST:[linux-kernel] 20081006 [patch 58/71] sctp: Fix oops when INIT-ACK indicates that peer doesnt support AUTH CVE-2008-4576
MLIST:[linux-kernel] 20081220 [Security] gitweb local privilege escalation (fix) CVE-2008-5916
MLIST:[linux-kernel] 20090127 [PATCH 1/2] fix shmctl(SHM_INFO) lockup with !CONFIG_SHMEM CVE-2009-0859
MLIST:[linux-kernel] 20090130 [PATCH] Fix memory corruption in console selection CVE-2009-1046
MLIST:[linux-kernel] 20090131 [patch 03/43] inotify: clean up inotify_read and fix locking CVE-2009-0935
MLIST:[linux-kernel] 20090202 Re: [PATCH] Fix memory corruption in console selection CVE-2009-1046
MLIST:[linux-kernel] 20090212 [PATCH] 4 bytes kernel memory disclosure in SO_BSDCOMPAT gsopt try #2 CVE-2009-0676
MLIST:[linux-kernel] 20090223 net: amend the fix for SO_BSDCOMPAT gsopt infoleak CVE-2009-0676
MLIST:[linux-kernel] 20090225 Re: [PATCH 2/2] exit_notify: kill the wrong capable(CAP_KILL) check CVE-2009-1337
MLIST:[linux-kernel] 20090227 Re: [PATCH 2/2] x86-64: seccomp: fix 32/64 syscall hole CVE-2009-0835
MLIST:[linux-kernel] 20090228 [PATCH 0/2] x86-64: 32/64 syscall arch holes CVE-2009-0834 CVE-2009-0835
MLIST:[linux-kernel] 20090228 [PATCH 1/2] x86-64: syscall-audit: fix 32/64 syscall hole CVE-2009-0834
MLIST:[linux-kernel] 20090228 [PATCH 2/2] x86-64: seccomp: fix 32/64 syscall hole CVE-2009-0835
MLIST:[linux-kernel] 20090311 VFS, NFS security bug? Should CAP_MKNOD and CAP_LINUX_IMMUTABLE be added to CAP_FS_MASK? CVE-2009-1072
MLIST:[linux-kernel] 20090502 Linux 2.6.27.21 CVE-2009-1184
MLIST:[linux-kernel] 20090502 Linux 2.6.28.10 CVE-2009-1184
MLIST:[linux-kernel] 20090622 Fix for shared flat binary format in 2.6.30 CVE-2009-2768
MLIST:[linux-kernel] 20090623 [PATCH 0/1] mm_for_maps: simplify, use ptrace_may_access() CVE-2009-2691
MLIST:[linux-kernel] 20090623 [PATCH 1/1] mm_for_maps: simplify, use ptrace_may_access() CVE-2009-2691
MLIST:[linux-kernel] 20090710 [PATCH 1/2] mm_for_maps: shift down_read(mmap_sem) to the caller CVE-2009-2691
MLIST:[linux-kernel] 20090710 [PATCH 2/2] mm_for_maps: take ->cred_guard_mutex to fix the race CVE-2009-2691
MLIST:[linux-kernel] 20090720 Re: [PATCH] sgi-gru: Fix kernel stack buffer overrun CVE-2009-2584
MLIST:[linux-kernel] 20090721 [PATCH] sgi-gru: Fix kernel stack buffer overrun CVE-2009-2584
MLIST:[linux-kernel] 20090801 [PATCH v2] execve: must clear current->clear_child_tid CVE-2009-2848
MLIST:[linux-kernel] 20090804 Re: [PATCH] posix-timers: fix oops in clock_nanosleep() with CLOCK_MONOTONIC_RAW CVE-2009-2767
MLIST:[linux-kernel] 20090819 Re: v2.6.31-rc6: BUG: unable to handle kernel NULL pointer dereference at 0000000000000008 CVE-2009-3043
MLIST:[linux-kernel] 20090819 v2.6.31-rc6: BUG: unable to handle kernel NULL pointer dereference at 0000000000000008 CVE-2009-3043
MLIST:[linux-kernel] 20090820 Re: v2.6.31-rc6: BUG: unable to handle kernel NULL pointer dereference at 0000000000000008 CVE-2009-3043
MLIST:[linux-kernel] 20090902 [BUG] 2.6.31-rc8 readcd Oops CVE-2009-3288
MLIST:[linux-kernel] 20090903 [PATCH] sg: fix oops in the error path in sg_build_indirect() CVE-2009-3288
MLIST:[linux-kernel] 20090916 [patch 15/45] perf_counter: Fix buffer overflow in perf_copy_attr() CVE-2009-3234
MLIST:[linux-kernel] 20091209 [GIT PULL] ext4 updates for v2.6.33 CVE-2009-4307
MLIST:[linux-kernel] 20100205 PROBLEM: hda-intel divide by zero kernel crash in azx_position_ok() CVE-2010-1085
MLIST:[linux-kernel] 20100221 [80/93] USB: usbfs: properly clean up the as structure on error paths CVE-2010-1083
MLIST:[linux-kernel] 20100303 [PATCH v2] hvc_console: Fix race between hvc_close and hvc_remove CVE-2010-2653
MLIST:[linux-kernel] 20100330 [48/89] USB: usbfs: properly clean up the as structure on error paths CVE-2010-1083
MLIST:[linux-kernel] 20100915 [PATCH] drivers/char/amiserial.c: prevent reading uninitialized stack memory CVE-2010-4076
MLIST:[linux-kernel] 20100915 [PATCH] drivers/char/nozomi.c: prevent reading uninitialized stackmemory CVE-2010-4077
MLIST:[linux-kernel] 20100915 [PATCH] drivers/media/video/ivtv/ivtvfb.c: prevent reading uninitialized stack memory CVE-2010-4079
MLIST:[linux-kernel] 20100915 [PATCH] drivers/serial/serial_core.c: prevent readinguninitialized stack memory CVE-2010-4075
MLIST:[linux-kernel] 20100915 [PATCH] drivers/usb/serial/mos*: prevent reading uninitialized stack memory CVE-2010-4074
MLIST:[linux-kernel] 20100915 [PATCH] drivers/video/via/ioctl.c: prevent reading uninitializedstack memory CVE-2010-4082
MLIST:[linux-kernel] 20100925 [PATCH] sound/pci/rme9652: prevent reading uninitialized stack memory CVE-2010-4080 CVE-2010-4081
MLIST:[linux-kernel] 20101006 [PATCH v3] IPC: Initialize structure memory to zero for compat functions CVE-2010-4073
MLIST:[linux-kernel] 20101006 [PATCH] ipc: initialize structure memory to zero for shmctl CVE-2010-4072
MLIST:[linux-kernel] 20101129 Re: [PATCH] block: check for proper length of iov entries earlier in blk_rq_map_user_iov() CVE-2010-4668
MLIST:[linux-kernel] 20101129 [PATCH] block: check for proper length of iov entries earlier in blk_rq_map_user_iov() CVE-2010-4668
MLIST:[linux-kernel] 20110311 [PATCH] proc: protect mm start_code/end_code in /proc/pid/stat CVE-2011-0726
MLIST:[linux-kernel] 20110414 [PATCH] char: agp: fix arbitrary kernel memory writes CVE-2011-2022
MLIST:[linux-kernel] 20120817 [PATCH 0/2] netlink patches CVE-2012-6689
MLIST:[linux-kernel] 20120817 [PATCH 2/2] [RFC] netlink: fix possible spoofing from non-root processes CVE-2012-6689
MLIST:[linux-kernel] 20130304 Re: user ns: arbitrary module loading CVE-2013-7421
MLIST:[linux-kernel] 20130311 [PATCH] drm/i915: bounds check execbuffer relocations CVE-2013-0913
MLIST:[linux-kernel] 20130414 Linux 3.9-rc7 CVE-2013-3222 CVE-2013-3223 CVE-2013-3224 CVE-2013-3225 CVE-2013-3226 CVE-2013-3227 CVE-2013-3228 CVE-2013-3229 CVE-2013-3230 CVE-2013-3231 CVE-2013-3232 CVE-2013-3233 CVE-2013-3234 CVE-2013-3235 CVE-2013-3236 CVE-2013-3237
MLIST:[linux-kernel] 20130417 Device driver memory 'mmap()' function helper cleanup CVE-2013-2596
MLIST:[linux-kernel] 20130606 [PATCH 1/8] block: do not pass disk names as format strings CVE-2013-2851
MLIST:[linux-kernel] 20131014 Re: epoll oops. CVE-2013-7446
MLIST:[linux-kernel] 20140110 Re: Sanitize CPU-state when switching tasks (was sanitize CPU-state when switching from virtual-8086 mode to other task) CVE-2014-1438
MLIST:[linux-kernel] 20140318 [PATCH RESEND -mm 1/2] mm: add !pte_present() check on existing hugetlb_entry callbacks CVE-2014-3940
MLIST:[linux-kernel] 20140320 [PATCH v3] core, nfqueue, openvswitch: Orphan frags in skb_zerocopy and handle errors CVE-2014-2568
MLIST:[linux-kernel] 20140329 [PATCH v2] rds: prevent dereference of a NULL device in rds_iw_laddr_check CVE-2014-2678
MLIST:[linux-kernel] 20140411 net: ipv4: current group_info should be put after using. CVE-2014-2851
MLIST:[linux-kernel] 20140515 eventpoll __list_del_entry corruption (was: perf: use after free in perf_remove_from_context) CVE-2013-7446
MLIST:[linux-kernel] 20140528 [PATCH 1/2] auditsc: audit_krule mask accesses need bounds checking CVE-2014-3917
MLIST:[linux-kernel] 20140616 Re: 3.15: kernel BUG at kernel/auditsc.c:1525! CVE-2014-4508
MLIST:[linux-kernel] 20141007 [PATCH] mnt: don't allow to detach the namespace root CVE-2014-9717
MLIST:[linux-kernel] 20141008 ext4: kernel BUG at fs/ext4/inode.c:2959! CVE-2014-8086
MLIST:[linux-kernel] 20141009 Re: ext4: kernel BUG at fs/ext4/inode.c:2959! CVE-2014-8086
MLIST:[linux-kernel] 20141024 [PATCH 13/14] kvm: fix excessive pages un-pinning in kvm_iommu_map error path. CVE-2014-8369
MLIST:[linux-kernel] 20141025 fs: lockup on rename_mutex in fs/dcache.c:1035 CVE-2014-8559
MLIST:[linux-kernel] 20141026 Re: fs: lockup on rename_mutex in fs/dcache.c:1035 CVE-2014-8559
MLIST:[linux-kernel] 20150107 Re: [PATH] Fix stack randomization on x86_64 bit CVE-2015-1593
MLIST:[linux-kernel] 20150117 [RFC PATCH RESEND] vfs: Move security_inode_killpriv() after permission checks CVE-2015-1350
MLIST:[linux-kernel] 20150128 [PATCH v2] vfs: read file_handle only once in handle_to_path CVE-2015-1420
MLIST:[linux-kernel] 20150513 [PATCH 0/4] ozwpan: Four remote packet-of-death vulnerabilities CVE-2015-4004
MLIST:[linux-kernel] 20150913 List corruption on epoll_ctl(EPOLL_CTL_DEL) an AF_UNIX socket CVE-2013-7446
MLIST:[linux-kernel] 20151005 [ANNOUNCE] Git v2.6.1, v2.5.4, v2.4.10 and v2.3.10 CVE-2015-7545
MLIST:[linux-kernel] 20151016 [PATCH] RDS: fix race condition when sending a message on unbound socket. CVE-2015-7990
MLIST:[linux-kernel] 20151214 Information leak in pptp_bind CVE-2015-8569
MLIST:[linux-kernel] 20151226 [PATCH] ptrace: being capable wrt a process requires mapped uids/gids CVE-2015-8709
MLIST:[linux-kernel] 20160106 Re: [PATCH] ptrace: being capable wrt a process requires mapped uids/gids CVE-2015-8709
MLIST:[linux-kernel] 20160417 Re: bpf: use-after-free in array_map_alloc CVE-2016-4794
MLIST:[linux-kernel] 20160708 [GIT PULL] Fix for AppArmor oops in apparmor_setprocattr() CVE-2016-6187
MLIST:[linux-kernel] 20160915 Re: [patch v2] arcmsr: buffer overflow in arcmsr_iop_message_xfer() CVE-2016-7425
MLIST:[linux-kernel] 20160915 [patch v2] arcmsr: buffer overflow in arcmsr_iop_message_xfer() CVE-2016-7425
MLIST:[linux-kernel] 20170118 [PATCH 1/2] drm/vc4: Fix an integer overflow in temporary allocation layout. CVE-2017-5576
MLIST:[linux-kernel] 20170118 [PATCH 2/2] drm/vc4: Return -EINVAL on the overflow checks failing. CVE-2017-5577
MLIST:[linux-kernel] 20170810 [ANNOUNCE] Git v2.14.1, v2.13.5, and others CVE-2017-12426
MLIST:[linux-kernel] 20180406 [PATCH 3.18 40/93] perf/hwbp: Simplify the perf-hwbp code, fix documentation CVE-2018-1000199
MLIST:[linux-kernel] 20180417 [patch] mm, oom: fix concurrent munlock and oom reaper unmap CVE-2018-1000200
MLIST:[linux-kernel] 20180424 [patch v3 for-4.17] mm, oom: fix concurrent munlock and oom reaper unmap CVE-2018-1000200
MLIST:[linux-mtd] 20070822 [JFFS2] Fix ACL vs. mode handling. CVE-2007-4849
MLIST:[linux-netdev] 20060304 BUG: Small information leak in SO_ORIGINAL_DST (2.4 and 2.6) and CVE-2006-1342 CVE-2006-1343
MLIST:[linux-netdev] 20070316 [PATCH 2.6.21-rc3] IPV6: ipv6_fl_socklist is inadvertently shared. CVE-2007-1592
MLIST:[linux-netdev] 20080821 [PATCH] sctp: fix potential panics in the SCTP-AUTH API. CVE-2008-3792
MLIST:[linux-netdev] 20081106 UNIX sockets kernel panic CVE-2008-5029
MLIST:[linux-netdev] 20081120 soft lockups/OOM after unix socket fixes CVE-2008-5300
MLIST:[linux-netdev] 20081125 [PATCH] Fix soft lockups/OOM issues w/ unix garbage collector CVE-2008-5300
MLIST:[linux-netdev] 20091228 [PATCH RFC] r8169: straighten out overlength frame detection CVE-2009-4537
MLIST:[linux-netdev] 20180305 BUG: unable to handle kernel paging request in compat_copy_entries CVE-2018-1068
MLIST:[linux-netdev] 20180305 [PATCH net] netfilter: check for out-of-bounds while copying compat entries CVE-2018-1068
MLIST:[linux-netdev] 20180306 [PATCH net] dccp: check sk for closed state in dccp_sendmsg() CVE-2018-1130
MLIST:[linux-nfs] 20090509 [NFS] [PATCH] nfs: Fix NFS v4 client handling of MAY_EXEC in nfs_permission. CVE-2009-1630
MLIST:[linux-nfs] 20150810 [PATCH] Fix memory corruption in PMAP_CALLIT code CVE-2015-7236
MLIST:[linux-parisc] 20080729 [PATCH] fix unwind crash - was: Re: 2.6.26 kernel crash CVE-2008-5395
MLIST:[linux-ppp] 20140810 ppp-2.4.7 released CVE-2014-3158
MLIST:[linux-sctp] 20080827 [PATCH 0/2] sctp: additional overflow fixes CVE-2008-4445
MLIST:[linux-sctp] 20080827 [PATCH 2/2] sctp: fix random memory dereference with SCTP_HMAC_IDENT option. CVE-2008-4445
MLIST:[linux-sctp] 20180209 skb_over_panic on INIT/INIT_ACK packet sending CVE-2018-5803
MLIST:[linux-security] 19961122 LSF Update#14: Vulnerability of the lpr program. CVE-1999-0032
MLIST:[linux-sparc] 20060130 Attempts to set date with 'date -s' hang the machine CVE-2006-0482
MLIST:[linux-sparc] 20060130 Re: Attempts to set date with 'date -s' hang the machine CVE-2006-0482
MLIST:[linux-wireless] 20081029 [PATCH] libertas: fix buffer overrun CVE-2008-5134
MLIST:[listar-dev] 20060115 [EDev] Re: Potential vulnerability -- who to contact? CVE-2006-0332
MLIST:[listar-dev] 20060119 [EDev] Re: Potential vulnerability -- who to contact? CVE-2006-0332
MLIST:[live-devel] 20181017 New LIVE555 version - fixes a potential vulnerability in the RTSP server implementation CVE-2018-4013
MLIST:[lkml-patch] 20060821 dvb-core: Proper handling ULE SNDU length of 0 CVE-2006-4623
MLIST:[logging-commits] 20200425 svn commit: r1059809 - /websites/production/logging/content/log4j/2.13.2/security.html CVE-2017-5645
MLIST:[logging-dev] 20191215 Re: Is there any chance that there will be a security fix for log4j-v1.2.17? CVE-2017-5645
MLIST:[logging-dev] 20191218 [CVE-2019-17571] Apache Log4j 1.2 deserialization of untrusted data in SocketServer CVE-2017-5645
MLIST:[logging-dev] 20191219 Re: [CVE-2019-17571] Apache Log4j 1.2 deserialization of untrusted data in SocketServer CVE-2017-5645
MLIST:[logging-dev] 20200525 Re: [CVE-2018-1285] XXE vulnerability in Apache log4net CVE-2018-1285
MLIST:[logging-dev] 20200525 [CVE-2018-1285] XXE vulnerability in Apache log4net CVE-2018-1285
MLIST:[logging-dev] 20200617 Re: [CVE-2018-1285] XXE vulnerability in Apache log4net CVE-2018-1285
MLIST:[logging-dev] 20200730 Re: [CVE-2018-1285] XXE vulnerability in Apache log4net CVE-2018-1285
MLIST:[logging-dev] 20200826 Re: log4net.dll - does 2.0.9 fix CVE-2018-1285 CVE-2018-1285
MLIST:[logging-dev] 20200826 log4net.dll - does 2.0.9 fix CVE-2018-1285 CVE-2018-1285
MLIST:[logging-dev] 20200906 [VOTE] [log4net] Release 2.0.10 CVE-2018-1285
MLIST:[logging-dev] 20201107 Re: Chainsaw update CVE-2017-5646
MLIST:[logging-dev] 20210817 Solution for vulnerability CVE-2018-1285
MLIST:[logging-log4j-user] 20200224 Apache Log4j - Migration activity to 2.12.1 version - Request to support for the queries posted CVE-2019-17571
MLIST:[logging-notifications] 20200825 [jira] [Commented] (LOG4J2-2329) Fix dependency in log4j-slf4j-impl to slf4j due to CVE-2018-8088 CVE-2018-8088
MLIST:[lsh-bugs] 20050316 ANNOUNCE: LSH-2.0.1, fix for denial of service bug CVE-2005-0814
MLIST:[lsh-bugs] SECURITY: lshd leaks fd:s to user shells CVE-2006-0353
MLIST:[lucene-commits] 20200912 [lucene-site] 01/01: Solr CVE-2020-13941 (#29) CVE-2020-13941
MLIST:[lucene-commits] 20201030 [lucene-site] 02/02: Add CVE-2020-13957 page (#31) CVE-2020-13957
MLIST:[lucene-commits] 20201030 [lucene-site] branch master updated: Add CVE-2020-13957 page (#31) CVE-2020-13957
MLIST:[lucene-dev] 20171012 Re: Several critical vulnerabilities discovered in Apache Solr (XXE & RCE) CVE-2017-12629
MLIST:[lucene-dev] 20190320 [jira] [Commented] (SOLR-13301) [CVE-2019-0192] Deserialization of untrusted data via jmx.serviceUrl CVE-2019-0192
MLIST:[lucene-dev] 20190320 [jira] [Issue Comment Deleted] (SOLR-13301) [CVE-2019-0192] Deserialization of untrusted data via jmx.serviceUrl CVE-2019-0192
MLIST:[lucene-dev] 20190325 Re: 6.6.6 Release CVE-2016-6809
MLIST:[lucene-dev] 20190325 [jira] [Assigned] (SOLR-13110) CVE-2017-7525 Threat Level 9 Against Solr v7.6. org.codehaus.jackson : jackson-mapper-asl : 1.9.13. .A deserialization flaw was discovered in the jackson-databind, versions before 2.6.7.1, 2.7.9.1 and 2.8.9, ... CVE-2017-7525
MLIST:[lucene-dev] 20190325 [jira] [Assigned] (SOLR-13112) CVE-2018-14718(-14719),sonatype-2017-0312, CVE-2018-14720(-14721) Threat Level 8 Against Solr v7.6. com.fasterxml.jackson.core : jackson-databind : 2.9.6. FasterXML jackson-databind 2.x before 2.9.7 Remote Hackers... CVE-2018-14718 CVE-2018-14720
MLIST:[lucene-dev] 20190325 [jira] [Closed] (SOLR-13110) CVE-2017-7525 Threat Level 9 Against Solr v7.6. org.codehaus.jackson : jackson-mapper-asl : 1.9.13. .A deserialization flaw was discovered in the jackson-databind, versions before 2.6.7.1, 2.7.9.1 and 2.8.9, ... CVE-2017-7525
MLIST:[lucene-dev] 20190325 [jira] [Commented] (SOLR-12770) [CVE-2017-3164] Make it possible to configure a shards whitelist for master/slave CVE-2017-3164
MLIST:[lucene-dev] 20190325 [jira] [Resolved] (SOLR-13110) CVE-2017-7525 Threat Level 9 Against Solr v7.6. org.codehaus.jackson : jackson-mapper-asl : 1.9.13. .A deserialization flaw was discovered in the jackson-databind, versions before 2.6.7.1, 2.7.9.1 and 2.8.9, ... CVE-2017-7525
MLIST:[lucene-dev] 20190325 [jira] [Updated] (SOLR-13110) CVE-2017-7525 Threat Level 9 Against Solr v7.6. org.codehaus.jackson : jackson-mapper-asl : 1.9.13. .A deserialization flaw was discovered in the jackson-databind, versions before 2.6.7.1, 2.7.9.1 and 2.8.9, ... CVE-2017-7525
MLIST:[lucene-dev] 20190325 [jira] [Updated] (SOLR-13112) CVE-2018-14718(-14719),sonatype-2017-0312, CVE-2018-14720(-14721) Threat Level 8 Against Solr v7.6. com.fasterxml.jackson.core : jackson-databind : 2.9.6. FasterXML jackson-databind 2.x before 2.9.7 Remote Hackers... CVE-2018-14718 CVE-2018-14720
MLIST:[lucene-dev] 20190326 [jira] [Commented] (SOLR-13301) [CVE-2019-0192] Deserialization of untrusted data via jmx.serviceUrl CVE-2019-0192
MLIST:[lucene-dev] 20190326 [jira] [Updated] (SOLR-13301) [CVE-2019-0192] Deserialization of untrusted data via jmx.serviceUrl CVE-2019-0192
MLIST:[lucene-dev] 20190327 [jira] [Commented] (SOLR-12770) [CVE-2017-3164] Make it possible to configure a shards whitelist for master/slave CVE-2017-3164
MLIST:[lucene-dev] 20190327 [jira] [Commented] (SOLR-13301) [CVE-2019-0192] Deserialization of untrusted data via jmx.serviceUrl CVE-2019-0192
MLIST:[lucene-dev] 20190405 [jira] [Commented] (SOLR-12770) [CVE-2017-3164] Make it possible to configure a shards whitelist for master/slave CVE-2017-3164
MLIST:[lucene-dev] 20190405 [jira] [Updated] (SOLR-12770) [CVE-2017-3164] Make it possible to configure a shards whitelist for master/slave CVE-2017-3164
MLIST:[lucene-dev] 20190723 [jira] [Updated] (SOLR-13648) vulnerable simple-xml-2.7.1.jar CVE-2017-1000190
MLIST:[lucene-dev] 20190909 [SECURITY] CVE-2019-12401: XML Bomb in Apache Solr versions prior to 5.0 CVE-2019-12401
MLIST:[lucene-dev] 20190909 [jira] [Resolved] (SOLR-13750) [CVE-2019-12401] XML Bomb in Apache Solr versions prior to 5.0.0 CVE-2019-12401
MLIST:[lucene-dev] 20190909 [jira] [Updated] (SOLR-13750) [CVE-2019-12401] XML Bomb in Apache Solr versions prior to 5.0.0 CVE-2019-12401
MLIST:[lucene-dev] 20190911 [jira] [Commented] (SOLR-13750) [CVE-2019-12401] XML Bomb in Apache Solr versions prior to 5.0.0 CVE-2019-12401
MLIST:[lucene-dev] 20191029 CVE-2018-11768 in regards to Solr CVE-2018-11768
MLIST:[lucene-dev] 20191029 Re: CVE-2018-11768 in regards to Solr CVE-2018-11768
MLIST:[lucene-dev] 20191031 RE: CVE-2018-11768 in regards to Solr CVE-2018-11768
MLIST:[lucene-dev] 20200213 Re: 7.7.3 bugfix release CVE-2019-0193 CVE-2019-17558
MLIST:[lucene-dev] 20200214 Re: 7.7.3 bugfix release CVE-2019-0193 CVE-2019-17558
MLIST:[lucene-dev] 20210310 Does CVE-2020-27223 impact Solr 8.6.1 CVE-2020-27223
MLIST:[lucene-dev] 20210310 Re: Does CVE-2020-27223 impact Solr 8.6.1 CVE-2020-27223
MLIST:[lucene-general] 20190909 [SECURITY] CVE-2019-12401: XML Bomb in Apache Solr versions prior to 5.0 CVE-2019-12401
MLIST:[lucene-general] 20191118 CVE-2019-12409: Apache Solr RCE vulnerability due to bad config default CVE-2019-12409
MLIST:[lucene-issues] 20191004 [GitHub] [lucene-solr] marungo opened a new pull request #925: SOLR-13818: Upgrade jackson to 2.10.0 CVE-2018-11307 CVE-2018-12022 CVE-2018-12023
MLIST:[lucene-issues] 20191025 [jira] [Commented] (SOLR-13669) [CVE-2019-0193] Remote Code Execution via DataImportHandler CVE-2019-0193
MLIST:[lucene-issues] 20191025 [jira] [Commented] (SOLR-13873) Is there any fix for CVE-2019-0193 issue for solr 7.7.1 CVE-2019-0193
MLIST:[lucene-issues] 20191025 [jira] [Created] (SOLR-13873) Is there any fix for CVE-2019-0193 issue for solr 7.7.1 CVE-2019-0193
MLIST:[lucene-issues] 20191025 [jira] [Resolved] (SOLR-13873) Is there any fix for CVE-2019-0193 issue for solr 7.7.1 CVE-2019-0193
MLIST:[lucene-issues] 20191025 [jira] [Updated] (SOLR-13873) Is there any fix for CVE-2019-0193 issue for solr 7.7.1 CVE-2019-0193
MLIST:[lucene-issues] 20191118 [jira] [Commented] (SOLR-13647) CVE-2019-12409: Apache Solr RCE vulnerability due to bad config default CVE-2019-12409
MLIST:[lucene-issues] 20191118 [jira] [Updated] (SOLR-13647) CVE-2019-12409: Apache Solr RCE vulnerability due to bad config default CVE-2019-12409
MLIST:[lucene-issues] 20191129 [jira] [Commented] (SOLR-13669) [CVE-2019-0193] Remote Code Execution via DataImportHandler CVE-2019-0193
MLIST:[lucene-issues] 20191130 [jira] [Closed] (SOLR-13669) [CVE-2019-0193] Remote Code Execution via DataImportHandler CVE-2019-0193
MLIST:[lucene-issues] 20191130 [jira] [Resolved] (SOLR-13669) [CVE-2019-0193] Remote Code Execution via DataImportHandler CVE-2019-0193
MLIST:[lucene-issues] 20200107 [jira] [Commented] (SOLR-13971) CVE-2019-17558: Velocity custom template RCE vulnerability CVE-2019-17558
MLIST:[lucene-issues] 20200108 [GitHub] [lucene-solr] Sachpat commented on a change in pull request #1156: SOLR-13971: CVE-2019-17558: Velocity custom template RCE vulnerability CVE-2019-17558
MLIST:[lucene-issues] 20200108 [GitHub] [lucene-solr] Sachpat commented on issue #1156: SOLR-13971: CVE-2019-17558: Velocity custom template RCE vulnerability CVE-2019-17558
MLIST:[lucene-issues] 20200108 [GitHub] [lucene-solr] Sachpat opened a new pull request #1156: SOLR-13971 CVE-2019-17558
MLIST:[lucene-issues] 20200108 [GitHub] [lucene-solr] artem-smotrakov commented on a change in pull request #1156: SOLR-13971: CVE-2019-17558: Velocity custom template RCE vulnerability CVE-2019-17558
MLIST:[lucene-issues] 20200108 [jira] [Commented] (SOLR-13971) CVE-2019-17558: Velocity custom template RCE vulnerability CVE-2019-17558
MLIST:[lucene-issues] 20200108 [jira] [Updated] (SOLR-14025) CVE-2019-17558: Velocity response writer RCE vulnerability persists after 8.3.1 CVE-2019-17558
MLIST:[lucene-issues] 20200113 [GitHub] [lucene-solr] Sachpat closed pull request #1156: SOLR-13971: CVE-2019-17558: Velocity custom template RCE vulnerability CVE-2019-17558
MLIST:[lucene-issues] 20200113 [GitHub] [lucene-solr] Sachpat commented on issue #1156: SOLR-13971: CVE-2019-17558: Velocity custom template RCE vulnerability CVE-2019-17558
MLIST:[lucene-issues] 20200113 [GitHub] [lucene-solr] chatman commented on issue #1156: SOLR-13971: CVE-2019-17558: Velocity custom template RCE vulnerability CVE-2019-17558
MLIST:[lucene-issues] 20200113 [jira] [Commented] (SOLR-14025) CVE-2019-17558: Velocity response writer RCE vulnerability persists after 8.3.1 CVE-2019-17558
MLIST:[lucene-issues] 20200218 [jira] [Commented] (SOLR-13669) [CVE-2019-0193] Remote Code Execution via DataImportHandler CVE-2019-0193
MLIST:[lucene-issues] 20200218 [jira] [Updated] (SOLR-13669) [CVE-2019-0193] Remote Code Execution via DataImportHandler CVE-2019-0193
MLIST:[lucene-issues] 20200219 [jira] [Updated] (SOLR-14025) CVE-2019-17558: Velocity response writer RCE vulnerability persists after 8.3.1 CVE-2019-17558
MLIST:[lucene-issues] 20200815 [jira] [Commented] (SOLR-11486) CVE-2016-6809: Upgrade TIKA CVE-2016-6809
MLIST:[lucene-issues] 20200816 [jira] [Issue Comment Deleted] (SOLR-11486) CVE-2016-6809: Upgrade TIKA CVE-2016-6809
MLIST:[lucene-issues] 20201013 [jira] [Updated] (SOLR-14925) CVE-2020-13957: The checks added to unauthenticated configset uploads can be circumvented CVE-2020-13957
MLIST:[lucene-issues] 20201019 [GitHub] [lucene-site] tflobbe opened a new pull request #31: Add CVE-2020-13957 page CVE-2020-13957
MLIST:[lucene-issues] 20201022 [jira] [Created] (SOLR-14960) Solr-clustering is bringing in CVE-2018-10237 vulnerable guava CVE-2018-10237
MLIST:[lucene-issues] 20201022 [jira] [Resolved] (SOLR-14960) Solr-clustering is bringing in CVE-2018-10237 vulnerable guava CVE-2018-10237
MLIST:[lucene-issues] 20201022 [jira] [Updated] (SOLR-14960) Solr-clustering is bringing in CVE-2018-10237 vulnerable guava CVE-2018-10237
MLIST:[lucene-issues] 20201029 [jira] [Commented] (SOLR-14925) CVE-2020-13957: The checks added to unauthenticated configset uploads can be circumvented CVE-2020-13957
MLIST:[lucene-issues] 20201030 [GitHub] [lucene-site] tflobbe closed pull request #32: Publish: Add CVE-2020-13957 page (#31) CVE-2020-13957
MLIST:[lucene-issues] 20201030 [GitHub] [lucene-site] tflobbe commented on pull request #32: Publish: Add CVE-2020-13957 page (#31) CVE-2020-13957
MLIST:[lucene-issues] 20201030 [GitHub] [lucene-site] tflobbe merged pull request #31: Add CVE-2020-13957 page CVE-2020-13957
MLIST:[lucene-issues] 20201030 [GitHub] [lucene-site] tflobbe opened a new pull request #32: Publish: Add CVE-2020-13957 page (#31) CVE-2020-13957
MLIST:[lucene-issues] 20201102 [jira] [Commented] (SOLR-14925) CVE-2020-13957: The checks added to unauthenticated configset uploads can be circumvented CVE-2020-13957
MLIST:[lucene-issues] 20201102 [jira] [Updated] (SOLR-14925) CVE-2020-13957: The checks added to unauthenticated configset uploads can be circumvented CVE-2020-13957
MLIST:[lucene-issues] 20210210 [GitHub] [lucene-solr] rhtham commented on pull request #1156: SOLR-13971: CVE-2019-17558: Velocity custom template RCE vulnerability CVE-2019-17558
MLIST:[lucene-issues] 20210210 [GitHub] [lucene-solr] rhtham edited a comment on pull request #1156: SOLR-13971: CVE-2019-17558: Velocity custom template RCE vulnerability CVE-2019-17558
MLIST:[lucene-issues] 20210315 [GitHub] [lucene-solr] erikhatcher commented on pull request #1156: SOLR-13971: CVE-2019-17558: Velocity custom template RCE vulnerability CVE-2019-17558
MLIST:[lucene-issues] 20210921 [GitHub] [lucene-solr] madrob commented on pull request #2579: SOLR-15269: Upgrade Apache HttpComponents Client to 4.5.13 to fix CVE-2020-13956 CVE-2020-13956
MLIST:[lucene-issues] 20210921 [GitHub] [lucene-solr] ventry1990 commented on pull request #2579: SOLR-15269: Upgrade Apache HttpComponents Client to 4.5.13 to fix CVE-2020-13956 CVE-2020-13956
MLIST:[lucene-issues] 20210921 [GitHub] [lucene-solr] ventry1990 opened a new pull request #2579: SOLR-15269: Upgrade Apache HttpComponents Client to 4.5.13 to fix CVE-2020-13956 CVE-2020-13956
MLIST:[lucene-issues] 20211007 [GitHub] [lucene-solr] madrob commented on pull request #2579: SOLR-15269: Upgrade Apache HttpComponents Client to 4.5.13 to fix CVE-2020-13956 CVE-2020-13956
MLIST:[lucene-issues] 20211009 [GitHub] [lucene-solr] ventry1990 closed pull request #2579: SOLR-15269: Upgrade Apache HttpComponents Client to 4.5.13 to fix CVE-2020-13956 CVE-2020-13956
MLIST:[lucene-issues] 20211009 [GitHub] [lucene-solr] ventry1990 commented on pull request #2579: SOLR-15269: Upgrade Apache HttpComponents Client to 4.5.13 to fix CVE-2020-13956 CVE-2020-13956
MLIST:[lucene-issues] 20211009 [GitHub] [lucene-solr] ventry1990 opened a new pull request #2579: SOLR-15269: Upgrade Apache HttpComponents Client to 4.5.13 to fix CVE-2020-13956 CVE-2020-13956
MLIST:[lucene-issues] 20211011 [GitHub] [lucene-solr] madrob merged pull request #2579: SOLR-15269: Upgrade Apache HttpComponents Client to 4.5.13 to fix CVE-2020-13956 CVE-2020-13956
MLIST:[lucene-solr-user] 20180704 [SECURITY] CVE-2018-8026: XXE vulnerability due to Apache Solr configset upload (exchange rate provider config / enum field config / TIKA parsecontext) CVE-2018-8026
MLIST:[lucene-solr-user] 20190103 Re: SOLR v7 Security Issues Caused Denial of Use - Sonatype Application Composition Report CVE-2018-1000
MLIST:[lucene-solr-user] 20190103 SOLR v7 Security Issues Caused Denial of Use - Sonatype Application Composition Report CVE-2018-1000
MLIST:[lucene-solr-user] 20190104 Re: SOLR v7 Security Issues Caused Denial of Use - Sonatype Application Composition Report CVE-2013-4002 CVE-2015-1832 CVE-2016-1000031 CVE-2016-1000338 CVE-2016-1000343 CVE-2016-4434 CVE-2017-1000190 CVE-2017-12626 CVE-2017-7525 CVE-2017-7656 CVE-2017-7657 CVE-2017-7658 CVE-2018-1000 CVE-2018-1000180 CVE-2018-1000632 CVE-2018-11761 CVE-2018-1308 CVE-2018-8009
MLIST:[lucene-solr-user] 20190909 [SECURITY] CVE-2019-12401: XML Bomb in Apache Solr versions prior to 5.0 CVE-2019-12401
MLIST:[lucene-solr-user] 20191118 CVE-2019-12409: Apache Solr RCE vulnerability due to bad config default CVE-2019-12409
MLIST:[lucene-solr-user] 20191218 CVE-2017-7525 fix for Solr 7.7.x CVE-2017-7525
MLIST:[lucene-solr-user] 20191218 Re: CVE-2017-7525 fix for Solr 7.7.x CVE-2017-7525
MLIST:[lucene-solr-user] 20191219 Re: CVE-2017-7525 fix for Solr 7.7.x CVE-2017-15095 CVE-2017-7525
MLIST:[lucene-solr-user] 20200320 CVEs (vulnerabilities) that apply to Solr 8.4.1 CVE-2009-2625 CVE-2012-2098 CVE-2013-4002 CVE-2015-1832 CVE-2017-1000190 CVE-2018-17197 CVE-2018-8010 CVE-2019-10088 CVE-2019-10093 CVE-2019-10094 CVE-2019-12086 CVE-2019-12402 CVE-2019-12415 CVE-2019-14262 CVE-2019-17558
MLIST:[lucene-solr-user] 20200320 Re: CVEs (vulnerabilities) that apply to Solr 8.4.1 CVE-2009-2625 CVE-2017-1000190 CVE-2018-8010 CVE-2019-12402 CVE-2019-14262 CVE-2019-17558
MLIST:[lucene-solr-user] 20201229 Upgrade httpclient version due to CVE-2020-13956? CVE-2020-13956
MLIST:[lucene-solr-user] 20210203 Re: SolrCloud keeps crashing CVE-2019-17558
MLIST:[lucene-solr-user] 20210212 CVE-2019-17558 on SOLR 6.1 CVE-2019-17558
MLIST:[lucene-solr-user] 20210212 Re: CVE-2019-17558 on SOLR 6.1 CVE-2019-17558
MLIST:[lucene-solr-user] 20210213 Re: CVE-2019-17558 on SOLR 6.1 CVE-2019-17558
MLIST:[lxc-devel] 20150929 LXC security issue - affects all supported releases CVE-2015-1335
MLIST:[lxc-devel] 20170309 Security fix for CVE-2017-5985 (lxc-user-nic) CVE-2017-5985
MLIST:[lxr-developer] 20100105 [Lxr-dev] [ lxr-Bugs-2926043 ] Cross-Site Scripting bugs in LXR CVE-2009-4497
MLIST:[mailman-announce] 20180622 Mailman 2.1.27 released CVE-2018-0618
MLIST:[mailman-users] 20180120 Mailman 2.1.26 Security release Feb 4, 2018 CVE-2018-5950
MLIST:[mailman-users] 20180710 Re: correction: Mailman 2.1.28 Security fix release CVE-2018-13796
MLIST:[manjaro-security] 20180828 [MSA-201808-1] Local PrivEsc, ACE, and DoS vulnerability in manjaro-system 20180716-1 and earlier CVE-2018-15912
MLIST:[mapserver-dev] 20170118 MapServer 6.0.6, 6.2.4, 6.4.5 and 7.0.4 are released CVE-2017-5522
MLIST:[mapserver-users] 20090326 MapServer 5.2.2 and 4.10.4 released with security fixes CVE-2009-0839 CVE-2009-0840 CVE-2009-0841 CVE-2009-0842 CVE-2009-0843 CVE-2009-1176 CVE-2009-1177
MLIST:[mapserver-users] 20110713 MapServer 6.0.1, 5.6.7 and 4.10.7 releases with security fixes CVE-2011-2975
MLIST:[mathopd] 20120202 security alert: directory traversal when using * in Location CVE-2012-1050
MLIST:[matroska-users] 20151020 libEBML v1.3.3, libMatroska v1.4.4 released: important fixes CVE-2015-8789 CVE-2015-8790 CVE-2015-8791 CVE-2015-8792
MLIST:[maven-commits] 20190531 [maven-archetype] 01/01: ARCHETYPE-567: switch to dom4j 2.1.1 (and Java 8) dom4j 2.1.1 requires Java 8 dom4j 2.0.2 would retain Java 7 but is vulnerable to CVE-2018-1000632 dom4j 2.0.3 fixes CVE-2018-1000632 but has been pending for ~1 year CVE-2018-1000632
MLIST:[maven-commits] 20190601 [maven-archetype] 01/01: ARCHETYPE-567: switch to dom4j 2.1.1 (and Java 8) dom4j 2.1.1 requires Java 8 dom4j 2.0.2 would retain Java 7 but is vulnerable to CVE-2018-1000632 dom4j 2.0.3 fixes CVE-2018-1000632 but has been pending for ~1 year CVE-2018-1000632
MLIST:[maven-commits] 20190604 [maven-archetype] branch master updated: ARCHETYPE-567: switch to dom4j 2.1.1 (and Java 8) dom4j 2.1.1 requires Java 8 dom4j 2.0.2 would retain Java 7 but is vulnerable to CVE-2018-1000632 dom4j 2.0.3 fixes CVE-2018-1000632 but has been pending for ~1 year CVE-2018-1000632
MLIST:[maven-dev] 20190531 Re: proposal for maven-archetype to switch to dom4j 2.1.1 (and Java 8) CVE-2018-1000632
MLIST:[maven-dev] 20190531 proposal for maven-archetype to switch to dom4j 2.1.1 (and Java 8) CVE-2018-1000632
MLIST:[maven-dev] 20190603 Re: proposal for maven-archetype to switch to dom4j 2.1.1 (and Java 8) CVE-2018-1000632
MLIST:[maven-dev] 20190610 Re: proposal for maven-archetype to switch to dom4j 2.1.1 (and Java 8) CVE-2018-1000632
MLIST:[maven-dev] 20210423 CVE-2021-26291: Apache Maven: block repositories using http by default CVE-2021-26291
MLIST:[maven-issues] 20200730 [GitHub] [maven-dependency-plugin] slachiewicz commented on pull request #91: Bump jettyVersion from 9.2.28.v20190418 to 9.3.0.v20150612 CVE-2017-7656
MLIST:[maven-issues] 20210122 [GitHub] [maven-indexer] akurtakov opened a new pull request #75: Remove guava dependency from indexer-core CVE-2018-10237
MLIST:[maven-issues] 20210530 [jira] [Closed] (DOXIA-615) Can you provide an updated version in order to fix CVE-2020-13956 CVE-2020-13956
MLIST:[maven-issues] 20210530 [jira] [Resolved] (DOXIA-615) Can you provide an updated version in order to fix CVE-2020-13956 CVE-2020-13956
MLIST:[maven-issues] 20210530 [jira] [Updated] (DOXIA-615) Can you provide an updated version in order to fix CVE-2020-13956 CVE-2020-13956
MLIST:[maven-issues] 20210621 [jira] [Assigned] (DOXIA-615) Can you provide an updated version in order to fix CVE-2020-13956 CVE-2020-13956
MLIST:[maven-issues] 20210830 [jira] [Created] (WAGON-612) Update jsoup to >= 1.14.2 for fix security issue CVE-2021-37714
MLIST:[maven-issues] 20210901 [jira] [Commented] (MNG-7227) Fix CVE-2021-37714 present in apache-maven CVE-2021-37714
MLIST:[maven-issues] 20210901 [jira] [Created] (MNG-7227) Fix CVE-2021-37714 present in apache-maven CVE-2021-37714
MLIST:[maven-issues] 20210901 [jira] [Updated] (MNG-7227) Fix CVE-2021-37714 present in apache-maven CVE-2021-37714
MLIST:[maven-users] 20190430 [SECURITY] CVE-2019-0213: Apache Archiva Stored XSS CVE-2019-0213
MLIST:[maven-users] 20190430 [SECURITY] CVE-2019-0214: Apache Archiva arbitrary file write and delete on the server CVE-2019-0214
MLIST:[maven-users] 20200619 [SECURITY] CVE-2020-9495: Apache Archiva login service is vulnerable to LDAP injection CVE-2020-9495
MLIST:[maven-users] 20210423 CVE-2021-26291: Apache Maven: block repositories using http by default CVE-2021-26291
MLIST:[mediawiki-announce] 20081215 MediaWiki 1.13.3, 1.12.2, 1.6.11 security update CVE-2008-5249 CVE-2008-5250 CVE-2008-5252 CVE-2008-5687 CVE-2008-5688
MLIST:[mediawiki-announce] 20090713 MediaWiki security update: 1.15.1 and 1.14.1 CVE-2009-4589
MLIST:[mediawiki-announce] 20100728 MediaWiki security release: 1.16.0 and 1.15.5 CVE-2010-2789
MLIST:[mediawiki-announce] 20140228 MediaWiki Security and Maintenance Releases: 1.22.3, 1.21.6 and 1.19.12 CVE-2014-2242 CVE-2014-2243 CVE-2014-2244
MLIST:[mediawiki-announce] 20140328 MediaWiki Security and Maintenance Releases: 1.22.5, 1.21.8 and 1.19.14 CVE-2014-2665
MLIST:[mediawiki-announce] 20170406 Security Release: 1.28.1 / 1.27.2 / 1.23.16 CVE-2017-0361 CVE-2017-0362 CVE-2017-0363 CVE-2017-0364 CVE-2017-0365 CVE-2017-0366 CVE-2017-0367 CVE-2017-0368 CVE-2017-0369 CVE-2017-0370 CVE-2017-0372
MLIST:[mediawiki-announce] 20170430 Security release 1.27.3 and 1.28.2 CVE-2017-0372
MLIST:[mesos-dev] 20190323 CVE-2019-0204: Some Mesos components can be overwritten making arbitrary code execution possible. CVE-2019-0204 CVE-2019-5736
MLIST:[mesos-user] 20190323 CVE-2019-0204: Some Mesos components can be overwritten making arbitrary code execution possible. CVE-2019-5736
MLIST:[mhonarc-dev] 20101230 [bug #32014] CVE-2010-1677: DoS when processing html messages with deep tag nesting CVE-2010-1677
MLIST:[mimedefang] 20070209 SECURITY: MIMEDefang 2.61 is Released CVE-2007-0884
MLIST:[mina-dev] 20190620 [jira] [Created] (SSHD-925) See if SCP vulnerability CVE-2019-6111 applies and mitigate it if so CVE-2019-6111
MLIST:[mina-dev] 20190623 [jira] [Comment Edited] (SSHD-925) See if SCP vulnerability CVE-2019-6111 applies and mitigate it if so CVE-2019-6111
MLIST:[mina-dev] 20190623 [jira] [Commented] (SSHD-925) See if SCP vulnerability CVE-2019-6111 applies and mitigate it if so CVE-2019-6111
MLIST:[mina-dev] 20190820 [jira] [Resolved] (SSHD-925) See if SCP vulnerability CVE-2019-6111 applies and mitigate it if so CVE-2019-6111
MLIST:[mina-dev] 20210225 [jira] [Created] (FTPSERVER-500) Security vulnerability in common/lib/log4j-1.2.17.jar CVE-2011-1007 CVE-2011-1008 CVE-2011-2085 CVE-2012-1093 CVE-2016-10228 CVE-2016-1585 CVE-2016-2781 CVE-2016-9085 CVE-2017-11164 CVE-2017-9814 CVE-2017-9937 CVE-2018-1000654 CVE-2018-10126 CVE-2018-11489 CVE-2018-18064 CVE-2018-20839 CVE-2018-5709 CVE-2019-12904 CVE-2019-13050 CVE-2019-17571 CVE-2019-18276 CVE-2019-20838 CVE-2019-25013 CVE-2019-6461 CVE-2019-6462 CVE-2019-8842 CVE-2020-0499 CVE-2020-14155 CVE-2020-24977 CVE-2020-25648 CVE-2020-27619 CVE-2020-29562 CVE-2020-6096 CVE-2020-9488 CVE-2020-9794 CVE-2020-9849 CVE-2020-9991 CVE-2021-23336 CVE-2021-27218 CVE-2021-27219 CVE-2021-3177
MLIST:[mina-users] 20210712 CVE-2021-30129: DoS/OOM leak vulnerability in Apache Mina SSHD Server CVE-2021-30129
MLIST:[misc] 20071010 OpenBSD XSS ;) CVE-2007-6700
MLIST:[mm-commits] 20100923 + sys_semctl-fix-kernel-stack-leakage.patch added to -mm tree CVE-2010-4083
MLIST:[mm-commits] 20110314 + proc-protect-mm-start_code-end_code-in-proc-pid-stat.patch added to -mm tree CVE-2011-0726
MLIST:[mm-commits] 20140617 + shmem-fix-faulting-into-a-hole-while-its-punched.patch added to -mm tree CVE-2014-4171
MLIST:[mnemo] 20050422 Mnemo 1.1.4 (final) CVE-2005-1320
MLIST:[mnemonic-commits] 20201204 [mnemonic] branch master updated: MNEMONIC-553: Fix for CVE-2017-5929 CVE-2017-5929
MLIST:[mnemonic-dev] 20201202 [GitHub] [mnemonic] yzz127 opened a new pull request #152: MNEMONIC-553: Fix for CVE-2017-5929 CVE-2017-5929
MLIST:[mnemonic-dev] 20201204 [GitHub] [mnemonic] bigdata-memory merged pull request #152: MNEMONIC-553: Fix for CVE-2017-5929 CVE-2017-5929
MLIST:[mod-security-users] 20130527 Availability of ModSecurity 2.7.4 Stable Release CVE-2013-2765
MLIST:[mod_python] 20040122 [ANNOUNCE] Mod_python 2.7.10 CVE-2004-0096
MLIST:[modmellon] 20141103 Information disclosure vulnerability in version 0.8.0 of mod_auth_mellon CVE-2014-8566 CVE-2014-8567
MLIST:[monkeysphere] 20101025 resolved monkeysphere security vulnerability CVE-2010-4096
MLIST:[mono-devel-list] 20080726 [PATCH] HTML encode attributes that might need encoding CVE-2008-3422
MLIST:[mpg123-devel] 20090405 mpg123 1.7.2 is out -- important security fix! CVE-2009-1301
MLIST:[mpm-itk] 20110321 CVE 2011-1176: Sometimes runs as root instead of the default Apache user CVE-2011-1176
MLIST:[mpm-itk] 20110321 mpm-itk version 2.2.17-01 released CVE-2011-1176
MLIST:[musl] 20120417 musl security advisory #001: stack buffer overflow in vfprintf with long output CVE-2012-2114
MLIST:[mute-net-discuss] 20050317 Houston, Houston we have problem! CVE-2005-4726
MLIST:[mute-net-discuss] 20050318 Re: Houston, Houston we have problem! CVE-2005-4726
MLIST:[mutt-dev] 20061004 security problem with temp files [was Re: mutt_adv_mktemp() ?] CVE-2006-5297 CVE-2006-5298
MLIST:[mxnet-commits] 20200317 [GitHub] [incubator-mxnet] leezu opened a new pull request #17860: libjpeg-turbo: Fix user-assisted execution of arbitrary code CVE-2019-2201
MLIST:[myfaces-commits] 20200826 [myfaces-tobago] branch tobago-2.x updated: update ant because of CVE-2020-1945 CVE-2020-1945
MLIST:[myfaces-commits] 20201120 [myfaces-tobago] branch tobago-2.x updated: Update batik dependency from 1.9 to 1.13, because of CVE-2019-17566 CVE-2019-17566
MLIST:[myfaces-commits] 20201211 [myfaces-tobago] 02/22: update ant because of CVE-2020-1945 CVE-2020-1945
MLIST:[myfaces-commits] 20201211 [myfaces-tobago] 21/22: Update batik dependency from 1.9 to 1.13, because of CVE-2019-17566 CVE-2019-17566
MLIST:[myfaces-commits] 20210421 [myfaces-tobago] branch master updated: Updating lib, to avoid CVE problem CVE-2021-23368 with postcss CVE-2021-23368
MLIST:[myfaces-commits] 20210421 [myfaces-tobago] branch master updated: build(postcss): update dependency to fix CVE-2021-23368 CVE-2021-23368
MLIST:[myfaces-commits] 20211021 [myfaces-tobago] branch tobago-5.x updated: build: workaround for CVE-2021-42340 CVE-2021-42340
MLIST:[myfaces-dev] 20210421 [GitHub] [myfaces-tobago] henningn merged pull request #774: build(postcss): update dependency to fix CVE-2021-23368 CVE-2021-23368
MLIST:[myfaces-dev] 20210421 [GitHub] [myfaces-tobago] henningn opened a new pull request #774: build(postcss): update dependency to fix CVE-2021-23368 CVE-2021-23368
MLIST:[myfaces-dev] 20210421 [GitHub] [myfaces-tobago] lofwyr14 merged pull request #775: Updating lib, to avoid CVE problem CVE-2021-23368 with postcss CVE-2021-23368
MLIST:[myfaces-dev] 20210421 [GitHub] [myfaces-tobago] lofwyr14 opened a new pull request #775: Updating lib, to avoid CVE problem CVE-2021-23368 with postcss CVE-2021-23368
MLIST:[myfaces-dev] 20210504 [GitHub] [myfaces-tobago] lofwyr14 opened a new pull request #808: build: CVE fix CVE-2021-29425
MLIST:[myfaces-dev] 20210506 [GitHub] [myfaces-tobago] lofwyr14 opened a new pull request #817: build: CVE fix CVE-2021-26291
MLIST:[myfaces-dev] 20210506 [GitHub] [myfaces-tobago] lofwyr14 opened a new pull request #821: build: CVE fix CVE-2020-7791
MLIST:[myfaces-dev] 20210531 Re: [VOTE] Release Tobago 4.5.4, 5.0.0-alpha-1 and checkstyle-rules 14 CVE-2021-23343
MLIST:[myfaces-dev] 20210830 [GitHub] [myfaces-tobago] lofwyr14 opened a new pull request #1215: build: CVE fix CVE-2021-36373 CVE-2021-36374
MLIST:[myfaces-users] 20160929 Re: CVE-2016-5019: MyFaces Trinidad view state deserialization security vulnerability CVE-2016-5019
MLIST:[myserver-commit] 20070210 SF.net SVN: myserver: [2183] trunk/myserver/source/server.cpp CVE-2007-1588
MLIST:[nag] 20050422 Nag 1.1.3 (final) CVE-2005-1322
MLIST:[nagios-devel] 20081107 Security fixes completed CVE-2008-5027 CVE-2008-5028
MLIST:[nanog] 20090817 RE: Anyone else seeing "(invalid or corrupt AS path) 3 bytes E01100" ? CVE-2009-2055
MLIST:[nanog] 20100827 Did your BGP crash today? CVE-2010-3035
MLIST:[neon] 20070107 invalid chars cause sigserv in neon CVE-2007-0157
MLIST:[neon] 20080820 CVE-2008-3746: NULL pointer dereference in Digest domain support CVE-2008-3746
MLIST:[neon] 20080820 neon: release 0.28.3 (SECURITY) CVE-2008-3746
MLIST:[net-snmp-announce] 20050701 Multiple new Net-SNMP releases to fix a security related bug CVE-2005-2177
MLIST:[net-snmp-announce] 20140225 Multiple Security-fix Net-SNMP Releases: 5.5.2.1, 5.6.2.1, and 5.7.2.1 CVE-2014-2284
MLIST:[netbeans-commits] 20200429 [jira] [Created] (NETBEANS-4280) cleanup potential security breaches CVE-2017-16137 CVE-2019-5413 CVE-2019-5484
MLIST:[netbeans-notifications] 20200429 [GitHub] [netbeans] BradWalker opened a new pull request #2110: [NETBEANS-4280] - cleanup potential security breaches CVE-2017-16137 CVE-2019-5413 CVE-2019-5484
MLIST:[netbeans-notifications] 20200731 [GitHub] [netbeans] pepness opened a new pull request #2284: [NETBEANS-4664] - Upgrade JDBC PostgreSQL from 42.2.10 to 42.2.14 CVE-2020-13692
MLIST:[netbeans-notifications] 20200803 [GitHub] [netbeans] neilcsmith-net commented on pull request #2284: [NETBEANS-4664] - Upgrade JDBC PostgreSQL from 42.2.10 to 42.2.14 CVE-2020-13692
MLIST:[netbeans-notifications] 20210322 [GitHub] [netbeans] jtulach commented on pull request #2822: Offer to trust and prime the project when it is being opened. CVE-2020-11986
MLIST:[netbeans-notifications] 20210322 [GitHub] [netbeans] jtulach edited a comment on pull request #2822: Offer to trust and prime the project when it is being opened. CVE-2020-11986
MLIST:[netbsd-announce] 20051031 Announcing update 2.0.3 - source only CVE-2005-4691 CVE-2005-4779 CVE-2005-4783
MLIST:[netdev] 20050124 Re: skb_checksum_help CVE-2005-0449
MLIST:[netdev] 20090128 [PATCH] drivers/net/skfp: if !capable(CAP_NET_ADMIN): inverted logic CVE-2009-0675
MLIST:[netdev] 20100302 [PATCH 1/8] net: add limit for socket backlog CVE-2010-4805
MLIST:[netdev] 20101102 Re: [SECURITY] CAN info leak/minor heap overflow CVE-2010-4565
MLIST:[netdev] 20101102 [SECURITY] CAN info leak/minor heap overflow CVE-2010-4565
MLIST:[netdev] 20101109 Re: [PATCH] Fix CAN info leak/minor heap overflow CVE-2010-4565
MLIST:[netdev] 20101110 Re: [PATCH] Fix CAN info leak/minor heap overflow CVE-2010-4565
MLIST:[netdev] 20101222 [PATCH] irda: prevent integer underflow in IRLMP_ENUMDEVICES CVE-2010-4529
MLIST:[netdev] 20141220 Stable fixes for batman-adv CVE-2014-9428
MLIST:[netdev] 20150304 [PATCH net] af_unix: don't poll dead peers CVE-2013-7446
MLIST:[netdev] 20150414 [stable regression] tcp: make connect() mem charging friendly CVE-2015-3332
MLIST:[netdev] 20160304 Re: Possible double-free in the usbnet driver CVE-2016-3951
MLIST:[netdev] 20160514 BUG: net/tipc: NULL-ptr dereference in tipc_nl_publ_dump CVE-2016-4951
MLIST:[netdev] 20160515 BUG: use-after-free in netlink_dump CVE-2016-9806
MLIST:[netdev] 20161130 [PATCH 10/11] netfilter: ipv6: nf_defrag: drop mangled skb on ream error CVE-2016-9755
MLIST:[netdev] 20180116 http://lists.openwall.net/netdev/2018/01/16/40 CVE-2018-1000026
MLIST:[netdev] 20180118 http://lists.openwall.net/netdev/2018/01/18/96 CVE-2018-1000026
MLIST:[netdev] 20180207 [Secunia Research] Linux Kernel Vulnerability - Sending information CVE-2018-5803
MLIST:[netfilter-devel] 20031020 [PATCH] Fix possible oops in ipt_REDIRECT CVE-2003-1604
MLIST:[netfilter-devel] 20110317 [PATCH v2] ipv4: netfilter: ipt_CLUSTERIP: fix buffer overflow CVE-2011-2534
MLIST:[netfilter-devel] 20140526 OOPS NULL pointer dereference in nf_nat_setup_info+0x471 (reproductible, 3.14.4) CVE-2014-9715
MLIST:[netfilter] 20110310 [PATCH] ipv4: netfilter: ipt_CLUSTERIP: fix buffer overflow CVE-2011-2534
MLIST:[nettle-bugs] 20151211 Miscalculations on secp384 curve CVE-2015-8804
MLIST:[nettle-bugs] 20151212 secp256 calculation bug (already fixed) CVE-2015-8803
MLIST:[newsbeuter] 20170817 [CVE-2017-12904] Remote code execution CVE-2017-12904
MLIST:[nfsv4] 20061116 Status of execute permissions in NFSv4 ACLs ? CVE-2009-1630
MLIST:[nfsv4] 20061117 [Patch] Re: Status of execute permissions in NFSv4 ACLs ? CVE-2009-1630
MLIST:[ngIRCd-ML] 20050126 ngIRCd 0.8.2 CVE-2005-0199
MLIST:[ngIRCd-ML] 20070731 ngIRCd 0.10.3 - Security CVE-2007-6062
MLIST:[ngIRCd-ML] 20130215 ngIRCd 20.2 CVE-2013-1747
MLIST:[ngIRCd-ML] 20130217 ngIRCd 20.2 CVE-2013-1747
MLIST:[nginx-announce] 20120605 security advisory CVE-2011-4963
MLIST:[nginx-announce] 20130507 nginx security advisory (CVE-2013-2028) CVE-2013-2028
MLIST:[nginx-announce] 20131119 nginx security advisory (CVE-2013-4547) CVE-2013-4547
MLIST:[nginx-announce] 20140304 nginx security advisory (CVE-2014-0088) CVE-2014-0088
MLIST:[nginx-announce] 20140318 nginx security advisory (CVE-2014-0133) CVE-2014-0133
MLIST:[nginx-announce] 20140805 nginx security advisory (CVE-2014-3556) CVE-2014-3556
MLIST:[nginx-announce] 20160531 nginx security advisory (CVE-2016-4450) CVE-2016-4450
MLIST:[nginx-announce] 20170711 nginx security advisory (CVE-2017-7529) CVE-2017-7529
MLIST:[nginx] 20160126 nginx security advisory (CVE-2016-0742, CVE-2016-0746, CVE-2016-0747) CVE-2016-0742 CVE-2016-0746 CVE-2016-0747
MLIST:[ngircd-ml] 20130823 ngIRCd 20.3 CVE-2013-5580
MLIST:[nifi-commits] 20191113 svn commit: r1869773 - /nifi/site/trunk/security.html CVE-2016-5017 CVE-2017-3164 CVE-2017-5637 CVE-2018-1000873 CVE-2018-19360 CVE-2018-19361 CVE-2018-19362 CVE-2018-8012 CVE-2019-0192 CVE-2019-0193 CVE-2019-10246 CVE-2019-10247 CVE-2019-11358 CVE-2019-12086 CVE-2019-12384 CVE-2019-12814 CVE-2019-14439 CVE-2019-14540 CVE-2019-16335
MLIST:[nifi-commits] 20200123 svn commit: r1873083 - /nifi/site/trunk/security.html CVE-2016-5017 CVE-2017-3164 CVE-2017-5637 CVE-2018-1000873 CVE-2018-19360 CVE-2018-19361 CVE-2018-19362 CVE-2018-8012 CVE-2019-0192 CVE-2019-0193 CVE-2019-10080 CVE-2019-10083 CVE-2019-10246 CVE-2019-10247 CVE-2019-10768 CVE-2019-11358 CVE-2019-12086 CVE-2019-12384 CVE-2019-12421 CVE-2019-12814 CVE-2019-14439 CVE-2019-14540 CVE-2019-16335
MLIST:[nifi-commits] 20200421 svn commit: r1876802 - /nifi/site/trunk/registry-security.html CVE-2018-10054 CVE-2019-10782 CVE-2019-14540
MLIST:[nifi-commits] 20200930 svn commit: r1882168 - /nifi/site/trunk/security.html CVE-2019-12086 CVE-2019-9658 CVE-2020-11023 CVE-2020-7676
MLIST:[nifi-commits] 20201005 [nifi-site] branch main updated: Minor correction for CVE-2020-9491, Jira number from NIFI-7401 to NIFI-7407. CVE-2020-9491
MLIST:[nifi-commits] 20201005 svn commit: r1882253 - /nifi/site/trunk/security.html CVE-2020-9491
MLIST:[nifi-commits] 20210222 svn commit: r1886814 - /nifi/site/trunk/security.html CVE-2020-27218 CVE-2021-20190
MLIST:[nifi-commits] 20210907 [nifi] branch main updated: NIFI-9170 Upgrade commons-beanutils to 1.9.4 to mitigate CVE-2019-10086 NIFI-9170 Add two more 1.9.4 references to close out the few things identified by the Maven dependency plugin. CVE-2019-10086
MLIST:[nifi-issues] 20210310 [jira] [Commented] (NIFI-8309) Update to latest Jetty due to reported CVE-2020-27223 CVE-2020-27223
MLIST:[nifi-issues] 20210310 [jira] [Created] (NIFI-8309) Update to latest Jetty due to reported CVE-2020-27223 CVE-2020-27223
MLIST:[nifi-issues] 20210310 [jira] [Resolved] (NIFI-8309) Update to latest Jetty due to reported CVE-2020-27223 CVE-2020-27223
MLIST:[nifi-issues] 20210510 [GitHub] [nifi] exceptionfactory opened a new pull request #5066: NIFI-8502 Upgrade Spring Framework to 5.3.6 CVE-2021-22112
MLIST:[nifi-issues] 20210726 [jira] [Created] (NIFI-8948) Upgrade Spring Framework to 5.3.9 and Spring Security to 5.5.1 CVE-2021-22119
MLIST:[nifi-issues] 20210827 [GitHub] [nifi] naddym opened a new pull request #5351: NIFI-9170 Upgrade commons-beanutils to 1.9.4 to mitigate CVE-2019-10086 CVE-2019-10086
MLIST:[nifi-issues] 20210827 [jira] [Created] (NIFI-9170) Upgrade commons-beanutils to 1.9.4 to mitigate CVE-2019-10086 CVE-2019-10086
MLIST:[nifi-issues] 20210827 [jira] [Updated] (NIFI-9170) Upgrade commons-beanutils to 1.9.4 to mitigate CVE-2019-10086 CVE-2019-10086
MLIST:[nifi-issues] 20210907 [GitHub] [nifi] MikeThomsen commented on pull request #5351: NIFI-9170 Upgrade commons-beanutils to 1.9.4 to mitigate CVE-2019-10086 CVE-2019-10086
MLIST:[nifi-issues] 20210907 [GitHub] [nifi] asfgit closed pull request #5351: NIFI-9170 Upgrade commons-beanutils to 1.9.4 to mitigate CVE-2019-10086 CVE-2019-10086
MLIST:[nifi-issues] 20210907 [jira] [Commented] (NIFI-9170) Upgrade commons-beanutils to 1.9.4 to mitigate CVE-2019-10086 CVE-2019-10086
MLIST:[nifi-issues] 20210908 [GitHub] [nifi] naddym commented on pull request #5351: NIFI-9170 Upgrade commons-beanutils to 1.9.4 to mitigate CVE-2019-10086 CVE-2019-10086
MLIST:[nifi-issues] 20210915 [jira] [Updated] (NIFI-9170) Upgrade commons-beanutils to 1.9.4 to mitigate CVE-2019-10086 CVE-2019-10086
MLIST:[nss-pam-ldapd-announce] 20110309 nss-pam-ldapd security advisory (CVE-2011-0438) CVE-2011-0438
MLIST:[nutch-dev] 20191014 [SECURITY] Nutch 2.3.1 affected by downstream dependency CVE-2016-6809 CVE-2016-6809
MLIST:[nutch-dev] 20210125 Re: CVE-2021-23901: An XML external entity (XXE) injection vulnerability exists in the Nutch DmozParser CVE-2021-23901
MLIST:[nutch-user] 20191014 [SECURITY] Nutch 2.3.1 affected by downstream dependency CVE-2016-6809 CVE-2016-6809
MLIST:[nuttx-dev] 20201209 CVE-2020-17528: Apache NuttX (incubating) Out of Bound Write from invalid TCP Urgent length CVE-2020-17528
MLIST:[nuttx-dev] 20201209 CVE-2020-17529: Apache NuttX (incubating) Out of Bound Write from invalid fragmentation offset value specified in the IP header CVE-2020-17529
MLIST:[ocfs2-devel] 20110217 [PATCH] Treat writes as new when holes span across page boundaries CVE-2011-0463
MLIST:[ofbiz-commits] 20190415 svn commit: r1857586 - in /ofbiz: ofbiz-framework/trunk/build.gradle ofbiz-plugins/trunk/example/build.gradle CVE-2019-0232
MLIST:[ofbiz-commits] 20190415 svn commit: r1857587 - in /ofbiz: ofbiz-framework/branches/release18.12/build.gradle ofbiz-plugins/branches/release18.12/example/build.gradle CVE-2019-0232
MLIST:[ofbiz-commits] 20190415 svn commit: r1857588 - in /ofbiz: ofbiz-framework/branches/release17.12/build.gradle ofbiz-plugins/branches/release17.12/example/build.gradle CVE-2019-0232
MLIST:[ofbiz-commits] 20200206 svn commit: r1873710 - in /ofbiz/site: security.html template/page/security.tpl.php CVE-2018-17200 CVE-2019-0189 CVE-2019-10073
MLIST:[ofbiz-commits] 20200224 [ofbiz-framework] branch release17.12 updated: Fixed: Improve ObjectInputStream class (CVE-2019-0189) Improved: no functional change (OFBIZ-10837) (OFBIZ-11398) CVE-2019-0189
MLIST:[ofbiz-commits] 20200224 [ofbiz-framework] branch release18.12 updated: Fixed: Improve ObjectInputStream class (CVE-2019-0189) Improved: no functional change (OFBIZ-10837) (OFBIZ-11398) CVE-2019-0189
MLIST:[ofbiz-commits] 20200224 [ofbiz-framework] branch trunk updated: Fixed: Improve ObjectInputStream class (CVE-2019-0189) Improved: no functional change (OFBIZ-10837) (OFBIZ-11398) CVE-2019-0189
MLIST:[ofbiz-commits] 20200227 [ofbiz-plugins] branch release17.12 updated: Upgrade Tomcat from 9.0.29 to 9.0.31 (CVE-2020-1938) (OFBIZ-11407) CVE-2020-1938
MLIST:[ofbiz-commits] 20200306 svn commit: r1874880 [5/5] - in /ofbiz/site: download.html release-notes-17.12.01.html security.html template/page/download.tpl.php template/page/release-notes-17.12.01.tpl.php template/page/security.tpl.php CVE-2018-17200 CVE-2019-0189 CVE-2019-12426
MLIST:[ofbiz-commits] 20200430 [ofbiz-site] branch master updated: Update for 2 last CVEs: CVE-2019-0235 & CVE-2019-12425 CVE-2018-17200 CVE-2019-0189 CVE-2019-10073
MLIST:[ofbiz-commits] 20200430 svn commit: r1877207 - in /ofbiz/site: security.html template/page/security.tpl.php CVE-2018-17200 CVE-2019-12426 CVE-2020-1943
MLIST:[ofbiz-commits] 20200628 [ofbiz-framework] branch release17.12 updated: Fixed: Upgrades Tomcat to 9.0.36 due to CVE-2020-11996 (OFBIZ-11848) CVE-2020-11996
MLIST:[ofbiz-commits] 20200628 [ofbiz-framework] branch release18.12 updated: Fixed: Upgrades Tomcat to 9.0.36 due to CVE-2020-11996 (OFBIZ-11848) CVE-2020-11996
MLIST:[ofbiz-commits] 20200628 [ofbiz-framework] branch trunk updated: Fixed: Upgrades Tomcat to 9.0.36 due to CVE-2020-11996 (OFBIZ-11848) CVE-2020-11996
MLIST:[ofbiz-commits] 20200708 [ofbiz-framework] 01/02: Documented: POC for CSRF Token (CVE-2019-0235) (OFBIZ-11306) CVE-2019-0235
MLIST:[ofbiz-commits] 20210321 [ofbiz-framework] branch release17.12 updated: Fixed: Upgrade Apache PDFBox to 2.0.23 because of CVE-2021-27807 and CVE-2021-27906 (OFBIZ-12205) CVE-2021-27807 CVE-2021-27906
MLIST:[ofbiz-commits] 20210321 [ofbiz-framework] branch release18.12 updated: Fixed: Upgrade Apache PDFBox to 2.0.23 because of CVE-2021-27807 and CVE-2021-27906 (OFBIZ-12205) CVE-2021-27807 CVE-2021-27906
MLIST:[ofbiz-commits] 20210321 [ofbiz-framework] branch trunk updated: Fixed: Upgrade Apache PDFBox to 2.0.23 because of CVE-2021-27807 and CVE-2021-27906 (OFBIZ-12205) CVE-2021-27807 CVE-2021-27906
MLIST:[ofbiz-commits] 20210321 [ofbiz-site] branch master updated: Updates security page for CVE-2021-26295 fixed in 17.12.06 CVE-2019-12425 CVE-2020-13923 CVE-2020-9496
MLIST:[ofbiz-commits] 20210427 [ofbiz-site] branch master updated: Updates security page for CVE-2021-29200 and 30128 fixed in 17.12.07 CVE-2019-12425 CVE-2020-13923 CVE-2020-9496 CVE-2021-26295 CVE-2021-29200 CVE-2021-30128
MLIST:[ofbiz-commits] 20210613 [ofbiz-framework] branch release17.12 updated: Fixed: Update PDFBox to 2.0.24 because of CVE-2021-31811 & CVE-2021-31812 (OFBIZ-12256) CVE-2021-31811 CVE-2021-31812
MLIST:[ofbiz-commits] 20210613 [ofbiz-framework] branch release18.12 updated: Fixed: Update PDFBox to 2.0.24 because of CVE-2021-31811 & CVE-2021-31812 (OFBIZ-12256) CVE-2021-31811 CVE-2021-31812
MLIST:[ofbiz-commits] 20210613 [ofbiz-framework] branch trunk updated: Fixed: Update PDFBox to 2.0.24 because of CVE-2021-31811 & CVE-2021-31812 (OFBIZ-12256) CVE-2021-31811 CVE-2021-31812
MLIST:[ofbiz-commits] 20210811 [ofbiz-site] branch master updated: Updates security page for CVE-2021-37608 fixed in 17.12.08 CVE-2021-26295 CVE-2021-29200 CVE-2021-30128
MLIST:[ofbiz-commits] 20210903 [ofbiz-framework] branch release17.12 updated: Fixed: CVE-2021-37608 vulnerability bypass (OFBIZ-12307) CVE-2021-37608
MLIST:[ofbiz-commits] 20210903 [ofbiz-framework] branch release18.12 updated: Fixed: CVE-2021-37608 vulnerability bypass (OFBIZ-12307) CVE-2021-37608
MLIST:[ofbiz-commits] 20210903 [ofbiz-framework] branch trunk updated: Fixed: CVE-2021-37608 vulnerability bypass (OFBIZ-12307) CVE-2021-37608
MLIST:[ofbiz-commits] 20210915 [ofbiz-plugins] branch release17.12 updated: Fixed: The Solr version included in OFBiz has an SSRF vulnerability (CVE-2021-27905) (OFBIZ-12316) CVE-2021-27905
MLIST:[ofbiz-commits] 20210915 [ofbiz-plugins] branch release18.12 updated: Fixed: The Solr version included in OFBiz has an SSRF vulnerability (CVE-2021-27905) (OFBIZ-12316) CVE-2021-27905
MLIST:[ofbiz-commits] 20210915 [ofbiz-plugins] branch trunk updated: Fixed: The Solr version included in OFBiz has an SSRF vulnerability (CVE-2021-27905) (OFBIZ-12316) CVE-2021-27905
MLIST:[ofbiz-commits] 20210917 [ofbiz-framework] branch release17.12 updated: Fixed: CVE-2021-37608 vulnerability bypass (OFBIZ-12307) CVE-2021-37608
MLIST:[ofbiz-commits] 20210917 [ofbiz-framework] branch release18.12 updated: Fixed: CVE-2021-37608 vulnerability bypass (OFBIZ-12307) CVE-2021-37608
MLIST:[ofbiz-commits] 20210917 [ofbiz-framework] branch trunk updated: Fixed: CVE-2021-37608 vulnerability bypass (OFBIZ-12307) CVE-2021-37608
MLIST:[ofbiz-dev] 20120415 [CVE-2012-1621] Apache OFBiz information disclosure vulnerability CVE-2012-1621
MLIST:[ofbiz-dev] 20190910 [CVE-2018-17200] Apache OFBiz unauthenticated remote code execution vulnerability in HttpEngine CVE-2018-17200
MLIST:[ofbiz-dev] 20190910 [CVE-2019-0189] Apache OFBiz remote code execution and arbitrary file delete via Java CVE-2019-0189
MLIST:[ofbiz-dev] 20190910 [CVE-2019-10073] Apache OFBiz XSS vulnerability in the "ecommerce" component CVE-2019-10073
MLIST:[ofbiz-dev] 20190910 [CVE-2019-10074] Apache OFBiz RCE (template injection) CVE-2019-10074
MLIST:[ofbiz-dev] 20200705 Error.ftl everywhere CVE-2020-1943
MLIST:[ofbiz-dev] 20200715 Re: Error.ftl everywhere CVE-2020-1943
MLIST:[ofbiz-dev] 20210325 Comment out the SOAP and HTTP engines? CVE-2016-2170 CVE-2021-26295
MLIST:[ofbiz-dev] 20210325 Re: Comment out the SOAP and HTTP engines? CVE-2016-2170 CVE-2021-26295
MLIST:[ofbiz-dev] 20210329 Re: Comment out the SOAP and HTTP engines? CVE-2016-2170 CVE-2021-26295
MLIST:[ofbiz-dev] 20210427 [CVE-2021-29200] RCE vulnerability in latest Apache OFBiz due to Java serialisation using RMI CVE-2021-29200
MLIST:[ofbiz-dev] 20210427 [CVE-2021-30128] Unsafe deserialization in OFBiz CVE-2021-30128
MLIST:[ofbiz-notifications] 20190415 [jira] [Closed] (OFBIZ-10920) Update Tomcat to 9.0.18 due to CVE-2019-0232 CVE-2019-0232
MLIST:[ofbiz-notifications] 20190415 [jira] [Commented] (OFBIZ-10920) Update Tomcat to 9.0.18 due to CVE-2019-0232 CVE-2019-0232
MLIST:[ofbiz-notifications] 20190913 [jira] [Updated] (OFBIZ-10770) Update Apache commons-fileupload to last version (CVE-2019-0189) CVE-2019-0189
MLIST:[ofbiz-notifications] 20190913 [jira] [Updated] (OFBIZ-10837) Improve ObjectInputStream class (CVE-2019-0189) CVE-2019-0189
MLIST:[ofbiz-notifications] 20190913 [jira] [Updated] (OFBIZ-11006) Create customer request screen breaks when entering special characters (CVE-2019-10074) CVE-2019-10074
MLIST:[ofbiz-notifications] 20200224 [jira] [Commented] (OFBIZ-10837) Improve ObjectInputStream class (CVE-2019-0189) CVE-2019-0189
MLIST:[ofbiz-notifications] 20200224 [jira] [Updated] (OFBIZ-10837) Improve ObjectInputStream class (CVE-2019-0189) CVE-2019-0189
MLIST:[ofbiz-notifications] 20200225 [jira] [Commented] (OFBIZ-11407) Upgrade Tomcat from 9.0.29 to 9.0.31 (CVE-2020-1938) CVE-2020-1938
MLIST:[ofbiz-notifications] 20200225 [jira] [Updated] (OFBIZ-10837) Improve ObjectInputStream class (CVE-2019-0189) CVE-2019-0189
MLIST:[ofbiz-notifications] 20200225 [jira] [Updated] (OFBIZ-11407) Upgrade Tomcat from 9.0.29 to 9.0.31 (CVE-2020-1938) CVE-2020-1938
MLIST:[ofbiz-notifications] 20200227 [jira] [Commented] (OFBIZ-11407) Upgrade Tomcat from 9.0.29 to 9.0.31 (CVE-2020-1938) CVE-2020-1938
MLIST:[ofbiz-notifications] 20200228 [jira] [Comment Edited] (OFBIZ-11407) Upgrade Tomcat from 9.0.29 to 9.0.31 (CVE-2020-1938) CVE-2020-1938
MLIST:[ofbiz-notifications] 20200228 [jira] [Commented] (OFBIZ-11407) Upgrade Tomcat from 9.0.29 to 9.0.31 (CVE-2020-1938) CVE-2020-1938
MLIST:[ofbiz-notifications] 20200502 [jira] [Commented] (OFBIZ-10837) Improve ObjectInputStream class (CVE-2019-0189) CVE-2019-0189
MLIST:[ofbiz-notifications] 20200628 [jira] [Closed] (OFBIZ-11847) CLONE - Upgrade Tomcat from 9.0.34 to 9.0.36 (CVE-2020-11996) CVE-2020-11996
MLIST:[ofbiz-notifications] 20200628 [jira] [Closed] (OFBIZ-11848) Upgrade Tomcat from 9.0.34 to 9.0.36 (CVE-2020-11996) CVE-2020-11996
MLIST:[ofbiz-notifications] 20200628 [jira] [Commented] (OFBIZ-11848) Upgrade Tomcat from 9.0.34 to 9.0.36 (CVE-2020-11996) CVE-2020-11996
MLIST:[ofbiz-notifications] 20200628 [jira] [Created] (OFBIZ-11847) CLONE - Upgrade Tomcat from 9.0.34 to 9.0.36 (CVE-2020-11996) CVE-2020-11996 CVE-2020-1938
MLIST:[ofbiz-notifications] 20200628 [jira] [Created] (OFBIZ-11848) Upgrade Tomcat from 9.0.34 to 9.0.36 (CVE-2020-11996) CVE-2020-11996
MLIST:[ofbiz-notifications] 20200628 [jira] [Updated] (OFBIZ-11847) CLONE - Upgrade Tomcat from 9.0.34 to 9.0.36 (CVE-2020-11996) CVE-2020-11996 CVE-2020-1938
MLIST:[ofbiz-notifications] 20200701 [jira] [Reopened] (OFBIZ-11848) Upgrade Tomcat from 9.0.34 to 9.0.36 (CVE-2020-11996) CVE-2020-11996
MLIST:[ofbiz-notifications] 20200703 [jira] [Closed] (OFBIZ-11848) Upgrade Tomcat from 9.0.34 to 9.0.36 (CVE-2020-11996) CVE-2020-11996
MLIST:[ofbiz-notifications] 20200703 [jira] [Comment Edited] (OFBIZ-11848) Upgrade Tomcat from 9.0.34 to 9.0.36 (CVE-2020-11996) CVE-2020-11996
MLIST:[ofbiz-notifications] 20200703 [jira] [Commented] (OFBIZ-11848) Upgrade Tomcat from 9.0.34 to 9.0.36 (CVE-2020-11996) CVE-2020-11996
MLIST:[ofbiz-notifications] 20200705 [jira] [Commented] (OFBIZ-11306) POC for CSRF Token (CVE-2019-0235) CVE-2019-0235
MLIST:[ofbiz-notifications] 20200706 [jira] [Commented] (OFBIZ-11306) POC for CSRF Token (CVE-2019-0235) CVE-2019-0235
MLIST:[ofbiz-notifications] 20200707 [jira] [Commented] (OFBIZ-11306) POC for CSRF Token (CVE-2019-0235) CVE-2019-0235
MLIST:[ofbiz-notifications] 20200708 [jira] [Commented] (OFBIZ-11306) POC for CSRF Token (CVE-2019-0235) CVE-2019-0235
MLIST:[ofbiz-notifications] 20200716 [jira] [Updated] (OFBIZ-11716) Apache OFBiz unsafe deserialization of XMLRPC arguments (CVE-2020-9496) CVE-2020-9496
MLIST:[ofbiz-notifications] 20200716 [jira] [Updated] (OFBIZ-11836) IDOR vulnerability in the order processing feature in ecommerce component (CVE-2020-13923) CVE-2020-13923
MLIST:[ofbiz-notifications] 20210301 [jira] [Updated] (OFBIZ-11848) Upgrade Tomcat from 9.0.34 to 9.0.36 (CVE-2020-11996) CVE-2020-11996
MLIST:[ofbiz-notifications] 20210321 [jira] [Closed] (OFBIZ-12205) Upgrade Apache PDFBox to 2.0.23 because of CVE-2021-27807 and CVE-2021-27906 CVE-2021-27807 CVE-2021-27906
MLIST:[ofbiz-notifications] 20210321 [jira] [Commented] (OFBIZ-12205) Upgrade Apache PDFBox to 2.0.23 because of CVE-2021-27807 and CVE-2021-27906 CVE-2021-27807 CVE-2021-27906
MLIST:[ofbiz-notifications] 20210321 [jira] [Created] (OFBIZ-12205) Upgrade Apache PDFBox to 2.0.23 because of CVE-2021-27807 and CVE-2021-27906 CVE-2021-27807 CVE-2021-27906
MLIST:[ofbiz-notifications] 20210321 [jira] [Updated] (OFBIZ-12205) Upgrade Apache PDFBox to 2.0.23 because of CVE-2021-27807 and CVE-2021-27906 CVE-2021-27807 CVE-2021-27906
MLIST:[ofbiz-notifications] 20210324 [jira] [Commented] (OFBIZ-12167) Adds a blacklist (to be renamed soon to denylist) in Java serialisation (CVE-2021-26295) CVE-2021-26295
MLIST:[ofbiz-notifications] 20210329 [jira] [Commented] (OFBIZ-12167) Adds a blacklist (to be renamed soon to denylist) in Java serialisation (CVE-2021-26295) CVE-2016-2170 CVE-2021-26295
MLIST:[ofbiz-notifications] 20210329 [jira] [Commented] (OFBIZ-6942) Comment out RMI related code because of the Java deserialization issue [CVE-2016-2170] CVE-2016-2170 CVE-2021-26295
MLIST:[ofbiz-notifications] 20210405 [jira] [Updated] (OFBIZ-12205) Upgrade Apache PDFBox to 2.0.23 because of CVE-2021-27807 and CVE-2021-27906 CVE-2021-27807 CVE-2021-27906
MLIST:[ofbiz-notifications] 20210427 [jira] [Updated] (OFBIZ-12212) Comment out the SOAP and HTTP engines - Fix [CVE-2021-30128] CVE-2016-2170 CVE-2021-26295 CVE-2021-30128
MLIST:[ofbiz-notifications] 20210427 [jira] [Updated] (OFBIZ-12216) Fixed UtilObject class [CVE-2021-29200] CVE-2021-29200
MLIST:[ofbiz-notifications] 20210427 [jira] [Updated] (OFBIZ-12221) Fixed ObjectInputStream denyList [CVE-2021-30128] CVE-2021-30128
MLIST:[ofbiz-notifications] 20210605 [jira] [Updated] (OFBIZ-12212) Comment out the SOAP and HTTP engines - Fix [CVE-2021-30128] CVE-2016-2170 CVE-2021-26295 CVE-2021-30128
MLIST:[ofbiz-notifications] 20210613 [jira] [Closed] (OFBIZ-12256) Update PDFBox to 2.0.24 because of CVE-2021-31811 & CVE-2021-31812 CVE-2021-31811 CVE-2021-31812
MLIST:[ofbiz-notifications] 20210613 [jira] [Commented] (OFBIZ-12256) Update PDFBox to 2.0.24 because of CVE-2021-31811 & CVE-2021-31812 CVE-2021-31811 CVE-2021-31812
MLIST:[ofbiz-notifications] 20210613 [jira] [Created] (OFBIZ-12256) Update PDFBox to 2.0.24 because of CVE-2021-31811 & CVE-2021-31812 CVE-2021-31811 CVE-2021-31812
MLIST:[ofbiz-notifications] 20210613 [jira] [Updated] (OFBIZ-12256) Update PDFBox to 2.0.24 because of CVE-2021-31811 & CVE-2021-31812 CVE-2021-31811 CVE-2021-31812
MLIST:[ofbiz-notifications] 20210729 [jira] [Updated] (OFBIZ-12212) Comment out the SOAP and HTTP engines - Fix [CVE-2021-30128] CVE-2016-2170 CVE-2021-26295 CVE-2021-30128
MLIST:[ofbiz-notifications] 20210827 [jira] [Created] (OFBIZ-12307) CVE-2021-37608 vulnerability bypass CVE-2021-37608
MLIST:[ofbiz-notifications] 20210827 [jira] [Updated] (OFBIZ-12307) CVE-2021-37608 vulnerability bypass CVE-2021-37608
MLIST:[ofbiz-notifications] 20210902 [jira] [Assigned] (OFBIZ-12307) CVE-2021-37608 vulnerability bypass CVE-2021-37608
MLIST:[ofbiz-notifications] 20210903 [jira] [Closed] (OFBIZ-12307) CVE-2021-37608 vulnerability bypass CVE-2021-37608
MLIST:[ofbiz-notifications] 20210903 [jira] [Commented] (OFBIZ-12307) CVE-2021-37608 vulnerability bypass CVE-2021-37608
MLIST:[ofbiz-notifications] 20210904 [jira] [Comment Edited] (OFBIZ-12307) CVE-2021-37608 vulnerability bypass CVE-2021-37608
MLIST:[ofbiz-notifications] 20210904 [jira] [Updated] (OFBIZ-12307) CVE-2021-37608 vulnerability bypass CVE-2021-37608
MLIST:[ofbiz-notifications] 20210914 [jira] [Updated] (OFBIZ-12316) The Solr version included in OFBiz has an SSRF vulnerability (CVE-2021-27905) CVE-2021-27905
MLIST:[ofbiz-notifications] 20210915 [jira] [Closed] (OFBIZ-12316) The Solr version included in OFBiz has an SSRF vulnerability (CVE-2021-27905) CVE-2021-27905
MLIST:[ofbiz-notifications] 20210915 [jira] [Commented] (OFBIZ-12316) The Solr version included in OFBiz has an SSRF vulnerability (CVE-2021-27905) CVE-2021-27905
MLIST:[ofbiz-notifications] 20210915 [jira] [Updated] (OFBIZ-12316) The Solr version included in OFBiz has an SSRF vulnerability (CVE-2021-27905) CVE-2021-27905
MLIST:[ofbiz-notifications] 20210917 [jira] [Commented] (OFBIZ-12307) CVE-2021-37608 vulnerability bypass CVE-2021-37608
MLIST:[ofbiz-notifications] 20211014 [jira] [Comment Edited] (OFBIZ-12307) CVE-2021-37608 vulnerability bypass CVE-2021-37608
MLIST:[ofbiz-notifications] 20211014 [jira] [Commented] (OFBIZ-12307) CVE-2021-37608 vulnerability bypass CVE-2021-37608
MLIST:[ofbiz-notifications] 20211015 [jira] [Commented] (OFBIZ-12307) CVE-2021-37608 vulnerability bypass CVE-2021-37608
MLIST:[ofbiz-user] 20120415 [CVE-2012-1622] Apache OFBiz information disclosure vulnerability CVE-2012-1622
MLIST:[ofbiz-user] 20191016 Re: Multi Tenancy Support CVE-2016-6800
MLIST:[ofbiz-user] 20200503 Re: [CVE-2019-12425] Apache OFBiz Host Header Injection CVE-2019-12425
MLIST:[ofbiz-user] 20200504 Re: [CVE-2019-12425] Apache OFBiz Host Header Injection CVE-2019-12425
MLIST:[ofbiz-user] 20201116 [CVE-2020-9496] Apache OFBiz unsafe deserialization of XMLRPC arguments CVE-2020-9496
MLIST:[ofbiz-user] 20201117 Re: [CVE-2020-9496] Apache OFBiz unsafe deserialization of XMLRPC arguments CVE-2020-9496
MLIST:[ofbiz-user] 20210427 [CVE-2021-29200] RCE vulnerability in latest Apache OFBiz due to Java serialisation using RMI CVE-2021-29200
MLIST:[ofbiz-user] 20210427 [CVE-2021-30128] Unsafe deserialization in OFBiz CVE-2021-30128
MLIST:[olingo-dev] 20191206 [jira] [Assigned] (OLINGO-1414) Dependency check fails on 4.7.0 : CVE-2019-16869 on Netty CVE-2019-16869
MLIST:[olingo-dev] 20191206 [jira] [Commented] (OLINGO-1414) Dependency check fails on 4.7.0 : CVE-2019-16869 on Netty CVE-2019-16869
MLIST:[olingo-dev] 20191206 [jira] [Created] (OLINGO-1414) Dependency check fails on 4.7.0 : CVE-2019-16869 on Netty CVE-2019-16869
MLIST:[olingo-dev] 20191206 [jira] [Resolved] (OLINGO-1414) Dependency check fails on 4.7.0 : CVE-2019-16869 on Netty CVE-2019-16869
MLIST:[olingo-dev] 20191206 [jira] [Updated] (OLINGO-1414) Dependency check fails on 4.7.0 : CVE-2019-16869 on Netty CVE-2019-16869
MLIST:[olingo-dev] 20191209 [jira] [Commented] (OLINGO-1414) Dependency check fails on 4.7.0 : CVE-2019-16869 on Netty CVE-2019-16869
MLIST:[olingo-dev] 20191227 [jira] [Commented] (OLINGO-1414) Dependency check fails on 4.7.0 : CVE-2019-16869 on Netty CVE-2019-16869
MLIST:[olingo-user] 20191204 [SECURITY] CVE-2019-17554: XML External Entity resolution attack CVE-2019-17554
MLIST:[olingo-user] 20191204 [SECURITY] CVE-2019-17555: DoS via Retry-After header vulnerability CVE-2019-17555
MLIST:[olingo-user] 20191204 [SECURITY] CVE-2019-17556: Deserialization vulnerability CVE-2019-17556
MLIST:[oneclickorgs-devspace] 20111117 Announce: One Click Orgs 1.2.3 CVE-2011-4552 CVE-2011-4553 CVE-2011-4554 CVE-2011-4555 CVE-2011-4677 CVE-2011-4678
MLIST:[onnv-notify] 20081011 6507173 Sockets should allocate minor numbers from higher order arena CVE-2009-0480
MLIST:[onnv-notify] 20081021 6300710 recursive mutex_enter in nfs4rename_persistent_fh() CVE-2009-0069
MLIST:[oozie-user] 20210309 CVE-2020-35451: Oozie local privilege escalation CVE-2020-35451
MLIST:[openbsd-cvs] 20070103 CVS: cvs.openbsd.org: www CVE-2007-0085
MLIST:[openbsd-cvs] 20070103 Re: CVS: cvs.openbsd.org: src CVE-2007-0085
MLIST:[openbsd-cvs] 20080708 CVS: cvs.openbsd.org: src CVE-2008-3196
MLIST:[openbsd-cvs] 20080708 Re: CVS: cvs.openbsd.org: src CVE-2008-3196
MLIST:[openbsd-cvs] 20170131 cvs.openbsd.org: src CVE-2017-5850
MLIST:[openbsd-misc] 20050304 Re: FreeBSD hiding security stuff CVE-2005-0109
MLIST:[openbsd-misc] 20070627 Intel Core 2 CVE-2006-7215
MLIST:[openbsd-ports] 20040717 UPDATE: cyrus-sasl-2.1.19 CVE-2005-0373
MLIST:[openbsd-security-announce] 20040513 procfs vulnerability CVE-2004-0482
MLIST:[openbsd-security-announce] 20080111 errata 005 for OpenBSD 4.2: local users can provoke a kernel panic CVE-2008-0384
MLIST:[openbsd-security-announce] 20091005 OpenBSD patch: XMM exceptions incorrectly handled in i386 kernel CVE-2009-3572
MLIST:[openldap-announce] 20060801 OpenLDAP 2.3.25 available CVE-2006-4600
MLIST:[openldap-bugs] 20070411 (ITS#4925) Modify operation with NOOP control on a BDB backend causes slapd to crash CVE-2007-6698
MLIST:[openldap-bugs] 20070411 Re: (ITS#4925) Modify operation with NOOP control on a BDB backend causes slapd to crash CVE-2007-6698
MLIST:[openmeetings-user] 20180418 [ANNOUNCE] CVE-2018-1325 - Wicket jQuery UI: XSS while displaying value in WYSIWYG editor CVE-2018-1325
MLIST:[openoffice-commits] 20191016 svn commit: r1051583 - in /websites/staging/ooo-site/trunk: cgi-bin/ content/ content/security/cves/CVE-2019-9853.html CVE-2019-9853
MLIST:[openoffice-commits] 20191016 svn commit: r1868517 - /openoffice/ooo-site/trunk/content/security/cves/CVE-2019-9853.html CVE-2019-9853
MLIST:[openoffice-commits] 20191016 svn commit: r1868522 - /openoffice/ooo-site/trunk/content/security/bulletin.html CVE-2018-11790 CVE-2019-9853
MLIST:[openoffice-commits] 20191124 svn commit: r1053264 - in /websites/staging/ooo-site/trunk: cgi-bin/ content/ content/security/cves/CVE-2019-9853.html CVE-2019-9853
MLIST:[openoffice-commits] 20191124 svn commit: r1053267 - in /websites/staging/ooo-site/trunk: cgi-bin/ content/ content/security/cves/CVE-2019-9853.html CVE-2019-9853
MLIST:[openoffice-commits] 20191124 svn commit: r1053270 - in /websites/staging/ooo-site/trunk: cgi-bin/ content/ content/security/cves/CVE-2019-9853.html content/security/cves/CVE-XXXX-YYYY.html CVE-2019-9853
MLIST:[openoffice-commits] 20191124 svn commit: r1053271 - in /websites/staging/ooo-site/trunk: cgi-bin/ content/ content/security/cves/CVE-2019-9853.html content/security/cves/CVE-XXXX-YYYY.html CVE-2019-9853
MLIST:[openoffice-commits] 20191124 svn commit: r1870322 - /openoffice/ooo-site/trunk/content/security/cves/CVE-2019-9853.html CVE-2019-9853
MLIST:[openoffice-commits] 20191124 svn commit: r1870324 - /openoffice/ooo-site/trunk/content/security/cves/CVE-2019-9853.html CVE-2019-9853
MLIST:[openoffice-commits] 20191124 svn commit: r1870336 - in /openoffice/ooo-site/trunk/content/security/cves: CVE-2019-9853.html CVE-XXXX-YYYY.html CVE-2019-9853
MLIST:[openoffice-commits] 20191124 svn commit: r1870337 - in /openoffice/ooo-site/trunk/content/security/cves: CVE-2019-9853.html CVE-XXXX-YYYY.html CVE-2019-9853
MLIST:[openoffice-commits] 20200305 svn commit: r1874832 - in /openoffice/ooo-site/trunk/content: download/checksums.html download/globalvars.js download/test/globalvars.js security/cves/CVE-2012-0037.html security/cves/CVE-2013-1571.html CVE-2013-1571
MLIST:[openoffice-dev] 20190928 CVE-2018-10583 CVE-2018-10583
MLIST:[openoffice-dev] 20190929 Re: CVE-2018-10583 CVE-2018-10583
MLIST:[openoffice-dev] 20190930 Re: CVE-2018-10583 CVE-2018-10583
MLIST:[openoffice-dev] 20210415 CVE-2021-30245: Code execution in Apache OpenOffice via non-http(s) schemes in Hyperlinks CVE-2021-30245
MLIST:[openoffice-dev] 20210415 Re: CVE-2021-30245: Code execution in Apache OpenOffice via non-http(s) schemes in Hyperlinks CVE-2021-30245
MLIST:[openoffice-users] 20210415 CVE-2021-30245: Code execution in Apache OpenOffice via non-http(s) schemes in Hyperlinks CVE-2021-30245
MLIST:[openoffice-users] 20210415 Re: CVE-2021-30245: Code execution in Apache OpenOffice via non-http(s) schemes in Hyperlinks CVE-2021-30245
MLIST:[openoffice-users] 20211007 CVE-2021-28129: DEB packaging for Apache OpenOffice 4.1.8 installed with a non-root userid and groupid CVE-2021-28129
MLIST:[openoffice-users] 20211007 CVE-2021-33035: Apache OpenOffice: Buffer overflow from a crafted DBF file CVE-2021-33035
MLIST:[openoffice-users] 20211007 CVE-2021-40439: Apache OpenOffice: Billion Laughs CVE-2021-40439
MLIST:[opensc-announce] 20080731 OpenSC Security Vulnerability and new Versions of OpenSC, OpenCT, LibP11, Pam_P11, Engine_PKCS11 CVE-2008-2235
MLIST:[opensc-announce] 20080827 opensc 0.11.6 with fixed security update CVE-2008-3972
MLIST:[opensc-announce] 20090226 OpenSC Security Advisory CVE-2009-0368
MLIST:[opensc-announce] 20090508 OpenSC 0.11.8 released with security update CVE-2009-1603
MLIST:[openssh-unix-dev] 20060927 Announce: OpenSSH 4.4 released CVE-2006-4924 CVE-2006-5051 CVE-2006-5052
MLIST:[openssl-cvs] 20100223 OpenSSL: OpenSSL_0_9_8-stable: openssl/ CHANGES openssl/crypto/b... CVE-2009-3245
MLIST:[openssl-cvs] 20100223 OpenSSL: OpenSSL_1_0_0-stable: openssl/crypto/bn/ bn_div.c bn_gf... CVE-2009-3245
MLIST:[openssl-cvs] 20100223 OpenSSL: openssl/crypto/bn/ bn_div.c bn_gf2m.c openssl/crypto/ec... CVE-2009-3245
MLIST:[openssl-dev] 20060829 Crash inside SMIME_read_PKCS7 if input is not MIME CVE-2006-7250
MLIST:[openssl-dev] 20110415 recycled pids causes PRNG to repeat CVE-2013-7373
MLIST:[openssl-dev] 20110416 Re: recycled pids causes PRNG to repeat CVE-2013-7373
MLIST:[openssl-dev] 20120210 [openssl.org #2711] Fix possible NULL dereference on bad MIME headers CVE-2006-7250
MLIST:[openssl-users] 20000529 64 bit problem in RSA_generate_key in 0.9.5a CVE-2000-1254
MLIST:[openstack-announce] 20130219 [OSSA 2013-004] Information leak and Denial of Service using XML entities (CVE-2013-1664, CVE-2013-1665) CVE-2013-1664 CVE-2013-1665
MLIST:[openstack-announce] 20141014 [OSSA 2014-035] Nova VMware driver may connect VNC to another tenant's console (CVE-2014-8750) CVE-2014-8750
MLIST:[openstack-announce] 20141021 [OSSA 2014-037] Nova VMware instance in resize state may leak (CVE-2014-8333) CVE-2014-8333
MLIST:[openstack-announce] 20141223 [OSSA-2014-041] Glance v2 API unrestricted path traversal CVE-2014-9493
MLIST:[openstack-announce] 20150120 [OSSA 2015-002.1] Glance v2 API unrestricted path traversal through filesystem:// scheme (CVE-2015-1195) ERRATA 1 CVE-2015-1195
MLIST:[openstack-announce] 20150223 [OSSA 2015-004] Glance import task leaks image in backend (CVE-2014-9684, CVE-2015-1881) CVE-2014-9684 CVE-2015-1881
MLIST:[openstack-announce] 20150505 [OSSA 2015-008] Potential Keystone cache backend password leak in log (CVE-2015-3646) CVE-2015-3646
MLIST:[openstack-announce] 20150609 [OSSA 2015-010] XSS in Horizon Heat stack creation (CVE-2015-3219) CVE-2015-3219
MLIST:[opensuse-bugs] 20150619 [Bug 935338] VUL-0: CVE-2015-0794: dracut: uses hardcoded /tmp/dracut_block_uuid.map filename - symlink attack CVE-2015-0794
MLIST:[opensuse-bugs] 20150619 [Bug 935338] dracut uses hardcoded /tmp/dracut_block_uuid.map filename - symlink attack CVE-2015-0794
MLIST:[opensuse-buildservice] 20140303 EXE package format CVE-2014-0593
MLIST:[opensuse-buildservice] 20180606 Open Build Service 2.9.3 released CVE-2018-7688 CVE-2018-7689
MLIST:[opensuse-security-announce] 20190213 [security-announce] openSUSE-SU-2019:0166-1: important: Security update for haproxy CVE-2018-20615
MLIST:[opensuse-security-announce] 20190218 [security-announce] openSUSE-SU-2019:0203-1: important: Security update for the Linux Kernel CVE-2018-20669
MLIST:[opensuse-updates] 20100810 openSUSE-SU-2010:0496-1 (important): strongswan: fixing snprintf overflows CVE-2010-2628
MLIST:[opensuse-updates] 20101022 openSUSE-SU-2010:0756-1 (moderate): festival security update CVE-2010-3996
MLIST:[opensuse-updates] 20110314 openSUSE-SU-2011:0171-1 (moderate): aaa_base security update CVE-2011-0461
MLIST:[opensuse-updates] 20110322 openSUSE-SU-2011:0207-1 (moderate): aaa_base security update CVE-2011-0468
MLIST:[opensuse-updates] 20110408 openSUSE-SU-2011:0313-1 (critical): moonlight security update CVE-2011-0989 CVE-2011-0990 CVE-2011-0991 CVE-2011-0992
MLIST:[opensuse-updates] 20110512 openSUSE-SU-2011:0483-1 (moderate): New pure-ftpd version fix STARTTLS issues (CVE-2011-1575). CVE-2011-1575
MLIST:[openswan-users] 20180824 Xelerance has released Openswan 2.6.50.1 CVE-2018-15836
MLIST:[openvas-commits] 20110203 r10151 - in trunk/gsa: . src src/html CVE-2011-0650
MLIST:[openvas-commits] 20110203 r10187 - trunk/gsa CVE-2011-0650
MLIST:[openvms-alerts] 20071003 VMS83A_LAN-V0200, ECO Kit Release CVE-2007-5241 CVE-2007-5242
MLIST:[openvms-alerts] 20071003 VMS83I_LAN-V0600, ECO Kit Release CVE-2007-5241 CVE-2007-5242
MLIST:[openwhisk-dev] 20180720 [CVE] CVE-2018-11756 PHP Runtime for Apache OpenWhisk CVE-2018-11756
MLIST:[openwhisk-dev] 20180720 [CVE] CVE-2018-11757 Docker Skeleton Runtime for Apache OpenWhisk CVE-2018-11757
MLIST:[or-announce] 20050811 Tor security advisory: DH handshake flaw CVE-2005-2643
MLIST:[or-announce] 20060829 Tor security advisory: clients will route traffic CVE-2006-4508
MLIST:[or-announce] 20070525 Tor 0.1.2.14 is released CVE-2007-3165
MLIST:[or-announce] 20070723 Tor 0.1.2.15 is released CVE-2007-4096 CVE-2007-4097 CVE-2007-4098 CVE-2007-4099
MLIST:[or-announce] 20070802 Tor 0.1.2.16 is released CVE-2007-4174
MLIST:[or-announce] 20070901 Tor security advisory: cross-protocol http form attack CVE-2007-4174
MLIST:[or-announce] 20090122 Tor 0.2.0.33 is released CVE-2009-0414
MLIST:[or-announce] 20090209 Tor 0.2.0.34 is released (security fixes) CVE-2009-0936 CVE-2009-0937 CVE-2009-0938 CVE-2009-0939
MLIST:[or-announce] 20090625 Tor 0.2.0.35 is released CVE-2009-2425 CVE-2009-2426
MLIST:[or-announce] 20100121 Tor 0.2.1.22 is released (security fix) CVE-2010-0383 CVE-2010-0385
MLIST:[or-announce] 20101220 Tor 0.2.1.28 is released (security patches) CVE-2010-1676
MLIST:[or-announce] 20110117 Tor 0.2.1.29 is released (security patches) CVE-2011-0427 CVE-2011-0490 CVE-2011-0491 CVE-2011-0492 CVE-2011-0493
MLIST:[or-talk] 20070225 "Low-Resource Routing Attacks Against Anonymous Systems" CVE-2007-1103
MLIST:[or-talk] 20070225 Re: "Low-Resource Routing Attacks Against Anonymous Systems" CVE-2007-1103
MLIST:[or-talk] 20070225 Re: ISP controlling entry/exti ("Low-Resource Routing Attacks Against Anonymous Systems") CVE-2007-1103
MLIST:[or-talk] 20071031 Insecure Privoxy Configuration in Vidalia Bundles Prior to 0.1.2.18 CVE-2007-6722 CVE-2007-6723 CVE-2007-6724
MLIST:[or-talk] 20071031 Re: Insecure Privoxy Configuration in Vidalia Bundles Prior to 0.1.2.18 CVE-2007-6723
MLIST:[or-talk] 20100120 Re: Tor Project infrastructure updates in response to security breach CVE-2010-0383
MLIST:[or-talk] 20100120 Tor 0.2.2.7-alpha is out CVE-2010-0383 CVE-2010-0384 CVE-2010-0385
MLIST:[or-talk] 20100120 Tor Project infrastructure updates in response to security breach CVE-2010-0383
MLIST:[oracle-l] 20061201 Re: Oracle 9i on Windows 2003 -- Vulnerability Question CVE-2007-2110
MLIST:[oss-sec] 20140320 CVE request -- kernel: net: potential information leak when ubuf backed skbs are skb_zerocopy()ied CVE-2014-2568
MLIST:[oss-sec] 20150707 [ANNOUNCE] Apache Directory LDAP API 1.0.0-M31 released CVE-2015-3250
MLIST:[oss-sec] 20151116 CVE-2015-8107 - a2ps(gnu) v4.14 format string vulnerability CVE-2015-8107
MLIST:[oss-sec] 20170611 Berkeley DB reads DB_CONFIG from cwd CVE-2017-10140
MLIST:[oss-secuirty] 20130325 Re: CVE request: ibutils improper use of files in /tmp CVE-2013-2561
MLIST:[oss-secuirty] 20130326 Re: CVE request: ibutils improper use of files in /tmp CVE-2013-2561
MLIST:[oss-secuirty] 20131210 CVE-2012-6303 WaveSurfer and Snack Sound Toolkit buffer overflows CVE-2012-6303
MLIST:[oss-securit] 20131211 CVE request: devscripts (uscan) command execution flaw CVE-2013-7050
MLIST:[oss-securit] 20131211 Re: CVE request: devscripts (uscan) command execution flaw CVE-2013-7050
MLIST:[oss-security 20080701 Re: [oss-security] openldap DoS CVE-2008-2952
MLIST:[oss-security] CVE-2020-7040: storeBackup: denial of service and symlink attack vector via fixed lockfile path /tmp/storeBackup.lock CVE-2020-7040
MLIST:[oss-security] 20080311 CVE request: insecure X11 handling in ltsp CVE-2008-1293
MLIST:[oss-security] 20080312 Re: CVE request: insecure X11 handling in ltsp CVE-2008-1293
MLIST:[oss-security] 20080406 Re: Security fixes in m4-1.4.11 CVE-2008-1687 CVE-2008-1688
MLIST:[oss-security] 20080406 Security fixes in m4-1.4.11 CVE-2008-1687 CVE-2008-1688
MLIST:[oss-security] 20080407 Re: Security fixes in m4-1.4.11 CVE-2008-1687
MLIST:[oss-security] 20080411 CVE request: openfire <3.5.0 Denial of Service CVE-2008-1728
MLIST:[oss-security] 20080422 CVE Request: inspircd CVE-2008-1925
MLIST:[oss-security] 20080425 CVE request: licq denial of service CVE-2008-1996
MLIST:[oss-security] 20080502 CVE Request (PHP) CVE-2007-4850 CVE-2008-0599 CVE-2008-0674 CVE-2008-2051
MLIST:[oss-security] 20080514 Re: CVE id request: uudeview CVE-2008-2266
MLIST:[oss-security] 20080520 Re: CVE ID request: GNUTLS CVE-2008-1948 CVE-2008-1949 CVE-2008-1950
MLIST:[oss-security] 20080521 Re: CVE request: mtr CVE-2008-2357
MLIST:[oss-security] 20080530 Re: CVE id request: uudeview CVE-2008-2266
MLIST:[oss-security] 20080531 Re: CVE id request: ikiwiki CVE-2008-0169
MLIST:[oss-security] 20080604 CVE id request: slash CVE-2008-2231
MLIST:[oss-security] 20080604 Re: CVE id request: slash CVE-2008-2231
MLIST:[oss-security] 20080609 [oCERT-2008-006] multiple SNMP implementations HMAC authentication spoofing CVE-2008-0960
MLIST:[oss-security] 20080610 Re: exploitability of off-by-one in motion webserver CVE-2008-2654
MLIST:[oss-security] 20080610 exploitability of off-by-one in motion webserver CVE-2008-2654
MLIST:[oss-security] 20080611 CVE id request: nasm off-by-one CVE-2008-2719
MLIST:[oss-security] 20080611 Re: CVE id request: nasm off-by-one CVE-2008-2719
MLIST:[oss-security] 20080611 Re: exploitability of off-by-one in motion webserver CVE-2008-2654
MLIST:[oss-security] 20080613 CVE Id Request: fetchmail <= 6.3.8 DoS when logging long headers in -v -v mode CVE-2008-2711
MLIST:[oss-security] 20080615 CVE id request: Clamav CVE-2008-2713
MLIST:[oss-security] 20080616 CVE Id request: vim CVE-2008-2712
MLIST:[oss-security] 20080617 Re: CVE id request: Clamav CVE-2008-2713
MLIST:[oss-security] 20080619 CVE request: php 5.2.6 ext/imap buffer overflows CVE-2008-2829
MLIST:[oss-security] 20080619 Re: query on a pppol2tp_recvmsg() fix - security relevant? CVE-2008-2750
MLIST:[oss-security] 20080624 Re: CVE request: php 5.2.6 ext/imap buffer overflows CVE-2008-2829
MLIST:[oss-security] 20080627 CVE Request (pidgin) CVE-2008-2956
MLIST:[oss-security] 20080630 CVE id request mercurial:Insufficient input validation CVE-2008-2942
MLIST:[oss-security] 20080630 CVE request for dnsmasq DoS CVE-2008-3214
MLIST:[oss-security] 20080701 Re: CVE id request mercurial:Insufficient input validation CVE-2008-2942
MLIST:[oss-security] 20080701 Re: CVE request for dnsmasq DoS CVE-2008-3214
MLIST:[oss-security] 20080702 Re: CVE request for dnsmasq DoS CVE-2008-3214
MLIST:[oss-security] 20080703 2.6.25.10 security fixes, please assign CVE id CVE-2008-3077
MLIST:[oss-security] 20080703 Re: CVE request for dnsmasq DoS CVE-2008-3214
MLIST:[oss-security] 20080707 Re: More arbitrary code executions in Netrw version 125, Vim 7.2a.10 CVE-2008-3074 CVE-2008-3075 CVE-2008-3076
MLIST:[oss-security] 20080708 Re: CVE id request: Clamav CVE-2008-3215
MLIST:[oss-security] 20080708 Re: CVE request for dnsmasq DoS CVE-2008-3214
MLIST:[oss-security] 20080708 Re: CVE request: moodle xss in < 1.8.5 CVE-2008-1502
MLIST:[oss-security] 20080708 Re: More arbitrary code executions in Netrw version 125, Vim 7.2a.10 CVE-2008-3074 CVE-2008-3075 CVE-2008-3076
MLIST:[oss-security] 20080709 CVE id request: projectl CVE-2008-3216
MLIST:[oss-security] 20080709 CVE request: PowerDNS recursor source port randomization CVE-2008-3217
MLIST:[oss-security] 20080710 CVE id request: libavformat CVE-2008-3162
MLIST:[oss-security] 20080710 CVE request: multiple drupal issues in < 6.3,5.8 CVE-2008-3218 CVE-2008-3219 CVE-2008-3220 CVE-2008-3221 CVE-2008-3222 CVE-2008-3223
MLIST:[oss-security] 20080710 Re: DNS vulnerability: other relevant software CVE-2008-3217
MLIST:[oss-security] 20080710 Re: Re: More arbitrary code executions in Netrw version 125, Vim 7.2a.10 CVE-2008-3074 CVE-2008-3075
MLIST:[oss-security] 20080712 CVE id request: op CVE-2008-3229
MLIST:[oss-security] 20080712 CVE request: phpbb < 3.0.2 CVE-2008-3224
MLIST:[oss-security] 20080712 CVE requests: joomla <1.5.4 CVE-2008-3225 CVE-2008-3226 CVE-2008-3227 CVE-2008-3228
MLIST:[oss-security] 20080712 Re: CVE request for dnsmasq DoS CVE-2008-3214
MLIST:[oss-security] 20080713 CVE requests: crashers by zzuf CVE-2008-3230 CVE-2008-3231
MLIST:[oss-security] 20080713 Re: Re: More arbitrary code executions in Netrw version 125, Vim 7.2a.10 CVE-2008-3074 CVE-2008-3075
MLIST:[oss-security] 20080713 Re: openldap DoS CVE-2008-2952
MLIST:[oss-security] 20080714 CVE request: dotclear < 1.2.8 CVE-2008-3232
MLIST:[oss-security] 20080715 CVE request: Wordpress XSS CVE-2008-3233
MLIST:[oss-security] 20080715 CVE request: phpmyadmin < 2.11.7.1 CVE-2008-3197
MLIST:[oss-security] 20080715 Re: CVE id request: Clamav CVE-2008-3215
MLIST:[oss-security] 20080715 Re: Re: More arbitrary code executions in Netrw CVE-2008-3074 CVE-2008-3075
MLIST:[oss-security] 20080716 Re: CVE id request: libavformat CVE-2008-3162
MLIST:[oss-security] 20080716 Re: CVE request: PowerDNS recursor source port randomization CVE-2008-3217
MLIST:[oss-security] 20080716 Re: CVE request: Wordpress XSS CVE-2008-3233
MLIST:[oss-security] 20080716 Re: CVE request: phpmyadmin < 2.11.7.1 CVE-2008-2960
MLIST:[oss-security] 20080731 Re: Re: More arbitrary code executions in Netrw version 125, Vim 7.2a.10 CVE-2008-3074 CVE-2008-3075
MLIST:[oss-security] 20080801 Re: CVE request: phpwebgallery < 1.7.2 CVE-2008-3451
MLIST:[oss-security] 20080804 CVE id request: openttd CVE-2008-3547
MLIST:[oss-security] 20080805 Re: CVE id request: openttd CVE-2008-3547
MLIST:[oss-security] 20080807 Re: CVE id request: openttd CVE-2008-3547
MLIST:[oss-security] 20080808 CVE request: php-5.2.6 overflow issues CVE-2008-3658 CVE-2008-3659 CVE-2008-3660
MLIST:[oss-security] 20080808 Re: CVE request: php-5.2.6 overflow issues CVE-2008-3659
MLIST:[oss-security] 20080813 Re: CVE request: php-5.2.6 overflow issues CVE-2008-3658 CVE-2008-3659 CVE-2008-3660
MLIST:[oss-security] 20080815 CVE request for neon CVE-2008-3746
MLIST:[oss-security] 20080819 Re: swfdec 0.6.8 stable update CVE-2008-3796
MLIST:[oss-security] 20080819 swfdec 0.6.8 stable update CVE-2008-3796
MLIST:[oss-security] 20080819 wordpress 2.6.1 CVE-2008-3747
MLIST:[oss-security] 20080820 FW: CVE-2008-1668 - ftpd 2.4 - unauthorized root access - patch details CVE-2008-1668
MLIST:[oss-security] 20080820 Re: CVE request for neon CVE-2008-3746
MLIST:[oss-security] 20080820 Re: wordpress 2.6.1 CVE-2008-3747
MLIST:[oss-security] 20080824 Re: CVE id request: vlc CVE-2008-3794
MLIST:[oss-security] 20080825 CVE Request (gpicview) CVE-2008-3791
MLIST:[oss-security] 20080825 CVE Request (ruby) CVE-2008-3790
MLIST:[oss-security] 20080825 CVE request: kernel: sctp: fix potential panics in the SCTP-AUTH API CVE-2008-3792
MLIST:[oss-security] 20080826 CVE Request (samba) CVE-2008-3789
MLIST:[oss-security] 20080826 Re: CVE Request (gpicview) CVE-2008-3791
MLIST:[oss-security] 20080826 Re: CVE Request (ruby) CVE-2008-3790
MLIST:[oss-security] 20080826 Re: CVE request: kernel: sctp: fix potential panics in the SCTP-AUTH API CVE-2008-3792
MLIST:[oss-security] 20080827 CVE request: mono Sys.Web header injection CVE-2008-3906
MLIST:[oss-security] 20080831 Re: CVE Request (gpicview) CVE-2008-3904
MLIST:[oss-security] 20080901 CVE id request: newsbeuter CVE-2008-3907
MLIST:[oss-security] 20080903 CVE Request (ruby -- DNS spoofing vulnerability in resolv.rb) CVE-2008-3905
MLIST:[oss-security] 20080903 Re: CVE Request (gpicview) CVE-2008-3904
MLIST:[oss-security] 20080903 django CSRF vuln CVE-2008-3909
MLIST:[oss-security] 20080903 request for CVE: clamav 0.94 release CVE-2008-3912 CVE-2008-3913 CVE-2008-3914
MLIST:[oss-security] 20080904 CVE id request: dns2tcp CVE-2008-3910
MLIST:[oss-security] 20080904 CVE request: kernel: dio: zero struct dio with kzalloc instead of manually CVE-2007-6716
MLIST:[oss-security] 20080904 CVE request: kernel: nfsd: fix buffer overrun decoding NFSv4 acl CVE-2008-3915
MLIST:[oss-security] 20080904 CVE request: kernel: sunrpc: fix possible overrun on read of /proc/sys/sunrpc/transports CVE-2008-3911
MLIST:[oss-security] 20080904 Re: CVE Request (ruby -- DNS spoofing vulnerability CVE-2008-3905
MLIST:[oss-security] 20080904 Re: CVE request: kernel: nfsd: fix buffer overrun decoding NFSv4 acl CVE-2008-3915
MLIST:[oss-security] 20080904 Re: request for CVE: clamav 0.94 release CVE-2008-3912 CVE-2008-3913 CVE-2008-3914
MLIST:[oss-security] 20080906 CVE id requests: gmanedit CVE-2008-3971
MLIST:[oss-security] 20080906 CVE request: pam_mount < 0.47 missing security checks CVE-2008-3970
MLIST:[oss-security] 20080908 Re: CVE request for bitlbee CVE-2008-3969
MLIST:[oss-security] 20080909 CVE request (libpng) CVE-2008-3964
MLIST:[oss-security] 20080909 CVE request: MySQL empty bit-string literal server crash CVE-2008-3963
MLIST:[oss-security] 20080909 CVE request: mybb < 1.4.1 CVE-2008-3965 CVE-2008-3966 CVE-2008-3967
MLIST:[oss-security] 20080909 Re: CVE id requests: gmanedit CVE-2008-3971
MLIST:[oss-security] 20080909 Re: CVE request (libpng) CVE-2008-3964
MLIST:[oss-security] 20080909 Re: CVE request for bitlbee CVE-2008-3969
MLIST:[oss-security] 20080909 Re: CVE request: MySQL empty bit-string literal server crash CVE-2008-3963
MLIST:[oss-security] 20080909 Re: CVE request: mybb < 1.4.1 CVE-2008-3965 CVE-2008-3966 CVE-2008-3967
MLIST:[oss-security] 20080909 Re: CVE request: pam_mount < 0.47 missing security checks CVE-2008-3970
MLIST:[oss-security] 20080909 Re: cve request: punbb < 1.2.20 xss CVE-2008-3968
MLIST:[oss-security] 20080909 Re: opensc 0.11.6 with fixed security update CVE-2008-3972
MLIST:[oss-security] 20080909 Re: ssmtp =2.62 unitialized memory disclosure CVE-2008-3962
MLIST:[oss-security] 20080909 cve request: punbb < 1.2.20 xss CVE-2008-3968
MLIST:[oss-security] 20080909 ssmtp =2.62 unitialized memory disclosure CVE-2008-3962
MLIST:[oss-security] 20080911 CVE request for Joomla multiple vuln. CVE-2008-4102 CVE-2008-4103 CVE-2008-4104 CVE-2008-4105
MLIST:[oss-security] 20080911 CVE request: joomla < 1.5.7 CVE-2008-4102 CVE-2008-4103 CVE-2008-4104 CVE-2008-4105
MLIST:[oss-security] 20080911 CVE request: wordpress < 2.6.2 CVE-2008-4106 CVE-2008-4107
MLIST:[oss-security] 20080911 Re: CVE Request (ruby -- DNS spoofing vulnerability in resolv.rb) CVE-2008-4126
MLIST:[oss-security] 20080911 Re: [oss-list] CVE request (vim) CVE-2008-4101
MLIST:[oss-security] 20080911 Re: ssmtp =2.62 unitialized memory disclosure CVE-2008-3962
MLIST:[oss-security] 20080911 [oss-list] CVE request (vim) CVE-2008-4101
MLIST:[oss-security] 20080913 CVE request: Ruby on Rails <2.1.1 :limit and :offset SQL injection CVE-2008-4094
MLIST:[oss-security] 20080915 CVE Request (python) CVE-2008-4108
MLIST:[oss-security] 20080915 Re: CVE Request (ruby -- DNS spoofing vulnerability in resolv.rb) CVE-2008-4126
MLIST:[oss-security] 20080915 Re: CVE request: Ruby on Rails <2.1.1 :limit and :offset SQL injection CVE-2008-4094
MLIST:[oss-security] 20080915 Re: [oss-list] CVE request (vim) CVE-2008-4101
MLIST:[oss-security] 20080915 Re: phpMyAdmin code execution (CVE request) CVE-2008-4096
MLIST:[oss-security] 20080915 phpMyAdmin code execution (CVE request) CVE-2008-4096
MLIST:[oss-security] 20080916 CVE request: kernel: splice: fix bad unlock_page() in error case CVE-2008-4302
MLIST:[oss-security] 20080916 Re: CVE Request (python) CVE-2008-4108
MLIST:[oss-security] 20080916 Re: CVE request: joomla < 1.5.7 CVE-2008-4102 CVE-2008-4103 CVE-2008-4104 CVE-2008-4105
MLIST:[oss-security] 20080916 Re: CVE request: wordpress < 2.6.2 CVE-2008-4106 CVE-2008-4107
MLIST:[oss-security] 20080918 CVE Request (mercurial) CVE-2008-4297
MLIST:[oss-security] 20080918 CVE Request (openswan, emacspeak, cman) CVE-2008-4192
MLIST:[oss-security] 20080919 CVE request: Opera < 9.52 multiple vulnerabilities CVE-2008-4195 CVE-2008-4196 CVE-2008-4197 CVE-2008-4198 CVE-2008-4199 CVE-2008-4200 CVE-2008-4292
MLIST:[oss-security] 20080919 viewvc security flaw? CVE-2008-4325
MLIST:[oss-security] 20080920 Re: viewvc security flaw? CVE-2008-4325
MLIST:[oss-security] 20080923 CVE req: phpmyadmin < 2.11.9.2 xss CVE-2008-4326
MLIST:[oss-security] 20080923 Re: CVE Request (openswan, emacspeak, cman) CVE-2008-4192
MLIST:[oss-security] 20080923 Re: CVE request: Opera < 9.52 multiple vulnerabilities CVE-2008-4195 CVE-2008-4196 CVE-2008-4197 CVE-2008-4198 CVE-2008-4199 CVE-2008-4200 CVE-2008-4292
MLIST:[oss-security] 20080924 CVE request: kernel: open() call allows setgid bit when user is not in new file's group CVE-2008-4210
MLIST:[oss-security] 20080924 Re: CVE id request: fraud2 CVE-2008-4201
MLIST:[oss-security] 20080924 Re: CVE request: kernel: open() call allows setgid bit when user is not in new file's group CVE-2008-4210
MLIST:[oss-security] 20080925 CVE-2008-4113 update: kernel: sctp: fix random memory dereference with SCTP_HMAC_IDENT option CVE-2008-4445
MLIST:[oss-security] 20080926 CVE Request (lighttpd) CVE-2008-4298
MLIST:[oss-security] 20080926 Re: CVE-2008-4113 update: kernel: sctp: fix random memory dereference with SCTP_HMAC_IDENT option CVE-2008-3792 CVE-2008-4113 CVE-2008-4445
MLIST:[oss-security] 20080927 Re: CVE-2008-4113 update: kernel: sctp: fix random memory dereference with SCTP_HMAC_IDENT option CVE-2008-4445
MLIST:[oss-security] 20080929 Re: CVE-2008-4113 update: kernel: sctp: fix random memory dereference with SCTP_HMAC_IDENT option CVE-2008-4445
MLIST:[oss-security] 20080930 CVE Request (xen) CVE-2008-4405
MLIST:[oss-security] 20080930 Re: CVE request: lighttpd issues CVE-2008-4359 CVE-2008-4360
MLIST:[oss-security] 20080930 Re: Re: CVE request: lighttpd issues CVE-2008-4359 CVE-2008-4360
MLIST:[oss-security] 20081001 CVE id request: sabre CVE-2008-4406
MLIST:[oss-security] 20081002 CVE request: XSS in mediawiki 1.13.1 and 1.12.0 CVE-2008-4408
MLIST:[oss-security] 20081002 libxml2 "ampproblem" DoS CVE-2008-4409
MLIST:[oss-security] 20081003 CVE request: kernel: x86: Fix broken LDT access in VMI CVE-2008-4410
MLIST:[oss-security] 20081003 Re: regarding CVE-2008-4382 & CVE-2008-4381 CVE-2008-4381
MLIST:[oss-security] 20081003 regarding CVE-2008-4382 & CVE-2008-4381 CVE-2008-4381
MLIST:[oss-security] 20081004 Re: CVE Request (xen) CVE-2008-4405
MLIST:[oss-security] 20081006 CVE request - (vim : netrw plugin - ftp user credentials disclosure) CVE-2008-4677
MLIST:[oss-security] 20081006 CVE request: kernel: sctp: Fix kernel panic while process protocol violation parameter CVE-2008-4618
MLIST:[oss-security] 20081007 CVE request: crashers / potential security risks in mplayer CVE-2007-6718 CVE-2008-4610
MLIST:[oss-security] 20081008 CVE request: kernel: sctp: Fix oops when INIT-ACK indicates that peer doesn't support AUTH CVE-2008-4576
MLIST:[oss-security] 20081009 lynx lynxcgi handler flaw CVE-2008-4690
MLIST:[oss-security] 20081013 CVE id request: qemu CVE-2008-4553
MLIST:[oss-security] 20081013 CVE request: kernel: don't allow splice() to files opened with O_APPEND CVE-2008-4554
MLIST:[oss-security] 20081014 Re: CVE id request: qemu CVE-2008-4553
MLIST:[oss-security] 20081014 Re: CVE request: kernel: don't allow splice() to files opened with O_APPEND CVE-2008-4554
MLIST:[oss-security] 20081015 CVE request: jhead CVE-2008-4639 CVE-2008-4641
MLIST:[oss-security] 20081015 Re: CVE request: jhead CVE-2008-4575 CVE-2008-4639 CVE-2008-4641
MLIST:[oss-security] 20081015 Vim CVE issues cleanup (plugins tar.vim, zip.vim) - CVE-2008-3074 and CVE-2008-3075 CVE-2008-2712 CVE-2008-3074 CVE-2008-3075
MLIST:[oss-security] 20081016 CVE request - Vim netrw.plugin CVE-2008-3076 CVE-2008-4677 CVE-2008-6235
MLIST:[oss-security] 20081016 Re: CVE request: jhead CVE-2008-4639 CVE-2008-4640 CVE-2008-4641
MLIST:[oss-security] 20081019 CVE id request: vlc CVE-2008-4654 CVE-2008-4686
MLIST:[oss-security] 20081019 CVE request: mantisbt < 1.1.4: RCE CVE-2008-4687
MLIST:[oss-security] 20081020 CVE request (vim) CVE-2008-3074 CVE-2008-3075 CVE-2008-3076 CVE-2008-4677 CVE-2008-6235
MLIST:[oss-security] 20081020 Re: CVE request: mantisbt < 1.1.4: RCE CVE-2008-4688 CVE-2008-4689
MLIST:[oss-security] 20081021 CVE Request: Opera 9.60 with security fixes CVE-2008-4694 CVE-2008-4695
MLIST:[oss-security] 20081021 CVE req: drupal < 5.11/6.5 CVE-2008-4789 CVE-2008-4790 CVE-2008-4791 CVE-2008-4792 CVE-2008-4793
MLIST:[oss-security] 20081021 Re: CVE Request: Opera 9.60 with security fixes CVE-2008-4696 CVE-2008-4697 CVE-2008-4698 CVE-2008-4725
MLIST:[oss-security] 20081022 CVE Request (netpbm) CVE-2008-4799
MLIST:[oss-security] 20081022 Re: CVE Request: Opera 9.60 with security fixes CVE-2008-4694 CVE-2008-4695 CVE-2008-4696 CVE-2008-4697 CVE-2008-4698 CVE-2008-4725
MLIST:[oss-security] 20081022 Re: CVE id request: vlc CVE-2008-4686
MLIST:[oss-security] 20081023 CVE request for ecryptfs CVE-2008-5188
MLIST:[oss-security] 20081023 Re: CVE Request (netpbm) CVE-2008-4799
MLIST:[oss-security] 20081025 Regarding SA32329 (Smarty "_expand_quoted_text()" Security Bypass) CVE-2008-4810 CVE-2008-4811
MLIST:[oss-security] 20081027 CVE id request: blender CVE-2008-4863
MLIST:[oss-security] 20081027 CVE request -- Python imageop#3 CVE-2008-4864
MLIST:[oss-security] 20081027 Re: CVE request: lynx (old) .mailcap handling flaw CVE-2008-4865
MLIST:[oss-security] 20081027 XSS in HTML Tidy plugin used in WYSIWYG HTML editors CVE-2008-4761
MLIST:[oss-security] 20081028 CVE-2008-4619 / milw0rm6775 CVE-2008-4619
MLIST:[oss-security] 20081028 Re: CVE request: lynx (old) .mailcap handling flaw CVE-2008-4865
MLIST:[oss-security] 20081029 CVE Request (dovecot) CVE-2008-4870
MLIST:[oss-security] 20081029 CVE Request - Python imageop CVE-2008-4864
MLIST:[oss-security] 20081029 Fwd: [Full-disclosure] [PLSA 2008-36] Ffmpeg: Multiple vulnerabilities CVE-2008-4866 CVE-2008-4867 CVE-2008-4868 CVE-2008-4869
MLIST:[oss-security] 20081029 Re: CVE request for ecryptfs CVE-2008-5188
MLIST:[oss-security] 20081029 Re: CVE request: lynx (old) .mailcap handling flaw CVE-2008-4865
MLIST:[oss-security] 20081029 Re: CVE-2008-4619 / milw0rm6775 CVE-2008-4619
MLIST:[oss-security] 20081030 CVE requests: tempfile issues for aview, mgetty, openoffice, crossfire CVE-2003-0308 CVE-2008-3883 CVE-2008-3927 CVE-2008-3928 CVE-2008-3929 CVE-2008-3930 CVE-2008-3931 CVE-2008-4085 CVE-2008-4190 CVE-2008-4191 CVE-2008-4192 CVE-2008-4440 CVE-2008-4474 CVE-2008-4475 CVE-2008-4476 CVE-2008-4477 CVE-2008-4553 CVE-2008-4935 CVE-2008-4936 CVE-2008-4937 CVE-2008-4938 CVE-2008-4939 CVE-2008-4940 CVE-2008-4941 CVE-2008-4942 CVE-2008-4943 CVE-2008-4944 CVE-2008-4945 CVE-2008-4946 CVE-2008-4947 CVE-2008-4948 CVE-2008-4949 CVE-2008-4950 CVE-2008-4951 CVE-2008-4952 CVE-2008-4953 CVE-2008-4954 CVE-2008-4955 CVE-2008-4956 CVE-2008-4957 CVE-2008-4958 CVE-2008-4959 CVE-2008-4960 CVE-2008-4964 CVE-2008-4965 CVE-2008-4966 CVE-2008-4967 CVE-2008-4968 CVE-2008-4969 CVE-2008-4970 CVE-2008-4971 CVE-2008-4972 CVE-2008-4973 CVE-2008-4974 CVE-2008-4975 CVE-2008-4976 CVE-2008-4977 CVE-2008-4978 CVE-2008-4979 CVE-2008-4980 CVE-2008-4981 CVE-2008-4982 CVE-2008-4983 CVE-2008-4984 CVE-2008-4985 CVE-2008-4986 CVE-2008-4987 CVE-2008-4988 CVE-2008-4993 CVE-2008-4994 CVE-2008-4995 CVE-2008-4996 CVE-2008-4997 CVE-2008-4998 CVE-2008-5007 CVE-2008-5034
MLIST:[oss-security] 20081031 Re: CVE-2008-4619 / milw0rm6775 CVE-2008-4619
MLIST:[oss-security] 20081101 CVE request (Fwd: MyBB 1.4.2: Multiple Vulnerabilties) CVE-2008-4928 CVE-2008-4929 CVE-2008-4930
MLIST:[oss-security] 20081101 CVE-2008-4796: snoopy triage CVE-2008-4796
MLIST:[oss-security] 20081102 CVE id request: htop CVE-2008-5076
MLIST:[oss-security] 20081103 CVE Request (libsamplerate) CVE-2008-5008
MLIST:[oss-security] 20081103 CVE request - uw-imap CVE-2008-5005
MLIST:[oss-security] 20081103 CVE requests: kernel: hfsplus-related bugs CVE-2008-4933 CVE-2008-4934
MLIST:[oss-security] 20081103 Re: CVE request - uw-imap CVE-2008-5005 CVE-2008-5006
MLIST:[oss-security] 20081105 CVE Request - Python string expandtabs CVE-2008-2315 CVE-2008-5031
MLIST:[oss-security] 20081105 CVE id request: vlc CVE-2008-5032 CVE-2008-5036
MLIST:[oss-security] 20081105 CVE request: libcdaudio CVE-2008-5030
MLIST:[oss-security] 20081105 Re: CVE Request - Python string expandtabs CVE-2008-2315 CVE-2008-5031
MLIST:[oss-security] 20081105 VideoLAN security advisory 0810 CVE-2008-5032 CVE-2008-5036
MLIST:[oss-security] 20081106 CVE request: Nagios (two issues) CVE-2008-5027 CVE-2008-5028
MLIST:[oss-security] 20081106 CVE request: kernel: Unix sockets kernel panic CVE-2008-5029
MLIST:[oss-security] 20081107 Re: CVE request: libcdaudio CVE-2008-5030
MLIST:[oss-security] 20081110 GeSHi: Clarification about the recent security (non-)issues (SA32559) CVE-2008-5186
MLIST:[oss-security] 20081110 Re: CVE id request: vlc CVE-2008-5032 CVE-2008-5036
MLIST:[oss-security] 20081110 Re: CVE requests: kernel: hfsplus-related bugs CVE-2008-5025
MLIST:[oss-security] 20081111 CVE request: kernel: libertas: fix buffer overrun CVE-2008-5134
MLIST:[oss-security] 20081111 Re: CVE request: libcdaudio CVE-2008-5030
MLIST:[oss-security] 20081111 Re: CVE requests: kernel: hfsplus-related bugs CVE-2008-5025
MLIST:[oss-security] 20081112 CVE Request - Zope 2 - PythonScripts local DoS CVE-2008-5102
MLIST:[oss-security] 20081112 CVE Request -- OptiPNG CVE-2008-5101
MLIST:[oss-security] 20081113 CVE request: wordpress can be subject of delayed attacks via cookies CVE-2008-5113
MLIST:[oss-security] 20081114 Re: CVE id request: htop CVE-2008-5076
MLIST:[oss-security] 20081119 CVE request: CUPS DoS via RSS subscriptions CVE-2008-5183 CVE-2008-5184
MLIST:[oss-security] 20081119 Re: CVE request: CUPS DoS via RSS subscriptions CVE-2008-5183
MLIST:[oss-security] 20081120 CVE Request: imlib2 CVE-2008-5187
MLIST:[oss-security] 20081120 CVE id request: another geshi issue (was: [oss-security] GeSHi: Clarification about the recent security (non-)issues (SA32559)) CVE-2008-5185
MLIST:[oss-security] 20081120 CVE request: no-ip DUC buffer overflow CVE-2008-5297
MLIST:[oss-security] 20081120 Re: CVE request: CUPS DoS via RSS subscriptions CVE-2008-5183
MLIST:[oss-security] 20081124 CVE Request -- wireshark CVE-2008-5285
MLIST:[oss-security] 20081127 Re: CVE request: jhead CVE-2008-4640 CVE-2008-4641
MLIST:[oss-security] 20081128 CVE id request/update: mailscanner: many scripts allow local users to overwrite arbitrary files via symlink attacks CVE-2008-5312 CVE-2008-5313
MLIST:[oss-security] 20081128 CVE request: lcms (old issues) CVE-2008-5316 CVE-2008-5317
MLIST:[oss-security] 20081128 Re: [oss-security] CVE Request - cups, dovecot-managesieve, perl, wireshark CVE-2008-5302 CVE-2008-5303
MLIST:[oss-security] 20081201 (sort of urgent) CVE Request -- cups (repost) CVE-2008-5286
MLIST:[oss-security] 20081201 CVE request: clamav 0.94.2 CVE-2008-5314
MLIST:[oss-security] 20081203 CVE Request (zaptel) CVE-2008-5396
MLIST:[oss-security] 20081204 CVE for SE-2008-06 in PHP 5.2.7 (ZipArchive) CVE-2008-5658
MLIST:[oss-security] 20081206 CVE request: weak PRNG in GNU Classpath CVE-2008-5659
MLIST:[oss-security] 20081209 CVE request: Four issues in PunBB CVE-2008-5433 CVE-2008-5434 CVE-2008-5435
MLIST:[oss-security] 20081209 CVE request: kernel: MIPS: Fix potential DOS by untrusted user app CVE-2008-5701
MLIST:[oss-security] 20081209 CVE request: kernel: enforce a minimum SG_IO timeout CVE-2008-5700
MLIST:[oss-security] 20081209 CVE request: moodle (XSS) CVE-2008-5432
MLIST:[oss-security] 20081210 CVE request: kernel: watchdog: ib700wdt.c - buffer_underflow bug CVE-2008-5702
MLIST:[oss-security] 20081212 CVE Request - roundcubemail CVE-2008-5619
MLIST:[oss-security] 20081216 CVE id request: gpsdrive CVE-2008-5703 CVE-2008-5704
MLIST:[oss-security] 20081216 CVE id request: verlihub CVE-2008-5705 CVE-2008-5706
MLIST:[oss-security] 20081216 Re: CVE request: kernel: watchdog: ib700wdt.c - buffer_underflow bug CVE-2008-5702
MLIST:[oss-security] 20081217 Re: CVE request: kernel: watchdog: ib700wdt.c - buffer_underflow bug CVE-2008-5702
MLIST:[oss-security] 20081219 CVE Request - Incomplete dahdi/zaptel tor2.c patch for CVE-2008-5396 CVE-2008-5744
MLIST:[oss-security] 20081219 CVE Request -- Xen (Upstream patch for CVE-2008-4405 is incomplete) CVE-2008-5716
MLIST:[oss-security] 20081219 CVE request - pdfjam CVE-2008-5743
MLIST:[oss-security] 20081223 CVE request: kernel: soft lockup occurs when network load is very high CVE-2008-5713
MLIST:[oss-security] 20081228 Re: CVE request - pdfjam CVE-2008-5843
MLIST:[oss-security] 20081230 CVE id request: audiofile CVE-2008-5824
MLIST:[oss-security] 20090105 CVE request: kernel: sctp: memory overflow when FWD-TSN chunk is received with bad stream ID CVE-2009-0065
MLIST:[oss-security] 20090106 Fwd: Using xdg-open in /etc/mailcap causes hole in Firefox (Demonstration/Exploit included) CVE-2009-0068
MLIST:[oss-security] 20090108 CVE request: ktorrent CVE-2008-5905 CVE-2008-5906
MLIST:[oss-security] 20090109 libpng non issue CVE-2008-5907
MLIST:[oss-security] 20090112 CVE Request -- tsqllib, slurm-llnl, libnasl, libcrypt-openssl-dsa-perl, erlang, boinc-client, m2crypto CVE-2009-0124 CVE-2009-0125 CVE-2009-0126 CVE-2009-0127 CVE-2009-0128 CVE-2009-0129 CVE-2009-0130
MLIST:[oss-security] 20090112 CVE request: xrdp CVE-2008-5902 CVE-2008-5903 CVE-2008-5904
MLIST:[oss-security] 20090113 CVE Request -- libmikmod CVE-2007-6720 CVE-2009-0179
MLIST:[oss-security] 20090114 CVE Request -- amarok CVE-2009-0135 CVE-2009-0136
MLIST:[oss-security] 20090114 update on CVE-2008-5718 CVE-2008-5718
MLIST:[oss-security] 20090115 CVE request -- git CVE-2008-5916
MLIST:[oss-security] 20090118 CVE request: WebSVN CVE-2009-0240
MLIST:[oss-security] 20090120 Re: CVE request -- git CVE-2008-5916
MLIST:[oss-security] 20090121 CVE Request -- openoffice.org (CVE-2008-4841) CVE-2009-0259
MLIST:[oss-security] 20090121 mod-auth-mysql: SQL injection CVE-2008-2384
MLIST:[oss-security] 20090123 Re: CVE id request: typo3 SA-2009-001 CVE-2009-0258
MLIST:[oss-security] 20090126 CVE request -- Python < 2.6 PySys_SetArgv issues (epiphany, csound, dia, eog, gedit, xchat, vim, nautilus-python, Gnumeric) CVE-2008-5983 CVE-2008-5984 CVE-2008-5985 CVE-2008-5986 CVE-2008-5987 CVE-2009-0314 CVE-2009-0315 CVE-2009-0316 CVE-2009-0317 CVE-2009-0318
MLIST:[oss-security] 20090127 CVE Request: MoinMoin CVE-2009-0312
MLIST:[oss-security] 20090128 Re: CVE request -- Python < 2.6 PySys_SetArgv issues (epiphany, csound, dia, eog, gedit, xchat, vim, nautilus-python, Gnumeric) CVE-2008-5983
MLIST:[oss-security] 20090129 CVE Request (trickle) CVE-2009-0415
MLIST:[oss-security] 20090129 CVE Request -- (sort of urgent) gstreamer-plugins-good (repost) (more details about affected versions -- final version) CVE-2009-0386 CVE-2009-0387 CVE-2009-0397 CVE-2009-0398
MLIST:[oss-security] 20090130 CVE Request - php (PHP BZ#27421) CVE-2009-0754
MLIST:[oss-security] 20090130 Re: CVE request -- Python < 2.6 PySys_SetArgv issues (epiphany, csound, dia, eog, gedit, xchat, vim, nautilus-python, Gnumeric) CVE-2008-5983
MLIST:[oss-security] 20090203 CVE Request: sblim-sfcb genSslCert.sh temp race CVE-2009-0416
MLIST:[oss-security] 20090203 Re: CVE Request - php (PHP BZ#27421) CVE-2009-0754
MLIST:[oss-security] 20090204 CVS request - Moodle CVE-2009-0499 CVE-2009-0500 CVE-2009-0501 CVE-2009-0502
MLIST:[oss-security] 20090206 CVE Request - Wicd <= 1.5.8 CVE-2009-0489
MLIST:[oss-security] 20090206 CVE request: phpbb < 3.0.4 CVE-2008-6506 CVE-2008-6507
MLIST:[oss-security] 20090206 Re: CVE request: jhead CVE-2008-4639
MLIST:[oss-security] 20090207 CVE Request: pycrypto CVE-2009-0544
MLIST:[oss-security] 20090208 CVE-2008-6049 is bogus CVE-2008-6049
MLIST:[oss-security] 20090210 CVE Request -- evolution CVE-2009-0547
MLIST:[oss-security] 20090210 CVE request: typo3 xss (typo3-sa-2009-002) CVE-2009-0815 CVE-2009-0816
MLIST:[oss-security] 20090211 CVE request for proftpd CVE-2009-0542 CVE-2009-0543
MLIST:[oss-security] 20090211 Re: CVE request for proftpd CVE-2009-0542 CVE-2009-0543
MLIST:[oss-security] 20090212 CVE Request -- net-snmp (sensitive host information disclosure) CVE-2008-6123
MLIST:[oss-security] 20090212 CVE-2008-5621 is a duplicate (was: Re: CVE request: phpMyAdmin < 3.1.1.0 (SQL injection through XSRF on several pages )) CVE-2008-5621
MLIST:[oss-security] 20090212 Re: CVE Request -- net-snmp (sensitive host information disclosure) CVE-2008-6123
MLIST:[oss-security] 20090212 Re: CVE Request: pycrypto CVE-2009-0544
MLIST:[oss-security] 20090212 Re: http://www.securityfocus.com/bid/33672/info kernel CVE-2009-1046
MLIST:[oss-security] 20090212 Re: http://www.securityfocus.com/bid/33672/info kernel issue CVE-2009-1046
MLIST:[oss-security] 20090212 http://www.securityfocus.com/bid/33672/info kernel issue CVE-2009-1046
MLIST:[oss-security] 20090213 CVE Request: Poppler -Two Denial of Service Vulnerabilities CVE-2009-0755 CVE-2009-0756
MLIST:[oss-security] 20090219 CVE request for yaws CVE-2009-0751
MLIST:[oss-security] 20090219 Re: CVE Request: Poppler -Two Denial of Service Vulnerabilities CVE-2009-0755 CVE-2009-0756
MLIST:[oss-security] 20090220 CVE request: kernel: memory disclosure in SO_BSDCOMPAT gsopt CVE-2009-0676
MLIST:[oss-security] 20090220 CVE request: kernel: skfp_ioctl inverted logic flaw CVE-2009-0675
MLIST:[oss-security] 20090223 CVE request: mldonkey arbitrary file download vulnerability CVE-2009-0753
MLIST:[oss-security] 20090224 CVE request: optipng security release CVE-2009-0749
MLIST:[oss-security] 20090224 Re: CVE request: kernel: memory disclosure in SO_BSDCOMPAT gsopt CVE-2009-0676
MLIST:[oss-security] 20090225 CVE request: Psi <0.12.1 DoS CVE-2008-6393
MLIST:[oss-security] 20090225 Re: CVE Request - php (PHP BZ#27421) CVE-2009-0754
MLIST:[oss-security] 20090225 Re: CVE request: optipng security release CVE-2009-0749
MLIST:[oss-security] 20090226 OpenSC Security Advisory CVE-2009-0368
MLIST:[oss-security] 20090301 CVE id request: znc CVE-2009-0759
MLIST:[oss-security] 20090302 CVE Request: mpfr (Buffer Overflow) CVE-2009-0757
MLIST:[oss-security] 20090302 CVE id request: avahi CVE-2009-0758
MLIST:[oss-security] 20090302 CVE id request: dkim-milter CVE-2009-0770
MLIST:[oss-security] 20090302 CVE request: kernel: x86-64: seccomp: 32/64 syscall hole CVE-2009-0835
MLIST:[oss-security] 20090302 CVE request: kernel: x86-64: syscall-audit: 32/64 syscall hole CVE-2009-0834
MLIST:[oss-security] 20090302 Re: CVE request: kernel: memory disclosure in SO_BSDCOMPAT gsopt CVE-2009-0676
MLIST:[oss-security] 20090305 CVE Request -- pam CVE-2009-0887
MLIST:[oss-security] 20090306 CVE request: kernel: inotify local DoS CVE-2009-0935
MLIST:[oss-security] 20090306 CVE request: kernel: shm: fix shmctl(SHM_INFO) lockup with !CONFIG_SHMEM CVE-2009-0859
MLIST:[oss-security] 20090307 CVE Request: Opera <9.64: Execution of arbitrary code CVE-2009-0914
MLIST:[oss-security] 20090311 CVE request -- postgresql CVE-2009-0922
MLIST:[oss-security] 20090316 CVE request: XSS in MUC logs of ejabberd CVE-2009-0934
MLIST:[oss-security] 20090316 CVE-2009-0876 (VirtualBox) references CVE-2009-0876
MLIST:[oss-security] 20090317 CVE request -- firefox, vlc, WeeChat CVE-2009-1045
MLIST:[oss-security] 20090317 Re: CVE request -- firefox, vlc, WeeChat CVE-2009-0661
MLIST:[oss-security] 20090317 Re: CVE-2009-0876 (VirtualBox) references CVE-2009-0876
MLIST:[oss-security] 20090318 Re: CVE request: kernel: inotify local DoS CVE-2009-0935
MLIST:[oss-security] 20090319 Re: CVE request: kernel: inotify local DoS CVE-2009-0935
MLIST:[oss-security] 20090323 CVE request -- ucd-snmp / net-snmp, libnss-ldapd / nss_ldap CVE-2009-1073
MLIST:[oss-security] 20090323 CVE request: API key disclosure in piwik CVE-2009-1085
MLIST:[oss-security] 20090323 CVE request: kernel: nfsd did not drop CAP_MKNOD for non-root CVE-2009-1072
MLIST:[oss-security] 20090324 CVE id request: ldns CVE-2009-1086
MLIST:[oss-security] 20090324 Re: CVE request -- ucd-snmp / net-snmp, libnss-ldapd / nss_ldap CVE-2009-1073
MLIST:[oss-security] 20090325 CVE request -- zsh, XFree86-xfs/xorg-x11-xfs, screen CVE-2009-1214 CVE-2009-1215
MLIST:[oss-security] 20090330 [Fwd: Cross-Site Scripting in Banshee DAAP Extension] CVE-2009-1175
MLIST:[oss-security] 20090401 CVE id rquest: xfig insecure tmp files CVE-2009-1962
MLIST:[oss-security] 20090401 CVE request -- bibtex, pam_ssh CVE-2009-1284
MLIST:[oss-security] 20090401 CVE request -- ghostscript CVE-2007-6725 CVE-2008-6679
MLIST:[oss-security] 20090401 CVE request: PHP 5.2.9 CVE-2009-1271 CVE-2009-1272
MLIST:[oss-security] 20090401 CVE request: kernel: KVM: VMX: Dont allow uninhibited access to EFER on i386 CVE-2009-1242
MLIST:[oss-security] 20090401 CVE request: kernel: udp: Wrong locking code in udp seq_file infrastructure CVE-2009-1243
MLIST:[oss-security] 20090405 CVE request? buffer overflow in CIFS in 2.6.* CVE-2009-1439
MLIST:[oss-security] 20090406 CVE request: kernel: NFS: Fix an Oops in encode_lookup() CVE-2009-1336
MLIST:[oss-security] 20090407 CVE request: kernel: exit_notify: kill the wrong capable(CAP_KILL) check CVE-2009-1337
MLIST:[oss-security] 20090407 Re: CVE request: clamav clamd and clamscan DoS and bypass by malformated archive CVE-2008-6680 CVE-2009-1241 CVE-2009-1270
MLIST:[oss-security] 20090407 Re: CVE request? buffer overflow in CIFS in 2.6.* CVE-2009-1439
MLIST:[oss-security] 20090408 CVE request: apt CVE-2009-1300
MLIST:[oss-security] 20090408 CVE-2009-1265 kernel: af_rose/x25: Sanity check the maximum user frame size CVE-2009-1265
MLIST:[oss-security] 20090409 Re: CVE request: PHP 5.2.9 CVE-2009-1272
MLIST:[oss-security] 20090413 CVE request: silverstripe - two sql injections CVE-2008-6753
MLIST:[oss-security] 20090415 Re: Re: Some fun with tcp_wrappers CVE-2009-0786
MLIST:[oss-security] 20090415 Re: Some fun with tcp_wrappers CVE-2009-0786
MLIST:[oss-security] 20090415 Some fun with tcp_wrappers CVE-2009-0786
MLIST:[oss-security] 20090416 CVE request: kernel: 'kill sig -1' must only apply to caller's PID namespace CVE-2009-1338
MLIST:[oss-security] 20090417 Re: CVE request: kernel: 'kill sig -1' must only apply to caller's PID namespace CVE-2009-1338
MLIST:[oss-security] 20090417 Re: CVE request: kernel: NFS: Fix an Oops in encode_lookup() CVE-2009-1336
MLIST:[oss-security] 20090417 Re: CVE request: kernel: exit_notify: kill the wrong capable(CAP_KILL) check CVE-2009-1337
MLIST:[oss-security] 20090421 CVE Request -- libmodplug CVE-2009-1438
MLIST:[oss-security] 20090421 Re: CVE request: kernel: 'kill sig -1' must only apply to caller's PID namespace CVE-2009-1338
MLIST:[oss-security] 20090422 CVE id request: amule CVE-2009-1440
MLIST:[oss-security] 20090424 Re: Re: Some fun with tcp_wrappers CVE-2009-0786
MLIST:[oss-security] 20090428 Re: Re: Some fun with tcp_wrappers CVE-2009-0786
MLIST:[oss-security] 20090429 Re: CVE Request -- libmodplug CVE-2009-1513
MLIST:[oss-security] 20090429 Re: CVE request? buffer overflow in CIFS in 2.6.* CVE-2009-1633
MLIST:[oss-security] 20090429 ipsec-tools 0.7.2 CVE-2009-1574 CVE-2009-1632
MLIST:[oss-security] 20090501 CVE request (sort of): Quagga BGP crasher CVE-2009-1572
MLIST:[oss-security] 20090501 Re: CVE request (sort of): Quagga BGP crasher CVE-2009-1572
MLIST:[oss-security] 20090504 CVE request: kernel: ptrace_attach: fix the usage of ->cred_exec_mutex CVE-2009-1527
MLIST:[oss-security] 20090504 CVE-2009-1184 selinux: skipped node/port send checks in the compat_net=1 case CVE-2009-1184
MLIST:[oss-security] 20090504 Re: ipsec-tools 0.7.2 CVE-2009-1574
MLIST:[oss-security] 20090505 CVE id request: Debian/Ubuntu specific issue in xvfb-run (xorg) CVE-2009-1573
MLIST:[oss-security] 20090505 Re: CVE id request: Debian/Ubuntu specific issue in xvfb-run (xorg) CVE-2009-1573
MLIST:[oss-security] 20090506 CVE id request: coccinelle CVE-2009-1753
MLIST:[oss-security] 20090506 Re: Old cscope buffer overflow CVE-2009-0148
MLIST:[oss-security] 20090508 OpenSC 0.11.8 released with security update CVE-2009-1603
MLIST:[oss-security] 20090511 [oCERT-2009-004] AjaxTerm session id collision CVE-2009-1629
MLIST:[oss-security] 20090512 CVE Request (evolution) CVE-2009-1631
MLIST:[oss-security] 20090512 Re: ipsec-tools 0.7.2 CVE-2009-1632
MLIST:[oss-security] 20090513 CVE request: kernel: problem with NFS v4 client handling of MAY_EXEC in nfs_permission CVE-2009-1630
MLIST:[oss-security] 20090514 CVE Request: XEN local denial of service CVE-2009-1758
MLIST:[oss-security] 20090514 Re: Update - Re: CVE request? buffer overflow in CIFS in 2.6.* CVE-2009-1633
MLIST:[oss-security] 20090514 Update - Re: CVE request? buffer overflow in CIFS in 2.6.* CVE-2009-1633
MLIST:[oss-security] 20090515 Re: Re: Update - Re: CVE request? buffer overflow in CIFS in 2.6.* CVE-2009-1633
MLIST:[oss-security] 20090518 CVE id request: slim CVE-2009-1756
MLIST:[oss-security] 20090519 CVE id request: nsd CVE-2009-1755
MLIST:[oss-security] 20090520 CVE request: ctorrent CVE-2009-1759
MLIST:[oss-security] 20090521 CVE request: transmission <1.61 CSRF CVE-2009-1757
MLIST:[oss-security] 20090522 [oCERT-2009-006] Android improper package verification when using shared uids CVE-2009-1754
MLIST:[oss-security] 20090529 CVE Request (irssi) CVE-2009-1959
MLIST:[oss-security] 20090529 CVE request: kernel: splice local denial of service CVE-2009-1961
MLIST:[oss-security] 20090530 Re: CVE request: kernel: splice local denial of service CVE-2009-1961
MLIST:[oss-security] 20090602 Re: CVE request: kernel: splice local denial of service CVE-2009-1961
MLIST:[oss-security] 20090602 Re: Two OpenSSL DTLS remote DoS CVE-2009-1387
MLIST:[oss-security] 20090603 CVE request: "billion laughs" attack against Apache APR CVE-2009-1955
MLIST:[oss-security] 20090603 CVE request: kernel: sparc64: Fix crash with /proc/iomem CVE-2009-1914
MLIST:[oss-security] 20090603 Re: CVE request: kernel: splice local denial of service CVE-2009-1961
MLIST:[oss-security] 20090605 CVE Request (apr-util) CVE-2009-1956
MLIST:[oss-security] 20090608 Re: CVE Request -- ImageMagick -- Integer overflow in XMakeImage() CVE-2009-1882
MLIST:[oss-security] 20090612 Git daemon infinite loop CVE-2009-2108
MLIST:[oss-security] 20090621 libtiff buffer underflow in LZWDecodeCompat CVE-2009-2285
MLIST:[oss-security] 20090623 Re: libtiff buffer underflow in LZWDecodeCompat CVE-2009-2285
MLIST:[oss-security] 20090629 CVE Request -- libtiff [was: Re: libtiff buffer underflow in LZWDecodeCompat] CVE-2009-2285
MLIST:[oss-security] 20090629 CVE id request: compface CVE-2009-2286
MLIST:[oss-security] 20090629 Re: CVE id request: compface CVE-2009-2286
MLIST:[oss-security] 20090630 CVE Request: kernel: kvm: failure to validate cr3 after KVM_SET_SREGS CVE-2009-2287
MLIST:[oss-security] 20090701 Re: incorrect upstream fix for CVE-2009-0840 (mapserver) CVE-2009-2281
MLIST:[oss-security] 20090703 Re: CVE id request: compface CVE-2009-2286
MLIST:[oss-security] 20090716 [oCERT-2009-011] Android improper camera and audio permission verification CVE-2009-2348
MLIST:[oss-security] 20090720 squid DoS in external auth header parser CVE-2009-2855
MLIST:[oss-security] 20090721 CVE Request -- WordPress CVE-2009-2851
MLIST:[oss-security] 20090721 CVE Request -- znc CVE-2009-2658
MLIST:[oss-security] 20090722 Re: CVE request: Wireshark <1.2.1 Multiple DoS CVE-2009-2560
MLIST:[oss-security] 20090724 md raid null ptr dereference (when sysfs is writable) CVE-2009-2849
MLIST:[oss-security] 20090724 nilfs-utils privilege escalation CVE-2009-2657
MLIST:[oss-security] 20090725 Re: CVE Request -- HTMLDOC CVE-2009-3050
MLIST:[oss-security] 20090725 camlimages: Integer overflows in GIF and JPEG readers CVE-2009-2660
MLIST:[oss-security] 20090726 Re: CVE Request -- HTMLDOC CVE-2009-3050
MLIST:[oss-security] 20090726 Re: md raid null ptr dereference (when sysfs is writable) CVE-2009-2849
MLIST:[oss-security] 20090727 CVE id request: strongswan CVE-2009-2661
MLIST:[oss-security] 20090729 CVE Request (django) CVE-2009-2659
MLIST:[oss-security] 20090803 Re: squid DoS in external auth header parser CVE-2009-2855
MLIST:[oss-security] 20090804 CVE request - kernel: execve: must clear current->clear_child_tid CVE-2009-2848
MLIST:[oss-security] 20090804 CVE request - kernel: information leak in sigaltstack CVE-2009-2847
MLIST:[oss-security] 20090804 CVE request: Wordpress CVE-2009-2853 CVE-2009-2854
MLIST:[oss-security] 20090804 Re: squid DoS in external auth header parser CVE-2009-2855
MLIST:[oss-security] 20090805 Re: CVE request - kernel: execve: must clear current->clear_child_tid CVE-2009-2848
MLIST:[oss-security] 20090805 Re: CVE request - kernel: information leak in sigaltstack CVE-2009-2847
MLIST:[oss-security] 20090805 Re: CVE request: fetchmail <= 6.3.10 SSL certificate CVE-2009-2666
MLIST:[oss-security] 20090806 CVE request: kernel: clock_nanosleep() with CLOCK_MONOTONIC_RAW NULL pointer dereference CVE-2009-2767
MLIST:[oss-security] 20090809 CVE id request: groff (pdfroff) CVE-2009-5044 CVE-2009-5078
MLIST:[oss-security] 20090810 CVE request: kernel: parisc: isa-eeprom missing lower bound check CVE-2009-2846
MLIST:[oss-security] 20090810 Re: CVE id request: groff (pdfroff) CVE-2009-5044 CVE-2009-5078
MLIST:[oss-security] 20090811 CVE-2009-2691 kernel: /proc/$pid/maps visible during initial setuid ELF loading CVE-2009-2691
MLIST:[oss-security] 20090813 CVE request: kernel: flat: fix uninitialized ptr with shared libs CVE-2009-2768
MLIST:[oss-security] 20090814 CVE request: Common Data Format (CDF) library multiple heap-based buffer overflows CVE-2009-2850
MLIST:[oss-security] 20090814 CVE-2009-2692 kernel: uninit op in SOCKOPS_WRAP() leads to privesc CVE-2009-2692
MLIST:[oss-security] 20090814 GnuTLS CVE-2009-2730 Patches (Was Re: GnuTLS 2.8.2) CVE-2009-2730
MLIST:[oss-security] 20090814 Re: CVE id request: groff (pdfroff) CVE-2009-5044 CVE-2009-5079 CVE-2009-5080 CVE-2009-5081 CVE-2009-5082
MLIST:[oss-security] 20090815 mailfilter 0.8.2 fixes CVE-2007-1558 (APOP) CVE-2007-1558
MLIST:[oss-security] 20090817 CVE request: kernel: cfg80211: missing NULL pointer checks CVE-2009-2844
MLIST:[oss-security] 20090817 Re: CVE request: kernel: cfg80211: missing NULL pointer checks CVE-2009-2844
MLIST:[oss-security] 20090817 SELinux and mmap_min_addr behaviour (CVE-2009-2695) CVE-2009-2695
MLIST:[oss-security] 20090818 Re: CVE request: kernel: parisc: isa-eeprom missing lower bound check CVE-2009-2846
MLIST:[oss-security] 20090818 Re: CVE-2007-1558 update (was: mailfilter 0.8.2 fixes CVE-2007-1558 (APOP)) CVE-2007-1558
MLIST:[oss-security] 20090819 CVE Request pidgin CVE-2009-3025
MLIST:[oss-security] 20090821 expat bug 1990430 CVE-2009-3720
MLIST:[oss-security] 20090824 CVE id request: pidgin CVE-2009-3026
MLIST:[oss-security] 20090825 CVE-2009-2698 kernel: udp socket NULL ptr dereference CVE-2009-2698
MLIST:[oss-security] 20090826 CVE request: kernel: AF_LLC getsockname 5-Byte Stack Disclosure CVE-2009-3001
MLIST:[oss-security] 20090826 Re: CVE request - kernel: information leak in sigaltstack CVE-2009-2847
MLIST:[oss-security] 20090826 Re: Re: expat bug 1990430 CVE-2009-3720
MLIST:[oss-security] 20090826 Re: expat bug 1990430 CVE-2009-3720
MLIST:[oss-security] 20090827 Re: CVE request: kernel: AF_LLC getsockname 5-Byte Stack Disclosure CVE-2009-3002
MLIST:[oss-security] 20090827 Re: Re: expat bug 1990430 CVE-2009-3720
MLIST:[oss-security] 20090828 CVE request: perl-IO-Socket-SSL certificate hostname compare bug CVE-2009-3024
MLIST:[oss-security] 20090829 Re: CVE request: perl-IO-Socket-SSL certificate hostname compare bug CVE-2009-3024
MLIST:[oss-security] 20090831 CVE id request: silc-toolkit CVE-2008-7159 CVE-2008-7160 CVE-2009-3051 CVE-2009-3163
MLIST:[oss-security] 20090831 CVE request: kernel: tty: make sure to flush any pending work when halting the ldisc CVE-2009-3043
MLIST:[oss-security] 20090831 Re: Re: CVE request: perl-IO-Socket-SSL certificate hostname compare bug CVE-2009-3024
MLIST:[oss-security] 20090901 Re: CVE Request -- HTMLDOC CVE-2009-3050
MLIST:[oss-security] 20090903 CVE request: kernel: tc: uninitialised kernel memory leak CVE-2009-3228
MLIST:[oss-security] 20090903 More CVE-2009-2408 like issues CVE-2009-3490 CVE-2009-3765 CVE-2009-3766 CVE-2009-3767
MLIST:[oss-security] 20090903 Re: CVE id request: silc-toolkit CVE-2008-7159 CVE-2008-7160 CVE-2009-3051 CVE-2009-3163
MLIST:[oss-security] 20090903 Re: CVE request: kernel: tty: make sure to flush any pending work when halting the ldisc CVE-2009-3043
MLIST:[oss-security] 20090904 CVE request: kernel: NULL pointer dereference in sg_build_indirect() CVE-2009-3288
MLIST:[oss-security] 20090904 Re: CVE request: kernel: tty: make sure to flush any pending work when halting the ldisc CVE-2009-3043
MLIST:[oss-security] 20090905 Re: CVE request: kernel: tc: uninitialised kernel memory leak CVE-2005-4881 CVE-2009-3228
MLIST:[oss-security] 20090906 Re: CVE request: kernel: tc: uninitialised kernel memory leak CVE-2005-4881 CVE-2009-3228
MLIST:[oss-security] 20090906 Re: Re: expat bug 1990430 CVE-2009-2625 CVE-2009-3720
MLIST:[oss-security] 20090907 Re: CVE request: kernel: tc: uninitialised kernel memory leak CVE-2005-4881 CVE-2009-3228
MLIST:[oss-security] 20090908 CVE Request - glib symlink copying permission exposure CVE-2009-3289
MLIST:[oss-security] 20090908 CVE request - Debian/Ubuntu PAM auth module selection CVE-2009-3232
MLIST:[oss-security] 20090909 CVE Request -- FreeRADIUS 1.1.8 CVE-2009-3111
MLIST:[oss-security] 20090910 Re: OpenOffice.org CVE-2009-2139 CVE-2009-2139 CVE-2009-2140
MLIST:[oss-security] 20090911 Re: OpenOffice.org CVE-2009-2139 CVE-2009-2139 CVE-2009-2140
MLIST:[oss-security] 20090912 CVE request(?): Thin: Client IP spoofing CVE-2009-3287
MLIST:[oss-security] 20090914 Re: CVE for recent cyrus-imap issue CVE-2009-2632 CVE-2009-3235
MLIST:[oss-security] 20090916 CVE id request: changetrack CVE-2009-3233
MLIST:[oss-security] 20090916 CVE request: kernel: cfg80211: fix looping soft lockup in find_ie() CVE-2009-3280
MLIST:[oss-security] 20090916 CVE request: kernel: perf_counter: Fix buffer overflow in perf_copy_attr() CVE-2009-3234
MLIST:[oss-security] 20090916 Re: CVE request: kernel: tc: uninitialised kernel memory leak CVE-2005-4881 CVE-2009-3228
MLIST:[oss-security] 20090917 Re: CVE request: kernel: perf_counter: Fix buffer overflow in perf_copy_attr() CVE-2009-3234
MLIST:[oss-security] 20090917 Re: CVE request: kernel: tc: uninitialised kernel memory leak CVE-2005-4881 CVE-2009-3228
MLIST:[oss-security] 20090917 Re: Wireshark - wnpa-sec-2009-05.html && wnpa-sec-2009-06.html -- CVE confirmation and CVE Request CVE-2009-2562 CVE-2009-2563
MLIST:[oss-security] 20090917 Wireshark - wnpa-sec-2009-05.html && wnpa-sec-2009-06.html -- CVE confirmation and CVE Request CVE-2009-2562 CVE-2009-2563
MLIST:[oss-security] 20090918 CVE request: kernel: KVM: x86: Disallow hypercalls for guest callers in rings > 0 CVE-2009-3290
MLIST:[oss-security] 20090918 Insecure pid directory permissions for postfix on Debian / Ubuntu CVE-2009-2939
MLIST:[oss-security] 20090920 Re: CVE Request -- PHP 5 - 5.2.11 CVE-2009-3294
MLIST:[oss-security] 20090921 CVE request: kernel: issue with O_EXCL creates on NFSv4 CVE-2009-3286
MLIST:[oss-security] 20090921 Re: CVE request: kernel: KVM: x86: Disallow hypercalls for guest callers in rings > 0 CVE-2009-3290
MLIST:[oss-security] 20090922 Re: CVE request: kernel: KVM: x86: Disallow hypercalls for guest callers in rings > 0 CVE-2009-3290
MLIST:[oss-security] 20090922 Re: [oss-security] OpenOffice.org CVE-2009-2139 CVE-2009-2139 CVE-2009-2140
MLIST:[oss-security] 20090923 Re: More CVE-2009-2408 like issues CVE-2009-3490 CVE-2009-3765 CVE-2009-3767
MLIST:[oss-security] 20090925 CVE Request -- Xen -- PyGrub CVE-2009-3525
MLIST:[oss-security] 20091009 CVE request: Unbound CVE-2009-3602
MLIST:[oss-security] 20091009 Re: CVE request: Unbound CVE-2009-3602
MLIST:[oss-security] 20091013 Re: Duplicate CVE assignment notification [was: CVE id request: django] CVE-2009-3695
MLIST:[oss-security] 20091014 CVE Request -- phpMyAdmin CVE-2009-3696 CVE-2009-3697
MLIST:[oss-security] 20091015 Re: CVE Request -- phpMyAdmin CVE-2009-3696 CVE-2009-3697
MLIST:[oss-security] 20091016 QEMU VNC use-after-free CVE-2009-3616
MLIST:[oss-security] 20091016 Re: QEMU VNC use-after-free CVE-2009-3616
MLIST:[oss-security] 20091016 Re: viewvc: CVE request: XSS and illegal characters while printing name-value pairs CVE-2009-3618 CVE-2009-3619
MLIST:[oss-security] 20091022 Re: Re: Regarding expat bug 1990430 CVE-2009-3720
MLIST:[oss-security] 20091022 Re: Regarding expat bug 1990430 CVE-2009-2625 CVE-2009-3720
MLIST:[oss-security] 20091022 Regarding expat bug 1990430 CVE-2009-3720
MLIST:[oss-security] 20091023 Re: CVE Request -- expat [was: Re: Regarding expat bug 1990430] CVE-2009-2625 CVE-2009-3720
MLIST:[oss-security] 20091023 Re: CVE id request: typo3 CVE-2009-3628 CVE-2009-3629 CVE-2009-3630 CVE-2009-3631 CVE-2009-3632 CVE-2009-3633 CVE-2009-3634 CVE-2009-3635 CVE-2009-3636
MLIST:[oss-security] 20091026 Re: CVE Request -- expat [was: Re: Regarding expat bug 1990430] CVE-2009-2625 CVE-2009-3720
MLIST:[oss-security] 20091026 Re: CVE-2009-3239 is a duplicate of CVE-2009-2139 and CVE-2009-2140 CVE-2009-2139
MLIST:[oss-security] 20091026 Re: More CVE-2009-2408 like issues CVE-2009-3766
MLIST:[oss-security] 20091028 Re: CVE Request -- expat [was: Re: Regarding expat bug 1990430] CVE-2009-3720
MLIST:[oss-security] 20091107 Re: CVE Request - Asterisk (AST-2009-008.html) CVE-2008-7220
MLIST:[oss-security] 20091113 CVE request: kernel: bad permissions on megaraid_sas sysfs files CVE-2009-3939
MLIST:[oss-security] 20091115 CVE request: Wordpress 2.8.6 CVE-2009-3890 CVE-2009-3891
MLIST:[oss-security] 20091115 Re: CVE request: Wordpress 2.8.6 CVE-2009-3890 CVE-2009-3891
MLIST:[oss-security] 20091116 Re: CVE request: Wordpress 2.8.6 CVE-2009-3890 CVE-2009-3891
MLIST:[oss-security] 20091120 CVE request: php 5.3.1 update CVE-2009-3292 CVE-2009-3294 CVE-2009-3559
MLIST:[oss-security] 20091120 CVEs for nginx CVE-2009-3898
MLIST:[oss-security] 20091120 Re: CVE request: php 5.3.1 update CVE-2009-3292 CVE-2009-3294 CVE-2009-3559
MLIST:[oss-security] 20091123 CVE request: Argument injections in multiple PEAR packages CVE-2009-4025 CVE-2009-4111
MLIST:[oss-security] 20091123 Re: CVEs for nginx CVE-2009-3898
MLIST:[oss-security] 20091124 Re: mysql-5.1.41 CVE-2008-7247
MLIST:[oss-security] 20091126 Re: CVE Request - Cacti - 0.8.7e CVE-2009-4112
MLIST:[oss-security] 20091127 CVE request: ruby on rails XSS Weakness in strip_tags CVE-2009-4214
MLIST:[oss-security] 20091128 Re: CVE request: Argument injections in multiple PEAR packages CVE-2009-4111
MLIST:[oss-security] 20091130 Re: CVE Request - Cacti - 0.8.7e CVE-2009-4112
MLIST:[oss-security] 20091203 CVE Request -- xfig CVE-2009-4227
MLIST:[oss-security] 20091208 Re: CVE request: ruby on rails XSS Weakness in strip_tags CVE-2009-4214
MLIST:[oss-security] 20091209 Piwik <= 0.4.5 Cookie Unserialize() Vulnerability CVE-2009-4137
MLIST:[oss-security] 20091210 Re: Piwik <= 0.4.5 Cookie Unserialize() Vulnerability CVE-2009-4137
MLIST:[oss-security] 20091212 CVE request: polipo DoS via overly large "Content-Length" header CVE-2009-4413
MLIST:[oss-security] 20091214 CVE Request - Open Flash Chart v2 CVE-2009-4140
MLIST:[oss-security] 20091214 Re: CVE Request - Open Flash Chart v2 CVE-2009-4140
MLIST:[oss-security] 20091214 Re: Piwik <= 0.4.5 Cookie Unserialize() Vulnerability CVE-2009-4137
MLIST:[oss-security] 20091217 [oCERT-2009-019] Ganeti path sanitization errors CVE-2009-4261
MLIST:[oss-security] 20091220 CVE request: phpgroupware CVE-2009-4414 CVE-2009-4415 CVE-2009-4416
MLIST:[oss-security] 20091221 CVE request: Serendipity < 1.5 upload of files with *.php.* possible CVE-2009-4412
MLIST:[oss-security] 20091223 CVE request - kernel: fuse_ioctl_copy_user() dos CVE-2009-4410
MLIST:[oss-security] 20091223 CVE request: acl 2.2.47 always follows symlinks CVE-2009-4411
MLIST:[oss-security] 20091224 OpenTTD remote DoS CVE-2009-4007
MLIST:[oss-security] 20091228 CVE requests - kernel security regressions for CVE-2009-1385/and -1389 CVE-2009-4536 CVE-2009-4537 CVE-2009-4538
MLIST:[oss-security] 20091229 Re: CVE requests - kernel security regressions for CVE-2009-1385/and -1389 CVE-2009-4536 CVE-2009-4537 CVE-2009-4538
MLIST:[oss-security] 20091231 Re: CVE requests - kernel security regressions for CVE-2009-1385/and -1389 CVE-2009-4536 CVE-2009-4537 CVE-2009-4538
MLIST:[oss-security] 20100106 CVE Request: Transmission CVE-2010-0012
MLIST:[oss-security] 20100106 CVE request - uzbl remote code execution CVE-2010-0011
MLIST:[oss-security] 20100106 Re: CVE Request: Transmission CVE-2010-0012
MLIST:[oss-security] 20100106 Re: CVE request - uzbl remote code execution CVE-2010-0011
MLIST:[oss-security] 20100107 Re: CVE request - pidgin MSN arbitrary file upload CVE-2010-0277
MLIST:[oss-security] 20100111 CVE Request: viewvc CVE-2010-0004 CVE-2010-0005
MLIST:[oss-security] 20100113 Re: CVE Request: viewvc CVE-2010-0004 CVE-2010-0005
MLIST:[oss-security] 20100113 [PATCH] memory consumption (DoS) in openssl CVE-2009-4355 CVE-2009-4355
MLIST:[oss-security] 20100114 Re: CVE Request: viewvc CVE-2010-0004
MLIST:[oss-security] 20100121 CVE request: MoinMoin information disclosure CVE-2010-0667
MLIST:[oss-security] 20100129 Re: CVE id: hybserv CVE-2010-0303
MLIST:[oss-security] 20100205 Re: Samba symlink 0day flaw CVE-2010-0926
MLIST:[oss-security] 20100205 Samba symlink 0day flaw CVE-2010-0926
MLIST:[oss-security] 20100206 Re: Samba symlink 0day flaw CVE-2010-0926
MLIST:[oss-security] 20100209 CVE request - kernel: futex: Handle user space corruption gracefully CVE-2010-0622
MLIST:[oss-security] 20100211 Re: CVE request - kernel: futex: Handle user space corruption gracefully CVE-2010-0622 CVE-2010-0623
MLIST:[oss-security] 20100212 CVE Request: KDE screensaver unlock issue similar to GNOME one CVE-2010-0923
MLIST:[oss-security] 20100212 Re: CVE Request: KDE screensaver unlock issue similar to GNOME one CVE-2010-0923
MLIST:[oss-security] 20100212 Re: Re: CVE Request: KDE screensaver unlock issue similar to GNOME one CVE-2010-0923
MLIST:[oss-security] 20100215 CVE Request -- MoinMoin -- 1.8.7 CVE-2010-0667 CVE-2010-0668 CVE-2010-0669 CVE-2010-0717
MLIST:[oss-security] 20100215 Re: CVE Request -- MoinMoin -- 1.8.7 CVE-2010-0667 CVE-2010-0668 CVE-2010-0669
MLIST:[oss-security] 20100217 CVE request: kernel information leak via userspace USB interface CVE-2010-1083
MLIST:[oss-security] 20100217 Re: Re: CVE Request: KDE screensaver unlock issue similar to GNOME one CVE-2010-0923
MLIST:[oss-security] 20100217 additional memory leak in USB userspace handling CVE-2010-1083
MLIST:[oss-security] 20100218 Re: CVE request: kernel information leak via userspace USB interface CVE-2010-1083
MLIST:[oss-security] 20100219 Re: CVE request: kernel information leak via userspace USB interface CVE-2010-1083
MLIST:[oss-security] 20100219 Re: additional memory leak in USB userspace handling CVE-2010-1083
MLIST:[oss-security] 20100221 Re: CVE Request -- MoinMoin -- 1.8.7 CVE-2010-0667 CVE-2010-0668 CVE-2010-0669
MLIST:[oss-security] 20100222 CVE request: kernel: ALSA: hda-intel: Avoid divide by zero crash CVE-2010-1085
MLIST:[oss-security] 20100222 CVE-2005-4886 assigned to old remote oops CVE-2005-4886
MLIST:[oss-security] 20100224 CVE request: kernel: NFS DoS related to "automount" symlinks CVE-2010-1088
MLIST:[oss-security] 20100301 CVE request: kernel: dvb-core: ULE decapsulation DoS CVE-2010-1086
MLIST:[oss-security] 20100303 CVE Request: libesmtp does not check NULL bytes in commonName CVE-2010-1192 CVE-2010-1194
MLIST:[oss-security] 20100303 CVE request: kernel: NFS: Fix an Oops when truncating a file CVE-2010-1087
MLIST:[oss-security] 20100304 kernel: hvc_console: Fix race between hvc_close and hvc_remove CVE-2010-2653
MLIST:[oss-security] 20100305 Re: Samba symlink 0day flaw CVE-2010-0926
MLIST:[oss-security] 20100309 Re: CVE Request: libesmtp does not check NULL bytes in commonName CVE-2010-1192 CVE-2010-1194
MLIST:[oss-security] 20100310 CVE Request: ViewVC 1.1.4 / 1.0.10 -- XSS via user-provided query form input CVE-2010-0736
MLIST:[oss-security] 20100312 CVE Request -- Unbound v1.4.3 -- 64 bit platforms specific remote DoS CVE-2010-0969
MLIST:[oss-security] 20100312 CVE-2010-0397: NULL pointer dereference in PHP's xmlrpc extension CVE-2010-0397
MLIST:[oss-security] 20100316 Re: CVE Request -- Unbound v1.4.3 -- 64 bit platforms specific remote DoS CVE-2010-0969
MLIST:[oss-security] 20100316 Re: CVE Request: ViewVC 1.1.4 / 1.0.10 -- XSS via user-provided query form input CVE-2010-0736
MLIST:[oss-security] 20100323 CVE request: kernel: bluetooth: potential bad memory access with sysfs files CVE-2010-1084
MLIST:[oss-security] 20100329 CVE request: kernel: ipv6: skb is unexpectedly freed (remote DoS) CVE-2010-1188
MLIST:[oss-security] 20100330 CVE request: kernel: tipc: Fix oops on send prior to entering networked mode CVE-2010-1187
MLIST:[oss-security] 20100331 Re: CVE request: kernel: tipc: Fix oops on send prior to entering networked mode CVE-2010-1187
MLIST:[oss-security] 20100401 CVE Request: policykit (minor) CVE-2010-0750
MLIST:[oss-security] 20100401 Re: CVE Request: policykit (minor) CVE-2010-0750
MLIST:[oss-security] 20100402 RE: CVE Request -- Zabbix v1.8.2 and v.1.6.9 CVE-2009-4498
MLIST:[oss-security] 20100406 ClamAV small issues CVE-2010-0098
MLIST:[oss-security] 20100407 Re: ClamAV small issues CVE-2010-0098
MLIST:[oss-security] 20100408 CVE Request -- Abcm2ps v5.9.12 -- multiple unspecified vulnerabilities CVE-2010-3441
MLIST:[oss-security] 20100408 Re: CVE Request -- Abcm2ps v5.9.12 -- multiple unspecified vulnerabilities CVE-2010-3441
MLIST:[oss-security] 20100410 CVE request: typo3 remote command execution CVE-2010-1153
MLIST:[oss-security] 20100412 Re: CVE request: typo3 remote command execution CVE-2010-1153
MLIST:[oss-security] 20100414 Couple of kernel issues CVE-2010-1488
MLIST:[oss-security] 20100416 CVE Request: JIRA Issues CVE-2010-1164 CVE-2010-1165
MLIST:[oss-security] 20100416 Re: CVE Request: JIRA Issues CVE-2010-1164 CVE-2010-1165
MLIST:[oss-security] 20100417 Re: kernel: hvc_console: Fix race between hvc_close and hvc_remove CVE-2010-2653
MLIST:[oss-security] 20100419 Re: kernel: hvc_console: Fix race between hvc_close and hvc_remove CVE-2010-2653
MLIST:[oss-security] 20100427 Re: wafp insecure temporary directory CVE-2010-1438
MLIST:[oss-security] 20100427 wafp insecure temporary directory CVE-2010-1438
MLIST:[oss-security] 20100428 Re: CVE request: VLC <1.0.6 Multiple issues CVE-2010-1441 CVE-2010-1442 CVE-2010-1443 CVE-2010-1444 CVE-2010-1445
MLIST:[oss-security] 20100503 CVE request: lxr CVE-2010-1448
MLIST:[oss-security] 20100503 Re: CVE request: lxr CVE-2010-1448 CVE-2010-1625
MLIST:[oss-security] 20100505 CVE Request - Piwik 0.5.5 - XSS vulnerability CVE-2010-1453
MLIST:[oss-security] 20100505 Re: CVE Request - Piwik 0.5.5 - XSS vulnerability CVE-2010-1453
MLIST:[oss-security] 20100506 Re: CVE request: lxr CVE-2010-1448 CVE-2010-1625
MLIST:[oss-security] 20100513 KDENetwork vulnerabilities CVE-2010-1000 CVE-2010-1511
MLIST:[oss-security] 20100514 Re: CVE request: lxr CVE-2010-1448 CVE-2010-1625
MLIST:[oss-security] 20100517 CVE request: phorum < 5.2.15 backend XSS CVE-2010-1629
MLIST:[oss-security] 20100517 CVE request: phpbb 3.0.7 and before 3.0.5 CVE-2010-1627 CVE-2010-1630
MLIST:[oss-security] 20100517 Re: [oCERT-2010-001] multiple http client unexpected download filename vulnerability CVE-2010-2252
MLIST:[oss-security] 20100517 [oCERT-2010-001] multiple http client unexpected download filename vulnerability CVE-2010-2251 CVE-2010-2252 CVE-2010-2253
MLIST:[oss-security] 20100518 Re: CVE request: phorum < 5.2.15 backend XSS CVE-2010-1629
MLIST:[oss-security] 20100518 Re: CVE request: phpbb 3.0.7 and before 3.0.5 CVE-2010-1627 CVE-2010-1630
MLIST:[oss-security] 20100518 Re: [oCERT-2010-001] multiple http client unexpected download filename vulnerability CVE-2010-2252
MLIST:[oss-security] 20100519 Re: CVE request: phpbb 3.0.7 and before 3.0.5 CVE-2010-1630
MLIST:[oss-security] 20100519 Re: [oCERT-2010-001] multiple http client unexpected download filename vulnerability CVE-2010-2252
MLIST:[oss-security] 20100520 Re: [oCERT-2010-001] multiple http client unexpected download filename vulnerability CVE-2010-2251 CVE-2010-2252
MLIST:[oss-security] 20100521 Re: [oCERT-2010-001] multiple http client unexpected download filename vulnerability CVE-2010-2252
MLIST:[oss-security] 20100527 Re: CVE request - kernel: nfsd: fix vm overcommit crash CVE-2008-7256
MLIST:[oss-security] 20100601 SFCB vulnerabilities CVE-2010-1937
MLIST:[oss-security] 20100602 Re: CVE Request -- rpm -- Fails to remove the SUID/SGID bits on package upgrade (RH BZ#598775) CVE-2010-2198
MLIST:[oss-security] 20100602 prewikka permission bug CVE-2010-2058
MLIST:[oss-security] 20100603 Re: CVE Request -- rpm -- Fails to remove the SUID/SGID bits on package upgrade (RH BZ#598775) CVE-2010-2198
MLIST:[oss-security] 20100604 Re: CVE Request -- rpm -- Fails to remove the SUID/SGID bits on package upgrade (RH BZ#598775) CVE-2010-2198
MLIST:[oss-security] 20100604 Re: CVE requests for mplayer/vlc and abcm2ps CVE-2010-2062
MLIST:[oss-security] 20100608 Re: jar, fastjar directory traversal vulnerabilities CVE-2005-1080 CVE-2010-0831
MLIST:[oss-security] 20100608 jar, fastjar directory traversal vulnerabilities CVE-2005-1080 CVE-2010-0831 CVE-2010-2322
MLIST:[oss-security] 20100609 Re: [oCERT-2010-001] multiple http client unexpected download filename vulnerability CVE-2010-2251 CVE-2010-2252 CVE-2010-2253
MLIST:[oss-security] 20100610 CVE request for new wireshark vulnerabilities CVE-2010-2283 CVE-2010-2284 CVE-2010-2285 CVE-2010-2286 CVE-2010-2287
MLIST:[oss-security] 20100610 CVE requests: maradns, freeciv, rbot, gitolite, gource, shib, kvirc CVE-2010-2444 CVE-2010-2445
MLIST:[oss-security] 20100610 Re: [oCERT-2010-001] multiple http client unexpected download filename vulnerability CVE-2010-2251
MLIST:[oss-security] 20100613 CVE request - pyftpd default username and password vulnerability CVE-2010-2073
MLIST:[oss-security] 20100613 CVE request - pyftpd insecure usage of temporary directory CVE-2010-2072
MLIST:[oss-security] 20100614 Re: CVE request: UnrealIRCd 3.2.8.1 source code contained a backdoor allowing for remote command execution CVE-2009-4893 CVE-2010-2075
MLIST:[oss-security] 20100615 CVE Request - kernel: put_tty_queue NULL pointer deref CVE-2009-4895
MLIST:[oss-security] 20100615 Re: CVE Request - kernel: put_tty_queue NULL pointer deref CVE-2009-4895
MLIST:[oss-security] 20100623 CVE requests: LibTIFF CVE-2010-1411 CVE-2010-2595 CVE-2010-2596
MLIST:[oss-security] 20100624 Re: CVE requests: LibTIFF CVE-2010-2443
MLIST:[oss-security] 20100624 Re: CVE requests: maradns, freeciv, rbot, gitolite, gource, shib, kvirc CVE-2010-2447
MLIST:[oss-security] 20100624 Re: CVE requests: maradns, freeciv, rbot, gitolite, gource, shib, kvirc CVE-2010-2444 CVE-2010-2445
MLIST:[oss-security] 20100628 Re: CVE Request -- Drupal v6.16 / v5.22 SA-CORE-2010-001 CVE-2010-2250
MLIST:[oss-security] 20100628 Re: CVE Request -- Drupal v6.16 / v5.22 SA-CORE-2010-001 CVE-2010-2471 CVE-2010-2473
MLIST:[oss-security] 20100629 Re: CVE requests: LibTIFF CVE-2010-2443
MLIST:[oss-security] 20100630 Re: CVE id request: syscp CVE-2010-2476
MLIST:[oss-security] 20100630 Re: kernel: hvc_console: Fix race between hvc_close and hvc_remove CVE-2010-2653
MLIST:[oss-security] 20100701 CVE request: moin multiple XSS CVE-2010-2969 CVE-2010-2970
MLIST:[oss-security] 20100702 CVE Request [Microsoft Windows Ruby-v1.9.x] -- Buffer over-run leading to ACE CVE-2010-2489
MLIST:[oss-security] 20100702 Re: CVE Request [Microsoft Windows Ruby-v1.9.x] -- Buffer over-run leading to ACE CVE-2010-2489
MLIST:[oss-security] 20100702 Re: CVE request: moin multiple XSS CVE-2010-2969 CVE-2010-2970
MLIST:[oss-security] 20100706 CVE Request: kernel: hvc_console: Fix race between hvc_close and hvc_remove CVE-2010-2653
MLIST:[oss-security] 20100707 Re: kernel: hvc_console: Fix race between hvc_close and hvc_remove CVE-2010-2653
MLIST:[oss-security] 20100712 CVE request: NetSMB BSD kernel module (minor) CVE-2010-2530
MLIST:[oss-security] 20100715 CVE request: lxsession-logout CVE-2010-2532
MLIST:[oss-security] 20100715 Re: CVE request: lxsession-logout CVE-2010-2532
MLIST:[oss-security] 20100716 Re: CVE request: NetSMB BSD kernel module (minor) CVE-2010-2530
MLIST:[oss-security] 20100720 [oCERT-2010-002] Joomla input sanitization errors (XSS) CVE-2010-2535
MLIST:[oss-security] 20100721 Re: [oCERT-2010-002] Joomla input sanitization errors (XSS) CVE-2010-2535
MLIST:[oss-security] 20100726 CVE-2008-id Request -- ssmtp -- standardise() -- Buffer overflow CVE-2008-7258
MLIST:[oss-security] 20100726 Re: CVE-2008-id Request -- ssmtp -- standardise() -- Buffer overflow CVE-2008-7258
MLIST:[oss-security] 20100728 CVE Request -- KVIrc -- Remote CTCP commands execution via specially-crafted CTCP parameter CVE-2010-2785
MLIST:[oss-security] 20100728 CVE Request: Piwik < 0.6.4 Arbitrary file inclusion CVE-2010-2786
MLIST:[oss-security] 20100729 Re: CVE Request -- KVIrc -- Remote CTCP commands execution via specially-crafted CTCP parameter CVE-2010-2785
MLIST:[oss-security] 20100729 Re: CVE Request: Piwik < 0.6.4 Arbitrary file inclusion CVE-2010-2786
MLIST:[oss-security] 20100729 Re: CVE request: mediawiki CVE-2010-2789
MLIST:[oss-security] 20100801 CVE Request -- OpenConnect < v2.25 did not verify SSL server certificates CVE-2010-3901
MLIST:[oss-security] 20100802 CVE request: cmsmadesimple < 1.8.1 CVE-2010-2797
MLIST:[oss-security] 20100802 Re: CVE Request -- OpenConnect < v2.25 did not verify SSL server certificates CVE-2010-3901
MLIST:[oss-security] 20100802 Re: CVE request: cmsmadesimple < 1.8.1 CVE-2010-2797
MLIST:[oss-security] 20100802 Re: CVE-2008-id Request -- ssmtp -- standardise() -- Buffer overflow CVE-2008-7258
MLIST:[oss-security] 20100803 CVE 2009 request: twiki before 4.3.2 CSRF CVE-2009-4898
MLIST:[oss-security] 20100803 Re: CVE 2009 request: twiki before 4.3.2 CSRF CVE-2009-4898
MLIST:[oss-security] 20100816 CVE request - kernel: integer overflow in ext4_ext_get_blocks() CVE-2010-3015
MLIST:[oss-security] 20100816 Re: CVE request - kernel: integer overflow in ext4_ext_get_blocks() CVE-2010-3015
MLIST:[oss-security] 20100817 Re: CVE request - kernel: integer overflow in ext4_ext_get_blocks() CVE-2010-3015
MLIST:[oss-security] 20100818 CVE request: zope-ldapuser CVE-2010-2944
MLIST:[oss-security] 20100819 Re: CVE request: zope-ldapuser CVE-2010-2944
MLIST:[oss-security] 20100819 Re: CVE-2008-id Request -- ssmtp -- standardise() -- Buffer overflow CVE-2008-7258
MLIST:[oss-security] 20100820 kernel: can: add limit for nframes and clean up signed/unsigned variables CVE-2010-2959
MLIST:[oss-security] 20100825 CVE id request: libc fortify source information disclosure CVE-2010-3192
MLIST:[oss-security] 20100825 CVE request: VLC media player - DLL preloading vulnerability CVE-2010-3124
MLIST:[oss-security] 20100825 Re: CVE request: VLC media player - DLL preloading vulnerability CVE-2010-3124
MLIST:[oss-security] 20100829 CVE request: serendipity < 1.5.4 xss CVE-2010-2957
MLIST:[oss-security] 20100831 Re: CVE id request: libc fortify source information disclosure CVE-2010-3192
MLIST:[oss-security] 20100831 Re: CVE request: serendipity < 1.5.4 xss CVE-2010-2957
MLIST:[oss-security] 20100901 CVE Request -- phpMyAdmin - v3.6.6 -- XSS attack using debugging messages (CVE-2010-3056 discussion) CVE-2010-2958
MLIST:[oss-security] 20100901 Re: CVE Request -- phpMyAdmin - v3.6.6 -- XSS attack using debugging messages (CVE-2010-3056 discussion) CVE-2010-2958
MLIST:[oss-security] 20100902 CVE-2010-2960 kernel: keyctl_session_to_parent null ptr deref CVE-2010-2960
MLIST:[oss-security] 20100902 Re: CVE id request: libc fortify source information disclosure CVE-2010-3192
MLIST:[oss-security] 20100905 CVE request: smbind Sql Injection CVE-2010-3076
MLIST:[oss-security] 20100907 Re: CVE request: smbind Sql Injection CVE-2010-3076
MLIST:[oss-security] 20100909 CVE Request -- Python -- accept() implementation in async core is broken => more subcases CVE-2009-5010 CVE-2010-3492 CVE-2010-3493 CVE-2010-3494 CVE-2010-3495
MLIST:[oss-security] 20100909 CVE request: mednafen stack manipulation CVE-2010-3085
MLIST:[oss-security] 20100910 Re: CVE Request -- Python -- accept() implementation in async core is broken => more subcases CVE-2009-5010 CVE-2010-3492 CVE-2010-3493 CVE-2010-3494 CVE-2010-3495
MLIST:[oss-security] 20100910 Re: CVE request: mednafen stack manipulation CVE-2010-3085
MLIST:[oss-security] 20100911 CVE id requests: drupal CVE-2010-3091 CVE-2010-3092 CVE-2010-3093 CVE-2010-3094 CVE-2010-3685 CVE-2010-3686
MLIST:[oss-security] 20100913 CVE Request: pidgin-knotify remote command injection CVE-2010-3088
MLIST:[oss-security] 20100913 Re: CVE Request: pidgin-knotify remote command injection CVE-2010-3088
MLIST:[oss-security] 20100913 Re: CVE id requests: drupal CVE-2010-3091 CVE-2010-3092 CVE-2010-3093 CVE-2010-3094 CVE-2010-3685 CVE-2010-3686
MLIST:[oss-security] 20100913 Re: CVE request: mailscanner, multiple vulnerabilities CVE-2010-3095 CVE-2010-3292
MLIST:[oss-security] 20100914 CVE request: mantis before 1.2.3 (XSS) CVE-2010-2574 CVE-2010-3763
MLIST:[oss-security] 20100914 Re: CVE request: mantis before 1.2.3 (XSS) CVE-2010-2574 CVE-2010-3763
MLIST:[oss-security] 20100914 Re: CVE request: padding oracle attack: ruby on rails 2.3, owasp esapi CVE-2010-3299
MLIST:[oss-security] 20100916 CVE request: weborf: directory traversal CVE-2010-3306
MLIST:[oss-security] 20100917 Re: CVE request: epiphany not checking ssl certs CVE-2010-3900
MLIST:[oss-security] 20100917 Re: CVE request: pixelpost CVE-2010-3305
MLIST:[oss-security] 20100917 Re: CVE request: weborf: directory traversal CVE-2010-3306
MLIST:[oss-security] 20100917 Re: [oCERT-2010-003] Free Simple CMS path sanitization errors CVE-2010-3307
MLIST:[oss-security] 20100917 [oCERT-2010-003] Free Simple CMS path sanitization errors CVE-2010-3307
MLIST:[oss-security] 20100921 Re: CVE request: egroupware remote code and xss CVE-2010-3313 CVE-2010-3314
MLIST:[oss-security] 20100921 bzip2 CVE-2010-0405 integer overflow CVE-2010-0405
MLIST:[oss-security] 20100922 CVE request: clamav < 0.96.3 pdf bounds checking CVE-2010-3434
MLIST:[oss-security] 20100922 Re: CVE Request -- Python -- accept() implementation in async core is broken => more subcases CVE-2009-5010 CVE-2010-3492 CVE-2010-3493 CVE-2010-3494 CVE-2010-3495
MLIST:[oss-security] 20100924 Re: CVE Request -- Python -- accept() implementation in async core is broken => more subcases CVE-2009-5010 CVE-2010-3492 CVE-2010-3493 CVE-2010-3494 CVE-2010-3495
MLIST:[oss-security] 20100925 CVE request: multiple kernel stack memory disclosures CVE-2010-4074 CVE-2010-4075 CVE-2010-4076 CVE-2010-4077 CVE-2010-4078 CVE-2010-4079 CVE-2010-4080 CVE-2010-4081 CVE-2010-4082 CVE-2010-4083
MLIST:[oss-security] 20100927 Re: CVE request: clamav < 0.96.3 pdf bounds checking CVE-2010-3434
MLIST:[oss-security] 20100928 CVE requests: POE::Component::IRC, Alien Arena, Babiloo, Typo3, abcm2ps, ModSecurity, Linux kernel CVE-2010-3659
MLIST:[oss-security] 20100928 Re: CVE Request -- MySQL v5.1.49 -- multiple DoS flaws CVE-2010-3676 CVE-2010-3677 CVE-2010-3678 CVE-2010-3679 CVE-2010-3680 CVE-2010-3681 CVE-2010-3682 CVE-2010-3683
MLIST:[oss-security] 20100928 Re: CVE request: clamav < 0.96.3 pdf bounds checking CVE-2010-3434
MLIST:[oss-security] 20100928 Re: Minor security flaw with pam_xauth CVE-2010-4708
MLIST:[oss-security] 20100928 [oCERT-2010-004] FFmpeg/libavcodec arbitrary offset dereference CVE-2010-3429
MLIST:[oss-security] 20100929 CVE request: Horde Gollem <1.1.2 XSS in view.php CVE-2010-3447
MLIST:[oss-security] 20100930 Re: CVE request: Horde Gollem <1.1.2 XSS in view.php CVE-2010-3447 CVE-2010-3693
MLIST:[oss-security] 20101001 Re: CVE request: Horde Gollem <1.1.2 XSS in view.php CVE-2010-3693
MLIST:[oss-security] 20101004 Re: Minor security flaw with pam_xauth CVE-2010-4706 CVE-2010-4707
MLIST:[oss-security] 20101006 Re: CVE request: multiple kernel stack memory disclosures CVE-2010-4072 CVE-2010-4073 CVE-2010-4074 CVE-2010-4075 CVE-2010-4076 CVE-2010-4077 CVE-2010-4078 CVE-2010-4079 CVE-2010-4080 CVE-2010-4081 CVE-2010-4082 CVE-2010-4083
MLIST:[oss-security] 20101008 CVE request: mybb before 1.4.11 and before 1.4.12 CVE-2009-4448 CVE-2009-4449 CVE-2010-4624 CVE-2010-4625 CVE-2010-4626 CVE-2010-4627 CVE-2010-4628 CVE-2010-4629
MLIST:[oss-security] 20101008 CVE request: usebb before 1.0.11 unauthorized access to content CVE-2010-3713
MLIST:[oss-security] 20101011 CVE request: joomla before 1.5.21 XSS CVE-2010-3712
MLIST:[oss-security] 20101011 Re: CVE request: joomla before 1.5.21 XSS CVE-2010-3712
MLIST:[oss-security] 20101011 Re: CVE request: mybb before 1.4.11 and before 1.4.12 CVE-2009-4448 CVE-2009-4449 CVE-2010-4624 CVE-2010-4625 CVE-2010-4626 CVE-2010-4627 CVE-2010-4628 CVE-2010-4629
MLIST:[oss-security] 20101011 Re: CVE request: usebb before 1.0.11 unauthorized access to content CVE-2010-3713
MLIST:[oss-security] 20101013 Re: CVE request: Apache-AuthenHook perl module CVE-2010-3845
MLIST:[oss-security] 20101022 CVE-2010-1693: OFED openibd startup script uses predictable tmpfile CVE-2010-1693
MLIST:[oss-security] 20101025 Re: CVE request: multiple kernel stack memory disclosures CVE-2010-4072 CVE-2010-4073 CVE-2010-4074 CVE-2010-4075 CVE-2010-4076 CVE-2010-4077 CVE-2010-4078 CVE-2010-4079 CVE-2010-4080 CVE-2010-4081 CVE-2010-4082 CVE-2010-4083
MLIST:[oss-security] 20101103 CVE request: kernel: CAN information leak CVE-2010-4565
MLIST:[oss-security] 20101104 Re: CVE request: kernel: CAN information leak CVE-2010-4565
MLIST:[oss-security] 20101107 Re: CVE request: moodle 1.9.10 CVE-2010-4207 CVE-2010-4208 CVE-2010-4209
MLIST:[oss-security] 20101112 CVE request: Joomla 1.5.21 SQL Injection and Information Disclosure CVE-2010-4166 CVE-2010-4696
MLIST:[oss-security] 20101112 Re: CVE request: Joomla 1.5.21 SQL Injection and Information Disclosure CVE-2010-4166 CVE-2010-4696
MLIST:[oss-security] 20101118 NULL byte poisoning fix in php 5.3.4+ CVE-2006-7243
MLIST:[oss-security] 20101118 Re: NULL byte poisoning fix in php 5.3.4+ CVE-2006-7243
MLIST:[oss-security] 20101121 CVE Request: gif2png: command-line buffer overflow problem CVE-2010-4694
MLIST:[oss-security] 20101121 Re: CVE Request: gif2png: command-line buffer overflow problem CVE-2010-4694
MLIST:[oss-security] 20101122 Re: CVE Request: gif2png: command-line buffer overflow problem CVE-2010-4694
MLIST:[oss-security] 20101123 Can I request a cve for pfsense regarding --> "pfSense "graph.php" Cross-Site Scripting Vulnerabilities" CVE-2010-4246 CVE-2010-4412
MLIST:[oss-security] 20101124 Re: Can I request a cve for pfsense regarding --> "pfSense "graph.php" Cross-Site Scripting Vulnerabilities" CVE-2010-4246 CVE-2010-4412
MLIST:[oss-security] 20101129 Re: CVE request: kernel: Multiple DoS issues in block layer CVE-2010-4668
MLIST:[oss-security] 20101130 Re: CVE request: kernel: Multiple DoS issues in block layer CVE-2010-4668
MLIST:[oss-security] 20101201 CVE Request -- perl-CGI two ids, perl-CGI-Simple one id (CVE-2010-3172 already assigned for Bugzilla part) CVE-2010-2761 CVE-2010-4410
MLIST:[oss-security] 20101201 Re: CVE Request -- perl-CGI two ids, perl-CGI-Simple one id (CVE-2010-3172 already assigned for Bugzilla part) CVE-2010-2761 CVE-2010-4410 CVE-2010-4411
MLIST:[oss-security] 20101203 Re: clamav 0.96.5 released CVE-2010-4479
MLIST:[oss-security] 20101203 clamav 0.96.5 released CVE-2010-4479
MLIST:[oss-security] 20101206 Re: CVE request: mybb before 1.4.11 and before 1.4.12 CVE-2009-4448 CVE-2009-4449 CVE-2010-4624 CVE-2010-4625 CVE-2010-4626 CVE-2010-4627 CVE-2010-4628 CVE-2010-4629
MLIST:[oss-security] 20101206 Re: Can I request a cve for pfsense regarding --> "pfSense "graph.php" Cross-Site Scripting Vulnerabilities" CVE-2010-4412
MLIST:[oss-security] 20101209 Re: Re: NULL byte poisoning fix in php 5.3.4+ CVE-2006-7243
MLIST:[oss-security] 20101213 Re: Issues without CVE names in PHP 5.3.4/5.2.15 release CVE-2011-0752
MLIST:[oss-security] 20101216 CVE request: Drupal views module CSRF/XSS before 2.11, XSS before 2.12 CVE-2010-4519 CVE-2010-4520 CVE-2010-4521
MLIST:[oss-security] 20101220 CVE Request: MyBB XSS bugs CVE-2010-4522
MLIST:[oss-security] 20101220 CVE request: kernel: CAN information leak, 2nd attempt CVE-2010-4565
MLIST:[oss-security] 20101220 Re: CVE request: kernel: CAN information leak, 2nd attempt CVE-2010-4565
MLIST:[oss-security] 20101221 Re: CVE Request: MyBB XSS bugs CVE-2010-4522
MLIST:[oss-security] 20101221 Re: CVE request: Drupal views module CSRF/XSS before 2.11, XSS before 2.12 CVE-2010-4519 CVE-2010-4520 CVE-2010-4521
MLIST:[oss-security] 20101223 CVE request: kernel: irda: prevent integer underflow in IRLMP_ENUMDEVICES CVE-2010-4529
MLIST:[oss-security] 20101231 CVE Request: CrawlTrack < 3.2.7 - remote php code execution CVE-2010-4537
MLIST:[oss-security] 20110103 Re: CVE Request: CrawlTrack < 3.2.7 - remote php code execution CVE-2010-4537
MLIST:[oss-security] 20110103 Re: CVE request: kernel: irda: prevent integer underflow in IRLMP_ENUMDEVICES CVE-2010-4529
MLIST:[oss-security] 20110104 CVE request: silverstripe before 2.4.4 CVE-2010-4822 CVE-2010-4823 CVE-2010-4824 CVE-2010-5078 CVE-2010-5079 CVE-2010-5080 CVE-2010-5087 CVE-2010-5088
MLIST:[oss-security] 20110105 CVE Request: Multiple XSS Vulnerabiliies < Piwik 1.1 CVE-2011-0004
MLIST:[oss-security] 20110106 CVE request: hastymail before 1.01 XSS CVE-2010-4646
MLIST:[oss-security] 20110106 Re: CVE Request: Multiple XSS Vulnerabiliies < Piwik 1.1 CVE-2011-0004
MLIST:[oss-security] 20110106 Re: CVE request: hastymail before 1.01 XSS CVE-2010-4646
MLIST:[oss-security] 20110107 CVE Request - pimd - Insecure file creation in /var/tmp CVE-2011-0007
MLIST:[oss-security] 20110107 Re: CVE Request - pimd - Insecure file creation in /var/tmp CVE-2011-0007
MLIST:[oss-security] 20110113 CVE requests: ftpls, xdigger, lbreakout2, calibre, typo3 CVE-2010-5097 CVE-2010-5098 CVE-2010-5099 CVE-2010-5100 CVE-2010-5101 CVE-2010-5102 CVE-2010-5103 CVE-2010-5104
MLIST:[oss-security] 20110114 Re: CVE requests: ftpls, xdigger, lbreakout2, calibre, typo3 CVE-2009-5045 CVE-2009-5046 CVE-2009-5048 CVE-2009-5049 CVE-2009-5050
MLIST:[oss-security] 20110119 2 acpid flaws CVE-2011-1159
MLIST:[oss-security] 20110119 CVE request: heap corruption in VLC media player CVE-2011-0021
MLIST:[oss-security] 20110120 Re: CVE request: heap corruption in VLC media player CVE-2011-0021
MLIST:[oss-security] 20110123 CVE request: MaraDNS DoS via long queries CVE-2011-0520
MLIST:[oss-security] 20110124 Re: CVE request: MaraDNS DoS via long queries CVE-2011-0520
MLIST:[oss-security] 20110125 CVE Request: VLC Subtitle StripTags heap corruption CVE-2011-0522
MLIST:[oss-security] 20110125 Re: CVE Request: VLC Subtitle StripTags heap corruption CVE-2011-0522
MLIST:[oss-security] 20110127 CVE Request:Vanilla Forums 2.0.16 <= Cross Site Scripting Vulnerability CVE-2011-0526
MLIST:[oss-security] 20110127 Re: CVE Request:Vanilla Forums 2.0.16 <= Cross Site Scripting Vulnerability CVE-2011-0526
MLIST:[oss-security] 20110128 CVE Request -- NDB: CVE-2005-3534 reintroduced in upstream nbd-v2.9.0 version CVE-2011-0530
MLIST:[oss-security] 20110131 CVE request: code execution in VLC media player CVE-2011-0531
MLIST:[oss-security] 20110131 Re: CVE Request -- NDB: CVE-2005-3534 reintroduced in upstream nbd-v2.9.0 version CVE-2011-0530
MLIST:[oss-security] 20110131 Re: CVE request: code execution in VLC media player CVE-2011-0531
MLIST:[oss-security] 20110209 CVE request for feh CVE-2011-0702
MLIST:[oss-security] 20110209 Django multiple flaws (CVEs inside) CVE-2011-0698
MLIST:[oss-security] 20110209 Re: CVE request for feh CVE-2011-0702
MLIST:[oss-security] 20110222 CVE Request -- rt3 -- two issues: 1) Improper management of form data resubmittion upon user log out 2) SQL queries information leak by user account transition CVE-2011-1007 CVE-2011-1008
MLIST:[oss-security] 20110222 CVE request: simple machines forum before 1.1.13 CVE-2011-1127 CVE-2011-1128 CVE-2011-1129 CVE-2011-1130 CVE-2011-1131
MLIST:[oss-security] 20110222 CVE-2011-0436: dtc sends password of new users to site admin by unencrypted email CVE-2011-0436
MLIST:[oss-security] 20110222 Re: CVE Request -- rt3 -- two issues: 1) Improper management of form data resubmittion upon user log out 2) SQL queries information leak by user account transition CVE-2011-1007 CVE-2011-1008
MLIST:[oss-security] 20110223 CVE request: kernel: fs/partitions: Kernel heap overflow via corrupted LDM partition tables CVE-2011-1017
MLIST:[oss-security] 20110223 Re: CVE request: kernel: fs/partitions: Kernel heap overflow via corrupted LDM partition tables CVE-2011-1017
MLIST:[oss-security] 20110223 Re: Re: CVE Request -- rt3 -- two issues: 1) Improper management of form data resubmittion upon user log out 2) SQL queries information leak by user account transition CVE-2011-1007 CVE-2011-1008
MLIST:[oss-security] 20110224 Re: CVE request: kernel: fs/partitions: Kernel heap overflow via corrupted LDM partition tables CVE-2011-1017
MLIST:[oss-security] 20110224 Re: Re: CVE Request -- rt3 -- two issues: 1) Improper management of form data resubmittion upon user log out 2) SQL queries information leak by user account transition CVE-2011-1007 CVE-2011-1008
MLIST:[oss-security] 20110228 CVE request: FreeBSD/OS X crontab information leakage CVE-2011-1073 CVE-2011-1074
MLIST:[oss-security] 20110228 Re: CVE Request: PEAR Installer 1.9.1 <= - Symlink Attack CVE-2011-1144
MLIST:[oss-security] 20110228 Re: CVE request: FreeBSD/OS X crontab information leakage CVE-2011-1073 CVE-2011-1074
MLIST:[oss-security] 20110301 Re: CVE Request: PEAR Installer 1.9.1 <= - Symlink Attack CVE-2011-1144
MLIST:[oss-security] 20110302 CVE request: VLC bookmark buffer overflow CVE-2011-1087
MLIST:[oss-security] 20110302 Re: CVE request: simple machines forum before 1.1.13 CVE-2011-1127 CVE-2011-1128 CVE-2011-1129 CVE-2011-1130 CVE-2011-1131
MLIST:[oss-security] 20110303 Re: CVE request: VLC bookmark buffer overflow CVE-2011-1087
MLIST:[oss-security] 20110303 Re: Suid mount helpers fail to anticipate RLIMIT_FSIZE CVE-2011-1675 CVE-2011-1676 CVE-2011-1677 CVE-2011-1678 CVE-2011-1679 CVE-2011-1680 CVE-2011-1681
MLIST:[oss-security] 20110303 Suid mount helpers fail to anticipate RLIMIT_FSIZE CVE-2011-1675 CVE-2011-1676 CVE-2011-1677 CVE-2011-1678 CVE-2011-1679 CVE-2011-1680 CVE-2011-1681
MLIST:[oss-security] 20110304 CVE Request -- logrotate -- nine issues CVE-2011-1548 CVE-2011-1549 CVE-2011-1550
MLIST:[oss-security] 20110304 Re: CVE Request -- logrotate -- nine issues CVE-2011-1548 CVE-2011-1549 CVE-2011-1550
MLIST:[oss-security] 20110304 Re: Re: CVE request: More Evince overflows CVE-2011-5244
MLIST:[oss-security] 20110304 Re: Suid mount helpers fail to anticipate RLIMIT_FSIZE CVE-2011-1675 CVE-2011-1676 CVE-2011-1677 CVE-2011-1678 CVE-2011-1679 CVE-2011-1680 CVE-2011-1681
MLIST:[oss-security] 20110305 Re: CVE Request -- logrotate -- nine issues CVE-2011-1548 CVE-2011-1549 CVE-2011-1550
MLIST:[oss-security] 20110305 Re: Suid mount helpers fail to anticipate RLIMIT_FSIZE CVE-2011-1675 CVE-2011-1676 CVE-2011-1677 CVE-2011-1678 CVE-2011-1679 CVE-2011-1680 CVE-2011-1681
MLIST:[oss-security] 20110306 Re: CVE Request -- logrotate -- nine issues CVE-2011-1548 CVE-2011-1549 CVE-2011-1550
MLIST:[oss-security] 20110307 Re: CVE Request -- logrotate -- nine issues CVE-2009-5064 CVE-2011-1548 CVE-2011-1549 CVE-2011-1550
MLIST:[oss-security] 20110307 Re: Suid mount helpers fail to anticipate RLIMIT_FSIZE CVE-2011-1675 CVE-2011-1676 CVE-2011-1677 CVE-2011-1678 CVE-2011-1679 CVE-2011-1680 CVE-2011-1681
MLIST:[oss-security] 20110307 Re: ldd can execute an app unexpectedly CVE-2009-5064
MLIST:[oss-security] 20110307 ldd can execute an app unexpectedly CVE-2009-5064
MLIST:[oss-security] 20110308 Re: CVE Request -- logrotate -- nine issues CVE-2011-1548 CVE-2011-1549 CVE-2011-1550
MLIST:[oss-security] 20110308 Re: ldd can execute an app unexpectedly CVE-2009-5064
MLIST:[oss-security] 20110310 Re: CVE Request -- logrotate -- nine issues CVE-2011-1548 CVE-2011-1549 CVE-2011-1550
MLIST:[oss-security] 20110311 CVE Request -- Asterisk AST-2011-002 / Multiple array overflow and crash vulnerabilities in UDPTL code CVE-2011-1147
MLIST:[oss-security] 20110311 Re: CVE Request -- Asterisk AST-2011-002 / Multiple array overflow and crash vulnerabilities in UDPTL code CVE-2011-1147
MLIST:[oss-security] 20110311 Re: CVE Request -- logrotate -- nine issues CVE-2011-1548 CVE-2011-1549 CVE-2011-1550
MLIST:[oss-security] 20110313 CVE request: PHP substr_replace() use-after-free CVE-2011-1148
MLIST:[oss-security] 20110313 Re: CVE request: PHP substr_replace() use-after-free CVE-2011-1148
MLIST:[oss-security] 20110314 CVE Request: Joomla! 1.6.0 | Cross Site Scripting (XSS) Vulnerability CVE-2010-3712
MLIST:[oss-security] 20110314 Re: CVE Request -- logrotate -- nine issues CVE-2011-1548 CVE-2011-1549 CVE-2011-1550
MLIST:[oss-security] 20110314 Re: CVE Request: Joomla! 1.6.0 | Cross Site Scripting (XSS) Vulnerability CVE-2010-3712
MLIST:[oss-security] 20110314 Re: Suid mount helpers fail to anticipate RLIMIT_FSIZE CVE-2011-1675 CVE-2011-1676 CVE-2011-1677 CVE-2011-1678 CVE-2011-1679 CVE-2011-1680 CVE-2011-1681
MLIST:[oss-security] 20110315 Re: 2 acpid flaws CVE-2011-1159
MLIST:[oss-security] 20110315 Re: Suid mount helpers fail to anticipate RLIMIT_FSIZE CVE-2011-1675 CVE-2011-1676 CVE-2011-1677 CVE-2011-1678 CVE-2011-1679 CVE-2011-1680 CVE-2011-1681
MLIST:[oss-security] 20110318 CVE Request: Geeklog 1.7.1 <= Cross Site Scripting Vulnerability CVE-2011-4942
MLIST:[oss-security] 20110318 CVE Request: Joomla! 1.5.20 <= Cross Site Scripting (XSS) Vulnerability CVE-2010-3712
MLIST:[oss-security] 20110318 CVE request: kernel: netfilter & econet infoleaks CVE-2011-2534
MLIST:[oss-security] 20110318 Re: CVE Request: Joomla! 1.6.0 | Cross Site Scripting (XSS) Vulnerability CVE-2010-3712
MLIST:[oss-security] 20110320 CVE request: MPM-ITK module for Apache HTTPD CVE-2011-1176
MLIST:[oss-security] 20110321 Re: CVE request: MPM-ITK module for Apache HTTPD CVE-2011-1176
MLIST:[oss-security] 20110321 Re: CVE request: kernel: netfilter & econet infoleaks CVE-2011-2534
MLIST:[oss-security] 20110322 CVE Request: libpng memory leak CVE-2006-7244 CVE-2009-5063
MLIST:[oss-security] 20110322 Re: CVE requests - kernel: irda/decnet issues CVE-2011-1180
MLIST:[oss-security] 20110322 Re: Suid mount helpers fail to anticipate RLIMIT_FSIZE CVE-2011-1675 CVE-2011-1676 CVE-2011-1677 CVE-2011-1678 CVE-2011-1679 CVE-2011-1680 CVE-2011-1681
MLIST:[oss-security] 20110323 CVE Request: PHP-Nuke 8.x <= "chng_uid" Blind SQL Injection Vulnerability CVE-2011-1480
MLIST:[oss-security] 20110323 CVE Request: PHP-Nuke 8.x <= Cross Site Request Forgery (CSRF) / Anti-CSRF Bypass Vulnerability CVE-2011-1482
MLIST:[oss-security] 20110323 CVE Request: PHP-Nuke 8.x <= Cross Site Scripting Vulnerability CVE-2011-1481
MLIST:[oss-security] 20110323 Re: CVE Request -- logrotate -- nine issues CVE-2011-1548 CVE-2011-1549 CVE-2011-1550 CVE-2011-1551
MLIST:[oss-security] 20110324 CVE Request -- Python (urllib, urllib2): Improper management of ftp:// and file:// URL schemes CVE-2011-1521
MLIST:[oss-security] 20110325 CVE Request -- Nagios -- XSS in the network status map CGI script CVE-2011-1523
MLIST:[oss-security] 20110325 CVE Request -- php-doctrine-Doctrine -- SQL injection flaw CVE-2011-1522
MLIST:[oss-security] 20110328 Re: CVE Request -- Nagios -- XSS in the network status map CGI script CVE-2011-1523
MLIST:[oss-security] 20110328 Re: CVE Request -- Python (urllib, urllib2): Improper management of ftp:// and file:// URL schemes CVE-2011-1521
MLIST:[oss-security] 20110328 Re: CVE Request -- php-doctrine-Doctrine -- SQL injection flaw CVE-2011-1522
MLIST:[oss-security] 20110328 Re: CVE Request: libpng memory leak CVE-2006-7244 CVE-2009-5063
MLIST:[oss-security] 20110328 Re: CVE request: VLC bookmark buffer overflow CVE-2011-1087
MLIST:[oss-security] 20110329 CVE request: cmsmadesimple before 1.9.1 CVE-2010-4663
MLIST:[oss-security] 20110329 CVE requests : Liferay 6.0.6 CVE-2011-1502 CVE-2011-1503 CVE-2011-1504 CVE-2011-1570 CVE-2011-1571
MLIST:[oss-security] 20110330 Re: CVE Request: PHP-Nuke 8.x <= "chng_uid" Blind SQL Injection Vulnerability CVE-2011-1480
MLIST:[oss-security] 20110330 Re: CVE Request: PHP-Nuke 8.x <= Cross Site Request Forgery (CSRF) / Anti-CSRF Bypass Vulnerability CVE-2011-1482
MLIST:[oss-security] 20110330 Re: CVE Request: PHP-Nuke 8.x <= Cross Site Scripting Vulnerability CVE-2011-1481
MLIST:[oss-security] 20110330 Re: CVE request: cmsmadesimple before 1.9.1 CVE-2010-4663
MLIST:[oss-security] 20110331 Re: Suid mount helpers fail to anticipate RLIMIT_FSIZE CVE-2011-1675 CVE-2011-1676 CVE-2011-1677 CVE-2011-1678 CVE-2011-1679 CVE-2011-1680 CVE-2011-1681
MLIST:[oss-security] 20110401 Re: Suid mount helpers fail to anticipate RLIMIT_FSIZE CVE-2011-1675 CVE-2011-1676 CVE-2011-1677 CVE-2011-1678 CVE-2011-1679 CVE-2011-1680 CVE-2011-1681
MLIST:[oss-security] 20110406 Moonlight release 2.4.1 with security fixes CVE-2011-0989 CVE-2011-0990 CVE-2011-0991 CVE-2011-0992
MLIST:[oss-security] 20110407 Apache HttpClient CVE request [VU#153049] CVE-2011-1498
MLIST:[oss-security] 20110408 CVE request for pithos information disclosure CVE-2011-1500
MLIST:[oss-security] 20110408 Re: Apache HttpClient CVE request [VU#153049] CVE-2011-1498
MLIST:[oss-security] 20110408 Re: CVE request for pithos information disclosure CVE-2011-1500
MLIST:[oss-security] 20110408 Re: CVE requests : Liferay 6.0.6 CVE-2011-1502 CVE-2011-1503 CVE-2011-1504 CVE-2011-1570 CVE-2011-1571
MLIST:[oss-security] 20110411 Re: CVE requests : Liferay 6.0.6 CVE-2011-1502 CVE-2011-1503 CVE-2011-1504 CVE-2011-1570 CVE-2011-1571
MLIST:[oss-security] 20110411 Re: pure-ftpd STARTTLS command injection / new CVE? CVE-2011-1575
MLIST:[oss-security] 20110411 pure-ftpd STARTTLS command injection / new CVE? CVE-2011-1575
MLIST:[oss-security] 20110412 CVE id request: vlc CVE-2011-1684
MLIST:[oss-security] 20110413 CVE request: dotclear before 2.2.3 CVE-2011-1584
MLIST:[oss-security] 20110413 Re: CVE id request: vlc CVE-2011-1684
MLIST:[oss-security] 20110414 Re: CVE request: dotclear before 2.2.3 CVE-2011-1584
MLIST:[oss-security] 20110415 Re: CVE request: dotclear before 2.2.3 CVE-2011-1584
MLIST:[oss-security] 20110418 Re: Wireshark 1.2.16 / 1.4.5 CVE-2011-1592
MLIST:[oss-security] 20110418 Wireshark 1.2.16 / 1.4.5 CVE-2011-1592
MLIST:[oss-security] 20110421 CVE request: kernel: buffer overflow and DoS issues in agp CVE-2011-2022
MLIST:[oss-security] 20110422 Re: CVE request: kernel: buffer overflow and DoS issues in agp CVE-2011-2022
MLIST:[oss-security] 20110503 Re: Re: CVE Request -- oprofile -- Local privilege escalation via crafted opcontrol event parameter when authorized by sudo CVE-2011-2471 CVE-2011-2472 CVE-2011-2473
MLIST:[oss-security] 20110510 Re: Re: CVE Request -- oprofile -- Local privilege escalation via crafted opcontrol event parameter when authorized by sudo CVE-2011-2471 CVE-2011-2472 CVE-2011-2473
MLIST:[oss-security] 20110511 Re: Re: CVE Request -- oprofile -- Local privilege escalation via crafted opcontrol event parameter when authorized by sudo CVE-2011-2471 CVE-2011-2472 CVE-2011-2473
MLIST:[oss-security] 20110517 CVE request: nbd-server CVE-2011-1925
MLIST:[oss-security] 20110518 Dovecot releases CVE-2011-2166 CVE-2011-2167
MLIST:[oss-security] 20110519 CVE Request: viewvc DoS CVE-2009-5024
MLIST:[oss-security] 20110519 Re: CVE Request: viewvc DoS CVE-2009-5024
MLIST:[oss-security] 20110519 Re: CVE requests: ffmpeg/widelands/jifty::db/lilo/libpcap CVE-2011-1933 CVE-2011-1934
MLIST:[oss-security] 20110522 CVE Request: Webmin Local Privilege Escalation Vulnerability CVE-2011-1937
MLIST:[oss-security] 20110523 CVE request: PHP socket_connect() - stack buffer overflow CVE-2011-1938
MLIST:[oss-security] 20110524 Re: CVE Request: Webmin Local Privilege Escalation Vulnerability CVE-2011-1937
MLIST:[oss-security] 20110524 Re: CVE request: PHP socket_connect() - stack buffer overflow CVE-2011-1938
MLIST:[oss-security] 20110530 CVE request for fetchmail STARTTLS hang (Denial of Service) CVE-2011-1947
MLIST:[oss-security] 20110530 CVE request: libgnomesu privilege escalation CVE-2011-1946
MLIST:[oss-security] 20110531 CVE request: NetworkManager-openvpn logs cert password CVE-2011-1943
MLIST:[oss-security] 20110531 CVE request: firefox doesn't (re)validate certificates when loading HTTPS page CVE-2011-0082
MLIST:[oss-security] 20110531 Re: CVE request for fetchmail STARTTLS hang (Denial of Service) CVE-2011-1947
MLIST:[oss-security] 20110531 Re: CVE request: NetworkManager-openvpn logs cert password CVE-2011-1943
MLIST:[oss-security] 20110531 Re: CVE request: firefox doesn't (re)validate certificates when loading HTTPS page CVE-2011-0082
MLIST:[oss-security] 20110531 Re: CVE request: libgnomesu privilege escalation CVE-2011-1946
MLIST:[oss-security] 20110531 Re: CVE request: libxml vulnerability and interesting integer issues CVE-2011-1944
MLIST:[oss-security] 20110601 Re: CVE request for fetchmail STARTTLS hang (Denial of Service) CVE-2011-1947
MLIST:[oss-security] 20110602 CVE request: Multiple security vulnerabilities in ARSC Really Simple Chat CVE-2011-2180 CVE-2011-2181 CVE-2011-2470
MLIST:[oss-security] 20110602 Re: CVE request: Multiple security vulnerabilities in ARSC Really Simple Chat CVE-2011-2180 CVE-2011-2181 CVE-2011-2470
MLIST:[oss-security] 20110606 CVE Request -- LuaExpat -- Prone to XML "billion laughs attack" CVE-2011-2188
MLIST:[oss-security] 20110606 Re: CVE Request -- LuaExpat -- Prone to XML "billion laughs attack" CVE-2011-2188
MLIST:[oss-security] 20110606 Re: CVE Request -- xscreensaver -- exits when activated CVE-2011-2187
MLIST:[oss-security] 20110608 CVE Request -- Coppermine Photo Gallery -- cpg1.4.27 / cpg1.5.12 -- XSS flaw CVE-2010-4667 CVE-2011-2476
MLIST:[oss-security] 20110608 Re: CVE Request -- Coppermine Photo Gallery -- cpg1.4.27 / cpg1.5.12 -- XSS flaw CVE-2010-4667 CVE-2011-2476
MLIST:[oss-security] 20110609 CVE Request -- vte -- Excessive memory and CPU use by processing certain character sequences CVE-2011-2198
MLIST:[oss-security] 20110612 Bug#629938: Info received (CVE Request -- dbus -- Local DoS via messages with non-native byte order) CVE-2011-2200
MLIST:[oss-security] 20110612 CVE Request -- dbus -- Local DoS via messages with non-native byte order CVE-2011-2200
MLIST:[oss-security] 20110612 CVE Request: PHP File upload filename CVE-2011-2202
MLIST:[oss-security] 20110613 CVE Request -- vte -- Excessive memory and CPU use by processing certain character sequences CVE-2011-2198
MLIST:[oss-security] 20110613 Re: CVE Request -- dbus -- Local DoS via messages with non-native byte order CVE-2011-2200
MLIST:[oss-security] 20110613 Re: CVE Request: PHP File upload filename CVE-2011-2202
MLIST:[oss-security] 20110614 CVE Request: prosody DoS, djabberd external entity injection CVE-2011-2205 CVE-2011-2206
MLIST:[oss-security] 20110615 Re: CVE Request: prosody DoS, djabberd external entity injection CVE-2011-2205 CVE-2011-2206
MLIST:[oss-security] 20110620 CVE request: Joomla unspecified information disclosure vulnerability CVE-2011-2488
MLIST:[oss-security] 20110620 Re: CVE request: FreeBSD/NetBSD 802.11 kernel memory disclosure CVE-2011-2480
MLIST:[oss-security] 20110622 CVE requests: opie off by one and setuid() failure CVE-2011-2489 CVE-2011-2490
MLIST:[oss-security] 20110623 Re: CVE request: Joomla unspecified information disclosure vulnerability CVE-2011-2488
MLIST:[oss-security] 20110623 Re: CVE requests: opie off by one and setuid() failure CVE-2011-2489 CVE-2011-2490
MLIST:[oss-security] 20110627 CVE request for libpng regression (CVE-2004-0421) CVE-2011-2501
MLIST:[oss-security] 20110627 Re: CVE request: Joomla unspecified information disclosure vulnerability CVE-2011-2891 CVE-2011-3695 CVE-2011-3696 CVE-2011-3697 CVE-2011-3698 CVE-2011-3699 CVE-2011-3700 CVE-2011-3701 CVE-2011-3702 CVE-2011-3703 CVE-2011-3704 CVE-2011-3705 CVE-2011-3706 CVE-2011-3707 CVE-2011-3708 CVE-2011-3709 CVE-2011-3710 CVE-2011-3711 CVE-2011-3712 CVE-2011-3713 CVE-2011-3714 CVE-2011-3715 CVE-2011-3716 CVE-2011-3717 CVE-2011-3718 CVE-2011-3719 CVE-2011-3720 CVE-2011-3721 CVE-2011-3722 CVE-2011-3723 CVE-2011-3724 CVE-2011-3725 CVE-2011-3726 CVE-2011-3727 CVE-2011-3728 CVE-2011-3729 CVE-2011-3730 CVE-2011-3731 CVE-2011-3732 CVE-2011-3733 CVE-2011-3734 CVE-2011-3735 CVE-2011-3736 CVE-2011-3737 CVE-2011-3738 CVE-2011-3739 CVE-2011-3740 CVE-2011-3741 CVE-2011-3742 CVE-2011-3743 CVE-2011-3744 CVE-2011-3745 CVE-2011-3746 CVE-2011-3747 CVE-2011-3748 CVE-2011-3749 CVE-2011-3750 CVE-2011-3751 CVE-2011-3752 CVE-2011-3753 CVE-2011-3754 CVE-2011-3755 CVE-2011-3756 CVE-2011-3757 CVE-2011-3758 CVE-2011-3759 CVE-2011-3760 CVE-2011-3761 CVE-2011-3762 CVE-2011-3763 CVE-2011-3764 CVE-2011-3765 CVE-2011-3766 CVE-2011-3767 CVE-2011-3768 CVE-2011-3769 CVE-2011-3770 CVE-2011-3771 CVE-2011-3772 CVE-2011-3773 CVE-2011-3774 CVE-2011-3775 CVE-2011-3776 CVE-2011-3777 CVE-2011-3778 CVE-2011-3779 CVE-2011-3780 CVE-2011-3781 CVE-2011-3782 CVE-2011-3783 CVE-2011-3784 CVE-2011-3785 CVE-2011-3786 CVE-2011-3787 CVE-2011-3788 CVE-2011-3789 CVE-2011-3790 CVE-2011-3791 CVE-2011-3792 CVE-2011-3793 CVE-2011-3794 CVE-2011-3795 CVE-2011-3796 CVE-2011-3797 CVE-2011-3798 CVE-2011-3799 CVE-2011-3800 CVE-2011-3801 CVE-2011-3802 CVE-2011-3803 CVE-2011-3804 CVE-2011-3805 CVE-2011-3806 CVE-2011-3807 CVE-2011-3808 CVE-2011-3809 CVE-2011-3810 CVE-2011-3811 CVE-2011-3812 CVE-2011-3813 CVE-2011-3814 CVE-2011-3815 CVE-2011-3816 CVE-2011-3817 CVE-2011-3818 CVE-2011-3819 CVE-2011-3820 CVE-2011-3821 CVE-2011-3822 CVE-2011-3823 CVE-2011-3824 CVE-2011-3825 CVE-2011-3826
MLIST:[oss-security] 20110628 CVE Request: Joomla! 1.6.3 and lower | Multiple Cross Site Scripting (XSS) Vulnerabilities CVE-2011-2509
MLIST:[oss-security] 20110628 CVE Request: phpMyAdmin 3.4 Multiple Vulnerabilities CVE-2011-2505 CVE-2011-2506 CVE-2011-2507 CVE-2011-2508
MLIST:[oss-security] 20110628 Re: CVE Request: Mambo CMS 4.6.x | Multiple Cross Site Scripting Vulnerabilities CVE-2011-2499
MLIST:[oss-security] 20110628 Re: CVE Request: phpMyAdmin 3.4 Multiple Vulnerabilities CVE-2011-2505 CVE-2011-2506 CVE-2011-2507 CVE-2011-2508
MLIST:[oss-security] 20110628 Re: CVE request for libpng regression (CVE-2004-0421) CVE-2011-2501
MLIST:[oss-security] 20110628 Re: [Phpmyadmin-security] CVE Request: phpMyAdmin 3.4 Multiple Vulnerabilities CVE-2011-2505 CVE-2011-2506 CVE-2011-2507 CVE-2011-2508
MLIST:[oss-security] 20110629 Re: CVE Request: Joomla! 1.6.3 and lower | Multiple Cross Site Scripting (XSS) Vulnerabilities CVE-2011-2509
MLIST:[oss-security] 20110629 Re: CVE Request: phpMyAdmin 3.4 Multiple Vulnerabilities CVE-2011-2505 CVE-2011-2506 CVE-2011-2507 CVE-2011-2508
MLIST:[oss-security] 20110701 Re: CVE request: Joomla unspecified information disclosure vulnerability CVE-2011-2889 CVE-2011-2890
MLIST:[oss-security] 20110701 Re: Re: php ZipArchive::addGlob() crashes on invalid flags CVE-2011-1657
MLIST:[oss-security] 20110701 Re: php ZipArchive::addGlob() crashes on invalid flags CVE-2011-1657
MLIST:[oss-security] 20110701 php ZipArchive::addGlob() crashes on invalid flags CVE-2011-1657
MLIST:[oss-security] 20110706 libreoffice/openoffice.org CVE id request CVE-2011-2685
MLIST:[oss-security] 20110708 SSL renegotiation DoS CVE-2011-1473 CVE-2011-1473 CVE-2011-5094
MLIST:[oss-security] 20110711 CVE Request -- Drupal 7 -- Access bypass in node listings (SA-CORE-2011-002) CVE-2011-2687
MLIST:[oss-security] 20110712 Re: CVE Request -- Drupal 7 -- Access bypass in node listings (SA-CORE-2011-002) CVE-2011-2687
MLIST:[oss-security] 20110712 Re: libreoffice/openoffice.org CVE id request CVE-2011-2685
MLIST:[oss-security] 20110713 CVE Request: hplip/foomatic-filters CVE-2011-2964
MLIST:[oss-security] 20110713 Re: [oCERT-2011-001] Chyrp input sanitization errors CVE-2011-2744 CVE-2011-2745 CVE-2011-2780
MLIST:[oss-security] 20110713 [oCERT-2011-001] Chyrp input sanitization errors CVE-2011-2744 CVE-2011-2745 CVE-2011-2780
MLIST:[oss-security] 20110715 CVE request: vulnerability in FreeRADIUS (OCSP) CVE-2011-2701
MLIST:[oss-security] 20110718 Re: CVE Request: hplip/foomatic-filters CVE-2011-2964
MLIST:[oss-security] 20110718 Re: CVE request: vulnerability in FreeRADIUS (OCSP) CVE-2011-2701
MLIST:[oss-security] 20110720 Re: CVE Request: ruby PRNG fixes CVE-2011-3009
MLIST:[oss-security] 20110720 Re: CVE request: vulnerability in FreeRADIUS (OCSP) CVE-2011-2701
MLIST:[oss-security] 20110722 CVE Request: Joomla! 1.7.0-RC and lower | Cross Site Scripting Vulnerabilities CVE-2011-2710
MLIST:[oss-security] 20110722 Re: CVE Request: Joomla! 1.7.0-RC and lower | Cross Site Scripting Vulnerabilities CVE-2011-2710
MLIST:[oss-security] 20110728 Re: CVE Request: hplip/foomatic-filters CVE-2011-2964
MLIST:[oss-security] 20110808 CVE request: zabbix XSS flaw CVE-2011-2904
MLIST:[oss-security] 20110809 Re: CVE request: zabbix XSS flaw CVE-2011-2904
MLIST:[oss-security] 20110810 Re: CVE requests: Two kernel issues CVE-2011-2906
MLIST:[oss-security] 20110812 Re: CVE Request: Mambo CMS 4.6.x (4.6.5) | SQL Injection CVE-2011-2917
MLIST:[oss-security] 20110813 Re: CVE request: multiple vulnerabilities in dtc CVE-2011-3195 CVE-2011-3196 CVE-2011-3197 CVE-2011-3198 CVE-2011-3199 CVE-2011-5272
MLIST:[oss-security] 20110817 CVE request: ruby on rails flaws (4) CVE-2011-2929 CVE-2011-2930 CVE-2011-2931 CVE-2011-2932 CVE-2011-3186
MLIST:[oss-security] 20110818 CVE request: roundcube XSS before 0.5.4 CVE-2011-2937
MLIST:[oss-security] 20110819 CVE request: MantisBT <1.2.7 search.php multiple XSS vulnerabilities CVE-2011-2938
MLIST:[oss-security] 20110819 CVE request: stunnel 4.4x heap overflow flaw CVE-2011-2940
MLIST:[oss-security] 20110819 Re: CVE request: MantisBT <1.2.7 search.php multiple XSS vulnerabilities CVE-2011-2938
MLIST:[oss-security] 20110819 Re: CVE request: roundcube XSS before 0.5.4 CVE-2011-2937
MLIST:[oss-security] 20110819 Re: CVE request: ruby on rails flaws (4) CVE-2011-2929 CVE-2011-2930 CVE-2011-2931 CVE-2011-2932 CVE-2011-3186
MLIST:[oss-security] 20110819 Re: CVE request: stunnel 4.4x heap overflow flaw CVE-2011-2940
MLIST:[oss-security] 20110820 Re: CVE request: ruby on rails flaws (4) CVE-2011-2929 CVE-2011-2930 CVE-2011-2931 CVE-2011-2932 CVE-2011-3186
MLIST:[oss-security] 20110822 Re: CVE request: Pidgin crash CVE-2011-3185
MLIST:[oss-security] 20110822 Re: CVE request: ruby on rails flaws (4) CVE-2011-2929 CVE-2011-2930 CVE-2011-2931 CVE-2011-2932 CVE-2011-3186
MLIST:[oss-security] 20110824 Re: Re: CVE request: multiple vulnerabilities in dtc CVE-2011-3195 CVE-2011-3196 CVE-2011-3197 CVE-2011-3198 CVE-2011-3199 CVE-2011-5272
MLIST:[oss-security] 20110826 Security issue in hammerhead CVE-2011-3204
MLIST:[oss-security] 20110830 Re: Security issue in hammerhead CVE-2011-3204
MLIST:[oss-security] 20110904 CVE requests: <mantisbt-1.2.8 multiple vulnerabilities (1xLFI+XSS, 2xXSS) CVE-2011-3356 CVE-2011-3357 CVE-2011-3358 CVE-2011-3578
MLIST:[oss-security] 20110904 Re: CVE requests: <mantisbt-1.2.8 multiple vulnerabilities (1xLFI+XSS, 2xXSS) CVE-2011-3357 CVE-2011-3578
MLIST:[oss-security] 20110908 CVE Request -- libfcgi-perl / perl-FCGI: Certain environment variables shared between first and subsequent HTTP requests CVE-2011-2766
MLIST:[oss-security] 20110908 Re: CVE Request -- libfcgi-perl / perl-FCGI: Certain environment variables shared between first and subsequent HTTP requests CVE-2011-2766
MLIST:[oss-security] 20110909 Re: CVE requests: <mantisbt-1.2.8 multiple vulnerabilities (1xLFI+XSS, 2xXSS) CVE-2011-3356 CVE-2011-3357 CVE-2011-3358 CVE-2011-3578
MLIST:[oss-security] 20110910 D-Link DCS-2121 Semicolon Vulnerability CVE-2010-4964
MLIST:[oss-security] 20110911 CVE Request -- Django: v1.3.1, v1.2.7 multiple security flaws CVE-2011-1521 CVE-2011-4136 CVE-2011-4137 CVE-2011-4138 CVE-2011-4139 CVE-2011-4140
MLIST:[oss-security] 20110913 CVE Request: BackupPC 3.2.1 fixes cross site scripting CVE-2011-3361
MLIST:[oss-security] 20110913 CVE Request: Multiple issues fixed in wireshark 1.6.2 CVE-2011-3482 CVE-2011-3483 CVE-2011-3484
MLIST:[oss-security] 20110913 CVE request: ffmpeg/libav insufficuent boundary check in CAVS decoding CVE-2011-3362
MLIST:[oss-security] 20110913 Re: CVE Request -- Django: v1.3.1, v1.2.7 multiple security flaws CVE-2011-1521 CVE-2011-4136 CVE-2011-4137 CVE-2011-4138 CVE-2011-4139 CVE-2011-4140
MLIST:[oss-security] 20110914 Re: CVE Request: BackupPC 3.2.1 fixes cross site scripting CVE-2011-3361
MLIST:[oss-security] 20110914 Re: CVE Request: Multiple issues fixed in wireshark 1.6.2 CVE-2011-3482 CVE-2011-3483 CVE-2011-3484
MLIST:[oss-security] 20110914 Re: CVE request: ffmpeg/libav insufficuent boundary check in CAVS decoding CVE-2011-3362
MLIST:[oss-security] 20110914 Re: D-Link DCS-2121 Semicolon Vulnerability CVE-2010-4964
MLIST:[oss-security] 20110916 Re: CVE Request -- Django: v1.3.1, v1.2.7 multiple security flaws CVE-2011-1521 CVE-2011-4137
MLIST:[oss-security] 20110918 CVE request: PunBB multiple XSS issues CVE-2011-3371
MLIST:[oss-security] 20110922 Re: CVE request: PunBB multiple XSS issues CVE-2011-3371
MLIST:[oss-security] 20111005 CVE Request -- perl-Crypt-DSA -- Cryptographically insecure method used for random numbers generation on systems without /dev/random CVE-2011-3599
MLIST:[oss-security] 20111005 Re: CVE Request -- perl-Crypt-DSA -- Cryptographically insecure method used for random numbers generation on systems without /dev/random CVE-2011-3599
MLIST:[oss-security] 20111009 CVE request: simple machines forum before 2.0.1 and 1.1.15 CVE-2011-3615 CVE-2011-4173
MLIST:[oss-security] 20111010 Re: CVE request: simple machines forum before 2.0.1 and 1.1.15 CVE-2011-3615 CVE-2011-4173
MLIST:[oss-security] 20111016 Duplicate CVE assigned: CVE-2011-2708 CVE-2011-2710 CVE-2011-2710
MLIST:[oss-security] 20111017 CVE request: double-free vulnerability in logsurfer CVE-2011-3626
MLIST:[oss-security] 20111017 Re: CVE request: double-free vulnerability in logsurfer CVE-2011-3626
MLIST:[oss-security] 20111018 Re: CVE request: mplayer SAMI subtitle parsing buffer overflow CVE-2011-3625
MLIST:[oss-security] 20111018 Re: CVE requests: <media-video/vlc-1.0.2: Multiple stack-based buffer overflows in ASF, AVI, MP4 demuxers and https://bugs.gentoo.org/show_bug.cgi?id=279340 CVE-2011-3623
MLIST:[oss-security] 20111018 Re: MySQL executable comment execution on MySQL slave server (from 2009) CVE-2009-5026
MLIST:[oss-security] 20111028 Re: CVE Request: Multiple remote denial of service in Linux bridge networking code 2.6.37-3.0 CVE-2011-4087
MLIST:[oss-security] 20111102 Re: CVE request for Django-piston and Tastypie CVE-2011-4104
MLIST:[oss-security] 20111102 Re: Re: CVE request for Django-piston and Tastypie CVE-2011-4104
MLIST:[oss-security] 20111102 Re: Re: [LightDM] Version 1.0.6 released CVE-2011-4105
MLIST:[oss-security] 20111102 Re: [LightDM] Version 1.0.6 released CVE-2011-4105
MLIST:[oss-security] 20111102 kiwi shell meta char injection CVE-2011-3180 CVE-2011-4195
MLIST:[oss-security] 20111103 Re: CVE request: wordpress plugin timthumb before 2.0 remote code execution CVE-2011-4106
MLIST:[oss-security] 20111104 CVE request: Mahara CVE-2011-4118
MLIST:[oss-security] 20111104 Re: CVE request: Mahara CVE-2011-4118
MLIST:[oss-security] 20111108 CVE request: Android: vold stack buffer overflow CVE-2011-3874
MLIST:[oss-security] 20111108 CVE request: gnutls possible DoS (GNUTLS-SA-2011-2) CVE-2011-4128
MLIST:[oss-security] 20111108 Re: CVE request: Android: vold stack buffer overflow CVE-2011-3874
MLIST:[oss-security] 20111109 Re: CVE request: gnutls possible DoS (GNUTLS-SA-2011-2) CVE-2011-4128
MLIST:[oss-security] 20111109 Re: Re: CVE request: Android: vold stack buffer overflow CVE-2011-3874
MLIST:[oss-security] 20111113 CVE request: ResourceSpace before 4.2.2833 insufficient access check CVE-2011-4311
MLIST:[oss-security] 20111113 Re: Fwd: DSA 2338-1 moodle security update CVE-2011-4133 CVE-2011-4278 CVE-2011-4279 CVE-2011-4280 CVE-2011-4281 CVE-2011-4282 CVE-2011-4283 CVE-2011-4284 CVE-2011-4285 CVE-2011-4286 CVE-2011-4287 CVE-2011-4289 CVE-2011-4291 CVE-2011-4292 CVE-2011-4293 CVE-2011-4294 CVE-2011-4297
MLIST:[oss-security] 20111114 Re: CVE request: ResourceSpace before 4.2.2833 insufficient access check CVE-2011-4311
MLIST:[oss-security] 20111118 Re: CVE Request -- Ruby on Rails / rubygem-actionpack -- XSS in the 'translate' helper method CVE-2011-4319
MLIST:[oss-security] 20111120 Re: CVE request: joomla 1.5 before 1.5.25 password change vulnerability CVE-2011-4321
MLIST:[oss-security] 20111121 CVE-request: LabWiki <= 1.1 Multiple Vulnerabilities CVE-2011-4333 CVE-2011-4334
MLIST:[oss-security] 20111121 Re: CVE-request: Contao 2.10.1 Cross-site scripting vulnerability CVE-2011-4335
MLIST:[oss-security] 20111121 Re: Fwd: Support Incident Tracker <= 3.65 (translate.php) Remote Code Execution Vulnerability CVE-2011-4337 CVE-2011-5075
MLIST:[oss-security] 20111121 Re: Fwd: XSS vulnerability in Joomla 1.6.3 CVE-2011-4332
MLIST:[oss-security] 20111121 Re: Fwd: XSS vulnerability in Joomla 1.6.3 - CVE-2011-2710 / CVE-2011-2708 issue CVE-2011-2710
MLIST:[oss-security] 20111122 CVE-request: Contao 2.10.1 Cross-site scripting vulnerability CVE-2011-4335
MLIST:[oss-security] 20111122 Fwd: Wordpress plugin BackWPup Remote and Local Code Execution Vulnerability - SOS-11-003 CVE-2011-4342
MLIST:[oss-security] 20111122 RE: Fwd: Wordpress plugin BackWPup Remote and Local Code Execution Vulnerability - SOS-11-003 CVE-2011-4342
MLIST:[oss-security] 20111122 Re: CVE-request: Symphony CMS Multiple Cross-Site Scripting and SQL Injection Vulnerabilities (NS-11-008) CVE-2011-4340 CVE-2011-4341
MLIST:[oss-security] 20111123 CVE request: jenkins CVE-2011-4344
MLIST:[oss-security] 20111123 Re: CVE request: jenkins CVE-2011-4344
MLIST:[oss-security] 20111125 Re: CVE Request: colord sql injections CVE-2011-4349
MLIST:[oss-security] 20111130 CVE request: Proc::ProcessTable perl module CVE-2011-4363
MLIST:[oss-security] 20111130 Re: CVE request: Proc::ProcessTable perl module CVE-2011-4363
MLIST:[oss-security] 20111207 Disputing CVE-2011-4122 CVE-2011-4122 CVE-2011-5054
MLIST:[oss-security] 20111208 Re: Disputing CVE-2011-4122 CVE-2011-4122 CVE-2011-5054
MLIST:[oss-security] 20111209 CVE request: Pidgin crash CVE-2011-4601
MLIST:[oss-security] 20111210 Re: CVE request: Pidgin crash CVE-2011-4601
MLIST:[oss-security] 20111212 CVE request: putty does not wipe keyboard-interactive replies from memory after authentication CVE-2011-4607
MLIST:[oss-security] 20111212 Re: CVE request: putty does not wipe keyboard-interactive replies from memory after authentication CVE-2011-4607
MLIST:[oss-security] 20111216 TYPO3 typo3-core-sa-2011-004 CVE-2011-4614
MLIST:[oss-security] 20111218 CVE for HTML-Template-Pro 0.9506 XSS CVE-2011-4616
MLIST:[oss-security] 20111219 Re: CVE-request: WordPress advanced-text-widget XSS advancedtext.php?page= CVE-2011-4618
MLIST:[oss-security] 20111224 CVE-request 2006: Joomla Web Link Submission title Parameter SQL injection CVE-2006-7247
MLIST:[oss-security] 20111224 Re: CVE-request 2006: Joomla Web Link Submission title Parameter SQL injection CVE-2006-7247
MLIST:[oss-security] 20111224 Re: Disputing CVE-2011-4122 CVE-2011-5054
MLIST:[oss-security] 20111225 CVE-request for three 2009 Joomla issues (second part) CVE-2011-4909 CVE-2011-4910 CVE-2011-4911
MLIST:[oss-security] 20111225 Re: CVE-request for three 2009 Joomla issues CVE-2011-4908
MLIST:[oss-security] 20111225 Re: CVE-request for three 2009 Joomla issues (second part) CVE-2011-4909 CVE-2011-4910 CVE-2011-4911
MLIST:[oss-security] 20111226 Re: Disputing CVE-2011-4122 CVE-2011-5054
MLIST:[oss-security] 20111228 Re: Disputing CVE-2011-4122 CVE-2011-5054
MLIST:[oss-security] 20111231 Re: CVE-request: Elxis CMS two XSS-vulnerabilities CVE-2011-4918
MLIST:[oss-security] 20120102 Re: Disputing CVE-2011-4122 CVE-2011-5054
MLIST:[oss-security] 20120103 CVE request: maradns hash table collision cpu dos CVE-2011-5055 CVE-2012-0024
MLIST:[oss-security] 20120103 Re: CVE request: libfpx "Free_All_Memory()" Double-Free Vulnerability CVE-2012-0025
MLIST:[oss-security] 20120103 Re: CVE request: maradns hash table collision cpu dos CVE-2011-5055 CVE-2012-0024
MLIST:[oss-security] 20120104 Re: CVE-request: Multiple e107 vulnerabilities CVE-2011-4920 CVE-2011-4921
MLIST:[oss-security] 20120105 CVE-request: WordPress plugin Adminimize XSS CVE-2011-4926
MLIST:[oss-security] 20120105 Re: CVE-request: WordPress plugin Adminimize XSS CVE-2011-4926
MLIST:[oss-security] 20120106 CVE request: redmine issues CVE-2011-4927 CVE-2011-4928 CVE-2011-4929
MLIST:[oss-security] 20120106 Re: CVE request: redmine issues CVE-2011-4927 CVE-2011-4928 CVE-2011-4929
MLIST:[oss-security] 20120106 Re: CVE-request: WordPress SQL injection and arbitrary code injection (2003) CVE-2003-1599
MLIST:[oss-security] 20120106 Re: CVE-request: WordPress SQL injection and arbitrary code injection (2003) CVE-2003-1598
MLIST:[oss-security] 20120107 CVE request for OpenTTD CVE-2012-0048
MLIST:[oss-security] 20120110 CVE-2012-0207 kernel: igmp: Avoid zero delay when receiving odd mixture of IGMP queries CVE-2012-0207
MLIST:[oss-security] 20120110 glib2 hash dos oCert-2011-003 CVE-2012-0039
MLIST:[oss-security] 20120113 CVE affected for PHP 5.3.9 ? CVE-2012-0057
MLIST:[oss-security] 20120113 Re: CVE affected for PHP 5.3.9 ? CVE-2012-0057
MLIST:[oss-security] 20120113 Re: CVE request for OpenTTD CVE-2012-0048
MLIST:[oss-security] 20120114 Re: CVE affected for PHP 5.3.9 ? CVE-2012-0057
MLIST:[oss-security] 20120115 CVE-request: NGS00109 remote code execution in ImpressPages CMS CVE-2011-4932
MLIST:[oss-security] 20120115 Re: CVE affected for PHP 5.3.9 ? CVE-2012-0057
MLIST:[oss-security] 20120117 CVE-request: golismero symlink vulnerability CVE-2012-0054
MLIST:[oss-security] 20120117 Re: CVE affected for PHP 5.3.9 ? CVE-2012-0057
MLIST:[oss-security] 20120117 Re: CVE-request: golismero symlink vulnerability CVE-2012-0054
MLIST:[oss-security] 20120118 CVE request - Batavi 1.2.1 Fixes Blind SQL Injection vulnerability in boxToReload parameter of ajax.php CVE-2012-0069
MLIST:[oss-security] 20120118 Re: CVE-request: NGS00109 remote code execution in ImpressPages CMS CVE-2011-4932
MLIST:[oss-security] 20120119 Re: CVE request - Batavi 1.2.1 Fixes Blind SQL Injection CVE-2012-0069
MLIST:[oss-security] 20120119 Re: CVE request: Jenkins CVE-2012-0785
MLIST:[oss-security] 20120120 CVE Request -- Asterisk AST-2012-001 / Remote DoS while processing crypto line for media stream with non-existing RTP CVE-2012-0885
MLIST:[oss-security] 20120120 Re: CVE Request -- Asterisk AST-2012-001 / Remote DoS while processing crypto line for media stream with non-existing RTP CVE-2012-0885
MLIST:[oss-security] 20120120 Re: CVE request: simpleSAMLphp 1.8.2 cross site scripting CVE-2012-0040 CVE-2012-0908
MLIST:[oss-security] 20120121 Re: Re: CVE Request -- Horde IMP -- Multiple XSS flaws CVE-2012-0909
MLIST:[oss-security] 20120123 Re: CVE request: spamdyke buffer overflow vulnerability CVE-2012-0802
MLIST:[oss-security] 20120124 CVE requests: Suhosin extension / as31 CVE-2012-0807 CVE-2012-0808
MLIST:[oss-security] 20120124 Re: CVE requests: Suhosin extension / as31 CVE-2012-0807 CVE-2012-0808
MLIST:[oss-security] 20120125 Fwd Joomla! Security News 2012-01 CVE-2012-0819 CVE-2012-0820 CVE-2012-0821 CVE-2012-0822
MLIST:[oss-security] 20120125 Re: Fwd Joomla! Security News 2012-01 CVE-2012-0819 CVE-2012-0820 CVE-2012-0821 CVE-2012-0822
MLIST:[oss-security] 20120126 CVE request: PostfixAdmin SQL injections and XSS CVE-2012-0811
MLIST:[oss-security] 20120126 Re: Fwd Joomla! Security News 2012-01 CVE-2012-0819 CVE-2012-0820 CVE-2012-0821 CVE-2012-0822
MLIST:[oss-security] 20120127 Re: CVE request: PostfixAdmin SQL injections and XSS CVE-2012-0811
MLIST:[oss-security] 20120128 (maybe) CVE request: libvpx before 1.0 crasher CVE-2012-0823
MLIST:[oss-security] 20120129 Re: (maybe) CVE request: libvpx before 1.0 crasher CVE-2012-0823
MLIST:[oss-security] 20120129 Re: Fwd Joomla! Security News 2012-01 CVE-2012-0819 CVE-2012-0820 CVE-2012-0821 CVE-2012-0822
MLIST:[oss-security] 20120201 Re: CVE Requests for FFmpeg 0.9.1 CVE-2012-0847 CVE-2012-0848 CVE-2012-0849 CVE-2012-0850 CVE-2012-0854 CVE-2012-0855 CVE-2012-0856 CVE-2012-0857
MLIST:[oss-security] 20120202 Re: XSS hiding CSRF (was: Re: Mibew messenger multiple XSS) CVE-2012-0829
MLIST:[oss-security] 20120203 CVE-request: Joomla! Security News 2012-02-03 CVE-2012-0835 CVE-2012-0836 CVE-2012-0837
MLIST:[oss-security] 20120203 Re: CVE-request: Joomla! Security News 2012-02-03 CVE-2012-0835 CVE-2012-0836 CVE-2012-0837
MLIST:[oss-security] 20120208 CVE request: apr - Hash DoS vulnerability CVE-2012-0840
MLIST:[oss-security] 20120208 Re: CVE request: apr - Hash DoS vulnerability CVE-2012-0840
MLIST:[oss-security] 20120212 CubeCart 3.0.20 (3.0.x) and lower | Open URL Redirection Vulnerability CVE-2012-0865
MLIST:[oss-security] 20120213 Re: CVE Request -- python (SimpleXMLRPCServer): DoS (excessive CPU usage) via malformed XML-RPC / HTTP POST request CVE-2012-0845
MLIST:[oss-security] 20120213 Re: CubeCart 3.0.20 (3.0.x) and lower | Open URL Redirection Vulnerability CVE-2012-0865
MLIST:[oss-security] 20120214 Re: CVE Requests for FFmpeg 0.9.1 CVE-2012-0847 CVE-2012-0848 CVE-2012-0849 CVE-2012-0850 CVE-2012-0851 CVE-2012-0852 CVE-2012-0853 CVE-2012-0854 CVE-2012-0855 CVE-2012-0856 CVE-2012-0857 CVE-2012-0858 CVE-2012-0859
MLIST:[oss-security] 20120217 Re: CubeCart 3.0.20 (3.0.x) and lower | Open URL Redirection Vulnerability CVE-2012-0865
MLIST:[oss-security] 20120218 TORCS 1.3.2 xml buffer overflow - CVE-2012-1189 CVE-2012-1189
MLIST:[oss-security] 20120220 Re: Dolphin 7.0.7 <= Multiple Cross Site Scripting Vulnerabilities CVE-2012-0873
MLIST:[oss-security] 20120220 Re: OxWall 1.1.1 <= Multiple Cross Site Scripting Vulnerabilities CVE-2012-0872
MLIST:[oss-security] 20120220 Re: Vulnerabilitites in Debian F*EX <= 20100208 and F*EX 20111129-2. CVE-2012-0869 CVE-2012-1293
MLIST:[oss-security] 20120220 Vulnerabilitites in Debian F*EX <= 20100208 and F*EX 20111129-2. CVE-2012-0869 CVE-2012-1293
MLIST:[oss-security] 20120221 Dolphin 7.0.7 <= Multiple Cross Site Scripting Vulnerabilities CVE-2012-0873
MLIST:[oss-security] 20120221 OxWall 1.1.1 <= Multiple Cross Site Scripting Vulnerabilities CVE-2012-0872
MLIST:[oss-security] 20120223 Re: Vulnerabilitites in Debian F*EX <= 20100208 and F*EX 20111129-2. CVE-2012-0869 CVE-2012-1293
MLIST:[oss-security] 20120227 CVE Status Clarification / Request -- kadu: Stored XSS by parsing contact's status and sms messages in history CVE-2012-1410
MLIST:[oss-security] 20120227 CVE request: openssl: null pointer dereference issue CVE-2006-7250
MLIST:[oss-security] 20120227 Case YVS Image Gallery CVE-2012-1564
MLIST:[oss-security] 20120227 Re: Case YVS Image Gallery CVE-2012-1564 CVE-2012-5304
MLIST:[oss-security] 20120227 Re: Re: CVE Status Clarification / Request -- kadu: Stored XSS by parsing contact's status and sms messages in history CVE-2012-1410
MLIST:[oss-security] 20120228 Re: CVE request: openssl: null pointer dereference issue CVE-2006-7250
MLIST:[oss-security] 20120302 CVE Request -- Ruby on Rails (v3.0.12) / rubygem-actionpack: Two XSS flaws CVE-2012-1098 CVE-2012-1099
MLIST:[oss-security] 20120302 Re: CVE Request -- Ruby on Rails (v3.0.12) / rubygem-actionpack: Two XSS flaws CVE-2012-1098 CVE-2012-1099
MLIST:[oss-security] 20120304 CVE request: notmuch CVE-2012-1103
MLIST:[oss-security] 20120304 Re: CVE request: notmuch CVE-2012-1103
MLIST:[oss-security] 20120305 CVE Request: lightdm CVE-2012-1111
MLIST:[oss-security] 20120305 Re: CVE Request: lightdm CVE-2012-1111
MLIST:[oss-security] 20120305 Re: Etano 1.x <= Multiple Cross Site Scripting Vulnerabilities CVE-2012-1110
MLIST:[oss-security] 20120305 Re: Open-Realty CMS 2.5.8 (2.x.x) <= "select_users_template" Local File Inclusion Vulnerability CVE-2012-1112
MLIST:[oss-security] 20120305 Re: TORCS 1.3.2 xml buffer overflow - CVE-2012-1189 CVE-2012-1189
MLIST:[oss-security] 20120306 CVE-request: Joomla! Security News 2012-03 CVE-2012-1116 CVE-2012-1117
MLIST:[oss-security] 20120306 CVE-request: Kish Guest Posting Plugin for WordPress File Upload Remote PHP Code Execution CVE-2012-1125
MLIST:[oss-security] 20120306 Etano 1.x <= Multiple Cross Site Scripting Vulnerabilities CVE-2012-1110
MLIST:[oss-security] 20120306 Open-Realty CMS 2.5.8 (2.x.x) <= "select_users_template" Local File Inclusion Vulnerability CVE-2012-1112
MLIST:[oss-security] 20120306 Re: CVE-request: Joomla! Security News 2012-03 CVE-2012-1116 CVE-2012-1117
MLIST:[oss-security] 20120306 Re: CVE-request: Kish Guest Posting Plugin for WordPress File Upload Remote PHP Code Execution CVE-2012-1125
MLIST:[oss-security] 20120308 CVE-request: Parallels Plesk Panel admin/plib/api-rpc/Agent.php Unspecified SQL Injection CVE-2012-1557
MLIST:[oss-security] 20120308 CVE-request: phpMyFAQ index.php URI XSS CVE-2010-4821
MLIST:[oss-security] 20120308 Re: CVE-request: Kish Guest Posting Plugin for WordPress File Upload Remote PHP Code Execution CVE-2012-1125 CVE-2012-5318
MLIST:[oss-security] 20120308 Re: CVE-request: phpMyFAQ index.php URI XSS CVE-2010-4821
MLIST:[oss-security] 20120309 CVE-request: appRain CMF uploadify.php File Upload Remote PHP Code Execution CVE-2012-1153
MLIST:[oss-security] 20120309 Re: CVE-request: appRain CMF uploadify.php File Upload Remote PHP Code Execution CVE-2012-1153
MLIST:[oss-security] 20120312 Re: CVE request: openssl: null pointer dereference issue CVE-2012-1165
MLIST:[oss-security] 20120313 Re: CVE request for PHP 5.3.x Corrupted $_FILES indices lead to security concern CVE-2012-1172
MLIST:[oss-security] 20120315 CVE Requests CVE-2012-1671
MLIST:[oss-security] 20120315 Re: CVE Requests CVE-2012-1671
MLIST:[oss-security] 20120316 CVE-request: Drupal Finder SA-CONTRIB-2012-017 CVE-2012-1561 CVE-2012-1641 CVE-2012-6645
MLIST:[oss-security] 20120318 Re: CVE request: piwik before 1.6 CVE-2011-4941
MLIST:[oss-security] 20120319 CVE request: eZ Publish: insecure direct object reference CVE-2012-1565
MLIST:[oss-security] 20120319 Re: CVE request: eZ Publish: insecure direct object reference CVE-2012-1565
MLIST:[oss-security] 20120319 Re: CVE request: piwik before 1.6 CVE-2011-4941
MLIST:[oss-security] 20120319 Re: CVE-request: Drupal Finder SA-CONTRIB-2012-017 CVE-2012-1561 CVE-2012-1641 CVE-2012-6645
MLIST:[oss-security] 20120319 Re: Case YVS Image Gallery CVE-2012-1564 CVE-2012-5304
MLIST:[oss-security] 20120320 CVE request: libtasn1 "asn1_get_length_der()" DER decoding issue CVE-2012-1569
MLIST:[oss-security] 20120320 Re: CVE request: libtasn1 "asn1_get_length_der()" DER decoding issue CVE-2012-1569
MLIST:[oss-security] 20120321 CVE request: GnuTLS TLS record handling issue / MU-201202-01 CVE-2012-1573
MLIST:[oss-security] 20120321 CVE-2012-1162 / -1163: Incorrect loop construct and numeric overflow in libzip CVE-2012-1162 CVE-2012-1163
MLIST:[oss-security] 20120321 Re: CVE request: GnuTLS TLS record handling issue / MU-201202-01 CVE-2012-1569 CVE-2012-1573
MLIST:[oss-security] 20120321 atheme.org Security Advisory ASA-2012-03-01: Improper cleanup of CertFP entries may result in undefined behaviour CVE-2012-1576
MLIST:[oss-security] 20120322 MediaWiki security and maintenance release 1.18.2 CVE-2012-1582 CVE-2012-4885
MLIST:[oss-security] 20120322 Re: atheme.org Security Advisory ASA-2012-03-01: Improper cleanup of CertFP entries may result in undefined behaviour CVE-2012-1576
MLIST:[oss-security] 20120323 CVE Request: Geeklog 1.7.1 <= Cross Site Scripting Vulnerability CVE-2011-4942
MLIST:[oss-security] 20120323 CVE-request: MyBB 1.6 <= SQL Injection CVE-2010-5096
MLIST:[oss-security] 20120323 CVE-request: OpenKM 5.1.7 Privilege Escalation / OS Command Execution (XSRF based) CVE-2012-2315 CVE-2012-2316
MLIST:[oss-security] 20120323 CVEs for MediaWiki security and maintenance release 1.18.2 CVE-2012-1582 CVE-2012-4885
MLIST:[oss-security] 20120323 Re: CVE-request: OpenKM 5.1.7 Privilege Escalation / OS Command Execution (XSRF based) CVE-2012-2315 CVE-2012-2316
MLIST:[oss-security] 20120325 Re: CVE-request: MyBB 1.6 <= SQL Injection CVE-2010-5096
MLIST:[oss-security] 20120328 CVE-request: e107 HTB23004 CVE-2011-4946 CVE-2011-4947
MLIST:[oss-security] 20120328 Re: CVE request: egroupware before 1.8.002 various security issues CVE-2011-4948 CVE-2011-4949 CVE-2011-4950 CVE-2011-4951
MLIST:[oss-security] 20120328 Re: CVE-request: Joomla 20120305 / 20120306 CVE-2012-1598 CVE-2012-1599
MLIST:[oss-security] 20120328 Re: CVE-request: e107 HTB23004 CVE-2011-4946 CVE-2011-4947
MLIST:[oss-security] 20120329 CVE-request: NextBBS 0.6.0 waraxe-2012-SA#080 CVE-2012-1602 CVE-2012-1603 CVE-2012-1604
MLIST:[oss-security] 20120329 Re: CVE request: TYPO3-CORE-SA-2012-001 CVE-2012-1605 CVE-2012-1606 CVE-2012-1607 CVE-2012-1608
MLIST:[oss-security] 20120329 Re: CVE request: egroupware before 1.8.002 various security issues CVE-2011-4948 CVE-2011-4949 CVE-2011-4950 CVE-2011-4951
MLIST:[oss-security] 20120329 Re: CVE-2012-1162 / -1163: Incorrect loop construct and numeric overflow in libzip CVE-2012-1162 CVE-2012-1163
MLIST:[oss-security] 20120329 Re: CVE-request: NextBBS 0.6.0 waraxe-2012-SA#080 CVE-2012-1602 CVE-2012-1603 CVE-2012-1604
MLIST:[oss-security] 20120330 CVE-request: Coppermine 1.5.18 waraxe-2012-SA#081 CVE-2012-1613 CVE-2012-1614
MLIST:[oss-security] 20120330 Re: CVE-request: Coppermine 1.5.18 waraxe-2012-SA#081 CVE-2012-1613 CVE-2012-1614
MLIST:[oss-security] 20120402 CVE request: OSClass directory traversal vulnerability CVE-2012-1617
MLIST:[oss-security] 20120402 Re: CVE request: OSClass directory traversal vulnerability CVE-2012-1617
MLIST:[oss-security] 20120403 CVE-request: Joomla 2012-04 398-20120307 399-20120308 CVE-2012-1611 CVE-2012-1612
MLIST:[oss-security] 20120403 Re: CVE request: OSClass directory traversal vulnerability CVE-2012-1617
MLIST:[oss-security] 20120403 Re: CVE-request: Coppermine 1.5.18 waraxe-2012-SA#081 CVE-2012-1613 CVE-2012-1614
MLIST:[oss-security] 20120403 Re: CVE-request: Joomla 2012-04 398-20120307 399-20120308 CVE-2012-1611 CVE-2012-1612
MLIST:[oss-security] 20120404 CVE-2012-1610 assignment notification: ImageMagick insufficient patch for CVE-2012-0259 CVE-2012-1610
MLIST:[oss-security] 20120404 Re: CVE request: OSClass directory traversal vulnerability CVE-2012-1617
MLIST:[oss-security] 20120406 CVE's for Drupal Contrib 2012 001 through 057 (67 new CVE assignments) CVE-2012-1561 CVE-2012-1623 CVE-2012-1624 CVE-2012-1625 CVE-2012-1626 CVE-2012-1627 CVE-2012-1628 CVE-2012-1629 CVE-2012-1630 CVE-2012-1631 CVE-2012-1632 CVE-2012-1633 CVE-2012-1634 CVE-2012-1635 CVE-2012-1636 CVE-2012-1638 CVE-2012-1639 CVE-2012-1640 CVE-2012-1641 CVE-2012-1642 CVE-2012-1643 CVE-2012-1644 CVE-2012-1645 CVE-2012-1646 CVE-2012-1647 CVE-2012-1648 CVE-2012-1649 CVE-2012-1650 CVE-2012-1651 CVE-2012-1652 CVE-2012-1653 CVE-2012-1654 CVE-2012-1655 CVE-2012-1656 CVE-2012-1657 CVE-2012-1658 CVE-2012-1659 CVE-2012-1660 CVE-2012-2056 CVE-2012-2057 CVE-2012-2058 CVE-2012-2059 CVE-2012-2060 CVE-2012-2061 CVE-2012-2062 CVE-2012-2063 CVE-2012-2064 CVE-2012-2065 CVE-2012-2066 CVE-2012-2067 CVE-2012-2068 CVE-2012-2069 CVE-2012-2070 CVE-2012-2071 CVE-2012-2072 CVE-2012-2073 CVE-2012-2074 CVE-2012-2075 CVE-2012-2076 CVE-2012-2077 CVE-2012-2080 CVE-2012-2081 CVE-2012-2082 CVE-2012-2083 CVE-2012-2084 CVE-2012-5007 CVE-2012-5233 CVE-2012-6645
MLIST:[oss-security] 20120410 Re: CVE's for Drupal Contrib 2012 001 through 057 (67 new CVE assignments) CVE-2012-2296
MLIST:[oss-security] 20120411 CVE Request for Drupal Contributed Advisories on 2012-04-11 CVE-2012-2096 CVE-2012-2097
MLIST:[oss-security] 20120411 Re: CVE Request for Drupal Contributed Advisories on 2012-04-11 CVE-2012-2096 CVE-2012-2097
MLIST:[oss-security] 20120412 CVE-request: Wikidforum 2.10 multiple XSS and SQL-injection vulnerabilities SSCHADV2012-005 CVE-2012-2099
MLIST:[oss-security] 20120412 Re: CVE-request: Wikidforum 2.10 multiple XSS and SQL-injection vulnerabilities SSCHADV2012-005 CVE-2012-2099 CVE-2012-6520
MLIST:[oss-security] 20120413 Re: CVE request: mysql: Server crash on HANDLER READ NEXT after DELETE CVE-2012-2102
MLIST:[oss-security] 20120413 Re: CVE-request: Wikidforum 2.10 multiple XSS and SQL-injection vulnerabilities SSCHADV2012-005 CVE-2012-6520
MLIST:[oss-security] 20120415 CVE-request: WordPress BuddyPress-plugin SQL-injection 1.5.4 CVE-2012-2109
MLIST:[oss-security] 20120415 Re: CVE-request: Wikidforum 2.10 multiple XSS and SQL-injection vulnerabilities SSCHADV2012-005 CVE-2012-6520
MLIST:[oss-security] 20120416 CVE Request (minor) -- Two Munin graphing framework flaws CVE-2012-4678
MLIST:[oss-security] 20120416 CVE-request: Timesheet Next Gen 1.5.2 Multiple SQLi CVE-2012-2105
MLIST:[oss-security] 20120416 CVE-request: WordPress-plugin bSuite <=4.0.7 permanent XSS CVE-2011-4955
MLIST:[oss-security] 20120416 Re: CVE Request (minor) -- Two Munin graphing framework flaws CVE-2012-4678
MLIST:[oss-security] 20120416 Re: CVE-request: Timesheet Next Gen 1.5.2 Multiple SQLi CVE-2012-2105
MLIST:[oss-security] 20120416 Re: CVE-request: WordPress BuddyPress-plugin SQL-injection 1.5.4 CVE-2012-2109
MLIST:[oss-security] 20120416 Re: CVE-request: WordPress-plugin bSuite <=4.0.7 permanent XSS CVE-2011-4955
MLIST:[oss-security] 20120417 CVE-request: OpenEMR 4.1.0 SQL-injection CVE-2012-2115
MLIST:[oss-security] 20120417 CVE-request: TYPO3-CORE-SA-2012-002 XSS in TYPO3 Core CVE-2012-2112
MLIST:[oss-security] 20120417 Re: CVE Request (minor) -- Two Munin graphing framework flaws CVE-2012-4678
MLIST:[oss-security] 20120417 Re: CVE-request: TYPO3-CORE-SA-2012-002 XSS in TYPO3 Core CVE-2012-2112
MLIST:[oss-security] 20120418 CVE Request for Drupal Contributed Advisories on 2012-04-18 CVE-2012-2116 CVE-2012-2117
MLIST:[oss-security] 20120418 Re: Bug#668667: CVE Request (minor) -- Two Munin graphing framework flaws CVE-2012-4678
MLIST:[oss-security] 20120418 Re: CVE Request (minor) -- Two Munin graphing framework flaws CVE-2012-4678
MLIST:[oss-security] 20120418 Re: CVE Request for Drupal Contributed Advisories on 2012-04-18 CVE-2012-2116 CVE-2012-2117
MLIST:[oss-security] 20120418 Re: CVE-request: OpenEMR 4.1.0 SQL-injection CVE-2012-2115
MLIST:[oss-security] 20120418 Re: Stack-based buffer overflow in musl libc 0.8.7 and earlier CVE-2012-2114
MLIST:[oss-security] 20120418 Stack-based buffer overflow in musl libc 0.8.7 and earlier CVE-2012-2114
MLIST:[oss-security] 20120419 CVE request: latex2man / texlive CVE-2012-2120
MLIST:[oss-security] 20120419 Re: CVE request: latex2man / texlive CVE-2012-2120
MLIST:[oss-security] 20120419 Re: CVE-request: WordPress 3.1.1 CVE-2011-4956 CVE-2011-4957
MLIST:[oss-security] 20120419 Re: [Packaging] Bug#668667: CVE Request (minor) -- Two Munin graphing framework flaws CVE-2012-4678
MLIST:[oss-security] 20120420 Re: CVE Request -- rubygems: Two security fixes in upstream v1.8.23 version CVE-2012-2125 CVE-2012-2126
MLIST:[oss-security] 20120422 CVE Request -- DokuWiki: XSS and CSRF due improper escaping of 'target' parameter in preprocessing edit form data CVE-2012-2128
MLIST:[oss-security] 20120422 Re: CVE Request -- DokuWiki: XSS and CSRF due improper escaping of 'target' parameter in preprocessing edit form data CVE-2012-2128
MLIST:[oss-security] 20120424 Re: OpenSSL ASN1 BIO vulnerability (CVE-2012-2110) CVE-2012-2131
MLIST:[oss-security] 20120425 CVE request: two flaws fixed in rubygem-mail 2.4.4 CVE-2012-2139 CVE-2012-2140
MLIST:[oss-security] 20120425 Re: CVE request: two flaws fixed in rubygem-mail 2.4.4 CVE-2012-2139 CVE-2012-2140
MLIST:[oss-security] 20120427 Re: Bug#668667: CVE Request (minor) -- Two Munin graphing framework flaws CVE-2012-4678
MLIST:[oss-security] 20120427 Re: CVE-request: OpenKM 5.1.7 Privilege Escalation / OS Command Execution (XSRF based) CVE-2012-2315 CVE-2012-2316
MLIST:[oss-security] 20120429 Re: Bug#668667: CVE Request (minor) -- Two Munin graphing framework flaws CVE-2012-4678
MLIST:[oss-security] 20120430 CVE request: spip before 1.9.2.o, 2.0.18 and 2.1.13 multiple XSS CVE-2012-2151
MLIST:[oss-security] 20120430 CVE-request: SilverStripe before 2.4.4 CVE-2010-4822 CVE-2010-4823 CVE-2010-4824 CVE-2010-5078 CVE-2010-5079 CVE-2010-5080 CVE-2010-5087 CVE-2010-5088 CVE-2010-5089 CVE-2010-5090 CVE-2010-5091 CVE-2010-5092 CVE-2010-5093 CVE-2010-5094 CVE-2010-5095 CVE-2010-5187 CVE-2011-4959 CVE-2011-4960 CVE-2011-4961 CVE-2011-4962 CVE-2012-4968
MLIST:[oss-security] 20120430 Re: CVE-request: SilverStripe before 2.4.4 CVE-2010-4822 CVE-2010-4823 CVE-2010-4824 CVE-2010-5078 CVE-2010-5079 CVE-2010-5080 CVE-2010-5087 CVE-2010-5088 CVE-2010-5089 CVE-2010-5090 CVE-2010-5091 CVE-2010-5092 CVE-2010-5093 CVE-2010-5094 CVE-2010-5095 CVE-2010-5187 CVE-2011-4959 CVE-2011-4960 CVE-2011-4961 CVE-2011-4962 CVE-2012-0976 CVE-2012-4968
MLIST:[oss-security] 20120501 Re: CVE request: spip before 1.9.2.o, 2.0.18 and 2.1.13 multiple XSS CVE-2012-2151
MLIST:[oss-security] 20120501 Re: CVE-request: SilverStripe before 2.4.4 CVE-2010-4822 CVE-2010-4823 CVE-2010-4824 CVE-2010-5078 CVE-2010-5079 CVE-2010-5080 CVE-2010-5087 CVE-2010-5088 CVE-2010-5089 CVE-2010-5090 CVE-2010-5091 CVE-2010-5092 CVE-2010-5093 CVE-2010-5094 CVE-2010-5095 CVE-2010-5187 CVE-2010-5188
MLIST:[oss-security] 20120502 CVE Request for Drupal contributed modules CVE-2012-2154 CVE-2012-2155 CVE-2012-2296 CVE-2012-2297 CVE-2012-2298 CVE-2012-2299 CVE-2012-2300 CVE-2012-2301 CVE-2012-2302 CVE-2012-2303 CVE-2012-2304 CVE-2012-2305 CVE-2012-2306 CVE-2012-2307 CVE-2012-2308 CVE-2012-2309 CVE-2012-2310
MLIST:[oss-security] 20120502 CVE Request: dhcpcd 3.2.3 remote stack overflow / denial of service CVE-2012-2152
MLIST:[oss-security] 20120502 Re: CVE Request for Drupal contributed modules CVE-2012-2154 CVE-2012-2155 CVE-2012-2296 CVE-2012-2297 CVE-2012-2298 CVE-2012-2299 CVE-2012-2300 CVE-2012-2301 CVE-2012-2302 CVE-2012-2303 CVE-2012-2304 CVE-2012-2305 CVE-2012-2306 CVE-2012-2307 CVE-2012-2308 CVE-2012-2309 CVE-2012-2310
MLIST:[oss-security] 20120502 Re: CVE Request: dhcpcd 3.2.3 remote stack overflow / denial of service CVE-2012-2152
MLIST:[oss-security] 20120502 temporary file issue in Config::IniFiles Config-IniFiles perl-Config-IniFiles CVE-2012-2451
MLIST:[oss-security] 20120503 Security issue in libav/ffmpeg CVE-2012-0947
MLIST:[oss-security] 20120504 CVE Request -- anaconda: Weak permissions by writing password configuration file in bootloader configuration module CVE-2012-2314
MLIST:[oss-security] 20120504 Debian/Ubuntu php_crypt_revamped.patch CVE-2012-2317
MLIST:[oss-security] 20120504 Re: CVE Request -- anaconda: Weak permissions by writing password configuration file in bootloader configuration module CVE-2012-2314
MLIST:[oss-security] 20120504 Re: CVE-request: OpenKM 5.1.7 Privilege Escalation / OS Command Execution (XSRF based) CVE-2012-2315 CVE-2012-2316
MLIST:[oss-security] 20120505 Re: Debian/Ubuntu php_crypt_revamped.patch CVE-2012-2317
MLIST:[oss-security] 20120507 CVE request: mybb before 1.6.7 CVE-2012-2324 CVE-2012-2325 CVE-2012-2326 CVE-2012-2327
MLIST:[oss-security] 20120507 Re: CVE request: mybb before 1.6.7 CVE-2012-2324 CVE-2012-2325 CVE-2012-2326 CVE-2012-2327
MLIST:[oss-security] 20120507 Re: connman heads up / CVE requests CVE-2012-2320 CVE-2012-2321 CVE-2012-2322
MLIST:[oss-security] 20120507 connman heads up / CVE requests CVE-2012-2320 CVE-2012-2321 CVE-2012-2322
MLIST:[oss-security] 20120508 CVE request: XSS and SQL injection in serendipity before 1.7.1 CVE-2012-2331 CVE-2012-2332
MLIST:[oss-security] 20120508 CVE-request: MyBB before 1.6.1 CVE-2010-5096
MLIST:[oss-security] 20120508 Re: CVE request: XSS and SQL injection in serendipity before 1.7.1 CVE-2012-2331 CVE-2012-2332
MLIST:[oss-security] 20120508 Re: CVE-request: MyBB before 1.6.1 CVE-2010-5096
MLIST:[oss-security] 20120509 CVE-2012-0862 assignment notification: xinetd enables unintentional services over tcpmux port CVE-2012-0862
MLIST:[oss-security] 20120510 Re: CVE-request: TYPO3 TYPO3-SA-2010-022 still without CVE CVE-2010-5097 CVE-2010-5098 CVE-2010-5099 CVE-2010-5100 CVE-2010-5101 CVE-2010-5102 CVE-2010-5103 CVE-2010-5104
MLIST:[oss-security] 20120510 CVE Request for Drupal contributed modules - 2012-05-10 CVE-2012-2339 CVE-2012-2340 CVE-2012-2341
MLIST:[oss-security] 20120510 CVE-request: galette sql injection CVE-2012-2338
MLIST:[oss-security] 20120510 Re: CVE Request for Drupal contributed modules - 2012-05-10 CVE-2012-2339 CVE-2012-2340 CVE-2012-2341
MLIST:[oss-security] 20120510 Re: CVE-2012-0862 assignment notification: xinetd enables unintentional services over tcpmux port CVE-2012-0862
MLIST:[oss-security] 20120510 Re: CVE-request: galette sql injection CVE-2012-2338
MLIST:[oss-security] 20120511 CVE request: mahara CVE-2012-2351
MLIST:[oss-security] 20120511 CVE request: sympa (try again) CVE-2012-2352
MLIST:[oss-security] 20120511 CVE-2012-1597: XSS in eZ Publish CVE-2012-1597
MLIST:[oss-security] 20120511 CVE-request: TYPO3 TYPO3-SA-2010-022 still without CVE CVE-2010-5097 CVE-2010-5098 CVE-2010-5099 CVE-2010-5100 CVE-2010-5101 CVE-2010-5102 CVE-2010-5103 CVE-2010-5104
MLIST:[oss-security] 20120511 Re: CVE request: sympa (try again) CVE-2012-2352
MLIST:[oss-security] 20120512 Re: CVE request: mahara CVE-2012-2351
MLIST:[oss-security] 20120512 Re: CVE request: sympa (try again) CVE-2012-2352
MLIST:[oss-security] 20120512 Re: CVE-request: TYPO3 TYPO3-SA-2010-022 still without CVE CVE-2010-5097 CVE-2010-5098 CVE-2010-5099 CVE-2010-5101 CVE-2010-5102 CVE-2010-5103 CVE-2010-5104
MLIST:[oss-security] 20120514 CVE request: Bytemark Symbiosis CVE-2012-2368
MLIST:[oss-security] 20120514 Re: CVE request: Bytemark Symbiosis CVE-2012-2368
MLIST:[oss-security] 20120514 socat security advisory CVE-2012-0219
MLIST:[oss-security] 20120515 CVE-request: WordPress wp-facethumb plugin reflected XSS vulnerability CVE-2012-2371
MLIST:[oss-security] 20120515 Re: CVE-request: WordPress wp-facethumb plugin reflected XSS vulnerability CVE-2012-2371
MLIST:[oss-security] 20120518 CVE id request: devotee (debian vote engine) cryptographically weak random numbers permit discovery of secret ballot submissions CVE-2012-2387
MLIST:[oss-security] 20120521 Re: CVE id request: devotee (debian vote engine) cryptographically weak random numbers permit discovery of secret ballot submissions CVE-2012-2387
MLIST:[oss-security] 20120522 CVE id request: devotee (debian vote engine) cryptographically weak random numbers permit discovery of secret ballot submissions CVE-2012-2387
MLIST:[oss-security] 20120522 Re: CVE Request -- mosh (and probably vte too): mosh server DoS (long loop) due improper parsing of terminal parameters in terminal dispatcher CVE-2012-2738
MLIST:[oss-security] 20120523 CVE request: haproxy trash buffer overflow flaw CVE-2012-2391 CVE-2012-2942
MLIST:[oss-security] 20120523 Re: CVE request: haproxy trash buffer overflow flaw CVE-2012-2391 CVE-2012-2942
MLIST:[oss-security] 20120524 CVE-2012-2417 - PyCrypto <= 2.5 insecure ElGamal key generation CVE-2012-2417
MLIST:[oss-security] 20120528 Duplicate CVE identifiers (CVE-2012-2391 and CVE-2012-2942) assigned to HAProxy issue CVE-2012-2391 CVE-2012-2942
MLIST:[oss-security] 20120529 CVE id request: Multiple buffer overflow in unixODBC CVE-2012-2657 CVE-2012-2658
MLIST:[oss-security] 20120529 Re: CVE id request: Multiple buffer overflow in unixODBC CVE-2012-2657 CVE-2012-2658
MLIST:[oss-security] 20120530 Re: CVE id request: Multiple buffer overflow in unixODBC CVE-2012-2657 CVE-2012-2658
MLIST:[oss-security] 20120530 ScriptFu Server Buffer Overflow in GIMP <= 2.6 CVE-2012-2763
MLIST:[oss-security] 20120531 Re: CVE id request: Multiple buffer overflow in unixODBC CVE-2012-2657 CVE-2012-2658
MLIST:[oss-security] 20120604 CVE Request -- Symfony / php-symfony-symfony: Session fixation flaw corrected in upstream 1.4.18 version CVE-2012-2667
MLIST:[oss-security] 20120604 Re: CVE Request -- Symfony / php-symfony-symfony: Session fixation flaw corrected in upstream 1.4.18 version CVE-2011-4964
MLIST:[oss-security] 20120605 Re: CVE Request -- Symfony / php-symfony-symfony: Session fixation flaw corrected in upstream 1.4.18 version CVE-2012-2667
MLIST:[oss-security] 20120605 Re: CVE id request: Multiple buffer overflow in unixODBC CVE-2012-2657 CVE-2012-2658
MLIST:[oss-security] 20120605 memory allocator upstream patches CVE-2012-2674 CVE-2012-2675
MLIST:[oss-security] 20120606 Arbitrary File Upload/Execution in Collabtive CVE-2012-2670
MLIST:[oss-security] 20120606 Re: Arbitrary File Upload/Execution in Collabtive CVE-2012-2670
MLIST:[oss-security] 20120607 Re: memory allocator upstream patches CVE-2012-2674 CVE-2012-2675
MLIST:[oss-security] 20120609 Security vulnerability in MySQL/MariaDB sql/password.c CVE-2012-2122
MLIST:[oss-security] 20120613 Re: CVE Request for Drupal contributed modules CVE-2010-2021 CVE-2012-2339 CVE-2012-2340 CVE-2012-2341 CVE-2012-2699 CVE-2012-2700 CVE-2012-2701 CVE-2012-2702 CVE-2012-2703 CVE-2012-2704 CVE-2012-2705 CVE-2012-2706 CVE-2012-2707 CVE-2012-2708 CVE-2012-2709 CVE-2012-2710 CVE-2012-2711 CVE-2012-2712 CVE-2012-2713 CVE-2012-2715 CVE-2012-2717 CVE-2012-2719 CVE-2012-2720 CVE-2012-2721 CVE-2012-2722 CVE-2012-2723 CVE-2012-2725 CVE-2012-2726 CVE-2012-2727 CVE-2012-2728 CVE-2012-2729 CVE-2012-2730 CVE-2012-2731 CVE-2012-2907 CVE-2012-3799 CVE-2012-3800 CVE-2012-3801 CVE-2012-3802
MLIST:[oss-security] 20120614 CVE-2012-3345: symlink attack in ioquake3 >= r1773, < r2253 CVE-2012-3345
MLIST:[oss-security] 20120615 Re: CVE Request -- mosh (and probably vte too): mosh server DoS (long loop) due improper parsing of terminal parameters in terminal dispatcher CVE-2012-2738
MLIST:[oss-security] 20120615 Re: CVE Request for Drupal contributed modules CVE-2012-2339 CVE-2012-2340 CVE-2012-2341 CVE-2012-2699 CVE-2012-2700 CVE-2012-2701
MLIST:[oss-security] 20120616 CVE request: phplist before 2.10.18 XSS and sql injection CVE-2012-2740 CVE-2012-2741
MLIST:[oss-security] 20120616 Re: CVE request: phplist before 2.10.18 XSS and sql injection CVE-2012-2740 CVE-2012-2741
MLIST:[oss-security] 20120619 Re: Joomla! Security News 2012-06-19 CVE-2012-2747 CVE-2012-2748
MLIST:[oss-security] 20120621 Re: mod_security CVE request CVE-2009-5031
MLIST:[oss-security] 20120621 mod_security CVE request CVE-2009-5031
MLIST:[oss-security] 20120624 CVE request: CSRF in eXtplorer CVE-2012-3362
MLIST:[oss-security] 20120624 Re: CVE request: CSRF in eXtplorer CVE-2012-3362
MLIST:[oss-security] 20120626 Re: CVE request: CSRF in eXtplorer CVE-2012-3362
MLIST:[oss-security] 20120626 Re: XXE in Zend CVE-2012-6531
MLIST:[oss-security] 20120626 XXE in Zend CVE-2012-6531
MLIST:[oss-security] 20120627 Re: CVE Request for Drupal contributed modules CVE-2012-2709 CVE-2012-2907
MLIST:[oss-security] 20120627 Re: CVE request: CSRF in eXtplorer CVE-2012-3362
MLIST:[oss-security] 20120627 Re: XXE in Zend CVE-2012-6531
MLIST:[oss-security] 20120630 Re: ScriptFu Server Buffer Overflow in GIMP <= 2.6 CVE-2012-2763
MLIST:[oss-security] 20120702 CVE #'s for WordPress 3.4.1 release CVE-2012-3383 CVE-2012-3384 CVE-2012-3385
MLIST:[oss-security] 20120705 Three CVE requests: at-spi2-atk, as31, naxsi CVE-2012-0808 CVE-2012-3379 CVE-2012-3380
MLIST:[oss-security] 20120706 CVE request: VLC / Asterisk CVE-2012-3377
MLIST:[oss-security] 20120706 Re: CVE request: VLC / Asterisk CVE-2012-3377
MLIST:[oss-security] 20120706 Re: Three CVE requests: at-spi2-atk, as31, naxsi CVE-2012-0808 CVE-2012-3379 CVE-2012-3380
MLIST:[oss-security] 20120707 Re: CVE #'s for WordPress 3.4.1 release CVE-2012-3383 CVE-2012-3384 CVE-2012-3385
MLIST:[oss-security] 20120709 CVE-2012-3881 RTG and RTG2: 95.php/rtg.php/view.php SQL injection CVE-2012-3881
MLIST:[oss-security] 20120709 Re: CVE-request: Basilic 1.5.14 diff.php remote code execution vulnerability CVE-2012-3399
MLIST:[oss-security] 20120710 CVE-request: Basilic 1.5.14 diff.php remote code execution vulnerability CVE-2012-3399
MLIST:[oss-security] 20120712 GLPI 0.83.2 CVE-2012-4002 CSRF and CVE-2012-4003 XSS CVE-2012-4002 CVE-2012-4003
MLIST:[oss-security] 20120716 CVE id request: libjs-swfupload CVE-2012-3414
MLIST:[oss-security] 20120717 Re: CVE id request: libjs-swfupload CVE-2012-3414
MLIST:[oss-security] 20120717 libjpeg-turbo: Heap-based buffer overflow when decompressing corrupt JPEG images CVE-2012-2806
MLIST:[oss-security] 20120719 CVE-2012-4024 and CVE-2012-4025: Squashfs overflows CVE-2012-4024 CVE-2012-4025
MLIST:[oss-security] 20120724 CVE Request: libpng: Out-of heap-based buffer read by inflating certain PNG images CVE-2012-3425
MLIST:[oss-security] 20120724 CVE-request: WordPress plugin Count Per Day XSS (SSCHADV2012-015) CVE-2012-3434
MLIST:[oss-security] 20120724 Re: CVE Request: libpng: Out-of heap-based buffer read by inflating certain PNG images CVE-2012-3425
MLIST:[oss-security] 20120727 Re: CVE-request: WordPress plugin Count Per Day XSS (SSCHADV2012-015) CVE-2012-3434
MLIST:[oss-security] 20120730 CVE Request: icinga sample db creation scripts CVE-2012-3441
MLIST:[oss-security] 20120730 Re: CVE Request: icinga sample db creation scripts CVE-2012-3441
MLIST:[oss-security] 20120801 CVE Request: NVidia Linux driver CVE-2012-4225
MLIST:[oss-security] 20120802 Re: CVE Request for Drupal contributed modules CVE-2012-2922
MLIST:[oss-security] 20120803 CVE ASSIGNMENT: extplorer: creates world writable directory /var/lib/extplorer/ftp_tmp CVE-2012-3454
MLIST:[oss-security] 20120803 CVE ASSIGNMENT: logol: creates world writable directory: /var/lib/logol/results CVE-2012-3453
MLIST:[oss-security] 20120808 Re: CVE Request: NVidia Linux driver CVE-2012-4225
MLIST:[oss-security] 20120808 Re: CVE Request: gnome-keyring: improper caching of gpg password/passphrase CVE-2012-3466
MLIST:[oss-security] 20120809 CVE Request: gnome-keyring: improper caching of gpg password/passphrase CVE-2012-3466
MLIST:[oss-security] 20120809 CVE-2012-3467: Unauthorized access (authentication bypass) from client to broker due to use of NullAuthenticator in shadow connections CVE-2012-3467
MLIST:[oss-security] 20120809 Re: CVE request for Ushahidi CVE-2012-3468 CVE-2012-3469 CVE-2012-3470 CVE-2012-3471 CVE-2012-3472 CVE-2012-3473 CVE-2012-3474 CVE-2012-3475 CVE-2012-3476
MLIST:[oss-security] 20120810 CVE Request: rssh command-line parsing vulnerability CVE-2012-3478
MLIST:[oss-security] 20120810 Re: CVE Request: rssh command-line parsing vulnerability CVE-2012-3478
MLIST:[oss-security] 20120810 ownCloud - matching CVEs to fix information and vice versa CVE-2012-2269 CVE-2012-2270 CVE-2012-2397 CVE-2012-2398 CVE-2012-4392 CVE-2012-4393 CVE-2012-4394 CVE-2012-4395 CVE-2012-4396 CVE-2012-4397 CVE-2012-4752
MLIST:[oss-security] 20120812 Re: Tunnel Blick: Multiple Vulnerabilities to Local Root and DoS (OS X) CVE-2012-3483 CVE-2012-3484 CVE-2012-3485 CVE-2012-3486 CVE-2012-3487 CVE-2012-4676
MLIST:[oss-security] 20120813 TCExam Edit SQL Injection CVE-2012-4237
MLIST:[oss-security] 20120813 Total Shop UK eCommerce Generic Cross-Site Scripting CVE-2012-4236
MLIST:[oss-security] 20120816 CVE Request: SquidClamav insufficient escaping flaws CVE-2012-3501 CVE-2012-4667
MLIST:[oss-security] 20120816 GIMP Scriptfu Python Remote Command Execution CVE-2012-4245
MLIST:[oss-security] 20120816 Re: CVE Request: SquidClamav insufficient escaping flaws CVE-2012-3501 CVE-2012-4667
MLIST:[oss-security] 20120816 pcp: Multiple security flaws CVE-2012-3418 CVE-2012-3419 CVE-2012-3420 CVE-2012-3421
MLIST:[oss-security] 20120817 Re: [Full-disclosure] GIMP Scriptfu Python Remote Command Execution CVE-2012-4245
MLIST:[oss-security] 20120820 CVE-request: Roundcube XSS issues CVE-2012-4668
MLIST:[oss-security] 20120820 RE: [Full-disclosure] GIMP Scriptfu Python Remote Command Execution CVE-2012-4245
MLIST:[oss-security] 20120820 Re: CVE-request: Roundcube XSS issues CVE-2012-4668
MLIST:[oss-security] 20120820 Two munin issues, now with CVEs CVE-2012-3512 CVE-2012-3513
MLIST:[oss-security] 20120821 Re: CVE Request -- Tor 0.2.2.38: Three issues CVE-2012-3517 CVE-2012-3518 CVE-2012-3519
MLIST:[oss-security] 20120821 Re: CVE Request -- php-geshi / GeSHi (1.0.8.11): Remote directory traversal and information disclosure in the cssgen contrib module (plus possibly XSS, but it needs upstream to confirm) CVE-2012-3521
MLIST:[oss-security] 20120821 Re: CVE Request -- php-geshi / GeSHi (1.0.8.11): Remote directory traversal and information disclosure in the cssgen contrib module (plus possibly XSS, but it needs upstream to confirm) CVE-2012-3522
MLIST:[oss-security] 20120822 CVE Request: Apache mod RPAF denial of service CVE-2012-3526
MLIST:[oss-security] 20120822 Re: CVE Request: Apache mod RPAF denial of service CVE-2012-3526
MLIST:[oss-security] 20120822 Re: CVE request: Typo3 CVE-2012-3527 CVE-2012-3528 CVE-2012-3529 CVE-2012-3530 CVE-2012-3531
MLIST:[oss-security] 20120824 Re: CVE Request: SquidClamav insufficient escaping flaws CVE-2012-4667
MLIST:[oss-security] 20120824 information request on security bug fix in GNU Gatekeeper 3.1 CVE-2012-3534
MLIST:[oss-security] 20120824 oVirt 3.1 does not validate server certificates in python sdk and cli (CVE-2012-3533) CVE-2012-3533
MLIST:[oss-security] 20120825 Re: information request on security bug fix in GNU Gatekeeper 3.1 CVE-2012-3534
MLIST:[oss-security] 20120826 Re: Re: information request on security bug fix in GNU Gatekeeper 3.1 CVE-2012-3534
MLIST:[oss-security] 20120826 Re: oVirt 3.1 does not validate server certificates in python sdk and cli (CVE-2012-3533) CVE-2012-3533
MLIST:[oss-security] 20120827 CVE request: crowbar ohai plugin: local privilege (root) escalation due to insecure tmp file handling CVE-2012-3537
MLIST:[oss-security] 20120827 Re: CVE Request: Java 7 code execution 0day CVE-2012-3539
MLIST:[oss-security] 20120827 Re: CVE request: crowbar ohai plugin: local privilege (root) escalation due to insecure tmp file handling CVE-2012-3537
MLIST:[oss-security] 20120827 Re: CVE request: joomla before 1.5.26 password change CVE-2012-1598
MLIST:[oss-security] 20120828 CVE for FreeBSD SCTP remote DoS? CVE-2012-3549
MLIST:[oss-security] 20120829 Re: CVE request: FreeBSD SCTP remote DoS CVE-2012-3549
MLIST:[oss-security] 20120829 php header() header injection detection bypass CVE-2011-1398
MLIST:[oss-security] 20120830 Re: CVE request: crowbar XSS CVE-2012-3551
MLIST:[oss-security] 20120831 CVE Request -- MediaWiki 1.19.2 and 1.18.5 multiple security flaws CVE-2012-4377 CVE-2012-4378 CVE-2012-4379 CVE-2012-4380 CVE-2012-4382
MLIST:[oss-security] 20120831 Information on security issues fixed in ffmpeg 0.11? CVE-2012-2772 CVE-2012-2774 CVE-2012-2775 CVE-2012-2776 CVE-2012-2777 CVE-2012-2779 CVE-2012-2782 CVE-2012-2783 CVE-2012-2784 CVE-2012-2785 CVE-2012-2786 CVE-2012-2787 CVE-2012-2788 CVE-2012-2789 CVE-2012-2790 CVE-2012-2791 CVE-2012-2792 CVE-2012-2793 CVE-2012-2794 CVE-2012-2795 CVE-2012-2796 CVE-2012-2797 CVE-2012-2798 CVE-2012-2799 CVE-2012-2800 CVE-2012-2801 CVE-2012-2802 CVE-2012-2803 CVE-2012-2804
MLIST:[oss-security] 20120831 Re: CVE Request -- MediaWiki 1.19.2 and 1.18.5 multiple security flaws CVE-2012-4377
MLIST:[oss-security] 20120831 Re: CVE Request -- MediaWiki 1.19.2 and 1.18.5 multiple security flaws CVE-2012-4378 CVE-2012-4379 CVE-2012-4380 CVE-2012-4382
MLIST:[oss-security] 20120831 Re: Three CVE requests: at-spi2-atk, as31, naxsi CVE-2012-0808 CVE-2012-3379
MLIST:[oss-security] 20120901 Re: CVE - ownCloud CVE-2012-2269 CVE-2012-2270 CVE-2012-2397 CVE-2012-2398 CVE-2012-4389 CVE-2012-4390 CVE-2012-4391 CVE-2012-4392 CVE-2012-4393 CVE-2012-4394 CVE-2012-4395 CVE-2012-4396 CVE-2012-4397 CVE-2012-4752
MLIST:[oss-security] 20120902 Re: Information on security issues fixed in ffmpeg 0.11? CVE-2012-2772 CVE-2012-2774 CVE-2012-2775 CVE-2012-2776 CVE-2012-2777 CVE-2012-2779 CVE-2012-2782 CVE-2012-2783 CVE-2012-2784 CVE-2012-2785 CVE-2012-2786 CVE-2012-2787 CVE-2012-2788 CVE-2012-2789 CVE-2012-2790 CVE-2012-2791 CVE-2012-2792 CVE-2012-2793 CVE-2012-2794 CVE-2012-2795 CVE-2012-2796 CVE-2012-2797 CVE-2012-2798 CVE-2012-2799 CVE-2012-2800 CVE-2012-2801 CVE-2012-2802 CVE-2012-2803 CVE-2012-2804
MLIST:[oss-security] 20120903 CVE-request: CakePHP XXE injection CVE-2012-4399
MLIST:[oss-security] 20120903 Re: CVE-request: CakePHP XXE injection CVE-2012-4399
MLIST:[oss-security] 20120905 Re: php header() header injection detection bypass CVE-2011-1398
MLIST:[oss-security] 20120905 Xen Security Advisory 15 (CVE-2012-3497) - multiple TMEM hypercall vulnerabilities CVE-2012-6030 CVE-2012-6031 CVE-2012-6032 CVE-2012-6033 CVE-2012-6034 CVE-2012-6035 CVE-2012-6036
MLIST:[oss-security] 20120907 Re: CVE-2010 Request -- blender: Insecure temporary file use by creating file string in undo save quit Blender kernel routine (re-occurrence of CVE-2008-1103) CVE-2012-4410
MLIST:[oss-security] 20120910 [PRE-SA-2012-06] FreeRADIUS: Stack Overflow in TLS-based EAP Methods CVE-2012-3547
MLIST:[oss-security] 20120912 CVE id request: tor CVE-2012-4922
MLIST:[oss-security] 20120912 Re: CVE id request: tor CVE-2012-4419
MLIST:[oss-security] 20120912 Re: CVEs for wordpress 3.4.2 release CVE-2012-3383
MLIST:[oss-security] 20120913 Re: CVEs for wordpress 3.4.2 release CVE-2012-4421 CVE-2012-4422
MLIST:[oss-security] 20120914 Re: CVE-request: WordPress insufficient permissions verification on XMLRPC interface CVE-2010-5106
MLIST:[oss-security] 20120917 CVE request: OptiPNG Palette Reduction Use-After-Free Vulnerability CVE-2012-4432
MLIST:[oss-security] 20120917 Moodle security notifications public CVE-2012-4400 CVE-2012-4401 CVE-2012-4402 CVE-2012-4403 CVE-2012-4407 CVE-2012-4408
MLIST:[oss-security] 20120917 Re: CVE request: OptiPNG Palette Reduction Use-After-Free Vulnerability CVE-2012-4432
MLIST:[oss-security] 20120919 CVE Request -- fwknop 2.0.3: Multiple security issues CVE-2012-4435 CVE-2012-4436
MLIST:[oss-security] 20120919 Re: CVE Request -- fwknop 2.0.3: Multiple security issues CVE-2012-4435 CVE-2012-4436
MLIST:[oss-security] 20120920 Notification of upstream Condor security fixes CVE-2012-3491 CVE-2012-3492 CVE-2012-3493
MLIST:[oss-security] 20120920 Re: CVE-request: monkey fails to drop supplemental groups when lowering privileges CVE-2012-4442
MLIST:[oss-security] 20120921 Re: CVE-request: monkey CGI scripts executed without dropping RUID/RGID root CVE-2012-4443
MLIST:[oss-security] 20120925 Re: CVE Request - phpMyAdmin: PMASA-2012-5 incident CVE-2012-5159
MLIST:[oss-security] 20121002 CVE Request: Ruby safe level bypasses CVE-2012-4464 CVE-2012-4466
MLIST:[oss-security] 20121003 Re: CVE Request for Drupal Contributed Modules CVE-2012-4468 CVE-2012-4469 CVE-2012-4470 CVE-2012-4471 CVE-2012-4472 CVE-2012-4473 CVE-2012-4474 CVE-2012-4475 CVE-2012-4476 CVE-2012-4477 CVE-2012-4478 CVE-2012-4479
MLIST:[oss-security] 20121003 Re: CVE Request: Ruby safe level bypasses CVE-2012-4464 CVE-2012-4466
MLIST:[oss-security] 20121004 CVE Request for Drupal Contributed Modules CVE-2012-4482 CVE-2012-4483 CVE-2012-4484 CVE-2012-4485 CVE-2012-4486 CVE-2012-4487 CVE-2012-4488 CVE-2012-4489 CVE-2012-4490 CVE-2012-4491 CVE-2012-4492 CVE-2012-4493 CVE-2012-4494 CVE-2012-4495 CVE-2012-4496 CVE-2012-4497 CVE-2012-4498 CVE-2012-4499 CVE-2012-4500 CVE-2012-5704 CVE-2012-5705
MLIST:[oss-security] 20121005 CVE request: LetoDMS, more issues CVE-2012-4567 CVE-2012-4568 CVE-2012-4569 CVE-2012-4570
MLIST:[oss-security] 20121007 CVE request: Joomla two XSS vulnerabilities fixed in 2.5.7 CVE-2012-4531 CVE-2012-4532
MLIST:[oss-security] 20121007 Re: CVE Request for Drupal Contributed Modules CVE-2012-4482 CVE-2012-4483 CVE-2012-4484 CVE-2012-4485 CVE-2012-4486 CVE-2012-4487 CVE-2012-4488 CVE-2012-4489 CVE-2012-4490 CVE-2012-4491 CVE-2012-4492 CVE-2012-4493 CVE-2012-4494 CVE-2012-4495 CVE-2012-4496 CVE-2012-4497 CVE-2012-4498 CVE-2012-4499 CVE-2012-4500 CVE-2012-5704 CVE-2012-5705
MLIST:[oss-security] 20121009 CVE Request -- claws-mail -- NULL pointer derefence while processing email content. CVE-2012-4507
MLIST:[oss-security] 20121009 CVE Request: gitolite path traversal vulnerability CVE-2012-4506
MLIST:[oss-security] 20121009 Claws-mail security issue in message processing CVE-2012-4507
MLIST:[oss-security] 20121009 Linux kernel stack memory content leak via UNAME26 CVE-2012-0957
MLIST:[oss-security] 20121009 Re: CVE Request -- claws-mail -- NULL pointer derefence while processing email content. CVE-2012-4507
MLIST:[oss-security] 20121009 Re: CVE Request: gitolite path traversal vulnerability CVE-2012-4506
MLIST:[oss-security] 20121012 CVE request: ruby file creation due in insertion of illegal NUL character CVE-2012-4522
MLIST:[oss-security] 20121012 Re: libproxy PAC downloading buffer overflows CVE-2012-4504 CVE-2012-4505
MLIST:[oss-security] 20121012 Security flaw in cups-pk-helper (CVE-2012-4510) CVE-2012-4510
MLIST:[oss-security] 20121012 libproxy PAC downloading buffer overflows CVE-2012-4504 CVE-2012-4505
MLIST:[oss-security] 20121013 Re: CVE request: ruby file creation due in insertion of illegal NUL character CVE-2012-4522
MLIST:[oss-security] 20121016 Re: CVE request: ruby file creation due in insertion of illegal NUL character CVE-2012-4522
MLIST:[oss-security] 20121016 Re: libproxy PAC downloading buffer overflows CVE-2012-4504 CVE-2012-4505
MLIST:[oss-security] 20121017 CVE request: radsecproxy incorrect x.509 certificate validation CVE-2012-4523 CVE-2012-4566
MLIST:[oss-security] 20121019 Re: CVE request: Joomla two XSS vulnerabilities fixed in 2.5.7 CVE-2012-4531 CVE-2012-4532
MLIST:[oss-security] 20121022 Re: CVE request: XSS in piwik before 1.9 CVE-2012-4541
MLIST:[oss-security] 20121023 Re: CVE request: XSS in piwik before 1.9 CVE-2012-4541
MLIST:[oss-security] 20121024 VLC 2.0.3 libpng_plugin CVE-2012-5470 CVE-2012-5470
MLIST:[oss-security] 20121026 Medium severity flaw with Perl 5 CVE-2012-5195
MLIST:[oss-security] 20121026 Xen Security Advisory 25 (CVE-2012-4544) - Xen domain builder Out-of-memory due to malicious kernel/ramdisk CVE-2012-2625
MLIST:[oss-security] 20121027 CVE-2012-5671: Exim <= 4.80 DKIM heap-based buffer overflow CVE-2012-5671
MLIST:[oss-security] 20121027 Re: Medium severity flaw with Perl 5 CVE-2012-5195
MLIST:[oss-security] 20121029 CVE request: Drupal SA-CORE-2012-003 CVE-2012-4553 CVE-2012-4554
MLIST:[oss-security] 20121029 Re: CVE Request: Django CVE-2012-4520
MLIST:[oss-security] 20121029 Re: CVE request: Drupal SA-CORE-2012-003 CVE-2012-4553 CVE-2012-4554
MLIST:[oss-security] 20121029 Re: CVE request: use-after-free in libunity-webapps CVE-2012-4551
MLIST:[oss-security] 20121029 VideoLAN TiVo Demuxer Duplicate CVEs (CVE-2011-5231 and CVE-2012-0023) CVE-2012-0023
MLIST:[oss-security] 20121030 RE: VideoLAN TiVo Demuxer Duplicate CVEs (CVE-2011-5231 and CVE-2012-0023) CVE-2012-0023
MLIST:[oss-security] 20121030 Re: CVE request: XSS is Google Web Toolkit (GWT) CVE-2012-5920
MLIST:[oss-security] 20121031 CVE request: LetoDMS, more issues CVE-2012-4567 CVE-2012-4568 CVE-2012-4569 CVE-2012-4570
MLIST:[oss-security] 20121031 Re: CVE Request: Python keyring CVE-2012-4571
MLIST:[oss-security] 20121031 Re: Re: CVE request: radsecproxy incorrect x.509 certificate validation CVE-2012-4523 CVE-2012-4566
MLIST:[oss-security] 20121102 Re: CVE-2012-4233: multiple null pointer dereference flaws in LibreOffice/OpenOffice.org CVE-2012-4233
MLIST:[oss-security] 20121102 Re: libfpx Duplicate CVEs (CVE-2011-5232 and CVE-2012-0025) CVE-2012-0025
MLIST:[oss-security] 20121107 IcedTea-Web CVE-2012-4540 CVE-2012-4540
MLIST:[oss-security] 20121107 [OSSA 2012-017] Authentication bypass for image deletion (CVE-2012-4573) CVE-2012-5482
MLIST:[oss-security] 20121108 Re: [OSSA 2012-017] Authentication bypass for image deletion (CVE-2012-4573) CVE-2012-5482
MLIST:[oss-security] 20121109 Re: Re: CVE Request - Zope / Plone: Multiple vectors corrected within 20121106 fix CVE-2012-6661
MLIST:[oss-security] 20121109 Re: Re: [OSSA 2012-017] Authentication bypass for image deletion (CVE-2012-4573) CVE-2012-5482
MLIST:[oss-security] 20121109 [OSSA 2012-017.1] Authentication bypass for image deletion (CVE-2012-4573, CVE-2012-5482) ERRATA 1 CVE-2012-5482
MLIST:[oss-security] 20121110 CVE Request -- roundup: Multiple XSS flaws plus other security related fixes corrected in upstream 1.4.20 version CVE-2012-6130 CVE-2012-6131 CVE-2012-6132
MLIST:[oss-security] 20121112 Re: CVE Request -- WeeChat (prior to 0.3.9.1): Heap-based buffer overflow when decoding IRC colors in strings CVE-2012-5854
MLIST:[oss-security] 20121112 VLC 2.0.4 SHAddToRecentDocs CVE-2012-5855 CVE-2012-5855
MLIST:[oss-security] 20121113 Re: [OVSA20121112] OpenVAS Manager Vulnerable To Command Injection CVE-2012-5520
MLIST:[oss-security] 20121113 [OVSA20121112] OpenVAS Manager Vulnerable To Command Injection CVE-2012-5520
MLIST:[oss-security] 20121114 Re: Re: Re: [OVSA20121112] OpenVAS Manager Vulnerable To Command Injection CVE-2012-5520
MLIST:[oss-security] 20121114 Re: Re: [OVSA20121112] OpenVAS Manager Vulnerable To Command Injection CVE-2012-5520
MLIST:[oss-security] 20121119 Moodle security notifications public CVE-2012-5471 CVE-2012-5472 CVE-2012-5473 CVE-2012-5479 CVE-2012-5480 CVE-2012-5481
MLIST:[oss-security] 20121119 Re: Fwd: [[Weechat-security] Security vulnerability in WeeChat 0.3.0 -> 0.3.9.1] CVE-2012-5534
MLIST:[oss-security] 20121120 Re: CVE Request for Drupal Contributed Modules CVE-2012-5537 CVE-2012-5538 CVE-2012-5539 CVE-2012-5540 CVE-2012-5541 CVE-2012-5542 CVE-2012-5543 CVE-2012-5544 CVE-2012-5545 CVE-2012-5547 CVE-2012-5548 CVE-2012-5549 CVE-2012-5550 CVE-2012-5551 CVE-2012-5552 CVE-2012-5553 CVE-2012-5554 CVE-2012-5556 CVE-2012-5557 CVE-2012-5569
MLIST:[oss-security] 20121120 libssh 0.5.3 release fixes multiple security issues CVE-2012-4559 CVE-2012-4561 CVE-2012-4562
MLIST:[oss-security] 20121121 lighttpd 1.4.32 released, fixing CVE-2012-5533 CVE-2012-5533
MLIST:[oss-security] 20121123 CVE Request -- kronolith: Two sets (3.0.17 && 3.0.18) of XSS flaws CVE-2012-5566 CVE-2012-5567
MLIST:[oss-security] 20121123 Re: CVE Request -- (Horde) IMP (prior v5.0.24-git): Obscure XSS issue when uploading attachments. CVE-2012-5565
MLIST:[oss-security] 20121123 Re: CVE Request -- kronolith: Two sets (3.0.17 && 3.0.18) of XSS flaws CVE-2012-5566 CVE-2012-5567
MLIST:[oss-security] 20121125 Re: CVE Request for Drupal Contributed Modules CVE-2012-5546
MLIST:[oss-security] 20121126 Re: CVE Request -- Symfony (php-symfony-symfony) < 1.4.20: Ability to read arbitrary files on the server, readable with the web server privileges CVE-2012-5574
MLIST:[oss-security] 20121126 Re: CVE Request for Drupal Contributed Modules CVE-2012-5569
MLIST:[oss-security] 20121127 Re: rssh: incorrect filtering of command line options CVE-2012-2252 CVE-2012-3478
MLIST:[oss-security] 20121128 Re: CVE request for Drupal contributed modules CVE-2012-5584 CVE-2012-5585 CVE-2012-5586 CVE-2012-5587 CVE-2012-5588 CVE-2012-5589 CVE-2012-5590 CVE-2012-5591
MLIST:[oss-security] 20121128 Re: rssh: incorrect filtering of command line options CVE-2012-2252
MLIST:[oss-security] 20121128 rssh: incorrect filtering of command line options CVE-2012-2251 CVE-2012-2252
MLIST:[oss-security] 20121130 Re: CVE Request: owncloud CVE-2012-5606 CVE-2012-5607 CVE-2012-5608 CVE-2012-5609 CVE-2012-5610
MLIST:[oss-security] 20121202 Re: Re: [Full-disclosure] MySQL (Linux) Stack based buffer overrun PoC Zeroday CVE-2012-5611 CVE-2012-5612 CVE-2012-5613 CVE-2012-5614
MLIST:[oss-security] 20121203 Re: CVE Request -- Ekiga (x < 4.0.0): DoS (crash) after receiving call from other party with not UTF-8 valid name CVE-2012-5621
MLIST:[oss-security] 20121203 Re: Strange CVE situation (at least one ID should come of this) CVE-2012-5623
MLIST:[oss-security] 20121203 Xen Security Advisory 27 (CVE-2012-5511) - several HVM operations do not validate the range of their inputs CVE-2012-6333
MLIST:[oss-security] 20121204 CVE-2012-5468: bogofilter-SA-2012-01 CVE-2012-5468
MLIST:[oss-security] 20121204 Re: CVE Request -- Qt (x < 4.8.4): QML XmlHttpRequest insecure redirection CVE-2012-5624
MLIST:[oss-security] 20121211 Re: CVE request: perl-modules CVE-2012-6329
MLIST:[oss-security] 20121213 CVE-2012-5374 CVE-2012-5375 Btrfs CRC32C denial of service issues CVE-2012-5374 CVE-2012-5375
MLIST:[oss-security] 20121219 Re: CVE request for Drupal core, and contributed modules CVE-2012-5654
MLIST:[oss-security] 20121219 [CVE-2012-6426] LemonLDAP-NG SAML XML Signature Wrapping CVE-2012-6426
MLIST:[oss-security] 20121220 Multiple SQL injection vulnerabilities in the puppetclass.rb and search.rb scripts in Foreman 1.0.1 CVE-2012-5648
MLIST:[oss-security] 20121220 Re: [CVE-2012-6426] LemonLDAP-NG SAML XML Signature Wrapping CVE-2012-6426
MLIST:[oss-security] 20121221 CVE request: ownCloud CVE-2012-5665 CVE-2012-5666
MLIST:[oss-security] 20121221 Re: CVE Request: grep CVE-2012-5667
MLIST:[oss-security] 20121221 Re: CVE request: ownCloud CVE-2012-5665 CVE-2012-5666
MLIST:[oss-security] 20121229 CVE request: MoinMoin Wiki (remote code execution vulnerability) CVE-2012-6495
MLIST:[oss-security] 20121229 Re: CVE request: MoinMoin Wiki (remote code execution vulnerability) CVE-2012-6495
MLIST:[oss-security] 20130103 Re: CVE Request - SWI-Prolog / pl (X < 6.2.5): Multiple (stack-based) buffer overflows in patch canonisation code and when expanding file-names with long paths CVE-2012-6089 CVE-2012-6090
MLIST:[oss-security] 20130103 Re: SQL Injection Vulnerability in Ruby on Rails (CVE-2012-5664) CVE-2012-6497
MLIST:[oss-security] 20130114 Re: CVE Request -- redis: Two insecure temporary file use flaws CVE-2013-0180
MLIST:[oss-security] 20130114 Re: CVE request for Drupal contributed modules CVE-2013-0181 CVE-2013-0182 CVE-2013-2715
MLIST:[oss-security] 20130115 pam-pgsql NULL password handling issue CVE-2013-0191
MLIST:[oss-security] 20130116 Re: pam-pgsql NULL password handling issue CVE-2013-0191
MLIST:[oss-security] 20130116 bcron: cron jobs get access to the temporary output files from all other jobs that are still running CVE-2012-6110
MLIST:[oss-security] 20130119 CVE request: MantisBT 1.2.12 only summary.php category/project names XSS vulnerability CVE-2013-1810
MLIST:[oss-security] 20130121 Moodle security notifications public CVE-2012-6099 CVE-2012-6101 CVE-2012-6102 CVE-2012-6103 CVE-2012-6104 CVE-2012-6105 CVE-2012-6106
MLIST:[oss-security] 20130121 Re: CVE request for Drupal contributed modules CVE-2013-0205 CVE-2013-0206 CVE-2013-0207
MLIST:[oss-security] 20130121 Re: CVE request for Movable Type CVE-2013-0209
MLIST:[oss-security] 20130124 Re: CVE request for Drupal contributed modules CVE-2013-0224 CVE-2013-0225 CVE-2013-0226 CVE-2013-0227
MLIST:[oss-security] 20130128 Re: CVE Request: XSS in Elgg 1.8.12, 1.7.16 (core module "Twitter widget") CVE-2013-0234
MLIST:[oss-security] 20130128 Re: CVE request for 'devise' ruby gem CVE-2013-0233
MLIST:[oss-security] 20130130 Re: CVE CVE-2013-0244 CVE-2013-0245 CVE-2013-0246
MLIST:[oss-security] 20130130 jQuery 1.6.2 XSS CVE assignment CVE-2011-4969
MLIST:[oss-security] 20130201 CVE Request -- Corosync (X < 2.0.3): Remote DoS due improper HMAC initialization and improper junk filtering when different encryption keys used CVE-2013-0250
MLIST:[oss-security] 20130201 Re: CVE Request -- Corosync (X < 2.0.3): Remote DoS due improper HMAC initialization and improper junk filtering when different encryption keys used CVE-2013-0250
MLIST:[oss-security] 20130201 Re: Re: CVE Request -- Corosync (X < 2.0.3): Remote DoS due improper HMAC initialization and improper junk filtering when different encryption keys used CVE-2013-0250
MLIST:[oss-security] 20130203 Re: CVE id request: latd CVE-2013-0251
MLIST:[oss-security] 20130204 Re: CVE request for Drupal contributed modules CVE-2013-0257 CVE-2013-0258 CVE-2013-0259 CVE-2013-0260
MLIST:[oss-security] 20130205 Re: CVE id request: latd CVE-2013-0251
MLIST:[oss-security] 20130205 Re: CVE request: TLS CBC padding timing flaw in various SSL / TLS implementations CVE-2013-0169 CVE-2013-1618 CVE-2013-1619 CVE-2013-1620 CVE-2013-1621 CVE-2013-1623 CVE-2013-1624
MLIST:[oss-security] 20130206 CVE request: Insecure default log file path in xNBD CVE-2013-0265
MLIST:[oss-security] 20130206 Re: CVE id request: openssh? CVE-2010-5107
MLIST:[oss-security] 20130206 Re: CVE request: Insecure default log file path in xNBD CVE-2013-0265
MLIST:[oss-security] 20130207 Potential Query Manipulation with Common Rails Practises CVE-2013-3221
MLIST:[oss-security] 20130207 Re: CVE request: XSS in roundcube before 0.8.5 CVE-2012-6121
MLIST:[oss-security] 20130212 Re: CVE Request -- jakarta-commons-httpclient: Wildcard matching in SSL hostname verifier incorrect (a different issue than CVE-2012-5783) CVE-2012-6127
MLIST:[oss-security] 20130212 Re: CVE request: Transmission can be made to crash remotely CVE-2012-6129
MLIST:[oss-security] 20130212 Re: CVE request: openconnect buffer overflow CVE-2012-6128
MLIST:[oss-security] 20130212 Re: Re: e1000e/82574L hardware erratum CVE-2013-1634
MLIST:[oss-security] 20130212 Re: e1000e/82574L hardware erratum CVE-2013-1634
MLIST:[oss-security] 20130212 [Ignore not a security flaw] Re: CVE Request -- jakarta-commons-httpclient: Wildcard matching in SSL hostname verifier incorrect (a different issue than CVE-2012-5783) CVE-2012-6127
MLIST:[oss-security] 20130213 Re: CVE Request -- jakarta-commons-httpclient: Wildcard matching in SSL hostname verifier incorrect (a different issue than CVE-2012-5783) CVE-2012-6127
MLIST:[oss-security] 20130213 Re: CVE Request -- roundup: Multiple XSS flaws plus other security related fixes corrected in upstream 1.4.20 version CVE-2012-6130
MLIST:[oss-security] 20130213 Re: CVE Request -- roundup: Multiple XSS flaws plus other security related fixes corrected in upstream 1.4.20 version CVE-2012-6131 CVE-2012-6132
MLIST:[oss-security] 20130213 Some rubygems related CVEs CVE-2012-6134 CVE-2013-0284 CVE-2013-0285
MLIST:[oss-security] 20130215 CVE request: unauthorized SSL certificates by Turktrust discovered CVE-2013-0743
MLIST:[oss-security] 20130215 Linux kernel race condition with PTRACE_SETREGS (CVE-2013-0871) CVE-2013-0871
MLIST:[oss-security] 20130219 REJECT CVE-2013-0278, CVE-2013-0279 and CVE-2013-0280 CVE-2013-1664 CVE-2013-1665
MLIST:[oss-security] 20130219 [OSSA 2013-004] Information leak and Denial of Service using XML entities (CVE-2013-1664, CVE-2013-1665) CVE-2013-1664 CVE-2013-1665
MLIST:[oss-security] 20130220 Re: CVE request for Drupal Core and contributed modules CVE-2013-0316 CVE-2013-0317 CVE-2013-0318 CVE-2013-0319 CVE-2013-0320 CVE-2013-0321 CVE-2013-0322 CVE-2013-0323 CVE-2013-0324 CVE-2013-0325
MLIST:[oss-security] 20130220 Re: CVE request: zoneminder: local file inclusion vulnerability CVE-2013-0332
MLIST:[oss-security] 20130220 isync/mbsync security advisory: missing SSL subject verification (CVE-2013-0289) CVE-2013-0289
MLIST:[oss-security] 20130221 Re: CVE request: zoneminder: local file inclusion vulnerability CVE-2013-0332
MLIST:[oss-security] 20130222 CVE request: webfs world-readable log CVE-2013-0347
MLIST:[oss-security] 20130222 CVE-2013-0350 for pktstat: writes content from TCP streams to public readable file /tmp/smtp.log CVE-2013-0350
MLIST:[oss-security] 20130222 Re: CVE request: webfs world-readable log CVE-2013-0347
MLIST:[oss-security] 20130222 Re: Cve request: tomcat world-readable logdir CVE-2013-0346
MLIST:[oss-security] 20130222 Re: Re: CVE request: webfs world-readable log CVE-2013-0347
MLIST:[oss-security] 20130225 Re: CVE request: WordPress plugin smart-flv jwplayer.swf XSS CVE-2013-1765
MLIST:[oss-security] 20130225 fusionforge CVE-2013-1423 multiple privilege escalations CVE-2013-1423
MLIST:[oss-security] 20130227 CVE request: sudo authentication bypass when clock is reset CVE-2013-1775
MLIST:[oss-security] 20130227 Re: CVE Request for Drupal Contributed Modules CVE-2013-1778 CVE-2013-1779 CVE-2013-1780 CVE-2013-1781 CVE-2013-1782 CVE-2013-1783 CVE-2013-1784 CVE-2013-1785 CVE-2013-1786 CVE-2013-1787
MLIST:[oss-security] 20130227 Re: CVE Request: poppler 0.22.1 security fixes CVE-2013-1789 CVE-2013-1790
MLIST:[oss-security] 20130227 Re: CVE request: potential bypass of sudo tty_tickets constraints CVE-2013-1776 CVE-2013-2776 CVE-2013-2777
MLIST:[oss-security] 20130228 Re: CVE Request: poppler 0.22.1 security fixes CVE-2013-1789 CVE-2013-1790
MLIST:[oss-security] 20130302 Re: CVE request: MantisBT 1.2.12 only summary.php category/project names XSS vulnerability CVE-2013-1810
MLIST:[oss-security] 20130302 Re: CVE request: PHP-Fusion waraxe-2013-SA#097 CVE-2013-1803 CVE-2013-1804 CVE-2013-1806 CVE-2013-1807
MLIST:[oss-security] 20130303 CVE request: PHP-Fusion waraxe-2013-SA#097 CVE-2013-1803 CVE-2013-1804 CVE-2013-1806 CVE-2013-1807
MLIST:[oss-security] 20130305 CVE Requests (maybe): Linux kernel: various info leaks, some NULL ptr derefs CVE-2012-6536 CVE-2012-6537 CVE-2012-6538 CVE-2012-6539 CVE-2012-6540 CVE-2012-6541 CVE-2012-6542 CVE-2012-6543 CVE-2012-6544 CVE-2012-6545 CVE-2012-6546 CVE-2012-6547 CVE-2012-6548 CVE-2012-6549 CVE-2013-2546 CVE-2013-2547 CVE-2013-2548
MLIST:[oss-security] 20130306 CVE for Ruby Entity expansion DoS vulnerability in REXML (XML bomb) CVE-2013-1821
MLIST:[oss-security] 20130310 Multiple SQL Injection vulnerabilities in Disk Pool Manager (DPM) CVE-2011-4970
MLIST:[oss-security] 20130311 CVE-2013-0913 Linux kernel i915 integer overflow CVE-2013-0913
MLIST:[oss-security] 20130311 CVE-2013-0914 Linux kernel sa_restorer information leak CVE-2013-0914
MLIST:[oss-security] 20130311 Re: CVE Request: typo3 sql injection and open redirection CVE-2013-1842 CVE-2013-1843
MLIST:[oss-security] 20130311 Re: CVE request: XSS in piwik 1.11 CVE-2013-1844
MLIST:[oss-security] 20130311 Re: Multiple SQL Injection vulnerabilities in Disk Pool Manager (DPM) CVE-2011-4970
MLIST:[oss-security] 20130313 Re: CVE request: almanah does not encrypt its database CVE-2013-1853
MLIST:[oss-security] 20130313 Re: CVE-2013-0913 Linux kernel i915 integer overflow CVE-2013-0913
MLIST:[oss-security] 20130314 Re: CVE request for a Drupal contributed module CVE-2013-1859
MLIST:[oss-security] 20130314 Re: CVE-2013-0913 Linux kernel i915 integer overflow CVE-2013-0913
MLIST:[oss-security] 20130319 Fwd: CVE requests CVE-2013-1875 CVE-2013-2561 CVE-2013-2562 CVE-2013-2563 CVE-2013-2564 CVE-2013-2615 CVE-2013-2616 CVE-2013-2617
MLIST:[oss-security] 20130319 Re: CVE Request: VLC Buffer overflows CVE-2013-1868
MLIST:[oss-security] 20130319 Untrusted startup file inclusion in Chicken Scheme CVE-2013-1874
MLIST:[oss-security] 20130320 Re: Linux kernel: net - three info leaks in rtnl CVE-2013-2634 CVE-2013-2635 CVE-2013-2636
MLIST:[oss-security] 20130322 Re: CVE Request -- drupal7-views : SA-CONTRIB-2013-035 - Views - Cross Site Scripting (XSS) CVE-2013-1887
MLIST:[oss-security] 20130322 Re: CVE Request: python-pip insecure temporary directory handling CVE-2013-1888
MLIST:[oss-security] 20130325 Moodle security notifications public CVE-2013-1829 CVE-2013-1830 CVE-2013-1831 CVE-2013-1832 CVE-2013-1833 CVE-2013-1834 CVE-2013-1835 CVE-2013-1836
MLIST:[oss-security] 20130325 Re: CVE Request -- drupal7-views : SA-CONTRIB-2013-035 - Views - Cross Site Scripting (XSS) CVE-2013-1887
MLIST:[oss-security] 20130326 Re: Ruby gem Thumbshooter 0.1.5 remote code execution CVE-2013-1898
MLIST:[oss-security] 20130326 Ruby gem Thumbshooter 0.1.5 remote code execution CVE-2013-1898
MLIST:[oss-security] 20130328 Re: CVE Request -- roundcubemail: Local file inclusion via web UI modification of certain config options CVE-2013-1904
MLIST:[oss-security] 20130331 Re: Remote command execution in Ruby Gem ldoce 0.0.2 CVE-2013-1911
MLIST:[oss-security] 20130403 CVE-2013-1912 : haproxy may crash on TCP content inspection rules CVE-2013-1912
MLIST:[oss-security] 20130403 Re: CVE Request -- ModSecurity (X < 2.7.3): Vulnerable to XXE attacks CVE-2013-1915
MLIST:[oss-security] 20130403 browser document.cookie DoS vulnerability CVE-2013-6166 CVE-2013-6167
MLIST:[oss-security] 20130408 Re: Remote Command Injection Ruby Gem Karteek Docsplit 0.5.4 CVE-2013-1933
MLIST:[oss-security] 20130409 Re: CVE Request: Self-XSS in phpmyadmin fixed in 3.5.8 CVE-2013-1937
MLIST:[oss-security] 20130410 CVE-2010-5109 libytnef buffer overflow CVE-2010-5109
MLIST:[oss-security] 20130410 Remote command injection in Ruby Gem kelredd-pruview 0.3.8 CVE-2013-1947
MLIST:[oss-security] 20130412 Re: CVE request for Drupal contributed modules CVE-2013-1946
MLIST:[oss-security] 20130412 Re: Remote command injection in Ruby Gem kelredd-pruview 0.3.8 CVE-2013-1947
MLIST:[oss-security] 20130413 CVE-2013-1949 Social Media Widget remote file inclusion CVE-2013-1949
MLIST:[oss-security] 20130414 CVE Request: VLC Buffer Overflow in ASF Demuxer CVE-2013-1954
MLIST:[oss-security] 20130414 Linux kernel: more net info leak fixes for v3.9 CVE-2013-3076 CVE-2013-3222 CVE-2013-3223 CVE-2013-3224 CVE-2013-3225 CVE-2013-3226 CVE-2013-3227 CVE-2013-3228 CVE-2013-3229 CVE-2013-3230 CVE-2013-3231 CVE-2013-3232 CVE-2013-3233 CVE-2013-3234 CVE-2013-3235 CVE-2013-3236 CVE-2013-3237
MLIST:[oss-security] 20130416 Re: CVE Request: VLC Buffer Overflow in ASF Demuxer CVE-2013-1954
MLIST:[oss-security] 20130416 Re: CVE for XSS in EasyPHPCalender script CVE-2013-1955
MLIST:[oss-security] 20130417 CVE request : libxml2 Multiple Use-After-Free Vulnerabilities CVE-2013-1969
MLIST:[oss-security] 20130417 Fwd: Multiple Vulnerabilities in Simple HRM system v2.3 and below CVE-2013-2498
MLIST:[oss-security] 20130417 Multiple vulnerabilities in PHP Address Book v8.2.5 CVE-2013-1748 CVE-2013-1749
MLIST:[oss-security] 20130417 Re: Multiple vulnerabilities in PHP Address Book v8.2.5 CVE-2013-1748
MLIST:[oss-security] 20130418 Re: CVE request : libxml2 Multiple Use-After-Free Vulnerabilities CVE-2013-1969
MLIST:[oss-security] 20130418 Xorg-x11-server: Information disclosure due enabling events from hot-plug devices despite input from the device being momentarily disabled CVE-2013-1940
MLIST:[oss-security] 20130422 Re: Linux kernel: more net info leak fixes for v3.9 CVE-2013-3236
MLIST:[oss-security] 20130422 Re: Re: Linux kernel: more net info leak fixes for v3.9 CVE-2013-3236
MLIST:[oss-security] 20130423 Re: Re: Linux kernel: more net info leak fixes for v3.9 CVE-2013-3236
MLIST:[oss-security] 20130424 CVE-2013-3221 can also relate to Microsoft SQL Server and IBM DB2 CVE-2013-3221
MLIST:[oss-security] 20130424 Re: Multiple potential security issues fixed in ClamAV 0.97.8 - any further details? CVE-2013-2020 CVE-2013-2021
MLIST:[oss-security] 20130428 Multiple vulnerabilities in BOINC CVE-2011-5280 CVE-2013-2298 CVE-2013-7386
MLIST:[oss-security] 20130429 Re: Multiple potential security issues fixed in ClamAV 0.97.8 - any further details? CVE-2013-2020 CVE-2013-2021
MLIST:[oss-security] 20130501 Re: Mediawiki CVE request ( was Fw: [MediaWiki-announce] MediaWiki Security Release: 1.20.5 and 1.19.6) CVE-2013-2031
MLIST:[oss-security] 20130502 Re: CVE Request -- gpsd 3.9 fixing a denial of service flaw CVE-2013-2038
MLIST:[oss-security] 20130506 Re: CVE request: OpenVPN use of non-constant-time memcmp in HMAC comparison in openvpn_decrypt CVE-2013-2061
MLIST:[oss-security] 20130507 Re: CVE Request -- gpsd 3.9 fixing a denial of service flaw CVE-2013-2038
MLIST:[oss-security] 20130513 CVE request: Gallery multiple XSS vulnerabilities CVE-2013-2087
MLIST:[oss-security] 20130513 CVE-2013-1861 for MySQL/MariaDB: geometry query crashes mysqld CVE-2013-1861
MLIST:[oss-security] 20130514 Re: CVE Request: Storable::thaw called on cookie data in multiple CPAN modules CVE-2012-6141 CVE-2012-6142
MLIST:[oss-security] 20130514 Re: CVE request: Gallery multiple XSS vulnerabilities CVE-2013-2087
MLIST:[oss-security] 20130514 ownCloud Security Advisories oC-SA-0{19-27} CVE-2013-2045
MLIST:[oss-security] 20130515 CVE Request: Man in the middle on Gentoo Portage binary package installer CVE-2013-2100
MLIST:[oss-security] 20130515 Re: CVE Request: Man in the middle on Gentoo Portage binary package installer CVE-2013-2100
MLIST:[oss-security] 20130518 CVE Request: DoS in OpenSMTPD TLS Support CVE-2013-2125
MLIST:[oss-security] 20130518 Re: CVE request: WordPress plugin mail-on-update CSRF CVE-2013-2107
MLIST:[oss-security] 20130518 Re: Re: CVE Request: DoS in OpenSMTPD TLS Support CVE-2013-2125
MLIST:[oss-security] 20130518 Re: Show In Browser 0.0.3 Ruby Gem /tmp file injection vulnerability CVE-2013-2105
MLIST:[oss-security] 20130522 CVE-2013-2073 transifex-client: Does not validate HTTPS server certificate (fixed in transifex-client v0.9) CVE-2013-2073
MLIST:[oss-security] 20130523 CVE-2013-2069 livecd-tools: improper handling of passwords CVE-2013-2069
MLIST:[oss-security] 20130523 Fwd: [ANNOUNCE] X.Org Security Advisory: Protocol handling issues in X Window System client libraries CVE-2013-1981 CVE-2013-1982 CVE-2013-1983 CVE-2013-1984 CVE-2013-1985 CVE-2013-1986 CVE-2013-1987 CVE-2013-1988 CVE-2013-1989 CVE-2013-1990 CVE-2013-1991 CVE-2013-1992 CVE-2013-1995 CVE-2013-1996 CVE-2013-1997 CVE-2013-1998 CVE-2013-1999 CVE-2013-2000 CVE-2013-2001 CVE-2013-2002 CVE-2013-2003 CVE-2013-2004 CVE-2013-2005 CVE-2013-2062 CVE-2013-2064 CVE-2013-2066
MLIST:[oss-security] 20130524 Re: CVE request: MediaWiki chunked uploads vulnerability CVE-2013-2114
MLIST:[oss-security] 20130524 Re: CVE request: dovecot : "APPEND" Parameters Processing Denial of Service Vulnerability CVE-2013-2111
MLIST:[oss-security] 20130526 socat security advisory 4 - CVE-2013-3571 CVE-2013-3571
MLIST:[oss-security] 20130527 Re: CVE Request: SPIP privilege escalation CVE-2013-2118
MLIST:[oss-security] 20130527 Re: CVE Request: cgit directory traversal CVE-2013-2117
MLIST:[oss-security] 20130529 Re: CVE request for Drupal contributed modules CVE-2013-2122 CVE-2013-2123
MLIST:[oss-security] 20130529 Re: CVE request: libraw: multiple issues CVE-2013-2126 CVE-2013-2127
MLIST:[oss-security] 20130530 CVE-2013-1431: telepathy-gabble: TLS bypass via use of legacy Jabber CVE-2013-1431
MLIST:[oss-security] 20130601 CVE-2013-2850: Linux kernel iSCSI target heap overflow CVE-2013-2850
MLIST:[oss-security] 20130604 Re: CVE Request -- Gallery < 3.0.8 - Improper stripping of URL fragments in uploadify and flowplayer SWF files might lead to replay attacks CVE-2013-2138
MLIST:[oss-security] 20130605 CVE-2013-2145: perl Module::Signature code execution vulnerability CVE-2013-2145
MLIST:[oss-security] 20130606 Linux kernel format string flaws CVE-2013-2851 CVE-2013-2852
MLIST:[oss-security] 20130608 Re: CVE request: Debian's package "mysql-server" leaks credential information CVE-2013-2162
MLIST:[oss-security] 20130610 Re: CVE request: Monkey HTTPD - DoS due bug on Range header handling CVE-2013-2163
MLIST:[oss-security] 20130610 Re: CVE request: libraw: multiple issues CVE-2013-2126
MLIST:[oss-security] 20130612 Re: CVE request: WordPress 3.5.1 denial of service vulnerability CVE-2013-2173
MLIST:[oss-security] 20130613 CVE request: MovableType before 5.2.6 CVE-2013-2184
MLIST:[oss-security] 20130613 CVE-2013-2168: dbus: DoS in system services caused by _dbus_printf_string_upper_bound CVE-2013-2168
MLIST:[oss-security] 20130614 Re: CVE request: Bypass protected directory by Monkey HTTPD - Mandril security plugin CVE-2013-2182
MLIST:[oss-security] 20130614 Re: CVE request: MovableType before 5.2.6 CVE-2013-2184
MLIST:[oss-security] 20130619 Re: Re: [Ticket#2012111110000015] TYPO3-CORE-SA-2012-005: Several Vulnerabilities in TYPO3 Core CVE-2012-6144 CVE-2012-6145 CVE-2012-6147
MLIST:[oss-security] 20130620 Re: CVE request for Drupal contributed module CVE-2013-2197
MLIST:[oss-security] 20130624 Re: CVE Request -- Review Board: Stored XSS due improper sanitization of user's full name in the reviews dropdown (fixed in upstream v1.7.10, v1.6.17 versions) CVE-2013-2209
MLIST:[oss-security] 20130626 Xen Security Advisory 58 (CVE-2013-1432) - Page reference counting error due to XSA-45/CVE-2013-1918 fixes CVE-2013-1432
MLIST:[oss-security] 20130627 CVE request for GLPI CVE-2013-2225
MLIST:[oss-security] 20130630 Re: CVE request for GLPI CVE-2013-2225
MLIST:[oss-security] 20130703 Re: CVE request: FreeSWITCH regex substitution 3 buffer overflows CVE-2013-2238
MLIST:[oss-security] 20130703 Re: CVE request: Quagga OSPF-API stack overrun CVE-2013-2236
MLIST:[oss-security] 20130705 LSE Leading Security Experts GmbH - LSE-2013-07-03 - rsyslog ElasticSearch Plugin CVE-2013-4758
MLIST:[oss-security] 20130706 Re: CVE request for Drupal contrib module CVE-2013-2247
MLIST:[oss-security] 20130709 Linux kernel libceph NULL function pointer dereference (CVE-2013-1059) CVE-2013-1059
MLIST:[oss-security] 20130711 Re: CVE Request -- Nagstamon (prior 0.9.10): Monitor server user credentials exposure in automated requests to get update information CVE-2013-4114
MLIST:[oss-security] 20130711 Re: CVE request: SQUID-2013:2: buffer overflow in HTTP request handling CVE-2013-4115
MLIST:[oss-security] 20130711 Re: CVE request: WordPress plugin category-grid-view-gallery XSS CVE-2013-4117
MLIST:[oss-security] 20130716 CVE Request - xlockmore 5.43 fixes a security flaw CVE-2013-4143
MLIST:[oss-security] 20130716 Re: CVE-2013-4788 - Eglibc PTR MANGLE bug CVE-2013-4788
MLIST:[oss-security] 20130716 Re: Re: Insecure temp files usage in phusion passenger (other than CVE-2013-2119) CVE-2013-4136
MLIST:[oss-security] 20130717 Re: CVE request for Drupal contrib modules CVE-2013-4138 CVE-2013-4139 CVE-2013-4140
MLIST:[oss-security] 20130718 CVE Request: OpenJDK and lcms2 2.5 release fixes various denial of service issues in lcms2 CVE-2013-4160
MLIST:[oss-security] 20130718 CVE-2013-4137: StatusNet v1.1.0: SQL injection CVE-2013-4137
MLIST:[oss-security] 20130718 Re: CVE Request - xlockmore 5.43 fixes a security flaw CVE-2013-4143
MLIST:[oss-security] 20130718 Re: Re: SWFUpload <= (Object Injection/CSRF) Vulnerabilities Multiple flaws CVE-2012-2399
MLIST:[oss-security] 20130719 Re: CVE Request : Radius Daemon (YardRadius v1.1.2-4 ) Multiple Format String Vulnerabilities CVE-2013-4147
MLIST:[oss-security] 20130721 cve request: cms made simple XSS before 1.11.7 CVE-2013-4167
MLIST:[oss-security] 20130722 Re: CVE Request: OpenJDK and lcms2 2.5 release fixes various denial of service issues in lcms2 CVE-2013-4160
MLIST:[oss-security] 20130725 Re: CVE request: timing leak in bitcoind CVE-2013-4165
MLIST:[oss-security] 20130725 Re: cve request: cms made simple XSS before 1.11.7 CVE-2013-4167
MLIST:[oss-security] 20130726 CVE-2013-1436: xmonad-contrib remote command injection CVE-2013-1436
MLIST:[oss-security] 20130727 Re: CVE Request: Xymon Systems and Network Monitor - remote file deletion vulnerability CVE-2013-4173
MLIST:[oss-security] 20130730 Re: CVE Request - MongoDB <=2.4.4 uninitialized object CVE-2013-3969
MLIST:[oss-security] 20130802 Re: Rgpg Ruby Gem Remote Command Injection (CVE Request) CVE-2013-4203
MLIST:[oss-security] 20130805 [notification] exactimage DoS, jumping into the unknown CVE-2013-1441
MLIST:[oss-security] 20130806 CVE request: three additional flaws fixed in putty 0.63 CVE-2013-4206 CVE-2013-4207 CVE-2013-4208
MLIST:[oss-security] 20130807 Re: CVE request: SQL injection and shell escaping issues in Cacti < 0.8.8b CVE-2013-1434 CVE-2013-1435
MLIST:[oss-security] 20130809 Re: CVE Request - LibModPlug <=0.8.8.4 multiple heap overflow CVE-2013-4233 CVE-2013-4234
MLIST:[oss-security] 20130809 Re: CVE request for Drupal contributed modules CVE-2013-4229 CVE-2013-4230
MLIST:[oss-security] 20130809 Re: CVE request: nullmailer world readable /etc/nullmailer/remotes CVE-2013-4223
MLIST:[oss-security] 20130809 [Not a CVE request, just notification] CVE-2012-4502, CVE-2012-4503 -- Two security flaws fixed in Chrony v1.29 CVE-2012-4502 CVE-2012-4503
MLIST:[oss-security] 20130810 CVE Request - HMS Testimonials 2.0.10 WP plugin CVE-2013-4240
MLIST:[oss-security] 20130812 Re: Re: CVE Request - HMS Testimonials 2.0.10 WP plugin CVE-2013-4240
MLIST:[oss-security] 20130814 [CVE request] Django 1.4.6 security release CVE-2013-4249 CVE-2013-6044
MLIST:[oss-security] 20130819 Re: [CVE request] Django 1.4.6 security release CVE-2013-4249 CVE-2013-6044
MLIST:[oss-security] 20130820 Xen Security Advisory 59 (CVE-2013-3495) - Intel VT-d Interrupt Remapping engines can be evaded by native NMI interrupts CVE-2013-3495
MLIST:[oss-security] 20130821 Re: CVE Request: FFmpeg 2.0.1 multiple problems CVE-2013-4263 CVE-2013-4264 CVE-2013-4265
MLIST:[oss-security] 20130822 Re: CVE request for Drupal contributed modules CVE-2013-4272 CVE-2013-4273 CVE-2013-4274 CVE-2013-7391
MLIST:[oss-security] 20130824 CVE request: Joomla unauthorised uploads before 2.5.14 / 3.1.5 CVE-2013-5576
MLIST:[oss-security] 20130824 Re: CVE request: Joomla unauthorised uploads before 2.5.14 / 3.1.5 CVE-2013-5576
MLIST:[oss-security] 20130828 Linux HID security flaws CVE-2013-2888 CVE-2013-2889 CVE-2013-2890 CVE-2013-2891 CVE-2013-2892 CVE-2013-2893 CVE-2013-2894 CVE-2013-2895 CVE-2013-2896 CVE-2013-2897 CVE-2013-2898 CVE-2013-2899
MLIST:[oss-security] 20130829 [notification] libraw: multiple denial of service vulnerabilities CVE-2013-1438 CVE-2013-1439
MLIST:[oss-security] 20130830 Re: CVE request -- libvirt: virBitmapParse out-of-bounds read access CVE-2013-5651
MLIST:[oss-security] 20130901 CVE request: serendipity before 1.7.3 XSS CVE-2011-5267 CVE-2013-5670
MLIST:[oss-security] 20130901 Re: CVE request: serendipity before 1.7.3 XSS CVE-2011-5267 CVE-2013-5670
MLIST:[oss-security] 20130901 Re: Remote Command Injection in fog-dragonfly-0.8.2 Ruby Gem CVE-2013-5671
MLIST:[oss-security] 20130901 Re: [CVE Request] IndiaNIC Testimonial 2.2 WP plugin CVE-2013-5672 CVE-2013-5673
MLIST:[oss-security] 20130901 Remote Command Injection in fog-dragonfly-0.8.2 Ruby Gem CVE-2013-5671
MLIST:[oss-security] 20130904 Re: CVE request: MediaWiki Security Release: 1.21.2, 1.20.7 and 1.19.8 CVE-2013-4301 CVE-2013-4302 CVE-2013-4304 CVE-2013-4305 CVE-2013-4306 CVE-2013-4307 CVE-2013-4308
MLIST:[oss-security] 20130905 Re: CVE-2013-2185 / Tomcat CVE-2013-2185
MLIST:[oss-security] 20130906 Re: CVE request: pyOpenSSL hostname check bypassing vulnerability CVE-2013-4314
MLIST:[oss-security] 20130909 CVE-2013-4287 Algorithmic complexity vulnerability in RubyGems 2.0.7 and older CVE-2013-4287
MLIST:[oss-security] 20130911 Re: CVE request for Drupal contrib modules CVE-2013-4337 CVE-2013-5965
MLIST:[oss-security] 20130915 Re: CVE-2013-4287 Algorithmic complexity vulnerability in RubyGems 2.0.7 and older CVE-2013-4363
MLIST:[oss-security] 20130918 Re: CVE-2013-4287 Algorithmic complexity vulnerability in RubyGems 2.0.7 and older CVE-2013-4363
MLIST:[oss-security] 20130920 Re: CVE-2013-4287 Algorithmic complexity vulnerability in RubyGems 2.0.7 and older CVE-2013-4363
MLIST:[oss-security] 20130925 CVE request: pyxtrlock CVE-2013-4427
MLIST:[oss-security] 20130925 Re: CVE request: X2Go server CVE-2013-4376
MLIST:[oss-security] 20130925 Xen Security Advisory 62 (CVE-2013-1442) - Information leak on AVX and/or LWP capable CPUs CVE-2013-1442
MLIST:[oss-security] 20130925 [notification] txt2man unsafe use of tempoarary files CVE-2013-1444
MLIST:[oss-security] 20130926 Re: CVE request: Javamelody blind XSS through X-Forwarded-For header CVE-2013-4378
MLIST:[oss-security] 20130927 Re: CVE request for Drupal contributed modules CVE-2013-4379 CVE-2013-4380
MLIST:[oss-security] 20130929 YingZhi Python Programming Language for iOS ftp .. bug & httpd arbitrary upload CVE-2013-5655
MLIST:[oss-security] 20130930 Re: CVE request: VLC CVE-2013-4388
MLIST:[oss-security] 20130930 Re: YingZhi Python Programming Language for iOS ftp .. bug & httpd arbitrary upload CVE-2013-5655
MLIST:[oss-security] 20131008 CVE request: mahara 1.7.3 CVE-2013-4429 CVE-2013-4430 CVE-2013-4431 CVE-2013-4432
MLIST:[oss-security] 20131008 Fwd: X.Org security advisory: CVE-2013-4396: Use after free in Xserver handling of ImageText requests CVE-2013-4396
MLIST:[oss-security] 20131009 Re: Vulnerability Reported in my Ruby Gem CVE-2013-4413
MLIST:[oss-security] 20131010 Re: CVE Request: dropbear sshd daemon 2013.59 release CVE-2013-4421
MLIST:[oss-security] 20131015 Re: CVE Request: dropbear sshd daemon 2013.59 release CVE-2013-4434
MLIST:[oss-security] 20131015 Re: CVE request: mahara 1.7.3 CVE-2013-4429 CVE-2013-4430 CVE-2013-4431 CVE-2013-4432
MLIST:[oss-security] 20131015 Re: Re: CVE request: mahara 1.7.3 CVE-2013-4429 CVE-2013-4430 CVE-2013-4431 CVE-2013-4432
MLIST:[oss-security] 20131015 Re: Re: CVE request: pyxtrlock CVE-2013-4426 CVE-2013-4427
MLIST:[oss-security] 20131015 Report - Stack-based buffer overflow and memory disclosure in camera driver (CVE-2013-4748 CVE-2013-4739) CVE-2013-4738 CVE-2013-4739
MLIST:[oss-security] 20131016 Re: browser document.cookie DoS vulnerability CVE-2013-6166 CVE-2013-6167
MLIST:[oss-security] 20131017 CVE-2013-1445 python-crypto:PRNG not correctly reseeded in some situations CVE-2013-1445
MLIST:[oss-security] 20131017 Re: browser document.cookie DoS vulnerability CVE-2013-6166 CVE-2013-6167
MLIST:[oss-security] 20131018 Re: CVE request for saltstack minion identity usurpation CVE-2013-4435 CVE-2013-4436 CVE-2013-4437 CVE-2013-4438 CVE-2013-4439
MLIST:[oss-security] 20131019 Re: CVE Request: Node.js HTTP Pipelining DoS CVE-2013-4450
MLIST:[oss-security] 20131021 RE: Re: CVE duplicates SA-CONTRIB-2013-075 CVE-2013-5937 CVE-2013-5938
MLIST:[oss-security] 20131021 Re: CVE Request: LDAP Account Manager XSS in login.php CVE-2013-4453
MLIST:[oss-security] 20131021 Re: CVE Request: gitolite world writable files for fresh installs of v3.5.3 CVE-2013-4451
MLIST:[oss-security] 20131022 Re: CVE Request: Simple Machines Forum (SMF) Remote file inclusion vulnerability CVE-2013-4465
MLIST:[oss-security] 20131022 Recursive Interpolation Vulnerability in Cocaine rubygem (CVE-2013-4457) CVE-2013-4457
MLIST:[oss-security] 20131023 VICIDIAL 2.7 - SQL Injection, Command Injection CVE-2013-4467 CVE-2013-4468 CVE-2013-7382
MLIST:[oss-security] 20131024 Re: CVE Request: Simple Machines Forum (SMF) Remote file inclusion vulnerability CVE-2013-4465
MLIST:[oss-security] 20131024 Re: CVE Request: gnutls/libdane buffer overflow CVE-2013-4466
MLIST:[oss-security] 20131024 Re: VICIDIAL 2.7 - SQL Injection, Command Injection CVE-2013-4467 CVE-2013-4468 CVE-2013-7382
MLIST:[oss-security] 20131026 [Notification] CVE-2013-6047: ikiwiki-hosting: XSS in site creation interface CVE-2013-6047
MLIST:[oss-security] 20131028 Re: CVE request: 3 vulnerabilities in poppler and 1 in Xpdf CVE-2013-4473 CVE-2013-4474
MLIST:[oss-security] 20131031 Re: CVE Request: gnutls/libdane buffer overflow CVE-2013-4487
MLIST:[oss-security] 20131103 Re: CVE request for Drupal contributed modules CVE-2013-4498 CVE-2013-4500 CVE-2013-4501 CVE-2013-4502 CVE-2013-4503 CVE-2013-4504
MLIST:[oss-security] 20131104 Re: some unstracked linux kernel security fixes CVE-2013-6763
MLIST:[oss-security] 20131105 CVE Request: additional fix for CVE-2012-2825 libxslt crash CVE-2013-4520
MLIST:[oss-security] 20131105 CVE request: drupalauth module for simpleSAMLphp trivial impersonation CVE-2013-4552
MLIST:[oss-security] 20131105 Re: CVE Request: additional fix for CVE-2012-2825 libxslt crash CVE-2013-4520
MLIST:[oss-security] 20131107 Re: CVE Request - OpenSSH CVE-2013-4548
MLIST:[oss-security] 20131108 Advisory report - Multiple memory corruption and race condition in Goodix gt915 Android touchscreen driver (CVE-2013-4740 & CVE-2013-6122) CVE-2013-4740 CVE-2013-6122
MLIST:[oss-security] 20131108 Re: CVE request: drupalauth module for simpleSAMLphp trivial impersonation CVE-2013-4552
MLIST:[oss-security] 20131110 CVE-2013-6765 CVE-2013-6766 for OpenVAS 4.0.4/1.3.2/etc. CVE-2013-6765 CVE-2013-6766
MLIST:[oss-security] 20131110 Re: CVE Request: multiple vulnerabilities in spip CVE-2013-4555 CVE-2013-4556 CVE-2013-4557
MLIST:[oss-security] 20131111 Security vulnerability in gitlab-shell (CVE-2013-4546) CVE-2013-4546
MLIST:[oss-security] 20131112 CVE request: rubygem omniauth-facebook CSRF vurnerability CVE-2013-4562
MLIST:[oss-security] 20131112 Re: Re: CVE request: rubygem omniauth-facebook CSRF vurnerability CVE-2013-4562
MLIST:[oss-security] 20131114 CVE-2013-6282 - linux kernel: missing access checks in get_user/put_user on ARM CVE-2013-6282
MLIST:[oss-security] 20131114 Re: Requesting four (4) CVE identifiers for GitLab CVE-2013-4580 CVE-2013-4581
MLIST:[oss-security] 20131115 Re: CVE request for graphicsmagick DoS CVE-2013-4589
MLIST:[oss-security] 20131118 Re: CVE request for Drupal contributed modules CVE-2013-4594 CVE-2013-4595 CVE-2013-4597 CVE-2013-4599
MLIST:[oss-security] 20131122 SA-CORE-2013-003 - Drupal core - Multiple vulnerabilities CVE-2013-6385 CVE-2013-6386 CVE-2013-6387 CVE-2013-6388 CVE-2013-6389
MLIST:[oss-security] 20131125 Moodle security notifications public CVE-2013-4522 CVE-2013-4523 CVE-2013-4524 CVE-2013-4525 CVE-2013-6780
MLIST:[oss-security] 20131126 CVE Request: FFmpeg 2.1 multiple problems CVE-2013-7008 CVE-2013-7009 CVE-2013-7010 CVE-2013-7011 CVE-2013-7012 CVE-2013-7013 CVE-2013-7014 CVE-2013-7015 CVE-2013-7016 CVE-2013-7017 CVE-2013-7018 CVE-2013-7019 CVE-2013-7020 CVE-2013-7021 CVE-2013-7022 CVE-2013-7023 CVE-2013-7024
MLIST:[oss-security] 20131126 Re: CVE Request: static IV used in Percona XtraBackup CVE-2013-6394
MLIST:[oss-security] 20131127 Re: CVE Request: Quassel IRC - manipulated clients can access backlog of all users on a shared core CVE-2013-6404
MLIST:[oss-security] 20131128 Re: CVE Request: Linux kernel: net: uninitialised memory leakage CVE-2013-7263 CVE-2013-7264 CVE-2013-7265 CVE-2013-7281
MLIST:[oss-security] 20131128 Re: CVE Request: ownCloud security bypass on admin page CVE-2013-6403
MLIST:[oss-security] 20131129 CVE request: UnrealIRCd remote DoS CVE-2013-6413 CVE-2013-7384
MLIST:[oss-security] 20131129 Re: CVE request for OpenTTD CVE-2013-6411
MLIST:[oss-security] 20131129 Re: CVE request: UnrealIRCd remote DoS CVE-2013-6413 CVE-2013-7384
MLIST:[oss-security] 20131202 Command injection vulnerability in Ruby Gem sprout 0.7.246 CVE-2013-6421
MLIST:[oss-security] 20131202 Re: Command injection vulnerability in Ruby Gem sprout 0.7.246 CVE-2013-6421
MLIST:[oss-security] 20131204 Fwd: [vs] multiple issues in openjpeg CVE-2013-1447 CVE-2013-6045 CVE-2013-6052 CVE-2013-6053 CVE-2013-6054 CVE-2013-6887
MLIST:[oss-security] 20131206 CVE request for Drupal core, and contributed modules CVE-2013-7063 CVE-2013-7064 CVE-2013-7065 CVE-2013-7068
MLIST:[oss-security] 20131208 Re: CVE Request: FFmpeg 2.1 multiple problems CVE-2013-7008 CVE-2013-7009 CVE-2013-7010 CVE-2013-7011 CVE-2013-7012 CVE-2013-7013 CVE-2013-7014 CVE-2013-7015 CVE-2013-7016 CVE-2013-7017 CVE-2013-7018 CVE-2013-7019 CVE-2013-7020 CVE-2013-7021 CVE-2013-7022 CVE-2013-7023 CVE-2013-7024
MLIST:[oss-security] 20131209 CPython hash secret can be recoved remotely CVE-2013-7040
MLIST:[oss-security] 20131209 Re: CPython hash secret can be recoved remotely CVE-2013-7040
MLIST:[oss-security] 20131209 Re: CVE request: two issues in libmicro CVE-2013-7038 CVE-2013-7039
MLIST:[oss-security] 20131210 CVE request for Plone CVE-2013-7060 CVE-2013-7061
MLIST:[oss-security] 20131211 CVE Request: ZNC IRC Bouncer DoS in FiSH Plugin CVE-2013-7049
MLIST:[oss-security] 20131211 CVE request: TYPO3-CORE-SA-2013-004 and TYPO3-FLOW-SA-2013-001 CVE-2013-7073 CVE-2013-7074 CVE-2013-7075 CVE-2013-7076 CVE-2013-7077 CVE-2013-7078 CVE-2013-7079 CVE-2013-7080 CVE-2013-7081
MLIST:[oss-security] 20131211 Re: CVE Request: ack-grep: potential remote code execution via per-project .ackrc files CVE-2013-7069
MLIST:[oss-security] 20131211 Re: CVE request for Drupal core, and contributed modules CVE-2013-7063 CVE-2013-7064 CVE-2013-7065 CVE-2013-7068
MLIST:[oss-security] 20131211 Re: CVE request for Plone CVE-2013-7060 CVE-2013-7061
MLIST:[oss-security] 20131212 CVE Request: devscripts (uscan) broken handling of filenames with whitespace CVE-2013-7085
MLIST:[oss-security] 20131212 Command injection in Ruby Gem Webbynode 1.0.5.3 CVE-2013-7086
MLIST:[oss-security] 20131212 Re: CVE Request: ZNC IRC Bouncer DoS in FiSH Plugin CVE-2013-7049
MLIST:[oss-security] 20131212 Re: CVE Request: devscripts (uscan) broken handling of filenames with whitespace CVE-2013-7085
MLIST:[oss-security] 20131212 Re: CVE request: TYPO3-CORE-SA-2013-004 and TYPO3-FLOW-SA-2013-001 CVE-2013-7073 CVE-2013-7074 CVE-2013-7076 CVE-2013-7077 CVE-2013-7078
MLIST:[oss-security] 20131212 Re: Command injection in Ruby Gem Webbynode 1.0.5.3 CVE-2013-7086
MLIST:[oss-security] 20131213 Re: CVE-2013-2073 transifex-client: Does not validate HTTPS server certificate (fixed in transifex-client v0.9) CVE-2013-7110
MLIST:[oss-security] 20131214 Bio Basespace SDK 0.1.7 Ruby Gem exposes API Key via command line CVE-2013-7111
MLIST:[oss-security] 20131215 Re: Bio Basespace SDK 0.1.7 Ruby Gem exposes API Key via command line CVE-2013-7111
MLIST:[oss-security] 20131215 Re: CVE-2013-2073 transifex-client: Does not validate HTTPS server certificate (fixed in transifex-client v0.9) CVE-2013-7110
MLIST:[oss-security] 20131216 CVE Request: Proc::Daemon writes pidfile with mode 666 CVE-2013-7135
MLIST:[oss-security] 20131216 CVE request: Juvia secret token handling CVE-2013-7134
MLIST:[oss-security] 20131216 Fwd: Vulnerability (Buffer Overflow) in Icinga 1.8, 1.9 and 1.10 (Icinga Issue #5250) Vulnerability (Off-by-one memory access) in Icinga 1.8, 1.9 and 1.10 (Icinga Issue #5251) CVE-2013-7106 CVE-2013-7107
MLIST:[oss-security] 20131217 Bug#732283: CVE Request: Proc::Daemon writes pidfile with mode 666 CVE-2013-7135
MLIST:[oss-security] 20131217 Re: CVE Request: Proc::Daemon writes pidfile with mode 666 CVE-2013-7135
MLIST:[oss-security] 20131217 Re: CVE request: Juvia secret token handling CVE-2013-7134
MLIST:[oss-security] 20131218 GnuPG 1.4.16 fixes RSA key extraction via acoustic side channel (CVE-2013-4576) CVE-2013-4576
MLIST:[oss-security] 20131218 Re: GnuPG 1.4.16 fixes RSA key extraction via acoustic side channel (CVE-2013-4576) CVE-2013-4576
MLIST:[oss-security] 20131222 Re: [SECURITY] [DSA 2826-1] denyhosts security update CVE-2013-6890
MLIST:[oss-security] 20131223 Re: CVE Request: gitolite world writable files for fresh installs of v3.5.3 CVE-2013-7203
MLIST:[oss-security] 20131224 Re: CVE request: denial of service in Nagios (process_cgivars()) CVE-2013-7108 CVE-2013-7205
MLIST:[oss-security] 20131227 Re: Two CVE request for gnome-shell/screensaver issues CVE-2013-7220 CVE-2013-7221
MLIST:[oss-security] 20131227 Two CVE request for gnome-shell/screensaver issues CVE-2013-7220 CVE-2013-7221
MLIST:[oss-security] 20131228 Re: CVE request: Fat Free CRM multiple vulnerabilities CVE-2013-7222 CVE-2013-7223 CVE-2013-7224 CVE-2013-7225 CVE-2013-7249
MLIST:[oss-security] 20131229 Re: CVE request: SMF 1.1.19, 2.0.6 CVE-2013-7234 CVE-2013-7235 CVE-2013-7236
MLIST:[oss-security] 20131230 CVE request: SMF 1.1.19, 2.0.6 CVE-2013-7234 CVE-2013-7235 CVE-2013-7236
MLIST:[oss-security] 20131230 CVE request: Zenphoto 1.4.5.4 CVE-2013-7241 CVE-2013-7242
MLIST:[oss-security] 20131230 CVE to the ntp monlist DDoS issue? CVE-2013-5211
MLIST:[oss-security] 20131230 CVE-request: Dewplayer issues CVE-2013-7240
MLIST:[oss-security] 20131230 Re: CVE Request: SASL authentication allows wrong credentials to access memcache CVE-2013-7239
MLIST:[oss-security] 20131230 Re: CVE request: Zenphoto 1.4.5.4 CVE-2013-7241 CVE-2013-7242
MLIST:[oss-security] 20131230 Re: CVE to the ntp monlist DDoS issue? CVE-2013-5211
MLIST:[oss-security] 20131230 Re: CVE-request: Dewplayer issues CVE-2013-7240
MLIST:[oss-security] 20131231 Re: CVE request: Linux kernel: net: memory leak in recvmsg handlermsg_name & msg_namelen logic CVE-2013-7266 CVE-2013-7267 CVE-2013-7268 CVE-2013-7269 CVE-2013-7270 CVE-2013-7271
MLIST:[oss-security] 20140102 CVE for freerdp int overflow? CVE-2014-0791
MLIST:[oss-security] 20140102 Re: Duplicated CVE assignment for bip CVE-2011-5268
MLIST:[oss-security] 20140103 Neo4J CSRF: Potential CVE candidate CVE-2013-7259
MLIST:[oss-security] 20140103 Re: CVE for freerdp int overflow? CVE-2014-0791
MLIST:[oss-security] 20140103 Re: Neo4J CSRF: Potential CVE candidate CVE-2013-7259
MLIST:[oss-security] 20140106 CVE Request: cross-site scripting vulnerabilities in movable type 6.0.1, 5.2.9, and 5.161 CVE-2014-0977
MLIST:[oss-security] 20140106 [notification] CVE-2013-6888: uscan: remote code execution CVE-2013-6888
MLIST:[oss-security] 20140107 CVE Re: request: lightdm-gtk-greeter - local DOS due to NULL pointer dereference CVE-2013-7273
MLIST:[oss-security] 20140107 CVE Request: graphviz: stack-based buffer overflow in yyerror() CVE-2014-0978
MLIST:[oss-security] 20140107 Fwd: X.Org Security Advisory: CVE-2013-6462: Stack buffer overflow in parsing of BDF font files in libXfont CVE-2013-6462
MLIST:[oss-security] 20140107 MongoDB memory over-read via incorrect BSON object length (was: [HITB-Announce] HITB Magazine Issue 10 Out Now) CVE-2012-6619
MLIST:[oss-security] 20140107 Paratrooper-newrelic 1.0.1 Ruby Gem exposes API key CVE-2014-1234
MLIST:[oss-security] 20140107 Re: CVE Request: cross-site scripting vulnerabilities in movable type 6.0.1, 5.2.9, and 5.161 CVE-2014-0977
MLIST:[oss-security] 20140107 Re: CVE Request: graphviz: stack-based buffer overflow in yyerror() CVE-2014-0978
MLIST:[oss-security] 20140107 Re: CVE request: lightdm-gtk-greeter - local DOS due to NULL pointer dereference CVE-2014-0979
MLIST:[oss-security] 20140107 Re: MongoDB memory over-read via incorrect BSON object length (was: [HITB-Announce] HITB Magazine Issue 10 Out Now) CVE-2012-6619
MLIST:[oss-security] 20140107 oss-sec: CVE split and a missed file CVE-2013-7263 CVE-2013-7264 CVE-2013-7265
MLIST:[oss-security] 20140107 paratrooper-pingdom-1.0.0 ruby gem exposes API login credentials CVE-2014-1233
MLIST:[oss-security] 20140108 Re: CVE Request: graphviz: stack-based buffer overflow in yyerror() CVE-2014-1235 CVE-2014-1236
MLIST:[oss-security] 20140108 Re: MongoDB memory over-read via incorrect BSON object length (was: [HITB-Announce] HITB Magazine Issue 10 Out Now) CVE-2012-6619
MLIST:[oss-security] 20140108 Re: Re: CVE Request: graphviz: stack-based buffer overflow in yyerror() CVE-2014-1236
MLIST:[oss-security] 20140109 Re: CVE Request: drupal7-entity: multiple access bypass vulnerabilities CVE-2014-1398 CVE-2014-1399 CVE-2014-1400
MLIST:[oss-security] 20140109 Re: CVE request: remote code execution via deserialization in XStream CVE-2013-7285
MLIST:[oss-security] 20140110 CVE Request: python-jinja2: arbitrary code execution vulnerability CVE-2014-1402
MLIST:[oss-security] 20140110 Re: CVE Request: python-jinja2: arbitrary code execution vulnerability CVE-2014-1402
MLIST:[oss-security] 20140113 [OSSA 2014-001] Nova live snapshots use an insecure local directory (CVE-2013-7048) CVE-2013-7048
MLIST:[oss-security] 20140114 Fwd: [Python-modules-team] Bug#735263: python-rply: insecure use of /tmp CVE-2014-1604
MLIST:[oss-security] 20140114 Re: Linux kernel: missing CPU-state sanitation during task-switch causes DOS / privilege escalation CVE-2014-1438
MLIST:[oss-security] 20140115 Re: CVE request: assorted kernel infoleak security fixes CVE-2014-1444 CVE-2014-1445 CVE-2014-1446
MLIST:[oss-security] 20140116 CVE Request - Poppler library: DoS fixed in 0.24.5 CVE-2013-7296
MLIST:[oss-security] 20140117 Re: CVE Request - Poppler library: DoS fixed in 0.24.5 CVE-2013-7296
MLIST:[oss-security] 20140117 Re: Fwd: [Python-modules-team] Bug#735263: python-rply: insecure use of /tmp CVE-2014-1604
MLIST:[oss-security] 20140118 CVE requests / advisory: cxxtools <= 2.2, Tntnet <= 2.2 CVE-2013-7298 CVE-2013-7299
MLIST:[oss-security] 20140118 Re: CVE requests / advisory: cxxtools <= 2.2, Tntnet <= 2.2 CVE-2013-7298 CVE-2013-7299
MLIST:[oss-security] 20140120 CVE request: Cantata vulnerability CVE-2013-7300 CVE-2013-7301
MLIST:[oss-security] 20140120 CVE request: spip: cross-site scripting vulnerability CVE-2013-7303
MLIST:[oss-security] 20140120 Re: CVE request: Cantata vulnerability CVE-2013-7300 CVE-2013-7301
MLIST:[oss-security] 20140120 Re: CVE request: spip: cross-site scripting vulnerability CVE-2013-7303
MLIST:[oss-security] 20140121 Fwd: [Python-modules-team] Bug#736247: python-xdg: get_runtime_dir(strict=False): insecure use of /tmp CVE-2014-1624
MLIST:[oss-security] 20140121 Re: Fwd: [Python-modules-team] Bug#736247: python-xdg: get_runtime_dir(strict=False): insecure use of /tmp CVE-2014-1624
MLIST:[oss-security] 20140122 Getting tempfile/mktemp wrong CVE-2014-1638 CVE-2014-1639 CVE-2014-1640
MLIST:[oss-security] 20140122 Re: Getting tempfile/mktemp wrong CVE-2014-1638 CVE-2014-1639 CVE-2014-1640
MLIST:[oss-security] 20140123 Xen Security Advisory 83 (CVE-2014-1642) - Out-of-memory condition yielding memory corruption during IRQ setup CVE-2014-1642
MLIST:[oss-security] 20140123 Xen Security Advisory 87 (CVE-2014-1666) - PHYSDEVOP_{prepare,release}_msix exposed to unprivileged guests CVE-2014-1666
MLIST:[oss-security] 20140124 [OSSA 2014-003] Live migration can leak root disk into ephemeral storage (CVE-2013-7130) CVE-2013-7130
MLIST:[oss-security] 20140128 Re: Remote code execution in horde < 5.1.1 CVE-2014-1691
MLIST:[oss-security] 20140128 Remote code execution in horde < 5.1.1 CVE-2014-1691
MLIST:[oss-security] 20140128 CVE Request: Erlang OTP - ftp module - FTP Command Injection CVE-2014-1693
MLIST:[oss-security] 20140128 CVE request: temporary file issue in Passenger rubygem CVE-2014-1831
MLIST:[oss-security] 20140128 Socat security advisory 5 - PROXY-CONNECT address overflow CVE-2014-0019
MLIST:[oss-security] 20140129 Re: Remote code execution in horde < 5.1.1 CVE-2014-1691
MLIST:[oss-security] 20140129 CVE Request: otrs: CSRF issue in customer web interface CVE-2014-1694
MLIST:[oss-security] 20140129 CVE: Request CVE-2014-1750
MLIST:[oss-security] 20140129 Re: CVE Request: otrs: CSRF issue in customer web interface CVE-2014-1471 CVE-2014-1694
MLIST:[oss-security] 20140129 Re: CVE request: temporary file issue in Passenger rubygem CVE-2014-1832
MLIST:[oss-security] 20140129 Re: CVE: Request CVE-2014-1750
MLIST:[oss-security] 20140130 Re: CVE request: temporary file issue in Passenger rubygem CVE-2014-1831
MLIST:[oss-security] 20140131 CVE request: temp file issues in python's logilab-common module CVE-2014-1838 CVE-2014-1839
MLIST:[oss-security] 20140131 CVE request: uupdate (devscripts) directory traversal CVE-2014-1833
MLIST:[oss-security] 20140131 Re: CVE request: uupdate (devscripts) directory traversal CVE-2014-1833
MLIST:[oss-security] 20140131 Re: echor 0.1.6 Ruby Gem exposes login credentials CVE-2014-1834 CVE-2014-1835
MLIST:[oss-security] 20140203 CVE request and heads-up on insecure temp file handling in unpack200 (OpenJDK, Oracle Java) CVE-2014-1876
MLIST:[oss-security] 20140203 CVE-2014-0039: fwsnort loaded configuration file from cwd when run as a non-root user CVE-2014-0039
MLIST:[oss-security] 20140203 Re: CVE request: enlightenment sysactions CVE-2014-1845 CVE-2014-1846
MLIST:[oss-security] 20140204 CVE request: python-gnupg before 0.3.5 shell injection CVE-2013-7323
MLIST:[oss-security] 20140204 Re: CVE request: a2ps insecure temporary file use CVE-2001-1593
MLIST:[oss-security] 20140204 Re: CVE request: python-gnupg before 0.3.5 shell injection CVE-2013-7323 CVE-2014-1927 CVE-2014-1928 CVE-2014-1929
MLIST:[oss-security] 20140205 Re: CVE request: a2ps insecure temporary file use CVE-2001-1593
MLIST:[oss-security] 20140206 CVE Request: Capture::Tiny: insecure use of /tmp CVE-2014-1875
MLIST:[oss-security] 20140206 Dokeos 2.1.1 Multiple Stored XSS Vulnerabilities CVE-2014-1877
MLIST:[oss-security] 20140206 Re: CVE Request: Capture::Tiny: insecure use of /tmp CVE-2014-1875
MLIST:[oss-security] 20140207 IcedTea-Web insecure temporary directory use - CVE-2013-6493 CVE-2013-6493
MLIST:[oss-security] 20140207 Re: CVE request and heads-up on insecure temp file handling in unpack200 (OpenJDK, Oracle Java) CVE-2014-1876
MLIST:[oss-security] 20140207 Re: CVE request: f2py insecure temporary file use CVE-2014-1858 CVE-2014-1859
MLIST:[oss-security] 20140207 Re: CVE request: multiple issues in Apache Cordova/PhoneGap CVE-2012-6636 CVE-2012-6637 CVE-2014-1881 CVE-2014-1882 CVE-2014-1883 CVE-2014-1884 CVE-2014-1885 CVE-2014-1886 CVE-2014-1887
MLIST:[oss-security] 20140207 Re: Dokeos 2.1.1 Multiple Stored XSS Vulnerabilities CVE-2014-1877
MLIST:[oss-security] 20140207 Re: Xen Security Advisory 84 - integer overflow in several XSM/Flask hypercalls CVE-2014-1891 CVE-2014-1892 CVE-2014-1893 CVE-2014-1894 CVE-2014-1895 CVE-2014-1896
MLIST:[oss-security] 20140208 Fwd: Old CVE ids, public, but still CVE-2011-1935 CVE-2011-2683 CVE-2011-2684 CVE-2011-2902 CVE-2011-4333 CVE-2011-4334 CVE-2013-6049
MLIST:[oss-security] 20140208 Fwd: Old CVE ids, public, but still "RESERVED" CVE-2013-0870
MLIST:[oss-security] 20140208 Re: CVE Request: Multiple security issues in Android Debug Bridge (Android SDK Tools) CVE-2014-1909
MLIST:[oss-security] 20140209 Re: CVE request: python-gnupg before 0.3.5 shell injection CVE-2013-7323 CVE-2014-1927 CVE-2014-1928
MLIST:[oss-security] 20140209 Re: oath-toolkit PAM module OTP token invalidation issue CVE-2013-7322
MLIST:[oss-security] 20140210 CVE request: parcimonie (0.6 to 0.8, included) possible correlation between key fetches CVE-2014-1921
MLIST:[oss-security] 20140210 CVE requests: Pacemaker, Python Imaging Library, eyeD3, 9base, rc, Gamera, RPLY - insecure use of /tmp CVE-2014-1933
MLIST:[oss-security] 20140210 CVE-2014-1939 searchBoxJavaBridge_ in Android Jelly Bean CVE-2014-1939
MLIST:[oss-security] 20140210 Re: CVE request: parcimonie (0.6 to 0.8, included) possible correlation between key fetches CVE-2014-1921
MLIST:[oss-security] 20140210 Re: CVE requests: Pacemaker, Python Imaging Library, eyeD3, 9base, rc, Gamera, RPLY - insecure use of /tmp CVE-2014-1932 CVE-2014-1933
MLIST:[oss-security] 20140210 Xen Security Advisory 84 (CVE-2014-1891,CVE-2014-1892,CVE-2014-1893,CVE-2014-1894) - integer overflow in several XSM/Flask hypercalls CVE-2014-1891 CVE-2014-1892 CVE-2014-1893 CVE-2014-1894
MLIST:[oss-security] 20140210 Xen Security Advisory 85 (CVE-2014-1895) - Off-by-one error in FLASK_AVC_CACHESTAT hypercall CVE-2014-1895
MLIST:[oss-security] 20140210 Xen Security Advisory 86 (CVE-2014-1896) - libvchan failure handling malicious ring indexes CVE-2014-1896
MLIST:[oss-security] 20140212 Re: CVE request: python-gnupg before 0.3.5 shell injection CVE-2014-1929
MLIST:[oss-security] 20140212 Re: CVE request? buffer overflow in socket.recvfrom_into CVE-2014-1912
MLIST:[oss-security] 20140212 Re: Old CVE ids, public, but still CVE-2010-3659
MLIST:[oss-security] 20140212 Re: Old CVE ids, public, but still "RESERVED" CVE-2010-2250 CVE-2010-2471
MLIST:[oss-security] 20140212 Re: cinnamon-screensaver lock bypass (tested on Fedora 20) CVE-2014-1949
MLIST:[oss-security] 20140212 Xen Security Advisory 88 (CVE-2014-1950) - use-after-free in xc_cpupool_getinfo() under memory pressure CVE-2014-1950
MLIST:[oss-security] 20140212 [OSSA 2014-004] Glance Swift store backend password leak (CVE-2014-1948) CVE-2014-1948
MLIST:[oss-security] 20140212 cinnamon-screensaver lock bypass (tested on Fedora 20) CVE-2014-1949
MLIST:[oss-security] 20140213 CVE Request - GnuTLS corrects flaw in certificate verification (3.1.x/3.2.x) CVE-2014-1959
MLIST:[oss-security] 20140213 Re: CVE Request - GnuTLS corrects flaw in certificate verification (3.1.x/3.2.x) CVE-2014-1959
MLIST:[oss-security] 20140214 [CVE-2014-0046] XSS Vulnerability With {{link-to}} Helper in Non-block Form CVE-2014-0046
MLIST:[oss-security] 20140216 Re: CVE request: freeradius denial of service in rlm_pap hash processing CVE-2014-2015
MLIST:[oss-security] 20140217 Re: CVE request for unfixed CVE-2013-6466 in openswan-2.6.40 CVE-2014-2037
MLIST:[oss-security] 20140217 CVE request: "imapsync ignores the --tls switch and sends my authentication plaintext." CVE-2014-2014
MLIST:[oss-security] 20140218 Data Injection Vulnerability in Active Record (CVE-2014-0080) CVE-2014-0080
MLIST:[oss-security] 20140218 Denial of Service Vulnerability in Action View when using render :text (CVE-2014-0082) CVE-2014-0082
MLIST:[oss-security] 20140218 Re: CVE request: "imapsync ignores the --tls switch and sends my authentication plaintext." CVE-2014-2014
MLIST:[oss-security] 20140218 Re: CVE request: MuPDF Stack-based Buffer Overflow in xps_parse_color() CVE-2014-2013
MLIST:[oss-security] 20140218 Re: CVE-2014-1939 searchBoxJavaBridge_ in Android Jelly Bean CVE-2013-4710
MLIST:[oss-security] 20140218 XSS Vulnerability in number_to_currency, number_to_percentage and number_to_human (CVE-2014-0081) CVE-2014-0081
MLIST:[oss-security] 20140219 CVE request for CGI::Application information disclosure flaw CVE-2013-7329
MLIST:[oss-security] 20140219 Re: CVE Request: Percona Toolkit automatic version check - remote code execution / information leak CVE-2014-2029
MLIST:[oss-security] 20140219 Re: CVE request: remote code execution in egroupware <= 1.8.005 CVE-2014-2027
MLIST:[oss-security] 20140220 Re: CVE request for unfixed CVE-2013-6466 in openswan-2.6.40 CVE-2014-2037
MLIST:[oss-security] 20140220 Re: Possible CVE Requests: several issues fixed in Jenkins (Advisory 2014-02-14) CVE-2013-7330 CVE-2014-2058 CVE-2014-2059 CVE-2014-2060 CVE-2014-2061 CVE-2014-2062 CVE-2014-2063 CVE-2014-2064 CVE-2014-2065 CVE-2014-2066 CVE-2014-2067 CVE-2014-2068
MLIST:[oss-security] 20140224 Re: CVE request: XSS in MODX Revolution before 2.2.11 CVE-2014-2080
MLIST:[oss-security] 20140224 Re: xfe: directory masks ignored when creating new files on Samba and NFS CVE-2014-2079
MLIST:[oss-security] 20140225 Re: CVE request for catfish program CVE-2014-2093 CVE-2014-2094 CVE-2014-2095 CVE-2014-2096
MLIST:[oss-security] 20140225 Re: Re: CVE Request - GnuTLS corrects flaw in certificate verification (3.1.x/3.2.x) CVE-2009-5138
MLIST:[oss-security] 20140227 CVE request: PLOGGER 1.0RC1 multiple vulnerabilities CVE-2014-2223
MLIST:[oss-security] 20140227 Re: CVE Request - GnuTLS corrects flaw in certificate verification (3.1.x/3.2.x) CVE-2009-5138
MLIST:[oss-security] 20140227 Re: CVE request: PLOGGER 1.0RC1 multiple vulnerabilities CVE-2014-2223
MLIST:[oss-security] 20140227 [CVE assignment notification] Multiple vulnerabilities in POSH CVE-2014-2211 CVE-2014-2212
MLIST:[oss-security] 20140228 CVE request: MantisBT 1.2.13 SQL injection vulnerability CVE-2014-2238
MLIST:[oss-security] 20140228 CVE requests: MediaWiki 1.22.3, 1.21.6 and 1.19.12 release CVE-2014-2242 CVE-2014-2243 CVE-2014-2244
MLIST:[oss-security] 20140228 Re: CVE request: askbot xss CVE-2014-2235 CVE-2014-2236
MLIST:[oss-security] 20140301 Re: CVE request: CMS Made Simple SQL injection fixed in 1.11.10 CVE-2014-2245
MLIST:[oss-security] 20140301 Re: CVE requests: MediaWiki 1.22.3, 1.21.6 and 1.19.12 release CVE-2014-2242 CVE-2014-2243 CVE-2014-2244
MLIST:[oss-security] 20140303 CVE Request: file: crashes when checking softmagic for some corrupt PE executables CVE-2014-2270
MLIST:[oss-security] 20140304 Re: CVE request: MantisBT 1.2.13 SQL injection vulnerability CVE-2014-2238
MLIST:[oss-security] 20140304 [OSSA 2014-006] Trustee token revocation does not work with memcache backend (CVE-2014-2237) CVE-2014-2237
MLIST:[oss-security] 20140305 CVE request for two net-snmp remote DoS flaws CVE-2014-2284 CVE-2014-2285
MLIST:[oss-security] 20140305 Re: CVE Request: file: crashes when checking softmagic for some corrupt PE executables CVE-2014-2270
MLIST:[oss-security] 20140305 sudo: security policy bypass when env_reset is disabled CVE-2014-0106
MLIST:[oss-security] 20140306 CVE request: net-snmp agentx incorrect handling of multi-object requests DoS CVE-2014-2310
MLIST:[oss-security] 20140307 Re: CVE Request: Linux kernel: IPv6: crash due to router advertisement flooding CVE-2014-2309
MLIST:[oss-security] 20140307 Re: CVE request: net-snmp agentx incorrect handling of multi-object requests DoS CVE-2014-2310
MLIST:[oss-security] 20140308 CVE Request: thermald CVE-2014-2312
MLIST:[oss-security] 20140308 Re: CVE Request: thermald CVE-2014-2312
MLIST:[oss-security] 20140308 Re: CVE request: SQL injection in MODX Revolution before 2.2.13 CVE-2014-2311
MLIST:[oss-security] 20140308 Re: possible CVE requests: perltidy insecure temporary file usage CVE-2014-2277
MLIST:[oss-security] 20140310 Remote Command Injection in Arabic Prawn 0.0.1 Ruby Gem CVE-2014-2322
MLIST:[oss-security] 20140312 Re: Remote Command Injection in Arabic Prawn 0.0.1 Ruby Gem CVE-2014-2322
MLIST:[oss-security] 20140312 Re: Two stack-based issues in freetype [NOT a request] CVE-2014-2241
MLIST:[oss-security] 20140312 Re: lighttpd 1.4.34 SQL injection and path traversal CVE request CVE-2014-2323 CVE-2014-2324
MLIST:[oss-security] 20140312 lighttpd 1.4.34 SQL injection and path traversal CVE request CVE-2014-2323 CVE-2014-2324
MLIST:[oss-security] 20140313 CVE request for icinga 1 byte \0 overflows CVE-2014-2386
MLIST:[oss-security] 20140314 Insecure usage of temporary files in GNU Readline CVE-2014-2524
MLIST:[oss-security] 20140317 CVE request: flaw in curl's Windows SSL backend CVE-2014-2522
MLIST:[oss-security] 20140317 CVE request: kdirstat, insufficient quote escaping leading to arbitrary command execution CVE-2014-2527 CVE-2014-2528
MLIST:[oss-security] 20140317 Moodle security notifications public CVE-2013-7341 CVE-2014-2571 CVE-2014-2572
MLIST:[oss-security] 20140317 Re: CVE Request: netfilter: remote memory corruption in nf_conntrack_proto_dccp.c CVE-2014-2523
MLIST:[oss-security] 20140317 Re: CVE request: flaw in curl's Windows SSL backend CVE-2014-2522
MLIST:[oss-security] 20140317 Re: Insecure usage of temporary files in GNU Readline CVE-2014-2524
MLIST:[oss-security] 20140318 CVE request -- libvirt: unprivileged user can crash libvirtd during spice migration CVE-2013-7336
MLIST:[oss-security] 20140318 CVE request for python/zipfile CVE-2013-7338
MLIST:[oss-security] 20140318 Re: CVE request -- libvirt: unprivileged user can crash libvirtd during spice migration CVE-2013-7336
MLIST:[oss-security] 20140318 Re: CVE request: kdirstat, insufficient quote escaping leading to arbitrary command execution CVE-2014-2527 CVE-2014-2528
MLIST:[oss-security] 20140319 Re: CVE Request: rack-ssl rubygem: XSS in error page CVE-2014-2538
MLIST:[oss-security] 20140319 Re: CVE request for python/zipfile CVE-2013-7338
MLIST:[oss-security] 20140320 CVE-2013-7339 Linux kernel - rds: prevent dereference of a NULL device CVE-2013-7339
MLIST:[oss-security] 20140320 Re: CVE request -- kernel: net: potential information leak when ubuf backed skbs are skb_zerocopy()ied CVE-2014-2568
MLIST:[oss-security] 20140321 CVE request for vulnerability in OpenStack Nova CVE-2014-2573
MLIST:[oss-security] 20140321 Re: CVE request for vulnerability in OpenStack Nova CVE-2014-2573
MLIST:[oss-security] 20140322 Re: CVE request: claws-mail vcalendar plugin stores user/password in cleartext CVE-2014-2576
MLIST:[oss-security] 20140324 Re: Xen Security Advisory 90 - Linux netback crash trying to disable due to malformed packet CVE-2014-2580
MLIST:[oss-security] 20140324 Xen Security Advisory 90 - Linux netback crash trying to disable due to malformed packet CVE-2014-2580
MLIST:[oss-security] 20140324 pam_timestamp internals CVE-2014-2583
MLIST:[oss-security] 20140325 Re: Xen Security Advisory 89 - HVMOP_set_mem_access is not preemptible CVE-2014-2599
MLIST:[oss-security] 20140325 Xen Security Advisory 89 - HVMOP_set_mem_access is not preemptible CVE-2014-2599
MLIST:[oss-security] 20140326 CVE request: openssh client does not check SSHFP if server offers certificate CVE-2014-2653
MLIST:[oss-security] 20140326 CVE request: postfixadmin SQL injection vulnerability CVE-2014-2655
MLIST:[oss-security] 20140326 Re: CVE request: postfixadmin SQL injection vulnerability CVE-2014-2655
MLIST:[oss-security] 20140326 Re: pam_timestamp internals CVE-2014-2583
MLIST:[oss-security] 20140327 CVE request: MediaWiki 1.22.5 login csrf CVE-2014-2665
MLIST:[oss-security] 20140327 [OSSA 2014-007] Potential context confusion in Keystone middleware (CVE-2014-0105) CVE-2014-0105
MLIST:[oss-security] 20140328 CVE request: os.makedirs(exist_ok=True) is not thread-safe in Python CVE-2014-2667
MLIST:[oss-security] 20140329 Re: [PSRT] CVE request: os.makedirs(exist_ok=True) is not thread-safe in Python CVE-2014-2667
MLIST:[oss-security] 20140330 Re: CVE request: Linux Kernel, two security issues CVE-2014-2672 CVE-2014-2673
MLIST:[oss-security] 20140330 Re: CVE request: os.makedirs(exist_ok=True) is not thread-safe in Python CVE-2014-2667
MLIST:[oss-security] 20140331 CVE requests: Zend Framework issues fixed in ZF2014-01 and ZF2014-02 CVE-2014-2682 CVE-2014-2683 CVE-2014-2684 CVE-2014-2685
MLIST:[oss-security] 20140331 CVE-2013-7348 CVE-2014-2678 Linux kernel aio and rds issues CVE-2013-7348 CVE-2014-2678
MLIST:[oss-security] 20140331 Re: CVE requests: Zend Framework issues fixed in ZF2014-01 and ZF2014-02 CVE-2014-2681
MLIST:[oss-security] 20140331 Re: pam_timestamp internals CVE-2014-2583
MLIST:[oss-security] 20140401 CVE request: cacti "bug#0002405: SQL injection in graph_xport.php" CVE-2014-2708
MLIST:[oss-security] 20140401 Re: CVE request: Linux Kernel, two security issues CVE-2014-2706
MLIST:[oss-security] 20140401 Re: CVE request: MediaWiki 1.22.5 login csrf CVE-2014-2665
MLIST:[oss-security] 20140402 Re: cups-browsed remote exploit CVE-2014-2707
MLIST:[oss-security] 20140403 Re: CVE request: cacti "bug#0002405: SQL injection in graph_xport.php" CVE-2014-2708 CVE-2014-2709
MLIST:[oss-security] 20140407 Re: Possible CVE Request: Uncontrolled Resource Consumption with XMPP-Layer Compression CVE-2014-2741 CVE-2014-2742 CVE-2014-2743 CVE-2014-2744 CVE-2014-2745 CVE-2014-2746
MLIST:[oss-security] 20140408 Re: (Openfire M-Link Metronome Prosody Tigase) Possible CVE Request: Uncontrolled Resource Consumption with XMPP-Layer Compression CVE-2014-2741 CVE-2014-2742 CVE-2014-2743 CVE-2014-2744 CVE-2014-2745 CVE-2014-2746
MLIST:[oss-security] 20140409 Heap-based buffer overflow in libdw/elfutils (CVE-2014-0172) CVE-2014-0172
MLIST:[oss-security] 20140410 CVE-2013-7353 CVE-2013-7354 libpng integer overflows CVE-2013-7353 CVE-2013-7354
MLIST:[oss-security] 20140410 Re: CVE request: redmine open redirector CVE-2014-1985
MLIST:[oss-security] 20140410 [OSSA 2014-013] Keystone DoS through V3 API authentication chaining (CVE-2014-2828) CVE-2014-2828
MLIST:[oss-security] 20140411 Re: CVE request -- Linux kernel: net: ping: refcount issue in ping_init_sock() function CVE-2014-2851
MLIST:[oss-security] 20140411 Re: pam_cifscreds stack overflow CVE-2014-2830
MLIST:[oss-security] 20140412 Use-after-free race condition,in OpenSSL's read buffer CVE-2010-5298
MLIST:[oss-security] 20140414 CVE Request: rsync denial of service CVE-2014-2855
MLIST:[oss-security] 20140414 CVE request: cross-site scripting issue fixed in CUPS 1.7.2 CVE-2014-2856
MLIST:[oss-security] 20140415 Re: CVE Request: rsync denial of service CVE-2014-2855
MLIST:[oss-security] 20140415 Re: CVE request: cross-site scripting issue fixed in CUPS 1.7.2 CVE-2014-2856
MLIST:[oss-security] 20140415 Remote Command Injection in Ruby Gem sfpagent 0.4.14 CVE-2014-2888
MLIST:[oss-security] 20140416 CVE request: insecure temporary file handling in clang's scan-build utility CVE-2014-2893
MLIST:[oss-security] 20140417 CVE Request - XXS in phpMyID (openid_error) CVE-2014-2890
MLIST:[oss-security] 20140417 CVE ids for CyaSSL 2.9.4? CVE-2014-2899 CVE-2014-2900
MLIST:[oss-security] 20140417 Re: TrueCrypt audit report CVE-2014-2884 CVE-2014-2885
MLIST:[oss-security] 20140418 Re: CVE Request - XXS in phpMyID (openid_error) CVE-2014-2890
MLIST:[oss-security] 20140418 Re: CVE ids for CyaSSL 2.9.4? CVE-2014-2899 CVE-2014-2900 CVE-2014-2903
MLIST:[oss-security] 20140418 Re: Remote Command Injection in Ruby Gem sfpagent 0.4.14 CVE-2014-2888
MLIST:[oss-security] 20140418 Re: libmms heap-based buffer overflow fix CVE-2014-2892
MLIST:[oss-security] 20140419 CVE request / advisory: gdomap (GNUstep core package <= 1.24.6) CVE-2014-2980
MLIST:[oss-security] 20140420 Re: Bug#744817: CVE request: insecure temporary file handling in clang's scan-build utility CVE-2014-2893
MLIST:[oss-security] 20140421 Re: CVE Request for Drupal Core CVE-2014-2983
MLIST:[oss-security] 20140421 Re: CVE request / advisory: gdomap (GNUstep core package <= 1.24.6) CVE-2014-2980
MLIST:[oss-security] 20140421 Re: Remote code execution in Pimcore CMS CVE-2014-2921 CVE-2014-2922
MLIST:[oss-security] 20140422 Re: CVE Request: Nagios Remote Plugin Executor <= 2.15 Remote Command Execution CVE-2014-2913
MLIST:[oss-security] 20140422 Re: Xen Security Advisory 93 - Hardware features unintentionally exposed to guests on ARM CVE-2014-2915
MLIST:[oss-security] 20140423 Re: Xen Security Advisory 94 - ARM hypervisor crash on guest interrupt controller access CVE-2014-2986
MLIST:[oss-security] 20140423 Xen Security Advisory 93 (CVE-2014-2915) - Hardware features unintentionally exposed to guests on ARM CVE-2014-2915
MLIST:[oss-security] 20140423 Xen Security Advisory 94 (CVE-2014-2986) - ARM hypervisor crash on guest interrupt controller access CVE-2014-2986
MLIST:[oss-security] 20140423 Xen Security Advisory 94 - ARM hypervisor crash on guest interrupt controller access CVE-2014-2986
MLIST:[oss-security] 20140425 Re: Re: cups-browsed remote exploit CVE-2014-4336 CVE-2014-4338
MLIST:[oss-security] 20140426 Re: Ubuntu 14.04: security problem in the lock screen CVE-2014-3202
MLIST:[oss-security] 20140426 Ubuntu 14.04: security problem in the lock screen CVE-2014-3202
MLIST:[oss-security] 20140428 CVE-2014-0469: xbuffy stack-based buffer overflow in subject processing CVE-2014-0469
MLIST:[oss-security] 20140428 Upcoming security release of fish 2.1.1 CVE-2014-2905
MLIST:[oss-security] 20140428 super unchecked setuid (CVE-2014-0470) CVE-2014-0470
MLIST:[oss-security] 20140429 CVE Request: indicator-datetime issue CVE-2013-7374
MLIST:[oss-security] 20140429 CVE request: directory traversal in DSA-2915-1-patched dpkg in Debian squeeze CVE-2014-3127 CVE-2014-3227
MLIST:[oss-security] 20140429 Fwd: [vs] php-fpm: privilege escalation due to insecure default config (CVE-2014-0185) CVE-2014-0185
MLIST:[oss-security] 20140429 Re: Ubuntu 14.04: security problem in the lock screen CVE-2014-3202 CVE-2014-3203 CVE-2014-3204
MLIST:[oss-security] 20140429 Xen Security Advisory 92 - HVMOP_set_mem_type allows invalid P2M entries to be created CVE-2014-3124
MLIST:[oss-security] 20140429 local privilege escalation due to capng_lock as used in seunshare CVE-2014-3215
MLIST:[oss-security] 20140430 CVE request: possible miniupnpc buffer overflow CVE-2014-3985
MLIST:[oss-security] 20140430 CVE request: rxvt-unicode user-assisted arbitrary commands execution CVE-2014-3121
MLIST:[oss-security] 20140430 Re: CVE Request - XSS in FOG open imaging system CVE-2014-3111
MLIST:[oss-security] 20140430 Re: CVE Request: indicator-datetime issue CVE-2013-7374
MLIST:[oss-security] 20140430 Re: Xen Security Advisory 91 - Hardware timer context is not properly context switched on ARM CVE-2014-3125
MLIST:[oss-security] 20140430 Re: Xen Security Advisory 92 - HVMOP_set_mem_type allows invalid P2M entries to be created CVE-2014-3124
MLIST:[oss-security] 20140430 Re: local privilege escalation due to capng_lock as used in seunshare CVE-2014-3215
MLIST:[oss-security] 20140430 Xen Security Advisory 91 - Hardware timer context is not properly context switched on ARM CVE-2014-3125
MLIST:[oss-security] 20140501 CVE-2014-3114 WordPress plugin ezpz-one-click-backup cmd parameter os command injection CVE-2014-3114
MLIST:[oss-security] 20140501 Re: CVE request: Python Bottle JSON content-type not restrictive enough CVE-2014-3137
MLIST:[oss-security] 20140501 Re: CVE request: directory traversal in DSA-2915-1-patched dpkg in Debian squeeze CVE-2014-3127
MLIST:[oss-security] 20140503 Re: Ubuntu 14.04: security problem in the lock screen CVE-2014-3202 CVE-2014-3203 CVE-2014-3204
MLIST:[oss-security] 20140506 CVE Request ---- SOAPpy 0.12.5 Multiple Vulnerabilities CVE-2014-3242 CVE-2014-3243
MLIST:[oss-security] 20140506 Re: CVE Request ---- SOAPpy 0.12.5 Multiple Vulnerabilities CVE-2014-3242 CVE-2014-3243
MLIST:[oss-security] 20140506 Re: Upcoming security release of fish 2.1.1 CVE-2014-3219
MLIST:[oss-security] 20140507 Re: CVE Request - Predictable temporary filenames in GNU Emacs CVE-2014-3421 CVE-2014-3422 CVE-2014-3423 CVE-2014-3424 CVE-2014-3425 CVE-2014-3426
MLIST:[oss-security] 20140507 Re: local privilege escalation due to capng_lock as used in seunshare CVE-2014-3215
MLIST:[oss-security] 20140508 CVE Request - Local File inclusion in Cobbler CVE-2014-3225
MLIST:[oss-security] 20140508 Re: CVE Request - Local File inclusion in Cobbler CVE-2014-3225
MLIST:[oss-security] 20140509 CVE request: Denial of Service attacks against Dovecot v1.1+ CVE-2014-3430
MLIST:[oss-security] 20140509 Linux kernel floppy ioctl kernel code execution CVE-2014-1737 CVE-2014-1738
MLIST:[oss-security] 20140509 Re: CVE request: Denial of Service attacks against Dovecot v1.1+ CVE-2014-3430
MLIST:[oss-security] 20140512 Re: CVE request: Drupal Flag 7.x-3.5 Module Vulnerability report: Arbitrary code execution due to improper input handling in flag importer CVE-2014-3453
MLIST:[oss-security] 20140513 CVE request: various NodeJS module vulnerabilities CVE-2013-7377 CVE-2013-7379 CVE-2014-3741 CVE-2014-3742 CVE-2014-3744
MLIST:[oss-security] 20140514 CVE Reuest: Django: Malformed URLs from user input incorrectly validated CVE-2014-1418 CVE-2014-3730
MLIST:[oss-security] 20140514 CVE request: Pyplate multiple vulnerabilities CVE-2014-3851 CVE-2014-3852 CVE-2014-3853 CVE-2014-3854 CVE-2014-3855
MLIST:[oss-security] 20140514 Re: A number of EncFS issues CVE-2014-3462
MLIST:[oss-security] 20140514 Re: CVE Reuest: Django: Malformed URLs from user input incorrectly validated CVE-2014-1418 CVE-2014-3730
MLIST:[oss-security] 20140514 Re: CVE request: various NodeJS module vulnerabilities CVE-2013-7377 CVE-2013-7379 CVE-2014-3741 CVE-2014-3742 CVE-2014-3744
MLIST:[oss-security] 20140514 Re: Mumble 1.2.6: Mumble-SA-2014-005 and Mumble-SA-2014-006 CVE-2014-3755 CVE-2014-3756
MLIST:[oss-security] 20140514 Re: Zenoss Open Source monitoring System - Open Redirect & Stored XSS Vulnerabilities CVE-2014-3738 CVE-2014-3739
MLIST:[oss-security] 20140514 Xen Security Advisory 95 - input handling vulnerabilities loading guest kernel on ARM CVE-2014-3714 CVE-2014-3715 CVE-2014-3716 CVE-2014-3717
MLIST:[oss-security] 20140514 Zenoss Open Source monitoring System - Open Redirect & Stored XSS Vulnerabilities CVE-2014-3738 CVE-2014-3739
MLIST:[oss-security] 20140515 Mumble 1.2.6: Mumble-SA-2014-005 and Mumble-SA-2014-006 CVE-2014-3755 CVE-2014-3756
MLIST:[oss-security] 20140515 Re: Xen Security Advisory 95 - input handling vulnerabilities loading guest kernel on ARM CVE-2014-3714 CVE-2014-3715 CVE-2014-3716 CVE-2014-3717
MLIST:[oss-security] 20140516 Xen Security Advisory 95 (CVE-2014-3714,CVE-2014-3715,CVE-2014-3716,CVE-2014-3717) - input handling vulnerabilities loading guest kernel on ARM CVE-2014-3714 CVE-2014-3715 CVE-2014-3716 CVE-2014-3717
MLIST:[oss-security] 20140516 [CVE-2014-2977] DirectFB integer signedness vulnerability CVE-2014-2977
MLIST:[oss-security] 20140516 [CVE-2014-2978] DirectFB remote out-of-bounds write vulnerability CVE-2014-2978
MLIST:[oss-security] 20140517 CVE request: X2Go Server privilege escalation CVE-2013-7383
MLIST:[oss-security] 20140518 CVE request for buffer overrun in CHICKEN Scheme CVE-2014-3776
MLIST:[oss-security] 20140518 CVE requests / advisory: TeamPass <= 2.1.19 CVE-2014-3771 CVE-2014-3772 CVE-2014-3773 CVE-2014-3774
MLIST:[oss-security] 20140519 Re: CVE request for buffer overrun in CHICKEN Scheme CVE-2014-3776
MLIST:[oss-security] 20140519 Re: CVE request: X2Go Server privilege escalation CVE-2013-7383
MLIST:[oss-security] 20140519 Re: CVE requests / advisory: TeamPass <= 2.1.19 CVE-2014-3771 CVE-2014-3772 CVE-2014-3773 CVE-2014-3774
MLIST:[oss-security] 20140519 Re: libgadu vulnerability: possible memory corruption CVE-2014-3775
MLIST:[oss-security] 20140520 CVE request for vulnerability in OpenStack Heat CVE-2014-3801
MLIST:[oss-security] 20140520 CVE request: xbmc CVE-2014-3800
MLIST:[oss-security] 20140520 Re: CVE request for vulnerability in OpenStack Heat CVE-2014-3801
MLIST:[oss-security] 20140520 Re: CVE request: xbmc CVE-2014-3800
MLIST:[oss-security] 20140521 Persistent XSS in Mayan EDMS - document management system CVE-2014-3840
MLIST:[oss-security] 20140521 Security release for mod_wsgi (version 3.5) CVE-2014-0240
MLIST:[oss-security] 20140522 Re: Persistent XSS in Mayan EDMS - document management system CVE-2014-3840
MLIST:[oss-security] 20140523 Re: CVE request: Pyplate multiple vulnerabilities CVE-2014-3851 CVE-2014-3852 CVE-2014-3853 CVE-2014-3854 CVE-2014-3855
MLIST:[oss-security] 20140525 CVE request: another path traversal in dpkg-source during unpack CVE-2014-3864 CVE-2014-3865
MLIST:[oss-security] 20140527 Fwd: [ruby-core:62800] [ruby-trunk - Bug #9709] Large string causes SEGV with x64-mingw32 CVE-2014-3916
MLIST:[oss-security] 20140528 LSE Leading Security Experts GmbH - LSE-2014-05-21 - Check_MK - Arbitrary File Disclosure Vulnerability CVE-2014-0243
MLIST:[oss-security] 20140529 Re: CVE request: Linux kernel DoS with syscall auditing CVE-2014-3917
MLIST:[oss-security] 20140529 Re: CVE request: another path traversal in dpkg-source during unpack CVE-2014-3227
MLIST:[oss-security] 20140529 Re: Fwd: [ruby-core:62800] [ruby-trunk - Bug #9709] Large string causes SEGV with x64-mingw32 CVE-2014-3916
MLIST:[oss-security] 20140602 CVE-2014-3940 - Linux kernel - missing check during hugepage migration CVE-2014-3940
MLIST:[oss-security] 20140603 CVE-2013-6876 s3dvt Root shell CVE-2013-6876
MLIST:[oss-security] 20140603 CVE-2014-1226 s3dvt Root shell (still) CVE-2014-1226
MLIST:[oss-security] 20140603 Re: CVE ID request: typo3 CVE-2014-3941 CVE-2014-3942 CVE-2014-3943 CVE-2014-3944 CVE-2014-3945 CVE-2014-3946 CVE-2014-3948 CVE-2014-3949
MLIST:[oss-security] 20140603 [CVE request] Local privilege escalation in libfep CVE-2014-3980
MLIST:[oss-security] 20140604 CVE request: PulseAudio crash due to empty UDP packet CVE-2014-3970
MLIST:[oss-security] 20140604 CVE-2014-0476 chkrootkit vulnerability CVE-2014-0476
MLIST:[oss-security] 20140604 Re: CVE request: PulseAudio crash due to empty UDP packet CVE-2014-3970
MLIST:[oss-security] 20140604 Re: CVE request: mediawiki invalid usernames on Special:PasswordReset were parsed as wikitext CVE-2014-3966
MLIST:[oss-security] 20140604 Re: Xen Security Advisory 96 - Vulnerabilities in HVM MSI injection CVE-2014-3967 CVE-2014-3968
MLIST:[oss-security] 20140604 Re: Xen Security Advisory 98 - insufficient permissions checks accessing guest memory on ARM CVE-2014-3969
MLIST:[oss-security] 20140605 CVE request: PHP configure script and Lynis tool /tmp/ issues reported on full disclosure CVE-2014-3982 CVE-2014-3986
MLIST:[oss-security] 20140605 Linux kernel futex local privilege escalation (CVE-2014-3153) CVE-2014-3153
MLIST:[oss-security] 20140605 Re: Linux kernel futex local privilege escalation (CVE-2014-3153) CVE-2014-3153
MLIST:[oss-security] 20140606 Re: CVE request: PHP configure script and Lynis tool /tmp/ issues reported on full disclosure CVE-2014-3981 CVE-2014-3982 CVE-2014-3986
MLIST:[oss-security] 20140606 Re: CVE request: possible miniupnpc buffer overflow CVE-2014-3985
MLIST:[oss-security] 20140606 Re: Linux kernel futex local privilege escalation (CVE-2014-3153) CVE-2014-3153
MLIST:[oss-security] 20140606 Re: Requesting CVEs issued for two XSS vulnerabilities in Djblets (a set of Django helpers) CVE-2014-3994 CVE-2014-3995
MLIST:[oss-security] 20140606 Re: [CVE request] Local privilege escalation in libfep CVE-2014-3980
MLIST:[oss-security] 20140606 Requesting CVEs issued for two XSS vulnerabilities in Djblets (a set of Django helpers) CVE-2014-3994 CVE-2014-3995
MLIST:[oss-security] 20140610 CVE-2014-3477 (fd.o#78979): local DoS in dbus-daemon CVE-2014-3477
MLIST:[oss-security] 20140610 CVE-2014-4014: Linux kernel user namespace bug CVE-2014-4014
MLIST:[oss-security] 20140611 CVE request: OpenAFS 1.6.8 TMAY fileserver crashes CVE-2014-4044
MLIST:[oss-security] 20140611 Re: CVE request: Linux kernel / target information leak CVE-2014-4027
MLIST:[oss-security] 20140613 Re: CVE Request: Horde_Ldap: Stricter parameter check in bind() to detect empty passwords CVE-2014-3999
MLIST:[oss-security] 20140613 Re: CVE request: OpenAFS 1.6.8 TMAY fileserver crashes CVE-2014-4044
MLIST:[oss-security] 20140613 Re: CVE request: PHP heap-based buffer overflow in DNS TXT record parsing CVE-2014-4049
MLIST:[oss-security] 20140613 Re: CVE request: scheme48: insecure use of temporary files in cmuscheme48.el CVE-2014-4150
MLIST:[oss-security] 20140614 CVE-2014-0477: Email::Address: Denial-of-Service in Email::Address::parse CVE-2014-4720
MLIST:[oss-security] 20140615 CVE-2014-1739: Kernel Infoleak vulnerability in,media_enum_entities() CVE-2014-1739
MLIST:[oss-security] 20140616 CVE Request: iodine: authentication bypass by client CVE-2014-4168
MLIST:[oss-security] 20140616 Re: Bug#751417: linux-image-3.2.0-4-5kc-malta: no SIGKILL after prctl(PR_SET_SECCOMP, 1, ...) on MIPS CVE-2014-4157
MLIST:[oss-security] 20140617 Re: (Linux kernel) Bug#751417: linux-image-3.2.0-4-5kc-malta: no SIGKILL after prctl(PR_SET_SECCOMP, 1, ...) on MIPS CVE-2014-4157
MLIST:[oss-security] 20140617 Re: CVE Request: iodine: authentication bypass by client CVE-2014-4168
MLIST:[oss-security] 20140617 Re: CVE request: multiple /tmp races in ppc64-diag CVE-2014-4038 CVE-2014-4039 CVE-2014-4040
MLIST:[oss-security] 20140618 CVE-2014-0477: Email::Address: Denial-of-Service in Email::Address::parse CVE-2014-0477
MLIST:[oss-security] 20140618 CVE-2014-4171 - Linux kernel mm/shmem.c denial of service CVE-2014-4171
MLIST:[oss-security] 20140618 [OSSA 2014-019] Neutron L3-agent DoS through IPv6 subnet (CVE-2014-4167) CVE-2014-4167
MLIST:[oss-security] 20140619 CVE request: Another Linux syscall auditing bug CVE-2014-4508
MLIST:[oss-security] 20140619 CVE request: mod_wsgi group privilege dropping [was Re: Security release for mod_wsgi (version 3.5)] CVE-2014-8583
MLIST:[oss-security] 20140619 Re: cups-browsed remote exploit CVE-2014-4336 CVE-2014-4337 CVE-2014-4338
MLIST:[oss-security] 20140620 Re: CVE request: Another Linux syscall auditing bug CVE-2014-4508
MLIST:[oss-security] 20140621 XSS vulnerability in apt-cacher-ng CVE-2014-4510
MLIST:[oss-security] 20140622 XSS vulnerability in apt-cacher-ng CVE-2014-4510
MLIST:[oss-security] 20140623 CVE request for vulnerability in OpenStack Neutron, Ceilometer and pyCADF library CVE-2014-4615
MLIST:[oss-security] 20140623 CVE request: Piwigo before 2.6.2 ws.php Arbitrary User Creation CSRF CVE-2014-4613
MLIST:[oss-security] 20140623 CVE request: XSS in coppermine gallery before 1.5.28 CVE-2014-4612
MLIST:[oss-security] 20140624 OpenVZ simfs container filesystem breakout CVE-2014-3519
MLIST:[oss-security] 20140624 Re: CVE request for vulnerability in OpenStack Neutron, Ceilometer and pyCADF library CVE-2014-4615
MLIST:[oss-security] 20140624 Re: CVE request: Piwigo before 2.6.2 ws.php Arbitrary User Creation CSRF CVE-2014-4613 CVE-2014-4614
MLIST:[oss-security] 20140624 Re: CVE request: XSS in coppermine gallery before 1.5.28 CVE-2014-4612
MLIST:[oss-security] 20140624 Re: CVE request: python: _json module is vulnerable to arbitrary process memory read CVE-2014-4616
MLIST:[oss-security] 20140625 [OSSA 2014-021] User token leak to message queue in pyCADF notifier middleware (CVE-2014-4615) CVE-2014-4615
MLIST:[oss-security] 20140626 LMS-2014-06-16-2: Linux Kernel LZO CVE-2014-4608
MLIST:[oss-security] 20140626 LMS-2014-06-16-5: Linux Kernel LZ4 CVE-2014-4611
MLIST:[oss-security] 20140626 Re: CVE Request: Linux kernel ALSA core control API vulnerabilities CVE-2014-4652 CVE-2014-4653 CVE-2014-4654 CVE-2014-4655 CVE-2014-4656
MLIST:[oss-security] 20140627 Re: CVE request -- Linux kernel: sctp: sk_ack_backlog wrap-around problem CVE-2014-4667
MLIST:[oss-security] 20140627 Re: CVE request: timthumb remote code execution CVE-2014-4663
MLIST:[oss-security] 20140628 CVE request / advisory: Cherokee CVE-2014-4668
MLIST:[oss-security] 20140628 Re: CVE request / advisory: Cherokee CVE-2014-4668
MLIST:[oss-security] 20140630 Re: CVE requests: nagios check_dhcp plug-in: read parts of INI config files belonging to root CVE-2014-4701 CVE-2014-4702 CVE-2014-4703
MLIST:[oss-security] 20140630 changing CVE ID for RH Bugzilla 1098222 (from CVE-2014-0235) CVE-2014-3538
MLIST:[oss-security] 20140702 CVE-2014-3532, -3533: two local DoS vulnerabilities in dbus-daemon CVE-2014-3532 CVE-2014-3533
MLIST:[oss-security] 20140702 [CVE-2014-3482] [CVE-2014-3483] Ruby on Rails: Two Active Record SQL Injection Vulnerabilities Affecting PostgreSQL CVE-2014-3482 CVE-2014-3483
MLIST:[oss-security] 20140704 CVE-2014-4699: Linux ptrace bug CVE-2014-4699
MLIST:[oss-security] 20140704 X.Org intel driver dev snapshots, backlight helper issue CVE-2014-4910
MLIST:[oss-security] 20140705 Re: CVE-2014-4699: Linux ptrace bug CVE-2014-4699
MLIST:[oss-security] 20140707 Vulnerability Report for Ruby Gem VladTheEnterprising-0.2 CVE-2014-4995 CVE-2014-4996
MLIST:[oss-security] 20140707 Vulnerability Report for Ruby Gem backup-agoddard-3.0.28 CVE-2014-4993
MLIST:[oss-security] 20140707 Vulnerability Report for Ruby Gem backup_checksum-3.0.23 CVE-2014-4993
MLIST:[oss-security] 20140707 Vulnerability Report for Ruby Gem cap-strap-0.1.5 CVE-2014-4992
MLIST:[oss-security] 20140707 Vulnerability Report for Ruby Gem ciborg-3.0.0 CVE-2014-5003
MLIST:[oss-security] 20140707 Vulnerability Report for Ruby Gem codders-dataset-1.3.2.1 CVE-2014-4991
MLIST:[oss-security] 20140707 Vulnerability Report for Ruby Gem gyazo-1.0.0 CVE-2014-4994
MLIST:[oss-security] 20140707 Vulnerability Report for Ruby Gem kajam-1.0.3.rc2 CVE-2014-4999
MLIST:[oss-security] 20140707 Vulnerability Report for Ruby Gem kcapifony-2.1.6 CVE-2014-5001
MLIST:[oss-security] 20140707 Vulnerability Report for Ruby Gem lawn-login-0.0.7 CVE-2014-5000
MLIST:[oss-security] 20140707 Vulnerability Report for Ruby Gem lean-ruport-0.3.8 CVE-2014-4998
MLIST:[oss-security] 20140707 Vulnerability Report for Ruby Gem lynx-0.2.0 CVE-2014-5002
MLIST:[oss-security] 20140707 Vulnerability Report for Ruby Gem point-cli-0.0.1 CVE-2014-4997
MLIST:[oss-security] 20140708 Re: CVE request: WordPress plugin wysija-newsletters remote file upload CVE-2014-4725 CVE-2014-4726
MLIST:[oss-security] 20140708 Re: CVE-2014-4699: Linux ptrace bug CVE-2014-4699
MLIST:[oss-security] 20140708 [OSSA 2014-023] Multiple XSS vulnerabilities in Horizon (CVE-2014-3473, CVE-2014-3474, and CVE-2014-3475) CVE-2014-8578
MLIST:[oss-security] 20140709 CVE request - Snoopy incomplete fix for CVE-2008-4796 CVE-2008-7313 CVE-2014-5009
MLIST:[oss-security] 20140709 Fwd: [ruby-core:63604] [ruby-trunk - Bug #10019] [Open] segmentation fault/buffer overrun in pack.c (encodes) CVE-2014-4975
MLIST:[oss-security] 20140710 CVE request: transmission peer communication vulnerability CVE-2014-4909
MLIST:[oss-security] 20140710 CVE-2014-0475: glibc directory traversal in LC_* locale handling CVE-2014-0475
MLIST:[oss-security] 20140710 Vulnerabilities in Ruby Gem brbackup-0.1.1 CVE-2014-5004
MLIST:[oss-security] 20140711 Re: CVE request: XSS in PNP4Nagios CVE-2014-4907 CVE-2014-4908
MLIST:[oss-security] 20140711 Re: CVE request: transmission peer communication vulnerability CVE-2014-4909
MLIST:[oss-security] 20140711 Re: X.Org intel driver dev snapshots, backlight helper issue CVE-2014-4910
MLIST:[oss-security] 20140714 Re: CVE-2014-0475: glibc directory traversal in LC_* locale handling CVE-2014-0475
MLIST:[oss-security] 20140715 IPython Notebook Cross 2014-3429 CVE-2014-3429
MLIST:[oss-security] 20140716 CVE-2014-4943: Linux privilege escalation in ppp over l2tp sockets CVE-2014-4943
MLIST:[oss-security] 20140716 Re: CVE request: rawstudio: Insecure use of temporary file CVE-2014-4978
MLIST:[oss-security] 20140716 Re: Re: CVE request - Snoopy incomplete fix for CVE-2008-4796 CVE-2008-7313 CVE-2014-5008 CVE-2014-5009
MLIST:[oss-security] 20140717 Re: Vulnerability Report for Ruby Gem codders-dataset-1.3.2.1 (etc.) CVE-2014-4991 CVE-2014-4992 CVE-2014-4993 CVE-2014-4994 CVE-2014-4995 CVE-2014-4996 CVE-2014-4997 CVE-2014-4998 CVE-2014-4999 CVE-2014-5000 CVE-2014-5001 CVE-2014-5002 CVE-2014-5003 CVE-2014-5004
MLIST:[oss-security] 20140718 Re: CVE Request: bozohttpd: basic http authentication bypass CVE-2014-5015
MLIST:[oss-security] 20140718 Re: CVE request - Snoopy incomplete fix for CVE-2008-4796 CVE-2008-7313 CVE-2014-5008 CVE-2014-5009
MLIST:[oss-security] 20140721 CVE requests for Review Board CVE-2014-5027
MLIST:[oss-security] 20140721 Moodle security notifications public CVE-2014-3541 CVE-2014-3542 CVE-2014-3543 CVE-2014-3544 CVE-2014-3545 CVE-2014-3546 CVE-2014-3547 CVE-2014-3548 CVE-2014-3549 CVE-2014-3550 CVE-2014-3551 CVE-2014-3552 CVE-2014-3553
MLIST:[oss-security] 20140722 CVE Request: cups: Incomplete fix for CVE-2014-3537 CVE-2014-5029 CVE-2014-5030 CVE-2014-5031
MLIST:[oss-security] 20140722 Re: CVE Request: cups: Incomplete fix for CVE-2014-3537 CVE-2014-5029 CVE-2014-5030 CVE-2014-5031
MLIST:[oss-security] 20140722 Re: CVE request: cacti XSS CVE-2014-5025 CVE-2014-5026
MLIST:[oss-security] 20140722 Re: CVE requests for Review Board CVE-2014-5027 CVE-2014-5028
MLIST:[oss-security] 20140723 Re: CVE request: kernel: vfs: refcount issues during unmount on symlink CVE-2014-5045
MLIST:[oss-security] 20140724 CVE request: WordPress plugin vitamin traversal arbitrary file access CVE-2012-6651
MLIST:[oss-security] 20140724 Re: Duplicated CVE - Cacti XSS CVE-2014-5026
MLIST:[oss-security] 20140728 Re: CVE request: WordPress plugin vitamin traversal arbitrary file access CVE-2012-6651
MLIST:[oss-security] 20140728 rsync vulnerable to collisions CVE-2014-8242
MLIST:[oss-security] 20140730 CVE Request: dhcpcd DoS attack CVE-2014-6060
MLIST:[oss-security] 20140730 CVE request for Drupal contributed modules CVE-2014-5169
MLIST:[oss-security] 20140731 Re: CVE request for Drupal contributed modules CVE-2014-5169 CVE-2014-5170
MLIST:[oss-security] 20140804 CVE Request -- qemu: missing field list terminator in vmstate_xhci_event CVE-2014-5263
MLIST:[oss-security] 20140805 [CVE Requests] rsync and librsync collisions CVE-2014-8242
MLIST:[oss-security] 20140812 CVE Request: ro bind mount bypass using user namespaces CVE-2014-5207
MLIST:[oss-security] 20140812 CVE id request: cacti remote code execution and SQL injection CVE-2014-5261 CVE-2014-5262
MLIST:[oss-security] 20140813 Re: CVE Request: ro bind mount bypass using user namespaces CVE-2014-5206 CVE-2014-5207
MLIST:[oss-security] 20140813 Re: WordPress 3.9.2 release - needs CVE's CVE-2014-5203 CVE-2014-5204 CVE-2014-5205 CVE-2014-5240
MLIST:[oss-security] 20140814 Re: Possible CVE Request: MediaWiki Security and Maintenance Releases: 1.19.18, 1.22.9 and 1.23.2 CVE-2014-5241 CVE-2014-5242 CVE-2014-5243
MLIST:[oss-security] 20140814 Re: [oCERT-2014-006] Ganeti insecure archive permission CVE-2014-5247
MLIST:[oss-security] 20140814 [Ruby on Rails] [CVE-2014-3514] Strong Parameter bypass with create_with CVE-2014-3514
MLIST:[oss-security] 20140815 Re: CVE Request -- qemu: missing field list terminator in vmstate_xhci_event CVE-2014-5263
MLIST:[oss-security] 20140815 Re: CVE Request: XML-DT: Insecure use of temporary files CVE-2014-5260
MLIST:[oss-security] 20140815 [OSSA 2014-026] Multiple vulnerabilities in Keystone revocation events (CVE-2014-5251, CVE-2014-5252, CVE-2014-5253) CVE-2014-5251 CVE-2014-5252 CVE-2014-5253
MLIST:[oss-security] 20140816 Re: CVE Request: Plack::App::File does not prune trailing slashes: possible code exposure / information disclosure CVE-2014-5269
MLIST:[oss-security] 20140816 Re: CVE id request: cacti remote code execution and SQL injection CVE-2014-5261 CVE-2014-5262
MLIST:[oss-security] 20140816 Re: CVE request for Drupal core, and contributed modules CVE-2014-5267
MLIST:[oss-security] 20140816 Re: CVE request: FFmpeg issues CVE-2014-5272
MLIST:[oss-security] 20140816 Re: CVE request: libgcrypt, ELGAMAL side-channel attack CVE-2014-5270
MLIST:[oss-security] 20140818 CVE request / advisory: Monkey web server <= v1.5.2 CVE-2014-5336
MLIST:[oss-security] 20140818 Enigmail warning CVE-2014-5369
MLIST:[oss-security] 20140819 CVE request: WordPress plugin wp-source-control remote path traversal file access CVE-2014-5368
MLIST:[oss-security] 20140819 Re: CVE request / advisory: Monkey web server <= v1.5.2 CVE-2014-5336
MLIST:[oss-security] 20140819 Re: FreeNAS default blank password CVE-2014-5334
MLIST:[oss-security] 20140819 [CVE-2014-0232] Apache OFBiz Cross-site scripting (XSS) vulnerability CVE-2014-0232
MLIST:[oss-security] 20140820 Re: CVE request: WordPress plugin wp-source-control remote path traversal file access CVE-2014-5368
MLIST:[oss-security] 20140821 CVE request: possible overflow in vararg functions CVE-2014-5461
MLIST:[oss-security] 20140821 Re: CVE request: possible overflow in vararg functions CVE-2014-5461
MLIST:[oss-security] 20140821 Re: Enigmail warning CVE-2014-5369
MLIST:[oss-security] 20140821 [OSSA 2014-028] Glance store DoS through disk space exhaustion (CVE-2014-5356) CVE-2014-5356
MLIST:[oss-security] 20140824 CVE request: Multiple incorrect default permissions in Zarafa CVE-2014-5447 CVE-2014-5448 CVE-2014-5449
MLIST:[oss-security] 20140824 CVE-2014-5443: Seafile local horizontal privilege escalation vulnerability CVE-2014-5443
MLIST:[oss-security] 20140825 Re: CVE Request: Multiple issues in com.ning:async-http-client CVE-2013-7397 CVE-2013-7398
MLIST:[oss-security] 20140825 Re: CVE request: Multiple incorrect default permissions in Zarafa CVE-2014-5447 CVE-2014-5448 CVE-2014-5449 CVE-2014-5450
MLIST:[oss-security] 20140826 CVE Request: Linux Kernel unbound recursion in ISOFS CVE-2014-5471
MLIST:[oss-security] 20140827 PHP-Wiki Command Injection CVE-2014-5519
MLIST:[oss-security] 20140827 Re: CVE Request: Linux Kernel unbound recursion in ISOFS CVE-2014-5471 CVE-2014-5472
MLIST:[oss-security] 20140827 Re: CVE request: php-pear, pear's insecure /tmp/ use for cache data CVE-2014-5459
MLIST:[oss-security] 20140827 Re: Lua CVE request [was Re: CVE request: possible overflow in vararg functions] CVE-2014-5461
MLIST:[oss-security] 20140827 XRMS SQLi to RCE 0day CVE-2014-5520 CVE-2014-5521
MLIST:[oss-security] 20140828 CVE-2014-0485: unsafe Python pickle in s3ql CVE-2014-0485
MLIST:[oss-security] 20140828 Full disclosure: denial of service in srvx CVE-2014-5508
MLIST:[oss-security] 20140829 CVE request: glibc character set conversion from IBM code pages CVE-2012-6656
MLIST:[oss-security] 20140829 RE: CVE requests for 2 separate vulns in torrentflux 2.4.5-1 (debian stable) CVE-2014-6028 CVE-2014-6029
MLIST:[oss-security] 20140829 Re: CVE Request: Clipboard Perl module: clipedit: insecure use of temporary files CVE-2014-5509
MLIST:[oss-security] 20140829 Re: Full disclosure: denial of service in srvx CVE-2014-5508
MLIST:[oss-security] 20140829 Re: PHP-Wiki Command Injection CVE-2014-5519
MLIST:[oss-security] 20140829 Re: XRMS SQLi to RCE 0day CVE-2014-5520 CVE-2014-5521
MLIST:[oss-security] 20140901 CVE Request: dhcpcd DoS attack CVE-2014-6060
MLIST:[oss-security] 20140902 Re: CVE request: glibc character set conversion from IBM code pages CVE-2012-6656
MLIST:[oss-security] 20140902 Re: CVE requests for 2 separate vulns in torrentflux 2.4.5-1 (debian stable) CVE-2014-6027 CVE-2014-6028 CVE-2014-6029
MLIST:[oss-security] 20140909 CVE-Request: squid pinger remote DoS CVE-2014-7141 CVE-2014-7142
MLIST:[oss-security] 20140909 CVE-Request: squid snmp off-by-one CVE-2014-6270
MLIST:[oss-security] 20140909 Re: CVE Request: haproxy read out of bounds CVE-2014-6269
MLIST:[oss-security] 20140909 Re: CVE-Request: squid snmp off-by-one CVE-2014-6270
MLIST:[oss-security] 20140911 Multiple Linux USB driver CVE assignment CVE-2014-3181 CVE-2014-3182 CVE-2014-3183 CVE-2014-3184 CVE-2014-3185
MLIST:[oss-security] 20140911 Re: Multiple Linux USB driver CVE assignment CVE-2014-3186
MLIST:[oss-security] 20140911 Re: TYPO3 extensions CVE-2013-7400
MLIST:[oss-security] 20140912 CVE request: MantisBT Null byte poisoning in LDAP authentication CVE-2014-6387
MLIST:[oss-security] 20140912 PowerDNS Recursor 3.6.0 can be crashed remotely (CVE-2014-3614) CVE-2014-3614
MLIST:[oss-security] 20140912 Re: CVE request: MantisBT Null byte poisoning in LDAP authentication CVE-2014-6387
MLIST:[oss-security] 20140913 Re: CVE request: MantisBT Null byte poisoning in LDAP authentication CVE-2014-6387
MLIST:[oss-security] 20140915 Moodle security notifications public CVE-2014-3617
MLIST:[oss-security] 20140915 Re: CVE Request: libceph auth token overflow / Linux kernel CVE-2014-6416 CVE-2014-6417 CVE-2014-6418
MLIST:[oss-security] 20140915 Re: CVE assignment for c-icap Server CVE-2013-7401 CVE-2013-7402
MLIST:[oss-security] 20140915 Re: CVE request for Linux kernel: udf: Avoid infinite loop when processing indirect ICBs CVE-2014-6410
MLIST:[oss-security] 20140916 CVE request for vulnerability in OpenStack Neutron CVE-2014-6414
MLIST:[oss-security] 20140916 Re: CVE-Request: squid pinger remote DoS CVE-2014-7141
MLIST:[oss-security] 20140916 Re: Re: CVE-Request: squid pinger remote DoS CVE-2014-7142
MLIST:[oss-security] 20140922 Re: CVE request: [CIFS] Possible null ptr deref in SMB2_tcon / Linux kernel CVE-2014-7145
MLIST:[oss-security] 20140922 Re: CVE-Request: squid pinger remote DoS CVE-2014-7141 CVE-2014-7142
MLIST:[oss-security] 20140923 CVE Request: Python 2.7 CVE-2014-7185
MLIST:[oss-security] 20140923 Multiple issues in libVNCserver CVE-2014-6051 CVE-2014-6052 CVE-2014-6053 CVE-2014-6054 CVE-2014-6055
MLIST:[oss-security] 20140924 CVE request: various NodeJS module vulnerabilities CVE-2014-6394
MLIST:[oss-security] 20140924 Re: CVE request: various NodeJS module vulnerabilities CVE-2014-6394 CVE-2014-7205
MLIST:[oss-security] 20140924 Re: CVE-2014-6271: remote code execution through bash CVE-2014-7169
MLIST:[oss-security] 20140925 Fwd: Non-upstream patches for bash CVE-2014-7186 CVE-2014-7187
MLIST:[oss-security] 20140925 LSE Leading Security Experts GmbH - LSE-2014-06-10 - Perl CORE - Deep Recursion Stack Overflow CVE-2014-4330
MLIST:[oss-security] 20140925 Re: CVE Request: Python 2.7 CVE-2014-7185
MLIST:[oss-security] 20140925 [oCERT-2014-007] libvncserver multiple issues CVE-2014-6051 CVE-2014-6052 CVE-2014-6053 CVE-2014-6054 CVE-2014-6055
MLIST:[oss-security] 20140926 CVE request: zeromq CVE-2014-7202 CVE-2014-7203
MLIST:[oss-security] 20140926 Re: CVE Request: Go crypto/tls vulnerability CVE-2014-7189
MLIST:[oss-security] 20140926 Re: Fwd: Non-upstream patches for bash CVE-2014-7186 CVE-2014-7187
MLIST:[oss-security] 20140926 [OSSA 2014-030] TLS cert verification option not honoured in paste configs (CVE-2014-7144) CVE-2014-7144
MLIST:[oss-security] 20140927 Re: CVE request: Mediawiki before 1.19.19, 1.22.11 and 1.23.4 insufficient CSS filtering of SVGs CVE-2014-7199
MLIST:[oss-security] 20140927 Re: CVE request: zeromq CVE-2014-7202 CVE-2014-7203
MLIST:[oss-security] 20140928 Re: CVE-2014-6271: remote code execution through bash CVE-2014-7186 CVE-2014-7187
MLIST:[oss-security] 20140928 Security release of fish shell 2.1.1 CVE-2014-3219
MLIST:[oss-security] 20140929 CVE request: exuberant-ctags: CPU/disk DoS on minified JavaScript file CVE-2014-7204
MLIST:[oss-security] 20140929 Re: CVE request for vulnerability in OpenStack Cinder, Nova and Trove CVE-2014-7230 CVE-2014-7231
MLIST:[oss-security] 20140929 gnome-shell lockscreen bypass with printscreen key CVE-2014-7300
MLIST:[oss-security] 20140930 vulnerability in rsyslog CVE-2014-3634 CVE-2014-3683
MLIST:[oss-security] 20141001 CVE Request: linux kernel net_get_random_once bug CVE-2014-7284
MLIST:[oss-security] 20141002 Re: CVE request: Mediawiki before 1.19.20, 1.22.12, 1.23.5 XSS through CSS CVE-2014-7295
MLIST:[oss-security] 20141002 xfs directory hash ordering bug CVE-2014-7283
MLIST:[oss-security] 20141003 sysklogd vulnerability (CVE-2014-3634) CVE-2014-3634 CVE-2014-3683
MLIST:[oss-security] 20141006 Re: various sddm vulnerabilities CVE-2014-7271 CVE-2014-7272
MLIST:[oss-security] 20141007 "New Class of Vulnerability in Perl Web Applications" CVE-2014-1572 CVE-2014-1573
MLIST:[oss-security] 20141007 CVE request for vulnerability in OpenStack Swift CVE-2014-7960
MLIST:[oss-security] 20141007 Re: CVE Request(s): Getmail 4 CVE-2014-7273 CVE-2014-7274 CVE-2014-7275
MLIST:[oss-security] 20141008 CVE request for VDSM denial of service CVE-2014-7968
MLIST:[oss-security] 20141008 CVE-2014-7970: Linux VFS denial of service CVE-2014-7970
MLIST:[oss-security] 20141008 CVE-2014-7975: 0-day umount denial of service CVE-2014-7975
MLIST:[oss-security] 20141008 Re: CVE request for VDSM denial of service CVE-2014-7968
MLIST:[oss-security] 20141008 Re: CVE request for vulnerability in OpenStack Swift CVE-2014-7960
MLIST:[oss-security] 20141009 CVE-2014-8086 - Linux kernel ext4 race condition CVE-2014-8086
MLIST:[oss-security] 20141009 wpa_cli and hostapd_cli action script execution vulnerability CVE-2014-3686
MLIST:[oss-security] 20141010 Re: CVE request: Zend Framework ZF2014-05 and ZF2014-06 CVE-2014-8088
MLIST:[oss-security] 20141010 Request for CVE assignment for tigervnc affected by similar flaws as in CVE-2014-6051 and CVE-2014-6052 of libvncserver CVE-2014-8240 CVE-2014-8241
MLIST:[oss-security] 20141011 Re: Request for CVE assignment for tigervnc affected by similar flaws as in CVE-2014-6051 and CVE-2014-6052 of libvncserver CVE-2014-8240 CVE-2014-8241
MLIST:[oss-security] 20141012 Re: [CVE Requests] rsync and librsync collisions CVE-2014-8242
MLIST:[oss-security] 20141013 CVE request: ejabberd compression allows cirucumvention of encryption despite starttls_required CVE-2014-8760
MLIST:[oss-security] 20141013 CVE request: various security flaws in dokuwiki CVE-2014-8761 CVE-2014-8762 CVE-2014-8763 CVE-2014-8764
MLIST:[oss-security] 20141013 shim RCE CVE-2014-3675 CVE-2014-3676 CVE-2014-3677
MLIST:[oss-security] 20141014 [OSSA 2014-035] Nova VMware driver may connect VNC to another tenant's console (CVE-2014-8750) CVE-2014-8750
MLIST:[oss-security] 20141015 Advisory 01/2014: Drupal7 - pre Auth SQL Injection Vulnerability CVE-2014-3704
MLIST:[oss-security] 20141015 Re: CVE request: xss in XHProf CVE-2013-4433
MLIST:[oss-security] 20141016 Abusing TZ for fun (and little profit) CVE-2014-9680
MLIST:[oss-security] 20141016 Re: CVE request: various security flaws in dokuwiki CVE-2014-8761 CVE-2014-8762 CVE-2014-8763 CVE-2014-8764
MLIST:[oss-security] 20141016 Vulnerabilities in WordPress Database Manager v2.7.1 CVE-2014-8334
MLIST:[oss-security] 20141017 Re: CVE request: TYPO3-EXT-SA-2014-013 CVE-2014-8325
MLIST:[oss-security] 20141017 libxml2 issue: billioun laughs variant (CVE-2014-3660) CVE-2014-3660
MLIST:[oss-security] 20141020 Re: Vulnerabilities in WordPress Database Manager v2.7.1 CVE-2014-8334 CVE-2014-8335
MLIST:[oss-security] 20141021 Re: Vulnerabilities in WordPress Database Manager v2.7.1 CVE-2014-8336
MLIST:[oss-security] 20141022 CVE Request: smarty: secure mode bypass CVE-2014-8350
MLIST:[oss-security] 20141023 CVE Request: Linux 3.17 guest-triggerable KVM OOPS CVE-2014-8480 CVE-2014-8481
MLIST:[oss-security] 20141023 Re: CVE Request: smarty: secure mode bypass CVE-2014-8350
MLIST:[oss-security] 20141023 Re: strings / libbfd crasher CVE-2014-8484
MLIST:[oss-security] 20141024 CVE-2014-8369 - Linux kernel iommu.c excessive unpinning CVE-2014-8369
MLIST:[oss-security] 20141024 New security advisories released for Apache CXF CVE-2014-3584 CVE-2014-3623
MLIST:[oss-security] 20141024 Re: Duplicate Request: CVE-2013-4444 as a duplicate of CVE-2013-2185 CVE-2013-2185 CVE-2013-4444
MLIST:[oss-security] 20141026 Re: Re: strings / libbfd crasher CVE-2014-8501
MLIST:[oss-security] 20141026 Re: strings / libbfd crasher CVE-2014-8484 CVE-2014-8485
MLIST:[oss-security] 20141027 Re: Re: strings / libbfd crasher CVE-2014-8504
MLIST:[oss-security] 20141028 Re: ftp(1) can be made execute arbitrary commands by malicious webserver CVE-2014-8517
MLIST:[oss-security] 20141028 ftp(1) can be made execute arbitrary commands by malicious webserver CVE-2014-8517
MLIST:[oss-security] 20141030 CVE-2014-8559 - Linux kernel fs/dcache.c incorrect use of rename_lock CVE-2014-8559
MLIST:[oss-security] 20141030 RE: SQL injection vulnerability in MantisBT SOAP API CVE-2014-8554
MLIST:[oss-security] 20141031 Re: CVE request for GitLab groups API CVE-2014-8540
MLIST:[oss-security] 20141031 Re: strings / libbfd crasher CVE-2014-8501 CVE-2014-8502 CVE-2014-8503 CVE-2014-8504
MLIST:[oss-security] 20141102 CVE-2014-7207 assignment: Debian-specific Linux 3.2 backport issue CVE-2014-7207
MLIST:[oss-security] 20141102 Re: SQL injection vulnerability in MantisBT SOAP API [CVE-2014-8554] CVE-2014-8554
MLIST:[oss-security] 20141102 unzip -t crasher CVE-2014-9636
MLIST:[oss-security] 20141103 Re: Re: strings / libbfd crasher CVE-2014-8738
MLIST:[oss-security] 20141103 Re: unzip -t crasher CVE-2014-9636
MLIST:[oss-security] 20141103 unzip -l crasher CVE-2014-9913
MLIST:[oss-security] 20141104 Privilege Escalation via KDE Clock KCM polkit helper CVE-2014-8651
MLIST:[oss-security] 20141104 Re: CVE request: mod_wsgi group privilege dropping [was Re: Security release for mod_wsgi (version 3.5)] CVE-2014-8583
MLIST:[oss-security] 20141105 Re: Re: strings / libbfd crasher CVE-2014-8738
MLIST:[oss-security] 20141106 CVE-Request: dpkg handling of 'control' and warnings format string vulnerability CVE-2014-8625
MLIST:[oss-security] 20141106 Re: CVE request: PHP xmlrpc date_from_ISO8601() buffer overflow (in php < 5.2.7) CVE-2014-8626
MLIST:[oss-security] 20141106 Re: CVE-Request: dpkg handling of 'control' and warnings format string vulnerability CVE-2014-8625
MLIST:[oss-security] 20141106 Re: Privilege Escalation via KDE Clock KCM polkit helper CVE-2014-8651
MLIST:[oss-security] 20141108 CVE-2014-7146: MantisBT XmlImportExport plugin PHP Code Injection Vulnerability CVE-2014-7146
MLIST:[oss-security] 20141108 CVE-2014-8598: MantisBT XML Import/Export plugin unrestricted access CVE-2014-8598
MLIST:[oss-security] 20141109 Re: CVE Request: Linux kernel mac80211 plain text leak CVE-2014-8709
MLIST:[oss-security] 20141110 CVE-2014-7824: D-Bus denial of service via incomplete fix for CVE-2014-3636 CVE-2014-7824
MLIST:[oss-security] 20141111 CVE Request - dns-sync node module CVE-2014-9682
MLIST:[oss-security] 20141113 CVE-2014-7842 Linux kernel: kvm: reporting emulation failures to userspace CVE-2010-5313
MLIST:[oss-security] 20141113 Re: CVE Request: binutils -- directory traversal CVE-2014-8737
MLIST:[oss-security] 20141113 Re: strings / libbfd crasher CVE-2014-8738
MLIST:[oss-security] 20141114 CVE Request: XSS vulnerability in MantisBT 1.2.13 CVE-2014-8987
MLIST:[oss-security] 20141114 Re: CVE Request: Linux kernel: ttusb-dec: overflow by descriptor CVE-2014-8884
MLIST:[oss-security] 20141114 Re: old CVE assignments for JQuery 1.10.0 CVE-2012-6662
MLIST:[oss-security] 20141114 old CVE assignments for JQuery 1.10.0 CVE-2012-6662
MLIST:[oss-security] 20141115 CVE Request: information disclosure in MantisBT attachments CVE-2014-8988
MLIST:[oss-security] 20141115 RE: CVE Request: XSS vulnerability in MantisBT 1.2.13 CVE-2014-8986 CVE-2014-8987
MLIST:[oss-security] 20141115 Re: CVE Request: XSS vulnerability in MantisBT 1.2.13 CVE-2014-8987
MLIST:[oss-security] 20141115 Re: Re: CVE Request: XSS vulnerability in MantisBT 1.2.13 CVE-2014-8986 CVE-2014-8987
MLIST:[oss-security] 20141117 Moodle security issues are now public CVE-2014-7830 CVE-2014-7831 CVE-2014-7832 CVE-2014-7833 CVE-2014-7834 CVE-2014-7835 CVE-2014-7836 CVE-2014-7837 CVE-2014-7838 CVE-2014-7845 CVE-2014-7846 CVE-2014-7847 CVE-2014-7848 CVE-2014-9059 CVE-2014-9060
MLIST:[oss-security] 20141117 Requesting a CVE for pip - Local DoS with predictable temp directory names CVE-2014-8991
MLIST:[oss-security] 20141119 CVE Request: LibreOffice -- several issues CVE-2014-9093
MLIST:[oss-security] 20141119 CVE request for check_diskio nagios/icinga plugin CVE-2014-8994
MLIST:[oss-security] 20141119 CVE request: lsyncd command injection CVE-2014-8990
MLIST:[oss-security] 20141119 RE: CVE Request: XSS vulnerability in MantisBT 1.2.13 CVE-2014-8986 CVE-2014-8987
MLIST:[oss-security] 20141119 Re: CVE Request: information disclosure in MantisBT attachments CVE-2014-8988
MLIST:[oss-security] 20141120 CVE request: icecast: possible leak of on-connect scripts CVE-2014-9018
MLIST:[oss-security] 20141120 Pending CVE assignments for SA-CORE-2014-006? CVE-2014-9015 CVE-2014-9016
MLIST:[oss-security] 20141120 Re: CVE request for check_diskio nagios/icinga plugin CVE-2014-8994
MLIST:[oss-security] 20141120 Re: CVE request: icecast: possible leak of on-connect scripts CVE-2014-9018
MLIST:[oss-security] 20141120 Re: CVE request: lsyncd command injection CVE-2014-8990
MLIST:[oss-security] 20141120 Re: Linux user namespaces can bypass group-based restrictions - Linux kernel CVE-2014-8989
MLIST:[oss-security] 20141120 Re: Requesting a CVE for pip - Local DoS with predictable temp directory names CVE-2014-8991
MLIST:[oss-security] 20141120 Re: [security] Pending CVE assignments for SA-CORE-2014-006? CVE-2014-9015 CVE-2014-9016
MLIST:[oss-security] 20141121 Re: CVE request: heap buffer overflow in PCRE CVE-2014-8964
MLIST:[oss-security] 20141122 Re: CVE request: heap buffer overflow in ClamAV CVE-2014-9050
MLIST:[oss-security] 20141123 so, can we do something about lesspipe? (+ a cpio bug to back up the argument) CVE-2014-9112
MLIST:[oss-security] 20141124 Docker 1.3.2 - Security Advisory [24 Nov 2014] CVE-2014-6407 CVE-2014-6408
MLIST:[oss-security] 20141124 parse_datetime() bug in coreutils CVE-2014-9471
MLIST:[oss-security] 20141125 Re: Re: CVE request: icecast: possible leak of on-connect scripts CVE-2014-9091
MLIST:[oss-security] 20141125 AW: parse_datetime() bug in coreutils CVE-2014-9471
MLIST:[oss-security] 20141125 CVE Request: Graphviz format string vuln CVE-2014-9157
MLIST:[oss-security] 20141125 CVE request: cpio heap-based buffer overflow [was Re: so, can we do something about lesspipe? (+ a cpio bug to back up the argument)] CVE-2014-9112
MLIST:[oss-security] 20141125 CVE request: missing checks for small-sized files in hivex CVE-2014-9273
MLIST:[oss-security] 20141125 Re: WordPress 4.0.1 Security Release CVE-2014-9031 CVE-2014-9032 CVE-2014-9033 CVE-2014-9034 CVE-2014-9035 CVE-2014-9036 CVE-2014-9037 CVE-2014-9038 CVE-2014-9039
MLIST:[oss-security] 20141126 CVE Request: CAPTCHA bypass in MantisBT CVE-2014-9117
MLIST:[oss-security] 20141126 CVE Request: MantisBT SQL injection in view_all_set.php CVE-2014-9089
MLIST:[oss-security] 20141126 CVE request: cpio heap-based buffer overflow [was Re: so, can we do something about lesspipe? (+ a cpio bug to back up the argument)] CVE-2014-9112
MLIST:[oss-security] 20141126 CVE-2014-7816 Undertow (on Windows): Information disclosure via directory traversal CVE-2014-7816
MLIST:[oss-security] 20141126 Re: CVE Request: CAPTCHA bypass in MantisBT CVE-2014-9117
MLIST:[oss-security] 20141126 Re: CVE Request: LibreOffice -- several issues CVE-2014-9093
MLIST:[oss-security] 20141126 Re: CVE Request: Linux kernel LDT handling bugs CVE-2014-9090
MLIST:[oss-security] 20141126 Re: CVE Request: MantisBT SQL injection in view_all_set.php CVE-2014-9089
MLIST:[oss-security] 20141126 Re: CVE request: Canto Feed URL Parsing Command Line Injection CVE-2013-7416
MLIST:[oss-security] 20141126 Re: CVE request: icecast: possible leak of on-connect scripts CVE-2014-9091
MLIST:[oss-security] 20141126 Re: CVE request: mutt: heap-based buffer overflow in mutt_substrdup() CVE-2014-9116
MLIST:[oss-security] 20141126 Re: Stack smashing in libjpeg-turbo CVE-2014-9092
MLIST:[oss-security] 20141127 CVE request: Canto Feed URL Parsing Command Line Injection CVE-2013-7416
MLIST:[oss-security] 20141127 CVE request: mutt: heap-based buffer overflow in mutt_substrdup() CVE-2014-9116
MLIST:[oss-security] 20141128 Re: libyaml / YAML-LibYAML DoS CVE-2014-9130
MLIST:[oss-security] 20141128 libyaml / YAML-LibYAML DoS CVE-2014-9130
MLIST:[oss-security] 20141129 CVE Request: DB credentials disclosure in MantisBT's unattended upgrade script CVE-2014-9279
MLIST:[oss-security] 20141129 CVE request: PHP Object Injection in MantisBT filter API CVE-2014-9280
MLIST:[oss-security] 20141129 Re: Re: libyaml / YAML-LibYAML DoS CVE-2014-9130
MLIST:[oss-security] 20141201 CVE Request: Multiple XSS vulnerabilities in MantisBT CVE-2014-9269 CVE-2014-9270 CVE-2014-9271 CVE-2014-9272 CVE-2014-9281
MLIST:[oss-security] 20141201 CVE request: OpenVAS Manager SQL injection (OVSA20141128) CVE-2014-9220
MLIST:[oss-security] 20141201 Re: Re: CVE Request: Graphviz format string vuln CVE-2014-9157
MLIST:[oss-security] 20141202 CVE-2014-6316: URL redirection issue in MantisBT CVE-2014-6316
MLIST:[oss-security] 20141203 CVE request: out-of-bounds memory access flaw in unrtf CVE-2014-9275
MLIST:[oss-security] 20141203 MediaWiki security release - 1.23.7 CVE-2014-9276 CVE-2014-9277
MLIST:[oss-security] 20141204 Re: MediaWiki security release - 1.23.7 CVE-2014-9276 CVE-2014-9277
MLIST:[oss-security] 20141204 Re: CVE Request: Multiple XSS vulnerabilities in MantisBT CVE-2014-9269 CVE-2014-9270 CVE-2014-9271 CVE-2014-9272
MLIST:[oss-security] 20141204 Re: CVE request: missing checks for small-sized files in hivex CVE-2014-9273
MLIST:[oss-security] 20141204 Re: CVE request: out-of-bounds memory access flaw in unrtf CVE-2014-9274 CVE-2014-9275
MLIST:[oss-security] 20141204 [oCERT-2014-009] JasPer input sanitization errors CVE-2014-9029
MLIST:[oss-security] 20141205 RE: CVE-2014-6316: URL redirection issue in MantisBT CVE-2014-6316
MLIST:[oss-security] 20141205 Re: CVE Request: Multiple XSS vulnerabilities in MantisBT CVE-2014-9271 CVE-2014-9281
MLIST:[oss-security] 20141205 Re: CVE request: PHP Object Injection in MantisBT filter API CVE-2014-9280
MLIST:[oss-security] 20141207 CVE request: Unauthenticated remote disk space exhaustion in Zarafa WebAccess and WebApp CVE-2014-9465
MLIST:[oss-security] 20141207 MantisBT 1.2.18 Released CVE-2014-8553 CVE-2014-9388 CVE-2014-9506
MLIST:[oss-security] 20141208 Xen Security Advisory 114 (CVE-2014-9065,CVE-2014-9066) - p2m lock starvation CVE-2014-9065 CVE-2014-9066
MLIST:[oss-security] 20141209 CVE request: pam: password hashes aren't compared case-sensitively CVE-2013-7041
MLIST:[oss-security] 20141209 PIE bypass using VDSO ASLR weakness CVE-2014-9585
MLIST:[oss-security] 20141209 Re: CVE question: Return of POODLE CVE-2014-8730
MLIST:[oss-security] 20141209 Re: CVE request: pam: password hashes aren't compared case-sensitively CVE-2013-7041
MLIST:[oss-security] 20141211 CVE request: Python, standard library HTTP clients CVE-2014-9365
MLIST:[oss-security] 20141215 Linux kernel: multiple x86_64 vulnerabilities CVE-2014-9322
MLIST:[oss-security] 20141215 Re: CVE request: XSS flaw fixed in dokuwiki 2014-09-29b CVE-2014-9253
MLIST:[oss-security] 20141216 CVE-2014-9119: DB Backup plugin for WordPress download.php file Parameter Remote Path Traversal File Access CVE-2014-9119
MLIST:[oss-security] 20141216 file(1): multiple denial of service issues (resource consumption), CVE-2014-8116 and CVE-2014-8117 CVE-2014-8116 CVE-2014-8117
MLIST:[oss-security] 20141217 Re: CVE Request: ZNC NULL Pointer Dereference CVE-2014-9403
MLIST:[oss-security] 20141217 [CVE-2014-8144] CSRF vulnerability in doorkeeper CVE-2014-8144
MLIST:[oss-security] 20141221 CVE Request: Mediawiki security releases 1.24.1, 1.23.8, 1.22.15 and 1.19.23 CVE-2014-9475 CVE-2014-9476 CVE-2014-9477 CVE-2014-9478 CVE-2014-9479 CVE-2014-9480
MLIST:[oss-security] 20141222 CVE Request: Info-ZIP unzip 6.0 CVE-2014-9636
MLIST:[oss-security] 20141222 Graylog2-Web LDAP Injection - CVE-2014-9217 CVE-2014-9217
MLIST:[oss-security] 20141222 Re: CVE Request: Info-ZIP unzip 6.0 CVE-2014-9636
MLIST:[oss-security] 20141223 Re: CVE-request: WordPress flash-album-gallery plugin facebook.php XSS CVE-2011-4624
MLIST:[oss-security] 20141224 Imagemagick fuzzing bug CVE-2014-9804 CVE-2014-9805 CVE-2014-9806 CVE-2014-9807 CVE-2014-9808 CVE-2014-9809 CVE-2014-9810 CVE-2014-9811 CVE-2014-9812 CVE-2014-9813 CVE-2014-9814 CVE-2014-9815 CVE-2014-9816 CVE-2014-9817 CVE-2014-9818 CVE-2014-9819 CVE-2014-9820 CVE-2014-9821 CVE-2014-9822 CVE-2014-9823 CVE-2014-9824 CVE-2014-9825 CVE-2014-9826 CVE-2014-9832 CVE-2014-9833 CVE-2014-9834 CVE-2014-9835 CVE-2014-9836 CVE-2014-9839 CVE-2014-9840
MLIST:[oss-security] 20141224 libsndfile DoS/divide-by-zero CVE-2014-9756
MLIST:[oss-security] 20141225 Re: CVE Request: Linux x86_64 userspace address leak CVE-2014-9419
MLIST:[oss-security] 20141229 CVE request: dir traversal in elfutils CVE-2014-9447
MLIST:[oss-security] 20141229 Re: CVE Request: Double Free in PHP CVE-2014-9425
MLIST:[oss-security] 20141231 CVE Request, Use after free vulnerability in Dwarfdump CVE-2014-9482
MLIST:[oss-security] 20141231 Command Injection in mime-support/run-mailcap (CVE-2014-7209) CVE-2014-7209
MLIST:[oss-security] 20141231 Re: CVE Request: Linux: Remote crash via batman-adv module - Linux kernel CVE-2014-9428
MLIST:[oss-security] 20141231 Re: CVE Request: PHP: out of bounds read crashes php-cgi CVE-2014-9427
MLIST:[oss-security] 20141231 cve request: miniunzip directory traversal CVE-2014-9485
MLIST:[oss-security] 20150101 CVE Request: libmspack: frame_end overflow which could cause infinite loop CVE-2014-9556
MLIST:[oss-security] 20150103 CVE Request: arj: symlink directory traversal and directory traversal via //multiple/leading/slash CVE-2015-0556 CVE-2015-0557
MLIST:[oss-security] 20150103 CVE requests: Drupal contributed modules CVE-2014-9498 CVE-2014-9499 CVE-2014-9500 CVE-2014-9501 CVE-2014-9505
MLIST:[oss-security] 20150103 Re: CVE Request CVE-2014-9490
MLIST:[oss-security] 20150103 Re: CVE Request for illumos distributions CVE-2014-9491
MLIST:[oss-security] 20150103 Re: CVE Request, Use after free vulnerability in Dwarfdump CVE-2014-9482
MLIST:[oss-security] 20150103 Re: CVE Request: Mediawiki security releases 1.24.1, 1.23.8, 1.22.15 and 1.19.23 CVE-2014-9475 CVE-2014-9476 CVE-2014-9477 CVE-2014-9478 CVE-2014-9479 CVE-2014-9480 CVE-2014-9487
MLIST:[oss-security] 20150103 Re: CVE Request: PHP: out of bounds read crashes php-cgi CVE-2014-9427
MLIST:[oss-security] 20150103 Re: CVE Request: libpng 1.6.15 Heap Overflow CVE-2014-9495
MLIST:[oss-security] 20150103 Re: CVE request: Unauthenticated remote disk space exhaustion in Zarafa WebAccess and WebApp CVE-2014-9465
MLIST:[oss-security] 20150103 Re: CVE request: insufficient 'X-Forwarded-For' header validation in rabbitmq-server CVE-2014-9494
MLIST:[oss-security] 20150103 Re: CVE request: mpfr: buffer overflow in mpfr_strtofr CVE-2014-9474
MLIST:[oss-security] 20150103 Re: CVE requests: Drupal contributed modules CVE-2014-9498 CVE-2014-9499 CVE-2014-9500 CVE-2014-9501 CVE-2014-9502 CVE-2014-9503 CVE-2014-9504 CVE-2014-9505
MLIST:[oss-security] 20150103 Re: Re: CVE Request: libsndfile buffer overread CVE-2014-9496
MLIST:[oss-security] 20150103 Re: Re: CVE request: remote code execution vulnerability in gollum < 3.1.1 CVE-2014-9489
MLIST:[oss-security] 20150103 Re: cve request: miniunzip directory traversal CVE-2014-9485
MLIST:[oss-security] 20150103 Re: mpg123 CVE Assignment? CVE-2014-9497
MLIST:[oss-security] 20150103 Re: parse_datetime() bug in coreutils CVE-2014-9471
MLIST:[oss-security] 20150104 Vulnerability Report - from QIHU 360 China CVE-2014-9676
MLIST:[oss-security] 20150105 CVE-2014-8148: midgard-core configures D-Bus system bus to be insecure CVE-2014-8148
MLIST:[oss-security] 20150105 Re: CVE Request: arj: symlink directory traversal and directory traversal via //multiple/leading/slash CVE-2015-0556 CVE-2015-0557
MLIST:[oss-security] 20150105 Re: CVE Request: gcab: directory traversal CVE-2015-0552
MLIST:[oss-security] 20150105 Re: cve request: insecure temporary file usage - xbindkeys-config CVE-2014-9513
MLIST:[oss-security] 20150106 CVE-2014-9529 - Linux kernel security/keys/gc.c race condition CVE-2014-9529
MLIST:[oss-security] 20150107 Re: CVE Request: libmspack: frame_end overflow which could cause infinite loop CVE-2014-9556
MLIST:[oss-security] 20150108 Directory traversals in cpio and friends? CVE-2015-1197 CVE-2015-2304
MLIST:[oss-security] 20150109 Re: CVE Request: libpng 1.6.15 Heap Overflow CVE-2014-9495 CVE-2015-0973
MLIST:[oss-security] 20150109 Re: PIE bypass using VDSO ASLR weakness - Linux kernel CVE-2014-9585
MLIST:[oss-security] 20150110 Re: CVE Request for Privoxy Version: 3.0.22 CVE-2015-1030 CVE-2015-1031
MLIST:[oss-security] 20150110 Re: CVE Request: libpng 1.6.15 Heap Overflow CVE-2014-9495 CVE-2015-0973
MLIST:[oss-security] 20150110 Re: CVE-2014-6316: URL redirection issue in MantisBT CVE-2015-1042
MLIST:[oss-security] 20150111 CVE request: TYPO3-EXT-SA-2015-001, TYPO3-EXT-SA-2015-002, TYPO3-EXT-SA-2015-003 CVE-2015-1402 CVE-2015-1403 CVE-2015-1404 CVE-2015-1405
MLIST:[oss-security] 20150111 CVE request: TYPO3-EXT-SA-2015-001, TYPO3-EXT-SA-2015-002, TYPO3-EXT-SA-2015-003 CVE-2015-1401
MLIST:[oss-security] 20150111 Re: CVE Request -- CMS BEdita v. 3.4.0 -- Multiple stored XSS vulnerabilities CVE-2015-1040
MLIST:[oss-security] 20150111 Re: CVE Request -- CMS e107 v.1.0.4 -- Reflecting XSS vulnerability in filemanager functionality CVE-2015-1041
MLIST:[oss-security] 20150111 Re: CVE request CVE-2015-1039
MLIST:[oss-security] 20150111 Re: CVE request for directory traversal flaw in p7zip CVE-2015-1038
MLIST:[oss-security] 20150111 Re: CVE request: roundcubemail: possible CSRF attacks to some address book operations as well as to the ACL and Managesieve plugins CVE-2014-9587
MLIST:[oss-security] 20150111 Re: Re: CVE-2014-6316: URL redirection issue in MantisBT CVE-2015-1042
MLIST:[oss-security] 20150115 [OSSA 2015-002] Glance v2 API unrestricted path traversal through filesystem:// scheme CVE-2015-1195
MLIST:[oss-security] 20150116 CVE Request: libarchive -- directory traversal in bsdcpio CVE-2015-2304
MLIST:[oss-security] 20150116 CVE-2014-9573: SQL Injection in manage_user_page.php CVE-2014-9573
MLIST:[oss-security] 20150117 CVE-2014-9571: XSS in install.php CVE-2014-9571
MLIST:[oss-security] 20150117 CVE-2014-9572: Improper Access Control in install.php CVE-2014-9572
MLIST:[oss-security] 20150117 Re: CVE Request: xdg-utils: xdg-open: command injection vulnerability CVE-2014-9622
MLIST:[oss-security] 20150117 Re: CVE request: file(1) DoS CVE-2014-9620 CVE-2014-9621
MLIST:[oss-security] 20150118 Re: CVE request: directory traversal flaw in patch CVE-2015-1196
MLIST:[oss-security] 20150118 Re: CVE Request: cpio -- directory traversal CVE-2015-1197
MLIST:[oss-security] 20150118 Re: CVE Request: ha -- directory traversals CVE-2015-1198
MLIST:[oss-security] 20150118 Re: CVE Request: ppmd -- directory traversals CVE-2015-1199
MLIST:[oss-security] 20150118 Re: CVE Request: pxz -- race condition in setting permissions CVE-2015-1200
MLIST:[oss-security] 20150118 Re: CVE request for vulnerability in OpenStack Glance CVE-2014-9623
MLIST:[oss-security] 20150118 Re: CVE request: CAPTCHA bypass in MantisBT CVE-2014-9624
MLIST:[oss-security] 20150118 Re: CVE request: pigz, kgb, pax: directory traversal CVE-2015-1191 CVE-2015-1192 CVE-2015-1193 CVE-2015-1194
MLIST:[oss-security] 20150118 Re: [OSSA 2015-002] Glance v2 API unrestricted path traversal through filesystem:// scheme CVE-2015-1195
MLIST:[oss-security] 20150119 Moodle security issues are now public CVE-2015-0211 CVE-2015-0212 CVE-2015-0213 CVE-2015-0214 CVE-2015-0215 CVE-2015-0216 CVE-2015-0217 CVE-2015-0218
MLIST:[oss-security] 20150119 New Apache Santuario security advisory CVE-2014-8152 CVE-2014-8152
MLIST:[oss-security] 20150120 Possible CVE request: sympa: vulnerability in the web interface CVE-2015-1306
MLIST:[oss-security] 20150121 CVE Request: XSS and response-splitting bugs in rabbitmq management plugin CVE-2014-9649 CVE-2014-9650
MLIST:[oss-security] 20150121 Re: CVE request: two issues in vorbis-tools CVE-2014-9640
MLIST:[oss-security] 20150122 CVE requests for nodejs marked VBScript Content Injection and sequelize SQL Injection in Order CVE-2015-1369
MLIST:[oss-security] 20150122 Defense4all security advisory: CVE-2014-8149 users can export report data to an arbitrary file on the server's filesystem CVE-2014-8149
MLIST:[oss-security] 20150122 Re: CVE request: grep heap buffer overrun CVE-2015-1345
MLIST:[oss-security] 20150122 Re: CVE request: two issues in vorbis-tools CVE-2014-9640
MLIST:[oss-security] 20150122 Re: KDE Plasma vulnerabilities: need CVE CVE-2015-1307 CVE-2015-1308
MLIST:[oss-security] 20150123 CVE-Request -- ferretCMS v.1.0.4-alpha -- Multiple reflecting/stored XSS- and SQLi-vulnerabilities, unrestricted file upload CVE-2015-1371 CVE-2015-1372 CVE-2015-1373 CVE-2015-1374
MLIST:[oss-security] 20150124 Multiple vulnerabilities in LibTIFF and associated tools CVE-2015-1547
MLIST:[oss-security] 20150124 Re: CVE Request: Linux kernel - Denial of service in notify_change for xattrs. CVE-2015-1350
MLIST:[oss-security] 20150124 Re: CVE Request: Linux kernel crypto api unprivileged arbitrary module load CVE-2013-7421 CVE-2014-9644 CVE-2014-9645
MLIST:[oss-security] 20150124 Re: CVE Request: PHP CVE-2015-1351 CVE-2015-1352
MLIST:[oss-security] 20150125 CVE request: MSA-2015-01: Wordpress Plugin Pixabay Images Multiple Vulnerabilities CVE-2015-1365 CVE-2015-1366 CVE-2015-1375 CVE-2015-1376
MLIST:[oss-security] 20150126 CVE request for Privoxy CVE-2015-1380 CVE-2015-1381 CVE-2015-1382
MLIST:[oss-security] 20150127 CVE-2014-8156: freesmartphone.org stack configures D-Bus system bus to be insecure CVE-2014-8156
MLIST:[oss-security] 20150127 Re: CVE Request: patch: CVE needed for incomplete fix for CVE-2015-1196? CVE-2015-1396
MLIST:[oss-security] 20150127 Re: CVE Request: patch: directory traversal via file rename CVE-2015-1395
MLIST:[oss-security] 20150127 Re: CVE or not: 2x grml-debootstrap CVE-2015-1378
MLIST:[oss-security] 20150127 Re: CVE request for Privoxy CVE-2015-1380 CVE-2015-1381 CVE-2015-1382
MLIST:[oss-security] 20150127 Re: CVE request: TYPO3-EXT-SA-2015-001, TYPO3-EXT-SA-2015-002, TYPO3-EXT-SA-2015-003 CVE-2015-1402 CVE-2015-1403 CVE-2015-1404 CVE-2015-1405
MLIST:[oss-security] 20150127 Re: CVE request: TYPO3-EXT-SA-2015-001, TYPO3-EXT-SA-2015-002, TYPO3-EXT-SA-2015-003 CVE-2015-1401
MLIST:[oss-security] 20150127 Re: CVE request: XSS in search functionality for Geo Mashup Wordpress plugin CVE-2015-1383
MLIST:[oss-security] 20150127 Re: Socat security advisory 6 - Possible DoS with fork CVE-2015-1379
MLIST:[oss-security] 20150128 CVE-Request -- Saurus CMS v.4.7 (Community Edition, released: 12.08.2014) -- Multiple reflecting XSS vulnerabilities CVE-2015-1562
MLIST:[oss-security] 20150128 Re: the other glibc issue CVE-2013-7423
MLIST:[oss-security] 20150129 CVE-2015-1420 - Linux kernel fs/fhandle.c race condition CVE-2015-1420
MLIST:[oss-security] 20150129 Re: CVE request -- Linux kernel - net: sctp: slab corruption from use after free on INIT collisions CVE-2015-1421
MLIST:[oss-security] 20150129 Re: CVEs for Drupal contributed modules - January 2015 CVE-2015-3342 CVE-2015-3343 CVE-2015-3344 CVE-2015-3345 CVE-2015-3346 CVE-2015-3347 CVE-2015-3348 CVE-2015-3349 CVE-2015-3350 CVE-2015-3351 CVE-2015-3352 CVE-2015-3353 CVE-2015-3354 CVE-2015-3355 CVE-2015-3356 CVE-2015-3357 CVE-2015-3358 CVE-2015-3359 CVE-2015-3360 CVE-2015-3361 CVE-2015-3362 CVE-2015-3363 CVE-2015-3364 CVE-2015-3365 CVE-2015-3366 CVE-2015-3367 CVE-2015-3368 CVE-2015-3369 CVE-2015-3370 CVE-2015-3371 CVE-2015-3372 CVE-2015-3373 CVE-2015-3374 CVE-2015-3375 CVE-2015-3376 CVE-2015-3404
MLIST:[oss-security] 20150129 Re: GHOST gethostbyname() heap overflow in glibc (CVE-2015-0235) CVE-2013-7424
MLIST:[oss-security] 20150129 Xen Security Advisory 118 - arm: vgic: incorrect rate limiting of guest triggered logging CVE-2015-1563
MLIST:[oss-security] 20150130 Re: CVE request: temporary file issue in Passenger rubygem CVE-2014-1832
MLIST:[oss-security] 20150131 CVE request: Roundcube cross-site scripting vulnerability fixed in 1.0.5 CVE-2015-1433
MLIST:[oss-security] 20150131 RCE, XSS and HTTP header injection in fli4l web interface CVE-2015-1443 CVE-2015-1444 CVE-2015-1445
MLIST:[oss-security] 20150131 Re: CVE request: Roundcube cross-site scripting vulnerability fixed in 1.0.5 CVE-2015-1433
MLIST:[oss-security] 20150131 Re: CVE request: Xymon CVE-2015-1430
MLIST:[oss-security] 20150131 Re: CVE request: phpbb3 CSRF and CSS injection CVE-2015-1431 CVE-2015-1432
MLIST:[oss-security] 20150201 CVE-Request -- Zerocms <= v. 1.3.3 -- SQL injection vulnerabilities CVE-2014-4034 CVE-2015-1442
MLIST:[oss-security] 20150201 Re: CVE-Request -- Zerocms <= v. 1.3.3 -- SQL injection vulnerabilities CVE-2014-4034 CVE-2015-1442
MLIST:[oss-security] 20150201 Re: RCE, XSS and HTTP header injection in fli4l web interface CVE-2015-1443 CVE-2015-1444 CVE-2015-1445
MLIST:[oss-security] 20150203 Possible CVE Requests: libmspack: several issues CVE-2014-9732 CVE-2015-4467 CVE-2015-4468 CVE-2015-4469 CVE-2015-4470 CVE-2015-4471 CVE-2015-4472
MLIST:[oss-security] 20150203 Re: CVE request -- Linux kernel - net: DoS due to routing packets to too many different dsts/too fast CVE-2015-1465
MLIST:[oss-security] 20150203 Re: CVE request: heap buffer overflow in glibc swscanf CVE-2015-1472 CVE-2015-1473
MLIST:[oss-security] 20150203 Re: CVE-Request -- Pragyan CMS v.3.0 -- SQL injection vulnerability CVE-2015-1471
MLIST:[oss-security] 20150204 CVE request for Moodlee MDL-48980 Security: Always clean the result from min_get_slash_argument CVE-2015-1493
MLIST:[oss-security] 20150205 [ANNOUNCE] CVE-2014-3600, CVE-2014-3612 and CVE-2014-8110 - Apache ActiveMQ vulnerabilities CVE-2014-3600
MLIST:[oss-security] 20150205 CVE requests for Drupal contributed modules CVE-2015-3389 CVE-2015-3390 CVE-2015-3391 CVE-2015-3392 CVE-2015-3393
MLIST:[oss-security] 20150205 Re: CVE Request: PHP/file: out-of-bounds memory access in softmagic CVE-2014-9652 CVE-2014-9653
MLIST:[oss-security] 20150205 Re: CVE request for Zero-day in the Fancybox-for-WordPress Plugin CVE-2015-1494
MLIST:[oss-security] 20150205 [ANNOUNCE] CVE-2014-3579 - ActiveMQ Apollo vulnerability CVE-2014-3579
MLIST:[oss-security] 20150206 CVE request for denial-of-service vulnerability in fcgi CVE-2012-6687
MLIST:[oss-security] 20150206 older fuseiso stuff CVE-2015-8836 CVE-2015-8837
MLIST:[oss-security] 20150206 some older pbm2l2030 stuff CVE-2013-7438
MLIST:[oss-security] 20150207 Re: CVE request for denial-of-service vulnerability in fcgi CVE-2012-6687
MLIST:[oss-security] 20150207 Re: CVE request: two OpenLDAP DoS issues CVE-2015-1545 CVE-2015-1546
MLIST:[oss-security] 20150207 Re: Multiple vulnerabilities in LibTIFF and associated tools CVE-2014-9655 CVE-2015-1547
MLIST:[oss-security] 20150207 Spencer regexp heap overflow? CVE-2015-2305
MLIST:[oss-security] 20150208 CVE-Request -- eFront v. 3.6.15.2 build 18021 (Community Edition) -- Multiple CSRF vulnerabilities CVE-2015-1559
MLIST:[oss-security] 20150208 Re: kernel: v4l: videobuf: hotfix a bug on multiple calls to mmap() - Linux kernel CVE-2010-5329
MLIST:[oss-security] 20150208 [Re: CVE-Request -- eFront v. 3.6.15.2 build 18021 (Community Edition) -- Multiple CSRF vulnerabilities CVE-2015-1559
MLIST:[oss-security] 20150209 CVE Request: jabberd remote information disclosure CVE-2015-2058
MLIST:[oss-security] 20150209 Moodle security issue made public CVE-2015-1493
MLIST:[oss-security] 20150210 CVE Request: Cups: cupsRasterReadPixels buffer overflow CVE-2014-9679
MLIST:[oss-security] 20150210 CVE-2015-0260: Kallithea: API key of repository's creator exposed by get_repo API method CVE-2015-0260
MLIST:[oss-security] 20150210 Re: CVE-Request -- Linux kernel - panic on nftables rule flush CVE-2015-1573
MLIST:[oss-security] 20150210 Re: Re: CVE-Request -- Google Email App 4.2.2 remote denial of service CVE-2015-1574
MLIST:[oss-security] 20150210 Re: eCryptfs key wrapping help to crack user password CVE-2014-9687
MLIST:[oss-security] 20150212 CVE request: MovableType before 5.2.12 CVE-2015-1592
MLIST:[oss-security] 20150212 CVE request: archmage directory traversal CVE-2015-1589
MLIST:[oss-security] 20150212 Re: CVE Request: Cups: cupsRasterReadPixels buffer overflow CVE-2014-9679
MLIST:[oss-security] 20150212 Re: CVE request: MovableType before 5.2.12 - Movable Type CVE-2015-1592
MLIST:[oss-security] 20150212 Re: CVE request: Reflected XSS / Content Spoofing in FlexPaper CVE-2014-9677 CVE-2014-9678
MLIST:[oss-security] 20150212 Re: CVE request: archmage directory traversal CVE-2015-1589
MLIST:[oss-security] 20150212 Re: CVE-Request -- Google Email App 4.2.2 remote denial of service CVE-2015-1574
MLIST:[oss-security] 20150212 Re: kamailio: multiple /tmp file vulnerabilities CVE-2013-7426 CVE-2015-1590 CVE-2015-1591
MLIST:[oss-security] 20150213 CVE Requests - glibc overflows (strxfrm) CVE-2015-8982
MLIST:[oss-security] 20150213 CVE requests for Drupal contributed modules CVE-2015-1621 CVE-2015-3378 CVE-2015-3379 CVE-2015-3380 CVE-2015-3381 CVE-2015-3382 CVE-2015-3383 CVE-2015-3384 CVE-2015-3385 CVE-2015-3386 CVE-2015-3387 CVE-2015-3388
MLIST:[oss-security] 20150213 CVE-Request -- Landsknecht Adminsystems v.4.0.1 (DEV, beta version) -- Reflecting XSS, unrestricted file-upload and underlaying CSRF CVE-2015-1603 CVE-2015-1604
MLIST:[oss-security] 20150213 Re: CVE-Request -- Landsknecht Adminsystems v.4.0.1 (DEV, beta version) -- Reflecting XSS, unrestricted file-upload and underlaying CSRF CVE-2015-1603 CVE-2015-1604
MLIST:[oss-security] 20150213 Re: CVE-Request -- Linux ASLR integer overflow CVE-2015-1593
MLIST:[oss-security] 20150214 Re: CVE-Request -- Landsknecht Adminsystems v.4.0.1 (DEV, beta version) -- Reflecting XSS, unrestricted file-upload and underlaying CSRF CVE-2015-1603 CVE-2015-1604
MLIST:[oss-security] 20150217 CVE request: Linux kernel ecryptfs 1-byte overwrite CVE-2014-9687
MLIST:[oss-security] 20150217 CVE request: novnc: session hijack through insecurely set session token cookies CVE-2013-7436
MLIST:[oss-security] 20150217 CVE-2015-1315 - Info-ZIP UnZip - Out-of-bounds Write CVE-2015-1315
MLIST:[oss-security] 20150217 Re: CVE request: Linux kernel ecryptfs 1-byte overwrite CVE-2014-9683
MLIST:[oss-security] 20150220 CVE-2015-2041 - Linux kernel - incorrect data type in llc2_timeout_table CVE-2015-2041
MLIST:[oss-security] 20150220 CVE-2015-2042 - Linux kernel - incorrect data type in rds_sysctl_rds_table CVE-2015-2042
MLIST:[oss-security] 20150220 Re: CVE request: XSS in MantisBT CVE-2015-2046
MLIST:[oss-security] 20150221 CVE-Request -- MyBB v. 1.8.3 -- Multiple stored XSS-vulnerabilities CVE-2015-2149
MLIST:[oss-security] 20150221 RE: CVE request: XSS in MantisBT CVE-2015-2046
MLIST:[oss-security] 20150222 CVE Request: TYPO3-CORE-SA-2015-001: Authentication Bypass in TYPO3 CMS 4.5 CVE-2015-2047
MLIST:[oss-security] 20150222 Re: CVE Request: TYPO3-CORE-SA-2015-001: Authentication Bypass in TYPO3 CMS 4.5 CVE-2015-2047
MLIST:[oss-security] 20150222 Re: libmnl: incorrect validation of netlink message origin allows attackers to spoof netlink messages CVE-2012-6689
MLIST:[oss-security] 20150223 CVE-Request -- Zeuscart v. 4 -- Multiple reflecting XSS-, SQLi and InformationDisclosure-vulnerabilities CVE-2010-5322 CVE-2015-2182 CVE-2015-2183 CVE-2015-2184
MLIST:[oss-security] 20150223 Re: CVE Request: jabberd remote information disclosure CVE-2015-2058 CVE-2015-2059
MLIST:[oss-security] 20150223 Re: CVE request: unace CVE-2015-2063
MLIST:[oss-security] 20150223 Re: older fuseiso stuff CVE-2015-8836 CVE-2015-8837
MLIST:[oss-security] 20150226 CVE request: Joomla Google Maps Plugin CVE-2013-7429
MLIST:[oss-security] 20150226 CVE request: glibc: potential application crash due to overread in fnmatch CVE-2015-8984
MLIST:[oss-security] 20150226 Re: CVE Request: mod-gnutls: GnuTLSClientVerify require is ignored CVE-2009-5144
MLIST:[oss-security] 20150226 Re: CVE request: Joomla Google Maps Plugin CVE-2013-7428 CVE-2013-7429 CVE-2013-7430 CVE-2013-7431 CVE-2013-7432 CVE-2013-7433 CVE-2014-9686
MLIST:[oss-security] 20150226 Requesting CVE for ImageMagick DoS CVE-2015-8900 CVE-2015-8901 CVE-2015-8902 CVE-2015-8903
MLIST:[oss-security] 20150227 Re: CVE-Request -- MyBB v. 1.8.3 -- Multiple stored XSS-vulnerabilities CVE-2015-2149
MLIST:[oss-security] 20150227 Re: CVE-Request -- phpBugTracker v. 1.6.0 -- Multiple SQLi, stored/reflecting XSS- and CSRF-vulnerabilities CVE-2015-2142 CVE-2015-2143 CVE-2015-2144 CVE-2015-2145 CVE-2015-2146 CVE-2015-2147 CVE-2015-2148
MLIST:[oss-security] 20150227 Re: Re: CVE request: Joomla Google Maps Plugin CVE-2013-7428
MLIST:[oss-security] 20150227 Re: eCryptfs key wrapping help to crack user password CVE-2014-9687
MLIST:[oss-security] 20150228 CVE Request: PuTTY fails to clear private key information from memory CVE-2015-2157
MLIST:[oss-security] 20150228 Re: CVE Request: PuTTY fails to clear private key information from memory CVE-2015-2157
MLIST:[oss-security] 20150228 Re: CVE request: pngcrush 1.7.83 crash bug (most likely exploitable) CVE-2015-2158
MLIST:[oss-security] 20150301 Re: CVE request: DokuWiki privilege escalation in RPC API CVE-2015-2172
MLIST:[oss-security] 20150302 Re: CVE-Request -- Zeuscart v. 4 -- Multiple reflecting XSS-, SQLi and InformationDisclosure-vulnerabilities CVE-2015-2182 CVE-2015-2183 CVE-2015-2184
MLIST:[oss-security] 20150303 Re: CVE request - Evergreen CVE-2013-7435 CVE-2015-2203 CVE-2015-2204
MLIST:[oss-security] 20150304 CVE request: PHPMoAdmin Unauthorized Remote Code Execution CVE-2015-2208
MLIST:[oss-security] 20150304 CVE-2014-6440: Heap Overflow in VLC Transcode Module CVE-2014-6440
MLIST:[oss-security] 20150304 Re: CVE request: PHPMoAdmin Unauthorized Remote Code Execution CVE-2015-2208
MLIST:[oss-security] 20150311 Re: CVE request: spencer regexp CVE-2015-2305
MLIST:[oss-security] 20150312 CVE request: novnc: session hijack through insecurely set session token cookies CVE-2013-7436
MLIST:[oss-security] 20150312 Re: CVE request: glibc scanf implementation crashes on certain inputs CVE-2011-5320
MLIST:[oss-security] 20150314 CVE Request for python-requests session fixation vulnerability CVE-2015-2296
MLIST:[oss-security] 20150314 CVE-2015-2289: Serendipity CMS cross-site scripting vulnerability in 2.0 version CVE-2015-2289
MLIST:[oss-security] 20150314 Re: CVE Request for information leak in Etherpad exports CVE-2015-2298
MLIST:[oss-security] 20150314 Re: CVE Request for python-requests session fixation vulnerability CVE-2015-2296
MLIST:[oss-security] 20150314 Re: CVE Request: XSS issue in MantisBT permalink_page.php CVE-2014-9701
MLIST:[oss-security] 20150315 Re: CVE Request: PHP 5.6.6 changelog CVE-2014-9705 CVE-2015-2301
MLIST:[oss-security] 20150315 Re: CVE request: vulnerabilities in libcsoap CVE-2015-2297
MLIST:[oss-security] 20150316 Moodle security issues are now public CVE-2015-2266 CVE-2015-2267 CVE-2015-2268 CVE-2015-2269 CVE-2015-2270 CVE-2015-2271 CVE-2015-2272 CVE-2015-2273
MLIST:[oss-security] 20150317 CVE Request: WebKitGTK+ late TLS certificate verification CVE-2015-2330
MLIST:[oss-security] 20150317 Re: CVE Request: Cap'n Proto: Several issues CVE-2015-2310 CVE-2015-2311 CVE-2015-2312 CVE-2015-2313
MLIST:[oss-security] 20150317 Re: Mono TLS vulnerabilities CVE-2015-2318 CVE-2015-2319 CVE-2015-2320
MLIST:[oss-security] 20150318 Re: CVE Request: WebKitGTK+ late TLS certificate verification CVE-2015-2330
MLIST:[oss-security] 20150320 CVE request: denial of service in Quassel CVE-2015-2778 CVE-2015-2779
MLIST:[oss-security] 20150320 OpenDaylight security advisory: CVE-2015-1778 authentication bypass, CVE-2015-1611 CVE-2015-1612 topology spoofing via LLDP CVE-2015-1778
MLIST:[oss-security] 20150320 Re: CVE Request: Linux kernel execution in the early microcode loader. CVE-2015-2666
MLIST:[oss-security] 20150321 Possible CVE Request: dulwich: does not prevent to write files in commits with invalid paths to working tree CVE-2014-9706
MLIST:[oss-security] 20150321 Re: CVE Request: Linux kernel unprivileged denial-of-service due to mis-protected xsave/xrstor instructions. CVE-2015-2672
MLIST:[oss-security] 20150322 CVE requests for Drupal contributed modules CVE-2015-4356 CVE-2015-4357 CVE-2015-4374 CVE-2015-4375 CVE-2015-4376 CVE-2015-4398
MLIST:[oss-security] 20150322 Dulwich security issue CVE-2015-0838
MLIST:[oss-security] 20150322 Re: Possible CVE Request: dulwich: does not prevent to write files in commits with invalid paths to working tree CVE-2014-9706
MLIST:[oss-security] 20150323 CVE Request: Linux kernel: sys_sendto/sys_recvfrom does not validate the user provided ubuf pointer CVE-2015-2686
MLIST:[oss-security] 20150323 CVE-2015-1820: ruby rest-client session fixation vulnerability CVE-2015-1820
MLIST:[oss-security] 20150323 Re: Assign a CVE for Python's restkit Please CVE-2015-2674
MLIST:[oss-security] 20150324 CVE Request: Multiple vulnerabilities in freexl 1.0.0g CVE-2015-2753 CVE-2015-2754 CVE-2015-2776
MLIST:[oss-security] 20150324 Re: CVE request for OpenStack Compute (nova) CVE-2015-2687
MLIST:[oss-security] 20150325 Re: CVE request for OpenStack Compute (nova) CVE-2015-2687
MLIST:[oss-security] 20150326 Re: CVE requests for Drupal Core - Moderately Critical - Multiple Vulnerabilities - SA-CORE-2015-001 CVE-2015-2749 CVE-2015-2750
MLIST:[oss-security] 20150327 CVE request: Erlang POODLE TLS vulnerability CVE-2015-2774
MLIST:[oss-security] 20150327 Re: CVE Request: Multiple vulnerabilities in freexl 1.0.0g CVE-2015-2753 CVE-2015-2754 CVE-2015-2776
MLIST:[oss-security] 20150327 Re: CVE request: Erlang POODLE TLS vulnerability CVE-2015-2774
MLIST:[oss-security] 20150327 Re: CVE request: denial of service in Quassel CVE-2015-2778 CVE-2015-2779
MLIST:[oss-security] 20150328 Advisory: CVE-2014-9708: Appweb Web Server CVE-2014-9708
MLIST:[oss-security] 20150328 CVE Request: arj: free on invalid pointer due to to buffer overflow CVE-2015-2782
MLIST:[oss-security] 20150328 Re: CVE request: denial of service in Quassel CVE-2015-2778 CVE-2015-2779
MLIST:[oss-security] 20150328 Re: Fwd: Insecure file upload in Berta CMS CVE-2015-2780
MLIST:[oss-security] 20150329 Fw: GNU Libtasn1 4.4 released ( fixes stack overflow in asn1_der_decoding) CVE-2015-2806
MLIST:[oss-security] 20150329 Re: CVE Request: arj: free on invalid pointer due to to buffer overflow CVE-2015-2782
MLIST:[oss-security] 20150329 Re: CVE request (Debian specific): slapd: dangerous access rule in default config CVE-2014-9713
MLIST:[oss-security] 20150330 CVE Request: DBD-Firebird: Buffer Overflow in dbdimp.c CVE-2015-2788
MLIST:[oss-security] 20150330 Fwd: CVE-2015-0249: Apache Roller allows admin users to execute arbitrary Java code CVE-2015-0249
MLIST:[oss-security] 20150330 Re: CVE Request: DBD-Firebird: Buffer Overflow in dbdimp.c CVE-2015-2788
MLIST:[oss-security] 20150330 Re: Fw: GNU Libtasn1 4.4 released ( fixes stack overflow in asn1_der_decoding) CVE-2015-2806
MLIST:[oss-security] 20150330 Security advisory for musl libc - stack-based buffer overflow in ipv6 literal parsing [CVE-2015-1817] CVE-2015-1817
MLIST:[oss-security] 20150331 CVE request: MediaWiki 1.24.2/1.23.9/1.19.24 CVE-2014-9714 CVE-2015-2931 CVE-2015-2932 CVE-2015-2933 CVE-2015-2934 CVE-2015-2935 CVE-2015-2936 CVE-2015-2937 CVE-2015-2938 CVE-2015-2939 CVE-2015-2940 CVE-2015-2941 CVE-2015-2942
MLIST:[oss-security] 20150401 CVE Request: Linux mishandles int80 fork from 64-bit tasks CVE-2015-2830
MLIST:[oss-security] 20150401 CVE request: Buffer overflow in das_watchdog CVE-2015-2831
MLIST:[oss-security] 20150402 Re: CVE request: Buffer overflow in das_watchdog CVE-2015-2831
MLIST:[oss-security] 20150404 Re: CVE Request : IPv6 Hop limit lowering via RA messages CVE-2015-2922 CVE-2015-2924 CVE-2015-5869
MLIST:[oss-security] 20150404 Re: Linux namespaces: It is possible to escape from bind mounts CVE-2015-2925
MLIST:[oss-security] 20150406 CVE Request: tor: new upstream releases (0.2.6.7, 0.2.5.12 and 0.2.4.27) fixing security issues CVE-2015-2928
MLIST:[oss-security] 20150406 CVE request: Module::Signature before 0.75 - multiple vulnerabilities CVE-2015-3407 CVE-2015-3408 CVE-2015-3409
MLIST:[oss-security] 20150406 Re: Advisory: CVE-2014-9708: Appweb Web Server CVE-2014-9708
MLIST:[oss-security] 20150406 Re: Request CVE for LinuxNode - DoS vulnerability CVE-2015-2927
MLIST:[oss-security] 20150406 Socat security advisory 6 - Possible DoS with fork (update: CVE-Id: CVE-2015-1379; fix for version 2) CVE-2015-1379
MLIST:[oss-security] 20150407 CVE request netfilter connection tracking accounting. CVE-2014-9715
MLIST:[oss-security] 20150407 Re: CVE request: MediaWiki 1.24.2/1.23.9/1.19.24 CVE-2014-9714 CVE-2015-2931 CVE-2015-2932 CVE-2015-2933 CVE-2015-2934 CVE-2015-2935 CVE-2015-2936 CVE-2015-2937 CVE-2015-2938 CVE-2015-2939 CVE-2015-2940 CVE-2015-2941 CVE-2015-2942
MLIST:[oss-security] 20150408 CVE Request for Icecast 2.3.3, 2.4.0, 2.4.1, fixed in 2.4.2 CVE-2015-3026
MLIST:[oss-security] 20150408 Re: CVE Request for Icecast 2.3.3, 2.4.0, 2.4.1, fixed in 2.4.2 CVE-2015-3026
MLIST:[oss-security] 20150409 Apache Tomcat partial file upload DoS CVE-2014-0230 CVE-2014-0230
MLIST:[oss-security] 20150409 CVE Request for ceph-deploy world-readable keyring permissions CVE-2015-3010 CVE-2015-4053
MLIST:[oss-security] 20150409 Re: CVE Request for ceph-deploy world-readable keyring permissions CVE-2015-3010
MLIST:[oss-security] 20150409 Re: CVE Request: libX11: buffer overflow in MakeBigReq macro CVE-2013-7439
MLIST:[oss-security] 20150410 CVE-2015-0276: Kallithea: Lack of CSRF attack protection enables gaining unauthorised access to users' accounts CVE-2015-0276
MLIST:[oss-security] 20150410 Re: CVE Request for read-only directory traversal in Etherpad Minify CVE-2015-3297
MLIST:[oss-security] 20150410 Re: CVE request - NodeBB Persistent XSS through Markdown CVE-2015-3295 CVE-2015-3296
MLIST:[oss-security] 20150412 Corrections to CVE-2015-3297 CVE-2015-3297
MLIST:[oss-security] 20150413 Re: CVE request / Advisory: Floating Social Bar (Wordpress plugin) 1.0.1 - 1.1.6 CVE-2015-3299
MLIST:[oss-security] 20150413 net-snmp snmp_pdu_parse() function incompletely initializaition vulnerability CVE-2015-5621
MLIST:[oss-security] 20150414 Buffer overruns in Linux kernel RFC4106 implementation using AESNI CVE-2015-3331
MLIST:[oss-security] 20150414 CVE-2015-1864: Multiple HTML and Javascript injections CVE-2015-1864
MLIST:[oss-security] 20150414 Problems in automatic crash analysis frameworks CVE-2015-3315
MLIST:[oss-security] 20150414 TCP Fast Open local DoS in some Linux stable branches CVE-2015-3332
MLIST:[oss-security] 20150414 [CVE-2015-1866] Ember.js XSS Vulnerability With {{view CVE-2015-1866
MLIST:[oss-security] 20150415 double-free in gnutls (CRL distribution points parsing) CVE-2015-3308
MLIST:[oss-security] 20150416 Re: CVE request: SQL injection vulnerability in WordPress plugins Community Events 1.3.5, Tune Library 1.5.4, WP Symposium 15.1 CVE-2015-3313 CVE-2015-3314
MLIST:[oss-security] 20150416 Re: Problems in automatic crash analysis frameworks CVE-2015-3315
MLIST:[oss-security] 20150416 Re: double-free in gnutls (CRL distribution points parsing) CVE-2015-3308
MLIST:[oss-security] 20150416 Re: net-snmp snmp_pdu_parse() function incompletely initializaition vulnerability CVE-2015-5621
MLIST:[oss-security] 20150417 Re: CVE Request: PHP potential remote code execution with apache 2.4 apache2handler CVE-2015-3330
MLIST:[oss-security] 20150417 USERNS allows circumventing MNT_LOCKED CVE-2014-9717
MLIST:[oss-security] 20150419 libxml2 issue: out-of-bounds memory access when parsing an unclosed HTML comment CVE-2015-8710
MLIST:[oss-security] 20150420 Re: Linux: chown() was racy relative to execve() - Linux kernel CVE-2015-3339
MLIST:[oss-security] 20150421 Re: Re: CVEs for Drupal contributed modules - January 2015 CVE-2015-3404
MLIST:[oss-security] 20150422 Re: CVE Request for ZFS on Linux CVE-2015-3400
MLIST:[oss-security] 20150422 USBCreator D-Bus service CVE-2015-3643
MLIST:[oss-security] 20150423 Incorrect handling of self signed certificates in OpenFire XMPP Server CVE-2014-3451
MLIST:[oss-security] 20150423 Re: CVE request: Module::Signature before 0.75 - multiple vulnerabilities CVE-2015-3407 CVE-2015-3408 CVE-2015-3409
MLIST:[oss-security] 20150424 CVE Request: vBulletin 5 - Private Messages Input Validation Failure CVE-2015-3419
MLIST:[oss-security] 20150424 CVE request: Perl XML::LibXML CVE-2015-3451
MLIST:[oss-security] 20150425 CVE requests / Advisory: phpMyBackupPro CVE-2015-3638 CVE-2015-3639
MLIST:[oss-security] 20150425 CVE requests for Drupal contributed modules (from SA-CONTRIB-2015-034 to SA-CONTRIB-2015-099) CVE-2015-4344 CVE-2015-4345 CVE-2015-4346 CVE-2015-4347 CVE-2015-4348 CVE-2015-4349 CVE-2015-4350 CVE-2015-4351 CVE-2015-4352 CVE-2015-4353 CVE-2015-4354 CVE-2015-4355 CVE-2015-4356 CVE-2015-4357 CVE-2015-4358 CVE-2015-4359 CVE-2015-4360 CVE-2015-4361 CVE-2015-4362 CVE-2015-4363 CVE-2015-4364 CVE-2015-4365 CVE-2015-4366 CVE-2015-4367 CVE-2015-4368 CVE-2015-4369 CVE-2015-4370 CVE-2015-4371 CVE-2015-4372 CVE-2015-4373 CVE-2015-4374 CVE-2015-4375 CVE-2015-4376 CVE-2015-4377 CVE-2015-4378 CVE-2015-4379 CVE-2015-4380 CVE-2015-4381 CVE-2015-4382 CVE-2015-4383 CVE-2015-4384 CVE-2015-4385 CVE-2015-4386 CVE-2015-4387 CVE-2015-4388 CVE-2015-4389 CVE-2015-4390 CVE-2015-4391 CVE-2015-4392 CVE-2015-4393 CVE-2015-4394 CVE-2015-4395 CVE-2015-4396 CVE-2015-4397 CVE-2015-4398
MLIST:[oss-security] 20150427 Re: CVE request: Dovecot remote DoS on TLS connections CVE-2015-3420
MLIST:[oss-security] 20150428 Re: Re: CVE request: Dovecot remote DoS on TLS connections CVE-2015-3420
MLIST:[oss-security] 20150429 Re: CVE request - TelescopeJS Information Leakage: User BCrypt password hash post-authentication CVE-2015-3454
MLIST:[oss-security] 20150429 Re: CVE request libaxl <= 0.6.9 CVE-2015-3450
MLIST:[oss-security] 20150430 Re: CVE request: Perl XML::LibXML CVE-2015-3451
MLIST:[oss-security] 20150502 CVE request for a fixed bug existed in all versions of linux kernel from KeenTeam CVE-2015-3636
MLIST:[oss-security] 20150502 Re: CVE request / Advisory: Slideshow (Wordpress plugin) - Wordpress option value disclosure CVE-2015-3634
MLIST:[oss-security] 20150502 Re: CVE request for a fixed bug existed in all versions of linux kernel from KeenTeam CVE-2016-0821
MLIST:[oss-security] 20150504 Re: CVE requests / Advisory: phpMyBackupPro CVE-2015-3637 CVE-2015-3638 CVE-2015-3639 CVE-2015-3640
MLIST:[oss-security] 20150504 Re: USBCreator D-Bus service CVE-2015-3643
MLIST:[oss-security] 20150505 [CVE-2014-8146/8147] - ICU heap and integer overflows / I-C-U-FAIL CVE-2014-8146 CVE-2014-8147
MLIST:[oss-security] 20150506 Re: Local privileges escalation in rubygem open-uri-cached CVE-2015-3649
MLIST:[oss-security] 20150507 CVE-2015-0847 in nbd-server CVE-2015-0847
MLIST:[oss-security] 20150507 beaker vulns fixed in version 20.1 CVE-2015-3160 CVE-2015-3161 CVE-2015-3162 CVE-2015-3163
MLIST:[oss-security] 20150508 Re: CVE request: SQL injection vulnerability in WordPress plugins Community Events 1.3.5, Tune Library 1.5.4, WP Symposium 15.1 CVE-2015-3313 CVE-2015-3314
MLIST:[oss-security] 20150509 CVE request: hostapd/wpa_supplicant - Integer underflow in AP mode WMM Action frame processing CVE-2015-4142
MLIST:[oss-security] 20150509 CVE request: hostapd/wpa_supplicant - WPS UPnP vulnerability with HTTP chunked transfer encoding CVE-2015-4141
MLIST:[oss-security] 20150509 Re: CVE request: vulnerability in wpa_supplicant and hostapd CVE-2015-4143 CVE-2015-4144 CVE-2015-4145 CVE-2015-4146
MLIST:[oss-security] 20150512 CVE request for vulnerability in OpenStack Horizon CVE-2015-3988
MLIST:[oss-security] 20150512 CVE request: libinfinity did not correctly check certificates for validity CVE-2015-3886
MLIST:[oss-security] 20150512 Re: CVE Request: phpbb open redirect CVE-2015-3880
MLIST:[oss-security] 20150513 CVE Request: t1utils: buffer overflow in set_cs_start CVE-2015-3905
MLIST:[oss-security] 20150513 CVE request for vhost/scsi possible memory corruption. CVE-2015-4036
MLIST:[oss-security] 20150513 Re: CVE request for proxychains-ng : current path as the first directory for the library search path CVE-2015-3887
MLIST:[oss-security] 20150516 Netty/Play's Security Updates (CVE-2015-2156) CVE-2015-2156
MLIST:[oss-security] 20150518 CVE request: ssl.match_hostname(): sub string wildcard should not match IDNA prefix CVE-2013-7440
MLIST:[oss-security] 20150518 CVE request: xzgrep 4.999.9beta arbitrary code execution vulnerability CVE-2015-4035
MLIST:[oss-security] 20150518 Moodle security advisories [vs] CVE-2015-3174 CVE-2015-3175 CVE-2015-3176 CVE-2015-3177 CVE-2015-3178 CVE-2015-3179 CVE-2015-3180 CVE-2015-3181
MLIST:[oss-security] 20150518 Re: [saltstack-security] CVE Request / Saltstack SSL verification disabling for alibabab cloud module CVE-2015-4017
MLIST:[oss-security] 20150519 CVE Request: ipsec-tools CVE-2015-4047
MLIST:[oss-security] 20150519 CVE Request: nbd denial of service CVE-2013-7441
MLIST:[oss-security] 20150519 Re: CVE request: xzgrep 4.999.9beta arbitrary code execution vulnerability CVE-2015-4035
MLIST:[oss-security] 20150520 CVE-2015-4000 - TLS does not properly convey server's ciphersuite choice CVE-2015-4000
MLIST:[oss-security] 20150521 CVE-2015-1325 apport race conditions / ubuntu local root CVE-2015-1325
MLIST:[oss-security] 20150521 Re: CVE Request for ceph-deploy copying keyring to /etc/ceph which is world readable CVE-2015-4053
MLIST:[oss-security] 20150521 Re: CVE Request: ipsec-tools CVE-2015-4047
MLIST:[oss-security] 20150521 Re: CVE Request: nbd denial of service CVE-2013-7441
MLIST:[oss-security] 20150521 Re: CVE request: ssl.match_hostname(): sub string wildcard should not match IDNA prefix CVE-2013-7440
MLIST:[oss-security] 20150522 Re: CVE Request: pgbouncer: DoS/remote crash: invalid packet order causes lookup of NULL pointer CVE-2015-4054
MLIST:[oss-security] 20150522 Re: CVE Request: t1utils: buffer overflow in set_cs_start CVE-2015-3905
MLIST:[oss-security] 20150526 CVE Request: CSRF vulnerability in OmniAuth request phase CVE-2015-9284
MLIST:[oss-security] 20150526 CVE request: vulnerability in the kernel tty subsystem. CVE-2015-4170
MLIST:[oss-security] 20150526 Re: CVE Request for WP Fastest Cache plugin CVE-2015-4089
MLIST:[oss-security] 20150526 Re: CVE Request for read-only directory traversal in Etherpad frontend tests CVE-2015-4085
MLIST:[oss-security] 20150529 CVE request: XSS and CSRF in WP Smiley plugin for WordPress CVE-2015-4139 CVE-2015-4140
MLIST:[oss-security] 20150529 Re: StrongSwan VPN client for Android leaks username to rouge server CVE-2015-4171
MLIST:[oss-security] 20150529 StrongSwan VPN client for Android leaks username to rouge server CVE-2015-4171
MLIST:[oss-security] 20150529 [CVE-2015-0839] hp-plugin binary driver verification CVE-2015-0839
MLIST:[oss-security] 20150531 Re: CVE request for attic : encrypted backups attack CVE-2015-4082
MLIST:[oss-security] 20150531 Re: CVE request: XSS and CSRF in WP Smiley plugin for WordPress CVE-2015-4139 CVE-2015-4140
MLIST:[oss-security] 20150531 Re: CVE request: vulnerability in wpa_supplicant and hostapd CVE-2015-4141 CVE-2015-4142 CVE-2015-4143 CVE-2015-4144 CVE-2015-4145 CVE-2015-4146
MLIST:[oss-security] 20150601 CVE-2015-0848 - Heap overflow on libwmf0.2-7 CVE-2015-0848
MLIST:[oss-security] 20150601 CVE-2015-3210: PCRE Library Heap Overflow Vulnerability CVE-2015-3210
MLIST:[oss-security] 20150601 Re: CVE Request: PHP SoapClient's __call() type confusion through unserialize() CVE-2015-4147 CVE-2015-4148
MLIST:[oss-security] 20150603 CVE-2015-3217: PCRE Library Call Stack Overflow Vulnerability in match() CVE-2015-3217
MLIST:[oss-security] 20150603 Re: CVE-2015-0848 - Heap overflow on libwmf0.2-7 CVE-2015-4588
MLIST:[oss-security] 20150604 CVE Request - tidy 0.99 / tidy5 heap-buffer-overflow CVE-2015-5522 CVE-2015-5523
MLIST:[oss-security] 20150604 CVE Request: redis Lua sandbox escape and arbitrary code execution CVE-2015-4335
MLIST:[oss-security] 20150604 CVE requests / Advisory: Codestyling Localization (Wordpress plugin) - multiple RCE via CSRF, multiple XSS CVE-2015-4179
MLIST:[oss-security] 20150604 Re: CVE Request: redis Lua sandbox escape and arbitrary code execution CVE-2015-4335
MLIST:[oss-security] 20150604 Re: CVE requests / Advisory: Codestyling Localization (Wordpress plugin) - multiple RCE via CSRF, multiple XSS CVE-2015-4179
MLIST:[oss-security] 20150604 Re: CVE requests / Advisory: phpMyBackupPro CVE-2015-4180 CVE-2015-4181
MLIST:[oss-security] 20150605 Re: CVE Request: Linux Kernel Ozwpan Driver - Remote packet-of-death vulnerabilities CVE-2015-4001 CVE-2015-4002 CVE-2015-4003 CVE-2015-4004
MLIST:[oss-security] 20150605 Re: CVE Request: redis Lua sandbox escape and arbitrary code execution CVE-2015-4335
MLIST:[oss-security] 20150606 Re: CVE Request: bson-ruby DoS and possible injection CVE-2015-4412
MLIST:[oss-security] 20150608 CVE request for polkit CVE-2015-4625
MLIST:[oss-security] 20150608 Re: StrongSwan VPN client for Android leaks username to rouge server CVE-2015-4171
MLIST:[oss-security] 20150609 Re: CVE request for polkit CVE-2015-4625
MLIST:[oss-security] 20150609 [OSSA 2015-010] XSS in Horizon Heat stack creation (CVE-2015-3219) CVE-2015-3219
MLIST:[oss-security] 20150611 CVE-2015-3222 - OSSEC root escalation CVE-2015-3222
MLIST:[oss-security] 20150612 Re: zip-attachments v1.1.4 wordpress plugin arbitrary file download vulnerability. CVE-2015-4694
MLIST:[oss-security] 20150612 zip-attachments v1.1.4 wordpress plugin arbitrary file download vulnerability. CVE-2015-4694
MLIST:[oss-security] 20150613 Re: CVE requests / Advisory: Codestyling Localization (Wordpress plugin) - multiple RCE via CSRF, multiple XSS CVE-2015-4179
MLIST:[oss-security] 20150615 Re: CVE request for buffer overrun in CHICKEN Scheme's string-translate* procedure CVE-2015-4556
MLIST:[oss-security] 20150615 Re: CVE-2015-0848 - Heap overflow on libwmf0.2-7 CVE-2015-4588
MLIST:[oss-security] 20150616 CVE-2015-1328: incorrect permission checks in overlayfs, ubuntu local root CVE-2015-1328
MLIST:[oss-security] 20150616 Re: CVE ID Request: Buffer overflow in ArduinoJson when parsing crafted JSON strings CVE-2015-4590
MLIST:[oss-security] 20150616 Re: CVE Request: various issues in PHP CVE-2015-4598 CVE-2015-4599 CVE-2015-4600 CVE-2015-4601 CVE-2015-4602 CVE-2015-4603 CVE-2015-4604 CVE-2015-4605
MLIST:[oss-security] 20150616 Re: CVE request for polkit CVE-2015-4625
MLIST:[oss-security] 20150616 Re: Cross-Site Request Forgery in Spina CMS CVE-2015-4619
MLIST:[oss-security] 20150616 [CVE-2015-1840] CSRF Vulnerability in jquery-ujs and jquery-rails CVE-2015-1840
MLIST:[oss-security] 20150616 [CVE-2015-3224] IP whitelist bypass in Web Console CVE-2015-3224
MLIST:[oss-security] 20150616 [CVE-2015-3225] Potential Denial of Service Vulnerability in Rack CVE-2015-3225
MLIST:[oss-security] 20150616 [CVE-2015-3226] XSS Vulnerability in ActiveSupport::JSON.encode CVE-2015-3226
MLIST:[oss-security] 20150616 [CVE-2015-3227] Possible Denial of Service attack in Active Support CVE-2015-3227
MLIST:[oss-security] 20150617 Re: CVE-2015-0848 - Heap overflow on libwmf0.2-7 CVE-2015-4695 CVE-2015-4696
MLIST:[oss-security] 20150618 Re: CVE request: Content type spoofing in ruby gem paperclip <4.2.2 CVE-2015-2963
MLIST:[oss-security] 20150618 Re: PHP 5.6.10 / 5.5.26 / 5.4.42 CVE request CVE-2015-4642 CVE-2015-4643 CVE-2015-4644
MLIST:[oss-security] 20150618 Re: Possible CVE Request: Multiple stack overflows in squashfs-tools and sasquatch CVE-2015-4646
MLIST:[oss-security] 20150620 Re: CVE request -- Linux kernel - kvm: x86: NULL pointer dereference in kvm_apic_has_events function CVE-2015-4692
MLIST:[oss-security] 20150621 Re: CVE Request - CSRF vulnerability in the Google Analyticator Wordpress Plugin v6.4.9.3 before rev @1183563 CVE-2015-4697
MLIST:[oss-security] 20150621 Re: CVE-2015-0848 - Heap overflow on libwmf0.2-7 CVE-2015-4695 CVE-2015-4696
MLIST:[oss-security] 20150622 Re: CVE request: IPython XSS in JSON error responses CVE-2015-4706 CVE-2015-4707
MLIST:[oss-security] 20150622 Re: CVE request: Linux kernel - bpf jit optimization flaw can panic kenrel. CVE-2015-4700
MLIST:[oss-security] 20150623 Arbitrary File download in wordpress plugin wp-instance-rename v1.0 CVE-2015-4703
MLIST:[oss-security] 20150624 Re: CVE Request for Wordpress-Plugin Broken Link Checker v1.10.8: Persistent XSS in admin panel enabled by modified headers CVE-2015-5057
MLIST:[oss-security] 20150624 Re: CVE Request: Information disclosure in MantisBT CVE-2015-5059
MLIST:[oss-security] 20150625 Re: CVE Request: Information disclosure in MantisBT CVE-2015-5059
MLIST:[oss-security] 20150625 Re: CVE request: Wesnoth authentication information disclosure CVE-2015-5069 CVE-2015-5070
MLIST:[oss-security] 20150626 CVE Request: PCRE Library Heap Overflow Vulnerability in find_fixedlength() CVE-2015-5073
MLIST:[oss-security] 20150626 Re: CVE Request: PCRE Library Heap Overflow Vulnerability in find_fixedlength() CVE-2015-5073
MLIST:[oss-security] 20150626 rubygems <2.4.8 vulnerable to DNS request hijacking (CVE-2015-3900 and CVE-2015-4020) CVE-2015-3900
MLIST:[oss-security] 20150628 Re: CVE Request: Django CMS CVE-2015-5081
MLIST:[oss-security] 20150629 CVE request: Stack overflow in redcarpet's header_anchor CVE-2015-5147
MLIST:[oss-security] 20150630 CVE Request: UDP checksum DoS CVE-2015-5364 CVE-2015-5366
MLIST:[oss-security] 20150630 Re: CVE request: Stack overflow in redcarpet's header_anchor CVE-2015-5147
MLIST:[oss-security] 20150701 Re: CVE Request: two security issues in openSSH 6.9 CVE-2015-5352
MLIST:[oss-security] 20150703 Re: CVE-2015-3258 CVE-2015-3279 cups-filters CVE-2015-3279
MLIST:[oss-security] 20150704 CVE requests for Drupal contributed modules (from SA-CONTRIB-2015-100 to SA-CONTRIB-2015-131) CVE-2015-5487 CVE-2015-5488 CVE-2015-5489 CVE-2015-5490 CVE-2015-5491 CVE-2015-5492 CVE-2015-5493 CVE-2015-5494 CVE-2015-5495 CVE-2015-5496 CVE-2015-5497 CVE-2015-5498 CVE-2015-5499 CVE-2015-5500 CVE-2015-5501 CVE-2015-5502 CVE-2015-5503 CVE-2015-5504 CVE-2015-5505 CVE-2015-5506 CVE-2015-5507 CVE-2015-5508 CVE-2015-5509 CVE-2015-5510 CVE-2015-5511 CVE-2015-5512 CVE-2015-5513 CVE-2015-5514 CVE-2015-5515
MLIST:[oss-security] 20150706 Re: CVE request for vulnerabilities fixed in roundcubemail 1.1.2 and 1.0.6 CVE-2015-5381 CVE-2015-5382 CVE-2015-5383
MLIST:[oss-security] 20150706 Remote file download vulnerability in wordpress plugin wp-ecommerce-shop-styling v2.5 CVE-2015-5468
MLIST:[oss-security] 20150706 Squid HTTP proxy CVE request CVE-2015-5400
MLIST:[oss-security] 20150707 Follow up: PowerDNS Security Advisory 2015-01 CVE-2015-5470
MLIST:[oss-security] 20150707 Re: CVE request for vulnerabilities fixed in roundcubemail 1.1.2 and 1.0.6 CVE-2015-5382
MLIST:[oss-security] 20150707 Re: [ANNOUNCE] Apache Directory LDAP API 1.0.0-M31 released CVE-2015-3250
MLIST:[oss-security] 20150707 Remote file download in Wordpress Plugin mdc-youtube-downloader v2.1.0 CVE-2015-5469
MLIST:[oss-security] 20150708 hostapd/wpa_supplicant - Incomplete WPS and P2P NFC NDEF record payload length validation CVE-2015-8041
MLIST:[oss-security] 20150709 Re: Squid HTTP proxy CVE request CVE-2015-5400
MLIST:[oss-security] 20150710 Re: CVE request CSRF in sogo CVE-2015-5395
MLIST:[oss-security] 20150710 Re: Follow up: PowerDNS Security Advisory 2015-01 CVE-2015-5470
MLIST:[oss-security] 20150710 Re: Remote file download in Wordpress Plugin mdc-youtube-downloader v2.1.0 CVE-2015-5469
MLIST:[oss-security] 20150710 Re: Remote file download vulnerability in wordpress plugin wp-ecommerce-shop-styling v2.5 CVE-2015-5468
MLIST:[oss-security] 20150710 Re: Squid HTTP proxy CVE request CVE-2015-5400
MLIST:[oss-security] 20150713 Re: CVE Request - tidy 0.99 / tidy5 heap-buffer-overflow CVE-2015-5522 CVE-2015-5523
MLIST:[oss-security] 20150713 Re: Retroactive CVE request for Ruby 1.9.2-p330 CVE-2014-6438
MLIST:[oss-security] 20150713 Remote file download vulnerability in Wordpress Plugin image-export v1.1 CVE-2015-5609
MLIST:[oss-security] 20150713 moodle security announcements CVE-2015-3272 CVE-2015-3273 CVE-2015-3274 CVE-2015-3275
MLIST:[oss-security] 20150714 CVE Request: SQLite array overrun in the skip-scan optimization CVE-2013-7443
MLIST:[oss-security] 20150714 Re: CVE Request - tidy 0.99 / tidy5 heap-buffer-overflow CVE-2015-5522 CVE-2015-5523
MLIST:[oss-security] 20150714 [CVE-2015-3908] Improper TLS Certificate Validation in Ansible CVE-2015-3908
MLIST:[oss-security] 20150715 Re: CVE Request: SQLite array overrun in the skip-scan optimization CVE-2013-7443
MLIST:[oss-security] 20150716 Re: CVE Request: kmail: Attachments are not encrypted when CVE-2014-8878
MLIST:[oss-security] 20150717 Re: Re: Squid HTTP proxy CVE request CVE-2015-5400
MLIST:[oss-security] 20150718 CVE-2014-8873 was fixed in DSA-3235-1 CVE-2014-8873
MLIST:[oss-security] 20150718 Re: CVE request: Zenphoto before 1.4.9 multiple vulnerabilities CVE-2015-5594
MLIST:[oss-security] 20150718 Re: CVE request: php - segmentation fault in Phar::convertToData; buffer overflow in phar_fix_filepath; CVE-2015-5589 CVE-2015-5590
MLIST:[oss-security] 20150720 Re: Remote file download vulnerability in Wordpress Plugin image-export v1.1 CVE-2015-5609
MLIST:[oss-security] 20150720 Re: Remote file upload vulnerability & SQLi in wordpress plugin wp-powerplaygallery v3.3 CVE-2015-5599 CVE-2015-5681
MLIST:[oss-security] 20150721 CVE Request: October CMS - Stored XSS in image caption tag CVE-2015-5612
MLIST:[oss-security] 20150721 Re: CVE request: IPython CSRF validation CVE-2015-5607
MLIST:[oss-security] 20150722 Re: CVE Request: October CMS - Stored XSS in image caption tag CVE-2015-5612 CVE-2015-5613
MLIST:[oss-security] 20150723 CVE-2012-2150 xfsprogs: xfs_metadump information disclosure flaw CVE-2012-2150
MLIST:[oss-security] 20150723 CVE-2015-3228 - Ghostscript - Integer overflow CVE-2015-3228
MLIST:[oss-security] 20150723 Re: CVE Request for OpenSSH vulnerability - authentication limits bypass CVE-2015-5600
MLIST:[oss-security] 20150723 Re: CVE request: WordPress 4.2.2 and earlier cross-site scripting vulnerability CVE-2015-5622 CVE-2015-5623
MLIST:[oss-security] 20150727 Re: Remote file upload vulnerability & SQLi in wordpress plugin wp-powerplaygallery v3.3 CVE-2015-5681 CVE-2015-5682
MLIST:[oss-security] 20150727 Security issue in Linux Kernel Keyring (CVE-2015-1333) CVE-2015-1333
MLIST:[oss-security] 20150728 CVE request - remind 3.1.14 and earlier - buffer overflow CVE-2015-5957
MLIST:[oss-security] 20150728 CVE request: Linux kernel - information leak in md driver CVE-2015-5697
MLIST:[oss-security] 20150728 Re: CVE Request - OpenStack Designate mDNS DoS through incorrect handling of large RecordSets CVE-2015-5695
MLIST:[oss-security] 20150728 Re: CVE request: Two ruby 'dl' vulnerabilities fixed in ruby-1.9.1-p129 CVE-2009-5147
MLIST:[oss-security] 20150729 CVE Request - Go net/http library - HTTP smuggling CVE-2015-5739 CVE-2015-5740
MLIST:[oss-security] 20150729 Re: Re: CVE Request - OpenStack Designate mDNS DoS through incorrect handling of large RecordSets CVE-2015-5695
MLIST:[oss-security] 20150730 CVE-2015-1416: vulnerability in patch(1) CVE-2015-1416
MLIST:[oss-security] 20150730 Re: CVE Request: PHP v7 - Code execution vulnerability CVE-2015-6527
MLIST:[oss-security] 20150730 Re: CVE request: mktexlsr/texlive: insecure use of /tmp CVE-2015-5700 CVE-2015-5701
MLIST:[oss-security] 20150730 Re: CVE-2012-2150 xfsprogs: xfs_metadump information disclosure flaw CVE-2012-2150
MLIST:[oss-security] 20150731 Re: net-snmp snmp_pdu_parse() function incompletely initializaition vulnerability CVE-2015-5621
MLIST:[oss-security] 20150801 CVE request: Integer overflow in SCSI generic driver in Linux <4.1 CVE-2015-5707
MLIST:[oss-security] 20150801 CVE request: Use-after-free in path lookup in Linux 3.11-4.0 inclusive CVE-2015-5706
MLIST:[oss-security] 20150801 Re: CVE Request: devscripts: licensecheck: arbitrary shell command injection CVE-2015-5704 CVE-2015-5705
MLIST:[oss-security] 20150801 Re: CVE-2015-1416: vulnerability in patch(1) CVE-2015-1416
MLIST:[oss-security] 20150802 Re: CVE-2015-1416: vulnerability in patch(1) CVE-2015-1416
MLIST:[oss-security] 20150804 CVE Request - Go net/http library - HTTP smuggling CVE-2015-5739 CVE-2015-5740
MLIST:[oss-security] 20150804 Re: CVE Request: Information disclosure in pcre CVE-2015-8382
MLIST:[oss-security] 20150804 Re: CVE request: WordPress 4.2.3 and earlier multiple vulnerabilities CVE-2015-2213 CVE-2015-5730 CVE-2015-5731 CVE-2015-5732 CVE-2015-5733 CVE-2015-5734
MLIST:[oss-security] 20150805 Re: CVE Request - Go net/http library - HTTP smuggling CVE-2015-5739 CVE-2015-5740
MLIST:[oss-security] 20150806 Re: CVE Request: SuiteCRM Post-Auth Race Condition Shell Upload Remote Code Execution. CVE-2015-5946 CVE-2015-5947 CVE-2015-5948
MLIST:[oss-security] 20150806 Re: CVE request - remind 3.1.14 and earlier - buffer overflow CVE-2015-5957
MLIST:[oss-security] 20150807 Re: CVE request: Froxlor - information leak CVE-2015-5959
MLIST:[oss-security] 20150810 CVE Request: ippusbxd CVE-2015-6520
MLIST:[oss-security] 20150810 CVE request: GNUTLS-SA-2015-3 double free in certificate DN decoding CVE-2015-6251
MLIST:[oss-security] 20150812 CVE Request: MediaWiki 1.25.2, 1.24.3, 1.23.10 CVE-2013-7444 CVE-2015-6727 CVE-2015-6728 CVE-2015-6729 CVE-2015-6730 CVE-2015-6731 CVE-2015-6732 CVE-2015-6733 CVE-2015-6734 CVE-2015-6735 CVE-2015-6736 CVE-2015-6737
MLIST:[oss-security] 20150816 Double free corruption in JasPer JPEG-2000 implementation (CVE-2015-5203) CVE-2015-5203
MLIST:[oss-security] 20150817 Re: CVE request - simple-php-captcha - captcha bypass vulnerability CVE-2015-6250
MLIST:[oss-security] 20150817 Re: CVE request: GNUTLS-SA-2015-3 double free in certificate DN decoding CVE-2015-6251
MLIST:[oss-security] 20150817 Re: CVE request: ansible zone/chroot/jail escape CVE-2015-6240
MLIST:[oss-security] 20150818 CVE request - Linux kernel - perf on ppp64 - unbounded checks in perf_callchain_user_64 denial of service. CVE-2015-6526
MLIST:[oss-security] 20150818 Re: CVE Request: ATutor LMS Version 2.2 with stored XSS and file upload issue CVE-2015-6521
MLIST:[oss-security] 20150818 Re: CVE Request: ippusbxd CVE-2015-6520
MLIST:[oss-security] 20150818 Re: CVE request: linux kernel:fd leak in vhost ioctl VHOST_SET_LOG_FD CVE-2015-6252
MLIST:[oss-security] 20150819 CVE Request: more php unserializing issues CVE-2015-6831 CVE-2015-6833
MLIST:[oss-security] 20150820 Re: [oCERT-2015-009] VLC arbitrary pointer dereference CVE-2015-5949
MLIST:[oss-security] 20150820 Use-after-free (and double-free) in Jasper JPEG-200 (CVE-2015-5221) CVE-2015-5221
MLIST:[oss-security] 20150820 [oCERT-2015-009] VLC arbitrary pointer dereference CVE-2015-5949
MLIST:[oss-security] 20150821 CVE Request: twig remote code execution CVE-2015-7809
MLIST:[oss-security] 20150821 Re: CVE request - OpenSSH 6.9 PAM privilege separation vulnerabilities CVE-2015-6563 CVE-2015-6564 CVE-2015-6565
MLIST:[oss-security] 20150825 Re: CVE request: 2 issues in inspircd CVE-2012-6696
MLIST:[oss-security] 20150825 Re: CVE request: libgpf: use-after-free vulnerability in Decoder.cpp CVE-2015-6673
MLIST:[oss-security] 20150826 New security vulnerability for Apache CXF Fediz - CVE-2015-5175 CVE-2015-5175
MLIST:[oss-security] 20150827 Re: CVE Request: MediaWiki 1.25.2, 1.24.3, 1.23.10 CVE-2013-7444 CVE-2015-6727 CVE-2015-6728 CVE-2015-6729 CVE-2015-6730 CVE-2015-6731 CVE-2015-6732 CVE-2015-6733 CVE-2015-6734 CVE-2015-6735 CVE-2015-6736 CVE-2015-6737
MLIST:[oss-security] 20150828 CVE request: vorbis-tools: buffer overflow in aiff_open() CVE-2015-6749
MLIST:[oss-security] 20150828 CVE-2015-0852 [FreeImage] Integer overflow in PluginPCX.cpp CVE-2015-0852
MLIST:[oss-security] 20150828 Re: CVE request: XSS vulnerability in jsoup related to incomplete tags at EOF CVE-2015-6748
MLIST:[oss-security] 20150830 Re: CVE request: vorbis-tools: buffer overflow in aiff_open() CVE-2015-6749
MLIST:[oss-security] 20150901 CVE request: screen stack overflow (deep recursion) CVE-2015-6806
MLIST:[oss-security] 20150902 CVE Request : CSRF in IPython/Jupyter notebook Tree. CVE-2015-6938
MLIST:[oss-security] 20150903 AW: Re: CVE request: screen stack overflow (deep recursion) CVE-2015-6806
MLIST:[oss-security] 20150904 Re: CVE request: screen stack overflow (deep recursion) CVE-2015-6806
MLIST:[oss-security] 20150905 Re: CVE Request: PgBouncer: failed auth_query lookup leads to connection as auth_user CVE-2015-6817
MLIST:[oss-security] 20150905 Re: CVE request: Ganglia-web auth bypass CVE-2015-6816
MLIST:[oss-security] 20150905 Some Wordpress Plugin Stuff CVE-2015-6828 CVE-2015-6829
MLIST:[oss-security] 20150906 Re: Some Wordpress Plugin Stuff (some, wordpress, stuff) CVE-2015-6828 CVE-2015-6829
MLIST:[oss-security] 20150907 Heap overflow and DoS in unzip 6.0 CVE-2015-7696 CVE-2015-7697
MLIST:[oss-security] 20150911 CVE Request: 2 FreeType issues CVE-2014-9746 CVE-2014-9747
MLIST:[oss-security] 20150913 CVE-2015-0853: insecure use of os.system() in svn-workbench CVE-2015-0853
MLIST:[oss-security] 20150913 Re: libxml2 issue: out-of-bounds memory access when parsing an unclosed HTML comment CVE-2015-8710
MLIST:[oss-security] 20150914 CVE-2015-6937 - Linux kernel - NULL pointer dereference in net/rds/connection.c CVE-2015-6937
MLIST:[oss-security] 20150914 Re: CVE Request : CSRF in IPython/Jupyter notebook Tree. CVE-2015-6938
MLIST:[oss-security] 20150915 CVE Request : Use-after-free in openjpeg CVE-2015-8871
MLIST:[oss-security] 20150915 Re: Heap overflow and DoS in unzip 6.0 CVE-2015-7696 CVE-2015-7697
MLIST:[oss-security] 20150916 CVE Request: Maliciously crafted text files in IPython/Jupyter editor CVE-2015-7337
MLIST:[oss-security] 20150916 CVE Request: Use-after-free in optipng 0.6.4 CVE-2015-7801
MLIST:[oss-security] 20150917 CVE Request: remote triggerable use-after-free in rpcbind CVE-2015-7236
MLIST:[oss-security] 20150917 Re: CVE Request: TOTP Replay Attack in Ruby library CVE-2015-7225
MLIST:[oss-security] 20150917 Re: CVE Request: remote triggerable use-after-free in rpcbind CVE-2015-7236
MLIST:[oss-security] 20150918 Re: CVE request - ldapauth-fork versions < 2.3.3 are vulnerable to ldap injection. CVE-2015-7294
MLIST:[oss-security] 20150921 CVE-2015-5282: Foreman stored XSS in parameter hide checkbox CVE-2015-5282
MLIST:[oss-security] 20150921 DoS in libtiff CVE-2015-7313
MLIST:[oss-security] 20150921 Moodle security release CVE-2015-5264 CVE-2015-5265 CVE-2015-5266 CVE-2015-5267 CVE-2015-5268 CVE-2015-5269 CVE-2015-5272
MLIST:[oss-security] 20150921 Re: CVE request - ldapauth-fork versions < 2.3.3 are vulnerable to ldap injection. CVE-2015-7294
MLIST:[oss-security] 20150921 Re: Heap overflow and DoS in unzip 6.0 CVE-2015-7696
MLIST:[oss-security] 20150921 Re: Samsung S4 (GT-I9500) multiple kernel vulnerabilities CVE-2015-1800 CVE-2015-1801
MLIST:[oss-security] 20150921 Samsung S4 (GT-I9500) multiple kernel vulnerabilities CVE-2015-1800 CVE-2015-1801
MLIST:[oss-security] 20150922 CVE Request - TrueCrypt 7.1a and VeraCrypt 1.14 Local Elevation of Privilege CVE-2015-7358 CVE-2015-7359
MLIST:[oss-security] 20150922 Re: CVE Request: Plone Privilege Escalation CVE-2015-7317
MLIST:[oss-security] 20150922 Re: CVE Request: Plone Unauthorized user creation CVE-2015-7315
MLIST:[oss-security] 20150922 Re: CVE Request: Plone XSS CVE-2015-7316
MLIST:[oss-security] 20150922 Re: CVE Request: Plone header injection CVE-2015-7318
MLIST:[oss-security] 20150922 Re: CVE Request: gollum information disclosure vulnerability CVE-2015-7314
MLIST:[oss-security] 20150922 Re: CVE request: Use-after-free in Linux kernel with aufs mmap patch CVE-2015-7312
MLIST:[oss-security] 20150922 Re: Samsung S4 (GT-I9500) multiple kernel vulnerabilities CVE-2015-1800
MLIST:[oss-security] 20150924 Pulp 2.6.4 released for CVE-2015-5263 CVE-2015-5263
MLIST:[oss-security] 20150924 Re: CVE Request - TrueCrypt 7.1a and VeraCrypt 1.14 Local Elevation of Privilege CVE-2015-7358 CVE-2015-7359
MLIST:[oss-security] 20150924 Re: CVE Request: Maliciously crafted text files in IPython/Jupyter editor CVE-2015-7337
MLIST:[oss-security] 20150925 Re: CVE Request: 2 FreeType issues CVE-2014-9746 CVE-2014-9747
MLIST:[oss-security] 20150927 DoS attack through Email-Address perl module v1.907 (CVE id request) CVE-2015-7686
MLIST:[oss-security] 20150929 CVE request: urlfetch range handling flaw in Cyrus CVE-2015-8076
MLIST:[oss-security] 20150929 Security issue in LXC (CVE-2015-1335) CVE-2015-1335
MLIST:[oss-security] 20150930 Apache James Server 2.3.2 security vulnerability fixed CVE-2015-7611
MLIST:[oss-security] 20150930 Re: CVE request: urlfetch range handling flaw in Cyrus IMAP CVE-2015-8076
MLIST:[oss-security] 20151001 CVE Request: Unauthorized access to IPC objects with SysV shm CVE-2015-7613
MLIST:[oss-security] 20151001 CVE Request: squid: Nonce replay vulnerability in Digest authentication CVE-2014-9749
MLIST:[oss-security] 20151001 CVE request: Heap overflow and DoS with a tga file in gdk-pixbuf < 2.32.1 CVE-2015-7673
MLIST:[oss-security] 20151001 CVE request: Heap overflow with a gif file in gdk-pixbuf < 2.32.1 CVE-2015-7674
MLIST:[oss-security] 20151001 Re: Apache James Server 2.3.2 security vulnerability fixed VU#988628 CVE-2015-7611
MLIST:[oss-security] 20151001 Re: CVE request for wget CVE-2015-7665
MLIST:[oss-security] 20151001 Re: CVE request: Heap overflow with a gif file in gdk-pixbuf < 2.32.1 CVE-2015-7674
MLIST:[oss-security] 20151002 Re: CVE request: Heap overflow and DoS with a tga file in gdk-pixbuf < 2.32.1 CVE-2015-7673
MLIST:[oss-security] 20151002 Re: CVE request: Heap overflow with a gif file in gdk-pixbuf < 2.32.1 CVE-2015-7674
MLIST:[oss-security] 20151002 Re: DoS attack through Email-Address perl module v1.907 (CVE id request) CVE-2015-7686
MLIST:[oss-security] 20151003 Re: Qualys Security Advisory - OpenSMTPD Audit Report CVE-2015-7687
MLIST:[oss-security] 20151005 CVE request: issues fixed in PHP 5.6.14 and 5.5.30 CVE-2015-7803 CVE-2015-7804
MLIST:[oss-security] 20151005 Re: CVE request: Heap overflow with a gif file in gdk-pixbuf < 2.32.1 CVE-2015-7674
MLIST:[oss-security] 20151006 CVE Request: ImageMagick CVE-2015-8896
MLIST:[oss-security] 20151008 CVE request: Gummi CVE-2015-7758
MLIST:[oss-security] 20151008 Re: CVE Request: ImageMagick CVE-2015-8896
MLIST:[oss-security] 20151008 Re: CVE request - perl library UI:Dialog 1.09 - shell escaping vulnerability CVE-2008-7315
MLIST:[oss-security] 20151008 Re: CVE request: Gummi CVE-2015-7758
MLIST:[oss-security] 20151010 Re: CVE request - Android OS - Using the PPP character device driver caused the system to restart - Linux kernel CVE-2015-7799
MLIST:[oss-security] 20151011 Re: CVE Request: squid: Nonce replay vulnerability in Digest authentication CVE-2014-9749
MLIST:[oss-security] 20151011 Re: CVE Request: twig remote code execution CVE-2015-7809
MLIST:[oss-security] 20151011 Re: Heap overflow and DoS in unzip 6.0 CVE-2015-7696 CVE-2015-7697
MLIST:[oss-security] 20151012 Re: Re: CVE Request: squid: Nonce replay vulnerability in Digest authentication CVE-2014-9749
MLIST:[oss-security] 20151013 [CVE-2015-1775] Apache Ambari Server Side Request Forgery vulnerability CVE-2015-1775
MLIST:[oss-security] 20151013 [CVE-2015-3186] Apache Ambari XSS vulnerability CVE-2015-3186
MLIST:[oss-security] 20151013 [CVE-2015-3270] A non-administrative user can escalate themselves to have administrative privileges remotely CVE-2015-3270
MLIST:[oss-security] 20151013 [CVE-2015-5210] Unvalidated Redirects and Forwards using targetURI parameter can enable phishing exploits CVE-2015-5210
MLIST:[oss-security] 20151014 CVE-2015-0856: sddm does not prevent access to the KDE crash handler CVE-2015-0856
MLIST:[oss-security] 20151015 Re: CVE Request - Linux kernel - securelevel/secureboot bypass. CVE-2015-7837
MLIST:[oss-security] 20151020 Re: CVE request for sqlalchemy-utils CVE-2015-7764
MLIST:[oss-security] 20151021 Re: CVE Request: BusyBox tar directory traversal CVE-2011-5325
MLIST:[oss-security] 20151021 Re: CVE Request: Linux Kernel ioctl infoleaks on vivid-osd and dgnc CVE-2015-7884 CVE-2015-7885
MLIST:[oss-security] 20151021 Re: CVE Requests for Drupal contributed modules (from SA-CONTRIB-2015-132 to SA-CONTRIB-2015-156) CVE-2015-7875 CVE-2015-7879 CVE-2015-7880
MLIST:[oss-security] 20151022 CVE Request: invalid curve attack on bouncycastle CVE-2015-7940
MLIST:[oss-security] 20151022 Crafted xml causes out of bound memory access - Libxml2 CVE-2015-7941 CVE-2015-7942
MLIST:[oss-security] 20151022 Re: CVE Request: invalid curve attack on bouncycastle CVE-2015-7940
MLIST:[oss-security] 20151022 Re: Crafted xml causes out of bound memory access - Libxml2 CVE-2015-7941 CVE-2015-7942
MLIST:[oss-security] 20151023 CVE request - Icinga 1.13.3 and older are vulnerable to XSS CVE-2015-8010
MLIST:[oss-security] 20151024 CVE request: xscreensaver aborts when unpluging second monitor cable when asking password CVE-2015-8025
MLIST:[oss-security] 20151024 RE: CVE Requests for Drupal contributed modules (from SA-CONTRIB-2015-132 to SA-CONTRIB-2015-156) CVE-2015-7980
MLIST:[oss-security] 20151025 Re: CVE request: xscreensaver aborts when unpluging second monitor cable when asking password CVE-2015-8025
MLIST:[oss-security] 20151026 CVE Requests for read out of bound in libpng CVE-2015-7981
MLIST:[oss-security] 20151026 RE: CVE Requests for Drupal contributed modules (from SA-CONTRIB-2015-132 to SA-CONTRIB-2015-156) CVE-2015-7980
MLIST:[oss-security] 20151026 Re: CVE Requests for read out of bound in libpng CVE-2015-7981
MLIST:[oss-security] 20151027 CVE Request: Linux kernel: Buffer overflow when copying data from skbuff to userspace CVE-2015-8019
MLIST:[oss-security] 20151027 CVE request: libxslt xsltStylePreCompute() type confusion DoS CVE-2015-7995
MLIST:[oss-security] 20151027 Re: CVE-2015-6937 - Linux kernel - NULL pointer dereference in net/rds/connection.c CVE-2015-7990
MLIST:[oss-security] 20151028 Re: CVE request: libxslt xsltStylePreCompute() type confusion DoS CVE-2015-7995
MLIST:[oss-security] 20151029 Re: CVE Request: MediaWiki 1.25.3, 1.24.4 and 1.23.11 CVE-2015-8008 CVE-2015-8009
MLIST:[oss-security] 20151029 Re: CVE request - Icinga 1.13.3 and older are vulnerable to XSS CVE-2015-8010
MLIST:[oss-security] 20151029 Re: CVE request: xscreensaver aborts when unpluging second monitor cable when asking password CVE-2015-8025
MLIST:[oss-security] 20151029 Re: Heap overflow and endless loop in exfatfsck / exfat-utils CVE-2015-8026
MLIST:[oss-security] 20151030 Re: CVE Request: Openpgp.js Critical vulnerability in S2K CVE-2015-8013
MLIST:[oss-security] 20151102 CVE request: DoS in libxml2 if xz is enabled CVE-2015-8035
MLIST:[oss-security] 20151102 Re: CVE request: DoS in libxml2 if xz is enabled CVE-2015-8035
MLIST:[oss-security] 20151103 CVE request: libsndfile 1.0.25 heap overflow CVE-2015-7805
MLIST:[oss-security] 20151103 Re: CVE request: DoS in libxml2 if xz is enabled CVE-2015-8035
MLIST:[oss-security] 20151103 Re: CVE request: libsndfile 1.0.25 heap overflow CVE-2015-7805
MLIST:[oss-security] 20151103 Re: libsndfile DoS/divide-by-zero CVE-2014-9756
MLIST:[oss-security] 20151104 Re: CVE request: urlfetch range handling flaw in Cyrus IMAP CVE-2015-8076
MLIST:[oss-security] 20151106 Re: Review+CVE request: multiple issues in redis EVAL command (lua sandbox) CVE-2015-8080
MLIST:[oss-security] 20151106 Review+CVE request: multiple issues in redis EVAL command (lua sandbox) CVE-2015-8080
MLIST:[oss-security] 20151109 CVE request: Jenkins remote code execution vulnerability due to unsafe deserialization CVE-2015-8103
MLIST:[oss-security] 20151109 PowerDNS Security Announcement 2015-03 CVE-2015-5311
MLIST:[oss-security] 20151110 CVE request: net-snmp OpenBSD package - insecure file permission vulnerability CVE-2015-8100
MLIST:[oss-security] 20151110 CVE-2015-8104 kernel: kvm: guest to host DoS by triggering an infinite loop in microcode via #DB exception CVE-2015-8104
MLIST:[oss-security] 20151110 hostapd/wpa_supplicant: EAP-pwd missing last fragment length validation CVE-2015-5314 CVE-2015-5315
MLIST:[oss-security] 20151110 wpa_supplicant unauthorized WNM Sleep Mode GTK control CVE-2015-5310
MLIST:[oss-security] 20151110 wpa_supplicant: EAP-pwd peer error path failure on unexpected Confirm message CVE-2015-5316
MLIST:[oss-security] 20151112 CVE request: libpng buffer overflow in png_set_PLTE CVE-2015-8126
MLIST:[oss-security] 20151114 New security advisory for Apache CXF CVE-2015-5253
MLIST:[oss-security] 20151116 CVE-2015-8106 - latex2rtf v2.3.8 format string vulnerability CVE-2015-8106
MLIST:[oss-security] 20151117 CVE request for Gnome gdm/screen lock crash CVE-2015-7496
MLIST:[oss-security] 20151117 Re: Assign CVE for common-collections remote code execution on deserialisation flaw CVE-2015-4852
MLIST:[oss-security] 20151117 Re: CVE request for Gnome gdm/screen lock crash CVE-2015-7496
MLIST:[oss-security] 20151118 Buffer overflow in libxml2 CVE-2015-8241 CVE-2015-8242
MLIST:[oss-security] 20151118 Re: Buffer overflow in libxml2 CVE-2015-8241 CVE-2015-8242
MLIST:[oss-security] 20151118 Re: CVE request - Linux kernel - Unix sockets use after free - peer_wait_queue prematurely freed CVE-2013-7446
MLIST:[oss-security] 20151118 Re: CVE request for path traversal / info leak bug in Spiffy web server CVE-2015-8235
MLIST:[oss-security] 20151118 Re: CVE request: Jenkins remote code execution vulnerability due to unsafe deserialization CVE-2015-8103
MLIST:[oss-security] 20151118 Re: race condition checking digests/checksums in sudoers CVE-2015-8239
MLIST:[oss-security] 20151121 Libxml2: Several out of bounds reads CVE-2015-8317
MLIST:[oss-security] 20151122 Re: CVE request for LightDM - XDMCP denial of service CVE-2015-8316
MLIST:[oss-security] 20151122 Re: Libxml2: Several out of bounds reads CVE-2015-8317
MLIST:[oss-security] 20151124 Re: CVE Request: IPTables-Parse: Use of predictable names for temporary files CVE-2015-8326
MLIST:[oss-security] 20151125 Re: CVE request Qemu: net: eepro100: infinite loop in processing command block list CVE-2015-8345
MLIST:[oss-security] 20151125 Re: CVE request: DoS in ONOS when handling jumbo ethernet frames CVE-2015-7516
MLIST:[oss-security] 20151127 CVE request: Linux kernel, information disclosure after file truncate on BTRFS CVE-2015-8374
MLIST:[oss-security] 20151128 Re: Heap Overflow in PCRE CVE-2015-2327 CVE-2015-2328 CVE-2015-8380 CVE-2015-8381 CVE-2015-8382 CVE-2015-8383 CVE-2015-8384 CVE-2015-8385 CVE-2015-8386 CVE-2015-8387 CVE-2015-8388 CVE-2015-8389 CVE-2015-8390 CVE-2015-8391 CVE-2015-8392 CVE-2015-8393 CVE-2015-8394 CVE-2015-8395
MLIST:[oss-security] 20151129 Re: CVE request: XSS to RCE in PHP-Fusion 9 CVE-2015-8375
MLIST:[oss-security] 20151202 CVE Request: dhcpcd 3.x, potentially other versions too CVE-2012-6698 CVE-2012-6699 CVE-2012-6700
MLIST:[oss-security] 20151202 Command Injection in cool-video-gallery v1.9 Wordpress plugin CVE-2015-7527
MLIST:[oss-security] 20151202 Re: Heap Overflow in PCRE CVE-2015-3210
MLIST:[oss-security] 20151202 Re: shellinabox - DNS rebinding attack due to HTTP fallback CVE-2015-8400
MLIST:[oss-security] 20151202 shellinabox - DNS rebinding attack due to HTTP fallback CVE-2015-8400
MLIST:[oss-security] 20151203 CVE request -- Ethernet flow control vulnerability in SRIOV devices CVE-2015-1142857
MLIST:[oss-security] 20151203 Re: CVE Request: dhcpcd 3.x, potentially other versions too CVE-2012-6698 CVE-2012-6699 CVE-2012-6700
MLIST:[oss-security] 20151203 Status of CVE-2015-8126: libpng buffer overflow in png_set_PLTE CVE-2015-8472
MLIST:[oss-security] 20151204 CVE Request: PHPMailer Message Injection Vulnerability CVE-2015-8476
MLIST:[oss-security] 20151204 Re: CVE Request: Magento SWF XSS CVE-2014-9758
MLIST:[oss-security] 20151204 Re: CVE Request: PHPMailer Message Injection Vulnerability CVE-2015-8476
MLIST:[oss-security] 20151205 Re: CVE request: Redmine: cross-site scripting vulnerability fixed in 3.0.0 and 2.6.2 CVE-2015-8477
MLIST:[oss-security] 20151207 CVE-2015-7519: Phusion Passenger Header overwriting issue CVE-2015-7519
MLIST:[oss-security] 20151207 injecting environment variables into Phusion Passenger (CVE-2015-7519) CVE-2015-7519
MLIST:[oss-security] 20151208 CVE for git issue - please use CVE-2015-7545 CVE-2015-7545
MLIST:[oss-security] 20151208 CVE request - Linux kernel - Fix handling of stored error in a negatively instantiated user key CVE-2015-8539
MLIST:[oss-security] 20151208 [ANNOUNCE] CVE-2015-5254 - Unsafe deserialization in ActiveMQ CVE-2015-5254
MLIST:[oss-security] 20151209 Re: CVE for git issue - please use CVE-2015-7545 CVE-2015-7545
MLIST:[oss-security] 20151209 Re: CVE request - Android kernel - IPv6 connect cause a denial of service CVE-2015-8543
MLIST:[oss-security] 20151210 CVE request - read underflow in libpng 1.2.55, 1.0.65, 1.4.18, and 1.5.25 (pngwutil.c) CVE-2015-8540
MLIST:[oss-security] 20151210 Re: CVE request - a out of bound read bug is found in libdwarf CVE-2015-8538
MLIST:[oss-security] 20151210 Re: CVE request - read underflow in libpng 1.2.55, 1.0.65, 1.4.18, and 1.5.25 (pngwutil.c) CVE-2015-8540
MLIST:[oss-security] 20151211 Re: CVE for git issue - please use CVE-2015-7545 CVE-2015-7545
MLIST:[oss-security] 20151211 Re: CVE request - read underflow in libpng 1.2.55, 1.0.65, 1.4.18, and 1.5.25 (pngwutil.c) CVE-2015-8540
MLIST:[oss-security] 20151211 Re: Re: CVE request - read underflow in libpng 1.2.55, 1.0.65, 1.4.18, and 1.5.25 (pngwutil.c) CVE-2015-8540
MLIST:[oss-security] 20151212 CVE request: Remote DoS in Quassel CVE-2015-8547
MLIST:[oss-security] 20151212 Re: CVE request: Remote DoS in Quassel CVE-2015-8547
MLIST:[oss-security] 20151213 CVE Request: Cups Filters/Foomatic Filters: Does not consider semicolon as an illegal shell escape character CVE-2015-8560
MLIST:[oss-security] 20151214 CVE request: Shell Injection in Pygments FontManager._get_nix_font_path CVE-2015-8557
MLIST:[oss-security] 20151214 Re: CVE Request: Cups Filters/Foomatic Filters: Does not consider semicolon as an illegal shell escape character CVE-2015-8560
MLIST:[oss-security] 20151214 Re: CVE request: Shell Injection in Pygments FontManager._get_nix_font_path CVE-2015-8557
MLIST:[oss-security] 20151214 Re: Chef: knife bootstrap leaks validator privkey into system logs CVE-2015-8559
MLIST:[oss-security] 20151214 Re: User man Local Root Exploit/Linux Kernel setgid Directory Privilege Escalation/PAM Owner Check Weakness CVE-2015-1336
MLIST:[oss-security] 20151215 Back to 28: Grub2 Authentication Bypass 0-Day [CVE-2015-8370] CVE-2015-8370
MLIST:[oss-security] 20151215 Re: CVE Request: Linux Kernel: information leak from getsockname CVE-2015-8569
MLIST:[oss-security] 20151216 Re: CVE Request: Linux Kernel: information leak from getsockname CVE-2015-8575
MLIST:[oss-security] 20151217 CVE Request: Linux kernel: privilege escalation in user namespaces CVE-2015-8709
MLIST:[oss-security] 20151217 Cross site scripting vulnerability (XSS) in SilverStripe CMS & Framework v3.2.0 CVE-2015-8606
MLIST:[oss-security] 20151217 Re: CVE request - read underflow in libpng 1.2.55, 1.0.65, 1.4.18, and 1.5.25 (pngwutil.c) CVE-2015-8540
MLIST:[oss-security] 20151217 Re: Cross site scripting vulnerability (XSS) in SilverStripe CMS & Framework v3.2.0 CVE-2015-8606
MLIST:[oss-security] 20151218 CVE request: Blueman: Privilege escalation in blueman dbus API CVE-2015-8612
MLIST:[oss-security] 20151218 Re: CVE request: Blueman: Privilege escalation in blueman dbus API CVE-2015-8612
MLIST:[oss-security] 20151218 [FD] [CVE-2015-8606] SilverStripe CMS & Framework v3.2.0 - Cross-Site Scripting Vulnerability CVE-2015-8606
MLIST:[oss-security] 20151221 CVE request for math/big.Exp CVE-2015-8618
MLIST:[oss-security] 20151221 CVE requests for MediaWiki 1.26.1, 1.25.4, 1.24.5 and 1.23.12 CVE-2015-8622 CVE-2015-8623 CVE-2015-8624 CVE-2015-8625 CVE-2015-8626 CVE-2015-8627 CVE-2015-8628
MLIST:[oss-security] 20151221 CVE-2015-7557, CVE-2015-7558 librsvg2: Out-of-bounds heap read and stack exhaustion CVE-2015-7558
MLIST:[oss-security] 20151221 Re: mail-client/claws-mail-3.13.1: Stack Overflow - CVE needed? CVE-2015-8614
MLIST:[oss-security] 20151221 mail-client/claws-mail-3.13.1: Stack Overflow - CVE needed? CVE-2015-8614
MLIST:[oss-security] 20151222 Re: CVE request for math/big.Exp CVE-2015-8618
MLIST:[oss-security] 20151223 Re: CVE requests for MediaWiki 1.26.1, 1.25.4, 1.24.5 and 1.23.12 CVE-2015-8622 CVE-2015-8623 CVE-2015-8624 CVE-2015-8625 CVE-2015-8626 CVE-2015-8627 CVE-2015-8628
MLIST:[oss-security] 20151223 Re: CVE-request: ~/.t_coffee/ is world-writable CVE-2015-8621
MLIST:[oss-security] 20151223 Re: Use after free in nghttp2 CVE-2015-8659
MLIST:[oss-security] 20151223 Use after free in nghttp2 CVE-2015-8659
MLIST:[oss-security] 20151223 pitivi: CVE-2015-0855: Insecure use of os.system() CVE-2015-0855
MLIST:[oss-security] 20151224 CVE request -- Out-of-bounds Read in libtiff CVE-2015-8665
MLIST:[oss-security] 20151224 Re: CVE request -- Out-of-bounds Read in libtiff CVE-2015-8665
MLIST:[oss-security] 20151225 CVE request libtiff: out-of-bounds read in CIE Lab image format CVE-2015-8683
MLIST:[oss-security] 20151225 Re: CVE request libtiff: out-of-bounds read in CIE Lab image format CVE-2015-8683
MLIST:[oss-security] 20151227 Re: CVE Request: Stalin: Insecure use of temporary files CVE-2015-8697
MLIST:[oss-security] 20151231 Re: CVE Request: Linux kernel: privilege escalation in user namespaces CVE-2015-8709
MLIST:[oss-security] 20151231 Re: libxml2 issue: out-of-bounds memory access when parsing an unclosed HTML comment CVE-2015-8710
MLIST:[oss-security] 20151231 Re: mail-client/claws-mail-3.13.1: Stack Overflow - CVE needed? CVE-2015-8708
MLIST:[oss-security] 20160102 CVE Request: MantisBT SOAP API can be used to disclose confidential settings CVE-2014-9759
MLIST:[oss-security] 20160103 Re: CVE Request: MantisBT SOAP API can be used to disclose confidential settings CVE-2014-9759
MLIST:[oss-security] 20160104 CVE Request: cacti: SQL injection vulnerability in graphs_new.php CVE-2015-8604
MLIST:[oss-security] 20160104 Re: CVE Request: cacti: SQL injection vulnerability in graphs_new.php CVE-2015-8604
MLIST:[oss-security] 20160104 Re: CVE Request: python-rsa signature forgery CVE-2016-1494
MLIST:[oss-security] 20160104 Remote Command Injection in Ruby Gem colorscore <=0.0.4 CVE-2015-7541
MLIST:[oss-security] 20160105 CVE Request: python-rsa signature forgery CVE-2016-1494
MLIST:[oss-security] 20160105 CVE request -- linux kernel: nfs: kernel panic occurs at nfs client when nfsv4.2 migration is executed CVE-2015-8746
MLIST:[oss-security] 20160105 CVE request for radicale CVE-2015-8747 CVE-2015-8748 CVE-2016-1505
MLIST:[oss-security] 20160106 Re: CVE request for radicale CVE-2015-8747 CVE-2015-8748 CVE-2016-1505
MLIST:[oss-security] 20160107 CVE id request: dhcpcd CVE-2016-1504
MLIST:[oss-security] 20160107 CVE request for vulnerability in OpenStack Nova CVE-2015-8749
MLIST:[oss-security] 20160107 Re: CVE id request: dhcpcd CVE-2016-1504
MLIST:[oss-security] 20160107 Re: CVE request -- NULL dereference in libdwarf CVE-2015-8750
MLIST:[oss-security] 20160107 Re: CVE request for radicale CVE-2016-1505
MLIST:[oss-security] 20160107 Re: CVE request for vulnerability in OpenStack Nova CVE-2015-8749
MLIST:[oss-security] 20160108 CVE-2016-1231, CVE-2016-1232: Prosody XMPP server multiple vulnerabilities CVE-2016-1231 CVE-2016-1232
MLIST:[oss-security] 20160108 Re: CVE Request: WordPress: cross-site scripting vulnerability fixed in new 4.4.1 release CVE-2016-1564
MLIST:[oss-security] 20160108 Re: CVE Request: freeradius: the EAP-PWD module performs insufficient validation on packets received from an EAP peer CVE-2015-8762 CVE-2015-8763 CVE-2015-8764
MLIST:[oss-security] 20160110 CVE Request: FireBird RDBMS: authenticated clients crash FireBird when running gbak with invalid parameter CVE-2016-1569
MLIST:[oss-security] 20160110 Re: CVE Request: FireBird RDBMS: authenticated clients crash FireBird when running gbak with invalid parameter CVE-2016-1569
MLIST:[oss-security] 20160111 CVE Request: Linux kernel - SCTP denial of service during heartbeat timeout functions. CVE-2015-8767
MLIST:[oss-security] 20160111 CVE-2016-1281: TrueCrypt and VeraCrypt Windows installers allow arbitrary code execution with elevation of privilege CVE-2016-1281
MLIST:[oss-security] 20160112 CVE Request: Vtiger CRM 6.4 Authenticated Remote Code Execution CVE-2016-1713
MLIST:[oss-security] 20160112 Re: CVE Request: Vtiger CRM 6.4 Authenticated Remote Code Execution CVE-2016-1713
MLIST:[oss-security] 20160112 Re: CVE Request: click CVE-2015-8768
MLIST:[oss-security] 20160113 Out-of-bounds Read in the JasPer's jpc_pi_nextcprl() function CVE-2016-1867
MLIST:[oss-security] 20160113 Re: Out-of-bounds Read in the JasPer's jpc_pi_nextcprl() function CVE-2016-1867
MLIST:[oss-security] 20160113 [security] Go security release v1.5.3 CVE-2015-8618
MLIST:[oss-security] 20160114 CVE Request: CGit - Multiple vulnerabilities CVE-2016-1899 CVE-2016-1900 CVE-2016-1901
MLIST:[oss-security] 20160114 Qualys Security Advisory - Roaming through the OpenSSH client: CVE-2016-0777 and CVE-2016-0778 CVE-2016-0777 CVE-2016-0778
MLIST:[oss-security] 20160114 Re: CVE Request: CGit - Multiple vulnerabilities CVE-2016-1899 CVE-2016-1900 CVE-2016-1901
MLIST:[oss-security] 20160114 Re: Fwd: FFmpeg: stealing local files with HLS+concat CVE-2016-1897 CVE-2016-1898
MLIST:[oss-security] 20160115 Re: Qualys Security Advisory - Roaming through the OpenSSH client: CVE-2016-0777 and CVE-2016-0778 CVE-2016-1908
MLIST:[oss-security] 20160115 Re: Security issues in GOsa CVE-2014-9760 CVE-2015-8771
MLIST:[oss-security] 20160115 [CVE Request] Multiple PHP issues CVE-2016-1903 CVE-2016-1904
MLIST:[oss-security] 20160118 Buffer Overflow in lha compression utility CVE-2016-1925
MLIST:[oss-security] 20160118 Out-of-bounds Read in the OpenJpeg's opj_j2k_update_image_data and opj_tgt_reset function CVE-2016-1923 CVE-2016-1924
MLIST:[oss-security] 20160118 Re: Buffer Overflow in lha compression utility CVE-2016-1925
MLIST:[oss-security] 20160118 Re: Out-of-bounds Read in the OpenJpeg's opj_j2k_update_image_data and opj_tgt_reset function CVE-2016-1923 CVE-2016-1924
MLIST:[oss-security] 20160118 [vs] moodle security release CVE-2016-0724 CVE-2016-0725
MLIST:[oss-security] 20160119 CVE assignment request for security bugs fixed in glibc 2.23 CVE-2014-9761 CVE-2015-8776 CVE-2015-8778 CVE-2015-8779
MLIST:[oss-security] 20160119 CVE request: out-of-bounds write with cpio 2.11 CVE-2016-2037
MLIST:[oss-security] 20160119 Fwd: out of bound write in libdwarf -20151114 CVE-2016-2050
MLIST:[oss-security] 20160119 Re: CVE assignment request for security bugs fixed in glibc 2.23 CVE-2014-9761 CVE-2015-8776 CVE-2015-8778 CVE-2015-8779
MLIST:[oss-security] 20160119 Re:Re: Buffer Overflow in lha compression utility CVE-2016-2091
MLIST:[oss-security] 20160119 Security bugs in Linux kernel sound subsystem CVE-2016-2543 CVE-2016-2544 CVE-2016-2545 CVE-2016-2546 CVE-2016-2547 CVE-2016-2548 CVE-2016-2549
MLIST:[oss-security] 20160120 Security issue in eCryptfs-utils (CVE-2016-1572) CVE-2016-1572
MLIST:[oss-security] 20160121 CVE request for Privoxy 3.0.24 CVE-2016-1982 CVE-2016-1983
MLIST:[oss-security] 20160121 Re: CVE request for Privoxy 3.0.24 CVE-2016-1982 CVE-2016-1983
MLIST:[oss-security] 20160122 Re: CVE request: out-of-bounds write with cpio 2.11 CVE-2016-2037
MLIST:[oss-security] 20160124 CVE Request: Host based account hijack attack on php-openid CVE-2016-2049
MLIST:[oss-security] 20160124 CVE Request: Linux: fuse: possible denial of service in fuse_fill_write_pages() CVE-2015-8785
MLIST:[oss-security] 20160124 CVE Request: tiff: Out-of-bounds write for invalid images using LogL compression CVE-2015-8781 CVE-2015-8782 CVE-2015-8783
MLIST:[oss-security] 20160124 CVE Request: tiff: potential out-of-bound write in NeXTDecode() CVE-2015-8784
MLIST:[oss-security] 20160124 CVE Request: x86 Linux TLB flush bug CVE-2016-2069
MLIST:[oss-security] 20160124 Re: CVE Request: Host based account hijack attack on php-openid CVE-2016-2049
MLIST:[oss-security] 20160124 Re: CVE Request: Linux: fuse: possible denial of service in fuse_fill_write_pages() CVE-2008-7316
MLIST:[oss-security] 20160124 Re: CVE Request: tiff: Out-of-bounds write for invalid images using LogL compression CVE-2015-8781 CVE-2015-8782 CVE-2015-8783
MLIST:[oss-security] 20160124 Re: CVE Request: tiff: potential out-of-bound write in NeXTDecode() CVE-2015-8784
MLIST:[oss-security] 20160125 Linux potential division by zero in TCP code CVE-2016-2070
MLIST:[oss-security] 20160125 Out-of-bounds Read in the libxml2's htmlParseNameComplex() function CVE-2016-2073
MLIST:[oss-security] 20160125 Re: Fwd: out of bound write in libdwarf -20151114 CVE-2016-2050
MLIST:[oss-security] 20160125 Re: Linux kernel : Denial of service with specially crafted key file. CVE-2016-2053
MLIST:[oss-security] 20160125 [CVE-2015-7576] Timing attack vulnerability in basic authentication in Action Controller. CVE-2015-7576
MLIST:[oss-security] 20160125 [CVE-2015-7577] Nested attributes rejection proc bypass in Active Record. CVE-2015-7577
MLIST:[oss-security] 20160125 [CVE-2015-7578] Possible XSS vulnerability in rails-html-sanitizer CVE-2015-7578
MLIST:[oss-security] 20160125 [CVE-2015-7579] XSS vulnerability in rails-html-sanitizer CVE-2015-7579
MLIST:[oss-security] 20160125 [CVE-2015-7580] Possible XSS vulnerability in rails-html-sanitizer CVE-2015-7580
MLIST:[oss-security] 20160125 [CVE-2015-7581] Object leak vulnerability for wildcard controller routes in Action Pack CVE-2015-7581
MLIST:[oss-security] 20160125 [CVE-2016-0751] Possible Object Leak and Denial of Service attack in Action Pack CVE-2016-0751
MLIST:[oss-security] 20160125 [CVE-2016-0752] Possible Information Leak Vulnerability in Action View CVE-2016-0752
MLIST:[oss-security] 20160125 [CVE-2016-0753] Possible Input Validation Circumvention in Active Model CVE-2016-0753
MLIST:[oss-security] 20160126 Flaw in mariadb clients SSL certificate validation CVE-2016-2047
MLIST:[oss-security] 20160126 Re: Out-of-bounds Read in the libxml2's htmlParseNameComplex() function CVE-2016-2073
MLIST:[oss-security] 20160127 CVE Request: Linux: NULL pointer dereference netfilter/nf_nat_redirect.c in nf_nat_redirect_ipv4 function CVE-2015-8787
MLIST:[oss-security] 20160127 Re: CVE Request: Linux: NULL pointer dereference netfilter/nf_nat_redirect.c in nf_nat_redirect_ipv4 function CVE-2003-1604
MLIST:[oss-security] 20160128 CVE request: Synology Photo Station command injection and privilege escalation CVE-2016-10329 CVE-2016-10330
MLIST:[oss-security] 20160128 Re: Heap buffer overflow in fgetwln function of libbsd CVE-2016-2090
MLIST:[oss-security] 20160128 Re: an out of bound read is found in libdwarf -20151114 CVE-2016-2091
MLIST:[oss-security] 20160128 Re: invalid Read in the JasPer's jas_matrix_clip() function CVE-2016-2089
MLIST:[oss-security] 20160128 invalid Read in the JasPer's jas_matrix_clip() function CVE-2016-2089
MLIST:[oss-security] 20160201 Socat security advisory 7 - Created new 2048bit DH modulus CVE-2016-2217
MLIST:[oss-security] 20160201 Wordpress plugin Reflected XSS in connections v8.5.8 CVE-2016-0770
MLIST:[oss-security] 20160202 CVE Request -- Buffer overflow in Python-Pillow and PIL CVE-2016-2533
MLIST:[oss-security] 20160202 Miscomputations of elliptic curve scalar multiplications in Nettle CVE-2015-8803 CVE-2015-8804 CVE-2015-8805
MLIST:[oss-security] 20160202 Re: Miscomputations of elliptic curve scalar multiplications in Nettle CVE-2015-8803 CVE-2015-8804 CVE-2015-8805
MLIST:[oss-security] 20160202 Reflected XSS & Blind SQLi in wordpress plugin eshop v6.3.14 CVE-2016-0765 CVE-2016-0769
MLIST:[oss-security] 20160203 Re: Out-of-bounds Read in the libxml2's htmlParseNameComplex() function CVE-2015-8806
MLIST:[oss-security] 20160203 Re: Socat security advisory 7 - Created new 2048bit DH modulus CVE-2016-2217
MLIST:[oss-security] 20160205 CVE Request uclibc-ng dns resolver issues CVE-2016-2224 CVE-2016-2225
MLIST:[oss-security] 20160205 Re: CVE Request uclibc-ng dns resolver issues CVE-2016-2224 CVE-2016-2225
MLIST:[oss-security] 20160206 CVE Request: Horde: Two cross-site scripting vulnerabilities CVE-2015-8807 CVE-2016-2228
MLIST:[oss-security] 20160206 CVE request: Out-of-bound read in the parsing of gif files using GraphicsMagick 1.3.18 CVE-2015-8808
MLIST:[oss-security] 20160206 Re: CVE Request: Horde: Two cross-site scripting vulnerabilities CVE-2015-8807 CVE-2016-2228
MLIST:[oss-security] 20160206 Re: CVE request: Out-of-bound read in the parsing of gif files using GraphicsMagick 1.3.18 CVE-2015-8808
MLIST:[oss-security] 20160208 CVE request - buffer overflow in xdelta3 before 3.0.9 CVE-2014-9765
MLIST:[oss-security] 20160208 Re: CVE request - buffer overflow in xdelta3 before 3.0.9 CVE-2014-9765
MLIST:[oss-security] 20160209 CVE Request: eom, gnome-photos, eog, gambas3, thunar, pinpoint, gtk+2.0 CVE-2013-7447
MLIST:[oss-security] 20160210 CVE request - OkHttp Certificate Pining Bypass CVE-2016-2402
MLIST:[oss-security] 20160210 Re: CVE Request: eom, gnome-photos, eog, gambas3, thunar, pinpoint, gtk+2.0 CVE-2013-7447
MLIST:[oss-security] 20160211 Linux kernel: Flaw in CXGB3 driver. CVE-2015-8812
MLIST:[oss-security] 20160211 Re: CVE requests: Multiple vulnerabilities in GraphicsMagick parsing and processing SVG files CVE-2016-2317 CVE-2016-2318
MLIST:[oss-security] 20160214 CVE Request: Linux: ALSA: usb-audio: double-free triggered by invalid USB descriptor CVE-2016-2384
MLIST:[oss-security] 20160214 CVE Request: Linux: Incorrect branch fixups for eBPF allow arbitrary read CVE-2016-2383
MLIST:[oss-security] 20160215 CVE request: foomatic-rip unhtmlify() buffer overflow vulnerability CVE-2010-5325
MLIST:[oss-security] 20160215 Re: CVE request: foomatic-rip unhtmlify() buffer overflow vulnerability CVE-2010-5325
MLIST:[oss-security] 20160216 Re: Umbraco - The open source ASP.NET CMS Multiple Vulnerabilities CVE-2015-8813 CVE-2015-8814 CVE-2015-8815
MLIST:[oss-security] 20160217 Re: CVE request - OkHttp Certificate Pining Bypass CVE-2016-2402
MLIST:[oss-security] 20160217 Re: Re: Umbraco - The open source ASP.NET CMS Multiple Vulnerabilities CVE-2015-8813
MLIST:[oss-security] 20160217 Re: Umbraco - The open source ASP.NET CMS Multiple Vulnerabilities CVE-2015-8813
MLIST:[oss-security] 20160218 CVE request: didiwiki path traversal vulnerability CVE-2013-7448
MLIST:[oss-security] 20160219 CVE for nodejs hawk CVE-2016-2515
MLIST:[oss-security] 20160219 Re: CVE request: didiwiki path traversal vulnerability CVE-2013-7448
MLIST:[oss-security] 20160219 TCPDF: CVE-2017-6100: LFI posting internal files externally abusing default parameter CVE-2017-6100
MLIST:[oss-security] 20160220 Re: CVE for nodejs hawk CVE-2016-2515
MLIST:[oss-security] 20160222 Re: CVE Request -- Buffer overflow in Python-Pillow and PIL CVE-2016-2533
MLIST:[oss-security] 20160223 Access to /dev/pts devices via pt_chown and user namespaces CVE-2016-2856
MLIST:[oss-security] 20160223 CVE Request: Linux kernel USB hub invalid memory access in hub_activate() CVE-2015-8816
MLIST:[oss-security] 20160223 CVE Request: Linux: unix: correctly track in-flight fds in sending process user_struct sockets CVE-2016-2550
MLIST:[oss-security] 20160224 Aufs Union Filesystem Privilege Escalation In User Namespaces CVE-2016-2853 CVE-2016-2854
MLIST:[oss-security] 20160224 CVE requests for Drupal core (SA-CORE-2016-001) CVE-2016-3162 CVE-2016-3163 CVE-2016-3164 CVE-2016-3165 CVE-2016-3166 CVE-2016-3167 CVE-2016-3168 CVE-2016-3169 CVE-2016-3170 CVE-2016-3171
MLIST:[oss-security] 20160224 Overlayfs over Fuse Privilege Escalation in USERNS CVE-2016-1576
MLIST:[oss-security] 20160224 Re: [Pixman] create_bits(): Cast the result of height * stride to size_t CVE-2014-9766
MLIST:[oss-security] 20160224 User Namespaces Overlayfs Xattr Setgid Privilege Escalation: Overlayfs CVE-2016-1575
MLIST:[oss-security] 20160224 [Pixman] create_bits(): Cast the result of height * stride to size_t CVE-2014-9766
MLIST:[oss-security] 20160226 CVE Request: util-linux runuser tty hijacking via TIOCSTI ioctl CVE-2016-2779
MLIST:[oss-security] 20160226 Re: CVE Request: pkexec tty hijacking via TIOCSTI ioctl CVE-2016-2568
MLIST:[oss-security] 20160226 Re: CVE request: Squid HTTP Caching Proxy multiple denial of service issues CVE-2016-2569 CVE-2016-2570 CVE-2016-2571 CVE-2016-2572
MLIST:[oss-security] 20160227 Re: CVE Request: util-linux runuser tty hijacking via TIOCSTI ioctl CVE-2016-2779
MLIST:[oss-security] 20160228 Re: CVE Request: util-linux runuser tty hijacking via TIOCSTI ioctl -- chroot CVE-2016-2781
MLIST:[oss-security] 20160228 Re: Re: CVE Request: util-linux runuser tty hijacking via TIOCSTI ioctl CVE-2016-2781
MLIST:[oss-security] 20160302 CVE Request(s): VTigerCRM and SugarCRM CVE-2015-5946
MLIST:[oss-security] 20160302 CVE-2015-1339: Linux Kernel: memory exhaustion via CUSE driver CVE-2015-1339
MLIST:[oss-security] 20160302 Re: CVE Request: Linux: aio write triggers integer overflow in some network protocols CVE-2012-6701 CVE-2015-8830
MLIST:[oss-security] 20160303 Security issues in JasPer (CVE-2016-1577 and CVE-2016-2116) CVE-2016-1577 CVE-2016-2116
MLIST:[oss-security] 20160305 CVE Request: Dotclear: XSS vulnerability in comments managment page and media exclusion control enforcement CVE-2015-8831 CVE-2015-8832
MLIST:[oss-security] 20160306 Re: Access to /dev/pts devices via pt_chown and user namespaces CVE-2016-2856
MLIST:[oss-security] 20160306 Re: CVE Request: Dotclear: XSS vulnerability in comments managment page and media exclusion control enforcement CVE-2015-8831 CVE-2015-8832
MLIST:[oss-security] 20160307 CVE-2016-1234 in glibc glob with GLOB_ALTDIRFUNC CVE-2016-1234
MLIST:[oss-security] 20160309 Heap use after free in Pidgin-OTR plugin CVE-2015-8833
MLIST:[oss-security] 20160309 Re: Heap use after free in Pidgin-OTR plugin CVE-2015-8833
MLIST:[oss-security] 20160310 [ANNOUNCE] CVE-2016-0734: ActiveMQ Web Console - Clickjacking CVE-2016-0734
MLIST:[oss-security] 20160310 please assign CVE for cacti bug 2667: SQL Injection Vulnerability CVE-2016-3172
MLIST:[oss-security] 20160311 ProFTPD before 1.3.5b/1.3.6rc2 uses 1024 bit Diffie Hellman parameters for TLS even if user sets manual parameters CVE-2016-3125
MLIST:[oss-security] 20160311 Re: ProFTPD before 1.3.5b/1.3.6rc2 uses 1024 bit Diffie Hellman parameters for TLS even if user sets manual parameters CVE-2016-3125
MLIST:[oss-security] 20160314 Re: CVE request -- linux kernel: crash on invalid USB device descriptors (cdc_acm driver) CVE-2016-3138
MLIST:[oss-security] 20160314 Re: CVE request -- linux kernel: crash on invalid USB device descriptors (cypress_m8 driver) CVE-2016-3137
MLIST:[oss-security] 20160314 Re: CVE request -- linux kernel: crash on invalid USB device descriptors (digi_acceleport driver) CVE-2016-3140
MLIST:[oss-security] 20160314 Re: CVE request -- linux kernel: crash on invalid USB device descriptors (mct_u232 driver) CVE-2016-3136
MLIST:[oss-security] 20160315 CVE request: ipv4: Don't do expensive useless work during inetdev destroy CVE-2016-3156
MLIST:[oss-security] 20160315 Re: CVE requests for Drupal core (SA-CORE-2016-001) CVE-2016-3162 CVE-2016-3163 CVE-2016-3164 CVE-2016-3165 CVE-2016-3166 CVE-2016-3167 CVE-2016-3168 CVE-2016-3169 CVE-2016-3170 CVE-2016-3171
MLIST:[oss-security] 20160315 Re: please assign CVE for cacti bug 2667: SQL Injection Vulnerability CVE-2016-3172
MLIST:[oss-security] 20160315 server and client side remote code execution through a bu ffer overflow in all git versions before 2.7.1 (unpublished ᴄᴠᴇ-2016-2324 and ᴄᴠᴇ-2016-2315) CVE-2016-2315 CVE-2016-2324
MLIST:[oss-security] 20160316 Re: CVE Request : Use-after-free in gifcolor CVE-2016-3177
MLIST:[oss-security] 20160316 Re: CVE Request: The minissdpd (v 1.2.20130907-3) is affected by an improper validation of array index weakness CVE-2016-3178 CVE-2016-3179
MLIST:[oss-security] 20160316 Re: CVE request - OpenJPEG : Out-Of-Bounds Read in sycc422_to_rgb function CVE-2016-3183
MLIST:[oss-security] 20160316 Re: Three CVE requests for PHP CVE-2014-9767
MLIST:[oss-security] 20160321 CVE request: Stack exhaustion in libxml2 parsing xml files in recover mode CVE-2016-3627
MLIST:[oss-security] 20160321 Re: CVE request: Stack exhaustion in libxml2 parsing xml files in recover mode CVE-2016-3627
MLIST:[oss-security] 20160321 moodle security release CVE-2016-2151 CVE-2016-2152 CVE-2016-2153 CVE-2016-2154 CVE-2016-2155 CVE-2016-2156 CVE-2016-2157 CVE-2016-2158 CVE-2016-2159 CVE-2016-2190
MLIST:[oss-security] 20160325 CVE request - XStream: XXE vulnerability CVE-2016-3674
MLIST:[oss-security] 20160325 [CVE-2016-0784] ZIP file path traversal CVE-2016-0784
MLIST:[oss-security] 20160326 CVE Request: pcre: Segmentation fault on certain input to regular expressions with nested alternatives when JIT is used CVE-2014-9769
MLIST:[oss-security] 20160328 Re: CVE request - XStream: XXE vulnerability CVE-2016-3674
MLIST:[oss-security] 20160401 Re: ext4 data corruption due to punch hole races CVE-2015-8839
MLIST:[oss-security] 20160405 CVE request - Go - DLL loading, Big int CVE-2016-3958 CVE-2016-3959
MLIST:[oss-security] 20160405 Re: CVE request - Go - DLL loading, Big int CVE-2016-3958 CVE-2016-3959
MLIST:[oss-security] 20160406 Fwd: CVE Request: Linux: usbnet: memory corruption triggered by invalid USB descriptor CVE-2016-3951
MLIST:[oss-security] 20160407 CVE-2016-3619 libtiff: Out-of-bounds Read in the bmp2tiff tool CVE-2016-3619
MLIST:[oss-security] 20160407 CVE-2016-3620 libtiff: Out-of-bounds Read in the bmp2tiff tool CVE-2016-3620
MLIST:[oss-security] 20160407 CVE-2016-3621 libtiff: Out-of-bounds Read in the bmp2tiff tool CVE-2016-3621
MLIST:[oss-security] 20160407 CVE-2016-3622 libtiff: Divide By Zero in the tiff2rgba tool CVE-2016-3622
MLIST:[oss-security] 20160408 CVE Request: systemd / journald created world readable journal files CVE-2014-9770 CVE-2015-8842
MLIST:[oss-security] 20160408 CVE-2016-3623 libtiff: Divide By Zero in the rgb2ycbcr tool CVE-2016-3623
MLIST:[oss-security] 20160408 CVE-2016-3624 libtiff: Out-of-bounds Write in the rgb2ycbcr tool CVE-2016-3624
MLIST:[oss-security] 20160408 CVE-2016-3625 libtiff: Out-of-bounds Read in the tiff2bw tool CVE-2016-3625
MLIST:[oss-security] 20160408 CVE-2016-3631 - libtiff 4.0.6 illegel read CVE-2016-3631
MLIST:[oss-security] 20160408 CVE-2016-3632 - libtiff 4.0.6 illegel write CVE-2016-3632
MLIST:[oss-security] 20160408 CVE-2016-3633 - libtiff 4.0.6 illegel read CVE-2016-3633
MLIST:[oss-security] 20160408 CVE-2016-3634 - libtiff illegel read CVE-2016-3634
MLIST:[oss-security] 20160408 CVE-2016-3658 - libtiff 4.0.6 illegel read CVE-2016-3658
MLIST:[oss-security] 20160408 CVE-2016-3945 libtiff: Out-of-bounds Write in the tiff2rgba tool CVE-2016-3945
MLIST:[oss-security] 20160408 Re: CVE Request: systemd / journald created world readable journal files CVE-2014-9770 CVE-2015-8842
MLIST:[oss-security] 20160410 CVE request: cronic - predictable temporary files CVE-2016-3992
MLIST:[oss-security] 20160410 Re: CVE request: cronic - predictable temporary files CVE-2016-3992
MLIST:[oss-security] 20160411 CVE request: Poppler < 0.40.0 CVE-2015-8868
MLIST:[oss-security] 20160411 Infinite loops parsing malicious DER certificates in libtasn1 4.7 CVE-2016-4008
MLIST:[oss-security] 20160411 Re: CVE request: libcrypto++ - Timing Attack Counter Measure CVE-2016-3995
MLIST:[oss-security] 20160412 CVE-2016-3990 : out-of-bounds write in horizontalDifference8() in tiffcp tool CVE-2016-3990
MLIST:[oss-security] 20160412 CVE-2016-3991 : out-of-bounds write in loadImage() in tiffcrop tool CVE-2016-3991
MLIST:[oss-security] 20160413 CVE Request: Linux kernel: incorrect restoration of machine specific registers from signal handler. CVE-2015-8844 CVE-2015-8845
MLIST:[oss-security] 20160416 CVE request: Varnish 3 before 3.0.7 was vulnerable to HTTP Smuggling issues: Double Content Length and bad EOL CVE-2015-8852
MLIST:[oss-security] 20160416 Re: CVE Request: Stored Cross-Site Scripting in TYPO3 Bookmarks CVE-2016-4056
MLIST:[oss-security] 20160418 CVE request - samsumg android phone msm_sensor_config function write some range kernel address with any value CVE-2016-4038
MLIST:[oss-security] 20160418 CVE-2013-7450: Pulp < 2.3.0 distributed the same CA key to all users CVE-2013-7450
MLIST:[oss-security] 20160418 Re: CVE request - Pulp < 2.3.0 shipped the same authentication CA key/cert to all users CVE-2013-7450
MLIST:[oss-security] 20160418 Re: CVE request - samsumg android phone msm_sensor_config function write some range kernel address with any value CVE-2016-4038
MLIST:[oss-security] 20160418 Re: CVE request: Varnish 3 before 3.0.7 was vulnerable to HTTP Smuggling issues: Double Content Length and bad EOL CVE-2015-8852
MLIST:[oss-security] 20160419 CVE Request: Linux kernel: remote buffer overflow in usbip CVE-2016-3955
MLIST:[oss-security] 20160419 Re: CVE Request: Bypass Restricted Python - Plone CVE-2016-4043
MLIST:[oss-security] 20160419 Re: CVE Request: Privilege escalation in webdav - Plone CVE-2016-4041
MLIST:[oss-security] 20160419 Re: CVE Request: Unauthorized disclosure of site content - Plone CVE-2016-4042
MLIST:[oss-security] 20160420 CVE Request: perl: denial-of-service / Regexp-matching "hangs" indefinitely on illegal input using binmode :utf8 using 100%CPU CVE-2015-8853
MLIST:[oss-security] 20160420 Re: CVE Request: Squid HTTP Caching Proxy multiple issues CVE-2016-4051 CVE-2016-4052 CVE-2016-4053 CVE-2016-4054
MLIST:[oss-security] 20160420 Re: CVE Request: perl: denial-of-service / Regexp-matching "hangs" indefinitely on illegal input using binmode :utf8 using 100%CPU CVE-2015-8853
MLIST:[oss-security] 20160420 various vulnerabilities in Node.js packages CVE-2013-7451 CVE-2013-7452 CVE-2013-7453 CVE-2013-7454 CVE-2014-9772 CVE-2015-8315 CVE-2015-8854 CVE-2015-8855 CVE-2015-8856 CVE-2015-8857 CVE-2015-8858 CVE-2015-8859 CVE-2015-8860 CVE-2015-8861 CVE-2015-8862 CVE-2016-4055
MLIST:[oss-security] 20160421 CVE Request: Squid HTTP Caching Proxy multiple issues CVE-2016-4051 CVE-2016-4052 CVE-2016-4053 CVE-2016-4054
MLIST:[oss-security] 20160423 CVE Request: jq: heap buffer overflow in tokenadd() function CVE-2015-8863
MLIST:[oss-security] 20160423 Re: CVE Request: Roundcube: XSS issue in SVG image handling and protection for download urs against CSRF CVE-2016-4069
MLIST:[oss-security] 20160423 Re: CVE Request: jq: heap buffer overflow in tokenadd() function CVE-2015-8863
MLIST:[oss-security] 20160423 Re: CVE request: PHP issues fixed in 7.0.5, 5.6.20 and 5.5.34 releases CVE-2015-8865 CVE-2015-8866 CVE-2015-8867 CVE-2016-4070 CVE-2016-4071 CVE-2016-4072 CVE-2016-4073
MLIST:[oss-security] 20160424 CVE Request: jq: stack exhaustion using jv_dump_term() function CVE-2016-4074
MLIST:[oss-security] 20160424 Re: CVE Request: jq: stack exhaustion using jv_dump_term() function CVE-2016-4074
MLIST:[oss-security] 20160427 3 bugs refer to buffer overflow in in libtiff 4.0.6 CVE-2016-5318 CVE-2016-5319
MLIST:[oss-security] 20160427 CVE-2016-4049: Denial of Service Vulnerability in Quagga BGP Routing Daemon (bgpd) CVE-2016-4049
MLIST:[oss-security] 20160428 CVE requests: DoS in librsvg parsing SVGs with circular definitions CVE-2016-4348
MLIST:[oss-security] 20160428 Re: CVE requests: DoS in librsvg parsing SVGs with circular definitions CVE-2016-4348
MLIST:[oss-security] 20160428 [CVE Requests] PHP issues CVE-2016-4342 CVE-2016-4343 CVE-2016-4344 CVE-2016-4345 CVE-2016-4346
MLIST:[oss-security] 20160429 CVE request: three issues in libksba CVE-2016-4353 CVE-2016-4354 CVE-2016-4355 CVE-2016-4356
MLIST:[oss-security] 20160429 Re: CVE request: Mplayer/Mencoder integer overflow parsing gif files CVE-2016-4352
MLIST:[oss-security] 20160429 Re: CVE request: three issues in libksba CVE-2016-4353 CVE-2016-4354 CVE-2016-4355 CVE-2016-4356
MLIST:[oss-security] 20160429 Re: buffer overflow and information leak in OCaml < 4.03.0 CVE-2015-8869
MLIST:[oss-security] 20160429 buffer overflow and information leak in OCaml < 4.03.0 CVE-2015-8869
MLIST:[oss-security] 20160430 CVE request - Quassel IRC denial of service CVE-2016-4414
MLIST:[oss-security] 20160430 Re: CVE request - Quassel IRC denial of service CVE-2016-4414
MLIST:[oss-security] 20160430 Re: CVE requests: DoS in librsvg parsing SVGs with circular definitions CVE-2015-7558 CVE-2016-4348
MLIST:[oss-security] 20160501 CVE Request: Jansson: stack exhaustion parsing a JSON file CVE-2016-4425
MLIST:[oss-security] 20160501 CVE request: DoS in multiple versions of GraphicsMagick CVE-2016-5240
MLIST:[oss-security] 20160501 Re: CVE request: DoS in multiple versions of GraphicsMagick CVE-2016-5240 CVE-2016-5241
MLIST:[oss-security] 20160502 CVE request: atheme: security fixes CVE-2014-9773 CVE-2016-4478
MLIST:[oss-security] 20160502 Re: CVE Request: Jansson: stack exhaustion parsing a JSON file CVE-2016-4425
MLIST:[oss-security] 20160502 [SECURITY ISSUES] CVE-2016-3691 and CVE-2016-3114 CVE-2016-3114 CVE-2016-3691
MLIST:[oss-security] 20160503 CVE Request: information leak in devio of Linux kernel CVE-2016-4482
MLIST:[oss-security] 20160503 CVE Request: kernel information leak vulnerability in llc module CVE-2016-4485
MLIST:[oss-security] 20160503 CVE request: out-of-bounds read parsing an XML in libxml2 using recover mode CVE-2016-4483
MLIST:[oss-security] 20160503 Re: CVE Request: Jansson: stack exhaustion parsing a JSON file CVE-2016-4425
MLIST:[oss-security] 20160503 Re: CVE request: atheme: security fixes CVE-2014-9773 CVE-2016-4478
MLIST:[oss-security] 20160503 Re: hostapd/wpa_supplicant - psk configuration parameter update allowing arbitrary data to be written CVE-2016-4476 CVE-2016-4477
MLIST:[oss-security] 20160504 CVE Request: kernel information leak vulnerability in rtnetlink CVE-2016-4486
MLIST:[oss-security] 20160504 Re: CVE request: out-of-bounds read parsing an XML in libxml2 using recover mode CVE-2016-4483
MLIST:[oss-security] 20160504 broken RSA keys CVE-2000-1254
MLIST:[oss-security] 20160505 CVE Request: PHP: several issues fixed with 7.0.6, 5.6.21 and 5.5.35 CVE-2016-4537 CVE-2016-4538 CVE-2016-4539 CVE-2016-4540 CVE-2016-4541 CVE-2016-4542 CVE-2016-4543 CVE-2016-4544
MLIST:[oss-security] 20160505 Re: CVE Request: No Demangling During Analysis of Untrusted Binaries CVE-2016-2226 CVE-2016-4487 CVE-2016-4488 CVE-2016-4489 CVE-2016-4490 CVE-2016-4491 CVE-2016-4492 CVE-2016-4493
MLIST:[oss-security] 20160505 Re: CVE request - samsumg android phone TvoutService_C binder service DoS CVE-2016-4547
MLIST:[oss-security] 20160505 Re: CVE request - samsumg android phone com.samsung.android.jam.IAndroidShm binder service DoS CVE-2016-4546
MLIST:[oss-security] 20160506 CVE Request: Squid HTTP caching proxy CVE-2016-4555 CVE-2016-4556
MLIST:[oss-security] 20160506 CVE Requests: Linux: BPF flaws (one use-after-free / local root privilege escalation) CVE-2016-4557 CVE-2016-4558
MLIST:[oss-security] 20160506 CVE-2016-1236 - XSS Vulnerability in websvn 2.3.3-1.2+deb8u1 CVE-2016-1236
MLIST:[oss-security] 20160506 Re: CVE Request: Squid HTTP caching proxy CVE-2016-4555 CVE-2016-4556
MLIST:[oss-security] 20160507 CVE Request: Linux: IB/security: Restrict use of the write() interface' CVE-2016-4565
MLIST:[oss-security] 20160507 CVE Request: Linux: [media] videobuf2-v4l2: Verify planes array in buffer dequeueing CVE-2016-4568
MLIST:[oss-security] 20160507 CVE Request: wordpress and mediaelement CVE-2016-4566 CVE-2016-4567
MLIST:[oss-security] 20160509 CVE-2016-2099: use-after-free in Xerces 3.1.3 CVE-2016-2099
MLIST:[oss-security] 20160509 Re: CVE Request: kernel information leak vulnerability in Linux sound module CVE-2016-4569
MLIST:[oss-security] 20160509 Re: CVE requested: two stack exhaustation parsing xml files using mxml CVE-2016-4570 CVE-2016-4571
MLIST:[oss-security] 20160510 CVE Request: x25: a kernel infoleak in x25_negotiate_facilities() CVE-2016-4580
MLIST:[oss-security] 20160510 CVE request: libksba out-of-bouds read remote DOS issue fixed in 1.3.4 CVE-2016-4579
MLIST:[oss-security] 20160510 Re: CVE request: three issues in libksba CVE-2016-4574
MLIST:[oss-security] 20160510 Re: Re: CVE request: three issues in libksba CVE-2016-4356 CVE-2016-4574
MLIST:[oss-security] 20160511 Re: CVE Request: alsa: kernel information leak vulnerability in Linux sound/core/timer CVE-2016-4578
MLIST:[oss-security] 20160511 Re: CVE request: libksba out-of-bouds read remote DOS issue fixed in 1.3.4 CVE-2016-4579
MLIST:[oss-security] 20160511 Re: CVE requested: two stack exhaustation parsing xml files using mxml CVE-2016-4570 CVE-2016-4571
MLIST:[oss-security] 20160511 Re: Re: CVE requests: DoS in librsvg parsing SVGs with circular definitions CVE-2016-4348
MLIST:[oss-security] 20160512 Linux Kernel bpf related UAF CVE-2016-4794
MLIST:[oss-security] 20160512 Possible CVE request: gdk-pixbuf: Additional fixes to protect against overlows in pixops_* functions (similar to CVE-2015-7674) CVE-2015-8875
MLIST:[oss-security] 20160512 Re: CVE Request - OpenJPEG: Security Fixes CVE-2016-4796 CVE-2016-4797
MLIST:[oss-security] 20160512 Re: CVE Request : Use-after-free in openjpeg CVE-2015-8871
MLIST:[oss-security] 20160515 Re: CVE Requests: Linux: use-after-free issue for ppp channel CVE-2016-4805
MLIST:[oss-security] 20160516 Re: CVE Request: gdk-pixbuf: Additional fixes to protect against overlows in pixops_* functions (similar to CVE-2015-7674) CVE-2015-8875
MLIST:[oss-security] 20160517 CVE request for vulnerability in OpenStack Keystone CVE-2016-4911
MLIST:[oss-security] 20160517 CVE-2016-3091 Diego log encoding vulnerability CVE-2016-3091
MLIST:[oss-security] 20160517 Moodle security release 3.0.4, 2.9.6, 2.8.12, 2.7.14 CVE-2016-3729 CVE-2016-3731 CVE-2016-3732 CVE-2016-3733 CVE-2016-3734
MLIST:[oss-security] 20160517 Re: CVE Request: gdk-pixbuf: Additional fixes to protect against overlows in pixops_* functions (similar to CVE-2015-7674) CVE-2015-8875
MLIST:[oss-security] 20160517 Re: CVE request for vulnerability in OpenStack Keystone CVE-2016-4911
MLIST:[oss-security] 20160518 CVE Request: Linux: information leak in Rock Ridge Extensions to iso9660 -- fs/isofs/rock.c CVE-2016-4913
MLIST:[oss-security] 20160518 Re: CVE Request: Linux: information leak in Rock Ridge Extensions to iso9660 -- fs/isofs/rock.c CVE-2016-4913
MLIST:[oss-security] 20160518 Re: CVE Request: null pointer deref in openslp, can be triggered remotely CVE-2016-4912
MLIST:[oss-security] 20160519 Pulp 2.8.3 Released to address multiple CVEs CVE-2013-7450
MLIST:[oss-security] 20160520 Re: ImageMagick Is On Fire -- CVE-2016-3714 CVE-2016-2317
MLIST:[oss-security] 20160521 Re: CVE request: -- Linux kernel: Null pointer dereference in tipc_nl_publ_dump CVE-2016-4951
MLIST:[oss-security] 20160523 CVE request: /tmp usage race condition in onionshare CVE-2016-5026
MLIST:[oss-security] 20160523 CVE request: OpenNTPD not verifying CN during HTTPS constraints request CVE-2016-5117
MLIST:[oss-security] 20160524 CVE request: Multiple vunerabilities in libdwarf & dwarfdump CVE-2016-5027 CVE-2016-5028 CVE-2016-5029 CVE-2016-5030 CVE-2016-5031 CVE-2016-5032 CVE-2016-5033 CVE-2016-5034 CVE-2016-5035 CVE-2016-5036 CVE-2016-5037 CVE-2016-5038 CVE-2016-5039 CVE-2016-5040 CVE-2016-5041 CVE-2016-5042 CVE-2016-5043 CVE-2016-5044
MLIST:[oss-security] 20160524 Re: CVE request: /tmp usage race condition in onionshare CVE-2016-5026
MLIST:[oss-security] 20160524 Re: CVE request: Multiple vunerabilities in libdwarf & dwarfdump CVE-2016-5027 CVE-2016-5028 CVE-2016-5029 CVE-2016-5030 CVE-2016-5031 CVE-2016-5032 CVE-2016-5033 CVE-2016-5034 CVE-2016-5035 CVE-2016-5036 CVE-2016-5037 CVE-2016-5038 CVE-2016-5039 CVE-2016-5040 CVE-2016-5041 CVE-2016-5042 CVE-2016-5043 CVE-2016-5044
MLIST:[oss-security] 20160525 CVE Requests: libimobiledevice and libusbmuxd CVE-2016-5104
MLIST:[oss-security] 20160525 CVE-Request: TYPO3 Extbase Missing Access Check CVE-2016-5091
MLIST:[oss-security] 20160526 Re: CVE Requests: libimobiledevice and libusbmuxd CVE-2016-5104
MLIST:[oss-security] 20160526 Re: CVE-Request: TYPO3 Extbase Missing Access Check CVE-2016-5091
MLIST:[oss-security] 20160526 Re: Fwd: CVE for PHP 5.5.36 issues CVE-2013-7456 CVE-2016-5093 CVE-2016-5094 CVE-2016-5095 CVE-2016-5096
MLIST:[oss-security] 20160527 Security issues addressed in GraphicsMagick SVG reader CVE-2016-2317 CVE-2016-2318
MLIST:[oss-security] 20160528 Re: Fwd: PHP-FPM fpm_log.c memory leak and buffer overflow CVE-2016-5114
MLIST:[oss-security] 20160529 CVE Request: GraphicsMagick and ImageMagick popen() shell vulnerability via filename CVE-2016-5118
MLIST:[oss-security] 20160529 Re: CVE Request: GraphicsMagick and ImageMagick popen() shell vulnerability via filename CVE-2016-5118
MLIST:[oss-security] 20160529 Re: CVE Request: libgd - gdCtxPrintf memory leak CVE-2016-5116
MLIST:[oss-security] 20160529 Re: CVE request: Mplayer/Mencoder read out-of-bounds parsing a mp3 file CVE-2016-5115
MLIST:[oss-security] 20160529 Re: CVE request: OpenNTPD not verifying CN during HTTPS constraints request CVE-2016-5117
MLIST:[oss-security] 20160531 Re: Security issues addressed in GraphicsMagick SVG reader CVE-2016-2317 CVE-2016-2318
MLIST:[oss-security] 20160601 CVE update (CVE-2016-2174) - Fixed in Ranger 0.5.3 CVE-2016-2174
MLIST:[oss-security] 20160602 Re: CVE request: DoS in multiple versions of GraphicsMagick CVE-2016-5240 CVE-2016-5241
MLIST:[oss-security] 20160602 Re: ImageMagick CVEs CVE-2014-9804 CVE-2014-9805 CVE-2014-9806 CVE-2014-9807 CVE-2014-9808 CVE-2014-9809 CVE-2014-9810 CVE-2014-9811 CVE-2014-9812 CVE-2014-9813 CVE-2014-9814 CVE-2014-9815 CVE-2014-9816 CVE-2014-9817 CVE-2014-9818 CVE-2014-9819 CVE-2014-9820 CVE-2014-9821 CVE-2014-9822 CVE-2014-9823 CVE-2014-9824 CVE-2014-9825 CVE-2014-9826 CVE-2014-9827 CVE-2014-9828 CVE-2014-9829 CVE-2014-9830 CVE-2014-9831 CVE-2014-9832 CVE-2014-9833 CVE-2014-9834 CVE-2014-9835 CVE-2014-9836 CVE-2014-9837 CVE-2014-9838 CVE-2014-9839 CVE-2014-9840 CVE-2014-9841 CVE-2014-9842 CVE-2014-9843 CVE-2014-9844 CVE-2014-9845 CVE-2014-9846 CVE-2014-9847 CVE-2014-9848 CVE-2014-9849 CVE-2014-9850 CVE-2014-9851 CVE-2014-9852 CVE-2014-9853 CVE-2014-9854 CVE-2015-8894 CVE-2015-8895 CVE-2015-8896 CVE-2015-8897 CVE-2015-8898 CVE-2016-5239
MLIST:[oss-security] 20160603 CVE Request: Dnsmasq denial of service CVE-2015-8899
MLIST:[oss-security] 20160603 Re: CVE Request: Dnsmasq denial of service CVE-2015-8899
MLIST:[oss-security] 20160603 Re: CVE Request: rds: fix an infoleak in rds_inc_info_copy CVE-2016-5244
MLIST:[oss-security] 20160603 Re: CVE Request: tipc: an infoleak in tipc_nl_compat_link_dump CVE-2016-5243
MLIST:[oss-security] 20160603 Re: expat hash collision fix too predictable? CVE-2012-6702
MLIST:[oss-security] 20160604 Libtorrent http_parser.cpp denial of service CVE-2016-5301
MLIST:[oss-security] 20160604 Re: Libtorrent http_parser.cpp denial of service CVE-2016-5301
MLIST:[oss-security] 20160604 Re: expat hash collision fix too predictable? CVE-2016-5300
MLIST:[oss-security] 20160606 3 bugs refer to buffer overflow in in libtiff 4.0.6 CVE-2016-5318 CVE-2016-5319
MLIST:[oss-security] 20160606 Re: Requesting CVE for ImageMagick DoS CVE-2015-8900 CVE-2015-8901 CVE-2015-8902 CVE-2015-8903
MLIST:[oss-security] 20160607 Please reject duplicate CVE for libxml2 CVE-2016-4483
MLIST:[oss-security] 20160607 Re: CVE Request: GnuTLS: GNUTLS-SA-2016-1: File overwrite by setuid programs CVE-2016-4456
MLIST:[oss-security] 20160607 Re: Please reject duplicate CVE for libxml2 CVE-2016-4483
MLIST:[oss-security] 20160608 CVE-2016-2177: OpenSSL undefined pointer arithmetic CVE-2016-2177
MLIST:[oss-security] 20160608 CVE-2016-2178: OpenSSL DSA follows a non-constant time codepath for certain operations CVE-2016-2178
MLIST:[oss-security] 20160608 Re: CVE-2016-2178: OpenSSL DSA follows a non-constant time codepath for certain operations CVE-2016-2178
MLIST:[oss-security] 20160609 CVE Request: haproxy remote denial of service via reqdeny CVE-2016-5360
MLIST:[oss-security] 20160609 Re: CVE Request: haproxy remote denial of service via reqdeny CVE-2016-5360
MLIST:[oss-security] 20160609 Re: CVE Request: wireshark releases CVE-2016-5350 CVE-2016-5351 CVE-2016-5352 CVE-2016-5353 CVE-2016-5354 CVE-2016-5355 CVE-2016-5356 CVE-2016-5357 CVE-2016-5358 CVE-2016-5359
MLIST:[oss-security] 20160609 Re: CVE-2016-2178: OpenSSL DSA follows a non-constant time codepath for certain operations CVE-2016-2178
MLIST:[oss-security] 20160610 Re: CVE Request: IKEv1 protocol is vulnerable to DoS amplification attack CVE-2016-5361
MLIST:[oss-security] 20160610 Ruby gem rack-mini-profiler CVE-2016-4442 CVE-2016-4442
MLIST:[oss-security] 20160610 Simple Machines Forums - PHP Object Injection CVE-2016-5726 CVE-2016-5727
MLIST:[oss-security] 20160610 [vs-plain] Linux kernel stack overflow via ecryptfs and /proc/$pid/environ CVE-2016-1583
MLIST:[oss-security] 20160611 CVE Request for Denial of Service in pacman 5.0.1 CVE-2016-5434
MLIST:[oss-security] 20160611 Re: MantisBT: XSS in custom fields management CVE-2016-5364
MLIST:[oss-security] 20160614 CVE-2016-5317: GNOME nautilus: crash occurs when generating a thumbnail for a crafted TIFF image CVE-2016-5317
MLIST:[oss-security] 20160614 Re: CVE Request for Denial of Service in pacman 5.0.1 CVE-2016-5434
MLIST:[oss-security] 20160614 Various invalid memory reads in ImageMagick (WPG, DDS, DCM) CVE-2016-5687 CVE-2016-5688 CVE-2016-5689 CVE-2016-5690 CVE-2016-5691
MLIST:[oss-security] 20160615 CVE Request: heap overflow in Python zipimport module CVE-2016-5636
MLIST:[oss-security] 20160615 CVE-2016-5314: libtiff 4.0.6 PixarLogDecode() out-of-bound writes CVE-2016-5314
MLIST:[oss-security] 20160615 CVE-2016-5315: libtiff 4.0.6 tif_dir.c: setByteArray() Read access violation CVE-2016-5315 CVE-2016-5322
MLIST:[oss-security] 20160615 CVE-2016-5316: libtiff 4.0.6 tif_pixarlog.c: PixarLogCleanup() Segmentation fault CVE-2016-5316
MLIST:[oss-security] 20160615 CVE-2016-5317: GNOME nautilus: crash occurs when generating a thumbnail for a crafted TIFF image CVE-2016-5317
MLIST:[oss-security] 20160615 CVE-2016-5320: libtiff 4.0.6 rgb2ycbcr: command excution CVE-2016-5314
MLIST:[oss-security] 20160615 CVE-2016-5323: libtiff 4.0.6 tiffcrop _TIFFFax3fillruns(): divide by zero CVE-2016-5323
MLIST:[oss-security] 20160616 Re: CVE Request: heap overflow in Python zipimport module CVE-2016-5636
MLIST:[oss-security] 20160617 Many invalid memory access issues in libarchive CVE-2015-8915 CVE-2015-8916 CVE-2015-8917 CVE-2015-8918 CVE-2015-8919 CVE-2015-8920 CVE-2015-8921 CVE-2015-8922 CVE-2015-8923 CVE-2015-8924 CVE-2015-8925 CVE-2015-8926 CVE-2015-8927 CVE-2015-8928 CVE-2015-8929 CVE-2015-8930 CVE-2015-8931 CVE-2015-8932 CVE-2015-8933 CVE-2015-8934
MLIST:[oss-security] 20160617 Re: Many invalid memory access issues in libarchive CVE-2015-8915 CVE-2015-8916 CVE-2015-8917 CVE-2015-8918 CVE-2015-8919 CVE-2015-8920 CVE-2015-8921 CVE-2015-8922 CVE-2015-8923 CVE-2015-8924 CVE-2015-8925 CVE-2015-8926 CVE-2015-8927 CVE-2015-8928 CVE-2015-8929 CVE-2015-8930 CVE-2015-8931 CVE-2015-8932 CVE-2015-8933 CVE-2015-8934
MLIST:[oss-security] 20160617 Re: Various invalid memory reads in ImageMagick (WPG, DDS, DCM) CVE-2016-5687 CVE-2016-5688 CVE-2016-5689 CVE-2016-5690 CVE-2016-5691
MLIST:[oss-security] 20160618 Re: Simple Machines Forums - PHP Object Injection CVE-2016-5726 CVE-2016-5727
MLIST:[oss-security] 20160620 CVE Request: 2015 squidguard reflected XSS CVE-2015-8936
MLIST:[oss-security] 20160620 CVE request for PHP bug #68978: "XSS in header() with Internet Explorer" (2015) CVE-2015-8935
MLIST:[oss-security] 20160620 CVE-2016-3189: bzip2 use-after-free on bzip2recover CVE-2016-3189
MLIST:[oss-security] 20160620 RE: CVE Request: 2015 squidguard reflected XSS CVE-2015-8936
MLIST:[oss-security] 20160621 Re: SELinux troubles CVE-2016-4444 CVE-2016-4445 CVE-2016-4446
MLIST:[oss-security] 20160621 SELinux troubles CVE-2016-4989
MLIST:[oss-security] 20160622 CVE request: SQL injection in MovableType xml-rpc interface CVE-2016-5742
MLIST:[oss-security] 20160622 Re: CVE Request Openstack-infra puppet-gerrit module xss vulnerability CVE-2016-5737
MLIST:[oss-security] 20160622 Re: CVE request: SQL injection in MovableType xml-rpc interface CVE-2016-5742
MLIST:[oss-security] 20160622 Re: [vs-plain] Linux kernel stack overflow via ecryptfs and /proc/$pid/environ CVE-2016-1583
MLIST:[oss-security] 20160623 Fwd: out-of-bounds read in MagickCore/property.c:1396 could lead to memory leak/ Integer overflow read to RCE CVE-2016-5841 CVE-2016-5842
MLIST:[oss-security] 20160623 Out of bounds read and signed integer overflow in libarchive CVE-2016-5844
MLIST:[oss-security] 20160623 Re: CVE for PHP 5.5.37 issues CVE-2016-5766 CVE-2016-5767 CVE-2016-5768 CVE-2016-5769 CVE-2016-5770 CVE-2016-5771 CVE-2016-5772 CVE-2016-5773
MLIST:[oss-security] 20160624 Re: Out of bounds read and signed integer overflow in libarchive CVE-2016-5844
MLIST:[oss-security] 20160624 [CVE-2016-5697] signature wrapping attack vulnerability in ruby-saml prior to version 1.3.0 http://www.openwall.com/lists/oss-security/2016/06/24/3 MLIST:[oss-security] 06/24/2016 Re: [CVE-2016-5697] signature wrapping attack vulnerability in ruby-saml prior to version 1.3.0 CVE-2016-5697
MLIST:[oss-security] 20160625 Linux CVE-2016-1237: nfsd: any user can set a file's ACL over NFS and grant access to it CVE-2016-1237
MLIST:[oss-security] 20160625 Re: CVE Request: Linux: powerpc/tm: Always reclaim in start_thread() for exec() class syscalls - Linux kernel CVE-2016-5828
MLIST:[oss-security] 20160625 Re: Fwd: out-of-bounds read in MagickCore/property.c:1396 could lead to memory leak/ Integer overflow read to RCE CVE-2016-5841 CVE-2016-5842
MLIST:[oss-security] 20160625 Re: libical 0.47 SEGV on unknown address CVE-2016-5823 CVE-2016-5824 CVE-2016-5825 CVE-2016-5826 CVE-2016-5827
MLIST:[oss-security] 20160626 Re: CVE Request: Linux kernel HID: hiddev buffer overflows CVE-2016-5829
MLIST:[oss-security] 20160628 CVE request - python-docx 0.8.5 - XXE CVE-2016-5851
MLIST:[oss-security] 20160628 Re: CVE Request: integer overflow in ALSA snd_compress_check_input CVE-2012-6703
MLIST:[oss-security] 20160628 Re: CVE request - python-docx 0.8.5 - XXE CVE-2016-5851
MLIST:[oss-security] 20160629 CVE Request - PECL-HTTP 3.0.0 Buffer overflow CVE-2016-5873
MLIST:[oss-security] 20160629 Re: CVE Request - PECL-HTTP 3.0.0 Buffer overflow CVE-2016-5873
MLIST:[oss-security] 20160629 Re: CVE Request: libgd: Invalid color index is not properly handled leading to denial of service (crash) CVE-2016-6128
MLIST:[oss-security] 20160630 CVE Request: A read out-of-bands was found in the parsing of TGA files using libgd CVE-2016-6132
MLIST:[oss-security] 20160630 CVE Request: No demangling of untrusted binaries (2) CVE-2016-6131
MLIST:[oss-security] 20160630 Re: CVE Request: A read out-of-bands was found in the parsing of TGA files using libgd CVE-2016-6132
MLIST:[oss-security] 20160630 Re: CVE Request: No demangling of untrusted binaries (2) CVE-2016-6131
MLIST:[oss-security] 20160630 Re: Re: CVE request: Heap-based buffer overflow in LibTIFF when using the PixarLog compression format CVE-2016-5314
MLIST:[oss-security] 20160701 Re: SQLite Tempdir Selection Vulnerability CVE-2016-6153
MLIST:[oss-security] 20160701 SQLite Tempdir Selection Vulnerability CVE-2016-6153
MLIST:[oss-security] 20160704 Browsing and attaching images considered harmful in Linux CVE-2016-6163
MLIST:[oss-security] 20160705 CVE Request: libgd: global out of bounds read when encoding gif from malformed input with gd2togif CVE-2016-6161
MLIST:[oss-security] 20160705 CVE-2016-4979: HTTPD webserver - X509 Client certificate based authentication can be bypassed when HTTP/2 is used [vs] CVE-2016-4979
MLIST:[oss-security] 20160705 CVE-2016-6160: Segmentation fault in tcprewrite (tcpreplay) CVE-2016-6160
MLIST:[oss-security] 20160705 Re: BUG_ON crash in linux 4.7-rc6/master skbuff.c CVE-2016-6162
MLIST:[oss-security] 20160705 Re: Browsing and attaching images considered harmful in Linux CVE-2016-6163
MLIST:[oss-security] 20160705 Re: CVE Request: libgd: global out of bounds read when encoding gif from malformed input with gd2togif CVE-2016-6161
MLIST:[oss-security] 20160707 CVE Request: perl: XSLoader: could load shared library from incorrect location CVE-2016-6185
MLIST:[oss-security] 20160708 Re: CVE Request: perl: XSLoader: could load shared library from incorrect location CVE-2016-6185
MLIST:[oss-security] 20160709 Re: CVE request: apparmor: oops in apparmor_setprocattr() CVE-2016-6187
MLIST:[oss-security] 20160709 Re: CVE request: several SOGo issues (DOS, XSS, information leakage) CVE-2014-9905 CVE-2016-6188 CVE-2016-6189 CVE-2016-6190 CVE-2016-6191
MLIST:[oss-security] 20160709 Re: On anonymous CVE assignments CVE-2016-3751
MLIST:[oss-security] 20160711 Re: cvs request: local DoS using rename syscall on overlayfs on top of xfs to crash the kernel - Linux kernel CVE-2016-6197 CVE-2016-6198
MLIST:[oss-security] 20160712 Re: CVE-2016-5389: linux kernel - challange ack information leak. CVE-2016-5696
MLIST:[oss-security] 20160713 CVE Request: Write out-of-bounds in gdk-pixbuf 2.30.7 CVE-2016-6352
MLIST:[oss-security] 20160713 CVE Request: openshift-node is logging private RSA keys to the systemd journal CVE-2015-8945
MLIST:[oss-security] 20160713 CVE Requests: Information exposure caused by ecryptfs-setup-swap failures CVE-2015-8946 CVE-2016-6224
MLIST:[oss-security] 20160713 CVE request: Information leak in LibTIFF CVE-2016-6223
MLIST:[oss-security] 20160713 CVE requests for Drupal Core - SA-CORE-2016-002 CVE-2016-6211 CVE-2016-6212
MLIST:[oss-security] 20160713 Re: CVE Request: A read out-of-bands was found in the parsing of TGA files using libgd CVE-2016-6214
MLIST:[oss-security] 20160713 Re: CVE Request: openshift-node is logging private RSA keys to the systemd journal CVE-2015-8945
MLIST:[oss-security] 20160713 Re: CVE requests for Drupal Core - SA-CORE-2016-002 CVE-2016-6211 CVE-2016-6212
MLIST:[oss-security] 20160713 Re: cve request: local DoS by overflowing kernel mount table using shared bind mount CVE-2016-6213
MLIST:[oss-security] 20160714 Multiple Bugs in OpenBSD Kernel CVE-2016-6239 CVE-2016-6240 CVE-2016-6241 CVE-2016-6242 CVE-2016-6243 CVE-2016-6245 CVE-2016-6246 CVE-2016-6247
MLIST:[oss-security] 20160714 Re: CVE Requests: Information exposure caused by ecryptfs-setup-swap failures CVE-2015-8946 CVE-2016-6224
MLIST:[oss-security] 20160714 Re: CVE request: Information leak in LibTIFF CVE-2016-6223
MLIST:[oss-security] 20160715 [SECURITY] CVE-2016-4467: Apache Qpid Proton: Failure to verify that the server host name matches the certificate host name on Windows CVE-2016-4467
MLIST:[oss-security] 20160716 CVE Request for KNewStuff/KArchive issue CVE-2016-6232
MLIST:[oss-security] 20160716 Re: CVE Request for KNewStuff/KArchive issue CVE-2016-6232
MLIST:[oss-security] 20160717 Re: Multiple Bugs in OpenBSD Kernel CVE-2016-6244
MLIST:[oss-security] 20160717 Re: multiple memory corruption issues in lepton CVE-2016-6234 CVE-2016-6235 CVE-2016-6236 CVE-2016-6237 CVE-2016-6238
MLIST:[oss-security] 20160717 ReL Multiple Bugs in OpenBSD Kernel CVE-2016-6239 CVE-2016-6240 CVE-2016-6241 CVE-2016-6242 CVE-2016-6243 CVE-2016-6245 CVE-2016-6246 CVE-2016-6247
MLIST:[oss-security] 20160718 CVE request: flex: Buffer overflow in generated code (yy_get_next_buffer) CVE-2016-6354
MLIST:[oss-security] 20160718 libupnp write files via POST CVE-2016-6255
MLIST:[oss-security] 20160719 Re: subuid security patches for shadow package CVE-2016-6252
MLIST:[oss-security] 20160719 Ruining the Magic of Magento's Encryption Library CVE-2016-6485
MLIST:[oss-security] 20160719 subuid security patches for shadow package CVE-2016-6252
MLIST:[oss-security] 20160720 Buffer overflow in libarchive-3.2.0 CVE-2016-6250
MLIST:[oss-security] 20160720 CVE request: multiple issues fixed in GNU libidn 1.33 CVE-2015-8948 CVE-2016-6261 CVE-2016-6262 CVE-2016-6263
MLIST:[oss-security] 20160720 Re: CVE Request: uclibc-ng (and uclibc): ARM arch: code execution CVE-2016-6264
MLIST:[oss-security] 20160720 Re: libupnp write files via POST CVE-2016-6255
MLIST:[oss-security] 20160720 Re: subuid security patches for shadow package CVE-2016-6252
MLIST:[oss-security] 20160721 Re: Buffer overflow in libarchive-3.2.0 CVE-2016-6250
MLIST:[oss-security] 20160721 Re: CVE Request: uclibc-ng (and uclibc): ARM arch: code execution CVE-2016-6264
MLIST:[oss-security] 20160721 Re: CVE request: multiple issues fixed in GNU libidn 1.33 CVE-2015-8948 CVE-2016-6261 CVE-2016-6262 CVE-2016-6263
MLIST:[oss-security] 20160721 Re: mupdf library use after free CVE-2016-6265
MLIST:[oss-security] 20160722 panic at big_key_preparse #4.7-r6/rc7 & master CVE-2016-9313
MLIST:[oss-security] 20160724 Re: Fwd: CVE for PHP 5.5.38 issues CVE-2016-6288 CVE-2016-6289 CVE-2016-6290 CVE-2016-6291 CVE-2016-6292 CVE-2016-6293 CVE-2016-6294 CVE-2016-6295 CVE-2016-6296 CVE-2016-6297
MLIST:[oss-security] 20160725 Re: Re: [Pkg-shadow-devel] subuid security patches for shadow package CVE-2016-6252
MLIST:[oss-security] 20160725 Use after free in my_login() function of DBD::mysql (Perl module) CVE-2015-8949
MLIST:[oss-security] 20160726 CVE Request: Any User Can Panic Kernel Through Sysctl on OpenBSD CVE-2016-6350
MLIST:[oss-security] 20160726 Re: CVE Request: Any User Can Panic Kernel Through Sysctl on OpenBSD CVE-2016-6350
MLIST:[oss-security] 20160726 Re: CVE Request: Write out-of-bounds in gdk-pixbuf 2.30.7 CVE-2016-6352
MLIST:[oss-security] 20160726 Re: CVE request: flex: Buffer overflow in generated code (yy_get_next_buffer) CVE-2016-6354
MLIST:[oss-security] 20160726 Re: Use after free in my_login() function of DBD::mysql (Perl module) CVE-2015-8949
MLIST:[oss-security] 20160726 Re: cve request: systemd-machined: information exposure for docker containers CVE-2016-6349
MLIST:[oss-security] 20160727 CVE Request: DBD-mysql: use-after-free in mysql_dr_error CVE-2014-9906
MLIST:[oss-security] 20160727 Re: CVE Request: DBD-mysql: use-after-free in mysql_dr_error CVE-2014-9906
MLIST:[oss-security] 20160727 Re: Ruining the Magic of Magento's Encryption Library CVE-2016-6485
MLIST:[oss-security] 20160728 CVE request: Wireshark 2.0.5 and 1.12.13 security releases CVE-2016-6503 CVE-2016-6504 CVE-2016-6505 CVE-2016-6506 CVE-2016-6507 CVE-2016-6508 CVE-2016-6509 CVE-2016-6510 CVE-2016-6511 CVE-2016-6512 CVE-2016-6513
MLIST:[oss-security] 20160728 CVE-Request Buffer overflow ImageMagick CVE-2016-6491
MLIST:[oss-security] 20160728 Re: CVE-Request Buffer overflow ImageMagick CVE-2016-6491
MLIST:[oss-security] 20160729 CVE Request: uclibc-ng (and uclibc): ARM arch: code execution CVE-2016-6264
MLIST:[oss-security] 20160729 CVE request: mongodb: world-readable .dbshell history file CVE-2016-6494
MLIST:[oss-security] 20160729 Re: CVE Request: nettle's RSA code is vulnerable to cache sharing related attacks CVE-2016-6489
MLIST:[oss-security] 20160729 Re: CVE request: mongodb: world-readable .dbshell history file CVE-2016-6494
MLIST:[oss-security] 20160731 CVE Request: Linux <= 4.5 double fetch leading to heap overflow CVE-2016-6516
MLIST:[oss-security] 20160801 Announce: OpenSSH 7.3 released CVE-2016-6515
MLIST:[oss-security] 20160801 CVE Request: CSRF in Grails console CVE-2016-6521
MLIST:[oss-security] 20160801 CVE:Request - Path Traversal Barebone.jsp - Liferay 5.1.0 CVE-2016-6517
MLIST:[oss-security] 20160801 Re: CVE:Request - Path Traversal Barebone.jsp - Liferay 5.1.0 CVE-2016-6517
MLIST:[oss-security] 20160802 CVE Request ImageMagick buffer overflow CVE-2016-6520
MLIST:[oss-security] 20160802 CVE Request: Denial-of-Service / Unexploitable Memory Corruption in mmap() on OpenBSD CVE-2016-6522
MLIST:[oss-security] 20160802 CVE request: XSS vulns in Dotclear v2.9.1 CVE-2016-6523
MLIST:[oss-security] 20160802 Re: CVE Request ImageMagick buffer overflow CVE-2016-6520
MLIST:[oss-security] 20160802 Re: CVE Request: CSRF in Grails console CVE-2016-6521
MLIST:[oss-security] 20160802 Re: CVE Request: Denial-of-Service / Unexploitable Memory Corruption in mmap() on OpenBSD CVE-2016-6522
MLIST:[oss-security] 20160802 Re: CVE request: XSS vulns in Dotclear v2.9.1 CVE-2016-6523
MLIST:[oss-security] 20160803 Grails Console is still vulnerable to CSRF CVE-2016-6521 CVE-2016-6521
MLIST:[oss-security] 20160803 Re: CVE request:Heap overflow vulns in MuPDF CVE-2016-6525
MLIST:[oss-security] 20160804 Re: cve request: docker swarmkit Dos occurs by repeatly joining and quitting swam cluster as a node CVE-2016-6595
MLIST:[oss-security] 20160805 CVE Request - Samsung Exynos fimg2d NULL Pointer Dereference CVE-2016-6604
MLIST:[oss-security] 20160805 Fwd: CVE request - samsumg android phone SVE-2016-6244 Possible Privilege Escalation in telecom CVE-2016-6526 CVE-2016-6527
MLIST:[oss-security] 20160809 FreeBSD update components vulns (libarchive, bsdiff, portsnap) CVE-2016-5418
MLIST:[oss-security] 20160811 CVE Requests Facebook HHVM CVE-2016-6870 CVE-2016-6871 CVE-2016-6872 CVE-2016-6873 CVE-2016-6874 CVE-2016-6875
MLIST:[oss-security] 20160811 [CVE-2016-6316] Possible XSS Vulnerability in Action View CVE-2016-6316
MLIST:[oss-security] 20160811 [CVE-2016-6317] Unsafe Query Generation Risk in Active Record CVE-2016-6317
MLIST:[oss-security] 20160812 [CVE-2016-6671] ffmpeg buffer overflow when decoding swf CVE-2016-6671
MLIST:[oss-security] 20160813 libav: heap-based buffer overflow in ff_audio_resample (resample.c) CVE-2016-6832
MLIST:[oss-security] 20160816 CVE Request: Default password in openstack / crowbar trove CVE-2016-6829
MLIST:[oss-security] 20160816 firewalld: Firewall configuration can be modified by any logged in user CVE-2016-5410
MLIST:[oss-security] 20160817 Re: CVE Request - Samsung Exynos fimg2d NULL Pointer Dereference CVE-2016-6604
MLIST:[oss-security] 20160817 Re: CVE Request: Default password in openstack / crowbar trove CVE-2016-6829
MLIST:[oss-security] 20160817 Re: libav: heap-based buffer overflow in ff_audio_resample (resample.c) CVE-2016-6832
MLIST:[oss-security] 20160818 CVE request - slock, all versions NULL pointer dereference CVE-2016-6866
MLIST:[oss-security] 20160818 CVE-2016-6323: Missing unwind information on ARM EABI (32-bit) causes backtrace generation to hang CVE-2016-6323
MLIST:[oss-security] 20160818 Re: CVE Requests Facebook HHVM CVE-2016-6870 CVE-2016-6871 CVE-2016-6872 CVE-2016-6873 CVE-2016-6874 CVE-2016-6875
MLIST:[oss-security] 20160818 Re: CVE request - slock, all versions NULL pointer dereference CVE-2016-6866
MLIST:[oss-security] 20160818 potrace: multiple crashes CVE-2016-8694 CVE-2016-8695 CVE-2016-8696 CVE-2016-8697 CVE-2016-8698 CVE-2016-8699 CVE-2016-8700 CVE-2016-8701 CVE-2016-8702 CVE-2016-8703
MLIST:[oss-security] 20160819 CVE Request: Qemu: net: vmxnet: integer overflow in packet initialisation CVE-2016-6888
MLIST:[oss-security] 20160819 Re: CVE Request: Qemu: net: vmxnet: integer overflow in packet initialisation CVE-2016-6888
MLIST:[oss-security] 20160819 Re: CVE request: MatrixSSL lack of RSA-CRT hardening CVE-2016-6882 CVE-2016-6883 CVE-2016-6884
MLIST:[oss-security] 20160820 Path traversal vulnerability in WordPress Core Ajax handlers CVE-2016-10148 CVE-2016-6896 CVE-2016-6897
MLIST:[oss-security] 20160822 CVE request: Linux kernel mbcache lock contention denial of service. CVE-2015-8952
MLIST:[oss-security] 20160822 Re: CVE Request: libgd: Out-Of-Bounds Read in function read_image_tga of gd_tga.c CVE-2016-6905
MLIST:[oss-security] 20160822 Re: CVE Request: lshell: shell outbreak vulnerabilities via bad syntax parse and multiline commands CVE-2016-6902 CVE-2016-6903
MLIST:[oss-security] 20160823 Fuzzing jasper CVE-2016-8690 CVE-2016-8691 CVE-2016-8692 CVE-2016-8693
MLIST:[oss-security] 20160823 cve request: overlayfs: Fix dentry reference leak CVE-2015-8953
MLIST:[oss-security] 20160825 Re: CVE request: Linux kernel mbcache lock contention denial of service. CVE-2015-8952
MLIST:[oss-security] 20160827 MantisBT weakened CSP when using bundled Gravatar plugin CVE-2016-7111
MLIST:[oss-security] 20160829 Re: MantisBT weakened CSP when using bundled Gravatar plugin CVE-2016-7111
MLIST:[oss-security] 20160831 CVE request: Kernel Oops when issuing fcntl on an AUFS directory CVE-2016-7118
MLIST:[oss-security] 20160831 Re: CVE request: Kernel Oops when issuing fcntl on an AUFS directory CVE-2016-7118
MLIST:[oss-security] 20160901 Re: cve request: docker swarmkit Dos occurs by repeatly joining and quitting swam cluster as a node CVE-2016-6595
MLIST:[oss-security] 20160902 Re: CVE assignment for PHP 5.6.25 and 7.0.10 - and libcurl CVE-2016-7124 CVE-2016-7125 CVE-2016-7126 CVE-2016-7127 CVE-2016-7128 CVE-2016-7129 CVE-2016-7130 CVE-2016-7131 CVE-2016-7132 CVE-2016-7133 CVE-2016-7134
MLIST:[oss-security] 20160902 Re: cve request: docker swarmkit Dos occurs by repeatly joining and quitting swam cluster as a node CVE-2016-6595
MLIST:[oss-security] 20160904 CVE ID request: certificate spoofing through crafted SASL message in inspircd, charybdis CVE-2016-7142 CVE-2016-7143 CVE-2016-7144
MLIST:[oss-security] 20160905 Re: CVE ID request: certificate spoofing through crafted SASL message in inspircd, charybdis CVE-2016-7142 CVE-2016-7143 CVE-2016-7144 CVE-2016-7145
MLIST:[oss-security] 20160905 Re: CVE request: Plone multiple vulnerabilities CVE-2016-7135 CVE-2016-7136 CVE-2016-7137 CVE-2016-7138 CVE-2016-7139 CVE-2016-7140
MLIST:[oss-security] 20160906 CVE Request Qemu: scsi: mptsas: invalid memory access while building configuration pages CVE-2016-7157
MLIST:[oss-security] 20160906 CVE request: Qemu: scsi: pvscsi: OOB read and infinite loop while setting descriptor rings CVE-2016-7155
MLIST:[oss-security] 20160906 CVE request: Qemu: scsi: pvscsi: infintie loop when building SG list CVE-2016-7156
MLIST:[oss-security] 20160906 GraphicsMagick 1.3.25 fixes some security issues CVE-2016-2317 CVE-2016-2318
MLIST:[oss-security] 20160906 Re: CVE Request Qemu: scsi: mptsas: invalid memory access while building configuration pages CVE-2016-7157
MLIST:[oss-security] 20160906 Re: CVE request: Qemu: scsi: pvscsi: OOB read and infinite loop while setting descriptor rings CVE-2016-7155
MLIST:[oss-security] 20160906 Re: CVE request: Qemu: scsi: pvscsi: infintie loop when building SG list CVE-2016-7156
MLIST:[oss-security] 20160907 ADOdb PDO driver: incorrect quoting may allow SQL injection CVE-2016-7405
MLIST:[oss-security] 20160908 CVE Request : Libtorrent 1.1.0 inflate_gzip denial of service CVE-2016-7164
MLIST:[oss-security] 20160908 CVE Request: OpenJPEG Integer Overflow Issue CVE-2016-7163
MLIST:[oss-security] 20160908 CVE request: libarchive (pre 3.2.0) denial of service with gzip quine CVE-2016-7166
MLIST:[oss-security] 20160908 New security advisory for Apache CXF Fediz - CVE-2016-4464 CVE-2016-4464
MLIST:[oss-security] 20160908 Persistent Cross-Site Scripting vulnerability in WordPress due to unsafe processing of file names CVE-2016-7168
MLIST:[oss-security] 20160908 Re: CVE Request : Libtorrent 1.1.0 inflate_gzip denial of service CVE-2016-7164
MLIST:[oss-security] 20160908 Re: CVE Request: File Roller path traversal CVE-2016-7162
MLIST:[oss-security] 20160908 Re: CVE Request: OpenJPEG Heap Buffer Overflow Issue CVE-2016-5157
MLIST:[oss-security] 20160908 Re: CVE Request: OpenJPEG Integer Overflow Issue CVE-2016-7163
MLIST:[oss-security] 20160908 Re: CVE request: libarchive (pre 3.2.0) denial of service with gzip quine CVE-2016-7166
MLIST:[oss-security] 20160908 Re: Persistent Cross-Site Scripting vulnerability in WordPress due to unsafe processing of file names CVE-2016-7168
MLIST:[oss-security] 20160909 PowerDNS Security Advisory 2016-01: Crafted queries can cause unexpected backend load CVE-2016-5426 CVE-2016-5427
MLIST:[oss-security] 20160910 Re: autotrace: out-of-bounds write CVE-2016-7392
MLIST:[oss-security] 20160910 Re: libav: out-of-bounds stack read CVE-2016-7393
MLIST:[oss-security] 20160912 CVE Request: XSS vulns in b2evolution v6.7.5 CVE-2016-7149 CVE-2016-7150
MLIST:[oss-security] 20160912 CVE-2016-6662 - MySQL Remote Root Code Execution / Privilege Escalation ( 0day ) CVE-2016-6662
MLIST:[oss-security] 20160913 Re: autotrace: out-of-bounds write CVE-2016-7392
MLIST:[oss-security] 20160914 CVE request -libdwarf 06/13/2016 heap-buffer-overflow CVE-2016-7410
MLIST:[oss-security] 20160914 CVE-2016-6801: CSRF in Jackrabbit-Webdav using empty content-type CVE-2016-6801
MLIST:[oss-security] 20160915 CVE-2016-6519: openstack-manila: Persistent XSS in Metadata field CVE-2016-6519
MLIST:[oss-security] 20160915 Re: ADOdb PDO driver: incorrect quoting may allow SQL injection CVE-2016-7405
MLIST:[oss-security] 20160915 Re: CVE Request: XSS vulns in b2evolution v6.7.5 CVE-2016-7149 CVE-2016-7150
MLIST:[oss-security] 20160915 Re: CVE assignment for PHP 5.6.26 and 7.0.11 CVE-2016-7411 CVE-2016-7412 CVE-2016-7413 CVE-2016-7414 CVE-2016-7415 CVE-2016-7416 CVE-2016-7417 CVE-2016-7418
MLIST:[oss-security] 20160915 Re: CVE request -libdwarf 06/13/2016 heap-buffer-overflow CVE-2016-7410
MLIST:[oss-security] 20160915 Re: CVE request for Dropbear SSH <2016.74 CVE-2016-7406 CVE-2016-7407 CVE-2016-7408 CVE-2016-7409
MLIST:[oss-security] 20160915 Re: Does a documentation bug elevate to CVE status? - Crypto++ CVE-2016-7420
MLIST:[oss-security] 20160916 CVE-2016-0634 -- bash prompt expanding $HOSTNAME CVE-2016-0634
MLIST:[oss-security] 20160916 Re: CVE-2016-0634 -- bash prompt expanding $HOSTNAME CVE-2016-0634
MLIST:[oss-security] 20160916 Re: libav: NULL pointer dereference in put_no_rnd_pixels8_xy2_mmx (rnd_template.c) CVE-2016-7424
MLIST:[oss-security] 20160916 Re: linux kernel SCSI arcmsr driver: buffer overflow in arcmsr_iop_message_xfer() CVE-2016-7425
MLIST:[oss-security] 20160916 [SECURITY] CVE-2016-5017: Buffer overflow vulnerability in ZooKeeper C cli shell CVE-2016-5017
MLIST:[oss-security] 20160917 Re: Re: libav: NULL pointer dereference in put_no_rnd_pixels8_xy2_mmx (rnd_template.c) CVE-2016-7424
MLIST:[oss-security] 20160917 libav: NULL pointer dereference in put_no_rnd_pixels8_xy2_mmx (rnd_template.c) CVE-2016-7424
MLIST:[oss-security] 20160918 CVE request - openjpeg null ptr dereference CVE-2016-7445
MLIST:[oss-security] 20160918 CVE request : Exponent CMS 2.3.9 SQL injection vulnerabilities CVE-2016-7400
MLIST:[oss-security] 20160918 Re: CVE request - openjpeg null ptr dereference CVE-2016-7445
MLIST:[oss-security] 20160918 Re: CVE request : Exponent CMS 2.3.9 SQL injection vulnerabilities CVE-2016-7400
MLIST:[oss-security] 20160918 Re: CVE-2016-0634 -- bash prompt expanding $HOSTNAME CVE-2016-0634
MLIST:[oss-security] 20160918 Re: GraphicsMagick 1.3.25 fixes some security issues CVE-2016-2317 CVE-2016-2318 CVE-2016-7446 CVE-2016-7447 CVE-2016-7448 CVE-2016-7449
MLIST:[oss-security] 20160919 CVE Request - Ruby OpenSSL Library - IV Reuse in GCM Mode CVE-2016-7798
MLIST:[oss-security] 20160919 Re: CVE-2016-0634 -- bash prompt expanding $HOSTNAME CVE-2016-0634
MLIST:[oss-security] 20160920 Re: CVE-2016-0634 -- bash prompt expanding $HOSTNAME CVE-2016-0634
MLIST:[oss-security] 20160920 Re: Possible CVE for TLS protocol issue CVE-2015-8960
MLIST:[oss-security] 20160921 Re: CVE request - mujs Heap-Buffer-Overflow write and OOB Read CVE-2016-7563 CVE-2016-7564
MLIST:[oss-security] 20160921 Re: libav: NULL pointer dereference in ff_put_pixels8_xy2_mmx (rnd_template.c) CVE-2016-7477
MLIST:[oss-security] 20160921 Re: libav: divide-by-zero in sbr_make_f_master (aacsbr.c) CVE-2016-7499
MLIST:[oss-security] 20160922 CVE Assignment for Crypto++ and "AES and incorrect argument to _freea() under Microsoft compilers" CVE-2016-7544
MLIST:[oss-security] 20160922 CVE Request - Exponent CMS 2.3.9 multi-vulnerabilities in install code CVE-2016-7565 CVE-2016-7790
MLIST:[oss-security] 20160922 Re: CVE Requests: Various ImageMagick issues (as reported in the Debian BTS) CVE-2014-9907 CVE-2015-8957 CVE-2015-8958 CVE-2015-8959 CVE-2016-7513 CVE-2016-7514 CVE-2016-7515 CVE-2016-7516 CVE-2016-7517 CVE-2016-7518 CVE-2016-7519 CVE-2016-7520 CVE-2016-7521 CVE-2016-7522 CVE-2016-7525 CVE-2016-7526 CVE-2016-7527 CVE-2016-7528 CVE-2016-7529 CVE-2016-7530 CVE-2016-7531 CVE-2016-7532 CVE-2016-7533 CVE-2016-7534 CVE-2016-7535 CVE-2016-7536 CVE-2016-7537 CVE-2016-7538 CVE-2016-7539 CVE-2016-7540
MLIST:[oss-security] 20160923 CVE request Qemu: hw: net: Fix a heap overflow in xlnx.xps-ethernetlite CVE-2016-7161
MLIST:[oss-security] 20160923 Re: CVE Assignment for Crypto++ and "AES and incorrect argument to _freea() under Microsoft compilers" CVE-2016-7544
MLIST:[oss-security] 20160923 Re: CVE request Qemu: hw: net: Fix a heap overflow in xlnx.xps-ethernetlite CVE-2016-7161
MLIST:[oss-security] 20160924 CVE Request: irssi: information disclosure vulnerabilit in buf.pl CVE-2016-7553
MLIST:[oss-security] 20160925 CVE-2016-7545 -- SELinux sandbox escape CVE-2016-7545
MLIST:[oss-security] 20160926 CVE-2016-6823 - ImageMagick BMP Coder Out-Of-Bounds Write Vulnerability CVE-2016-6823
MLIST:[oss-security] 20160926 CVE-2016-7101 - ImageMagick SGI Coder Out-Of-Bounds Read Vulnerability CVE-2016-7101
MLIST:[oss-security] 20160926 CVE-2016-7543 -- bash SHELLOPTS+PS4 CVE-2016-7543
MLIST:[oss-security] 20160926 Re: CVE Request: irssi: information disclosure vulnerabilit in buf.pl CVE-2016-7553
MLIST:[oss-security] 20160926 [CVE-2016-6881] ffmpeg endless loop when dealing with craft swf file. CVE-2016-6881
MLIST:[oss-security] 20160927 CVE Request - OpenSLP 2.0 Memory Corruption CVE-2016-7567
MLIST:[oss-security] 20160927 Re: Re: CVE-2016-0634 -- bash prompt expanding $HOSTNAME CVE-2016-0634
MLIST:[oss-security] 20160928 CVE Request: docker2aci: Path traversals present in image converting CVE-2016-7569
MLIST:[oss-security] 20160928 CVE Request: systemd v209+: local denial-of-service attack CVE-2016-7795
MLIST:[oss-security] 20160928 Re: CVE Request - OpenSLP 2.0 Memory Corruption CVE-2016-7567
MLIST:[oss-security] 20160928 Re: CVE Request: docker2aci: Path traversals present in image converting CVE-2016-7569
MLIST:[oss-security] 20160928 Re: CVE request - mujs Heap-Buffer-Overflow write and OOB Read CVE-2016-7563 CVE-2016-7564
MLIST:[oss-security] 20160928 Re: ImageMagick identify "d:" hangs CVE-2016-7977
MLIST:[oss-security] 20160929 Re: ImageMagick identify "d:" hangs CVE-2013-5653
MLIST:[oss-security] 20160929 Re: Re: CVE-2016-0634 -- bash prompt expanding $HOSTNAME CVE-2016-0634
MLIST:[oss-security] 20160929 Re: kdesu vulnerability: need CVE CVE-2016-7787
MLIST:[oss-security] 20160930 CVE Request: zendframework SQL injections CVE-2015-7695
MLIST:[oss-security] 20160930 Re: CVE Request - Ruby OpenSSL Library - IV Reuse in GCM Mode CVE-2016-7798
MLIST:[oss-security] 20160930 Re: CVE Request: systemd v209+: local denial-of-service attack CVE-2016-7795 CVE-2016-7796
MLIST:[oss-security] 20160930 Re: CVE Request: zendframework SQL injections CVE-2015-7695
MLIST:[oss-security] 20160930 Re: git-hub: missing sanitization of data received from GitHub CVE-2016-7793 CVE-2016-7794
MLIST:[oss-security] 20161001 Re: GraphicsMagick CVE request: 8BIM/8BIMW unsigned underflow leads to heap overflow CVE-2016-7800
MLIST:[oss-security] 20161001 Re: imagemagick mogrify global buffer overflow CVE-2016-7799
MLIST:[oss-security] 20161001 imagemagick mogrify global buffer overflow CVE-2016-7799
MLIST:[oss-security] 20161002 Re: imagemagick mogrify use after free CVE-2016-7906
MLIST:[oss-security] 20161002 imagemagick mogrify use after free CVE-2016-7906
MLIST:[oss-security] 20161004 Re: CVE request for code execution via gem name collission in bundler (was Re: CVE Request) CVE-2016-7954
MLIST:[oss-security] 20161004 Re: Handful of libass issues CVE-2016-7969 CVE-2016-7970 CVE-2016-7972
MLIST:[oss-security] 20161004 Re: KMail vulnerabilites: need 3 CVE CVE-2016-7966 CVE-2016-7967 CVE-2016-7968
MLIST:[oss-security] 20161004 Re: Re: CVE request for code execution via gem name collission in bundler (was Re: CVE Request) CVE-2016-7954
MLIST:[oss-security] 20161004 Re: X.Org security advisory: Protocol handling issues in X Window System client libraries CVE-2016-5407 CVE-2016-7942 CVE-2016-7943 CVE-2016-7944 CVE-2016-7945 CVE-2016-7946 CVE-2016-7947 CVE-2016-7948 CVE-2016-7949 CVE-2016-7950 CVE-2016-7951 CVE-2016-7952 CVE-2016-7953
MLIST:[oss-security] 20161004 X.Org security advisory: Protocol handling issues in X Window System client libraries CVE-2016-5407 CVE-2016-7942 CVE-2016-7943 CVE-2016-7944 CVE-2016-7945 CVE-2016-7947 CVE-2016-7948 CVE-2016-7949 CVE-2016-7950 CVE-2016-7951 CVE-2016-7952 CVE-2016-7953
MLIST:[oss-security] 20161005 CVE-2016-7902: Dotclear <= 2.10.2 (Media Manager) Unrestricted File Upload CVE-2016-7902
MLIST:[oss-security] 20161005 CVE-2016-7903: Dotclear <= 2.10.2 Password Reset Address Spoof CVE-2016-7903
MLIST:[oss-security] 20161005 Re: CVE Request - multiple ghostscript -dSAFER sandbox problems CVE-2016-7977 CVE-2016-7978 CVE-2016-7979
MLIST:[oss-security] 20161005 Re: CVE request: sunxi-debug (root privilege escalation in Allwinner kernel) CVE-2016-10225
MLIST:[oss-security] 20161005 SPIP vulnerabilities: request for 5 CVE CVE-2016-7980 CVE-2016-7981 CVE-2016-7982 CVE-2016-7998 CVE-2016-7999
MLIST:[oss-security] 20161006 Re: SPIP vulnerabilities: request for 5 CVE CVE-2016-7980 CVE-2016-7981 CVE-2016-7982
MLIST:[oss-security] 20161006 [SECURITY] CVE-2016-6808 Apache Tomcat JK ISAPI Connector buffer overflow CVE-2016-6808
MLIST:[oss-security] 20161007 GraphicsMagick CVE Request - WPG Reader Issues CVE-2016-7996 CVE-2016-7997
MLIST:[oss-security] 20161007 Re: Re: CVE-2016-0634 -- bash prompt expanding $HOSTNAME CVE-2016-0634
MLIST:[oss-security] 20161007 Re: SPIP vulnerabilities: request for 5 CVE CVE-2016-7998 CVE-2016-7999
MLIST:[oss-security] 20161008 Re: CVE request: invalid memory accesses parsing object files in libgit2 CVE-2016-8568 CVE-2016-8569
MLIST:[oss-security] 20161008 Re: GraphicsMagick CVE Request - WPG Reader Issues CVE-2016-7996 CVE-2016-7997
MLIST:[oss-security] 20161008 Re: SPIP vulnerabilities: request for 5 CVE CVE-2016-7998 CVE-2016-7999
MLIST:[oss-security] 20161008 ffmpeg before 3.1.4 [CVE-2016-7562] [CVE-2016-7122] [CVE-2016-7450] [CVE-2016-7502] [CVE-2016-7555] [CVE-2016-7785] [CVE-2016-7905] CVE-2016-7122 CVE-2016-7450 CVE-2016-7502 CVE-2016-7555 CVE-2016-7562 CVE-2016-7785 CVE-2016-7905
MLIST:[oss-security] 20161008 potrace: invalid memory access in findnext (decompose.c) CVE-2016-8685
MLIST:[oss-security] 20161010 CVE-2016-7039 Kernel: net: unbounded recursion in the vlan GRO processing CVE-2016-7039
MLIST:[oss-security] 20161010 RE: Re: CVE-2016-0634 -- bash prompt expanding $HOSTNAME CVE-2016-0634
MLIST:[oss-security] 20161010 Re: Re: CVE-2016-0634 -- bash prompt expanding $HOSTNAME CVE-2016-0634
MLIST:[oss-security] 20161011 Re: CVE Request - multiple ghostscript -dSAFER sandbox problems CVE-2016-8602
MLIST:[oss-security] 20161011 Re: CVE Request: zendframework SQL injections CVE-2015-7695
MLIST:[oss-security] 20161012 CVE-2016-7980: SPIP 3.1.2 Exec Code Cross-Site Request Forgery CVE-2016-7980
MLIST:[oss-security] 20161012 CVE-2016-7981: SPIP 3.1.2 Reflected Cross-Site Scripting CVE-2016-7981
MLIST:[oss-security] 20161012 CVE-2016-7982: SPIP 3.1.1/3.1.2 File Enumeration / Path Traversal CVE-2016-7982
MLIST:[oss-security] 20161012 CVE-2016-7999: SPIP 3.1.2 Server Side Request Forgery CVE-2016-7999
MLIST:[oss-security] 20161012 Re: CVE request: GNU Guile <= 2.0.12: REPL server vulnerable to HTTP inter-protocol attacks CVE-2016-8606
MLIST:[oss-security] 20161012 Re: CVE request: GNU Guile <= 2.0.12: Thread-unsafe umask modification CVE-2016-8605
MLIST:[oss-security] 20161012 bubblewrap LPE CVE-2016-8659
MLIST:[oss-security] 20161013 CVE Request: another recursion in GRE CVE-2016-8666
MLIST:[oss-security] 20161013 CVE request: kernel - local DoS due to a page lock order bug in the XFS seek hole/data implementation CVE-2016-8660
MLIST:[oss-security] 20161013 Re: CVE Request -- Broadcom Wifi Driver Brcmfmac brcmf_cfg80211_start_ap Buffer Overflow CVE-2016-8658
MLIST:[oss-security] 20161013 Re: bubblewrap LPE CVE-2016-8659
MLIST:[oss-security] 20161013 Re: cve request: systemd-machined: information exposure for docker containers CVE-2016-6349
MLIST:[oss-security] 20161013 kernel: Stack corruption while reading /proc/keys (CVE-2016-7042) CVE-2016-7042
MLIST:[oss-security] 20161015 CVE Request: libgd: Stack Buffer Overflow in GD dynamicGetbuf CVE-2016-8670
MLIST:[oss-security] 20161015 Re: Fuzzing jasper CVE-2016-8690 CVE-2016-8691 CVE-2016-8692 CVE-2016-8693
MLIST:[oss-security] 20161015 Re: Libarchive/bsdtar: multiple crashes CVE-2016-8687 CVE-2016-8688 CVE-2016-8689
MLIST:[oss-security] 20161015 Re: Update on MatrixSSL miscalculation (incomplete fix for CVE-2016-6887) CVE-2016-8671
MLIST:[oss-security] 20161015 Re: graphicsmagick: memory allocation failure in MagickMalloc (memory.c) CVE-2016-8684
MLIST:[oss-security] 20161015 Re: graphicsmagick: memory allocation failure in ReadPCXImage (pcx.c) CVE-2016-8683
MLIST:[oss-security] 20161015 Re: graphicsmagick: stack-based buffer overflow in ReadSCTImage (sct.c) CVE-2016-8682
MLIST:[oss-security] 20161015 Re: imagemagick: heap-based buffer overflow in IsPixelMonochrome (pixel-accessor.h) CVE-2016-8678
MLIST:[oss-security] 20161015 Re: imagemagick: memory allocate failure in AcquireQuantumPixels (quantum.c) CVE-2016-8677
MLIST:[oss-security] 20161015 Re: libav: null pointer dereference in get_vlc2 (get_bits.h) CVE-2016-8675 CVE-2016-8676
MLIST:[oss-security] 20161015 Re: libdwarf: heap-based buffer overflow in _dwarf_get_abbrev_for_code (dwarf_util.c) CVE-2016-8680
MLIST:[oss-security] 20161015 Re: libdwarf: heap-based buffer overflow in _dwarf_get_abbrev_for_code (dwarf_util.c) (ANOTHER ONE) CVE-2016-8681
MLIST:[oss-security] 20161015 Re: libdwarf: heap-based buffer overflow in _dwarf_get_size_of_val (dwarf_util.c) CVE-2016-8679
MLIST:[oss-security] 20161015 Re: mupdf: use-after-free in pdf_to_num (pdf-object.c) CVE-2016-8674
MLIST:[oss-security] 20161015 Re: potrace: invalid memory access in findnext (decompose.c) CVE-2016-8685
MLIST:[oss-security] 20161015 Re: potrace: memory allocation failure CVE-2016-8686
MLIST:[oss-security] 20161015 Re: potrace: multiple crashes CVE-2016-8694 CVE-2016-8695 CVE-2016-8696 CVE-2016-8697 CVE-2016-8698 CVE-2016-8699 CVE-2016-8700 CVE-2016-8701 CVE-2016-8702 CVE-2016-8703
MLIST:[oss-security] 20161015 Update on MatrixSSL miscalculation (incomplete fix for CVE-2016-6887) CVE-2016-8671
MLIST:[oss-security] 20161017 Re: Re: Fuzzing jasper CVE-2016-8882 CVE-2016-8883
MLIST:[oss-security] 20161018 CVE Request - TRE & musl libc regex integer overflows in buffer size computations CVE-2016-8859
MLIST:[oss-security] 20161019 CVE Request: OpenSSH: Memory exhaustion issue found in OpenSSH CVE-2016-8858
MLIST:[oss-security] 20161019 Re: CVE request for tor CVE-2016-8860
MLIST:[oss-security] 20161019 Re: Re: CVE Request - multiple ghostscript -dSAFER sandbox problems CVE-2016-7976
MLIST:[oss-security] 20161020 Re: Re: CVE Request: OpenSSH: Memory exhaustion issue found in OpenSSH CVE-2016-8858
MLIST:[oss-security] 20161020 Re: imagemagick: memory allocation failure in AcquireMagickMemory (memory.c) CVE-2016-8862
MLIST:[oss-security] 20161020 imagemagick: memory allocation failure in AcquireMagickMemory (memory.c) (incomplete fix for CVE-2016-8862) CVE-2016-8862 CVE-2016-8866
MLIST:[oss-security] 20161021 CVE-2016-5195 "Dirty COW" Linux kernel privilege escalation vulnerability CVE-2016-5195
MLIST:[oss-security] 20161021 Re: imagemagick: memory allocation failure in AcquireMagickMemory (memory.c) (incomplete fix for CVE-2016-8862) CVE-2016-8866
MLIST:[oss-security] 20161022 Re: Fuzzing jasper CVE-2016-8882 CVE-2016-8883
MLIST:[oss-security] 20161022 Re: jasper: NULL pointer dereference in jp2_colr_destroy (jp2_cod.c) CVE-2016-8887
MLIST:[oss-security] 20161022 Re: jasper: memory allocation failure in jas_malloc (jas_malloc.c) CVE-2016-8886
MLIST:[oss-security] 20161022 Re: jasper: two NULL pointer dereference in bmp_getdata (bmp_dec.c) (Incomplete fix for CVE-2016-8690) CVE-2016-8884 CVE-2016-8885
MLIST:[oss-security] 20161023 Re: jasper: two NULL pointer dereference in bmp_getdata (bmp_dec.c) (Incomplete fix for CVE-2016-8690) CVE-2016-8884 CVE-2016-8885
MLIST:[oss-security] 20161023 jasper: NULL pointer dereference in jp2_colr_destroy (jp2_cod.c) (incomplete fix for CVE-2016-8887) CVE-2016-8887
MLIST:[oss-security] 20161025 Re: CVE-2016-6662 - MySQL Remote Root Code Execution / Privilege Escalation ( 0day ) CVE-2016-6663
MLIST:[oss-security] 20161025 Re: CVE-2016-7545 -- SELinux sandbox escape CVE-2016-9016
MLIST:[oss-security] 20161025 Re: CVE-2016-7545 -- SELinux sandbox escape - Firejail is CVE-2016-9016 CVE-2016-9016
MLIST:[oss-security] 20161025 Re: Re: jasper: memory allocation failure in jas_malloc (jas_malloc.c) CVE-2016-8886
MLIST:[oss-security] 20161025 Re: libwmf: memory allocation failure in wmf_malloc (api.c) CVE-2016-9011
MLIST:[oss-security] 20161026 Re: CVE-2016-5195 "Dirty COW" Linux kernel privilege escalation vulnerability CVE-2016-5195
MLIST:[oss-security] 20161027 CVE-2016-5195 test case CVE-2016-5195
MLIST:[oss-security] 20161027 CVE-2016-7067 - CSRF in Monit Service Manager CVE-2016-7067
MLIST:[oss-security] 20161027 CVE-2016-9015: Python urllib3 1.17 and 1.18 certificate verification failure CVE-2016-9015
MLIST:[oss-security] 20161027 Re: CVE requests: some issues in gif2webp CVE-2016-9085
MLIST:[oss-security] 20161027 Re: librsvg and cairo are causing libpng to write out-of-bounds CVE-2016-9082
MLIST:[oss-security] 20161027 kernel: low-severity vfio driver integer overflow CVE-2016-9083 CVE-2016-9084
MLIST:[oss-security] 20161029 Re: CVE Request - TRE & musl libc regex integer overflows in buffer size computations CVE-2016-8859
MLIST:[oss-security] 20161030 Re: CVE request - integer overflow and crash parsing regex in mujs CVE-2016-9108
MLIST:[oss-security] 20161030 Re: CVE request - mujs Heap-Buffer-Overflow write and OOB Read CVE-2016-9109
MLIST:[oss-security] 20161030 Re: CVE-2016-5195 test case CVE-2016-5195
MLIST:[oss-security] 20161030 Re: Re: CVE request - mujs Heap-Buffer-Overflow write and OOB Read CVE-2016-9109
MLIST:[oss-security] 20161030 Re: gajim otr plugin cleartext leak CVE-2016-9107
MLIST:[oss-security] 20161030 gajim otr plugin cleartext leak CVE-2016-9107
MLIST:[oss-security] 20161101 Re: CVE assignment for PHP 5.6.27 and 7.0.12 CVE-2016-9137 CVE-2016-9138
MLIST:[oss-security] 20161103 CVE-2016-7035 - pacemaker - improper IPC guarding CVE-2016-7035
MLIST:[oss-security] 20161103 Re: CVE-2016-5195 "Dirty COW" Linux kernel privilege escalation vulnerability CVE-2016-5195
MLIST:[oss-security] 20161104 CVE request: Escape Sequence Command Execution vulnerability in Terminology 0.7 CVE-2015-8971
MLIST:[oss-security] 20161104 Re: CVE request: Escape Sequence Command Execution vulnerability in Terminology 0.7 CVE-2015-8971
MLIST:[oss-security] 20161104 Re: CVE request: XXE in perl Image:nfo and XML:wig CVE-2016-9180 CVE-2016-9181
MLIST:[oss-security] 20161104 Re: CVE requestynx invalid URL parsing with '?' CVE-2016-9179
MLIST:[oss-security] 20161104 Re: kernel: fix minor infoleak in get_user_ex() CVE-2016-9178
MLIST:[oss-security] 20161105 CVE request: Null pointer derefence parsing xml file using libxml 2.9.4 (in recover mode) CVE-2017-5969
MLIST:[oss-security] 20161105 Re: CVE request: linux kernel - local DoS with cgroup offline code CVE-2016-9191
MLIST:[oss-security] 20161107 Re: CVE request - mujs Heap-Buffer-Overflow write and OOB Read CVE-2016-9109
MLIST:[oss-security] 20161107 Re: CVE request: Escape Sequence Command Execution vulnerability in Terminology 0.7 CVE-2015-8971
MLIST:[oss-security] 20161107 Re: Re: kernel: fix minor infoleak in get_user_ex() CVE-2016-9644
MLIST:[oss-security] 20161109 CVE Request - Samsung Exynos fimg2d Multiple Issues CVE-2016-9278 CVE-2016-9279
MLIST:[oss-security] 20161109 CVE Request: libtiff: heap buffer overflow/read outside of array CVE-2016-9273
MLIST:[oss-security] 20161109 Re: CVE Request: Cryptography 1.5.3: HKDF might return an empty byte-string CVE-2016-9243
MLIST:[oss-security] 20161110 CVE request: MyBB multiple vulnerabilities CVE-2015-8973 CVE-2015-8974 CVE-2015-8975 CVE-2015-8976 CVE-2015-8977 CVE-2016-9402 CVE-2016-9403 CVE-2016-9404 CVE-2016-9405 CVE-2016-9406 CVE-2016-9407 CVE-2016-9408 CVE-2016-9409 CVE-2016-9410 CVE-2016-9411 CVE-2016-9412 CVE-2016-9413 CVE-2016-9414 CVE-2016-9415 CVE-2016-9416 CVE-2016-9417 CVE-2016-9418 CVE-2016-9419 CVE-2016-9420 CVE-2016-9421
MLIST:[oss-security] 20161110 Re: jasper: use after free in jas_realloc (jas_malloc.c) CVE-2016-9262
MLIST:[oss-security] 20161110 Re: libming: listmp3: divide-by-zero in printMP3Headers (listmp3.c) CVE-2016-9265
MLIST:[oss-security] 20161110 Re: libming: listmp3: global-buffer-overflow in printMP3Headers (listmp3.c) CVE-2016-9264
MLIST:[oss-security] 20161110 Re: libming: listmp3: left shift in listmp3.c CVE-2016-9266
MLIST:[oss-security] 20161111 CVE Request: libtiff: read outside buffer in _TIFFPrintField() CVE-2016-9297
MLIST:[oss-security] 20161111 CVE request: LibTIFF tiffcrop: Heap buffer overflow via writeBufferToSeparateStrips CVE-2016-9532
MLIST:[oss-security] 20161111 CVE-2016-8640 pycsw SQL injection issue CVE-2016-8640
MLIST:[oss-security] 20161111 Re: CVE Request - Samsung Exynos fimg2d Multiple Issues CVE-2016-9278 CVE-2016-9279
MLIST:[oss-security] 20161111 Re: CVE Request: libtiff: heap buffer overflow/read outside of array CVE-2016-9273
MLIST:[oss-security] 20161111 Re: libdwarf: heap-based buffer overflow in _dwarf_skim_forms (dwarf_macro5.c) CVE-2016-9275
MLIST:[oss-security] 20161111 Re: libdwarf: heap-based buffer overflow in dwarf_get_aranges_list (dwarf_arange.c) CVE-2016-9276
MLIST:[oss-security] 20161113 CVE needed? / gnuchess 6.2.4 fixed user input buffer overflow CVE-2015-8972
MLIST:[oss-security] 20161113 CVE request: Jenkins remote code execution vulnerability CVE-2016-9299
MLIST:[oss-security] 20161113 Imagemagick heap overflow CVE-2016-9298
MLIST:[oss-security] 20161114 CVE-2016-4484: - Cryptsetup Initrd root Shell CVE-2016-4484
MLIST:[oss-security] 20161114 Re: CVE Request: libtiff: read outside buffer in _TIFFPrintField() CVE-2016-9297
MLIST:[oss-security] 20161114 Re: CVE needed? / gnuchess 6.2.4 fixed user input buffer overflow CVE-2015-8972
MLIST:[oss-security] 20161114 Re: CVE request: Jenkins remote code execution vulnerability CVE-2016-9299
MLIST:[oss-security] 20161114 Re: Imagemagick heap overflow CVE-2016-9298
MLIST:[oss-security] 20161114 Re: Re: CVE needed? / gnuchess 6.2.4 fixed user input buffer overflow CVE-2015-8972
MLIST:[oss-security] 20161115 CVE-2016-1249: Out-of-bounds read by DBD::mysql >= version 2.9003 CVE-2016-1249
MLIST:[oss-security] 20161115 Re: CVE-2016-4484: - Cryptsetup Initrd root Shell - Update: Dracut is also vulnerable CVE-2016-4484
MLIST:[oss-security] 20161115 Re: [FD] CVE-2016-4484: - Cryptsetup Initrd root Shell CVE-2016-4484
MLIST:[oss-security] 20161116 CVE Request: teeworlds: possible remote code execution on teeworlds client CVE-2016-9400
MLIST:[oss-security] 20161116 Re: CVE-2016-4484: - Cryptsetup Initrd root Shell CVE-2016-4484
MLIST:[oss-security] 20161117 Re: CVE Request: teeworlds: possible remote code execution on teeworlds client CVE-2016-9400
MLIST:[oss-security] 20161117 Re: CVE request: MyBB multiple vulnerabilities CVE-2015-8973 CVE-2015-8974 CVE-2015-8975 CVE-2015-8976 CVE-2015-8977 CVE-2016-9402 CVE-2016-9403 CVE-2016-9404 CVE-2016-9405 CVE-2016-9406 CVE-2016-9407 CVE-2016-9408 CVE-2016-9409 CVE-2016-9410 CVE-2016-9411 CVE-2016-9412 CVE-2016-9413 CVE-2016-9414 CVE-2016-9415 CVE-2016-9416 CVE-2016-9417 CVE-2016-9418 CVE-2016-9419 CVE-2016-9420 CVE-2016-9421
MLIST:[oss-security] 20161117 Re: bash - popd controlled free CVE-2016-9401
MLIST:[oss-security] 20161117 Re: jasper: multiple assertion failures CVE-2016-9387 CVE-2016-9388 CVE-2016-9389 CVE-2016-9390 CVE-2016-9391 CVE-2016-9392 CVE-2016-9393 CVE-2016-9394 CVE-2016-9395 CVE-2016-9396 CVE-2016-9397 CVE-2016-9398 CVE-2016-9399
MLIST:[oss-security] 20161117 bash - popd controlled free CVE-2016-9401
MLIST:[oss-security] 20161118 CVE Request: gstreamer plugins CVE-2016-9445 CVE-2016-9446 CVE-2016-9447
MLIST:[oss-security] 20161118 Re: CVE Request: gstreamer plugins CVE-2016-9445 CVE-2016-9446 CVE-2016-9447
MLIST:[oss-security] 20161118 Re: CVE Request: libtiff: Out-of-bounds Write memcpy and less bound check in tiff2pdf CVE-2016-9453
MLIST:[oss-security] 20161118 Re: CVE request: w3m - multiple vulnerabilities CVE-2016-9422 CVE-2016-9423 CVE-2016-9424 CVE-2016-9425 CVE-2016-9426 CVE-2016-9427 CVE-2016-9428 CVE-2016-9429 CVE-2016-9430 CVE-2016-9431 CVE-2016-9432 CVE-2016-9433 CVE-2016-9434 CVE-2016-9435 CVE-2016-9436 CVE-2016-9437 CVE-2016-9438 CVE-2016-9439 CVE-2016-9440 CVE-2016-9441 CVE-2016-9442 CVE-2016-9443
MLIST:[oss-security] 20161118 Re: CVE-2016-9297 LibTIFF regression CVE-2016-9448
MLIST:[oss-security] 20161119 imagemagick: null pointer must never be null (tiff.c) CVE-2016-9559
MLIST:[oss-security] 20161119 libdwarf: negation overflow in dwarf_leb.c CVE-2016-9558
MLIST:[oss-security] 20161120 jasper: stack-based buffer overflow in jpc_tsfb_getbands2 (jpc_tsfb.c) CVE-2016-9560
MLIST:[oss-security] 20161121 Re: CVE request: LibTIFF tiffcrop: Heap buffer overflow via writeBufferToSeparateStrips CVE-2016-9532
MLIST:[oss-security] 20161122 CVE Request: Linux: net/sctp: slab-out-of-bounds in sctp_sf_ootb CVE-2016-9555
MLIST:[oss-security] 20161122 Re: imagemagick: heap-based buffer overflow in IsPixelGray (pixel-accessor.h) CVE-2016-9556
MLIST:[oss-security] 20161122 Re: imagemagick: null pointer must never be null (tiff.c) CVE-2016-9559
MLIST:[oss-security] 20161122 Re: jasper: signed integer overflow in jas_image.c CVE-2016-9557
MLIST:[oss-security] 20161122 Re: jasper: stack-based buffer overflow in jpc_tsfb_getbands2 (jpc_tsfb.c) CVE-2016-9560
MLIST:[oss-security] 20161122 Re: libdwarf: negation overflow in dwarf_leb.c CVE-2016-9558
MLIST:[oss-security] 20161123 Re: CVE Request: gstreamer plugins CVE-2016-9634 CVE-2016-9635 CVE-2016-9636
MLIST:[oss-security] 20161123 Re: CVE request: w3m - multiple vulnerabilities CVE-2016-9622 CVE-2016-9623 CVE-2016-9624 CVE-2016-9625 CVE-2016-9626 CVE-2016-9627 CVE-2016-9628 CVE-2016-9629 CVE-2016-9630 CVE-2016-9631 CVE-2016-9632 CVE-2016-9633
MLIST:[oss-security] 20161124 Re: CVE request: icu: stack-based buffer overflow in uloc_getDisplayName CVE-2014-9911 CVE-2014-9912
MLIST:[oss-security] 20161125 CVE Request: salt confidentiality issue CVE-2016-9639
MLIST:[oss-security] 20161125 Re: CVE Request: salt confidentiality issue CVE-2016-9639
MLIST:[oss-security] 20161126 CVE Request: resource exhaustion in regex expression handling in WebKit CVE-2016-9643
MLIST:[oss-security] 20161126 Re: CVE Request: resource exhaustion in regex expression handling in WebKit CVE-2016-9643
MLIST:[oss-security] 20161126 Re: CVE request: Heap read out-of-bounds parsing a Javascript file with the last revision of JavaScript Core CVE-2016-9642
MLIST:[oss-security] 20161126 Re: blkid command injection CVE-2014-9114
MLIST:[oss-security] 20161129 Re: openjpeg CVE-2016-3181, CVE-2016-3182 .. and CVE-2013-6045 CVE-2016-9675
MLIST:[oss-security] 20161129 Xen Security Advisory 201 - ARM guests may induce host asynchronous abort CVE-2016-9815 CVE-2016-9816 CVE-2016-9817 CVE-2016-9818
MLIST:[oss-security] 20161130 cve-request: linux kernel - memory leak in xfs attribute mechanism. CVE-2016-9685
MLIST:[oss-security] 20161201 CVE Request: Linux: net: out-of-bounds due do a signedness issue when defragging ipv6 CVE-2016-9755
MLIST:[oss-security] 20161201 gstreamer multiple issues CVE-2016-9807 CVE-2016-9808 CVE-2016-9809 CVE-2016-9810 CVE-2016-9811 CVE-2016-9812 CVE-2016-9813
MLIST:[oss-security] 20161201 imagemagick: heap-based buffer overflow in IsPixelGray (pixel-accessor.h) (Incomplete fix for CVE-2016-9556) CVE-2016-9556
MLIST:[oss-security] 20161201 libming: listswf: NULL pointer dereference in dumpBuffer (read.c) CVE-2016-9828
MLIST:[oss-security] 20161201 libming: listswf: heap-based buffer overflow in _iprintf (outputtxt.c) CVE-2016-9827
MLIST:[oss-security] 20161201 libming: listswf: heap-based buffer overflow in parseSWF_DEFINEFONT (parser.c) CVE-2016-9829
MLIST:[oss-security] 20161201 libming: listswf: heap-based buffer overflow in parseSWF_RGBA (parser.c) CVE-2016-9831
MLIST:[oss-security] 20161202 CVE request: tomcat privilege escalations in Debian packaging CVE-2016-9774 CVE-2016-9775
MLIST:[oss-security] 20161202 Important vulnerability in Dovecot (CVE-2016-8652) CVE-2016-8652
MLIST:[oss-security] 20161202 Re: CVE Request: Linux: signed overflows for SO_{SND|RCV}BUFFORCE CVE-2012-6704 CVE-2016-9793
MLIST:[oss-security] 20161202 Re: CVE Request: OpenAFS: directory information leaks (OPENAFS-SA-2016-003) CVE-2016-9772
MLIST:[oss-security] 20161202 Re: CVE request: tomcat privilege escalations in Debian packaging CVE-2016-9774 CVE-2016-9775
MLIST:[oss-security] 20161202 Re: Re: imagemagick: heap-based buffer overflow in IsPixelGray (pixel-accessor.h) (Incomplete fix for CVE-2016-9556) CVE-2016-9556
MLIST:[oss-security] 20161203 CVE Request: -- Linux kernel: double free in netlink_dump CVE-2016-9806
MLIST:[oss-security] 20161203 CVE request: -- Linux kernel: ALSA: use-after-free in,kill_fasync CVE-2016-9794
MLIST:[oss-security] 20161204 Re: Xen Security Advisory 201 - ARM guests may induce host asynchronous abort CVE-2016-9815 CVE-2016-9816 CVE-2016-9817 CVE-2016-9818
MLIST:[oss-security] 20161204 Re: graphicsmagick: memory allocation failure in MagickRealloc (memory.c) CVE-2016-9830
MLIST:[oss-security] 20161204 Re: gstreamer multiple issues CVE-2016-9807 CVE-2016-9808 CVE-2016-9809 CVE-2016-9810 CVE-2016-9811 CVE-2016-9812 CVE-2016-9813
MLIST:[oss-security] 20161204 Re: libav: multiple crashes from the Undefined Behavior Sanitizer CVE-2016-8676
MLIST:[oss-security] 20161204 Re: libming: listswf: NULL pointer dereference in dumpBuffer (read.c) CVE-2016-9828
MLIST:[oss-security] 20161204 Re: libming: listswf: heap-based buffer overflow in _iprintf (outputtxt.c) CVE-2016-9827
MLIST:[oss-security] 20161204 Re: libming: listswf: heap-based buffer overflow in parseSWF_DEFINEFONT (parser.c) CVE-2016-9829
MLIST:[oss-security] 20161204 Re: libming: listswf: heap-based buffer overflow in parseSWF_RGBA (parser.c) CVE-2016-9831
MLIST:[oss-security] 20161205 CVE Request: Info-Zip zipinfo buffer overflow CVE-2014-9913 CVE-2016-9844
MLIST:[oss-security] 20161205 Re: CVE Request: Info-Zip zipinfo buffer overflow CVE-2014-9913 CVE-2016-9844
MLIST:[oss-security] 20161205 Re: CVE Request: zlib security issues found during audit CVE-2016-9840 CVE-2016-9841 CVE-2016-9842 CVE-2016-9843
MLIST:[oss-security] 20161205 Re: Important vulnerability in Dovecot (CVE-2016-8652) CVE-2016-8652
MLIST:[oss-security] 20161206 CVE Request: html5lib: potential cross-site scripting vulnerablity: quote attributes that need escaping in legacy browsers CVE-2016-9909 CVE-2016-9910
MLIST:[oss-security] 20161208 CVE request: Linux panic on fragemented IPv6 traffic (icmp6_send) CVE-2016-9919
MLIST:[oss-security] 20161208 Re: CVE Request: html5lib: potential cross-site scripting vulnerablity: quote attributes that need escaping in legacy browsers CVE-2016-9909 CVE-2016-9910
MLIST:[oss-security] 20161208 Re: imagemagick: heap-based buffer overflow in IsPixelMonochrome (pixel-accessor.h) CVE-2016-8678
MLIST:[oss-security] 20161208 [CVE-2016-8595] ffmpeg crashes with an assert CVE-2016-8595
MLIST:[oss-security] 20161208 [CVE-2016-9561] ffmpeg crashes on decoding MOV file CVE-2016-9561
MLIST:[oss-security] 20161208 roundcube code execution via mail() CVE-2016-9920
MLIST:[oss-security] 20161212 CVE assignment for PHP 5.6.28, 5.6.29, 7.0.13, 7.0.14 and 7.1.0 CVE-2016-9933 CVE-2016-9934 CVE-2016-9935 CVE-2016-9936
MLIST:[oss-security] 20161212 Re: CVE Request: Potential DoS in Crypto++ ASN.1 parser CVE-2016-9939
MLIST:[oss-security] 20161214 CVE Request: FlightGear: Allows the route manager to overwrite arbitrary files CVE-2016-9956
MLIST:[oss-security] 20161214 CVE-2016-1253 most: shell command injection through filenames CVE-2016-1253
MLIST:[oss-security] 20161215 Re: CVE Request: FlightGear: Allows the route manager to overwrite arbitrary files CVE-2016-9956
MLIST:[oss-security] 20161215 Re: CVE Request: Game Music Emulators: incorrect emulation of the SPC700 audio co-processor of SNES: arbitrary code execution via malformed SPC music file CVE-2016-9957 CVE-2016-9958 CVE-2016-9959 CVE-2016-9960 CVE-2016-9961
MLIST:[oss-security] 20161215 Re: CVE Request: IrRegular Expressions resource exhaustion in regex compilation [was: Re: CVE Request: resource exhaustion in regex expression handling in WebKit] CVE-2016-9954
MLIST:[oss-security] 20161216 Re: CVE Request: FlightGear: Allows the route manager to overwrite arbitrary files CVE-2016-9956
MLIST:[oss-security] 20161216 [SECURITY] CVE-2016-5001: Apache Hadoop Information Disclosure CVE-2016-5001
MLIST:[oss-security] 20161217 Re: CVE Request - squid HTTP proxy multiple Information Disclosure issues CVE-2016-10002 CVE-2016-10003
MLIST:[oss-security] 20161217 Re: CVE request - DCMTK remote stack buffer overflow CVE-2015-8979
MLIST:[oss-security] 20161219 Announce: OpenSSH 7.4 released CVE-2016-10009 CVE-2016-10010 CVE-2016-10011 CVE-2016-10012
MLIST:[oss-security] 20161219 CVE Request - Exponent CMS 2.3.9 multi-vulnerabilities in install code CVE-2016-7791
MLIST:[oss-security] 20161221 Re: CVE request: ikiwiki: authorization bypass when reverting changes CVE-2016-10026
MLIST:[oss-security] 20161221 Re: Nagios Core < 4.2.2 Curl Command Injection leading to Remote Code Execution [CVE-2016-9565] CVE-2014-5008
MLIST:[oss-security] 20161222 Re: CVE Request: Smack: TLS SecurityMode.required not always enforced, leading to striptls attack CVE-2016-10027
MLIST:[oss-security] 20161224 Re: Qt QXmlSimpleReader CVE-2016-10040
MLIST:[oss-security] 20161226 Re: CVE requests for various ImageMagick issues CVE-2014-9915 CVE-2016-10046 CVE-2016-10047 CVE-2016-10048 CVE-2016-10049 CVE-2016-10050 CVE-2016-10051 CVE-2016-10052 CVE-2016-10053 CVE-2016-10054 CVE-2016-10055 CVE-2016-10056 CVE-2016-10057 CVE-2016-10058 CVE-2016-10059 CVE-2016-10060 CVE-2016-10061 CVE-2016-10062 CVE-2016-10063 CVE-2016-10064 CVE-2016-10065 CVE-2016-10066 CVE-2016-10067 CVE-2016-10068 CVE-2016-10069 CVE-2016-10070 CVE-2016-10071
MLIST:[oss-security] 20161227 Re: Buffer overflow in pycrypto CVE-2013-7459
MLIST:[oss-security] 20161228 Re: PHPMailer < 5.2.18 Remote Code Execution [updated advisory] [CVE-2016-10033] CVE-2016-10045
MLIST:[oss-security] 20161228 Re: tqdm: insecure use of git CVE-2016-10075
MLIST:[oss-security] 20161229 ikiwiki: CVE-2016-9645 (incomplete fix for CVE-2016-10026), CVE-2016-9646 (commit metadata forgery) CVE-2016-10026 CVE-2016-9646
MLIST:[oss-security] 20161229 libpng NULL pointer dereference bugfix CVE-2016-10087
MLIST:[oss-security] 20161230 Re: CVE request: Nagios: Incomplete fix for CVE-2016-8641 CVE-2016-10089
MLIST:[oss-security] 20161230 Re: Linux Kernel use-after-free in SCSI generic device interface CVE-2016-10088
MLIST:[oss-security] 20161230 Re: libpng NULL pointer dereference bugfix CVE-2016-10087
MLIST:[oss-security] 20161231 Fwd: [ANNOUNCE] CVE-2016-6793 Apache Wicket deserialization vulnerability CVE-2016-6793
MLIST:[oss-security] 20161231 Re: CVE Request: UnRTF: stack-based buffer overflows in cmd_* functions CVE-2016-10091
MLIST:[oss-security] 20170101 Re: CVE Request: UnRTF: stack-based buffer overflows in cmd_* functions CVE-2016-10091
MLIST:[oss-security] 20170101 Re: Re: libtiff: multiple heap-based buffer overflow CVE-2016-10092 CVE-2016-10093 CVE-2016-10094
MLIST:[oss-security] 20170101 Re: libtiff: multiple heap-based buffer overflow CVE-2016-10092 CVE-2016-10093 CVE-2016-10094
MLIST:[oss-security] 20170101 Re: libtiff: stack-based buffer overflow in _TIFFVGetField (tif_dir.c) CVE-2016-10095
MLIST:[oss-security] 20170101 libtiff: stack-based buffer overflow in _TIFFVGetField (tif_dir.c) CVE-2016-10095
MLIST:[oss-security] 20170103 Re: CVE Request: pcsc-lite use-after-free and double-free CVE-2016-10109
MLIST:[oss-security] 20170105 Re: Firejail local root exploit CVE-2016-10117 CVE-2016-10118 CVE-2016-10119 CVE-2016-10120 CVE-2016-10121 CVE-2016-10122 CVE-2016-10123
MLIST:[oss-security] 20170106 Re: CVE Request: Irssi Multiple Vulnerabilities (2017/01) CVE-2017-5193 CVE-2017-5194 CVE-2017-5195 CVE-2017-5196
MLIST:[oss-security] 20170106 Re: Firejail local root exploit CVE-2016-10117 CVE-2016-10118 CVE-2016-10119 CVE-2016-10120 CVE-2016-10121 CVE-2016-10122 CVE-2016-10123
MLIST:[oss-security] 20170107 Re: Firejail local root exploit CVE-2017-5206 CVE-2017-5207
MLIST:[oss-security] 20170108 Re: CVE Request: icoutils: exploitable crash in wrestool programm CVE-2017-5208
MLIST:[oss-security] 20170109 Re: ark vulnerability: need CVE CVE-2017-5330
MLIST:[oss-security] 20170110 CVE Request: two security fixes in libgit2 0.25.1, 0.24.6 CVE-2016-10128 CVE-2016-10129 CVE-2016-10130
MLIST:[oss-security] 20170110 CVE request: two advisories for GnuTLS GNUTLS-SA-2017-1, GNUTLS-SA-2017-2, fixed in 3.3.26, 3.5.8 CVE-2017-5334 CVE-2017-5335 CVE-2017-5336 CVE-2017-5337
MLIST:[oss-security] 20170110 Re: CVE Request: icoutils: exploitable crash in wrestool programm CVE-2017-5331 CVE-2017-5332 CVE-2017-5333
MLIST:[oss-security] 20170110 Re: CVE Request: two security fixes in libgit2 0.25.1, 0.24.6 CVE-2016-10128 CVE-2016-10129 CVE-2016-10130
MLIST:[oss-security] 20170110 Re: CVE request: two advisories for GnuTLS GNUTLS-SA-2017-1, GNUTLS-SA-2017-2, fixed in 3.3.26, 3.5.8 CVE-2017-5334 CVE-2017-5335 CVE-2017-5336 CVE-2017-5337
MLIST:[oss-security] 20170112 CVE Request: Irssi out of bounds read in format string CVE-2017-5356
MLIST:[oss-security] 20170112 CVE Request: MUJS null pointer dereference and Heap buffer overflow write CVE-2016-10132 CVE-2016-10133
MLIST:[oss-security] 20170112 CVE Request: Zabbix: SQL injection vulnerabilities in "Latest data" CVE-2016-10134
MLIST:[oss-security] 20170112 Re: CVE Request: Irssi out of bounds read in format string CVE-2017-5356
MLIST:[oss-security] 20170112 Re: CVE Request: MUJS null pointer dereference and Heap buffer overflow write CVE-2016-10132 CVE-2016-10133
MLIST:[oss-security] 20170112 Re: CVE Request: Zabbix: SQL injection vulnerabilities in "Latest data" CVE-2016-10134
MLIST:[oss-security] 20170112 Re: invalid free in GNU ed before 1.14.1 CVE-2017-5357
MLIST:[oss-security] 20170112 ikiwiki: CVE-2017-0356: Authentication bypass via repeated parameters CVE-2017-0356
MLIST:[oss-security] 20170112 invalid free in GNU ed before 1.14.1 CVE-2017-5357
MLIST:[oss-security] 20170113 CVE-2017-2584 Kernel: kvm: use after free in complete_emulated_mmio CVE-2017-2584
MLIST:[oss-security] 20170114 Re: CVE Request: Wordpress: 8 security issues in 4.7 CVE-2017-5487 CVE-2017-5488 CVE-2017-5489 CVE-2017-5490 CVE-2017-5491 CVE-2017-5492 CVE-2017-5493
MLIST:[oss-security] 20170114 Re: [Security] Qt QXmlSimpleReader CVE-2016-10040
MLIST:[oss-security] 20170116 CVE Request: Imagemagick: various flaws: memory corruption, out-of-bounds writes, memory leaks, double-frees, off-by-one errors CVE-2016-10144 CVE-2016-10145 CVE-2016-10146 CVE-2017-5506 CVE-2017-5507 CVE-2017-5508 CVE-2017-5509 CVE-2017-5510 CVE-2017-5511
MLIST:[oss-security] 20170116 Re: CVE Request: Imagemagick: various flaws: memory corruption, out-of-bounds writes, memory leaks, double-frees, off-by-one errors CVE-2016-10144 CVE-2016-10145 CVE-2016-10146 CVE-2017-5506 CVE-2017-5507 CVE-2017-5508 CVE-2017-5509 CVE-2017-5510 CVE-2017-5511
MLIST:[oss-security] 20170116 Re: jasper: invalid memory read in jas_matrix_asl (jas_seq.c) CVE-2017-5505
MLIST:[oss-security] 20170116 jasper: invalid memory read in jas_matrix_asl (jas_seq.c) CVE-2017-5505
MLIST:[oss-security] 20170116 jasper: invalid memory write in dec_clnpass (jpc_t1dec.c) CVE-2017-5503
MLIST:[oss-security] 20170117 CVE-2016-9602 Qemu: 9p: virtfs allows guest to access host filesystem CVE-2016-9602
MLIST:[oss-security] 20170117 Re: Re: jasper: invalid memory write in dec_clnpass (jpc_t1dec.c) CVE-2017-5503
MLIST:[oss-security] 20170118 CVE request Weblate: information disclosure in password reset form CVE-2017-5537
MLIST:[oss-security] 20170118 Re: CVE Request: Plone Sandbox escape vulnerability CVE-2017-5524
MLIST:[oss-security] 20170118 Re: CVE Request: php-gettext: Arbitrary code execution in select_string, ngettext and npgettext count parameter CVE-2015-8980
MLIST:[oss-security] 20170119 CVE Request - Samsung Exynos GPU driver OOB read CVE-2017-5538
MLIST:[oss-security] 20170119 Re: CVE Request - Samsung Exynos GPU driver OOB read CVE-2017-5538
MLIST:[oss-security] 20170119 Re: CVE request Weblate: information disclosure in password reset form CVE-2017-5537
MLIST:[oss-security] 20170119 Re: CVE request: python-pysaml2 XML external entity attack CVE-2016-10127 CVE-2016-10149
MLIST:[oss-security] 20170120 CVE request Qemu: display: virtio-gpu-3d: memory leakage in virgl_resource_attach_backing CVE-2017-5552
MLIST:[oss-security] 20170120 CVE request Qemu: watchdog: memory leakage in virtual hardware watchdog wdt_i6300esb CVE-2016-10155
MLIST:[oss-security] 20170120 Re: CVE REQUEST: linux kernel: process with pgid zero able to crash CVE-2010-5328
MLIST:[oss-security] 20170120 Re: CVE REQUEST: linux kernel: process with pgid zero able to crash kernel CVE-2016-10153 CVE-2016-10154 CVE-2017-5546 CVE-2017-5547 CVE-2017-5548 CVE-2017-5549 CVE-2017-5550 CVE-2017-5551
MLIST:[oss-security] 20170120 Re: CVE Request: two flaws in hesiod permitting privilege elevation CVE-2016-10151 CVE-2016-10152
MLIST:[oss-security] 20170120 Re: CVE request Qemu: display: virtio-gpu-3d: memory leakage in virgl_resource_attach_backing CVE-2017-5552
MLIST:[oss-security] 20170120 Re: CVE request Qemu: watchdog: memory leakage in virtual hardware watchdog wdt_i6300esb CVE-2016-10155
MLIST:[oss-security] 20170120 Re: CVE-2016-9584: heap use-after-free on libical CVE-2016-5824
MLIST:[oss-security] 20170121 Re: [tigervnc-announce] TigerVNC 1.7.1 CVE-2017-5581
MLIST:[oss-security] 20170122 CVE Request: libXpm < 3.5.12 heap overflow CVE-2016-10164
MLIST:[oss-security] 20170122 CVE request: Linux kernel: vc4: int overflow leading to heap-based buffer overflow CVE-2017-5576 CVE-2017-5577
MLIST:[oss-security] 20170124 CVE request: rubygem minitar: directory traversal vulnerability CVE-2016-10173
MLIST:[oss-security] 20170125 Re: CVE MLIST:[oss-security] 20170123 CVE request: lcms2 heap OOB read parsing crafted ICC profile CVE-2016-10165
MLIST:[oss-security] 20170125 Re: CVE Request: libXpm < 3.5.12 heap overflow CVE-2016-10164
MLIST:[oss-security] 20170125 Re: CVE request: lcms2 heap OOB read parsing crafted ICC profile CVE-2016-10165
MLIST:[oss-security] 20170125 Re: [tigervnc-announce] TigerVNC 1.7.1 CVE-2017-5581
MLIST:[oss-security] 20170126 CVE Requests: libgd: potential unsigned onderflow, denial-of-service in gdImageCreateFromGd2Ctx and signed overflow in gd_io.c CVE-2016-10166 CVE-2016-10167 CVE-2016-10168
MLIST:[oss-security] 20170126 Re: OpenSSH: CVE-2015-6565 (pty issue in 6.8-6.9) can lead to local privesc on Linux CVE-2015-6565
MLIST:[oss-security] 20170127 CVE Request: s-nail local root CVE-2017-5899
MLIST:[oss-security] 20170127 SSRF issue in the svgsalamander library CVE-2017-5617
MLIST:[oss-security] 20170128 Re: CVE Request: Wordpress: 4.7.2 security release: unauthorized bypass, SQL injection, cross-site scripting issues CVE-2017-5610 CVE-2017-5611 CVE-2017-5612
MLIST:[oss-security] 20170128 Re: CVE Requests: libgd: potential unsigned onderflow, denial-of-service in gdImageCreateFromGd2Ctx and signed overflow in gd_io.c CVE-2016-10166 CVE-2016-10167 CVE-2016-10168
MLIST:[oss-security] 20170128 Re: CVE request: cgiemail multiple vulnerabilities CVE-2017-5613 CVE-2017-5614 CVE-2017-5615 CVE-2017-5616
MLIST:[oss-security] 20170128 Re: Gentoo: order of installed packages may result in vary directories permissions, leading to crontab not requiring cron group membership as example. CVE-2004-2778
MLIST:[oss-security] 20170128 Re: wavpack: multiple out of bounds memory reads CVE-2016-10169 CVE-2016-10170 CVE-2016-10171 CVE-2016-10172
MLIST:[oss-security] 20170129 Re: CVE request: GNU screen escalation CVE-2017-5618
MLIST:[oss-security] 20170129 Re: CVE request: rubygem minitar: directory traversal vulnerability CVE-2016-10173
MLIST:[oss-security] 20170129 Re: SSRF issue in the svgsalamander library CVE-2017-5617
MLIST:[oss-security] 20170129 Requesting CVE for calibre file disclosure CVE-2016-10187
MLIST:[oss-security] 20170130 CVE Request - Remote DoS vulnerabilities in BitlBee CVE-2016-10188 CVE-2016-10189 CVE-2017-5668
MLIST:[oss-security] 20170131 Bugs fixed in libevent 2.1.6 CVE-2016-10195 CVE-2016-10196 CVE-2016-10197
MLIST:[oss-security] 20170131 CVE request: multiples vulnerabilities in libplist CVE-2017-5834 CVE-2017-5835 CVE-2017-5836
MLIST:[oss-security] 20170131 CVE requests: code injection in rubygem espeak-ruby and code injection in rubygem festivaltts4r CVE-2016-10193 CVE-2016-10194
MLIST:[oss-security] 20170131 Re: CVE Request - Remote DoS vulnerabilities in BitlBee CVE-2016-10188 CVE-2016-10189 CVE-2017-5668
MLIST:[oss-security] 20170131 Re: Requesting CVE for calibre file disclosure CVE-2016-10187
MLIST:[oss-security] 20170201 CVE Request: ffmpeg remote exploitaion results code execution CVE-2016-10190 CVE-2016-10191 CVE-2016-10192
MLIST:[oss-security] 20170201 CVE-2017-0358 ntfs-3g: modprobe influence vulnerability via environment variables CVE-2017-0358
MLIST:[oss-security] 20170201 Multiple memory access issues in gstreamer CVE-2016-10198 CVE-2016-10199 CVE-2017-5837 CVE-2017-5838 CVE-2017-5839 CVE-2017-5840 CVE-2017-5841 CVE-2017-5842 CVE-2017-5843 CVE-2017-5844 CVE-2017-5845 CVE-2017-5846 CVE-2017-5847 CVE-2017-5848
MLIST:[oss-security] 20170201 Re: podofo: multiple crashes CVE-2015-8981
MLIST:[oss-security] 20170201 podofo: NULL pointer dereference in PdfOutputStream.cpp CVE-2017-5854
MLIST:[oss-security] 20170201 podofo: infinite loop in PoDoFo::PdfPage::GetInheritedKeyFromObject (PdfPage.cpp) CVE-2017-5852
MLIST:[oss-security] 20170202 CVE request tigervnc: vnc server can crash when TLS handshake terminates early CVE-2016-10207
MLIST:[oss-security] 20170202 Re: Bugs fixed in libevent 2.1.6 CVE-2016-10195 CVE-2016-10196 CVE-2016-10197
MLIST:[oss-security] 20170202 Re: CVE Request: ffmpeg remote exploitaion results code execution CVE-2016-10190 CVE-2016-10191 CVE-2016-10192
MLIST:[oss-security] 20170202 Re: CVE request: Out-of-Bound read and write issues in put1bitbwtile()(tiff-4.0.7/libtiff/tif-getimage.c:1352) and putgreytile()(tiff-4.0.7/libtiff/tif-getimage.c:1288) CVE-2017-5849
MLIST:[oss-security] 20170202 Re: CVE request: multiples vulnerabilities in Revive Adserver CVE-2017-5830 CVE-2017-5831 CVE-2017-5832 CVE-2017-5833
MLIST:[oss-security] 20170202 Re: CVE request: multiples vulnerabilities in libplist CVE-2017-5834 CVE-2017-5835 CVE-2017-5836
MLIST:[oss-security] 20170202 Re: CVE requests: OpenBSD httpd - 2 DoS CVE-2017-5850
MLIST:[oss-security] 20170202 Re: CVE requests: code injection in rubygem espeak-ruby and code injection in rubygem festivaltts4r CVE-2016-10193 CVE-2016-10194
MLIST:[oss-security] 20170202 Re: Multiple memory access issues in gstreamer CVE-2016-10198 CVE-2016-10199 CVE-2017-5837 CVE-2017-5838 CVE-2017-5839 CVE-2017-5840 CVE-2017-5841 CVE-2017-5842 CVE-2017-5843 CVE-2017-5844 CVE-2017-5845 CVE-2017-5846 CVE-2017-5847 CVE-2017-5848
MLIST:[oss-security] 20170202 Re: podofo: NULL pointer dereference in PdfOutputStream.cpp CVE-2017-5854
MLIST:[oss-security] 20170202 Re: podofo: infinite loop in PoDoFo::PdfPage::GetInheritedKeyFromObject (PdfPage.cpp) CVE-2017-5852
MLIST:[oss-security] 20170202 Re: podofo: multiple crashes CVE-2015-8981
MLIST:[oss-security] 20170203 Re: CVE-2017-0358 ntfs-3g: modprobe influence vulnerability via environment variables CVE-2017-0358
MLIST:[oss-security] 20170204 Re: CVE request tigervnc: vnc server can crash when TLS handshake terminates early CVE-2016-10207
MLIST:[oss-security] 20170204 Re: Local DoS: Linux Kernel EXT4 Memory Corruption / SLAB-Out-of-Bounds Read CVE-2016-10208
MLIST:[oss-security] 20170204 Re: [FOXMOLE SA 2016-07-05] ZoneMinder - Multiple Issues CVE-2016-10201 CVE-2016-10202 CVE-2016-10203 CVE-2016-10204 CVE-2016-10205 CVE-2016-10206
MLIST:[oss-security] 20170206 mupdf: heap-based buffer overflow in fz_subsample_pixmap CVE-2017-5896
MLIST:[oss-security] 20170207 Re: CVE Request: Linux: ip6_gre: invalid reads in ip6gre_err() CVE-2017-5897
MLIST:[oss-security] 20170207 Re: CVE Request: s-nail local root CVE-2017-5899
MLIST:[oss-security] 20170207 Re: CVE request Qemu: usb: integer overflow in emulated_apdu_from_guest CVE-2017-5898
MLIST:[oss-security] 20170207 Re: CVE request: PostfixAdmin allows to delete protected aliases CVE-2017-5930
MLIST:[oss-security] 20170207 Re: mupdf: heap-based buffer overflow in fz_subsample_pixmap CVE-2017-5896
MLIST:[oss-security] 20170208 Re: CVE Request: Nova-LXD incorrectly applied Neutron security group rules CVE-2017-5936
MLIST:[oss-security] 20170208 Re: CVE request: XSS in viewvc CVE-2017-5938
MLIST:[oss-security] 20170209 Re: CVE request: PostfixAdmin allows to delete protected aliases CVE-2017-5930
MLIST:[oss-security] 20170210 Re: Asking for a CVE id for the WordPress Privilege Escalation vulnerability (4.7/4.7.1) CVE-2017-1001000
MLIST:[oss-security] 20170212 Fwd: [scr293903] Linux kernel - upstream CVE-2017-5970
MLIST:[oss-security] 20170213 CVE-2017-5956 virglrenderer: Virglrenderer: OOB access while in vrend_draw_vbo CVE-2017-5956
MLIST:[oss-security] 20170213 CVE-2017-5957 Virglrenderer: stack overflow in vrend_decode_set_framebuffer_state CVE-2017-5957
MLIST:[oss-security] 20170213 CVE-2017-5969: Null pointer derefence parsing xml file using libxml 2.9.4 (in recover mode) CVE-2017-5969
MLIST:[oss-security] 20170214 CVE-2017-5973 Qemu: usb: infinite loop while doing control transfer in xhci_kick_epctx CVE-2017-5973
MLIST:[oss-security] 20170214 CVE-2017-5987 Qemu: sd: infinite loop issue in multi block transfers CVE-2017-5987
MLIST:[oss-security] 20170214 Re: A note about the multiple crashes in zziplib CVE-2017-5974 CVE-2017-5975 CVE-2017-5976 CVE-2017-5977
MLIST:[oss-security] 20170214 Re: Linux kernel: Reachable BUG_ON from userspace in sctp_wait_for_sndbuf() CVE-2017-5986
MLIST:[oss-security] 20170214 Re: Pending CVE requests for glibc CVE-2015-8982 CVE-2015-8983 CVE-2015-8984 CVE-2015-8985
MLIST:[oss-security] 20170215 CVE-2017-2630 Qemu: nbd: oob stack write in client routine drop_sync CVE-2017-2630
MLIST:[oss-security] 20170215 CVE-2017-5993 Virglrenderer: host memory leakage when initialising blitter context CVE-2017-5993
MLIST:[oss-security] 20170215 CVE-2017-5994 Virglrenderer: out-of-bounds access in vrend_create_vertex_elements_state CVE-2017-5994
MLIST:[oss-security] 20170215 Re: CVE request: sunxi-debug (root privilege escalation in Allwinner kernel) CVE-2016-10225
MLIST:[oss-security] 20170216 Linux: CVE-2017-6001: Incomplete fix for CVE-2016-6786: perf/core: Fix concurrent sys_perf_event_open() vs. 'move_group' race CVE-2017-6001
MLIST:[oss-security] 20170217 CVE-2017-6058 Qemu: net: vmxnet3: OOB NetRxPkt::ehdr_buf access when doing vlan stripping CVE-2017-6058
MLIST:[oss-security] 20170217 OpenID Connect authentication module for Apache: CVE-2017-6059 CVE-2017-6062 CVE-2017-6059
MLIST:[oss-security] 20170218 mupdf: mujstest: stack-based buffer overflow in main (jstest_main.c) CVE-2017-6060
MLIST:[oss-security] 20170221 CVE Request - Multiple vulnerabilities in gdk-pixbuf CVE-2017-6311 CVE-2017-6312 CVE-2017-6313 CVE-2017-6314
MLIST:[oss-security] 20170221 CVE-2017-2620 Qemu: display: cirrus: out-of-bounds access issue while in cirrus_bitblt_cputovideo CVE-2017-2620
MLIST:[oss-security] 20170222 CVE-2016-7078: Foreman organization/location authorization vulnerability CVE-2016-7078
MLIST:[oss-security] 20170222 Linux kernel: CVE-2017-6074: DCCP double-free vulnerability (local root) CVE-2017-6074
MLIST:[oss-security] 20170223 CVE-2017-2633 Qemu: VNC: memory corruption due to unchecked resolution limit CVE-2017-2633
MLIST:[oss-security] 20170224 CVE-2017-6209 Virglrenderer: stack buffer oveflow in parse_identifier CVE-2017-6209
MLIST:[oss-security] 20170224 CVE-2017-6210 Virglrenderer: null pointer dereference in vrend_decode_reset CVE-2017-6210
MLIST:[oss-security] 20170225 CVE-2017-6317 Virglrenderer: memory leakage issue in add_shader_program CVE-2017-6317
MLIST:[oss-security] 20170226 Re: CVE Request - Multiple vulnerabilities in gdk-pixbuf CVE-2017-6311 CVE-2017-6312 CVE-2017-6313 CVE-2017-6314
MLIST:[oss-security] 20170227 CVE-2017-6355 Virglrenderer: integer overflow while creating shader object CVE-2017-6355
MLIST:[oss-security] 20170227 Linux: CVE-2017-6353: sctp: deny peeloff operation on asocs with threads sleeping on it CVE-2017-6353
MLIST:[oss-security] 20170228 Linux: ip: fix IP_CHECKSUM handling (CVE-2017-6347) CVE-2017-6347
MLIST:[oss-security] 20170228 Linux: irda: Fix lockdep annotations in hashbin_delete() (CVE-2017-6348) CVE-2017-6348
MLIST:[oss-security] 20170228 Linux: net/llc: avoid BUG_ON() in skb_orphan() (CVE-2017-6345) CVE-2017-6345
MLIST:[oss-security] 20170228 Linux: packet: fix races in fanout_add() (CVE-2017-6346) CVE-2017-6346
MLIST:[oss-security] 20170228 Re: Re: GraphicsMagick heap out of bounds write issue CVE-2017-6335
MLIST:[oss-security] 20170301 CVE-2017-6386 Virglrenderer: memory leakage while in vrend_create_vertex_elements_state CVE-2017-6386
MLIST:[oss-security] 20170301 CVE-2017-6414 Qemu: libcacard: host memory leakage while creating new APDU CVE-2017-6414
MLIST:[oss-security] 20170305 CVE-Request JasPer 2.0.12 NULL Pointer Dereference jp2_encode (jp2_enc.c) CVE-2017-1000050
MLIST:[oss-security] 20170305 TeX Live: CVE-2016-10243: whitelists a insecure binary/utility to be run as external program CVE-2016-10243
MLIST:[oss-security] 20170306 CVE-2017-6505 Qemu: usb: an infinite loop issue in ohci_service_ed_list CVE-2017-6505
MLIST:[oss-security] 20170309 LXC: CVE-2017-5985: lxc-user-nic didn't verify network namespace ownership CVE-2017-5985
MLIST:[oss-security] 20170313 Re: audiofile: divide-by-zero in BlockCodec::reset1 (BlockCodec.cpp) CVE-2017-6835
MLIST:[oss-security] 20170313 Re: audiofile: divide-by-zero in BlockCodec::runPull (BlockCodec.cpp) CVE-2017-6833
MLIST:[oss-security] 20170313 Re: audiofile: global buffer overflow in decodeSample (IMA.cpp) CVE-2017-6829
MLIST:[oss-security] 20170313 Re: audiofile: heap-based buffer overflow in Expand3To4Module::run (SimpleModule.h) CVE-2017-6836
MLIST:[oss-security] 20170313 Re: audiofile: heap-based buffer overflow in IMA::decodeBlockWAVE (IMA.cpp) CVE-2017-6831
MLIST:[oss-security] 20170313 Re: audiofile: heap-based buffer overflow in MSADPCM::decodeBlock (MSADPCM.cpp) CVE-2017-6832
MLIST:[oss-security] 20170313 Re: audiofile: heap-based buffer overflow in alaw2linear_buf (G711.cpp) CVE-2017-6830
MLIST:[oss-security] 20170313 Re: audiofile: heap-based buffer overflow in ulaw2linear_buf (G711.cpp) CVE-2017-6834
MLIST:[oss-security] 20170313 Re: audiofile: multiple ubsan crashes CVE-2017-6837 CVE-2017-6838 CVE-2017-6839
MLIST:[oss-security] 20170313 Re: mupdf: mujstest: global-buffer-overflow in main (jstest_main.c) CVE-2016-10246
MLIST:[oss-security] 20170313 Re: mupdf: mujstest: global-buffer-overflow in my_getline (jstest_main.c) CVE-2016-10247
MLIST:[oss-security] 20170317 CVE-2017-3305 - The Riddle vulnerability in MySQL client (public disclosure) CVE-2017-3305
MLIST:[oss-security] 20170322 Re: elfutils: memory allocation failure in __libelf_set_rawdata_wrlock (elf_getdata.c) CVE-2016-10255
MLIST:[oss-security] 20170322 Re: elfutils: memory allocation failure in allocate_elf (common.h) CVE-2016-10254
MLIST:[oss-security] 20170323 [CVE-2017-5869] Nuxeo Platform remote code execution CVE-2017-5869
MLIST:[oss-security] 20170323 [CVE-2017-6087] EON 5.0 Remote Code Execution CVE-2017-6087
MLIST:[oss-security] 20170323 [CVE-2017-6088] EON 5.0 Multiple SQL Injection CVE-2017-6088
MLIST:[oss-security] 20170403 CVE-2017-7239: ninka license identification tool: insufficient escaping of external input [vs] CVE-2017-7239
MLIST:[oss-security] 20170403 CVE-2017-7377 Qemu: 9pfs: host memory leakage via v9fs_create CVE-2017-7377
MLIST:[oss-security] 20170411 CVE-2017-2669: Dovecot DoS when passdb dict was used for authentication CVE-2017-2669
MLIST:[oss-security] 20170416 Silently (or obliviously) partially-fixed CONFIG_STRICT_DEVMEM bypass CVE-2017-8061 CVE-2017-8062 CVE-2017-8063 CVE-2017-8064 CVE-2017-8065 CVE-2017-8066 CVE-2017-8067 CVE-2017-8068 CVE-2017-8069 CVE-2017-8070 CVE-2017-8071 CVE-2017-8072
MLIST:[oss-security] 20170418 CVE-2017-7467: minicom and prl-vzvncserver vt100.c escparms[] buffer overflow CVE-2017-7467
MLIST:[oss-security] 20170419 CVE-2017-7718 Qemu: display: cirrus: OOB read access issue CVE-2017-7718
MLIST:[oss-security] 20170420 CVE-2017-2575 libbpg: NULL pointer dereference in image_alloc CVE-2017-2575
MLIST:[oss-security] 20170421 CVE-2017-7980 Qemu: display: cirrus: OOB r/w access issues in bitblt routines CVE-2017-7980
MLIST:[oss-security] 20170425 CVE-2017-8086 Qemu: 9pfs: host memory leakage via v9pfs_list_xattr CVE-2017-8086
MLIST:[oss-security] 20170426 CVE-2017-8112 Qemu: scsi: vmw_pvscsi: infinite loop in pvscsi_log2 CVE-2017-8112
MLIST:[oss-security] 20170503 CVE-2017-8379 Qemu: input: host memory lekage via keyboard CVE-2017-8379
MLIST:[oss-security] 20170503 [CVE-2017-5870] Multiple XSS vulnerabilities in ViMbAdmin CVE-2017-5870
MLIST:[oss-security] 20170503 [CVE-2017-6086] Multiple CSRF vulnerabilities in ViMbAdmin version 3.0.15 CVE-2017-6086
MLIST:[oss-security] 20170510 generic kde LPE CVE-2017-8422 CVE-2017-8849
MLIST:[oss-security] 20170519 CVE-2017-9060 Qemu: virtio-gpu: host memory leakage in Virtio GPU device CVE-2017-9060
MLIST:[oss-security] 20170522 Code Execution through a variety Java (Un-)Marshallers CVE-2016-8749 CVE-2017-3159 CVE-2017-5878
MLIST:[oss-security] 20170523 [CVE-2017-5868] OpenVPN Access Server : CRLF injection with Session fixation CVE-2017-5868
MLIST:[oss-security] 20170530 Qualys Security Advisory - CVE-2017-1000367 in Sudo's get_process_ttyname() for Linux CVE-2017-1000367
MLIST:[oss-security] 20170531 CVE-2017-9310 Qemu: net: infinite loop in e1000e NIC emulation CVE-2017-9310
MLIST:[oss-security] 20170601 CVE-2017-9330 Qemu: usb: ohci: infinite loop due to incorrect return value CVE-2017-9330
MLIST:[oss-security] 20170605 CVE-2017-9373 Qemu: ide: ahci host memory leakage during hotunplug CVE-2017-9373
MLIST:[oss-security] 20170605 CVE-2017-9375 Qemu: usb: xhci infinite recursive call via xhci_kick_ep CVE-2017-9375
MLIST:[oss-security] 20170606 CVE-2017-9374 Qemu: usb: ehci host memory leakage during hotunplug CVE-2017-9374
MLIST:[oss-security] 20170608 CVE-2017-9503 Qemu: scsi: null pointer dereference while processing megasas command CVE-2017-9503
MLIST:[oss-security] 20170612 CVE-2017-9524 Qemu: nbd: segmentation fault due to client non-negotiation CVE-2017-9524
MLIST:[oss-security] 20170618 Expat 2.2.1 security fixes CVE-2017-9233
MLIST:[oss-security] 20170623 CVE-2017-7518 Kernel: KVM: debug exception via syscall emulation CVE-2017-7518
MLIST:[oss-security] 20170625 CVE-2017-9669 and CVE-2017-9671: Exploitable buffer overflows in apk (Alpine's package manager) CVE-2017-9669 CVE-2017-9671
MLIST:[oss-security] 20170626 CVE-2017-7482 Linux kernel: krb5 ticket decode len check. CVE-2017-7482
MLIST:[oss-security] 20170629 CVE-2017-10664 Qemu: qemu-nbd: server breaks with SIGPIPE upon client abort CVE-2017-10664
MLIST:[oss-security] 20170629 rkhunter: [CVE-2017-7480] Potential RCE after MiTM due to clear text download without signature CVE-2017-7480
MLIST:[oss-security] 20170630 exiv2: multiple memory safety issues CVE-2017-1000126 CVE-2017-1000127 CVE-2017-1000128
MLIST:[oss-security] 20170702 systemd fails to parse user that should run service CVE-2017-1000082
MLIST:[oss-security] 20170707 CVE-2017-10806 Qemu: usb-redirect: stack buffer overflow in debug logging CVE-2017-10806
MLIST:[oss-security] 20170717 CVE-2017-11334 Qemu: exec: oob access during dma operation CVE-2017-11334
MLIST:[oss-security] 20170719 CVE-2017-11434 Qemu: slirp: out-of-bounds read while parsing dhcp options CVE-2017-11434
MLIST:[oss-security] 20170810 CVS and ssh command injection (see CVE-2017-1000117, etc.) CVE-2017-12836
MLIST:[oss-security] 20170810 Linux kernel: CVE-2017-1000112: Exploitable memory corruption due to UFO to non-UFO path switch CVE-2017-1000112
MLIST:[oss-security] 20170811 Re: CVS and ssh command injection (see CVE-2017-1000117, etc.) CVE-2017-12836
MLIST:[oss-security] 20170814 [CVE-2017-9608] null-point-exception happened when ffmpeg using dnxhd decoder to parsing a crafted mv file. CVE-2017-9608
MLIST:[oss-security] 20170815 Re: [CVE-2017-9608] null-point-exception happened when ffmpeg using dnxhd decoder to parsing a crafted mv file. CVE-2017-9608
MLIST:[oss-security] 20170815 Xen Security Advisory 226 (CVE-2017-12135) - multiple problems with transitive grants CVE-2017-12135
MLIST:[oss-security] 20170815 Xen Security Advisory 227 (CVE-2017-12137) - x86: PV privilege escalation via map_grant_ref CVE-2017-12137
MLIST:[oss-security] 20170815 Xen Security Advisory 228 (CVE-2017-12136) - grant_table: Race conditions with maptrack free list handling CVE-2017-12136
MLIST:[oss-security] 20170815 Xen Security Advisory 229 (CVE-2017-12134) - linux: Fix Xen block IO merge-ability calculation CVE-2017-12134
MLIST:[oss-security] 20170816 CVE-2017-12882, CVE-2017-12881: Stored XSS and CSRF on Spring Batch Admin before 1.3.0 CVE-2017-12881 CVE-2017-12882
MLIST:[oss-security] 20170816 imagemagick: heap-based buffer overflow in .omp_outlined..32 (enhance.c) CVE-2017-12876
MLIST:[oss-security] 20170816 imagemagick: use-after-free in DestroyImage (image.c) CVE-2017-12877
MLIST:[oss-security] 20170817 Xen Security Advisory 226 (CVE-2017-12135) - multiple problems with transitive grants CVE-2017-12135
MLIST:[oss-security] 20170817 libfpx: NULL pointer dereference in CDirectory:etDirEntry (dir.cxx) CVE-2017-12920
MLIST:[oss-security] 20170817 libfpx: NULL pointer dereference in OLEStream:riteVT_LPSTR (olestrm.cpp) CVE-2017-12923
MLIST:[oss-security] 20170817 libfpx: NULL pointer dereference in PFileFlashPixView:etGlobalInfoProperty (f_fpxvw.cpp) CVE-2017-12921
MLIST:[oss-security] 20170817 libfpx: NULL pointer dereference in wchar.c CVE-2017-12922
MLIST:[oss-security] 20170817 libfpx: divide-by-zero in CDirVector:etTable (dirfunc.hxx) CVE-2017-12924
MLIST:[oss-security] 20170817 libfpx: double-free in DfFromLB (docfile.cxx) CVE-2017-12925
MLIST:[oss-security] 20170817 libfpx: heap-based buffer overflow in OLEStream:riteVT_LPSTR (olestrm.cpp) CVE-2017-12919
MLIST:[oss-security] 20170821 CVE-2017-12809 Qemu: ide: flushing of empty CDROM drives leads to NULL dereference CVE-2017-12809
MLIST:[oss-security] 20170829 CVE-2017-13711 Qemu: Slirp: use-after-free when sending response CVE-2017-13711
MLIST:[oss-security] 20170830 CVE-2017-13672 Qemu: vga: OOB read access during display update CVE-2017-13672
MLIST:[oss-security] 20170907 CVE-2017-14167 Qemu: i386: multiboot OOB access while loading guest kernel image CVE-2017-14167
MLIST:[oss-security] 20170910 Re: CVE-2017-13673 Qemu: vga: reachable assert failure during during display update CVE-2017-13673
MLIST:[oss-security] 20170918 CVE-2017-14497: Linux kernel: packet: buffer overflow in tpacket_rcv() CVE-2017-14497
MLIST:[oss-security] 20170925 Foreman 1.1+ stored XSS in organizations/locations assignment to hosts CVE-2017-7535
MLIST:[oss-security] 20170929 clamav: Out of bounds read and segfault in xar parser CVE-2018-1000085
MLIST:[oss-security] 20171002 CVE-2017-9807: e2openplugin-OpenWebif: Remote code execution through HTTP GET parameter manipulation CVE-2017-9807
MLIST:[oss-security] 20171004 Fwd: X server fixes for CVE-2017-13721 & CVE-2017-13723 CVE-2017-13721 CVE-2017-13723
MLIST:[oss-security] 20171005 [CVE-2017-14614] GridGain Visor GUI Console - File System Path Traversal CVE-2017-14614
MLIST:[oss-security] 20171006 CVE-2017-15038 Qemu: 9p: virtfs: information disclosure when reading extended attributes CVE-2017-15038
MLIST:[oss-security] 20171011 Linux kernel: alsa: use-after-free in /dev/snd/seq CVE-2017-15265 CVE-2017-15265
MLIST:[oss-security] 20171012 CVE-2017-15289 Qemu: cirrus: OOB access issue in mode4and5 write functions CVE-2017-15289
MLIST:[oss-security] 20171019 CVE requests: ffmpeg/widelands/jifty::db/lilo/libpcap CVE-2011-1935
MLIST:[oss-security] 20171020 [CVE-2017-15186]: ffmpeg: Double free when ffmpeg parsing an craft AVI file to MKV file using ffvhuff decoder CVE-2017-15186
MLIST:[oss-security] 20171023 [KIS-2017-02] Tuleap <= 9.6 Second-Order PHP Object Injection Vulnerability CVE-2017-7411
MLIST:[oss-security] 20171024 Xen Security Advisory 236 (CVE-2017-15597) - pin count / page reference race in grant table code CVE-2017-15597
MLIST:[oss-security] 20171031 Fw: Security risk of vim swap files CVE-2017-1000382 CVE-2017-1000383
MLIST:[oss-security] 20171103 [CVE-2017-15672]: ffmpeg: read out of bounds of buffer when it parsing an craft mp4 file. CVE-2017-15672
MLIST:[oss-security] 20171122 Clickjacking vulnerability in CSRF error page pfSense CVE-2017-1000479
MLIST:[oss-security] 20171123 OpenDayLight: Password change doesn't result in Karaf clearing cache, allowing old password to still be used (CVE-2017-1000406) CVE-2017-1000406
MLIST:[oss-security] 20171128 CVE-2017-16611 libXfont Open files with O_NOFOLLOW CVE-2017-16611
MLIST:[oss-security] 20171128 CVE-2017-16612 libXcursor: heap overflows when parsing malicious files CVE-2017-16612
MLIST:[oss-security] 20171204 CVE-2017-1000407 Kernel: KVM: DoS via write flood to I/O port 0x80 CVE-2017-1000407
MLIST:[oss-security] 20171205 CVE-2017-17381 Qemu: virtio: divide by zero exception while updating rings CVE-2017-17381
MLIST:[oss-security] 20171206 Info Leak in the Linux Kernel via Bluetooth CVE-2017-1000410
MLIST:[oss-security] 20171211 PowerDNS Security Advisory 2017-08 CVE-2017-15120
MLIST:[oss-security] 20171211 Qualys Security Advisory - Buffer overflow in glibc's ld.so CVE-2017-1000408 CVE-2017-1000409
MLIST:[oss-security] 20180103 [CVE-2013-4317] Apache CloudStack information disclosure vulnerability CVE-2013-4317
MLIST:[oss-security] 20180110 CVE-2017-18016 - Paritytech Parity Ethereum built-in Dapp Browser <= v1.6.10 webproxy token reuse same-origin policy bypass CVE-2017-18016
MLIST:[oss-security] 20180111 Libc Realpath Buffer Underflow CVE-2018-1000001 CVE-2018-1000001
MLIST:[oss-security] 20180115 CVE-2017-18030 Qemu: Out-of-bounds access in cirrus_invalidate_region routine CVE-2017-18030
MLIST:[oss-security] 20180115 CVE-2018-5683 Qemu: Out-of-bounds read in vga_draw_text routine CVE-2018-5683
MLIST:[oss-security] 20180116 opendaylight-advisory: Multiple "expired" flows consume the memory resource of CONFIG DS CVE-2017-1000411
MLIST:[oss-security] 20180116 sound driver Conditional competition CVE-2018-1000004
MLIST:[oss-security] 20180119 CVE-2017-18043 Qemu: integer overflow in ROUND_UP macro could result in DoS CVE-2017-18043
MLIST:[oss-security] 20180126 CVE-2018-1294: Apache Commons Email vulnerability information disclosure CVE-2018-1294
MLIST:[oss-security] 20180129 CVE-2018-18078: systemd-tmpfiles root privilege escalation with fs.protected_hardlinks=0 CVE-2017-18078
MLIST:[oss-security] 20180129 Re: CVE-2017-18078: systemd-tmpfiles root privilege CVE-2017-18078
MLIST:[oss-security] 20180207 CVE-2018-6789 Exim 4.90 and earlier: buffer overflow CVE-2018-6789
MLIST:[oss-security] 20180207 Fwe: [scr459004] sfcb - 1.4.9 CVE-2018-6644
MLIST:[oss-security] 20180213 Authentication Bypass Vulnerability in VMware Xenon (CVE-2017-4952) CVE-2017-4952
MLIST:[oss-security] 20180214 Multiple vulnerabilities in Jenkins CVE-2018-6356
MLIST:[oss-security] 20180301 Apache Xerces-C Security Advisory for versions < 3.2.1 [CVE-2017-12627] CVE-2017-12627
MLIST:[oss-security] 20180301 Dovecot Security Advisory: CVE-2017-15130 TLS SNI config lookups are inefficient and can be used for DoS CVE-2017-15130
MLIST:[oss-security] 20180308 CVE-2018-7290: Stored XSS vulnerability in Tiki <= 18 CVE-2018-7290
MLIST:[oss-security] 20180309 CVE-2018-7858 Qemu: cirrus: OOB access when updating vga display CVE-2018-7858
MLIST:[oss-security] 20180315 [CVE-2018-5233] Grav CMS admin plugin Reflected Cross Site Scripting (XSS) vulnerability CVE-2018-5233
MLIST:[oss-security] 20180319 [CVE-2018-8048] Loofah XSS Vulnerability CVE-2018-8048
MLIST:[oss-security] 20180323 CVE-2017-15710: Out of bound write in mod_authnz_ldap when using too small Accept-Language values CVE-2017-15710
MLIST:[oss-security] 20180323 CVE-2017-15715: <FilesMatch> bypass with a trailing newline in the file name CVE-2017-15715
MLIST:[oss-security] 20180323 CVE-2018-1283: Tampering of mod_session data for CGI applications CVE-2018-1283
MLIST:[oss-security] 20180323 CVE-2018-1301: Possible out of bound access after failure in reading the HTTP request CVE-2018-1301
MLIST:[oss-security] 20180323 CVE-2018-1302: Possible write of after free on HTTP/2 stream shutdown CVE-2018-1302
MLIST:[oss-security] 20180323 CVE-2018-1303: Possible out of bound read in mod_cache_socache CVE-2018-1303
MLIST:[oss-security] 20180323 CVE-2018-1312: Weak Digest auth nonce generation in mod_auth_digest CVE-2018-1312
MLIST:[oss-security] 20180326 Multiple vulnerabilities in Jenkins plugins CVE-2018-8718
MLIST:[oss-security] 20180423 Multiple local root vulnerabilities involving PackageKit CVE-2018-1106 CVE-2018-1106
MLIST:[oss-security] 20180424 CVE-2018-1000200 (Linux): Bad memory access on oom kill of large mlocked process CVE-2018-1000200
MLIST:[oss-security] 20180517 Qualys Security Advisory - Procps-ng Audit Report CVE-2018-1120 CVE-2018-1122 CVE-2018-1123 CVE-2018-1124 CVE-2018-1125 CVE-2018-1126
MLIST:[oss-security] 20180521 Dolibarr XSS Injection vulnerability CVE-2018-10095
MLIST:[oss-security] 20180521 [CVE-2018-10092] Dolibarr admin panel authenticated Remote Code Execution (RCE) vulnerability CVE-2018-10092
MLIST:[oss-security] 20180521 [CVE-2018-10094] Dolibarr SQL Injection vulnerability CVE-2018-10094
MLIST:[oss-security] 20180603 CVE-2018-10058 and CVE-2018-10057 - cgminer <=4.10.0 and bfgminer <=5.5.0 remote management api post-auth buffer overflow and path traversal CVE-2018-10057 CVE-2018-10058
MLIST:[oss-security] 20180607 CVE-2018-11806 Qemu: slirp: heap buffer overflow while reassembling fragmented datagrams CVE-2018-11806
MLIST:[oss-security] 20180611 Buffer Overflow in pppd EAP-TLS implementation CVE-2018-11574
MLIST:[oss-security] 20180614 WebKitGTK+ and WPE WebKit Security Advisory WSA-2018-0005 CVE-2018-12293 CVE-2018-12294
MLIST:[oss-security] 20180619 CVE-2018-12558: DOS in perl module Email:ddress CVE-2018-12558
MLIST:[oss-security] 20180627 Xen Security Advisory 264 (CVE-2018-12891) - preemption checks bypassed in x86 PV MM handling CVE-2018-12891
MLIST:[oss-security] 20180627 Xen Security Advisory 265 (CVE-2018-12893) - x86: #DB exception safety check can be triggered by a guest CVE-2018-12893
MLIST:[oss-security] 20180627 Xen Security Advisory 266 (CVE-2018-12892) - libxl fails to honour readonly flag on HVM emulated SCSI disks CVE-2018-12892
MLIST:[oss-security] 20180710 CVE-2018-1331: Apache Storm remote code execution vulnerability CVE-2018-1331
MLIST:[oss-security] 20180711 CVE-2018-10895: Remote code execution due to CSRF in qutebrowser CVE-2018-10895
MLIST:[oss-security] 20180725 [OSSA-2018-002] GET /v3/OS-FEDERATION/projects leaks project information (CVE-2018-14432) CVE-2018-14432
MLIST:[oss-security] 20180802 Re: Stored XSS vulnerabilities in Tiki <= 18.1 CVE-2018-14849 CVE-2018-14850
MLIST:[oss-security] 20180802 Stored XSS vulnerabilities in Tiki <= 18.1 CVE-2018-14849 CVE-2018-14850
MLIST:[oss-security] 20180814 CVE-2018-14722: btrfsmaintenance: Code execution CVE-2018-14722
MLIST:[oss-security] 20180814 X41 D-Sec GmbH Security Advisory X41-2018-001: Multiple Vulnerabilities in Yubico Piv CVE-2018-14779 CVE-2018-14780
MLIST:[oss-security] 20180821 X.Org security advisory: August 21, 2018 CVE-2018-14598 CVE-2018-14599 CVE-2018-14600
MLIST:[oss-security] 20180827 CVE-2018-10938: Linux kernel: net: infinite loop in net/ipv4/cipso_ipv4.c:cipso_v4_optptr() allows a remote DoS CVE-2018-10938
MLIST:[oss-security] 20180828 CVE-2018-15746 Qemu: seccomp: blacklist is not applied to all threads CVE-2018-15746
MLIST:[oss-security] 20180909 Re: Ghostscript 9.24 issues CVE-2018-16802
MLIST:[oss-security] 20180918 CVE-2018-14641: Linux kernel: a security flaw in the ip_frag_reasm() CVE-2018-14641
MLIST:[oss-security] 20180920 X41 D-Sec GmbH Security Advisory X41-2018-008: Multiple Vulnerabilities in HylaFAX CVE-2018-17141
MLIST:[oss-security] 20180925 Multiple vulnerabilities in Jenkins plugins CVE-2018-15531
MLIST:[oss-security] 20181004 CVE update - fixed in Apache Ranger 1.2.0 CVE-2018-11778
MLIST:[oss-security] 20181005 CVE-2018-17977: CentOS ipsec remote denial of service vulnerability CVE-2018-17977
MLIST:[oss-security] 20181008 Qemu: integer overflow issues CVE-2018-17958 CVE-2018-17962 CVE-2018-17963
MLIST:[oss-security] 20181009 ghostscript: bypassing executeonly to escape -dSAFER sandbox (CVE-2018-17961) CVE-2018-17961
MLIST:[oss-security] 20181010 ghostscript: saved execution stacks can leak operator arrays (CVE-2018-18073) CVE-2018-18073
MLIST:[oss-security] 20181016 ghostscript: 1Policy operator gives access to .forceput CVE-2018-18284 CVE-2018-18284
MLIST:[oss-security] 20181017 CVE-2018-18438 Qemu: Integer overflow in ccid_card_vscard_read() allows memory corruption CVE-2018-18438
MLIST:[oss-security] 20181029 Linux kernel: TLB flush happens too late on mremap (CVE-2018-18281; fixed in 4.9.135, 4.14.78, 4.18.16, 4.19) CVE-2018-18281
MLIST:[oss-security] 20181101 Icecast 2.4.4 - CVE-2018-18820 - buffer overflow in url-auth CVE-2018-18820
MLIST:[oss-security] 20181102 CVE-2018-18439, CVE-2018-18440 - U-Boot verified boot bypass vulnerabilities CVE-2018-18439 CVE-2018-18440
MLIST:[oss-security] 20181107 CVE-2018-18954 QEMU: ppc64: Out-of-bounds r/w stack access in pnv_lpc_do_eccb CVE-2018-18954
MLIST:[oss-security] 20181120 CVE-2018-19364 Qemu: 9pfs: Use-after-free due to race condition while updating fid path CVE-2018-19364
MLIST:[oss-security] 20181126 CVE-2018-19489 QEMU: 9pfs: crash due to race condition in renaming files CVE-2018-19489
MLIST:[oss-security] 20181129 CVE-2018-19665 Qemu: bt: integer overflow in Bluetooth routines allows memory corruption CVE-2018-19665
MLIST:[oss-security] 20181206 CVE-2018-16867 QEMU: dev-mtp: path traversal in usb_mtp_write_data of the Media Transfer Protocol (MTP) CVE-2018-16867
MLIST:[oss-security] 20181210 libvnc and tightvnc vulnerabilities CVE-2019-15678 CVE-2019-15679 CVE-2019-15680 CVE-2019-8287
MLIST:[oss-security] 20181213 CVE-2018-20123 QEMU: pvrdma: memory leakage in device hotplug CVE-2018-20123
MLIST:[oss-security] 20181218 CVE-2018-20124 QEMU: rdma: OOB access when building scatter-gather array CVE-2018-20124
MLIST:[oss-security] 20181218 CVE-2018-20191 QEMU: pvrdma: uar_read leads to NULL dereference CVE-2018-20191
MLIST:[oss-security] 20181219 CVE-2018-20125 QEMU: pvrdma: null dereference or excessive memory allocation when creating QP/CQ CVE-2018-20125
MLIST:[oss-security] 20181219 CVE-2018-20126 QEMU: pvrdma: memory leakage when creating cq/qp CVE-2018-20126
MLIST:[oss-security] 20181219 CVE-2018-20216 QEMU: pvrdma: infinite loop in pvrdma_qp_send/recv CVE-2018-20216
MLIST:[oss-security] 20190111 Linux kernel: Bluetooth: two remote infoleaks (CVE-2019-3459, CVE-2019-3460) CVE-2019-3459 CVE-2019-3460
MLIST:[oss-security] 20190123 Linux Kernel: Missing access_ok() checks in IOCTL function (gpu/drm/i915 Driver) CVE-2018-20669
MLIST:[oss-security] 20190218 CVE-2019-6454: systemd (PID1) crash with specially crafted D-Bus message CVE-2019-6454
MLIST:[oss-security] 20190219 CVE-2019-6454: systemd (PID1) crash with specially crafted D-Bus message CVE-2019-6454
MLIST:[oss-security] 20190317 CVE-2019-9573 / CVE-2019-9574: WordPress plugin hrm missing server side authorization checks CVE-2019-9573 CVE-2019-9574
MLIST:[oss-security] 20190318 PowerDNS Security Advisory 2019-03 CVE-2019-3871
MLIST:[oss-security] 20190318 [OSSA-2019-001] Unsupported dport option prevents applying security groups in OpenStack Neutron (CVE-2019-9735) CVE-2019-9735
MLIST:[oss-security] 20190318 [SECURITY ADVISORIES] libssh2 CVE-2019-3855 CVE-2019-3858 CVE-2019-3859 CVE-2019-3862
MLIST:[oss-security] 20190321 ghostscript: 2 -dSAFER bypass: CVE-2019-3835 & CVE-2019-3838 CVE-2019-6116
MLIST:[oss-security] 20190322 [CVE-2019-5418] Amendment: Possible Remote Code Execution Exploit in Action View CVE-2019-5418 CVE-2019-5419
MLIST:[oss-security] 20190323 CVE-2019-0204: Some Mesos components can be overwritten making arbitrary code execution possible. CVE-2019-5736
MLIST:[oss-security] 20190326 [CVE-2019-0225] Apache JSPWiki Local File Inclusion (limited ROOT folder) vulnerability leads to user information disclosure CVE-2019-0225
MLIST:[oss-security] 20190327 [ANNOUNCE] CVE-2019-0222 - Apache ActiveMQ: Corrupt MQTT frame can cause broker shutdown CVE-2019-0222
MLIST:[oss-security] 20190327 [CVE-2019-0212] Apache HBase REST Server incorrect user authorization CVE-2019-0212
MLIST:[oss-security] 20190328 CVE-2019-7524: Buffer overflow when reading extension header from dovecot index files CVE-2019-7524
MLIST:[oss-security] 20190401 CVE-2019-0196: mod_http2, read-after-free on a string compare CVE-2019-0196
MLIST:[oss-security] 20190401 CVE-2019-0197: mod_http2, possible crash on late upgrade CVE-2019-0197
MLIST:[oss-security] 20190401 CVE-2019-0211: Apache HTTP Server privilege escalation from modules' scripts CVE-2019-0211
MLIST:[oss-security] 20190401 CVE-2019-0215: mod_ssl access control bypass CVE-2019-0215
MLIST:[oss-security] 20190401 CVE-2019-0217: mod_auth_digest access control bypass CVE-2019-0217
MLIST:[oss-security] 20190401 CVE-2019-0220: URL normalization inconsistincies CVE-2019-0220
MLIST:[oss-security] 20190407 Re: XSS in roundup bug tracker 404 page CVE-2019-10904
MLIST:[oss-security] 20190409 DLL injection in Go < 1.12.2 [CVE-2019-9634] CVE-2019-9634
MLIST:[oss-security] 20190409 [OSSA-2019-002] neutron-openvswitch-agent: Unable to install new flows on compute nodes when having broken security group rules (CVE-2019-10876) CVE-2019-10876
MLIST:[oss-security] 20190410 CVE-2019-0216, CVE-2019-0229 vulnerabilities affecting Apache Airflow <= 1.10.2 webserver component CVE-2018-20244 CVE-2019-0216 CVE-2019-0229
MLIST:[oss-security] 20190410 WebKitGTK and WPE WebKit Security Advisory WSA-2019-0002 CVE-2018-8383 CVE-2019-11070 CVE-2019-6251
MLIST:[oss-security] 20190414 CVE-2019-3893: Foreman: Compute resource credentials exposed during deletion on API CVE-2019-3893
MLIST:[oss-security] 20190415 Re: Linux kernel < 4.8 local generic ASLR - CVE-ID CVE-2019-11190
MLIST:[oss-security] 20190417 Announce: OpenSSH 8.0 released CVE-2019-6111
MLIST:[oss-security] 20190418 CVE-2019-10691: JSON encoder in Dovecot 2.3 incorrecty assert-crashes when encountering invalid UTF-8 characters. CVE-2019-10691
MLIST:[oss-security] 20190418 Re: Linux kernel < 4.8 local generic ASLR - another CVE-ID CVE-2019-11191
MLIST:[oss-security] 20190418 Re: urllib3: adds system certificates to ssl_context CVE-2019-11324
MLIST:[oss-security] 20190420 [CVE-2019-0218] Apache Pony Mail (incubating) Reflected XSS CVE-2019-0218
MLIST:[oss-security] 20190422 Nokogiri security update v1.10.3 CVE-2019-11068
MLIST:[oss-security] 20190423 Issues fixed in previous releases of Apache Zeppelin 0.7.3 and 0.8.0 (CVE-2017-12619 CVE-2018-1317 CVE-2018-1328) CVE-2017-12619 CVE-2018-1317 CVE-2018-1328
MLIST:[oss-security] 20190423 Re: Nokogiri security update v1.10.3 CVE-2019-11068
MLIST:[oss-security] 20190423 [SECURITY] CVE-2019-0223: Apache Qpid Proton TLS Man in the Middle Vulnerability CVE-2019-0223
MLIST:[oss-security] 20190425 Re: CVE Request: golang-seccomp incorrectly handles multiple syscall arguments CVE-2017-18367
MLIST:[oss-security] 20190425 Re: Security issues in snapcraft snap-confine set*id binary CVE-2019-11502 CVE-2019-11503
MLIST:[oss-security] 20190426 Re: wpa_supplicant/hostapd: EAP-pwd message reassembly issue with unexpected fragment CVE-2019-11555
MLIST:[oss-security] 20190429 Linux kernel: multiple issues CVE-2019-11486 CVE-2019-11487 CVE-2019-11599
MLIST:[oss-security] 20190429 Re: Linux kernel: multiple issues CVE-2019-11599
MLIST:[oss-security] 20190429 [CVE-2019-9826] phpBB Native Fulltext Search denial of service CVE-2019-9826
MLIST:[oss-security] 20190430 Re: Linux kernel: multiple issues CVE-2019-11599
MLIST:[oss-security] 20190430 Spoofing OpenPGP and S/MIME Signatures in Emails (multiple clients) CVE-2017-17848 CVE-2018-12019 CVE-2018-12020 CVE-2018-12356 CVE-2018-12556 CVE-2018-15586 CVE-2018-15587 CVE-2018-15588 CVE-2018-18509 CVE-2019-0728 CVE-2019-8338
MLIST:[oss-security] 20190430 [SECURITY] CVE-2019-0213: Apache Archiva Stored XSS CVE-2019-0213
MLIST:[oss-security] 20190430 [SECURITY] CVE-2019-0214: Apache Archiva arbitrary file write and delete on the server CVE-2019-0214
MLIST:[oss-security] 20190430 [SECURITY] New security advisory CVE-2019-0194 released for Apache Camel CVE-2019-0194
MLIST:[oss-security] 20190502 CVE-2019-11683: "GRO packet of death" issue in the Linux kernel CVE-2019-11683
MLIST:[oss-security] 20190505 Re: CVE-2019-11683: "GRO packet of death" issue in the Linux kernel CVE-2019-11683
MLIST:[oss-security] 20190508 Re: Re: fprintd: found storing user fingerprints without encryption CVE-2017-3762
MLIST:[oss-security] 20190509 [CVE-2018-11800] and [CVE-2018-11801] Apache Fineract SQL Injection Vulnerabilities fixed in v1.3.0 CVE-2018-11800 CVE-2018-11801
MLIST:[oss-security] 20190510 Re: XSS via EXIF tag in Serendipity blog CVE-2019-11870
MLIST:[oss-security] 20190516 Singularity 3.1.0: CVE-2019-11328: namespace privilege escalation and arbitrary file corruption CVE-2018-12021 CVE-2019-11328
MLIST:[oss-security] 20190519 [CVE-2019-10076] Apache JSPWiki Cross-site scripting vulnerability CVE-2019-10076
MLIST:[oss-security] 20190519 [CVE-2019-10077] Apache JSPWiki Cross-site scripting vulnerability CVE-2019-10077
MLIST:[oss-security] 20190519 [CVE-2019-10078] Apache JSPWiki Cross-site scripting vulnerability CVE-2019-10078
MLIST:[oss-security] 20190522 Re: Linux kernel < 4.8 local generic ASLR - another CVE-ID CVE-2019-11191
MLIST:[oss-security] 20190524 [SECURITY][ERRATA-CORRIGE] New security advisory CVE-2019-0188 released for Apache Camel CVE-2019-0188
MLIST:[oss-security] 20190528 CVE-2018-15664: docker (all versions) is vulnerable to a symlink-race attack CVE-2018-15664
MLIST:[oss-security] 20190603 Django: CVE-2019-12308 AdminURLFieldWidget XSS (plus patched bundled jQuery for CVE-2019-11358) CVE-2019-11358 CVE-2019-12308
MLIST:[oss-security] 20190605 Re: CVE-2019-10149: Exim 4.87 to 4.91: possible remote exploit CVE-1999-0095 CVE-1999-0145 CVE-2019-10149
MLIST:[oss-security] 20190605 pam-u2f: CVE-2019-12210: debug_file file descriptor leak, CVE-2019-12209: symlink attack on u2f_keys leading to possible information leak CVE-2019-12209 CVE-2019-12210
MLIST:[oss-security] 20190606 Re: CVE-2019-10149: Exim 4.87 to 4.91: possible remote exploit CVE-1999-0095 CVE-1999-0145 CVE-2019-10149
MLIST:[oss-security] 20190611 CVE-2019-12749: DBusServer DBUS_COOKIE_SHA1 authentication bypass CVE-2019-12749
MLIST:[oss-security] 20190617 Linux and FreeBSD Kernel: Multiple TCP-based remote denial of service issues CVE-2019-5599
MLIST:[oss-security] 20190620 Re: Linux and FreeBSD Kernel: Multiple TCP-based remote denial of service issues CVE-2019-11477
MLIST:[oss-security] 20190620 [ANNOUNCE] Incomplete fixes for CVE-2019-1002101, kubectl cp potential directory traversal - CVE-2019-11246 CVE-2019-1002101
MLIST:[oss-security] 20190624 curl: Windows OpenSSL engine code injection CVE-2019-5443
MLIST:[oss-security] 20190625 CVE-2019-12817: Linux kernel: powerpc: Unrelated processes may be able to read/write to each other's virtual memory CVE-2019-12817
MLIST:[oss-security] 20190627 Re: linux-distros membership application - Microsoft CVE-2017-1000408 CVE-2018-14722 CVE-2019-3459 CVE-2019-3460
MLIST:[oss-security] 20190628 Re: linux-distros membership application - Microsoft CVE-2017-1000408 CVE-2018-1002105 CVE-2018-14722 CVE-2018-5390 CVE-2018-5391 CVE-2019-11477 CVE-2019-11478 CVE-2019-11479 CVE-2019-3459 CVE-2019-3460 CVE-2019-5736
MLIST:[oss-security] 20190629 Irssi 1.2.1/1.1.3/1.0.8: CVE-2019-13045 CVE-2019-13045
MLIST:[oss-security] 20190701 Django: CVE-2019-12781: Incorrect HTTP detection with reverse-proxy connecting via HTTPS CVE-2019-12781
MLIST:[oss-security] 20190703 CVE-2019-13164 Qemu: qemu-bridge-helper ACL bypassed with long interface names CVE-2019-13164
MLIST:[oss-security] 20190704 deepin-clone: various symlink attacks CVE-2019-13226 CVE-2019-13227 CVE-2019-13228 CVE-2019-13229
MLIST:[oss-security] 20190705 CVE-2019-13122: Patchwork: XSS via Message-ID CVE-2019-13122
MLIST:[oss-security] 20190706 Re: linux-distros membership application - Microsoft CVE-2018-1002105 CVE-2018-5390 CVE-2018-5391 CVE-2019-11477 CVE-2019-11478 CVE-2019-11479 CVE-2019-5736
MLIST:[oss-security] 20190708 CVE-2019-13132: zeromq/libzmq: denial of service via stack overflow with arbitrary data CVE-2019-13132
MLIST:[oss-security] 20190708 CVE-2019-13313, CVE-2019-13314: password disclosure via command line arguments CVE-2019-13313 CVE-2019-13314
MLIST:[oss-security] 20190709 Privileged File Access from Desktop Applications CVE-2018-10361 CVE-2019-12447 CVE-2019-12448 CVE-2019-12449
MLIST:[oss-security] 20190722 Re: Two unauthenticated SQL injection vulnerabilities in Onionbuzz WordPress plugin CVE-2019-14230 CVE-2019-14231
MLIST:[oss-security] 20190724 [CVE-2018-1320] Apache Storm vulnerable Thrift version CVE-2018-1320
MLIST:[oss-security] 20190725 Re: Statistics for distros lists updated for 2019Q2 CVE-2019-10149
MLIST:[oss-security] 20190726 Re: CVE-2019-13917 OVE-20190718-0006: Exim: security release ahead CVE-2019-13917
MLIST:[oss-security] 20190726 Re: Statistics for distros lists updated for 2019Q2 CVE-2019-0211 CVE-2019-10149
MLIST:[oss-security] 20190730 CVE-2019-13648: Linux kernel: powerpc: kernel crash in TM handling triggerable by any local user CVE-2019-13648
MLIST:[oss-security] 20190801 CVE-2019-14378 QEMU: slirp: heap buffer overflow during packet reassembly CVE-2019-14378
MLIST:[oss-security] 20190805 Kubernetes v1.13.9, v1.14.5, v1.15.2 released to address CVE-2019-11247, CVE-2019-11249 CVE-2019-1002101
MLIST:[oss-security] 20190806 Re: [musl] CVE request: musl libc 1.1.23 and earlier x87 float stack imbalance CVE-2019-14697
MLIST:[oss-security] 20190806 [OSSA-2019-003] Nova Server Resource Faults Leak External Exception Details (CVE-2019-14433) CVE-2019-14433
MLIST:[oss-security] 20190808 CVE update - fixed in Apache Ranger 2.0.0 CVE-2019-12397
MLIST:[oss-security] 20190809 [ANNOUNCE] Security release of kube-state-metrics v1.7.2 CVE-2019-10223
MLIST:[oss-security] 20190811 Re: linux-distros membership application - Microsoft CVE-2019-3459 CVE-2019-3460
MLIST:[oss-security] 20190814 CVE-2019-10092: Limited cross-site scripting in mod_proxy CVE-2019-10092
MLIST:[oss-security] 20190814 CVE-2019-9517: mod_http2, DoS attack by exhausting h2 workers CVE-2019-9517
MLIST:[oss-security] 20190815 Re: [ANNOUNCE] Security release of kube-state-metrics v1.7.2 CVE-2019-10223
MLIST:[oss-security] 20190818 [CVE-2019-15150] CSRF in MediaWiki extension OAuth2 Client 0.3 CVE-2019-15150
MLIST:[oss-security] 20190819 [ANNOUNCE] Security release of Kubernetes v1.15.3, v1.14.6, v1.13.10 - CVE-2019-9512 and CVE-2019-9514 CVE-2019-9512 CVE-2019-9514
MLIST:[oss-security] 20190820 Linux kernel: multiple vulnerabilities in the USB subsystem x2 CVE-2019-15211 CVE-2019-15212 CVE-2019-15213 CVE-2019-15214 CVE-2019-15215 CVE-2019-15216 CVE-2019-15217 CVE-2019-15218 CVE-2019-15219 CVE-2019-15220 CVE-2019-15221 CVE-2019-15222 CVE-2019-15223 CVE-2019-15291
MLIST:[oss-security] 20190821 RE: CVE-2018-15664: docker (all versions) is vulnerable to a symlink-race attack CVE-2018-15664
MLIST:[oss-security] 20190821 Re: Linux kernel: multiple vulnerabilities in the USB subsystem x2 CVE-2019-15291
MLIST:[oss-security] 20190822 Re: Linux kernel: multiple vulnerabilities in the USB subsystem x2 CVE-2019-15216 CVE-2019-15217 CVE-2019-15218 CVE-2019-15219
MLIST:[oss-security] 20190823 CVE-2019-10071: Timing Attack in HMAC Verification in Apache Tapestry CVE-2014-1972
MLIST:[oss-security] 20190826 CVE-2019-15525: Missing TLS/SSL certificate validation in pw3270 CVE-2019-15525
MLIST:[oss-security] 20190829 Irssi 1.2.2:CVE-2019-15717 CVE-2019-15717
MLIST:[oss-security] 20190829 Re: Irssi 1.2.2:CVE-2019-15717 CVE-2019-15717
MLIST:[oss-security] 20190829 [OSSA-2019-004] Ageing time of 0 disables linuxbridge MAC learning (CVE-2019-15753) CVE-2019-15753
MLIST:[oss-security] 20190906 Re: CVE-2019-15846: Exim - local or remote attacker can execute programs with root privileges. CVE-2019-15846
MLIST:[oss-security] 20190906 Re: Re: CVE-2019-15846: Exim - local or remote attacker can execute programs with root privileges. CVE-2019-15846
MLIST:[oss-security] 20190906 Re: Sv: [exim] CVE-2019-15846: Exim - local or remote attacker can execute programs with root privileges CVE-2019-15846
MLIST:[oss-security] 20190906 Sv: [exim] CVE-2019-15846: Exim - local or remote attacker can execute programs with root privileges CVE-2019-15846
MLIST:[oss-security] 20190907 Re: Sv: [exim] CVE-2019-15846: Exim - local or remote attacker can execute programs with root privileges CVE-2019-15846
MLIST:[oss-security] 20190908 Re: Re: CVE-2019-15846: Exim - local or remote attacker can execute programs with root privileges. CVE-2019-15846
MLIST:[oss-security] 20190909 Re: Sv: [exim] CVE-2019-15846: Exim - local or remote attacker can execute programs with root privileges CVE-2019-15846
MLIST:[oss-security] 20190909 [SECURITY] CVE-2019-12401: XML Bomb in Apache Solr versions prior to 5.0 CVE-2019-12401
MLIST:[oss-security] 20190911 [SECURITY ADVISORY] curl: TFTP small blocksize heap buffer overflow CVE-2019-5436
MLIST:[oss-security] 20190911 pam_p11 0.3.1 released CVE-2019-16058
MLIST:[oss-security] 20190912 3 CVEs in dino CVE-2019-16235 CVE-2019-16236 CVE-2019-16237
MLIST:[oss-security] 20190912 Re: hostapd/wpa_supplicant: AP mode PMF disconnection protection bypass CVE-2019-16275
MLIST:[oss-security] 20190917 Re: OpenDMARC signature bypass with multiple From addresses CVE-2019-16378
MLIST:[oss-security] 20190924 CVE-2019-16714: info leak in RDS rds6_inc_info_copy CVE-2019-16714
MLIST:[oss-security] 20190925 CVE-2019-16714: Linux kernel net/rds: info leak vulnerability in rds6_inc_info_copy CVE-2019-16714
MLIST:[oss-security] 20190927 Re: Linux kernel: multiple vulnerabilities in the USB subsystem x2 CVE-2019-15098
MLIST:[oss-security] 20190928 Exim CVE-2019-16928 RCE using a heap-based buffer overflow CVE-2019-16928
MLIST:[oss-security] 20190928 Re: Exim CVE-2019-16928 RCE using a heap-based buffer overflow CVE-2019-16928
MLIST:[oss-security] 20190929 Re: Exim CVE-2019-16928 RCE using a heap-based buffer overflow CVE-2019-16928
MLIST:[oss-security] 20191002 Minerva: ECDSA key recovery from bit-length leakage CVE-2019-13627 CVE-2019-13628 CVE-2019-13629 CVE-2019-14318 CVE-2019-15809 CVE-2019-2894
MLIST:[oss-security] 20191002 Multiple vulnerabilities in Online store system v1.0 Stored XSS and unauthenticated product deletions. CVE-2019-8288 CVE-2019-8289 CVE-2019-8290 CVE-2019-8291 CVE-2019-8292
MLIST:[oss-security] 20191008 CVE-2019-16760: Cargo prior to Rust 1.26.0 may download the wrong dependency CVE-2019-16760
MLIST:[oss-security] 20191009 Re: Multiple vulnerabilities in Centreon-Web and Centreon-VM CVE-2018-21020 CVE-2018-21021 CVE-2018-21022 CVE-2018-21023 CVE-2018-21024 CVE-2018-21025 CVE-2019-17104 CVE-2019-17105 CVE-2019-17106 CVE-2019-17107 CVE-2019-17108
MLIST:[oss-security] 20191010 Re: CVE-2019-17365: Nix per-user profile directory hijack CVE-2019-17365
MLIST:[oss-security] 20191014 Sudo: CVE-2019-14287 CVE-2019-14287
MLIST:[oss-security] 20191015 Fwd: [CVE-2016-4977] Apache Fineract remote code execution vulnerabilities fixed in v1.3.0 CVE-2016-4977
MLIST:[oss-security] 20191015 Re: Sudo: CVE-2019-14287 CVE-2019-14287
MLIST:[oss-security] 20191016 [SBA-ADV-20190913-02] CVE-2019-16521: WordPress Plugin - Broken Link Checker <= 1.11.8 - Reflected XSS CVE-2019-16521
MLIST:[oss-security] 20191016 [SBA-ADV-20190913-03] CVE-2019-16523: WordPress Plugin - Events Manager <= 5.9.5 - Stored XSS CVE-2019-16523
MLIST:[oss-security] 20191016 [SBA-ADV-20190913-04] CVE-2019-16520: WordPress Plugin - All in One SEO Pack <= 3.2.6 - Stored XSS CVE-2019-16520
MLIST:[oss-security] 20191017 CVE-2019-18192: Insecure permissions on Guix profile directory CVE-2019-17365 CVE-2019-18192
MLIST:[oss-security] 20191023 Membership application for linux-distros - VMware CVE-2017-11479 CVE-2019-11477 CVE-2019-11478 CVE-2019-14287 CVE-2019-5736
MLIST:[oss-security] 20191025 Security fixes from Android 10 release which are relevant outside the Android ecosystem? CVE-2019-9232 CVE-2019-9278 CVE-2019-9325 CVE-2019-9371 CVE-2019-9423 CVE-2019-9433
MLIST:[oss-security] 20191025 Xen Security Advisory 284 v3 (CVE-2019-17340) - grant table transfer issues on large hosts CVE-2019-17340
MLIST:[oss-security] 20191025 Xen Security Advisory 285 v3 (CVE-2019-17341) - race with pass-through device hotplug CVE-2019-17341
MLIST:[oss-security] 20191025 Xen Security Advisory 287 v3 (CVE-2019-17342) - x86: steal_page violates page_struct access discipline CVE-2019-17342
MLIST:[oss-security] 20191025 Xen Security Advisory 288 v3 (CVE-2019-17343) - x86: Inconsistent PV IOMMU discipline CVE-2019-17343
MLIST:[oss-security] 20191025 Xen Security Advisory 290 v3 (CVE-2019-17344) - missing preemption in x86 PV page table unvalidation CVE-2019-17344
MLIST:[oss-security] 20191025 Xen Security Advisory 291 v3 (CVE-2019-17345) - x86/PV: page type reference counting issue with failed IOMMU update CVE-2019-17345
MLIST:[oss-security] 20191025 Xen Security Advisory 292 v3 (CVE-2019-17346) - x86: insufficient TLB flushing when using PCID CVE-2019-17346
MLIST:[oss-security] 20191025 Xen Security Advisory 293 v4 (CVE-2019-17347) - x86: PV kernel context switch corruption CVE-2019-17347
MLIST:[oss-security] 20191025 Xen Security Advisory 294 v3 (CVE-2019-17348) - x86 shadow: Insufficient TLB flushing when using PCID CVE-2019-17348
MLIST:[oss-security] 20191025 Xen Security Advisory 300 v3 (CVE-2019-17351) - Linux: No grant table and foreign mapping limits CVE-2019-17351
MLIST:[oss-security] 20191026 Re: Security fixes from Android 10 release which are relevant outside the Android ecosystem? CVE-2019-9232 CVE-2019-9278 CVE-2019-9325 CVE-2019-9371 CVE-2019-9423 CVE-2019-9433
MLIST:[oss-security] 20191029 Re: Membership application for linux-distros - VMware CVE-2017-11479 CVE-2019-11477 CVE-2019-11478 CVE-2019-14287 CVE-2019-5736
MLIST:[oss-security] 20191031 Xen Security Advisory 296 v4 (CVE-2019-18420) - VCPUOP_initialise DoS CVE-2019-18420
MLIST:[oss-security] 20191031 Xen Security Advisory 298 v3 (CVE-2019-18425) - missing descriptor table limit checking in x86 PV emulation CVE-2019-18425
MLIST:[oss-security] 20191031 Xen Security Advisory 299 v4 (CVE-2019-18421) - Issues with restartable PV type change operations CVE-2019-18421
MLIST:[oss-security] 20191031 Xen Security Advisory 301 v3 (CVE-2019-18423) - add-to-physmap can be abused to DoS Arm hosts CVE-2019-18423
MLIST:[oss-security] 20191031 Xen Security Advisory 302 v5 (CVE-2019-18424) - passed through PCI devices may corrupt host memory after deassignment CVE-2019-18424
MLIST:[oss-security] 20191031 Xen Security Advisory 303 v4 (CVE-2019-18422) - ARM: Interrupts are unconditionally unmasked in exception handlers CVE-2019-18422
MLIST:[oss-security] 20191104 [CVE-2019-10084] privilege escalation by authenticated Apache Impala users CVE-2019-10084
MLIST:[oss-security] 20191105 Re: [ Linux kernel ] Exploitable bugs in drivers/media/platform/vivid CVE-2019-18683
MLIST:[oss-security] 20191107 Re: Security fixes from Android 10 release which are relevant outside the Android ecosystem? CVE-2019-9232 CVE-2019-9278 CVE-2019-9325 CVE-2019-9371 CVE-2019-9423 CVE-2019-9433
MLIST:[oss-security] 20191107 [CVE-2019-12408][CVE-2019-12410] Uninitialized Memory Vulnerabilities fixed in Apache Arrow 0.15.1 CVE-2019-12410
MLIST:[oss-security] 20191115 CVE-2019-14869 ghostscript: -dSAFER escape in .charkeys CVE-2019-14869
MLIST:[oss-security] 20191117 Nokogiri security update v1.10.5 CVE-2019-13117 CVE-2019-13118 CVE-2019-18197
MLIST:[oss-security] 20191119 CVE-2019-18934 Unbound: Vulnerability in IPSEC module CVE-2019-18934
MLIST:[oss-security] 20191127 CVE-2019-0219: Apache Cordova InAppBrowser Privilege Escalation (Android) CVE-2019-0219
MLIST:[oss-security] 20191128 CVE-2019-18660: Linux kernel: powerpc: missing Spectre-RSB mitigation CVE-2019-18660
MLIST:[oss-security] 20191202 Django 2.2.8 and 2.1.15: CVE-2019-19118: Privilege escalation in the Django admin. CVE-2019-19118
MLIST:[oss-security] 20191203 Linux kernel: multiple vulnerabilities in the USB subsystem x3 CVE-2019-19523 CVE-2019-19524 CVE-2019-19525 CVE-2019-19526 CVE-2019-19527 CVE-2019-19528 CVE-2019-19529 CVE-2019-19530 CVE-2019-19531 CVE-2019-19532 CVE-2019-19533 CVE-2019-19534 CVE-2019-19535 CVE-2019-19536 CVE-2019-19537
MLIST:[oss-security] 20191204 Authentication vulnerabilities in OpenBSD CVE-2019-19519 CVE-2019-19520 CVE-2019-19521 CVE-2019-19522
MLIST:[oss-security] 20191204 Re: Authentication vulnerabilities in OpenBSD CVE-2019-19520 CVE-2019-19521
MLIST:[oss-security] 20191204 [CVE-2019-14899] Inferring and hijacking VPN-tunneled TCP connections. CVE-2019-9461
MLIST:[oss-security] 20191205 Re: [CVE-2019-14899] Inferring and hijacking VPN-tunneled TCP connections. CVE-2019-9461
MLIST:[oss-security] 20191205 Xen Security Advisory 306 v3 (CVE-2019-19579) - Device quarantine for alternate pci assignment methods CVE-2019-19579
MLIST:[oss-security] 20191208 Re: [CVE-2019-14899] Inferring and hijacking VPN-tunneled TCP connections. CVE-2019-9461
MLIST:[oss-security] 20191210 CVE-2019-19338 Kernel: KVM: export MSR_IA32_TSX_CTRL to guest - incomplete fix for TAA (CVE-2019-11135) CVE-2019-11135
MLIST:[oss-security] 20191210 Re: CVE-2019-19338 Kernel: KVM: export MSR_IA32_TSX_CTRL to guest - incomplete fix for TAA (CVE-2019-11135) CVE-2019-11135
MLIST:[oss-security] 20191210 Re: CVE-2019-5544 openslp 1.2.1, 2.0.0 heap overflow vulnerability CVE-2019-5544
MLIST:[oss-security] 20191211 Re: CVE-2019-19338 Kernel: KVM: export MSR_IA32_TSX_CTRL to guest - incomplete fix for TAA (CVE-2019-11135) CVE-2019-11135
MLIST:[oss-security] 20191211 Re: CVE-2019-5544 openslp 1.2.1, 2.0.0 heap overflow vulnerability CVE-2019-5544
MLIST:[oss-security] 20191211 [OSSA-2019-006] Keystone: Credentials API allows listing and retrieving of all users credentials (CVE-2019-19687) CVE-2019-19687
MLIST:[oss-security] 20191212 Apache SpamAssassin v3.4.3 released with fix for CVE-2018-11805 CVE-2018-11805
MLIST:[oss-security] 20191212 Apache SpamAssassin v3.4.3 released with fix for CVE-2019-12420 CVE-2019-12420
MLIST:[oss-security] 20191213 Multiple vulnerabilities fixed in Git CVE-2019-19604
MLIST:[oss-security] 20191218 Re: [CVE-2019-16782] Possible Information Leak / Session Hijack Vulnerability in Rack CVE-2019-16782
MLIST:[oss-security] 20191218 [CVE-2019-16782] Possible Information Leak / Session Hijack Vulnerability in Rack CVE-2019-16782
MLIST:[oss-security] 20191218 [CVE-2019-17571] Apache Log4j 1.2 deserialization of untrusted data in SocketServer CVE-2017-5645
MLIST:[oss-security] 20191219 Re: [CVE-2019-16782] Possible Information Leak / Session Hijack Vulnerability in Rack CVE-2019-16782
MLIST:[oss-security] 20191220 VNC vulnerabilities. TigerVNC security update CVE-2019-15691 CVE-2019-15692 CVE-2019-15693 CVE-2019-15694 CVE-2019-15695
MLIST:[oss-security] 20191223 Arbitrary file upload vulnerability in upload-image-with-ajax v1.0 CVE-2019-8292
MLIST:[oss-security] 20191223 Re: Arbitrary file upload vulnerability in upload-image-with-ajax v1.0 CVE-2019-8292 CVE-2019-8293
MLIST:[oss-security] 20191224 CVE-2019-19947: Linux kernel can: kvaser_usb: kvaser_usb_leaf: some info-leaks vulnerabilities CVE-2019-19947
MLIST:[oss-security] 20191229 OpenSC 0.20.0 released CVE-2019-15945 CVE-2019-15946 CVE-2019-19479 CVE-2019-19480 CVE-2019-19481 CVE-2019-6502
MLIST:[oss-security] 20200113 CVE-2019-12399: Apache Kafka Connect REST API may expose plaintext secrets in tasks endpoint CVE-2019-12399
MLIST:[oss-security] 20200114 [CVE-2019-12398] Apache Airflow Stored XSS vulnerability in classic UI CVE-2019-12398
MLIST:[oss-security] 20200120 CVE-2019-18932: sarg: insecure usage of /tmp/sarg allows privilege escalation / DoS attack vector CVE-2019-18932
MLIST:[oss-security] 20200120 CVE-2020-2656, CVE-2020-2696 - Multiple vulnerabilities in Oracle Solaris CVE-2020-2656 CVE-2020-2696
MLIST:[oss-security] 20200120 CVE-2020-5202: apt-cacher-ng: a local unprivileged user can impersonate the apt-cacher-ng daemon, possible credentials leak CVE-2020-5202
MLIST:[oss-security] 20200121 CVE-2019-20384: Portage insecure temporary location CVE-2019-20384
MLIST:[oss-security] 20200121 Re: CVE-2020-7040: storeBackup: denial of service and symlink attack vector via fixed lockfile path /tmp/storeBackup.lock CVE-2020-7040
MLIST:[oss-security] 20200122 Re: CVE-2020-7040: storeBackup: denial of service and symlink attack vector via fixed lockfile path /tmp/storeBackup.lock CVE-2020-7040
MLIST:[oss-security] 20200123 Re: CVE-2020-7040: storeBackup: denial of service and symlink attack vector via fixed lockfile path /tmp/storeBackup.lock CVE-2020-7040
MLIST:[oss-security] 20200124 RE: [CVE-2019-17570] xmlrpc-common untrusted deserialization CVE-2019-17570
MLIST:[oss-security] 20200124 Re: Plone security hotfix 20200121 CVE-2020-7936 CVE-2020-7937 CVE-2020-7938 CVE-2020-7939 CVE-2020-7940 CVE-2020-7941
MLIST:[oss-security] 20200127 Re: CVE-2019-18932: sarg: insecure usage of /tmp/sarg allows privilege escalation / DoS attack vector CVE-2019-18932
MLIST:[oss-security] 20200128 CVE-2020-1940: Apache Jackrabbit Oak sensitive information disclosure vulnerability CVE-2020-1940
MLIST:[oss-security] 20200129 Re: Linux kernel: user-triggerable read-after-free crash or 1-bit infoleak oracle in open(2) CVE-2020-8428
MLIST:[oss-security] 20200130 CVE-2019-18634: buffer overflow in sudo when pwfeedback is enabled CVE-2019-18634
MLIST:[oss-security] 20200130 CVE-2019-3016: information leak within a KVM guest CVE-2019-3016
MLIST:[oss-security] 20200130 [CVE-2020-1930] Apache SpamAssassin Nefarious rule configuration (.cf) files can be configured to run system commands CVE-2018-11805
MLIST:[oss-security] 20200130 [CVE-2020-1931] Apache SpamAssassin Nefarious rule configuration (.cf) files can be configured to run system commands with warnings. CVE-2018-11805
MLIST:[oss-security] 20200131 Re: CVE-2019-18634: buffer overflow in sudo when pwfeedback is enabled CVE-2019-18634
MLIST:[oss-security] 20200202 Re: Linux kernel: user-triggerable read-after-free crash or 1-bit infoleak oracle in open(2) CVE-2020-8428
MLIST:[oss-security] 20200203 Django 3.0.3, 2.2.10 and 1.11.28: CVE-2020-7471: Potential SQL injection via ``StringAgg(delimiter)`` CVE-2020-7471
MLIST:[oss-security] 20200205 Re: CVE-2019-18634: buffer overflow in sudo when pwfeedback is enabled CVE-2019-18634
MLIST:[oss-security] 20200211 Potential regression and/or incomplete fix for CVE-2017-12762 CVE-2017-12762
MLIST:[oss-security] 20200211 Re: Potential regression and/or incomplete fix for CVE-2017-12762 CVE-2017-12762
MLIST:[oss-security] 20200214 Re: CVE for program distributing vulnerable components ? CVE-2018-16428
MLIST:[oss-security] 20200214 Re: Potential regression and/or incomplete fix for CVE-2017-12762 CVE-2017-12762
MLIST:[oss-security] 20200219 [OSSA-2020-001] Nova can leak consoleauth token into log files (CVE-2015-9543) CVE-2015-9543
MLIST:[oss-security] 20200224 Local information disclosure in OpenSMTPD (CVE-2020-8793) CVE-2020-8793
MLIST:[oss-security] 20200225 CVE-2020-9391: Ignoring the top byte of addresses in brk causes heap corruption (AArch64) CVE-2020-9391
MLIST:[oss-security] 20200225 Re: Re: GNU screen "out of bounds access when setting w_xtermosc after OSC 49" CVE-2020-9366
MLIST:[oss-security] 20200226 Re: LPE and RCE in OpenSMTPD's default install (CVE-2020-8794) CVE-2020-8794
MLIST:[oss-security] 20200227 Hostapd fails at seeding PRNGS, leading to insufficient entropy (CVE-2016-10743 and CVE-2019-10064) CVE-2016-10743 CVE-2019-10064
MLIST:[oss-security] 20200227 Re: Hostapd fails at seeding PRNGS, leading to insufficient entropy (CVE-2016-10743 and CVE-2019-10064) CVE-2016-10743 CVE-2019-10064
MLIST:[oss-security] 20200301 Re: LPE and RCE in OpenSMTPD's default install (CVE-2020-8794) CVE-2020-8794
MLIST:[oss-security] 20200306 CVE-2020-10174: timeshift: arbitrary local code execution due to unsafe usage of temporary directory in /tmp/timeshift CVE-2020-10174
MLIST:[oss-security] 20200311 [OSSA-2020-002] Manila: Unprivileged users can retrieve, use and manipulate share networks (CVE-2020-9543) CVE-2020-9543
MLIST:[oss-security] 20200319 [CVE-2020-5267] Possible XSS vulnerability in ActionView CVE-2020-5267
MLIST:[oss-security] 20200401 CVE-2020-1927: mod_rewrite configurations vulnerable to open redirect CVE-2019-10098
MLIST:[oss-security] 20200403 Re: CVE-2020-1927: mod_rewrite configurations vulnerable to open redirect CVE-2020-1927
MLIST:[oss-security] 20200406 CVE-2020-11102 QEMU: tulip: OOB access in tulip_copy_tx_buffers CVE-2020-11102
MLIST:[oss-security] 20200408 Re: [CVE-2019-16782] Possible Information Leak / Session Hijack Vulnerability in Rack CVE-2019-16782
MLIST:[oss-security] 20200409 Re: [CVE-2019-16782] Possible Information Leak / Session Hijack Vulnerability in Rack CVE-2019-16782
MLIST:[oss-security] 20200414 Xen Security Advisory 313 v3 (CVE-2020-11740,CVE-2020-11741) - multiple xenoprof issues CVE-2020-11740 CVE-2020-11741
MLIST:[oss-security] 20200414 Xen Security Advisory 314 v3 (CVE-2020-11739) - Missing memory barriers in read-write unlock paths CVE-2020-11739
MLIST:[oss-security] 20200414 Xen Security Advisory 316 v3 (CVE-2020-11743) - Bad error path in GNTTABOP_map_grant CVE-2020-11743
MLIST:[oss-security] 20200414 Xen Security Advisory 318 v3 (CVE-2020-11742) - Bad continuation handling in GNTTABOP_copy CVE-2017-12135 CVE-2020-11742
MLIST:[oss-security] 20200415 CVE-2020-10942 Kernel: vhost-net: stack overflow in get_raw_socket while checking sk_family field CVE-2020-10942
MLIST:[oss-security] 20200415 CVE-2020-2771, CVE-2020-2851, CVE-2020-2944 - Multiple vulnerabilities in Oracle Solaris CVE-2020-2771 CVE-2020-2851 CVE-2020-2944
MLIST:[oss-security] 20200415 CVE-2020-5260: Git: malicious URLs may cause Git to present stored credentials to the wrong server CVE-2020-5260
MLIST:[oss-security] 20200415 Re: CVE-2020-5260: Git: malicious URLs may cause Git to present stored credentials to the wrong server CVE-2020-5260
MLIST:[oss-security] 20200420 CVE-2020-11008: Git: Malicious URLs can still cause Git to send a stored credential to the wrong server CVE-2020-5260
MLIST:[oss-security] 20200421 Re: Pacman package manager - taking untrusted input CVE-2016-5434
MLIST:[oss-security] 20200421 Re: re2c: heap overflow in Scanner::fill (scanner.cc) CVE-2020-11958
MLIST:[oss-security] 20200422 [CVE-2020-1967] OpenSSL 1.1.1d+ Segmentation fault in SSL_check_chain CVE-2020-1967
MLIST:[oss-security] 20200423 [ADVISORY] SQUID-2019:12 Multiple issues in ESI Response processing CVE-2019-12519 CVE-2019-12521
MLIST:[oss-security] 20200424 Re: mailman 2.x: XSS via file attachments in list archives CVE-2020-12137
MLIST:[oss-security] 20200507 Re: [OSSA-2020-003] Keystone: Keystone does not check signature TTL of the EC2 credential auth method (CVE PENDING) CVE-2020-12692
MLIST:[oss-security] 20200507 Re: [OSSA-2020-004] Keystone: Keystone credential endpoints allow owner modification and are not protected from a scoped context (CVE PENDING) CVE-2020-12689 CVE-2020-12691
MLIST:[oss-security] 20200507 Re: [OSSA-2020-005] Keystone: OAuth1 request token authorize silently ignores roles parameter (CVE PENDING) CVE-2020-12690
MLIST:[oss-security] 20200508 Linux kernel: two buffer overflow in the marvell wifi driver CVE-2020-12653 CVE-2020-12654
MLIST:[oss-security] 20200514 Re: [SECURITY] New security advisory CVE-2020-11972 released for Apache Camel CVE-2020-11972
MLIST:[oss-security] 20200514 Re: re2c: infinite loop CVE-2018-21232
MLIST:[oss-security] 20200514 [SECURITY] New security advisory CVE-2020-11971 released for Apache Camel CVE-2020-11971
MLIST:[oss-security] 20200514 [SECURITY] New security advisory CVE-2020-11972 released for Apache Camel CVE-2020-11972
MLIST:[oss-security] 20200514 [SECURITY] New security advisory CVE-2020-11973 released for Apache Camel CVE-2020-11973
MLIST:[oss-security] 20200518 Multiple vulnerabilities in Dovecot IMAP server CVE-2020-10957 CVE-2020-10958 CVE-2020-10967
MLIST:[oss-security] 20200519 CVE-2020-12888 Kernel: vfio: access to disabled MMIO space of some devices may lead to DoS scenario CVE-2020-12888
MLIST:[oss-security] 20200519 PowerDNS Recursor 4.3.1, 4.2.2. and 4.1.16 released fixing multiple vulnerabilities CVE-2020-12244
MLIST:[oss-security] 20200519 Remote Code Execution in qmail (CVE-2005-1513) CVE-2005-1513 CVE-2005-1514 CVE-2005-1515
MLIST:[oss-security] 20200519 Two vulnerabilities disclosed in BIND (CVE-2020-8616 and CVE-2020-8617) CVE-2020-8616 CVE-2020-8617
MLIST:[oss-security] 20200519 Unbound - CVE-2020-12662, CVE-2020-12663 CVE-2020-12662 CVE-2020-12663
MLIST:[oss-security] 20200519 [CVE-2020-12667] Knot Resolver 5.1.1 NXNSAttack mitigation CVE-2020-12667
MLIST:[oss-security] 20200520 Re: Remote Code Execution in qmail (CVE-2005-1513) CVE-2005-1513 CVE-2005-1514 CVE-2005-1515
MLIST:[oss-security] 20200601 CVE-2020-8555: Kubernetes: Half-Blind SSRF in kube-controller-manager CVE-2020-8555
MLIST:[oss-security] 20200603 [CVE-2020-1963] Apache Ignite access to file system disclosure vulnerability CVE-2020-1963
MLIST:[oss-security] 20200608 CVE-2020-13881: pam_tacplus 1.3.8 through 1.5.1, the TACACS+ shared secret gets logged via syslog if configured with debug parameter CVE-2020-13881
MLIST:[oss-security] 20200608 hostapd: UPnP SUBSCRIBE misbehavior in hostapd WPS AP CVE-2020-12695
MLIST:[oss-security] 20200609 Re: Grafana 6.7.4 and 7.0.2 released with fix for CVE-2020-13379 CVE-2020-13379
MLIST:[oss-security] 20200610 Re: kernel: Multiple SSBD related flaws CVE-2020-10766 , CVE-2020-10767, CVE-2020-10768 CVE-2018-3639
MLIST:[oss-security] 20200610 kernel: Multiple SSBD related flaws CVE-2020-10766 , CVE-2020-10767, CVE-2020-10768 CVE-2018-3639
MLIST:[oss-security] 20200615 Re: CVE-2020-13754 QEMU: msix: OOB access during mmio operations may lead to DoS CVE-2020-13754
MLIST:[oss-security] 20200616 Re: Remote Code Execution in qmail (CVE-2005-1513) CVE-2005-1513
MLIST:[oss-security] 20200619 [SECURITY] CVE-2020-9495: Apache Archiva login service is vulnerable to LDAP injection CVE-2020-9495
MLIST:[oss-security] 20200625 [cve-request@...re.org: Re: [scr916814] net-snmp - Perhaps only unreleased development versions; fix appears to be in v5.8.1.pre1] CVE-2019-20892
MLIST:[oss-security] 20200630 Re: libvncserver: old websocket decoding patch CVE-2017-18922
MLIST:[oss-security] 20200706 CVE-2020-13640: WordPress Plugin wpDiscuz <= 5.3.5 SQL injection CVE-2020-13640
MLIST:[oss-security] 20200707 Xen Security Advisory 317 v3 (CVE-2020-15566) - Incorrect error handling in event channel port allocation CVE-2020-15566
MLIST:[oss-security] 20200707 Xen Security Advisory 319 v3 (CVE-2020-15563) - inverted code paths in x86 dirty VRAM tracking CVE-2020-15563
MLIST:[oss-security] 20200707 Xen Security Advisory 321 v3 (CVE-2020-15565) - insufficient cache write-back under VT-d CVE-2020-15565
MLIST:[oss-security] 20200707 Xen Security Advisory 327 v3 (CVE-2020-15564) - Missing alignment check in VCPUOP_register_vcpu_info CVE-2020-15564
MLIST:[oss-security] 20200707 Xen Security Advisory 328 v3 (CVE-2020-15567) - non-atomic modification of live EPT PTE CVE-2020-15567
MLIST:[oss-security] 20200709 SQL Injection in search field of phpzag live add edit delete data tables records with ajax php mysql CVE-2020-8519 CVE-2020-8520 CVE-2020-8521
MLIST:[oss-security] 20200709 X41 D-Sec GmbH Security Advisory X41-2020-006: Memory Corruption Vulnerability in bspatch CVE-2014-9862
MLIST:[oss-security] 20200710 WebKitGTK and WPE WebKit Security Advisory WSA-2020-0006 CVE-2017-5226
MLIST:[oss-security] 20200714 Flatcar membership on the linux-distros list CVE-2020-0543
MLIST:[oss-security] 20200714 [SECURITY][CVE-2020-13925] Apache Kylin command injection vulnerability CVE-2020-1956
MLIST:[oss-security] 20200719 CVE-2018-21036: Sails.js before v1.0.0-46 DoS CVE-2018-21036
MLIST:[oss-security] 20200720 CVE-2020-13932 Apache ActiveMQ Artemis - Remote XSS in Web console Diagram Plugin CVE-2017-5648
MLIST:[oss-security] 20200720 Re: Re: lockdown bypass on mainline kernel for loading unsigned modules CVE-2020-15780
MLIST:[oss-security] 20200720 Re: Re: lockdown bypass on ubuntu 18.04's 4.15 kernel for loading unsigned modules CVE-2019-20908
MLIST:[oss-security] 20200721 CVE-2020-15859 QEMU: net: e1000e: use-after-free while sending packets CVE-2020-15859
MLIST:[oss-security] 20200721 Xen Security Advisory 329 v3 (CVE-2020-15852) - Linux ioperm bitmap context switching issues CVE-2020-15852
MLIST:[oss-security] 20200729 multiple secure boot grub2 and linux kernel vulnerabilities CVE-2019-20908 CVE-2020-10713 CVE-2020-14308 CVE-2020-15705 CVE-2020-15706 CVE-2020-15707 CVE-2020-15780
MLIST:[oss-security] 20200730 Re: UEFI SecureBoot bypass fixes rolled out to kernels below radar CVE-2019-20908 CVE-2020-15780
MLIST:[oss-security] 20200730 UEFI SecureBoot bypass fixes rolled out to kernels below radar CVE-2019-20908 CVE-2020-15780
MLIST:[oss-security] 20200805 [CVE-2020-13921] Apache SkyWalking SQL injection vulnerability after H2/MySQL/TiDB storage option activated. CVE-2020-13921
MLIST:[oss-security] 20200808 Re: CVE-2020-11984: Apache httpd: mod_uwsgi buffer overlow CVE-2019-10092 CVE-2020-11984
MLIST:[oss-security] 20200810 Re: CVE-2020-11984: Apache httpd: mod_uwsgi buffer overlow CVE-2020-11984
MLIST:[oss-security] 20200812 CVE-2020-12100: Dovecot IMAP server: Receiving mail with deeply nested MIME parts leads to resource exhaustion CVE-2020-12100
MLIST:[oss-security] 20200813 CVE-2020-16843: Firecracker v0.20.0, v0.21.0 and v0.21.1 network stack can freeze under heavy ingress traffic CVE-2020-16843
MLIST:[oss-security] 20200813 Re: Re: [FD] libcroco multiple vulnerabilities CVE-2017-8834 CVE-2017-8871 CVE-2020-12825
MLIST:[oss-security] 20200814 Re: [TrouSerS-tech] Multiple Security Issues in the TrouSerS tpm1.2 tscd Daemon CVE-2020-24330 CVE-2020-24331 CVE-2020-24332
MLIST:[oss-security] 20200817 Re: CVE-2020-11984: Apache httpd: mod_uwsgi buffer overlow CVE-2020-11984
MLIST:[oss-security] 20200817 Vulnerability in Jenkins CVE-2019-17638
MLIST:[oss-security] 20200824 CVE-2019-20794 kernel: task processes not being properly ended could lead to resource exhaustion CVE-2019-20794
MLIST:[oss-security] 20200825 Re: Fossil-SCM patch fixes RCE in all historic versions CVE-2020-24614
MLIST:[oss-security] 20200825 Re: X.Org server security advisory: August 25, 2020 CVE-2020-1436
MLIST:[oss-security] 20200825 X.Org server security advisory: August 25, 2020 CVE-2020-1436
MLIST:[oss-security] 20200831 CVE-2016-3427 Apache Cassandra Unspecified vulnerability related to JMX CVE-2016-3427
MLIST:[oss-security] 20200901 CVE-2020-13946 Apache Cassandra RMI Rebind Vulnerability CVE-2019-2684
MLIST:[oss-security] 20200903 CVE-2020-25125: gnupg2: buffer overflow when importing a key with AEAD preferences CVE-2020-25125
MLIST:[oss-security] 20200903 GNUPG released with AEAD sec fix CVE-2020-25125 CVE-2020-25125
MLIST:[oss-security] 20200908 Re: Re: [FD] libcroco multiple vulnerabilities CVE-2020-12825
MLIST:[oss-security] 20200910 Re: CVE Request: Linux kernel vsyscall page refcounting error CVE-2020-25221
MLIST:[oss-security] 20200917 Apache + PHP <= 7.4.10 open_basedir bypass CVE-2007-3378
MLIST:[oss-security] 20200929 QEMU: NULL pointer derefrence issues CVE-2020-2574
MLIST:[oss-security] 20200930 [CVE-2020-11979] Apache Ant insecure temporary file vulnerability CVE-2020-1945
MLIST:[oss-security] 20201006 Re: CVE-2020-25641 kernel: soft lockup when submitting zero length bvecs. CVE-2020-25641
MLIST:[oss-security] 20201013 Re: kdeconnect: CVE-2020-26164: multiple security issues in kdeconnectd network daemon CVE-2020-26164
MLIST:[oss-security] 20201013 kdeconnect: CVE-2020-26164: multiple security issues in kdeconnectd network daemon CVE-2020-26164
MLIST:[oss-security] 20201014 Re: kdeconnect: CVE-2020-26164: multiple security issues in kdeconnectd network daemon CVE-2020-26164
MLIST:[oss-security] 20201016 Kubernetes: Multiple secret leaks when verbose logging is enabled CVE-2019-11250
MLIST:[oss-security] 20201016 [OSSA-2020-007] Blazar: Remote code execution in blazar-dashboard (CVE-2020-26943) CVE-2020-26943
MLIST:[oss-security] 20201022 CVE-2019-16127, CVE-2019-16128 and CVE-2019-16129 for Microchip code CVE-2019-16127 CVE-2019-16128 CVE-2019-16129
MLIST:[oss-security] 20201023 CVE-2020-27174: Firecracker serial console emulation may allocate an unbounded amount of memory CVE-2020-27174
MLIST:[oss-security] 20201030 CVE-2020-25668: Linux kernel concurrency use-after-free in vt CVE-2020-25668
MLIST:[oss-security] 20201103 CVE-2020-27152 Kernel: KVM: host stack overflow via loop due to lazy update IOAPIC CVE-2020-27152
MLIST:[oss-security] 20201104 Re: CVE-2020-25668: Linux kernel concurrency use-after-free in vt CVE-2020-25668
MLIST:[oss-security] 20201105 CVE-2020-25669: Linux Kernel use-after-free in sunkbd_reinit CVE-2020-25669
MLIST:[oss-security] 20201112 CVE-2014-4508 CVE-2014-4508
MLIST:[oss-security] 20201112 CVE-2020-13954: Apache CXF Reflected XSS in the services listing page via the styleSheetPath CVE-2019-17573 CVE-2020-13954
MLIST:[oss-security] 20201113 Buffer Overflow in raptor widely unfixed in Linux distros CVE-2017-18926
MLIST:[oss-security] 20201113 Re: Buffer Overflow in raptor widely unfixed in Linux distros CVE-2017-18926
MLIST:[oss-security] 20201114 Re: Buffer Overflow in raptor widely unfixed in Linux distros CVE-2017-18926
MLIST:[oss-security] 20201116 Re: Buffer Overflow in raptor widely unfixed in Linux distros CVE-2017-18926 CVE-2020-25713
MLIST:[oss-security] 20201117 CVE-2020-25677 ceph: CEPHX_V2 replay attack protection lost CVE-2018-1128
MLIST:[oss-security] 20201117 Re: CVE-2020-25677 ceph: CEPHX_V2 replay attack protection lost CVE-2018-1128
MLIST:[oss-security] 20201119 Re: Linux kernel NULL-ptr deref bug in spk_ttyio_ldisc_close CVE-2020-28941
MLIST:[oss-security] 20201119 Re: libass ass_outline.c signed integer overflow CVE-2020-26682
MLIST:[oss-security] 20201120 CVE-2020-4788: Speculation on incompletely validated data on IBM Power9 CVE-2020-4788
MLIST:[oss-security] 20201120 Re: CVE-2020-25669: Linux Kernel use-after-free in sunkbd_reinit CVE-2020-25669
MLIST:[oss-security] 20201123 Re: CVE-2020-4788: Speculation on incompletely validated data on IBM Power9 CVE-2020-4788
MLIST:[oss-security] 20201123 WebKitGTK and WPE WebKit Security Advisory WSA-2020-0008 CVE-2020-9948 CVE-2020-9951 CVE-2020-9952 CVE-2020-9983
MLIST:[oss-security] 20201124 CVE-2020-13942: Remote Code Execution in Apache Unomi CVE-2020-13942
MLIST:[oss-security] 20201124 OpenSC 0.21.0 released CVE-2020-26570 CVE-2020-26571 CVE-2020-26572
MLIST:[oss-security] 20201124 Re: Linux kernel slab-out-of-bounds Read in fbcon CVE-2020-28974
MLIST:[oss-security] 20201126 Xen Security Advisory 351 v2 (CVE-2020-28368) - Information leak via power sidechannel CVE-2020-28368
MLIST:[oss-security] 20201127 CVE-2020-29129 CVE-2020-29130 QEMU: slirp: out-of-bounds access while processing ARP/NCSI packets CVE-2020-29129 CVE-2020-29130
MLIST:[oss-security] 20201130 Re: kdeconnect: CVE-2020-26164: multiple security issues in kdeconnectd network daemon CVE-2020-26164
MLIST:[oss-security] 20201202 Some mitigation for openssh CVE-2020-14145 CVE-2020-14145
MLIST:[oss-security] 20201203 Re: Linux Kernel: ALSA: use-after-free Write in snd_rawmidi_kernel_write1 CVE-2020-27786
MLIST:[oss-security] 20201203 [SECURITY] CVE-2020-17527 Apache Tomcat HTTP/2 Request header mix-up CVE-2020-17527
MLIST:[oss-security] 20201205 Re: Security fixes from Android 10 release which are relevant outside the Android ecosystem? CVE-2019-9423
MLIST:[oss-security] 20201206 [CVE-2020-17521]: Apache Groovy Information Disclosure CVE-2020-15824 CVE-2020-1945
MLIST:[oss-security] 20201207 [OSSA-2020-008] horizon: Open redirect in workflow forms (CVE-2020-29565) CVE-2020-29565
MLIST:[oss-security] 20201208 Re: Linux kernel NULL-ptr deref bug in spk_ttyio_receive_buf2 CVE-2020-27830
MLIST:[oss-security] 20201209 CVE-2020-17528: Apache NuttX (incubating) Out of Bound Write from invalid TCP Urgent length CVE-2020-17528
MLIST:[oss-security] 20201209 CVE-2020-17529: Apache NuttX (incubating) Out of Bound Write from invalid fragmentation offset value specified in the IP header CVE-2020-17529
MLIST:[oss-security] 20201209 [SECURITY ADVISORY] curl: trusting FTP PASV responses CVE-2007-1562
MLIST:[oss-security] 20201210 2 kernel issues CVE-2020-29660 CVE-2020-29661
MLIST:[oss-security] 20201211 CVE-2020-17515: Apache Airflow Reflected XSS via Origin Parameter CVE-2020-13944 CVE-2020-17515
MLIST:[oss-security] 20201216 CVE-2020-13931 Apache TomEE - Incorrect config on JMS Resource Adapter can lead to JMX being enabled CVE-2020-11969
MLIST:[oss-security] 20201216 CVE-2020-27821 QEMU: heap buffer overflow in msix_table_mmio_write() in hw/pci/msix.c CVE-2020-27821
MLIST:[oss-security] 20201216 Xen Security Advisory 322 v5 (CVE-2020-29481) - Xenstore: new domains inheriting existing node permissions CVE-2020-29481
MLIST:[oss-security] 20201216 Xen Security Advisory 343 v5 (CVE-2020-25599) - races with evtchn_reset() CVE-2020-25599
MLIST:[oss-security] 20201216 Xen Security Advisory 358 v5 (CVE-2020-29570) - FIFO event channels control block related ordering CVE-2020-29570
MLIST:[oss-security] 20201221 CVE-2020-17526: Apache Airflow Incorrect Session Validation in Airflow Webserver with default config CVE-2020-17526
MLIST:[oss-security] 20201222 CVE-2020-25723 QEMU: assertion failure through usb_packet_unmap() in hw/usb/hcd-ehci.c CVE-2020-25723
MLIST:[oss-security] 20210104 CVE-2020-25275: Dovecot: MIME parsing crash CVE-2020-12100
MLIST:[oss-security] 20210104 Re: DPDK security advisory for multiple vhost crypto issues CVE-2020-14374 CVE-2020-14375 CVE-2020-14376 CVE-2020-14377 CVE-2020-14378
MLIST:[oss-security] 20210104 Re: [dpdk-dev] DPDK security advisory for multiple vhost crypto issues CVE-2020-14374 CVE-2020-14375 CVE-2020-14376 CVE-2020-14377 CVE-2020-14378
MLIST:[oss-security] 20210105 [CVE-2020-17518] Apache Flink directory traversal attack: remote file writing through the REST API CVE-2020-17518
MLIST:[oss-security] 20210105 [CVE-2020-17519] Apache Flink directory traversal attack: reading remote files through the REST API CVE-2020-17519
MLIST:[oss-security] 20210107 Trovent Security Advisory 2010-01 / CVE-2020-28208: Rocket.Chat email address enumeration vulnerability CVE-2020-28208
MLIST:[oss-security] 20210108 Re: Trovent Security Advisory 2010-01 [updated] / CVE-2020-28208: Rocket.Chat email address enumeration vulnerability CVE-2020-28208
MLIST:[oss-security] 20210112 Security issues in hawk2 and crmsh CVE-2020-35458 CVE-2020-35459
MLIST:[oss-security] 20210113 CVE-2020-11947 QEMU: heap buffer overflow in iSCSI block driver may lead to information disclosure CVE-2020-11947
MLIST:[oss-security] 20210113 Re: CVE-2020-28374: Linux SCSI target (LIO) unrestricted copy offload CVE-2020-28374 CVE-2021-3139
MLIST:[oss-security] 20210113 Re: Trovent Security Advisory 2010-01 [updated] / CVE-2020-28208: Rocket.Chat email address enumeration vulnerability CVE-2020-28208
MLIST:[oss-security] 20210114 [SECURITY] CVE-2021-24122 Apache Tomcat Information Disclosure CVE-2021-24122
MLIST:[oss-security] 20210115 Re: [vs] Cinnamon lock screen bypass in multiple distributions CVE-2020-14345
MLIST:[oss-security] 20210119 Re: mutt recipient parsing memory leak CVE-2021-3181
MLIST:[oss-security] 20210119 Xen Security Advisory 286 v6 (CVE-2020-27674) - x86 PV guest INVLPG-like flushes may leave stale TLB entries CVE-2020-27674
MLIST:[oss-security] 20210119 Xen Security Advisory 331 v3 (CVE-2020-27675) - Race condition in Linux event handler may crash dom0 CVE-2020-27675
MLIST:[oss-security] 20210119 Xen Security Advisory 332 v4 (CVE-2020-27673) - Rogue guests can cause DoS of Dom0 via high frequency events CVE-2020-27673
MLIST:[oss-security] 20210119 Xen Security Advisory 345 v4 (CVE-2020-27672) - x86: Race condition in Xen mapping code CVE-2020-27672
MLIST:[oss-security] 20210119 Xen Security Advisory 346 v3 (CVE-2020-27671) - undue deferral of IOMMU TLB flushes CVE-2020-27671
MLIST:[oss-security] 20210119 Xen Security Advisory 347 v3 (CVE-2020-27670) - unsafe AMD IOMMU page table updates CVE-2020-27670
MLIST:[oss-security] 20210119 Xen Security Advisory 355 v3 (CVE-2020-29040) - stack corruption from XSA-346 change CVE-2020-29040
MLIST:[oss-security] 20210126 Baron Samedit: Heap-based buffer overflow in Sudo (CVE-2021-3156) CVE-2021-3156
MLIST:[oss-security] 20210126 Xen Security Advisory 360 v2 (CVE-2021-3308) - IRQ vector leak on x86 CVE-2021-3308
MLIST:[oss-security] 20210127 Re: Baron Samedit: Heap-based buffer overflow in Sudo (CVE-2021-3156) CVE-2021-3156
MLIST:[oss-security] 20210127 glibc iconv crash with ISO-2022-JP-3 CVE-2021-3181
MLIST:[oss-security] 20210128 Re: glibc iconv crash with ISO-2022-JP-3 CVE-2021-3326
MLIST:[oss-security] 20210129 CVE-2021-25646: Authenticated users can override system configurations in their requests which allows them to execute arbitrary code. CVE-2021-25646
MLIST:[oss-security] 20210129 Re: Linux Kernel: local priv escalation via futexes CVE-2021-3347
MLIST:[oss-security] 20210201 Re: Linux Kernel: local priv escalation via futexes CVE-2014-3153 CVE-2021-3347
MLIST:[oss-security] 20210201 Re: Re: Linux kernel: linux-block: nbd: use-after-free Read in nbd_queue_rq CVE-2021-3348
MLIST:[oss-security] 20210204 [CVE-2020-15690] Nim - stdlib asyncftpd - Crlf Injection CVE-2020-15690
MLIST:[oss-security] 20210204 [CVE-2020-15692] Nim - stdlib Browsers - `open` Argument Injection CVE-2020-15692
MLIST:[oss-security] 20210204 [CVE-2020-15693, CVE-2020-15694] Nim - stdlib Httpclient - Header Crlf Injection & Server Response Validation CVE-2019-9740 CVE-2019-9947 CVE-2020-15693 CVE-2020-15694
MLIST:[oss-security] 20210205 Re: Linux kernel: Exploitable vulnerabilities in AF_VSOCK implementation CVE-2021-26708
MLIST:[oss-security] 20210209 Re: [cve-pending] Firejail: root privilege escalation in OverlayFS code CVE-2021-26910
MLIST:[oss-security] 20210210 Re: CVE-2021-20200: Linux kernel: close race between munmap() and expand_upwards()/downwards() CVE-2020-29369
MLIST:[oss-security] 20210210 Re: Re: screen crash processing combining characters CVE-2021-27135
MLIST:[oss-security] 20210210 Re: screen crash processing combining characters CVE-2021-26937
MLIST:[oss-security] 20210215 Re: sudo: Ineffective NO_ROOT_MAILER and Baron Samedit CVE-2021-3156
MLIST:[oss-security] 20210217 CVE-2021-26559: Apache Airflow 2.0.0: CWE-284 Improper Access Control on Configurations Endpoint for the Stable API CVE-2021-26559
MLIST:[oss-security] 20210217 CVE-2021-26697: Apache Airflow: Lineage API endpoint for Experimental API missed authentication check CVE-2021-26697
MLIST:[oss-security] 20210217 CVE-2021-26911: Canary Mail with IMAP STARTTLS missing certificate validation CVE-2021-26911
MLIST:[oss-security] 20210218 BIND Operational Notification: Enabling the new BIND option "stale-answer-client-timeout" can result in unexpected server termination CVE-2020-8625
MLIST:[oss-security] 20210219 Django security releases: CVE-2021-23336: Web cache poisoning via ``django.utils.http.limited_parse_qsl()`` CVE-2021-23336
MLIST:[oss-security] 20210219 Re: CVE-2021-20200: Linux kernel: close race between munmap() and expand_upwards()/downwards() CVE-2020-29369
MLIST:[oss-security] 20210219 Vulnerability in Jenkins CVE-2021-22112
MLIST:[oss-security] 20210220 BIND Operational Notification: Zone journal (.jnl) file incompatibility,after upgrading to BIND 9.16.12 and 9.17 CVE-2020-8625
MLIST:[oss-security] 20210220 CVE-2021-26544: Apache Livy (Incubating) is vulnerable to cross site scripting CVE-2021-26544
MLIST:[oss-security] 20210223 Xen Security Advisory 366 v2 (CVE-2021-27379) - missed flush in XSA-321 backport CVE-2021-27379
MLIST:[oss-security] 20210227 Re: wpa_supplicant P2P provision discovery processing vulnerability CVE-2021-27803
MLIST:[oss-security] 20210301 CVE-2020-1936: Stored XSS in Apache Ambari CVE-2020-1936
MLIST:[oss-security] 20210301 CVE-2021-25122: Apache Tomcat h2c request mix-up CVE-2021-25122
MLIST:[oss-security] 20210301 CVE-2021-25329: Apache Tomcat Incomplete fix for CVE-2020-9484 CVE-2020-9484 CVE-2020-9494 CVE-2021-25329
MLIST:[oss-security] 20210302 Announce: OpenSSH 8.5 released CVE-2020-14871
MLIST:[oss-security] 20210302 Multiple GRUB2 vulnerabilities CVE-2020-15705
MLIST:[oss-security] 20210305 Xen Security Advisory 367 v2 (CVE-2021-28038) - Linux: netback fails to honor grant mapping errors CVE-2021-28038
MLIST:[oss-security] 20210305 Xen Security Advisory 369 v2 (CVE-2021-28039) - Linux: special config may crash when trying to map foreign pages CVE-2021-28039
MLIST:[oss-security] 20210309 CVE-2020-13936: Velocity Sandbox Bypass CVE-2020-13936
MLIST:[oss-security] 20210309 CVE-2020-13959: Velocity Tools XSS Vulnerability CVE-2020-13959
MLIST:[oss-security] 20210309 CVE-2020-35451: Oozie local privilege escalation CVE-2020-35451
MLIST:[oss-security] 20210309 CVE-2021-3409 QEMU: sdhci: incomplete fix for CVE-2020-17380/CVE-2020-25085 CVE-2020-17380 CVE-2020-25085
MLIST:[oss-security] 20210309 git: malicious repositories can execute remote code while cloning CVE-2021-21300
MLIST:[oss-security] 20210315 [CVE-2020-28466][CVE-2021-3127] NATS.io vulnerabilities CVE-2020-28466
MLIST:[oss-security] 20210319 CVE-2021-27807: Apache PDFBox: A carefully crafted PDF file can trigger an infinite loop while loading the file CVE-2021-27807
MLIST:[oss-security] 20210319 CVE-2021-27906: Apache PDFBox: A carefully crafted PDF file can trigger an OutOfMemory-Exception while loading the file CVE-2021-27906
MLIST:[oss-security] 20210322 WebKitGTK and WPE WebKit Security Advisory WSA-2021-0002 CVE-2020-27918 CVE-2020-9947
MLIST:[oss-security] 20210323 [CVE-2021-3444] Linux kernel bpf verifier incorrect mod32 truncation CVE-2021-3444
MLIST:[oss-security] 20210324 Re: [CVE-2020-27170] Protection against speculatively out-of-bounds loads in the Linux kernel can be bypassed by unprivileged local users to leak content of kernel memory CVE-2020-27170
MLIST:[oss-security] 20210324 Re: [CVE-2020-27171] Numeric error when restricting speculative pointer arithmetic allows unprivileged local users to leak content of kernel memory CVE-2020-27171
MLIST:[oss-security] 20210327 OpenSSL 1.1.1 CVE-2021-3450 CA certificate check bypass with X509_V_FLAG_X509_STRICT, CVE-2021-3449 NULL pointer deref in signature_algorithms processing CVE-2021-3449 CVE-2021-3450
MLIST:[oss-security] 20210327 Re: OpenSSL 1.1.1 CVE-2021-3450 CA certificate check bypass with X509_V_FLAG_X509_STRICT, CVE-2021-3449 NULL pointer deref in signature_algorithms processing CVE-2021-3449 CVE-2021-3450
MLIST:[oss-security] 20210328 Re: OpenSSL 1.1.1 CVE-2021-3450 CA certificate check bypass with X509_V_FLAG_X509_STRICT, CVE-2021-3449 NULL pointer deref in signature_algorithms processing CVE-2021-3449 CVE-2021-3450
MLIST:[oss-security] 20210330 Re: Remote DoS Vulnerability in bitchx, ircii < 20210314 and scrollz CVE-2021-29376
MLIST:[oss-security] 20210401 Re: kopano-core 11.0.1: Remote DoS by memory exhaustion CVE-2021-28994
MLIST:[oss-security] 20210402 CVE-2021-22696: Apache CXF: OAuth 2 authorization service vulnerable to DDos attacks CVE-2021-22696
MLIST:[oss-security] 20210407 CVE-2021-3483: Linux kernel: a use-after-free bug in nosy driver CVE-2021-3483
MLIST:[oss-security] 20210409 Re: Linux kernel: Exploitable vulnerabilities in AF_VSOCK implementation CVE-2021-26708
MLIST:[oss-security] 20210413 X.Org server security advisory: April 13, 2021 CVE-2021-3472
MLIST:[oss-security] 20210414 CVE-2021-27850: Apache Tapestry: Bypass of the fix for CVE-2019-0195 CVE-2019-0195 CVE-2021-27850
MLIST:[oss-security] 20210416 QEMU: ESP security fixes CVE-2020-35504 CVE-2020-35505 CVE-2020-35506
MLIST:[oss-security] 20210420 DNS rebinding vulnerability in pupnp CVE-2021-29462
MLIST:[oss-security] 20210420 Vulnerability in Jenkins CVE-2021-28165
MLIST:[oss-security] 20210421 Re: xscreensaver package caps gets raw socket CVE-2021-31523
MLIST:[oss-security] 20210423 CVE-2021-26291: Apache Maven: block repositories using http by default CVE-2021-26291
MLIST:[oss-security] 20210425 Re: kopano-core 11.0.1.77: Remote DoS with out-of-bounds access CVE-2021-28994
MLIST:[oss-security] 20210426 virtualbox: CVE-2021-2264: vboxautostart-service.sh allows injection of parameters in 'su' invocation CVE-2021-2264
MLIST:[oss-security] 20210426 virtualbox: CVE-2021-25319: missing sticky bit in openSUSE packaging for /etc/box allows local root exploit for members of vboxusers group CVE-2021-2264
MLIST:[oss-security] 20210427 CVE-2021-28125: Apache Superset Open Redirect CVE-2021-28125
MLIST:[oss-security] 20210427 CVE-2021-30638: An Information Disclosure due to insufficient input validation exists in Apache Tapestry 5.4.0 and later CVE-2020-13953 CVE-2021-30638
MLIST:[oss-security] 20210427 [CVE-2021-29200] RCE vulnerability in latest Apache OFBiz due to Java serialisation using RMI CVE-2021-29200
MLIST:[oss-security] 20210427 [CVE-2021-30128] Unsafe deserialization in OFBiz CVE-2021-30128
MLIST:[oss-security] 20210428 ISC discloses three BIND vulnerabilities (CVE-2021-25214, CVE-2021-25215, and CVE-2021-25216) CVE-2021-25214 CVE-2021-25215 CVE-2021-25216
MLIST:[oss-security] 20210429 Re: ISC discloses three BIND vulnerabilities (CVE-2021-25214, CVE-2021-25215, and CVE-2021-25216) CVE-2021-25214 CVE-2021-25215 CVE-2021-25216
MLIST:[oss-security] 20210430 [ANNOUNCE] klibc 2.0.9 CVE-2021-31870 CVE-2021-31871 CVE-2021-31872 CVE-2021-31873
MLIST:[oss-security] 20210501 CVE-2021-28359: Apache Airflow Reflected XSS via Origin Query Argument in URL CVE-2020-13944 CVE-2020-17515 CVE-2021-23336
MLIST:[oss-security] 20210504 21Nails: Multiple vulnerabilities in Exim CVE-2014-2957 CVE-2015-0235 CVE-2017-16943 CVE-2017-16944 CVE-2019-10149 CVE-2020-12783 CVE-2020-8794
MLIST:[oss-security] 20210504 [CVE-2021-31829] Linux kernel protection of stack pointer against speculative pointer arithmetic can be bypassed to leak content of kernel memory CVE-2021-31829
MLIST:[oss-security] 20210504 [kubernetes] CVE-2020-8562: Bypass of Kubernetes API Server proxy TOCTOU CVE-2020-8555
MLIST:[oss-security] 20210505 [CVE-2021-22903] Possible Open Redirect Vulnerability in Action Pack CVE-2021-22881
MLIST:[oss-security] 20210508 Re: Linux kernel: f2fs: out-of-bounds memory access bug CVE-2021-3506
MLIST:[oss-security] 20210509 [CVE-2021-22204] ExifTool - Arbitrary code execution in the DjVu module when parsing a malicious image CVE-2021-22204
MLIST:[oss-security] 20210510 Re: CVE-2021-23133: Linux kernel: race condition in sctp sockets CVE-2021-23133
MLIST:[oss-security] 20210510 Re: [CVE-2021-22204] ExifTool - Arbitrary code execution in the DjVu module when parsing a malicious image CVE-2021-22204
MLIST:[oss-security] 20210511 CVE-2021-32399 Linux device detach race condition CVE-2021-32399
MLIST:[oss-security] 20210511 Re: Code execution through Thunar CVE-2021-32563
MLIST:[oss-security] 20210511 Re: [CVE-2020-28018] Use-After-Free on Exim Question CVE-2020-28018
MLIST:[oss-security] 20210511 [CVE-2020-28018] Use-After-Free on Exim Question CVE-2020-28018
MLIST:[oss-security] 20210511 various 802.11 security issues - fragattacks.com CVE-2020-24586 CVE-2020-24587 CVE-2020-24588 CVE-2020-26139 CVE-2020-26140 CVE-2020-26141 CVE-2020-26142 CVE-2020-26143 CVE-2020-26144 CVE-2020-26145 CVE-2020-26146 CVE-2020-26147
MLIST:[oss-security] 20210512 Re: Linux kernel: net/can/isotp: race condition leads to local privilege escalation CVE-2021-32606
MLIST:[oss-security] 20210512 Re: [CVE-2020-28018] Use-After-Free on Exim Question CVE-2020-28018
MLIST:[oss-security] 20210513 Prosody XMPP server advisory 2021-05-12 (multiple vulnerabilities) CVE-2021-32917 CVE-2021-32918 CVE-2021-32919 CVE-2021-32920 CVE-2021-32921
MLIST:[oss-security] 20210514 CVE-2021-3531: Ceph: RGW unauthenticated denial of service CVE-2021-3531
MLIST:[oss-security] 20210514 Re: Linux kernel: net/can/isotp: race condition leads to local privilege escalation CVE-2021-32606
MLIST:[oss-security] 20210514 Re: Prosody XMPP server advisory 2021-05-12 (multiple vulnerabilities) CVE-2021-32917 CVE-2021-32918 CVE-2021-32919 CVE-2021-32920 CVE-2021-32921
MLIST:[oss-security] 20210517 Re: CVE-2021-3531: Ceph: RGW unauthenticated denial of service CVE-2021-3531
MLIST:[oss-security] 20210518 libX11 security advisory: May 18, 2021 CVE-2021-31535
MLIST:[oss-security] 20210519 CVE-2021-30465: runc <1.0.0-rc95 vulnerable to symlink-exchange attack CVE-2021-30465
MLIST:[oss-security] 20210521 Plone security hotfix 20210518 CVE-2021-21336 CVE-2021-21360 CVE-2021-32633
MLIST:[oss-security] 20210522 Re: Plone security hotfix 20210518 CVE-2021-21336 CVE-2021-21360 CVE-2021-32633 CVE-2021-3313 CVE-2021-33507 CVE-2021-33508 CVE-2021-33509 CVE-2021-33510 CVE-2021-33511 CVE-2021-33512 CVE-2021-33513
MLIST:[oss-security] 20210526 ISC has disclosed a vulnerability in ISC DHCP (CVE-2021-25217) CVE-2021-25217
MLIST:[oss-security] 20210527 CVE-2020-17514: Apache Fineract: Disabled hostname verification for HTTPS CVE-2020-17514
MLIST:[oss-security] 20210528 Re: Linux kernel: net/can/isotp: race condition leads to local privilege escalation CVE-2021-32606
MLIST:[oss-security] 20210607 CVE-2021-3578: possible remote code execution in isync/mbsync CVE-2021-3578
MLIST:[oss-security] 20210607 [CVE-2021-33896] Path traversal in Dino file transfers CVE-2021-33896
MLIST:[oss-security] 20210608 CVE-2021-33190: Apache APISIX Dashboard: Bypass network access control CVE-2021-33190
MLIST:[oss-security] 20210608 Xen Security Advisory 375 v2 (CVE-2021-0089) - Speculative Code Store Bypass CVE-2021-0086
MLIST:[oss-security] 20210609 CVE-2019-17567: Apache httpd: mod_proxy_wstunnel tunneling of non Upgraded connections CVE-2019-17567
MLIST:[oss-security] 20210609 CVE-2020-13938: Apache httpd: Improper Handling of Insufficient Privileges CVE-2020-13938
MLIST:[oss-security] 20210609 CVE-2020-13950: Apache httpd: mod_proxy_http NULL pointer dereference CVE-2020-13950
MLIST:[oss-security] 20210609 CVE-2020-35452: Apache httpd: mod_auth_digest possible stack overflow by one nul byte CVE-2020-35452
MLIST:[oss-security] 20210609 CVE-2021-26690: Apache httpd: mod_session NULL pointer dereference CVE-2021-26690
MLIST:[oss-security] 20210609 CVE-2021-26691: Apache httpd: mod_session response handling heap overflow CVE-2021-26691
MLIST:[oss-security] 20210609 CVE-2021-30641: Apache httpd: Unexpected URL matching with 'MergeSlashes OFF' CVE-2021-30641
MLIST:[oss-security] 20210609 CVE-2021-31618: Apache httpd: NULL pointer dereference on specially crafted HTTP/2 request CVE-2021-31618
MLIST:[oss-security] 20210609 Xen Security Advisory 375 v3 (CVE-2021-0089,CVE-2021-26313) - Speculative Code Store Bypass CVE-2021-0086 CVE-2021-26314
MLIST:[oss-security] 20210609 connman stack buffer overflow in dnsproxy CVE-2021-33833 CVE-2021-33833
MLIST:[oss-security] 20210610 Re: Xen Security Advisory 375 v3 (CVE-2021-0089,CVE-2021-26313) - Speculative Code Store Bypass CVE-2021-0089
MLIST:[oss-security] 20210610 Xen Security Advisory 375 v4 (CVE-2021-0089,CVE-2021-26313) - Speculative Code Store Bypass CVE-2021-0086 CVE-2021-0089 CVE-2021-26314
MLIST:[oss-security] 20210611 Re: XScreenSaver 5.45: Disconnecting a video output can cause XScreenSaver to crash and unlock CVE-2021-34557
MLIST:[oss-security] 20210612 CVE-2021-31811: Apache PDFBox: A carefully crafted PDF file can trigger an OutOfMemory-Exception while loading a tiny file CVE-2021-31811
MLIST:[oss-security] 20210612 CVE-2021-31812: Apache PDFBox: A carefully crafted PDF file can trigger an infinite loop while loading the file CVE-2021-31812
MLIST:[oss-security] 20210615 CVE-2020-9493: Apache Chainsaw: Java deserialization in Chainsaw CVE-2020-9493
MLIST:[oss-security] 20210615 CVE-2021-34693: Infoleak in CAN BCM protocol in Linux kernel CVE-2021-34693
MLIST:[oss-security] 20210616 CVE-2021-30468: Apache CXF Denial of service vulnerability in parsing JSON via JsonMapObjectReaderWriter CVE-2021-30468
MLIST:[oss-security] 20210630 Plone: stored XSS in folder contents CVE-2021-35959
MLIST:[oss-security] 20210702 CVE-2021-26920: Apache Druid: The HTTP inputSource allows authenticated users to read data from other sources than intended CVE-2021-26920
MLIST:[oss-security] 20210706 CVE-2021-35039: Linux kernel loading unsigned kernel modules via init_module syscall CVE-2021-35039
MLIST:[oss-security] 20210706 xscreensaver 5.45 crash CVE-2021-34557
MLIST:[oss-security] 20210712 CVE-2021-30129: DoS/OOM leak vulnerability in Apache Mina SSHD Server CVE-2021-30129
MLIST:[oss-security] 20210712 [OSSA-2021-001] Neutron: Anti-spoofing bypass for Open vSwitch networks (CVE-2021-20267) CVE-2021-20267
MLIST:[oss-security] 20210713 CVE-2021-35515: Apache Commons Compress 1.6 to 1.20 denial of service vulnerability CVE-2021-35515
MLIST:[oss-security] 20210713 CVE-2021-35516: Apache Commons Compress 1.6 to 1.20 denial of service vulnerability CVE-2021-35516
MLIST:[oss-security] 20210713 CVE-2021-35517: Apache Commons Compress 1.1 to 1.20 denial of service vulnerability CVE-2021-35517
MLIST:[oss-security] 20210713 CVE-2021-36090: Apache Commons Compress 1.0 to 1.20 denial of service vulnerability CVE-2021-36090
MLIST:[oss-security] 20210713 CVE-2021-36373: Apache Ant TAR archive denial of service vulnerability CVE-2021-35517
MLIST:[oss-security] 20210713 CVE-2021-36374: Apache Ant ZIP, and ZIP based, archive denial of service vulerability CVE-2021-36090
MLIST:[oss-security] 20210718 Re: Polipo: denial-of-service using range CVE-2020-36420
MLIST:[oss-security] 20210720 CVE-2021-33909: size_t-to-int vulnerability in Linux's filesystem layer CVE-2020-8835
MLIST:[oss-security] 20210720 CVE-2021-33910: Denial of service (stack exhaustion) in systemd (PID 1) CVE-2019-6454
MLIST:[oss-security] 20210721 [SECURITY ADVISORY] curl: TELNET stack contents disclosure again CVE-2021-22898
MLIST:[oss-security] 20210722 CVE-2021-28131: Apache Impala: Impala logs contain secrets CVE-2021-28131
MLIST:[oss-security] 20210722 Re: CVE-2021-33909: size_t-to-int vulnerability in Linux's filesystem layer CVE-2020-28010 CVE-2021-33909
MLIST:[oss-security] 20210723 WebKitGTK and WPE WebKit Security Advisory WSA-2021-0004 CVE-2021-21775 CVE-2021-21779 CVE-2021-21806
MLIST:[oss-security] 20210725 CVE-2020-28020: Integer overflow in Exim that can lead to RCE: Some questions to the Qualys researchers who designed the exploit CVE-2020-28020
MLIST:[oss-security] 20210726 security advisory 2021-01 for PowerDNS Authoritative Server 4.5.0 CVE-2021-36754
MLIST:[oss-security] 20210727 Re: Linux kernel: powerpc: KVM guest to host memory corruption CVE-2021-37576
MLIST:[oss-security] 20210728 Re: Prosody XMPP server advisory 2021-07-22 (Remote Information Disclosure) (CVE-2021-37601) CVE-2021-37601
MLIST:[oss-security] 20210728 [SECURITY] CVE-2021-37578 Apache jUDDI Remote code execution CVE-2021-37578
MLIST:[oss-security] 20210802 Re: CVE-2020-28020: Integer overflow in Exim that can lead to RCE: Some questions to the Qualys researchers who designed the exploit CVE-2020-28020
MLIST:[oss-security] 20210804 Re: Pop!_OS Membership to linux-distros list CVE-2020-13529 CVE-2021-33910
MLIST:[oss-security] 20210807 Re: Bug#991971: [Lynx-dev] bug in Lynx' SSL certificate validation -> leaks password in clear text via SNI (under some circumstances) CVE-2021-38165
MLIST:[oss-security] 20210807 Re: Re: Bug#991971: [Lynx-dev] bug in Lynx' SSL certificate validation -> leaks password in clear text via SNI (under some circumstances) CVE-2021-38165
MLIST:[oss-security] 20210809 fetchmail 6.4.21 released/regression fix for 6.4.20's security fix, and UPDATE: fetchmail <= 6.4.19 security announcement 2021-01 (CVE-2021-36386) CVE-2008-2711 CVE-2021-36386
MLIST:[oss-security] 20210810 CVE-2021-21501: Apache ServiceComb: ServiceComb ServiceCenter Directory Traversal CVE-2021-21501
MLIST:[oss-security] 20210810 STARTTLS vulnerabilities CVE-2011-0411
MLIST:[oss-security] 20210810 [OSSA-2021-003] Keystone: Account name and UUID oracles in account locking (CVE-2021-38155) CVE-2021-38155
MLIST:[oss-security] 20210817 CVE-2021-33580: Apache Roller: regex injection leading to DoS CVE-2021-33580
MLIST:[oss-security] 20210817 Re: Linux kernel: nfc: null ptr dereference in llcp_sock_getname CVE-2021-38208
MLIST:[oss-security] 20210817 Re: Pop!_OS Membership to linux-distros list CVE-2020-13529 CVE-2021-33910
MLIST:[oss-security] 20210818 ISC has disclosed a vulnerability in BIND (CVE-2021-25218) CVE-2021-25218
MLIST:[oss-security] 20210819 [CVE-2021-22942] Possible Open Redirect in Host Authorization Middleware CVE-2021-22881
MLIST:[oss-security] 20210820 August BIND maintenance releases contain a defect affecting servers using the map zone file format (was: A vulnerability in BIND (CVE-2021-25218) will be announced 18 August 2021) CVE-2021-25218
MLIST:[oss-security] 20210823 CVE-2021-35940: Apache Portable Runtime (APR): Regression of CVE-2017-12613 CVE-2017-12613 CVE-2021-35940
MLIST:[oss-security] 20210824 CVE-2021-33191: Apache NiFi - MiNiFi C++: MiNiFi CPP arbitrary script execution is possible on the agent's host machine through the c2 protocol CVE-2021-33191
MLIST:[oss-security] 20210824 Possible memory leak on getspnam / getspnam_r CVE-2020-9273
MLIST:[oss-security] 20210824 Re: Linux kernel: nfc: null ptr dereference in llcp_sock_getname CVE-2021-38208
MLIST:[oss-security] 20210825 OpenSSL SM2 Decryption Buffer Overflow (CVE-2021-3711), Read buffer overruns processing ASN.1 strings (CVE-2021-3712) CVE-2021-3711 CVE-2021-3712
MLIST:[oss-security] 20210825 Re: CVE-2021-33909: size_t-to-int vulnerability in Linux's filesystem layer CVE-2021-33909
MLIST:[oss-security] 20210830 NTFS3G-SA-2021-0001: Multiple buffer overflows in all versions of NTFS-3G CVE-2021-33285 CVE-2021-33286 CVE-2021-33287 CVE-2021-33289 CVE-2021-35266 CVE-2021-35267 CVE-2021-35268 CVE-2021-35269
MLIST:[oss-security] 20210831 [OSSA-2021-005] Neutron: Arbitrary dnsmasq reconfiguration via extra_dhcp_opts (CVE-2021-40085) CVE-2021-40085
MLIST:[oss-security] 20210901 Re: Xen Security Advisory 378 v3 (CVE-2021-28694,CVE-2021-28695,CVE-2021-28696) - IOMMU page mapping issues on x86 CVE-2021-28694 CVE-2021-28695 CVE-2021-28696
MLIST:[oss-security] 20210901 Xen Security Advisory 378 v3 (CVE-2021-28694,CVE-2021-28695,CVE-2021-28696) - IOMMU page mapping issues on x86 CVE-2021-28694 CVE-2021-28695 CVE-2021-28696
MLIST:[oss-security] 20210901 Xen Security Advisory 380 v3 (CVE-2021-28698) - long running loops in grant table handling CVE-2021-28698
MLIST:[oss-security] 20210902 CVE-2019-10095: Apache Zeppelin: bash command injection in spark interpreter CVE-2019-10095
MLIST:[oss-security] 20210902 CVE-2020-13929: Apache Zeppelin: Notebook permissions bypass CVE-2020-13929
MLIST:[oss-security] 20210902 CVE-2021-27578: Apache Zeppelin: Cross Site Scripting in markdown interpreter CVE-2021-27578
MLIST:[oss-security] 20210906 Re: Possible memory leak on getspnam / getspnam_r CVE-2020-9273
MLIST:[oss-security] 20210907 Re: Pop!_OS Membership to linux-distros list CVE-2020-13529 CVE-2021-33910
MLIST:[oss-security] 20210908 Xen Security Advisory 384 v3 (CVE-2021-28701) - Another race in XENMAPSPACE_grant_table handling CVE-2021-28701
MLIST:[oss-security] 20210909 [OSSA-2021-006] Neutron: Routes middleware memory leak for nonexistent controllers (CVE-2021-40797) CVE-2021-40797
MLIST:[oss-security] 20210910 CVE-2021-38555: An XML external entity (XXE) injection vulnerability exists in Apache Any23 StreamUtils.java CVE-2021-38555
MLIST:[oss-security] 20210910 CVE-2021-40146: A Remote Code Execution (RCE) vulnerability exists in Apache Any23 YAMLExtractor.java CVE-2021-40146
MLIST:[oss-security] 20210914 Disclosure: CVE-2021-3744: crypto: ccp - fix resource leaks in ccp_run_aes_gcm_cmd() CVE-2019-18808
MLIST:[oss-security] 20210914 Re: Oracle Solaris membership in the distros list CVE-2019-14287 CVE-2020-1971 CVE-2021-3156
MLIST:[oss-security] 20210916 Containers-optimized OS (COS) membership in the linux-distros list CVE-2020-14308 CVE-2020-14311 CVE-2020-14386 CVE-2020-15705 CVE-2021-33909
MLIST:[oss-security] 20210917 Re: Containers-optimized OS (COS) membership in the linux-distros list CVE-2020-14308 CVE-2020-14311 CVE-2020-14386 CVE-2020-15705 CVE-2021-33909
MLIST:[oss-security] 20210918 Linux Kernel: Exploitable vulnerability in io_uring CVE-2021-41073
MLIST:[oss-security] 20210920 Re: Containers-optimized OS (COS) membership in the linux-distros list CVE-2020-14308 CVE-2020-14311 CVE-2020-14386 CVE-2020-15705 CVE-2021-33909
MLIST:[oss-security] 20210920 WebKitGTK and WPE WebKit Security Advisory WSA-2021-0005 CVE-2021-30858
MLIST:[oss-security] 20210923 CVE-2021-36749: Apache Druid: The HTTP inputSource allows authenticated users to read data from other sources than intended (incomplete fix of CVE-2021-26920) CVE-2021-26920
MLIST:[oss-security] 20210930 3 new CVE's in vim CVE-2021-3770 CVE-2021-3778 CVE-2021-3796
MLIST:[oss-security] 20211004 CVE-2021-28116 / ZDI-CAN-11610 / SQUID-2020:12 Out-Of-Bounds memory access in WCCPv2 CVE-2021-28116
MLIST:[oss-security] 20211005 CVE-2021-39226 Grafana snapshot authentication bypass CVE-2021-39226
MLIST:[oss-security] 20211005 CVE-2021-41524: Apache HTTP Server: null pointer dereference in h2 fuzzing CVE-2021-41524
MLIST:[oss-security] 20211005 CVE-2021-41773: Path traversal and file disclosure vulnerability in Apache HTTP Server 2.4.49 CVE-2021-41773
MLIST:[oss-security] 20211006 Multiple vulnerabilities in Jenkins and Jenkins plugins CVE-2014-3577
MLIST:[oss-security] 20211007 CVE-2021-28129: DEB packaging for Apache OpenOffice 4.1.8 installed with a non-root userid and groupid CVE-2021-28129
MLIST:[oss-security] 20211007 CVE-2021-33035: Apache OpenOffice: Buffer overflow from a crafted DBF file CVE-2021-33035
MLIST:[oss-security] 20211007 CVE-2021-40439: Apache OpenOffice: Billion Laughs CVE-2021-40439
MLIST:[oss-security] 20211007 CVE-2021-42013: Path Traversal and Remote Code Execution in Apache HTTP Server 2.4.49 and 2.4.50 (incomplete fix of CVE-2021-41773) CVE-2021-41773 CVE-2021-42013
MLIST:[oss-security] 20211007 RE: CVE-2021-41773: Path traversal and file disclosure vulnerability in Apache HTTP Server 2.4.49 CVE-2021-41773
MLIST:[oss-security] 20211007 Xen Security Advisory 386 v2 (CVE-2021-28702) - PCI devices with RMRRs not deassigned correctly CVE-2021-28702
MLIST:[oss-security] 20211008 Re: CVE-2021-42013: Path Traversal and Remote Code Execution in Apache HTTP Server 2.4.49 and 2.4.50 (incomplete fix of CVE-2021-41773) CVE-2021-41773 CVE-2021-42013
MLIST:[oss-security] 20211009 Re: CVE-2021-42013: Path Traversal and Remote Code Execution in Apache HTTP Server 2.4.49 and 2.4.50 (incomplete fix of CVE-2021-41773) CVE-2021-41773 CVE-2021-42013
MLIST:[oss-security] 20211011 Re: CVE-2021-42013: Path Traversal and Remote Code Execution in Apache HTTP Server 2.4.49 and 2.4.50 (incomplete fix of CVE-2021-41773) CVE-2021-41773 CVE-2021-42013
MLIST:[oss-security] 20211012 CVE-2021-42009: Apache Traffic Control Arbitrary Email Content Insertion in /deliveryservices/request CVE-2021-42009
MLIST:[oss-security] 20211014 CVE-2021-42257: check_smart.pl: unprivileged user can alter hard drive settings CVE-2021-42257
MLIST:[oss-security] 20211015 Re: CVE-2021-42013: Path Traversal and Remote Code Execution in Apache HTTP Server 2.4.49 and 2.4.50 (incomplete fix of CVE-2021-41773) CVE-2021-41773 CVE-2021-42013
MLIST:[oss-security] 20211016 Re: CVE-2021-42013: Path Traversal and Remote Code Execution in Apache HTTP Server 2.4.49 and 2.4.50 (incomplete fix of CVE-2021-41773) CVE-2021-41773 CVE-2021-42013
MLIST:[oss-security] 20211018 Re: CVE-2021-3847: OverlayFS - Potential Privilege Escalation using overlays copy_up CVE-2016-1575 CVE-2016-1576 CVE-2016-2853
MLIST:[oss-security] 20211021 Mailman 2.1.35 security release CVE-2021-42096 CVE-2021-42097
MLIST:[oss-security] 20211025 [ES2021-07] FreeSWITCH does not authenticate SIP MESSAGE requests, leading to spam and message spoofing CVE-2021-37624
MLIST:[oss-security] 20211026 CVE-2021-21703: PHP-FPM 5.3.7 <= 8.0.12 Local Root CVE-2021-21703
MLIST:[oss-security] 20211026 WebKitGTK and WPE WebKit Security Advisory WSA-2021-0006 CVE-2021-30846 CVE-2021-30848 CVE-2021-30849 CVE-2021-30858 CVE-2021-41133 CVE-2021-42762
MLIST:[oss-security] 20211027 Re: WebKitGTK and WPE WebKit Security Advisory WSA-2021-0006 CVE-2021-30846 CVE-2021-30848 CVE-2021-30849 CVE-2021-30858 CVE-2021-42762
MLIST:[oss-security] 20211028 Re: Linux kernel: powerpc: KVM guest can trigger host crash on Power8 CVE-2021-43056
MLIST:[oss-security] 20211031 Re: WebKitGTK and WPE WebKit Security Advisory WSA-2021-0006 CVE-2021-30851
MLIST:[oss-security] 20211101 CVE-2021-27644: Apache DolphinScheduler: DolphinScheduler mysql jdbc connector parameters deserialize remote code execution CVE-2021-27644
MLIST:[oss-security] 20211101 CVE-2021-41973: Apache MINA HTTP listener DOS CVE-2021-41973
MLIST:[oss-security] 20211101 CVE-2021-42574: rustc 1.56.0 and bidirectional-override codepoints in source code CVE-2021-42574 CVE-2021-42694
MLIST:[oss-security] 20211101 Re: CVE-2021-42574: rustc 1.56.0 and bidirectional-override codepoints in source code CVE-2021-42574
MLIST:[oss-security] 20211101 Trojan Source Attacks CVE-2021-42574 CVE-2021-42694
MLIST:[oss-security] 20211101 [ANNOUNCE] Apache MINA 2.0.22 & 2.1.5 released CVE-2021-41973
MLIST:[oss-security] 20211102 Barrier "software KVM switch" multiple remote security issues CVE-2021-42072 CVE-2021-42073 CVE-2021-42074 CVE-2021-42075 CVE-2021-42076
MLIST:[oss-security] 20211102 Re: CVE-2021-42574: rustc 1.56.0 and bidirectional-override codepoints in source code CVE-2021-42574
MLIST:[oss-security] 20211102 Re: Trojan Source Attacks CVE-2021-42574
MLIST:[oss-security] 20211105 Re: Linux kernel: isdn: cpai: array-index-out-of-bounds in detach_capi_ctr in drivers/isdn/capi/kcapi.c CVE-2021-43389
MLIST:[oss-security] 20211109 [CVE-2021-43523] Incorrect handling of special characters in domain names in uclibc and uclibc-ng CVE-2021-33425
MLIST:[oss-security] 20211111 CVE-2021-26558: Apache ShardingSphere-UI: Deserialization of Untrusted Data CVE-2021-26558
MLIST:[oss-security] 20211111 CVE-2021-43350: Apache Traffic Control: LDAP filter injection vulnerability in Traffic Ops CVE-2021-43350
MLIST:[oss-security] 20211111 Re: CVE-2021-43350: Apache Traffic Control: LDAP filter injection vulnerability in Traffic Ops CVE-2021-43350
MLIST:[oss-security] 20211115 Grafana 8.2.4 released with security fixes CVE-2021-41244
MLIST:[oss-security] 20211116 CVE-2021-37580: Apache ShenYu Admin bypass JWT authentication CVE-2021-37580
MLIST:[oss-security] 20211116 Re: CVE-2021-43350: Apache Traffic Control: LDAP filter injection vulnerability in Traffic Ops CVE-2021-43350
MLIST:[oss-security] 20211117 CVE-2021-42250: Apache Superset: Possible log injection CVE-2021-42250
MLIST:[oss-security] 20211118 CVE-2021-39233: Apache Ozone: Container-related datanode operations can be called without authorization CVE-2021-39233
MLIST:[oss-security] 20211118 CVE-2021-39234: Apache Ozone: Raw block data can be read bypassing ACL/authorization CVE-2021-39234
MLIST:[oss-security] 20211118 CVE-2021-41532: Apache Ozone: Unauthenticated access to Ozone Recon HTTP endpoints CVE-2021-41532
MLIST:[oss-security] 20211119 CVE-2021-41190 OCI distribution and image spec: "content-type" confusion CVE-2021-41190
MLIST:[oss-security] 20211122 CVE-2021-43557: Apache APISIX: Path traversal in request_uri variable CVE-2021-43557
MLIST:[oss-security] 20211122 Re: CVE-2021-43557: Apache APISIX: Path traversal in request_uri variable CVE-2021-43557
MLIST:[oss-security] 20211123 Re: CVE-2021-43557: Apache APISIX: Path traversal in request_uri variable CVE-2021-43557
MLIST:[oss-security] 20211203 CVE-2021-44143: heap overflow in isync/mbsync CVE-2021-44143
MLIST:[oss-security] 20211209 CVE-2021-43798 Grafana directory traversal CVE-2021-43798
MLIST:[oss-security] 20211210 CVE-2021-43813 and CVE-2021-43815 - Grafana directory traversal for some .md and .csv files CVE-2021-43798 CVE-2021-43813 CVE-2021-43815
MLIST:[oss-security] 20211210 CVE-2021-44228: Apache Log4j2 JNDI features do not protect against attacker controlled LDAP and other JNDI related endpoints CVE-2021-44228
MLIST:[oss-security] 20211210 Re: CVE-2021-44228: Apache Log4j2 JNDI features do not protect against attacker controlled LDAP and other JNDI related endpoints CVE-2021-44228
MLIST:[oss-security] 20211213 CVE-2021-4104: Deserialization of untrusted data in JMSAppender in Apache Log4j 1.2 CVE-2021-44228
MLIST:[oss-security] 20211213 Re: CVE-2021-4104: Deserialization of untrusted data in JMSAppender in Apache Log4j 1.2 CVE-2021-44228
MLIST:[oss-security] 20211214 CVE-2021-45046: Apache Log4j2 Thread Context Message Pattern and Context Lookup Pattern vulnerable to a denial of service attack CVE-2021-44228
MLIST:[oss-security] 20211214 [CVE-2021-44528] Possible Open Redirect in Host Authorization Middleware CVE-2021-22881 CVE-2021-22942
MLIST:[oss-security] 20211215 Re: CVE-2021-45046: Apache Log4j2 Thread Context Message Pattern and Context Lookup Pattern vulnerable to a denial of service attack CVE-2021-44228
MLIST:[oss-security] 20211216 CVE-2021-44145: Apache NiFi information disclosure by XXE CVE-2021-44145
MLIST:[oss-security] 20211218 CVE-2021-45105: Apache Log4j2 does not always protect from infinite recursion in lookup evaluation CVE-2021-45105
MLIST:[oss-security] 20211220 CVE-2021-41561: Apache Parquet-MR potential DoS in case of malicious Parquet file CVE-2021-41561
MLIST:[oss-security] 20211220 CVE-2021-43083: Apache PLC4X 0.9.0 Buffer overflow in PLC4C via crafted server response CVE-2021-43083
MLIST:[oss-security] 20211220 CVE-2021-44224: Apache HTTP Server: Possible NULL dereference or SSRF in forward proxy configurations in Apache HTTP Server 2.4.51 and earlier CVE-2021-44224
MLIST:[oss-security] 20211220 CVE-2021-44790: Apache HTTP Server: Possible buffer overflow when parsing multipart content in mod_lua of Apache HTTP Server 2.4.51 and earlier CVE-2021-44790
MLIST:[oss-security] 20211220 WebKitGTK and WPE WebKit Security Advisory WSA-2021-0007 CVE-2021-30809 CVE-2021-30818 CVE-2021-30823 CVE-2021-30836 CVE-2021-30884 CVE-2021-30887 CVE-2021-30888 CVE-2021-30889 CVE-2021-30890
MLIST:[oss-security] 20211223 CVE-2021-44273: e2guardian did not validate TLS hostnames CVE-2021-41611 CVE-2021-44273
MLIST:[oss-security] 20211224 CVE-2021-45469: Linux kernel: an out-of-bounds memory access in fs/f2fs/xattr.c __f2fs_setxattr CVE-2021-45469
MLIST:[oss-security] 20211227 CVE-2021-45232: Apache APISIX Dashboard: security vulnerability on unauthorized access CVE-2021-45232
MLIST:[oss-security] 20211228 CVE-2021-44832: Apache Log4j2 vulnerable to RCE via JDBC Appender when attacker controls configuration CVE-2021-44832
MLIST:[oss-security] 20220104 CVE-2021-38542: Apache James vulnerable to STARTTLS command injection (IMAP and POP3) CVE-2021-38542
MLIST:[oss-security] 20220104 CVE-2021-40110: Apache James IMAP vulnerable to a ReDoS CVE-2021-40110
MLIST:[oss-security] 20220104 CVE-2021-40111: Apache James IMAP parsing Denial Of Service CVE-2021-40111
MLIST:[oss-security] 20220104 CVE-2021-40525: Apache James: Sieve file storage vulnerable to path traversal attacks CVE-2021-40525
MLIST:[oss-security] 20220106 CVE-2021-27738: Apache Kylin: Improper Access Control to Streaming Coordinator & SSRF CVE-2021-27738
MLIST:[oss-security] 20220106 CVE-2021-31522: Apache Kylin unsafe class loading CVE-2021-31522
MLIST:[oss-security] 20220106 CVE-2021-36774: Apache Kylin: Mysql JDBC Connector Deserialize RCE CVE-2021-36774
MLIST:[oss-security] 20220106 CVE-2021-43045: Apache Avro: Possible DOS vulnerabilities in C# Avro SDK CVE-2021-43045
MLIST:[oss-security] 20220106 CVE-2021-45456: Apache Kylin: Command injection CVE-2021-45456
MLIST:[oss-security] 20220106 CVE-2021-45457: Apache Kylin: Overly broad CORS configuration CVE-2021-45457
MLIST:[oss-security] 20220106 CVE-2021-45458: Apache Kylin: Hardcoded credentials CVE-2021-45458
MLIST:[oss-security] 20220111 [SECURITY] CVE-2021-41767: Apache Guacamole: Private tunnel identifier may be included in the non-private details of active connections CVE-2021-41767
MLIST:[oss-security] 20220111 [SECURITY] CVE-2021-43999: Apache Guacamole: Improper validation of SAML responses CVE-2021-43999
MLIST:[oss-security] 20220112 CVE-2021-22569: Protobuf Java, Kotlin, JRuby DoS CVE-2021-22569
MLIST:[oss-security] 20220112 Re: CVE-2021-22569: Protobuf Java, Kotlin, JRuby DoS CVE-2021-22569
MLIST:[oss-security] 20220114 Re: 3 new CVE's in vim CVE-2021-3875 CVE-2021-3903 CVE-2021-3927 CVE-2021-3928 CVE-2021-3968 CVE-2021-3973 CVE-2021-3974 CVE-2021-3984 CVE-2021-4019 CVE-2021-4069 CVE-2021-4136 CVE-2021-4166 CVE-2021-4173 CVE-2021-4187 CVE-2021-4192 CVE-2021-4193 CVE-2022-0128 CVE-2022-0156 CVE-2022-0158 CVE-2022-0213
MLIST:[oss-security] 20220114 Re: Linux Kernel eBPF Improper Input Validation Vulnerability CVE-2022-23222
MLIST:[oss-security] 20220117 CVE-2021-42357: DOM based XSS Vulnerability in Apache Knox CVE-2021-42357
MLIST:[oss-security] 20220117 Expat 2.4.3 released, includes 8 security fixes CVE-2021-45960 CVE-2021-46143 CVE-2022-22822 CVE-2022-22823 CVE-2022-22824 CVE-2022-22825 CVE-2022-22826 CVE-2022-22827
MLIST:[oss-security] 20220117 Re: CVE-2021-4095: kernel: KVM: NULL pointer dereference in kvm_dirty_ring_get() in virt/kvm/dirty_ring.c CVE-2021-4095
MLIST:[oss-security] 20220118 CVE-2022-23302: Deserialization of untrusted data in JMSSink in Apache Log4j 1.x CVE-2021-4104 CVE-2022-23302
MLIST:[oss-security] 20220118 CVE-2022-23305: SQL injection in JDBC Appender in Apache Log4j V1 CVE-2022-23305
MLIST:[oss-security] 20220118 CVE-2022-23307: Apache Log4j 1.x: A deserialization flaw in the Chainsaw component of Log4j 1 can lead to malicious code execution. CVE-2020-9493
MLIST:[oss-security] 20220118 Re: Linux Kernel eBPF Improper Input Validation Vulnerability CVE-2022-23222
MLIST:[oss-security] 20220120 CVE-2021-45417 - aide (>= 0.13 <= 0.17.3): heap-based buffer overflow vulnerability in base64 functions CVE-2021-45417
MLIST:[oss-security] 20220120 CVE-2022-22733: Apache ShardingSphere ElasticJob-UI: Access-Token in ElasticJob UI causes password disclosure CVE-2022-22733
MLIST:[oss-security] 20220121 WebKitGTK and WPE WebKit Security Advisory WSA-2022-0001 CVE-2021-30934 CVE-2021-30936 CVE-2021-30951 CVE-2021-30952 CVE-2021-30953 CVE-2021-30954 CVE-2021-30984 CVE-2021-45481 CVE-2021-45482 CVE-2021-45483
MLIST:[oss-security] 20220122 Re: usbview polkit policy local root exploit (CVE-2022-23220) CVE-2022-23220
MLIST:[oss-security] 20220124 CVE-2022-23437: Infinite loop within Apache XercesJ xml parser CVE-2022-23437
MLIST:[oss-security] 20220125 CVE-2021-45029: Groovy Code Injection & SpEL Injection in Apache ShenYu 2.4.1 CVE-2021-45029
MLIST:[oss-security] 20220125 CVE-2022-0185: Linux kernel slab out-of-bounds write: exploit and writeup CVE-2021-26708
MLIST:[oss-security] 20220125 CVE-2022-23944: Apache ShenYu 2.4.1 Improper access control CVE-2022-23944
MLIST:[oss-security] 20220125 CVE-2022-23945: Apache ShenYu missing authentication allows gateway registration CVE-2022-23945
MLIST:[oss-security] 20220125 Multiple vulnerabilities in connman's dnsproxy component CVE-2021-33833
MLIST:[oss-security] 20220125 Re: CVE-2022-23944: Apache ShenYu 2.4.1 Improper access control CVE-2022-23944
MLIST:[oss-security] 20220125 Xen Security Advisory 393 v2 (CVE-2022-23033) - arm: guest_physmap_remove_page not removing the p2m mappings CVE-2022-23033
MLIST:[oss-security] 20220125 Xen Security Advisory 394 v3 (CVE-2022-23034) - A PV guest could DoS Xen while unmapping a grant CVE-2022-23034
MLIST:[oss-security] 20220125 Xen Security Advisory 395 v2 (CVE-2022-23035) - Insufficient cleanup of passed-through device IRQs CVE-2022-23035
MLIST:[oss-security] 20220126 CVE-2021-45029: Apache ShenYu (incubating) Groovy Code Injection and SpEL Injection CVE-2021-45029
MLIST:[oss-security] 20220126 CVE-2022-23944: Apache ShenYu (incubating) Improper access control CVE-2022-23944
MLIST:[oss-security] 20220126 CVE-2022-23945: Apache ShenYu (incubating) missing authentication allows gateway registration CVE-2022-23945
MLIST:[oss-security] 20220207 Browser-mediated attacks on WebDriver servers CVE-2020-15660
MLIST:[oss-security] 20220207 CVE-2022-22931: Path traversal in Apache James CVE-2021-40525
MLIST:[oss-security] 20220209 Vulnerability in Jenkins CVE-2021-43859
MLIST:[oss-security] 20220210 CVE-2022-0435: Remote Stack Overflow in Linux Kernel TIPC Module since 4.8 (net/tipc) CVE-2021-43267
MLIST:[oss-security] 20220211 CVE-2021-44521: Apache Cassandra: Remote code execution for scripted UDFs CVE-2021-44521
MLIST:[oss-security] 20220211 CVE-2022-24112: Apache APISIX: apisix/batch-requests plugin allows overwriting the X-REAL-IP header CVE-2022-24112
MLIST:[oss-security] 20220211 CVE-2022-24289: Apache Cayenne: Deserialization of untrusted data in the Hessian Component of Apache Cayenne 4.1 with older Java versions CVE-2022-24289
MLIST:[oss-security] 20220211 [CVE-2022-23633] Possible exposure of information vulnerability in Action Pack CVE-2022-23633
MLIST:[oss-security] 20220218 CVE-2021-4120: Insufficient validation of snap content interface and layout paths CVE-2021-4120 CVE-2021-44730 CVE-2021-44731
MLIST:[oss-security] 20220218 Multiple vulnerabilities affecting cobbler CVE-2021-45081
MLIST:[oss-security] 20220219 Expat 2.4.5 released, includes 5 security fixes CVE-2022-25235 CVE-2022-25236 CVE-2022-25313 CVE-2022-25314 CVE-2022-25315
MLIST:[oss-security] 20220221 CVE-2022-25375 : Linux RNDIS USB Gadget memory extraction via packet filter CVE-2022-25375
MLIST:[oss-security] 20220222 Re: Linux kernel: heap out of bounds write in nf_dup_netdev.c since 5.4 CVE-2022-25636
MLIST:[oss-security] 20220223 Fwd: Cyrus-SASL 2.1.28 released [fixes CVE-2022-24407 & CVE-2019-19906] CVE-2019-19906 CVE-2022-24407
MLIST:[oss-security] 20220223 Re: CVE-2021-44731: Race condition in snap-confine's setup_private_mount() CVE-2021-44730 CVE-2021-44731
MLIST:[oss-security] 20220225 [CVE-2022-24947] Apache JSPWiki CSRF Account Takeover CVE-2022-24947
MLIST:[oss-security] 20220225 [CVE-2022-24948] Apache JSPWiki Cross-site scripting vulnerability on User Preferences screen CVE-2022-24948
MLIST:[oss-security] 20220304 CVE-2022-25312: An XML external entity (XXE) injection vulnerability exists in the Apache Any23 RDFa XSLTStylesheet extractor CVE-2022-25312
MLIST:[oss-security] 20220306 Re: DNS rebinding on ReadyMedia/minidlna v1.3.0 and below CVE-2022-26505
MLIST:[oss-security] 20220307 CVE-2022-0847: Linux kernel: overwriting read-only files CVE-2016-5195
MLIST:[oss-security] 20220309 CVE-2022-26652: nats-server arbitrary file write CVE-2022-26652
MLIST:[oss-security] 20220311 CVE-2022-26878: Memory leak in Linux VirtIO Bluetooth driver CVE-2022-26878
MLIST:[oss-security] 20220314 CVE-2022-22719: Apache HTTP Server: mod_lua Use of uninitialized value of in r:parsebody CVE-2022-22719
MLIST:[oss-security] 20220314 CVE-2022-22720: HTTP request smuggling vulnerability in Apache HTTP Server 2.4.52 and earlier CVE-2022-22720
MLIST:[oss-security] 20220314 CVE-2022-22721: Apache HTTP Server: core: Possible buffer overflow with very large or unlimited LimitXMLRequestBody CVE-2022-22721
MLIST:[oss-security] 20220314 CVE-2022-23943: Apache HTTP Server: mod_sed: Read/write beyond bounds CVE-2022-23943
MLIST:[oss-security] 20220315 CVE-2022-26779: Apache Cloudstack insecure random number generation affects project email invitation CVE-2022-26779
MLIST:[oss-security] 20220318 Xen Security Advisory 398 v2 - Multiple speculative security issues CVE-2021-26341 CVE-2021-26401 CVE-2022-0001 CVE-2022-0002 CVE-2022-23960
MLIST:[oss-security] 20220324 Re: Lack of TLS certification chain validation in ZAP Proxy CVE-2022-27820
MLIST:[oss-security] 20220325 Re: zlib memory corruption on deflate (i.e. compress) CVE-2018-25032
MLIST:[oss-security] 20220325 Security Advisory 2022-01 for PowerDNS Authoritative Server 4.4.2, 4.5.3, 4.6.0 and PowerDNS Recursor 4.4.7, 4.5.7, 4.6.0 CVE-2022-27227
MLIST:[oss-security] 20220326 Re: zlib memory corruption on deflate (i.e. compress) CVE-2018-25032
MLIST:[oss-security] 20220328 CVE-2022-25757: Apache APISIX: the body_schema check in request-validation plugin can be bypassed CVE-2022-25757
MLIST:[oss-security] 20220402 Re: [PATCH AUTOSEL 5.15 13/16] vdpa: clean up get_config_size ret value handling CVE-2022-0998
MLIST:[oss-security] 20220405 Xen Security Advisory 397 v2 (CVE-2022-26356) - Racy interactions between dirty vram tracking and paging log dirty hypercalls CVE-2022-26356
MLIST:[oss-security] 20220405 Xen Security Advisory 399 v2 (CVE-2022-26357) - race in VT-d domain ID cleanup CVE-2022-26357
MLIST:[oss-security] 20220405 Xen Security Advisory 400 v2 (CVE-2022-26358,CVE-2022-26359,CVE-2022-26360,CVE-2022-26361) - IOMMU: RMRR (VT-d) and unity map (AMD-Vi) handling issues CVE-2022-26358 CVE-2022-26359 CVE-2022-26360 CVE-2022-26361
MLIST:[oss-security] 20220406 CVE-2022-26850: Apache NiFi: Insufficiently protected credentials CVE-2022-26850
MLIST:[oss-security] 20220406 CVE-2022-28356: Linux kernel: refcount leak in llc_ui_bind and llc_ui_autobind CVE-2022-28356
MLIST:[oss-security] 20220411 CVE-2022-28893: Linux kernel: Use after free in SUNRPC subsystem CVE-2022-28893
MLIST:[oss-security] 20220411 Re: CVE-2022-28893: Linux kernel: Use after free in SUNRPC subsystem CVE-2022-28893
MLIST:[oss-security] 20220412 CVE-2021-31805: Apache Struts: Forced OGNL evaluation, when evaluated on raw not validated user input in tag attributes, may lead to RCE. CVE-2020-17530 CVE-2021-31805
MLIST:[oss-security] 20220412 Multiple vulnerabilities in Jenkins plugins CVE-2017-2601
MLIST:[oss-security] 20220412 git v2.35.2 and friends for CVE-2022-24765 CVE-2022-24765
MLIST:[oss-security] 20220413 CVE-2022-0617: udf:A null-ptr-deref bug be triggered when write to an ICB inode CVE-2022-0617
MLIST:[oss-security] 20220413 CVE-2022-27479: Apache Superset: SQL injection vulnerability in chart data API CVE-2022-27479
MLIST:[oss-security] 20220414 Multiple vulnerabilities in swhkd hotkey helper for Wayland CVE-2022-27815 CVE-2022-27816 CVE-2022-27818 CVE-2022-27819
MLIST:[oss-security] 20220416 Re: Browser-mediated attacks on WebDriver servers CVE-2022-28109
MLIST:[oss-security] 20220420 CVE-2022-29266: Apache APISIX: apisix/jwt-auth may leak secrets in error response CVE-2022-29266
MLIST:[oss-security] 20220422 CVE-2022-29464 :: WSO2 Unrestricted arbitrary file upload, and remote code to execution vulnerability. CVE-2022-29464
MLIST:[oss-security] 20220422 Re: Linux: UaF due to concurrency issue in io_uring timeouts CVE-2022-29582
MLIST:[oss-security] 20220426 CVE-2022-23942: Apache Doris(incubating) hardcoded cryptography initialization CVE-2022-23942
MLIST:[oss-security] 20220426 CVE-2022-24706: Apache CouchDB: Remote Code Execution Vulnerability in Packaging CVE-2022-24706
MLIST:[oss-security] 20220426 [morningman@....com: CVE-2022-23942: Apache Doris(incubating) hardcoded cryptography initialization] CVE-2022-23942
MLIST:[oss-security] 20220427 [SECURITY ADVISORY] curl auth/cookie leak on redirect CVE-2018-1000007
MLIST:[oss-security] 20220428 CVE-2022-21449 and version reporting CVE-2022-21449
MLIST:[oss-security] 20220428 Re: CVE-2022-21449 and version reporting CVE-2022-21449
MLIST:[oss-security] 20220429 Re: CVE-2022-21449 and version reporting CVE-2022-21449
MLIST:[oss-security] 20220430 Re: CVE-2022-21449 and version reporting CVE-2022-21449
MLIST:[oss-security] 20220501 Re: CVE-2022-21449 and version reporting CVE-2022-21449
MLIST:[oss-security] 20220502 Re: CVE-2022-21449 and version reporting CVE-2022-21449
MLIST:[oss-security] 20220509 Re: CVE-2022-24706: Apache CouchDB: Remote Code Execution Vulnerability in Packaging CVE-2022-24706
MLIST:[oss-security] 20220511 [SECURITY ADVISORY] curl: cookie for trailing dot TLD CVE-2014-3620
MLIST:[oss-security] 20220512 CVE-2022-29162: runc < 1.1.2 incorrect handling of inheritable capabilities in default configuration CVE-2022-24769
MLIST:[oss-security] 20220516 CVE-2022-25169: Apache Tika BPGParser Memory Usage DoS CVE-2022-25169
MLIST:[oss-security] 20220516 CVE-2022-30126: Apache Tika Regular Expression Denial of Service in Standards Extractor CVE-2022-30126
MLIST:[oss-security] 20220517 CVE-2022-30688: needrestart 0.8+ local privilege escalation CVE-2022-30688
MLIST:[oss-security] 20220517 Multiple vulnerabilities in Jenkins plugins CVE-2017-2601
MLIST:[oss-security] 20220518 CVE-2022-29581: Linux kernel cls_u32 UAF CVE-2022-29581
MLIST:[oss-security] 20220525 Re: CVE-2022-1348 logrotate: potential DoS from unprivileged users via the state file CVE-2022-1348
MLIST:[oss-security] 20220525 Re: Re: CVE-2022-1348 logrotate: potential DoS from unprivileged users via the state file CVE-2022-1348
MLIST:[oss-security] 20220525 multiple vulnerabilities in radare2 CVE-2021-44974 CVE-2021-44975 CVE-2022-0419
MLIST:[oss-security] 20220526 OPEN SOURCE NTFS-3G SECURITY ADVISORY NTFS3G-SA-2022-0001 CVE-2021-46790
MLIST:[oss-security] 20220530 WebKitGTK and WPE WebKit Security Advisory WSA-2022-0005 CVE-2022-30293
MLIST:[oss-security] 20220531 CVE-2022-30973: Apache Tika: Missing fix for CVE-2022-30126 in 1.28.2 CVE-2022-30126 CVE-2022-30973
MLIST:[oss-security] 20220601 Re: CVE-2021-4204: Linux Kernel eBPF Improper Input Validation Vulnerability CVE-2021-4202
MLIST:[oss-security] 20220601 Re: Linux Kernel eBPF Improper Input Validation Vulnerability CVE-2022-23222
MLIST:[oss-security] 20220603 Re: Linux Kernel use-after-free write in netfilter CVE-2022-32250
MLIST:[oss-security] 20220604 Re: CVE-2021-4204: Linux Kernel eBPF Improper Input Validation Vulnerability CVE-2021-4202
MLIST:[oss-security] 20220604 Re: Linux Kernel eBPF Improper Input Validation Vulnerability CVE-2022-23222
MLIST:[oss-security] 20220604 Re: Linux Kernel use-after-free write in netfilter CVE-2022-32250
MLIST:[oss-security] 20220604 Re: Linux Kernel: Exploitable vulnerability in io_uring CVE-2021-41073
MLIST:[oss-security] 20220605 Re: Linux kernel: UAF, null-ptr-deref and double-free vulnerabilities in nfcmrvl module CVE-2022-1734
MLIST:[oss-security] 20220606 CVE-2022-31030: containerd CRI plugin: Host memory exhaustion through ExecSync CVE-2022-31030
MLIST:[oss-security] 20220607 Re: CVE-2021-4204: Linux Kernel eBPF Improper Input Validation Vulnerability CVE-2021-4202
MLIST:[oss-security] 20220607 Re: Linux Kernel eBPF Improper Input Validation Vulnerability CVE-2022-23222
MLIST:[oss-security] 20220607 UNPAR-2022-0 Multiple Vulnerabilities in ntfs-3g NTFS Mount Tool CVE-2022-30783 CVE-2022-30785 CVE-2022-30787
MLIST:[oss-security] 20220608 CVE-2022-26377: Apache HTTP Server: mod_proxy_ajp: Possible request smuggling CVE-2022-26377
MLIST:[oss-security] 20220608 CVE-2022-28330: Apache HTTP Server: read beyond bounds in mod_isapi CVE-2022-28330
MLIST:[oss-security] 20220608 CVE-2022-28614: Apache HTTP Server: read beyond bounds via ap_rwrite() CVE-2022-28614
MLIST:[oss-security] 20220608 CVE-2022-28615: Apache HTTP Server: Read beyond bounds in ap_strcmp_match() CVE-2022-28615
MLIST:[oss-security] 20220608 CVE-2022-29404: Apache HTTP Server: Denial of service in mod_lua r:parsebody CVE-2022-29404
MLIST:[oss-security] 20220608 CVE-2022-30522: Apache HTTP Server: mod_sed denial of service CVE-2022-30522
MLIST:[oss-security] 20220608 CVE-2022-30556: Apache HTTP Server: Information Disclosure in mod_lua with websockets CVE-2022-30556
MLIST:[oss-security] 20220608 CVE-2022-31813: Apache HTTP Server: mod_proxy X-Forwarded-For dropped by hop-by-hop mechanism CVE-2022-31813
MLIST:[oss-security] 20220609 Re: Linux kernel: UAF, null-ptr-deref and double-free vulnerabilities in nfcmrvl module CVE-2022-1734
MLIST:[oss-security] 20220609 Xen Security Advisory 401 v2 (CVE-2022-26362) - x86 pv: Race condition in typeref acquisition CVE-2022-26362
MLIST:[oss-security] 20220609 Xen Security Advisory 402 v4 (CVE-2022-26363,CVE-2022-26364) - x86 pv: Insufficient care with non-coherent mappings CVE-2022-26363 CVE-2022-26364
MLIST:[oss-security] 20220614 CVE-2022-25167 - Apache Flume JMSSource does not protect from malicious JNDI urls CVE-2022-25167
MLIST:[oss-security] 20220614 CVE-2022-32981: Linux kernel for powerpc 32-bit, buffer overflow in ptrace PEEKUSER/POKEUSER CVE-2022-32981
MLIST:[oss-security] 20220614 Xen Security Advisory 404 v1 (CVE-2022-21123,CVE-2022-21124,CVE-2022-21166) - x86: MMIO Stale Data vulnerabilities CVE-2022-21124
MLIST:[oss-security] 20220615 CVE-2021-33036: Apache Hadoop Privilege escalation vulnerability CVE-2021-33036
MLIST:[oss-security] 20220616 Xen Security Advisory 404 v2 (CVE-2022-21123,CVE-2022-21125,CVE-2022-21166) - x86: MMIO Stale Data vulnerabilities CVE-2022-21123 CVE-2022-21124 CVE-2022-21125 CVE-2022-21127 CVE-2022-21166 CVE-2022-21180
MLIST:[oss-security] 20220619 Linux kernel: CVE-2022-1516: NULL pointer dereference in Linux kernel`s X.25 network protocol CVE-2022-1516
MLIST:[oss-security] 20220620 Re: Linux Kernel use-after-free write in netfilter CVE-2022-32250
MLIST:[oss-security] 20220622 Multiple vulnerabilities in Jenkins and Jenkins plugins CVE-2017-2601
MLIST:[oss-security] 20220623 CVE-2022-34305: Apache Tomcat: XSS in examples web application CVE-2022-34305
MLIST:[oss-security] 20220627 CVE-2022-33879: Apache Tika: Incomplete fix and new regex DoS in StandardsExtractingContentHandler CVE-2022-30126 CVE-2022-30973 CVE-2022-33879
MLIST:[oss-security] 20220630 Multiple vulnerabilities in Jenkins plugins CVE-2017-2601
MLIST:[oss-security] 20220702 Re: GnuPG signature spoofing via status line injection CVE-2022-34903
MLIST:[oss-security] 20220703 Linux kernel: Netfilter heap buffer overflow: Is this CVE-2022-32250? CVE-2022-32250
MLIST:[oss-security] 20220703 Re: Linux kernel: Netfilter heap buffer overflow: Is this CVE-2022-32250? CVE-2022-32250
MLIST:[oss-security] 20220705 Re: Linux kernel: Netfilter heap buffer overflow in nft_set_elem_init CVE-2022-34918
MLIST:[oss-security] 20220705 WebKitGTK and WPE WebKit Security Advisory WSA-2022-0006 CVE-2022-22662
MLIST:[oss-security] 20220705 Xen Security Advisory 403 v3 (CVE-2022-26365,CVE-2022-33740,CVE-2022-33741,CVE-2022-33742) - Linux disk/nic frontends data leaks CVE-2022-26365 CVE-2022-33740 CVE-2022-33741 CVE-2022-33742
MLIST:[oss-security] 20220705 Xen Security Advisory 405 v3 (CVE-2022-33743) - network backend may cause Linux netfront to use freed SKBs CVE-2022-33743
MLIST:[oss-security] 20220705 Xen Security Advisory 406 v3 (CVE-2022-33744) - Arm guests can cause Dom0 DoS via PV devices CVE-2022-33744
MLIST:[oss-security] 20220706 CVE-2021-37839: Apache Superset: Improper access to dataset metadata information CVE-2021-37839
MLIST:[oss-security] 20220706 CVE-2022-32533: Apache Portals Jetspeed XSS, CSRF, SSRF, and XXE issues CVE-2022-32533
MLIST:[oss-security] 20220706 CVE-2022-33980: Apache Commons Configuration insecure interpolation defaults CVE-2022-33980
MLIST:[oss-security] 20220712 Re: Xen Security Advisory 407 v1 (CVE-2022-23816,CVE-2022-23825,CVE-2022-29900) - Retbleed - arbitrary speculative code execution with return instructions CVE-2022-29901
MLIST:[oss-security] 20220712 Xen Security Advisory 407 v1 (CVE-2022-23816,CVE-2022-23825,CVE-2022-29900) - Retbleed - arbitrary speculative code execution with return instructions CVE-2022-29901
MLIST:[oss-security] 20220713 Git v2.37.1 and friends for CVE-2022-29187 CVE-2022-29187
MLIST:[oss-security] 20220713 Re: Xen Security Advisory 407 v1 (CVE-2022-23816,CVE-2022-23825,CVE-2022-29900) - Retbleed - arbitrary speculative code execution with return instructions CVE-2022-29901
MLIST:[oss-security] 20220718 CVE-2022-36127: Apache SkyWalking NodeJS Agent: Service unavailability impact in NodeJS agent(version <= 0.5.0) CVE-2022-36127
MLIST:[oss-security] 20220718 [ADVISORY] Apache CloudStack SAML Single Sign-On XXE (CVE-2022-35741) CVE-2022-35741
MLIST:[oss-security] 20220719 CVE-2021-33655: Linux kernel: When sending malicous data to kernel by ioctl cmd FBIOPUT_VSCREENINFO,kernel will write memory out of bounds.(5.18 5.19.0-rc1) CVE-2021-33655
MLIST:[oss-security] 20220719 CVE-2021-33656: Linux kernel: When setting font with malicous data by ioctl cmd PIO_FONT,kernel will write memory out of bounds.(<5.10.127) CVE-2021-33656
MLIST:[oss-security] 20220720 Grails Framework Remote Code Execution Vulnerability, CVE-2022-35912 CVE-2022-35912
MLIST:[oss-security] 20220720 Re: [ADVISORY] Apache CloudStack SAML Single Sign-On XXE (CVE-2022-35741) CVE-2022-35741
MLIST:[oss-security] 20220724 CVE-2022-24294: ReDoS in Apache MXNet RTC Module CVE-2022-24294
MLIST:[oss-security] 20220725 Re: CVE Request: heap buffer overflow in gdk-pixbuf CVE-2021-46829
MLIST:[oss-security] 20220726 Xen Security Advisory 408 v2 (CVE-2022-33745) - insufficient TLB flush for x86 PV guests in shadow mode CVE-2022-33745
MLIST:[oss-security] 20220726 Xen Security Advisory 408 v3 (CVE-2022-33745) - insufficient TLB flush for x86 PV guests in shadow mode CVE-2022-33745
MLIST:[oss-security] 20220728 CVE-2022-36364: Apache Calcite Avatica JDBC driver `httpclient_impl` connection property can be used as an RCE vector CVE-2022-36364
MLIST:[oss-security] 20220728 WebKitGTK and WPE WebKit Security Advisory WSA-2022-0007 CVE-2022-2294
MLIST:[oss-security] 20220802 CVE-2022-29154: Rsync client-side arbitrary file write vulnerability. CVE-2019-6111 CVE-2022-29154
MLIST:[oss-security] 20220803 CVE-2022-28730: Apache JSPWiki Cross-site scripting vulnerability on AJAXPreview.jsp CVE-2021-40369
MLIST:[oss-security] 20220803 Django: CVE-2022-36359: Potential reflected file download vulnerability in FileResponse. CVE-2022-36359
MLIST:[oss-security] 20220806 Re: Linux kernel: Netfilter heap buffer overflow in nft_set_elem_init CVE-2022-34918
MLIST:[oss-security] 20220808 CVE-2022-2590: Linux kernel: Modifying shmem/tmpfs files without write permissions CVE-2016-5195
MLIST:[oss-security] 20220808 Re: CVE-2022-2590: Linux kernel: Modifying shmem/tmpfs files without write permissions CVE-2016-5195
MLIST:[oss-security] 20220808 Re: Linux: UaF due to concurrency issue in io_uring timeouts CVE-2022-29582
MLIST:[oss-security] 20220808 wolfSSL 5.4.0 fixes CVE-2022-34293 and other issues CVE-2020-12966 CVE-2021-46744 CVE-2022-34293
MLIST:[oss-security] 20220809 Re: CVE-2022-2590: Linux kernel: Modifying shmem/tmpfs files without write permissions CVE-2016-5195
MLIST:[oss-security] 20220815 Re: CVE-2022-2590: Linux kernel: Modifying shmem/tmpfs files without write permissions CVE-2016-5195
MLIST:[oss-security] 20220816 CVE-2022-38362: Apache Airflow Docker Provider <3.0 RCE vulnerability in example dag CVE-2022-38362
MLIST:[oss-security] 20220823 Multiple vulnerabilities in Jenkins plugins CVE-2021-25738
MLIST:[oss-security] 20220823 [SECURITY ADVISORY] open-vm-tools: Local privilege escalation vulnerability (CVE-2022-31676) CVE-2022-31676
MLIST:[oss-security] 20220825 CVE-2022-22728: libapreq2: libapreq2 multipart form parse memory corruption CVE-2022-22728
MLIST:[oss-security] 20220825 Re: CVE-2022-22728: libapreq2: libapreq2 multipart form parse memory corruption CVE-2022-22728
MLIST:[oss-security] 20220825 Re: Linux Kernel use-after-free write in netfilter CVE-2022-32250
MLIST:[oss-security] 20220825 Re: Linux kernel: CVE-2022-1015,CVE-2022-1016 in nf_tables cause privilege escalation, information leak CVE-2022-1015
MLIST:[oss-security] 20220825 WebKitGTK and WPE WebKit Security Advisory WSA-2022-0008 CVE-2022-32893
MLIST:[oss-security] 20220826 Re: CVE-2022-22728: libapreq2: libapreq2 multipart form parse memory corruption CVE-2022-22728
MLIST:[oss-security] 20220826 Re: WebKitGTK and WPE WebKit Security Advisory WSA-2022-0008 CVE-2022-32893
MLIST:[oss-security] 20220829 Re: WebKitGTK and WPE WebKit Security Advisory WSA-2022-0008 CVE-2022-32893
MLIST:[oss-security] 20220831 Re: Freeciv < 2.6.7, freeciv-3.0 < 3.0.3, Modpack Installer buffer overflow CVE-2022-39047
MLIST:[oss-security] 20220902 Apache OFBiz - Java Deserialization via RMI Connection (CVE-2022-29063) CVE-2022-29063
MLIST:[oss-security] 20220902 Apache OFBiz - Regular Expression Denial of Service (ReDoS) (CVE-2022-29158) CVE-2022-29158
MLIST:[oss-security] 20220902 Apache OFBiz - Server-Side Template Injection (CVE-2022-25813) CVE-2022-25813
MLIST:[oss-security] 20220902 Apache OFBiz - Unauth Stored XSS (CVE-2022-25370) CVE-2022-25370
MLIST:[oss-security] 20220902 CVE-2022-38054: Apache Airflow: Session Fixation CVE-2022-38054
MLIST:[oss-security] 20220902 CVE-2022-38170: Apache Airflow: Overly permissive umask for deamons CVE-2022-38170
MLIST:[oss-security] 20220902 JBIG2 integer overflow fixed in Xpdf 4.04, Poppler 22.09.0 CVE-2021-30860 CVE-2022-38171 CVE-2022-38784
MLIST:[oss-security] 20220902 Re: CVE-2022-38170: Apache Airflow: Overly permissive umask for deamons CVE-2022-38170
MLIST:[oss-security] 20220902 Re: Linux Kernel use-after-free write in netfilter CVE-2022-32250
MLIST:[oss-security] 20220902 Re: WebKitGTK and WPE WebKit Security Advisory WSA-2022-0008 CVE-2022-32893
MLIST:[oss-security] 20220903 Re: Apache OFBiz - Unauth Path Traversal with file corruption (CVE-2022-25371) CVE-2022-25370
MLIST:[oss-security] 20220905 CVE-2022-38369: Apache IoTDB: Login check vulnerability by session Id CVE-2022-38369
MLIST:[oss-security] 20220905 CVE-2022-38370: Apache IoTDB: No authorization of DatabaseConnectController in grafana-connector. CVE-2022-38370
MLIST:[oss-security] 20220906 Re: CVE-2022-28199: DPDK mlx5 driver error recovery handling vulnerability CVE-2022-28199
MLIST:[oss-security] 20220909 Vulnerability in Jenkins CVE-2022-2048
MLIST:[oss-security] 20220911 Re: CVE-2019-18960: Firecracker v0.18.0 and v0.19.0 vsock buffer overflow CVE-2019-18960
MLIST:[oss-security] 20220913 Re: WebKitGTK and WPE WebKit Security Advisory WSA-2022-0008 CVE-2022-32893
MLIST:[oss-security] 20220914 insufficiently protected D-Bus interface in KDiskMark 3.0.0 (CVE-2022-40673) CVE-2022-40673
MLIST:[oss-security] 20220919 CVE-2022-28220: STARTTLS command injection in Apache JAMES CVE-2021-38542 CVE-2022-28220
MLIST:[oss-security] 20220919 Re: Linux kernel: information disclosure in stex_queuecommand_lck CVE-2022-40768
MLIST:[oss-security] 20220920 Re: CVE-2022-38170: Apache Airflow: Overly permissive umask for deamons CVE-2022-38170
MLIST:[oss-security] 20220921 ISC has disclosed six vulnerabilities in BIND (CVE-2022-2795, CVE-2022-2881, CVE-2022-2906, CVE-2022-3080, CVE-2022-38177, CVE-2022-38178) CVE-2022-2795 CVE-2022-2881 CVE-2022-2906 CVE-2022-3080 CVE-2022-38177 CVE-2022-38178
MLIST:[oss-security] 20220922 CVE-2022-40705: Apache SOAP: XML External Entity Injection (XXE) allows unauthenticated users to read arbitrary files via HTTP CVE-2022-40705
MLIST:[oss-security] 20220923 CVE-2022-41218: Linux dvb-core: UAF in dvb-core/dmxdev CVE-2022-41218
MLIST:[oss-security] 20220923 Re: [Report v2] CVE-2022-41218: Linux dvb-core: UAF in dvb-core/dmxdev CVE-2022-41218
MLIST:[oss-security] 20220923 [Report v2] CVE-2022-41218: Linux dvb-core: UAF in dvb-core/dmxdev CVE-2022-41218
MLIST:[oss-security] 20220927 CVE-2022-1941: Protobuf C++, Python DoS CVE-2022-1941
MLIST:[oss-security] 20220928 CVE-2021-43980: Apache Tomcat: Information disclosure CVE-2021-43980
MLIST:[oss-security] 20221003 CreativeDream software arbitrary file upload CVE-2022-40721
MLIST:[oss-security] 20221011 CVE-2022-40664: Apache Shiro: Authentication Bypass Vulnerability in Shiro when forwarding or including via RequestDispatcher CVE-2022-40664
MLIST:[oss-security] 20221011 Xen Security Advisory 409 v3 (CVE-2022-33747) - Arm: unbounded memory consumption for 2nd-level page tables CVE-2022-33747
MLIST:[oss-security] 20221011 Xen Security Advisory 410 v3 (CVE-2022-33746) - P2M pool freeing may take excessively long CVE-2022-33746
MLIST:[oss-security] 20221011 Xen Security Advisory 411 v3 (CVE-2022-33748) - lock order inversion in transitive grant copy handling CVE-2022-33748
MLIST:[oss-security] 20221011 Xen Security Advisory 413 v2 (CVE-2022-33749) - XAPI open file limit DoS CVE-2022-33749
MLIST:[oss-security] 20221012 Re: CVE-2022-40664: Apache Shiro: Authentication Bypass Vulnerability in Shiro when forwarding or including via RequestDispatcher CVE-2022-40664
MLIST:[oss-security] 20221013 CVE-2022-42889: Apache Commons Text prior to 1.10.0 allows RCE when applied to untrusted input due to insecure interpolation defaults CVE-2022-42889
MLIST:[oss-security] 20221013 Re: sagemath denial of service with abort() in gmp: overflow in mpz type CVE-2021-43618
MLIST:[oss-security] 20221017 Re: CVE-2022-42889: Apache Commons Text prior to 1.10.0 allows RCE when applied to untrusted input due to insecure interpolation defaults CVE-2022-42889
MLIST:[oss-security] 20221019 CVE-2022-42466: Apache Isis: XSS vulnerability, eg for String properties. CVE-2022-42466
MLIST:[oss-security] 20221019 ISIS-3128: CVE-2022-42467: Apache Isis: h2 webconsole (available only in prototype mode) should nevertheless be disabled by default. CVE-2022-42467
MLIST:[oss-security] 20221019 Multiple vulnerabilities in Jenkins plugins CVE-2017-2601
MLIST:[oss-security] 20221023 CVE-2021-42010: Apache Heron (Incubating): CRLF log injection CVE-2021-42010
MLIST:[oss-security] 20221024 CVE-2022-34870: Apache Geode stored Cross-Site Scripting (XSS) via data injection vulnerability in Pulse web application CVE-2022-34870
MLIST:[oss-security] 20221024 Warpinator remote file creation / overwrite security issue (CVE-2022-42725) CVE-2022-42725
MLIST:[oss-security] 20221025 [CVE-2022-41704] Apache Batik information disclosure vulnerability CVE-2022-41704
MLIST:[oss-security] 20221025 [CVE-2022-42890] Apache Batik information disclosure vulnerability CVE-2022-42890
MLIST:[oss-security] 20221026 [SECURITY ADVISORY] CVE-2022-42916: HSTS bypass via IDN (curl) CVE-2022-30115
MLIST:[oss-security] 20221028 CVE-2022-26884: Apache DolphinScheduler exposes files without authentication CVE-2022-26884
MLIST:[oss-security] 20221101 CVE-2022-34662: Apache DolphinScheduler prior to 3.0.0 allows path traversal CVE-2022-34662
MLIST:[oss-security] 20221101 Xen Security Advisory 412 v2 (CVE-2022-42327) - x86: unintended memory sharing between guests CVE-2022-42327
MLIST:[oss-security] 20221101 Xen Security Advisory 414 v2 (CVE-2022-42309) - Xenstore: Guests can crash xenstored CVE-2022-42309
MLIST:[oss-security] 20221101 Xen Security Advisory 415 v2 (CVE-2022-42310) - Xenstore: Guests can create orphaned Xenstore nodes CVE-2022-42310
MLIST:[oss-security] 20221101 Xen Security Advisory 416 v2 (CVE-2022-42319) - Xenstore: Guests can cause Xenstore to not free temporary memory CVE-2022-42319
MLIST:[oss-security] 20221101 Xen Security Advisory 417 v2 (CVE-2022-42320) - Xenstore: Guests can get access to Xenstore nodes of deleted domains CVE-2022-42320
MLIST:[oss-security] 20221101 Xen Security Advisory 418 v2 (CVE-2022-42321) - Xenstore: Guests can crash xenstored via exhausting the stack CVE-2022-42321
MLIST:[oss-security] 20221101 Xen Security Advisory 419 v2 (CVE-2022-42322,CVE-2022-42323) - Xenstore: Cooperating guests can create arbitrary numbers of nodes CVE-2022-42322 CVE-2022-42323
MLIST:[oss-security] 20221101 Xen Security Advisory 420 v2 (CVE-2022-42324) - Oxenstored 32->31 bit integer truncation issues CVE-2022-42324
MLIST:[oss-security] 20221101 Xen Security Advisory 421 v2 (CVE-2022-42325,CVE-2022-42326) - Xenstore: Guests can create arbitrary number of nodes via transactions CVE-2022-42325 CVE-2022-42326
MLIST:[oss-security] 20221102 CVE-2022-43670: Apache Sling App CMS: XSS in Sling CMS Reference App Taxonomy Path CVE-2022-43670
MLIST:[oss-security] 20221103 CVE-2022-32287: Apache UIMA prior to 3.3.1 has a path traversal vulnerability when extracting (PEAR) archives CVE-2022-32287
MLIST:[oss-security] 20221104 Fwd: [ANNOUNCE] pixman release 0.42.2 now available CVE-2022-44638
MLIST:[oss-security] 20221104 WebKitGTK and WPE WebKit Security Advisory WSA-2022-0010 CVE-2022-32888 CVE-2022-32923 CVE-2022-42799 CVE-2022-42823 CVE-2022-42824
MLIST:[oss-security] 20221107 Re: CVE-2022-42920: Apache Commons BCEL prior to 6.6.0 allows producing arbitrary bytecode via out-of-bounds writing CVE-2022-42920
MLIST:[oss-security] 20221108 Xen Security Advisory 422 v1 (CVE-2022-23824) - x86: Multiple speculative security issues CVE-2022-23825
MLIST:[oss-security] 20221110 CVE-2022-45063: xterm <375 code execution via font ops CVE-2022-45063
MLIST:[oss-security] 20221110 Re: CVE-2022-45063: xterm <375 code execution via font ops CVE-2022-45063
MLIST:[oss-security] 20221110 Xen Security Advisory 422 v2 (CVE-2022-23824) - x86: Multiple speculative security issues CVE-2022-23825
MLIST:[oss-security] 20221113 CVE-2022-27949: Apache Airflow: sensitive values in rendered template CVE-2022-27949
MLIST:[oss-security] 20221113 CVE-2022-40127: RCE in Apache Airflow <2.4.0 bash example CVE-2022-40127
MLIST:[oss-security] 20221114 CVE-2022-45136: JDBC Deserialisation in Apache Jena SDB CVE-2022-45136
MLIST:[oss-security] 20221115 CVE-2022-40308: Apache Archiva prior to 2.2.9 may allow the anonymous user to read arbitrary files CVE-2022-40308
MLIST:[oss-security] 20221115 CVE-2022-40309: Apache Archiva prior to 2.2.9 allows an authenticated user to delete arbitrary directories CVE-2022-40309
MLIST:[oss-security] 20221115 CVE-2022-45402: Apache Airflow: Open redirect during login CVE-2022-45402
MLIST:[oss-security] 20221115 Multiple vulnerabilities in Jenkins plugins CVE-2022-33980
MLIST:[oss-security] 20221118 Linux kernel: staging: rtl8712: A Use-after-Free/Double-Free bug in read_bbreg_hdl in drivers/staging/rtl8712/rtl8712_cmd.c CVE-2021-28660
MLIST:[oss-security] 20221121 Re: Linux kernel: staging: rtl8712: A Use-after-Free/Double-Free bug in read_bbreg_hdl in drivers/staging/rtl8712/rtl8712_cmd.c CVE-2021-28660
MLIST:[oss-security] 20221123 CVE-2022-45462: Apache DolphinScheduler prior to 2.0.5 have command execution vulnerability CVE-2022-45462
MLIST:[oss-security] 20221129 CVE-2022-44635: Apache Fineract allowed an authenticated user to perform remote code execution due to path traversal CVE-2022-44635
MLIST:[oss-security] 20221129 CVE-2022-46146 in Prometheus' exporter toolkit: bypass basic authentication CVE-2022-46146
MLIST:[oss-security] 20221129 Re: CVE-2022-46146 in Prometheus' exporter toolkit: bypass basic authentication CVE-2022-46146
MLIST:[oss-security] 20221130 Race condition in snap-confine's must_mkdir_and_open_with_perms() (CVE-2022-3328) CVE-2021-3995 CVE-2021-3996 CVE-2021-44731 CVE-2022-41973 CVE-2022-41974
MLIST:[oss-security] 20221130 Security sensitive bug in the i915 kernel driver (CVE-2022-4139) CVE-2022-0330
MLIST:[oss-security] 20221202 CVE-2022-46366: Apache Tapestry prior to version 4 (EOL) allows RCE though deserialization of untrusted input CVE-2020-17531 CVE-2022-46366
MLIST:[oss-security] 20221203 CVE-2021-37533: Apache Commons Net's FTP client trusts the host from PASV response by default CVE-2021-37533
MLIST:[oss-security] 20221205 CVE-2022-45046: Apache Camel: LDAP Injection in Camel-LDAP CVE-2022-45046
MLIST:[oss-security] 20221207 Xen Security Advisory 423 v2 (CVE-2022-3643) - Guests can trigger NIC interface reset/abort/crash via netback CVE-2022-3643
MLIST:[oss-security] 20221208 Re: Xen Security Advisory 424 v1 (CVE-2022-42328,CVE-2022-42329) - Guests can trigger deadlock in Linux netback driver CVE-2022-42328 CVE-2022-42329
MLIST:[oss-security] 20221209 Re: Xen Security Advisory 424 v1 (CVE-2022-42328,CVE-2022-42329) - Guests can trigger deadlock in Linux netback driver CVE-2022-42328 CVE-2022-42329
MLIST:[oss-security] 20221221 curl: CVE-2022-43551: Another HSTS bypass via IDN CVE-2022-30115 CVE-2022-42916
MLIST:[oss-security] 20221222 Re: [Linux] /proc/pid/stat parsing bugs CVE-2017-1000367
MLIST:[oss-security] 20221227 Re: Details on this supposed Linux Kernel ksmbd RCE CVE-2018-8822
MLIST:[oss-security] 20221227 Re: Linux kernel: use-after-free in io_sqpoll_wait_sq CVE-2022-47946
MLIST:[oss-security] 20221229 Re: CVE-2022-22728: libapreq2: libapreq2 multipart form parse memory corruption CVE-2022-22728
MLIST:[oss-security] 20221230 CVE-2022-43396: Apache Kylin: Command injection by Useless configuration CVE-2022-24697
MLIST:[oss-security] 20221230 Re: CVE-2022-22728: libapreq2: libapreq2 multipart form parse memory corruption CVE-2022-22728
MLIST:[oss-security] 20221231 Re: CVE-2022-22728: libapreq2: libapreq2 multipart form parse memory corruption CVE-2022-22728
MLIST:[oss-security] 20230102 Re: CVE-2022-22728: libapreq2: libapreq2 multipart form parse memory corruption CVE-2022-22728
MLIST:[oss-security] 20230103 Re: CVE-2022-22728: libapreq2: libapreq2 multipart form parse memory corruption CVE-2022-22728
MLIST:[oss-security] 20230104 Code execution through MIME-type association of Mono interpreter and security expectations of MIME type associations CVE-2021-32563
MLIST:[oss-security] 20230105 Re: Code execution through MIME-type association of Mono interpreter and security expectations of MIME type associations CVE-2021-32563
MLIST:[oss-security] 20230113 CVE-2023-0179: Linux kernel stack buffer overflow in nftables: PoC and writeup CVE-2022-1015
MLIST:[oss-security] 20230116 CVE-2022-47630 Trusted Firmware-A - Out-of-bounds read in X.509 parser CVE-2022-47630
MLIST:[oss-security] 20230118 Re: CVE-2023-0122: Linux kernel: Pre-Auth Remote DoS in NVMe CVE-2023-0122
MLIST:[oss-security] 20230119 CVE-2023-22809: Sudoedit can edit arbitrary files CVE-2023-22809
MLIST:[oss-security] 20230120 Security Advisory 2023-01 for PowerDNS Recursor 4.8.0 (CVE-2023-22617) CVE-2023-22617
MLIST:[oss-security] 20230202 Re: Linux Kernel: hid: Use-After-Free in bigben_set_led() CVE-2023-25012
MLIST:[oss-security] 20230203 sox: patches for old vulnerabilities CVE-2017-11358 CVE-2021-40426 CVE-2022-31650 CVE-2022-31651
MLIST:[oss-security] 20230204 Re: sox: patches for old vulnerabilities CVE-2017-11358
MLIST:[oss-security] 20230205 Re: sox: patches for old vulnerabilities CVE-2017-11358
MLIST:[oss-security] 20230206 Re: sox: patches for old vulnerabilities CVE-2017-11358
MLIST:[oss-security] 20230207 CVE-2022-46663: less -R filtering bypass CVE-2022-46663
MLIST:[oss-security] 20230208 [vs] heimdal: CVE-2022-45142: signature validation failure CVE-2022-3437
MLIST:[oss-security] 20230210 CVE-2023-25139: glibc-2.37 sprintf buffer overflow CVE-2023-25139
MLIST:[oss-security] 20230213 Re: double-free vulnerability in OpenSSH server 9.1 (CVE-2023-25136) CVE-2023-25136
MLIST:[oss-security] 20230214 [Announce] Git 2.39.2 and friends CVE-2022-39253
MLIST:[oss-security] 20230215 curl: CVE-2023-23916: HTTP multi-header compression denial of service CVE-2022-32206
MLIST:[oss-security] 20230216 EternalTerminal: Review report and findings (predictable /tmp file paths and file permission issues, 3 CVEs) CVE-2022-24950 CVE-2022-24951 CVE-2022-24952 CVE-2022-48257 CVE-2022-48258 CVE-2023-23558
MLIST:[oss-security] 20230222 Re: Re: double-free vulnerability in OpenSSH server 9.1 (CVE-2023-25136) CVE-2023-25136
MLIST:[oss-security] 20230222 Re: double-free vulnerability in OpenSSH server 9.1 (CVE-2023-25136) CVE-2023-25136
MLIST:[oss-security] 20230223 Re: CVE-2023-0179: Linux kernel stack buffer overflow in nftables: PoC and writeup CVE-2022-1015
MLIST:[oss-security] 20230223 Re: Re: double-free vulnerability in OpenSSH server 9.1 (CVE-2023-25136) CVE-2023-25136
MLIST:[oss-security] 20230301 Re: sudo: double free with per-command chroot sudoers rules CVE-2023-27320
MLIST:[oss-security] 20230306 Re: Re: double-free vulnerability in OpenSSH server 9.1 (CVE-2023-25136) CVE-2023-25136
MLIST:[oss-security] 20230309 Re: Re: double-free vulnerability in OpenSSH server 9.1 (CVE-2023-25136) CVE-2023-25136
MLIST:[oss-security] 20230309 Re: Shell command and Emacs Lisp code injection in emacsclient-mail.desktop CVE-2023-27985 CVE-2023-27986
MLIST:[oss-security] 20230317 flatpak: CVE-2023-28100: TIOCLINUX can send commands outside sandbox if running on a virtual console CVE-2017-5226
MLIST:[oss-security] 20230320 [SECURITY ADVISORY] curl: CVE-2023-27538: SSH connection too eager reuse still CVE-2022-27782
MLIST:[oss-security] 20230407 CVE-2023-28707: Airflow Apache Drill Provider Arbitrary File Read Vulnerability CVE-2023-28707
MLIST:[oss-security] 20230410 CVE-2023-27602: Apache Linkis publicsercice module unrestricted upload of file CVE-2023-27602
MLIST:[oss-security] 20230410 CVE-2023-29215: Apache Linkis JDBC EngineCon has a deserialization command execution CVE-2023-29215
MLIST:[oss-security] 20230410 CVE-2023-29216: Apache Linkis DatasourceManager module has a deserialization command execution CVE-2023-29216
MLIST:[oss-security] 20230411 CVE-2017-11164 - stack exhaustion in PCRE CVE-2017-11164
MLIST:[oss-security] 20230411 CVE-2023-30465: Apache InLong: SQL injection in apache inLong 1.5.0 CVE-2023-30465
MLIST:[oss-security] 20230412 CVE-2023-1281, CVE-2023-1829: Linux kernel: Vulnerabilities in the tcindex classifier CVE-2023-1281
MLIST:[oss-security] 20230412 Ghostscript CVE-2023-28879: "Shell in the Ghost" CVE-2023-28879
MLIST:[oss-security] 20230412 Re: CVE-2017-11164 - stack exhaustion in PCRE CVE-2017-11164
MLIST:[oss-security] 20230413 Re: Multiple vulnerabilities in Jenkins plugins CVE-2023-30513 CVE-2023-30514 CVE-2023-30515 CVE-2023-30516 CVE-2023-30517 CVE-2023-30518 CVE-2023-30519 CVE-2023-30520 CVE-2023-30521 CVE-2023-30522 CVE-2023-30523 CVE-2023-30524 CVE-2023-30525 CVE-2023-30526 CVE-2023-30527 CVE-2023-30528 CVE-2023-30529 CVE-2023-30530 CVE-2023-30531 CVE-2023-30532
MLIST:[oss-security] 20230416 CVE-2023-2002: Linux Bluetooth: Unauthorized management command execution CVE-2014-0181
MLIST:[oss-security] 20230418 Re: CVE-2022-45064: Apache Sling Engine: Include-based XSS CVE-2022-45064
MLIST:[oss-security] 20230418 Re: CVE-2022-47501: Apache OFBiz: Arbitrary file reading vulnerability CVE-2022-47501
MLIST:[oss-security] 20230418 Re: CVE-2023-25504: Apache Superset: Possible SSRF on import datasets CVE-2023-25504
MLIST:[oss-security] 20230418 Re: CVE-2023-26269: Apache James server: Privilege escalation through unauthenticated JMX CVE-2023-26269
MLIST:[oss-security] 20230418 Re: CVE-2023-27602: Apache Linkis publicsercice module unrestricted upload of file CVE-2023-27602
MLIST:[oss-security] 20230418 Re: CVE-2023-28158: Apache Archiva privilege escalation CVE-2023-28158
MLIST:[oss-security] 20230418 Re: CVE-2023-30771: Apache IoTDB Workbench: apache/iotdb-web-workbench: forge the JWTToken to access workbench CVE-2023-30771
MLIST:[oss-security] 20230419 RE: [EXTERNAL] Re: ncurses fixes upstream CVE-2023-29491
MLIST:[oss-security] 20230419 Re: CVE-2022-47501: Apache OFBiz: Arbitrary file reading vulnerability CVE-2022-47501
MLIST:[oss-security] 20230419 Re: CVE-2023-27602: Apache Linkis publicsercice module unrestricted upload of file CVE-2023-27602
MLIST:[oss-security] 20230419 Re: ncurses fixes upstream CVE-2023-29491
MLIST:[oss-security] 20230420 CVE-2023-25601: Apache DolphinScheduler 3.0.0 to 3.1.1 python gateway has improper authentication CVE-2023-25601
MLIST:[oss-security] 20230421 WebKitGTK and WPE WebKit Security Advisory WSA-2023-0003 CVE-2022-0108 CVE-2023-25358 CVE-2023-25360 CVE-2023-25361 CVE-2023-25362 CVE-2023-25363
MLIST:[oss-security] 20230425 Xen Security Advisory 430 v2 (CVE-2022-42335) - x86 shadow paging arbitrary pointer dereference CVE-2022-42335
MLIST:[oss-security] 20230425 [ANNOUNCE] Git v2.40.1 and friends CVE-2023-25652 CVE-2023-25815
MLIST:[oss-security] 20230426 Warpinator: Remote file deletion vulnerability (CVE-2023-29380) CVE-2022-4272 CVE-2022-42725
MLIST:[oss-security] 20230429 Re: Perl's HTTP::Tiny has insecure TLS cert default, affecting CPAN.pm and other modules CVE-2023-31484 CVE-2023-31485 CVE-2023-31486
MLIST:[oss-security] 20230502 CVE-2023-32007: Apache Spark: Shell command injection via Spark UI CVE-2023-32007
MLIST:[oss-security] 20230503 Re: Perl's HTTP::Tiny has insecure TLS cert default, affecting CPAN.pm and other modules CVE-2023-31484 CVE-2023-31485 CVE-2023-31486
MLIST:[oss-security] 20230507 Re: Perl's HTTP::Tiny has insecure TLS cert default, affecting CPAN.pm and other modules CVE-2023-31484 CVE-2023-31485 CVE-2023-31486
MLIST:[oss-security] 20230508 CVE-2023-25754: Apache Airflow: Privilege escalation using airflow logs CVE-2023-25754
MLIST:[oss-security] 20230508 CVE-2023-31039: Apache bRPC: ServerOptions.pid_file may cause arbitrary code execution CVE-2023-31039
MLIST:[oss-security] 20230514 Re: Real world vulnerabilities of CWE-1077: Floating Point Comparison with Incorrect Operator? CVE-2010-4645
MLIST:[oss-security] 20230515 Re: [CVE-2023-32233] Linux kernel use-after-free in Netfilter nf_tables when processing batch requests can be abused to perform arbitrary reads and writes in kernel memory CVE-2023-32233
MLIST:[oss-security] 20230517 Re: IPv6 and Route of Death CVE-2023-2156
MLIST:[oss-security] 20230517 curl: CVE-2023-28322: more POST-after-PUT confusion CVE-2022-32221
MLIST:[oss-security] 20230518 Re: IPv6 and Route of Death CVE-2023-2156
MLIST:[oss-security] 20230519 Re: IPv6 and Route of Death CVE-2023-2156
MLIST:[oss-security] 20230522 CVE-2023-28709 Apache Tomcat - Fix for CVE-2023-24998 was incomplete CVE-2023-24998 CVE-2023-28709
MLIST:[oss-security] 20230524 CVE-2022-46907: Apache JSPWiki Cross-site scripting on several plugins CVE-2022-46907
MLIST:[oss-security] 20230529 Update CVE-2021-3610: ImageMagick CVE-2021-3610
MLIST:[oss-security] 20230530 OpenSSL Security Advisory CVE-2023-2650
MLIST:[oss-security] 20230605 RE: Update CVE-2021-3610 CVE-2021-3610
MLIST:[oss-security] 20230606 LPE and RCE in RenderDoc: CVE-2023-33865, CVE-2023-33864, CVE-2023-33863 CVE-2005-1513
MLIST:[oss-security] 20230612 CVE-2023-34212: Apache NiFi: Potential Deserialization of Untrusted Data with JNDI in JMS Components CVE-2023-34212
MLIST:[oss-security] 20230612 CVE-2023-34468: Apache NiFi: Potential Code Injection with Database Services using H2 CVE-2023-34468
MLIST:[oss-security] 20230614 CVE-2023-34095: cpdb-libs: Buffer overflows via scanf CVE-2023-34095
MLIST:[oss-security] 20230614 Multiple vulnerabilities in Jenkins and Jenkins plugins CVE-2023-35141 CVE-2023-35142 CVE-2023-35143 CVE-2023-35144 CVE-2023-35145 CVE-2023-35146 CVE-2023-35147 CVE-2023-35148 CVE-2023-35149
MLIST:[oss-security] 20230614 S2-063: CVE-2023-34149: Apache Struts: DoS via OOM owing to not properly checking of list bounds CVE-2023-34149
MLIST:[oss-security] 20230614 S2-064: CVE-2023-34396: Apache Struts: DoS via OOM owing to no sanity limit on normal form fields in multipart forms CVE-2023-34396
MLIST:[oss-security] 20230617 Re: Linux kernel: off-by-one in fl_set_geneve_opt CVE-2023-35788
MLIST:[oss-security] 20230620 CVE-2023-31975: memory leak in yasm CVE-2023-31975
MLIST:[oss-security] 20230621 ISC has disclosed two vulnerabilities in BIND 9 (CVE-2023-2828, CVE-2023-2911) CVE-2023-2828 CVE-2023-2911
MLIST:[oss-security] 20230621 Re: CVE-2023-31975: memory leak in yasm CVE-2023-31975
MLIST:[oss-security] 20230622 Re: CVE-2023-31975: memory leak in yasm CVE-2023-31975
MLIST:[oss-security] 20230623 Re: CVE-2023-31975: memory leak in yasm CVE-2023-31975
MLIST:[oss-security] 20230623 Re: CVE-2023-34241: CUPS: use-after-free in cupsdAcceptClient() CVE-2023-34241
MLIST:[oss-security] 20230624 Re: CVE-2023-31975: memory leak in yasm CVE-2023-31975
MLIST:[oss-security] 20230626 Re: CVE-2023-34241: CUPS: use-after-free in cupsdAcceptClient() CVE-2023-34241
MLIST:[oss-security] 20230702 CVE-2023-3439: Linux MCTP use-after-free in mctp_sendmsg CVE-2021-3573 CVE-2023-3439
MLIST:[oss-security] 20230705 CVE-2023-31248 - Linux kernel nf_tables UAF when using nft_chain_lookup_byid CVE-2023-31248
MLIST:[oss-security] 20230705 CVE-2023-35001 - Linux kernel nf_tables nft_byteorder_eval OOB read/write CVE-2023-35001
MLIST:[oss-security] 20230706 CVE-2023-28853: mastodon: Blind LDAP injection in login CVE-2023-28853
MLIST:[oss-security] 20230706 CVE-2023-36459: mastodon: XSS through oEmbed preview cards CVE-2023-36459
MLIST:[oss-security] 20230706 CVE-2023-36460: mastodon: Arbitrary file creation through media attachments CVE-2023-36460
MLIST:[oss-security] 20230706 CVE-2023-36461: mastodon: Denial of Service through slow HTTP responses CVE-2023-36461
MLIST:[oss-security] 20230706 [kubernetes] CVE-2023-2727: Bypassing policies imposed by the ImagePolicyWebhook admission plugin CVE-2023-2727
MLIST:[oss-security] 20230706 [kubernetes] CVE-2023-2728: Bypassing enforce mountable secrets policy imposed by the ServiceAccount admission plugin Rita Zhang <rita.z.zhang@...il.com> CVE-2023-2728
MLIST:[oss-security] 20230711 CVE-2023-32200: Apache Jena: Exposure of execution in script engine expressions. CVE-2023-22665
MLIST:[oss-security] 20230712 CVE-2023-37415: Apache Airflow Apache Hive Provider: Improper Input Validation in Hive Provider with proxy_user CVE-2023-35797 CVE-2023-37415
MLIST:[oss-security] 20230712 CVE-2023-37582: Apache RocketMQ: Possible remote code execution when using the update configuration function CVE-2023-33246 CVE-2023-37582
MLIST:[oss-security] 20230712 Multiple vulnerabilities in Jenkins plugins CVE-2023-37942 CVE-2023-37943 CVE-2023-37944 CVE-2023-37945 CVE-2023-37946 CVE-2023-37947 CVE-2023-37948 CVE-2023-37949 CVE-2023-37950 CVE-2023-37951 CVE-2023-37952 CVE-2023-37953 CVE-2023-37954 CVE-2023-37955 CVE-2023-37956 CVE-2023-37957 CVE-2023-37958 CVE-2023-37959 CVE-2023-37960 CVE-2023-37961 CVE-2023-37962 CVE-2023-37963 CVE-2023-37964 CVE-2023-37965
MLIST:[oss-security] 20230713 Re: RCE in acme.sh < 3.0.6 CVE-2023-38198
MLIST:[oss-security] 20230714 OpenSSL Security Advisory CVE-2023-2975
MLIST:[oss-security] 20230714 Re: Our learnings from 42 Linux kernel exploits, we are limiting io_uring CVE-2023-21400
MLIST:[oss-security] 20230719 CVE-2023-28754: ShardingSphere-Agent: Deserialization vulnerability in ShardingSphere Agent CVE-2023-28754
MLIST:[oss-security] 20230719 CVE-2023-38408: Remote Code Execution in OpenSSH's forwarded ssh-agent CVE-2010-3856 CVE-2016-10009
MLIST:[oss-security] 20230719 OpenSSL Security Advisory CVE-2023-3446
MLIST:[oss-security] 20230719 Re: CVE-2023-38408: Remote Code Execution in OpenSSH's forwarded ssh-agent CVE-2010-3856 CVE-2016-10009 CVE-2023-38408
MLIST:[oss-security] 20230719 Re: OpenSSL Security Advisory CVE-2023-2975 CVE-2023-3446
MLIST:[oss-security] 20230719 Re: Our learnings from 42 Linux kernel exploits, we are limiting io_uring CVE-2023-21400
MLIST:[oss-security] 20230720 Re: Announce: OpenSSH 9.3p2 released CVE-2023-38408
MLIST:[oss-security] 20230724 CVE-2023-34478: Apache Shiro before 1.12.0, or 2.0.0-alpha-3, may be susceptible to a path traversal attack when used together with APIs or other web frameworks that route requests based on non-normalized requests. CVE-2023-34478
MLIST:[oss-security] 20230724 Re: CVE-2023-20593: A use-after-free in AMD Zen2 Processors CVE-2023-20593
MLIST:[oss-security] 20230725 CVE-2023-34189: Apache InLong: General user can delete and update process CVE-2023-34189
MLIST:[oss-security] 20230725 CVE-2023-34434: Apache InLong: JDBC URL bypassing by allowLoadLocalInfileInPath param CVE-2023-34434
MLIST:[oss-security] 20230725 CVE-2023-35088: Apache InLong: SQL injection in audit endpoint CVE-2023-35088
MLIST:[oss-security] 20230725 CVE-2023-37895: Apache Jackrabbit RMI access can lead to RCE CVE-2023-37895
MLIST:[oss-security] 20230725 CVE-2023-38435: Apache Felix Healthcheck Webconsole Plugin: XSS in healthcheck webconsole plugin CVE-2023-38435
MLIST:[oss-security] 20230725 Re: CVE-2023-20593: A use-after-free in AMD Zen2 Processors CVE-2023-20593
MLIST:[oss-security] 20230725 Re: Our learnings from 42 Linux kernel exploits, we are limiting io_uring CVE-2023-21400
MLIST:[oss-security] 20230726 Multiple vulnerabilities in Jenkins and Jenkins plugins CVE-2023-39152 CVE-2023-39153 CVE-2023-39154 CVE-2023-39155 CVE-2023-39156
MLIST:[oss-security] 20230726 Xen Security Advisory 433 v2 (CVE-2023-20593) - x86/AMD: Zenbleed CVE-2023-20593
MLIST:[oss-security] 20230727 CVE-2023-38633 in librsvg: Arbitrary file read when xinclude href has special characters CVE-2023-38633
MLIST:[oss-security] 20230728 Re: StackRot (CVE-2023-3269): Linux kernel privilege escalation vulnerability CVE-2023-0597 CVE-2023-3269
MLIST:[oss-security] 20230729 CVE-2023-36542: Apache NiFi: Potential Code Injection with Properties Referencing Remote Resources CVE-2023-36542
MLIST:[oss-security] 20230731 OpenSSL Security Advisory CVE-2023-3446 CVE-2023-3817
MLIST:[oss-security] 20230731 Xen Security Advisory 433 v3 (CVE-2023-20593) - x86/AMD: Zenbleed CVE-2023-20593
MLIST:[oss-security] 20230802 WebKitGTK and WPE WebKit Security Advisory WSA-2023-0007 CVE-2023-38133 CVE-2023-38572 CVE-2023-38592 CVE-2023-38594 CVE-2023-38595 CVE-2023-38597 CVE-2023-38599 CVE-2023-38600 CVE-2023-38611
MLIST:[oss-security] 20230808 Re: Xen Security Advisory 433 v3 (CVE-2023-20593) - x86/AMD: Zenbleed CVE-2023-20593
MLIST:[oss-security] 20230808 Xen Security Advisory 434 v1 (CVE-2023-20569) - x86/AMD: Speculative Return Stack Overflow CVE-2023-20569
MLIST:[oss-security] 20230811 CVE-2023-39553: Apache Airflow Drill Provider Arbitrary File Read Vulnerability CVE-2023-39553
MLIST:[oss-security] 20230816 Re: Multiple vulnerabilities in Jenkins plugins CVE-2023-40336 CVE-2023-40337 CVE-2023-40338 CVE-2023-40339 CVE-2023-40340 CVE-2023-40341 CVE-2023-40342 CVE-2023-40343 CVE-2023-40344 CVE-2023-40345 CVE-2023-40346 CVE-2023-40347 CVE-2023-40348 CVE-2023-40349 CVE-2023-40350 CVE-2023-40351
MLIST:[oss-security] 20230816 Re: Xen Security Advisory 433 v3 (CVE-2023-20593) - x86/AMD: Zenbleed CVE-2023-20593
MLIST:[oss-security] 20230817 CVE-2023-40272: Apache Airflow Spark Provider Arbitrary File Read via JDBC CVE-2023-40272
MLIST:[oss-security] 20230818 CVE-2023-40037: Apache NiFi: Incomplete Validation of JDBC and JNDI Connection URLs CVE-2023-40037
MLIST:[oss-security] 20230818 Re: CVE-2023-40272: Apache Airflow Spark Provider Arbitrary File Read via JDBC CVE-2023-40272
MLIST:[oss-security] 20230822 Re: [CVE-2022-44729] Apache Batik information disclosure vulnerability CVE-2022-44729
MLIST:[oss-security] 20230822 Re: [CVE-2022-44730] Apache Batik information disclosure vulnerability CVE-2022-44730
MLIST:[oss-security] 20230822 [CVE-2022-44729] Apache Batik information disclosure vulnerability CVE-2022-44729
MLIST:[oss-security] 20230822 [CVE-2022-44730] Apache Batik information disclosure vulnerability CVE-2022-44730
MLIST:[oss-security] 20230823 CVE-2023-37379: Apache Airflow: Exposure of sensitive connection information, DOS and SSRF on "test connection" feature CVE-2023-37379
MLIST:[oss-security] 20230823 CVE-2023-39441: Apache Airflow SMTP Provider, Apache Airflow IMAP Provider, Apache Airflow: SMTP/IMAP client components allowed MITM due to missing Certificate Validation CVE-2023-39441
MLIST:[oss-security] 20230825 Re: Re: [MAINTAINERS SUMMIT] Handling of embargoed security issues -- security@...g vs. linux-distros@ CVE-2023-3269
MLIST:[oss-security] 20230826 linux-distros list policy and Linux kernel, again CVE-2023-3269
MLIST:[oss-security] 20230906 Multiple vulnerabilities in Jenkins plugins CVE-2022-46751 CVE-2023-41930 CVE-2023-41931 CVE-2023-41932 CVE-2023-41933 CVE-2023-41934 CVE-2023-41935 CVE-2023-41936 CVE-2023-41937 CVE-2023-41938 CVE-2023-41939 CVE-2023-41940 CVE-2023-41941 CVE-2023-41942 CVE-2023-41943 CVE-2023-41944 CVE-2023-41945 CVE-2023-41946 CVE-2023-41947
MLIST:[oss-security] 20230906 Re: CVE-2023-38633 in librsvg: Arbitrary file read when xinclude href has special characters CVE-2023-38633
MLIST:[oss-security] 20230908 CVE-2023-4809: FreeBSD pf bypass when using IPv6 CVE-2023-4809
MLIST:[oss-security] 20230908 Re: CVE-2023-4809: FreeBSD pf bypass when using IPv6 CVE-2023-4809
MLIST:[oss-security] 20230909 Re: CVE-2023-4809: FreeBSD pf bypass when using IPv6 CVE-2023-4809
MLIST:[oss-security] 20230911 WebKitGTK and WPE WebKit Security Advisory WSA-2023-0008 CVE-2023-28198 CVE-2023-32370 CVE-2023-40397
MLIST:[oss-security] 20230913 CVE-2023-42503: Apache Commons Compress: Denial of service via CPU consumption for malformed TAR file CVE-2012-2098
MLIST:[oss-security] 20230913 Re: illumos (or at least danmcd) membership in the distros list CVE-2023-31284
MLIST:[oss-security] 20230913 illumos (or at least danmcd) membership in the distros list CVE-2023-31284
MLIST:[oss-security] 20230914 CVE-2023-41267: Apache HDFS Provider error message suggested installation of incorrect pip package CVE-2023-41267
MLIST:[oss-security] 20230914 Re: illumos (or at least danmcd) membership in the distros list CVE-2023-31284
MLIST:[oss-security] 20230919 [CVE-2023-41834] Apache Flink Stateful Functions allowed HTTP header injection due to Improper Neutralization of CRLF Sequences CVE-2023-41834
MLIST:[oss-security] 20230920 ISC has disclosed two vulnerabilities in BIND 9 (CVE-2023-3341, CVE-2023-4236) CVE-2023-3341 CVE-2023-4236
MLIST:[oss-security] 20230920 Multiple vulnerabilities in Jenkins and Jenkins plugins CVE-2023-43494 CVE-2023-43495 CVE-2023-43496 CVE-2023-43497 CVE-2023-43498 CVE-2023-43499 CVE-2023-43500 CVE-2023-43501 CVE-2023-43502
MLIST:[oss-security] 20230921 CVE-2023-4863: libwebp: Heap buffer overflow in WebP Codec CVE-2023-41064
MLIST:[oss-security] 20230921 Re: croc: multiple issues in file sharing utility CVE-2023-43616 CVE-2023-43617 CVE-2023-43618 CVE-2023-43619 CVE-2023-43620 CVE-2023-43621
MLIST:[oss-security] 20230922 Plone security advisory 2023/09/21 CVE-2023-41048 CVE-2023-42457 CVE-2023-42458
MLIST:[oss-security] 20230922 Re: illumos (or at least danmcd) membership in the distros list CVE-2023-20593 CVE-2023-3817 CVE-2023-38408
MLIST:[oss-security] 20230925 Re: Xen Security Advisory 439 v1 (CVE-2023-20588) - x86/AMD: Divide speculative information leak CVE-2023-20588 CVE-2023-20593
MLIST:[oss-security] 20230925 Xen Security Advisory 439 v1 (CVE-2023-20588) - x86/AMD: Divide speculative information leak CVE-2023-20588
MLIST:[oss-security] 20230925 Xen Security Advisory 439 v2 (CVE-2023-20588) - x86/AMD: Divide speculative information leak CVE-2023-20588
MLIST:[oss-security] 20230926 Re: CVE-2023-4863: libwebp: Heap buffer overflow in WebP Codec CVE-2023-5129
MLIST:[oss-security] 20230926 Re: Xen Security Advisory 439 v1 (CVE-2023-20588) - x86/AMD: Divide speculative information leak CVE-2023-20588
MLIST:[oss-security] 20230926 Re: mutt 2.2.12 security update CVE-2023-4874 CVE-2023-4875
MLIST:[oss-security] 20230928 CVE-2023-41081: Apache Tomcat Connectors: Unexpected use of first declared worker in mod_jk for unmapped request [CORRECTION] CVE-2023-41081
MLIST:[oss-security] 20230928 CVE-2023-5217: Heap buffer overflow in vp8 encoding in libvpx CVE-2023-5217
MLIST:[oss-security] 20230928 Re: CVE-2023-4863: libwebp: Heap buffer overflow in WebP Codec CVE-2016-7420 CVE-2023-0466
MLIST:[oss-security] 20230928 Re: CVE-2023-5217: Heap buffer overflow in vp8 encoding in libvpx CVE-2023-5217
MLIST:[oss-security] 20230928 WebKitGTK and WPE WebKit Security Advisory WSA-2023-0009 CVE-2023-35074 CVE-2023-39434 CVE-2023-40451 CVE-2023-41074
MLIST:[oss-security] 20230929 Re: CVE-2023-5217: Heap buffer overflow in vp8 encoding in libvpx CVE-2023-5217
MLIST:[oss-security] 20230929 Re: Re: CVE-2023-5217: Heap buffer overflow in vp8 encoding in libvpx CVE-2023-5217
MLIST:[oss-security] 20230930 Re: CVE-2023-5217: Heap buffer overflow in vp8 encoding in libvpx CVE-2023-44488 CVE-2023-5217
MLIST:[oss-security] 20230930 Re: Rust programs in distrbutions (Was: CVE-2023-5217: Heap buffer overflow in vp8 encoding in libvpx) CVE-2023-5217
MLIST:[oss-security] 20230930 Rust programs in distrbutions (Was: CVE-2023-5217: Heap buffer overflow in vp8 encoding in libvpx) CVE-2023-5217
MLIST:[oss-security] 20231001 Re: CVE-2023-5217: Heap buffer overflow in vp8 encoding in libvpx CVE-2023-5217
MLIST:[oss-security] 20231001 Re: Haskell programs in distributions (was: Rust programs in distrbutions (Was: CVE-2023-5217: Heap buffer overflow in vp8 encoding in libvpx)) CVE-2023-5217
MLIST:[oss-security] 20231001 Re: Rust programs in distrbutions (Was: CVE-2023-5217: Heap buffer overflow in vp8 encoding in libvpx) CVE-2023-5217
MLIST:[oss-security] 20231002 Re: Rust programs in distrbutions (Was: CVE-2023-5217: Heap buffer overflow in vp8 encoding in libvpx) CVE-2023-5217
MLIST:[oss-security] 20231003 CVE-2023-4911: Local Privilege Escalation in the glibc's ld.so CVE-2019-19726
MLIST:[oss-security] 20231003 Fwd: X.Org Security Advisory: Issues in libX11 prior to 1.8.7 & libXpm prior to 3.5.17 CVE-2022-46285
MLIST:[oss-security] 20231003 Re: Fwd: X.Org Security Advisory: Issues in libX11 prior to 1.8.7 & libXpm prior to 3.5.17 CVE-2022-46285
MLIST:[oss-security] 20231003 Re: Xen Security Advisory 439 v1 (CVE-2023-20588) - x86/AMD: Divide speculative information leak CVE-2023-20588
MLIST:[oss-security] 20231003 Wuffs (was: CVE-2023-5217: Heap buffer overflow in vp8 encoding in libvpx) CVE-2023-5217
MLIST:[oss-security] 20231004 Django: CVE-2023-43665: Denial-of-service possibility in django.utils.text.Truncator CVE-2019-14232
MLIST:[oss-security] 20231004 Re: Xen Security Advisory 439 v1 (CVE-2023-20588) - x86/AMD: Divide speculative information leak CVE-2023-20588
MLIST:[oss-security] 20231005 Cadence: Fixed /tmp path issues; no longer maintained by upstream (CVE-2023-43782, CVE-2023-43783) CVE-2023-43782 CVE-2023-43783
MLIST:[oss-security] 20231006 CVE-2023-45322: Use-after-free in libxml2 through 2.11.5 CVE-2023-45322
MLIST:[oss-security] 20231010 CVE-2023-42794: Apache Tomcat: FileUpload: DoS due to accumulation of temporary files on Windows CVE-2023-42794
MLIST:[oss-security] 20231010 CVE-2023-42795: Apache Tomcat: Failure during request clean-up leads to sensitive data leaking to subsequent requests CVE-2023-42795
MLIST:[oss-security] 20231010 CVE-2023-45648: Apache Tomcat: Trailer header parsing too lenient CVE-2023-45648
MLIST:[oss-security] 20231010 Xen Security Advisory 444 v3 (CVE-2023-34327,CVE-2023-34328) - x86/AMD: Debug Mask handling CVE-2015-8104
MLIST:[oss-security] 20231011 CVE-2023-44981: Apache ZooKeeper: Authorization bypass in SASL Quorum Peer Authentication CVE-2023-44981
MLIST:[oss-security] 20231011 Squid Caching Proxy Security Audit: 55 Vulnerabilities, 35 0days. CVE-2021-28651 CVE-2021-28652 CVE-2021-28662 CVE-2021-31806 CVE-2021-31807 CVE-2021-31808 CVE-2021-33620
MLIST:[oss-security] 20231013 Re: CVE-2023-44487: HTTP/2 Rapid Reset attack against many implementations CVE-2023-44487
MLIST:[oss-security] 20231013 Re: Squid Caching Proxy Security Audit: 55 Vulnerabilities, 35 0days. CVE-2021-46784
MLIST:[oss-security] 20231016 CVE-2023-20867: open-vm-tools: Authentication Bypass vulnerability in the vgauth module CVE-2023-20867
MLIST:[oss-security] 20231016 CVE-2023-45757: Apache bRPC: The builtin service rpcz page has an XSS attack vulnerability CVE-2023-45757
MLIST:[oss-security] 20231016 Re: CVE-2023-20867: open-vm-tools: Authentication Bypass vulnerability in the vgauth module CVE-2023-20867
MLIST:[oss-security] 20231018 Re: CVE-2023-44487: HTTP/2 Rapid Reset attack against many implementations CVE-2019-9514 CVE-2023-44487
MLIST:[oss-security] 20231018 Vulnerability in Jenkins CVE-2023-36478 CVE-2023-44487
MLIST:[oss-security] 20231019 CVE-2023-45802: Apache HTTP Server: HTTP/2 stream memory not reclaimed right away on RST CVE-2023-44487
MLIST:[oss-security] 20231020 CVE-2023-44483: Apache Santuario: Private Key disclosure in debug-log output CVE-2023-44483
MLIST:[oss-security] 20231020 CVE-2023-45853: overflows in MiniZip in zlib through 1.3 CVE-2023-45853
MLIST:[oss-security] 20231020 Re: CVE-2023-44487: HTTP/2 Rapid Reset attack against many implementations CVE-2023-44487
MLIST:[oss-security] 20231021 Re: Squid Caching Proxy Security Audit: 55 Vulnerabilities, 35 0days. CVE-2021-46784
MLIST:[oss-security] 20231023 CVE-2023-46288: Apache Airflow: Sensitive parameters exposed in API when "non-sensitive-only" configuration is set CVE-2023-45348
MLIST:[oss-security] 20231024 OpenSSL Security Advisory CVE-2023-5363
MLIST:[oss-security] 20231025 Multiple vulnerabilities in Jenkins plugins CVE-2023-46650 CVE-2023-46651 CVE-2023-46652 CVE-2023-46653 CVE-2023-46654 CVE-2023-46655 CVE-2023-46656 CVE-2023-46657 CVE-2023-46658 CVE-2023-46659 CVE-2023-46660
MLIST:[oss-security] 20231025 [kubernetes] CVE-2022-4886: Ingress-nginx `path` sanitization can be bypassed with `log_format` directive CVE-2022-4886
MLIST:[oss-security] 20231025 [kubernetes] CVE-2023-5043: Ingress nginx annotation injection causes arbitrary command execution CVE-2023-5043
MLIST:[oss-security] 20231025 [kubernetes] CVE-2023-5044: Code injection via nginx.ingress.kubernetes.io/permanent-redirect annotation CVE-2023-5044
MLIST:[oss-security] 20231027 CVE-2023-34059 - File Descriptor Hijack vulnerability in open-vm-tools CVE-2023-34059
MLIST:[oss-security] 20231027 Re: CVE-2023-34059 - File Descriptor Hijack vulnerability in open-vm-tools CVE-2023-34059
MLIST:[oss-security] 20231028 CVE-2023-46215: Apache Airflow Celery provider, Apache Airflow: Sensitive information logged as clear text when rediss, amqp, rpc protocols are used as Celery result backend CVE-2023-46215
MLIST:[oss-security] 20231030 Re: NATS: 2023-01: Adding accounts for just the system account adds auth bypass CVE-2023-47090
MLIST:[oss-security] 20231031 CVE-2023-5631: XSS vulnerability in Roundcube webmail CVE-2023-5631
MLIST:[oss-security] 20231031 NATS: 2023-02: nkeys: xkeys Seal encryption used fixed key for all encryption CVE-2023-46129
MLIST:[oss-security] 20231101 Re: CVE-2023-5631: XSS vulnerability in Roundcube webmail CVE-2023-5631
MLIST:[oss-security] 20231102 Session File Relative Path Traversal in sudo-rs CVE-2023-42456
MLIST:[oss-security] 20231105 CVE-2023-1078: Linux: rds_rm_zerocopy_callback() bugs CVE-2023-1078 CVE-2023-25012
MLIST:[oss-security] 20231105 Re: Linux Kernel: hid: NULL pointer dereference in hid_betopff_play() CVE-2023-1073
MLIST:[oss-security] 20231105 Re: Linux Kernel: hid: type confusions on hid report_list entry CVE-2023-1073
MLIST:[oss-security] 20231105 Re: Linux Kernel: sctp: KASLR leak in inet_diag_msg_sctpasoc_fill() CVE-2023-1074
MLIST:[oss-security] 20231106 OpenSSL Security Advisory CVE-2023-3817
MLIST:[oss-security] 20231106 Re: CVE-2022-46176: Cargo does not check SSH host keys CVE-2022-46176 CVE-2023-22742
MLIST:[oss-security] 20231107 HNS-2023-03 - HN Security Advisory - Multiple vulnerabilities in Zephyr RTOS CVE-2023-3725 CVE-2023-4257 CVE-2023-4259 CVE-2023-4260 CVE-2023-4262 CVE-2023-4263 CVE-2023-4264 CVE-2023-4265 CVE-2023-5139 CVE-2023-5184 CVE-2023-5753
MLIST:[oss-security] 20231108 CVE-2023-39913: Apache UIMA Java SDK, Apache UIMA Java SDK, Apache UIMA Java SDK, Apache UIMA Java SDK: Potential untrusted code execution when deserializing certain binary CAS formats CVE-2023-39913
MLIST:[oss-security] 20231109 Xen Security Advisory 443 v4 (CVE-2023-34325,CVE-2022-4949) - Multiple vulnerabilities in libfsimage disk handling CVE-2022-4949
MLIST:[oss-security] 20231112 CVE-2023-42781: Apache Airflow: Permission verification bypass allows viewing dagruns of other dags CVE-2023-42663 CVE-2023-42781
MLIST:[oss-security] 20231112 CVE-2023-47037: Apache Airflow missing fix for CVE-2023-40611 in 2.7.1 (DAG run broken access) CVE-2023-40611 CVE-2023-47037
MLIST:[oss-security] 20231114 CVE-2023-23583: Intel - Denial of Service - Privilege Escalation (Reptar) CVE-2023-23583
MLIST:[oss-security] 20231114 Re: CVE-2023-23583: Intel - Denial of Service - Privilege Escalation (Reptar) CVE-2023-23583
MLIST:[oss-security] 20231115 WebKitGTK and WPE WebKit Security Advisory WSA-2023-0010 CVE-2022-46705 CVE-2022-46725 CVE-2023-32359 CVE-2023-41983 CVE-2023-42852
MLIST:[oss-security] 20231116 [vim-security] several minor security issues in Vim v9.0.2106-v9.0.2112 CVE-2023-48231 CVE-2023-48232 CVE-2023-48233 CVE-2023-48234 CVE-2023-48235 CVE-2023-48236 CVE-2023-48237
MLIST:[oss-security] 20231117 CVE-2023-37580 (and others): XSS vulnerabilities in Zimbra Collaboration Suite CVE-2023-37580 CVE-2023-5631
MLIST:[oss-security] 20231119 CVE-2023-46302: Apache Submarine: Fix CVE-2022-1471 SnakeYaml unsafe deserialization CVE-2022-1471
MLIST:[oss-security] 20231122 CVE-2022-45875: Apache DolphinScheduler: Remote command execution Vulnerability in script alert plugin CVE-2022-45875
MLIST:[oss-security] 20231122 [vim-security] use-after-free in ex_substitute in Vim < v9.0.2121 CVE-2023-48706
MLIST:[oss-security] 20231123 CVE-2023-43123: Apache Storm: Local Information Disclosure Vulnerability in Storm-core on Unix-Like systems due temporary files CVE-2023-43123
MLIST:[oss-security] 20231124 CVE-2023-48796: Apache dolphinscheduler sensitive information disclosure CVE-2023-48796
MLIST:[oss-security] 20231126 Re: CVE-2023-34059 - File Descriptor Hijack vulnerability in open-vm-tools CVE-2023-34059
MLIST:[oss-security] 20231127 CVE-2023-40610: Apache Superset: Privilege escalation with default examples database CVE-2023-40610
MLIST:[oss-security] 20231127 CVE-2023-42501: Apache Superset: Unnecessary read permissions within the Gamma role CVE-2023-42501
MLIST:[oss-security] 20231127 CVE-2023-49145: Apache NiFi: Improper Neutralization of Input in Advanced User Interface for Jolt CVE-2023-49145
MLIST:[oss-security] 20231127 Re: CVE-2023-34059 - File Descriptor Hijack vulnerability in open-vm-tools CVE-2023-34059
MLIST:[oss-security] 20231128 CVE-2023-42504: Apache Superset: Lack of rate limiting allows for possible denial of service CVE-2023-42504
MLIST:[oss-security] 20231128 CVE-2023-42505: Apache Superset: Sensitive information disclosure on db connection details CVE-2023-42505
MLIST:[oss-security] 20231128 Fwd: Samba 4.19.3 Available for Download - addresses CVE-2018-14628 CVE-2018-14628
MLIST:[oss-security] 20231129 CVE-2022-45135: Apache Cocoon: SQL injection in DatabaseCookieAuthenticatorAction CVE-2022-45135
MLIST:[oss-security] 20231129 Multiple vulnerabilities in Jenkins plugins CVE-2023-49652 CVE-2023-49653 CVE-2023-49654 CVE-2023-49655 CVE-2023-49656 CVE-2023-49673 CVE-2023-49674
MLIST:[oss-security] 20231130 CVE-2023-49620: Apache DolphinScheduler: Authenticated users could delete UDFs in resouece center they were not authorized CVE-2023-49620
MLIST:[oss-security] 20231130 CVE-2023-49733: Apache Cocoon's StreamGenerator is vulnerable to XXE injection CVE-2023-49733
MLIST:[oss-security] 20231204 HNS-2023-04 - HN Security Advisory - Buffer overflow vulnerabilities with long path names in TinyDir CVE-2023-49287
MLIST:[oss-security] 20231205 SLAM: Spectre based on Linear Address Masking CVE-2020-12965
MLIST:[oss-security] 20231205 WebKitGTK and WPE WebKit Security Advisory WSA-2023-0011 CVE-2023-42916 CVE-2023-42917
MLIST:[oss-security] 20231208 CVE-2023-49284: fish command substitution output can trigger shell expansion CVE-2023-49284
MLIST:[oss-security] 20231210 Buildroot: Talos download hash verification vulnerabilities CVE-2023-43608 CVE-2023-45838 CVE-2023-45839 CVE-2023-45840 CVE-2023-45841 CVE-2023-45842
MLIST:[oss-security] 20231213 FW: X.Org Security Advisory: Issues in X.Org X server prior to 21.1.10 and Xwayland prior to 23.2.3 CVE-2022-46344
MLIST:[oss-security] 20231213 Multiple vulnerabilities in Jenkins plugins CVE-2023-50764 CVE-2023-50765 CVE-2023-50766 CVE-2023-50767 CVE-2023-50768 CVE-2023-50769 CVE-2023-50770 CVE-2023-50771 CVE-2023-50772 CVE-2023-50773 CVE-2023-50774 CVE-2023-50775 CVE-2023-50776 CVE-2023-50777 CVE-2023-50778 CVE-2023-50779
MLIST:[oss-security] 20231215 CVE-2023-29234: Bypass serialize checks in Apache Dubbo CVE-2023-29234
MLIST:[oss-security] 20231215 CVE-2023-46279: Apache Dubbo: Bypass deny serialize list check in Apache Dubbo CVE-2023-46279
MLIST:[oss-security] 20231215 [ES2023-01] Asterisk susceptible to Denial of Service via DTLS Hello packets during call initiation CVE-2023-49786
MLIST:[oss-security] 20231215 jq 1.7.1 fixes CVE-2023-50246 & CVE-2023-50268 CVE-2023-50246 CVE-2023-50268
MLIST:[oss-security] 20231218 CVE-2023-48795: Prefix Truncation Attacks in SSH Specification (Terrapin Attack) CVE-2023-48795
MLIST:[oss-security] 20231218 WebKitGTK and WPE WebKit Security Advisory WSA-2023-0012 CVE-2023-42883 CVE-2023-42890
MLIST:[oss-security] 20231219 CVE-2023-46104: Apache Superset: Allows for uncontrolled resource consumption via a ZIP bomb CVE-2023-46104
MLIST:[oss-security] 20231219 CVE-2023-49734: Apache Superset: Privilege Escalation Vulnerability CVE-2023-49734
MLIST:[oss-security] 20231219 CVE-2023-49736: Apache Superset: SQL Injection on where_in JINJA macro CVE-2023-49736
MLIST:[oss-security] 20231219 Re: CVE-2023-48795: Prefix Truncation Attacks in SSH Specification (Terrapin Attack) CVE-2023-48795
MLIST:[oss-security] 20231219 [SECURITY] CVE-2023-43826: Apache Guacamole: Integer overflow in handling of VNC image buffers CVE-2023-43826
MLIST:[oss-security] 20231220 CVE-2023-37544: Apache Pulsar WebSocket Proxy: Improper Authentication for WebSocket Proxy Endpoint Allows DoS CVE-2023-37544
MLIST:[oss-security] 20231220 Re: CVE-2023-48795: Prefix Truncation Attacks in SSH Specification (Terrapin Attack) CVE-2023-48795
MLIST:[oss-security] 20231221 CVE-2023-47265: Apache Airflow: DAG Params alllow to embed unchecked Javascript CVE-2023-47265
MLIST:[oss-security] 20231221 CVE-2023-48291: Apache Airflow: Improper access control to DAG resources CVE-2023-42792 CVE-2023-48291
MLIST:[oss-security] 20231221 CVE-2023-49920: Apache Airflow: Missing CSRF protection on DAG/trigger CVE-2023-49920
MLIST:[oss-security] 20231221 CVE-2023-50783: Apache Airflow: Improper access control vulnerability on the "varimport" endpoint CVE-2023-50783
MLIST:[oss-security] 20231221 CVE-2023-51656: Apache IoTDB: Unsafe deserialize map in Sync Tool CVE-2023-51656
MLIST:[oss-security] 20231221 Security vulnerability in Debian's cpio 2.13 CVE-2015-1197
MLIST:[oss-security] 20231222 CVE-2023-6817: Linux kernel: use-after-free in nf_tables CVE-2023-6817
MLIST:[oss-security] 20231223 Re: CVE-2023-6817: Linux kernel: use-after-free in nf_tables CVE-2023-6817
MLIST:[oss-security] 20231224 Re: Re: New SMTP smuggling attack CVE-2023-51764 CVE-2023-51765 CVE-2023-51766
MLIST:[oss-security] 20231225 Re: Re: New SMTP smuggling attack CVE-2023-51764 CVE-2023-51765 CVE-2023-51766
MLIST:[oss-security] 20231226 CVE-2023-50968: Apache OFBiz: Arbitrary file properties reading and SSRF attack CVE-2023-50968
MLIST:[oss-security] 20231226 CVE-2023-51385, CVE-2023-6004: OpenSSH, libssh: Security weakness in ProxyCommand handling CVE-2023-51385
MLIST:[oss-security] 20231226 Re: New SMTP smuggling attack CVE-2023-51765
MLIST:[oss-security] 20231227 xarchiver: Path traversal with crafted cpio archives CVE-2015-1197
MLIST:[oss-security] 20231228 CVE-2012-5639: Apache OpenOffice: Loading internal / external resources without warning CVE-2012-5639
MLIST:[oss-security] 20231228 CVE-2022-43680: Apache OpenOffice: "Use after free" fixed in libexpat CVE-2022-43680
MLIST:[oss-security] 20231228 CVE-2023-1183: Apache OpenOffice: Arbitrary file write in Apache OpenOffice Base CVE-2023-1183
MLIST:[oss-security] 20231228 CVE-2023-47804: Apache OpenOffice: Macro URL arbitrary script execution CVE-2022-47502
MLIST:[oss-security] 20231229 CVE-2023-51766: Exim: SMTP smuggling CVE-2023-51766
MLIST:[oss-security] 20231229 Re: Re: New SMTP smuggling attack CVE-2023-51765
MLIST:[oss-security] 20231230 Re: Re: New SMTP smuggling attack CVE-2023-51765
MLIST:[oss-security] 20231230 Re: inetutils ftpd, rcp, rlogin, rsh, rshd, uucpd: Avoid potential privilege escalations by checking set*id() return values CVE-2023-40303
MLIST:[oss-security] 20240101 Re: CVE-2023-51766: Exim: SMTP smuggling CVE-2023-51766
MLIST:[oss-security] 20240103 CVE-2012-5639: Apache OpenOffice: Loading internal / external resources without warning CVE-2012-5639
MLIST:[oss-security] 20240103 CVE-2022-43680: Apache OpenOffice: "Use after free" fixed in libexpat CVE-2022-43680
MLIST:[oss-security] 20240103 CVE-2023-1183: Apache OpenOffice: Arbitrary file write in Apache OpenOffice Base CVE-2023-1183
MLIST:[oss-security] 20240103 CVE-2023-47804: Apache OpenOffice: Macro URL arbitrary script execution CVE-2022-47502 CVE-2023-47804
MLIST:[oss-security] 20240103 CVE-2023-51784: Apache InLong: Remote Code Execution vulnerability in Apache InLong Manager CVE-2023-51784
MLIST:[oss-security] 20240103 CVE-2023-51785: Apache InLong: Arbitrary File Read Vulnerability in Apache InLong Manager CVE-2023-51785
MLIST:[oss-security] 20240103 Re: CVE-2012-5639: Apache OpenOffice: Loading internal / external resources without warning CVE-2012-5639
MLIST:[oss-security] 20240104 Re: Security vulnerability in Debian's cpio 2.13 CVE-2023-7207
MLIST:[oss-security] 20240110 CVE-2023-49619: Apache Answer: Repeated submissions using scripts resulted in an abnormal number of collections for questions. CVE-2023-49619
MLIST:[oss-security] 20240110 CVE-2024-22368: Spreadsheet::ParseXLSX for Perl is vulnerable to DoS via out-of-memory bugs CVE-2024-22368
MLIST:[oss-security] 20240112 CVE-2023-6040: Linux Kernel netfilter out-of-bounds access CVE-2023-6040
MLIST:[oss-security] 20240115 CVE-2023-46226: Apache IoTDB: Remote Code Execution (RCE) risk via the UDF CVE-2023-46226
MLIST:[oss-security] 20240116 CVE-2023-4001: a password bypass vulnerability in the downstream GRUB boot manager CVE-2009-4128 CVE-2012-2314 CVE-2013-4577 CVE-2015-8370 CVE-2021-3981
MLIST:[oss-security] 20240116 CVE-2023-45229 and others: Multiple vulnerabilities in EDK II UEFI stack (PixieFAIL) CVE-2023-45229 CVE-2023-45230 CVE-2023-45231 CVE-2023-45232 CVE-2023-45233 CVE-2023-45234 CVE-2023-45235 CVE-2023-45236 CVE-2023-45237
MLIST:[oss-security] 20240116 CVE-2023-6395 Mock: Privilege escalation for users that can access mock configuration CVE-2023-6395
MLIST:[oss-security] 20240116 Mock, Snap, LXC expose(d) chroot, container trees with unsafe permissions and contents to host users, pose risk to host CVE-2023-6395
MLIST:[oss-security] 20240118 CVE-2024-23525: Spreadsheet::ParseXLSX for Perl is vulnerable to XXE attacks CVE-2024-23525
MLIST:[oss-security] 20240119 CVE-2024-21733: Apache Tomcat: Leaking of unrelated request bodies in default error page CVE-2024-21733
MLIST:[oss-security] 20240120 Pillow 10.2.0 released, fixes CVE-2023-50447 CVE-2023-50447
MLIST:[oss-security] 20240124 CVE-2023-50943: Apache Airflow: Potential pickle deserialization vulnerability in XComs CVE-2023-50943
MLIST:[oss-security] 20240124 CVE-2023-50944: Apache Airflow: Bypass permission verification to read code of other dags CVE-2023-50944
MLIST:[oss-security] 20240124 CVE-2023-51702: Apache Airflow CNCF Kubernetes provider, Apache Airflow: Kubernetes configuration file saved without encryption in the Metadata and logged as plain text in the Triggerer service CVE-2023-51702
MLIST:[oss-security] 20240124 Multiple vulnerabilities in Jenkins and Jenkins plugins CVE-2023-6147 CVE-2023-6148 CVE-2024-23899 CVE-2024-23900 CVE-2024-23901 CVE-2024-23902 CVE-2024-23903 CVE-2024-23904 CVE-2024-23905
MLIST:[oss-security] 20240124 Re: CVE-2023-45853: overflows in MiniZip in zlib through 1.3 CVE-2014-9485 CVE-2023-45853
MLIST:[oss-security] 20240125 Re: darkhttpd: timing attack and local leak of HTTP basic auth credentials CVE-2024-23770 CVE-2024-23771
MLIST:[oss-security] 20240129 CVE-2023-29055: Apache Kylin: Insufficiently protected credentials in config file CVE-2023-29055
MLIST:[oss-security] 20240130 CVE-2023-6246: Heap-based buffer overflow in the glibc's syslog() CVE-2021-3156 CVE-2022-39046
MLIST:[oss-security] 20240130 FWD: Kernel vulnerabilities CVE-2021-33630 & CVE-2021-33631 CVE-2021-33630 CVE-2021-33631
MLIST:[oss-security] 20240130 Re: CVE-2023-6246: Heap-based buffer overflow in the glibc's syslog() CVE-2021-3156 CVE-2022-39046
MLIST:[oss-security] 20240130 Re: FWD: Kernel vulnerabilities CVE-2021-33630 & CVE-2021-33631 CVE-2021-33630 CVE-2021-33631
MLIST:[oss-security] 20240131 CVE-2023-44312: Apache ServiceComb Service-Center: attacker can query all environment variables of the service-center server CVE-2023-44312
MLIST:[oss-security] 20240131 CVE-2023-44313: Apache ServiceComb Service-Center: attacker can perform SSRF through the frontend API CVE-2023-44313
MLIST:[oss-security] 20240131 Re: FWD: Kernel vulnerabilities CVE-2021-33630 & CVE-2021-33631 CVE-2021-33630 CVE-2021-33631
MLIST:[oss-security] 20240201 Re: runc: CVE-2024-21626: high severity container breakout attack CVE-2019-5736 CVE-2024-21626
MLIST:[oss-security] 20240201 runc: CVE-2024-21626: high severity container breakout attack CVE-2019-5736
MLIST:[oss-security] 20240202 CVE-2024-23832: Mastodon: Remote user impersonation and takeover CVE-2024-23832
MLIST:[oss-security] 20240202 Re: FWD: Kernel vulnerabilities CVE-2021-33630 & CVE-2021-33631 CVE-2021-33630 CVE-2021-33631
MLIST:[oss-security] 20240202 Re: Kernel vulnerabilities CVE-2021-33630 & CVE-2021-33631 CVE-2021-33630 CVE-2021-33631
MLIST:[oss-security] 20240202 Re: Re: runc: CVE-2024-21626: high severity container breakout attack CVE-2019-5736 CVE-2024-21626
MLIST:[oss-security] 20240206 CVE-2024-1048: grub2-set-bootflag may be abused to fill up /boot, bypass RLIMIT_NPROC CVE-2019-14865
MLIST:[oss-security] 20240206 CVE-2024-23673: Apache Sling Servlets Resolver: Malicious code execution via path traversal CVE-2024-23673
MLIST:[oss-security] 20240206 WebKitGTK and WPE WebKit Security Advisory WSA-2024-0001 CVE-2014-1745 CVE-2023-40414 CVE-2023-42833 CVE-2024-23206 CVE-2024-23213
MLIST:[oss-security] 20240207 CVE-2023-39196: Apache Ozone: Missing mutual TLS authentication in one of the service internal Ozone Storage Container Manager endpoints CVE-2023-39196
MLIST:[oss-security] 20240207 CVE-2023-51437: Apache Pulsar: Timing attack in SASL token signature verification CVE-2023-51437
MLIST:[oss-security] 20240208 CVE-2024-23452: Apache bRPC: HTTP request smuggling vulnerability CVE-2024-23452
MLIST:[oss-security] 20240208 [ADVISORY] CVE-2023-5366: Open vSwitch: OpenFlow match on Neighbor Discovery Target may be ignored CVE-2023-5366
MLIST:[oss-security] 20240208 libuv 1.48.0 released, fixes CVE-2024-24806 CVE-2024-24806
MLIST:[oss-security] 20240209 CVE-2023-50291: Apache Solr: System Property redaction logic inconsistency can lead to leaked passwords CVE-2023-50291
MLIST:[oss-security] 20240209 CVE-2023-50292: Apache Solr: Solr Schema Designer blindly "trusts" all configsets, possibly leading to RCE by unauthenticated users CVE-2023-50292 CVE-2023-50298
MLIST:[oss-security] 20240209 CVE-2023-50298: Apache Solr: Solr can expose ZooKeeper credentials via Streaming Expressions CVE-2023-50298
MLIST:[oss-security] 20240209 CVE-2023-50386: Apache Solr: Backup/Restore APIs allow for deployment of executables in malicious ConfigSets CVE-2023-50386
MLIST:[oss-security] 20240211 Re: libuv 1.48.0 released, fixes CVE-2024-24806 CVE-2024-24806
MLIST:[oss-security] 20240213 ISC has disclosed six vulnerabilities in BIND 9 (CVE-2023-4408, CVE-2023-5517, CVE-2023-5679, CVE-2023-6516, CVE-2023-50387, CVE-2023-50868) CVE-2023-4408 CVE-2023-5517 CVE-2023-5679 CVE-2023-6516
MLIST:[oss-security] 20240214 CVE-2024-23952: Apache Superset: Allows for uncontrolled resource consumption via a ZIP bomb (version range fix for CVE-2023-46104) CVE-2023-46104 CVE-2024-23952
MLIST:[oss-security] 20240214 Re: CVE-2024-23952: Apache Superset: Allows for uncontrolled resource consumption via a ZIP bomb (version range fix for CVE-2023-46104) CVE-2023-46104 CVE-2024-23952
MLIST:[oss-security] 20240216 CVE-2024-23807: Apache Xerces C++: Use-after-free on external DTD scan CVE-2018-1311
MLIST:[oss-security] 20240216 Re: Unbound: disclosure of CVE-2023-50387 and CVE-2023-50868 DNSSEC validation vulnerabilities CVE-2023-50387 CVE-2023-50868
MLIST:[oss-security] 20240219 CVE-2024-25710: Apache Commons Compress: Denial of service caused by an infinite loop for a corrupted DUMP file CVE-2024-25710
MLIST:[oss-security] 20240219 CVE-2024-26308: Apache Commons Compress: OutOfMemoryError unpacking broken Pack200 file CVE-2024-26308
MLIST:[oss-security] 20240220 CVE-2023-49109: Remote Code Execution in Apache Dolphinscheduler CVE-2023-49109
MLIST:[oss-security] 20240220 CVE-2023-49250: Apache DolphinScheduler: Insecure TLS TrustManager used in HttpUtil CVE-2023-49250
MLIST:[oss-security] 20240220 CVE-2023-51770: Apache DolphinScheduler: Arbitrary File Read Vulnerability CVE-2023-51770
MLIST:[oss-security] 20240220 CVE-2024-25141: Apache Airflow Mongo Provider: Certificate validation isn't respected even if SSL is enabled for apache-airflow-providers-mongo CVE-2024-25141
MLIST:[oss-security] 20240222 CVE-2024-22393: Apache Answer: Pixel Flood Attack by uploading the large pixel file CVE-2024-22393
MLIST:[oss-security] 20240222 CVE-2024-23349: Apache Answer: XSS vulnerability when submitting summary CVE-2024-23349
MLIST:[oss-security] 20240222 CVE-2024-26578: Apache Answer: Repeated submission at registration created duplicate users with the same name CVE-2024-26578
MLIST:[oss-security] 20240223 CVE-2024-23320: Apache DolphinScheduler: Arbitrary js execution as root for authenticated users CVE-2023-49299 CVE-2024-23320
MLIST:[oss-security] 20240227 CVE-2023-50379: Apache Ambari: authenticated users could perform command injection to perform RCE CVE-2023-50379
MLIST:[oss-security] 20240227 CVE-2023-50380: Apache Ambari: authenticated users could perform XXE to read arbitrary files on the server CVE-2023-50380
MLIST:[oss-security] 20240227 CVE-2023-51747: SMTP smuggling in Apache James CVE-2023-51747
MLIST:[oss-security] 20240227 CVE-2024-21742: Apache James Mime4J: Mime4J DOM header injection CVE-2024-21742
MLIST:[oss-security] 20240227 CVE-2024-27905: Apache Aurora: padding oracle can allow construction an authentication cookie CVE-2024-27905
MLIST:[oss-security] 20240228 CVE-2024-23946: Apache OFBiz: Path traversal or file inclusion CVE-2024-23946
MLIST:[oss-security] 20240228 CVE-2024-24772: Apache Superset: Improper Neutralisation of custom SQL on embedded context CVE-2024-24772
MLIST:[oss-security] 20240228 CVE-2024-24773: Apache Superset: Improper validation of SQL statements allows for unauthorized access to data CVE-2024-24773
MLIST:[oss-security] 20240228 CVE-2024-24779: Apache Superset: Improper data authorization when creating a new dataset CVE-2024-24779
MLIST:[oss-security] 20240228 CVE-2024-25065: Apache OFBiz: Path traversal allowing authentication bypass. CVE-2024-25065
MLIST:[oss-security] 20240228 CVE-2024-26016: Apache Superset: Improper authorization validation on dashboards and charts import CVE-2024-26016
MLIST:[oss-security] 20240228 CVE-2024-27315: Apache Superset: Improper error handling on alerts CVE-2024-27315
MLIST:[oss-security] 20240229 CVE-2024-27906: Apache Airflow: Dag Code and Import Error Permissions Ignored CVE-2024-27906
MLIST:[oss-security] 20240301 CVE-2023-50378: Apache Ambari: Various XSS problems CVE-2023-50378
MLIST:[oss-security] 20240301 CVE-2024-26280: Apache Airflow: Overly broad default permissions for Viewer/Ops (audit logs) CVE-2024-26280
MLIST:[oss-security] 20240301 CVE-2024-27138: Apache Archiva: disabling user registration is not effective CVE-2024-27138
MLIST:[oss-security] 20240301 CVE-2024-27139: Apache Archiva: incorrect authentication potentially leading to account takeover CVE-2024-27139
MLIST:[oss-security] 20240301 CVE-2024-27140: Apache Archiva: reflected XSS CVE-2024-27140
MLIST:[oss-security] 20240304 Django: CVE-2024-27351: Potential regular expression denial-of-service in django.utils.text.Truncator.words() CVE-2019-14232 CVE-2023-43665 CVE-2024-27351
MLIST:[oss-security] 20240305 HNS-2024-05 - HN Security Advisory - Multiple vulnerabilities in RT-Thread RTOS CVE-2024-24334 CVE-2024-24335 CVE-2024-25388 CVE-2024-25389 CVE-2024-25390 CVE-2024-25391 CVE-2024-25392 CVE-2024-25393 CVE-2024-25394 CVE-2024-25395
MLIST:[oss-security] 20240306 CVE-2023-50740: Apache Linkis DataSource: DataSource module Oracle SQL Database Password Logged CVE-2023-50740
MLIST:[oss-security] 20240306 CVE-2024-26580: Apache InLong: Logged-in user could exploit an arbitrary file read vulnerability CVE-2024-26580
MLIST:[oss-security] 20240306 Multiple vulnerabilities in Jenkins plugins CVE-2023-48795 CVE-2024-2215 CVE-2024-2216 CVE-2024-28149 CVE-2024-28150 CVE-2024-28151 CVE-2024-28152 CVE-2024-28153 CVE-2024-28154 CVE-2024-28155 CVE-2024-28156 CVE-2024-28157 CVE-2024-28158 CVE-2024-28159 CVE-2024-28160 CVE-2024-28161 CVE-2024-28162
MLIST:[oss-security] 20240308 5 CVEs fixed in Go 1.22.1 and Go 1.21.8, 1 CVE fixed in google.golang.org/protobuf CVE-2023-45289 CVE-2023-45290 CVE-2024-24783 CVE-2024-24784 CVE-2024-24785 CVE-2024-24786
MLIST:[oss-security] 20240308 Vulnerabilties in FontTools & FontForge CVE-2023-45139 CVE-2024-25081 CVE-2024-25082
MLIST:[oss-security] 20240309 Re: Vulnerabilties in FontTools & FontForge CVE-2023-45139
MLIST:[oss-security] 20240310 CVE-2023-41313: Apache Doris: Timing Attack weakness CVE-2023-41313
MLIST:[oss-security] 20240311 NodeJS v{18.x,20.x,21.x} February Security Updates CVE-2023-5678 CVE-2023-6129 CVE-2023-6237 CVE-2024-0727 CVE-2024-21890 CVE-2024-21891 CVE-2024-21892 CVE-2024-21896 CVE-2024-22017 CVE-2024-22019 CVE-2024-24758 CVE-2024-24806
MLIST:[oss-security] 20240312 CVE-2022-34321: Apache Pulsar: Improper Authentication for Pulsar Proxy Statistics Endpoint CVE-2022-34321
MLIST:[oss-security] 20240312 CVE-2023-51786: Lustre: incorrect access control resulting in potential data compromise or privilege escalation CVE-2023-51786
MLIST:[oss-security] 20240312 CVE-2024-27135: Apache Pulsar: Improper Input Validation in Pulsar Function Worker allows Remote Code Execution CVE-2024-27135
MLIST:[oss-security] 20240312 CVE-2024-27317: Apache Pulsar: Pulsar Functions Worker's Archive Extraction Vulnerability Allows Unauthorized File Modification CVE-2024-27317
MLIST:[oss-security] 20240312 CVE-2024-27894: Apache Pulsar: Pulsar Functions Worker Allows Unauthorized File Access and Unauthorized HTTP/HTTPS Proxying CVE-2024-27894
MLIST:[oss-security] 20240312 CVE-2024-28098: Apache Pulsar: Improper Authorization For Topic-Level Policy Management CVE-2024-28098
MLIST:[oss-security] 20240312 Xen Security Advisory 452 v1 (CVE-2023-28746) - x86: Register File Data Sampling CVE-2023-28746
MLIST:[oss-security] 20240312 Xen Security Advisory 453 v1 (CVE-2024-2193) - GhostRace: Speculative Race Conditions CVE-2024-2193
MLIST:[oss-security] 20240313 CVE-2024-23672: Apache Tomcat: WebSocket DoS with incomplete closing handshake CVE-2024-23672
MLIST:[oss-security] 20240313 CVE-2024-24549: Apache Tomcat: HTTP/2 header handling DoS CVE-2024-24549
MLIST:[oss-security] 20240313 CVE-2024-28746: Apache Airflow: Ignored Airflow Permissions CVE-2024-28746
MLIST:[oss-security] 20240313 Re: CVE-2021-31618: Apache httpd: NULL pointer dereference on specially crafted HTTP/2 request CVE-2021-31618
MLIST:[oss-security] 20240314 CVE-2024-23944: Apache ZooKeeper: Information disclosure in persistent watcher handling CVE-2024-23944
MLIST:[oss-security] 20240314 CVE-2024-28752: Apache CXF SSRF Vulnerability using the Aegis databinding CVE-2024-28752
MLIST:[oss-security] 20240315 Expat 2.6.2 released, includes security fixes CVE-2024-28757
MLIST:[oss-security] 20240318 CVE-2024-24683: Apache Hop Engine: ID isn't escaped when generating HTML CVE-2024-24683
MLIST:[oss-security] 20240319 CVE-2024-27439: Apache Wicket: Possible bypass of CSRF protection CVE-2024-27439
MLIST:[oss-security] 20240320 CVE-2024-29131: Apache Commons Configuration: StackOverflowError adding property in AbstractListDelimiterHandler.flattenIterator() CVE-2024-29131
MLIST:[oss-security] 20240320 CVE-2024-29133: Apache Commons Configuration: StackOverflowError calling ListDelimiterHandler.flatten(Object, int) with a cyclical object tree CVE-2024-29133
MLIST:[oss-security] 20240320 Security fixes in Python 3.10.14, 3.9.19, and 3.8.19 (CVE-2023-6597 & CVE-2024-0450) CVE-2023-52425
MLIST:[oss-security] 20240320 Vulnerability in Jenkins CVE-2024-22201
MLIST:[oss-security] 20240321 CVE-2024-26307: Apache Doris: Possible race condition CVE-2024-26307
MLIST:[oss-security] 20240321 CVE-2024-27438: Apache Doris: Downloading arbitrary remote jar files resulting in remote command execution CVE-2024-27438
MLIST:[oss-security] 20240323 Firefox 124.0.1 fixes two critical JavaScript engine vulnerabilities CVE-2024-29943 CVE-2024-29944
MLIST:[oss-security] 20240325 Re: GNU emacs 29.3 released to fix security issues CVE-2024-30202 CVE-2024-30203 CVE-2024-30204 CVE-2024-30205
MLIST:[oss-security] 20240326 CVE-2024-29735: Apache Airflow: Potentially harmful permission changing by log task handler CVE-2024-29735
MLIST:[oss-security] 20240326 WebKitGTK and WPE WebKit Security Advisory WSA-2024-0002 CVE-2023-42843 CVE-2023-42950 CVE-2023-42956 CVE-2024-23254 CVE-2024-23263 CVE-2024-23280 CVE-2024-23284
MLIST:[oss-security] 20240327 CVE-2024-28085: Escape sequence injection in util-linux wall CVE-2024-28085
MLIST:[oss-security] 20240327 Re: CVE-2024-28085: Escape sequence injection in util-linux wall CVE-2024-28085
MLIST:[oss-security] 20240327 [SECURITY ADVISORY] curl: CVE-2024-2004: Usage of disabled protocol CVE-2024-2004
MLIST:[oss-security] 20240327 [SECURITY ADVISORY] curl: CVE-2024-2379: QUIC certificate check bypass with wolfSSL CVE-2024-2379
MLIST:[oss-security] 20240327 [SECURITY ADVISORY] curl: CVE-2024-2398: HTTP/2 push headers memory-leak CVE-2024-2398
MLIST:[oss-security] 20240327 [SECURITY ADVISORY] curl: CVE-2024-2466: TLS certificate check bypass with mbedTLS CVE-2016-3739 CVE-2024-2466
MLIST:[oss-security] 20240328 Re: CVE-2024-28085: Escape sequence injection in util-linux wall CVE-2024-28085
MLIST:[oss-security] 20240328 Re: Re: CVE-2024-28085: Escape sequence injection in util-linux wall CVE-2024-28085
MLIST:[oss-security] 20240329 CVE-2024-23537: Apache Fineract: Under certain circumstances, this vulnerability allowed users, without specific permissions, to escalate their privileges to any role. CVE-2024-23537
MLIST:[oss-security] 20240329 CVE-2024-23538: Apache Fineract: Under certain system configurations, the sqlSearch parameter was vulnerable to SQL injection attacks, potentially allowing attackers to manipulate database queries. CVE-2024-23538
MLIST:[oss-security] 20240329 CVE-2024-23539: Apache Fineract: Under certain system configurations, the sqlSearch parameter for specific endpoints was vulnerable to SQL injection attacks, potentially allowing attackers to manipulate database queries. CVE-2024-23539
MLIST:[oss-security] 20240329 Re: backdoor in upstream xz/liblzma leading to ssh server compromise CVE-2024-3094
MLIST:[oss-security] 20240329 backdoor in upstream xz/liblzma leading to ssh server compromise CVE-2024-3094
MLIST:[oss-security] 20240330 Re: backdoor in upstream xz/liblzma leading to ssh server compromise CVE-2024-3094
MLIST:[oss-security] 20240331 Re: backdoor in upstream xz/liblzma leading to ssh server compromise CVE-2024-3094
MLIST:[oss-security] 20240402 CVE-2024-29834: Apache Pulsar: Improper Authorization For Namespace and Topic Management Endpoints CVE-2024-29834
MLIST:[oss-security] 20240403 CERT/CC VU#421644: HTTP/2 CONTINUATION frames can be utilized for DoS attacks CVE-2023-45288 CVE-2024-2653 CVE-2024-27316 CVE-2024-2758 CVE-2024-27919 CVE-2024-27983 CVE-2024-28182 CVE-2024-30255 CVE-2024-31309
MLIST:[oss-security] 20240403 CVE-2024-1597: PostgreSQL pgjdbc: SQL injection in non-default configuration CVE-2024-1597
MLIST:[oss-security] 20240403 Fwd: X.Org Security Advisory: Issues in X.Org X server prior to 21.1.12 and Xwayland prior to 23.2.5 CVE-2024-31082
MLIST:[oss-security] 20240404 CVE-2023-38709: Apache HTTP Server: HTTP response splitting CVE-2023-38709
MLIST:[oss-security] 20240404 CVE-2024-24795: Apache HTTP Server: HTTP Response Splitting in multiple modules CVE-2024-24795
MLIST:[oss-security] 20240404 CVE-2024-27316: Apache HTTP Server: HTTP/2 DoS by memory exhaustion on endless continuation frames CVE-2024-27316
MLIST:[oss-security] 20240405 CVE-2024-24746: Apache NimBLE: Denial of service in NimBLE Bluetooth stack CVE-2024-24746
MLIST:[oss-security] 20240405 Envoy security releases [1.29.3, 1.28.2, 1.27.4, 1.26.8] are now available CVE-2024-27919 CVE-2024-30255
MLIST:[oss-security] 20240405 Go 1.22.2 and 1.21.9 (CVE-2023-45288 HTTP/2 CONTINUATION issue) CVE-2023-45288
MLIST:[oss-security] 20240407 HTTP::Body before 1.23 for Perl is still vulnerable to CVE-2013-4407 CVE-2013-4407
MLIST:[oss-security] 20240408 Is CVE-2024-30203 bogus? (Emacs) CVE-2024-30203 CVE-2024-30204
MLIST:[oss-security] 20240408 OpenSSL Security Advisory CVE-2024-2511
MLIST:[oss-security] 20240408 Re: Is CVE-2024-30203 bogus? (Emacs) CVE-2024-30202 CVE-2024-30203 CVE-2024-30204
MLIST:[oss-security] 20240409 CVE-2021-28656: Apache Zeppelin: CSRF vulnerability in the Credentials page CVE-2021-28656
MLIST:[oss-security] 20240409 CVE-2022-47894: Apache Zeppelin SAP: connecting to a malicious SAP server allowed it to perform XXE CVE-2022-47894
MLIST:[oss-security] 20240409 CVE-2024-24576: Rust 1.77.1 and earlier did not properly escape arguments of batch files on Windows CVE-2024-24576
MLIST:[oss-security] 20240409 CVE-2024-31860: Apache Zeppelin: Path traversal vulnerability CVE-2024-31860
MLIST:[oss-security] 20240409 CVE-2024-31862: Apache Zeppelin: Denial of service with invalid notebook name CVE-2024-31862
MLIST:[oss-security] 20240409 CVE-2024-31863: Apache Zeppelin: Replacing other users notebook, bypassing any permissions CVE-2024-31863
MLIST:[oss-security] 20240409 CVE-2024-31864: Apache Zeppelin: Remote code execution by adding malicious JDBC connection string CVE-2020-11974 CVE-2024-31864
MLIST:[oss-security] 20240409 CVE-2024-31865: Apache Zeppelin: Cron arbitrary user impersonation with improper privileges CVE-2024-31865
MLIST:[oss-security] 20240409 CVE-2024-31866: Apache Zeppelin: Interpreter download command does not escape malicious code injection CVE-2024-31866
MLIST:[oss-security] 20240409 CVE-2024-31867: Apache Zeppelin: LDAP search filter query Injection Vulnerability CVE-2024-31867
MLIST:[oss-security] 20240409 CVE-2024-31868: Apache Zeppelin: XSS vulnerability in the helium module CVE-2024-31868
MLIST:[oss-security] 20240410 CVE-2024-31309: Apache Traffic Server: HTTP/2 CONTINUATION frames can be utilized for DoS attack CVE-2024-31309
MLIST:[oss-security] 20240410 CVE-2024-31861: Apache Zeppelin: Code injection by Shell interpreter CVE-2024-31861
MLIST:[oss-security] 20240410 Re: CVE-2024-1086: Linux: nf_tables: use-after-free vulnerability in the nft_verdict_init() function CVE-2024-1086
MLIST:[oss-security] 20240410 Re: Is CVE-2024-30203 bogus? (Emacs) CVE-2024-30203 CVE-2024-30204
MLIST:[oss-security] 20240410 Re: Re: Is CVE-2024-30203 bogus? (Emacs) CVE-2024-30203 CVE-2024-30204
MLIST:[oss-security] 20240411 CVE-2024-1086: Linux: nf_tables: use-after-free vulnerability in the nft_verdict_init() function CVE-2024-1086
MLIST:[oss-security] 20240411 CVE-2024-27309: Apache Kafka: Potential incorrect access control during migration from ZK mode to KRaft mode CVE-2024-27309
MLIST:[oss-security] 20240411 Re: CWE-121, CWE-122: libfreeimage 3.40-3.18/19+ buffer overflow CVE-2024-28562 CVE-2024-28563 CVE-2024-28564 CVE-2024-28565 CVE-2024-28584
MLIST:[oss-security] 20240411 Re: Is CVE-2024-30203 bogus? (Emacs) CVE-2024-30203 CVE-2024-30204
MLIST:[oss-security] 20240411 Re: Re: CWE-121, CWE-122: libfreeimage 3.40-3.18/19+ buffer overflow CVE-2024-28562 CVE-2024-28563 CVE-2024-28564 CVE-2024-28565 CVE-2024-28584
MLIST:[oss-security] 20240411 Re: Re: Is CVE-2024-30203 bogus? (Emacs) CVE-2024-30203
MLIST:[oss-security] 20240412 CVE-2024-31391: Apache Solr Operator: Solr-Operator liveness and readiness probes may leak basic auth credentials CVE-2024-31391
MLIST:[oss-security] 20240412 PHP security releases 8.1.28, 8.2.18, & 8.3.6 CVE-2022-31629 CVE-2024-1874 CVE-2024-2756 CVE-2024-2757 CVE-2024-3096
MLIST:[oss-security] 20240412 Re: Fwd: X.Org Security Advisory: Issues in X.Org X server prior to 21.1.12 and Xwayland prior to 23.2.5 CVE-2024-31082
MLIST:[oss-security] 20240414 Linux: Disabling network namespaces CVE-2024-1086
MLIST:[oss-security] 20240414 Re: Linux: Disabling network namespaces CVE-2024-1086
MLIST:[oss-security] 20240415 CVE-2024-31497: Secret Key Recovery of NIST P-521 Private Keys Through Biased ECDSA Nonces in PuTTY Client CVE-2024-31497
MLIST:[oss-security] 20240415 Re: less(1) with LESSOPEN mishandles \n in paths CVE-2024-32487
MLIST:[oss-security] 20240416 [kubernetes] CVE-2024-3177: Bypassing mountable secrets policy imposed by the ServiceAccount admission plugin CVE-2024-3177
MLIST:[oss-security] 20240417 CVE-2024-31869: Apache Airflow: Sensitive configuration for providers displayed when "non-sensitive-only" config used CVE-2023-46288 CVE-2024-31869
MLIST:[oss-security] 20240417 Re: Linux: Disabling network namespaces CVE-2024-1086
MLIST:[oss-security] 20240417 Re: backdoor in upstream xz/liblzma leading to ssh server compromise CVE-2024-3094
MLIST:[oss-security] 20240417 Terrapin vulnerability in Jenkins CLI client CVE-2023-48795
MLIST:[oss-security] 20240417 The GNU C Library security advisories update for 2024-04-17: GLIBC-SA-2024-0004/CVE-2024-2961: ISO-2022-CN-EXT: fix out-of-bound writes when writing escape sequence CVE-2024-2961
MLIST:[oss-security] 20240418 Re: The GNU C Library security advisories update for 2024-04-17: GLIBC-SA-2024-0004/CVE-2024-2961: ISO-2022-CN-EXT: fix out-of-bound writes when writing escape sequence CVE-2024-2961
MLIST:[oss-security] 20240418 flatpak CVE-2024-32462 : Sandbox escape via RequestBackground portal and CWE-88 CVE-2024-32462
MLIST:[oss-security] 20240418 libreswan: IKEv1 default AH/ESP responder can crash and restart CVE-2024-3652
MLIST:[oss-security] 20240419 CVE-2024-29217: Apache Answer: XSS vulnerability when changing personal website CVE-2024-29217
MLIST:[oss-security] 20240419 CVE-2024-29733: Apache Airflow FTP Provider: FTP_TLS instance with unverified SSL context CVE-2024-29733
MLIST:[oss-security] 20240422 83 bogus CVEs assigned to Robot Operating System (ROS) CVE-2023-33565 CVE-2023-33566 CVE-2023-33567 CVE-2023-51197 CVE-2023-51198 CVE-2023-51199 CVE-2023-51200 CVE-2023-51201 CVE-2023-51202 CVE-2023-51204 CVE-2023-51208 CVE-2024-29439 CVE-2024-29440 CVE-2024-29441 CVE-2024-29442 CVE-2024-29443 CVE-2024-29444 CVE-2024-29445 CVE-2024-29447 CVE-2024-29448 CVE-2024-29449 CVE-2024-29450 CVE-2024-29452 CVE-2024-29454 CVE-2024-29455 CVE-2024-30659 CVE-2024-30661 CVE-2024-30662 CVE-2024-30663 CVE-2024-30665 CVE-2024-30666 CVE-2024-30667 CVE-2024-30672 CVE-2024-30674 CVE-2024-30675 CVE-2024-30676 CVE-2024-30678 CVE-2024-30679 CVE-2024-30680 CVE-2024-30681 CVE-2024-30683 CVE-2024-30684 CVE-2024-30686 CVE-2024-30687 CVE-2024-30688 CVE-2024-30690 CVE-2024-30691 CVE-2024-30692 CVE-2024-30694 CVE-2024-30695 CVE-2024-30696 CVE-2024-30697 CVE-2024-30699 CVE-2024-30701 CVE-2024-30702 CVE-2024-30703 CVE-2024-30704 CVE-2024-30706 CVE-2024-30707 CVE-2024-30708 CVE-2024-30710 CVE-2024-30711 CVE-2024-30712 CVE-2024-30713 CVE-2024-30715 CVE-2024-30716 CVE-2024-30718 CVE-2024-30719 CVE-2024-30721 CVE-2024-30722 CVE-2024-30723 CVE-2024-30724 CVE-2024-30726 CVE-2024-30727 CVE-2024-30728 CVE-2024-30729 CVE-2024-30730 CVE-2024-30733 CVE-2024-30735 CVE-2024-30736 CVE-2024-30737
MLIST:[oss-security] 20240422 CVE-2024-27347: Apache HugeGraph-Hubble: SSRF in Hubble connection page CVE-2024-27347
MLIST:[oss-security] 20240422 CVE-2024-27348: Apache HugeGraph-Server: Command execution in gremlin CVE-2024-27348
MLIST:[oss-security] 20240422 CVE-2024-27349: Apache HugeGraph-Server: Bypass whitelist in Auth mode CVE-2024-27349
MLIST:[oss-security] 20240422 Re: 83 bogus CVEs assigned to Robot Operating System (ROS) CVE-2023-33565 CVE-2023-33566 CVE-2023-33567 CVE-2023-51197 CVE-2023-51198 CVE-2023-51199 CVE-2023-51200 CVE-2023-51201 CVE-2023-51202 CVE-2023-51204 CVE-2023-51208 CVE-2024-29439 CVE-2024-29440 CVE-2024-29441 CVE-2024-29442 CVE-2024-29443 CVE-2024-29444 CVE-2024-29445 CVE-2024-29447 CVE-2024-29448 CVE-2024-29449 CVE-2024-29450 CVE-2024-29452 CVE-2024-29454 CVE-2024-29455 CVE-2024-30659 CVE-2024-30661 CVE-2024-30662 CVE-2024-30663 CVE-2024-30665 CVE-2024-30666 CVE-2024-30667 CVE-2024-30672 CVE-2024-30674 CVE-2024-30675 CVE-2024-30676 CVE-2024-30678 CVE-2024-30679 CVE-2024-30680 CVE-2024-30681 CVE-2024-30683 CVE-2024-30684 CVE-2024-30686 CVE-2024-30687 CVE-2024-30688 CVE-2024-30690 CVE-2024-30691 CVE-2024-30692 CVE-2024-30694 CVE-2024-30695 CVE-2024-30696 CVE-2024-30697 CVE-2024-30699 CVE-2024-30701 CVE-2024-30702 CVE-2024-30703 CVE-2024-30704 CVE-2024-30706 CVE-2024-30707 CVE-2024-30708 CVE-2024-30710 CVE-2024-30711 CVE-2024-30712 CVE-2024-30713 CVE-2024-30715 CVE-2024-30716 CVE-2024-30718 CVE-2024-30719 CVE-2024-30721 CVE-2024-30722 CVE-2024-30723 CVE-2024-30724 CVE-2024-30726 CVE-2024-30727 CVE-2024-30728 CVE-2024-30729 CVE-2024-30730 CVE-2024-30733 CVE-2024-30735 CVE-2024-30736 CVE-2024-30737
MLIST:[oss-security] 20240422 Wordpress Responsive theme: arbitrary HTML content injection (CVE-2024-2848) CVE-2024-2848
MLIST:[oss-security] 20240423 Re: 83 bogus CVEs assigned to Robot Operating System (ROS) CVE-2023-33565 CVE-2023-33566 CVE-2023-33567 CVE-2023-51197 CVE-2023-51198 CVE-2023-51199 CVE-2023-51200 CVE-2023-51201 CVE-2023-51202 CVE-2023-51204 CVE-2023-51208 CVE-2024-29439 CVE-2024-29440 CVE-2024-29441 CVE-2024-29442 CVE-2024-29443 CVE-2024-29444 CVE-2024-29445 CVE-2024-29447 CVE-2024-29448 CVE-2024-29449 CVE-2024-29450 CVE-2024-29452 CVE-2024-29454 CVE-2024-29455 CVE-2024-30659 CVE-2024-30661 CVE-2024-30662 CVE-2024-30663 CVE-2024-30665 CVE-2024-30666 CVE-2024-30667 CVE-2024-30672 CVE-2024-30674 CVE-2024-30675 CVE-2024-30676 CVE-2024-30678 CVE-2024-30679 CVE-2024-30680 CVE-2024-30681 CVE-2024-30683 CVE-2024-30684 CVE-2024-30686 CVE-2024-30687 CVE-2024-30688 CVE-2024-30690 CVE-2024-30691 CVE-2024-30692 CVE-2024-30694 CVE-2024-30695 CVE-2024-30696 CVE-2024-30697 CVE-2024-30699 CVE-2024-30701 CVE-2024-30702 CVE-2024-30703 CVE-2024-30704 CVE-2024-30706 CVE-2024-30707 CVE-2024-30708 CVE-2024-30710 CVE-2024-30711 CVE-2024-30712 CVE-2024-30713 CVE-2024-30715 CVE-2024-30716 CVE-2024-30718 CVE-2024-30719 CVE-2024-30721 CVE-2024-30722 CVE-2024-30723 CVE-2024-30724 CVE-2024-30726 CVE-2024-30727 CVE-2024-30728 CVE-2024-30729 CVE-2024-30730 CVE-2024-30733 CVE-2024-30735 CVE-2024-30736 CVE-2024-30737
MLIST:[oss-security] 20240424 CVE-2024-0582 - Linux kernel use-after-free vulnerability in io_uring, writeup and exploit strategy CVE-2022-29582 CVE-2023-2598 CVE-2024-0582
MLIST:[oss-security] 20240424 PowerDNS Recursor Security Advisory 2024-02: if recursive forwarding is configured, crafted responses can lead to a denial of service in Recursor CVE-2024-25583
MLIST:[oss-security] 20240424 Re: The GNU C Library security advisories update for 2024-04-17: GLIBC-SA-2024-0004/CVE-2024-2961: ISO-2022-CN-EXT: fix out-of-bound writes when writing escape sequence CVE-2024-2961
MLIST:[oss-security] 20240429 CVE-2024-27322: Deserialization vulnerability in R before 4.4.0 CVE-2024-27322
MLIST:[oss-security] 20240430 Re: Telegram Web app XSS / Session Hijacking 1-click CVE-2024-33905
MLIST:[oss-security] 20240430 Re: libksieve (used by kmail/kontact) sent password as username CVE-2023-52723
MLIST:[oss-security] 20240502 CVE-2024-30251: DoS in aiohttp CVE-2024-30251
MLIST:[oss-security] 20240502 CVE-2024-32638: Apache APISIX: Forward-Auth Request Smuggling CVE-2024-32638
MLIST:[oss-security] 20240502 Multiple vulnerabilities in Jenkins plugins CVE-2016-3721 CVE-2024-34144 CVE-2024-34145 CVE-2024-34146 CVE-2024-34147 CVE-2024-34148
MLIST:[oss-security] 20240503 CVE-2023-35701: Apache Hive: Arbitrary command execution via JDBC driver CVE-2023-35701
MLIST:[oss-security] 20240506 Fwd: uriparser 0.9.8 released, includes security fixes CVE-2024-34402 CVE-2024-34403
MLIST:[oss-security] 20240506 Re: Buildroot: incorrect permissons on /dev/shm CVE-2024-34455
MLIST:[oss-security] 20240506 Re: Fwd: uriparser 0.9.8 released, includes security fixes CVE-2024-34402 CVE-2024-34403
MLIST:[oss-security] 20240506 Re: [Buildroot] Buildroot: incorrect permissons on /dev/shm CVE-2024-34455
MLIST:[oss-security] 20240507 CVE-2023-49606, CVE-2023-40533: memory safety vulnerabilities in tinyproxy <=1.11.1 CVE-2023-40533 CVE-2023-49606
MLIST:[oss-security] 20240507 HNS-2024-07 - HN Security Advisory - Multiple vulnerabilities in RIOT OS CVE-2024-31225 CVE-2024-32017 CVE-2024-32018
MLIST:[oss-security] 20240507 Re: Buildroot: incorrect permissons on /dev/shm CVE-2024-34455
MLIST:[oss-security] 20240508 CVE-2024-26579: Apache Inlong JDBC Vulnerability CVE-2024-26579
MLIST:[oss-security] 20240508 CVE-2024-32113: Apache OFBiz: Path traversal leading to RCE CVE-2024-32113
MLIST:[oss-security] 20240508 Re: New SMTP smuggling attack CVE-2023-51764
MLIST:[oss-security] 20240508 Xen Security Advisory 457 v3 (CVE-2024-27393) - Linux/xen-netfront: Memory leak due to missing cleanup function CVE-2024-27393
MLIST:[oss-security] 20240508 [kubernetes] CVE-2024-3744: azure-file-csi-driver discloses service account tokens in logs CVE-2024-3744
MLIST:[oss-security] 20240508 [security] Go 1.22.3 and Go 1.21.10 are released CVE-2024-24787 CVE-2024-24788
MLIST:[oss-security] 20240509 CVE-2024-34365: Apache Karaf Cave: Cave SSRF and arbitrary file access CVE-2024-34365
MLIST:[oss-security] 20240513 PowerDNS Security Advisory 2024-03: Transfer requests received over DoH can lead to a denial of service in DNSdist CVE-2024-25581
MLIST:[oss-security] 20240514 CVE-2024-32077: Apache Airflow: XSS vulnerability in Task Instance Log/Log Details CVE-2024-32077
MLIST:[oss-security] 20240514 git: 5 vulnerabilities fixed CVE-2022-39253 CVE-2024-32002 CVE-2024-32004 CVE-2024-32020 CVE-2024-32021 CVE-2024-32465
MLIST:[oss-security] 20240515 CVE-2024-21823: Intel DSA and Intel IAA advisory CVE-2024-21823
MLIST:[oss-security] 20240516 CVE-2024-34058: Nethserver 7 & 8 stored cross-site scripting (XSS) in WebTop package CVE-2024-34058
MLIST:[oss-security] 20240516 OpenSSL Security Advisory CVE-2023-3446
MLIST:[oss-security] 20240516 OpenSSL Security Advisory [corrected CVE id] CVE-2024-4603
MLIST:[oss-security] 20240521 WebKitGTK and WPE WebKit Security Advisory WSA-2024-0003 CVE-2024-27834
MLIST:[oss-security] 20240524 Multiple vulnerabilities in Jenkins plugins CVE-2024-28793 CVE-2024-5273
MLIST:[oss-security] 20240527 Re: The GNU C Library security advisories update for 2024-04-17: GLIBC-SA-2024-0004/CVE-2024-2961: ISO-2022-CN-EXT: fix out-of-bound writes when writing escape sequence CVE-2024-2961
MLIST:[oss-security] 20240528 HNS-2024-06 - HN Security Advisory - Multiple vulnerabilities in Eclipse ThreadX CVE-2024-2212 CVE-2024-2214 CVE-2024-2452
MLIST:[oss-security] 20240529 Re: List linux CVEs for a given stable release? CVE-2024-35867
MLIST:[oss-security] 20240530 Re: List linux CVEs for a given stable release? CVE-2024-35844 CVE-2024-35867 CVE-2024-35904 CVE-2024-35951 CVE-2024-35971 CVE-2024-36009 CVE-2024-36013
MLIST:[oss-security] 20240530 nginx HTTP/3 security issues/fixes CVE-2024-24989 CVE-2024-24990 CVE-2024-31079 CVE-2024-32760 CVE-2024-34161 CVE-2024-35200
MLIST:[oss-security] 20240603 CVE-2024-36104: Apache OFBiz: Path traversal leading to a RCE CVE-2024-36104
MLIST:[oss-security] 20240604 Go 1.22.4 and Go 1.21.11 released with 2 security fixes (CVE-2024-24789, CVE-2024-24790) CVE-2024-24789 CVE-2024-24790
MLIST:[oss-security] 20240604 libarchive 3.7.4 released with 2 security fixes CVE-2024-20697
MLIST:[oss-security] 20240605 Re: libarchive 3.7.4 released with 2 security fixes CVE-2024-20697
MLIST:[oss-security] 20240606 PHP security releases 8.3.8, 8.2.20, and 8.1.29 CVE-2012-1823 CVE-2024-1874 CVE-2024-4577 CVE-2024-5458 CVE-2024-5585
MLIST:[oss-security] 20240606 [SBA-ADV-20240202-01] CVE-2024-5657: CraftCMS Plugin - Two-Factor Authentication 3.3.1 to 3.3.3 - Password Hash Disclosure CVE-2022-37783 CVE-2024-5657
MLIST:[oss-security] 20240606 [SBA-ADV-20240202-02] CVE-2024-5658: CraftCMS Plugin - Two-Factor Authentication through 3.3.3 - TOTP Token Stays Valid After Use CVE-2024-5658
MLIST:[oss-security] 20240609 Re: vte 0.76.3 released with fix for CVE-2024-37535 CVE-2000-0476 CVE-2024-37535
MLIST:[oss-security] 20240609 vte 0.76.3 released with fix for CVE-2024-37535 CVE-2000-0476 CVE-2024-37535
MLIST:[oss-security] 20240611 CVE-2024-35235 cups: Cupsd Listen arbitrary chmod 0140777 CVE-2024-35235
MLIST:[oss-security] 20240612 CVE-2024-36263: Apache Submarine Server Core: SQL injection CVE-2024-36263
MLIST:[oss-security] 20240612 CVE-2024-36264: Apache Submarine Commons Utils: default secret CVE-2024-36264
MLIST:[oss-security] 20240612 CVE-2024-36265: Apache Submarine Server Core: authorization bypass CVE-2024-36265
MLIST:[oss-security] 20240612 Re: CVE-2024-35235 cups: Cupsd Listen arbitrary chmod 0140777 CVE-2024-35235
MLIST:[oss-security] 20240613 Re: Re: CVE-2024-35235 cups: Cupsd Listen arbitrary chmod 0140777 CVE-2024-35235
MLIST:[oss-security] 20240613 Re: Security vulnerability in fprintd CVE-2024-37408
MLIST:[oss-security] 20240614 Re: Security vulnerability in fprintd CVE-2024-37408
MLIST:[oss-security] 20240615 iTerm2 3.5.x title reporting bug CVE-2003-0063 CVE-2022-45063
MLIST:[oss-security] 20240617 Fwd: [Security-announce][CVE-2024-0397] Memory race condition in ssl.SSLContext certificate store methods CVE-2024-0397
MLIST:[oss-security] 20240617 Fwd: [Security-announce][CVE-2024-4032] Incorrect IPv4 and IPv6 private ranges CVE-2024-4032
MLIST:[oss-security] 20240617 Re: iTerm2 3.5.x title reporting bug CVE-2022-45063 CVE-2024-38395 CVE-2024-38396
MLIST:[oss-security] 20240620 CVE-2024-34693: Apache Superset: Server arbitrary file read CVE-2024-34693
MLIST:[oss-security] 20240625 Re: Out-of-bounds read & write in the glibc's qsort() CVE-2019-14861
MLIST:[oss-security] 29190123 ghostscript: subroutines within pseudo-operators must themselves be pseudo-operators CVE-2019-6116
MLIST:[oss-security] CVE-2019-18932: sarg: insecure usage of /tmp/sarg allows privilege escalation / DoS attack vector CVE-2019-18932
MLIST:[oss-security] CVE-2021-3489 - Linux kernel eBPF RINGBUF map oversized allocation CVE-2021-3489
MLIST:[oss-security] CVE-2021-3490 - Linux kernel eBPF bitwise ops ALU32 bounds tracking CVE-2021-3490
MLIST:[oss-security] CVE-2021-3491 - Linux kernel io_uring PROVIDE_BUFFERS MAX_RW_COUNT bypass CVE-2021-3491
MLIST:[oss-security] Linux kernel: three KVM bugs (CVE-2019-6974, CVE-2019-7221, CVE-2019-7222) CVE-2019-7222
MLIST:[oss-security] Re: 20090212 CVE Request -- net-snmp (sensitive host information disclosure) CVE-2008-6123
MLIST:[oss-sercurity] 20150620 CVE Request: MITM & Shoulder-surfing vuln in Ruby OTP/HOTP/TOTP library "ROPT" CVE-2015-7225
MLIST:[oss-seucrity] 20131004 CVE request for Drupal contributed module CVE-2013-4406
MLIST:[oss-seucrity] 20131004 Re: CVE request for Drupal contributed module CVE-2013-4406
MLIST:[ovs-announce] 20160328 CVE-2016-2074: MPLS buffer overflow vulnerabilities in Open vSwitch CVE-2016-2074
MLIST:[ovs-announce] 20160328 Open vSwitch 2.4.1 and 2.3.3 Available CVE-2016-2074
MLIST:[owasp-mobile-security-project] 20130617 Cracking iOS personal hotspots using a Scrabble crossword game word list CVE-2013-4616
MLIST:[owl-users] 20040619 Linux 2.4.26-ow2 CVE-2004-0447 CVE-2004-0565
MLIST:[owm-announce] 20060502 OpenWebMail version 2.52 CVE-2006-2190
MLIST:[pacman-dev] 20160606 [PATCH] Fix OOB read and endless loop in signature parser. CVE-2016-5434
MLIST:[pam-mount-user] 20080905 pam_mount 0.47 released CVE-2008-3970
MLIST:[parallel] 20150423 GNU Parallel Security Advisory: GNU Parallel can be tricked into overwriting a file CVE-2015-4155 CVE-2015-4156
MLIST:[parallel] 20150522 GNU Parallel 20150522 ('Nepal') released [stable] CVE-2015-4155 CVE-2015-4156
MLIST:[pcsclite-muscle] 20161226 New pcsc-lite 1.8.20 CVE-2016-10109
MLIST:[pdfbox-dev] 20201115 ossindex-maven-plugin and build issue CVE-2020-15250
MLIST:[pdfbox-dev] 20210322 OSS-Fuzz integration CVE-2021-27807 CVE-2021-27906
MLIST:[pdfbox-dev] 20210518 CVE's CVE-2018-11797 CVE-2021-27807 CVE-2021-27906
MLIST:[pdfbox-users] 20210120 Security Vulnerability with PDFbox 1.8.16 CVE-2019-0228
MLIST:[pdfbox-users] 20210319 CVE-2021-27807: A carefully crafted PDF file can trigger an infinite loop while loading the file CVE-2021-27807
MLIST:[pdfbox-users] 20210319 CVE-2021-27906: A carefully crafted PDF file can trigger an OutOfMemory-Exception while loading the file CVE-2021-27906
MLIST:[pdfbox-users] 20210320 CVE-2021-27807: Apache PDFBox: a carefully crafted PDF file can trigger an infinite loop while loading the file CVE-2021-27807
MLIST:[pdfbox-users] 20210320 CVE-2021-27906: Apache PDFBox: a carefully crafted PDF file can trigger an OutOfMemory-Exception while loading the file CVE-2021-27906
MLIST:[pdfbox-users] 20210612 CVE-2021-31811: Apache PDFBox: A carefully crafted PDF file can trigger an OutOfMemory-Exception while loading a tiny file CVE-2021-31811
MLIST:[pdfbox-users] 20210612 CVE-2021-31812: Apache PDFBox: A carefully crafted PDF file can trigger an infinite loop while loading the file CVE-2021-31812
MLIST:[pdns-users] 20080806 Security update: PowerDNS Authoritative Server 2.9.21.1 released CVE-2008-3337
MLIST:[pennmush-announce] 20070311 PennMUSH 1.8.2p3 and 1.8.3p1 Released CVE-2007-1431
MLIST:[perl-modperl-cvs] 20190924 svn commit: r1867470 - /perl/modperl/trunk/src/modules/perl/mod_perl.c CVE-2011-2767
MLIST:[perl.perl5.porters] 20121010 maint-5.12, maint-5.14, and CVE-2012-5195 CVE-2012-5195
MLIST:[perl.perl5.porters] 20130304 CVE-2013-1667: important rehashing flaw CVE-2013-1667
MLIST:[perl.perl5.porters] 20140918 fix for CVE-2014-4330 present in blead CVE-2014-4330
MLIST:[perl.perl5.porters] 20160725 CVE-2016-1238: Important unsafe module load path flaw CVE-2016-1238
MLIST:[perl5-porters] 20121205 Re: security notice: Locale::Maketext CVE-2012-6329
MLIST:[perl5-porters] 20121205 security notice: Locale::Maketext CVE-2012-6329
MLIST:[pgsql-admin] 20020821 Re: OT: password encryption (salt theory) CVE-2002-1657
MLIST:[pgsql-announce] 20020824 PostgreSQL 7.2.2: Security Release CVE-2002-1402
MLIST:[pgsql-announce] 20021003 v7.2.3 Released to fix Potentially Critical Bug CVE-2002-1642
MLIST:[pgsql-announce] 20050201 PostgreSQL Security Release CVE-2005-0227
MLIST:[pgsql-announce] 20060109 CRITICAL RELEASE: Minor Releases to Fix DoS Vulnerability CVE-2006-0105
MLIST:[pgsql-announce] 20060214 Minor Releases 7.3 thru 8.1 Available to Fix Security Issue CVE-2006-0553
MLIST:[pgsql-announce] 20060523 Security Releases for All Active Versions CVE-2006-2313 CVE-2006-2314
MLIST:[pgsql-bugs] 20050121 Privilege escalation via LOAD CVE-2005-0227
MLIST:[pgsql-bugs] 20090227 BUG #4680: Server crashed if using wrong (mismatch) conversion functions CVE-2009-0922
MLIST:[pgsql-bugs] 20090227 Re: BUG #4680: Server crashed if using wrong (mismatch) conversion functions CVE-2009-0922
MLIST:[pgsql-www] 20090909 Re: Incorrect CVE reference on security page CVE-2009-3230
MLIST:[phoenix-dev] 20210419 [GitHub] [phoenix-omid] richardantal opened a new pull request #93: OMID-207 Upgrade to snakeyaml 1.26 due to CVE-2017-18640 CVE-2017-18640
MLIST:[phoenix-dev] 20210419 [jira] [Created] (OMID-207) Upgrade to snakeyaml 1.26 due to CVE-2017-18640 CVE-2017-18640
MLIST:[php-announce] 20091119 5.3.1 Release announcement CVE-2009-3292 CVE-2009-3294 CVE-2009-3559
MLIST:[php-cvs] 20060330 cvs: php-src /ext/standard info.c CVE-2006-0996
MLIST:[php-dev] 20070209 PHP 5.2.1 crashing Apache/IIS... CVE-2007-0911
MLIST:[php-dev] 20070210 Re: PHP 5.2.1 crashing Apache/IIS... CVE-2007-0911
MLIST:[php-general] 20070410 Decoding from unknown charsets (inc. ks_c_5601-1987) CVE-2010-4699
MLIST:[phpgroupware-users] 20100512 Phpgroupware security release 0.9.16.016 CVE-2010-0403 CVE-2010-0404
MLIST:[phpmyadmin-news] 20080915 phpMyAdmin 2.11.9.1 is released CVE-2008-4096
MLIST:[phpwiki-talk] 20070408 Important UpLoad security fix! was [Fwd: [phpwiki - Open Discussion] RE: upload security risk] CVE-2007-2025
MLIST:[phpwiki-talk] 20070413 Fwd: Critical phpwiki c99shell exploit CVE-2007-2024
MLIST:[pkgsrc-changes] 20090610 CVS commit: pkgsrc/lang/ruby18-base CVE-2009-1904
MLIST:[plash] 20070301 TTY ioctl() vulnerability CVE-2007-1400
MLIST:[png-mng-announce] 20141222 libpng-1.5.21 and 1.6.16 are available CVE-2014-9495 CVE-2015-0973
MLIST:[png-mng-implement] 20070911 FW: Compiler warnings for pngrtran.c CVE-2007-5268
MLIST:[png-mng-implement] 20070911 FW: Suspicious `sizeof' line 694 of pngset.c CVE-2007-5266
MLIST:[png-mng-implement] 20070914 libpng-1.0.29beta1 and libpng-1.2.21beta1 CVE-2007-5266 CVE-2007-5268
MLIST:[png-mng-implement] 20071004 Libpng-1.2.21 and libpng-1.0.29 released CVE-2007-5268 CVE-2007-5269
MLIST:[png-mng-implement] 20071005 libpng 1.2.21 iCCP chunk handling bug CVE-2007-5267
MLIST:[png-mng-implement] 20071015 libpng 1.2.21 iCCP chunk handling bug CVE-2007-5267
MLIST:[png-mng-implement] 20080918 libpng-1.0.40 and libpng-1.2.32 available CVE-2008-3964
MLIST:[png-mng-implement] 20081126 Memory overwriting bug in png_check_keyword() CVE-2008-5907
MLIST:[png-mng-implement] 20141221 Re: libpng-1.5.21rc02 and 1.6.16rc02 are available CVE-2014-9495
MLIST:[poi-dev] 20210304 [Bug 65166] New: Apache Batik 1.13 vulnerabilities (CVE-2020-11987, CVE-2020-11988) CVE-2020-11987 CVE-2020-11988
MLIST:[poi-dev] 20210308 [Bug 65166] Apache Batik 1.13 vulnerabilities (CVE-2020-11987, CVE-2020-11988) CVE-2020-11987 CVE-2020-11988
MLIST:[poi-dev] 20210923 Re: [VOTE] Apache POI 5.1.0 release (RC1) CVE-2021-35515 CVE-2021-35516 CVE-2021-35517 CVE-2021-36090
MLIST:[poi-user] 20210923 Re: CVE-2021-40690 on xmlsec jar CVE-2021-40690
MLIST:[polkit-devel] 20150529 Agent Authentication Question CVE-2015-4625
MLIST:[polkit-devel] 20150603 Agent Authentication Question CVE-2015-4625
MLIST:[polkit-devel] 20150702 polkit-0.113 released CVE-2015-4625
MLIST:[ponymail-users] 20190420 [CVE-2019-0218] Apache Pony Mail (incubating) Reflected XSS CVE-2019-0218
MLIST:[pool] 20111210 Odd surge in traffic today CVE-2013-5211
MLIST:[poppler] 20090123 poppler/JBIG2Stream.cc CVE-2009-0756
MLIST:[poppler] 20090128 poppler/Form.cc CVE-2009-0755
MLIST:[portals-jetspeed-user] 20160303 [CVE-2016-0709] Apache Jetspeed information disclosure vulnerability CVE-2016-0709
MLIST:[portals-jetspeed-user] 20160303 [CVE-2016-0710] Apache Jetspeed information disclosure vulnerability CVE-2016-0710
MLIST:[portals-jetspeed-user] 20160303 [CVE-2016-0711] Apache Jetspeed information disclosure vulnerability CVE-2016-0711
MLIST:[portals-jetspeed-user] 20160303 [CVE-2016-0712] Apache Jetspeed information disclosure vulnerability CVE-2016-0712
MLIST:[portals-jetspeed-user] 20160329 [CVE-2016-2171] Jetspeed User Manager REST service not restricted by Jetspeed Security CVE-2016-2171
MLIST:[portals-pluto-dev] 20210623 [jira] [Closed] (PLUTO-786) Upgrade to version Spring Framework 5.3.7 and Spring Security 5.5.0 due to CVE-2021-22112 CVE-2021-22112
MLIST:[portals-pluto-dev] 20210623 [jira] [Updated] (PLUTO-786) Upgrade to version Spring Framework 5.3.7 and Spring Security 5.5.0 due to CVE-2021-22112 CVE-2021-22112
MLIST:[portals-pluto-dev] 20210629 [jira] [Closed] (PLUTO-787) Migrate from Log4j 1.x to Log4j 2.x due to CVE-2019-17571 CVE-2019-17571
MLIST:[portals-pluto-dev] 20210629 [jira] [Updated] (PLUTO-787) Migrate from Log4J and SLF4J dependencies due to CVE-2019-17571 CVE-2019-17571
MLIST:[portals-pluto-dev] 20210629 [jira] [Updated] (PLUTO-787) Migrate from Log4j 1.x to Log4j 2.x due to CVE-2019-17571 CVE-2019-17571
MLIST:[portals-pluto-dev] 20210714 [jira] [Closed] (PLUTO-786) Upgrade to version Spring Framework 5.3.7 and Spring Security 5.5.1 due to CVE-2021-22112 and CVE-2021-22119 CVE-2021-22112 CVE-2021-22119
MLIST:[portals-pluto-dev] 20210714 [jira] [Closed] (PLUTO-789) Upgrade to commons-io-2.7 due to CVE-2021-29425 CVE-2021-29425
MLIST:[portals-pluto-dev] 20210714 [jira] [Closed] (PLUTO-790) Upgrade to JUnit 4.13.1 due to CVE-2020-15250 CVE-2020-15250
MLIST:[portals-pluto-dev] 20210714 [jira] [Closed] (PLUTO-791) Upgrade to hibernate-validator-6.0.20.Final due to CVE-2020-10693 and CVE-2019-10219 CVE-2019-10219 CVE-2020-10693
MLIST:[portals-pluto-dev] 20210714 [jira] [Closed] (PLUTO-792) Upgrade to taglibs-standard-impl-1.2.3 due to CVE-2015-0254 CVE-2015-0254
MLIST:[portals-pluto-dev] 20210714 [jira] [Comment Edited] (PLUTO-786) Upgrade to version Spring Framework 5.3.7 and Spring Security 5.5.1 due to CVE-2021-22112 and CVE-2021-22119 CVE-2021-22112 CVE-2021-22119
MLIST:[portals-pluto-dev] 20210714 [jira] [Created] (PLUTO-789) Upgrade to commons-io-2.7 due to CVE-2021-29425 CVE-2021-29425
MLIST:[portals-pluto-dev] 20210714 [jira] [Created] (PLUTO-790) Upgrade to JUnit 4.13.1 due to CVE-2020-15250 CVE-2020-15250
MLIST:[portals-pluto-dev] 20210714 [jira] [Created] (PLUTO-791) Upgrade to hibernate-validator-6.0.20.Final due to CVE-2020-10693 and CVE-2019-10219 CVE-2019-10219 CVE-2020-10693
MLIST:[portals-pluto-dev] 20210714 [jira] [Created] (PLUTO-792) Upgrade to taglibs-standard-impl-1.2.3 due to CVE-2015-0254 CVE-2015-0254
MLIST:[portals-pluto-dev] 20210714 [jira] [Reopened] (PLUTO-786) Upgrade to version Spring Framework 5.3.7 and Spring Security 5.5.0 due to CVE-2021-22112 CVE-2021-22112
MLIST:[portals-pluto-dev] 20210714 [jira] [Reopened] (PLUTO-786) Upgrade to version Spring Framework 5.3.7 and Spring Security 5.5.1 due to CVE-2021-22112 and CVE-2021-22119 CVE-2021-22112 CVE-2021-22119
MLIST:[portals-pluto-dev] 20210714 [jira] [Updated] (PLUTO-786) Upgrade to version Spring Framework 5.3.7 and Spring Security 5.5.1 due to CVE-2021-22112 and CVE-2021-22119 CVE-2021-22112 CVE-2021-22119
MLIST:[portals-pluto-scm] 20210623 [portals-pluto] branch master updated: PLUTO-786 Upgrade to version Spring Framework 5.3.7 and Spring Security 5.5.0 due to CVE-2021-22112 CVE-2021-22112
MLIST:[portals-pluto-scm] 20210629 [portals-pluto] branch master updated: PLUTO-787 Migrate from Log4j 1.x to Log4j 2.x due to CVE-2019-17571 CVE-2019-17571
MLIST:[portals-pluto-scm] 20210714 [portals-pluto] branch master updated: PLUTO-786 Upgrade to version Spring Framework 5.3.7 and Spring Security 5.5.1 due to CVE-2021-22112 and CVE-2021-22119 CVE-2021-22112 CVE-2021-22119
MLIST:[portals-pluto-scm] 20210714 [portals-pluto] branch master updated: PLUTO-789 Upgrade to commons-io-2.7 due to CVE-2021-29425 CVE-2021-29425
MLIST:[portals-pluto-scm] 20210714 [portals-pluto] branch master updated: PLUTO-790 Upgrade to JUnit 4.13.1 due to CVE-2020-15250 CVE-2020-15250
MLIST:[portals-pluto-scm] 20210714 [portals-pluto] branch master updated: PLUTO-791 Upgrade to hibernate-validator-6.0.20.Final due to CVE-2020-10693 and CVE-2019-10219 CVE-2019-10219 CVE-2020-10693
MLIST:[portals-pluto-scm] 20210714 [portals-pluto] branch master updated: PLUTO-792 Upgrade to taglibs-standard-impl-1.2.3 due to CVE-2015-0254 CVE-2015-0254
MLIST:[porters] 20160301 CVE-2016-2381: duplicate environment variables CVE-2016-2381
MLIST:[postfix-announce] 20110509 Memory corruption in Postfix SMTP server Cyrus SASL support (CVE-2011-1720) CVE-2011-1720
MLIST:[postfixadmin-devel] 20170204 Security hole in AliasHandler CVE-2017-5930
MLIST:[postgrey] 20050414 ANNOUNCE: Postgrey 1.21 (SECURITY) CVE-2005-1127
MLIST:[postgrey] 20050414 Problem with crashing postgrey CVE-2005-1127
MLIST:[postgrey] 20050414 Re: Problem with crashing postgrey CVE-2005-1127
MLIST:[pound-list] 20051020 ANNOUNCE: Pound - reverse proxy and load balancer - v1.9.4 CVE-2005-3751
MLIST:[pound_list] 20050426 remote buffer overflow in pound 1.8.2 + question abotu Host header CVE-2005-1391
MLIST:[productinfo] 20080611 Ingate Firewall and SIParator affected by SNMPv3 vulnerability CVE-2008-0960
MLIST:[protocol-cvs] 20090828 rtsp rtspclnt.cpp,1.244,1.245 CVE-2009-4247
MLIST:[pspp-announce] 20170812 pspp-0.11.0 released [stable] CVE-2017-10791 CVE-2017-10792
MLIST:[public-webapps] 20090918 fyi: Strict Transport Security specification CVE-2008-7294
MLIST:[pulsar-commits] 20190329 [GitHub] [pulsar] massakam opened a new pull request #3938: Upgrade third party libraries with security vulnerabilities CVE-2018-19360 CVE-2018-19361 CVE-2018-19362
MLIST:[pulsar-commits] 20190416 [GitHub] [pulsar] one70six opened a new issue #4057: Security Vulnerabilities - Black Duck Scan - Pulsar v.2.3.1 CVE-2011-4969 CVE-2013-0253 CVE-2013-7397 CVE-2013-7398 CVE-2015-2156 CVE-2016-4469 CVE-2016-5005 CVE-2017-5657 CVE-2017-9735 CVE-2018-1000873 CVE-2018-10237 CVE-2018-11771 CVE-2018-12545 CVE-2018-1324 CVE-2018-14719 CVE-2018-14720 CVE-2018-14721 CVE-2018-19360 CVE-2018-19361 CVE-2018-19362
MLIST:[pulsar-commits] 20190822 [GitHub] [pulsar] massakam opened a new pull request #5011: [security] Upgrade jackson-databind CVE-2019-14379
MLIST:[pulsar-commits] 20191127 [GitHub] [pulsar] massakam opened a new pull request #5758: Bump jackson libraries to 2.10.1 CVE-2019-17531
MLIST:[pulsar-commits] 20200416 [GitHub] [pulsar] massakam opened a new pull request #6746: [build] Bump netty version to 4.1.48.Final CVE-2020-11612
MLIST:[pulsar-commits] 20200828 [GitHub] [pulsar] klwilson227 opened a new issue #7931: CVE-2018-12540 pulsar use of io.vertx-web.jar vertx 3.4.1 CVE-2018-12540
MLIST:[pulsar-commits] 20200830 [GitHub] [pulsar] codelipenghui commented on issue #7928: CVE-2017-18640 exposure snakeyaml below 1.26 CVE-2017-18640
MLIST:[pulsar-commits] 20200830 [GitHub] [pulsar] codelipenghui commented on issue #7931: CVE-2018-12540 pulsar use of io.vertx-web.jar vertx 3.4.1 CVE-2018-12540
MLIST:[pulsar-commits] 20200830 [GitHub] [pulsar] wolfstudy commented on issue #7931: CVE-2018-12540 pulsar use of io.vertx-web.jar vertx 3.4.1 CVE-2018-12540
MLIST:[pulsar-commits] 20200831 [GitHub] [pulsar] wolfstudy commented on issue #7928: CVE-2017-18640 exposure snakeyaml below 1.26 CVE-2017-18640
MLIST:[pulsar-commits] 20200831 [GitHub] [pulsar] wolfstudy edited a comment on issue #7928: CVE-2017-18640 exposure snakeyaml below 1.26 CVE-2017-18640
MLIST:[pulsar-commits] 20200903 [GitHub] [pulsar] guyv opened a new issue #7970: pulsar-client vulnerability CVE-2019-17638 CVE-2019-17638
MLIST:[pulsar-commits] 20200907 [GitHub] [pulsar] jiazhai closed issue #7928: CVE-2017-18640 exposure snakeyaml below 1.26 CVE-2017-18640
MLIST:[pulsar-commits] 20200908 [GitHub] [pulsar] wolfstudy closed issue #7931: CVE-2018-12540 pulsar use of io.vertx-web.jar vertx 3.4.1 CVE-2018-12540
MLIST:[pulsar-commits] 20200911 [GitHub] [pulsar] codelipenghui closed issue #7970: pulsar-client vulnerability CVE-2019-17638 CVE-2019-17638
MLIST:[pulsar-commits] 20200912 [GitHub] [pulsar] codelipenghui closed issue #7970: pulsar-client vulnerability CVE-2019-17638 CVE-2019-17638
MLIST:[pulsar-commits] 20200914 [GitHub] [pulsar] klwilson227 opened a new issue #8060: CVE-2019-17638 jetty server CVE-2019-17638
MLIST:[pulsar-commits] 20200914 [GitHub] [pulsar] klwilson227 opened a new issue #8061: CVE-2017-14063 CVE-2016-8624 CVE-2017-14063
MLIST:[pulsar-commits] 20200922 [GitHub] [pulsar] zymap commented on issue #8060: CVE-2019-17638 jetty server CVE-2019-17638
MLIST:[pulsar-commits] 20200923 [GitHub] [pulsar] zymap commented on issue #8060: CVE-2019-17638 jetty server CVE-2019-17638
MLIST:[pulsar-commits] 20200924 [GitHub] [pulsar] jiazhai closed issue #8061: CVE-2017-14063 CVE-2017-14063
MLIST:[pulsar-commits] 20200925 [GitHub] [pulsar] jiazhai closed issue #8061: CVE-2017-14063 CVE-2017-14063
MLIST:[pulsar-commits] 20200929 [GitHub] [pulsar] sijie closed issue #8060: CVE-2019-17638 jetty server CVE-2019-17638
MLIST:[pulsar-commits] 20200929 [GitHub] [pulsar] sijie commented on issue #8060: CVE-2019-17638 jetty server CVE-2019-17638
MLIST:[pulsar-commits] 20201005 [GitHub] [pulsar] abhishekheaven7 closed issue #8203: Pulsar client with version 2.6.1 has critical vulnerability CVE-2019-17638 CVE-2019-17638
MLIST:[pulsar-commits] 20201005 [GitHub] [pulsar] abhishekheaven7 opened a new issue #8203: Pulsar client with version 2.6.1 has critical vulnerability CVE-2019-17638 CVE-2019-17638
MLIST:[pulsar-commits] 20201022 [GitHub] [pulsar] Ghatage opened a new pull request #8355: [Issue 8354][pulsar-io] Upgrade spring framework version to patch CVE-2020-5421 CVE-2020-5421
MLIST:[pulsar-commits] 20201023 [GitHub] [pulsar] Ghatage commented on pull request #8355: [Issue 8354][pulsar-io] Upgrade spring framework version to patch CVE-2020-5421 CVE-2020-5421
MLIST:[pulsar-commits] 20201026 [GitHub] [pulsar] wolfstudy commented on pull request #8355: [Issue 8354][pulsar-io] Upgrade spring framework version to patch CVE-2020-5421 CVE-2020-5421
MLIST:[pulsar-commits] 20201028 [GitHub] [pulsar] merlimat merged pull request #8355: [Issue 8354][pulsar-io] Upgrade spring framework version to patch CVE-2020-5421 CVE-2020-5421
MLIST:[pulsar-commits] 20201215 [GitHub] [pulsar] yanshuchong opened a new issue #8967: CVSS issue list CVE-2013-7397 CVE-2013-7398 CVE-2016-2402 CVE-2017-1000487 CVE-2017-14063 CVE-2018-11746 CVE-2018-11747 CVE-2018-12541 CVE-2018-12542 CVE-2018-12544 CVE-2018-12636 CVE-2018-14040 CVE-2018-14042 CVE-2018-20200 CVE-2018-20676 CVE-2018-20677 CVE-2018-8088 CVE-2019-16869 CVE-2019-17571 CVE-2019-17638 CVE-2019-17640 CVE-2019-20444 CVE-2019-20445 CVE-2019-3552 CVE-2019-3558 CVE-2019-3559 CVE-2019-3564 CVE-2019-3565 CVE-2019-8331 CVE-2020-13956 CVE-2020-27216 CVE-2020-27218 CVE-2020-9488
MLIST:[pulsar-commits] 20201216 [GitHub] [pulsar] phijohns-tibco opened a new issue #8978: OpenSSL needs to be updated to 1.1.1i current version is unsupported. CVE-2020-1971
MLIST:[pulsar-commits] 20210119 [GitHub] [pulsar] fmiguelez opened a new issue #9235: Upgrade Bounce Castle dependency on client to solve CVE-2020-28052 CVE-2020-28052
MLIST:[pulsar-commits] 20210120 [GitHub] [pulsar] fmiguelez opened a new issue #9248: Upgrade Thrift dependency in broker to solve CVE-2019-0210 and CVE-2019-0205 CVE-2019-0205 CVE-2019-0210
MLIST:[pulsar-commits] 20210120 [GitHub] [pulsar] fmiguelez opened a new issue #9249: Upgrade Netty dependency in broker to solve vulnerabilities: CVE-2019-16869, CVE-2020-11612, CVE-2019-20445, CVE-2019-20444 CVE-2019-16869 CVE-2019-20444 CVE-2019-20445 CVE-2020-11612
MLIST:[pulsar-commits] 20210121 [GitHub] [pulsar-client-go] hrsakai opened a new pull request #446: Upgrade gogo/protobuf to 1.3.2 CVE-2021-3121
MLIST:[pulsar-commits] 20210121 [GitHub] [pulsar] hpvd commented on issue #9248: Upgrade Thrift dependency in broker to solve CVE-2019-0210 and CVE-2019-0205 CVE-2019-0205 CVE-2019-0210
MLIST:[pulsar-commits] 20210121 [GitHub] [pulsar] hpvd commented on issue #9249: Upgrade Netty dependency in broker to solve vulnerabilities: CVE-2019-16869, CVE-2020-11612, CVE-2019-20445, CVE-2019-20444 CVE-2019-16869 CVE-2019-20444 CVE-2019-20445 CVE-2020-11612
MLIST:[pulsar-commits] 20210122 [GitHub] [pulsar-client-go] hrsakai opened a new pull request #446: Upgrade gogo/protobuf to 1.3.2 CVE-2021-3121
MLIST:[pulsar-commits] 20210122 [GitHub] [pulsar] hpvd commented on issue #9248: Upgrade Thrift dependency in broker to solve CVE-2019-0210 and CVE-2019-0205 CVE-2019-0205 CVE-2019-0210
MLIST:[pulsar-commits] 20210122 [GitHub] [pulsar] hpvd commented on issue #9249: Upgrade Netty dependency in broker to solve vulnerabilities: CVE-2019-16869, CVE-2020-11612, CVE-2019-20445, CVE-2019-20444 CVE-2019-16869 CVE-2019-20444 CVE-2019-20445 CVE-2020-11612
MLIST:[pulsar-commits] 20210127 [GitHub] [pulsar] GLouMcK opened a new issue #9347: Security Vulnerabilities - Black Duck Scan CVE-2017-1000487 CVE-2018-8088 CVE-2019-17638
MLIST:[pulsar-commits] 20210329 [GitHub] [pulsar] aahmed-se opened a new pull request #10073: Upgrade Netty version to 4.1.60.final CVE-2021-21290 CVE-2021-21295
MLIST:[pulsar-commits] 20210329 [GitHub] [pulsar] merlimat closed issue #10071: CVE-2021-21295 & CVE-2021-21290 CVE-2021-21290 CVE-2021-21295
MLIST:[pulsar-commits] 20210329 [GitHub] [pulsar] yaswanthnadella opened a new issue #10071: CVE-2021-21295 & CVE-2021-21290 CVE-2021-21290 CVE-2021-21295
MLIST:[pulsar-commits] 20210406 [GitHub] [pulsar] lhotari commented on issue #9235: Upgrade Bounce Castle dependency on client to solve CVE-2020-28052 CVE-2020-28052
MLIST:[pulsar-commits] 20210406 [GitHub] [pulsar] lhotari opened a new pull request #10147: [Security] Upgrade junit version to 4.13.1 to resolve CVE-2020-15250 and fix test dependency leak CVE-2020-15250
MLIST:[pulsar-commits] 20210406 [GitHub] [pulsar] lhotari opened a new pull request #10149: Upgrade jclouds to 2.3.0 to fix security vulnerabilities CVE-2018-10237
MLIST:[pulsar-commits] 20210409 [GitHub] [pulsar] dinghram opened a new pull request #10183: CVE-2021-28165-Jetty CVE-2021-28165
MLIST:[pulsar-commits] 20210409 [GitHub] [pulsar] merlimat commented on pull request #10183: CVE-2021-28165-Jetty CVE-2021-28165
MLIST:[pulsar-commits] 20210412 [GitHub] [pulsar] jiazhai closed pull request #10183: CVE-2021-28165-Jetty CVE-2021-28165
MLIST:[pulsar-commits] 20210412 [GitHub] [pulsar] jiazhai commented on pull request #10183: CVE-2021-28165-Jetty CVE-2021-28165
MLIST:[pulsar-commits] 20210413 [GitHub] [pulsar] lhotari commented on pull request #10147: [Security] Upgrade junit version to 4.13.1 to resolve CVE-2020-15250 and fix test dependency leak CVE-2020-15250
MLIST:[pulsar-commits] 20210413 [GitHub] [pulsar] lhotari removed a comment on pull request #10147: [Security] Upgrade junit version to 4.13.1 to resolve CVE-2020-15250 and fix test dependency leak CVE-2020-15250
MLIST:[pulsar-commits] 20210414 [GitHub] [pulsar] lhotari commented on pull request #10147: [Security] Upgrade junit version to 4.13.1 to resolve CVE-2020-15250 and fix test dependency leak CVE-2020-15250
MLIST:[pulsar-commits] 20210414 [GitHub] [pulsar] lhotari removed a comment on pull request #10147: [Security] Upgrade junit version to 4.13.1 to resolve CVE-2020-15250 and fix test dependency leak CVE-2020-15250
MLIST:[pulsar-commits] 20210415 [GitHub] [pulsar] eolivelli merged pull request #10147: [Security] Upgrade junit version to 4.13.1 to resolve CVE-2020-15250 and fix test dependency leak CVE-2020-15250
MLIST:[pulsar-commits] 20210415 [GitHub] [pulsar] lhotari commented on pull request #10147: [Security] Upgrade junit version to 4.13.1 to resolve CVE-2020-15250 and fix test dependency leak CVE-2020-15250
MLIST:[pulsar-commits] 20210415 [GitHub] [pulsar] lhotari removed a comment on pull request #10147: [Security] Upgrade junit version to 4.13.1 to resolve CVE-2020-15250 and fix test dependency leak CVE-2020-15250
MLIST:[pulsar-commits] 20210415 [pulsar] branch master updated: [Security] Upgrade junit version to 4.13.1 to resolve CVE-2020-15250 and fix test dependency leak (#10147) CVE-2020-15250
MLIST:[pulsar-commits] 20210419 [GitHub] [pulsar] eolivelli merged pull request #10261: [Security] Upgrade vertx to 3.9.7, addresses CVE-2018-12541 CVE-2018-12541
MLIST:[pulsar-commits] 20210419 [GitHub] [pulsar] lhotari commented on pull request #10261: [Security] Upgrade vertx to 3.9.7, addresses CVE-2018-12541 CVE-2018-12541
MLIST:[pulsar-commits] 20210419 [GitHub] [pulsar] lhotari commented on pull request #10266: [Security] Upgrade Netty to 4.1.63.Final to address CVE-2021-21409 CVE-2021-21409
MLIST:[pulsar-commits] 20210419 [GitHub] [pulsar] lhotari edited a comment on pull request #10261: [Security] Upgrade vertx to 3.9.7, addresses CVE-2018-12541 CVE-2018-12541
MLIST:[pulsar-commits] 20210419 [GitHub] [pulsar] lhotari opened a new pull request #10261: [Security] Upgrade vertx to 3.9.7, addresses CVE-2018-12541 CVE-2018-12541
MLIST:[pulsar-commits] 20210419 [GitHub] [pulsar] lhotari opened a new pull request #10266: [Security] Upgrade Netty to 4.1.63.Final to address CVE-2021-21409 CVE-2021-21409
MLIST:[pulsar-commits] 20210419 [pulsar] branch master updated: [Security] Upgrade vertx to 3.9.7, addresses CVE-2018-12541 (#10261) CVE-2018-12541
MLIST:[pulsar-commits] 20210420 [GitHub] [pulsar] eolivelli merged pull request #10266: [Security] Upgrade Netty to 4.1.63.Final to address CVE-2021-21409 CVE-2021-21409
MLIST:[pulsar-commits] 20210420 [GitHub] [pulsar] lhotari opened a new pull request #10287: [Security] Upgrade commons-io to address CVE-2021-29425 CVE-2021-29425
MLIST:[pulsar-commits] 20210420 [GitHub] [pulsar] merlimat merged pull request #10287: [Security] Upgrade commons-io to address CVE-2021-29425 CVE-2021-29425
MLIST:[pulsar-commits] 20210429 [pulsar] branch branch-2.7 updated: [Security] Upgrade commons-io to address CVE-2021-29425 (#10287) CVE-2021-29425
MLIST:[pulsar-commits] 20210513 [pulsar] 30/46: [Security] Upgrade vertx to 3.9.7, addresses CVE-2018-12541 (#10261) CVE-2018-12541
MLIST:[pulsar-commits] 20210607 [GitHub] [pulsar] lhotari commented on issue #9248: Upgrade Thrift dependency in broker to solve CVE-2019-0210, CVE-2019-0205 and CVE-2020-13949 CVE-2019-0205 CVE-2019-0210 CVE-2020-13949
MLIST:[pulsar-commits] 20210610 [GitHub] [pulsar] lhotari opened a new pull request #10889: [Security] Upgrade vertx to 3.9.8 to address CVE-2019-17640 CVE-2019-17640
MLIST:[pulsar-commits] 20210621 [GitHub] [pulsar] lhotari merged pull request #10889: [Security] Upgrade vertx to 3.9.8 to address CVE-2019-17640 CVE-2019-17640
MLIST:[pulsar-commits] 20210625 [pulsar] 03/13: [Security] Upgrade vertx to 3.9.8 to address CVE-2019-17640 (#10889) CVE-2019-17640
MLIST:[pulsar-commits] 20210716 [GitHub] [pulsar] lhotari opened a new pull request #11345: [Security] Upgrade commons-compress to 1.21 CVE-2021-35515 CVE-2021-35516 CVE-2021-35517 CVE-2021-36090
MLIST:[pulsar-commits] 20210813 [GitHub] [pulsar] eolivelli closed issue #11659: Jetty is flagged with CVE-2021-34429 CVE-2021-34429
MLIST:[pulsar-commits] 20210813 [GitHub] [pulsar] eolivelli opened a new issue #11659: Jetty is flagged with CVE-2021-34429 CVE-2021-34429
MLIST:[pulsar-commits] 20210813 [GitHub] [pulsar] lhotari opened a new pull request #11660: [Security] Upgrade Jetty to 9.4.43.v20210629 CVE-2021-34429
MLIST:[pulsar-commits] 20211020 [GitHub] [pulsar] Shoothzj opened a new pull request #12437: [Security] Bump grpc to 1.41.0 CVE-2021-21290 CVE-2021-21295 CVE-2021-21409
MLIST:[pulsar-dev] 20210527 Cutting 2.6.4 release to address CVE-2021-22160 CVE-2021-22160
MLIST:[pulsar-dev] 20210527 Re: Cutting 2.6.4 release to address CVE-2021-22160 CVE-2021-22160
MLIST:[pulsar-dev] 20210527 Re: [SECURITY] [CVE-2021-22160] Authentication with JWT allows use of "none"-algorithm CVE-2021-22160
MLIST:[pulsar-dev] 20210531 Re: [DISCUSS] Propose More Formal Policy for Security Patches and EOL of Versions CVE-2021-22160
MLIST:[pulsar-dev] 20210604 Re: [DISCUSS] Propose More Formal Policy for Security Patches and EOL of Versions CVE-2021-22160
MLIST:[pulsar-users] 20210527 Re: [SECURITY] [CVE-2021-22160] Authentication with JWT allows use of "none"-algorithm CVE-2021-22160
MLIST:[pulseaudio-discuss] 20080124 [ANNOUNCE] PulseAudio 0.9.9 CVE-2008-0008
MLIST:[pulseaudio-discuss] 20140531 Remotely triggerable crash in module-rtp-recv CVE-2014-3970
MLIST:[puppet-announce] 20100105 ANNOUNCE: Puppet 0.25.2 "Zoe" now available! CVE-2010-0156
MLIST:[puppet-announce] 20100108 ANNOUNCE: Puppet 0.24.9 is available CVE-2010-0156
MLIST:[pure-ftpd] 20110308 Pure-FTPd 1.0.30 has been released CVE-2011-1575
MLIST:[pure-ftpd] 20110308 Re: Pure-FTPd 1.0.30 has been released CVE-2011-1575
MLIST:[pyOpenSSL-Users] 20130904 pyOpenSSL 0.13.1 CVE-2013-4314
MLIST:[python-dev] 20070824 tarfile and directory traversal vulnerability CVE-2007-4559
MLIST:[python-dev] 20070825 tarfile and directory traversal vulnerability CVE-2007-4559
MLIST:[qemu-devel] 20081123 [PATCH] Fix off-by-one bug limiting VNC passwords to 7 chars CVE-2008-5714
MLIST:[qemu-devel] 20081210 Re: [RESEND] [PATCH v2] Fix off-by-one bug limiting VNC passwords to 7 chars CVE-2008-5714
MLIST:[qemu-devel] 20090525 Re: [STABLE] [BUG] VNC mode can crash QEMU CVE-2009-3616
MLIST:[qemu-devel] 20151016 [Qemu-devel] [PATCH] eepro100: prevent an infinite loop over same comman CVE-2015-8345
MLIST:[qemu-devel] 20160809 [PATCH] hw/net: Fix a heap overflow in xlnx.xps-ethernetlite CVE-2016-7161
MLIST:[qemu-devel] 20160809 [PULL 3/3] hw/net: Fix a heap overflow in xlnx.xps-ethernetlite CVE-2016-7161
MLIST:[qemu-devel] 20160818 [PULL 1/2] net: vmxnet: use g_new for pkt initialisation CVE-2016-6888
MLIST:[qemu-devel] 20160831 [PATCH 1/2] scsi: mptconfig: fix format string CVE-2016-7157
MLIST:[qemu-devel] 20160831 [PATCH 2/2] scsi: mptconfig: fix an assert expression CVE-2016-7157
MLIST:[qemu-devel] 20160901 [PATCH v3] scsi: check page count while initialising descriptor rings CVE-2016-7155
MLIST:[qemu-devel] 20160906 [PATCH v2] scsi: pvscsi: check request descriptor SG element count CVE-2016-7156
MLIST:[qemu-devel] 20160906 [PATCH v3] scsi: pvscsi: avoid infinite loop while building SG list CVE-2016-7156
MLIST:[qemu-devel] 20170130 [PATCH RFC 00/36] 9pfs: local: fix vulnerability to symlink attacks CVE-2016-9602
MLIST:[qemu-devel] 20170206 [PATCH 05/18] nbd/client: fix drop_sync CVE-2017-2630
MLIST:[qemu-devel] 20170206 [PATCH] xhci: apply limits to loops CVE-2017-5973
MLIST:[qemu-devel] 20170213 Re: [Qemu-devel] [PATCH v3 1/4] sd: sdhci: check transfer mode register in multi block transfer CVE-2017-5987
MLIST:[qemu-devel] 20170216 [PATCH 2/5] NetRxPkt: Fix memory corruption on VLAN header stripping CVE-2017-6058
MLIST:[qemu-devel] 20170220 [PATCH 00/29] 9pfs: local: fix vulnerability to symlink attacks CVE-2016-9602
MLIST:[qemu-devel] 20170221 [PATCH] cirrus: add blit_is_unsafe call to cirrus_bitblt_cputovideo (CVE-2017-2620) CVE-2017-2620
MLIST:[qemu-devel] 20170328 [PULL 1/2] 9pfs: fix file descriptor leak CVE-2017-7377
MLIST:[qemu-devel] 20170410 [PULL] 9pfs: xattr: fix memory leak in v9fs_list_xattr CVE-2017-8086
MLIST:[qemu-devel] 20170425 Re: [PATCH] vmw_pvscsi: check message ring page count at initialisation CVE-2017-8112
MLIST:[qemu-devel] 20170428 [PATCH] audio: release capture buffers CVE-2017-8309
MLIST:[qemu-devel] 20170428 [PATCH] input: limit kbd queue depth CVE-2017-8379
MLIST:[qemu-devel] 20170512 [PULL 2/6] usb-redir: fix stack overflow in usbredir_log_data CVE-2017-10806
MLIST:[qemu-devel] 20170526 [PATCH] nbd: Fully initialize client in case of failed negotiation CVE-2017-9524
MLIST:[qemu-devel] 20170606 [PATCH 4/7] megasas: do not read DCMD opcode more than once CVE-2017-9503
MLIST:[qemu-devel] 20170606 [PATCH 7/7] megasas: always store SCSIRequest* into Megasas CVE-2017-9503
MLIST:[qemu-devel] 20170608 [PATCH] nbd: Fix regression on resiliency to port scan CVE-2017-9524
MLIST:[qemu-devel] 20170611 [PATCH] qemu-nbd: Ignore SIGPIPE CVE-2017-10664
MLIST:[qemu-devel] 20170713 [PULL 21/41] exec: use qemu_ram_ptr_length to access guest ram CVE-2017-11334
MLIST:[qemu-devel] 20170717 [PATCH] slirp: check len against dhcp options array end CVE-2017-11434
MLIST:[qemu-devel] 20170809 [Qemu-devel] [PATCH 1/2] IDE: Do not flush empty CDROM drives CVE-2017-12809
MLIST:[qemu-devel] 20170824 [PATCH] vga: stop passing pointers to vga_draw_line* functions CVE-2017-13672
MLIST:[qemu-devel] 20170826 [PATCH] slirp: fix clearing ifq_so from pending packets CVE-2017-13711
MLIST:[qemu-devel] 20170905 [PATCH] multiboot: validate multiboot header address values CVE-2017-14167
MLIST:[qemu-devel] 20171004 Re: [PATCH] 9pfs: use g_malloc0 to allocate space for xattr CVE-2017-15038
MLIST:[qemu-devel] 20171010 [PATCH v1 1/7] io: monitor encoutput buffer size from websocket GSource CVE-2017-15268
MLIST:[qemu-devel] 20171011 [PATCH v2] cirrus: fix oob access in mode4and5 write functions CVE-2017-15289
MLIST:[qemu-devel] 20171116 [PATCH v2] ps2: check PS2Queue indices in post_load routine CVE-2017-16845
MLIST:[qemu-devel] 20171201 [PULL 6/7] virtio: check VirtQueue Vring object is set CVE-2017-17381
MLIST:[qemu-devel] 20180228 [PATCH] multiboot: check mh_load_end_addr address field CVE-2018-7550
MLIST:[qemu-devel] 20180308 [PATCH] vga: fix region calculation CVE-2018-7858
MLIST:[qemu-devel] 20180605 [PATCH 1/2] slirp: correct size computation while concatenating mbuf CVE-2018-11806
MLIST:[qemu-devel] 20180822 [PATCH v4 4/4] seccomp: set the seccomp filter to all threads CVE-2018-15746
MLIST:[qemu-devel] 20180926 [PULL 22/25] rtl8139: fix possible out of bound access CVE-2018-17958
MLIST:[qemu-devel] 20180926 [PULL 23/25] pcnet: fix possible buffer overflow CVE-2018-17962
MLIST:[qemu-devel] 20180926 [PULL 24/25] net: ignore packet size greater than INT_MAX CVE-2018-17963
MLIST:[qemu-devel] 20181012 [PATCH v2 00/11] chardev: Convert IO handlers to use unsigned type CVE-2018-18438
MLIST:[qemu-devel] 20181012 [PATCH v2 07/11] chardev: Let IOReadHandler use unsigned type CVE-2018-18438
MLIST:[qemu-devel] 20181107 [PATCH] 9p: write lock path in v9fs_co_open2() CVE-2018-19364
MLIST:[qemu-devel] 20181115 [PATCH] 9p: take write lock on fid path updates CVE-2018-19364
MLIST:[qemu-devel] 20181119 [PATCH v2] bt: use size_t type for length parameters instead of int CVE-2018-19665
MLIST:[qemu-devel] 20181122 9p: fix QEMU crash when renaming files CVE-2018-19489
MLIST:[qemu-devel] 20181212 Re: [PATCH] pvrdma: release device resources in case of an error CVE-2018-20123
MLIST:[qemu-devel] 20181213 Re: [PATCH v2 2/6] pvrdma: add uar_read routine CVE-2018-20191
MLIST:[qemu-devel] 20181213 Re: [PATCH v2 6/6] pvrdma: check return value from pvrdma_idx_ring_has_ routines CVE-2018-20216
MLIST:[qemu-devel] 20181213 [PATCH v2 1/6] rdma: check num_sge does not exceed MAX_SGE CVE-2018-20124
MLIST:[qemu-devel] 20181213 [PATCH v2 3/6] pvrdma: check number of pages when creating rings CVE-2018-20125
MLIST:[qemu-devel] 20181213 [PATCH v2 4/6] pvrdma: release ring object in case of an error CVE-2018-20126
MLIST:[qpid-commits] 20190423 [qpid-site] branch asf-site updated: update site content for CVE-2019-0223 CVE-2016-2166 CVE-2016-4467
MLIST:[qpid-dev] 20190423 [SECURITY] CVE-2019-0223: Apache Qpid Proton TLS Man in the Middle Vulnerability CVE-2019-0223
MLIST:[qpid-dev] 20190423 [jira] [Updated] (PROTON-2014) [CVE-2019-0223] TLS Man in the Middle Vulnerability CVE-2019-0223
MLIST:[qpid-users] 20160527 [CVE-2016-4432] Apache Qpid Java Broker - authentication bypass CVE-2016-4432
MLIST:[qpid-users] 20180618 [SECURITY] [CVE-2018-8030] Apache Qpid Broker-J Denial of Service Vulnerability when AMQP 0-8...0-91 messages CVE-2018-8030
MLIST:[qpid-users] 20190301 [SECURITY] CVE-2019-0200: Apache Qpid Broker-J Denial of Service due to malformed AMQP 0-8 to 0-10 commands CVE-2019-0200
MLIST:[qpid-users] 20210309 Addressing CVE-2020-5258 in Qpid Broker-J CVE-2020-5258
MLIST:[qpid-users] 20210314 Re: Addressing CVE-2020-5258 in Qpid Broker-J CVE-2020-5258
MLIST:[qpid-users] 20210318 Re: Addressing CVE-2020-5258 in Qpid Broker-J CVE-2020-5258
MLIST:[qt-announce] 20130205 [Announce] [CVE-2013-0254] Qt Project Security Advisory: System V shared memory segments created world-writeable CVE-2013-0254
MLIST:[quagga-dev] 20060329 quagga locks with command sh ip bgp community 1:* CVE-2006-2276
MLIST:[quagga-dev] 20090203 [quagga-dev 6391] [PATCH] BGP 4-byte ASN bug fixes CVE-2009-1572
MLIST:[quagga-dev] 20130702 [quagga-dev 10568] ospfd, new_msg_lsa_change_notify: looks like a buffer overflow CVE-2013-2236
MLIST:[quagga-dev] 20160125 [quagga-dev 14619] SIGABRT while dumping BGP routes (bgpd) CVE-2016-4049
MLIST:[quagga-dev] 20160203 [quagga-dev 14663] Re: SIGABRT while dumping BGP routes (bgpd) CVE-2016-4049
MLIST:[quartzcomposer-dev] 20050510 Quartz Quicktime embedded in remote webpages... CVE-2005-1579
MLIST:[quartzcomposer-dev] 20050511 Re: Quartz Quicktime embedded in remote webpages... CVE-2005-1579
MLIST:[radsecproxy] 20120913 Radsecproxy is mixing up pre- and post-TLS-handshake client verification CVE-2012-4523 CVE-2012-4566
MLIST:[radsecproxy] 20120917 Radsecproxy 1.6.1 is out CVE-2012-4523
MLIST:[radsecproxy] 20121025 Radsecproxy 1.6.1 is out CVE-2012-4566
MLIST:[ranger-dev] 20150805 CVEs fixed in Ranger 0.5 CVE-2015-0265 CVE-2015-0266
MLIST:[ranger-dev] 20160205 CVE update (CVE-2015-5167 & CVE-2016-0733) - Fixed in Ranger 0.5.1 CVE-2015-5167 CVE-2016-0733
MLIST:[ranger-dev] 20160328 CVE update (CVE-2016-0735) - Fixed in Ranger 0.5.2 CVE-2016-0735
MLIST:[ranger-dev] 20191229 [jira] [Created] (RANGER-2681) CVE-2019-12397: Apache Ranger cross site scripting issue CVE-2019-12397
MLIST:[ranger-dev] 20191229 [jira] [Updated] (RANGER-2681) CVE-2019-12397: Apache Ranger cross site scripting issue CVE-2019-12397
MLIST:[ranger-dev] 20200121 [jira] [Commented] (RANGER-2681) CVE-2019-12397: Apache Ranger cross site scripting issue CVE-2018-11778 CVE-2019-12397
MLIST:[ranger-dev] 20200121 [jira] [Resolved] (RANGER-2681) CVE-2019-12397: Apache Ranger cross site scripting issue CVE-2018-11778 CVE-2019-12397
MLIST:[ranger-dev] 20200330 [jira] [Created] (RANGER-2770) Upgrade jackson-databind to version 2.10.0 [CVE-2020-8840] - (Ranger) CVE-2020-8840
MLIST:[ranger-dev] 20200330 [jira] [Updated] (RANGER-2770) Upgrade jackson-databind to version 2.10.0 [CVE-2020-8840] - (Ranger) CVE-2020-8840
MLIST:[ranger-dev] 20200408 Re: Review Request 72332: RANGER-2770 : Upgrade jackson-databind to version 2.10.0 [CVE-2020-8840] - (Ranger) CVE-2020-8840
MLIST:[ranger-dev] 20200408 Review Request 72332: RANGER-2770 : Upgrade jackson-databind to version 2.10.0 [CVE-2020-8840] - (Ranger) CVE-2020-8840
MLIST:[ranger-dev] 20200415 [jira] [Commented] (RANGER-2770) Upgrade jackson-databind to version 2.10.0 [CVE-2020-8840] - (Ranger) CVE-2020-8840
MLIST:[ranger-dev] 20200416 Re: Review Request 72332: RANGER-2770 : Upgrade jackson-databind to version 2.9.10.4 [CVE-2020-8840] - (Ranger) CVE-2020-8840
MLIST:[ranger-dev] 20200416 [jira] [Updated] (RANGER-2770) Upgrade jackson-databind to version 2.10.0 [CVE-2020-8840] - (Ranger) CVE-2020-8840
MLIST:[ranger-dev] 20200417 Re: Review Request 72332: RANGER-2770 : Upgrade jackson-databind to version 2.9.10.4 [CVE-2020-8840] - (Ranger) CVE-2020-8840
MLIST:[ranger-dev] 20200417 [jira] [Updated] (RANGER-2770) Upgrade jackson-databind to version 2.10.0 [CVE-2020-8840] - (Ranger) CVE-2020-8840
MLIST:[ranger-dev] 20200427 [jira] [Commented] (RANGER-2770) Upgrade jackson-databind to version 2.10.0 [CVE-2020-8840] - (Ranger) CVE-2020-8840
MLIST:[ranger-dev] 20200427 [jira] [Resolved] (RANGER-2770) Upgrade jackson-databind to version 2.10.0 [CVE-2020-8840] - (Ranger) CVE-2020-8840
MLIST:[ranger-dev] 20200430 Re: Review Request 72332: RANGER-2770 : Upgrade jackson-databind to version 2.9.10.4 [CVE-2020-8840] - (Ranger) CVE-2020-8840
MLIST:[ranger-dev] 20200507 [jira] [Commented] (RANGER-2770) Upgrade jackson-databind to version 2.10.0 [CVE-2020-8840] - (Ranger) CVE-2020-8840
MLIST:[ranger-dev] 20200514 [jira] [Updated] (RANGER-2770) Upgrade jackson-databind to version 2.10.0 [CVE-2020-8840] - (Ranger) CVE-2020-8840
MLIST:[ranger-dev] 20201007 Re: Review Request 72934: RANGER-3022: Upgrade Spring framework to version 4.3.29.RELEASE CVE-2020-5421
MLIST:[ranger-dev] 20201204 [jira] [Assigned] (RANGER-3100) Upgrade httpclient version from 4.5.6 to 4.5.13+ due to CVE-2020-13956 CVE-2020-13956
MLIST:[ranger-dev] 20201204 [jira] [Updated] (RANGER-3100) Upgrade httpclient version from 4.5.6 to 4.5.13+ due to CVE-2020-13956 CVE-2020-13956
MLIST:[ranger-dev] 20201215 [jira] [Commented] (RANGER-3100) Upgrade httpclient version from 4.5.6 to 4.5.13+ due to CVE-2020-13956 CVE-2020-13956
MLIST:[ranger-dev] 20201215 [jira] [Updated] (RANGER-3100) Upgrade httpclient version from 4.5.6 to 4.5.13+ due to CVE-2020-13956 CVE-2020-13956
MLIST:[ranger-dev] 20201216 [jira] [Commented] (RANGER-3100) Upgrade httpclient version from 4.5.6 to 4.5.13+ due to CVE-2020-13956 CVE-2020-13956
MLIST:[ranger-dev] 20210317 [jira] [Assigned] (RANGER-3209) Upgrade netty to 4.1.60+ due to CVE-2021-21290 and CVE-2021-21295 CVE-2021-21290 CVE-2021-21295
MLIST:[ranger-dev] 20210317 [jira] [Created] (RANGER-3209) Upgrade netty to 4.1.60+ due to CVE-2021-21290 and CVE-2021-21295 CVE-2021-21290 CVE-2021-21295
MLIST:[ranger-dev] 20211028 [jira] [Commented] (RANGER-3100) Upgrade httpclient version from 4.5.6 to 4.5.13+ due to CVE-2020-13956 CVE-2020-13956
MLIST:[rdiffweb-discuss] 20070329 New features and changes to rdiffweb CVE-2007-2747
MLIST:[rocketmq-commits] 20210311 [rocketmq] branch develop updated: [ISSUE #1233] Fix CVE-2011-1473 CVE-2011-1473
MLIST:[rocketmq-dev] 20190527 [GitHub] [rocketmq] bix29 opened a new issue #1233: TLS Client-initiated renegotiation attack (CVE-2011-1473) CVE-2011-1473
MLIST:[rocketmq-dev] 20190801 [GitHub] [rocketmq] duhenglucky commented on issue #1233: TLS Client-initiated renegotiation attack (CVE-2011-1473) CVE-2011-1473
MLIST:[rocketmq-dev] 20191024 [GitHub] [rocketmq] Journey-x commented on issue #1233: TLS Client-initiated renegotiation attack (CVE-2011-1473) CVE-2011-1473
MLIST:[rocketmq-dev] 20200305 [GitHub] [rocketmq] ShadowySpirits commented on issue #1233: TLS Client-initiated renegotiation attack (CVE-2011-1473) CVE-2011-1473
MLIST:[rocketmq-dev] 20200305 [GitHub] [rocketmq] ShadowySpirits opened a new pull request #1820: [ISSUE #1233] Fix CVE-2011-1473 CVE-2011-1473
MLIST:[rocketmq-dev] 20200305 [GitHub] [rocketmq] coveralls commented on issue #1820: [ISSUE #1233] Fix CVE-2011-1473 CVE-2011-1473
MLIST:[rocketmq-dev] 20201223 [GitHub] [rocketmq] crazywen opened a new pull request #2515: Update pom.xml CVE-2019-10086
MLIST:[rocketmq-dev] 20201224 [GitHub] [rocketmq] codecov-io commented on pull request #2517: fix CVE-2019-16869, CVE-2018-8020 CVE-2018-8020 CVE-2019-16869
MLIST:[rocketmq-dev] 20201224 [GitHub] [rocketmq] coveralls commented on pull request #2517: fix CVE-2019-16869, CVE-2018-8020 CVE-2018-8020 CVE-2019-16869
MLIST:[rocketmq-dev] 20201224 [GitHub] [rocketmq] crazywen opened a new pull request #2517: fix CVE-2019-16869, CVE-2018-8020 CVE-2018-8020 CVE-2019-16869
MLIST:[rocketmq-dev] 20210311 [GitHub] [rocketmq] mouzz commented on pull request #1820: [ISSUE #1233] Fix CVE-2011-1473 CVE-2011-1473
MLIST:[rocketmq-dev] 20210311 [GitHub] [rocketmq] vongosling closed issue #1233: TLS Client-initiated renegotiation attack (CVE-2011-1473) CVE-2011-1473
MLIST:[rocketmq-dev] 20210311 [GitHub] [rocketmq] vongosling merged pull request #1820: [ISSUE #1233] Fix CVE-2011-1473 CVE-2011-1473
MLIST:[rocketmq-dev] 20210317 [GitHub] [rocketmq-externals] vongosling commented on issue #690: Spring Framework CVE-2020-5398 CVE-2020-5398
MLIST:[rocketmq-dev] 20210327 [GitHub] [rocketmq] liufeiguo commented on pull request #1820: [ISSUE #1233] Fix CVE-2011-1473 CVE-2011-1473
MLIST:[rocketmq-dev] 20210420 [GitHub] [rocketmq] mouzz commented on pull request #1820: [ISSUE #1233] Fix CVE-2011-1473 CVE-2011-1473
MLIST:[rocketmq-dev] 20210420 [GitHub] [rocketmq] mouzz removed a comment on pull request #1820: [ISSUE #1233] Fix CVE-2011-1473 CVE-2011-1473
MLIST:[roller-commits] 20190820 [jira] [Created] (ROL-2150) Fix Js security vulnerabilities detected using retire js CVE-2015-9251 CVE-2019-11358
MLIST:[roller-dev] 20140111 CVE-2014-0030 Apache Roller XML-RPC susceptible to XML Entended Entity attacks CVE-2014-0030
MLIST:[roller-user] 20210830 Fwd: [CVE-2019-0234] Reflected Cross-site Scripting (XSS) Vulnerability CVE-2019-0234
MLIST:[rssh-discuss] 20120508 Re: rssh security announcement CVE-2012-3478
MLIST:[rsyncrypto-devel] 20080523 Advisory - Rsyncrypto maybe affected from Debian OpenSSL reduced entropy problem CVE-2008-0166
MLIST:[rt-announce] 20091130 SECURITY - RT 3.6.10 Released CVE-2009-3585 CVE-2009-4151
MLIST:[rt-announce] 20091130 SECURITY - Session Fixation Vulnerability in RT 3.0.0-3.8.5 CVE-2009-3585 CVE-2009-4151
MLIST:[rt-announce] 20110216 RT 3.8.9 Released CVE-2011-1007 CVE-2011-1008
MLIST:[rt-announce] 20110414 RT 3.6.11 Released - Security Release CVE-2011-1686 CVE-2011-1687 CVE-2011-1688 CVE-2011-1689 CVE-2011-1690
MLIST:[rt-announce] 20110414 RT 3.8.10 Released - Security Release CVE-2011-1685 CVE-2011-1686 CVE-2011-1687 CVE-2011-1688 CVE-2011-1689 CVE-2011-1690
MLIST:[rt-announce] 20110414 Security vulnerabilities in RT CVE-2011-1685 CVE-2011-1686 CVE-2011-1687 CVE-2011-1688 CVE-2011-1689 CVE-2011-1690
MLIST:[rt-announce] 20120522 RT 3.8.12 Released - Security Release CVE-2011-2082 CVE-2011-2083 CVE-2011-2084 CVE-2011-2085 CVE-2011-4458 CVE-2011-4459 CVE-2011-4460 CVE-2011-5092 CVE-2011-5093
MLIST:[rt-announce] 20120522 RT 4.0.6 Released - Security Release CVE-2011-2082 CVE-2011-2083 CVE-2011-2084 CVE-2011-2085 CVE-2011-4458 CVE-2011-4459 CVE-2011-4460 CVE-2011-5092 CVE-2011-5093
MLIST:[rt-announce] 20120522 Security vulnerabilities in RT CVE-2011-2082 CVE-2011-2083 CVE-2011-2084 CVE-2011-2085 CVE-2011-4458 CVE-2011-4459 CVE-2011-4460 CVE-2011-5092 CVE-2011-5093
MLIST:[rt-announce] 20120725 Security vulnerabilities in three commonly deployed RT extensions CVE-2012-2768 CVE-2012-2769 CVE-2012-2770
MLIST:[rt-announce] 20121025 RTFM 2.4.5 Released CVE-2012-4731
MLIST:[rt-announce] 20121025 Security vulnerabilities in RT CVE-2012-4730 CVE-2012-4731 CVE-2012-4732 CVE-2012-4734 CVE-2012-4884 CVE-2012-6578 CVE-2012-6579 CVE-2012-6580 CVE-2012-6581
MLIST:[rt-announce] 20130522 RT 3.8.17 released CVE-2013-3368 CVE-2013-3369 CVE-2013-3370 CVE-2013-3371 CVE-2013-3372 CVE-2013-3373 CVE-2013-3374 CVE-2013-5587
MLIST:[rt-announce] 20130522 RT 4.0.13 released CVE-2012-4733 CVE-2013-3368 CVE-2013-3369 CVE-2013-3370 CVE-2013-3371 CVE-2013-3372 CVE-2013-3373 CVE-2013-3374 CVE-2013-5587
MLIST:[rt-announce] 20130522 Security vulnerabilities in RT CVE-2012-4733 CVE-2013-3368 CVE-2013-3369 CVE-2013-3370 CVE-2013-3371 CVE-2013-3372 CVE-2013-3373 CVE-2013-3374 CVE-2013-5587
MLIST:[rt-announce] 20130612 Security vulnerability in RT::Extension::MobileUI CVE-2013-3736 CVE-2013-3737
MLIST:[rt-announce] 20140612 RT 4.2.5 released CVE-2014-1474
MLIST:[ruby-list] 20100619 ANN: ActiveScriptRuby 1.8.7 CVE-2012-1241
MLIST:[ruby-security-ann] 20131016 Possible DoS Vulnerability in Action Mailer (CVE-2013-4389) CVE-2013-4389
MLIST:[ruby-security-ann] 20131114 [CVE-2013-4562] RubyGem omniauth-facebook CSRF vulnerability CVE-2013-4562
MLIST:[ruby-security-ann] 20131203 [CVE-2013-4491] Reflective XSS Vulnerability in Ruby on Rails CVE-2013-4491
MLIST:[ruby-security-ann] 20131203 [CVE-2013-6414] Denial of Service Vulnerability in Action View CVE-2013-6414
MLIST:[ruby-security-ann] 20131203 [CVE-2013-6415] XSS Vulnerability in number_to_currency CVE-2013-6415
MLIST:[ruby-security-ann] 20131203 [CVE-2013-6416] XSS Vulnerability in simple_format helper CVE-2013-6416
MLIST:[ruby-security-ann] 20131203 [CVE-2013-6417] Incomplete fix to CVE-2013-0155 (Unsafe Query Generation Risk) CVE-2013-6417
MLIST:[ruby-security-ann] 20160125 [CVE-2015-7576] Timing attack vulnerability in basic authentication in Action Controller. CVE-2015-7576
MLIST:[ruby-security-ann] 20160125 [CVE-2015-7577] Nested attributes rejection proc bypass in Active Record. CVE-2015-7577
MLIST:[ruby-security-ann] 20160125 [CVE-2015-7578] Possible XSS vulnerability in rails-html-sanitizer CVE-2015-7578
MLIST:[ruby-security-ann] 20160125 [CVE-2015-7579] XSS vulnerability in rails-html-sanitizer CVE-2015-7579
MLIST:[ruby-security-ann] 20160125 [CVE-2015-7581] Object leak vulnerability for wildcard controller routes in Action Pack CVE-2015-7581
MLIST:[ruby-security-ann] 20160125 [CVE-2016-0751] Possible Object Leak and Denial of Service attack in Action Pack CVE-2016-0751
MLIST:[ruby-security-ann] 20160125 [CVE-2016-0752] Possible Information Leak Vulnerability in Action View CVE-2016-0752
MLIST:[ruby-security-ann] 20160125 [CVE-2016-0753] Possible Input Validation Circumvention in Active Model CVE-2016-0753
MLIST:[ruby-security-ann] 20160229 [CVE-2016-0752] Possible Information Leak Vulnerability in Action View CVE-2016-2097
MLIST:[ruby-security-ann] 20160229 [CVE-2016-2098] Possible remote code execution vulnerability in Action Pack CVE-2016-2098
MLIST:[ruby-security-ann] 20160811 [CVE-2016-6316] Possible XSS Vulnerability in Action View CVE-2016-6316
MLIST:[ruby-security-ann] 20160811 [CVE-2016-6317] Unsafe Query Generation Risk in Active Record CVE-2016-6317
MLIST:[ruby-talk] 20100702 Re: [ANN][Security] Ruby 1.9.1-p429 is out CVE-2010-2489
MLIST:[ruby-talk] 20111228 [ANN] ruby 1.8.7 patchlevel 357 released CVE-2011-4815
MLIST:[rubyonrails-security] 20090610 DoS Vulnerability in Ruby (CVE-2009-1904) CVE-2009-1904
MLIST:[rubyonrails-security] 20090904 XSS Vulnerability in Ruby on Rails CVE-2009-3009
MLIST:[rubyonrails-security] 20091127 XSS Weakness in strip_tags CVE-2009-4214
MLIST:[rubyonrails-security] 20110209 CSRF Protection Bypass in Ruby on Rails CVE-2011-0447
MLIST:[rubyonrails-security] 20110209 Filter Problems on Case-Insensitive Filesystems CVE-2011-0449
MLIST:[rubyonrails-security] 20110209 Potential SQL Injection in Rails 3.0.x CVE-2011-0448
MLIST:[rubyonrails-security] 20110209 Potential XSS Problem with mail_to :encode => :javascript CVE-2011-0446
MLIST:[rubyonrails-security] 20110816 Filter Skipping Vulnerability in Ruby on Rails 3.0 CVE-2011-2929
MLIST:[rubyonrails-security] 20110816 Response Splitting Vulnerability in Ruby on Rails CVE-2011-3186
MLIST:[rubyonrails-security] 20110816 SQL Injection Vulnerability in quote_table_name CVE-2011-2930
MLIST:[rubyonrails-security] 20110816 XSS Vulnerability in strip_tags helper CVE-2011-2931
MLIST:[rubyonrails-security] 20110816 XSS Vulnerability in the escaping function in Ruby on Rails CVE-2011-2932
MLIST:[rubyonrails-security] 20111118 XSS vulnerability in the translate helper method in Ruby on Rails CVE-2011-4319
MLIST:[rubyonrails-security] 20120301 Possible XSS Security Vulnerability in SafeBuffer#[] CVE-2012-1098
MLIST:[rubyonrails-security] 20120301 XSS Vulnerability in the select helper CVE-2012-1099
MLIST:[rubyonrails-security] 20120531 SQL Injection Vulnerability in Ruby on Rails (CVE-2012-2661) CVE-2012-2661
MLIST:[rubyonrails-security] 20120531 Unsafe Query Generation Risk in Ruby on Rails (CVE-2012-2660) CVE-2012-2660
MLIST:[rubyonrails-security] 20120612 Ruby on Rails SQL Injection (CVE-2012-2695) CVE-2012-2695
MLIST:[rubyonrails-security] 20120612 Ruby on Rails Unsafe Query Generation Risk in Ruby on Rails (CVE-2012-2694) CVE-2012-2694
MLIST:[rubyonrails-security] 20120726 Ruby on Rails DoS Vulnerability in authenticate_or_request_with_http_digest (CVE-2012-3424) CVE-2012-3424
MLIST:[rubyonrails-security] 20120810 Potential XSS Vulnerability in Ruby on Rails CVE-2012-3464
MLIST:[rubyonrails-security] 20120810 Ruby on Rails Potential XSS Vulnerability in select_tag prompt CVE-2012-3463
MLIST:[rubyonrails-security] 20120810 XSS Vulnerability in strip_tags CVE-2012-3465
MLIST:[rubyonrails-security] 20130102 SQL Injection Vulnerability in Ruby on Rails (CVE-2012-5664) CVE-2012-6496
MLIST:[rubyonrails-security] 20130108 Unsafe Query Generation Risk in Ruby on Rails (CVE-2013-0155) CVE-2013-0155
MLIST:[rubyonrails-security] 20130207 Potential Query Manipulation with Common Rails Practises CVE-2013-3221
MLIST:[rubyonrails-security] 20130318 [CVE-2013-1857] XSS Vulnerability in the `sanitize` helper of Ruby on Rails CVE-2013-1857
MLIST:[rubyonrails-security] 20140218 Data Injection Vulnerability in Active Record (CVE-2014-0080) CVE-2014-0080
MLIST:[rubyonrails-security] 20140218 Denial of Service Vulnerability in Action View when using render :text (CVE-2014-0082) CVE-2014-0082
MLIST:[rubyonrails-security] 20140218 XSS Vulnerability in number_to_currency, number_to_percentage and number_to_human (CVE-2014-0081) CVE-2014-0081
MLIST:[rubyonrails-security] 20140702 [CVE-2014-3482] [CVE-2014-3483] Two Active Record SQL Injection Vulnerabilities Affecting PostgreSQL CVE-2014-3482 CVE-2014-3483
MLIST:[rubyonrails-security] 20140818 [Ruby on Rails] [CVE-2014-3514] Strong Parameter bypass with create_with CVE-2014-3514
MLIST:[rubyonrails-security] 20141030 Arbitrary file existence disclosure in Action Pack (CVE-2014-7818) CVE-2014-7818
MLIST:[rubyonrails-security] 20141117 [CVE-2014-7829] Arbitrary file existence disclosure in Action Pack CVE-2014-7829
MLIST:[rubyonrails-security] 20150616 [CVE-2015-1840] CSRF Vulnerability in jquery-ujs and jquery-rails CVE-2015-1840
MLIST:[rubyonrails-security] 20150616 [CVE-2015-3224] IP whitelist bypass in Web Console CVE-2015-3224
MLIST:[rubyonrails-security] 20150616 [CVE-2015-3225] Potential Denial of Service Vulnerability in Rack CVE-2015-3225
MLIST:[rubyonrails-security] 20150616 [CVE-2015-3226] XSS Vulnerability in ActiveSupport::JSON.encode CVE-2015-3226
MLIST:[rubyonrails-security] 20150616 [CVE-2015-3227] Possible Denial of Service attack in Active Support CVE-2015-3227
MLIST:[rubyonrails-security] 20160125 [CVE-2015-7580] Possible XSS vulnerability in rails-html-sanitizer CVE-2015-7580
MLIST:[s-nail-users] 20170127 [ANN]ounce of S-nail v14.8.16 ("Copris lunaris") CVE-2017-5899
MLIST:[salt-users] 20181024 2017.7.8 Released - Security Advisory CVE-2018-15750 CVE-2018-15751
MLIST:[salt-users] 20181024 2018.3.3 Released - Security Advisory CVE-2018-15750 CVE-2018-15751
MLIST:[samba-announce] 20120625 [Announce] Samba 3.6.6 Available for Download CVE-2013-0454
MLIST:[samba-technical] 20020613 struct enum_csc_policy isn't terminated CVE-2002-2196
MLIST:[samba-technical] 20100205 Claimed Zero Day exploit in Samba. CVE-2010-0926
MLIST:[samba-technical] 20100205 Re: Claimed Zero Day exploit in Samba. CVE-2010-0926
MLIST:[samba-technical] 20100205 re: Claimed Zero Day exploit in Samba. CVE-2010-0926
MLIST:[samba-technical] 20100206 Re: Claimed Zero Day exploit in Samba. CVE-2010-0926
MLIST:[samba-technical] 20100207 Re: Claimed Zero Day exploit in Samba. CVE-2010-0926
MLIST:[samba-technical] 20140711 ANNOUNCE: cifs-utils release 6.4 ready for download CVE-2014-2830
MLIST:[samza-commits] 20210310 [GitHub] [samza] Telesia opened a new pull request #1471: SAMZA-2630: Upgrade dependencies for security fixes CVE-2015-6420 CVE-2018-10237 CVE-2020-27216 CVE-2020-27218
MLIST:[sane-devel] 20170211 Bug#854804: saned: SANE_NET_CONTROL_OPTION response packet may contain memory contents of the server CVE-2017-6318
MLIST:[sane-devel] 20170219 Bug#854804: saned: SANE_NET_CONTROL_OPTION response packet may contain memory contents of the server CVE-2017-6318
MLIST:[sane-devel] 20170225 CVE-2017-6318 (old: Bug#854804: saned: SANE_NET_CONTROL_OPTION response packet may contain memory contents of the server) CVE-2017-6318
MLIST:[santuario-commits] 20190823 svn commit: r1049214 - in /websites/production/santuario/content: cache/main.pageCache download.html index.html javaindex.html javareleasenotes.html secadv.data/CVE-2019-12400.asc secadv.html CVE-2013-0002 CVE-2013-2153 CVE-2013-2154 CVE-2013-2155 CVE-2013-2156 CVE-2013-4517 CVE-2014-8152
MLIST:[santuario-commits] 20210917 svn commit: r1076843 - in /websites/production/santuario/content: cache/main.pageCache index.html javaindex.html secadv.data/CVE-2021-40690.txt.asc secadv.html CVE-2013-0021 CVE-2013-2153 CVE-2013-2154 CVE-2013-2155 CVE-2013-2156 CVE-2013-4517 CVE-2014-8152 CVE-2019-12400
MLIST:[santuario-dev] 20190905 Re: [CVE-2019-12400] Apache Santuario potentially loads XML parsing code from an untrusted source CVE-2019-12400
MLIST:[santuario-dev] 20190906 Re: [CVE-2019-12400] Apache Santuario potentially loads XML parsing code from an untrusted source CVE-2019-12400
MLIST:[santuario-dev] 20210323 [GitHub] [santuario-xml-security-java] dependabot[bot] opened a new pull request #33: Bump dependency-check-maven from 6.1.2 to 6.1.3 CVE-2020-13936
MLIST:[santuario-dev] 20210817 [GitHub] [santuario-xml-security-java] dependabot[bot] opened a new pull request #52: Bump jetty.version from 9.4.42.v20210604 to 9.4.43.v20210629 CVE-2021-34429
MLIST:[scadasec] 20081211 Checkpoint Sources plus SPLAT Remote Root Exploit. CVE-2008-5850
MLIST:[screen-devel] 20170124 [bug #50142] root exploit 4.5.0 CVE-2017-5618
MLIST:[secure-testing-announce] 20050828 [DTSA-6-1] New cgiwrap packages fix multiple vulnerabilities CVE-2005-3254 CVE-2005-3255
MLIST:[secure-testing-commits] 20081103 r10251 - data/CVE CVE-2008-4539
MLIST:[secure-testing-commits] 20171206 r58306 - data/CVE CVE-2017-0861
MLIST:[secureideas-base-devel] 20060328 3 XSS in BASE 1.2.4 CVE-2006-1590
MLIST:[security-announce] 20060815 Proxy Generation Tool Vulnerability CVE-2006-4232
MLIST:[security-announce] 20060815 Temporary File Handling Vulnerability CVE-2006-4233
MLIST:[security-announce] 20070206 rPSA-2007-0025-1 postgresql postgresql-server CVE-2007-0555 CVE-2007-0556
MLIST:[security-announce] 20070209 rPSA-2006-0233-1 dbus dbus-glib dbus-qt dbus-x11 CVE-2006-6107
MLIST:[security-announce] 20070409 Globus Security Advisory 2007-02: GSI-OpenSSH vulnerability CVE-2006-4924 CVE-2006-5051
MLIST:[security-announce] 20070906 rPSA-2007-0179-2 krb5 krb5-server krb5-services krb5-test krb5-workstation CVE-2007-3999
MLIST:[security-announce] 20080317 VMSA-2008-0005 Updated VMware Workstation, VMware Player, VMware Server, VMware ACE, and VMware Fusion resolve critical security issues CVE-2007-5269 CVE-2007-5618 CVE-2008-0923 CVE-2008-1340 CVE-2008-1361 CVE-2008-1362 CVE-2008-1363 CVE-2008-1364 CVE-2008-1392
MLIST:[security-announce] 20080403 Globus Security Advisory 2008-01: GSI-OpenSSH vulnerability CVE-2008-1483
MLIST:[security-announce] 20080918 VMSA-2008-0015 Updated ESXi and ESX 3.5 packages address critical security issue in openwsman CVE-2008-2234
MLIST:[security-announce] 20090403 VMSA-2009-0005 VMware Hosted products, VI Client and patches for ESX and ESXi resolve multiple security issues CVE-2008-3761 CVE-2008-4916 CVE-2009-0177 CVE-2009-0518 CVE-2009-0908 CVE-2009-0909 CVE-2009-0910 CVE-2009-1146 CVE-2009-1147
MLIST:[security-announce] 20090410 VMSA-2009-0006 VMware Hosted products and patches for ESX and ESXi resolve a critical security vulnerability CVE-2009-1244
MLIST:[security-announce] 20090701 VMSA-2009-0008 ESX Service Console update for krb5 CVE-2009-0846
MLIST:[security-announce] 20090820 VMSA-2009-0010 VMware Hosted products update libpng and Apache HTTP Server CVE-2006-5752 CVE-2007-3304 CVE-2007-5000 CVE-2007-6388 CVE-2008-0005
MLIST:[security-announce] 20090831 VMSA-2009-0011 VMware Studio 2.0 addresses a security issue in the public beta version of Studio 2.0 CVE-2009-2968
MLIST:[security-announce] 20090904 VMSA-2009-0012 VMware Movie Decoder, VMware Workstation, VMware Player, and VMware ACE resolve security issues. CVE-2009-0199 CVE-2009-2628
MLIST:[security-announce] 20091001 VMSA-2009-0013 VMware Fusion resolves two security issues CVE-2009-3281 CVE-2009-3282
MLIST:[security-announce] 20091027 VMSA-2009-0015 VMware hosted products and ESX patches resolve two security issues CVE-2009-2267 CVE-2009-3733
MLIST:[security-announce] 20091215 VMSA-2009-0017 VMware vCenter, ESX patch and vCenter Lab Manager releases address cross-site scripting issues CVE-2009-3731
MLIST:[security-announce] 20100303 VMSA-2010-0004 ESX Service Console and vMA third party updates CVE-2008-3916 CVE-2009-0115 CVE-2009-1387 CVE-2009-2695 CVE-2009-2849 CVE-2009-3228 CVE-2009-3286 CVE-2009-3560 CVE-2009-3563 CVE-2009-3720
MLIST:[security-announce] 20100329 VMSA-2010-0005 VMware products address vulnerabilities in WebAccess CVE-2009-2277 CVE-2010-0686 CVE-2010-1137 CVE-2010-1193
MLIST:[security-announce] 20100409 VMSA-2010-0007 VMware hosted products, vCenter Server and ESX patches resolve multiple security issues CVE-2009-1564 CVE-2009-1565 CVE-2009-2042 CVE-2009-3707 CVE-2009-3732 CVE-2009-4811 CVE-2010-1138 CVE-2010-1139 CVE-2010-1140 CVE-2010-1141 CVE-2010-1142
MLIST:[security-announce] 20100505 VMSA-2010-0008 VMware View 3.1.3 addresses an important cross-site scripting vulnerability CVE-2010-1143
MLIST:[security-announce] 20100712 VMSA-2010-0011 VMware Studio 2.1 addresses security vulnerabilities in virtual appliances created with Studio 2.0 CVE-2010-2427 CVE-2010-2667
MLIST:[security-announce] 20100923 VMSA-2010-0014 VMware Workstation, Player, and ACE address several security issues CVE-2010-0205 CVE-2010-0425 CVE-2010-1205 CVE-2010-3277
MLIST:[security-announce] 20101202 VMSA-2010-0018 VMware hosted products and ESX patches resolve multiple security issues CVE-2010-4294 CVE-2010-4295 CVE-2010-4296 CVE-2010-4297
MLIST:[security-announce] 20101221 VMSA-2010-0020 VMware ESXi 4.1 Update Installer SFCB Authentication Flaw CVE-2010-4573
MLIST:[security-announce] 20110118 Globus Security Advisory 2011-01: myproxy-logon identity checking of server CVE-2011-0738
MLIST:[security-announce] 20110207 VMSA-2011-0002 Cisco Nexus 1000V VEM updates address denial of service in VMware ESX/ESXi CVE-2011-0355
MLIST:[security-announce] 20110307 VMSA-2011-0004 VMware ESX/ESXi SLPD denial of service vulnerability and ESX third party updates for Service Console packages bind, pam, and rpm CVE-2010-3609 CVE-2010-3613 CVE-2010-3614 CVE-2010-3762
MLIST:[security-announce] 20110330 UPDATED VMSA-2011-0006.1 VMware vmrun utility local privilege escalation CVE-2011-1126
MLIST:[security-announce] 20110428 VMSA-2011-0007 VMware ESXi and ESX Denial of Service and third party updates for Likewise components and ESX Service Console CVE-2010-1323 CVE-2010-1324 CVE-2010-4020 CVE-2010-4021 CVE-2011-1785 CVE-2011-1786
MLIST:[security-announce] 20110505 VMSA-2011-0008 VMware vCenter Server and vSphere Client security vulnerabilities CVE-2011-0426 CVE-2011-1788 CVE-2011-1789
MLIST:[security-announce] 20140315 Announce: OpenSSH 6.6 released CVE-2014-2532
MLIST:[security] 20060906 Re: mailman 2.1.5-8sarge3: screwup between security and maintainer upload CVE-2006-2191
MLIST:[security] 20070321 MyOpenID CVE-2007-1651 CVE-2007-1652
MLIST:[security] 20070322 MyOpenID CVE-2007-1651 CVE-2007-1652
MLIST:[security] 20170806 SDP Parser: out-of-memory condition (CVE-2017-11521) CVE-2017-11521
MLIST:[security] 20170806 ares_parse_a_reply out-of-bounds read (CVE=2017-9454) CVE-2017-9454
MLIST:[selinux] 20160923 [PATCH 2/2] sandbox: create a new session for sandboxed processes CVE-2016-7545
MLIST:[sentry-dev] 20160804 CVE-2016-0760: Hive builtin functions "reflect", "reflect2", and "java_method" are not blocked in Apache Sentry CVE-2016-0760
MLIST:[server-user] 20171019 Announce: Apache James 3.0.1 security release CVE-2017-12628
MLIST:[servicemix-commits] 20200203 [servicemix-bundles] branch master updated: [SM-4312]Upgrade spring-batch from 4.0.1 to 4.0.2 to address CVE-2019-3774 CVE-2019-3774
MLIST:[servicemix-commits] 20200206 [servicemix-bundles] branch master updated: [SM-4315]Upgrade spring-batch from 3.0.8 to 3.0.10 to address CVE-2019-3774 CVE-2019-3774
MLIST:[servicemix-commits] 20200618 [servicemix-bundles] branch master updated: [SM-4312]add spring-batch-infrastructure-4.0.2.RELEASE(address CVE-2019-3774) CVE-2019-3774
MLIST:[servicemix-commits] 20200618 [servicemix-bundles] branch master updated: [SM-4315]add spring-batch-infrastructure-3.0.10.RELEASE(address CVE-2019-3774) CVE-2019-3774
MLIST:[servicemix-issues] 20200203 [jira] [Assigned] (SM-4312) Upgrade spring-batch from 4.0.1 to 4.0.2 to address CVE-2019-3774 CVE-2019-3774
MLIST:[servicemix-issues] 20200203 [jira] [Created] (SM-4312) Upgrade spring-batch from 4.0.1 to 4.0.2 to address CVE-2019-3774 CVE-2019-3774
MLIST:[servicemix-issues] 20200203 [jira] [Updated] (SM-4312) Upgrade spring-batch from 4.0.1 to 4.0.2 to address CVE-2019-3774 CVE-2019-3774
MLIST:[servicemix-issues] 20200205 [jira] [Resolved] (SM-4312) Upgrade spring-batch from 4.0.1 to 4.0.2 to address CVE-2019-3774 CVE-2019-3774
MLIST:[servicemix-issues] 20200206 [jira] [Assigned] (SM-4315) Upgrade spring-batch from 3.0.8 to 3.0.10 to address CVE-2019-3774 CVE-2019-3774
MLIST:[servicemix-issues] 20200206 [jira] [Created] (SM-4315) Upgrade spring-batch from 3.0.8 to 3.0.10 to address CVE-2019-3774 CVE-2019-3774
MLIST:[servicemix-issues] 20200206 [jira] [Resolved] (SM-4315) Upgrade spring-batch from 3.0.8 to 3.0.10 to address CVE-2019-3774 CVE-2019-3774
MLIST:[servicemix-issues] 20200206 [jira] [Updated] (SM-4315) Upgrade spring-batch from 3.0.8 to 3.0.10 to address CVE-2019-3774 CVE-2019-3774
MLIST:[servicemix-issues] 20200514 [jira] [Created] (SM-4384) Create OSGi bundles for spring-security 5.3.2.RELEASE + 5.1.10.RELEASE CVE-2020-5407
MLIST:[servicemix-issues] 20200618 [jira] [Commented] (SM-4312) Upgrade spring-batch from 4.0.1 to 4.0.2 to address CVE-2019-3774 CVE-2019-3774
MLIST:[servicemix-issues] 20200618 [jira] [Commented] (SM-4315) Upgrade spring-batch from 3.0.8 to 3.0.10 to address CVE-2019-3774 CVE-2019-3774
MLIST:[servicemix-issues] 20200618 [jira] [Reopened] (SM-4312) Upgrade spring-batch from 4.0.1 to 4.0.2 to address CVE-2019-3774 CVE-2019-3774
MLIST:[servicemix-issues] 20200618 [jira] [Reopened] (SM-4315) Upgrade spring-batch from 3.0.8 to 3.0.10 to address CVE-2019-3774 CVE-2019-3774
MLIST:[servicemix-issues] 20200629 [jira] [Resolved] (SM-4312) Upgrade spring-batch from 4.0.1 to 4.0.2 to address CVE-2019-3774 CVE-2019-3774
MLIST:[servicemix-issues] 20200629 [jira] [Resolved] (SM-4315) Upgrade spring-batch from 3.0.8 to 3.0.10 to address CVE-2019-3774 CVE-2019-3774
MLIST:[servicemix-issues] 20200629 [jira] [Updated] (SM-4312) Upgrade spring-batch from 4.0.1 to 4.0.2 to address CVE-2019-3774 CVE-2019-3774
MLIST:[shardingsphere-notifications] 20200623 [GitHub] [shardingsphere] liuqiankun93 opened a new issue #6180: The groovy-2.4.5-indy.jar has High-level security risks CVE-2015-3253
MLIST:[shiro-commits] 20200622 svn commit: r1879088 - /shiro/site/publish/security-reports.html CVE-2019-12422 CVE-2020-11989 CVE-2020-1957
MLIST:[shiro-commits] 20200622 svn commit: r1879089 - /shiro/site/publish/security-reports.html CVE-2020-11989 CVE-2020-1957
MLIST:[shiro-commits] 20200817 svn commit: r1880941 - /shiro/site/publish/security-reports.html CVE-2020-11989 CVE-2020-1957
MLIST:[shiro-commits] 20201104 [GitHub] [shiro] coheigea opened a new pull request #262: Update Jetty to 9.4.33.v20201020 to fix CVE-2020-27216 CVE-2020-27216
MLIST:[shiro-commits] 20201104 [GitHub] [shiro] fpapon merged pull request #262: Update Jetty to 9.4.33.v20201020 to fix CVE-2020-27216 CVE-2020-27216
MLIST:[shiro-commits] 20201104 [shiro] branch master updated: Update Jetty to 9.4.33.v20201020 to fix CVE-2020-27216 CVE-2020-27216
MLIST:[shiro-dev] 20191001 [jira] [Commented] (SHIRO-723) Provide Minor Shiro Release that includes CVE-2019-10086 Fix CVE-2019-10086
MLIST:[shiro-dev] 20191001 [jira] [Created] (SHIRO-723) Provide Minor Shiro Release that includes CVE-2019-10086 Fiix CVE-2019-10086
MLIST:[shiro-dev] 20191001 [jira] [Updated] (SHIRO-723) Provide Minor Shiro Release that includes CVE-2019-10086 Fix CVE-2019-10086
MLIST:[shiro-dev] 20191023 [jira] [Assigned] (SHIRO-723) Provide Minor Shiro Release that includes CVE-2019-10086 Fix CVE-2019-10086
MLIST:[shiro-dev] 20191105 [jira] [Resolved] (SHIRO-723) Provide Minor Shiro Release that includes CVE-2019-10086 Fix CVE-2019-10086
MLIST:[shiro-dev] 20191118 [ANNOUNCE][CVE-2019-12422] Apache Shiro 1.4.2 released CVE-2019-12422
MLIST:[shiro-dev] 20200622 [Announce] CVE-2020-11989: Authentication Bypass by Primary Weakness CVE-2020-11989
MLIST:[shiro-dev] 20200924 Request for assistance to backport CVE-2020-13933 fix CVE-2020-13933
MLIST:[shiro-dev] 20201004 Re: Request for assistance to backport CVE-2020-13933 fix CVE-2020-13933
MLIST:[shiro-dev] 20201217 Re: Request for assistance to backport CVE-2020-13933 fix CVE-2020-13933
MLIST:[shiro-dev] 20201219 Re: Request for assistance to backport CVE-2020-13933 fix CVE-2020-13933
MLIST:[shiro-dev] 20201220 Re: Request for assistance to backport CVE-2020-13933 fix CVE-2020-13933
MLIST:[shiro-dev] 20201221 Re: Request for assistance to backport CVE-2020-13933 fix CVE-2020-13933 CVE-2020-17510
MLIST:[shiro-dev] 20201222 Re: Request for assistance to backport CVE-2020-13933 fix CVE-2020-13933 CVE-2020-17510
MLIST:[shiro-dev] 20210130 Re: Request for assistance to backport CVE-2020-13933 fix CVE-2020-13933 CVE-2020-17510
MLIST:[shiro-dev] 20210316 Re: Request for assistance to backport CVE-2020-13933 fix CVE-2020-13933 CVE-2020-17510
MLIST:[shiro-dev] 20210331 Re: Request for assistance to backport CVE-2020-13933 fix CVE-2020-13933 CVE-2020-17510 CVE-2020-17523
MLIST:[shiro-dev] 20210407 Re: Request for assistance to backport CVE-2020-13933 fix CVE-2020-13933 CVE-2020-17510 CVE-2020-17523
MLIST:[shiro-dev] 20210424 Re: Ask help for upgrading Shiro in CDH platform to 1.7.1 CVE-2020-17523
MLIST:[shiro-dev] 20210504 Re: Request for assistance to backport CVE-2020-13933 fix CVE-2020-13933 CVE-2020-17510 CVE-2020-17523
MLIST:[shiro-user] 20200622 [Announce] CVE-2020-11989: Authentication Bypass by Primary Weakness CVE-2020-11989
MLIST:[shiro-user] 20210929 Re: CVE-2021-41303: Apache Shiro before 1.8.0, when using Apache Shiro with Spring Boot, a specially crafted HTTP request may cause an authentication bypass CVE-2021-41303
MLIST:[shotwell] 20170131 ATTENTION! Shotwell 0.24.5 and 0.25.4 released CVE-2017-1000024
MLIST:[shttpd-general] 20071203 Security bugs in SHTTPD CVE-2007-6404 CVE-2007-6405
MLIST:[skywalking-dev] 20200324 [CVE-2019-17267] Upgrade jackson-databind version to 2.9.10 CVE-2019-17267
MLIST:[skywalking-dev] 20200805 Subject: [CVE-2020-13921] Apache SkyWalking SQL injection vulnerability after H2/MySQL/TiDB storage option activated. CVE-2020-13921
MLIST:[skywalking-notifications] 20210802 [GitHub] [skywalking] codecov[bot] commented on pull request #7400: Fix CVE-2021-35515, CVE-2021-35516, CVE-2021-35517, CVE-2021-36090 CVE-2021-35515 CVE-2021-35516 CVE-2021-35517 CVE-2021-36090
MLIST:[skywalking-notifications] 20210802 [GitHub] [skywalking] codecov[bot] edited a comment on pull request #7400: Fix CVE-2021-35515, CVE-2021-35516, CVE-2021-35517, CVE-2021-36090 CVE-2021-35515 CVE-2021-35516 CVE-2021-35517 CVE-2021-36090
MLIST:[skywalking-notifications] 20210802 [GitHub] [skywalking] wu-sheng opened a new pull request #7400: Fix CVE-2021-35515, CVE-2021-35516, CVE-2021-35517, CVE-2021-36090 CVE-2021-35515 CVE-2021-35516 CVE-2021-35517 CVE-2021-36090
MLIST:[skywalking-notifications] 20210802 [skywalking] 01/01: Fix CVE-2021-35515, CVE-2021-35516, CVE-2021-35517, CVE-2021-36090 CVE-2021-35515 CVE-2021-35516 CVE-2021-35517 CVE-2021-36090
MLIST:[skywalking-notifications] 20210803 [GitHub] [skywalking] codecov[bot] edited a comment on pull request #7400: Fix CVE-2021-35515, CVE-2021-35516, CVE-2021-35517, CVE-2021-36090 CVE-2021-35515 CVE-2021-35516 CVE-2021-35517 CVE-2021-36090
MLIST:[skywalking-notifications] 20210803 [GitHub] [skywalking] hanahmily merged pull request #7400: Fix CVE-2021-35515, CVE-2021-35516, CVE-2021-35517, CVE-2021-36090 CVE-2021-35515 CVE-2021-35516 CVE-2021-35517 CVE-2021-36090
MLIST:[skywalking-notifications] 20210803 [skywalking] branch master updated: Fix CVE-2021-35515, CVE-2021-35516, CVE-2021-35517, CVE-2021-36090 (#7400) CVE-2021-35515 CVE-2021-35516 CVE-2021-35517 CVE-2021-36090
MLIST:[skywalking-notifications] 20211018 [GitHub] [skywalking-swck] hanahmily opened a new pull request #37: Fix vulnerabilities CVE-2020-29652 CVE-2021-3121
MLIST:[slackware-security] 20160223 ntp (SSA:2016-054-04) CVE-2015-5300
MLIST:[sle-security-updates] 20161017 SUSE-SU-2016:2553-1: moderate: Security update for kdump CVE-2016-5759
MLIST:[sleuthkit-announce] 20070614 TSK 2.09 Released and new Wiki CVE-2007-4195 CVE-2007-4196 CVE-2007-4197 CVE-2007-4198 CVE-2007-4199 CVE-2007-4200
MLIST:[sling-dev] 20131009 [CVE-2013-2254] Apache Sling denial of service vulnerability CVE-2013-2254
MLIST:[sling-dev] 20131020 CVE-2013-4390: Apache Sling open redirect on login CVE-2013-4390
MLIST:[sling-dev] 20210409 [jira] [Comment Edited] (SLING-10284) Dependency check fails on CVE-2015-2944 for Sling Resource Merger 1.4.0 CVE-2015-2944
MLIST:[sling-dev] 20210409 [jira] [Commented] (SLING-10284) Dependency check fails on CVE-2015-2944 for Sling Resource Merger 1.4.0 CVE-2015-2944
MLIST:[sling-dev] 20210409 [jira] [Created] (SLING-10284) Dependency check fails on CVE-2015-2944 for Sling Resource Merger 1.4.0 CVE-2015-2944
MLIST:[sling-dev] 20210409 [jira] [Resolved] (SLING-10284) Dependency check fails on CVE-2015-2944 for Sling Resource Merger 1.4.0 CVE-2015-2944
MLIST:[smb4k-announce] 20061221 Smb4K 0.8.0 and security fixes released CVE-2007-0472 CVE-2007-0473 CVE-2007-0474 CVE-2007-0475
MLIST:[solr-issues] 20210316 [jira] [Created] (SOLR-15269) upgrade httpclient to address CVE-2020-13956 CVE-2020-13956
MLIST:[solr-issues] 20210316 [jira] [Created] (SOLR-15270) upgrade httpclient to address CVE-2020-13956 CVE-2020-13956
MLIST:[solr-issues] 20210316 [jira] [Resolved] (SOLR-15270) upgrade httpclient to address CVE-2020-13956 CVE-2020-13956
MLIST:[solr-issues] 20210407 [jira] [Created] (SOLR-15324) High security vulnerability in Apache Thrift - CVE-2020-13949 (+1) bundled within Solr CVE-2020-13949
MLIST:[solr-issues] 20210407 [jira] [Created] (SOLR-15325) High security vulnerability in Jetty library bundled within Solr - CVE-2020-27223 (+1) CVE-2020-27223
MLIST:[solr-issues] 20210414 [jira] [Created] (SOLR-15338) High security vulnerability in Jetty library CVE-2021-28163 (+5) bundled within Solr CVE-2021-28163
MLIST:[solr-issues] 20210414 [jira] [Updated] (SOLR-15338) High security vulnerability in Jetty library CVE-2021-28163 (+5) bundled within Solr CVE-2021-28163 CVE-2021-28164 CVE-2021-28165
MLIST:[solr-issues] 20210419 [jira] [Created] (SOLR-15355) CVE-2020-9492: Upgrade hadoop-hdfs-client to 3.2.2 CVE-2020-9492
MLIST:[solr-issues] 20210419 [jira] [Updated] (SOLR-15355) CVE-2020-9492: Upgrade hadoop-hdfs-client to 3.2.2 CVE-2020-9492
MLIST:[solr-issues] 20210420 [jira] [Commented] (SOLR-15324) High security vulnerability in Apache Thrift - CVE-2020-13949 (+1) bundled within Solr CVE-2020-13949
MLIST:[solr-issues] 20210507 [jira] [Updated] (SOLR-15324) High security vulnerability in Apache Thrift - CVE-2020-13949 (+1) bundled within Solr CVE-2020-13949
MLIST:[solr-issues] 20210507 [jira] [Updated] (SOLR-15325) High security vulnerability in Jetty library bundled within Solr - CVE-2020-27223 (+1) CVE-2020-27223
MLIST:[solr-issues] 20210507 [jira] [Updated] (SOLR-15338) High security vulnerability in Jetty library CVE-2021-28163 (+5) bundled within Solr CVE-2021-28163 CVE-2021-28164 CVE-2021-28165
MLIST:[solr-issues] 20210525 [jira] [Created] (SOLR-15431) Security vulnerability with Bouncy Castle library within Apache Solr 8.8.2 CVE-2020-26939 CVE-2020-28052
MLIST:[solr-issues] 20210623 [jira] [Updated] (SOLR-15269) upgrade httpclient to address CVE-2020-13956 CVE-2020-13956
MLIST:[solr-issues] 20210623 [jira] [Updated] (SOLR-15270) upgrade httpclient to address CVE-2020-13956 CVE-2020-13956
MLIST:[solr-issues] 20210623 [jira] [Updated] (SOLR-15324) High security vulnerability in Apache Thrift - CVE-2020-13949 (+1) bundled within Solr CVE-2020-13949
MLIST:[solr-issues] 20210623 [jira] [Updated] (SOLR-15325) High security vulnerability in Jetty library bundled within Solr - CVE-2020-27223 (+1) CVE-2020-27223
MLIST:[solr-issues] 20210623 [jira] [Updated] (SOLR-15338) High security vulnerability in Jetty library CVE-2021-28163 (+5) bundled within Solr CVE-2021-28163 CVE-2021-28164 CVE-2021-28165
MLIST:[solr-issues] 20210623 [jira] [Updated] (SOLR-15355) CVE-2020-9492: Upgrade hadoop-hdfs-client to 3.2.2 CVE-2020-9492
MLIST:[solr-issues] 20210702 [jira] [Commented] (SOLR-15355) CVE-2020-9492: Upgrade hadoop-hdfs-client to 3.2.2 CVE-2020-9492
MLIST:[solr-issues] 20210711 [jira] [Created] (SOLR-15529) High security vulnerability in JDOM library bundled within Solr 8.9 CVE-2021-33813 CVE-2021-28163 CVE-2021-28164 CVE-2021-28165 CVE-2021-33813
MLIST:[solr-issues] 20210711 [jira] [Created] (SOLR-15530) High security vulnerability in jackson-databind bundled within Solr 8.9 CVE-2021-33813
MLIST:[solr-issues] 20210711 [jira] [Updated] (SOLR-15529) High security vulnerability in JDOM library bundled within Solr 8.9 CVE-2021-33813 CVE-2021-28163 CVE-2021-28164 CVE-2021-28165 CVE-2021-33813
MLIST:[solr-issues] 20210813 [jira] [Commented] (SOLR-15529) High security vulnerability in JDOM library bundled within Solr 8.9 CVE-2021-33813 CVE-2021-33813
MLIST:[solr-issues] 20210813 [jira] [Resolved] (SOLR-15325) High security vulnerability in Jetty library bundled within Solr - CVE-2020-27223 (+1) CVE-2020-27223
MLIST:[solr-issues] 20210813 [jira] [Resolved] (SOLR-15338) High security vulnerability in Jetty library CVE-2021-28163 (+5) bundled within Solr CVE-2021-28163 CVE-2021-28164 CVE-2021-28165
MLIST:[solr-issues] 20210813 [jira] [Updated] (SOLR-15529) High security vulnerability in JDOM library bundled within Solr 8.9 CVE-2021-33813 CVE-2021-33813
MLIST:[solr-issues] 20210819 [GitHub] [solr] janhoy opened a new pull request #268: SOLR-15324 Upgrade Jaeger dependency from 1.1.0 to 1.6.0 CVE-2020-13949
MLIST:[solr-issues] 20210819 [jira] [Assigned] (SOLR-15324) High security vulnerability in Apache Thrift - CVE-2020-13949 (+1) bundled within Solr CVE-2020-13949
MLIST:[solr-issues] 20210819 [jira] [Commented] (SOLR-15324) High security vulnerability in Apache Thrift - CVE-2020-13949 (+1) bundled within Solr CVE-2020-13949
MLIST:[solr-issues] 20210819 [jira] [Commented] (SOLR-15529) High security vulnerability in JDOM library bundled within Solr 8.9 CVE-2021-33813 CVE-2021-33813
MLIST:[solr-issues] 20210819 [jira] [Resolved] (SOLR-15529) High security vulnerability in JDOM library bundled within Solr 8.9 CVE-2021-33813 CVE-2021-33813
MLIST:[solr-issues] 20210819 [jira] [Updated] (SOLR-15324) High security vulnerability in Apache Thrift - CVE-2020-13949 (+1) bundled within Solr CVE-2020-13949
MLIST:[solr-issues] 20210825 [jira] [Commented] (SOLR-15324) High security vulnerability in Apache Thrift - CVE-2020-13949 (+1) bundled within Solr CVE-2020-13949
MLIST:[solr-issues] 20210825 [jira] [Resolved] (SOLR-15324) High security vulnerability in Apache Thrift - CVE-2020-13949 (+1) bundled within Solr CVE-2020-13949
MLIST:[solr-issues] 20210825 [jira] [Updated] (SOLR-15324) High security vulnerability in Apache Thrift - CVE-2020-13949 (+1) bundled within Solr CVE-2020-13949
MLIST:[solr-issues] 20210912 [jira] [Updated] (SOLR-15269) upgrade httpclient to address CVE-2020-13956 CVE-2020-13956
MLIST:[solr-issues] 20211011 [jira] [Commented] (SOLR-15269) upgrade httpclient to address CVE-2020-13956 CVE-2020-13956
MLIST:[solr-issues] 20211011 [jira] [Resolved] (SOLR-15269) upgrade httpclient to address CVE-2020-13956 CVE-2020-13956
MLIST:[solr-issues] 20211015 [jira] [Resolved] (SOLR-15355) CVE-2020-9492: Upgrade hadoop-hdfs-client to 3.2.2 CVE-2020-9492
MLIST:[solr-issues] 20211016 [jira] [Commented] (SOLR-15355) CVE-2020-9492: Upgrade hadoop-hdfs-client to 3.2.2 CVE-2020-9492
MLIST:[solr-issues] 20211019 [jira] [Closed] (SOLR-15269) upgrade httpclient to address CVE-2020-13956 CVE-2020-13956
MLIST:[solr-issues] 20211020 [jira] [Commented] (SOLR-15355) CVE-2020-9492: Upgrade hadoop-hdfs-client to 3.2.2 CVE-2020-9492
MLIST:[solr-issues] 20211022 [jira] [Commented] (SOLR-15355) CVE-2020-9492: Upgrade hadoop-hdfs-client to 3.2.2 CVE-2020-9492
MLIST:[solr-user] 20170215 [SECURITY] CVE-2017-3163 Apache Solr ReplicationHandler path traversal attack CVE-2017-3163
MLIST:[solr-users] 20210310 Does CVE-2020-27223 impact Solr 8.6.1 CVE-2020-27223
MLIST:[solr-users] 20210618 CVE-2021-27905 Apache Solr ReplicationHandler/SSRF vulnerability CVE-2017-12629 CVE-2019-0193 CVE-2021-27905
MLIST:[solr-users] 20210618 Re: CVE-2021-27905 Apache Solr ReplicationHandler/SSRF vulnerability CVE-2017-12629 CVE-2019-0193 CVE-2021-27905
MLIST:[solr-users] 20210728 Re: CVE-2021-27905 Apache Solr ReplicationHandler/SSRF vulnerability CVE-2017-12629 CVE-2019-0193 CVE-2021-27905
MLIST:[sork] 20050422 Accounts 2.1.2 (final) CVE-2005-1316
MLIST:[sork] 20050422 Forwards 2.2.2 (final) CVE-2005-1318
MLIST:[sork] 20050422 Passwd 2.2.2 (final) CVE-2005-1313
MLIST:[sork] 20050422 Vacation 2.2.2 (final) CVE-2005-1321
MLIST:[source-changes] 20050913 CVS commit: [netbsd-3] src/sys/compat/freebsd CVE-2005-4776
MLIST:[source-changes] 20051021 CVS commit: src/sys/kern CVE-2005-4782
MLIST:[source-changes] 20070226 CVS: cvs.openbsd.org: src CVE-2007-1365
MLIST:[source-changes] 20140624 CVS commit: src/lib/libc/citrus CVE-2014-3951 CVE-2014-5384
MLIST:[spamassassin-announce] 20040805 [SA-Announce] SpamAssassin 2.64 is released! CVE-2004-0796
MLIST:[spamassassin-announce] 20191212 [SECURITY] Apache SpamAssassin v3.4.3 released with fix for CVE-2018-11805 CVE-2018-11805
MLIST:[spamassassin-announce] 20191212 [SECURITY] Apache SpamAssassin v3.4.3 released with fix for CVE-2019-12420 CVE-2019-12420
MLIST:[spamassassin-announce] 20200130 [CVE-2020-1930] Apache SpamAssassin Nefarious rule configuration (.cf) files can be configured to run system commands CVE-2018-11805
MLIST:[spamassassin-announce] 20200130 [CVE-2020-1931] Apache SpamAssassin Nefarious rule configuration (.cf) files can be configured to run system commands with warnings. CVE-2018-11805
MLIST:[spamassassin-dev] 20191212 [SECURITY] Apache SpamAssassin v3.4.3 released with fix for CVE-2018-11805 CVE-2018-11805
MLIST:[spamassassin-dev] 20191212 [SECURITY] Apache SpamAssassin v3.4.3 released with fix for CVE-2019-12420 CVE-2019-12420
MLIST:[spamassassin-dev] 20200130 [CVE-2020-1930] Apache SpamAssassin Nefarious rule configuration (.cf) files can be configured to run system commands CVE-2018-11805
MLIST:[spamassassin-dev] 20200130 [CVE-2020-1931] Apache SpamAssassin Nefarious rule configuration (.cf) files can be configured to run system commands with warnings. CVE-2018-11805
MLIST:[spamassassin-users] 20191212 [SECURITY] Apache SpamAssassin v3.4.3 released with fix for CVE-2018-11805 CVE-2018-11805
MLIST:[spamassassin-users] 20191212 [SECURITY] Apache SpamAssassin v3.4.3 released with fix for CVE-2019-12420 CVE-2019-12420
MLIST:[spamassassin-users] 20191218 CVE-2018-11805 fix and sa-exim CVE-2018-11805
MLIST:[spamassassin-users] 20191218 Re: CVE-2018-11805 fix and sa-exim CVE-2018-11805
MLIST:[spamassassin-users] 20191219 Re: CVE-2018-11805 fix and sa-exim CVE-2018-11805
MLIST:[spamassassin-users] 20200130 Re: ANNOUNCE: Apache SpamAssassin 3.4.4 available CVE-2018-11805 CVE-2019-12420
MLIST:[spamassassin-users] 20200130 [CVE-2020-1930] Apache SpamAssassin Nefarious rule configuration (.cf) files can be configured to run system commands CVE-2018-11805
MLIST:[spamassassin-users] 20200130 [CVE-2020-1931] Apache SpamAssassin Nefarious rule configuration (.cf) files can be configured to run system commands with warnings. CVE-2018-11805
MLIST:[spamassassin-users] 20200131 Re: ANNOUNCE: Apache SpamAssassin 3.4.4 available CVE-2018-11805 CVE-2019-12420
MLIST:[spamdyke-release] 20120115 New version: spamdyke 4.3.0 CVE-2012-0802
MLIST:[spark-commits] 20190806 [spark-website] branch asf-site updated: CVE-2019-10099 CVE-2018-11760
MLIST:[spark-commits] 20200622 [spark-website] branch asf-site updated: CVE-2020-9480 details (#275) CVE-2019-10099
MLIST:[spark-commits] 20210218 [spark] branch branch-3.0 updated: [SPARK-34449][BUILD] Upgrade Jetty to fix CVE-2020-27218 CVE-2020-27218
MLIST:[spark-commits] 20210218 [spark] branch branch-3.1 updated: [SPARK-34449][BUILD] Upgrade Jetty to fix CVE-2020-27218 CVE-2020-27218
MLIST:[spark-commits] 20210219 [spark] branch branch-2.4 updated: [SPARK-34449][BUILD][2.4] Upgrade Jetty to fix CVE-2020-27218 CVE-2020-27218
MLIST:[spark-commits] 20210408 [spark] branch branch-2.4 updated: [SPARK-34988][CORE][2.4] Upgrade Jetty for CVE-2021-28165 CVE-2021-28165
MLIST:[spark-commits] 20210408 [spark] branch branch-3.0 updated: [SPARK-34988][CORE][3.0] Upgrade Jetty for CVE-2021-28165 CVE-2021-28165
MLIST:[spark-dev] 20200803 Re: CVE-2020-9480: Apache Spark RCE vulnerability in auth-enabled standalone master CVE-2020-9480
MLIST:[spark-issues] 20191219 [jira] [Commented] (SPARK-30308) Update Netty and Netty-all to address CVE-2019-16869 CVE-2019-16869
MLIST:[spark-issues] 20191219 [jira] [Created] (SPARK-30308) Update Netty and Netty-all to address CVE-2019-16869 CVE-2019-16869
MLIST:[spark-issues] 20191219 [jira] [Updated] (SPARK-30308) Update Netty and Netty-all to address CVE-2019-16869 CVE-2019-16869
MLIST:[spark-issues] 20191220 [jira] [Comment Edited] (SPARK-30308) Update Netty and Netty-all to address CVE-2019-16869 CVE-2019-16869
MLIST:[spark-issues] 20191220 [jira] [Commented] (SPARK-30308) Update Netty and Netty-all to address CVE-2019-16869 CVE-2019-16869
MLIST:[spark-issues] 20191220 [jira] [Issue Comment Deleted] (SPARK-30308) Update Netty and Netty-all to address CVE-2019-16869 CVE-2019-16869
MLIST:[spark-issues] 20191220 [jira] [Reopened] (SPARK-30308) Update Netty and Netty-all to address CVE-2019-16869 CVE-2019-16869
MLIST:[spark-issues] 20191220 [jira] [Resolved] (SPARK-30308) Update Netty and Netty-all to address CVE-2019-16869 CVE-2019-16869
MLIST:[spark-issues] 20200309 [jira] [Created] (SPARK-31095) Upgrade netty version to fix security vulnerabilities CVE-2019-20445
MLIST:[spark-issues] 20200318 [jira] [Commented] (SPARK-28626) Spark leaves unencrypted data on local disk, even with encryption turned on (CVE-2019-10099) CVE-2019-10099
MLIST:[spark-issues] 20210115 [jira] [Created] (SPARK-34124) Upgrade jackson version to fix CVE-2020-36179 in Spark 2.4 CVE-2020-36179
MLIST:[spark-issues] 20210216 [jira] [Assigned] (SPARK-34449) Upgrade Jetty to fix CVE-2020-27218 CVE-2020-27218
MLIST:[spark-issues] 20210216 [jira] [Commented] (SPARK-34449) Upgrade Jetty to fix CVE-2020-27218 CVE-2020-27218
MLIST:[spark-issues] 20210216 [jira] [Created] (SPARK-34449) Upgrade Jetty to fix CVE-2020-27218 CVE-2020-27218
MLIST:[spark-issues] 20210218 [jira] [Commented] (SPARK-34449) Upgrade Jetty to fix CVE-2020-27218 CVE-2020-27218
MLIST:[spark-issues] 20210219 [jira] [Resolved] (SPARK-34449) Upgrade Jetty to fix CVE-2020-27218 CVE-2020-27218
MLIST:[spark-issues] 20210222 [jira] [Updated] (SPARK-34449) Upgrade Jetty to fix CVE-2020-27218 CVE-2020-27218
MLIST:[spark-issues] 20210223 [jira] [Created] (SPARK-34511) Current Security vulnerabilities in spark libraries CVE-2017-7525
MLIST:[spark-issues] 20210315 [jira] [Assigned] (SPARK-34752) Upgrade Jetty to 9.4.37 to fix CVE-2020-27223 CVE-2020-27223
MLIST:[spark-issues] 20210315 [jira] [Commented] (SPARK-34752) Upgrade Jetty to 9.4.37 to fix CVE-2020-27223 CVE-2020-27223
MLIST:[spark-issues] 20210315 [jira] [Created] (SPARK-34752) Upgrade Jetty to 9.3.37 to fix CVE-2020-27223 CVE-2020-27223
MLIST:[spark-issues] 20210315 [jira] [Resolved] (SPARK-34752) Upgrade Jetty to 9.4.37 to fix CVE-2020-27223 CVE-2020-27223
MLIST:[spark-issues] 20210315 [jira] [Updated] (SPARK-34752) Upgrade Jetty to 9.3.37 to fix CVE-2020-27223 CVE-2020-27223
MLIST:[spark-issues] 20210315 [jira] [Updated] (SPARK-34752) Upgrade Jetty to 9.4.37 to fix CVE-2020-27223 CVE-2020-27223
MLIST:[spark-issues] 20210408 [jira] [Assigned] (SPARK-34988) Upgrade Jetty for CVE-2021-28165 CVE-2021-28165
MLIST:[spark-issues] 20210408 [jira] [Commented] (SPARK-34988) Upgrade Jetty for CVE-2021-28165 CVE-2021-28165
MLIST:[spark-issues] 20210408 [jira] [Created] (SPARK-34988) Upgrade Jetty for CVE-2021-28165 CVE-2021-28165
MLIST:[spark-issues] 20210408 [jira] [Resolved] (SPARK-34988) Upgrade Jetty for CVE-2021-28165 CVE-2021-28165
MLIST:[spark-issues] 20210408 [jira] [Updated] (SPARK-34988) Upgrade Jetty for CVE-2021-28165 CVE-2021-28165
MLIST:[spark-issues] 20210413 [jira] [Created] (SPARK-35054) Getting Critical Vulnerability CVE-2021-20231 on spark 3.0.0 branch CVE-2021-20231 CVE-2021-20232
MLIST:[spark-issues] 20210417 [jira] [Commented] (SPARK-35054) Getting Critical Vulnerability CVE-2021-20231 on spark 3.0.0 branch CVE-2021-20231 CVE-2021-20232
MLIST:[spark-issues] 20210423 [jira] [Resolved] (SPARK-35054) Getting Critical Vulnerability CVE-2021-20231 on spark 3.0.0 branch CVE-2021-20231 CVE-2021-20232
MLIST:[spark-issues] 20210425 [jira] [Commented] (SPARK-35054) Getting Critical Vulnerability CVE-2021-20231 on spark 3.0.0 branch CVE-2021-20231 CVE-2021-20232
MLIST:[spark-issues] 20210426 [jira] [Commented] (SPARK-35054) Getting Critical Vulnerability CVE-2021-20231 on spark 3.0.0 branch CVE-2021-20231 CVE-2021-20232
MLIST:[spark-issues] 20210426 [jira] [Updated] (SPARK-35054) Getting Critical Vulnerability CVE-2021-20231 on spark 3.0.0 branch CVE-2021-20231 CVE-2021-20232
MLIST:[spark-issues] 20210429 [jira] [Commented] (SPARK-35054) Getting Critical Vulnerability CVE-2021-20231 on spark 3.0.0 branch CVE-2021-20231 CVE-2021-20232
MLIST:[spark-issues] 20210430 [jira] [Commented] (SPARK-35054) Getting Critical Vulnerability CVE-2021-20231 on spark 3.0.0 branch CVE-2021-20231 CVE-2021-20232
MLIST:[spark-issues] 20210824 [jira] [Created] (SPARK-36572) Upgrade version of io.netty to 4.1.44.Final to solve CVE-2019-20444 and CVE-2019-20445 CVE-2019-20444 CVE-2019-20445
MLIST:[spark-reviews] 20190520 [GitHub] [spark] Fokko opened a new pull request #24646: Spark 27757 CVE-2019-12086
MLIST:[spark-reviews] 20200310 [GitHub] [spark] dongjoon-hyun commented on issue #27870: [SPARK-31095][BUILD][2.4] Upgrade netty-all to 4.1.47.Final CVE-2019-20445
MLIST:[spark-reviews] 20210216 [GitHub] [spark] AmplabJenkins commented on pull request #31574: [SPARK-34449][BUILD] Upgrade Jetty to fix CVE-2020-27218 CVE-2020-27218
MLIST:[spark-reviews] 20210216 [GitHub] [spark] AmplabJenkins removed a comment on pull request #31574: [SPARK-34449][BUILD] Upgrade Jetty to fix CVE-2020-27218 CVE-2020-27218
MLIST:[spark-reviews] 20210216 [GitHub] [spark] SparkQA commented on pull request #31574: [SPARK-34449][BUILD] Upgrade Jetty to fix CVE-2020-27218 CVE-2020-27218
MLIST:[spark-reviews] 20210216 [GitHub] [spark] sarutak commented on pull request #31574: [SPARK-34449][BUILD] Upgrade Jetty to fix CVE-2020-27218 CVE-2020-27218
MLIST:[spark-reviews] 20210216 [GitHub] [spark] sarutak opened a new pull request #31574: [SPARK-34449][BUILD] Upgrade Jetty to fix CVE-2020-27218 CVE-2020-27218
MLIST:[spark-reviews] 20210217 [GitHub] [spark] AmplabJenkins commented on pull request #31574: [SPARK-34449][BUILD] Upgrade Jetty to fix CVE-2020-27218 CVE-2020-27218
MLIST:[spark-reviews] 20210217 [GitHub] [spark] AmplabJenkins removed a comment on pull request #31574: [SPARK-34449][BUILD] Upgrade Jetty to fix CVE-2020-27218 CVE-2020-27218
MLIST:[spark-reviews] 20210217 [GitHub] [spark] HyukjinKwon commented on pull request #31574: [SPARK-34449][BUILD] Upgrade Jetty to fix CVE-2020-27218 CVE-2020-27218
MLIST:[spark-reviews] 20210217 [GitHub] [spark] SparkQA commented on pull request #31574: [SPARK-34449][BUILD] Upgrade Jetty to fix CVE-2020-27218 CVE-2020-27218
MLIST:[spark-reviews] 20210217 [GitHub] [spark] SparkQA removed a comment on pull request #31574: [SPARK-34449][BUILD] Upgrade Jetty to fix CVE-2020-27218 CVE-2020-27218
MLIST:[spark-reviews] 20210217 [GitHub] [spark] dongjoon-hyun commented on pull request #31574: [SPARK-34449][BUILD] Upgrade Jetty to fix CVE-2020-27218 CVE-2020-27218
MLIST:[spark-reviews] 20210217 [GitHub] [spark] sarutak commented on pull request #31574: [SPARK-34449][BUILD] Upgrade Jetty to fix CVE-2020-27218 CVE-2020-27218
MLIST:[spark-reviews] 20210217 [GitHub] [spark] sarutak edited a comment on pull request #31574: [SPARK-34449][BUILD] Upgrade Jetty to fix CVE-2020-27218 CVE-2020-27218
MLIST:[spark-reviews] 20210217 [GitHub] [spark] srowen commented on pull request #31574: [SPARK-34449][BUILD] Upgrade Jetty to fix CVE-2020-27218 CVE-2020-27218
MLIST:[spark-reviews] 20210218 [GitHub] [spark] AmplabJenkins commented on pull request #31574: [SPARK-34449][BUILD] Upgrade Jetty to fix CVE-2020-27218 CVE-2020-27218
MLIST:[spark-reviews] 20210218 [GitHub] [spark] AmplabJenkins commented on pull request #31583: [SPARK-34449][BUILD][2.4] Upgrade Jetty to fix CVE-2020-27218 CVE-2020-27218
MLIST:[spark-reviews] 20210218 [GitHub] [spark] AmplabJenkins removed a comment on pull request #31574: [SPARK-34449][BUILD] Upgrade Jetty to fix CVE-2020-27218 CVE-2020-27218
MLIST:[spark-reviews] 20210218 [GitHub] [spark] AmplabJenkins removed a comment on pull request #31583: [SPARK-34449][BUILD][2.4] Upgrade Jetty to fix CVE-2020-27218 CVE-2020-27218
MLIST:[spark-reviews] 20210218 [GitHub] [spark] HyukjinKwon closed pull request #31574: [SPARK-34449][BUILD] Upgrade Jetty to fix CVE-2020-27218 CVE-2020-27218
MLIST:[spark-reviews] 20210218 [GitHub] [spark] HyukjinKwon commented on pull request #31574: [SPARK-34449][BUILD] Upgrade Jetty to fix CVE-2020-27218 CVE-2020-27218
MLIST:[spark-reviews] 20210218 [GitHub] [spark] SparkQA commented on pull request #31574: [SPARK-34449][BUILD] Upgrade Jetty to fix CVE-2020-27218 CVE-2020-27218
MLIST:[spark-reviews] 20210218 [GitHub] [spark] SparkQA commented on pull request #31583: [SPARK-34449][BUILD][2.4] Upgrade Jetty to fix CVE-2020-27218 CVE-2020-27218
MLIST:[spark-reviews] 20210218 [GitHub] [spark] SparkQA removed a comment on pull request #31574: [SPARK-34449][BUILD] Upgrade Jetty to fix CVE-2020-27218 CVE-2020-27218
MLIST:[spark-reviews] 20210218 [GitHub] [spark] SparkQA removed a comment on pull request #31583: [SPARK-34449][BUILD][2.4] Upgrade Jetty to fix CVE-2020-27218 CVE-2020-27218
MLIST:[spark-reviews] 20210218 [GitHub] [spark] sarutak commented on pull request #31574: [SPARK-34449][BUILD] Upgrade Jetty to fix CVE-2020-27218 CVE-2020-27218
MLIST:[spark-reviews] 20210218 [GitHub] [spark] sarutak commented on pull request #31583: [SPARK-34449][BUILD][2.4] Upgrade Jetty to fix CVE-2020-27218 CVE-2020-27218
MLIST:[spark-reviews] 20210218 [GitHub] [spark] sarutak edited a comment on pull request #31574: [SPARK-34449][BUILD] Upgrade Jetty to fix CVE-2020-27218 CVE-2020-27218
MLIST:[spark-reviews] 20210218 [GitHub] [spark] sarutak opened a new pull request #31583: [SPARK-34449][BUILD][2.4] Upgrade Jetty to fix CVE-2020-27218 CVE-2020-27218
MLIST:[spark-reviews] 20210219 [GitHub] [spark] AmplabJenkins commented on pull request #31583: [SPARK-34449][BUILD][2.4] Upgrade Jetty to fix CVE-2020-27218 CVE-2020-27218
MLIST:[spark-reviews] 20210219 [GitHub] [spark] AmplabJenkins removed a comment on pull request #31583: [SPARK-34449][BUILD][2.4] Upgrade Jetty to fix CVE-2020-27218 CVE-2020-27218
MLIST:[spark-reviews] 20210219 [GitHub] [spark] HyukjinKwon closed pull request #31583: [SPARK-34449][BUILD][2.4] Upgrade Jetty to fix CVE-2020-27218 CVE-2020-27218
MLIST:[spark-reviews] 20210219 [GitHub] [spark] HyukjinKwon commented on pull request #31583: [SPARK-34449][BUILD][2.4] Upgrade Jetty to fix CVE-2020-27218 CVE-2020-27218
MLIST:[spark-reviews] 20210219 [GitHub] [spark] SparkQA commented on pull request #31583: [SPARK-34449][BUILD][2.4] Upgrade Jetty to fix CVE-2020-27218 CVE-2020-27218
MLIST:[spark-reviews] 20210219 [GitHub] [spark] SparkQA removed a comment on pull request #31583: [SPARK-34449][BUILD][2.4] Upgrade Jetty to fix CVE-2020-27218 CVE-2020-27218
MLIST:[spark-reviews] 20210219 [GitHub] [spark] srowen commented on pull request #31583: [SPARK-34449][BUILD][2.4] Upgrade Jetty to fix CVE-2020-27218 CVE-2020-27218
MLIST:[spark-reviews] 20210315 [GitHub] [spark] AmplabJenkins commented on pull request #31846: [SPARK-34752][BUILD] Bump Jetty to 9.4.37 to address CVE-2020-27223 CVE-2020-27223
MLIST:[spark-reviews] 20210315 [GitHub] [spark] HyukjinKwon closed pull request #31846: [SPARK-34752][BUILD] Bump Jetty to 9.4.37 to address CVE-2020-27223 CVE-2020-27223
MLIST:[spark-reviews] 20210315 [GitHub] [spark] HyukjinKwon commented on pull request #31846: [SPARK-34752][BUILD] Bump Jetty to 9.4.37 to address CVE-2020-27223 CVE-2020-27223
MLIST:[spark-reviews] 20210315 [GitHub] [spark] xkrogen opened a new pull request #31846: [SPARK-34752] Bump Jetty to 9.4.37 to address CVE-2020-27223 CVE-2020-27223
MLIST:[spark-reviews] 20210316 [GitHub] [spark] xkrogen commented on pull request #31846: [SPARK-34752][BUILD] Bump Jetty to 9.4.37 to address CVE-2020-27223 CVE-2020-27223
MLIST:[spark-reviews] 20210408 [GitHub] [spark] AmplabJenkins commented on pull request #32091: [SPARK-34988][CORE] Upgrade Jetty for CVE-2021-28165 CVE-2021-28165
MLIST:[spark-reviews] 20210408 [GitHub] [spark] AmplabJenkins commented on pull request #32093: [SPARK-34988][CORE][2.4] Upgrade Jetty for CVE-2021-28165 CVE-2021-28165
MLIST:[spark-reviews] 20210408 [GitHub] [spark] AmplabJenkins commented on pull request #32094: [SPARK-34988][CORE][3.0] Upgrade Jetty for CVE-2021-28165 CVE-2021-28165
MLIST:[spark-reviews] 20210408 [GitHub] [spark] AmplabJenkins commented on pull request #32095: [SPARK-34988][CORE][3.1] Upgrade Jetty for CVE-2021-28165 CVE-2021-28165
MLIST:[spark-reviews] 20210408 [GitHub] [spark] AmplabJenkins removed a comment on pull request #32091: [SPARK-34988][CORE] Upgrade Jetty for CVE-2021-28165 CVE-2021-28165
MLIST:[spark-reviews] 20210408 [GitHub] [spark] AmplabJenkins removed a comment on pull request #32093: [SPARK-34988][CORE][2.4] Upgrade Jetty for CVE-2021-28165 CVE-2021-28165
MLIST:[spark-reviews] 20210408 [GitHub] [spark] AmplabJenkins removed a comment on pull request #32094: [SPARK-34988][CORE][3.0] Upgrade Jetty for CVE-2021-28165 CVE-2021-28165
MLIST:[spark-reviews] 20210408 [GitHub] [spark] AmplabJenkins removed a comment on pull request #32095: [SPARK-34988][CORE][3.1] Upgrade Jetty for CVE-2021-28165 CVE-2021-28165
MLIST:[spark-reviews] 20210408 [GitHub] [spark] HyukjinKwon commented on pull request #32093: [SPARK-34988][CORE][2.4] Upgrade Jetty for CVE-2021-28165 CVE-2021-28165
MLIST:[spark-reviews] 20210408 [GitHub] [spark] MaxGekk closed pull request #32091: [SPARK-34988][CORE] Upgrade Jetty for CVE-2021-28165 CVE-2021-28165
MLIST:[spark-reviews] 20210408 [GitHub] [spark] MaxGekk commented on pull request #32091: [SPARK-34988][CORE] Upgrade Jetty for CVE-2021-28165 CVE-2021-28165
MLIST:[spark-reviews] 20210408 [GitHub] [spark] SparkQA commented on pull request #32091: [SPARK-34988][CORE] Upgrade Jetty for CVE-2021-28165 CVE-2021-28165
MLIST:[spark-reviews] 20210408 [GitHub] [spark] SparkQA commented on pull request #32093: [SPARK-34988][CORE][2.4] Upgrade Jetty for CVE-2021-28165 CVE-2021-28165
MLIST:[spark-reviews] 20210408 [GitHub] [spark] SparkQA commented on pull request #32094: [SPARK-34988][CORE][3.0] Upgrade Jetty for CVE-2021-28165 CVE-2021-28165
MLIST:[spark-reviews] 20210408 [GitHub] [spark] SparkQA commented on pull request #32095: [SPARK-34988][CORE][3.1] Upgrade Jetty for CVE-2021-28165 CVE-2021-28165
MLIST:[spark-reviews] 20210408 [GitHub] [spark] SparkQA removed a comment on pull request #32091: [SPARK-34988][CORE] Upgrade Jetty for CVE-2021-28165 CVE-2021-28165
MLIST:[spark-reviews] 20210408 [GitHub] [spark] SparkQA removed a comment on pull request #32093: [SPARK-34988][CORE][2.4] Upgrade Jetty for CVE-2021-28165 CVE-2021-28165
MLIST:[spark-reviews] 20210408 [GitHub] [spark] SparkQA removed a comment on pull request #32094: [SPARK-34988][CORE][3.0] Upgrade Jetty for CVE-2021-28165 CVE-2021-28165
MLIST:[spark-reviews] 20210408 [GitHub] [spark] SparkQA removed a comment on pull request #32095: [SPARK-34988][CORE][3.1] Upgrade Jetty for CVE-2021-28165 CVE-2021-28165
MLIST:[spark-reviews] 20210408 [GitHub] [spark] dongjoon-hyun closed pull request #32095: [SPARK-34988][CORE][3.1] Upgrade Jetty for CVE-2021-28165 CVE-2021-28165
MLIST:[spark-reviews] 20210408 [GitHub] [spark] dongjoon-hyun commented on pull request #32093: [SPARK-34988][CORE][2.4] Upgrade Jetty for CVE-2021-28165 CVE-2021-28165
MLIST:[spark-reviews] 20210408 [GitHub] [spark] dongjoon-hyun commented on pull request #32095: [SPARK-34988][CORE][3.1] Upgrade Jetty for CVE-2021-28165 CVE-2021-28165
MLIST:[spark-reviews] 20210408 [GitHub] [spark] dongjoon-hyun edited a comment on pull request #32095: [SPARK-34988][CORE][3.1] Upgrade Jetty for CVE-2021-28165 CVE-2021-28165
MLIST:[spark-reviews] 20210408 [GitHub] [spark] sarutak commented on pull request #32091: [SPARK-34988][CORE] Upgrade Jetty for CVE-2021-28165 CVE-2021-28165
MLIST:[spark-reviews] 20210408 [GitHub] [spark] sarutak opened a new pull request #32091: [SPARK-34988][CORE] Upgrade Jetty for CVE-2021-28165 CVE-2021-28165
MLIST:[spark-reviews] 20210408 [GitHub] [spark] sarutak opened a new pull request #32093: [SPARK-34988][CORE][2.4] Upgrade Jetty for CVE-2021-28165 CVE-2021-28165
MLIST:[spark-reviews] 20210408 [GitHub] [spark] sarutak opened a new pull request #32094: [SPARK-34988][CORE][3.0] Upgrade Jetty for CVE-2021-28165 CVE-2021-28165
MLIST:[spark-reviews] 20210408 [GitHub] [spark] sarutak opened a new pull request #32095: [SPARK-34988][CORE][3.1] Upgrade Jetty for CVE-2021-28165 CVE-2021-28165
MLIST:[spark-reviews] 20210408 [GitHub] [spark] srowen closed pull request #32093: [SPARK-34988][CORE][2.4] Upgrade Jetty for CVE-2021-28165 CVE-2021-28165
MLIST:[spark-reviews] 20210408 [GitHub] [spark] srowen closed pull request #32094: [SPARK-34988][CORE][3.0] Upgrade Jetty for CVE-2021-28165 CVE-2021-28165
MLIST:[spark-reviews] 20210408 [GitHub] [spark] srowen commented on pull request #32093: [SPARK-34988][CORE][2.4] Upgrade Jetty for CVE-2021-28165 CVE-2021-28165
MLIST:[spark-reviews] 20210408 [GitHub] [spark] srowen commented on pull request #32094: [SPARK-34988][CORE][3.0] Upgrade Jetty for CVE-2021-28165 CVE-2021-28165
MLIST:[spark-reviews] 20210408 [GitHub] [spark] srowen commented on pull request #32095: [SPARK-34988][CORE][3.1] Upgrade Jetty for CVE-2021-28165 CVE-2021-28165
MLIST:[spark-reviews] 20210408 [GitHub] [spark] viirya commented on pull request #32093: [SPARK-34988][CORE][2.4] Upgrade Jetty for CVE-2021-28165 CVE-2021-28165
MLIST:[spark-reviews] 20210517 [GitHub] [spark] dongjoon-hyun commented on pull request #32095: [SPARK-34988][CORE][3.1] Upgrade Jetty for CVE-2021-28165 CVE-2021-28165
MLIST:[spark-reviews] 20210517 [GitHub] [spark] jeffreysmooth commented on pull request #32095: [SPARK-34988][CORE][3.1] Upgrade Jetty for CVE-2021-28165 CVE-2021-28165
MLIST:[spark-user] 20200224 [SPARK Dependencies] Security Vulnerability with Xerces version < 2.12 CVE-2018-2799
MLIST:[spark-user] 20200803 Re: CVE-2020-9480: Apache Spark RCE vulnerability in auth-enabled standalone master CVE-2020-9480
MLIST:[spark-user] 20210621 Re: CVEs CVE-2020-25649
MLIST:[squid-announce] 20160216 Squid 3.5.14 is available CVE-2016-2390
MLIST:[squid-announce] 20160216 Squid 4.0.6 beta is available CVE-2016-2390
MLIST:[squirrelmail-cvs] 20040427 [SM-CVS] CVS: squirrelmail/functions abook_database.php,1.15.2.1,1.15.2.2 CVE-2004-0521
MLIST:[squirrelmail-cvs] 20040523 [SM-CVS] CVS: squirrelmail/functions mime.php,1.265.2.27,1.265.2.28 CVE-2004-0520
MLIST:[squirrelmail-devel] 20040511 [SM-DEVEL] SquirrelMail 1.4.3-RC1 Release CVE-2004-0521
MLIST:[stable] 20141008 [PATCH] fs: Add a missing permission check to do_umount CVE-2014-7975
MLIST:[stable] 20180904 [PATCH 1/2] irda: Fix memory leak caused by repeated binds of irda socket CVE-2018-6554
MLIST:[stable] 20180904 [PATCH 2/2] irda: Only insert new objects into the global database via setsockopt CVE-2018-6555
MLIST:[storm-dev] 20140429 [jira] [Commented] (STORM-269) Any readable file exposed via UI log viewer CVE-2014-0115
MLIST:[storm-dev] 20190724 [CVE-2018-1320] Apache Storm vulnerable Thrift version CVE-2018-1320
MLIST:[storm-dev] 20200708 [GitHub] [storm] Crim opened a new pull request #3305: [STORM-3553] Upgrade jQuery from 1.11.1 to 3.5.1 CVE-2019-11358
MLIST:[storm-issues] 20210315 [jira] [Created] (STORM-3754) Upgrade Guava version because of security vulnerability CVE-2018-10237
MLIST:[storm-user] 20190724 [CVE-2018-11779] Apache Storm UI Java deserialization vulnerability CVE-2018-11779
MLIST:[storm-user] 20190724 [CVE-2018-1320] Apache Storm vulnerable Thrift version CVE-2018-1320
MLIST:[storm-user] 20190724 [CVE-2019-0202] Apache Storm Logviewer file system access vulnerability CVE-2019-0202
MLIST:[strongSwan] 20090527 [strongSwan] ANNOUNCE: strongSwan 4.3.1 and 4.2.15 released CVE-2009-1957 CVE-2009-1958
MLIST:[struts-commits] 20201221 [struts] branch master updated: Upgrades XStream to version 1.4.15 to address CVE-2020-26258, CVE-2020-26259 CVE-2020-26258 CVE-2020-26259
MLIST:[struts-dev] 20190908 Build failed in Jenkins: Struts-master-JDK8-dependency-check #204 CVE-2018-10769 CVE-2019-12384 CVE-2019-12814 CVE-2019-14379 CVE-2019-14439
MLIST:[struts-issues] 20201207 [jira] [Created] (WW-5105) Tracking the fix commit of CVE-2005-3745 and CVE-2018-1327 CVE-2005-3745 CVE-2008-1327 CVE-2018-1327
MLIST:[struts-issues] 20201207 [jira] [Updated] (WW-5105) Tracking the fix commit of CVE-2005-3745 and CVE-2018-1327 CVE-2005-3745 CVE-2008-1327 CVE-2018-1327
MLIST:[stunnel-announce] 20080503 stunnel 4.23 released CVE-2008-2400
MLIST:[stunnel-announce] 20080519 stunnel 4.24 released CVE-2008-2420
MLIST:[stunnel-announce] 20110818 stunnel 4.42 released CVE-2011-2940
MLIST:[suPHP] 20080330 SECURITY ISSUE: Immediate update advised CVE-2008-1614
MLIST:[submarine-commits] 20201209 [GitHub] [submarine] QiAnXinCodeSafe opened a new issue #474: There is a vulnerability in Apache Solr 5.5.4,upgrade recommended CVE-2017-3164 CVE-2019-0192 CVE-2019-0193 CVE-2019-17558 CVE-2020-13941
MLIST:[submarine-commits] 20201209 [GitHub] [submarine] QiAnXinCodeSafe opened a new issue #475: There is a vulnerability in Apache Spark 2.3.4,upgrade recommended CVE-2020-9480
MLIST:[subversion-announce] 20130404 Apache Subversion 1.7.9 released CVE-2013-1845 CVE-2013-1846 CVE-2013-1847 CVE-2013-1849 CVE-2013-1884
MLIST:[subversion-announce] 20130404 Subversion 1.6.21 released CVE-2013-1845 CVE-2013-1846 CVE-2013-1847 CVE-2013-1849
MLIST:[subversion-announce] 20130531 Apache Subversion 1.7.10 released CVE-2013-1968 CVE-2013-2088 CVE-2013-2112
MLIST:[subversion-announce] 20130531 Subversion 1.6.23 released CVE-2013-1968 CVE-2013-2088 CVE-2013-2112
MLIST:[subversion-announce] 20160428 [ANNOUNCE][SECURITY] Apache Subversion 1.8.16 released CVE-2016-2167 CVE-2016-2168
MLIST:[subversion-announce] 20160428 [ANNOUNCE][SECURITY] Apache Subversion 1.9.4 released CVE-2016-2167 CVE-2016-2168
MLIST:[subversion-commits] 20190830 svn commit: r1866117 - in /subversion/site/publish/docs/community-guide: how-to-roll-releases-in-private.txt issues.part.html CVE-2017-9800
MLIST:[subversion-dev] 20140110 2 Re: Segfault in mod_dav_svn with repositories on / CVE-2014-0032
MLIST:[subversion-dev] 20140110 Re: Segfault in mod_dav_svn with repositories on / CVE-2014-0032
MLIST:[subversion-dev] 20140110 Sin mod_dav_svn with repositories on / CVE-2014-0032
MLIST:[superset-dev] 20190926 Re: [VOTE] Release Superset 0.34.1 based on Superset 0.34.1rc1 CVE-2018-14040 CVE-2018-14041 CVE-2018-14042 CVE-2018-20677 CVE-2019-8331
MLIST:[superset-dev] 20210305 CVE-2021-27907: Apache Superset stored XSS on Dashboard markdown CVE-2021-27907
MLIST:[superset-dev] 20210427 CVE-2021-28125: Apache Superset Open Redirect CVE-2021-28125
MLIST:[superset-notifications] 20201112 [GitHub] [incubator-superset] ktmud commented on pull request #11617: feat: support 'chevron' library for templating as jinja alternative CVE-2020-13948
MLIST:[superset-notifications] 20201112 [GitHub] [incubator-superset] robdiciuccio commented on pull request #11617: feat: support 'chevron' library for templating as jinja alternative CVE-2020-13948
MLIST:[support] 20130301 error in pidgin : big url CVE-2013-6478
MLIST:[support] 20130301 error in pidgin : big url - 2 (pidgin eat a part of url) CVE-2013-6478
MLIST:[swan-dev] 20160313 Proposal: Do not retransmit IKEv1 reply for initial responder states CVE-2016-5361
MLIST:[swfdec] 20080729 Swfdec 0.6.8 released CVE-2008-3796
MLIST:[swi-prolog] 20121221 [SWIPL] Ann: SWI-Prolog 6.3.7 and 6.2.5 CVE-2012-6089 CVE-2012-6090
MLIST:[syncope-dev] 20200423 Jquery version on 2.1.x/2.0.x CVE-2019-11358
MLIST:[syncope-dev] 20200423 Re: Time to cut 2.1.6 / 2.0.15? CVE-2018-10237 CVE-2018-8036
MLIST:[syncope-dev] 20210526 [GitHub] [syncope] coheigea opened a new pull request #268: Disable CXF Services Listing CVE-2020-13954
MLIST:[syslog-ng-announce] 20110110 syslog-ng Premium Edition 3.0.6a has been released CVE-2009-3245 CVE-2011-0343
MLIST:[syslog-ng-announce] 20110110 syslog-ng Premium Edition 3.2.1a has been released CVE-2009-3245 CVE-2011-0343
MLIST:[syslog-ng-announce] 20140411 syslog-ng Premium Edition 5 LTS (5.0.4a) has been released CVE-2014-0160
MLIST:[syslog-ng-announce] 20140910 syslog-ng Premium Edition 5 LTS (5.0.6a) has been released CVE-2014-3505 CVE-2014-3506 CVE-2014-3507 CVE-2014-3508 CVE-2014-3509 CVE-2014-3510 CVE-2014-3511 CVE-2014-3512 CVE-2014-5139
MLIST:[tails-dev] 20150813 [Bug-wget] Wget Sending Original IP !! CVE-2015-7665
MLIST:[tails-dev] 20151002 [Bug-wget] Wget Sending Original IP !! CVE-2015-7665
MLIST:[tamaya-commits] 20190607 [GitHub] [incubator-tamaya-sandbox] ottlinger commented on issue #30: TAMAYA-410 bump camel-core version past CVE-2019-0188 CVE-2019-0188
MLIST:[tamaya-commits] 20190607 [GitHub] [incubator-tamaya-sandbox] peculater merged pull request #30: TAMAYA-410 bump camel-core version past CVE-2019-0188 CVE-2019-0188
MLIST:[tamaya-commits] 20190607 [GitHub] [incubator-tamaya-sandbox] peculater opened a new pull request #30: TAMAYA-410 bump camel-core version past CVE-2019-0188 CVE-2019-0188
MLIST:[tamaya-commits] 20190607 [incubator-tamaya-sandbox] branch master updated: TAMAYA-410 bump camel-core version past CVE-2019-0188 CVE-2019-0188
MLIST:[tamaya-dev] 20190607 [jira] [Closed] (TAMAYA-410) Update camel-core dependency past CVE-2019-0188 CVE-2019-0188
MLIST:[tamaya-dev] 20190607 [jira] [Commented] (TAMAYA-410) Update camel-core dependency past CVE-2019-0188 CVE-2019-0188
MLIST:[tamaya-dev] 20190607 [jira] [Created] (TAMAYA-410) Update camel-core dependency past CVE-2019-0188 CVE-2019-0188
MLIST:[tapestry-commits] 20200111 svn commit: r1055136 [2/2] - in /websites/production/tapestry/content: cache/main.pageCache component-rendering.html content-type-and-markup.html dom.html https.html request-processing.html response-compression.html security.html url-rewriting.html CVE-2014-1972 CVE-2019-0195 CVE-2019-0207 CVE-2019-10071
MLIST:[tapestry-commits] 20200531 svn commit: r1061326 [4/4] - in /websites/production/tapestry/content: ./ cache/ CVE-2014-1972 CVE-2019-0195 CVE-2019-0207 CVE-2019-10071
MLIST:[tapestry-users] 20190913 CVE-2019-0207: Apache Tapestry vulnerability disclosure CVE-2019-0207
MLIST:[tapestry-users] 20190913 CVE-2019-10071: Apache Tapestry vulnerability disclosure CVE-2019-10071
MLIST:[tapestry-users] 20190913 Re: CVE-2019-10071: Apache Tapestry vulnerability disclosure CVE-2014-1972
MLIST:[tapestry-users] 20190913 [CVE-2019-0195] Apache Tapestry vulnerability disclosure CVE-2019-0195
MLIST:[tapestry-users] 20191007 Re: CVE-2019-10071: Apache Tapestry vulnerability disclosure CVE-2014-1972 CVE-2019-0207 CVE-2019-10071
MLIST:[tapestry-users] 20191007 Re: [CVE-2019-0195] Apache Tapestry vulnerability disclosure CVE-2019-0195
MLIST:[tapestry-users] 20191014 Re: CVE-2019-10071: Apache Tapestry vulnerability disclosure CVE-2019-10071
MLIST:[tapestry-users] 20191014 Re: [CVE-2019-0195] Apache Tapestry vulnerability disclosure CVE-2019-0195
MLIST:[tapestry-users] 20201208 CVE-2020-17531: Deserialization flaw in EOL Tapestry 4. CVE-2020-17531
MLIST:[tapestry-users] 20210414 [SECURITY VULNERABILITY DISCLOSURE] CVE-2021-27850: Apache Tapestry: Bypass of the fix for CVE-2019-0195 CVE-2019-0195
MLIST:[tapestry-users] 20210427 CVE-2021-30638: An Information Disclosure due to insufficient input validation exists in Apache Tapestry 5.4.0 and later CVE-2020-13953
MLIST:[target-devel] 20140616 [PATCH] target: Explicitly clear ramdisk_mcp backend pages CVE-2014-4027
MLIST:[tavi-devel] 20020102 "Tavi security advisory CVE-2002-2106
MLIST:[tcpdump-workers] 20011015 Bug in print-bgp.c? CVE-2002-1350
MLIST:[tcpdump-workers] 20031224 Seg fault of tcpdump (v 3.8.1 and below) with malformed l2tp packets CVE-2003-1029
MLIST:[tcpdump-workers] multiple vulnerabilities in tcpdump 3.8.1 CVE-2004-0055 CVE-2004-0057
MLIST:[tcpdump] 20141124 Re: Official patches for CVE-2014-8767/CVE-2014-8768/CVE-2014-8769? CVE-2014-9140
MLIST:[tech-security] 20061116 Re: [Full-disclosure] NetBSD all versions FireWire IOCTL kernel integer overflow information disclousure CVE-2006-6013
MLIST:[tech-security] 20061214 NetBSD Security Note 20061214-1: Kernel memory leakage in firewire interface CVE-2006-6013
MLIST:[tep-commits] 20031217 [TEP-COMMIT] CVS: catalog/catalog/includes/functions html_output.php,1.58,1.59 CVE-2003-1219
MLIST:[tez-dev] 20201002 [jira] [Created] (TEZ-4237) Upgrade async-http-client-1.9.40 due to CVE-2017-14063 CVE-2017-14063
MLIST:[tez-dev] 20201112 Build failed in Jenkins: Tez-qbt-0.10-Build #12 CVE-2017-14063
MLIST:[tez-issues] 20201002 [jira] [Assigned] (TEZ-4237) Upgrade async-http-client-1.9.40 due to CVE-2017-14063 CVE-2017-14063
MLIST:[tez-issues] 20201002 [jira] [Created] (TEZ-4237) Upgrade async-http-client-1.9.40 due to CVE-2017-14063 CVE-2017-14063
MLIST:[tez-issues] 20201004 [jira] [Commented] (TEZ-4237) Upgrade async-http-client-1.9.40 due to CVE-2017-14063 CVE-2017-14063
MLIST:[tez-issues] 20201004 [jira] [Updated] (TEZ-4237) Upgrade async-http-client-1.9.40 due to CVE-2017-14063 CVE-2017-14063
MLIST:[tez-issues] 20201005 [jira] [Commented] (TEZ-4237) Upgrade async-http-client-1.9.40 due to CVE-2017-14063 CVE-2017-14063
MLIST:[tez-issues] 20201005 [jira] [Updated] (TEZ-4237) Upgrade async-http-client-1.9.40 due to CVE-2017-14063 CVE-2017-14063
MLIST:[tez-issues] 20201009 [jira] [Commented] (TEZ-4237) Upgrade async-http-client-1.9.40 due to CVE-2017-14063 CVE-2017-14063
MLIST:[tez-issues] 20201009 [jira] [Updated] (TEZ-4237) Upgrade async-http-client-1.9.40 due to CVE-2017-14063 CVE-2017-14063
MLIST:[tez-issues] 20201014 [jira] [Commented] (TEZ-4237) Upgrade async-http-client-1.9.40 due to CVE-2017-14063 CVE-2017-14063
MLIST:[tez-issues] 20201014 [jira] [Updated] (TEZ-4237) Upgrade async-http-client-1.9.40 due to CVE-2017-14063 CVE-2017-14063
MLIST:[tez-issues] 20201020 [jira] [Commented] (TEZ-4237) Upgrade async-http-client-1.9.40 due to CVE-2017-14063 CVE-2017-14063
MLIST:[tez-issues] 20201020 [jira] [Updated] (TEZ-4237) Upgrade async-http-client-1.9.40 due to CVE-2017-14063 CVE-2017-14063
MLIST:[tez-issues] 20201021 [jira] [Commented] (TEZ-4237) Upgrade async-http-client-1.9.40 due to CVE-2017-14063 CVE-2017-14063
MLIST:[tez-issues] 20201021 [jira] [Updated] (TEZ-4237) Upgrade async-http-client-1.9.40 due to CVE-2017-14063 CVE-2017-14063
MLIST:[tez-issues] 20201110 [jira] [Commented] (TEZ-4237) Upgrade async-http-client-1.9.40 due to CVE-2017-14063 CVE-2017-14063
MLIST:[tez-issues] 20201111 [jira] [Commented] (TEZ-4237) Upgrade async-http-client-1.9.40 due to CVE-2017-14063 CVE-2017-14063
MLIST:[tez-issues] 20201111 [jira] [Updated] (TEZ-4237) Upgrade async-http-client-1.9.40 due to CVE-2017-14063 CVE-2017-14063
MLIST:[thrift-commits] 20200208 [thrift] 01/01: THRIFT-5075: Backport changes for CVE-2019-0205 to 0.9.3.1 branch CVE-2019-0205
MLIST:[thrift-dev] 20191106 [jira] [Assigned] (THRIFT-4997) Nexus Scan Reporting Security issue CVE-2019-0205 for Thrift: CVE-2019-0205
MLIST:[thrift-dev] 20191106 [jira] [Comment Edited] (THRIFT-4997) Nexus Scan Reporting Security issue CVE-2019-0205 for Thrift: CVE-2019-0205
MLIST:[thrift-dev] 20191106 [jira] [Created] (THRIFT-4997) Nexus Scan Reporting Security issue CVE-2019-0205 for Thrift: CVE-2019-0205
MLIST:[thrift-dev] 20191106 [jira] [Resolved] (THRIFT-4997) Nexus Scan Reporting Security issue CVE-2019-0205 for Thrift: CVE-2019-0205
MLIST:[thrift-dev] 20191106 [jira] [Updated] (THRIFT-4997) Nexus Scan Reporting Security issue CVE-2019-0205 for Thrift: CVE-2019-0205
MLIST:[thrift-dev] 20200124 [jira] [Commented] (THRIFT-5075) Backport fixes for CVE-2019-0205 to (Java) 0.9.3-1 version CVE-2019-0205
MLIST:[thrift-dev] 20200124 [jira] [Created] (THRIFT-5075) Backport fixes for CVE-2019-0205 to (Java) 0.9.3-1 version CVE-2019-0205
MLIST:[thrift-dev] 20200125 [jira] [Comment Edited] (THRIFT-5075) Backport fixes for CVE-2019-0205 to (Java) 0.9.3-1 version CVE-2019-0205
MLIST:[thrift-dev] 20200125 [jira] [Commented] (THRIFT-5075) Backport fixes for CVE-2019-0205 to (Java) 0.9.3-1 version CVE-2019-0205
MLIST:[thrift-dev] 20200127 [jira] [Commented] (THRIFT-5075) Backport fixes for CVE-2019-0205 to (Java) 0.9.3-1 version CVE-2019-0205
MLIST:[thrift-dev] 20200208 [jira] [Comment Edited] (THRIFT-5075) Backport fixes for CVE-2019-0205 to (Java) 0.9.3-1 version CVE-2019-0205
MLIST:[thrift-dev] 20200208 [jira] [Commented] (THRIFT-5075) Backport fixes for CVE-2019-0205 to (Java) 0.9.3-1 version CVE-2019-0205
MLIST:[thrift-dev] 20210204 [jira] [Updated] (THRIFT-4997) Nexus Scan Reporting Security issue CVE-2019-0205 for Thrift: CVE-2019-0205
MLIST:[thrift-dev] 20210204 [jira] [Updated] (THRIFT-5075) Backport fixes for CVE-2019-0205 to (Java) 0.9.3-1 version CVE-2019-0205
MLIST:[thrift-notifications] 20200813 [GitHub] [thrift] kevinsookocheff-wf commented on pull request #1993: THRIFT-5075: Backport changes for CVE-2019-0205 to 0.9.3.1 branch CVE-2019-0205
MLIST:[thrift-notifications] 20210317 [GitHub] [thrift] cyril867 commented on pull request #2208: THRIFT-5237 Implement MAX_MESSAGE_SIZE and consolidate limits into a TConfiguration class (c_glib) CVE-2020-13949
MLIST:[thrift-notifications] 20210317 [GitHub] [thrift] cyril867 edited a comment on pull request #2208: THRIFT-5237 Implement MAX_MESSAGE_SIZE and consolidate limits into a TConfiguration class (c_glib) CVE-2020-13949
MLIST:[thrift-user] 20191107 CVE-2019-0205 CVE-2019-0205
MLIST:[thrift-user] 20191108 Re: CVE-2019-0205 CVE-2019-0205
MLIST:[thrift-user] 20210217 Apache Thrift 0.14.0 Release not on Maven central CVE-2020-13949
MLIST:[thrift-user] 20210224 Re: [SECURITY] CVE-2020-13949 Announcement CVE-2020-13949
MLIST:[thrift-user] 20210312 RE: Thrift 0.13 micro for CVE-2020-13949? CVE-2020-13949
MLIST:[thrift-user] 20210312 Thrift 0.13 micro for CVE-2020-13949? CVE-2020-13949
MLIST:[thrift-user] 20210927 Analysis and guidelines concerning CVE-2020-13949 CVE-2020-13949
MLIST:[thrift-user] 20211004 Re: Analysis and guidelines concerning CVE-2020-13949 CVE-2020-13949
MLIST:[thttpd] 20060305 Re: htpasswd.c security issues CVE-2006-1078 CVE-2006-1079
MLIST:[thttpd] 20060305 htpasswd.c security issues CVE-2006-1078 CVE-2006-1079
MLIST:[tika-commits] 20190802 svn commit: r1864251 [1/17] - in /tika/site: publish/ publish/1.10/ publish/1.11/ publish/1.12/ publish/1.13/ publish/1.14/ publish/1.15/ publish/1.16/ publish/1.17/ publish/1.18/ publish/1.19.1/ publish/1.19/ publish/1.20/ publish/1.21/ publish/1.22/ ... CVE-2019-0228
MLIST:[tika-commits] 20190802 svn commit: r1864252 [1/17] - in /tika/site: publish/ publish/1.10/ publish/1.11/ publish/1.12/ publish/1.13/ publish/1.14/ publish/1.15/ publish/1.16/ publish/1.17/ publish/1.18/ publish/1.19.1/ publish/1.19/ publish/1.20/ publish/1.21/ publish/1.22/ ... CVE-2019-0228
MLIST:[tika-commits] 20190802 svn commit: r1864259 [1/17] - in /tika/site: publish/ publish/1.10/ publish/1.11/ publish/1.12/ publish/1.13/ publish/1.14/ publish/1.15/ publish/1.16/ publish/1.17/ publish/1.18/ publish/1.19.1/ publish/1.19/ publish/1.20/ publish/1.21/ publish/1.22/ ... CVE-2016-2175
MLIST:[tika-dev] 20160526 [CVE-2016-4434] Apache Tika XML External Entity vulnerability CVE-2016-4434
MLIST:[tika-dev] 20180919 [CVE-2018-11761] Apache Tika DoS XML Entity Expansion Vulnerability CVE-2018-11761
MLIST:[tika-dev] 20180919 [CVE-2018-11762] Zip Slip Vulnerability in Apache Tika's tika-app CVE-2018-11762
MLIST:[tika-dev] 20180919 [CVE-2018-8017] Apache Tika Denial of Service Vulnerability -- Potential Infinite Loop in IptcAnpaParser CVE-2018-8017
MLIST:[tika-dev] 20190809 security fixes for CVE-2019-10088 and CVE-2019-1009{3,4} CVE-2019-10088 CVE-2019-1009 CVE-2019-10093 CVE-2019-10094
MLIST:[tika-dev] 20190812 Re: security fixes for CVE-2019-10088 and CVE-2019-1009{3,4} CVE-2019-10088 CVE-2019-1009 CVE-2019-10093 CVE-2019-10094
MLIST:[tika-dev] 20190813 Re: security fixes for CVE-2019-10088 and CVE-2019-1009{3,4} CVE-2019-10088 CVE-2019-1009 CVE-2019-10093 CVE-2019-10094
MLIST:[tika-dev] 20191226 [jira] [Commented] (TIKA-3018) log4j 1.2 version used by Apache Tika 1.23 is vulnerable to CVE-2019-17571 CVE-2017-5645 CVE-2019-17571
MLIST:[tika-dev] 20191226 [jira] [Created] (TIKA-3018) log4j 1.2 version used by Apache Tika 1.23 is vulnerable to CVE-2019-17571 CVE-2017-5645 CVE-2019-17571
MLIST:[tika-dev] 20191230 [jira] [Created] (TIKA-3019) [9.8] [CVE-2019-17571] [tika-app] [1.23] CVE-2017-5645 CVE-2019-17571
MLIST:[tika-dev] 20200106 [jira] [Commented] (TIKA-3019) [9.8] [CVE-2019-17571] [tika-app] [1.23] CVE-2017-5645 CVE-2019-17571
MLIST:[tika-dev] 20200107 [jira] [Commented] (TIKA-3019) [9.8] [CVE-2019-17571] [tika-app] [1.23] CVE-2017-5645 CVE-2019-17571
MLIST:[tika-dev] 20200108 [jira] [Commented] (TIKA-3019) [9.8] [CVE-2019-17571] [tika-app] [1.23] CVE-2017-5645 CVE-2019-17571
MLIST:[tika-dev] 20200110 [jira] [Commented] (TIKA-3019) [9.8] [CVE-2019-17571] [tika-app] [1.23] CVE-2017-5645 CVE-2019-17571
MLIST:[tika-dev] 20200111 Re: [jira] [Commented] (TIKA-3018) log4j 1.2 version used by Apache Tika 1.23 is vulnerable to CVE-2019-17571 CVE-2017-5645 CVE-2019-17571
MLIST:[tika-dev] 20200111 [jira] [Closed] (TIKA-3018) log4j 1.2 version used by Apache Tika 1.23 is vulnerable to CVE-2019-17571 CVE-2017-5645 CVE-2019-17571
MLIST:[tika-dev] 20200111 [jira] [Resolved] (TIKA-3018) log4j 1.2 version used by Apache Tika 1.23 is vulnerable to CVE-2019-17571 CVE-2017-5645 CVE-2019-17571
MLIST:[tika-dev] 20200114 [jira] [Commented] (TIKA-3019) [9.8] [CVE-2019-17571] [tika-app] [1.23] CVE-2017-5645 CVE-2019-17571
MLIST:[tika-dev] 20200115 [jira] [Commented] (TIKA-3019) [9.8] [CVE-2019-17571] [tika-app] [1.23] CVE-2017-5645 CVE-2019-17571
MLIST:[tika-dev] 20210721 [jira] [Created] (TIKA-3488) Security issue XXE in TIKA due to JDOM CVE-2021-33813
MLIST:[tika-user] 20191105 Is tika-parsers exposed to CVE-2019-12415 CVE-2019-12415
MLIST:[tika-user] 20191105 Re: Is tika-parsers exposed to CVE-2019-12415 CVE-2019-12415
MLIST:[tika-user] 20191106 Re: Is tika-parsers exposed to CVE-2019-12415 CVE-2019-12415
MLIST:[tinc] 20130422 [Announcement] Tinc version 1.0.21 and 1.1pre7 released CVE-2013-1428
MLIST:[tinkerpop-commits] 20190829 [tinkerpop] branch master updated: Bump commons-beanutils to 1.9.4 for CVE-2019-10086 - CTR CVE-2019-10086
MLIST:[tinkerpop-commits] 20190923 [GitHub] [tinkerpop] justinchuch opened a new pull request #1199: Upgrade commons-compress to version 1.19 due to CVE-2018-11771 CVE-2018-11771
MLIST:[tinkerpop-commits] 20190923 [GitHub] [tinkerpop] robertdale commented on issue #1199: Upgrade commons-compress to version 1.19 due to CVE-2018-11771 CVE-2018-11771
MLIST:[tinkerpop-commits] 20190923 [GitHub] [tinkerpop] spmallette commented on issue #1199: Upgrade commons-compress to version 1.19 due to CVE-2018-11771 CVE-2018-11771
MLIST:[tinkerpop-commits] 20190924 [GitHub] [tinkerpop] justinchuch commented on issue #1199: Upgrade commons-compress to version 1.19 due to CVE-2018-11771 CVE-2018-11771
MLIST:[tinkerpop-commits] 20190924 [GitHub] [tinkerpop] justinchuch opened a new pull request #1200: Upgrade jackson due to CVE issues CVE-2019-14379 CVE-2019-14540 CVE-2019-16335
MLIST:[tinkerpop-commits] 20190924 [GitHub] [tinkerpop] spmallette commented on issue #1199: Upgrade commons-compress to version 1.19 due to CVE-2018-11771 CVE-2018-11771
MLIST:[tinkerpop-commits] 20190930 [GitHub] [tinkerpop] spmallette merged pull request #1199: Upgrade commons-compress to version 1.19 due to CVE-2018-11771 CVE-2018-11771
MLIST:[tinkerpop-commits] 20191022 [tinkerpop] branch tp34 updated: Bump to Netty 4.1.42 fixes CVE-2019-16869 - CTR CVE-2019-16869
MLIST:[tinkerpop-commits] 20210701 [tinkerpop] 01/03: Bumped ws to 6.2.2 to address CVE-2021-32640 CTR CVE-2021-32640
MLIST:[tinkerpop-dev] 20190924 [GitHub] [tinkerpop] justinchuch commented on issue #1199: Upgrade commons-compress to version 1.19 due to CVE-2018-11771 CVE-2018-11771
MLIST:[tinkerpop-dev] 20190924 [GitHub] [tinkerpop] spmallette commented on issue #1199: Upgrade commons-compress to version 1.19 due to CVE-2018-11771 CVE-2018-11771
MLIST:[tinkerpop-dev] 20190930 [GitHub] [tinkerpop] spmallette closed pull request #1199: Upgrade commons-compress to version 1.19 due to CVE-2018-11771 CVE-2018-11771
MLIST:[tinkerpop-dev] 20210316 [jira] [Created] (TINKERPOP-2534) Log4j flagged as critical security violation CVE-2019-17571
MLIST:[tinkerpop-dev] 20210316 [jira] [Created] (TINKERPOP-2535) Netty 4.1.52 flagged as medium security violation CVE-2021-21290
MLIST:[tinkerpop-dev] 20211025 [jira] [Created] (TINKERPOP-2632) Netty 4.1.61 flagged with two high severity security violations CVE-2021-37136 CVE-2021-37137
MLIST:[tls] 20110315 Re: SSL Renegotiation DOS CVE-2011-1473 CVE-2011-5094
MLIST:[tls] 20110315 SSL Renegotiation DOS CVE-2011-1473 CVE-2011-5094
MLIST:[tls] 20110318 Re: SSL Renegotiation DOS CVE-2011-1473 CVE-2011-5094
MLIST:[tls] 20140810 Re: Inter-protocol attacks CVE-2014-3166
MLIST:[tomcat-announce] 20150505 [SECURITY] CVE-2014-0230: Apache Tomcat DoS CVE-2014-0230
MLIST:[tomcat-announce] 20190620 [SECURITY] CVE-2019-10072 Apache Tomcat HTTP/2 DoS CVE-2019-0199
MLIST:[tomcat-announce] 20190620 [SECURITY][CORRECTION] CVE-2019-10072 Apache Tomcat HTTP/2 DoS CVE-2019-0199
MLIST:[tomcat-announce] 20191218 [SECURITY] CVE-2019-12418 Local Privilege Escalation CVE-2019-2684
MLIST:[tomcat-announce] 20200224 [SECURITY] CVE-2019-17569 HTTP Request Smuggling CVE-2019-17569
MLIST:[tomcat-announce] 20200224 [SECURITY] CVE-2020-1935 HTTP Request Smuggling CVE-2020-1935
MLIST:[tomcat-announce] 20200224 [SECURITY] CVE-2020-1938 AJP Request Injection and potential Remote Code Execution CVE-2020-1938
MLIST:[tomcat-announce] 20201203 [SECURITY] CVE-2020-17527 Apache Tomcat HTTP/2 Request header mix-up CVE-2020-17527
MLIST:[tomcat-announce] 20210114 [SECURITY] CVE-2021-24122 Apache Tomcat Information Disclosure CVE-2021-24122
MLIST:[tomcat-announce] 20210119 Re: [SECURITY][CORRECTION] CVE-2020-17527 Apache Tomcat HTTP/2 Request header mix-up CVE-2020-17527
MLIST:[tomcat-announce] 20210301 [SECURITY] CVE-2021-25122 Apache Tomcat h2c request mix-up CVE-2021-25122
MLIST:[tomcat-announce] 20210301 [SECURITY] CVE-2021-25329 Apache Tomcat Incomplete fix for CVE-2020-9484 (RCE via session persistence) CVE-2020-9484 CVE-2021-25329
MLIST:[tomcat-dev] 20190319 svn commit: r1855831 [21/30] - in /tomcat/site/trunk: ./ docs/ xdocs/ CVE-2001-0917 CVE-2002-0493 CVE-2002-0682 CVE-2002-0935 CVE-2002-0936 CVE-2002-1148 CVE-2002-1394 CVE-2002-1567 CVE-2002-1895 CVE-2002-2006 CVE-2002-2008 CVE-2002-2009 CVE-2003-0866 CVE-2005-2090 CVE-2005-3164 CVE-2005-3510 CVE-2005-4703 CVE-2005-4836 CVE-2006-3835 CVE-2007-1355 CVE-2007-1358 CVE-2007-2449 CVE-2007-2450 CVE-2007-3382 CVE-2007-3383 CVE-2007-3385 CVE-2007-5461 CVE-2008-0128
MLIST:[tomcat-dev] 20190319 svn commit: r1855831 [22/30] - in /tomcat/site/trunk: ./ docs/ xdocs/ CVE-2007-2449 CVE-2007-3385 CVE-2007-5461 CVE-2007-6286 CVE-2009-2693 CVE-2009-3548 CVE-2010-2227 CVE-2011-2204 CVE-2011-3190 CVE-2011-5062 CVE-2011-5063 CVE-2011-5064 CVE-2012-0022
MLIST:[tomcat-dev] 20190319 svn commit: r1855831 [23/30] - in /tomcat/site/trunk: ./ docs/ xdocs/ CVE-2005-2090 CVE-2012-3544 CVE-2013-1571 CVE-2013-2067 CVE-2013-4286 CVE-2013-4322 CVE-2013-4590 CVE-2014-0033 CVE-2014-0075 CVE-2014-0096 CVE-2014-0099 CVE-2014-0119 CVE-2014-0227 CVE-2014-0230 CVE-2014-7810 CVE-2015-5174 CVE-2015-5345 CVE-2016-0706 CVE-2016-0714 CVE-2016-0762 CVE-2016-3427 CVE-2016-5018 CVE-2016-6794 CVE-2016-6796 CVE-2016-6797 CVE-2016-6816 CVE-2016-8735 CVE-2016-8745 CVE-2017-5647
MLIST:[tomcat-dev] 20190319 svn commit: r1855831 [24/30] - in /tomcat/site/trunk: ./ docs/ xdocs/ CVE-2017-12617 CVE-2017-15706 CVE-2017-5647 CVE-2017-5650 CVE-2017-5651 CVE-2017-5664 CVE-2017-7674 CVE-2017-7675 CVE-2018-11784 CVE-2018-1304 CVE-2018-1305 CVE-2018-1336 CVE-2018-8014 CVE-2018-8034 CVE-2018-8037
MLIST:[tomcat-dev] 20190319 svn commit: r1855831 [25/30] - in /tomcat/site/trunk: ./ docs/ xdocs/ CVE-2016-0762 CVE-2016-0763 CVE-2016-3092 CVE-2016-3427 CVE-2016-5018 CVE-2016-6794 CVE-2016-6796 CVE-2016-6797 CVE-2016-6816 CVE-2016-6817 CVE-2016-8735 CVE-2016-8745 CVE-2016-8747 CVE-2017-12617 CVE-2017-15706 CVE-2017-5647 CVE-2017-5648 CVE-2017-5650 CVE-2017-5651 CVE-2017-5664 CVE-2017-7674 CVE-2017-7675 CVE-2018-11784 CVE-2018-1304 CVE-2018-1305 CVE-2018-1336 CVE-2018-8014 CVE-2018-8034 CVE-2018-8037
MLIST:[tomcat-dev] 20190319 svn commit: r1855831 [26/30] - in /tomcat/site/trunk: ./ docs/ xdocs/ CVE-2014-0160 CVE-2014-8111 CVE-2016-6808 CVE-2017-15698 CVE-2018-11759 CVE-2018-1323 CVE-2018-8019 CVE-2018-8020
MLIST:[tomcat-dev] 20190319 svn commit: r1855831 [27/30] - in /tomcat/site/trunk: ./ docs/ xdocs/ CVE-2015-0254
MLIST:[tomcat-dev] 20190325 svn commit: r1856174 [19/29] - in /tomcat/site/trunk: docs/ xdocs/ xdocs/stylesheets/ CVE-2001-0917 CVE-2002-0493 CVE-2002-0682 CVE-2002-0935 CVE-2002-0936 CVE-2002-1148 CVE-2002-1394 CVE-2002-1567 CVE-2002-1895 CVE-2002-2006 CVE-2002-2008 CVE-2002-2009 CVE-2003-0866 CVE-2005-2090 CVE-2005-3164 CVE-2005-3510 CVE-2005-4703 CVE-2005-4836 CVE-2006-3835 CVE-2007-1355 CVE-2007-1358 CVE-2007-2449 CVE-2007-2450 CVE-2007-3382 CVE-2007-3383 CVE-2007-3385 CVE-2007-5461 CVE-2008-0128
MLIST:[tomcat-dev] 20190325 svn commit: r1856174 [20/29] - in /tomcat/site/trunk: docs/ xdocs/ xdocs/stylesheets/ CVE-2007-2449 CVE-2007-3385 CVE-2007-5461 CVE-2007-6286 CVE-2009-2693 CVE-2009-3548 CVE-2010-2227 CVE-2011-2204 CVE-2011-3190 CVE-2011-5062 CVE-2011-5063 CVE-2011-5064 CVE-2012-0022
MLIST:[tomcat-dev] 20190325 svn commit: r1856174 [21/29] - in /tomcat/site/trunk: docs/ xdocs/ xdocs/stylesheets/ CVE-2005-2090 CVE-2012-3544 CVE-2013-1571 CVE-2013-2067 CVE-2013-4286 CVE-2013-4322 CVE-2013-4590 CVE-2014-0033 CVE-2014-0075 CVE-2014-0096 CVE-2014-0099 CVE-2014-0119 CVE-2014-0227 CVE-2014-0230 CVE-2014-7810 CVE-2015-5174 CVE-2015-5345 CVE-2016-0706 CVE-2016-0714 CVE-2016-0762 CVE-2016-3427 CVE-2016-5018 CVE-2016-6794 CVE-2016-6796 CVE-2016-6797 CVE-2016-6816 CVE-2016-8735 CVE-2016-8745 CVE-2017-5647
MLIST:[tomcat-dev] 20190325 svn commit: r1856174 [22/29] - in /tomcat/site/trunk: docs/ xdocs/ xdocs/stylesheets/ CVE-2016-0762 CVE-2016-3092 CVE-2016-3427 CVE-2016-5018 CVE-2016-6794 CVE-2016-6796 CVE-2016-6797 CVE-2016-6816 CVE-2016-8735 CVE-2016-8745 CVE-2017-12615 CVE-2017-12616 CVE-2017-12617 CVE-2017-15706 CVE-2017-5647 CVE-2017-5648 CVE-2017-5664 CVE-2017-7674 CVE-2018-11784 CVE-2018-1304 CVE-2018-1305 CVE-2018-1336 CVE-2018-8014 CVE-2018-8034
MLIST:[tomcat-dev] 20190325 svn commit: r1856174 [23/29] - in /tomcat/site/trunk: docs/ xdocs/ xdocs/stylesheets/ CVE-2017-12617 CVE-2017-15706 CVE-2017-5647 CVE-2017-5651 CVE-2017-5664 CVE-2017-7674 CVE-2017-7675 CVE-2018-11784 CVE-2018-1304 CVE-2018-1305 CVE-2018-1336 CVE-2018-8014 CVE-2018-8034 CVE-2018-8037
MLIST:[tomcat-dev] 20190325 svn commit: r1856174 [24/29] - in /tomcat/site/trunk: docs/ xdocs/ xdocs/stylesheets/ CVE-2016-0762 CVE-2016-3427 CVE-2016-5018 CVE-2016-6794 CVE-2016-6796 CVE-2016-6797 CVE-2016-6816 CVE-2016-6817 CVE-2016-8735 CVE-2016-8745 CVE-2016-8747 CVE-2017-12617 CVE-2017-15706 CVE-2017-5647 CVE-2017-5648 CVE-2017-5650 CVE-2017-5651 CVE-2017-5664 CVE-2017-7674 CVE-2017-7675 CVE-2018-11784 CVE-2018-1304 CVE-2018-1305 CVE-2018-1336 CVE-2018-8014 CVE-2018-8034 CVE-2018-8037
MLIST:[tomcat-dev] 20190325 svn commit: r1856174 [25/29] - in /tomcat/site/trunk: docs/ xdocs/ xdocs/stylesheets/ CVE-2014-8111 CVE-2016-6808 CVE-2018-11759 CVE-2018-1323
MLIST:[tomcat-dev] 20190325 svn commit: r1856174 [26/29] - in /tomcat/site/trunk: docs/ xdocs/ xdocs/stylesheets/ CVE-2014-0160 CVE-2015-0254 CVE-2017-15698 CVE-2018-8019 CVE-2018-8020
MLIST:[tomcat-dev] 20190413 svn commit: r1857494 [15/20] - in /tomcat/site/trunk: ./ docs/ xdocs/ CVE-2005-2090 CVE-2012-3544 CVE-2013-1571 CVE-2013-2067 CVE-2013-4286 CVE-2013-4322 CVE-2013-4590 CVE-2014-0033 CVE-2014-0075 CVE-2014-0096 CVE-2014-0099 CVE-2014-0119 CVE-2014-0227 CVE-2014-0230 CVE-2014-7810 CVE-2015-5174 CVE-2015-5345 CVE-2016-0706 CVE-2016-0714 CVE-2016-0762 CVE-2016-3427 CVE-2016-5018 CVE-2016-6794 CVE-2016-6796 CVE-2016-6797 CVE-2016-6816 CVE-2016-8735 CVE-2016-8745 CVE-2017-5647
MLIST:[tomcat-dev] 20190413 svn commit: r1857494 [16/20] - in /tomcat/site/trunk: ./ docs/ xdocs/ CVE-2016-0762 CVE-2016-3427 CVE-2016-5018 CVE-2016-6794 CVE-2016-6796 CVE-2016-6797 CVE-2016-6816 CVE-2016-8735 CVE-2016-8745 CVE-2017-12615 CVE-2017-12616 CVE-2017-12617 CVE-2017-15706 CVE-2017-5647 CVE-2017-5648 CVE-2017-5664 CVE-2017-7674 CVE-2018-11784 CVE-2018-1304 CVE-2018-1305 CVE-2018-1336 CVE-2018-8014 CVE-2018-8034
MLIST:[tomcat-dev] 20190413 svn commit: r1857494 [17/20] - in /tomcat/site/trunk: ./ docs/ xdocs/ CVE-2016-3427 CVE-2016-6794 CVE-2016-6796 CVE-2016-6797 CVE-2016-6816 CVE-2016-6817 CVE-2016-8735 CVE-2016-8745 CVE-2016-8747 CVE-2017-12617 CVE-2017-15706 CVE-2017-5647 CVE-2017-5648 CVE-2017-5650 CVE-2017-5651 CVE-2017-5664 CVE-2017-7674 CVE-2017-7675 CVE-2018-11784 CVE-2018-1304 CVE-2018-1305 CVE-2018-1336 CVE-2018-8014 CVE-2018-8034 CVE-2018-8037 CVE-2019-0199
MLIST:[tomcat-dev] 20190413 svn commit: r1857494 [18/20] - in /tomcat/site/trunk: ./ docs/ xdocs/ CVE-2014-8111 CVE-2016-6808 CVE-2018-11759 CVE-2018-1323
MLIST:[tomcat-dev] 20190413 svn commit: r1857496 [3/4] - in /tomcat/site/trunk: ./ docs/ xdocs/ CVE-2017-12617 CVE-2017-15706 CVE-2017-5664 CVE-2017-7674 CVE-2017-7675 CVE-2018-11784 CVE-2018-1304 CVE-2018-1305 CVE-2018-1336 CVE-2018-8014 CVE-2018-8034 CVE-2018-8037 CVE-2019-0199
MLIST:[tomcat-dev] 20190415 svn commit: r1857582 [16/22] - in /tomcat/site/trunk: docs/ xdocs/stylesheets/ CVE-2005-2090 CVE-2012-3544 CVE-2013-1571 CVE-2013-2067 CVE-2013-4286 CVE-2013-4322 CVE-2013-4590 CVE-2014-0033 CVE-2014-0075 CVE-2014-0096 CVE-2014-0099 CVE-2014-0119 CVE-2014-0227 CVE-2014-0230 CVE-2014-7810 CVE-2015-5174 CVE-2015-5345 CVE-2016-0706 CVE-2016-0714 CVE-2016-0762 CVE-2016-3427 CVE-2016-5018 CVE-2016-6794 CVE-2016-6796 CVE-2016-6797 CVE-2016-6816 CVE-2016-8735 CVE-2016-8745 CVE-2017-5647
MLIST:[tomcat-dev] 20190415 svn commit: r1857582 [17/22] - in /tomcat/site/trunk: docs/ xdocs/stylesheets/ CVE-2016-0762 CVE-2016-3427 CVE-2016-5018 CVE-2016-6794 CVE-2016-6796 CVE-2016-6797 CVE-2016-6816 CVE-2016-8735 CVE-2016-8745 CVE-2017-12615 CVE-2017-12616 CVE-2017-12617 CVE-2017-15706 CVE-2017-5647 CVE-2017-5648 CVE-2017-5664 CVE-2017-7674 CVE-2018-11784 CVE-2018-1304 CVE-2018-1305 CVE-2018-1336 CVE-2018-8014 CVE-2018-8034 CVE-2019-0232
MLIST:[tomcat-dev] 20190415 svn commit: r1857582 [18/22] - in /tomcat/site/trunk: docs/ xdocs/stylesheets/ CVE-2017-12617 CVE-2017-15706 CVE-2017-5664 CVE-2017-7674 CVE-2017-7675 CVE-2018-11784 CVE-2018-1304 CVE-2018-1305 CVE-2018-1336 CVE-2018-8014 CVE-2018-8034 CVE-2018-8037 CVE-2019-0199 CVE-2019-0232
MLIST:[tomcat-dev] 20190415 svn commit: r1857582 [19/22] - in /tomcat/site/trunk: docs/ xdocs/stylesheets/ CVE-2016-3427 CVE-2016-6794 CVE-2016-6796 CVE-2016-6797 CVE-2016-6816 CVE-2016-6817 CVE-2016-8735 CVE-2016-8745 CVE-2016-8747 CVE-2017-12617 CVE-2017-15706 CVE-2017-5647 CVE-2017-5648 CVE-2017-5650 CVE-2017-5651 CVE-2017-5664 CVE-2017-7674 CVE-2017-7675 CVE-2018-11784 CVE-2018-1304 CVE-2018-1305 CVE-2018-1336 CVE-2018-8014 CVE-2018-8034 CVE-2018-8037 CVE-2019-0199 CVE-2019-0232
MLIST:[tomcat-dev] 20190415 svn commit: r1857582 [20/22] - in /tomcat/site/trunk: docs/ xdocs/stylesheets/ CVE-2014-8111 CVE-2016-6808 CVE-2018-11759 CVE-2018-1323
MLIST:[tomcat-dev] 20190421 svn commit: r1857901 - in /tomcat/site/trunk: docs/security-7.html docs/security-8.html docs/security-9.html xdocs/security-7.xml xdocs/security-8.xml xdocs/security-9.xml CVE-2019-0232
MLIST:[tomcat-dev] 20190612 [Bug 61120] Tomcat 8.5.15 with HTTP/2: URL path parameters lost CVE-2017-7675
MLIST:[tomcat-dev] 20190620 [SECURITY] CVE-2019-10072 Apache Tomcat HTTP/2 DoS CVE-2019-0199
MLIST:[tomcat-dev] 20190620 [SECURITY][CORRECTION] CVE-2019-10072 Apache Tomcat HTTP/2 DoS CVE-2019-0199
MLIST:[tomcat-dev] 20190620 svn commit: r1861711 - in /tomcat/site/trunk: docs/security-8.html docs/security-9.html xdocs/security-8.xml xdocs/security-9.xml CVE-2019-0199
MLIST:[tomcat-dev] 20191124 [CONF] Apache Tomcat > Security CVE-2009-3548
MLIST:[tomcat-dev] 20191218 [SECURITY] CVE-2019-12418 Local Privilege Escalation CVE-2019-2684
MLIST:[tomcat-dev] 20191218 svn commit: r1871756 - in /tomcat/site/trunk: docs/security-7.html docs/security-8.html docs/security-9.html xdocs/security-7.xml xdocs/security-8.xml xdocs/security-9.xml CVE-2019-2684
MLIST:[tomcat-dev] 20200203 svn commit: r1873527 [22/30] - /tomcat/site/trunk/docs/ CVE-2007-3385 CVE-2007-5461 CVE-2007-6286 CVE-2009-2693 CVE-2009-3548 CVE-2010-2227 CVE-2011-2204 CVE-2011-3190 CVE-2011-5062 CVE-2011-5063 CVE-2011-5064 CVE-2012-0022
MLIST:[tomcat-dev] 20200203 svn commit: r1873527 [23/30] - /tomcat/site/trunk/docs/ CVE-2005-2090 CVE-2012-3544 CVE-2013-1571 CVE-2013-2067 CVE-2013-4286 CVE-2013-4322 CVE-2013-4590 CVE-2014-0033 CVE-2014-0075 CVE-2014-0096 CVE-2014-0099 CVE-2014-0119 CVE-2014-0227 CVE-2014-0230 CVE-2014-7810 CVE-2015-5174 CVE-2015-5345 CVE-2016-0706 CVE-2016-0714 CVE-2016-0762 CVE-2016-3427 CVE-2016-5018 CVE-2016-6794 CVE-2016-6796 CVE-2016-6797 CVE-2016-6816 CVE-2016-8735 CVE-2016-8745 CVE-2017-5647
MLIST:[tomcat-dev] 20200203 svn commit: r1873527 [24/30] - /tomcat/site/trunk/docs/ CVE-2017-12617 CVE-2017-15706 CVE-2017-7674 CVE-2018-11784 CVE-2018-1304 CVE-2018-1305 CVE-2018-1336 CVE-2018-8014 CVE-2018-8034 CVE-2018-8037 CVE-2019-0199 CVE-2019-0221 CVE-2019-0232 CVE-2019-10072 CVE-2019-12418 CVE-2019-17563 CVE-2019-2684
MLIST:[tomcat-dev] 20200203 svn commit: r1873527 [25/30] - /tomcat/site/trunk/docs/ CVE-2016-8745 CVE-2016-8747 CVE-2017-12617 CVE-2017-15706 CVE-2017-5647 CVE-2017-5648 CVE-2017-5650 CVE-2017-5651 CVE-2017-5664 CVE-2017-7674 CVE-2017-7675 CVE-2018-11784 CVE-2018-1304 CVE-2018-1305 CVE-2018-1336 CVE-2018-8014 CVE-2018-8034 CVE-2018-8037 CVE-2019-0199 CVE-2019-0221 CVE-2019-0232 CVE-2019-10072 CVE-2019-12418 CVE-2019-17563 CVE-2019-2684
MLIST:[tomcat-dev] 20200203 svn commit: r1873527 [26/30] - /tomcat/site/trunk/docs/ CVE-2014-0160 CVE-2014-8111 CVE-2016-6808 CVE-2017-15698 CVE-2018-11759 CVE-2018-1323 CVE-2018-8019 CVE-2018-8020
MLIST:[tomcat-dev] 20200203 svn commit: r1873527 [27/30] - /tomcat/site/trunk/docs/ CVE-2015-0254
MLIST:[tomcat-dev] 20200213 svn commit: r1873980 [24/34] - /tomcat/site/trunk/docs/ CVE-2001-0917 CVE-2002-0493 CVE-2002-0682 CVE-2002-0935 CVE-2002-0936 CVE-2002-1148 CVE-2002-1394 CVE-2002-1567 CVE-2002-1895 CVE-2002-2006 CVE-2002-2008 CVE-2002-2009 CVE-2003-0866 CVE-2005-2090 CVE-2005-3164 CVE-2005-3510 CVE-2005-4703 CVE-2005-4836 CVE-2006-3835 CVE-2007-1355 CVE-2007-1358 CVE-2007-2449 CVE-2007-2450 CVE-2007-3382 CVE-2007-3383 CVE-2007-3385 CVE-2007-5461 CVE-2008-0128
MLIST:[tomcat-dev] 20200213 svn commit: r1873980 [25/34] - /tomcat/site/trunk/docs/ CVE-2007-3385 CVE-2007-5461 CVE-2009-2693 CVE-2009-3548 CVE-2010-2227 CVE-2011-2204 CVE-2011-3190 CVE-2011-5062 CVE-2011-5063 CVE-2011-5064 CVE-2012-0022
MLIST:[tomcat-dev] 20200213 svn commit: r1873980 [26/34] - /tomcat/site/trunk/docs/ CVE-2005-2090 CVE-2012-3544 CVE-2013-1571 CVE-2013-2067 CVE-2013-4286 CVE-2013-4322 CVE-2013-4590 CVE-2014-0033 CVE-2014-0075 CVE-2014-0096 CVE-2014-0099 CVE-2014-0119 CVE-2014-0227 CVE-2014-0230 CVE-2014-7810 CVE-2015-5174 CVE-2015-5345 CVE-2016-0706 CVE-2016-0714 CVE-2016-0762 CVE-2016-3427 CVE-2016-5018 CVE-2016-6794 CVE-2016-6796 CVE-2016-6797 CVE-2016-6816 CVE-2016-8735 CVE-2016-8745 CVE-2017-5647
MLIST:[tomcat-dev] 20200213 svn commit: r1873980 [27/34] - /tomcat/site/trunk/docs/ CVE-2014-0075 CVE-2014-0119 CVE-2014-0227 CVE-2014-0230 CVE-2014-7810 CVE-2015-5174 CVE-2015-5345 CVE-2015-5346 CVE-2015-5351 CVE-2016-0706 CVE-2016-0714 CVE-2016-0762 CVE-2016-0763 CVE-2016-3092 CVE-2016-3427 CVE-2016-5018 CVE-2016-6794 CVE-2016-6796 CVE-2016-6797 CVE-2016-6816 CVE-2016-8735 CVE-2016-8745 CVE-2017-12615 CVE-2017-12616 CVE-2017-12617 CVE-2017-15706 CVE-2017-5647 CVE-2017-5648 CVE-2017-5664 CVE-2017-7674 CVE-2018-11784 CVE-2018-1304 CVE-2018-1305 CVE-2018-1336 CVE-2018-8014 CVE-2018-8034 CVE-2019-0221 CVE-2019-0232 CVE-2019-12418 CVE-2019-17563 CVE-2019-2684
MLIST:[tomcat-dev] 20200213 svn commit: r1873980 [28/34] - /tomcat/site/trunk/docs/ CVE-2017-12617 CVE-2017-15706 CVE-2017-7674 CVE-2018-11784 CVE-2018-1304 CVE-2018-1305 CVE-2018-1336 CVE-2018-8014 CVE-2018-8034 CVE-2018-8037 CVE-2019-0199 CVE-2019-0221 CVE-2019-0232 CVE-2019-10072 CVE-2019-12418 CVE-2019-17563 CVE-2019-2684
MLIST:[tomcat-dev] 20200213 svn commit: r1873980 [29/34] - /tomcat/site/trunk/docs/ CVE-2016-8745 CVE-2016-8747 CVE-2017-12617 CVE-2017-15706 CVE-2017-5647 CVE-2017-5648 CVE-2017-5650 CVE-2017-5651 CVE-2017-5664 CVE-2017-7674 CVE-2017-7675 CVE-2018-11784 CVE-2018-1304 CVE-2018-1305 CVE-2018-1336 CVE-2018-8014 CVE-2018-8034 CVE-2018-8037 CVE-2019-0199 CVE-2019-0221 CVE-2019-0232 CVE-2019-10072 CVE-2019-12418 CVE-2019-17563 CVE-2019-2684
MLIST:[tomcat-dev] 20200213 svn commit: r1873980 [30/34] - /tomcat/site/trunk/docs/ CVE-2014-8111 CVE-2016-6808 CVE-2018-11759 CVE-2018-1323
MLIST:[tomcat-dev] 20200213 svn commit: r1873980 [31/34] - /tomcat/site/trunk/docs/ CVE-2014-0160 CVE-2015-0254 CVE-2017-15698 CVE-2018-8019 CVE-2018-8020
MLIST:[tomcat-dev] 20200304 Re: Tagging 10.0.x, 9.0.x, 8.5.x CVE-2020-1938
MLIST:[tomcat-dev] 20200309 [Bug 64206] Answer file not being used CVE-2020-1938
MLIST:[tomcat-dev] 20200422 Re: Time for Tomcat Native 1.2.24? CVE-2020-1967
MLIST:[tomcat-dev] 20200422 Time for Tomcat Native 1.2.24? CVE-2020-1967
MLIST:[tomcat-dev] 20200423 Re: Time for Tomcat Native 1.2.24? CVE-2020-1967
MLIST:[tomcat-dev] 20200527 Re: [SECURITY] CVE-2020-9484 Apache Tomcat Remote Code Execution via session persistence CVE-2020-9484
MLIST:[tomcat-dev] 20200625 svn commit: r1879208 - in /tomcat/site/trunk: docs/security-10.html docs/security-8.html docs/security-9.html xdocs/security-10.xml xdocs/security-8.xml xdocs/security-9.xml CVE-2020-1938 CVE-2020-9484
MLIST:[tomcat-dev] 20200818 [Bug 64671] HTTP/2 Stream.receivedData method throwing continuous NullPointerException in the logs CVE-2020-13934
MLIST:[tomcat-dev] 20201203 [SECURITY] CVE-2020-17527 Apache Tomcat HTTP/2 Request header mix-up CVE-2020-17527
MLIST:[tomcat-dev] 20201203 svn commit: r1884073 - in /tomcat/site/trunk: docs/security-10.html docs/security-8.html docs/security-9.html xdocs/security-10.xml xdocs/security-8.xml xdocs/security-9.xml CVE-2020-17527
MLIST:[tomcat-dev] 20210114 [SECURITY] CVE-2021-24122 Apache Tomcat Information Disclosure CVE-2021-24122
MLIST:[tomcat-dev] 20210114 svn commit: r1885488 - in /tomcat/site/trunk: docs/security-10.html docs/security-7.html docs/security-8.html docs/security-9.html xdocs/security-10.xml xdocs/security-7.xml xdocs/security-8.xml xdocs/security-9.xml CVE-2020-17527 CVE-2021-24122
MLIST:[tomcat-dev] 20210119 Re: [SECURITY][CORRECTION] CVE-2020-17527 Apache Tomcat HTTP/2 Request header mix-up CVE-2020-17527
MLIST:[tomcat-dev] 20210207 [Bug 65126] New: A security vulnerability cve-2020-1971 in Tomcat dependency Library in version 9.0.40. CVE-2020-1971
MLIST:[tomcat-dev] 20210301 [SECURITY] CVE-2021-25122 Apache Tomcat h2c request mix-up CVE-2021-25122
MLIST:[tomcat-dev] 20210301 [SECURITY] CVE-2021-25329 Apache Tomcat Incomplete fix for CVE-2020-9484 (RCE via session persistence) CVE-2020-9484 CVE-2021-25329
MLIST:[tomcat-dev] 20210301 svn commit: r1887027 - in /tomcat/site/trunk: docs/security-10.html docs/security-7.html docs/security-8.html docs/security-9.html xdocs/security-10.xml xdocs/security-7.xml xdocs/security-8.xml xdocs/security-9.xml CVE-2020-9484 CVE-2021-25122 CVE-2021-25329
MLIST:[tomcat-dev] 20210428 [Bug 65272] Problems proccessing HTTP request without CR in last versions CVE-2020-1935
MLIST:[tomcat-dev] 20210712 RE: [SECURITY] CVE-2021-30639 Apache Tomcat DoS CVE-2021-30639
MLIST:[tomcat-dev] 20210712 svn commit: r1891484 - in /tomcat/site/trunk: docs/security-10.html docs/security-7.html docs/security-8.html docs/security-9.html xdocs/security-10.xml xdocs/security-7.xml xdocs/security-8.xml xdocs/security-9.xml CVE-2020-9484 CVE-2021-20640
MLIST:[tomcat-dev] 20210805 [Bug 65482] Jasper jar contains CVE-2015-8751 vulnerability CVE-2015-8751
MLIST:[tomcat-dev] 20210805 [Bug 65482] New: Jasper jar contains CVE-2015-8751 vulnerability CVE-2015-8751
MLIST:[tomcat-dev] 20210811 [GitHub] [tomcat-jakartaee-migration] ebourg commented on issue #23: Vulnerability with Apache Commons Compress v1.20 CVE-2021-36090
MLIST:[tomcat-dev] 20210823 [Bug 65516] New: upgrade to xalan 2.7.2 to address CVE-2014-0107 CVE-2014-0107
MLIST:[tomcat-dev] 20210823 [Bug 65516] upgrade to xalan 2.7.2 to address CVE-2014-0107 CVE-2014-0107
MLIST:[tomcat-dev] 20210825 OpenSSL security announcement - do we need a Tomcat Native release? CVE-2021-3711 CVE-2021-3712
MLIST:[tomcat-dev] 20210826 Re: OpenSSL security announcement - do we need a Tomcat Native release? CVE-2021-3711 CVE-2021-3712
MLIST:[tomcat-dev] 20210922 [jira] [Commented] (MTOMCAT-327) Tomcat 9.0.50 and it has apr-1.7.0 dependency, with Address CVE-2021-35940 CVE-2021-35940
MLIST:[tomcat-dev] 20210922 [jira] [Created] (MTOMCAT-327) Tomcat 9.0.50 and it has apr-1.7.0 dependency, with Address CVE-2021-35940 CVE-2021-35940
MLIST:[tomcat-dev] 20210922 [jira] [Reopened] (MTOMCAT-327) Tomcat 9.0.50 and it has apr-1.7.0 dependency, with Address CVE-2021-35940 CVE-2021-35940
MLIST:[tomcat-dev] 20210922 [jira] [Resolved] (MTOMCAT-327) Tomcat 9.0.50 and it has apr-1.7.0 dependency, with Address CVE-2021-35940 CVE-2021-35940
MLIST:[tomcat-dev] 20211014 [SECURITY] CVE-2021-42340 Apache Tomcat DoS CVE-2021-41079
MLIST:[tomcat-taglibs-user] 20150227 [SECURITY] CVE-2015-0254 XXE and RCE via XSL extension in JSTL XML tags CVE-2015-0254
MLIST:[tomcat-users] 20071015 [Security] - Important vulnerability disclosed in Apache Tomcat webdav servlet CVE-2007-5461
MLIST:[tomcat-users] 20170606 [SECURITY] CVE-2017-5664 Apache Tomcat Security Constraint Bypass CVE-2017-5664
MLIST:[tomcat-users] 20190410 [SECURITY] CVE-2019-0232 Apache Tomcat Remote Code Execution on Windows CVE-2019-0232
MLIST:[tomcat-users] 20190620 Re: [EXTERNAL] [SECURITY] CVE-2019-10072 Apache Tomcat HTTP/2 DoS CVE-2019-0199
MLIST:[tomcat-users] 20190620 [SECURITY] CVE-2019-10072 Apache Tomcat HTTP/2 DoS CVE-2019-0199
MLIST:[tomcat-users] 20190620 [SECURITY][CORRECTION] CVE-2019-10072 Apache Tomcat HTTP/2 DoS CVE-2019-0199
MLIST:[tomcat-users] 20191001 Additional Information on Apache Tomcat CVE-2018-8037 CVE-2018-8037
MLIST:[tomcat-users] 20191001 Re: Additional Information on Apache Tomcat CVE-2018-8037 CVE-2018-8037
MLIST:[tomcat-users] 20191218 [SECURITY] CVE-2019-12418 Local Privilege Escalation CVE-2019-2684
MLIST:[tomcat-users] 20200130 7.0.59 to 7.0.99 upgrade, CVE-2015-5174 fix prevents us from accessing resources outside context CVE-2015-5174
MLIST:[tomcat-users] 20200130 Re: 7.0.59 to 7.0.99 upgrade, CVE-2015-5174 fix prevents us from accessing resources outside context CVE-2015-5174
MLIST:[tomcat-users] 20200131 Re: 7.0.59 to 7.0.99 upgrade, CVE-2015-5174 fix prevents us from accessing resources outside context CVE-2015-5174 CVE-2017-7674
MLIST:[tomcat-users] 20200203 Re: 7.0.59 to 7.0.99 upgrade, CVE-2015-5174 fix prevents us from accessing resources outside context CVE-2015-5174 CVE-2017-7674
MLIST:[tomcat-users] 20200204 Re: 7.0.59 to 7.0.99 upgrade, CVE-2015-5174 fix prevents us from accessing resources outside context CVE-2015-5174 CVE-2017-7674
MLIST:[tomcat-users] 20200301 Re: [SECURITY] CVE-2020-1938 AJP Request Injection and potential Remote Code Execution CVE-2020-1938
MLIST:[tomcat-users] 20200302 AW: [SECURITY] CVE-2020-1938 AJP Request Injection and potentialRemote Code Execution CVE-2020-1928 CVE-2020-1938
MLIST:[tomcat-users] 20200302 Re: AW: [SECURITY] CVE-2020-1938 AJP Request Injection and potentialRemote Code Execution CVE-2020-1928 CVE-2020-1938
MLIST:[tomcat-users] 20200302 Re: [SECURITY] CVE-2020-1938 AJP Request Injection and potential Remote Code Execution CVE-2020-1928 CVE-2020-1938
MLIST:[tomcat-users] 20200304 Re: Fix for CVE-2020-1938 CVE-2020-1938
MLIST:[tomcat-users] 20200305 Aw: Re: Fix for CVE-2020-1938 CVE-2020-1938
MLIST:[tomcat-users] 20200305 Re: Aw: Re: Fix for CVE-2020-1938 CVE-2020-1938
MLIST:[tomcat-users] 20200309 Re: Apache Tomcat AJP File Inclusion Vulnerability (unauthenticated check) CVE-2020-1938
MLIST:[tomcat-users] 20200310 Aw: Re: Re: Fix for CVE-2020-1938 CVE-2020-1938
MLIST:[tomcat-users] 20200310 Re: Re: Re: Fix for CVE-2020-1938 CVE-2020-1938
MLIST:[tomcat-users] 20200413 RE: Alternatives for AJP CVE-2020-1938
MLIST:[tomcat-users] 20200521 Re: [SECURITY] CVE-2020-9484 Apache Tomcat Remote Code Execution via session persistence CVE-2020-9484
MLIST:[tomcat-users] 20200524 Re: [SECURITY] CVE-2020-9484 Apache Tomcat Remote Code Execution via session persistence CVE-2020-9484
MLIST:[tomcat-users] 20200724 CVE-2020-1935 CVE-2020-1935
MLIST:[tomcat-users] 20200724 RE: CVE-2020-1935 CVE-2020-1935
MLIST:[tomcat-users] 20200724 Re: CVE-2020-1935 CVE-2020-1935
MLIST:[tomcat-users] 20200726 Re: CVE-2020-1935 CVE-2020-1935
MLIST:[tomcat-users] 20200727 RE: CVE-2020-1935 CVE-2020-1935
MLIST:[tomcat-users] 20200902 Re: regarding CVE-2020-8022 applicable to tomcat 8.5.57 CVE-2020-8022
MLIST:[tomcat-users] 20200902 regarding CVE-2020-8022 applicable to tomcat 8.5.57 CVE-2020-8022
MLIST:[tomcat-users] 20201008 Is Tomcat7 supports HTTP2 CVE-2020-11996
MLIST:[tomcat-users] 20201118 Re: Strange crash-on-takeoff, Tomcat 7.0.104 CVE-2020-13935
MLIST:[tomcat-users] 20201203 [SECURITY] CVE-2020-17527 Apache Tomcat HTTP/2 Request header mix-up CVE-2020-17527
MLIST:[tomcat-users] 20210114 [SECURITY] CVE-2021-24122 Apache Tomcat Information Disclosure CVE-2021-24122
MLIST:[tomcat-users] 20210119 Re: [SECURITY][CORRECTION] CVE-2020-17527 Apache Tomcat HTTP/2 Request header mix-up CVE-2020-17527
MLIST:[tomcat-users] 20210301 [SECURITY] CVE-2021-25122 Apache Tomcat h2c request mix-up CVE-2021-25122
MLIST:[tomcat-users] 20210301 [SECURITY] CVE-2021-25329 Apache Tomcat Incomplete fix for CVE-2020-9484 (RCE via session persistence) CVE-2020-9484 CVE-2021-25329
MLIST:[tomcat-users] 20210305 RE: [SECURITY] CVE-2021-25122 Apache Tomcat h2c request mix-up CVE-2021-25122
MLIST:[tomcat-users] 20210305 Re: [SECURITY] CVE-2021-25122 Apache Tomcat h2c request mix-up CVE-2021-25122
MLIST:[tomcat-users] 20210701 Re: What is "h2c"? What is CVE-2021-25329? Re: Most recent security-related update to 8.5 CVE-2020-9484 CVE-2021-25329
MLIST:[tomcat-users] 20210701 What is "h2c"? What is CVE-2021-25329? Re: Most recent security-related update to 8.5 CVE-2020-9484 CVE-2021-25329
MLIST:[tomcat-users] 20210702 Re: CVE-2021-25329, was Re: Most recent security-related update to 8.5 CVE-2020-9484 CVE-2021-25329
MLIST:[tomcat-users] 20210702 Re: What is "h2c"? What is CVE-2021-25329? Re: Most recent security-related update to 8.5 CVE-2021-25329
MLIST:[tomcat-users] 20210712 RE: [SECURITY] CVE-2021-30639 Apache Tomcat DoS CVE-2021-30639
MLIST:[tomcat-users] 20211014 [SECURITY] CVE-2021-42340 Apache Tomcat DoS CVE-2021-41079
MLIST:[tomee-commits] 20190528 [jira] [Closed] (TOMEE-2497) Upgrade Tomcat in TomEE 7.0.x/7.1.x/8.0.x for CVE-2019-0199 CVE-2019-0199
MLIST:[tomee-commits] 20190908 svn commit: r1866633 - /tomee/deps/trunk/quartz-openejb-shade/pom.xml CVE-2019-13990
MLIST:[tomee-commits] 20200320 [jira] [Assigned] (TOMEE-2788) TomEE plus is affected by CVE-2019-17359 (BDSA-2019-3168) vulnerability CVE-2019-17359
MLIST:[tomee-commits] 20200320 [jira] [Commented] (TOMEE-2788) TomEE plus is affected by CVE-2019-17359 (BDSA-2019-3168) vulnerability CVE-2019-17359
MLIST:[tomee-commits] 20200320 [jira] [Created] (TOMEE-2788) TomEE plus is affected by CVE-2019-17359 (BDSA-2019-3168) vulnerability CVE-2019-17359
MLIST:[tomee-commits] 20200320 [jira] [Created] (TOMEE-2789) TomEE plus is affected by CVE-2020-1938(BDSA-2020-0339) vulnerability. CVE-2020-1938
MLIST:[tomee-commits] 20200320 [jira] [Created] (TOMEE-2790) TomEE plus(7.0.7) is affected by CVE-2020-1935 & CVE-2019-17569 vulnerabilities CVE-2019-17569 CVE-2020-1935
MLIST:[tomee-commits] 20200320 [jira] [Updated] (TOMEE-2788) TomEE plus is affected by CVE-2019-17359 (BDSA-2019-3168) vulnerability CVE-2019-17359
MLIST:[tomee-commits] 20200320 [jira] [Updated] (TOMEE-2789) TomEE plus(7.0.7) is affected by CVE-2020-1938(BDSA-2020-0339) vulnerability. CVE-2020-1938
MLIST:[tomee-commits] 20200322 [jira] [Updated] (TOMEE-2788) TomEE plus is affected by CVE-2019-17359 (BDSA-2019-3168) vulnerability CVE-2019-17359
MLIST:[tomee-commits] 20200323 [jira] [Commented] (TOMEE-2788) TomEE plus is affected by CVE-2019-17359 (BDSA-2019-3168) vulnerability CVE-2019-17359
MLIST:[tomee-commits] 20200323 [jira] [Commented] (TOMEE-2789) TomEE plus(7.0.7) is affected by CVE-2020-1938(BDSA-2020-0339) vulnerability. CVE-2020-1938
MLIST:[tomee-commits] 20200323 [jira] [Commented] (TOMEE-2790) TomEE plus(7.0.7) is affected by CVE-2020-1935 & CVE-2019-17569 vulnerabilities CVE-2019-17569 CVE-2020-1935
MLIST:[tomee-commits] 20200324 [jira] [Created] (TOMEE-2791) TomEE plus(7.0.7) is affected by CVE-2019-12400 vulnerability CVE-2019-12400
MLIST:[tomee-commits] 20200519 [jira] [Resolved] (TOMEE-2788) TomEE plus is affected by CVE-2019-17359 (BDSA-2019-3168) vulnerability CVE-2019-17359
MLIST:[tomee-commits] 20200519 [jira] [Updated] (TOMEE-2788) TomEE plus is affected by CVE-2019-17359 (BDSA-2019-3168) vulnerability CVE-2019-17359
MLIST:[tomee-commits] 20200720 [jira] [Assigned] (TOMEE-2885) Update Apache XML Security for Java to mitigate CVE-2019-12400 CVE-2019-12400
MLIST:[tomee-commits] 20200720 [jira] [Assigned] (TOMEE-2886) Update quartz-scheduler to mitigate CVE-2019-13990 CVE-2019-13990
MLIST:[tomee-commits] 20200720 [jira] [Commented] (TOMEE-2885) Update Apache XML Security for Java to mitigate CVE-2019-12400 CVE-2019-12400
MLIST:[tomee-commits] 20200720 [jira] [Commented] (TOMEE-2886) Update quartz-scheduler to mitigate CVE-2019-13990 CVE-2019-13990
MLIST:[tomee-commits] 20200720 [jira] [Created] (TOMEE-2885) Update Apache XML Security for Java to mitigate CVE-2019-12400 CVE-2019-12400
MLIST:[tomee-commits] 20200720 [jira] [Created] (TOMEE-2886) Update quartz-scheduler to mitigate CVE-2019-13990 CVE-2019-13990
MLIST:[tomee-commits] 20201013 [jira] [Assigned] (TOMEE-2908) TomEE plus is affected by CVE-2020-7226 (BDSA-2020-2333) vulnerability CVE-2020-7226
MLIST:[tomee-commits] 20201013 [jira] [Assigned] (TOMEE-2909) Impact of security vulnerability(CVE-2020-9484) on TOMEE plus (7.0.7) CVE-2020-9484
MLIST:[tomee-commits] 20201013 [jira] [Commented] (TOMEE-2909) Impact of security vulnerability(CVE-2020-9484) on TOMEE plus (7.0.7) CVE-2020-9484
MLIST:[tomee-commits] 20201013 [jira] [Created] (TOMEE-2908) TomEE plus is affected by CVE-2020-7226 (BDSA-2020-2333) vulnerability CVE-2020-7226
MLIST:[tomee-commits] 20201013 [jira] [Created] (TOMEE-2909) Impact of security vulnerability(CVE-2020-9484) on TOMEE plus (7.0.7) CVE-2020-9484
MLIST:[tomee-commits] 20201013 [jira] [Updated] (TOMEE-2909) Impact of security vulnerability(CVE-2020-9484) on TOMEE plus (7.0.7) CVE-2020-9484
MLIST:[tomee-commits] 20201127 [jira] [Resolved] (TOMEE-2789) TomEE plus(7.0.7) is affected by CVE-2020-1938(BDSA-2020-0339) vulnerability. CVE-2020-1938
MLIST:[tomee-commits] 20201127 [jira] [Updated] (TOMEE-2789) TomEE plus(7.0.7) is affected by CVE-2020-1938(BDSA-2020-0339) vulnerability. CVE-2020-1938
MLIST:[tomee-commits] 20201207 [jira] [Assigned] (TOMEE-2936) TomEE plus(7.0.9) is affected by CVE-2020-17527(BDSA-2020-3628) vulnerability. CVE-2020-17527
MLIST:[tomee-commits] 20201207 [jira] [Created] (TOMEE-2936) TomEE plus(7.0.9) is affected by CVE-2020-17527(BDSA-2020-3628) vulnerability. CVE-2020-17527
MLIST:[tomee-commits] 20210127 [jira] [Created] (TOMEE-2965) CVE-2020-25649 - Update jackson databind CVE-2020-25649
MLIST:[tomee-commits] 20210319 [jira] [Updated] (TOMEE-2936) TomEE plus(7.0.9) is affected by CVE-2020-17527(BDSA-2020-3628) vulnerability. CVE-2020-17527
MLIST:[tomee-commits] 20210426 [jira] [Comment Edited] (TOMEE-2908) TomEE plus is affected by CVE-2020-7226 (BDSA-2020-2333) vulnerability CVE-2020-7226
MLIST:[tomee-commits] 20210426 [jira] [Commented] (TOMEE-2908) TomEE plus is affected by CVE-2020-7226 (BDSA-2020-2333) vulnerability CVE-2020-7226
MLIST:[tomee-commits] 20210426 [jira] [Updated] (TOMEE-2908) TomEE plus is affected by CVE-2020-7226 (BDSA-2020-2333) vulnerability CVE-2020-7226
MLIST:[tomee-commits] 20210522 [jira] [Closed] (TOMEE-2909) Impact of security vulnerability(CVE-2020-9484) on TOMEE plus (7.0.7) CVE-2020-9484
MLIST:[tomee-commits] 20210705 [jira] [Created] (TOMEE-3768) TomEE plus is affected by CVE-CVE-2021-30468 vulnerability related to Apache CXF CVE-2021-30468
MLIST:[tomee-commits] 20210705 [jira] [Updated] (TOMEE-3768) TomEE plus is affected by CVE-CVE-2021-30468 vulnerability related to Apache CXF CVE-2021-30468
MLIST:[tomee-commits] 20210728 [jira] [Commented] (TOMEE-3778) Update embedded Tomcat to 9.0.48 or later to address CVE-2021-33037 CVE-2021-33037
MLIST:[tomee-commits] 20210728 [jira] [Created] (TOMEE-3778) Update embedded Tomcat to 9.0.48 or later to address CVE-2021-33037 CVE-2021-33037
MLIST:[tomee-commits] 20210830 [jira] [Commented] (TOMEE-3778) Update embedded Tomcat to 9.0.48 or later to address CVE-2021-33037 CVE-2021-33037
MLIST:[tomee-commits] 20210901 [jira] [Commented] (TOMEE-3768) TomEE plus is affected by CVE-CVE-2021-30468 vulnerability related to Apache CXF CVE-2021-30468
MLIST:[tomee-commits] 20210901 [jira] [Resolved] (TOMEE-3768) TomEE plus is affected by CVE-CVE-2021-30468 vulnerability related to Apache CXF CVE-2021-30468
MLIST:[tomee-commits] 20210913 [jira] [Commented] (TOMEE-3768) TomEE plus is affected by CVE-CVE-2021-30468 vulnerability related to Apache CXF CVE-2021-30468
MLIST:[tomee-commits] 20210913 [jira] [Commented] (TOMEE-3778) Update embedded Tomcat to 9.0.48 or later to address CVE-2021-33037 CVE-2021-33037
MLIST:[tomee-commits] 20210913 [jira] [Reopened] (TOMEE-3768) TomEE plus is affected by CVE-CVE-2021-30468 vulnerability related to Apache CXF CVE-2021-30468
MLIST:[tomee-commits] 20210913 [jira] [Updated] (TOMEE-3768) TomEE plus is affected by CVE-CVE-2021-30468 vulnerability related to Apache CXF CVE-2021-30468
MLIST:[tomee-commits] 20210914 [jira] [Commented] (TOMEE-3778) Update embedded Tomcat to 9.0.48 or later to address CVE-2021-33037 CVE-2021-33037
MLIST:[tomee-commits] 20210916 [jira] [Resolved] (TOMEE-3778) Update embedded Tomcat to 9.0.48 or later to address CVE-2021-33037 CVE-2021-33037
MLIST:[tomee-commits] 20210922 [tomee] 02/02: Update xmlsec to 2.2.3 to mitigate CVE-2021-40690 CVE-2021-40690
MLIST:[tomee-commits] 20210923 [jira] [Assigned] (TOMEE-3798) TomEE (8.0.8) is affected by CVE-2021-40690 vulnerability CVE-2021-40690
MLIST:[tomee-commits] 20210923 [jira] [Created] (TOMEE-3798) TomEE (8.0.8) is affected by CVE-2021-40690 vulnerability CVE-2021-40690
MLIST:[tomee-commits] 20210923 [jira] [Resolved] (TOMEE-3798) TomEE (8.0.8) is affected by CVE-2021-40690 vulnerability CVE-2021-40690
MLIST:[tomee-commits] 20210923 [jira] [Updated] (TOMEE-3798) TomEE (8.0.8) is affected by CVE-2021-40690 vulnerability CVE-2021-40690
MLIST:[tomee-commits] 20211028 [jira] [Updated] (TOMEE-3798) TomEE (8.0.8) is affected by CVE-2021-40690 vulnerability CVE-2021-40690
MLIST:[tomee-dev] 20160404 Document resolved vulnerability CVE-2015-8581 CVE-2016-0779
MLIST:[tomee-dev] 20180723 CVE-2018-8031 Apache TomEE Webapp XSS CVE-2018-8031
MLIST:[tomee-dev] 20190830 Quartz CVE-2019-13990 CVE-2019-13990
MLIST:[tomee-dev] 20190830 Re: Quartz CVE-2019-13990 CVE-2019-13990
MLIST:[tomee-dev] 20190905 [GitHub] [tomee] asf-ci commented on issue #548: [TOMEE-2655] Updates jackson-databind to 2.9.9.3 to mitigate CVE-2019-12384, CVE-2019-12814, CVE-2019-14379 and CVE-2019-14439 CVE-2019-12384 CVE-2019-12814 CVE-2019-14379 CVE-2019-14439
MLIST:[tomee-dev] 20190905 [GitHub] [tomee] asf-ci commented on issue #549: [TOMEE-2655] [7.1.x] Updates jackson-databind to 2.9.9.3 to mitigate CVE-2019-12384, CVE-2019-12814, CVE-2019-14379 and CVE-2019-14439 CVE-2019-12384 CVE-2019-12814 CVE-2019-14379 CVE-2019-14439
MLIST:[tomee-dev] 20190905 [GitHub] [tomee] robert-schaft-hon commented on issue #549: [TOMEE-2655] [7.1.x] Updates jackson-databind to 2.9.9.3 to mitigate CVE-2019-12384, CVE-2019-12814, CVE-2019-14379 and CVE-2019-14439 CVE-2019-12384 CVE-2019-12814 CVE-2019-14379 CVE-2019-14439
MLIST:[tomee-dev] 20190905 [GitHub] [tomee] rzo1 opened a new pull request #548: [TOMEE-2655] Updates jackson-databind to 2.9.9.3 to mitigate CVE-2019-12384, CVE-2019-12814, CVE-2019-14379 and CVE-2019-14439 CVE-2019-12384 CVE-2019-12814 CVE-2019-14379 CVE-2019-14439
MLIST:[tomee-dev] 20190905 [GitHub] [tomee] rzo1 opened a new pull request #549: [TOMEE-2655] [7.1.x] Updates jackson-databind to 2.9.9.3 to mitigate CVE-2019-12384, CVE-2019-12814, CVE-2019-14379 and CVE-2019-14439 CVE-2019-12384 CVE-2019-12814 CVE-2019-14379 CVE-2019-14439
MLIST:[tomee-dev] 20190906 [GitHub] [tomee] rzo1 commented on issue #549: [TOMEE-2655] [7.1.x] Updates jackson-databind to 2.9.9.3 to mitigate CVE-2019-12384, CVE-2019-12814, CVE-2019-14379 and CVE-2019-14439 CVE-2019-12384 CVE-2019-12814 CVE-2019-14379 CVE-2019-14439
MLIST:[tomee-dev] 20190908 Re: Quartz CVE-2019-13990 CVE-2019-13990
MLIST:[tomee-dev] 20190909 [GitHub] [tomee] jgallimore merged pull request #548: [TOMEE-2655] Updates jackson-databind to 2.9.9.3 to mitigate CVE-2019-12384, CVE-2019-12814, CVE-2019-14379 and CVE-2019-14439 CVE-2019-12384 CVE-2019-12814 CVE-2019-14379 CVE-2019-14439
MLIST:[tomee-dev] 20190909 [GitHub] [tomee] jgallimore merged pull request #549: [TOMEE-2655] [7.1.x] Updates jackson-databind to 2.9.9.3 to mitigate CVE-2019-12384, CVE-2019-12814, CVE-2019-14379 and CVE-2019-14439 CVE-2019-12384 CVE-2019-12814 CVE-2019-14379 CVE-2019-14439
MLIST:[tomee-dev] 20190923 Re: [VOTE] Release quartz-openejb-shade 2.2.4 CVE-2019-13990
MLIST:[tomee-dev] 20200311 CVE-2020-1938 on Tomcat 9.0.30 / TomEE 8.0.1 CVE-2020-1938
MLIST:[tomee-dev] 20200311 CVE-2020-8840 on TomEE 8.0.1 CVE-2020-8840
MLIST:[tomee-dev] 20200311 Re: CVE-2020-1938 on Tomcat 9.0.30 / TomEE 8.0.1 CVE-2020-1938
MLIST:[tomee-dev] 20200311 Re: CVE-2020-8840 on TomEE 8.0.1 CVE-2020-8840
MLIST:[tomee-dev] 20200313 Re: CVE-2020-8840 on TomEE 8.0.1 CVE-2020-8840
MLIST:[tomee-dev] 20200316 RE: CVE-2020-8840 on TomEE 8.0.1 CVE-2020-1938 CVE-2020-8840
MLIST:[tomee-dev] 20201216 [SECURITY] CVE-2020-13931 Apache TomEE - Incorrect config on JMS Resource Adapter can lead to JMX being enabled CVE-2020-11969
MLIST:[tomee-dev] 20201222 Re: CVE-2020-13931 is Fake vulnerability CVE-2020-13931
MLIST:[tomee-dev] 20201223 Re: CVE-2020-13931 is Fake vulnerability CVE-2020-11969 CVE-2020-13931
MLIST:[tomee-dev] 20210114 Re: Releases? CVE-2021-24122
MLIST:[tomee-dev] 20210115 CVE-2021-24122 NTFS Information Disclosure Bug CVE-2021-24122
MLIST:[tomee-dev] 20210401 CVE-2019-20367 - TomEE not affected CVE-2019-20367
MLIST:[tomee-dev] 20210401 Re: CVE-2019-20367 - TomEE not affected CVE-2019-20367
MLIST:[tomee-users] 20200723 Re: TomEE on Docker CVE-2020-1938
MLIST:[tomee-users] 20201216 [SECURITY] CVE-2020-13931 Apache TomEE - Incorrect config on JMS Resource Adapter can lead to JMX being enabled CVE-2020-11969
MLIST:[tor-announce] 20120819 Tor 0.2.2.38 is released CVE-2012-3517 CVE-2012-3518 CVE-2012-3519
MLIST:[tor-announce] 20140730 Tor 0.2.4.23 is released CVE-2014-5117
MLIST:[tor-announce] 20140730 Tor security advisory: "relay early" traffic confirmation attack CVE-2014-5117
MLIST:[tor-talk] 20120905 Tor 0.2.3.21-rc is out CVE-2012-4419
MLIST:[tor-talk] 20120912 Tor 0.2.3.22-rc is out CVE-2012-4922
MLIST:[tor-talk] 20131223 Tor 0.2.4.20 is released CVE-2013-7295
MLIST:[tor-talk] 20140730 Tor 0.2.5.6-alpha is out CVE-2014-5117
MLIST:[trafficcontrol-commits] 20190906 [trafficcontrol-website] branch asf-site updated: Adds CVE-2019-12405 to security page CVE-2017-7670
MLIST:[trafficcontrol-commits] 20210616 [trafficcontrol-website] branch asf-site updated: Fix CVE-2020-17522 link CVE-2017-7670 CVE-2019-12405 CVE-2020-17522
MLIST:[trafficcontrol-commits] 20211011 [trafficcontrol-website] 01/02: Add CVE-2021-42009 CVE-2019-12405 CVE-2020-17522
MLIST:[trafficcontrol-dev] 20211013 Re: CVE-2021-42009: Apache Traffic Control Arbitrary Email Content Insertion in /deliveryservices/request CVE-2021-42009
MLIST:[trafficcontrol-issues] 20201112 [GitHub] [trafficcontrol] zrhoffman opened a new pull request #5278: Update Go version to 1.15.5 CVE-2020-28362
MLIST:[trafficcontrol-users] 20190906 CVE-2019-12405: Apache Traffic Control LDAP-based authentication vulnerability CVE-2019-12405
MLIST:[trafficserver-announce] 20190212 [ANNOUNCE] Apache Traffic Server vulnerability with sslheader plugin CVE-2018-11783
MLIST:[trafficserver-announce] 20190813 Apache Traffic Server is vulnerable to various HTTP/2 attacks CVE-2019-10079 CVE-2019-9512 CVE-2019-9514 CVE-2019-9515
MLIST:[trafficserver-announce] 20190820 ATS is vulnerable to a HTTP/2 attack with empty frames CVE-2019-9518
MLIST:[trafficserver-announce] 20210513 Apache Traffic Server is vulnerable to a DOS attack in the experimental Slicer plugin CVE-2021-27737
MLIST:[trafficserver-dev] 20190813 Apache Traffic Server is vulnerable to various HTTP/2 attacks CVE-2019-10079 CVE-2019-9512 CVE-2019-9514 CVE-2019-9515
MLIST:[trafficserver-dev] 20190820 ATS is vulnerable to a HTTP/2 attack with empty frames CVE-2019-9518
MLIST:[trafficserver-dev] 20210513 Apache Traffic Server is vulnerable to a DOS attack in the experimental Slicer plugin CVE-2021-27737
MLIST:[trafficserver-users] 20140723 [ANNOUNCE] Apache Traffic Server releases for security incident CVE-2014-3525 CVE-2014-3525
MLIST:[trafficserver-users] 20141216 [ANNOUNCE] Apache Traffic Server 5.1.2 is released CVE-2014-10022
MLIST:[trafficserver-users] 20180828 Re: [ANNOUNCE] Apache Traffic Server vulnerability with header variable access in the ESI plugin - CVE-2018-8040 CVE-2018-8040
MLIST:[trafficserver-users] 20180828 [ANNOUNCE] Apache Traffic Server vulnerability with an invalid TLS handshake - CVE-2018-8022 CVE-2018-8022
MLIST:[trafficserver-users] 20180828 [ANNOUNCE] Apache Traffic Server vulnerability with header variable access in the ESI plugin - CVE-2018-8040 CVE-2018-8040
MLIST:[trafficserver-users] 20180828 [ANNOUNCE] Apache Traffic Server vulnerability with method ACLs - CVE-2018-1318 CVE-2018-1318
MLIST:[trafficserver-users] 20180828 [ANNOUNCE] Apache Traffic Server vulnerability with multi-range requests - CVE-2018-8005 CVE-2018-8005
MLIST:[trafficserver-users] 20180828 [ANNOUNCE] Apache Traffic Server vulnerability with multiple HTTP smuggling and cache poisoning attacks - CVE-2018-8004 CVE-2018-8004
MLIST:[trafficserver-users] 20190813 Apache Traffic Server is vulnerable to various HTTP/2 attacks CVE-2019-10079 CVE-2019-9512 CVE-2019-9514 CVE-2019-9515
MLIST:[trafficserver-users] 20190820 ATS is vulnerable to a HTTP/2 attack with empty frames CVE-2019-9518
MLIST:[trafficserver-users] 20210513 Apache Traffic Server is vulnerable to a DOS attack in the experimental Slicer plugin CVE-2021-27737
MLIST:[tslite-dev] 20150812 tlslite-0.4.9 CVE-2015-3220
MLIST:[turba] 20050422 Turba 1.2.5 (final) CVE-2005-1315
MLIST:[turbine-commits] 20210203 svn commit: r1886168 - in /turbine/core/trunk: ./ conf/ conf/test/ src/java/org/apache/turbine/services/urlmapper/ src/test/org/apache/turbine/services/urlmapper/ src/test/org/apache/turbine/services/urlmapper/model/ xdocs/howto/ CVE-2020-13956 CVE-2020-15250
MLIST:[turbine-commits] 20210316 svn commit: r1887732 - in /turbine/fulcrum/trunk/json: ./ jackson/ jackson/src/test/org/apache/fulcrum/json/jackson/ jackson2/ jackson2/src/test/org/apache/fulcrum/json/jackson/ jackson2/src/test/org/apache/fulcrum/json/jackson/mixins/ CVE-2020-25649
MLIST:[turbine-commits] 20210329 svn commit: r1888167 - /turbine/core/trunk/pom.xml CVE-2020-13936
MLIST:[turbine-commits] 20211018 [turbine-fulcrum-security] 02/02: disable module hibernate (JIRA issue TRB-103), update docs, remove suppression CVE-2020-25638
MLIST:[turbine-dev] 20211015 Fulcrum Security Hibernate Module CVE-2019-14900 CVE-2020-25638
MLIST:[turbogears-announce] 20090811 Critical security update for tg2 users! CVE-2009-5014 CVE-2009-5015
MLIST:[twiki-announce] 20090430 Announcement: TWiki 4.3.1 Production Release CVE-2009-1339
MLIST:[uclibc-ng-devel] 20160526 uClibc-ng and uClibc memset bug, ARM CVE-2016-6264
MLIST:[uclibc-ng-devel] 20160703 new release 1.0.16 CVE-2016-6264
MLIST:[uim] 20050220 uim 0.4.5.1 released CVE-2005-0503
MLIST:[uima-commits] 20190501 svn commit: r1858489 - in /uima/site/trunk/uima-website: docs/security_report.html xdocs/security_report.xml CVE-2017-15691
MLIST:[uima-dev] 20190606 Re: upcoming board report CVE-2018-8035
MLIST:[unbound-users] 20100311 Unbound 1.4.3 release CVE-2010-0969
MLIST:[unomi-commits] 20201113 svn commit: r1883398 - in /unomi/website: contribute-release-guide.html documentation.html download.html index.html security/cve-2020-13942.txt CVE-2020-11975
MLIST:[unomi-commits] 20210428 svn commit: r1889256 - in /unomi/website: contribute-release-guide.html documentation.html download.html index.html security/cve-2021-31164.txt CVE-2020-11975 CVE-2020-13942
MLIST:[unomi-dev] 20201124 Apache Unomi 1.5.4 Release CVE-2020-13942
MLIST:[unomi-dev] 20201124 CVE-2020-13942: Remote Code Execution in Apache Unomi CVE-2020-13942
MLIST:[unomi-users] 20201124 Apache Unomi 1.5.4 Release CVE-2020-13942
MLIST:[unomi-users] 20201124 CVE-2020-13942: Remote Code Execution in Apache Unomi CVE-2020-13942
MLIST:[user@spark.apache.org] 20190128 [SECURITY] CVE-2018-11760: Apache Spark local privilege escalation vulnerability CVE-2018-11760
MLIST:[user] 20150401 [SECURITY ANNOUNCEMENT] CVE-2015-0225 CVE-2015-0225
MLIST:[user] 20170113 [NOTICE]: Apache Thrift Security Vulnerability CVE-2016-5397 CVE-2016-5397
MLIST:[user] 20170713 CVE-2017-7663 - Apache OpenMeetings - XSS in chat CVE-2017-7663
MLIST:[user] 20170713 CVE-2017-7664 - Apache OpenMeetings - Missing XML Validation CVE-2017-7664
MLIST:[user] 20170713 CVE-2017-7666 - Apache OpenMeetings Missing Secure Headers CVE-2017-7666
MLIST:[user] 20170713 CVE-2017-7673 - Apache OpenMeetings Insufficient check in dialogs with passwords CVE-2017-7673
MLIST:[user] 20170713 CVE-2017-7680 - Apache OpenMeetings - Insecure crossdomain.xml policy CVE-2017-7680
MLIST:[user] 20170713 CVE-2017-7681 - Apache OpenMeetings - SQL injection in web services CVE-2017-7681
MLIST:[user] 20170713 CVE-2017-7682 - Apache OpenMeetings - Business Logic Bypass CVE-2017-7682
MLIST:[user] 20170713 CVE-2017-7683 - Apache OpenMeetings - Information Disclosure CVE-2017-7683
MLIST:[user] 20170713 CVE-2017-7684 - Apache OpenMeetings - Insecure File Upload CVE-2017-7684
MLIST:[user] 20170713 CVE-2017-7685 - Apache OpenMeetings - Insecure HTTP Methods CVE-2017-7685
MLIST:[user] 20170713 CVE-2017-7688 - Apache OpenMeetings - Insecure Password Update CVE-2017-7688
MLIST:[user] 20180103 [SECURITY] CVE-2017-15714 Apache OFBiz BIRT code vulnerability CVE-2017-15714
MLIST:[user] 20180109 [SECURITY] CVE-2017-12622 Apache Geode gfsh authorization vulnerability CVE-2017-12622
MLIST:[user] 20180109 [SECURITY] CVE-2017-9795 Apache Geode OQL method invocation vulnerability CVE-2017-9795
MLIST:[user] 20180109 [SECURITY] CVE-2017-9796 Apache Geode OQL bind parameter vulnerability CVE-2017-9796
MLIST:[user] 20180223 [SECURITY] CVE-2017-15692 Apache Geode unsafe deserialization in TcpServer CVE-2017-15692
MLIST:[user] 20180223 [SECURITY] CVE-2017-15693 Apache Geode unsafe deserialization of application objects CVE-2017-15693
MLIST:[user] 20180225 [ANNOUNCE] CVE-2018-1286 - Apache OpenMeetings - Insufficient Access Controls CVE-2018-1286
MLIST:[user] 20180304 CVE-2018-1316 used to cover issue incorrectly used CVE-2008-2370 for ODE 1.3.3 CVE-2018-1316
MLIST:[user] 20181005 [SECURITY] CVE-2018-8033 Apache OFBiz XXE Vulnerability in HttpEngine CVE-2018-8033
MLIST:[user] 20190130 [CVE-2018-20242] Apache JSPWiki Cross-site scripting vulnerability onApache JSPWiki CVE-2018-20242
MLIST:[users-subversion] 20070828 Subversion 1.4.5 releaded (Win32 security release) CVE-2007-3846
MLIST:[users] 20100802 ANNOUNCE: strongswan-4.4.1 released CVE-2010-2628
MLIST:[users] 20110302 Re: @DenyAll does nothing CVE-2011-1419
MLIST:[users] 20110309 [SECURITY] Tomcat 7 ignores @ServletSecurity annotations CVE-2011-1419
MLIST:[users] 20160722 [CVE-2016-5000] XML External Entity (XXE) Vulnerability in Apache POI's XLSX2CSV Example CVE-2016-5000
MLIST:[users] 20161103 [SECURITY] CVE-2016-7035 - pacemaker - improper IPC guarding CVE-2016-7035
MLIST:[users] 20161209 [ANNOUNCE] CVE-2016-6810: ActiveMQ Web Console - Cross-Site Scripting CVE-2016-6810
MLIST:[users] 20170410 [SECURITY] CVE-2017-5647 Apache Tomcat Information Disclosure CVE-2017-5647
MLIST:[users] 20170410 [SECURITY] CVE-2017-5648 Apache Tomcat Information Disclosure CVE-2017-5648
MLIST:[users] 20170410 [SECURITY] CVE-2017-5650 Apache Tomcat Denial of Service CVE-2017-5650
MLIST:[users] 20170410 [SECURITY] CVE-2017-5651 Apache Tomcat Information Disclosure CVE-2017-5651
MLIST:[users] 20170707 Apache Traffic Control Traffic Router Slowloris Denial of Service Vulnerability - CVE-2017-7670 CVE-2017-7670
MLIST:[users] 20180110 CVE-2017-15717: Insufficient XSS protection for HREF attributes in Apache Sling XSS Protection API CVE-2017-15717
MLIST:[users] 20180208 [SECURITY][CVE-2018-1298] Apache Qpid Broker-J Denial of Service Vulnerability with PLAIN and XOAUTH2 SASL mechanisms CVE-2018-1298
MLIST:[users] 20180629 [CVE-2018-8036] DoS (OOM) Vulnerability in Apache PDFBox's AFMParser CVE-2018-8036
MLIST:[util-linux] 20150807 crash in colcrt CVE-2015-5218
MLIST:[uzbl-dev] 20100102 Fw: Uzbl: security issue CVE-2010-0011
MLIST:[v8-dev] 20131115 Limit the size for typed arrays to MaxSmi. (issue 73943004) CVE-2013-6638
MLIST:[valgrind-announce] 20090103 Valgrind-3.4.0 is available CVE-2008-4865
MLIST:[varnish-announce] 20150323 Varnish 3.0.7 released. CVE-2015-8852
MLIST:[vcl-commits] 20190729 svn commit: r1048217 - in /websites/staging/vcl/trunk/content: ./ security.html CVE-2013-0267
MLIST:[vcl-commits] 20190729 svn commit: r1863947 - /vcl/site/trunk/content/security.mdtext CVE-2013-0267
MLIST:[vcl-dev] 20190729 [CVE-2018-11772] Apache VCL SQL injection attack in privilege management CVE-2018-11772
MLIST:[vcl-dev] 20190729 [CVE-2018-11773] Apache VCL improper form validation in block allocation management CVE-2018-11773
MLIST:[vcl-dev] 20190729 [CVE-2018-11774] Apache VCL SQL injection attack in VM management CVE-2018-11774
MLIST:[velocity-commits] 20210310 [velocity-site] 01/01: CVE announcement CVE-2020-13936 CVE-2020-13959
MLIST:[velocity-dev] 20201203 Re: Use of external DTDs - CVE-2020-10683 CVE-2020-10683
MLIST:[velocity-dev] 20201203 Use of external DTDs - CVE-2020-10683 CVE-2020-10683
MLIST:[velocity-user] 20210310 CVE-2020-13936: Velocity Sandbox Bypass CVE-2020-13936
MLIST:[velocity-user] 20210310 CVE-2020-13959: Velocity Tools XSS Vulnerability CVE-2020-13959
MLIST:[velocity-user] 20210318 Re: CVE-2020-13959: Velocity Tools XSS Vulnerability CVE-2020-13959
MLIST:[vim-dev] 20080903 Patch 7.2.010 CVE-2008-4101
MLIST:[vim] 20100811 clearBudget v0.9.8 Remote File Include Vulnerability CVE-2010-4924
MLIST:[vim] 20100816 PHP-Fusion Local File Inclusion Vulnerability CVE-2010-4931
MLIST:[vim_dev] 20080817 Re: Anyone fixing SA31464? CVE-2008-4677
MLIST:[vim_dev] 20080824 Bug with v_K and potentially K command CVE-2008-4101
MLIST:[virglrenderer-devel] 20170210 [ANNOUNCE] virglrenderer 0.6.0 CVE-2017-5956 CVE-2017-5993 CVE-2017-5994 CVE-2017-6209 CVE-2017-6210 CVE-2017-6317 CVE-2017-6355
MLIST:[vlc-commits] 20150131 stream: handle seek across EOF correctly (hopefully) CVE-2016-3941
MLIST:[vlc-devel] 20070102 Security hole in VLC media player for Mac... CVE-2007-0017
MLIST:[vlc-devel] 20070626 subtitle processing overflows CVE-2007-6681
MLIST:[vlc-devel] 20070630 vlc: svn commit r20715 (fenrir) CVE-2007-6681
MLIST:[vlc-devel] 20070915 vlc: svn commit r22023 (courmisch) CVE-2007-6684
MLIST:[vlc-devel] 20071226 Regarding "obscure" security problem CVE-2007-6683
MLIST:[vlc-devel] 20080824 commit: MMS integers handling fixes, including buffer overflow ( Rémi Denis-Courmont ) CVE-2008-3794
MLIST:[vlc-devel] 20110116 Security: Subtitle StripTags heap corruption, potentially exploitable. Patch included CVE-2011-0522
MLIST:[vlc-devel] 20110117 Security: Subtitle StripTags heap corruption, potentially exploitable. Patch included CVE-2011-0522
MLIST:[vnc-list] 20081126 VNC Viewer Vulnerability CVE-2008-4770 CVE-2008-4770
MLIST:[vtigercrm-developers] 20190403 Vtiger CRM 7.1.0 (hotfix3) Released CVE-2019-11057
MLIST:[web2py] 20121214 web2py 2.3.1 is out CVE-2013-2311
MLIST:[webcalendar-announce] 20070304 Announce: Release 1.0.5 (security patch) CVE-2007-1343 CVE-2007-1483 CVE-2008-2836
MLIST:[websecurity] 20090519 [WEB SECURITY] Trustwave's SpiderLabs Security Advisory TWSL2009-001 and EnableSecurity Advisory ES-20090500 CVE-2009-1593 CVE-2009-1594
MLIST:[wget-notify] 20090805 [bug #27183] Wget likely suffers from the \0 SSL cert vulnerability CVE-2009-3490
MLIST:[wget] 20040517 Re: Wget race condition vulnerability (fwd) CVE-2004-2014
MLIST:[wget] 20040517 Wget race condition vulnerability (fwd) CVE-2004-2014
MLIST:[whatwg] 20110314 Canvas and drawWindow CVE-2011-2366 CVE-2011-2599
MLIST:[wicket-announce] 20140221 CVE-2014-0043 CVE-2014-0043
MLIST:[wicket-announce] 20161108 CVE-2016-6806: Apache Wicket CSRF detection vulnerability CVE-2016-6806
MLIST:[wicket-announce] 20210526 Re: CVE-2021-23937: Apache Wicket: DNS proxy and possible amplification attack CVE-2021-23937
MLIST:[wicket-dev] 20210526 Re: CVE-2021-23937: Apache Wicket: DNS proxy and possible amplification attack CVE-2021-23937
MLIST:[wicket-users] 20150218 CVE-2014-7808 CVE-2014-7808
MLIST:[wicket-users] 20210526 Re: CVE-2021-23937: Apache Wicket: DNS proxy and possible amplification attack CVE-2021-23937
MLIST:[wikitech-l] 20180920 Security release: 1.27.5 / 1.29.3 / 1.30.1 / 1.31.1 CVE-2018-0503 CVE-2018-0504 CVE-2018-0505 CVE-2018-13258
MLIST:[ws-commits] 20200219 [ws-wss4j] branch 2_2_x-fixes updated: WSS-665 - Add cryptacular dependency and upgrade to 1.2.4 to fix CVE-2020-7226 CVE-2020-7226
MLIST:[ws-commits] 20200219 [ws-wss4j] branch master updated: WSS-665 - Add cryptacular dependency and upgrade to 1.2.4 to fix CVE-2020-7226 CVE-2020-7226
MLIST:[ws-dev] 20200219 [jira] [Created] (WSS-665) Add cryptacular dependency and upgrade to 1.2.4 to fix CVE-2020-7226 CVE-2020-7226
MLIST:[ws-dev] 20200219 [jira] [Resolved] (WSS-665) Add cryptacular dependency and upgrade to 1.2.4 to fix CVE-2020-7226 CVE-2020-7226
MLIST:[ws-dev] 20200318 [jira] [Closed] (WSS-665) Add cryptacular dependency and upgrade to 1.2.4 to fix CVE-2020-7226 CVE-2020-7226
MLIST:[ws-dev] 20210318 [jira] [Commented] (WSS-683) WSS4J depends on Velocity 1.7 which contains a security vulnerability (CVE-2020-13936) CVE-2020-13936
MLIST:[ws-dev] 20210318 [jira] [Created] (WSS-683) WSS4J depends on Velocity 1.7 which contains a security vulnerability (CVE-2020-13936) CVE-2020-13936
MLIST:[ws-dev] 20210319 [jira] [Comment Edited] (WSS-683) WSS4J depends on Velocity 1.7 which contains a security vulnerability (CVE-2020-13936) CVE-2020-13936
MLIST:[ws-dev] 20210319 [jira] [Commented] (WSS-683) WSS4J depends on Velocity 1.7 which contains a security vulnerability (CVE-2020-13936) CVE-2020-13936
MLIST:[ws-dev] 20210322 [jira] [Commented] (WSS-683) WSS4J depends on Velocity 1.7 which contains a security vulnerability (CVE-2020-13936) CVE-2020-13936
MLIST:[ws-dev] 20210324 [jira] [Commented] (WSS-683) WSS4J depends on Velocity 1.7 which contains a security vulnerability (CVE-2020-13936) CVE-2020-13936
MLIST:[ws-dev] 20210325 [jira] [Commented] (WSS-683) WSS4J depends on Velocity 1.7 which contains a security vulnerability (CVE-2020-13936) CVE-2020-13936
MLIST:[ws-dev] 20210325 [jira] [Updated] (WSS-683) WSS4J depends on Velocity 1.7 which contains a security vulnerability (CVE-2020-13936) CVE-2020-13936
MLIST:[ws-dev] 20210331 [jira] [Commented] (WSS-683) WSS4J depends on Velocity 1.7 which contains a security vulnerability (CVE-2020-13936) CVE-2020-13936
MLIST:[ws-dev] 20210401 [jira] [Commented] (WSS-683) WSS4J depends on Velocity 1.7 which contains a security vulnerability (CVE-2020-13936) CVE-2020-13936
MLIST:[www-announce] 20090808 Apache ODE 1.3.3 CVE-2018-1316
MLIST:[www-announce] 20120415 Apache OFBiz 10.04.02 released CVE-2012-1621
MLIST:[www-announce] 20120706 [SECURITY] CVE-2012-2138 Apache Sling denial of service vulnerability CVE-2012-2138
MLIST:[www-announce] 20130506 Apache VCL improper input validation CVE-2013-0267
MLIST:[www-announce] 20140415 [SECURITY] CVE-2014-0111 Apache Syncope CVE-2014-0111
MLIST:[www-announce] 20141101 [ANNOUNCE] Apache Traffic Server 5.1.1 is released! CVE-2014-3624
MLIST:[www-announce] 20141229 Apache Solr 4.10.3 released CVE-2014-3628
MLIST:[www-announce] 20150521 CVE-2015-1772 CVE-2015-1772
MLIST:[www-announce] 20150525 CVE-2015-1836: Apache HBase remote denial of service, information integrity, and information disclosure vulnerability CVE-2015-1836
MLIST:[www-announce] 20150704 [ANNOUNCE] Apache Traffic Server 5.3.1 is released! CVE-2015-3249
MLIST:[www-announce] 20150914 [ANNOUNCE] Apache Traffic Server 5.3.2 is released! CVE-2015-5168 CVE-2015-5206
MLIST:[www-announce] 20160527 [CVE-2016-2175] Apache PDFBox XML External Entity vulnerability CVE-2016-2175
MLIST:[www-announce] 20161028 [SECURITY] CVE-2016-6813: Apache CloudStack registerUserKeys authorization vulnerability CVE-2016-6813
MLIST:[www-announce] 20161129 [SECURITY] CVE-2016-4462 OFBiz template remote code vulnerability CVE-2016-4462
MLIST:[www-announce] 20161129 [SECURITY] CVE-2016-6800 Apache OFBiz blog stored XSS vulnerability CVE-2016-6800
MLIST:[www-announce] 20170918 CVE-2017-9803: Security vulnerability in kerberos delegation token functionality CVE-2017-9803
MLIST:[www-announce] 20171019 [SECURITY] CVE-2017-12629: Several critical vulnerabilities discovered in Apache Solr (XXE & RCE) CVE-2017-12629
MLIST:[www-announce] 20180211 CVE-2018-1287: Apache JMeter binds RMI server to wildcard in distributed mode (based on RMI) CVE-2018-1287
MLIST:[www-announce] 20180211 CVE-2018-1297: Apache JMeter uses an unsecure RMI connection in Distributed mode CVE-2018-1297
MLIST:[www-announce] 20180408 [SECURITY] CVE-2018-1308: XXE attack through Apache Solr's DIH's dataConfig request parameter CVE-2018-1308
MLIST:[www-announce] 20180721 [SECURITY] CVE-2018-8019 Apache Tomcat Native Connector - Mishandled OCSP invalid response CVE-2018-8019
MLIST:[www-announce] 20180721 [SECURITY] CVE-2018-8020 Apache Tomcat Native Connector - Mishandled OCSP responses can allow clients to authenticate with revoked certificates CVE-2018-8020
MLIST:[www-announce] 20180722 [SECURITY] CVE-2018-1336 Apache Tomcat - Denial of Service CVE-2018-1336
MLIST:[www-announce] 20180722 [SECURITY] CVE-2018-8034 Apache Tomcat - Security Constraint Bypass CVE-2018-8034
MLIST:[www-announce] 20180722 [SECURITY] CVE-2018-8037 Apache Tomcat - Information Disclosure CVE-2018-8037
MLIST:[www-announce] 20180809 [UPDATE][SECURITY] CVE-2018-8037 Apache Tomcat - Information Disclosure CVE-2018-8037
MLIST:[www-announce] 20190212 [SECURITY] CVE-2017-3164 SSRF issue in Apache Solr CVE-2017-3164
MLIST:[www-announce] 20190307 CVE-2019-0192 Deserialization of untrusted data via jmx.serviceUrl in Apache Solr CVE-2019-0192
MLIST:[www-announce] 20190815 [SECURITY] CVE-2019-10086. Apache Commons Beanutils does not suppresses the class property in PropertyUtilsBean by default. CVE-2019-10086
MLIST:[www-announce] 20190909 [SECURITY] CVE-2019-12401: XML Bomb in Apache Solr versions prior to 5.0 CVE-2019-12401
MLIST:[x2go-announcements] 20140103 X2Go Server (4.0.1.10) released CVE-2013-7383
MLIST:[xapian-discuss] 20090909 Cross-site scripting issue in Omega CVE-2009-2947
MLIST:[xchat-announce] 20040405 xchat 2.0.x Socks5 Vulnerability CVE-2004-0409
MLIST:[xen-announce] 20120612 Xen Security Advisory 7 (CVE-2012-0217) - PV privilege escalation CVE-2012-0217
MLIST:[xen-dev] 20080718 [PATCH][XSM][FLASK] Argument handling bugs in XSM:FLASK CVE-2008-3687
MLIST:[xen-dev] 20110512 Xen security advisory CVE-2011-1898 - VT-d (PCI passthrough) MSI CVE-2011-1898
MLIST:[xen-devel] 20080930 Re: [PATCH] [Xend] Move some backend configuration CVE-2008-4405
MLIST:[xen-devel] 20080930 [PATCH] [Xend] Move some backend configuration CVE-2008-4405
MLIST:[xen-devel] 20081218 PATCH: Actually make /local/domain/$DOMID readonly to the guest CVE-2008-5716
MLIST:[xen-devel] 20081218 Re: PATCH: Actually make /local/domain/$DOMID readonly to the guest CVE-2008-5716
MLIST:[xen-devel] 20120619 Security vulnerability process, and CVE-2012-0217 CVE-2012-0217
MLIST:[xerces-c-dev] 20200110 [xerces-c] 06/13: Add CVE-2018-1311 advisory and web site note. CVE-2018-1311
MLIST:[xerces-c-users] 20210528 RE: Security vulnerability - CVE-2018-1311 CVE-2018-1311
MLIST:[xerces-c-users] 20210528 Re: Security vulnerability - CVE-2018-1311 CVE-2018-1311
MLIST:[xerces-c-users] 20210528 Security vulnerability - CVE-2018-1311 CVE-2018-1311
MLIST:[xerces-j-users] 20201014 Security vulnerability in 2.12.0 CVE-2020-14338 CVE-2020-14621
MLIST:[xfs] 20140327 xfs errors while unlinking filenames with hash collisions CVE-2014-7283
MLIST:[xfs] 20150729 [ANNOUNCE] xfsprogs: v3.2.4 released CVE-2012-2150
MLIST:[xml-dev] 20030202 Re: Elliotte Rusty Harold on Web Services CVE-2003-1564
MLIST:[xml] 20080820 Security fix for libxml2 CVE-2003-1564
MLIST:[xml] 20101104 Release of libxml2-2.7.8 CVE-2010-4008
MLIST:[xmlgraphics-batik-dev] 20180523 [CVE-2018-8013] Apache Batik information disclosure vulnerability CVE-2018-8013
MLIST:[xmlgraphics-commits] 20200615 svn commit: r1878850 - /xmlgraphics/site/trunk/content/security.mdtext CVE-2018-8013
MLIST:[xmlgraphics-commits] 20200615 svn commit: r1878851 - /xmlgraphics/site/trunk/content/security.mdtext CVE-2018-8013
MLIST:[xmlgraphics-fop-dev] 20191018 [jira] [Created] (FOP-2885) Security Vulnerability with Xerces version <= 2.11 CVE-2018-2799
MLIST:[xmlsec] 20110331 New xmlsec 1.2.17 release CVE-2011-1425
MLIST:[xorg-announce] 20070403 various integer overflow vulnerabilites in xserver, libX11 and libXfont CVE-2007-1351 CVE-2007-1352 CVE-2007-1667
MLIST:[xorg-announce] 20070906 xorg-server 1.4 CVE-2007-4730
MLIST:[xorg-announce] 20071002 [ANNOUNCE] X.Org security advisory: multiple vulnerabilities in X font server CVE-2007-4990
MLIST:[xorg-announce] 20110405 X.Org security advisory: root hole via rogue hostname CVE-2011-0465
MLIST:[xorg-announce] 20110405 xrdb 1.0.9 CVE-2011-0465
MLIST:[xorg-announce] 20120724 X.Org security advisory: DoS/info leak in xfs prior to X11R6.7/XFree86 3.3.3 CVE-2012-1699
MLIST:[xorg-announce] 20131008 X.Org security advisory: CVE-2013-4396: Use after free in Xserver handling of ImageText requests CVE-2013-4396
MLIST:[xorg-announce] 20140107 X.Org Security Advisory: CVE-2013-6462: Stack buffer overflow in parsing of BDF font files in libXfont CVE-2013-6462
MLIST:[xorg-announce] 20140513 [ANNOUNCE] X.Org Security Advisory: Multiple issues in libXfont CVE-2014-0209 CVE-2014-0210 CVE-2014-0211
MLIST:[xorg-announce] 20140705 [ANNOUNCE] pixman release 0.32.6 now available CVE-2014-9766
MLIST:[xorg-announce] 20150210 xorg-server 1.16.4 CVE-2015-3418
MLIST:[xorg-announce] 20150414 [ANNOUNCE] X.Org Security Advisory: Buffer overflow in MakeBigReq macro CVE-2013-7439
MLIST:[xorg-announce] 20161004 X.Org security advisory: Protocol handling issues in X Window System client libraries CVE-2016-5407 CVE-2016-7942 CVE-2016-7943 CVE-2016-7944 CVE-2016-7945 CVE-2016-7946 CVE-2016-7947 CVE-2016-7948 CVE-2016-7949 CVE-2016-7950 CVE-2016-7951 CVE-2016-7952 CVE-2016-7953
MLIST:[xorg-announce] 20171004 [ANNOUNCE] xorg-server 1.19.4 CVE-2017-13721 CVE-2017-13723
MLIST:[xorg-announce] 20180821 libX11 1.6.6 CVE-2018-14598 CVE-2018-14599 CVE-2018-14600
MLIST:[xorg-announce] 20181025 X.Org security advisory: October 25, 2018 CVE-2018-14665
MLIST:[xorg-commit] 20140704 xf86-video-intel: tools/backlight_helper.c CVE-2014-4910
MLIST:[xorg] 20060620 X.Org security advisory: setuid return value check problems CVE-2006-4447
MLIST:[xorg] 20080117 X.Org security advisory: multiple vulnerabilities in the X server CVE-2007-5760 CVE-2007-5958 CVE-2007-6427 CVE-2007-6428 CVE-2007-6429 CVE-2008-0006
MLIST:[xorg] 20080611 X.Org security advisory june 2008 - Multiple vulnerabilities in X server extensions CVE-2008-1377 CVE-2008-1379 CVE-2008-2360 CVE-2008-2361 CVE-2008-2362
MLIST:[xorg] 20111018 X.Org security advisory: xserver locking code issues CVE-2011-4028 CVE-2011-4029
MLIST:[xorg] 20161215 [ANNOUNCE] libXpm 3.5.12 CVE-2016-10164
MLIST:[xstream-user] 20130717 Re: Is it possible to unregister the DynamicProxyConverter using the SpringOXM wrapper CVE-2013-7285
MLIST:[xstream-user] 20130718 Re: Is it possible to unregister the DynamicProxyConverter using the SpringOXM wrapper CVE-2013-7285
MLIST:[zeppelin-users] 20190423 Issues fixed in previous releases of Apache Zeppelin 0.7.3 and 0.8.0 (CVE-2017-12619 CVE-2018-1317 CVE-2018-1328) CVE-2017-12619 CVE-2018-1317 CVE-2018-1328
MLIST:[zeppelin-users] 20210902 CVE-2019-10095: Apache Zeppelin: bash command injection in spark interpreter CVE-2019-10095
MLIST:[zeppelin-users] 20210902 CVE-2020-13929: Apache Zeppelin: Notebook permissions bypass CVE-2020-13929
MLIST:[zeppelin-users] 20210902 CVE-2021-27578: Apache Zeppelin: Cross Site Scripting in markdown interpreter CVE-2021-27578
MLIST:[zeppelin-users] 20210928 Re: CVE-2019-10095: Apache Zeppelin: bash command injection in spark interpreter CVE-2019-10095
MLIST:[zeppelin-users] 20210928 Re: CVE-2020-13929: Apache Zeppelin: Notebook permissions bypass CVE-2020-13929
MLIST:[zeppelin-users] 20210928 Re: CVE-2021-27578: Apache Zeppelin: Cross Site Scripting in markdown interpreter CVE-2021-27578
MLIST:[zookeeper-commits] 20191003 [zookeeper] branch branch-3.5 updated: ZOOKEEPER-3563: Update Netty to fix CVE-2019-16869 CVE-2019-16869
MLIST:[zookeeper-commits] 20191003 [zookeeper] branch branch-3.5.6 updated: ZOOKEEPER-3563: Update Netty to fix CVE-2019-16869 CVE-2019-16869
MLIST:[zookeeper-commits] 20191003 [zookeeper] branch master updated: ZOOKEEPER-3563: Update Netty to address CVE-2019-16869 CVE-2019-16869
MLIST:[zookeeper-commits] 20200118 [zookeeper] branch branch-3.5 updated: ZOOKEEPER-3677: owasp checker failing for - CVE-2019-17571 Apache Log4j 1.2 deserialization of untrusted data in SocketServer CVE-2019-17571 CVE-2019-3826
MLIST:[zookeeper-commits] 20200118 [zookeeper] branch branch-3.6 updated: ZOOKEEPER-3677: owasp checker failing for - CVE-2019-17571 Apache Log4j 1.2 deserialization of untrusted data in SocketServer CVE-2019-17571 CVE-2019-3826
MLIST:[zookeeper-commits] 20200118 [zookeeper] branch master updated: ZOOKEEPER-3677: owasp checker failing for - CVE-2019-17571 Apache Log4j 1.2 deserialization of untrusted data in SocketServer CVE-2019-17571 CVE-2019-3826
MLIST:[zookeeper-commits] 20200123 [zookeeper] branch branch-3.5 updated: ZOOKEEPER-3699: upgrade jackson-databind to address CVE-2019-20330 CVE-2019-20330
MLIST:[zookeeper-commits] 20200123 [zookeeper] branch branch-3.6 updated: ZOOKEEPER-3699: upgrade jackson-databind to address CVE-2019-20330 CVE-2019-20330
MLIST:[zookeeper-commits] 20200123 [zookeeper] branch master updated: ZOOKEEPER-3699: upgrade jackson-databind to address CVE-2019-20330 CVE-2019-20330
MLIST:[zookeeper-commits] 20200223 [zookeeper] branch branch-3.5 updated: ZOOKEEPER-3734: upgrade jackson-databind to address CVE-2020-8840 CVE-2020-8840
MLIST:[zookeeper-commits] 20200223 [zookeeper] branch branch-3.6 updated: ZOOKEEPER-3734: upgrade jackson-databind to address CVE-2020-8840 CVE-2020-8840
MLIST:[zookeeper-commits] 20200223 [zookeeper] branch master updated: ZOOKEEPER-3734: upgrade jackson-databind to address CVE-2020-8840 CVE-2020-8840
MLIST:[zookeeper-commits] 20200224 [zookeeper] 01/02: ZOOKEEPER-3734: upgrade jackson-databind to address CVE-2020-8840 CVE-2020-8840
MLIST:[zookeeper-commits] 20200415 [zookeeper] branch branch-3.5 updated: ZOOKEEPER-3794: upgrade netty to address CVE-2020-11612 CVE-2020-11612
MLIST:[zookeeper-commits] 20200415 [zookeeper] branch branch-3.6 updated: ZOOKEEPER-3794: upgrade netty to address CVE-2020-11612 CVE-2020-11612
MLIST:[zookeeper-commits] 20200415 [zookeeper] branch master updated: ZOOKEEPER-3794: upgrade netty to address CVE-2020-11612 CVE-2020-11612
MLIST:[zookeeper-commits] 20200415 [zookeeper] branch release-3.6.1 updated: ZOOKEEPER-3794: upgrade netty to address CVE-2020-11612 CVE-2020-11612
MLIST:[zookeeper-commits] 20200504 [zookeeper] branch branch-3.5 updated: ZOOKEEPER-3794: upgrade netty to address CVE-2020-11612 - fixed file rename typo CVE-2020-11612
MLIST:[zookeeper-commits] 20200504 [zookeeper] branch branch-3.5 updated: ZOOKEEPER-3817: suppress log4j SmtpAppender related CVE-2020-9488 CVE-2019-17571 CVE-2020-9488
MLIST:[zookeeper-commits] 20200504 [zookeeper] branch branch-3.6 updated: ZOOKEEPER-3794: upgrade netty to address CVE-2020-11612 - fixed file rename typo CVE-2020-11612
MLIST:[zookeeper-commits] 20200504 [zookeeper] branch branch-3.6 updated: ZOOKEEPER-3817: suppress log4j SmtpAppender related CVE-2020-9488 CVE-2019-17571 CVE-2020-9488
MLIST:[zookeeper-commits] 20200504 [zookeeper] branch master updated: ZOOKEEPER-3794: upgrade netty to address CVE-2020-11612 - fixed file rename typo CVE-2020-11612
MLIST:[zookeeper-commits] 20200504 [zookeeper] branch master updated: ZOOKEEPER-3817: suppress log4j SmtpAppender related CVE-2020-9488 CVE-2019-17571 CVE-2020-9488
MLIST:[zookeeper-commits] 20201124 [zookeeper] branch branch-3.5 updated: ZOOKEEPER-4017: Owasp check failing - Jetty 9.4.32 - CVE-2020-27216 CVE-2020-27216
MLIST:[zookeeper-commits] 20201124 [zookeeper] branch branch-3.6 updated: ZOOKEEPER-4017: Owasp check failing - Jetty 9.4.32 - CVE-2020-27216 CVE-2020-27216
MLIST:[zookeeper-commits] 20201124 [zookeeper] branch master updated: ZOOKEEPER-4017: Owasp check failing - Jetty 9.4.32 - CVE-2020-27216 CVE-2020-27216
MLIST:[zookeeper-commits] 20201224 [zookeeper] branch master updated: ZOOKEEPER-4023: dependency-check:check failing - Jetty 9.4.34.v20201102 - CVE-2020-27218 CVE-2020-27218
MLIST:[zookeeper-commits] 20210106 [zookeeper] branch branch-3.5 updated: ZOOKEEPER-4045: CVE-2020-25649 - Upgrade jackson databind to 2.10.5.1 CVE-2020-25649
MLIST:[zookeeper-commits] 20210106 [zookeeper] branch branch-3.5.9 updated: ZOOKEEPER-4023: dependency-check:check failing - Jetty 9.4.34.v20201102 - CVE-2020-27218 CVE-2020-27218
MLIST:[zookeeper-commits] 20210106 [zookeeper] branch branch-3.5.9 updated: ZOOKEEPER-4045: CVE-2020-25649 - Upgrade jackson databind to 2.10.5.1 CVE-2020-25649
MLIST:[zookeeper-commits] 20210106 [zookeeper] branch branch-3.6 updated: ZOOKEEPER-4045: CVE-2020-25649 - Upgrade jackson databind to 2.10.5.1 CVE-2020-25649
MLIST:[zookeeper-commits] 20210106 [zookeeper] branch master updated: ZOOKEEPER-4045: CVE-2020-25649 - Upgrade jackson databind to 2.10.5.1 CVE-2020-25649
MLIST:[zookeeper-commits] 20210308 [zookeeper] branch branch-3.5 updated: ZOOKEEPER-4233: dependency-check:check failing - Jetty 9.4.35.v20201120 - CVE-2020-27223 CVE-2020-27223
MLIST:[zookeeper-commits] 20210308 [zookeeper] branch branch-3.6 updated: ZOOKEEPER-4233: dependency-check:check failing - Jetty 9.4.35.v20201120 - CVE-2020-27223 CVE-2020-27223
MLIST:[zookeeper-commits] 20210310 [zookeeper] branch branch-3.7 updated: ZOOKEEPER-4233: dependency-check:check failing - Jetty 9.4.35.v20201120 - CVE-2020-27223 CVE-2020-27223
MLIST:[zookeeper-commits] 20210310 [zookeeper] branch branch-3.7.0 updated: ZOOKEEPER-4233: dependency-check:check failing - Jetty 9.4.35.v20201120 - CVE-2020-27223 CVE-2020-27223
MLIST:[zookeeper-commits] 20210310 [zookeeper] branch master updated: ZOOKEEPER-4233: dependency-check:check failing - Jetty 9.4.35.v20201120 - CVE-2020-27223 CVE-2020-27223
MLIST:[zookeeper-commits] 20210331 [zookeeper] branch branch-3.5 updated: ZOOKEEPER-4272 ZOOKEEPER-4272: Upgrade Netty library to > 4.1.60 due to security vulnerability CVE-2021-21295 CVE-2021-21295
MLIST:[zookeeper-commits] 20210331 [zookeeper] branch branch-3.6 updated: ZOOKEEPER-4272: Upgrade Netty library to > 4.1.60 due to security vulnerability CVE-2021-21295 CVE-2021-21295
MLIST:[zookeeper-commits] 20210331 [zookeeper] branch branch-3.7 updated: ZOOKEEPER-4272: Upgrade Netty library to > 4.1.60 due to security vulnerability CVE-2021-21295 CVE-2021-21295
MLIST:[zookeeper-commits] 20210331 [zookeeper] branch master updated: ZOOKEEPER-4272: Upgrade Netty library to > 4.1.60 due to security vulnerability CVE-2021-21295 CVE-2021-21295
MLIST:[zookeeper-commits] 20210407 [zookeeper] branch branch-3.5 updated: ZOOKEEPER-4277: update jetty to 9.4.39 due to CVE-2021-28165 CVE-2021-28165
MLIST:[zookeeper-commits] 20210407 [zookeeper] branch branch-3.6 updated: ZOOKEEPER-4277: update jetty to 9.4.39 due to CVE-2021-28165 CVE-2021-28165
MLIST:[zookeeper-commits] 20210407 [zookeeper] branch branch-3.6.3 updated: ZOOKEEPER-4277: update jetty to 9.4.39 due to CVE-2021-28165 CVE-2021-28165
MLIST:[zookeeper-commits] 20210407 [zookeeper] branch branch-3.7 updated: ZOOKEEPER-4277: update jetty to 9.4.39 due to CVE-2021-28165 CVE-2021-28165
MLIST:[zookeeper-commits] 20210407 [zookeeper] branch master updated: ZOOKEEPER-4277: update jetty to 9.4.39 due to CVE-2021-28165 CVE-2021-28165
MLIST:[zookeeper-commits] 20210408 [zookeeper] 01/02: ZOOKEEPER-4278: dependency-check:check failing - netty-transport-4.1.60.Final CVE-2021-21409 CVE-2021-21409
MLIST:[zookeeper-commits] 20210408 [zookeeper] branch branch-3.6 updated: ZOOKEEPER-4278: dependency-check:check failing - netty-transport-4.1.60.Final CVE-2021-21409 CVE-2021-21409
MLIST:[zookeeper-commits] 20210408 [zookeeper] branch branch-3.7 updated: ZOOKEEPER-4278: dependency-check:check failing - netty-transport-4.1.60.Final CVE-2021-21409 CVE-2021-21409
MLIST:[zookeeper-commits] 20210408 [zookeeper] branch master updated: ZOOKEEPER-4278: dependency-check:check failing - netty-transport-4.1.60.Final CVE-2021-21409 CVE-2021-21409
MLIST:[zookeeper-commits] 20210901 [zookeeper] branch branch-3.7 updated: ZOOKEEPER-4337: Bump jetty to 9.4.43.v20210629 (avoids CVE-2021-34429) CVE-2021-34429
MLIST:[zookeeper-commits] 20210901 [zookeeper] branch master updated: ZOOKEEPER-4337: Bump jetty to 9.4.43.v20210629 (avoids CVE-2021-34429) CVE-2021-34429
MLIST:[zookeeper-commits] 20210901 [zookeeper] branch master updated: ZOOKEEPER-4343: Bump commons-io to version 2.11 (avoids CVE-2021-29425) CVE-2021-29425
MLIST:[zookeeper-commits] 20210924 [zookeeper] branch branch-3.5 updated: ZOOKEEPER-4385. Backport ZOOKEEPER-4278 to branch-3.5 to Address CVE-2021-21409 CVE-2021-21409
MLIST:[zookeeper-dev] 20190623 [jira] [Created] (ZOOKEEPER-3441) OWASP is flagging jackson-databind-2.9.9.jar for CVE-2019-12814 CVE-2019-12814
MLIST:[zookeeper-dev] 20190930 Re: [VOTE] Apache ZooKeeper release 3.5.6 candidate 2 CVE-2019-16869
MLIST:[zookeeper-dev] 20190930 [jira] [Created] (ZOOKEEPER-3563) dependency check failing on 3.4 and 3.5 branches - netty-3.10.6.Final.jar: CVE-2019-16869 CVE-2019-16869
MLIST:[zookeeper-dev] 20191001 Re: [VOTE] Apache ZooKeeper release 3.5.6 candidate 2 CVE-2019-16869
MLIST:[zookeeper-dev] 20191002 Re: [VOTE] Apache ZooKeeper release 3.5.6 candidate 2 CVE-2019-16869
MLIST:[zookeeper-dev] 20191107 [jira] [Created] (ZOOKEEPER-3609) Update lib yui-min: 3.1.0 due to security vulnerability CVE-2013-4939
MLIST:[zookeeper-dev] 20191107 [jira] [Created] (ZOOKEEPER-3610) Update lib prototype.js: 1.4.0_pre4 due to security vulnerability CVE-2008-7220
MLIST:[zookeeper-dev] 20191112 [jira] [Created] (ZOOKEEPER-3612) CLONE - Update lib prototype.js: 1.4.0_pre4 due to security vulnerability CVE-2008-7220
MLIST:[zookeeper-dev] 20200107 [jira] [Created] (ZOOKEEPER-3677) owasp checker failing for - CVE-2019-17571 Apache Log4j 1.2 deserialization of untrusted data in SocketServer CVE-2019-17571
MLIST:[zookeeper-dev] 20200118 Build failed in Jenkins: zookeeper-master-maven-owasp #329 CVE-2019-17571 CVE-2019-20330
MLIST:[zookeeper-dev] 20200118 [jira] [Created] (ZOOKEEPER-3699) upgrade jackson-databind to address CVE-2019-20330 CVE-2019-20330
MLIST:[zookeeper-dev] 20200122 Re: 3.5.7 CVE-2019-20330
MLIST:[zookeeper-dev] 20200203 Re: [VOTE] Apache ZooKeeper release 3.6.0 candidate 1 CVE-2019-20445
MLIST:[zookeeper-dev] 20200203 [jira] [Created] (ZOOKEEPER-3716) upgrade netty 4.1.42 to address CVE-2019-20444 CVE-2019-20445 CVE-2019-20444 CVE-2019-20445
MLIST:[zookeeper-dev] 20200204 Build failed in Jenkins: zookeeper-branch36-java11 #39 CVE-2019-20444
MLIST:[zookeeper-dev] 20200204 Build failed in Jenkins: zookeeper-branch36-java8 #38 CVE-2019-20444
MLIST:[zookeeper-dev] 20200204 Build failed in Jenkins: zookeeper-master-maven-jdk11 #361 CVE-2019-20444
MLIST:[zookeeper-dev] 20200222 [jira] [Created] (ZOOKEEPER-3734) upgrade jackson-databind to address CVE-2020-8840 CVE-2020-8840
MLIST:[zookeeper-dev] 20200307 Build failed in Jenkins: PreCommit-ZOOKEEPER-github-pr-build-maven #1898 CVE-2020-9547
MLIST:[zookeeper-dev] 20200307 [jira] [Created] (ZOOKEEPER-3750) update jackson-databind to address CVE-2020-9547, CVE-2020-9548, CVE-2020-9546 CVE-2020-9546 CVE-2020-9547 CVE-2020-9548
MLIST:[zookeeper-dev] 20200413 [jira] [Created] (ZOOKEEPER-3794) upgrade netty to address CVE-2020-11612 CVE-2020-11612
MLIST:[zookeeper-dev] 20200504 [jira] [Created] (ZOOKEEPER-3817) owasp failing due to CVE-2020-9488 CVE-2020-9488
MLIST:[zookeeper-dev] 20200504 log4j SmtpAppender related CVE CVE-2020-9488
MLIST:[zookeeper-dev] 20200913 [jira] [Created] (ZOOKEEPER-3933) owasp failing with json-simple-1.1.1.jar: CVE-2020-10663, CVE-2020-7712 CVE-2020-10663 CVE-2020-7712
MLIST:[zookeeper-dev] 20201103 [jira] [Created] (ZOOKEEPER-3990) Log4j 1.2.17 used by zookeeper 3.6.1 is vulnerable to CVE-2019-17571 CVE-2019-17571
MLIST:[zookeeper-dev] 20201123 Owasp test failing - Jetty 9.4.32 - CVE-2020-27216 CVE-2020-27216
MLIST:[zookeeper-dev] 20201123 Re: Owasp test failing - Jetty 9.4.32 - CVE-2020-27216 CVE-2020-27216
MLIST:[zookeeper-dev] 20201123 [jira] [Created] (ZOOKEEPER-4017) Owasp check failing - Jetty 9.4.32 - CVE-2020-27216 CVE-2020-27216
MLIST:[zookeeper-dev] 20201205 [jira] [Created] (ZOOKEEPER-4023) CLONE - Owasp check failing - Jetty 9.4.32 - CVE-2020-27216 CVE-2020-27216
MLIST:[zookeeper-dev] 20201208 Re: [VOTE] Apache ZooKeeper release 3.5.9 candidate 0 CVE-2020-27216 CVE-2020-27218
MLIST:[zookeeper-dev] 20210105 [jira] [Created] (ZOOKEEPER-4045) CVE-2020-25649 - Upgrade jackson databind to 2.10.5.1 CVE-2020-25649
MLIST:[zookeeper-dev] 20210307 [jira] [Created] (ZOOKEEPER-4233) dependency-check:check failing - Jetty 9.4.35.v20201120 - CVE-2020-27223 CVE-2020-27223
MLIST:[zookeeper-dev] 20210311 [jira] [Created] (ZOOKEEPER-4242) Upgrade Netty library to > 4.1.59 due to security vulnerability CVE-2021-21290
MLIST:[zookeeper-dev] 20210327 [jira] [Created] (ZOOKEEPER-4264) Apache Zookeeper 3.6.2 - slf4j 1.7.25 has security vulnerability CVE-2018-8088 CVE-2018-8088
MLIST:[zookeeper-dev] 20210330 [jira] [Created] (ZOOKEEPER-4272) Upgrade Netty library to > 4.1.60 due to security vulnerability CVE-2021-21295 CVE-2021-21290 CVE-2021-21295
MLIST:[zookeeper-dev] 20210407 Re: [VOTE] Apache ZooKeeper release 3.6.3 candidate 1 CVE-2021-28165
MLIST:[zookeeper-dev] 20210407 [jira] [Created] (ZOOKEEPER-4277) dependency-check:check failing - jetty-server-9.4.39 CVE-2021-28165 CVE-2021-28165
MLIST:[zookeeper-dev] 20210407 [jira] [Created] (ZOOKEEPER-4278) dependency-check:check failing - netty-transport-4.1.60.Final CVE-2021-21409 CVE-2021-21409
MLIST:[zookeeper-dev] 20210423 [jira] [Created] (ZOOKEEPER-4285) High CVE-2019-25013 reported by Clair scanner for Zookeeper 3.6.1 CVE-2019-25013
MLIST:[zookeeper-dev] 20210517 [jira] [Created] (ZOOKEEPER-4295) Upgrade Netty library to > 4.1.60 due to security vulnerability CVE-2021-21409 in branch-3.5 CVE-2021-21409
MLIST:[zookeeper-dev] 20210728 [jira] [Created] (ZOOKEEPER-4337) CVE-2021-34429 in jetty 9.4.38.v20210224 in zookeeper 3.7.0 CVE-2021-28164 CVE-2021-34429
MLIST:[zookeeper-dev] 20210805 [jira] [Created] (ZOOKEEPER-4343) OWASP Dependency-Check fails with CVE-2021-29425, commons-io-2.6 CVE-2021-29425
MLIST:[zookeeper-dev] 20210923 [jira] [Created] (ZOOKEEPER-4385) Backport ZOOKEEPER-4278 to branch-3.5 to Address CVE-2021-21409 CVE-2021-21409
MLIST:[zookeeper-dev] 20210928 [jira] [Created] (ZOOKEEPER-4390) CVE-2021-28169 - Upgrade jetty to 9.4.42 CVE-2021-21295 CVE-2021-28169
MLIST:[zookeeper-issues] 20190623 [jira] [Created] (ZOOKEEPER-3441) OWASP is flagging jackson-databind-2.9.9.jar for CVE-2019-12814 CVE-2019-12814
MLIST:[zookeeper-issues] 20190623 [jira] [Updated] (ZOOKEEPER-3441) OWASP is flagging jackson-databind-2.9.9.jar for CVE-2019-12814 CVE-2019-12814
MLIST:[zookeeper-issues] 20190708 [jira] [Commented] (ZOOKEEPER-3441) OWASP is flagging jackson-databind-2.9.9.jar for CVE-2019-12814 CVE-2019-12814
MLIST:[zookeeper-issues] 20190712 [jira] [Assigned] (ZOOKEEPER-3441) OWASP is flagging jackson-databind-2.9.9.jar for CVE-2019-12814 CVE-2019-12814
MLIST:[zookeeper-issues] 20190712 [jira] [Commented] (ZOOKEEPER-3441) OWASP is flagging jackson-databind-2.9.9.jar for CVE-2019-12814 CVE-2019-12814
MLIST:[zookeeper-issues] 20190712 [jira] [Resolved] (ZOOKEEPER-3441) OWASP is flagging jackson-databind-2.9.9.jar for CVE-2019-12814 CVE-2019-12814
MLIST:[zookeeper-issues] 20190713 [jira] [Updated] (ZOOKEEPER-3441) OWASP is flagging jackson-databind-2.9.9.jar for CVE-2019-12814 CVE-2019-12814
MLIST:[zookeeper-issues] 20190930 [jira] [Commented] (ZOOKEEPER-3563) dependency check failing on 3.4 and 3.5 branches - CVE-2019-16869 on Netty CVE-2019-16869
MLIST:[zookeeper-issues] 20190930 [jira] [Created] (ZOOKEEPER-3563) dependency check failing on 3.4 and 3.5 branches - netty-3.10.6.Final.jar: CVE-2019-16869 CVE-2019-16869
MLIST:[zookeeper-issues] 20190930 [jira] [Updated] (ZOOKEEPER-3563) dependency check failing on 3.4 and 3.5 branches - CVE-2019-16869 on Netty CVE-2019-16869
MLIST:[zookeeper-issues] 20190930 [jira] [Updated] (ZOOKEEPER-3563) dependency check failing on 3.4 and 3.5 branches - netty with CVE-2019-16869 CVE-2019-16869
MLIST:[zookeeper-issues] 20191001 [jira] [Commented] (ZOOKEEPER-3563) dependency check failing on 3.4 and 3.5 branches - CVE-2019-16869 on Netty CVE-2019-16869
MLIST:[zookeeper-issues] 20191003 [jira] [Commented] (ZOOKEEPER-3563) dependency check failing on 3.4 and 3.5 branches - CVE-2019-16869 on Netty CVE-2019-16869
MLIST:[zookeeper-issues] 20191008 [jira] [Commented] (ZOOKEEPER-3563) dependency check failing on 3.4 and 3.5 branches - CVE-2019-16869 on Netty CVE-2019-16869
MLIST:[zookeeper-issues] 20191008 [jira] [Resolved] (ZOOKEEPER-3563) dependency check failing on 3.4 and 3.5 branches - CVE-2019-16869 on Netty CVE-2019-16869
MLIST:[zookeeper-issues] 20191107 [jira] [Created] (ZOOKEEPER-3609) Update lib yui-min: 3.1.0 due to security vulnerability CVE-2013-4939
MLIST:[zookeeper-issues] 20191107 [jira] [Created] (ZOOKEEPER-3610) Update lib prototype.js: 1.4.0_pre4 due to security vulnerability CVE-2008-7220
MLIST:[zookeeper-issues] 20191112 [jira] [Created] (ZOOKEEPER-3612) CLONE - Update lib prototype.js: 1.4.0_pre4 due to security vulnerability CVE-2008-7220
MLIST:[zookeeper-issues] 20200107 [jira] [Commented] (ZOOKEEPER-3677) owasp checker failing for - CVE-2019-17571 Apache Log4j 1.2 deserialization of untrusted data in SocketServer CVE-2019-17571
MLIST:[zookeeper-issues] 20200107 [jira] [Created] (ZOOKEEPER-3677) owasp checker failing for - CVE-2019-17571 Apache Log4j 1.2 deserialization of untrusted data in SocketServer CVE-2019-17571
MLIST:[zookeeper-issues] 20200108 [jira] [Assigned] (ZOOKEEPER-3677) owasp checker failing for - CVE-2019-17571 Apache Log4j 1.2 deserialization of untrusted data in SocketServer CVE-2019-17571
MLIST:[zookeeper-issues] 20200108 [jira] [Commented] (ZOOKEEPER-3677) owasp checker failing for - CVE-2019-17571 Apache Log4j 1.2 deserialization of untrusted data in SocketServer CVE-2019-17571
MLIST:[zookeeper-issues] 20200108 [jira] [Updated] (ZOOKEEPER-3677) owasp checker failing for - CVE-2019-17571 Apache Log4j 1.2 deserialization of untrusted data in SocketServer CVE-2019-17571
MLIST:[zookeeper-issues] 20200118 [jira] [Commented] (ZOOKEEPER-3699) upgrade jackson-databind to address CVE-2019-20330 CVE-2019-20330
MLIST:[zookeeper-issues] 20200118 [jira] [Created] (ZOOKEEPER-3699) upgrade jackson-databind to address CVE-2019-20330 CVE-2019-20330
MLIST:[zookeeper-issues] 20200118 [jira] [Resolved] (ZOOKEEPER-3677) owasp checker failing for - CVE-2019-17571 Apache Log4j 1.2 deserialization of untrusted data in SocketServer CVE-2019-17571
MLIST:[zookeeper-issues] 20200122 [jira] [Assigned] (ZOOKEEPER-3699) upgrade jackson-databind to address CVE-2019-20330 CVE-2019-20330
MLIST:[zookeeper-issues] 20200122 [jira] [Commented] (ZOOKEEPER-3699) upgrade jackson-databind to address CVE-2019-20330 CVE-2019-20330
MLIST:[zookeeper-issues] 20200122 [jira] [Updated] (ZOOKEEPER-3699) upgrade jackson-databind to address CVE-2019-20330 CVE-2019-20330
MLIST:[zookeeper-issues] 20200123 [jira] [Commented] (ZOOKEEPER-3699) upgrade jackson-databind to address CVE-2019-20330 CVE-2019-20330
MLIST:[zookeeper-issues] 20200123 [jira] [Resolved] (ZOOKEEPER-3699) upgrade jackson-databind to address CVE-2019-20330 CVE-2019-20330
MLIST:[zookeeper-issues] 20200123 [jira] [Updated] (ZOOKEEPER-3699) upgrade jackson-databind to address CVE-2019-20330 CVE-2019-20330
MLIST:[zookeeper-issues] 20200129 [jira] [Updated] (ZOOKEEPER-3677) owasp checker failing for - CVE-2019-17571 Apache Log4j 1.2 deserialization of untrusted data in SocketServer CVE-2019-17571
MLIST:[zookeeper-issues] 20200203 [jira] [Assigned] (ZOOKEEPER-3716) upgrade netty 4.1.42 to address CVE-2019-20444 CVE-2019-20445 CVE-2019-20444 CVE-2019-20445
MLIST:[zookeeper-issues] 20200203 [jira] [Commented] (ZOOKEEPER-3716) upgrade netty 4.1.42 to address CVE-2019-20444 CVE-2019-20445 CVE-2019-20444 CVE-2019-20445
MLIST:[zookeeper-issues] 20200203 [jira] [Created] (ZOOKEEPER-3716) upgrade netty 4.1.42 to address CVE-2019-20444 CVE-2019-20445 CVE-2019-20444 CVE-2019-20445
MLIST:[zookeeper-issues] 20200203 [jira] [Updated] (ZOOKEEPER-3716) upgrade netty 4.1.42 to address CVE-2019-20444 CVE-2019-20445 CVE-2019-20444 CVE-2019-20445
MLIST:[zookeeper-issues] 20200204 [jira] [Resolved] (ZOOKEEPER-3716) upgrade netty 4.1.42 to address CVE-2019-20444 CVE-2019-20445 CVE-2019-20444 CVE-2019-20445
MLIST:[zookeeper-issues] 20200209 [jira] [Commented] (ZOOKEEPER-3716) upgrade netty 4.1.42 to address CVE-2019-20444 CVE-2019-20445 CVE-2019-20444 CVE-2019-20445
MLIST:[zookeeper-issues] 20200209 [jira] [Updated] (ZOOKEEPER-3716) upgrade netty 4.1.42 to address CVE-2019-20444 CVE-2019-20445 CVE-2019-20444 CVE-2019-20445
MLIST:[zookeeper-issues] 20200222 [jira] [Created] (ZOOKEEPER-3734) upgrade jackson-databind to address CVE-2020-8840 CVE-2020-8840
MLIST:[zookeeper-issues] 20200223 [jira] [Assigned] (ZOOKEEPER-3734) upgrade jackson-databind to address CVE-2020-8840 CVE-2020-8840
MLIST:[zookeeper-issues] 20200223 [jira] [Resolved] (ZOOKEEPER-3734) upgrade jackson-databind to address CVE-2020-8840 CVE-2020-8840
MLIST:[zookeeper-issues] 20200223 [jira] [Updated] (ZOOKEEPER-3734) upgrade jackson-databind to address CVE-2020-8840 CVE-2020-8840
MLIST:[zookeeper-issues] 20200225 [jira] [Updated] (ZOOKEEPER-3734) upgrade jackson-databind to address CVE-2020-8840 CVE-2020-8840
MLIST:[zookeeper-issues] 20200307 [jira] [Created] (ZOOKEEPER-3750) update jackson-databind to address CVE-2020-9547, CVE-2020-9548, CVE-2020-9546 CVE-2020-9546 CVE-2020-9547 CVE-2020-9548
MLIST:[zookeeper-issues] 20200307 [jira] [Updated] (ZOOKEEPER-3750) update jackson-databind to address CVE-2020-9547, CVE-2020-9548, CVE-2020-9546 CVE-2020-9546 CVE-2020-9547 CVE-2020-9548
MLIST:[zookeeper-issues] 20200308 [jira] [Commented] (ZOOKEEPER-3750) update jackson-databind to address CVE-2020-9547, CVE-2020-9548, CVE-2020-9546 CVE-2020-9546 CVE-2020-9547 CVE-2020-9548
MLIST:[zookeeper-issues] 20200319 [jira] [Commented] (ZOOKEEPER-3750) update jackson-databind to address CVE-2020-9547, CVE-2020-9548, CVE-2020-9546 CVE-2020-9546 CVE-2020-9547 CVE-2020-9548
MLIST:[zookeeper-issues] 20200319 [jira] [Updated] (ZOOKEEPER-3750) update jackson-databind to address CVE-2020-9547, CVE-2020-9548, CVE-2020-9546 CVE-2020-9546 CVE-2020-9547 CVE-2020-9548
MLIST:[zookeeper-issues] 20200413 [jira] [Assigned] (ZOOKEEPER-3794) upgrade netty to address CVE-2020-11612 CVE-2020-11612
MLIST:[zookeeper-issues] 20200413 [jira] [Created] (ZOOKEEPER-3794) upgrade netty to address CVE-2020-11612 CVE-2020-11612
MLIST:[zookeeper-issues] 20200413 [jira] [Updated] (ZOOKEEPER-3794) upgrade netty to address CVE-2020-11612 CVE-2020-11612
MLIST:[zookeeper-issues] 20200415 [jira] [Resolved] (ZOOKEEPER-3794) upgrade netty to address CVE-2020-11612 CVE-2020-11612
MLIST:[zookeeper-issues] 20200430 [jira] [Resolved] (ZOOKEEPER-3750) update jackson-databind to address CVE-2020-9547, CVE-2020-9548, CVE-2020-9546 CVE-2020-9546 CVE-2020-9547 CVE-2020-9548
MLIST:[zookeeper-issues] 20200504 [jira] [Assigned] (ZOOKEEPER-3817) owasp failing due to CVE-2020-9488 CVE-2020-9488
MLIST:[zookeeper-issues] 20200504 [jira] [Commented] (ZOOKEEPER-3817) owasp failing due to CVE-2020-9488 CVE-2020-9488
MLIST:[zookeeper-issues] 20200504 [jira] [Created] (ZOOKEEPER-3817) owasp failing due to CVE-2020-9488 CVE-2020-9488
MLIST:[zookeeper-issues] 20200504 [jira] [Resolved] (ZOOKEEPER-3817) owasp failing due to CVE-2020-9488 CVE-2020-9488
MLIST:[zookeeper-issues] 20200504 [jira] [Updated] (ZOOKEEPER-3817) owasp failing due to CVE-2020-9488 CVE-2020-9488
MLIST:[zookeeper-issues] 20200913 [jira] [Created] (ZOOKEEPER-3933) owasp failing with json-simple-1.1.1.jar: CVE-2020-10663, CVE-2020-7712 CVE-2020-10663 CVE-2020-7712
MLIST:[zookeeper-issues] 20200913 [jira] [Resolved] (ZOOKEEPER-3933) owasp failing with json-simple-1.1.1.jar: CVE-2020-10663, CVE-2020-7712 CVE-2020-10663 CVE-2020-7712
MLIST:[zookeeper-issues] 20200930 [jira] [Comment Edited] (ZOOKEEPER-3933) owasp failing with json-simple-1.1.1.jar: CVE-2020-10663, CVE-2020-7712 CVE-2020-10663 CVE-2020-7712
MLIST:[zookeeper-issues] 20200930 [jira] [Commented] (ZOOKEEPER-3933) owasp failing with json-simple-1.1.1.jar: CVE-2020-10663, CVE-2020-7712 CVE-2020-10663 CVE-2020-7712
MLIST:[zookeeper-issues] 20200930 [jira] [Issue Comment Deleted] (ZOOKEEPER-3933) owasp failing with json-simple-1.1.1.jar: CVE-2020-10663, CVE-2020-7712 CVE-2020-10663 CVE-2020-7712
MLIST:[zookeeper-issues] 20201103 [jira] [Created] (ZOOKEEPER-3990) Log4j 1.2.17 used by zookeeper 3.6.1 is vulnerable to CVE-2019-17571 CVE-2019-17571
MLIST:[zookeeper-issues] 20201103 [jira] [Resolved] (ZOOKEEPER-3990) Log4j 1.2.17 used by zookeeper 3.6.1 is vulnerable to CVE-2019-17571 CVE-2019-17571
MLIST:[zookeeper-issues] 20201123 [jira] [Created] (ZOOKEEPER-4017) Owasp check failing - Jetty 9.4.32 - CVE-2020-27216 CVE-2020-27216
MLIST:[zookeeper-issues] 20201123 [jira] [Updated] (ZOOKEEPER-4017) Owasp check failing - Jetty 9.4.32 - CVE-2020-27216 CVE-2020-27216
MLIST:[zookeeper-issues] 20201124 [jira] [Resolved] (ZOOKEEPER-4017) Owasp check failing - Jetty 9.4.32 - CVE-2020-27216 CVE-2020-27216
MLIST:[zookeeper-issues] 20201124 [jira] [Updated] (ZOOKEEPER-4017) Owasp check failing - Jetty 9.4.32 - CVE-2020-27216 CVE-2020-27216
MLIST:[zookeeper-issues] 20201205 [jira] [Assigned] (ZOOKEEPER-4023) CLONE - Owasp check failing - Jetty 9.4.32 - CVE-2020-27216 CVE-2020-27216
MLIST:[zookeeper-issues] 20201205 [jira] [Created] (ZOOKEEPER-4023) CLONE - Owasp check failing - Jetty 9.4.32 - CVE-2020-27216 CVE-2020-27216
MLIST:[zookeeper-issues] 20201205 [jira] [Updated] (ZOOKEEPER-4023) dependency-check:check failing - Jetty 9.4.34.v20201102 - CVE-2020-27218 CVE-2020-27216 CVE-2020-27218
MLIST:[zookeeper-issues] 20201206 [jira] [Updated] (ZOOKEEPER-4023) dependency-check:check failing - Jetty 9.4.34.v20201102 - CVE-2020-27218 CVE-2020-27218
MLIST:[zookeeper-issues] 20201224 [jira] [Resolved] (ZOOKEEPER-4023) dependency-check:check failing - Jetty 9.4.34.v20201102 - CVE-2020-27218 CVE-2020-27218
MLIST:[zookeeper-issues] 20210105 [jira] [Created] (ZOOKEEPER-4045) CVE-2020-25649 - Upgrade jackson databind to 2.10.5.1 CVE-2020-25649
MLIST:[zookeeper-issues] 20210105 [jira] [Updated] (ZOOKEEPER-4045) CVE-2020-25649 - Upgrade jackson databind to 2.10.5.1 CVE-2020-25649
MLIST:[zookeeper-issues] 20210106 [jira] [Commented] (ZOOKEEPER-4045) CVE-2020-25649 - Upgrade jackson databind to 2.10.5.1 CVE-2020-25649
MLIST:[zookeeper-issues] 20210106 [jira] [Updated] (ZOOKEEPER-3933) owasp failing with json-simple-1.1.1.jar: CVE-2020-10663, CVE-2020-7712 CVE-2020-10663 CVE-2020-7712
MLIST:[zookeeper-issues] 20210106 [jira] [Updated] (ZOOKEEPER-4045) CVE-2020-25649 - Upgrade jackson databind to 2.10.5.1 CVE-2020-25649
MLIST:[zookeeper-issues] 20210116 [jira] [Commented] (ZOOKEEPER-4045) CVE-2020-25649 - Upgrade jackson databind to 2.10.5.1 CVE-2020-25649
MLIST:[zookeeper-issues] 20210307 [jira] [Created] (ZOOKEEPER-4233) dependency-check:check failing - Jetty 9.4.35.v20201120 - CVE-2020-27223 CVE-2020-27223
MLIST:[zookeeper-issues] 20210307 [jira] [Updated] (ZOOKEEPER-4233) dependency-check:check failing - Jetty 9.4.35.v20201120 - CVE-2020-27223 CVE-2020-27223
MLIST:[zookeeper-issues] 20210310 [jira] [Resolved] (ZOOKEEPER-4233) dependency-check:check failing - Jetty 9.4.35.v20201120 - CVE-2020-27223 CVE-2020-27223
MLIST:[zookeeper-issues] 20210311 [jira] [Created] (ZOOKEEPER-4242) Upgrade Netty library to > 4.1.59 due to security vulnerability CVE-2021-21290
MLIST:[zookeeper-issues] 20210327 [jira] [Created] (ZOOKEEPER-4264) Apache Zookeeper 3.6.2 - slf4j 1.7.25 has security vulnerability CVE-2018-8088 CVE-2018-8088
MLIST:[zookeeper-issues] 20210327 [jira] [Updated] (ZOOKEEPER-4264) Apache Zookeeper 3.6.2 - slf4j 1.7.25 has security vulnerability CVE-2018-8088 CVE-2018-8088
MLIST:[zookeeper-issues] 20210328 [jira] [Commented] (ZOOKEEPER-4264) Apache Zookeeper 3.6.2 - slf4j 1.7.25 has security vulnerability CVE-2018-8088 CVE-2018-8088
MLIST:[zookeeper-issues] 20210330 [jira] [Created] (ZOOKEEPER-4272) Upgrade Netty library to > 4.1.60 due to security vulnerability CVE-2021-21295 CVE-2021-21290 CVE-2021-21295
MLIST:[zookeeper-issues] 20210330 [jira] [Updated] (ZOOKEEPER-4272) Upgrade Netty library to > 4.1.60 due to security vulnerability CVE-2021-21295 CVE-2021-21290 CVE-2021-21295
MLIST:[zookeeper-issues] 20210331 [jira] [Assigned] (ZOOKEEPER-4272) Upgrade Netty library to > 4.1.60 due to security vulnerability CVE-2021-21295 CVE-2021-21295
MLIST:[zookeeper-issues] 20210331 [jira] [Commented] (ZOOKEEPER-4272) Upgrade Netty library to > 4.1.60 due to security vulnerability CVE-2021-21295 CVE-2021-21295
MLIST:[zookeeper-issues] 20210331 [jira] [Resolved] (ZOOKEEPER-4272) Upgrade Netty library to > 4.1.60 due to security vulnerability CVE-2021-21295 CVE-2021-21295
MLIST:[zookeeper-issues] 20210331 [jira] [Updated] (ZOOKEEPER-4272) Upgrade Netty library to > 4.1.60 due to security vulnerability CVE-2021-21295 CVE-2021-21295
MLIST:[zookeeper-issues] 20210401 [jira] [Commented] (ZOOKEEPER-4272) Upgrade Netty library to > 4.1.60 due to security vulnerability CVE-2021-21295 CVE-2021-21295
MLIST:[zookeeper-issues] 20210402 [jira] [Commented] (ZOOKEEPER-4272) Upgrade Netty library to > 4.1.60 due to security vulnerability CVE-2021-21295 CVE-2021-21290 CVE-2021-21295
MLIST:[zookeeper-issues] 20210404 [jira] [Assigned] (ZOOKEEPER-3933) owasp failing with json-simple-1.1.1.jar: CVE-2020-10663, CVE-2020-7712 CVE-2020-10663 CVE-2020-7712
MLIST:[zookeeper-issues] 20210404 [jira] [Updated] (ZOOKEEPER-3933) owasp failing with json-simple-1.1.1.jar: CVE-2020-10663, CVE-2020-7712 CVE-2020-10663 CVE-2020-7712
MLIST:[zookeeper-issues] 20210407 [jira] [Assigned] (ZOOKEEPER-4277) dependency-check:check failing - jetty-server-9.4.39 CVE-2021-28165 CVE-2021-28165
MLIST:[zookeeper-issues] 20210407 [jira] [Assigned] (ZOOKEEPER-4278) dependency-check:check failing - netty-transport-4.1.60.Final CVE-2021-21409 CVE-2021-21409
MLIST:[zookeeper-issues] 20210407 [jira] [Created] (ZOOKEEPER-4277) dependency-check:check failing - jetty-server-9.4.39 CVE-2021-28165 CVE-2021-28165
MLIST:[zookeeper-issues] 20210407 [jira] [Created] (ZOOKEEPER-4278) dependency-check:check failing - netty-transport-4.1.60.Final CVE-2021-21409 CVE-2021-21409
MLIST:[zookeeper-issues] 20210407 [jira] [Updated] (ZOOKEEPER-4277) dependency-check:check failing - jetty-server-9.4.38 CVE-2021-28165 CVE-2021-28165
MLIST:[zookeeper-issues] 20210407 [jira] [Updated] (ZOOKEEPER-4277) dependency-check:check failing - jetty-server-9.4.39 CVE-2021-28165 CVE-2021-28165
MLIST:[zookeeper-issues] 20210408 [jira] [Assigned] (ZOOKEEPER-4278) dependency-check:check failing - netty-transport-4.1.60.Final CVE-2021-21409 CVE-2021-21409
MLIST:[zookeeper-issues] 20210408 [jira] [Comment Edited] (ZOOKEEPER-4278) dependency-check:check failing - netty-transport-4.1.60.Final CVE-2021-21409 CVE-2021-21409
MLIST:[zookeeper-issues] 20210408 [jira] [Commented] (ZOOKEEPER-4278) dependency-check:check failing - netty-transport-4.1.60.Final CVE-2021-21409 CVE-2021-21409
MLIST:[zookeeper-issues] 20210408 [jira] [Resolved] (ZOOKEEPER-4278) dependency-check:check failing - netty-transport-4.1.60.Final CVE-2021-21409 CVE-2021-21409
MLIST:[zookeeper-issues] 20210408 [jira] [Updated] (ZOOKEEPER-4278) dependency-check:check failing - netty-transport-4.1.60.Final CVE-2021-21409 CVE-2021-21409
MLIST:[zookeeper-issues] 20210409 [jira] [Commented] (ZOOKEEPER-4278) dependency-check:check failing - netty-transport-4.1.60.Final CVE-2021-21409 CVE-2021-21409
MLIST:[zookeeper-issues] 20210423 [jira] [Created] (ZOOKEEPER-4285) High CVE-2019-25013 reported by Clair scanner for Zookeeper 3.6.1 CVE-2019-25013
MLIST:[zookeeper-issues] 20210506 [jira] [Resolved] (ZOOKEEPER-4285) High CVE-2019-25013 reported by Clair scanner for Zookeeper 3.6.1 CVE-2019-25013
MLIST:[zookeeper-issues] 20210517 [jira] [Created] (ZOOKEEPER-4295) Upgrade Netty library to > 4.1.60 due to security vulnerability CVE-2021-21409 in branch-3.5 CVE-2021-21409
MLIST:[zookeeper-issues] 20210517 [jira] [Updated] (ZOOKEEPER-4295) Upgrade Netty library to > 4.1.60 due to security vulnerability CVE-2021-21409 in branch-3.5 CVE-2021-21409
MLIST:[zookeeper-issues] 20210727 [jira] [Comment Edited] (ZOOKEEPER-4278) dependency-check:check failing - netty-transport-4.1.60.Final CVE-2021-21409 CVE-2021-21409
MLIST:[zookeeper-issues] 20210727 [jira] [Commented] (ZOOKEEPER-4278) dependency-check:check failing - netty-transport-4.1.60.Final CVE-2021-21409 CVE-2021-21409
MLIST:[zookeeper-issues] 20210728 [jira] [Created] (ZOOKEEPER-4337) CVE-2021-34429 in jetty 9.4.38.v20210224 in zookeeper 3.7.0 CVE-2021-28164 CVE-2021-34429
MLIST:[zookeeper-issues] 20210728 [jira] [Updated] (ZOOKEEPER-4337) CVE-2021-34429 in jetty 9.4.38.v20210224 in zookeeper 3.7.0 CVE-2021-28164 CVE-2021-34429
MLIST:[zookeeper-issues] 20210805 [jira] [Assigned] (ZOOKEEPER-4337) CVE-2021-34429 in jetty 9.4.38.v20210224 in zookeeper 3.7.0 CVE-2021-28164 CVE-2021-34429
MLIST:[zookeeper-issues] 20210805 [jira] [Created] (ZOOKEEPER-4343) OWASP Dependency-Check fails with CVE-2021-29425, commons-io-2.6 CVE-2021-29425
MLIST:[zookeeper-issues] 20210805 [jira] [Updated] (ZOOKEEPER-4337) CVE-2021-34429 in jetty 9.4.38.v20210224 in zookeeper 3.7.0 CVE-2021-28164 CVE-2021-34429
MLIST:[zookeeper-issues] 20210805 [jira] [Updated] (ZOOKEEPER-4343) OWASP Dependency-Check fails with CVE-2021-29425, commons-io-2.6 CVE-2021-29425
MLIST:[zookeeper-issues] 20210901 [jira] [Resolved] (ZOOKEEPER-4337) CVE-2021-34429 in jetty 9.4.38.v20210224 in zookeeper 3.7.0 CVE-2021-28164 CVE-2021-34429
MLIST:[zookeeper-issues] 20210901 [jira] [Resolved] (ZOOKEEPER-4343) OWASP Dependency-Check fails with CVE-2021-29425, commons-io-2.6 CVE-2021-29425
MLIST:[zookeeper-issues] 20210922 [jira] [Commented] (ZOOKEEPER-4278) dependency-check:check failing - netty-transport-4.1.60.Final CVE-2021-21409 CVE-2021-21409
MLIST:[zookeeper-issues] 20210923 [jira] [Assigned] (ZOOKEEPER-4385) Backport ZOOKEEPER-4278 to branch-3.5 to Address CVE-2021-21409 CVE-2021-21409
MLIST:[zookeeper-issues] 20210923 [jira] [Commented] (ZOOKEEPER-4278) dependency-check:check failing - netty-transport-4.1.60.Final CVE-2021-21409 CVE-2021-21409
MLIST:[zookeeper-issues] 20210923 [jira] [Created] (ZOOKEEPER-4385) Backport ZOOKEEPER-4278 to branch-3.5 to Address CVE-2021-21409 CVE-2021-21409
MLIST:[zookeeper-issues] 20210923 [jira] [Updated] (ZOOKEEPER-4385) Backport ZOOKEEPER-4278 to branch-3.5 to Address CVE-2021-21409 CVE-2021-21409
MLIST:[zookeeper-issues] 20210924 [jira] [Resolved] (ZOOKEEPER-4385) Backport ZOOKEEPER-4278 to branch-3.5 to Address CVE-2021-21409 CVE-2021-21409
MLIST:[zookeeper-issues] 20210928 [jira] [Created] (ZOOKEEPER-4390) CVE-2021-28169 - Upgrade jetty to 9.4.42 CVE-2021-21295 CVE-2021-28169
MLIST:[zookeeper-issues] 20210928 [jira] [Updated] (ZOOKEEPER-4390) CVE-2021-28169 , - Upgrade jetty to 9.4.42 CVE-2021-21295 CVE-2021-28163 CVE-2021-28169 CVE-2021-34428
MLIST:[zookeeper-issues] 20210928 [jira] [Updated] (ZOOKEEPER-4390) CVE-2021-28169 , CVE-2021-28163, - Upgrade jetty to 9.4.42 CVE-2021-21295 CVE-2021-28163 CVE-2021-28169 CVE-2021-34428
MLIST:[zookeeper-issues] 20210928 [jira] [Updated] (ZOOKEEPER-4390) CVE-2021-28169 , CVE-2021-28163, CVE-2021-34428- Upgrade jetty to 9.4.42 CVE-2021-21295 CVE-2021-28163 CVE-2021-28169 CVE-2021-34428
MLIST:[zookeeper-issues] 20210928 [jira] [Updated] (ZOOKEEPER-4390) CVE-2021-28169 - Upgrade jetty to 9.4.42 CVE-2021-21295 CVE-2021-28169
MLIST:[zookeeper-issues] 20211028 [jira] [Updated] (ZOOKEEPER-4337) CVE-2021-34429 in jetty 9.4.38.v20210224 in zookeeper 3.7.0 CVE-2021-28164 CVE-2021-34429
MLIST:[zookeeper-notifications] 20190623 [GitHub] [zookeeper] eolivelli opened a new pull request #1001: ZOOKEEPER-3441 OWASP is flagging jackson-databind-2.9.9.jar for CVE-2019-12814 CVE-2019-12814
MLIST:[zookeeper-notifications] 20190624 [GitHub] [zookeeper] eolivelli closed pull request #1001: ZOOKEEPER-3441 OWASP is flagging jackson-databind-2.9.9.jar for CVE-2019-12814 CVE-2019-12814
MLIST:[zookeeper-notifications] 20190624 [GitHub] [zookeeper] eolivelli commented on issue #1001: ZOOKEEPER-3441 OWASP is flagging jackson-databind-2.9.9.jar for CVE-2019-12814 CVE-2019-12814
MLIST:[zookeeper-notifications] 20190624 [GitHub] [zookeeper] phunt commented on a change in pull request #1001: ZOOKEEPER-3441 OWASP is flagging jackson-databind-2.9.9.jar for CVE-2019-12814 CVE-2018-12056 CVE-2019-12814
MLIST:[zookeeper-notifications] 20190710 [GitHub] [zookeeper] phunt closed pull request #1013: ZOOKEEPER-3441: OWASP is flagging jackson-databind-2.9.9.jar for CVE-2019-12814 CVE-2019-12814
MLIST:[zookeeper-notifications] 20190710 [GitHub] [zookeeper] phunt opened a new pull request #1013: ZOOKEEPER-3441: OWASP is flagging jackson-databind-2.9.9.jar for CVE-2019-12814 CVE-2008-7220 CVE-2019-12814
MLIST:[zookeeper-notifications] 20190925 [GitHub] [zookeeper] maoling commented on issue #1097: ZOOKEEPER-3559 - Update Jackson to 2.9.10 CVE-2019-14540
MLIST:[zookeeper-notifications] 20200108 [GitHub] [zookeeper] eolivelli opened a new pull request #1209: ZOOKEEPER-3677 owasp checker failing for - CVE-2019-17571 Apache Log4j 1.2 deserialization of untrusted data in SocketServer CVE-2019-17571
MLIST:[zookeeper-notifications] 20200118 [GitHub] [zookeeper] asfgit closed pull request #1209: ZOOKEEPER-3677 owasp checker failing for - CVE-2019-17571 Apache Log4j 1.2 deserialization of untrusted data in SocketServer CVE-2019-17571
MLIST:[zookeeper-notifications] 20200122 [GitHub] [zookeeper] phunt commented on issue #1232: ZOOKEEPER-3699: upgrade jackson-databind to address CVE-2019-20330 CVE-2019-20330
MLIST:[zookeeper-notifications] 20200122 [GitHub] [zookeeper] phunt opened a new pull request #1232: ZOOKEEPER-3699: upgrade jackson-databind to address CVE-2019-20330 CVE-2019-20330
MLIST:[zookeeper-notifications] 20200123 [GitHub] [zookeeper] asfgit closed pull request #1232: ZOOKEEPER-3699: upgrade jackson-databind to address CVE-2019-20330 CVE-2019-20330
MLIST:[zookeeper-notifications] 20200123 [GitHub] [zookeeper] nkalmar commented on issue #1232: ZOOKEEPER-3699: upgrade jackson-databind to address CVE-2019-20330 CVE-2019-20330
MLIST:[zookeeper-notifications] 20200223 [GitHub] [zookeeper] asfgit closed pull request #1262: ZOOKEEPER-3734 upgrade jackson-databind to address CVE-2020-8840 CVE-2020-8840
MLIST:[zookeeper-notifications] 20200223 [GitHub] [zookeeper] eolivelli opened a new pull request #1262: ZOOKEEPER-3734 upgrade jackson-databind to address CVE-2020-8840 CVE-2020-8840
MLIST:[zookeeper-notifications] 20200223 [GitHub] [zookeeper] phunt commented on issue #1262: ZOOKEEPER-3734 upgrade jackson-databind to address CVE-2020-8840 CVE-2020-8840
MLIST:[zookeeper-notifications] 20200413 [GitHub] [zookeeper] phunt opened a new pull request #1319: ZOOKEEPER-3794: upgrade netty to address CVE-2020-11612 CVE-2020-11612
MLIST:[zookeeper-notifications] 20200414 [GitHub] [zookeeper] eolivelli commented on issue #1319: ZOOKEEPER-3794: upgrade netty to address CVE-2020-11612 CVE-2020-11612
MLIST:[zookeeper-notifications] 20200414 [GitHub] [zookeeper] phunt commented on issue #1319: ZOOKEEPER-3794: upgrade netty to address CVE-2020-11612 CVE-2020-11612
MLIST:[zookeeper-notifications] 20200415 Build failed in Jenkins: zookeeper-branch36-java8 #137 CVE-2020-11612
MLIST:[zookeeper-notifications] 20200415 Build failed in Jenkins: zookeeper-master-maven-jdk12 #465 CVE-2020-11612
MLIST:[zookeeper-notifications] 20200415 [GitHub] [zookeeper] eolivelli closed pull request #1319: ZOOKEEPER-3794: upgrade netty to address CVE-2020-11612 CVE-2020-11612
MLIST:[zookeeper-notifications] 20200504 Build failed in Jenkins: zookeeper-master-maven #784 CVE-2020-11612
MLIST:[zookeeper-notifications] 20200504 Build failed in Jenkins: zookeeper-master-maven-jdk12 #490 CVE-2020-11612
MLIST:[zookeeper-notifications] 20200504 Build failed in Jenkins: zookeeper-master-maven-owasp #489 CVE-2020-11612 CVE-2020-9488
MLIST:[zookeeper-notifications] 20200504 [GitHub] [zookeeper] symat commented on pull request #1346: ZOOKEEPER-3817: suppress log4j SmtpAppender related CVE-2020-9488 CVE-2020-9488
MLIST:[zookeeper-notifications] 20200504 [GitHub] [zookeeper] symat opened a new pull request #1346: ZOOKEEPER-3817: suppress log4j SmtpAppender related CVE-2020-9488 CVE-2020-9488
MLIST:[zookeeper-notifications] 20201123 [GitHub] [zookeeper] anmolnar commented on pull request #1549: ZOOKEEPER-4017. Owasp check failing - Jetty 9.4.32 - CVE-2020-27216 CVE-2020-27216
MLIST:[zookeeper-notifications] 20201123 [GitHub] [zookeeper] anmolnar opened a new pull request #1549: ZOOKEEPER-4017. Owasp check failing - Jetty 9.4.32 - CVE-2020-27216 CVE-2020-27216
MLIST:[zookeeper-notifications] 20201123 [GitHub] [zookeeper] eolivelli commented on pull request #1549: ZOOKEEPER-4017. Owasp check failing - Jetty 9.4.32 - CVE-2020-27216 CVE-2020-27216
MLIST:[zookeeper-notifications] 20201123 [GitHub] [zookeeper] ztzg commented on pull request #1549: ZOOKEEPER-4017. Owasp check failing - Jetty 9.4.32 - CVE-2020-27216 CVE-2020-27216
MLIST:[zookeeper-notifications] 20201124 [GitHub] [zookeeper] anmolnar commented on pull request #1549: ZOOKEEPER-4017. Owasp check failing - Jetty 9.4.32 - CVE-2020-27216 CVE-2020-27216
MLIST:[zookeeper-notifications] 20201124 [GitHub] [zookeeper] anmolnar edited a comment on pull request #1549: ZOOKEEPER-4017. Owasp check failing - Jetty 9.4.32 - CVE-2020-27216 CVE-2020-27216
MLIST:[zookeeper-notifications] 20201124 [GitHub] [zookeeper] asfgit closed pull request #1549: ZOOKEEPER-4017. Owasp check failing - Jetty 9.4.32 - CVE-2020-27216 CVE-2020-27216
MLIST:[zookeeper-notifications] 20201124 [GitHub] [zookeeper] nkalmar commented on pull request #1549: ZOOKEEPER-4017. Owasp check failing - Jetty 9.4.32 - CVE-2020-27216 CVE-2020-27216
MLIST:[zookeeper-notifications] 20201205 [GitHub] [zookeeper] phunt commented on a change in pull request #1552: ZOOKEEPER-4023: dependency-check:check failing - Jetty 9.4.34.v20201102 - CVE-2020-27218 CVE-2020-27218
MLIST:[zookeeper-notifications] 20201205 [GitHub] [zookeeper] ztzg commented on a change in pull request #1552: ZOOKEEPER-4023: dependency-check:check failing - Jetty 9.4.34.v20201102 - CVE-2020-27218 CVE-2020-27218
MLIST:[zookeeper-notifications] 20201205 [GitHub] [zookeeper] ztzg commented on pull request #1552: ZOOKEEPER-4023: dependency-check:check failing - Jetty 9.4.34.v20201102 - CVE-2020-27218 CVE-2020-27218
MLIST:[zookeeper-notifications] 20201205 [GitHub] [zookeeper] ztzg opened a new pull request #1552: ZOOKEEPER-4023: dependency-check:check failing - Jetty 9.4.34.v20201102 - CVE-2020-27218 CVE-2020-27218
MLIST:[zookeeper-notifications] 20201205 [GitHub] [zookeeper] ztzg opened a new pull request #1553: ZOOKEEPER-4023: dependency-check:check failing - Jetty 9.4.34.v20201102 - CVE-2020-27218 CVE-2020-27218
MLIST:[zookeeper-notifications] 20201205 [GitHub] [zookeeper] ztzg opened a new pull request #1554: ZOOKEEPER-4023: dependency-check:check failing - Jetty 9.4.34.v20201102 - CVE-2020-27218 CVE-2020-27218
MLIST:[zookeeper-notifications] 20201206 [GitHub] [zookeeper] nkalmar commented on a change in pull request #1554: ZOOKEEPER-4023: dependency-check:check failing - Jetty 9.4.34.v20201102 - CVE-2020-27218 CVE-2020-27218
MLIST:[zookeeper-notifications] 20201206 [GitHub] [zookeeper] nkalmar commented on pull request #1554: ZOOKEEPER-4023: dependency-check:check failing - Jetty 9.4.34.v20201102 - CVE-2020-27218 CVE-2020-27218
MLIST:[zookeeper-notifications] 20201206 [GitHub] [zookeeper] ztzg commented on a change in pull request #1554: ZOOKEEPER-4023: dependency-check:check failing - Jetty 9.4.34.v20201102 - CVE-2020-27218 CVE-2020-27218
MLIST:[zookeeper-notifications] 20201206 [GitHub] [zookeeper] ztzg commented on pull request #1554: ZOOKEEPER-4023: dependency-check:check failing - Jetty 9.4.34.v20201102 - CVE-2020-27218 CVE-2020-27218
MLIST:[zookeeper-notifications] 20201207 [GitHub] [zookeeper] nkalmar commented on pull request #1552: ZOOKEEPER-4023: dependency-check:check failing - Jetty 9.4.34.v20201102 - CVE-2020-27218 CVE-2020-27218
MLIST:[zookeeper-notifications] 20201207 [GitHub] [zookeeper] nkalmar commented on pull request #1554: ZOOKEEPER-4023: dependency-check:check failing - Jetty 9.4.34.v20201102 - CVE-2020-27218 CVE-2020-27218
MLIST:[zookeeper-notifications] 20201207 [GitHub] [zookeeper] nkalmar edited a comment on pull request #1554: ZOOKEEPER-4023: dependency-check:check failing - Jetty 9.4.34.v20201102 - CVE-2020-27218 CVE-2020-27218
MLIST:[zookeeper-notifications] 20201207 [GitHub] [zookeeper] ztzg commented on a change in pull request #1552: ZOOKEEPER-4023: dependency-check:check failing - Jetty 9.4.34.v20201102 - CVE-2020-27218 CVE-2020-27218
MLIST:[zookeeper-notifications] 20201211 [GitHub] [zookeeper] nkalmar commented on pull request #1552: ZOOKEEPER-4023: dependency-check:check failing - Jetty 9.4.34.v20201102 - CVE-2020-27218 CVE-2020-27218
MLIST:[zookeeper-notifications] 20201215 [GitHub] [zookeeper] phunt commented on pull request #1552: ZOOKEEPER-4023: dependency-check:check failing - Jetty 9.4.34.v20201102 - CVE-2020-27218 CVE-2020-27218
MLIST:[zookeeper-notifications] 20201224 [GitHub] [zookeeper] eolivelli commented on pull request #1552: ZOOKEEPER-4023: dependency-check:check failing - Jetty 9.4.34.v20201102 - CVE-2020-27218 CVE-2020-27218
MLIST:[zookeeper-notifications] 20201224 [GitHub] [zookeeper] ztzg closed pull request #1552: ZOOKEEPER-4023: dependency-check:check failing - Jetty 9.4.34.v20201102 - CVE-2020-27218 CVE-2020-27218
MLIST:[zookeeper-notifications] 20201224 [GitHub] [zookeeper] ztzg closed pull request #1553: ZOOKEEPER-4023: dependency-check:check failing - Jetty 9.4.34.v20201102 - CVE-2020-27218 CVE-2020-27218
MLIST:[zookeeper-notifications] 20201224 [GitHub] [zookeeper] ztzg closed pull request #1554: ZOOKEEPER-4023: dependency-check:check failing - Jetty 9.4.34.v20201102 - CVE-2020-27218 CVE-2020-27218
MLIST:[zookeeper-notifications] 20201224 [GitHub] [zookeeper] ztzg commented on pull request #1552: ZOOKEEPER-4023: dependency-check:check failing - Jetty 9.4.34.v20201102 - CVE-2020-27218 CVE-2020-27218
MLIST:[zookeeper-notifications] 20201224 [GitHub] [zookeeper] ztzg commented on pull request #1553: ZOOKEEPER-4023: dependency-check:check failing - Jetty 9.4.34.v20201102 - CVE-2020-27218 CVE-2020-27218
MLIST:[zookeeper-notifications] 20201224 [GitHub] [zookeeper] ztzg commented on pull request #1554: ZOOKEEPER-4023: dependency-check:check failing - Jetty 9.4.34.v20201102 - CVE-2020-27218 CVE-2020-27218
MLIST:[zookeeper-notifications] 20210106 [GitHub] [zookeeper] asfgit closed pull request #1572: ZOOKEEPER-4045: CVE-2020-25649 - Upgrade jackson databind to 2.10.5.1 CVE-2020-25649
MLIST:[zookeeper-notifications] 20210106 [GitHub] [zookeeper] edwin092 opened a new pull request #1572: ZOOKEEPER-4045: CVE-2020-25649 - Upgrade jackson databind to 2.10.5.1 CVE-2020-25649
MLIST:[zookeeper-notifications] 20210106 [GitHub] [zookeeper] nkalmar commented on pull request #1572: ZOOKEEPER-4045: CVE-2020-25649 - Upgrade jackson databind to 2.10.5.1 CVE-2020-25649
MLIST:[zookeeper-notifications] 20210307 [GitHub] [zookeeper] ztzg commented on pull request #1623: ZOOKEEPER-4233: dependency-check:check failing - Jetty 9.4.35.v20201120 - CVE-2020-27223 CVE-2020-27223
MLIST:[zookeeper-notifications] 20210307 [GitHub] [zookeeper] ztzg opened a new pull request #1623: ZOOKEEPER-4233: dependency-check:check failing - Jetty 9.4.35.v20201120 - CVE-2020-27223 CVE-2020-27223
MLIST:[zookeeper-notifications] 20210307 [GitHub] [zookeeper] ztzg opened a new pull request #1624: ZOOKEEPER-4233: dependency-check:check failing - Jetty 9.4.35.v20201120 - CVE-2020-27223 CVE-2020-27223
MLIST:[zookeeper-notifications] 20210307 [GitHub] [zookeeper] ztzg opened a new pull request #1625: ZOOKEEPER-4233: dependency-check:check failing - Jetty 9.4.35.v20201120 - CVE-2020-27223 CVE-2020-27223
MLIST:[zookeeper-notifications] 20210308 [GitHub] [zookeeper] arshadmohammad commented on a change in pull request #1623: ZOOKEEPER-4233: dependency-check:check failing - Jetty 9.4.35.v20201120 - CVE-2020-27223 CVE-2020-27223
MLIST:[zookeeper-notifications] 20210308 [GitHub] [zookeeper] arshadmohammad commented on pull request #1624: ZOOKEEPER-4233: dependency-check:check failing - Jetty 9.4.35.v20201120 - CVE-2020-27223 CVE-2020-27223
MLIST:[zookeeper-notifications] 20210308 [GitHub] [zookeeper] arshadmohammad commented on pull request #1625: ZOOKEEPER-4233: dependency-check:check failing - Jetty 9.4.35.v20201120 - CVE-2020-27223 CVE-2020-27223
MLIST:[zookeeper-notifications] 20210309 [GitHub] [zookeeper] arshadmohammad commented on pull request #1623: ZOOKEEPER-4233: dependency-check:check failing - Jetty 9.4.35.v20201120 - CVE-2020-27223 CVE-2020-27223
MLIST:[zookeeper-notifications] 20210309 [GitHub] [zookeeper] ztzg closed pull request #1624: ZOOKEEPER-4233: dependency-check:check failing - Jetty 9.4.35.v20201120 - CVE-2020-27223 CVE-2020-27223
MLIST:[zookeeper-notifications] 20210309 [GitHub] [zookeeper] ztzg closed pull request #1625: ZOOKEEPER-4233: dependency-check:check failing - Jetty 9.4.35.v20201120 - CVE-2020-27223 CVE-2020-27223
MLIST:[zookeeper-notifications] 20210309 [GitHub] [zookeeper] ztzg commented on a change in pull request #1623: ZOOKEEPER-4233: dependency-check:check failing - Jetty 9.4.35.v20201120 - CVE-2020-27223 CVE-2020-27223
MLIST:[zookeeper-notifications] 20210309 [GitHub] [zookeeper] ztzg commented on pull request #1623: ZOOKEEPER-4233: dependency-check:check failing - Jetty 9.4.35.v20201120 - CVE-2020-27223 CVE-2020-27223
MLIST:[zookeeper-notifications] 20210309 [GitHub] [zookeeper] ztzg commented on pull request #1624: ZOOKEEPER-4233: dependency-check:check failing - Jetty 9.4.35.v20201120 - CVE-2020-27223 CVE-2020-27223
MLIST:[zookeeper-notifications] 20210309 [GitHub] [zookeeper] ztzg commented on pull request #1625: ZOOKEEPER-4233: dependency-check:check failing - Jetty 9.4.35.v20201120 - CVE-2020-27223 CVE-2020-27223
MLIST:[zookeeper-notifications] 20210310 [GitHub] [zookeeper] asfgit closed pull request #1623: ZOOKEEPER-4233: dependency-check:check failing - Jetty 9.4.35.v20201120 - CVE-2020-27223 CVE-2020-27223
MLIST:[zookeeper-notifications] 20210331 [GitHub] [zookeeper] arshadmohammad closed pull request #1670: ZOOKEEPER-4272: Upgrade Netty library to > 4.1.60 due to security vulnerability CVE-2021-21295 CVE-2021-21295
MLIST:[zookeeper-notifications] 20210331 [GitHub] [zookeeper] arshadmohammad commented on pull request #1669: ZOOKEEPER-4272: Upgrade Netty library to > 4.1.60 due to security vulnerability CVE-2021-21295 CVE-2021-21295
MLIST:[zookeeper-notifications] 20210331 [GitHub] [zookeeper] arshadmohammad commented on pull request #1670: ZOOKEEPER-4272: Upgrade Netty library to > 4.1.60 due to security vulnerability CVE-2021-21295 CVE-2021-21295
MLIST:[zookeeper-notifications] 20210331 [GitHub] [zookeeper] asfgit closed pull request #1669: ZOOKEEPER-4272: Upgrade Netty library to > 4.1.60 due to security vulnerability CVE-2021-21295 CVE-2021-21295
MLIST:[zookeeper-notifications] 20210331 [GitHub] [zookeeper] ayushmantri opened a new pull request #1669: ZOOKEEPER-4272: Upgrade Netty library to > 4.1.60 due to security vulnerability CVE-2021-21295 CVE-2021-21295
MLIST:[zookeeper-notifications] 20210331 [GitHub] [zookeeper] ayushmantri opened a new pull request #1670: ZOOKEEPER-4272: Upgrade Netty library to > 4.1.60 due to security vulnerability CVE-2021-21295 CVE-2021-21295
MLIST:[zookeeper-notifications] 20210331 [GitHub] [zookeeper] eolivelli commented on pull request #1669: ZOOKEEPER-4272: Upgrade Netty library to > 4.1.60 due to security vulnerability CVE-2021-21295 CVE-2021-21295
MLIST:[zookeeper-notifications] 20210407 [GitHub] [zookeeper] arshadmohammad closed pull request #1676: ZOOKEEPER-4277: update jetty to 9.4.39 due to CVE-2021-28165 CVE-2021-28165
MLIST:[zookeeper-notifications] 20210407 [GitHub] [zookeeper] arshadmohammad commented on pull request #1675: ZOOKEEPER-4277: update jetty to 9.4.39 due to CVE-2021-28165 CVE-2021-28165
MLIST:[zookeeper-notifications] 20210407 [GitHub] [zookeeper] arshadmohammad commented on pull request #1676: ZOOKEEPER-4277: update jetty to 9.4.39 due to CVE-2021-28165 CVE-2021-28165
MLIST:[zookeeper-notifications] 20210407 [GitHub] [zookeeper] asfgit closed pull request #1675: ZOOKEEPER-4277: update jetty to 9.4.39 due to CVE-2021-28165 CVE-2021-28165
MLIST:[zookeeper-notifications] 20210407 [GitHub] [zookeeper] nkalmar commented on pull request #1675: ZOOKEEPER-4277: update jetty to 9.4.39 due to CVE-2021-28165 CVE-2021-28165
MLIST:[zookeeper-notifications] 20210407 [GitHub] [zookeeper] nkalmar edited a comment on pull request #1675: ZOOKEEPER-4277: update jetty to 9.4.39 due to CVE-2021-28165 CVE-2021-28165
MLIST:[zookeeper-notifications] 20210407 [GitHub] [zookeeper] nkalmar opened a new pull request #1675: ZOOKEEPER-4277: update jetty to 9.4.39 due to CVE-2021-28165 CVE-2021-28165
MLIST:[zookeeper-notifications] 20210407 [GitHub] [zookeeper] nkalmar opened a new pull request #1676: ZOOKEEPER-4277: update jetty to 9.4.39 due to CVE-2021-28165 CVE-2021-28165
MLIST:[zookeeper-notifications] 20210408 [GitHub] [zookeeper] arshadmohammad commented on pull request #1678: ZOOKEEPER-4278: dependency-check:check failing - netty-transport-4.1.60.Final CVE-2021-21409 CVE-2021-21409
MLIST:[zookeeper-notifications] 20210408 [GitHub] [zookeeper] asfgit closed pull request #1678: ZOOKEEPER-4278: dependency-check:check failing - netty-transport-4.1.60.Final CVE-2021-21409 CVE-2021-21409
MLIST:[zookeeper-notifications] 20210408 [GitHub] [zookeeper] ayushmantri opened a new pull request #1678: ZOOKEEPER-4278: dependency-check:check failing - netty-transport-4.1.60.Final CVE-2021-21409 CVE-2021-21409
MLIST:[zookeeper-notifications] 20210517 [GitHub] [zookeeper] gpiyush-dev opened a new pull request #1696: ZOOKEEPER-4295: Upgrade Netty library to > 4.1.60 due to security vulnerability CVE-2021-21409 in branch-3.5 CVE-2021-21409
MLIST:[zookeeper-notifications] 20210521 [GitHub] [zookeeper] maoling commented on pull request #1696: ZOOKEEPER-4295: Upgrade Netty library to > 4.1.60 due to security vulnerability CVE-2021-21409 in branch-3.5 CVE-2021-21409
MLIST:[zookeeper-notifications] 20210727 [GitHub] [zookeeper] sandipbhattacharya commented on pull request #1678: ZOOKEEPER-4278: dependency-check:check failing - netty-transport-4.1.60.Final CVE-2021-21409 CVE-2021-21409
MLIST:[zookeeper-notifications] 20210805 [GitHub] [zookeeper] ztzg commented on pull request #1734: ZOOKEEPER-4337: Bump jetty to 9.4.43.v20210629 (avoids CVE-2021-34429) CVE-2021-34429
MLIST:[zookeeper-notifications] 20210805 [GitHub] [zookeeper] ztzg commented on pull request #1735: ZOOKEEPER-4343: Bump commons-io to version 2.7 (avoids CVE-2021-29425) CVE-2021-29425
MLIST:[zookeeper-notifications] 20210805 [GitHub] [zookeeper] ztzg opened a new pull request #1734: ZOOKEEPER-4337: Bump jetty to 9.4.43.v20210629 (avoids CVE-2021-34429) CVE-2021-34429
MLIST:[zookeeper-notifications] 20210805 [GitHub] [zookeeper] ztzg opened a new pull request #1735: ZOOKEEPER-4343: Bump commons-io to version 2.7 (avoids CVE-2021-29425) CVE-2021-29425
MLIST:[zookeeper-notifications] 20210806 [GitHub] [zookeeper] nkalmar commented on pull request #1735: ZOOKEEPER-4343: Bump commons-io to version 2.7 (avoids CVE-2021-29425) CVE-2021-29425
MLIST:[zookeeper-notifications] 20210813 [GitHub] [zookeeper] eolivelli commented on a change in pull request #1735: ZOOKEEPER-4343: Bump commons-io to version 2.11 (avoids CVE-2021-29425) CVE-2021-29425
MLIST:[zookeeper-notifications] 20210813 [GitHub] [zookeeper] eolivelli commented on pull request #1735: ZOOKEEPER-4343: Bump commons-io to version 2.11 (avoids CVE-2021-29425) CVE-2021-29425
MLIST:[zookeeper-notifications] 20210813 [GitHub] [zookeeper] ztzg commented on pull request #1735: ZOOKEEPER-4343: Bump commons-io to version 2.11 (avoids CVE-2021-29425) CVE-2021-29425
MLIST:[zookeeper-notifications] 20210816 [GitHub] [zookeeper] nkalmar commented on pull request #1735: ZOOKEEPER-4343: Bump commons-io to version 2.11 (avoids CVE-2021-29425) CVE-2021-29425
MLIST:[zookeeper-notifications] 20210816 [GitHub] [zookeeper] nkalmar edited a comment on pull request #1735: ZOOKEEPER-4343: Bump commons-io to version 2.11 (avoids CVE-2021-29425) CVE-2021-29425
MLIST:[zookeeper-notifications] 20210825 [GitHub] [zookeeper] eolivelli commented on pull request #1734: ZOOKEEPER-4337: Bump jetty to 9.4.43.v20210629 (avoids CVE-2021-34429) CVE-2021-34429
MLIST:[zookeeper-notifications] 20210825 [GitHub] [zookeeper] eolivelli commented on pull request #1735: ZOOKEEPER-4343: Bump commons-io to version 2.11 (avoids CVE-2021-29425) CVE-2021-29425
MLIST:[zookeeper-notifications] 20210825 [GitHub] [zookeeper] ztzg commented on a change in pull request #1735: ZOOKEEPER-4343: Bump commons-io to version 2.11 (avoids CVE-2021-29425) CVE-2021-29425
MLIST:[zookeeper-notifications] 20210825 [GitHub] [zookeeper] ztzg commented on pull request #1734: ZOOKEEPER-4337: Bump jetty to 9.4.43.v20210629 (avoids CVE-2021-34429) CVE-2021-34429
MLIST:[zookeeper-notifications] 20210825 [GitHub] [zookeeper] ztzg commented on pull request #1735: ZOOKEEPER-4343: Bump commons-io to version 2.11 (avoids CVE-2021-29425) CVE-2021-29425
MLIST:[zookeeper-notifications] 20210825 [GitHub] [zookeeper] ztzg edited a comment on pull request #1735: ZOOKEEPER-4343: Bump commons-io to version 2.11 (avoids CVE-2021-29425) CVE-2021-29425
MLIST:[zookeeper-notifications] 20210827 [GitHub] [zookeeper] nkalmar commented on pull request #1734: ZOOKEEPER-4337: Bump jetty to 9.4.43.v20210629 (avoids CVE-2021-34429) CVE-2021-34429
MLIST:[zookeeper-notifications] 20210901 [GitHub] [zookeeper] ztzg closed pull request #1734: ZOOKEEPER-4337: Bump jetty to 9.4.43.v20210629 (avoids CVE-2021-34429) CVE-2021-34429
MLIST:[zookeeper-notifications] 20210901 [GitHub] [zookeeper] ztzg closed pull request #1735: ZOOKEEPER-4343: Bump commons-io to version 2.11 (avoids CVE-2021-29425) CVE-2021-29425
MLIST:[zookeeper-user] 20200201 Re: Zookeeper 3.5.6 supports log4j 2.x? CVE-2019-17571
MLIST:[zope-announce] 20090806 CVE-2009-0668 and CVE-2009-0669: Releases to fix ZODB ZEO server vulnerabilities CVE-2009-0668 CVE-2009-0669
MLIST:[zope-announce] 20090901 CVE-2009-2701: Releases to fix ZODB ZEO server vulnerability CVE-2009-2701
MLIST:[zope-announce] 20100112 New Zope2 releases available CVE-2010-1104
MLIST:[zope-announce] 20100901 Annoucement: Zope 2.10.12 and 2.11.7 Released CVE-2010-3198
MLIST:[zsh-workers] 20071202 difflog.pl and "security" CVE-2007-6209
MLIST:[zsh-workers] 20071203 Re: difflog.pl and "security" CVE-2007-6209
MLIST:[zulip-announce] 20170601 Zulip Server 1.5.2 released CVE-2017-0896
MLIST:[zutils-bug] 20180802 Zutils 1.8-pre2 released CVE-2018-1000637
MLIST:https://bugzilla.redhat.com/show_bug.cgi?id=1018805 CVE-2013-6499
MLIST:https://bugzilla.redhat.com/show_bug.cgi?id=1231816 CVE-2015-1850
MLIST:https://bugzilla.redhat.com/show_bug.cgi?id=1696015 CVE-2019-3892
MLIST:https://groups.google.com/d/topic/kubernetes-security-announce/kEK27tqqs30/discussion CVE-2020-8555
MLIST:https://www.juniper.net/documentation/en_US/junos/topics/topic-map/security-sip-alg.html CVE-2019-0055
MLIST:qpid-commits] 20190423 [qpid-site] branch asf-site updated: update site content for CVE-2019-0223 CVE-2019-0223
MLIST:v1.13.9, v1.14.5, v1.15.2 released to address CVE-2019-11247, CVE-2019-11249 CVE-2019-11247 CVE-2019-11249
Page Last Updated or Reviewed: June 25, 2024