proj: Open Virtual Network
subj: [vs-plain] [ADVISORY] CVE-2024-2182: Open Virtual Network: Insufficient validation of incoming BFD packets.
trep: Tue Mar 05 16:01:37 2024
cves: CVE-2024-2182
tcrd: 12-Mar-2024
toss: Tue Mar 12 14:13:02 2024
soss: [oss-security] [ADVISORY] CVE-2024-2182: Open Virtual Network: Insufficient validation of incoming BFD packets.
loss: https://www.openwall.com/lists/oss-security/2024/03/12/5

proj: curl
subj: [vs-plain] : curl pre-notification: CVE-2024-2004: Usage of disabled protocol
trep: Tue Mar 19 07:38:44 2024
cves: CVE-2024-2004
tcrd: March 27
toss: Wed Mar 27 06:53:23 2024
soss: [oss-security] [SECURITY ADVISORY] curl: CVE-2024-2004: Usage of disabled protocol
loss: https://www.openwall.com/lists/oss-security/2024/03/27/1

proj: curl
subj: [vs-plain] : curl pre-notification: CVE-2024-2379: QUIC certificate check bypass with wolfSSL
trep: Tue Mar 19 07:38:49 2024
cves: CVE-2024-2379
tcrd: March 27
toss: Wed Mar 27 06:53:29 2024
soss: [oss-security] [SECURITY ADVISORY] curl: CVE-2024-2379: QUIC certificate check bypass with wolfSSL
loss: https://www.openwall.com/lists/oss-security/2024/03/27/2

proj: curl
subj: [vs-plain] : curl pre-notification: CVE-2024-2398: HTTP/2 push headers memory-leak
trep: Tue Mar 19 07:38:56 2024
cves: CVE-2024-2398
tcrd: March 27
toss: Wed Mar 27 06:53:34 2024
soss: [oss-security] [SECURITY ADVISORY] curl: CVE-2024-2398: HTTP/2 push headers memory-leak
loss: https://www.openwall.com/lists/oss-security/2024/03/27/3

proj: curl
subj: [vs-plain] : curl pre-notification: CVE-2024-2466: TLS certificate check bypass with mbedTLS
trep: Tue Mar 19 07:39:03 2024
cves: CVE-2024-2466
tcrd: March 27
toss: Wed Mar 27 06:53:36 2024
soss: [oss-security] [SECURITY ADVISORY] curl: CVE-2024-2466: TLS certificate check bypass with mbedTLS
loss: https://www.openwall.com/lists/oss-security/2024/03/27/4

proj: util-linux
subj: [vs-plain] ANSI Escape sequence injection in wall (CVE-2024-28085)
trep: Wed Mar 20 18:40:50 2024
tcrd: March 27
toss: Wed Mar 27 15:11:25 2024
soss: [oss-security] CVE-2024-28085: Escape sequence injection in util-linux wall
loss: https://www.openwall.com/lists/oss-security/2024/03/27/5

proj: xz
subj: [vs] Easter Eggs
trep: Thu Mar 28 12:23:26 2024
cves: CVE-2024-3094
tcrd: tomorrow
toss: Fri Mar 29 16:03:34 2024
soss: [oss-security] backdoor in upstream xz/liblzma leading to ssh server compromise
loss: https://www.openwall.com/lists/oss-security/2024/03/29/4

proj: X.Org X server, Xwayland
subj: [vs-plain] Embargoed X.Org Security Advisory: Multiple issues in X servers
trep: Fri Mar 29 01:29:54 2024
cves: CVE-2024-31080, CVE-2024-31081, CVE-2024-31082, CVE-2024-31083
tcrd: April 3, 2024
toss: Wed Apr 03 18:47:44 2024
soss: [oss-security] Fwd: X.Org Security Advisory: Issues in X.Org X server prior to 21.1.12 and Xwayland prior to 23.2.5
loss: https://www.openwall.com/lists/oss-security/2024/04/03/13
tpub: Tue Mar 12 20:38:02 2024
lpub: https://debbugs.gnu.org/cgi/bugreport.cgi?bug=69762

proj: Linux
subj: [vs-plain] Skbuff null ptr derefence 0day potential LPE
trep: Fri Mar 29 10:14:05 2024
cves: CVE-2024-1086
toss: Wed Apr 10 22:51:45 2024
soss: [oss-security] CVE-2024-1086: Linux: nf_tables: use-after-free vulnerability in the nft_verdict_init() function
loss: https://www.openwall.com/lists/oss-security/2024/04/10/22
tpub: Sat Jan 20 21:50:04 2024
lpub: https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=f342de4e2f33e0e39165d8639387aa6c19dff660