"Codenomicon Lab's core focus is to empower the decision makers to provide better quality software and better quality products"
Codenomicon Labs
Advisories
Note that some of these vulnerabilities have been found by our customers individually using our tools and services. Please let us know if you know other public vulnerability advisories regarding bugs fixed using Codenomicon solutions.
2010:
Linux Kernel (with CERT-FI):
2009:
XML (several open source libraries, with CERT-FI):
- Codenomicon page on XML issues
- Press Release
- CERT-FI Advisory
- CVE-2009-3720 (libexpat in Expat 2.0.1, as used in Python, PyXML, w3c-libwww, and other software)
- CVE-2009-1885 (Apache Xerces C++ 2.7.0 and 2.8.0)
- CVE-2009-2414 (libxml2 2.5.10, 2.6.16, 2.6.26, 2.6.27, and 2.6.32, and libxml 1.8.17)
- CVE-2009-2416 (libxml2 2.5.10, 2.6.16, 2.6.26, 2.6.27, and 2.6.32, and libxml 1.8.17)
- CVE-2009-2625 (Apache Xerces2 Java, as used in Sun Java Runtime Environment (JRE) in JDK and JRE 6)
- List of affected software products and vendors includes (at least): Python Expat, Xerces C++, Libxml2, Sun Java, Xerces Java, OpenJDK, Apple, Google, OpenOffice, Sun StarOffice, Sun StarSuite, Oracle, VMware, ...
Squid (with CERT-FI):
Squid (with CERT-FI):
2008:
OpenSSL (with CERT-FI):
GnuTLS (with CERT-FI):
NetBSD (with CERT-FI):
SMB libraries:
2007:
OpenGGSN (by VTT):
2005:
Image libraries (with NISCC):
2004:
OpenSSL (with NISCC and RedHat):
Apache (with NISCC and RedHat):
