oss-security  

Messages by Thread

• [oss-security] Go 1.23.5 and Go 1.22.11 are released with 2 security fixes Alan Coopersmith
• [oss-security] [kubernetes] CVE-2024-9042: Command Injection affecting Windows nodes via nodes/*/logs/query API Vellore Rajakumar, Sri Saran Balaji
• [oss-security] Session (a fork of the Signal private messaging app) is sus Soatok Dreamseeker
• [oss-security] pam-u2f: problematic PAM_IGNORE return values in pam_sm_authenticate() (CVE-2025-23013) Matthias Gerstner
  • [oss-security] Re: pam-u2f: problematic PAM_IGNORE return values in pam_sm_authenticate() (CVE-2025-23013) Jacob Bachmeyer
  • [oss-security] Re: pam-u2f: problematic PAM_IGNORE return values in pam_sm_authenticate() (CVE-2025-23013) Matthias Gerstner
  • Re: [oss-security] pam-u2f: problematic PAM_IGNORE return values in pam_sm_authenticate() (CVE-2025-23013) Steffen Nurpmeso
  • Re: [oss-security] Re: pam-u2f: problematic PAM_IGNORE return values in pam_sm_authenticate() (CVE-2025-23013) Russ Allbery
• [oss-security] Fwd: Node.js security updates for all active release lines, January 2025 Rafael Gonzaga
• [oss-security] git: 2 vulnerabilities fixed Johannes Schindelin
• [oss-security] RSYNC: 6 vulnerabilities Nick Tait
  • Re: [oss-security] RSYNC: 6 vulnerabilities Jan Schaumann
  • Re: [oss-security] RSYNC: 6 vulnerabilities Alan Coopersmith
• [oss-security] CVE-2024-56374: Django: Potential denial-of-service vulnerability in IPv6 validation Natalia Bidart
• [oss-security] CVE-2024-45627: Apache Linkis Metadata Query Service JDBC: JDBC Datasource Module with Mysql has file read vulnerability Heping Wang
• [oss-security] CVE-2025-22828: Apache CloudStack: Unauthorised access to annotations Nux
• [oss-security] [vim-security] heap-buffer-overflow in Vim < 9.1.1003 Christian Brabandt
• [oss-security] "/bin/sh: The Biggest Unix Security Loophole" paper from 1984 Alan Coopersmith
• [oss-security] CVE-2024-45033: Apache Airflow Fab Provider: Application does not invalidate session after password change via Airflow cli Elad Kalif
• [oss-security] CVE-2024-54676: Apache OpenMeetings: Deserialisation of untrusted data in cluster mode Maxim Solodovnik
• Re: [oss-security] Linux: general protection fault in __vmx_vcpu_run with nested virtualization Greg KH
  • Re: [oss-security] Linux: general protection fault in __vmx_vcpu_run with nested virtualization Demi Marie Obenour
  • Re: [oss-security] Linux: general protection fault in __vmx_vcpu_run with nested virtualization Solar Designer
• [oss-security] iTerm2 < 3.5.11 logs input/ouput to /tmp/framer.txt on remote host Jan Schaumann
• [oss-security] Another fdroidserver AllowedAPKSigningKeys certificate pinning bypass Fay Stegerman
• [oss-security] CVE-2024-56512: Apache NiFi: Missing Complete Authorization for Parameter and Service References David Handermann
• [oss-security] CVE-2024-40896 Analysis: libxml2 XXE due to type confusion Yair Mizrahi
  • Re: [oss-security] CVE-2024-40896 Analysis: libxml2 XXE due to type confusion Solar Designer
  • Re: [oss-security] CVE-2024-40896 Analysis: libxml2 XXE due to type confusion Demi Marie Obenour
  • Re: [oss-security] CVE-2024-40896 Analysis: libxml2 XXE due to type confusion Solar Designer
• [oss-security] CVE-2024-52046: Apache MINA: MINA applications using unbounded deserialization may allow RCE Emmanuel Lécharny
• [oss-security] CVE-2024-43441: Apache HugeGraph-Server: Fixed JWT Token(Secret) Imba Jin
• [oss-security] CVE-2024-45387: Apache Traffic Control: SQL Injection in Traffic Ops endpoint PUT deliveryservice_request_comments Eric Friedrich
• [oss-security] CVE-2024-23945: Apache Hive and Spark: CookieSigner exposes the correct signature when message verification fails Stamatis Zampetakis
• [oss-security] WebKitGTK and WPE WebKit Security Advisory WSA-2024-0008 Adrian Perez de Castro
• [oss-security] Fwd: Operational Notification: BIND 9.20 defect in QPzone implementation Solar Designer
• [oss-security] CVE-2024-56337: Apache Tomcat: RCE due to TOCTOU issue in JSP compilation - CVE-2024-50379 mitigation was incomplete Mark Thomas
• [oss-security] SSSD: Weaknesses in Privilege Separation due to Issues in Privileged Helper Programs Matthias Gerstner
• [oss-security] CVE-2024-56128: Apache Kafka: SCRAM authentication vulnerable to replay attacks when used without encryption Manikumar
• [oss-security] CVE-2024-54677: Apache Tomcat: DoS in examples web application Mark Thomas
  • Re: [oss-security] CVE-2024-54677: Apache Tomcat: DoS in examples web application Agostino Sarubbo
  • Re: [oss-security] CVE-2024-54677: Apache Tomcat: DoS in examples web application Mark Thomas
• [oss-security] CVE-2024-50379: Apache Tomcat: RCE due to TOCTOU issue in JSP compilation Mark Thomas
  • Re: [oss-security] CVE-2024-50379: Apache Tomcat: RCE due to TOCTOU issue in JSP compilation Nick Boyce
• [oss-security] CVE-2024-11614: DPDK Vhost Rx checksum vulnerability Maxime Coquelin
• [oss-security] Xen Security Advisory 466 v3 (CVE-2024-53241) - Xen hypercall page unsafe against speculative attacks Xen . org security team
  • [oss-security] Re: Xen Security Advisory 466 v3 (CVE-2024-53241) - Xen hypercall page unsafe against speculative attacks David Woodhouse
  • [oss-security] Re: Xen Security Advisory 466 v3 (CVE-2024-53241) - Xen hypercall page unsafe against speculative attacks Jürgen Groß
  • Re: [oss-security] Xen Security Advisory 466 v3 (CVE-2024-53241) - Xen hypercall page unsafe against speculative attacks Solar Designer
• [oss-security] Xen Security Advisory 465 v3 (CVE-2024-53240) - Backend can crash Linux netfront Xen . org security team
• [oss-security] GStreamer 1.24.10 stable security bug-fix release Alan Coopersmith
  • [oss-security] Re: GStreamer 1.24.10 stable security bug-fix release Alan Coopersmith
• [oss-security] CVE-2024-55633: Apache Superset: SQLLab Improper readonly query validation allows unauthorized write access Daniel Gaspar
• [oss-security] Vulnerability in golang.org/x/crypto [CVE-2024-45337: misuse of ServerConfig.PublicKeyCallback may cause authorization bypass] Jan Schaumann
• [oss-security] [SECURITY ADVISORY] curl: CVE-2024-11053: netrc and redirect credential leak Daniel Stenberg
• [oss-security] CVE-2024-53949: Apache Superset: Lower privilege users are able to create Role when FAB_ADD_SECURITY_API is enabled Daniel Gaspar
• [oss-security] CVE-2024-53948: Apache Superset: Error verbosity exposes metadata in analytics databases Daniel Gaspar
• [oss-security] CVE-2024-53947: Apache Superset: Improper SQL authorisation, parse not checking for specific postgres functions Daniel Gaspar
• [oss-security] [SECURITY][ANNOUNCE] Apache Subversion 1.14.5 released Daniel Sahlberg
• [oss-security] Fwd: [Security-announce][CVE-2024-12254] Unbounded memory buffering in SelectorSocketTransport.writelines() Alan Coopersmith
• [oss-security] Django CVE-2024-53907 and CVE-2024-53908 Sarah Boyce
• [oss-security] CVE-2022-41137: Apache Hive: Deserialization of untrusted data when fetching partitions from the Metastore Stamatis Zampetakis
• [oss-security] [OSSA-2024-005] Neutron: Authorization bypassed when setting tags on Neutron networks (CVE-2024-53916) Jay Faulkner
• [oss-security] CVE-2024-45106: Apache Ozone: Improper authentication when generating S3 secrets Ethan Rose
• [oss-security] stalld: unpatched fixed temporary file use and other issues Matthias Gerstner
• [oss-security] Linux: Race can lead to UAF in net/bluetooth/sco.c: sco_sock_connect() Solar Designer
  • [oss-security] Re: Linux: Race can lead to UAF in net/bluetooth/sco.c: sco_sock_connect() Luiz Augusto von Dentz
  • [oss-security] Re: Linux: Race can lead to UAF in net/bluetooth/sco.c: sco_sock_connect() tianshu qiu
  • Re: [oss-security] Linux: Race can lead to UAF in net/bluetooth/sco.c: sco_sock_connect() Solar Designer
  • Re: [oss-security] Linux: Race can lead to UAF in net/bluetooth/sco.c: sco_sock_connect() tianshu qiu
  • Re: [oss-security] Linux: Race can lead to UAF in net/bluetooth/sco.c: sco_sock_connect() Jeroen Roovers
  • Re: [oss-security] Linux: Race can lead to UAF in net/bluetooth/sco.c: sco_sock_connect() tianshu qiu
• [oss-security] CVE-2024-52338: Apache Arrow R package: Arbitrary code execution when loading a malicious data file Dewey Dunnington
• [oss-security] tuned: local root exploit in D-Bus method instance_create and other issues in tuned >= 2.23 (CVE-2024-52336, CVE-2024-52337) Matthias Gerstner
  • Re: [oss-security] tuned: local root exploit in D-Bus method instance_create and other issues in tuned >= 2.23 (CVE-2024-52336, CVE-2024-52337) Simon McVittie
  • Re: [oss-security] tuned: local root exploit in D-Bus method instance_create and other issues in tuned >= 2.23 (CVE-2024-52336, CVE-2024-52337) Matthias Gerstner
• [oss-security] WebKitGTK and WPE WebKit Security Advisory WSA-2024-0007 Adrian Perez de Castro
• [oss-security] authentik: remote timing attack in MetricsView HTTP Basic Auth (CVE-2024-52307) Matthias Gerstner
• [oss-security] CVE-2024-51569: Apache NimBLE: Lack of input sanitization leading to out-of-bound reads in Number of Completed Packets HCI event handler Szymon Janc
• [oss-security] CVE-2024-47250: Apache NimBLE: Lack of input validation in HCI advertising report could lead to potential out-of-bound access Szymon Janc
• [oss-security] CVE-2024-47249: Apache NimBLE: Lack of input sanitization leading to out-of-bound reads in multiple advertisement handler Szymon Janc
• [oss-security] CVE-2024-47248: Apache NimBLE: Buffer overflow in NimBLE MESH Bluetooth stack Szymon Janc
• [oss-security] CVE-2024-45719: Apache Answer: Predictable Authorization Token Using UUIDv1 Enxin Xie
• [oss-security] CVE-2024-52067: Apache NiFi: Potential Insertion of Sensitive Parameter Values in Debug Log David Handermann
• [oss-security] [kubernetes] CVE-2024-10220: Arbitrary command execution through gitRepo volume Craig Ingram
• [oss-security] Local Privilege Escalations in needrestart Qualys Security Advisory
  • Re: [oss-security] Local Privilege Escalations in needrestart Mark Esler
  • Re: [oss-security] Local Privilege Escalations in needrestart Salvatore Bonaccorso
  • Re: [oss-security] Local Privilege Escalations in needrestart Jakub Wilk
• [oss-security] Fwd: wget-1.25.0 released [fixes CVE-2024-10524] Alan Coopersmith
• [oss-security] CVE-2024-31141: Apache Kafka Clients: Privilege escalation to filesystem read-access via automatic ConfigProvider Greg Harris
• [oss-security] CVE-2024-52318: Apache Tomcat: Incorrect JSP tag recycling leads to XSS Mark Thomas
• [oss-security] CVE-2024-52317: Apache Tomcat: Request/response mix-up with HTTP/2 Mark Thomas
• [oss-security] CVE-2024-52316: Apache Tomcat: Authentication bypass when using Jakarta Authentication API Mark Thomas
• [oss-security] PostgreSQL: 4 CVEs fixed in 17.1, 16.5, 15.9, 14.14, 13.17, 12.21 Solar Designer
  • Re: [oss-security] PostgreSQL: 4 CVEs fixed in 17.1, 16.5, 15.9, 14.14, 13.17, 12.21 Solar Designer
• [oss-security] CVE-2024-41151: Apache HertzBeat: RCE by notice template injection vulnerability Chao Gong
• [oss-security] CVE-2024-45791: Apache HertzBeat: Exposure sensitive token via http GET method with query string Chao Gong
• [oss-security] CVE-2024-45505: Apache HertzBeat (incubating): Exists Native Deser RCE and file writing vulnerabilities Chao Gong
• [oss-security] CVE-2024-47208: Apache OFBiz: URLs allowing remote use of Groovy expressions, leading to RCE Jacques Le Roux
• [oss-security] CVE-2024-48962: Apache OFBiz: Bypass SameSite restrictions with target redirection using URL parameters (SSTI and CSRF leading to RCE) Jacques Le Roux
• [oss-security] CVE-2024-45784: Apache Airflow: Sensitive configuration values are not masked in the logs by default Ephraim Anierobi
• [oss-security] [ANNOUNCE] Apache Traffic Server is vulnerable to specific user inputs Masakazu Kitajo
• [oss-security] CVE-2024-52533: Buffer overflow in socks proxy code in glib < 2.82.1 Alan Coopersmith
• [oss-security] CVE-2024-50386: Apache CloudStack: Directly downloaded templates can be used to abuse KVM-based infrastructure Daniel Augusto Veronezi Salvador
• [oss-security] Xen Security Advisory 464 v2 (CVE-2024-45819) - libxl leaks data to PVH guests via ACPI tables Xen . org security team
  • Re: [oss-security] Xen Security Advisory 464 v2 (CVE-2024-45819) - libxl leaks data to PVH guests via ACPI tables Demi Marie Obenour
  • Re: [oss-security] Xen Security Advisory 464 v2 (CVE-2024-45819) - libxl leaks data to PVH guests via ACPI tables Andrew Cooper
• [oss-security] 4 recent security bugs in GNOME's libsoup Alan Coopersmith
  • Re: [oss-security] 4 recent security bugs in GNOME's libsoup Alan Coopersmith
• [oss-security] CVE-2024-50378: Apache Airflow: Secrets not masked in UI when sensitive variables are set via Airflow cli Ephraim Anierobi
• [oss-security] CVE-2024-51504: Apache ZooKeeper: Authentication bypass with IP-based authentication in Admin Server Andor Molnar
• [oss-security] [SECURITY ADVISTORY] curl: CVE-2024-9681 HSTS subdomain overwrites parent cache entry Daniel Stenberg
• [oss-security] shell wildcard expansion (un)safety Solar Designer
  • Re: [oss-security] shell wildcard expansion (un)safety David A. Wheeler
  • Re: [oss-security] shell wildcard expansion (un)safety Steffen Nurpmeso
  • Re: [oss-security] shell wildcard expansion (un)safety Solar Designer
  • Re: [oss-security] shell wildcard expansion (un)safety Steffen Nurpmeso
  • Re: [oss-security] shell wildcard expansion (un)safety Steffen Nurpmeso
  • Re: [oss-security] shell wildcard expansion (un)safety Mats Wichmann
  • Re: [oss-security] shell wildcard expansion (un)safety Steffen Nurpmeso
  • Re: [oss-security] shell wildcard expansion (un)safety Solar Designer
  • Re: [oss-security] shell wildcard expansion (un)safety Steffen Nurpmeso
  • Re: [oss-security] shell wildcard expansion (un)safety lists
  • Re: [oss-security] shell wildcard expansion (un)safety Ali Polatel
  • Re: [oss-security] shell wildcard expansion (un)safety Sean Whitton
  • Re: [oss-security] shell wildcard expansion (un)safety Eli Schwartz
  • Re: [oss-security] shell wildcard expansion (un)safety Fay Stegerman
  • Re: [oss-security] shell wildcard expansion (un)safety Jakub Wilk
  • [oss-security] Re: shell wildcard expansion (un)safety Max Nikulin
  • Re: [oss-security] shell wildcard expansion (un)safety Georgi Guninski
  • Re: [oss-security] shell wildcard expansion (un)safety Dominik Czarnota
  • Re: [oss-security] shell wildcard expansion (un)safety Eli Schwartz
  • Re: [oss-security] shell wildcard expansion (un)safety Jeroen Roovers
  • Re: [oss-security] shell wildcard expansion (un)safety Fay Stegerman
• [oss-security] CVE-2024-23590: Apache Kylin: Session fixation in web interface Li Yang
• [oss-security] CVE-2024-43383: Apache Lucene.Net.Replicator: Remote Code Execution in Lucene.Net.Replicator Paul Irwin
• [oss-security] WebKitGTK and WPE WebKit Security Advisory WSA-2024-0006 Adrian Perez de Castro
• [oss-security] qBittorrent RCE, Browser Hijacking vulnerabilities Sec Guy
  • [oss-security] Re: qBittorrent RCE, Browser Hijacking vulnerabilities Eli Schwartz
• [oss-security] mpg123 buffer overflow in versions before 1.32.8 (Frankenstein's Monster) Dr. Thomas Orgis
  • Re: [oss-security] mpg123 buffer overflow in versions before 1.32.8 (Frankenstein's Monster) Marco Benatto
  • Re: [oss-security] mpg123 buffer overflow in versions before 1.32.8 (Frankenstein's Monster) Marco Benatto
  • Re: [oss-security] mpg123 buffer overflow in versions before 1.32.8 (Frankenstein's Monster) Alexander Patrakov
  • Re: [oss-security] mpg123 buffer overflow in versions before 1.32.8 (Frankenstein's Monster) Dr. Thomas Orgis
  • Re: [oss-security] mpg123 buffer overflow in versions before 1.32.8 (Frankenstein's Monster) Dr. Thomas Orgis
• [oss-security] CVE-2024-9632: X.Org X server and Xwayland: Heap-based buffer overflow privilege escalation in _XkbSetCompatMap Jose Exposito Quintana
• [oss-security] CVE-2024-36905: Linux kernel: Divide-by-zero on shutdown of TCP_SYN_RECV sockets Joel GUITTET
  • Re: [oss-security] CVE-2024-36905: Linux kernel: Divide-by-zero on shutdown of TCP_SYN_RECV sockets Jacob Bachmeyer
  • Re: [oss-security] CVE-2024-36905: Linux kernel: Divide-by-zero on shutdown of TCP_SYN_RECV sockets Solar Designer
  • Re: [oss-security] CVE-2024-36905: Linux kernel: Divide-by-zero on shutdown of TCP_SYN_RECV sockets Clemens Lang
  • RE: [oss-security] CVE-2024-36905: Linux kernel: Divide-by-zero on shutdown of TCP_SYN_RECV sockets Joel GUITTET
• [oss-security] CVE-2024-45477: Apache NiFi: Improper Neutralization of Input in Parameter Description David Handermann
• [oss-security] CVE-2024-9050: NetworkManager-libreswan IPSec VPN plugin local code execution Lubomir Rintel
• [oss-security] CVE-2024-45031: Apache Syncope: Stored XSS in Console and Enduser Francesco Chicchiriccò
• [oss-security] CVE-2024-9143: OpenSSL: Low-level invalid GF(2^m) parameters lead to OOB memory access Tomas Mraz
  • Re: [oss-security] CVE-2024-9143: OpenSSL: Low-level invalid GF(2^m) parameters lead to OOB memory access Dr. Christopher Kunz
  • Re: [oss-security] CVE-2024-9143: OpenSSL: Low-level invalid GF(2^m) parameters lead to OOB memory access Dr. Christopher Kunz
• [oss-security] CVE-2024-45217: Apache Solr: ConfigSets created during a backup restore command are trusted implicitly Houston Putman
• [oss-security] CVE-2024-45216: Apache Solr: Authentication bypass possible using a fake URL Path ending Houston Putman
• [oss-security] CVE-2024-45693: Apache CloudStack: Request origin validation bypass makes account takeover possible Daniel Augusto Veronezi Salvador
• [oss-security] CVE-2024-45462: Apache CloudStack: Incomplete session invalidation on web interface logout Daniel Augusto Veronezi Salvador
• [oss-security] CVE-2024-45461: Apache CloudStack Quota plugin: Access checks not enforced in Quota Daniel Augusto Veronezi Salvador
• [oss-security] CVE-2024-45219: Apache CloudStack: Uploaded and registered templates and volumes can be used to abuse KVM-based infrastructure Daniel Augusto Veronezi Salvador
• [oss-security] CVE-2023-50780: Apache ActiveMQ Artemis: Authenticated users could perform RCE via Jolokia MBeans Justin Bertram
• [oss-security] [kubernetes] CVE-2024-9486 and CVE-2024-9594: VM images built with Kubernetes Image Builder use default credentials Joel Smith
• [oss-security] CVE-2024-46911: Apache Roller: Weakness in CSRF protection allows privilege escalation David M. Johnson
• [oss-security] libarchive 3.7.5 released with security fixes Alan Coopersmith
• [oss-security] CVE-2024-28168: Apache XML Graphics FOP: XML External Entity (XXE) Processing Simon Steiner
• [oss-security] CVE-2024-45720: Apache Subversion: Command line argument injection on Windows platforms Stefan Sperling
• [oss-security] [vim-security] use-after-free when closing buffers in Vim < 9.1.0764 Christian Brabandt
• [oss-security] OSSA-2024-004 / CVE-2024-47211: OpenStack Ironic <26.1.1 fails to verify checksums of supplied image_source URLs when configured to convert images to raw for streaming Jay Faulkner
• [oss-security] CVE-2024-8508 in Unbound DNS server prior to 1.21.1 Alan Coopersmith
• [oss-security] CVE-2024-42415: Integer Overflow in GNOME libgsf Alan Coopersmith
  • Re: [oss-security] CVE-2024-42415: Integer Overflow in GNOME libgsf Alan Coopersmith
• [oss-security] CVE-2024-47191: Local root exploit in the PAM module pam_oath.so Johannes Segitz
  • [oss-security] Re: CVE-2024-47191: Local root exploit in the PAM module pam_oath.so Simon Josefsson
  • Re: [oss-security] CVE-2024-47191: Local root exploit in the PAM module pam_oath.so Solar Designer
  • [oss-security] Re: CVE-2024-47191: Local root exploit in the PAM module pam_oath.so Simon Josefsson
  • Re: [oss-security] CVE-2024-47191: Local root exploit in the PAM module pam_oath.so Solar Designer
  • Re: [oss-security] CVE-2024-47191: Local root exploit in the PAM module pam_oath.so Matthias Gerstner
  • Re: [oss-security] CVE-2024-47191: Local root exploit in the PAM module pam_oath.so Demi Marie Obenour
  • Re: [oss-security] CVE-2024-47191: Local root exploit in the PAM module pam_oath.so Solar Designer
  • Re: [oss-security] CVE-2024-47191: Local root exploit in the PAM module pam_oath.so Matthias Gerstner
  • Re: [oss-security] CVE-2024-47191: Local root exploit in the PAM module pam_oath.so Steffen Nurpmeso
  • Re: [oss-security] CVE-2024-47191: Local root exploit in the PAM module pam_oath.so Solar Designer
• [oss-security] cups-browsed vulnerable to DDoS amplification attack Larry Cashdollar
  • Re: [oss-security] cups-browsed vulnerable to DDoS amplification attack Peter van Dijk
  • Re: [oss-security] cups-browsed vulnerable to DDoS amplification attack Larry Cashdollar
  • Re[2]: [oss-security] cups-browsed vulnerable to DDoS amplification attack larry0
• [oss-security] PowerDNS Security Advisory 2024-04 Otto Moerbeek
• [oss-security] CVE-2024-47554: Apache Commons IO: Possible denial of service attack on untrusted input to XmlStreamReader Gary D. Gregory
• [oss-security] CVE-2024-47561: Apache Avro Java SDK: Arbitrary Code Execution when reading Avro Data (Java SDK) Martin Tzvetanov Grigorov
• [oss-security] Multiple vulnerabilities in Jenkins and Jenkins plugins Daniel Beck
  • [oss-security] Multiple vulnerabilities in Jenkins and Jenkins plugins Daniel Beck
• [oss-security] CVE-2024-45772: Apache Lucene Replicator: Deserialization of Untrusted Data Robert Muir
• [oss-security] CUPS printing system vulnerabilities Solar Designer
  • Re: [oss-security] CUPS printing system vulnerabilities Alan Coopersmith
  • Re: [oss-security] CUPS printing system vulnerabilities Solar Designer
  • Re: [oss-security] CUPS printing system vulnerabilities Zdenek Dohnal

• Earlier messages