Document Number
|
Description
|
Date
|
|
|
|
|
|
|
N0674
|
Reserved
for Minutes of Meeting 46 14-15 September 2016
|
15/09/16
|
N0673
|
TR
24772-1 reworked after pre-meeting 46 WebEx with clause 37 rework incorporated. This document has
all previous change tracking removed.
PDF
|
15/09/16
|
N0672
|
Update
of TR 24772-3 Programming Language C submitted by Clive Pygott
PDF
|
16/08/16
|
N0671
|
Draft
Minutes of Pre-Meeting 46 16 August 2016
|
01/08/16
|
N0670
|
Rewrite
of Clause 6.37 Fault Tolerance with group comments
PDF
|
16/08/16
|
N0669
|
Rewrite
of Clause 6.37 Fault Tolerance submitted by Erhard Ploedereder>
PDF
|
14/08/16
|
N0668
|
Draft
agenda pre-meeting 46 electronic meeting, 15 August 2016
2000-2200 UTC
|
01/08/16
|
N0667
|
Draft
Agenda Meeting 46, with local arrangements documents (ZIP file)
15-16 September 2016, Austrian Standards, Vienna Austria
|
01/07/16
|
N0666
|
Cross
Reference JSF Coding Rules and TR24772-1 after meeting 45
PDF
|
16/6/2016
|
N0665
|
TR
24772-3 Guidance document for language C after meeting 45
PDF
|
15/6/2016
|
N0664
|
TR
24772-1 Guidance (language independent) document after meeting 45
PDF
|
15/6/2016
|
N0663
|
Draft
Minutes Meeting 45
|
14/6/2016
|
N0662
|
Clause
seven reorganization proposal contributed by E Ploedereder
PDF
|
13/6/2016
|
N0661
|
Liaison
report to SC 22/WG 9 contributed by E. Ploedereder
PDF
|
13/6/2016
|
N0660
|
Cross
Index of JSF Rules and TR24772 contributedd by L Wagoner
PDF
|
20/5/2016
|
N0659
|
Convenor's
report to SC 22 plenary 14-15 September 2016
PDF
|
17/5/2016
|
N0658
|
TR24772-1
after pre-meeting webex for meeting 45
PDF
|
17/5/2016
|
N0657
|
Time
Vulnerabilities after pre-meeting 25 Telecom
PDF
|
16/5/2016
|
N0656
|
A
Mapping from the New Vulnerabilities to CERT Secure Coding Rules
PDF
|
16/5/2016
|
N0655
|
Draft
minutes of Meeting 45 16 April 2016
|
16/4/2016
|
N0654
|
Time
Vulnerabilities updated by Erhard Ploedereder
PDF
|
16/5/2016
|
N0653
|
Webex
information for Pre-meeting 45 telecon 16 May 2016 at 2000 UTC
|
16/4/2016
|
N0652
|
Draft
Agenda and meeting support for Meeting 45, Pisa, Italy 14-15 June
2016
|
16/4/2016
|
N0651
|
Draft
Convenor's Report for JTC 1/SC 22 Plenary 2016
PDF
|
16/4/2016
|
N0650
|
TR
24772-1 Programming Language Vulnerabilities Part 1 after meeting
44
PDF
|
16/4/2016
|
N0649
|
TR
24772-3 C Part after meeting 44
PDF
|
15/4/2016
|
N0648
|
Draft
Minutes for meeting 44 - revised
|
16/4/2016
|
N0647
|
Draft
Agenda for meeting 44 - revised
|
14/4/2016
|
N0646
|
Time
Vulnerabilities after meeting with IRTAW 18 submitted by Stephen
Michell
PDF
|
14/4/2016
|
N0645
|
TR24772-1
General Vulnerability Descriptions after ISO Training
PDF
|
15/3/2016
|
N0644
|
TR24772-1
General Vulnerability Descriptions after meeting 43
PDF
|
7/3/16
|
N0643
|
TR24772-3
C draft after meeting 43 and for submission to WG 14 for
consideration
PDF
|
7/3/16
|
N0642
|
Draft
minutes of meeting 43
|
7/3/16
|
N0641
|
TR24772-8
Fortran Draft before meeting 43
PDF
|
7/3/16
|
N0640
|
TR24772-3
before meeting 43 with CHP action items additions, submitted by
Clive Pygott
PDF
|
15/02/16
|
N0639
|
TR24772-1
before meeting 43 with top 20 submitted by Stephen Michell
PDF
|
06/03/16
|
N0638
|
TR
24772-1 after meeting 42 with top 20 included
PDF
|
8 FEnruary 2016
|
N0637
|
Complete
set of guidance to avoiding vulnerabilities after meeting 42
PDF
|
8 February 2016
|
N0636
|
Minutes
of Meeting 42 (draft) - 8 February 2016
|
8 February 2016
|
N0635
|
Agenda
Meeting 43 (draft) - 7 March 2016
|
8 February 2015
|
N0634
|
Time
Vulnerability paper submitted to IRTAW 18 by Stephen Michell
|
4/02/16
|
N0633
|
Meeting
agenda for Meeting 42 Teleconference
|
8 February 2016
|
N0632
|
Python
guidance to avoiding programming language vulnerabilities
contributed by Larry Wagoner
PDF
|
19/01/16
|
N0631
|
Clause
5 top N avoidance guideline references to vulnerabilities,
submitted by Clive Pygott
PDF
|
03/02/16
|
N0630
|
OO
vulnerability references in MISRA contributed by Clive Pygott
PDF
|
19/01/16
|
N0629
|
Aggregated
guidance rules to avoid vulnerabilities contributed by Larry
Wagoner
PDF
|
19/01/16
|
N0628
|
Spark
guidance to avoiding programming language vulnerabilities
contributed by Larry Wagoner
PDF
|
19/01/16
|
N0627
|
Ruby
guidance to avoiding programming language vulnerabilities
contributed by Larry Wagoner
PDF
|
19/01/16
|
N0626
|
PHP
guidance to avoiding programming language vulnerabilities
contributed by Larry Wagoner
PDF
|
19/01/16
|
N0625
|
Fortran
guidance to avoiding programming language vulnerabilities
contributed by Larry Wagoner
PDF
|
19/01/16
|
N0624
|
C
guidance to avoiding programming language vulnerabilities from
N0604 contributed by Larry Wagoner
PDF
|
19/01/16
|
N0623
|
Top
N Ada guidance to avoiding programming language vulnerabilities
from N0621 contributed by Larry Wagoner
PDF
|
19/01/16
|
N0622
|
TR
24772-3 C language specific vulnerabilities, after meeting 41 with
4 new vulnerabilities, submitted by Stephen Michell
PDF
|
15/01/16
|
N0621
|
Ada
top 10 guidance for TR 24772-2, edited version of N0620
PDF
|
13/01/16
|
N0620
|
Ada
top 10 guidance for TR 24772-2, submitted by Larry Wagoner
PDF
|
<12/01/16
|
N0619
|
TR
24772-1 replacement for N0618 with Links in Top 10 avoidance
mechanisms
PDF
|
|
N0618
|
TR
24772-1 Vulnerabilities main document after meeting 41
PDF
|
12/1/16
|
N0617
|
TR
24772-3 Programming Language C after meeting 41
PDF
|
12/1/16
|
N0616
|
ISO
/ IEC/JTC1/SC22/WG23 N0616 JSF AV Analysis from Erhard
PDF
|
10/1/16
|
N0615
|
Liskov
substitution rule vulnerability submitted by Erhard Ploedereder
PDF
|
9/1/16
|
N0614
|
New
OO vulnerabilities submitted by Erhard Ploedereder
PDF
|
9/1/16
|
N0613
|
Clause
3.39 rewrite submitted by Erhard Ploedereder
PDF
|
9/1/16
|
N0612
|
Draft
of TR 24772-3 (N0609) before meeting 41 including top 10 avoidance
mechanisms Contributed by Stephen Michell
PDF
|
9/1/16
|
N0611
|
Draft
of TR 24772-1 before-meeting 41 including top 10 avoidance
mechanisms contributed by Stephen Michell
PDF
|
9/1/16
|
N0610
|
Draft
Meeting Minutes of Meeting 41 11-12 January 2016
|
12/1/16
|
N0609
|
TR
24772-3 Guidance to avoiding programming language vulnerabilities:
Part 3 C submitted by David Keaton
PDF
|
7/1/16
|
N0608
|
IS
17960 Code Signing encrypted zip file
|
15/12/15
|
N0607
|
Draft
agenda for meeting 44 15-16 April 2016 Local
Arrangements Visa
request form Teleconference
Info
|
23/11/15
|
N0606
|
TR24772-1
Avoiding Programming Language Vulnerabilities after meeting 40
PDF
|
23/11/15
|
N0605
|
Section
6.39 Memory Leaks [REU] rewrite submitted by Erhard Ploedereder,
incorporated in N0606 PDF
|
23/11/15
|
N0604
|
Possible
Top ten vulnerability avoidance strategies in programming
languages after mtg 40 PDF
|
|
N0603
|
Possible
Top ten vulnerability avoidance strategies in programming
languages after mtg 40 PDF
|
23/11/15
|
N0602
|
Draft
minutes for meeting 40 23 November 2015
|
20/11/15
|
N0601
|
Draft
agenda for meeting 41 11 January 2016 Teleconference
Info
|
20/11/15
|
N0600
|
Possible
Top n vulnerability avoidance strategies in C, contributed by
Larry Wagner PDF
|
19/11/15
|
N0599
|
Possible
Top n vulnerability avoidance strategies, contributed by Larry
Wagner PDF
|
19/11/15
|
N0598
|
Possible
Top n vulnerability avoidance strategies, contributed by Larry
Wagner PDF
|
18/09/15
|
N0597
|
AI
38-09 contributed by Clive Pygott
|
21/10/15
|
N0596
|
AI
38-08 submitted by Clive Pygott
|
21/10/15
|
N0595
|
Top
Dozen coding advice for C language contributed by Larry Wagoner
PDF
|
21/10/15
|
N0594
|
Draft
agenda for meeting 40 23 November 2015
|
21/10/15
|
N0593
|
C
Language specific Part updates from David Keaton for meeting 39
PDF
|
21/10/15
|
N0592
|
Python
Part updates submitted by Santiago for Meeting 39 PDF
|
21/10/15
|
N0591
|
Draft
Minutes of Meeting 39
|
21/10/15
|
N0590
|
TR2477-1
Avoiding Programming Language Vulnerabilities after meeting 39
|
21/10/15
|
N0589
|
C
Language-specific Part before meeting 39 PDF
|
21/10/15
|
N0588
|
Final
Agenda Meeting 39 21 October 2015
|
21/10/15
|
N0587
|
New
vulnerability proposal from Clive Pygott from JSF AV 138
|
18/10/15
|
N0586
|
TR24772-3
Python Language specific Annex after meeting 38 (update of N0558)
PDF
|
18/09/15
|
N0585
|
Agenda
for Meeting 39 21 October 2015
|
21/09/15
|
N0584
|
TR24772-3
C Language specific Annex after meeting 38 (update of N0566)
PDF
|
19/09/15
|
N0583
|
TR24772-1
draft after Meeting 38 (update of N0578) PDF
|
18/09/15
|
N0582
|
Outline
for C++ language specific vulnerability annex, as of 13 Aug 2015.
|
17/09/15
|
N0581
|
Minutes
of Meeting 38 17-18 September 2015
|
18/09/15
|
N0580
|
TR24772-3
draft before meeting 38 (update of N0566)
|
15/09/16
|
N0579
|
Updated
agenda (V3) for meeting 38.
|
15/09/15
|
N0578
|
TR24772-1
draft before meeting 38 with edits for JSF and harmonizing with
TR24772-3.
|
13/09/15
|
N0577
|
Disposition
of comments on FDIS 17960
|
03/08/15
|
N0576
|
Response
to SC 27 WG 3 re comments on FDIS 17960
|
03/08/15
|
N0575
|
Draft
IS 17960 after FDIS ballot and corrections
|
03/08/15
|
N0574
|
Meeting
Minutes of Meeting 37
|
03/08/15
|
N0573
|
Results
of voting for FDIS 17960
|
03/08/15
|
N0572
|
SC
27 N15245 WG 3 recommendation to SC 27
|
30/07/15
|
N0571
|
SC
27 WG 3 N1191 Liaison Statement to WG 23
|
30/07/15
|
N0570
|
NIL
|
30/07/15
|
N0569
|
Draft
agenda for meeting 38, 17-18 September 2015, Washington, DC
|
19/07/15
|
N0568
|
Draft
agenda for meeting 37, teleconference
|
19/07/15
|
N0567
|
Local
arrangements for Meeting 38, 17-18 September 2015, Washington, DC
|
19/07/15
|
N0566
|
TR24772-3
Language Guidance for C initial draft submitted by Clive Pygott
|
03/07/17
|
N0565
|
TR24772-1
draft after meeting 36 with edits for JSF
|
28/06/15
|
N0564
|
TR24772
cross reference JSF rules after meeting 36
|
28/06/15
|
N0563
|
Outline
for C++ language specific vulnerability annex, as edited at
meeting 36.
|
28/06/15
|
N0562
|
Advice
to editors following Meeting 36 now posted as SD 0005
|
28/06/15
|
N0561
|
Draft
of TR 24772-1 after meeting 36
|
28/06/15
|
N0560
|
Draft
of TR 24772-8 Fortran following meeting 36
|
28/06/15
|
N0559
|
Minutes
of meeting 36 held 26-27 June 2015
|
28/06/15
|
N0558
|
Draft
2 of TR 24772-4 Python
|
25/06/15
|
N0557
|
Updated
draft minutes of meeting 35
|
27/06/15
|
N0556
|
Draft
of TR 24772-8 Fortran before meeting
|
25/06/15
|
N0555
|
Advice
to editors for consideration at Meeting 36
|
19/06/15
|
N0554
|
Draft
of TR 24772-3 C before meeting 36
|
06/06/15
|
N0553
|
Convenors
report sent to JTC 1/SC 22 for September plenary
|
09/06/15
|
N0552
|
Outline
for C++ language specific vulnerability annex, contributed by
Clive Pygott
|
03/06/15
|
N0551
|
Cross
Reference JSF rules to TR 24772-1, with comments from Stephen
MIchell
|
30/05/15
|
N0550
|
Agenda
for Meeting 36
|
30/05/15
|
N0549
|
Draft
of TR 24772-2 after meeting 35
|
26/05/15
|
N0548
|
Draft
of TR 24772-1 after meeting 35
|
26/05/15
|
N0547
|
Draft
Convenors report 2015 after meeting 35
|
26/05/15
|
N0546
|
JTC
1/SC 22/WG 23 Meeting 35 Minutes 26 May 2015
|
26/05/15
|
N0545
|
Invitation
from NB India to SC 27 and liaisons to 51st meeting of
SC 27 at Jaipur, India 26-30 Oct 2015
|
26/05/15
|
N0544
|
Comments
from SC 27/WG 3 on ISO IEC FDIS N17960 for consideration at next
revision
|
26/05/15
|
N0543
|
Liaison
Statement from SC 27/WG 3 to SC 22/WG 23, SC 27/WG 3 document
N1191
|
26/05/15
|
N0542
|
Resolutions
from the SC 27/WG 3 meeting in Kuching, Malasia May 4-6 2015 SC27
N15245
|
26/05/15
|
N0541
|
First
draft of TR 24772-4 Python language specific vulnerabilities
contributed by Santiago Urueña
Pascual
|
26/05/15
|
N0540
|
Cross
reference TR24772-1 with JSF coding rules, updated by Stephen
Michell
|
25/05/15
|
N0539
|
Final
Agenda for Meeting 35, 26 May 2015
|
25/05/15
|
N0538
|
Draft
TR24772-2 Ada for review at meeting 35
|
22/05/15
|
N0537
|
Draft
TR24772-1 for review at meeting 35
|
22/05/15
|
N0536
|
Advice
to Editors of Annexes, submitted by Erhard Ploedereder for Meeting
35
|
22/05/15
|
N0535
|
Draft
3 Convenors Report with changes from Erhard Ploedereder
|
20/05/15
|
N0534
|
Draft
of Convenors report for Meeting 35
|
17/05/15
|
N0533
|
Draft
Agenda Meeting 36, 26-27 June 2015
|
Apr 30, 15
|
N0532
|
Draft
Agenda Meeting 35 25 May 2015
|
Apr 30, 15
|
N0531
|
Draft
Agenda Meeting 34 (Cancelled)
|
Apr 2, 15
|
N0530
|
Draft
Minutes of Meeting 33
|
Apr 1, 15
|
N0529
|
Draft
Convenors report, with updates from Erhard Ploedereder
|
Mar 30, 15
|
N0528
|
Cross
reference TR24772-1 with JSF coding rules
|
30 March 2015
|
N0527
|
Draft
of TR24772-1 with all comments included and proposed numbering
change
|
21 March 2015
|
N0526
|
Draft
of TR24772-2 Ada for meeting 33
|
15 March 2015
|
N0525
|
Draft
Agenda Mtg 33 30 Mar 2015
|
15 Mar 2015
|
N0524
|
TR
24772-1 with all section updates submitted for meeting 33
|
13 Mar 2015
|
N0523
|
TR
24772 Rework spreadsheet following Meeting 32
|
23 Feb 2015
|
N0522
|
Draft
edits on TR 24772 V3 from David Keaton
|
23 Feb 2015
|
N0521
|
Draft
edits on TR 24772 V3 made at meeting 32
|
23 Feb 2015
|
N0520
|
Meeting
Minutes (Draft) mtg 32
|
23 Feb 2015
|
N0519
|
TR
24772 Rework spreadsheet before Meeting 32
|
22 Feb 2015
|
N0518
|
TR
24772-1 Draft document with edits by EP, SM, SU and CP
|
22 Feb 2015
|
N0517
|
Meeting
minutes mtg 31 - 27 January 2015 - updated 22 February 2015
|
22 Feb 2015
|
N0516
|
Draft
edits on TR 24772 V3 submitted by Clive Pygott
|
22 Feb 2015
|
N0515
|
Draft
edits on TR 24772 V3 submitted by Santiago Uruena Pascual
|
20 Feb 2015
|
N0514
|
Draft
edits on TR 24772 V3 submitted by Stephen Michell
|
17 Feb 2015
|
N0513
|
Draft
edits on TR 24772 V3 submitted by Erhard Ploedereder
|
15 Feb 2015
|
N0512
|
Draft
convenors report to SC 22 plenary September 2015
|
17 February 2015
|
N0511
|
Draft
Agenda Meeting 32, 23 February 2015
|
26 January 2015
|
N0510
|
Proposal
for TR24772 as a multipart document.doc
|
17 Feb 2015
|
N0509
|
TR
24772 V3 rework spreadsheet as reviewed and modified in meeting 31
2015-01-27
|
27 Jan 2015
|
N0508
|
Ada
2012 changes for TR24772 annex C from taft 2015-01
|
26 Jan 2015
|
N0507
|
Removed on request of submitter
|
26 Jan 2015
|
N0506
|
Meeting
Minutes Meeting 31 26-27 January 2015
|
27 Jan 2015
|
N0505
|
FDIS
17960 submitted to secretary
|
26 Jan 2015
|
N0504
|
Disposition
of comments for DIS 17960 Code Signing
|
26 Jan 2015
|
N0503
|
Comparison
of TR24772 V3 and Ada annex for TR V2 from Erhard Ploedereder
|
25 Jan 2015
|
N0502
|
TR
24772 V3 rework Spreadsheet from S. Michell 22 Jan 2015
|
22Jan2015
|
N0501
|
Draft
agenda for meeting 31, Houston, Texas 26-27 Jan 2015
|
9 Jan 2015
|
N0500
|
Disposition
of comments on DIS 17960
|
10 Nov 2014
|
N0499
|
Minutes
of Meeting 30 held 10 November 2014.
|
10 Nov 2014
|
N0498
|
Draft
agenda for meeting 30 (teleconference) 10 November 2014.
|
1 Nov 2014
|
N0497
|
Consolidated
Comments on DIS 17960 Source Code Signing in Excel format.
|
24 Oct 2014
|
N0496
|
Presentation
to SC 27/WG 3 and 4 on WG 23 activities Given by Stephen
Michell and Tatsuaki Takebe as part of liaison activity
|
21/10/14
|
N0495
|
Collated
comments on DIS 17960 Source Code Signing
|
21/10/14
|
N0494
|
Summary
of voting on DIS 17960 Source Code Signing
|
21/10/14
|
N0493
|
Minutes
of Meeting 29 (Draft)
|
21/10/14
|
N0492
|
Updated
Action Item Log
|
21/10/14
|
N0491
|
Draft
agenda for meeting 29 on 10 October 2014 contributed by convenor.
|
21/09/14
|
N0490
|
Draft
revised convenors report for comment at meeting 29 submitted by
convenor.
|
21/09/14
|
N0489
|
Log
of all action items kept as standing document on old web site as
of September 2014.
|
21/09/14
|
N0488
|
SC
22 plenary meeting report including resolutions submitted by SC 22
secretary
|
03/10/14
|
N0487
|
US
letter relinquishing convenorship of WG 23
|
15/09/14
|
N0486
|
Convenors
proposed report v7 submitted by Tom Plum
|
08/08/14
|
N0485
|
Spreadsheet
capturing work needed for the revision of TR24772 for version 3 -
21 Aug 2014 version
|
21/08/14
|
N0484
|
Draft
Minutes of meeting 28
|
07/08/14
|
N0483
|
Convenors
proposed report v5 submitted by Tom Plum
|
07/08/14
|
N0482
|
Convenors
proposed report v3 submitted by Tom Plum
|
07/08/14
|
N0481
|
Spreadsheet
capturing work needed for the revision of TR24772 for version 3 -
23 July 2014 version
|
23/07/14
|
N0480
|
Spreadsheet
capturing work needed for the revision of TR24772 for version 3 -
20 July 2014 version
|
20/07/14
|
N0479
|
Spreadsheet
capturing work needed for the revision of TR24772 for version 3 18
July 2014 version
|
18/07/14
|
N0478
|
Preliminary
agenda for Meeting 28 (teleconferences)
|
07/08/14
|
N0477
|
Canadian
contributions to SC 22 plenary on SC 22 processes and nominating S
Michell as convenor of WG 23
|
07/08/14
|
N0476
|
Draft
Agenda for SC 22 Plenary in Madrid Spain 8-9 Sep 2014
|
04/06/14
|
N0475
|
Withdrawal
of ballot on the disbandment of WG 23.
|
21/04/14
|
N0474
|
Communication
from the JTC 1 Chair and Secretariat on requirement for WG's to
operate exclusively with technical experts.
|
21/04/14
|
N0473
|
US
Request for ballot to disband WG 23, and SC 22 ballot on same.
|
31/03/14
|
N0472
|
Appointment
of Tom Plum as Acting Convenor of ISO/IEC/JTC 1/SC 22/WG 23
Programming Language Vulnerabilities
|
19/02/14
|
N0471
|
US
Endorsement of Tom Plum for Convenor of ISO/IEC/JTC 1/SC 22/WG 23
Programming Language Vulnerabilities
|
11/02/14
|
N0470
|
DIS
Ballot document for IS 17960
|
18/04/14
|
N0469
|
Summary
of voting for CD 2 of 17960, [pdf]
|
2013-10-10
|
N0468
|
Postponement
of SC 22/WG 23 Teleconference
|
2013-09-23
|
N0467
|
Disposition
of Comments on CD17960 [doc, pdf]
|
2013-09-23
|
N0466
|
Meeting
Record: Meeting #27, 19-20 September 2013 [html]
|
2013-08-14
|
N0465
|
Resolution
of Japanese comments for 17969 CD ballot [pdf]
|
2013-08-14
|
N0464
|
Resolution
of UK comments for 17969 CD ballot [pdf]
|
2013-08-14
|
N0463
|
Committee
Working Draft of IS 17960 [pdf]
|
2013-08-14
|
N0462
|
Agenda:
Meeting #27 on Programming Language Vulnerabilities, September
2013 [html]
|
2013-08-14
|
N0461
|
Working
draft of third revision of TR 24772 August 2013 [pdf]
|
2013-07-21
|
N0460
|
Business
Plan and Convener's Report [for forthcoming SC 22 plenary],
contributed by convener [pdf]
|
2013-06-28
|
N0459
|
Preliminary
agenda, Meeting #27 [html]
|
2013-06-11
|
N0458
|
Recommendations
from section 6.x.5, contributed by Larry Wagoner [doc, pdf]
|
2013-06-11
|
N0457
|
Comments
on N0454, contributed by Clive Pygott [pdf]
|
2013-06-11
|
N0456
|
Draft
minutes, Meeting #26 [html]
|
2013-06-03
|
N0455
|
Editor's
report for 17960, Code Signing for Source Code [pdf]
|
2013-06-03
|
N0454
|
Committee
draft of 17960, Code Signing for Source Code [pdf]
|
2013-06-03
|
N0453
|
Baseline
working draft for preparation of Edition 3 of TR 24772 [pdf],
contributed by the editor
|
2013-05-24
|
N0452
|
Revision
of SC 22 N 4805 Logistical Information SC 22 Plenary 2013,
contributed by WG23 convener [pdf]
|
2013-05-02
|
N0451
|
Preliminary
Agenda, Meeting #25 of WG23, 13-15 June 2013, Berlin [html]
|
2013-05-02
|
N0450
|
Working
draft, TR 24772, edition 3 [pdf]
|
2013-05-02
|
N0449
|
Representation
issues in file transfers, UK contribution [pdf]. See N0447
|
2013-04-10
|
N0448
|
JISC
Comments on CD 17960 [pdf]
|
2013-04-10
|
N0447
|
UK
Comments on CD 17960 [pdf]. Also see N0449
|
2013-04-10
|
N0446
|
Ballot
Results for CD 17960 [pdf]
|
2013-03-18
|
N0445
|
Updated
guidelines for publicity, contributed by convener [pdf]
|
2013-03-18
|
N0444
|
Use
of unchecked data from an uncontrolled or tainted source,
contributed by convener [doc, pdf]
|
2013-03-18
|
N0443
|
Guidelines
for publicity, contributed by convener [pdf]
|
2013-03-18
|
N0442
|
Fortran
language annex [pdf]
|
2013-03-18
|
N0441
|
Draft
minutes, Meeting #25, contributed by convener [html]
|
2013-03-04
|
N0440
|
Vulnerabilites
Analysis by Matt Bishop, contributed by convener [pdf]
|
2013-03-04
|
N0439
|
Fundamental
Vulnerabilities by Larry Wagoner, contributed by Larry Wagoner
[pdf]
|
2013-03-04
|
N0438
|
Proposed
new vulnerability on tainted sources, contributed by Clive Pygott
[pdf]
|
2013-02-18
|
N0437
|
Logistics
information for the WG23 meeting, 6/8-10/2013, Berlin [pdf]
|
2013-03-18
|
N0436
|
ISO/IEC
TR 24772, Edition 2, as submitted to ITTF for publication [zip].
(This is an encrypted file. Contact the convener for the password
if needed.) The published 24772, Edition 2 is freely available
here.
|
2013-01-31
|
N0435
|
Preliminary
Agenda: Meeting #25, 13-15 March 2013 [html]
|
2013-01-17
|
N0434
|
CD
Ballot draft, 17960, Information Technology-Programming languages,
their environments and system software interfaces-Code Signing for
Source Code [pdf]
|
2012-12-17
|
N0433
|
Revision
of proposed new vulnerabilities, Replaces N0429
|
2012-12-13
|
N0432
|
Draft
Minutes, Meeting #24, 12-14 December 2012 [html]
|
2012-11-19
|
N0431
|
Revised
working draft of 17960, Code Signing for Source Code, contributed
by convener [pdf]
|
2012-10-18
|
N0430
|
Preliminary
Agenda: Meeting #24,12-14 December 2012 [html]
|
2012-10-18
|
N0429
|
Proposed
New Vulnerabilities, replaced by N0433
|
2012-09-29
|
N0428
|
Balloting
results of PDTR2 of 24772 2nd edition [pdf]
|
2012-10-04
|
N0427
|
DTR
ballot draft of 24772 2nd edition [pdf]
|
2012-09-29
|
N0426
|
Comments
on TR24772, contributed by Tatsuaki Takebe [pdf]
|
2012-09-15
|
N0425
|
Resolutions
of comments for [N0416] (informal UK comments) [xlsx]
|
2012-09-15
|
N0424
|
Comments
on CA-02 of [N0418], Steve Michell [html]
|
2012-09-15
|
N0423
|
Correspondence
with Kevin Coyne on UK comments on Python Annex [pdf]
|
2012-09-15
|
N0422
|
Comments
on [N0417], Clive Pygott [pdf]
|
2012-09-15
|
N0421
|
Resolutions
of comments for PDTR 24772.2 [pdf]
|
2012-09-15
|
N0420
|
Draft
minutes for meeting #23 [html]
|
2012-09-15
|
N0419
|
CWE
SANS 25 compared to PDTR 24772.2, Tatsuaki Takebe [pdf]
|
2012-09-12
|
N0418
|
Comments
informally received from Canada on [N0410], [doc]
|
2012-09-12
|
N0417
|
Comments
informally received from Japan on [N0410], [doc]
|
2012-08-27
|
N0416
|
Comments
informally received from UK on [N0410], contributed by Pygott
[xlsx]
|
2012-07-28
|
N0415
|
Agenda,
Meeting #23, 12-14 September 2012, Geneva, Switzerland,
contributed by convener [html]
|
2012-07-28
|
N0414
|
Business
Plan and Convener's Report [for forthcoming SC 22 plenary],
contributed by convener [pdf]
|
2012-07-18
|
N0413
|
Logistics
for WG 23 meeting #25, contributed by the convener [html]
|
2012-07-09
|
N0412
|
Corrected
disposition of comments on PDTR 24772, contributed by secretary
replaces N0403
|
2012-07-09
|
N0411
|
Proposed
annex for PHP language, contributed by Kevin Coyne, replaces N0407
|
2012-07-09
|
N0410
|
PDTR-2
draft of 24772, Edition 2, replaces N0389
|
2012-07-09
|
N0409
|
PDTR-2
draft of 24772, Edition 2 with change bars, replaces N0388
|
2012-06-22
|
N0408
|
Proposal
to merge XZI and FLC, contributed by Plum, Benito and Keaton
[docx, pdf]
|
2012-06-21
|
N0407
|
Proposed
Annex for PHP Language, marked up by Meeting 22, replaced by N0411
|
2012-06-22
|
N0406
|
Reserved
for Python Clarifications and Edits v03, contributed by Kevin
Coyne [docx, pdf]
|
2012-06-21
|
N0405
|
Python
Clarifications and Edits v00, contributed by Kevin Coyne [docx,
pdf]
|
2012-06-22
|
N0404
|
Cancelled
|
2012-06-22
|
N0403
|
Disposition
of comments on PDTR 24772, replaces N0397, replaced by N0412,
Cancelled
|
2012-06-20
|
N0402
|
Comments
on PDTR, contributed by Takabe-san [doc, pdf]
|
2012-06-22
|
N0401
|
Minutes,
Meeting 22, 20-22 June 2012, Stuttgart,]
|
2012-06-18
|
N0400
|
Agenda,
Meeting 22, 20-22 June 2012, Stuttgart, replaces N0375
|
2012-05-30
|
N0399
|
Revised
Working draft 17960, Code Signing for Source Code,rerplaces N0394
|
2012-05-20
|
N0398
|
Draft
of possible PHP annex, replaces N0393
|
2012-04-28
|
N0397
|
Results
of Balloting on PDTR 24772 (N0389): Collated comments, replaced by
N0403
|
2012-04-26
|
N0396
|
Result
of Voting on SC 22 N 4704 (see N0389), ISO/IEC PDTR 24772
|
2012-04-04
|
N0395
|
Logistics,
Meeting 23, 12-14 September 2012, Geneva, Switzerland, colocated
with SC 22 plenary: all information [pdf]; general information
[docx]; booking form for Hotel Manotel Royale [docx, pdf]; booking
form for Hotel Warwic
|
2012-04-03
|
N0394
|
Meeting
21 Markup of Working draft 17960, Code Signing for Source Code,
replaces N0390, replaced by N0399
|
2012-03-28
|
N0393
|
Proposed
Annex for PHP Language, replaced by N0398
|
2012-04-03
|
N0392
|
Minutes:
Meeting 21, 28 - 30 March 2012, Ottawa, Canada [html]
|
2012-03-20
|
N0391
|
[Corrected]
Results of Voting on SC 22 N 4968 (WG23 N0379), New Work Item
Proposal on ... Code Signing for Source Code (SC22 N4719),
contributed by SC 22 Secretariat [pdf]
|
2012-03-19
|
N0390
|
Working
draft 17960, Code Signing for Source Code, see N0379, replaced by
N0394
|
2012-01-20
|
N0389
|
PDTR
draft of 24772, Edition 2, without change bars, replaces N0378,
results in N0396 and N0397, replaced by N0410
|
2012-01-20
|
N0388
|
PDTR
draft of 24772, Edition 2, with change bars, replaces N0378,
results in N0396 and N0397, replaced by N0410
|
2012-01-12
|
N0387
|
CANCELLED
and replaced by [N0389]
|
2012-01-15
|
N0386
|
CANCELLED
and replaced by [N0388]
|
2012-01-15
|
N0385
|
Proposed
rewrite of Ruby.52, contributed by Jim Moore [docx, pdf]
|
2012-01-08
|
N0384
|
Draft
language-specific annex for SPARK, replaces N0382
|
2012-01-08
|
N0383
|
Preliminary
working draft, "Core Enterprise Security Application
Programming Interface", contributed by Larry Wagoner [docx,
pdf]
|
2011-12-17
|
N0382
|
SPARK
annex, contributed by SC22/WG9, replaces N0281, replaced by N0384
|
2011-12-17
|
N0381
|
Proposed
conceptual clusters for definitions, contributed by Clive Pygott
[xls]
|
2011-12-17
|
N0380
|
Day
of Meeting Agenda: Meeting number 21, 28 - 30 March 2012, Ottawa,
Canada
|
2012-03-26
|
N0379
|
Submitted
New Work Item Proposal and Preliminary Working Draft for Code
Signing, see N0390 and N0391
|
2011-12-12
|
N0378
|
markup
of N0376 in meeting number 20, replaces N0376, replaced by N0388
and N0389
|
2011-12-17
|
N0377
|
Minutes
of Meeting #20 [html]
|
2011-12-17
|
N0376
|
Revised
Baseline draft of 24772, Ed 2, contributed by editor, replaces
N0352, replaced by N0378
|
2011-12-02
|
N0375
|
Preliminary
Agenda, Meeting 22, 20-22 June 2012, Stuttgart, replaced by N0400
|
2011-11-23
|
N0374
|
Logistics,
Meeting 22, 20-22 June 2012, Stuttgart, Germany, contributed by
Erhard Ploedereder [html]
|
2011-11-05
|
N0373
|
Preliminary
Agenda, Meeting 21, 28-30 March 2012, Ottawa, Canada [html]
|
2011-11-01
|
N0372
|
Proposed
Python annex, contributed by Kevin Coyne, replaces N0362
|
2011-11-01
|
N0371
|
Preliminary
agenda, Meeting #20, 14-16 December, Washington DC, USA [html]
|
2011-11-01
|
N0370
|
Logistics,
Meeting #21, 28-30 March 2012, Ottawa, Ontario, Canada,
contributed by Steve Michell [html](with editorial corrections)
|
2011-11-23
|
N0369
|
Final
Meeting number 19 markup of Further Revised Proposal for
Concurrency Vulnerability Descriptions, replaces N0368
|
2011-10-05
|
N0368
|
Meeting
19 markup of Further Revised Proposal for Concurrency
Vulnerability Descriptions, replaces N0367, replaced by N0369
|
2011-10-04
|
N0367
|
Further
Revised Proposal for Concurrency Vulnerability Descriptions,
replaces N0360, replaces N0368
|
2011-10-03
|
N0366
|
Meeting
19 markup of proposed revision to sub-clause 4.3, replaces N0365
|
2011-10-03
|
N0365
|
Proposed
revision to Sub-clause 4.3 to describe language annexes,
contributed by Jim Moore, replaced by N0366
|
2011-10-01
|
N0364
|
Meeting
Notes, SC 22 Plenary Meeting, 19-20 September 2011, contributed by
Jim Moore [docx, pdf]
|
2011-09-20
|
N0363
|
Minutes,
Meeting 19, 3-5 October 2011
|
2011-10-05
|
N0362
|
Revised
Python Annex, contributed by Kevin Coyne, replaces N0347, replaced
by N0372
|
2011-09-26
|
N0361
|
Comments
on C Annex, contributed by Joyce Tokar
|
2011-09-30
|
N0360
|
Revised
Proposal for Concurrency Vulnerability Descriptions, replaces
N0345, replaced by N0367
|
2011-09-30
|
N0359
|
Revised
preliminary working draft for code signing, contributed by Larry
Wagoner, replaces by N0357
|
2011-09-11
|
N0358
|
Presentation
for SC22 plenary regarding code signing, contributed by Jim Moore
[pptx, pdf]
|
2011-09-07
|
N0357
|
Revised
preliminary working draft for code signing, contributed by Larry
Wagoner, replaces N0318, replaced by N0359
|
2011-09-07
|
N0356
|
Revised:
Preliminary Agenda, Meeting 19, contributed by convene, Replaces
N0355
|
2011-09-01
|
N0355
|
Preliminary
Agenda, Meeting 19, contributed by convener [html]
|
2011-08-08
|
N0354
|
Preliminary
Agenda, Meeting 23, contributed by convener [html]
|
2011-07-30
|
N0353
|
Business
Plan and Convener's Report, prepared for SC 22 plenary meeting, by
John Benito [pdf]
|
2011-07-30
|
N0352
|
Revised
Baseline draft of 24772, Ed 2, contributed by editor [
|
2011-07-19
|
N0351
|
Logistics
for Meeting 20, contributed by Jim Moore
|
2011-07-09
|
N0350
|
Meeting
#18 markup of Review of draft Ruby annex , Replaces N0349
|
2011-06-20
|
N0349
|
Review
of draft Ruby annex [N0331], prepared by Michael Walsh,
contributed by Jim Moore, replaced by N0350
|
2011-06-20
|
N0348
|
Draft
SQL annex, prepared by Jim Johnson [docx, pdf]
|
2011-06-20
|
N0347
|
Draft
Python annex, prepared by Kevin Coyne, replaced by N0362
|
2011-06-20
|
N0346
|
Presentation
prepared for 2011 Ada Connections Conference, contributed by Larry
Wagoner and revised by Meeting #18 [pptm]
|
2011-06-20
|
N0345
|
Meeting
18 Markup of Concurrency Vulnerability Descriptions, replaces
N0377, replaced by N0360
|
2011-06-19
|
N0344
|
Meeting
18 Markup of Baseline draft of 24772, Ed 2, replaces N0338,
replaced by N0352
|
2011-06-19
|
N0343
|
Meeting
18 Markup of Proposed changes to Clause 6 introduction, replaces
N0336
|
2011-06-19
|
N0342
|
Meeting
#18 Markup of Editor's Responses [N0340] to Comments from MISRA L
on DTR 24772 (N0250), replaces N0340
|
2011-06-19
|
N0341
|
Revised
schedule for the preparation of TR 24772, Edition 2, contributed
by secretary, cancelled - see S0002
|
2011-06-19
|
N0340
|
Editor's
proposed disposition of comments from MISRA in response to N0250,
replaced by N0342
|
2011-06-04
|
N0339
|
Minutes
of Meeting #18 [html]
|
03/06/2011
|
N0338
|
Revised
Baseline draft of 24772, Ed 2, contributed by editor replacing
N0335, replaced by N0344
|
2011-06-02
|
N0337
|
Concurrency
vulnerability descriptions, contributed by Steve Michell, replaced
by N0345
|
2011-06-01
|
N0336
|
Proposed
change to Clause 6 introduction, contributed by Jim Moore replaced
by N0343
|
2011-05-04
|
N0335
|
Revised
Baseline draft of 24772, Ed 2, contributed by editor, replacing
N0303, replaced by N0338
|
2011-04-21
|
N0334
|
Preliminary
Agenda: Meeting 18, 19-20 June 2011, Edinburgh, UK
|
2011-04-14
|
N0333
|
Revised
schedule for the preparation of TR 24772, Edition 2, replacing
N0302, replaced by N0341
|
2011-03-27
|
N0332
|
Revised
proposal for separation of XYYreplacing N0321
|
2011-03-25
|
N0331
|
Revised
proposed annex for Ruby, contributed by James Johnson, replacing
N0320
|
2011-03-25
|
N0330
|
Meeting
17 markup of proposed revision of LAV in Ada annex, replacing
N0311
|
2011-03-25
|
N0329
|
Revised
proposed rewrite of NZN, contributed by Erhard Ploedereder ,
replacing N0312, see also N0328
|
2011-03-25
|
N0328
|
Revised
proposed rewrite of NZN, contributed by Bob Karlin, replacing
N0319, see also N0329
|
2011-03-25
|
N0327
|
Additional
meeting 17 markup of Proposed vulnerability descriptions YUK and
SUK, replacing N0324
|
2011-03-25
|
N0326
|
Meeting
17 markup of proposed rewrite of WXQ and YZS, replacing N0325
|
2011-03-25
|
N0325
|
Proposed
rewrite of WXQ and YZS, contributed by Jim Moore, replacing N0316,
replaced by N326
|
2011-03-24
|
N0324
|
Meeting
17 markup of Proposed vulnerability descriptions YUK and SUK,
contributed by secretary, replacing N0313, replaced by N0326
|
2011-03-24
|
N0323
|
Proposal
for alignment of numbering between Clauses and Annexes,
contributed by editor and secretary
|
2011-03-24
|
N0322
|
Meeting
#17 markup of Proposed vulnerability description on Inter-language
calling, replacing N0310
|
2011-03-23
|
N0321
|
Meeting
17 markup of Proposed separation of XYY into two description
(responds to action item #16-12), contributed by secretary,
replacing N0305, replaced by N0332
|
2011-03-23
|
N0320
|
Meeting
17 markup of Proposed Annex for Ruby Language, replacing N0308,
replaed by N0331
|
2011-03-23
|
N0319
|
Proposed
rewrite of NZN, contributed by Bob Karlin (doc, pdf)
|
2011-03-23
|
N0318
|
Meeting
17 markup of Strawman draft, "Code Signing for Source Code",
contributed by secretary, replacing N0317, replaced by N0357
|
2011-03-23
|
N0317
|
Strawman
draft, "Code Signing for Source Code", contributed by
Larry Wagoner, replaced by N0318
|
2011-03-23
|
N0316
|
Proposed
merger of WXQ and YZS, contributed by Beth Karlin, closes AI
16-04, replaced by N0325
|
2011-03-23
|
N0315
|
Minutes:
Meeting 17, 23-25 March 2011, Madrid, Spain
|
2011-03-25
|
N0314
|
Code
signing proof of concept, contributed by Jim Johnson [zip]
|
2011-03-11
|
N0313
|
Proposed
vulnerability descriptions YUK and SUK, contributed by Erhard
Ploedereder (Closes AI 16-06), replaced by N0324
|
2011-03-21
|
N0312
|
Proposed
revision of NZN, contributed by Erhard Ploedereder,closes AI
16-07, replaced by N0329, see also N0319
|
2011-03-21
|
N0311
|
Proposed
revision of LAV in Ada annex, contributed by Erhard Ploedereder,
closes AI 16-13, replaced by N0330
|
2011-03-21
|
N0310
|
Proposed
vulnerability description on Inter-language calling, contributed
by John Benito, replacing N0309, replaced by N0322
|
2011-03-14
|
N0309
|
Proposed
vulnerability description on Inter-language calling, contributed
by John Benito, revised by N0310
|
2011-03-11
|
N0308
|
Proposed
Annex for Ruby Language, contributed by Jim Johnson, replaced by
N0320
|
2011-03-11
|
N0307
|
Preliminary
Agenda: Meeting 17, 23-25 March 2011, Madrid, Spain
|
2011-02-18
|
N0306
|
REVISED
Result of Voting on SC 22 N 4575 - Information technology -
Programming languages, their environments and system software
interfaces - Software code signing, contributed by secretary, see
N0253
|
2011-02-15
|
N0305
|
Proposed
separation of XYY into two description (responds to action item
#16-12), contributed by Jim Moore, replaced by N0321
|
2011-02-15
|
N0304
|
Revised
draft language-specific annex for the programming language C,
contributed by editor, replaces N0295
|
2011-02-14
|
N0303
|
Revised
baseline draft of TR Edition 2, contributed by editor, replacing
N0301, replaced by N0335
|
2011-01-29
|
N0302
|
Schedule
for the preparation of TR 24772, Edition 2, contributed by
secretary, replaced by N0333
|
2010-12-17
|
N0301
|
Meeting
16 markup of baseline draft of TR Edition 2, contributed by
secretary, replacing N0286, replaced by N0303
|
2010-12-16
|
N0300
|
Proposed
changes to WXQ and YZS re volatile, contributed by Tom Plum [pdf]
|
2010-12-14
|
N0299
|
Further
revised draft language-specific annex for Java, contributed by Ben
Brosgol, replaces N0294
|
2010-12-15
|
N0298
|
Meeting
16 markup of proposed revision to XYQ, contributed by secretary,
replacing N0297
|
2010-12-15
|
N0297
|
Proposed
revision of XYQ, contributed by David Keaton, replaces N0293,
replaced by N0298
|
2010-12-15
|
N0296
|
Meeting
16 markup of draft language-specific annex for Ada, replacing
N0288
|
2010-12-15
|
N0295
|
Meeting
16 markup of draft language-specific annex for programming
language C, replacing N0287, replaced by N0304
|
2010-12-15
|
N0294
|
Revised
draft language-specific annex for Java, contributed by Ben
Brosgol, replacing N0287, replaced by N0304
|
2010-12-15
|
N0293
|
Meeting
16 markup of proposed revision to XYQ (N0290), replaced by N0297
|
2010-12-14
|
N0292
|
Meeting
16 markup of draft annex for Java (N0291), replaced by N0294
|
2010-12-14
|
N0291
|
Initial
draft language-specific annex for Java, contributed by Ben
Brosgol, replaced by N0292
|
2010-12-14
|
N0290
|
Proposed
revision of 6.26 Dead and Deactivated Code [XYQ], contributed
by David Keaton, replaced by N0293
|
2010-12-13
|
N0289
|
Minutes:
Meeting 16, ISO/IEC JTC 1/SC 22/WG 23: Programming Language
Vulnerabilities, 14-16 December 2010
|
2010-12-17
|
N0288
|
Revised
draft language-specific annex for Ada, contributed by John Benito
[docx, pdf]
|
2010-12-10
|
N0287
|
Revised
draft language-specific annex for the programming language C,
contributed by John Benito, replacing N0276 and N278, replaced by
N0295
|
2010-12-10
|
N0286
|
Baseline
working draft for preparation of Edition 2 of TR 24772,
contributed by the editor based on the results of Meeting 15,
replacing N0283 and N0282, replaced by N0301
|
2010-10-11
|
N0285
|
Publication
proof of ISO/IEC TR 24772 [encrypted zip]
|
2010-09-23
|
N0284
|
Revised
format for language-specific annexes, replacing N0271
|
2010-09-17
|
N0283
|
Proposed
baseline for the second edition of TR 24772 , revision of N0268,
replaced by N0286
|
2010-09-17
|
N0282
|
Revised
outline of vulnerabilities, incorporated into N0286
|
2010-09-16
|
N0281
|
Markup
of extract of N0275, draft language-specific annex for SPARK,
replaced by N0382
|
2010-09-16
|
N0280
|
Prototype
table summarizing vulnerabilities, contributed by Steve Michell,
in response to Action Item 14-05
|
2010-09-14
|
N0279
|
Prototype
table summarizing vulnerabilities, contributed by Jim Moore, in
response to Action Item 14-04
|
2010-09-10
|
N0278
|
Revision
of C annex portion of N0270, replaced by N0287
|
2010-09-10
|
N0277
|
Logistics:
Meeting #17, ISO/IEC JTC 1/SC 22/WG 23: Programming Language
Vulnerabilities, 23-25 March 2011, Madrid, Spain [pdf], forwarded
by convener
|
2010-09-08
|
N0276
|
Revised
draft language-specific annex for C, contributed by John Benito,
David Keaton and LarryWagoner, replacing N0259, replaced by N0287
|
2010-09-10
|
N0275
|
Draft
language-specific annex for SPARK, contributed by SC 22/WG 9, see
also N0281
|
2010-08-31
|
N0274
|
Minutes:
Meeting 15, ISO/IEC JTC 1/SC 22/WG 23: Programming Language
Vulnerabilities, 15-17 September 2010
|
2010-09-16
|
N0273
|
Proposed
draft NWIP for software security APIs, contributed by Larry
Wagoner
|
2010-08-31
|
N0272
|
Possible
new vulnerability descriptions from splitting XYR into two
descriptions, contributed by Clive Pygott (Action item 14-09)
|
2010-08-31
|
N0271
|
Revised
format for language-specific annexes, from ISO/IEC TR 24772:2010,
replaces N0217, replaced by N0284
|
2010-08-31
|
N0270
|
Possible
new vulnerability, Buffer overflow (HCB)--Language-independent and
C versions, contributed by John Benito (Action Item 14-08), see
also N0278
|
2010-08-31
|
N0269
|
Possible
new vulnerability, Unrestricted file upload (CBF), contributed by
John Benito
|
2010-08-31
|
N0268
|
Slimmer
version of 24772 proposed as the baseline for Edition 2,
contributed by Jim Moore, responding to AI 14-10, replaced by
N0283
|
2010-08-12
|
N0267
|
Revised
draft of 24772 submitted for publication [zip] (encrypted))
|
2010-07-23
|
N0266
|
Business
Plan and Convener's Report for the 2010 SC 22 plenary
|
2010-07-08
|
N0265
|
Draft
New Work Item Proposal: Software Code Signing, marked up at
meeting 14, replacing N0253
|
2010-06-30
|
N0264
|
Request
for approval of free availability for ISO/IEC TR 24772, marked up
at meeting 14, replacing N0262
|
2010-06-30
|
N0263
|
P.M.
Conmy, C. Pygott, I Bate, VHDL Guidance for Safe and Certifiable
FPGA Design, Contributed by Clive Pygott [zip]. (Because the paper
has been submitted for conference publication, it is in an
encrypted zip file.).
|
2010-06-30
|
N0262
|
Request
for approval of free availability for ISO/IEC TR 24772,
contributed by James W. Moore, replaced by N0264
|
2010-06-27
|
N0261
|
Minutes:
Meeting #14, ISO/IEC JTC 1/SC 22/WG 23: Programming Language
Vulnerabilities, 28-30 June 2010 [html]
|
2010-06-28
|
N0260
|
ISO/IEC
JTC 1/SC 27 N8780, 1st CD 29147, Information technology --
Security techniques - Vulnerability disclosure [pdf]
|
2010-06-25
|
N0259
|
Revised
draft language-specific annex for C, contributed by LarryWagoner,
replacing N0245, replaced by N0276
|
2010-06-25
|
N0258
|
Draft
language-specific annex for Ada, contributed by WG 9, replacing
N0205, replaced by N0288
|
2010-06-22
|
N0257
|
Draft
of 24772 submitted for publication (encrypted), supercedes N0238,
replaced by N0267
|
2010-06-03
|
N0256
|
Preliminary
Agenda: Meeting 16, 14-16 December 2010, San Diego, CA, USA
|
2010-05-13
|
N0255
|
Preliminary
Agenda: Meeting #15, 15-17 September, 2010, Ottawa, Canada [html]
|
2010-05-13
|
N0254
|
Logistics:
Meeting 15, ISO/IEC JTC 1/SC 22/WG 23: Programming Language
Vulnerabilities, 15-17 September 2010, Ottawa, Ontario, Canada,
contributed by Steve Michell
|
2010-05-11
|
N0253
|
Draft
New Work Item Proposal: Software Code Signing, contributed by
Larry Wagoner, replacing N0265, see N0306
|
2010-05-06
|
N0252
|
Logistics:
Meeting 16, ISO/IEC JTC 1/SC 22/WG 23: Programming Language
Vulnerabilities, 14-16 December 2010, San Diego, CA, USA
|
2010-04-21
|
N0251
|
JTC001-N-7269
Criteria for Free Availability [pdf]
|
2010-04-15
|
N0250
|
Comments
from MISRA L (see N0340), contributed by Clive Pygott
|
2010-04-15
|
N0249
|
Recommended
disposition of comments from Balloting on DTR 24772 (N0243)
|
2010-04-14
|
N0248
|
Minutes:
Meeting 13, ISO/IEC JTC 1/SC 22/WG 23: Programming Language
Vulnerabilities, 14-16 April 2010
|
2010-04-14
|
N0247
|
Liaison
Request from MISRA L to JTC1 for Category C Liaison with JTC 1/SC
22/WG 23 [pdf]. (This request was approved by JTC 1.)
|
2010-03-30
|
N0246
|
Preliminary
Agenda: Meeting 14, ISO/IEC JTC 1/SC 22/WG 23: Programming
Language Vulnerabilities, 28-30 June 2010
|
2010-03-27
|
N0245
|
Revised
draft language-specific annex for C, contributed by LarryWagoner,
replaces N0233, replaced by N0259
|
2010-03-23
|
N0244
|
Venue
information, Meeting 14, Kona, Hawaii, 28-30 June 2010,
contributed by John Benito and Tom Plum
|
2010-03-23
|
N0243
|
Results
of Balloting on DTR 24772: Collated NB comments, see N0249 for
disposition
|
2010-03-22
|
N0242
|
Hotel
arrangements, Meeting 14, Kona, Hawaii, 28-30 June 2010,
contributed by Tom Plum
|
2010-03-10
|
N0241
|
US
Delegation to Meeting 13, contributed by ANSI
|
2010-03-09
|
N0240
|
Preliminary
Agenda: Meeting 13, ISO/IEC JTC 1/SC 22/WG 23: Programming
Language Vulnerabilities, 14-16 April 2010
|
2009-11-24
|
N0239
|
Completed
disposition of all comments received in balloting of PDTR.2 24772,
replaces N0230
|
2009-11-24
|
N0238
|
Draft
of 24772 submitted to SC 22 for DTR ballot, superceding N0191,
becoming SC 22 N4505 and JTC 1 N9937].
|
2009-11-24
|
N0237
|
Logistics
for Meeting 13 of ISO/IEC JTC 1/SC 22/WG 23, Padua, Italy, 14-16
April 2010, contributed by Tullio Vardanega
|
2009-10-26
|
N0236
|
Email
from Tom Plum, 16 October 2009
|
2009-10-22
|
N0235
|
Proposed
response to NL-11, contributed by Steve Michell and revised during
Meeting 12
|
2009-10-22
|
N0234
|
Proposed
response to JP-8, contributed by Robert Karlin and revised during
Meeting 12
|
2009-10-22
|
N0233
|
Revised
draft language-specific annex for C, contributed by LarryWagoner,
replacing N0221, replaced by N0245
|
2009-10-22
|
N0232
|
Proposed
response to NL-7, contributed by Robert Seacord and revised during
meeting #12 [pdf]
|
2009-10-22
|
N0231
|
Proposed
response to UK-23, contributed by Dan Nagle and revised during
meeting #12 - [txt]
|
2009-10-22
|
N0230
|
Disposition
of technical comments received on PDTR.2 24772 (N0224), replaced
by N0239
|
2009-10-22
|
N0229
|
Revised
proposal for a vulnerability description on namespace issues,
contributed by Erhard Ploedereder , replaces N0197
|
2009-10-22
|
N0228
|
Olwen
Morgan, Programming languages - C - Designated constructs,
contributed by Steve Michell with permission of author.
|
2009-10-16
|
N0227
|
Minutes:
Meeting 12, ISO/IEC JTC 1/SC 22/WG 23: Programming Language
Vulnerabilities, 21-23 October, 2009
|
2009-10-22
|
N0226
|
A.
Burns and A.J. Wellings, Language Vulnerabilities - Let's not
forget Concurrency, contributed by Stephen Michell with
permission of authors
|
2009-10-13
|
N0225
|
Preliminary
Agenda: Meeting 12, ISO/IEC JTC 1/SC 22/WG 23: Programming
Language Vulnerabilities, 21-23 October 2009
|
2009-09-30
|
N0224
|
Corrected
results of balloting on PDTR.2 24772: Collated NB comments,
replacing N0223, disposition in N0230
|
2009-09-27
|
N0223
|
Results of
Balloting on PDTR.2 24772: Collated NB comments, cancelled and
replaced by N0224
|
2009-09-24
|
N0222
|
Telecon
Notes, WG 23, 25 August 2009, contributed by Jim Moore [pdf]
|
2009-08-25
|
N0221
|
Draft
C Annex, contributed by Larry Wagoner, replaced by N0215, replaced
by N0233
|
2009-08-24
|
N0220
|
Draft
Fortran Annex, contributed by Dan Nagle replacing N0216
|
2009-08-24
|
N0219
|
Logistics
for Meeting #12 of ISO/IEC JTC 1/SC 22/WG 23, Santa Cruz, CA,
21-23 October 2009, contributed by John Benito [pdf]
|
2009-08-15
|
N0218
|
On
Removing Programming Language Bias from the Vulnerabilities
Document, J-P Rosen, written for submission to Ada-User,
contributed by Steve Michell (Canada) [pdf]
|
2009-08-15
|
N0217
|
Revised
format for language-specific annexes, contributed by Jim Moore,
recording decisions of Meeting 11, replacing N0165 and N0193,
replaced by N0271
|
2009-07-15
|
N0216
|
Markup
of revised draft language-specific annex for Fortran replacing
N0211, replaced by N0220
|
2009-07-15
|
N0215
|
Markup
of revised draft language-specific annex for C, replacing N0210,
replaced by N0221
|
2009-07-15
|
N0214
|
Markup
of proposed description of NMP for Ada annex, replacing N0209
|
2009-07-15
|
N0213
|
Markup
of proposed description of MEM for Ada annex, replacing N0208
|
2009-07-15
|
N0212
|
Possible
design for a multi-part document, contributed by Jim Moore
|
2009-07-15
|
N0211
|
Revised
draft language-specific annex for Fortran, contributed by Dan
Nagle, replacing N0206, replaced by N0216
|
2009-07-15
|
N0210
|
Revised
draft language-specific annex for C, contributed by Larry Wagoner
replacing N0204, replaced by N0215
|
2009-07-15
|
N0209
|
Proposed
description of vulnerability NMP for Ada Annex, contributed by
Steve Michell, replaced by N0214
|
2009-07-15
|
N0208
|
Proposed
description of MEM for Ada annex, contributed by Steve Michell,
replaced by N0213
|
2009-07-15
|
N0207
|
Proposed
new vulnerability description, QVT, contributed by Dan Nagle
|
2009-07-15
|
N0206
|
Meeting
11 markup of draft language-specific annex for Fortran replacing
N0198, replaced by N0211
|
2009-07-15
|
N0205
|
Meeting
11 markup of draft language-specific annex for Ada resulting from
workshop at 2009 Ada Europe conference, replacing N0199, replaced
by N0258
|
2009-07-15
|
N0204
|
Meeting
11 markup of draft language-specific annex for C replacing N0200,
replaced by N0210
|
2009-07-15
|
N0203
|
Meeting
11 markup of proposed new vulnerability description, Overloading
and Overriding replacing N0201
|
2009-07-15
|
N0202
|
Minutes:
Meeting 11, ISO/IEC JTC 1/SC 22/WG 23: Programming Language
Vulnerabilities, 13-15 July, 2009]
|
2009-07-15
|
N0201
|
Proposed
vulnerability description, Overloading and overriding, contributed
by Erhard Ploedereder , replaced by N0203
|
2009-07-12
|
N0200
|
Draft
language-specific annex for C, contributed by Larry Wagoner
replaced by N0204
|
2009-07-06
|
N0199
|
Draft
language-specific annex for Ada resulting from workshop at 2009
Ada Europe conference, contributed by John Benito replaced by
N0205
|
2009-06-22
|
N0198
|
Draft
language-specific annex for Fortran, contributed by Dan Nagle
replacing N0145, replaced by N0206
|
2009-06-22
|
N0197
|
Proposed
vulnerability on namespace issues, contributed by Erhard
Ploedereder replaced by N0229
|
2009-06-22
|
N0196
|
Business
Plan and Convener's Report [for the 2009 SC22 plenary meeting],
contributed by convener
|
2009-06-22
|
N0195
|
Preliminary
Agenda: Meeting 11, ISO/IEC JTC 1/SC 22/WG 23: Programming
Language Vulnerabilities, 13-15 July, 2009
|
2009-06-10
|
N0194
|
SC22/WG23
Vulnerablities Meeting 11 Logistics
|
2009-06-10
|
N0193
|
Proposed
changes to Annex F resulting from workshop at Ada-Europe
Conference , see N0165, replaced by N0217
|
2009-06-22
|
N0192
|
Presentation
to workshop of Ada-Europe Conference, John Benito, June 2009
|
2009-06-10
|
N0191
|
Draft
of 24772 submitted to SC 22 for PDTR.2 ballot superceding N0170,
replaced by N0238
|
2009-06-02
|
N0190
|
Proposed
rewrite of Sub-clause 6.26, contributed by Robert Karlin
|
2009-05-05
|
N0189
|
Proposed
rewrite of Clause 5, contributed by Larry Wagoner
|
2009-05-04
|
N0188
|
Suggestion
for introductory text outlining scope limitations of first
edition, contributed by James Moore
|
2009-04-19
|
N0187
|
Completed
disposition of WG9 comments on PDTR 24772, contributed by John
Benito, revision of N0181
|
2009-05-18
|
N0186
|
Replacement
text for Subclause 5.2, as edited at Meeting #10 for N0185
|
2009-04-17
|
N0185
|
Proposed
revision of Subclause 5.2, contributed by Robert Karlin for N0185
|
2009-04-16
|
N0184
|
Completed
disposition of NB comments on PDTR 24772, contributed by John
Benito revision of N0180
|
18/05/2009
|
N0183
|
Schedule,
version 3 revision of N0167
|
2009-06-22
|
N0182
|
Four
vulnerability descriptions approved for inclusion in the next
draft of 24772 by Meeting 10, revision of N0177
|
2009-04-15
|
N0181
|
Disposition
of WG9 comments in N0174 performed during the meeting revised as
N0174
|
2009-04-17
|
N0180
|
Disposition
of NB technical comments on PDTR 24772 (N0176) performed during
Meeting 10 revised as N0184
|
2009-04-17
|
N0179
|
Draft
Minutes: Meeting 10 of ISO/IEC JTC 1/SC 22/WG 23, 15-17 April
2009, San Diego, CA
|
2009-04-17
|
N0178
|
2nd
Preliminary Agenda, Meeting 10, San Diego, CA, 15-17 April 2008,
contributed by convenerreplaces N0169
|
2009-04-13
|
N0177
|
Four
vulnerabilities recommended for inclusion in 24772 by the
editorial team revised as N0182
|
2009-04-04
|
N0176
|
Results
of Balloting on PDTR 24772: Summary of voting [pdf]; collated NB
comments disposed in N0180
|
2009-02-20
|
N0175
|
Report
of Editors' Meeting, 18 February 2009, contributed by Jim Moore:
Report [pdf]. Supplementary documents [zip]
|
2009-02-18
|
N0174
|
Liaison
comments from SC 22/WG 9 on PDTR 24774, contributed by Joyce
Tokar, Convener, SC 22/WG 9 [doc].
|
2009-02-14
|
N0173
|
Report
of Editors' Meeting, 28 January 2009, contributed by Jim Moore:
Report [pdf]. Supplementary documents [zip].
|
2009-02-14
|
N0172
|
Report
of Editors' Meeting, 12 December 2008, contributed by Jim Moore
[pdf]
|
2008-12-13
|
N0171
|
Presentation
to DHS Software Assurance Working Group, December 2008,
contributed by Jim Moore [pdf]. Narrative version, submitted to
Ada User as an article.
|
2008-12-09
|
N0170
|
Draft
of 24772 submitted to SC 22 for PDTR ballot replaced by N0181
|
2008-12-09
|
N0169
|
Preliminary
Agenda, Meeting 10, San Diego, CA, 15-17 April 2008, contributed
by convener, replaced by N0178
|
2008-12-09
|
N0168
|
Meeting
Logistics: Meeting #10, San Diego, CA, contributed by
James.W.Moore [pdf]
|
2009-04-09
|
N0167
|
Schedule,
version 2 replacing N0130, replaced by N0183
|
2008-10-22
|
N0166
|
Revised
commenting template replacing N0115
|
2008-10-06
|
N0165
|
Meeting
#9 revision of [N0144] Proposed template for language specific
annexes
|
2008-10-06
|
N0164
|
Meeting#9
revision of [N0143] New Vulnerability Descriptions Proposed by J3
(Fortran)"" [doc]
|
2008-10-06
|
N0163
|
Meeting
#9 revision of [N0152] Proposed rewrite of 7.13 of Editor's draft
of PDTR 24772 [N0138]
|
2008-10-06
|
N0162
|
Meeting
9 revision of [N0151] Proposed rewrite of 7.10 of Editor's draft
of PDTR 24772 [N0138]
|
2008-10-06
|
N0161
|
Meeting
9 revision of [N0156], 6.20 Buffer Overflow [XZB]
|
2008-10-06
|
N0160
|
Meeting
9 revision of [N0157] 6.17 Unchecked Pointer Arithmetic in Buffer
Access (XYX)
|
2008-10-06
|
N0159
|
Meeting
9 disposition of comments contained in [N0148]
|
2008-10-06
|
N0158
|
Proposed
rewrite of 6.18 of Editor's draft of PDTR 24772 [N0138],
contributed by Larry Wagoner [doc]
|
2008-10-06
|
N0157
|
Proposed
revision of 6.17 Unchecked Pointer Arithmetic in Buffer Access
(XYX), contributed by Erhard Ploedereder (see N0138)
|
2008-10-06
|
N0156
|
Proposed
revision of 6.20 Buffer Overflow [XZB], contributed by Erhard
Ploedereder (see N0138), replaced by N161
|
2008-10-06
|
N0155
|
Proposed
Vulnerability Description on Concurrency, contributed by Steve
Michell, see N0138
|
2008-10-06
|
N0154
|
Resolutions
Approved at the 22-24 September 2008 JTC 1/SC 22 Plenary in Milan,
Italy
|
2008-10-06
|
N0153
|
Minutes:
Meeting #9 of ISO/IEC JTC 1/SC 22/OWG: Vulnerability, 29 September
to 01 October, 2008 [html]
|
2008-12-09
|
N0152
|
Proposed
rewrite of 7.13 of Editor's draft of PDTR 24772 [N0138],
contributed by Larry Wagoner replaced by N0163
|
2008-09-26
|
N0151
|
Proposed
rewrite of 7.10 of Editor's draft of PDTR 24772 [N0138],
contributed by Larry Wagoner replaced by N0162
|
2008-09-26
|
N0150
|
Proposed
rewrite of 6.18 of Editor's draft of PDTR 24772 [N0138],
contributed by Larry Wagoner (see N0138)
|
2008-09-26
|
N0149
|
Comments
on the Draft of the Fortran Annex of the OWG-V TR [N0145]
contributed by Nick Mclaren (see N0145)
|
2008-09-26
|
N0148
|
2nd
version of Consolidated comments on [N0138], including comments
received as of the date issued. Replacing N0148
|
2008-09-26
|
N0147
|
2nd
Preliminary Agenda, Meeting 9 of ISO/IEC JTC 1/SC 22/OWG:
Vulnerability, Stuttgart, Germany, 29 September 2008 / 01 October
2008, replacing N0141
|
2008-09-10
|
N0146
|
Consolidated
comments on [N0138], as of the date issued. It includes comments
from Jones and Pygott., replaced by N0146
|
2008-09-10
|
N0145
|
Draft
of language-specific annex for Fortran, contributed by Dan Nagle
replaced by N0198
|
2008-09-05
|
N0144
|
Proposed
template for language specific annexes, contributed by Larry
Wagoner replaced by N0165
|
2008-09-05
|
N0143
|
New
Vulnerability Descriptions Proposed by J3 (Fortran), contributed
by Dan Nagle replaced by N0165
|
2008-08-26
|
N0142
|
Logistics,
OWGV Meeting #9, Stuttgart, Germany, 2008-09-29/10-01, contributed
by Erhard Ploedereder
|
2008-08-27
|
N0141
|
Preliminary
Agenda, Meeting 9 of ISO/IEC JTC 1/SC 22/OWG: Vulnerability,
Stuttgart, Germany, 29 September 2008 / 01 October 2008,
contributed by convener [html]
|
2008-08-26
|
N0140
|
Presentation
made by Jim Moore to ISO/IEC JTC 1/SC 22/WG 9 with slide added to
record discussion
|
2008-07-29
|
N0139
|
Presentation
made by John Benito to Military & Aerospace Electronics Forum
[pdf], 2008-04
|
2008-07-29
|
N0138
|
Editor's
draft of PDTR 24772, prepared by John Benito With Spreadsheet for
providing comments
|
2008-08-20
|
N0137
|
Business
Plan and Convener's Report, ISO/IEC JTC 1/SC 22/OWG:Vulnerability,
for 2008 SC 22 plenary,
|
2008-07-29
|
N0136
|
Results
of OWGV Editorial Meeting, 30 June to 02 July 2008, submitted by
secretary:
|
2008-07-07
|
N0135
|
Preliminary
agenda, Editorial Meeting, 30 June - 02 July 2008, submitted by
convener [pdf]
|
2008-06-10
|
N0134
|
Editor's
draft of PDTR 24772, prepared by John Benito replacing N0125,
replaced by N0138
|
2008-06-03
|
N0133
|
Template
for Language-Independent Descriptions of Vulnerabilities, Version
7 revision of N0092
|
2008-04-16
|
N0132
|
Suggested
editorial corrections to PDTR, Larry Wagoner [doc]
|
2008-04-10
|
N0131
|
Superseded
directory of vulnerabilities, as of 13 March 2008 (Posted only
for archival purposes.)
|
2008-04-10
|
N0130
|
Schedule
moving forward toward PDTR version 1 replaced by N0167
|
2008-04-10
|
N0129
|
Disposition
of consolidated comments on vulnerability descriptions, (N0127)
prepared by Secretary
|
2008-04-09
|
N0128
|
Minutes:
Meeting 8 of ISO/IEC JTC 1/SC 22/OWG: Vulnerability, 9-11 April
2008, Amsterdam, Netherlands
|
2008-04-09
|
N0127
|
Consolidated
comments on vulnerability descriptions (N0129)
|
2008-03-31
|
N0126
|
2nd
Preliminary Agenda: Meeting 8 of ISO/IEC JTC 1/SC 22/OWG:
Vulnerability, 9-11 April 2008, Amsterdam, Netherlands replacing
N0118
|
30/03/2008
|
N0125
|
Editor's
draft of PDTR 24772, prepared by John Benito replacing N0118,
replaced by N0134
|
2008-03-26
|
N0124
|
Mapping
between OWGV language vulnerabilities and the JSF, MISRA C, CERT
C, and CERT C++, Version 2, Robert Seacord replacing N0120
|
2008-03-26
|
N0123
|
Editor's
Report for Meeting #8, TR 24772 [pdf]
|
2008-03-26
|
N0122
|
Array
bounds checking bibliography, Derek Jones
|
2008-02-14
|
N0121
|
(Revised)
Forms of language specification: Examples from commonly used
computer languages Derek Jones replacing N0078
|
2008-02-14
|
N0120
|
Mapping
between OWGV language vulnerabilities and the JSF, MISRA, CERT C,
and CERT C++ rule sets, Robert Seacord, replaced by N0124
|
2008-02-14
|
N0119
|
A
new type of Working Group used for a new SC22 Working Group: OWG
Vulnerability"", John Benito, convener
|
2008-02-14
|
N0118
|
Preliminary
Agenda: Meeting 8 of ISO/IEC JTC 1/SC 22/OWG: Vulnerability, 9-11
April 2008, Amsterdam, Netherlands, replaced by N0126
|
2008-02-14
|
N0117
|
Outline
of Vulnerability Descriptions, 24 December 2007 (with assignments
for update), contributed by John Benito, replacing N0112
|
2007-12-24
|
N0116
|
Safety
considerations in programming systems, contributed by Steve
Michell [pdf]
|
2007-12-16
|
N0115
|
Commenting
spreadsheet to be used in making comments on vulnerability
descriptions, replaced by N0166
|
2007-12-15
|
N0114
|
Automatically
Generated Code, contributed by Robert Seacord
|
2007-12-15
|
N0113
|
List
of Coding Guideline Documents, contributed by Derek Jones [pdf]
|
2007-12-14
|
N0112
|
Proposed
organization of vulnerability descriptions (with annotations from
OWGV Meeting #7) , annotation of N0109, replaced by N0117
|
2007-12-14
|
N0111
|
Minutes:
Meeting 7 of ISO/JTC1/SC22/OWG: Vulnerability 12-14 December 2007,
Pittsburgh, Pennsylvania, USA
|
2007-12-15
|
N0110
|
Final
Resolutions of the 20th Plenary meeting of ISO/IEC JTC 1/SC 22,
24-28 September 2007, Singapore
|
2007-12-11
|
N0109
|
Proposed
organization of vulnerability descriptions, contributed by Larry
Wagoner, annotated as N0112
|
2007-12-13
|
N0108
|
Proposed
additions to ISO/IEC PDTR 24772, contributed by C H Pygott [pdf]
|
2007-11-28
|
N0107
|
Editor's
report, project 24772, contributed by John Benito
|
2007-11-28
|
N0106
|
Editor's
draft of PDTR 24772, prepared by John Benito replacing N0095,
replaced by N0125
|
2007-11-28
|
N0105
|
Examples
of Mapping MISRA-C Rules to COBOL, contributed by Barry Tauber
[pdf]
|
2007-11-24
|
N0104
|
Distinguishing
Criticality of Undefined Behavior, contributed by Tom Plum [html]
|
2007-11-24
|
N0103
|
Preliminary
Agenda: Meeting #7 of ISO/IEC JTC 1/SC 22/OWG: Vulnerability,
12-14 December 2007, Pittsburgh, Pennsylvania, USA [html],
prepared by convener
|
2007-11-15
|
N0102
|
Annotations
to N0099 made during Meeting 6 of OWGV annotates N0099
|
2007-10-25
|
N0101
|
John
Benito, OWG: Vulnerability,"" [pdf] presentation to
conference associated with meeting of ISO/IEC JTC 1/SC 22, 28
September 2007.
|
2007-10-15
|
N0100
|
Minutes:
Meeting #6 of ISO/JTC1/SC22/OWG: Vulnerability 1-3 October 2007,
Kona, Hawaii, USA
|
2007-10-25
|
N0099
|
Proposal
to the ISO/IEC Project 22.24772: Guidance for Avoiding
Vulnerabilities through Language Selection and Use, contributed by
Larry Wagoner [pdf]. (All of the papers's references can be
located using this website's list of [References].)
|
2007-09-29
|
N0098
|
Logistics
information for OWGV Meeting 8, Amsterdam, Netherlands [html]
|
2007-09-12
|
N0097
|
Preliminary
Agenda: Meeting 6 of ISO/JTC1/SC22/OWG: Vulnerability 1-3 October
2007, Kona, Hawaii, USA
|
2007-09-04
|
N0096
|
Logistics
information for OWGV Meeting #6, Kona, Hawaii, USA, see also
N0058.
|
2007-08-06
|
N0095
|
Editor's
draft of PDTR 24772, prepared by John Benito, submitted for PDTR
registration revising N0079, replaced by N0106
|
2007-08-06
|
N0094
|
Business
Plan and Convener's Report, ISO/IEC JTC 1/SC 22/OWG:Vulnerability
2007-07-31, contributed by John Benito [pdf]
|
2007-08-03
|
N0093
|
Proposed
vulnerabilities as of the close of Meeting #5. [This is posted
only as a snapshot of the results. For the most recent status use
the current directory of vulnerability proposals.]
|
2007-07-24
|
N0092
|
Template
for Language-Independent Descriptions of Vulnerabilities, Version
6 replacing N0072, replaced by N0133
|
2007-07-24
|
N0091
|
Definitions
agreed at Meeting 5 for use in the TR, replacing N0085
|
2007-07-24
|
N0090
|
Text
for sub-clause 1.4, as agreed at Meeting 5 replacing N0087
|
2007-07-24
|
N0089
|
Approved
Minutes of 19-20 July 2007 Meeting of ISO/IEC JTC 1/SC
22/OWG:Vulnerability (OWG:V Meeting #5), Ottawa, Canada [html].
|
2007-08-20
|
N0088
|
Liaison
Report: JSR-282 (Real-Time Specification for Java) and JSR-302
(Safety-Critical Java Technologies), Ben Brosgol
|
2007-07-16
|
N0087
|
Possible
text for sub-clause 1.4, contributed by Jim Moore, replaced by
N0090
|
2007-07-13
|
N0086
|
The
Physics of a Vulnerability, [pdf] by Bob Martin. Contributed
by Jim Moore with the permission of The MITRE Corporation.
|
2007-07-13
|
N0085
|
Definition
of Vulnerability [pdf] contribution by Ben Brosgol, replaced
by N0091
|
2007-07-12
|
N0084
|
(2nd
Revision) Proposal to the ISO/IEC Project 22.24772: Guidance for
Avoiding Vulnerabilities through Language Selection and Use;
directory of proposed vulnerability descriptions ; and cover note
-- contribution by Larry Wagoner, replacing N0073
|
2007-07-12
|
N0083
|
Comments
on "Software for Dependable Systems", contribution by
Tom Plum [html]
|
2007-07-02
|
N0082
|
James
W. Moore and Robert Seacord, Secure Coding becomes Standard
[pdf] presentation to Systems and Software Technology Conference
(SSTC), June 19, 2007. Also see related article.
|
2007-07-02
|
N0081
|
Pre-Meeting
Package, Meeting 5 -- VOIDED
|
2007-07-01
|
N0080
|
Agenda:
Meeting 5 of ISO / IEC / JTC1 / SC22/OWG: Vulnerability 18th -
20th July 2007, Ottawa, Canada
|
2007-06-30
|
N0079
|
Editor's
draft 070629 of PDTR 24772, prepared by John Benito replacing
N0074.
|
2007-06-30
|
N0078
|
(Revised)
Forms of language specification: Examples from commonly used
computer languages and directory of proposed vulnerability
descriptions from Derek M. Jones, replaces N0060
|
2007-06-30
|
N0077
|
Post-Meeting
Package, Meeting 4 [zip] -- VOIDED
|
2007-06-04
|
N0076
|
Logistics
information for OWGV Meeting 5, Ottawa, Canada
|
2007-06-01
|
N0075
|
Response
of ISO/IEC JTC 1/SC 22/OWGV to: ISO/IEC JTC 1/SC 27 N5494, JTC
1/SC 27/WG 4 Liaison Statement to JTC 1/SC 22 on Collaborative
work on Application Security""; and to ISO/IEC JTC 1/SC
27 N5482, ""Report of the Application Security meeting,
held in Glenburn Lodge (South Africa), Nov. 17th 2006""
response to N0070 and N0071
|
2007-05-10
|
N0074
|
Editor's
draft 3 of intended PDTR 24772, prepared by John Benito [pdf]
|
30/06/2007
|
N0073
|
(Revised)
Proposal to the ISO/IEC Project 22.24772: Guidance for Avoiding
Vulnerabilities through Language Selection and Use""
[pdf] and directory of proposed vulnerability descriptions
[dir, zip], personal contribution by Larry Wagoner
|
21 June 2007
|
N0072
|
Template
for Language-Independent Descriptions of Vulnerabilities, Version
5 [html]
|
2007-05-05
|
N0071
|
ISO/IEC
JTC 1/SC 27 N5494 - JTC 1/SC 27/WG 4 Liaison Statement to JTC 1/SC
22 on Collaborative work on Application Security [pdf]
|
2007-04-30
|
N0070
|
ISO/IEC
JTC 1/SC 27 N5482, Report of the Application Security meeting,
held in Glenburn Lodge (South Africa), Nov. 17th 2006""
[pdf]
|
2007-04-30
|
N0069
|
Approved
Minutes of 30 April-2 May 2007 Meeting of ISO/IEC JTC 1/SC
22/OWG:Vulnerability (OWG:V Meeting #4), Padua, Italy [html].
|
2007-04-30
|
N0068
|
Proposal
to the ISO/IEC Project 22.24772: Guidance for Avoiding
Vulnerabilities through Language Selection and Use:
Vulnerabilities to Address in CWE - Part 3"" [pdf],
personal contribution by Larry Wagoner.
|
2007-04-23
|
N0067
|
Proposal
to the ISO/IEC Project 22.24772: Guidance for Avoiding
Vulnerabilities through Language Selection and Use:
Vulnerabilities to Address in CWE,"" Part 2 [pdf],
personal contribution by Larry Wagoner
|
2007-04-18
|
N0066
|
Proposal
to the ISO/IEC Project 22.24772: Guidance for Avoiding
Vulnerabilities through Language Selection and Use [pdf], personal
contribution by Larry Wagoner
|
2007-04-11
|
N0065
|
Pre-Meeting
Package, Meeting #4 - VOID
|
2007-04-05
|
N0064
|
Ben
Brosgol and Andy Wellings, A Comparison of Ada and Real-time Java
for Safety-Critical Applications,"" contributed by Ben
Brosgol [pdf]. Posted by permission [txt].
|
2007-04-04
|
N0063
|
Agenda
for 30 April-2 May 2007 Meeting of ISO/IEC JTC 1/SC
22/OWG:Vulnerability (OWG:V Meeting #4), Padua, Italy [html]
|
2007-04-04
|
N0062
|
Vulnerability, Safety, Security, and Quality, [html] personal
contribution by Tom Plum
|
2007-04-04
|
N0061
|
Editor's
draft 2 of intended PDTR 24772, prepared by John Benito [pdf]
|
2007-04-04
|
N0060
|
Forms
of language specification: Examples from commonly used computer
languages, [pdf] contributed by Derek Jones. Permission [txt].
|
2007-04-04
|
N0059
|
Preliminary
draft of the CERT C Programming Language Secure Coding Standard
[pdf], contributed by Robert Seacord. Permission [txt]
|
2007-04-04
|
N0058
|
Hotel
registration form for Meeting #6, Kona, Hawaii [pdf].
|
2006-12-29
|
N0057r
|
Announcement
and logistics information for OWGV Meeting #4, Padua, Italy [pdf].
|
2006-12-31
|
N0056
|
Various
Versions of a Template for Language-Independent Descriptions of
Vulnerabilities [html]
|
2006-12-14
|
N0055
|
Approved
Minutes of 11-13 December 2006 Meeting of ISO/IEC JTC 1/SC
22/OWG:Vulnerability (OWG:V Meeting #3), Washington, DC [html]
|
2006-12-14
|
N0054
|
Stephen
Michell, Revisions of Vulnerabilities Issues from TR15942 [pdf]
|
2006-12-12
|
N0053
|
Pre-Meeting
Package, Meeting 3 VOID
|
2006-11-22
|
N0052
|
Agenda
for 11-13 December 2006 Meeting of ISO/IEC JTC 1/SC
22/OWG:Vulnerability (OWG:V Meeting #3), Washington, DC [html]
|
2006-11-22
|
N0051
|
Derek
Jones, Some proposed language vulnerability guidelines, 20
November 2006 [pdf]
|
2006-11-22
|
N0050
|
Derek
Jones, Expertise: Discussion of guideline related issues, 28
August 2006 [pdf]
|
2006-11-22
|
N0049
|
Brian
Wichmann, Tool assurance for predictable execution, 3 November
2006 [pdf]
|
2006-11-22
|
N0048
|
Stephen
Michell, Vulnerabilities Issues from TR15942 [pdf]. (Revised)
|
2006-12-11
|
N0047
|
Post-Meeting
Package, Meeting 2 VOID
|
2006-10-17
|
N0046
|
Meeting
information, OWG:V Meeting #3, Washington DC, 11-13 December 2006
[html]
|
2006-09-28
|
N0045
|
Jim
Moore, Meeting Report of SC22 Plenary, September 2006 [pdf]
(Corrected version)
|
2006-12-15
|
N0044
|
Vulnerability
classifications used in QinetiQ report [N0043], submitted by Clive
Pygott following Meeting #2 [pdf]
|
2006-09-19
|
N0043
|
Adam
Schofield & Clive Pygott, "A Tabulation of the
unpredictable features of the C++ language" September 2006,
QINETIQ/SDU/TIM/CR060019, submitted by Clive Pygott following
Meeting #2 [pdf]. Posted by permission [pdf]
|
2006-09-19
|
N0042
|
Corrected
and Approved Minutes of 14-15 September 2006 Meeting of ISO/IEC
JTC 1/SC 22/OWG:Vulnerability (OWG:V Meeting #2), London, UK
[html] (These minutes were approved with corrections at Meeting
#3.)
|
2006-12-14
|
N0041
|
Paul
Caseley, "Dependable software dependent systems?",
presentation at Meeting #2 [pdf]. Permission to post [htm]
|
2007-04-04
|
N0040
|
Working
draft 61106 of intended PDTR 24772 [pdf], prepared by John Benito.
|
2006-11-06
|
N0039
|
Clive Pygott,
Summary of the Discussion at the HIRTS DARP C/C++ workshop
25/4/2006, personal submission to Meeting #2 [doc]
|
2006-09-15
|
N0038
|
Clive Pygott
- Summary of DARP Workshop personal submission to Meeting #2
|
2006-09-15
|
N0037
|
Derek Jones,
Culture and Education,"" personal submission to Meeting
#2 [pdf]
|
2006-09-15
|
N0036
|
Derek Jones,
Developer beliefs about binary operator precedence,""
personal submission to Meeting #2 [pdf]
|
2006-09-15
|
N0035
|
Pre-Meeting
Package, Meeting 2 - VOID
|
2006-08-28
|
N0034
|
UK
Contribution, Proposed Base Document for OWGV [html], revised
|
2006-08-28
|
N0033
|
Derek
Jones, Culture and Formal Education Issues: Discussion and
Proposed Guidelines, personal submission [pdf]
|
2006-08-28
|
N0032
|
Brian
Wichmann, "What is Predictable Execution?", personal
submission [pdf]
|
2006-08-24
|
N0031
|
Robert
Seacord, Email dated 2006-08-22, outlining planned CERT approach
to levels, first draft of response to Action Item 01-09 [txt, jpg]
|
2006-08-22
|
N0030
|
O-IECJTC1-SC22-WG23_N0030-Proposed-Vulnerability-Description.htm">
Jim Moore, "Proposal for Vulnerability Descriptions",
Draft 1, prepared in response to Action Item 01-10 [html]
|
2006-08-08
|
N0029
|
O-IECJTC1-SC22-WG23_N0029-agenda-owg-mtg2-2006-09-14.htm">
Agenda for 14-15 September 2006 Meeting of ISO/IEC JTC 1/SC
22/OWG:Vulnerability (OWG:V Meeting #2), London, UK [html]
|
2006-08-28
|
N0028
|
Preliminary
Agenda for 14-15 September 2006 Meeting of ISO/IEC JTC 1/SC
22/OWG:Vulnerability (OWG:V Meeting #2), London, UK [html]
|
2006-08-14
|
N0027
|
Post-Meeting
Package, Meeting 1 - VOID
|
2006-07-24
|
N0026
|
Annual
Business Plan and Convener's Report, ISO/IEC JTC 1/SC22
OWG:Vulnerability [pdf]. (This document was published by SC22 as
N4078.)
|
2006-07-06
|
N0025
|
Minutes
of 26-27 June 2006 Meeting of ISO/IEC JTC 1/SC
22/OWG:Vulnerability (OWG:V Meeting #1), Washington, DC [html]
|
2006-06-29
|
N0024
|
James
W. Moore, Terms of Reference: ISO/IEC Project 22.24772, "Guidance
to Avoiding Vulnerabilities in Programming Languages through
Language Selection and Use" (Revision resulting from Meeting
#1.) [pdf]
|
2006-06-28
|
N0023
|
Robert
C. Seacord, CERT, "CERT Secure Coding Standards"
(Presented at Meeting #1 of OWGV, 27 June 2006) [pdf]
|
2006-06-26
|
N0022
|
Derek
Jones, UK, Base Document Proposal (Presented at Meeting #1 of
OWGV, 27 June 2006) [pdf]
|
2006-06-26
|
N0021
|
Stephen
Michell, Canada, "Ada's approach to Software Vulnerabilities"
(Presented at Meeting #1 of OWGV, 27 June 2006) [pdf]
|
2006-06-26
|
N0020
|
Derek
Jones, UK, Information regarding Meeting #2 of OWGV, 14-15 Sep
2006, London (Presented at Meeting #1 of OWGV, 27 June 2006) [pdf]
|
2006-06-26
|
N0019
|
Robert
A. Martin, The MITRE Corporation, "The Common Weakness
Enumeration Initiative," (Presented at Meeting #1 of
OWGV, 27 June 2006) [pdf]
|
2006-06-23
|
N0018
|
Joe
Jarzombek, US Department of Homeland Security, Considerations in
Advancing the National Strategy to Secure Cyberspace for
presentation to Meeting #1 of OWGV, 27 June 2006 [pdf]
|
27 June 2006
|
N0017
|
Robert
Seacord, Carnegie-Mellon University CERT, 'Secure Coding
Standards' (permission to post) [pdf]
|
2006-06-22
|
N0016
|
Revised
Agenda for 26-27 June 2006 Meeting of ISO/IEC JTC 1/SC
22/OWG:Vulnerability (OWG:V Meeting #1), Washington, DC [html]
|
2006-06-22
|
N0015
|
James
W. Moore, Terms of Reference: ISO/IEC Project 22.24772, "Guidance
to Avoiding Vulnerabilities in Programming Languages through
Language Selection and Use" [pdf]
|
2006-06-21
|
N0014
|
James
W. Moore, Convener's Remarks, Meeting #1 of ISO/IEC JTC 1/SC
22/OWG:V [pdf]
|
2006-06-21
|
N0013
|
ISO/IEC
TR 15942:2000, Information technology -- Programming languages --
Guide for the use of the Ada programming language in high
integrity systems [web, pdf]
|
2006-06-20
|
N0012
|
UK
Contribution, Proposed Base Document for OWGV [html]
|
2006-06-14
|
N0011
|
John
Benito, OWG: Vulnerability -- A new type of Working Group used for
a new SC22 Working Group, SC 22/WG 9 Meeting, Porto, Portugal
[pdf]
|
2006-05-15
|
N0010
|
Meeting
Announcement and Logistics for the 19-22 September 2006 JTC 1/SC
22 Plenary in London, England (cover [html], document [pdf])
|
2006-04-17
|
N0009
|
Meeting
information, OWG:V Meeting #1, Washington DC, 26-27 June 2006
[html]
|
2006-04-11
|
N0008
|
Preliminary
Agenda for 26-27 June 2006 Meeting of ISO/IEC JTC 1/SC
22/OWG:Vulnerability (OWG:V Meeting #1), Washington, DC [html]
|
2006-04-13
|
N0007
|
Disposition
of Comments for SC22 N3913, "New Work Item Proposal for
Guidance to Avoiding Vulnerabilities in Programming Languages
through Language Selection and Use" [html]. (This
document was published by SC22 as N4027.)
|
2006-03-13
|
N0006
|
James
W. Moore, A New Standards Project on "Avoiding Programming
Language Vulnerabilities", SC 22/WG 14 Meeting, Berlin,
Germany [pdf]
|
1 March 2003
|
N0005
|
James
W. Moore, A New Standards Project on "Avoiding Programming
Language Vulnerabilities", SIGAda Conference and SC 22/WG
9 Meeting, Atlanta, GA [pdf]
|
2005-11-17
|
N0004
|
James
W. Moore, "Moving Forward" - -report to the SC22 High
Integrity Study Group Mailer [pdf],
|
2005-10-06
|
N0003
|
Excerpts
of SC 22 N 3989, "Resolutions Prepared at the Eighteenth
Plenary Meeting of ISO/IEC JTC 1/SC 22, 30 September-2 October
2005, Mont Tremblant, Canada" [pdf]
|
2 October 2005
|
N0002
|
SC22 N3990
Summary of Voting for SC 22 N 3913, New Work Item Proposal for
Guidance to Avoiding Vulnerabilities in Programming Languages
through Language Selection and Use
|
5 October 2005
|
N0001
|
SC
3913 New Work Item Proposal for Guidance to Avoiding
Vulnerabilities in Programming Languages through Language
Selection and Use
|
2005-06-28
|