ISO/IEC/JTC 1/SC 22/WG 23 DOCUMENT REGISTER

ISO/IEC JTC1/SC22/WG23 standing documents:

Meeting Schedule
Meeting Calendar
S0001 – SC22/WG23 Action Item Log
S0003 – Editorial history of TR 24772
S0005 – Advice to Language Specific Parts Editors (DRAFT)
S0006 - Comparison of TR 24772 guidance to Joint Strike Fighter Coding Guidelines

WG23 N-numbered documents in reversed document number order:

Document Number

Description

Date

N14XX

24/1X/XX

N1454

C++ Vulnerabilities discussions at Zoom meeting 9 December 2024

24/11/27

N1453

WG 23 Discussions on Rust vulnerabilities

24/11/27

N1452

Java vulnerabilities document after meeting 27 Nov 2024

24/11/27

N1451

Python vulnerabilities document after meeting 27 Nov 2024

24/11/27

N1450

Python vulnerabilities document before meeting 27 Nov 2024, submitted by Sean

24/11/27

N1449

C++ Vulnerabilities discussions at Zoom meeting 25 November 2024

24/11/25

N1448

Draft of ISO IEC amendment to 24772-1 clause 6.66 Code representation differs between compiler view and reader view [FPV]

24/11/21

N1447

Draft of ISO IEC amendment to 24772-1 clause 6.66 Code representation differs between compiler view and reader view [FPV] edits EP and SM

24/11/20

N1446

ISO IEC 24772-8 Fortran language vulnerabilities submitted for SC 22 CIB ballot in preparation for DIS Ballot

See convenor for password for access to document

24/11/18

N1445

Draft ISO Form 4 for the initiation of ISO/IEC 24772-8 Fortran

24/11/19

N1444

Draft of clause 6.66 Code representation differs between compiler view and reader view [FPV]

24/11/18

N1443

ISO Form 4 NWIP preparation for clause 6.66 for 24772-8 Fortran Vulnerabilities

24/11/13

N1442

Early draft Fortran clause 6.66 "Code represtation differs between compiler view and reader view"

24/11/13

N1441

Fortran Vulnerabilities updated 7 Nov 2024

24/11/07

N1440

24772-8 Fortran vulnerabilities corrections request John Reid

24/11/07

N1439

ISO/IEC WD 24772-4 Python vulnerabilities document after meeting 6 November 2024 (PDF).

24/11/06

N1438

Python vulnerabilities before meeting 6 Nov 2024 submitted by Sean McDonagh

24/11/06

N1437

Additional corrections to N1435 Fortran vulnerabilities based on comments in N1436

24/11/05

N1436

Comments on N1435 Fortran Vulnerabilities editorial changes, by John Reid

24/11/05

N1435

Fortran vulnerabilities after meeting 20 Nov 2023 with editorial updates to reflect ISO/IEC 24772-1 editorial work done, for review by Fortran subgroup.

24/11/05

N1434

C++ vulnerabilities discussions held 28 October 2024. Work is done on GitHub.

24/10/28

N1433

Draft addition to 24772-2 to include source code representation differences between compiler view and human reader view

24/10/26

N1432

Draft amendment to 24772-1 to include source code representation differences between compiler view and human reader view

24/10/26

N1431

24772-1 Ada document after review by TT and SB preparation for ballot

24/10/26

N1430

ISO New work item proposal document (NeW) for production of requests for WG 23 documents

24/10/23

N1429

Python Vulnerabilities document after meeting 23 October 2024

24/10/23

N1428

Python Vulnerabilities document before meeting 23 October 2024 submitted by SM

24/10/23

N1427

Java vulnerabilities document from 2021-02-07 updated by convenor 2024-10-14

24/10/14

N1426

Ada language documents ready for review for ballot with convenor updates

24/10/14

N1425

Python Vulnerabilities document after meeting 2 October 2024

24/10/02

N1424

Python Vulnerabilities document before meeting 2 October 2024 submitted by SM

24/10/02

N1423

Fortran Vulnerabilities document after meeting 11 Nov 2023 with editorial corrections to align with 24772-1 undergoing publication

24/10/xx

N1422

ISO IEC 24772-1 Programming Language Vulnerabilities for publication (Protected)

24/09/30

N1421

C++ Vulnerabilities discussion record from meeting 30 September 2024

24/09/30

N1420

WG 23 meeting 77 26 September 2024 minutes

24/09/26

N1419

C Vulnerabilities document with amendments by convenor and C Pygott 25 September 2024

24/09/25

N1418

C++ Vulnerabilities discussion record from meeting 16 September 2024

24/09/16

N1417

Python Vulnerabilities document after meeting 11 September 2024

24/09/11

N1416

Python Vulnerabilities document from N1408 with edits by convenor and S. MacDonagh for meeting 11 Sep 2024

24/09/11

N1415

WG 23 Convenor's report to SC 22 2024 Plenary

24/09/11

N1414

Draft agenda WG 23 Meeting 77 virtual to be held 26 September 2024

24/09/10

N1413

ISO/IEC 24772-3 C vulnerabilities document with edits by convenor for alignment with FDIS 24772-1

24/09/09

N1412

C++ vulnerability discussion record from meeting 2 September 2024

24/09/04

N1411

Convenor edits of 24772-2 Ada for conformance with FDIS 24772-1

24/09/03

N1410

Convenor edits of 24772-7 SPARK for conformance with FDIS 24772-1

24/08/29

N1409

FDIS ballot result for FDIS 2472-1 Programming languages -- Programming language vulnerabilities -- Part 1: Language-independent catalogue of vulnerabilities. FDIS passed.

24/08/29

N1408

ISO IEC WD 24772-4 Python Vulnerabilities after meeting 28 August 2024

24/08/28

N1407

ISO IEC WD 24772-4 Python Vulnerabilities before meeting 28 August 2024, comments by Erhard Ploedereder, coallated by Sean McDonagh

24/08/28

N1406

C++ Vulnerability discussions held 19 August 2024

24/08/19

N1405

ISO IEC WD 24772-4 Python Vulnerabilities after meeting 14 August 2024,

24/08/14

N1404

ISO IEC WD 24772-4 Python Vulnerabilities before meeting 14 August 2024, comments by Erhard Ploedereder, coallated by Sean McDonagh

24/08/14

N1403

Ada Vulnerabilities document for DIS Ballot submission with minor editorial changes from N1362

24/08/14

N1402

C++ Vulnerability discussions held 8 August 2024

24/08/08

N1401

C++ Vulnerability discussions held 22 July 2024

24/07/22

N1400

ISO IEC wF 24772-4 Python Vulnerabilities after meeting 17 July 2024

24/07/17

N1399

ISO IEC WD 24772-4 Python Vulnerabilities before meeting 17 July 2024

24/07/17

N1398

ISO IEC WD 24772-4 Python vulnerabilities from meeting 26 June 2024 with updates by Sean and EP

24/07/15

N1397

C++ Vulnerability discussions held 8 July 2024

24/00/00

N1396

ISO IEC WD 24772-8 Fortran vulnerabilituies after meeting 20 November 2023 with editorial updates by Convenor 26 June 2024

24/06/24

N1395

ISO/IEC WD 24772-4 Python vulnerabilities document after meeting 26 June 2024

24/06/26

N1394

Edits to ISO/IEC WD 24772-4 Python vulnerabilities document after meeting 5 June 2024 submitted by Erhard Ploedereder

ISO/IEC WD 24772-4 Python vulnerabilities document before meeting 26 June 2024

24/06/26

N1393

C++ Vulnerability discussions held 24 June 2024

24/06/24

N1392

C++ Vulnerability discussions held 10 June 2024

24/06/10

N1391

ISO/IEC WD 24772-4 Python vulnerabilities document after meeting 24 April 2024

24/04/24

N1390

ISO/IEC 24772-4 Python vulnerabilities document before meeting 24 April 2024

24/06/24

N1389

ISO IEC FDIS 24772-1 Programming language vulnerabilities submitted to ISO editors for FDIS ballot Password protected, contact Convenor for password

24/06/10

N1388

ISO IEC WD 24772-4 Python vulnerabilities document after meeting 24 April 2024

24/05/15

N1387

C++ Vulnerabilities Meeting summary of meeting 13 May 2024

24/05/13

N1386

ISO and IEC decisions on freely available standards

24/05/10

N1385

Report from ISO/IEC/JTC 1/AHG 05 on freely availabile standards

24/05/10

N1384

VOID

N1383

C++ Vulnerabilities Meeting summary of 29 April 2024

24/04/24

N1382

ISO/IEC 24772-4 Python vulnerabilities document after meeting 24 April 2024

24/04/24

N1381

ISO/IEC 24772-4 Python vulnerabilities document before meeting 24 April 2024

24/04/24

N1380

C++ vulnerability discueeions 15 April 2024

24/04/15

N1379

ISO/IEC 24772-4 Python vulnerabilities document before meeting 3 April 2024

ISO/IEC 24772-4 Python vulnerabilities document after meeting 13 March 2024

24/03/13

N1378

C++ vulnerability discueeions 1 April 2024

24/04/01

N1377

C++ vulnerability discueeions 18 March 2024

24/03/18

N1376

ISO/IEC 24772-4 Python vulnerabilities document after meeting 13 March 2024

24/03/13

N1375

ISO/IEC 24772-4 Python vulnerabilities document before meeting 13 March 2024

24/03/13

N1374

C++ vulnerability discueeions 4 March 2024

24/03/04

N1373

ISO/IEC WD 24772-2 Ada vulnerabilities before meeting 25 Feb 2024

24/02/25

N1372

VOID. Document from meeting 21 February 2024 is N1375, which also serves as the input to meeting 13 March 2024.

N1371

ISO/IEC 24772-4 Python vulnerabilities document before meeting 21 February 2024

24/02/21

N1370

C++ vulnerability discueeions record 19 February 2024

24/0219

N1369

WD 24772-2 Ada vulnerabilities document after meeting 13 February 2024

24/02/13

N1368

C++ vulnerabilities discussions document for meeting 5 February 2024

24/02/05

N1367

Reserved for ISO/IEC 24772-1 Programming language vulnerabilities, Part 1 language independent vulnerabilities

24/02/18

N1366

ISO/IEC WD 24772-4 Python vulnerabilities document after meeting 22 January 2024

24/01/22

N1365

ISO/IEC WD 24772-4 Python vulnerabilities document before meeting 22 January 2024

24/01/22

N1364

C++ vulnerabilities discussions document for meeting 5 February 2024

24/01/22

N1363

ISO/IEC FDIS 24772-1 document undergoing editorial changes. See Convenor for password.

24/01/20

N1362

WD 24772-2 Ada vulnerabilities document before meeting 15 Jan 2024, includes comments from S. Baird and T. Taft.

24/01/14

N1363

24/02/20

N1362

WD 24772-2 Ada vulnerabilities document before meeting 15 Jan 2024, includes comments from S. Baird and T. Taft.

24/01/14

N1361

Python vulnerabilities document after meeting 10 January 2024

24/01/10

N1360

C++ Vulnerability discussions summary 8 January 2024.

24/01/08

N1359

WD 24772-2 Ada language vulnerabilities revisions 18 Dec 2023

23/12/11

N1358

C++ Vulnerability discussions summary 11 December 2023.

23/12/11

N1357

Python vulnerabilities document after meeting 6 December 2023

23/12/06

N1356

Python vulnerabilities document before meeting 6 December 2023

23/12/06

N1355

Reserved

N1354

Ada Vulnerabilities document edited 4 December 2023

23/12/04

N1353

ISO Form 4 New Work Item Proposal (blank)

23/11/28

N1352

C++ Vulnerability discussion summary 27 November 2023

23/11/27

N1351

24772-8 Fortran vulnerabilities document ready for DIS submission

23/11/20

N1350

Draft minutes of ISO/IEC/JTC 1/SC 22/WG 23 meeting 75 following corrections made in meeting 76

23/11/29

N1349

Draft minutes of ISO/IEC/JTC 1/SC 22/WG 23 meeting 76 held 20 November 2023

23/11/20

N1348

Revised agenda of ISO/IEC/JTC 1/SC 22/WG 23 meeting 76 held 20 November 2023

23/11/20

N1347

24772-8 Fortran draft document after meeting 25 September 2023 with ISO-driven edits

23/11/18

N1346

24772-2 Ada vulnerabilities document with editorial edits for consideration

23/11/15

N1345

C++ Vulnerability discussion summary 13 November 2023

23/11/13

N1344

24772-8 Fortran document from 9 Sep 2023 with edits to aling with ISO editorial requirements

23/11/13

N1343

VOID

N1342

ISO IEC DIS 24772-1 Programming languages -- Programming language vulnerabilities -- Language independent avoidance mechanisms after specific editing requirements from ISO, forwarded to SC 22 secretary and to ISO for DIS ballot. Encrypted document. Contact stephen.michell@maurya.on.ca for access.

23/11/09

N1341

ISO IEC DIS 24772-1 Programming languages -- Programming language vulnerabilities -- Language independent avoidance mechanisms forwarded to SC 22 secretary and to ISO for DIS ballot. Encrypted document. Contact stephen.michell@maurya.on.ca for access.

23/11/07

N1340

Free availability request for ISO/IEC 24772-1

23/11/06

N1339

ISO comment and resolution form after meeting 75 with final editorial additions by editor.

23/11/06

N1338

ISO IEC DIS 24772-1 Programming languages -- Programming language vulnerabilities -- Language independent avoidance mechanisms before forwarding to SC 22 secretary and to ISO for DIS ballot. Encrypted document. Contact stephen.michell@maurya.on.ca for access.

23/11/06

N1337

C++ Vulnerability discussions summary 30 October 2023

23/10/30

N1336

Python vulnerabilities document after meeting 25 October 2023

23/10/25

N1335

Python vulnerabilities document before meeting 25 October 2023 submitted by Sean M

23/10/25

N1334

Calling notice and agenda for ISO/IEC/JTC 1/SC 22/WG 23 meeting 76, 20 Nov 2023

23/10/16

N1333

C++ Vulnerability discussions summary 16 October 2023

23/10/16

N1332

Python vulnerabilities document aafter meeting 11 October 2023

23/10/11

N1331

Python vulnerabilities document before meeting 11 October 2023 submitted by Sean M

23/10/11

N1330

VOID

N1329

C++ Vulnerability discussions 2 October 2023

23/10/2

N1328

VOID

N1327

Fortran Vulnerabilities document after meeting 25 September 2023, ready for submission to WG 23 for ballot

23/09/25

N1326

Fortran vulnerabilities document 24772-8 comments by editor

23/09/25

N1325

Comments on 24772-8 Fortran vulnerabilities with edits by Erhard and John

23/09/24

N1324

C++ Vulnerability discussions 18 September 2023

23/09/18

N1323

Python vulnerabilities document after meeting 13 September 2023

23/09/13

N1322

Python vulnerabilities document before meeting 13 September 2023 submitted by SM

23/09/13

N1321

Convenors report to SC 22 plenary 7 September 2023

23/09/07

N1320

C++ Vulnerability discussions 4 September 2023

23/09/04

N1319

Fortran Vulnerability document after meeting 28 August 2023

28/08/26

N1318

Fortran Vulnerability document comments EP 26 August 2023

23/08/26

N1317

Java Vulnerability discussions meeting 23 August 2023

23/08/23

N1316

Python Vulnerability discussions after meeting 23 August 2023

23/08/23

N1315

Python Vulnerability discussions before meeting 23 August 2023

23/08/23

N1314

C++ Vulnerability discussions meeting 21 August 2023

23/08/21

N1313

Fortran Vulnerability document clean after WG 5 meeting, comments S. Michell 11 August 2023

23/08/11

N1312

C++ Vulnerability discussions meeting 7 August 2023

23/08/7

N1311

Python Vulnerability discussions at meeting 26 July 2023

23/07/26

N1310

Python Vulnerability document submitted by S. McDonagh before meeting 26 July 2023

23/07/26

N1309

C++ Vulnerability discussions meeting 24 July 2023

23/07/24

N1308

C++ Vulnerability discussions meeting 10 July 2023

23/07/10

N1307

WD 24772-4 Python vulnerabilities document after meeting 5 July 2023

23/07/06

N1306

WD 24772-4 Python vulnerabilities document before meeting 5 July 2023

23//07/05

N1305

C++ Vulnerability discussions meeting 26 June 2023

23/06/26

N1304

WD 24772-4 Python vulnerabilities document after meeting 21 June 2023

23/06/21

N1303

WD 24772-4 Python vulnerabilities document before meeting 21 June 2023

23/06/21

N1303

WD 24772-4 Python vulnerabilities document before meeting 21 June 2023

23//

N1302

DIS 24772-1 Language independent vulnerabilities incorporating NB comments interim, password protected

23/06/21

N1301

WD 24772-8 Fortran vulnerabilities after meeting 5 June 2023

23/06/05

N1300

WD 24772-8 Fortran vulnerabilities before meeting 5 June 2023 with EP comments

23/06/05

N1299

WD 24772-4 Python vulnerabilities document after meeting 31 May 2023

23/05/31

N1298

WD 24772-4 Python vulnerabilities document before meeting 31 May 2023

23/05/31

N1297

C++ vulnerabilities discussions summary for meeting 31 May 2023. Main document held in GitHub. See convenor for access.

23/05/31

N1296

C++ vulnerabilities discussions summary for meeting held 15 May 2023. Main document held in GitHub. See convenor for access.

23/05/15

N1295

WD 24772-8 Fortran vulnerabilities after meeting 22 May 2023

23/05/22

N1294

WD 24772-8 Fortran vulnerabilities before meeting 22 May 2023 with comments by Erhard Ploedereder

23/05/22

N1293

WD 24772-8 Fortran vulnerabilities before meeting 22 May 2023

23/05/22

N1292

DIS 24772-2 incorporating comments after meeting 75 Part 3 held 10 May 2023

23/05/10

N1291

Draft minutes of SC 22/WG 23 meeting 75 including meeting part 3

23/05/10

N1290

DIS 24772-1 after WG 23 meeting 75 part 3 held 10 May 2023

23/05/10

N1289

ISO commenting form for DIS 24772-1 before meeting 75 pt 3

23/05/09

N1288

WD 24772-8 Fortran vulnerabilities document after meeting 8 May 2023

23/05/08

N1287

WD 24772-4 Python vulnerabilities document after meeting 3 May 2023

23/05/03

N1286

WD 24772-4 Python vulnerabilities document after meeting 3 May 2023

23/05/03

N1285

Collated DIS comments with resolution as of end of meeting part 2 26 April 2023

23/04/25

N1284

Draft minutes of WG 23 meeting 75 following online meeting part 2 26 April 2023

23/04/26

N1283

DIS 24772-1 incorporating comments before WG 23 Meeting 75 part 2 26 April 2023 Please see convenor for password.

23/04/25

N1282

23/04/19

N1281

ISO/IEC WD 24772-4 Python vulnerabilities document before meeting 19 April 2023

23/04/19

N1280

C++ vulnerabilities discussions summary for meeting held 17 April 2023. Main document held in GitHub. See convenor for access.

23/04/17

N1279

DIS 24772-1 incorporating comments following WG 23 Meeting 75 part 2 12 April 2023 Please see convenor for password.

23/04/12

N1278

DIS 24772-1 edits after WG 23 Meeting 75 part 1 (12 April 2023)

23/04/12

N1277

Proposal for clause 4.10.6 Asynchronous variables contributed by J. Reid.

23/04/10

N1276

Agenda for ISO/IEC/JTC 1/SC 22/WG 23 meeting 75 to review results of DIS Ballot for ISO/IEC 24772-1

23/04/04

N1275

WD 24772-10 C++ Vulnerability discussions summary from meeting 3 April 2023

23/04/03

N1274

DIS 24772-1 Programming language vulnerabilities document with ISO editors comments (Note: password protected, see the convenor for password.

23/03/27

N1272

DIS 24772-1 collated comments 27 March 2023

23/03/27

N1271

DIS 24772-1 ballot disposition 27 March 2023

23/03/27

N1270

WD 24772-8 Fortran vulnerabilities after meeting 27 March 2023

23/03/26

N1269

WD 24772-8 Fortran vulnerabilities before meeting 27 March 2023 incorporation N1267

23/03/26

N1268

Proposed edits to N1266 WD 24772-8 Fortran vulnerabilities after meeting 13 March 2023, submitted by John Reid

23/03/20

N1267

C++ vulnerabilities discussion summary 20 March 2023

23/03/20

N1266

WD 24772-8 Fortran vulnerabilities after meeting 13 March 2023

23/03/13

N1265

Fortran vulnerabilities proposed edite submitted by J Reid/S Lionel.

23/03/12

N1264

WD 24772-4 Python Vulnerabilities before meeting 8 March 2023

Note: Meeting not held. Documents will post to meeting 29 March 2023

23/03/08

N1263

Python vulnerabilities mitigation strategies submitted by L Wagoner/S Mcdonagh

23/03/08

N1262

Python collated guidance with summaries submitted by L Wagoner/S Mcdonagh

23/03/08

N1261

C++ vulnerabilities discussion summary 6 March 2023

23/02/020

N1260

24772-8 Fortran vulnerabilities draft document following meeting 13 Feb 2023

23/02/12

N1259

C++ vulnerabilities discussion summary 20 Feb 2023

23/02/020

N1258

WD 24772-4 Python draft document after meeting 15 Feb 2023

23/02/15

N1257

WD 24772-4 Python draft document commented by LW and SM before meeting 15 Feb 2023

23/02/15

N1256

24772-8 Fortran vulnerabilities draft document incorporating N1255 following meeting 13 Feb 2023

23/02/12

N1255

24772-8 Fortran collected guidance from SL and JR

23/02/12

N1254

C++ vulnerabilities discussion summary 6 Feb 2023

23/02/06

N1253

Fortran draft collected guidance for clause 5.1 after meeting 30 January 2023

23/01/30

N1252

Fortran vulnerabilities draft incorporating proposed edits in N1251 after meeting 30 January 2023

23/01/23

N1251

Proposed edits to Fortran vulnerabilities document N1245

23/01/23

N1250

Fortran draft collected guidance for clause 5.1

23/01/30

N1249

Python vulnerabilities document 24772-4 after meeting 25 January 2023.

23/01/25

N1248

Python vulnerabilities document 24772-4 before meeting 25 January 2023.

23/01/25

N1247

C++ vulnerability discussions summary 23 January 2023

23/01/23

N1246

Collated guidance from WD 24772-8 clauses 6.X.2 for work to prepare 'top 10' guidance

23/01/16

N1245

Fortran vulnerabilities document after meeting 16 January 2023

23/01/16

N1244

Fortran vulnerabilities document before meeting 16 January 2023 incorporating comments from JR and SL

23/01/15

N1243

Comments on N1238 Fortran vulnerabilities by John Reid 13 January 2023

23/01/13

N1242

C++ vulnerability discussions summary 9 January 2023

23/01/09

N1241

Python vulnerabilities document 24772-4 after meeting 4 January 2023.

23/01/04

N1240

Python Vulnerabilities document (N1235) with minor edits by convenor

23/01/03

N1239

Collated avoidance mechanisms from WD 24772-4 Python clauses 6.X.2 for work to prepare 'top 10' mechanisms

23/01/03

N1238

Collated guidance from WD 24772-8 clauses 6.X.2 for work to prepare 'top 10' guidance

22/12/19

N1237

Fortran vulnerabilities document 24772-8 after meeting 19 December 2022.

22/12/19

N1236

Comments on N1232 by John Reid

22/12/17

N1235

Python vulnerabilities document 24772-4 after meeting 14 December 2022.

22/12/14

N1234

C++ vulnerability discussions summary 12 December 2022

22/12/12

N1233

C++ vulnerability discussions summary 28 November 2022

22/11/28

N1232

Fortran vulnerabilities document 24772-8 after meeting 21 November 2022.

22/11/21

N1231

Fortran proposed draft edits by John Reid to Fortran vulnerabilities document N1225

22/11/21

N1230

Python vulnerabilities document 24772-4 after meeting 16 November 2022.

22/11/16

N1229

VOID

22/11/16

N1228

Python vulnerabilities document 24772-4 before meeting 16 November 2022, edits by Sean McDonagh

22/11/16

N1227

C++ vulnerability discussions summary 14 November 2022

22/11/14

N1226

Python vulnerabilities document 24772-4 after meeting 9 November 2022

22/11/09

N1225

Fortran draft after meeting 7 November 2022 with editorial corrections by SM,

22/11/07

N1224

Collated comments from WD 24772-8 clauses 6.X.2 for work to prepare 'top 10' guidance

22/11/07

N1223

Draft Fortran vulnerabilities after meeting 24 October 2022

22/11/07

N1222

Draft Fortran vulnerabilities after meeting 24 October 2022 incorporating comments by JR

22/11/06

N1221

Comments on N1219 Fortran Vulnerabilities draft 24 October 2022 by John Reid

22/10/31

N1220

C++ vulnerability discussions summary 31 October 2022

22/10/31

N1219

Draft Fortran vulnerabilities after meeting 24 October 2022

22/10/24

N1218

WD 24772-1 Programming language vulnerabilities: Part 1 with minor change submitted for DIS ballot

As a PDF

22/10/23

N1217

WD 24772-4 Python after meeting 19 October 2022

22/10/19

N1216

Comments on N1214 Fortran Draft vulnerabilities from John Reid

22/10/99

N1215

C++ vulnerability discussions summary 17 October 2022

22/10/17

N1214

Draft Fortran vulnerabilities after meeting 10 October 2022

22/10/10

N1213

Comments on N1211 Fortran Draft vulnerabilities from John Reid

22/10/09

N1212

C++ vulnerability discussions summary 3 October 2022

22/10/03

N1211

Draft Fortran vulnerabilities after meeting 26 September 2022

22/09/26

N1210

Comments on N1205 Fortran Draft vulnerabilities from John Reid

22/09/26

N1209

C++ vulnerability discussions summary 19 September 2022

22/09/19

N1208

WD 24772-4 Python after meeting 7 September 2022

22/09/07

N1207

WD 24772-4 Python WD with proposed changes to clause 6.62 before meeting 7 September 2022

22/09/07

N1206

C++ vulnerability discussions summary 5 September 2022

22/09/05

N1205

WD 24772-8 Fortran vunerabilities after meeting 29 August 2022

22/08/29

N1204

WD 24772-8 Fortran vunerabilities incorporating text from N1203 proposed changes before meeting 29 August 2022

22/08/28

N1203

WD 24772-8 Fortran vunerabilities text proposed by JR

22/08/28

N1202

C++ vulnerability discussions summary 22 August 2022

22/08/22

N1201

WD 24772-4 Python vulnerabilities after meeting 17 Aug 2022

22/08/17

N1200

WD 24772-8 Fortran vunerabilities document after meeting 15 August 2022 with editorial updates by convenor

22/08/15

N1199

WD 24772-1 Programming language vulnerabilities: Part 1 with minor change from meeting 15 August 2022

22/08/15

N1198

WD 24772-8 Fortran vunerabilities document after meeting 15 August 2022

22/08/15

N1197

Proposed revisions to N1194 Fortran vulnerabilities document by John Reid

22/08/14

N1196

C++ vulnerabilities discussion summary 8 August 2022

22/08/08

N1195

WD 24772-8 Fortran vunerabilities document after meeting 1 August 2022

22/08/01

N1194

Proposed revisions to N1187 Fortran vulnerabilities document by John Reid

22/07/30

N1193

C++ vulnerabilities discussion summary 25 July 2022

22/07/25

N1192

Draft convenors report to SC 22 for fall 2022 plenary

22/07/19

N1191

Draft WD 24772-4 Python vulnerabilities document after meeting 20 July 2022

22/07/20

N1190

Draft WD 24772-4 Python vulnerabilities document before meeting 20 July 2022

22/07/20

N1189

Draft DIS ballot document 24772-1

22/07/20

N1188

C++ vulnerabilitiues discussions summary 11 Juloy 2022

22/07/11

N1187

WD 24772-8 Fortran vunerabilities document after meeting 5 July 2022

22/07/05

N1186

WD comments on N1182 Fortran vulnerabilities document from John Reid, 29 June 2022

22/06/20

N1185

WD 24772-4 Python Vulnerabilities document after meeting 22 Jun 2022

22/06/29

N1184

Python premature termination discussion from Sean M, 22 June 2022

22/06/22

N1183

WD 24772-4 Python vulnerabilities before meeting 22 Jun 2022,

22/06/22

N1182

WD 24772-8 Fortran vulnerabilities document after meeting 20 Jun 2022, integrates N1180 and N1181

22/06/20

N1181

WD 24772-8 Fortran vulnerabilities document after meeting 6 Jun 2022, with updates to 6.62 to 6.65 from JR

22/06/20

N1180

WD 24772-8 Fortran vulnerabilities document after meeting 6 Jun 2022, with updates from JR

22/06/17

N1179

C++ vulnerability discussions summary 13 June 2022

22/06/13

N1178

WD 24772-8 Fortran vulnerabilities document after meeting 6 Jun 2022, with extensive changes accepted by convenor.

22/06/06

N1177

WD 24772-4 Python vulnerabilities document after meeting 1 June 2022

22/05/11

N1176

WD 24772-4 Python vulnerabilities document before meeting 1 June 2022

22/05/11

N1175

C++ vulneraability discussions summary 30 May 2022

30/05/02

N1168

WD 24772-8 Fortran vulnerabilities document after meeting 23 May 2022

22/05/23

N1173

VOID

N1172

C++ vulneraability discussions summary 19 May 2022

22/05/19

N1171

WD 24772-4 Python vulnerabilities document after meeting 5 May 2022

22/05/11

N1170

WD 24772-4 Python vulnerabilities document before meeting 5 May 2022

22/05/11

N1169

Part 8 Fortran draft document with formatting edits submitted by S. Michell

22/05/09

N1168

C++ vulneraability discussions summary 2 May 2022

22/05/02

N1167

Fortran language vulnerabilities draft document after meeting 25 April 2022

22/04/25

N1166

WD 24772-2 ready for NWIP Ballot with editorial correction

As a PDF

22/04/24

N1165

WD 24772-4 Python vulnerabilities document after meeting 19 April 2022

22/04/20

N1164

C++ vulneraability discussions summary 19 April 2022

22/04/19

N1163

Fortran language vulnerabilities draft document after meeting 10 April 2022

22/04/10

N1162

C++ vulneraability discussions summary 4 April 2022

22/04/04

N1161

24772-4 Python vulnerabilities document after meeting 30 March 2022

22/03/30

N1160

WD 24772-4 Python vulnerabilities document before meeting 30 March 2022

22/03/30

N1159

WD 24772-8 Fortran vulnerabilities document after meeting 14 March 2022

C++ Discussions report. Main document in GitHub.

22/03/21

N1158

WD TR 24772-2 Ada Vulnerabilities clean, ready for NWIP ballot, PDF format

WD TR 24772-2 Ada Vulnerabilities clean, ready for NWIP ballot

22/03/20

N1157

WD 24772-8 Fortran vulnerabilities document after meeting 14 March 2022

Input document from Erhard on Fortran OO vulnerabilities, used in N1151 Fortran document

22/03/14

N1156

WD 24772-6 SPARK vulnerabilities document clean to send to WG 9 for ballot

Document as PDF

22/03/10

N1155

WD 247728 Python vulnerabilities document after meeting 9 March 2022

22/03/09

N1154

WD 247728 Python vulnerabilities document before meeting 9 March 2022

22/02/28

N1153

Delta to WD 24772-6 SPARK vulnerabilities contributed by Erhard, edits by Stephen

22/03/07

N1152

C++ Vulnerability discussions 7 March 2022

22/03/07

N1151

WD 24772-8 Fortran vulnerabilities draft after meeting 28 February 2022

Input document from Erhard on Fortran OO vulnerabilities, used in N1151 Fortran document

22/02/28

N1150

WD 24772-4 Python vulnerabilities document after meeting 23 February 2022

22/02/23

N1149

WD 24772-1 Programming language vulnerabilities general descriptions ready for DIS Ballot

22/02/21

N1148

Summary of C++ vulnerability discussions 21 February 2022

22/02/21

N1147

WD 24772-4 Python vulnerabilities document, update of N1145

22/02/16

N1146

Summary of C++ vulnerability discussions 9 February 2022

22/02/07

N1145

WD 24772-4 Python vulnerabilities after meeting 26 January 2022 with edits by Erhard

22/02/07

N1144

WD 24772-4 Python vulnerabilities after meeting 26 January 2022

22/01/26

N1143

WD 24772-4 Python vulnerabilities before meeting 26 January 2022

22/01/26

N1142

Summary of C++ vulnerability discussions 10 January 2022

22/01/24

N1141

Interim draft of WD ISO/IEC 24772-1 Generallanguage vulnerabilities seed document for DIS ballot

22/01/12

N1140

WD 24772-4 Python vulnerabilities after meeting 12 January 2022

22/01/12

N1139

Reserved for Updated draft of WD 24772-1 after meeting 74

22/01/17

N1138

22/02/21

N1137

Updated agenda for meeting 74, 12 January 2022

22/01/12

N1136

Summary of C++ vulnerability discussions 10 January 2022

22/01/10

N1135

WD 24772-1 for review for submission for DIS Ballot

Differences from N1105

22/01/09

N1134

VOID

21/12/16

N1133

WD 24772-4 Python Language vulnerabilities after meeting Dec 15 2021

21/12/15

N1132

SPARK document for final review, posted 15 Dec 2021

21/12/15

N1131

WD 24772-4 Python Language vulnerabilities prior to meeting Dec 15 2021

21/12/14

N1130

VOID

N1129

Draft 2 Agenda for WG 23 Meeting 74, 12 January 2022

21/12/07

N1128

WD 24772-6 SPARK language vulnerabilities for final review 7 December 2021

21/12/07

N1127

Summary of discussion on C++ language vulnerabilities 30 November 2021

21/11/30

N1126

Agenda for WG 23 Meeting 74, 15 December 2021

21/12/14

N1125

WD 24772-6 SPARK language vulnerabilities for final review 23 Nov 2021

21/11/17

N1124

WD 24772-6 SPARK language vulnerabilities for final review

21/11/18

N1123

WD 24772-4 Python language vulnerabilities after meeting 17 Nov 2021

21/11/17

N1122

WD 24772-4 Python language vulnerabilities before meeting 17 Nov 2021

21/11/17

N1121

WD 24772-2 sent to WG 9 convenor and WG 23 convenor for WG ballots

As a PDF

21/11/05

N1120

N1120 WD 24882-2 Ada Vulnerabilities, Showing differences between N1119 and N1118

21/11/02

N1119

WD 24772-2 Ada Vulnerabilities from WG 9 with clean-up edits from Stephen Michell, diff from WG 9 version

WD Clean version

21/10/26

N1118

N1118 Python vulnerabilities document after meeting 27 October 2021.

21/10/27

N1117

N1117 Ada vulnerabilities document from WG 9 review 26 October 2021.

21/10/26

N1116

N1116 C++ vulnerabilities discussion summary from meeting 18 October 2021.

21/10/18

N1115

N1115 Discussions with SC 22/WG 5 about Fortran vulnerabilities

21/10/04

N1114

N1114 Python vulnerabilities document after meeting 4 October 2021.

21/10/04

N1113

N1113 Python vulnerabilities document before meeting 4 October 2021.

21/10/04

N1112

N1112 Summary of C++ vulnerabilities meeting 27 September 2021. Work done in WG 23 C++ GitHub space.

21/09/27

N1111

N1111 Python vulnerabilities document following discussions 25 August 2021.

21/09/13

N1110

N1110 Python vulnerabilities document before meeting 9 September 2021.

21/09/13

N1109

N1109 C++ Vulnerabilities meeting summary 6 September 2021. Work done in WG 23 C++ GitHub space.

21/09/06

N1108

N1106 Python vulnerabilities document following meeting 25 August 2021.

21/08/25

N1107

Summary of C++ vulnerability discussions held 9 Aug 2021. Work done in WG 23 C++ GitHub space.

21/08/09

N1106

N1106 Python vulnerabilities document following discussions 2 August 2021.

21/08/02

N1105

WD 24772-1 "Programming languages -- Guidance to avoiding vulnerabilities in programming languages -- Part 1: Language independent guidance" submitted to SC 22 for New work item ballot and DIS ballot, to be used with NP ballot request and free availability request in N1101.

21/07/21

N1104

Draft minutes of SC 22/WG 23 meeting 73

21/07/21

N1103

Convenors report to SC 22 Plenary.

21/07/21

N1102

VOID

N1101

TR 24772-1 bundle for consideration 21 July 2021 for submission to ISO for NWIP balloting

21/07/21

N1100

WD 24772-4 Python Vulnerabilities document after meeting 12 July 2021`

21/07/12

N1099

WD 24772-4 Python Vulnerabilities document before meeting 12 July 2021 contributed by Ssan M

21/07/12

N1098

Review comments on N1095 submitted by members

21/07/16

N1097

Agenda meeting 73 21 July 2021 to review proposed submission to SC 22 for NWIP and DIS ballot

21/07/11

N1096

Revisions to Part 1 Annex C submitted by Erhard, edited by Stephen.

21/07/09

N1095

Submitted bundle for SC 22 NP ballot and simultaneous DIS ballot of 24772-1

21/0707

N1094

Proposed bundle for SC 22 NP ballot and simultaneous DIS ballot of 24772-1

21/06/21

N1093

WD 24772-4 Python language vulnerabilities after meeting 21 June 2021

21/06/21

N1092

WD 24772-4 Python language vulnerabilities before meeting 21 June 2021

19/06/21

N1091

WD 24772-1 document editorial cleanups after discussions 20 June 2021

20/06/21

N1090

WD 24772-1 document after discussions 14 June 2021 considering N. Holsti comments

Responses to comments from N. Holsti on WD 24772-1 (complete)

14/06/21

N1089

Comments on N1088 Python Vulnerabilities by Nick Coglan 3 June 2021

01/06/21

N1088

WD 24772-4 Python vulnerabilities after meeting 2 June 2021

02/06/21

N1087

Python OO vulnerabilities writeup by Erhard Ploedereder

02/06/21

N1086

WD 24772-4 Python vulnerabilities before meeting 2 June 2021

01/06/21

N1085

WD 24772-1 document after discussions 24 May 2021 considering N. Holsti comments

Responses to comments from N. Holsti on WD 24772-1 (in progress)

24/05/21

N1084

Priority Inversion vulnerability proposal

18/05/21

N1083

Draft of WD 24772-1 International standard seed document addressing comments in N Holsti comments

Comments by N Holsti on WD 24772-1 with group decisions, up to 6.35.6

17/05/21

N1082

Draft of WD 24772-4 Python Document after meeting 3 May 2021, posted 4 May 2021

04/05/21

N1081

SPARK Part submitted by R Chapman with Index work S Michell

05/04/21

N1080

SPARK Part submitted by Rod Chapman for review in mtg 30 April 2021

05/04/30

N1079

Comments on WD 24772-1 from N Holsti with comments by Group and S. Michell

Draft of WD 24772-1 showing possible changes due to N Holsti comments, for further discussion

22/04/21

N1078

Submission of WD 24772-6 SPARK, comments by S Michell

22/04/21

N1077

Part 1 containing notes from group consideration of N Hosti comments

Comments on WD 24772-1 from N Holsti with group feedback on first part

19/04/21

N1076

Reserved for notes on Java Community thoughts on Part 11

05/04/21

N1075

Meeting notes on discussion of WD 24772-10 C++ Language Vulnerabilities

05/04/21

N1074

WD 24772-11 Java Submitted to Java community for review 14 April 2021

05/04/21

N1073

WD 24772-2 Ada vulnerabilities document with responses to WG 9 members review

07/04/21

N1072

WD 24772-4 Python after meeting 7 April 2021

05/04/21

N1071

WD 24772-11 Java after meeting 7 April 2021

05/04/21

N1070

WD 24772-2 Ada after meeting 7 April 2021

05/04/21

N1069

Reserved for comments on WD 24772-1 by N Holsti and responses

05/04/21

N1068

WD 24772-4 Python before meeting 7 April 2021 contributed by L Wagoner

05/04/21

N1067

WD 24772-11 Java before meeting 7 April 2021 contributed by L Wagoner

06/03/21

N1066

ISO/IEC WD 24772-6 SPARK submitted by Rod Chapman 1 April 2021

05/04/21

N1065

WD 24772-2 with comments on N1045 Part 2 Ada by WG 9 member review, with partial resolution at meeting 31 Mar 2021

31/03/21

N1064

WD 24772-2 with comments on N1045 Part 2 Ada by WG 9 member review

31/03/21

N1063

Comments on N1045 Part 2 Ada for WG 9 review. NOTE: Comments added to N1064 and N1065. Please see these documents for corrections and decisions based on the comments.

30/03/21

N1062

Draft of WD 24772-6 SPARK vulnerabilities after meeting 29 Mar 2021

29/03/21

N1061

Draft of WD 24772-6 SPARK vulnerabilities before meeting 29 Mar 2021

Draft of WD 24772-6 SPARK vulnerabilities before meeting 29 Mar 2021 with comments submitted by Erhard

28/03/21

N1060

Draft of WD 24772-4 Python vulnerabilities after meeting 17 Mar 2021

17/03/21

N1059

Draft of WD 24772-11 Java vulnerabilities after meeting 17 Mar 2021

17/03/21

N1058

Draft of WD 24772-4 Python vulnerabilities 17 Mar 2021

17/03/21

N1057

Draft of WD 24772-6 SPARK vulnerabilities 12 Mar 2021

12/03/21

N1056

Meeting notes 15 March 2021, The following people participated in a meeting on WD 24772-10 C++ language vulnerabilities:

  • Stephen Michell
  • Paul Preney
  • Clive Pygott
  • Andreas
  • Michael Wong
  • Matthew Butler
  • Richard Corden
  • Peter Sommerlad
The document is held in GitHub and all issues are listed and tracked there, as well as all of the document parts. Please contact the convenor for access to the GitHub document repository.

15/03/21

N1055

Draft of WD 24772-11 Java vulnerabilities combined N1050 and N1052 before meeting 17 Mar 2021

11/03/21

N1054

Changelog for N1054 WD 24772-6 SPARK

Draft writeup on Unspecified Behaviours

Draft of WD 24772-6 SPARK submitted by Rod Chapman 7 Mar 2021

7/03/21

N1053

Draft of WD 24772-11 Java vulnerabilities after meeting 8 March 2021, posted 8 Mar 2021, but not reflecting changes in N1052

8/03/21

N1052

Draft of WD 24772-11 Java vulnerabilities before meeting 8 Mar 2021, submitted by Erhard Ploedereder

8/03/21

N1051

Draft of WD 24772-4 Python vulnerabilities before meeting 8 Mar 2021

8/03/21

N1050

Draft of WD 24772-11 Java vulnerabilities 7 Mar 2021 contributed by L Wagoner

7/03/21

N1049

Draft of WD 24772-11 Java vulnerabilities after meetingfor review 1 Mar 2021

1/03/21

N1048

Draft of WD 24772-6 SPARK vulnerabilities after meeting 1 Mar 2021

1/03/21

N1047

Refresh of 24772-11 Java to refelct conversations with Oracle

1/03/21

N1046

Draft of WD 24772-6 SPARK vulnerabilities prior to meeting 1 Mar 2021

1/03/21

N1045

Draft of IS 24772-2 Ada vulnerabilities in preparation for WG 9 review

22/02/21

N1044

Draft minutes of meeting 72, discussions of NWIP and seed document ISO/IEC 24772-1

22/02/21

N1043

Draft IS 24772-1 seed document for NWIP after meeting 72

22/02/21

N1042

Agenda Meeting 72 22 Feb 2021

22/02/21

N1041

Draft IS 24772-1 seed document for programming language vulnerabilities before meeting 22 February 2021

21/02/21

N1040

Draft 24772-6 SPARK vulnerabilities after meeting 17 February 2021

17/02/21

N1039

Draft 24772-6 SPARK vulnerabilities before meeting 17 February 2021

17/02/21

N1038

Draft of 24772-11 Java Vulnerabilities after meeting 8 February 2021

08/02/21

N1037

Draft of 24772-4 Python Vulnerabilities after meeting 8 February 2021

08/02/21

N1035

Draft of 24772-4 Python Vulnerabilities before meeting 8 February 2021

07/02/21

N1034

Draft of 24772-6 SPARK language vulnerabilities after meeting 1 Feb 2021

01/02/21

N1033

Draft of 24772-6 SPARK language vulnerabilities contributed by Rod Chapman, comments by Stephen, Erhard

01/02/21

N1032

Draft of 24772-6 SPARK language vulnerabilities contributed by Rod Chapman, comments by Stephen Michell

27/01/21

N1031

Draft of IS 24772-2 Ada vulnerabilities adding clause 6.65 and editorial

29/01/21

N1030

Draft of IS 24772-1 Seed document after meeting 25 Jan 2021

25/01/21

N1029

Draft of 24772-6 SPARK language vulnerabilities contributed by Rod Chapman

18/01/21

N1028

Draft of 24772-4 Python vulnerabilities document after discussions 11 Jan 2021

11/01/21

N1027

Draft of 24772-11 SPARKJava vulnerabilities document after discussions 11 Jan 2021

11/01/21

N1026

Draft of 24772-6 SPARK vulnerabilities document after discussions 4 Jan 2021

01/01/21

N1025

Draft of IS-24772-2 Draft Ada vulnerabilities document.

04/01/21

N1024

Draft of new SPARK vulnerabilities document (in progress) submitted by Rod Chapman for comment

01/01/21

N1023

Draft IS 24772-2 Ada language vulnerabilities showing rework to add conformance clause and address vulnerability 8.2 from TR 24772-1 "Modifying constants" 3 Jan 2021

29/12/20

N1022

Draft IS 24772-1 as discussed at meeting 28 December 2020

28/12/20

N1021

Revised NWIP form for development of IS 24772-1 Programming Languages -- Programming Language Vulnerabilities -- Part 1: Language independent guidance

28/12/20

N1020

Meeting minutes WG 23 to discuss converting TR 24772 (all Parts) to an International standards

28/12/20

N1019

Draft TR 24772-11 Java language vulnerabilities meeting 14 Dec 2020

21/12/20

N1018

Draft WD 24772-1 Programming languages -- Guidance to avoiding vulnerabilities in programming languages -- Part 1: Language independent guidance - draft for review for 28 Dec 2020

21/12/20

N1017

Draft TR 24772-11 Java language vulnerabilities meeting 14 Dec 2020

14/12/20

N1016

Draft TR 24772-4 Python language vulnerabilities meeting 14 Dec 2020

14/12/20

N1015

Draft IS 24772-1 after meeting 30 Nov 2020

30/11/20

N1014

NWIP for IS 24772-1 material after meeting 30 Nov 2020

30/11/20

N1013

NWIP for IS 24772-1 material for meeting 30 Nov 2020

29/11/20

N1012

TR 24772-10 draft C++ Vulnerabilities as of 23 November 2020

23/11/20

N1011

TR 24772-4 draft Python Vulnerabilities as of 16 November 2020

16/11/20

N1010

TR 24772-10 draft Java vulnerabilities as of 16 November 2020

16/11/20

N1009

Minutes from meeting 71

10/11/20

N1008

TR 24772-6 SPARK Part working draft

9/11/20

N1007

Agenda (revised) of meeting 71, 9 November 2020, to change TR 24772 to international standards

3/11/20

N1006

TR 24772-4 Python language vulnerabilities document as of meeting 2 November 2020

2/11/20

N1005

TR 24772-11 Java language vulnerabilities document - meeting 2 November 2020

2/11/20

N1004

TR 24772-10 C++ language vulnerabilities document after meeting 2 November 2020

19/10/20

N1003

Agenda of meeting 71, 9 November 2020, to change TR 24772 to international standards

19/10/20

N1002

TR 24772-11 Java language vulnerabilities document - meeting 19 October 2020

19/10/20

N1001

TR 24772-4 Python language vulnerabilities document - meeting 12 October 2020

19/10/20

N1000

IS 24772-1 Language independent vulnerabilities document for consideration by WG 23

19/10/20

N0999

TR 24772-10 C++ language vulnerabilities document after meeting 12 October 2020

12/10/20

N0998

TR 24772-11 Java language vulnerabilities document after meeting 7 October 2020

7/10/20

N0997

TR 24772-4 Python language vulnerabilities document after meeting 7 October 2020

7/10/20

N0996

TR 24772-10 C++ language vulnerabilities document after meeting 28 Sep 2020

28/09/20

N0998

TR 24772-10 Java language vulnerabilities document for meeting 28 Sep 2020

7/10/20

N0997

TR 24772-4 C++Python language vulnerabilities document for meeting 287 SepOct 2020

7/10/20

N0995

TR 24772-4 Python Vulnerabilities document after meeting 21 Sep 2020

21/09/20

N0994

TR 24772-11 Java Vulnerabilities document after meeting 21 Sep 2020

21/09/20

N0993

TR 24772-4 Python Vulnerabilities document contributed by L. Wagoner

20/09/20

N0992

Minutes for meeting 70 15 Sep 2020

15/09/20

N0991

TR 24772-4 Python Vulnerabilities document contributed by L. Wagoner

15/09/20

N0990

Agenda for meeting 70 15 Sep 2020

15/09/20

N0989

TR 24772-10 C++ Language Vulnerabilities after meeting 14 Sep 2020.

14/09/20

N0988

TR 24772-10 C++ Language Vulnerabilities before meeting 14 Sep 2020.

14/09/20

N0987

TR 24772-4 Python Language Vulnerabilities after meeting 8 Sep 2020.

8/09/20

N0986

TR 24772-4 Python Language Vulnerabilities before meeting 8 Sep 2020, Submitted by Sean McDonagh.

28/09/08

N0986

TR 24772-11 Java Language Vulnerabilities before meeting 8 Sep 2020.

28/09/08

N0985

TR 24772-10 C++ Language Vulnerabilities after meeting 3 Sep 2020.

28/09/03

N0984

TR 24772-10 C++ Language Vulnerabilities before meeting 3 Sep 2020.

28/08/20

N0983

Updated convenor report to SC 22 plenary containing free availability requests

27/08/20

N0982

TR 24772-4 Python Language Vulnerabilities after meeting 24 Aug 2020.

24/08/20

N0981

TR 24772-10 C++ Language Vulnerabilities after meeting 17 Aug 2020.

17/08/20

N0980

TR 24772-4 Python Language Vulnerabilities after meeting 10 Aug 2020

17/08/20

N0979

TR 24772-11 Java Language Vulnerabilities before meeting 10 Aug 2020, not changed during meeting 10 August.

10/08/20

N0978

TR 24772-10 C++ Language Vulnerabilities after meeting 03 Aug 2020, with non-controversial changes accepted by Erhard.

03/08/20

N0977

TR 24772-11 Java Language Vulnerabilities after meeting 27 July 2020.

27/07/20

N0976

TR 24772-4 Python Language Vulnerabilities after meeting 27 July 2020

27/07/20

N0975

TR 24772-11 Java Language Vulnerabilities before meeting 27 July 2020 with updates from Larry.

27/07/20

N0974

TR 24772-4 Python Language Vulnerabilities before meeting 27 July 2020 with updates from Larry and Sean.

27/07/20

N0973

TR 24772-10 C++ Language Vulnerabilities following meeting 20 July 2020.

20/07/20

N0972

TR 24772-11 Java Language Vulnerabilities following meeting 13 July 2020.

13/07/20

N0971

TR 24772-4 Python language vulnerabilities following meeting 13 July 2020.

13/07/20

N0970

TR 24772-11 Java language vulnerabilities updates Larry Wagoner after meeting 29 Jun.

13/07/20

N0969

TR 24772-4 Python collected guidance in preparation for Top-10 guidance creation submitted by Sean McDonagh

08/07/20

N0968

TR 24772-10 C++ language vulnerabilities after meeting 6 July 2020

06/07/20

N0967

TR 24772-10 C++ language vulnerabilities after meeting 22 June 2020 with changes by Erhard

06/07/20

N0966

TR 24772-11 Java language vulnerabilities after meeting 29 June 2020 with edits by L. Wagoner

02/07/20

N0965

Proposed Top 10 Guidance for avoiding Java vulnerabilities, contributed by L. Wagoner 30 June 2020

15/06/30

N0964

TR 24772-11 Java language vulnerabilities after meeting 20200629

15/06/29

N0963

TR 24772-10 C++ language vulnerabilities after meeting 22 June 2020

15/06/22

N0962

Rework of TR 24772-10 C++ Vulnerabilities by Erhard with additions by Peter

15/06/20

N0961

Draft of TR 24772-4 Python vulnerabilities after editing meeting 15 June 2020

15/06/15

N0960

Draft of TR 24772-11 Java vulnerabilities after editing meeting 1 June 2020

01/06/20

N0959

Draft of TR 24772-10 C++ following editing meeting 25 May 2020

25/05/20

N0958

VOID

N0957

Draft agenda for meeting 69 19 May 2000-2200 UTC, replaces N0951

11/05/20

N0956

TR 24772-11 C++ Vulnerabilities after editing session 2020-05-12, changes S. Michell

12/05/20

N0955

WG 23 draft Convenors report to SC 22 plenary 2020-05-12

12/05/20

N0954

TR 24772-11 Java Vulnerabilities after editing session 2020-05-05, changes S. Michell 2020-05-06

6/05/20

N0953

TR 24772-11 Java Vulnerabilities after editing session 2020-05-05

3/05/20

N0952

Proposed NWIP for the creation of IS 24772 (all parts) Programming Language Vulnerabilities

5/05/20

N0951

Draft agenda for meeting 69 11, 25 May 1500-1699 UTC

3/05/20

N0950

Draft TR 24772-10 C++ language vulnerabilities after meeting 27 April 2020

3/05/20

N0949

Draft TR 24772-10 C++ vulnerabilities before meeting April 27 2020

27/04/20

N0948

Draft TR 24772-11 Draft Java vulnerabilities after meeting April 21 2020

21/04/20

N0947

Draft TR 24772-4 Draft Python vulnerabilities after meeting April 21 2020

21/04/20

N0946

Draft TR 24772-Python before meeting April 21 2020

20/04/20

N0945

Draft TR 24772-Python after meeting April 7 2020

20/04/07

N0944

Draft TR 24772-Python before meeting April 7 2020

20/04/06

N0943

Draft TR 24772-10 C++ Following meeting March 30 2020

20/03/30

N0942

Draft TR 24772-4 Python after meeting March 23 2020

20/03/23

N0941

Draft TR 24772-10 C++ Following meeting March 16 2020

20/03/16

N0940

Draft TR 24772-10 C++ Following meeting March 2 2020

20/03/02

N0939

Fortran OO writeups from Erhard

20/02/25

N0938

Draft TR 24772-8 Fortran following meeting 68

20/02/26

N0937

Draft TR 24772-8 Fortran mid meeting 68

20/02/24

N0936

Draft minutes of meeting 68 with Fortran meeting

20/02/26

N0935

Draft TR 24772-8 Fortran Vulnerabilities before meeting 68

20/02/24

N0934

Draft TR 24772-11 Java responses to N0927 by SGM

20/02/12

N0933

TR 24772-2 Ada language vulnerabilities with ISO editorial changes (encrypted)

20/02/12

N0932

Draft Minutes of Meeting 67

20/02/11

N0931

Draft TR 24772-10 C++ language vulnerabilities after meeting 67

20/02/11

N0930

Draft TR 24772-10 C++ language vulnerabilities before meeting 67

20/02/10

N0929

Draft TR 24772-4 Python submitted SD, responses to N0928 by SGM

20/02/10

N0928

Draft TR 24772-4 Python Annex submitted by Sean McDonagh

20/02/05

N0927

TR 24772-11 Java Part-submitted by Larry Wagoner

20/02/03

N0926

VOID

N0925

Disposition of comments for TR 24772-2 Ada Vulnerabilities

20/01/29

N0924

Draft agenda for meeting 68

20/02/06

N0923

Draft agenda for meeting 67. Note: Webex and place for 10 and 12 FEb unavailable

20/02/06

N0922

VOID

N0921

TR 24772-3 C programming language vulnerabilities for ISO editor

20/01/18

N0920

TR 24772-3 C language Vulnerabilities for formal editing (password protected)

20/01/07

N0919

TR 24772-2 Ada language Vulnerabilities for formal editing (password protected)

20/01/06

N0918

Draft NWIP Form for IS 24772-1

19/11/19

N0917

IS 24772-1 initial draft from Stephen Michell

19/12/31

N0916

TR 24772-8 Fortran Vulnerabilities draft Dec 2019

19/12/13

N0915

Reserved for TR 24772-2 Ada language vulnerabilities submitted to ISO editor

19/12/04

N0914

Reserved for TR 24772-3 C language vulnerabilities submitted to ISO editor 4 Dec 2019

19/12/04

N0913

TR 24772-11 Java language vulnerabilities edits by Larry Wagoner

7/11/19

N0912

Reserved for TR 24772-3 C language vulnerabilities submitted to ISO editor

19/11/19

N0911

Reserved for TR 24772-3 C language vulnerabilities ready for ISO editor, edits by CP

19/11/19

N0910

TR 24772-11 Java language vulnerabilities after meeting 66 with cleanup by convenor

16/11/19

N0909

TR 24772-11 Java language vulnerabilities after meeting 66

7/11/19

N0908

TR 24772-10 C++ language vulnerabilities after meeting 66 with WG 21/SG 12

7/11/19

N0907

Reserved for TR 24772-2 Ada language vulnerabilities sent to ISO Editor

6/11/19

N0906

Draft Minutes from meeting 66.

7/11/19

N0905

Reserved for TR 24772-3 C Vulnerabilities submitted for formal ISO editing

6/11/19

N0904

Meeting notes from WG 21/SG 12 meeting with MISRA C++

6/11/19

N0903

Possible future revisions to TR 24772-1 following discussions with University of Bergen

5/11/19

N0902

Draft TR 24772-11 Java with edits by L. Wagoner

04/11/19

N0901

Draft TR 24772-10 C++ before meeting 66 with additional material from Paul Preney

02/11/19

N0900

Reserved for TR 24772-3 C Part for formal editing

26/10/19

N0899

Reserved for TR 24772-2 Ada Part for formal editing

26/10/19

N0898

Draft TR 24772-4 following meeting 65

15/10/19

N0897

Updated agenda for meeting 65 15 October 2019

28/09/19

N0896

TR 24772-4 Python language vulnerabilities after meeting 64

28/09/19

N0895

TR 24772-11 Java Vulnerabilities after meeting 64

28/09/19

N0894

TR 14772-4 Python Vulnerabilities before meeting 64

28/09/19

N0893

Draft minutes of Meeting 65

28/09/19

N0892

VOID

xx/x/19

N0891

TR 24772-11 Java language vulnerabilities before meeting 64

20/9/19

N0890

TR 24772-6 SPARK language vulnerabilities before meeting 64

9/9/19

N0889

Agenda for WG 23 meeting 66, Belfast Northern Ireland, 6-8 November 2019 with WG 21

8/9/19

N0888

Draft agenda for WG 23 meeting 65, 2000-2200 UTC Electronic meeting

8/9/19

N0889

Draft TR 24772-1 Language independent vulnerabilitiess rewritten for ISO editor

12/8/19

N0886

Draft agenda for Meeting 64, Hanover MD 26-28 Sep 2019

10/8/19

N0885

TR 24772-10 C++ language vulnerabilities after WG 23 meeting 63 with edits by S. Michell

19/6/19

N0888

Draft agenda for meeting 65, Zoom meeting, 15 October 2019, 2000-2200 UTC

7/9/19

N0887

TR 24772-1 Language independent vulnerabilities with editorial changes for ISO editor, password protected.

15/8/19

N0886

Draft agenda for meeting 64, Hanover, MD 26028 Sep 2019

15/8/19

N0885

Draft TR 24772-10 C++ language vulnerabilities after WG 23 meeting 61 and edits by Stephen Michell

14/8/19

N0884

Draft TR 24772-10 C++ language vulnerabilities after WG 23 meeting 61

18/6/19

N0883

Draft TR 24772-11 Java after meeting 61

17/6/19

N0882

Draft TR 24772-4 Python after WG 23 meeting 61

17/6/19

N0881

Convenor report from WG 23 to ISO/IEC/JTC 1/SC 22 for Aug 2018 to July 2019

17/6/19

N0881

Draft minutes of Meeting 63 of ISO/IEC/JTC 1/SC 22/WG 23 held 17-19 July 2019

17/6/19

N0879

Python language before meeting 63, edited by S. Michell

17/6/19

N0878

Java Language Part before meeting 63, update by S. Michell

14/7/19

N0877

Draft Agenda for Meeting 63

17/6/19

N0876

Draft Python Language Part submitted by L. Wagoner

17/6/19>

N0875

Draft Convenors report to SC 22

10/6/19

N0874

Draft Java Language Part edited by S. Michell

3/6/19

N0873

Draft Java Language part 11 submitted by L. Wagoner

30/5/19

N0872

Agenda for meeting 62 6 May 2019

26/04/19

N0871

Spark draft edited by Stephen Michell before meeting 62

26/4/19

N0870

TR 24772-3 C language vulnerabilities for formal editing

9/4/19

N0869

TR 24772-2 Ada language vulnerabilities for formal editing

9/4/19

N0868

Language independent vulnerabilities for formal editing

9/4/19

N0867

TR 24772-6 Spark language vulnerabilities after meeting 61

1/3/19

N0866

Draft TR 24772-9 C++ Vulnerabilities after Meeting 61

22/02/19

N0865

Draft Minutes of Meeting 61, 20-22 February 2019

22/02/19

N0864

Updated Draft Agenda of Meeting 61, 20-22 February 2019

12/02/19

N0863

Draft TR 24772-6 SPARK Language Vulnerabilities before meeting 61

16/02/19

N0862

TR 24772-1 language independednt guidance for final editorial procesing

31/01/19

N0861

Collated comments addressed for DTR 24772-1 ballot

31/31/19

N0860

Draft TR 24772-9 C++ before meeting 61

31/01/19

N0859

Collated comments on TR 24772-3 with resolution

31/01/19

N0858

Draft Agenda of Meeting 61, 19-22 February 2019

20/12/18

N0857

Draft Agenda of Meeting 61, 19-22 February 2019

20/12/18

N0856

Draft Agenda of Meeting 60, 21 January 2019

20/12/19

N0854

TR 24772-2 Ada language vulnerabilities with minor editorial revision

17/12/18

N0853

TR 24772-1 Language indenpendent vulnerabilities with NB comments addressed

17/12/18

N0852

Comment resolution document for TR 24772-1

17/12/18

N0851

TR 24772-1 Language independent vulnerabilities revised to address NB comments and ready for ISO editing.

17/12/18

N0850

Agenda for meeting 59 ballot resolution for DTR 24772-1, -2 and -3

07/12/18

N0849

Collated comments on DTR 24772-3, SC 22 N5312 with preliminary comments from Clive Pygott

07/12/18

N0848

ISO/IEC/JTC 1/SC 22 N05310 Collated comments on DTR 24772-1 with suggested resolution

03/12/18

N0847

Collated comments on DTR 24772-2, editorial only, with proposed response

03/12/18

N0846

TR 24772-2, N0836 edited as per N0844, ready for ISO editing

03/12/18

N0845

Results of DTR Ballot for TR 24772-3 C Language vulnerabilities and collated comments

09/11/25

N0844

Results of DTR Ballot for TR 24772-2 Ada Language vulnerabilities and collated comments

09/11/25

N0843

Results of DTR Ballot for TR 24772-1 Language independent vulnerabilities and collated comments

09/11/25

N0842

TR 24772-6 Spark language vulnerabilities first draft contributed by Stephen Michell

09/11/22

N0841

minutes of meeting 58

08/11/18

N0840

TR 24772-10 C++ language vulnerabilities after meeting 58

09/11/18

N0839

TR 24772-10 C++ language vulnerabilities mid-meeting 58

08/11/18

N0838

TR 24772-10 C++ language vulnerabilities before meeting 58

07/11/18

N0837

TR 24772-3 C language vulnerabilities submitted to SC 22 for DTR ballot. NOTE - password protected, see Stephen Michell for password.

26/09/18

N0836

TR 24772 Ada vulnerabilities document submitted to SC 22 for PDTR ballot. NOTE - password protected, see Stephen Michell for password.

26/09/18

N0835

TR 24772 language independent vulnerabilities submitted to SC 22 for DTR ballot. NOTE - password protected, see Stephen Michell for password.

26/09/18

N0834

TR 24772-6 Ruby vulnerabilities draft edited by stephen michell

24/09/18

N0833

TR 24772-2 Ada vulnerabilities after review by Erhard

24/09/18

N0832

TR 24772-2 Ada for review with comments by Erhard Ploedereder

20/09/18

N0831

TR 24772-3 ready for ballot

20/09/18

N0830

TR 24772-3 C vulnerabilities reviewed by Larry Wagoner

20/09/18

N0829

TR 24772-2 C vulnerabilities reviewed by Clive Pygott

020/09/18

N0828

Agenda for meeting 58, in conjunction with SC 22/WG 21

03/09/18

N0827

TR 24772-3 Guidance to avoiding programming language vulnerabilities - Guidance for the programming language C, ready for expert review

PDF

03/09/18

N0826

TR 24772-1 Guidance to avoiding programming language vulnerabilities - Guidance for the programming language Ada, ready for expert review

PDF

03/09/18

N0825

TR 24772-2 Ada vlnerabilities submitted for review

PDF

03/09/18

N0824

TR 24772-3 C language vulnerabilities after meeting 57, possible expert review

PDF

03/09/18

N0823

TR 24772-1 General guidance after meeting 57

28/08/18

N0822

Minutes Meeting 57, 27-28 August 2018

29/08/18

N0821

TR 24772-3 C Language vulnerabilities before meeting 57, supplied by Clive Pygott, comments Stephen Michell

PDF

27/08/18

N0820

TR 24772-4 Python vulnerabilities before meeting 57, contributed by Stephen Michell

PDF

28/08/18

N0819

Meeting minutes, meeting 56, draft 2, 16 and 30 July 2018

20/08/18

N0818

Agenda Meeting 57

20/08/18

N0817

TR 24772-1 Language independent vulnerabilities before meeting 57

PDF

20/08/18

N0816

TR 24772-1 Language independent vulnerabilities as edited in meeting 57

PDF

30/07/18

N0815

TR 24772-1 Language independent vulnerabilities mid-meeting 56, comments Stephen Michell

30/07/18

N0814

TR 24772-1 Language independent vulnerabilities mid meeting 56, comments by Tullio Vardanega

PDF

29/07/18

N0813

TR 24772-4 Python guidance updated by S. Michell

28/08/18

N0812

TR 24772-1 for meeting 57 part 2

26/0 7/18

N0811

TR 24772-2 Ada Language guidance ready for ballot?

3/10/18

N0810

TR 24772-3 C Language Vulnerabilities after meeting 56

14/07/18

N0809

Meeting minutes, meeting 56 2000-2200 UTC 16 July 2018

17/07/18

N0808

Meeting agenda, meeting 56 2000-2200 UTC 16 July 2018

14/07/18

N0807

Convenors Report to SC 22, update from N0801

13/07/18

N0806

TR 24772-1 General vulnerabilities after meeting 55

20/06/18

N0805

Tr 24772-2 Ada Language vulnerabilities after meeting 55

08/06/18

N0804

TR 24772-3 C Language Vulnerabilities after meeting 55

08/06/18

N0803

VOID


N0802

TR 24772-10 C++ Language vulnerabilities after meeting 55

08/06/18

N0801

Convenors Report to JTC 1/SC 22

08/06/18

N0800

Minutes of meeting 55 June 6-8 2018

08/06/18

N0799

TR 24772-10 C++ Language vulnerabilities developed during meeting 55 day 1

06/06/18

N0798

Draft Convenors report for 2018 SC 22 plenary

05/06/18

N0797

Agenda for meeting 57 12-14 September 2016

31/05/18

N0796

Agenda for meeting 56 16 July 2018

31/05/18

N0795

TR 24772-3 C Language Guidance, before meeting 55

28/05/18

N0794

ISO-IECJTC1-SC22-WG23_N0794-minutes-mtg-54-20180514.html

14/05/18

N0793

TR 24772-1 Guidance to avoiding programming language vulnerabilities, before mtg 54

30/04/18

N0792

Meeting agenda for meeting 55, 6-8 June 2018, Rapperswil, Switzerland

30/04/18

N0791

Meeting agenda for meeting 54, 14 May 2018

30/04/18

N0790

Potential moves of advice from Part 2 to Part 1, submitted by Erhard Ploedereder

27/04/18

N0789

TR 24772-2 Ada Guidance, after mtg 53, as edited in the meeting

27/04/18

N0788

TR 24772-3 C Guidance, after mtg 53, as edited in the meeting

27/04/18

N0787

TR 24772-1 Guidance to avoiding programming language vulnerabilities, after mtg 53

27/04/18

N0786

Minutes of Meeting 53, Red Hat, Brno Czech Republic

27/04/18

N0785

TR 24772-2 Ada Guidance, before mtg 53, submitted by Erhard Ploedereder

25/04/18

N0784

TR 24772-1 Guidance to avoiding programming language vulnerabilities, before mtg 53, submitted by Erhard Ploedereder

25/04/18

N0783

TR 24772-1 Guidance to avoiding programming language vulnerabilities, before mtg 53, submitted by Stephen Michell

24/04/18

N0782

TR 24772-3 C language guidance before mtg 53 with comments and indexes submitted by Stephen Michell

23/04/18

N0781

Agenda for meeting 53, Brno, Czech Republic 26-27 April 2018

01/04/18

N0780

TR 24772-2 Ada language guidance before meeting 53 submitted by WG 9

12/03/18

N0779

TR 24772-3 C language guidance before meeting 53 submitted by Clive Pygott

22/03/18

N0778

TR 24772-1 General language guidance before meeting 53

13/02/18

N0777

TR 24772-3 C language guidance after meeting 52 with comments by Stephen Michell

07/02/18

N0776

TR 24772-1 General language guidance after meeting 52

24/01/18

N0775

TR 24772-3 C language specific guidance after meeting 52

24/01/19

N0774

Possible IS 24772 as a standard, clause 5 submitted by Larry Wagoner

24/01/18

N0773

Minutes of meeting 52, Scottsdale AZ 22-23 January 2018

23/01/18

N0772

TR 24772-2 Ada Part before meeting 52 submitted by WG 9

22/01/18

N0771

TR 24772-1 Before meeting 52 contributed by Stephen Michell

22/01/18

N0770

N0768 (TR 24772-3 for meeting 52) commented by Stephen Michell

04/01/18

N0769

Agenda draft 2 for Meeting 52, Scottsdale, AZ

01/01/18

N0768

TR 24772-3 C reworked by Clive Pygott for meeting 52, change tracked

31/12/17

N0767

TR 24772-3 C reworked by Clive Pygott for meeting 52

19/12/17

N0766

Draft liaison statement to WG 21 from pre-meeting 52 telecon

21 Nov 2017

N0765

Minutes of pre-meeting Webex 20 Nov 2017

21 Nov 2017

N0764

TR 24772-3 C Language Vulnerabilities with changes to reflect WG 14 conderns

PDF

20 November 2017

N0763

Agenda - Pre-meeting 52 Telecon

20 November 2017

N0762

TR 24772-4 Python Vulnerabilities with expert contribution

PDF

18/11/17

N0761

Possible liaison agreement with WG 21/SG 12

18 November 2017

N0760

TR 24772-1 Programming Language Vulnerabilities, Part 1 after meeting 51

PDF

18/11/17

N0759

Minutes of meeting 52, held jointly with WG 21/SG 12, November 7-8 2017, Albuquerque, NM

2017-11-08

N0758

TR 24772-9 C++ Vulnerabilities following Meeting 51/WG 21 SG 12 meeting

PDF

8 Nov 2017

N0757

Draft Agenda for Meeting 51, 7-8 November 2017

6 November 2017

N0756

Updated field experience with Annex K, from WG 14

3 November 2017

N0755

Discussions on TR 24772-3 (WG 23 N0740) at WG 14 Meeting

PDF

3 November 2017

N0754

TR 24772-4 Python Vulnerabilies-with-help-from-Python-community

PDF

3 November 2017

N0753

Draft Agenda for Meeting 52, 22-23 January 2018

17 October 2017

N0752

Meeting minutes of pre-meeting 51 WebEx, held 16 October 2017

17 October 2017

N0751

TR24772-1 after pre-meeting 51 webex, inclusion of N0750

PDF

16 October 2017

N0750

Format string vulnerability rewrite updated at pre-meeting 51 WebEx, to be included in TR 24772-1

PDF

16 October 2017

N0749

TR 24772-4 Python vulnerabilities (N0747) updated at pre-meeting 51 WebEx

PDF

16 October 2016

N0748

C++ Programming language vulnerabilities submitted to WG 21 by Stephen Michell, Michael Wong and Chris Szalwinski

15 October 2017

N0747

Format string vulnerability rewrite reworked by Stephen Michell

PDF

13 October 2017

N0746

Format string vulnerability rewrite submitted by Clive Pygott

PDF

27 September 2017

N0745

TR24772-4 Python Vulnerabilities with comments from Nick Coghlan

PDF

27 September 2017

N0744

Draft of possible C++ Part 9 with updates from Canadian subgroup

PDF

11 September 2017

N0743

Draft Agenda of Meeting 51, 6-7 Nov 2017

20 Aug 2017

N0742

TR 24772-1 Programming Language Vulnerabilities after meeting 50 with "constantness" Vulnerability added

PDF

20 Aug 2017

N0741

TR 24772-9 C++ after meeting 50, with sample vulnerability writeup in clause 6.5

PDF

17 August 2017

N0740

TR 24772-3 C Language Specific Vulnerabilities draft after meeting 50

PDF

11 September 2017

N0739

Minutes of meeting 50, BSI London, UK, 16-17 Aug 2017

20 Aug 2017

N0738

TR 24772-3 C with updates submitted by Clive Pygott before meeting 50

PDF

16 August 2017

0737

New const vulnerability submitted by Erhard Ploedereder

PDF

8 August 2017

N0736

TR 24772-3 C specific vulnerabilities, contributed before meeting 50 by Clive Pygott

PDF

9 August 2017

N0735

Initial format of a standard for 24772 clause 5 material, contributed by Larry Wagoner

PDF

7 August 2017

N0734

Proposed rewrite of format string vulnerability from Clive Pygott

PDF

25 July 2017

N0733

Ada guidance statements after pre-meeting 50 electronic meeting

PDF

17 July 2017

N0732

Minutes of pre-meeting 50 electronic meeting held 17 July 2017

17 July 2017

N0731

Ada guidance from N0621 at pre-meeting 50 electronic meeting

PDF

17 July 2017

N0730

Report from SC 22/WG 21 C++ meeting held 13 July 2017

PDF

N0729

Presentation to SC 22/WG 21 C++ on programming language vulnerabilities

PDF

13 July 2017

N0728

TR 24772-1 draft after meeting 49

PDF

11 July 2017

N0727

Over arching language designer advice from TR 24772-1, after meeting 49

PDF

19 June 2017

N0726

Top 10 Ada guidance statements from TR 24772-2 after meeting 49

PDF

19 June 2017

N0725

TR 24772-2 Ada as submitted by WG 9 following their June meeting with outstanding writeups

PDF

19 June 2017

N0724

Aggregated Language Designers advice from TR 24772-1 parts 6.X.6

PDF

19 June 2017

N0723

Rewrite of clause 6.22 to satisfy AI 45-10

PDF

19 June 2017

N0722

WG 23 Convenor's report to SC 22 plenary

PDF

19 June 2017

N0721

Potential vulnearbility writeup on const casting submitted by Clive Pygott

PDF


N0720

TR t4772-1 Programming Language Vulnerabilities before meeting 49 with fixes to indexing plus some guidance improvements

PDF


N0719

Agenda for Meeting 50 16-17 Aug 2017


N0718

Draft Convenor's report to SC 22 2017 Plenary

13 Jun 2017

N0717

CANCELLED


N0716

Minutes of meeting 49, Vienna Austria, 19-20 June 2017

20 June 2017

N0715

TR 24772-3 Vulnerabilities in C after Pre-meeting 49 electronic meeting

PDF

15 May 2017

N0714

Minutes of Pre-Meeting 49 Electronic meeting held 15 May 2017

15 May 2017

N0713

TR 24772-3 after meeting 48, submitted by Clive Pygott

4 May 2017

N0712

Agenda for pre-meeting 49 Webex 15 May 2017

27 April 2017

N0711

Agenda for SC22 WG23 Meeting 49, 19-20 June 2017

27 Apr 2017

N0710

TR 24772-3 C-spefific language vulnerabilities posted at end of pre-meeting 48

PDF

7 April 2017

N0709

TR 24772-1 Vulnerabilities document Part 1 after meeting 48

PDF

7 April 2017

N0708

Proposed Ada top-10 avoidance mechanisms after meeting 48

PDF

7 April 2017

N0707

TR 24772-9 C++-specific language vulnerabilities dicussed at meeting 48

PDF

7 April 2017

N0706

Updated general coding rules to avoid vulnerabilities discussed at meeting 48

PDF

7 April 2017

N0705

General coding rules to avoid vulnerabilities submitted by Larry Wagoner to meeting 48

PDF

6 April 2017

N0704

Minutes of meeting 48

7 April 2017

N0703

TR 24772-8 Draft Fortran language specific vulnerabilities before meeting 48

PDF

10 March 2017

N0702

TR 24772-8 Draft Python language specific vulnerabilities before meeting 48

PDF

10 March 2017

N0701

TR 24772-1 after pre-meeting 48 WebEx, with clause 7 renumbered as proposed in N0699

PDF

6/03/2017

N700

Meeting Minutes of pre-meeting 48 WebEx

6/03/2017

N0699

Section 7 Classification Scheme contributed by Erhard Ploedereder

5/03/2017

N0698

Agenda for Pre-meeting 48 WebEx 6 March 2017

28/02/2017

N0697

Agenda and support files for Meeting 48, Toronto, Canada, 6-7 April 2017

3/03/2017

N0696

Rework of REU following post-meeting 47 Teleconference

15/02/2017

N0965

Minutes of Post meeting 47 Teleconference, 13/02/2017

15/02/2017

N0694

Updated minutes of meeting 47

12/02/2017

N0693

Revised agenda for post-meeting 47 WebEx 13 February 2017

9/02/2017

N0692

Agenda for Post meeting 47 WebEx 13 February 2017 - DELETED, replaced by N0693

9/02/2017

N0691

TR24772-9 C++ specific annex first draft contributed by Clive Pygott

PDF

8/02/2017

N0690

Rewrite of REU Fault Tolerance and Failure Strategies from Erhard and reviewed at meeting 47

PDF

25/01/2017

N0689

TR24772-1 Vulnerabilities Part 1 after review at meeting 47

PDF

25/01/2017

N0688

TR24772-3 C Vulnerabilities document adding concurrency after review in meeting 47

PDF

25/01/2017

N0687

Minutes of Meeting 47

24/01/2017

N0686

TR 24772-3 C Specific Annex after Meeting 46 with Concurrency edits, comments by Stephen Michell and edits by David Keaton

PDF

21/01/2017

N0685

Rewrite of REU Fault Tolerance submitted by Erhard Ploedereder

PDF

21/07/2017

N0684

TR 24772-1 edited after pre meeting 47 telecom

PDF

01/08/16

N0683

TR 24772-3 C Specific Language Vulnerabilities with Concurrency, comments by Stephen Michell

PDF

19 December 2016

N0682

TR 24772-3 C Specific Language Vulnerabilities with Concurrency, submitted by David Keaton

PDF

19 December 2016

N0681

TR24772-2 Ada Specific Guidance submitted by Joyce Tokar following WG 9 rewrite and review

29 Oct 2016

N0680

Agenda for Meeting 47 (ZIP File)

17 Dec 2016

N0679

Activity report for WG 23 given to SC 22 Secretartiat for reporting to JTC 1 plenary

PDF

01/08/16

N0678

WG 23 presenation given to University of Vienna on 12 Sep 2016

PDF

01/08/16



N0677

TR 24772-1 edited after meeting 46

PDF

01/08/16

N0676

TR 24772-3 C Guidelines as edited in meeting 46

PDF

01/08/16

N0675

TR 24772-1 as edited in meeting 46 (With all change tracking from previous meetings removed)

PDF

01/08/16

N0674

Draft Minutes of Meeting 46 14-15 September 2016

01/08/16

N0673

TR 24772-1 reworked after pre-meeting 46 WebEx with clause 37 rework incorporated. This document has all previous change tracking removed.

PDF

01/08/16

N0672

Update of TR 24772-3 Programming Language C submitted by Clive Pygott

PDF

01/08/16

N0671

Draft Minutes of Meeting 46 15-16 September 2016

01/08/16

N0670

Rewrite of Clause 6.37 Fault Tolerance with group comments

PDF

01/08/16

N0669

Rewrite of Clause 6.37 Fault Tolerance submitted by Erhard Ploedereder>

PDF

01/08/16

N0668

Draft agenda pre-meeting 46 electronic meeting, 15 August 2016 2000-2200 UTC

01/08/16

N0667

Draft Agenda Meeting 46, with local arrangements documents (ZIP file) 15-16 September 2016, Austrian Standards, Vienna Austria

01/07/16

N0666

Cross Reference JSF Coding Rules and TR24772-1 after meeting 45

PDF

16/6/2016

N0665

TR 24772-3 Guidance document for language C after meeting 45

PDF

15/6/2016

N0664

TR 24772-1 Guidance (language independent) document after meeting 45

PDF

15/6/2016

N0663

Draft Minutes Meeting 45

14/6/2016

N0662

Clause seven reorganization proposal contributed by E Ploedereder

PDF

13/6/2016

N0661

Liaison report to SC 22/WG 9 contributed by E. Ploedereder

PDF

13/6/2016

N0660

Cross Index of JSF Rules and TR24772 contributedd by L Wagoner

PDF

20/5/2016

N0659

Convenor's report to SC 22 plenary 14-15 September 2016

PDF

17/5/2016

N0658

TR24772-1 after pre-meeting webex for meeting 45

PDF

17/5/2016

N0657

Time Vulnerabilities after pre-meeting 25 Telecom

PDF

16/5/2016

N0656

A Mapping from the New Vulnerabilities to CERT Secure Coding Rules

PDF

16/5/2016

N0655

Draft minutes of Meeting 45 16 April 2016

16/4/2016

N0654

Time Vulnerabilities updated by Erhard Ploedereder

PDF

16/5/2016

N0653

VOID


N0652

Draft Agenda and meeting support for Meeting 45, Pisa, Italy 14-15 June 2016

16/4/2016

N0651

Draft Convenor's Report for JTC 1/SC 22 Plenary 2016

PDF

16/4/2016

N0650

TR 24772-1 Programming Language Vulnerabilities Part 1 after meeting 44

PDF

16/4/2016

N0649

TR 24772-3 C Part after meeting 44

PDF

15/4/2016

N0648

Draft Minutes for meeting 44 - revised

16/4/2016

N0647

Draft Agenda for meeting 44 - revised

14/4/2016

N0646

Time Vulnerabilities after meeting with IRTAW 18 submitted by Stephen Michell

PDF

14/4/2016

N0645

TR24772-1 General Vulnerability Descriptions after ISO Training

PDF

15/3/2016

N0644

TR24772-1 General Vulnerability Descriptions after meeting 43

PDF

7/3/16

N0643

TR24772-3 C draft after meeting 43 and for submission to WG 14 for consideration

PDF

7/3/16

N0642

Draft minutes of meeting 43

7/3/16

N0641

TR24772-8 Fortran Draft before meeting 43

PDF

7/3/16

N0640

TR24772-3 before meeting 43 with CHP action items additions, submitted by Clive Pygott

PDF

15/02/16

N0639

TR24772-1 before meeting 43 with top 20 submitted by Stephen Michell

PDF

06/03/16

N0638

TR 24772-1 after meeting 42 with top 20 included

PDF

8 FEnruary 2016

N0637

Complete set of guidance to avoiding vulnerabilities after meeting 42

PDF

8 February 2016

N0636

Minutes of Meeting 42 (draft) - 8 February 2016

8 February 2016

N0635

Agenda Meeting 43 (draft) - 7 March 2016

8 February 2015

N0634

Time Vulnerability paper submitted to IRTAW 18 by Stephen Michell

4/02/16

N0633

Meeting agenda for Meeting 42 Teleconference

8 February 2016

N0632

Python guidance to avoiding programming language vulnerabilities contributed by Larry Wagoner

PDF

19/01/16

N0631

Clause 5 top N avoidance guideline references to vulnerabilities, submitted by Clive Pygott

PDF

03/02/16

N0630

OO vulnerability references in MISRA contributed by Clive Pygott

PDF

19/01/16

N0629

Aggregated guidance rules to avoid vulnerabilities contributed by Larry Wagoner

PDF

19/01/16

N0628

Spark guidance to avoiding programming language vulnerabilities contributed by Larry Wagoner

PDF

19/01/16

N0627

Ruby guidance to avoiding programming language vulnerabilities contributed by Larry Wagoner

PDF

19/01/16

N0626

PHP guidance to avoiding programming language vulnerabilities contributed by Larry Wagoner

PDF

19/01/16

N0625

Fortran guidance to avoiding programming language vulnerabilities contributed by Larry Wagoner

PDF

19/01/16

N0624

C guidance to avoiding programming language vulnerabilities from N0604 contributed by Larry Wagoner

PDF

19/01/16

N0623

Top N Ada guidance to avoiding programming language vulnerabilities from N0621 contributed by Larry Wagoner

PDF

19/01/16

N0622

TR 24772-3 C language specific vulnerabilities, after meeting 41 with 4 new vulnerabilities, submitted by Stephen Michell

PDF

15/01/16

N0621

Ada top 10 guidance for TR 24772-2, edited version of N0620

PDF

13/01/16

N0620

Ada top 10 guidance for TR 24772-2, submitted by Larry Wagoner

PDF

<12/01/16

N0619

TR 24772-1 replacement for N0618 with Links in Top 10 avoidance mechanisms

PDF


N0618

TR 24772-1 Vulnerabilities main document after meeting 41

PDF

12/1/16

N0617

TR 24772-3 Programming Language C after meeting 41

PDF

12/1/16

N0616

ISO / IEC/JTC1/SC22/WG23 N0616 JSF AV Analysis from Erhard

PDF

10/1/16

N0615

Liskov substitution rule vulnerability submitted by Erhard Ploedereder

PDF

9/1/16

N0614

New OO vulnerabilities submitted by Erhard Ploedereder

PDF

9/1/16

N0613

Clause 3.39 rewrite submitted by Erhard Ploedereder

PDF

9/1/16

N0612

Draft of TR 24772-3 (N0609) before meeting 41 including top 10 avoidance mechanisms Contributed by Stephen Michell

PDF

9/1/16

N0611

Draft of TR 24772-1 before-meeting 41 including top 10 avoidance mechanisms contributed by Stephen Michell

PDF

9/1/16

N0610

Draft Meeting Minutes of Meeting 41 11-12 January 2016

12/1/16

N0609

TR 24772-3 Guidance to avoiding programming language vulnerabilities: Part 3 C submitted by David Keaton

PDF

7/1/16

N0608

IS 17960 Code Signing encrypted zip file

15/12/15

N0607

Draft agenda for meeting 44 15-16 April 2016

23/11/15

N0606

TR24772-1 Avoiding Programming Language Vulnerabilities after meeting 40

PDF

23/11/15

N0605

Section 6.39 Memory Leaks [REU] rewrite submitted by Erhard Ploedereder, incorporated in N0606
PDF

23/11/15

N0604

Possible Top ten vulnerability avoidance strategies in programming languages after mtg 40
PDF

23/11/15

N0603

Possible Top ten vulnerability avoidance strategies in programming languages after mtg 40
PDF

23/11/15

N0602

Draft minutes for meeting 40 23 November 2015

20/11/15

N0601

Draft agenda for meeting 41 11 January 2016

20/11/15

N0600

Possible Top n vulnerability avoidance strategies in C, contributed by Larry Wagner
PDF

19/11/15

N0599

Possible Top n vulnerability avoidance strategies, contributed by Larry Wagner
PDF

19/11/15

N0598

Possible Top n vulnerability avoidance strategies, contributed by Larry Wagner

PDF

18/09/15

N0597

AI 38-09 contributed by Clive Pygott

21/10/15

N0596

AI 38-08 submitted by Clive Pygott

21/10/15

N0595

Top Dozen coding advice for C language contributed by Larry Wagoner PDF

21/10/15

N0594

Draft agenda for meeting 40 23 November 2015

21/10/15

N0593

C Language specific Part updates from David Keaton for meeting 39 PDF

21/10/15

N0592

Python Part updates submitted by Santiago for Meeting 39 PDF

21/10/15

N0591

Draft Minutes of Meeting 39

21/10/15

N0590

TR2477-1 Avoiding Programming Language Vulnerabilities after meeting 39

21/10/15

N0589

C Language-specific Part before meeting 39 PDF

21/10/15

N0588

Final Agenda Meeting 39 21 October 2015

21/10/15

N0587

New vulnerability proposal from Clive Pygott from JSF AV 138

18/10/15

N0586

TR24772-3 Python Language specific Annex after meeting 38 (update of N0558) PDF

18/09/15

N0585

Agenda for Meeting 39 21 October 2015

21/09/15

N0584

TR24772-3 C Language specific Annex after meeting 38 (update of N0566) PDF

19/09/15

N0583

TR24772-1 draft after Meeting 38 (update of N0578) PDF

18/09/15

N0582

Outline for C++ language specific vulnerability annex, as of 13 Aug 2015.

17/09/15

N0581

Minutes of Meeting 38 17-18 September 2015

18/09/15

N0580

TR24772-3 draft before meeting 38 (update of N0566)

15/09/16

N0579

Updated agenda (V3) for meeting 38.

15/09/15

N0578

TR24772-1 draft before meeting 38 with edits for JSF and harmonizing with TR24772-3.

13/09/15

N0577

Disposition of comments on FDIS 17960

03/08/15

N0576

Response to SC 27 WG 3 re comments on FDIS 17960

03/08/15

N0575

Draft IS 17960 after FDIS ballot and corrections

03/08/15

N0574

Meeting Minutes of Meeting 37

03/08/15

N0573

Results of voting for FDIS 17960

03/08/15

N0572

SC 27 N15245 WG 3 recommendation to SC 27

30/07/15

N0571

SC 27 WG 3 N1191 Liaison Statement to WG 23

30/07/15

N0570

NIL

30/07/15

N0569

Draft agenda for meeting 38, 17-18 September 2015, Washington, DC

19/07/15

N0568

Draft agenda for meeting 37, teleconference

19/07/15

N0567

Local arrangements for Meeting 38, 17-18 September 2015, Washington, DC

19/07/15

N0566

TR24772-3 Language Guidance for C initial draft submitted by Clive Pygott

03/07/17

N0565

TR24772-1 draft after meeting 36 with edits for JSF

28/06/15

N0564

TR24772 cross reference JSF rules after meeting 36

28/06/15

N0563

Outline for C++ language specific vulnerability annex, as edited at meeting 36.

28/06/15

N0562

Advice to editors following Meeting 36 now posted as SD 0005

28/06/15

N0561

Draft of TR 24772-1 after meeting 36

28/06/15

N0560

Draft of TR 24772-8 Fortran following meeting 36

28/06/15

N0559

Minutes of meeting 36 held 26-27 June 2015

28/06/15

N0558

Draft 2 of TR 24772-4 Python

25/06/15

N0557

VOID

27/06/15

N0556

Draft of TR 24772-8 Fortran before meeting

25/06/15

N0555

Advice to editors for consideration at Meeting 36

19/06/15

N0554

Draft of TR 24772-3 C before meeting 36

06/06/15

N0553

Convenors report sent to JTC 1/SC 22 for September plenary

09/06/15

N0552

Outline for C++ language specific vulnerability annex, contributed by Clive Pygott

03/06/15

N0551

Cross Reference JSF rules to TR 24772-1, with comments from Stephen Michell

PDF

30/05/15

N0550

Agenda for Meeting 36

30/05/15

N0549

Draft of TR 24772-2 after meeting 35

26/05/15

N0548

Draft of TR 24772-1 after meeting 35

26/05/15

N0547

Draft Convenors report 2015 after meeting 35

26/05/15

N0546

JTC 1/SC 22/WG 23 Meeting 35 Minutes 26 May 2015

26/05/15

N0545

Invitation from NB India to SC 27 and liaisons to 51st meeting of SC 27 at Jaipur, India 26-30 Oct 2015

26/05/15

N0544

Comments from SC 27/WG 3 on ISO IEC FDIS N17960 for consideration at next revision

26/05/15

N0543

Liaison Statement from SC 27/WG 3 to SC 22/WG 23, SC 27/WG 3 document N1191

26/05/15

N0542

Resolutions from the SC 27/WG 3 meeting in Kuching, Malasia May 4-6 2015 SC27 N15245

26/05/15

N0541

First draft of TR 24772-4 Python language specific vulnerabilities contributed by Santiago Urueña Pascual

26/05/15

N0540

Cross reference TR24772-1 with JSF coding rules, updated by Stephen Michell

25/05/15

N0539

Final Agenda for Meeting 35, 26 May 2015

25/05/15

N0538

Draft TR24772-2 Ada for review at meeting 35

22/05/15

N0537

Draft TR24772-1 for review at meeting 35

22/05/15

N0536

Advice to Editors of Annexes, submitted by Erhard Ploedereder for Meeting 35

22/05/15

N0535

Draft 3 Convenors Report with changes from Erhard Ploedereder

20/05/15

N0534

Draft of Convenors report for Meeting 35

17/05/15

N0533

Draft Agenda Meeting 36, 26-27 June 2015

Apr 30, 15

N0532

Draft Agenda Meeting 35 25 May 2015

Apr 30, 15

N0531

Draft Agenda Meeting 34 (Cancelled)

Apr 2, 15

N0530

Draft Minutes of Meeting 33

Apr 1, 15

N0529

Draft Convenors report, with updates from Erhard Ploedereder

Mar 30, 15

N0528

Cross reference TR24772-1 with JSF coding rules

30 March 2015

N0527

Draft of TR24772-1 with all comments included and proposed numbering change

21 March 2015

N0526

Draft of TR24772-2 Ada for meeting 33

15 March 2015

N0525

Draft Agenda Mtg 33 30 Mar 2015

15 Mar 2015

N0524

TR 24772-1 with all section updates submitted for meeting 33

13 Mar 2015

N0523

TR 24772 Rework spreadsheet following Meeting 32

23 Feb 2015

N0522

Draft edits on TR 24772 V3

23 Feb 2015

N0521

Draft edits on TR 24772-3 made at meeting 32

23 Feb 2015

N0520

Meeting Minutes (Draft) mtg 32

23 Feb 2015

N0519

TR 24772 Rework spreadsheet before Meeting 32

22 Feb 2015

N0518

TR 24772-1 Draft document with edits by EP, SM, SU and CP

22 Feb 2015

N0517

Meeting minutes mtg 31 - 27 January 2015 - updated 22 February 2015

22 Feb 2015

N0516

Draft edits on TR 24772 V3 submitted by Clive Pygott

22 Feb 2015

N0515

Draft edits on TR 24772 V3 submitted by Santiago Uruena Pascual

20 Feb 2015

N0514

Draft edits on TR 24772 V3 submitted by Stephen Michell

17 Feb 2015

N0513

Draft edits on TR 24772 V3 submitted by Erhard Ploedereder

15 Feb 2015

N0512

Draft convenors report to SC 22 plenary September 2015

17 February 2015

N0511

Draft Agenda Meeting 32, 23 February 2015

26 January 2015

N0510

Proposal for TR24772 as a multipart document.doc

17 Feb 2015

N0509

TR 24772 V3 rework spreadsheet as reviewed and modified in meeting 31 2015-01-27

27 Jan 2015

N0508

Ada 2012 changes for TR24772 annex C from taft 2015-01

26 Jan 2015

N0507

Removed on request of submitter

26 Jan 2015

N0506

Meeting Minutes Meeting 31 26-27 January 2015

27 Jan 2015

N0505

FDIS 17960 submitted to secretary

26 Jan 2015

N0504

Disposition of comments for DIS 17960 Code Signing

26 Jan 2015

N0503

Comparison of TR24772 V3 and Ada annex for TR V2 from Erhard Ploedereder

25 Jan 2015

N0502

TR 24772 V3 rework Spreadsheet from S. Michell 22 Jan 2015

22Jan2015

N0501

Draft agenda for meeting 31, Houston, Texas 26-27 Jan 2015

9 Jan 2015

N0500

Disposition of comments on DIS 17960

10 Nov 2014

N0499

Minutes of Meeting 30 held 10 November 2014.

10 Nov 2014

N0498

Draft agenda for meeting 30 (teleconference) 10 November 2014.

1 Nov 2014

N0497

Consolidated Comments on DIS 17960 Source Code Signing in Excel format.

24 Oct 2014

N0496

Presentation to SC 27/WG 3 and 4 on WG 23 activities Given by Stephen Michell and Tatsuaki Takebe as part of liaison activity

21/10/14

N0495

Collated comments on DIS 17960 Source Code Signing

21/10/14

N0494

Summary of voting on DIS 17960 Source Code Signing

21/10/14

N0493

Minutes of Meeting 29 (Draft)

21/10/14


N0492

Updated Action Item Log

21/10/14

N0491

Draft agenda for meeting 29 on 10 October 2014 contributed by convenor.

21/09/14

N0490

Draft revised convenors report for comment at meeting 29 submitted by convenor.

21/09/14

N0489

Log of all action items kept as standing document on old web site as of September 2014.

21/09/14

N0488

SC 22 plenary meeting report including resolutions submitted by SC 22 secretary

03/10/14

N0487

US letter relinquishing convenorship of WG 23

15/09/14

N0486

Convenors proposed report v7 submitted by Tom Plum

08/08/14

N0485

Spreadsheet capturing work needed for the revision of TR24772 for version 3 - 21 Aug 2014 version

21/08/14

N0484

Draft Minutes of meeting 28

07/08/14

N0483

Convenors proposed report v5 submitted by Tom Plum

07/08/14

N0482

Convenors proposed report v3 submitted by Tom Plum

07/08/14

N0481

Spreadsheet capturing work needed for the revision of TR24772 for version 3 - 23 July 2014 version

23/07/14

N0480

Spreadsheet capturing work needed for the revision of TR24772 for version 3 - 20 July 2014 version

20/07/14

N0479

Spreadsheet capturing work needed for the revision of TR24772 for version 3 18 July 2014 version

18/07/14

N0478

Preliminary agenda for Meeting 28 (teleconferences)

07/08/14

N0477

Canadian contributions to SC 22 plenary on SC 22 processes and nominating SMichell as convenor of WG 23

07/08/14

N0476

Draft Agenda for SC 22 Plenary in Madrid Spain 8-9 Sep 2014

04/06/14

N0475

Withdrawal of ballot on the disbandment of WG 23.

21/04/14

N0474

Communication from the JTC 1 Chair and Secretariat on requirement for WG's to operate exclusively with technical experts.

21/04/14

N0473

US Request for ballot to disband WG 23, and SC 22 ballot on same.

31/03/14

N0472

Appointment of Tom Plum as Acting Convenor of ISO/IEC/JTC 1/SC 22/WG 23 Programming Language Vulnerabilities

19/02/14

N0471

US Endorsement of Tom Plum for Convenor of ISO/IEC/JTC 1/SC 22/WG 23 Programming Language Vulnerabilities

11/02/14

N0470

DIS Ballot document for IS 17960

18/04/14

N0469

Summary of voting for CD 2 of 17960, [pdf]

2013-10-10

N0468

Postponement of SC 22/WG 23 Teleconference

2013-09-23

N0467

Disposition of Comments on CD17960 [doc, pdf]

2013-09-23

N0466

Meeting Record: Meeting #27, 19-20 September 2013 [html]

2013-08-14

N0465

Resolution of Japanese comments for 17969 CD ballot [pdf]

2013-08-14

N0464

Resolution of UK comments for 17969 CD ballot [pdf]

2013-08-14

N0463

Committee Working Draft of IS 17960 [pdf]

2013-08-14

N0462

Agenda: Meeting #27 on Programming Language Vulnerabilities, September 2013 [html]

2013-08-14

N0461

Working draft of third revision of TR 24772 August 2013 [pdf]

2013-07-21

N0460

Business Plan and Convener's Report [for forthcoming SC 22 plenary], contributed by convener [pdf]

2013-06-28

N0459

Preliminary agenda, Meeting #27 [html]

2013-06-11

N0458

Recommendations from section 6.x.5, contributed by Larry Wagoner [doc, pdf]

2013-06-11

N0457

Comments on N0454, contributed by Clive Pygott [pdf]

2013-06-11

N0456

Draft minutes, Meeting #26 [html]

2013-06-03

N0455

Editor's report for 17960, Code Signing for Source Code [pdf]

2013-06-03

N0454

Committee draft of 17960, Code Signing for Source Code [pdf]

2013-06-03

N0453

Baseline working draft for preparation of Edition 3 of TR 24772 [pdf], contributed by the editor

2013-05-24

N0452

Revision of SC 22 N 4805 Logistical Information SC 22 Plenary 2013, contributed by WG23 convener [pdf]

2013-05-02

N0451

Preliminary Agenda, Meeting #25 of WG23, 13-15 June 2013, Berlin [html]

2013-05-02

N0450

Working draft, TR 24772, edition 3 [pdf]

2013-05-02

N0449

Representation issues in file transfers, UK contribution [pdf]. See N0447

2013-04-10

N0448

JISC Comments on CD 17960 [pdf]

2013-04-10

N0447

UK Comments on CD 17960 [pdf]. Also see N0449

2013-04-10

N0446

Ballot Results for CD 17960 [pdf]

2013-03-18

N0445

Updated guidelines for publicity, contributed by convener [pdf]

2013-03-18

N0444

Use of unchecked data from an uncontrolled or tainted source, contributed by convener [doc, pdf]

2013-03-18

N0443

Guidelines for publicity, contributed by convener [pdf]

2013-03-18

N0442

Fortran language annex [pdf]

2013-03-18

N0441

Draft minutes, Meeting #25, contributed by convener [html]

2013-03-04

N0440

Vulnerabilites Analysis by Matt Bishop, contributed by convener [pdf]

2013-03-04

N0439

Fundamental Vulnerabilities by Larry Wagoner, contributed by Larry Wagoner [pdf]

2013-03-04

N0438

Proposed new vulnerability on tainted sources, contributed by Clive Pygott [pdf]

2013-02-18

N0437

Logistics information for the WG23 meeting, 6/8-10/2013, Berlin [pdf]

2013-03-18

N0436

ISO/IEC TR 24772, Edition 2, as submitted to ITTF for publication [zip]. (This is an encrypted file. Contact the convener for the password if needed.) The published 24772, Edition 2 is freely available here.

2013-01-31

N0435

Preliminary Agenda: Meeting #25, 13-15 March 2013 [html]

2013-01-17

N0434

CD Ballot draft, 17960, Information Technology-Programming languages, their environments and system software interfaces-Code Signing for Source Code [pdf]

2012-12-17

N0433

Revision of proposed new vulnerabilities, Replaces N0429

2012-12-13

N0432

Draft Minutes, Meeting #24, 12-14 December 2012 [html]

2012-11-19

N0431

Revised working draft of 17960, Code Signing for Source Code, contributed by convener [pdf]

2012-10-18

N0430

Preliminary Agenda: Meeting #24,12-14 December 2012 [html]

2012-10-18

N0429

Proposed New Vulnerabilities, replaced by N0433

2012-09-29

N0428

Balloting results of PDTR2 of 24772 2nd edition [pdf]

2012-10-04

N0427

DTR ballot draft of 24772 2nd edition [pdf]

2012-09-29

N0426

Comments on TR24772, contributed by Tatsuaki Takebe [pdf]

2012-09-15

N0425

Resolutions of comments for [N0416] (informal UK comments) [xlsx]

2012-09-15

N0424

Comments on CA-02 of [N0418], Steve Michell [html]

2012-09-15

N0423

Correspondence with Kevin Coyne on UK comments on Python Annex [pdf]

2012-09-15

N0422

Comments on [N0417], Clive Pygott [pdf]

2012-09-15

N0421

Resolutions of comments for PDTR 24772.2 [pdf]

2012-09-15

N0420

Draft minutes for meeting #23 [html]

2012-09-15

N0419

CWE SANS 25 compared to PDTR 24772.2, Tatsuaki Takebe [pdf]

2012-09-12

N0418

Comments informally received from Canada on [N0410], [doc]

2012-09-12

N0417

Comments informally received from Japan on [N0410], [doc]

2012-08-27

N0416

Comments informally received from UK on [N0410], contributed by Pygott [xlsx]

2012-07-28

N0415

Agenda, Meeting #23, 12-14 September 2012, Geneva, Switzerland, contributed by convener [html]

2012-07-28

N0414

Business Plan and Convener's Report [for forthcoming SC 22 plenary], contributed by convener [pdf]

2012-07-18

N0413

Logistics for WG 23 meeting #25, contributed by the convener [html]

2012-07-09

N0412

Corrected disposition of comments on PDTR 24772, contributed by secretary replaces N0403

2012-07-09

N0411

Proposed annex for PHP language, contributed by Kevin Coyne, replaces N0407

2012-07-09

N0410

PDTR-2 draft of 24772, Edition 2, replaces N0389

2012-07-09

N0409

PDTR-2 draft of 24772, Edition 2 with change bars, replaces N0388

2012-06-22

N0408

Proposal to merge XZI and FLC, contributed by Plum, Benito and Keaton [docx, pdf]

2012-06-21

N0407

Proposed Annex for PHP Language, marked up by Meeting 22, replaced by N0411

2012-06-22

N0406

Reserved for Python Clarifications and Edits v03, contributed by Kevin Coyne [docx, pdf]

2012-06-21

N0405

Python Clarifications and Edits v00, contributed by Kevin Coyne [docx, pdf]

2012-06-22

N0404

Cancelled

2012-06-22

N0403

Disposition of comments on PDTR 24772, replaces N0397, replaced by N0412, Cancelled

2012-06-20

N0402

Comments on PDTR, contributed by Takabe-san [doc, pdf]

2012-06-22

N0401

Minutes, Meeting 22, 20-22 June 2012, Stuttgart,]

2012-06-18

N0400

Agenda, Meeting 22, 20-22 June 2012, Stuttgart, replaces N0375

2012-05-30

N0399

Revised Working draft 17960, Code Signing for Source Code,rerplaces N0394

2012-05-20

N0398

Draft of possible PHP annex, replaces N0393

2012-04-28

N0397

Results of Balloting on PDTR 24772 (N0389): Collated comments, replaced by N0403

2012-04-26

N0396

Result of Voting on SC 22 N 4704 (see N0389), ISO/IEC PDTR 24772

2012-04-04

N0395

Logistics, Meeting 23, 12-14 September 2012, Geneva, Switzerland, colocated with SC 22 plenary: all information [pdf]; general information [docx]; booking form for Hotel Manotel Royale [docx, pdf]; booking form for Hotel Warwic

2012-04-03

N0394

Meeting 21 Markup of Working draft 17960, Code Signing for Source Code, replaces N0390, replaced by N0399

2012-03-28

N0393

Proposed Annex for PHP Language, replaced by N0398

2012-04-03

N0392

Minutes: Meeting 21, 28 - 30 March 2012, Ottawa, Canada [html]

2012-03-20

N0391

[Corrected] Results of Voting on SC 22 N 4968 (WG23 N0379), New Work Item Proposal on ... Code Signing for Source Code (SC22 N4719), contributed by SC 22 Secretariat [pdf]

2012-03-19

N0390

Working draft 17960, Code Signing for Source Code, see N0379, replaced by N0394

2012-01-20

N0389

PDTR draft of 24772, Edition 2, without change bars, replaces N0378, results in N0396 and N0397, replaced by N0410

2012-01-20

N0388

PDTR draft of 24772, Edition 2, with change bars, replaces N0378, results in N0396 and N0397, replaced by N0410

2012-01-12

N0387

CANCELLED and replaced by [N0389]

2012-01-15

N0386

CANCELLED and replaced by [N0388]

2012-01-15

N0385

Proposed rewrite of Ruby.52, contributed by Jim Moore [docx, pdf]

2012-01-08

N0384

Draft language-specific annex for SPARK, replaces N0382

2012-01-08

N0383

Preliminary working draft, "Core Enterprise Security Application Programming Interface", contributed by Larry Wagoner [docx]

2011-12-17

N0382

SPARK annex, contributed by SC22/WG9, replaces N0281, replaced by N0384

2011-12-17

N0381

Proposed conceptual clusters for definitions, contributed by Clive Pygott [xls]

2011-12-17

N0380

Day of Meeting Agenda: Meeting number 21, 28 - 30 March 2012, Ottawa, Canada

2012-03-26

N0379

Submitted New Work Item Proposal and Preliminary Working Draft for Code Signing, see N0390 and N0391

2011-12-12

N0378

markup of N0376 in meeting number 20, replaces N0376, replaced by N0388 and N0389

2011-12-17

N0377

Minutes of Meeting #20 [html]

2011-12-17

N0376

Revised Baseline draft of 24772, Ed 2, contributed by editor, replaces N0352, replaced by N0378

2011-12-02

N0375

Preliminary Agenda, Meeting 22, 20-22 June 2012, Stuttgart, replaced by N0400

2011-11-23

N0374

Logistics, Meeting 22, 20-22 June 2012, Stuttgart, Germany, contributed by Erhard Ploedereder [html]

2011-11-05

N0373

Preliminary Agenda, Meeting 21, 28-30 March 2012, Ottawa, Canada [html]

2011-11-01

N0372

Proposed Python annex, contributed by Kevin Coyne, replaces N0362

2011-11-01

N0371

Preliminary agenda, Meeting #20, 14-16 December, Washington DC, USA [html]

2011-11-01

N0370

Logistics, Meeting #21, 28-30 March 2012, Ottawa, Ontario, Canada, contributed by Steve Michell [html](with editorial corrections)

2011-11-23

N0369

Final Meeting number 19 markup of Further Revised Proposal for Concurrency Vulnerability Descriptions, replaces N0368

2011-10-05

N0368

Meeting 19 markup of Further Revised Proposal for Concurrency Vulnerability Descriptions, replaces N0367, replaced by N0369

2011-10-04

N0367

Further Revised Proposal for Concurrency Vulnerability Descriptions, replaces N0360, replaces N0368

2011-10-03

N0366

Meeting 19 markup of proposed revision to sub-clause 4.3, replaces N0365

2011-10-03

N0365

Proposed revision to Sub-clause 4.3 to describe language annexes, contributed by Jim Moore, replaced by N0366

2011-10-01

N0364

Meeting Notes, SC 22 Plenary Meeting, 19-20 September 2011, contributed by Jim Moore [docx, pdf]

2011-09-20

N0363

Minutes, Meeting 19, 3-5 October 2011

2011-10-05

N0362

Revised Python Annex, contributed by Kevin Coyne, replaces N0347, replaced by N0372

2011-09-26

N0361

Comments on C Annex, contributed by Joyce Tokar

2011-09-30

N0360

Revised Proposal for Concurrency Vulnerability Descriptions, replaces N0345, replaced by N0367

2011-09-30

N0359

Revised preliminary working draft for code signing, contributed by Larry Wagoner, replaces by N0357

2011-09-11

N0358

Presentation for SC22 plenary regarding code signing, contributed by Jim Moore [pptx, pdf]

2011-09-07

N0357

Revised preliminary working draft for code signing, contributed by Larry Wagoner, replaces N0318, replaced by N0359

2011-09-07

N0356

Revised: Preliminary Agenda, Meeting 19, contributed by convene, Replaces N0355

2011-09-01

N0355

Preliminary Agenda, Meeting 19, contributed by convener [html]

2011-08-08

N0354

Preliminary Agenda, Meeting 23, contributed by convener [html]

2011-07-30

N0353

Business Plan and Convener's Report, prepared for SC 22 plenary meeting, by John Benito [pdf]

2011-07-30

N0352

Revised Baseline draft of 24772, Ed 2, contributed by editor [

2011-07-19

N0351

Logistics for Meeting 20, contributed by Jim Moore

2011-07-09

N0350

Meeting #18 markup of Review of draft Ruby annex , Replaces N0349

2011-06-20

N0349

Review of draft Ruby annex [N0331], prepared by Michael Walsh, contributed by Jim Moore, replaced by N0350

2011-06-20

N0348

Draft SQL annex, prepared by Jim Johnson [docx, pdf]

2011-06-20

N0347

Draft Python annex, prepared by Kevin Coyne, replaced by N0362

2011-06-20

N0346

Presentation prepared for 2011 Ada Connections Conference, contributed by Larry Wagoner and revised by Meeting #18 [pptm]

2011-06-20

N0345

Meeting 18 Markup of Concurrency Vulnerability Descriptions, replaces N0377, replaced by N0360

2011-06-19

N0344

Meeting 18 Markup of Baseline draft of 24772, Ed 2, replaces N0338, replaced by N0352

2011-06-19

N0343

Meeting 18 Markup of Proposed changes to Clause 6 introduction, replaces N0336

2011-06-19

N0342

Meeting #18 Markup of Editor's Responses [N0340] to Comments from MISRA L on DTR 24772 (N0250), replaces N0340

2011-06-19

N0341

Revised schedule for the preparation of TR 24772, Edition 2, contributed by secretary, cancelled - see S0002

2011-06-19

N0340

Editor's proposed disposition of comments from MISRA in response to N0250, replaced by N0342

2011-06-04

N0339

Minutes of Meeting #18 [html]

03/06/2011

N0338

Revised Baseline draft of 24772, Ed 2, contributed by editor replacing N0335, replaced by N0344

2011-06-02

N0337

Concurrency vulnerability descriptions, contributed by Steve Michell, replaced by N0345

2011-06-01

N0336

Proposed change to Clause 6 introduction, contributed by Jim Moore replaced by N0343

2011-05-04

N0335

Revised Baseline draft of 24772, Ed 2, contributed by editor, replacing N0303, replaced by N0338

2011-04-21

N0334

Preliminary Agenda: Meeting 18, 19-20 June 2011, Edinburgh, UK

2011-04-14

N0333

Revised schedule for the preparation of TR 24772, Edition 2, replacing N0302, replaced by N0341

2011-03-27

N0332

Revised proposal for separation of XYYreplacing N0321

2011-03-25

N0331

Revised proposed annex for Ruby, contributed by James Johnson, replacing N0320

2011-03-25

N0330

Meeting 17 markup of proposed revision of LAV in Ada annex, replacing N0311

2011-03-25

N0329

Revised proposed rewrite of NZN, contributed by Erhard Ploedereder , replacing N0312, see also N0328

2011-03-25

N0328

Revised proposed rewrite of NZN, contributed by Bob Karlin, replacing N0319, see also N0329

2011-03-25

N0327

Additional meeting 17 markup of Proposed vulnerability descriptions YUK and SUK, replacing N0324

2011-03-25

N0326

Meeting 17 markup of proposed rewrite of WXQ and YZS, replacing N0325

2011-03-25

N0325

Proposed rewrite of WXQ and YZS, contributed by Jim Moore, replacing N0316, replaced by N326

2011-03-24

N0324

Meeting 17 markup of Proposed vulnerability descriptions YUK and SUK, contributed by secretary, replacing N0313, replaced by N0326

2011-03-24

N0323

Proposal for alignment of numbering between Clauses and Annexes, contributed by editor and secretary

2011-03-24

N0322

Meeting #17 markup of Proposed vulnerability description on Inter-language calling, replacing N0310

2011-03-23

N0321

Meeting 17 markup of Proposed separation of XYY into two description (responds to action item #16-12), contributed by secretary, replacing N0305, replaced by N0332

2011-03-23

N0320

Meeting 17 markup of Proposed Annex for Ruby Language, replacing N0308, replaed by N0331

2011-03-23

N0319

Proposed rewrite of NZN, contributed by Bob Karlin (doc, pdf)

2011-03-23

N0318

Meeting 17 markup of Strawman draft, "Code Signing for Source Code", contributed by secretary, replacing N0317, replaced by N0357

2011-03-23

N0317

Strawman draft, "Code Signing for Source Code", contributed by Larry Wagoner, replaced by N0318

2011-03-23

N0316

VOID

2011-03-23

N0315

Minutes: Meeting 17, 23-25 March 2011, Madrid, Spain

2011-03-25

N0314

Code signing proof of concept, contributed by Jim Johnson [zip]

2011-03-11

N0313

Proposed vulnerability descriptions YUK and SUK, contributed by Erhard Ploedereder (Closes AI 16-06), replaced by N0324

2011-03-21

N0312

Proposed revision of NZN, contributed by Erhard Ploedereder,closes AI 16-07, replaced by N0329, see also N0319

2011-03-21

N0311

Proposed revision of LAV in Ada annex, contributed by Erhard Ploedereder, closes AI 16-13, replaced by N0330

2011-03-21

N0310

Proposed vulnerability description on Inter-language calling, contributed by John Benito, replacing N0309, replaced by N0322

2011-03-14

N0309

Proposed vulnerability description on Inter-language calling, contributed by John Benito, revised by N0310

2011-03-11

N0308

Proposed Annex for Ruby Language, contributed by Jim Johnson, replaced by N0320

2011-03-11

N0307

Preliminary Agenda: Meeting 17, 23-25 March 2011, Madrid, Spain

2011-02-18

N0306

REVISED Result of Voting on SC 22 N 4575 - Information technology - Programming languages, their environments and system software interfaces - Software code signing, contributed by secretary, see N0253

2011-02-15

N0305

Proposed separation of XYY into two description (responds to action item #16-12), contributed by Jim Moore, replaced by N0321

2011-02-15

N0304

Revised draft language-specific annex for the programming language C, contributed by editor, replaces N0295

2011-02-14

N0303

Revised baseline draft of TR Edition 2, contributed by editor, replacing N0301, replaced by N0335

2011-01-29

N0302

Schedule for the preparation of TR 24772, Edition 2, contributed by secretary, replaced by N0333

2010-12-17

N0301

Meeting 16 markup of baseline draft of TR Edition 2, contributed by secretary, replacing N0286, replaced by N0303

2010-12-16

N0300

Proposed changes to WXQ and YZS re volatile, contributed by Tom Plum [pdf]

2010-12-14

N0299

Further revised draft language-specific annex for Java, contributed by Ben Brosgol, replaces N0294

2010-12-15

N0298

Meeting 16 markup of proposed revision to XYQ, contributed by secretary, replacing N0297

2010-12-15

N0297

Proposed revision of XYQ, contributed by David Keaton, replaces N0293, replaced by N0298

2010-12-15

N0296

Meeting 16 markup of draft language-specific annex for Ada, replacing N0288

2010-12-15

N0295

Meeting 16 markup of draft language-specific annex for programming language C, replacing N0287, replaced by N0304

2010-12-15

N0294

Revised draft language-specific annex for Java, contributed by Ben Brosgol, replacing N0287, replaced by N0304

2010-12-15

N0293

Meeting 16 markup of proposed revision to XYQ (N0290), replaced by N0297

2010-12-14

N0292

Meeting 16 markup of draft annex for Java (N0291), replaced by N0294

2010-12-14

N0291

Initial draft language-specific annex for Java, contributed by Ben Brosgol, replaced by N0292

2010-12-14

N0290

Proposed revision of 6.26 Dead and Deactivated Code [XYQ], contributed by David Keaton, replaced by N0293

2010-12-13

N0289

Minutes: Meeting 16, ISO/IEC JTC 1/SC 22/WG 23: Programming Language Vulnerabilities, 14-16 December 2010

2010-12-17

N0288

Revised draft language-specific annex for Ada, contributed by John Benito [docx, pdf]

2010-12-10

N0287

Revised draft language-specific annex for the programming language C, contributed by John Benito, replacing N0276 and N278, replaced by N0295

2010-12-10

N0286

Baseline working draft for preparation of Edition 2 of TR 24772, contributed by the editor based on the results of Meeting 15, replacing N0283 and N0282, replaced by N0301

2010-10-11

N0285

Publication proof of ISO/IEC TR 24772 [encrypted zip]

2010-09-23

N0284

Revised format for language-specific annexes, replacing N0271

2010-09-17

N0283

Proposed baseline for the second edition of TR 24772 , revision of N0268, replaced by N0286

2010-09-17

N0282

Revised outline of vulnerabilities, incorporated into N0286

2010-09-16

N0281

Markup of extract of N0275, draft language-specific annex for SPARK, replaced by N0382

2010-09-16

N0280

Prototype table summarizing vulnerabilities, contributed by Steve Michell, in response to Action Item 14-05

2010-09-14

N0279

Prototype table summarizing vulnerabilities, contributed by Jim Moore, in response to Action Item 14-04

2010-09-10

N0278

Revision of C annex portion of N0270, replaced by N0287

2010-09-10

N0277

Logistics: Meeting #17, ISO/IEC JTC 1/SC 22/WG 23: Programming Language Vulnerabilities, 23-25 March 2011, Madrid, Spain [pdf], forwarded by convener

2010-09-08

N0276

Revised draft language-specific annex for C, contributed by John Benito, David Keaton and LarryWagoner, replacing N0259, replaced by N0287

2010-09-10

N0275

Draft language-specific annex for SPARK, contributed by SC 22/WG 9, see also N0281

2010-08-31

N0274

Minutes: Meeting 15, ISO/IEC JTC 1/SC 22/WG 23: Programming Language Vulnerabilities, 15-17 September 2010

2010-09-16

N0273

Proposed draft NWIP for software security APIs, contributed by Larry Wagoner

2010-08-31

N0272

Possible new vulnerability descriptions from splitting XYR into two descriptions, contributed by Clive Pygott (Action item 14-09)

2010-08-31

N0271

Revised format for language-specific annexes, from ISO/IEC TR 24772:2010, replaces N0217, replaced by N0284

2010-08-31

N0270

Possible new vulnerability, Buffer overflow (HCB)--Language-independent and C versions, contributed by John Benito (Action Item 14-08), see also N0278

2010-08-31

N0269

Possible new vulnerability, Unrestricted file upload (CBF), contributed by John Benito

2010-08-31

N0268

Slimmer version of 24772 proposed as the baseline for Edition 2, contributed by Jim Moore, responding to AI 14-10, replaced by N0283

2010-08-12

N0267

Revised draft of 24772 submitted for publication [zip] (encrypted))

2010-07-23

N0266

Business Plan and Convener's Report for the 2010 SC 22 plenary

2010-07-08

N0265

Draft New Work Item Proposal: Software Code Signing, marked up at meeting 14, replacing N0253

2010-06-30

N0264

Request for approval of free availability for ISO/IEC TR 24772, marked up at meeting 14, replacing N0262

2010-06-30

N0263

P.M. Conmy, C. Pygott, I Bate, VHDL Guidance for Safe and Certifiable FPGA Design, Contributed by Clive Pygott [zip]. (Because the paper has been submitted for conference publication, it is in an encrypted zip file.).

2010-06-30

N0262

Request for approval of free availability for ISO/IEC TR 24772, contributed by James W. Moore, replaced by N0264

2010-06-27

N0261

Minutes: Meeting #14, ISO/IEC JTC 1/SC 22/WG 23: Programming Language Vulnerabilities, 28-30 June 2010 [html]

2010-06-28

N0260

ISO/IEC/JTC 1/SC 27 N8780, 1st CD 29147, Information technology -- Security techniques - Vulnerability disclosure [pdf]

2010-06-25

N0259

Revised draft language-specific annex for C, contributed by LarryWagoner, replacing N0245, replaced by N0276

2010-06-25

N0258

Draft language-specific annex for Ada, contributed by WG 9, replacing N0205, replaced by N0288

2010-06-22

N0257

Draft of 24772 submitted for publication (encrypted), supercedes N0238, replaced by N0267

2010-06-03

N0256

Preliminary Agenda: Meeting 16, 14-16 December 2010, San Diego, CA, USA

2010-05-13

N0255

Preliminary Agenda: Meeting #15, 15-17 September, 2010, Ottawa, Canada [html]

2010-05-13

N0254

Logistics: Meeting 15, ISO/IEC JTC 1/SC 22/WG 23: Programming Language Vulnerabilities, 15-17 September 2010, Ottawa, Ontario, Canada, contributed by Steve Michell

2010-05-11

N0253

Draft New Work Item Proposal: Software Code Signing, contributed by Larry Wagoner, replacing N0265, see N0306

2010-05-06

N0252

Logistics: Meeting 16, ISO/IEC JTC 1/SC 22/WG 23: Programming Language Vulnerabilities, 14-16 December 2010, San Diego, CA, USA

2010-04-21

N0251

JTC001-N-7269 Criteria for Free Availability [pdf]

2010-04-15

N0250

Comments from MISRA L (see N0340), contributed by Clive Pygott

2010-04-15

N0249

Recommended disposition of comments from Balloting on DTR 24772 (N0243)

2010-04-14

N0248

Minutes: Meeting 13, ISO/IEC JTC 1/SC 22/WG 23: Programming Language Vulnerabilities, 14-16 April 2010

2010-04-14

N0247

Liaison Request from MISRA L to JTC1 for Category C Liaison with JTC 1/SC 22/WG 23 [pdf]. (This request was approved by JTC 1.)

2010-03-30

N0246

Preliminary Agenda: Meeting 14, ISO/IEC JTC 1/SC 22/WG 23: Programming Language Vulnerabilities, 28-30 June 2010

2010-03-27

N0245

Revised draft language-specific annex for C, contributed by LarryWagoner, replaces N0233, replaced by N0259

2010-03-23

N0244

Venue information, Meeting 14, Kona, Hawaii, 28-30 June 2010, contributed by John Benito and Tom Plum

2010-03-23

N0243

Results of Balloting on DTR 24772: Collated NB comments, see N0249 for disposition

2010-03-22

N0242

Hotel arrangements, Meeting 14, Kona, Hawaii, 28-30 June 2010, contributed by Tom Plum

2010-03-10

N0241

US Delegation to Meeting 13, contributed by ANSI

2010-03-09

N0240

Preliminary Agenda: Meeting 13, ISO/IEC JTC 1/SC 22/WG 23: Programming Language Vulnerabilities, 14-16 April 2010

2009-11-24

N0239

Completed disposition of all comments received in balloting of PDTR.2 24772, replaces N0230

2009-11-24

N0238

Draft of 24772 submitted to SC 22 for DTR ballot, superceding N0191, becoming SC 22 N4505 and JTC 1 N9937].

2009-11-24

N0237

Logistics for Meeting 13 of ISO/IEC JTC 1/SC 22/WG 23, Padua, Italy, 14-16 April 2010, contributed by Tullio Vardanega

2009-10-26

N0236

Email from Tom Plum, 16 October 2009

2009-10-22

N0235

Proposed response to NL-11, contributed by Steve Michell and revised during Meeting 12

2009-10-22

N0234

Proposed response to JP-8, contributed by Robert Karlin and revised during Meeting 12

2009-10-22

N0233

Revised draft language-specific annex for C, contributed by LarryWagoner, replacing N0221, replaced by N0245

2009-10-22

N0232

Proposed response to NL-7, contributed by Robert Seacord and revised during meeting #12 [pdf]

2009-10-22

N0231

Proposed response to UK-23, contributed by Dan Nagle and revised during meeting #12 - [txt]

2009-10-22

N0230

Disposition of technical comments received on PDTR.2 24772 (N0224), replaced by N0239

2009-10-22

N0229

Revised proposal for a vulnerability description on namespace issues, contributed by Erhard Ploedereder , replaces N0197

2009-10-22

N0228

Olwen Morgan, Programming languages - C - Designated constructs, contributed by Steve Michell with permission of author.

2009-10-16

N0227

Minutes: Meeting 12, ISO/IEC JTC 1/SC 22/WG 23: Programming Language Vulnerabilities, 21-23 October, 2009

2009-10-22

N0226

A. Burns and A.J. Wellings, Language Vulnerabilities - Let's not forget Concurrency, contributed by Stephen Michell with permission of authors

2009-10-13

N0225

Preliminary Agenda: Meeting 12, ISO/IEC JTC 1/SC 22/WG 23: Programming Language Vulnerabilities, 21-23 October 2009

2009-09-30

N0224

Corrected results of balloting on PDTR.2 24772: Collated NB comments, replacing N0223, disposition in N0230

2009-09-27

N0223

Results of Balloting on PDTR.2 24772: Collated NB comments, cancelled and replaced by N0224

2009-09-24

N0222

Telecon Notes, WG 23, 25 August 2009, contributed by Jim Moore [pdf]

2009-08-25

N0221

Draft C Annex, contributed by Larry Wagoner, replaced by N0215, replaced by N0233

2009-08-24

N0220

Draft Fortran Annex, contributed by Dan Nagle replacing N0216

2009-08-24

N0219

Logistics for Meeting #12 of ISO/IEC JTC 1/SC 22/WG 23, Santa Cruz, CA, 21-23 October 2009, contributed by John Benito [pdf]

2009-08-15

N0218

On Removing Programming Language Bias from the Vulnerabilities Document, J-P Rosen, written for submission to Ada-User, contributed by Steve Michell (Canada) [pdf]

2009-08-15

N0217

Revised format for language-specific annexes, contributed by Jim Moore, recording decisions of Meeting 11, replacing N0165 and N0193, replaced by N0271

2009-07-15

N0216

Markup of revised draft language-specific annex for Fortran replacing N0211, replaced by N0220

2009-07-15

N0215

Markup of revised draft language-specific annex for C, replacing N0210, replaced by N0221

2009-07-15

N0214

Markup of proposed description of NMP for Ada annex, replacing N0209

2009-07-15

N0213

Markup of proposed description of MEM for Ada annex, replacing N0208

2009-07-15

N0212

Possible design for a multi-part document, contributed by Jim Moore

2009-07-15

N0211

Revised draft language-specific annex for Fortran, contributed by Dan Nagle, replacing N0206, replaced by N0216

2009-07-15

N0210

Revised draft language-specific annex for C, contributed by Larry Wagoner replacing N0204, replaced by N0215

2009-07-15

N0209

Proposed description of vulnerability NMP for Ada Annex, contributed by Steve Michell, replaced by N0214

2009-07-15

N0208

Proposed description of MEM for Ada annex, contributed by Steve Michell, replaced by N0213

2009-07-15

N0207

Proposed new vulnerability description, QVT, contributed by Dan Nagle

2009-07-15

N0206

Meeting 11 markup of draft language-specific annex for Fortran replacing N0198, replaced by N0211

2009-07-15

N0205

Meeting 11 markup of draft language-specific annex for Ada resulting from workshop at 2009 Ada Europe conference, replacing N0199, replaced by N0258

2009-07-15

N0204

Meeting 11 markup of draft language-specific annex for C replacing N0200, replaced by N0210

2009-07-15

N0203

Meeting 11 markup of proposed new vulnerability description, Overloading and Overriding replacing N0201

2009-07-15

N0202

Minutes: Meeting 11, ISO/IEC JTC 1/SC 22/WG 23: Programming Language Vulnerabilities, 13-15 July, 2009]

2009-07-15

N0201

Proposed vulnerability description, Overloading and overriding, contributed by Erhard Ploedereder , replaced by N0203

2009-07-12

N0200

Draft language-specific annex for C, contributed by Larry Wagoner replaced by N0204

2009-07-06

N0199

Draft language-specific annex for Ada resulting from workshop at 2009 Ada Europe conference, contributed by John Benito replaced by N0205

2009-06-22

N0198

Draft language-specific annex for Fortran, contributed by Dan Nagle replacing N0145, replaced by N0206

2009-06-22

N0197

Proposed vulnerability on namespace issues, contributed by Erhard Ploedereder replaced by N0229

2009-06-22

N0196

Business Plan and Convener's Report [for the 2009 SC22 plenary meeting], contributed by convener

2009-06-22

N0195

Preliminary Agenda: Meeting 11, ISO/IEC JTC 1/SC 22/WG 23: Programming Language Vulnerabilities, 13-15 July, 2009

2009-06-10

N0194

SC22/WG23 Vulnerablities Meeting 11 Logistics

2009-06-10

N0193

Proposed changes to Annex F resulting from workshop at Ada-Europe Conference , see N0165, replaced by N0217

2009-06-22

N0192

Presentation to workshop of Ada-Europe Conference, John Benito, June 2009

2009-06-10

N0191

Draft of 24772 submitted to SC 22 for PDTR.2 ballot superceding N0170, replaced by N0238

2009-06-02

N0190

Proposed rewrite of Sub-clause 6.26, contributed by Robert Karlin

2009-05-05

N0189

Proposed rewrite of Clause 5, contributed by Larry Wagoner

2009-05-04

N0188

Suggestion for introductory text outlining scope limitations of first edition, contributed by James Moore

2009-04-19

N0187

Completed disposition of WG9 comments on PDTR 24772, contributed by John Benito, revision of N0181

2009-05-18

N0186

Replacement text for Subclause 5.2, as edited at Meeting #10 for N0185

2009-04-17

N0185

Proposed revision of Subclause 5.2, contributed by Robert Karlin for N0185

2009-04-16

N0184

Completed disposition of NB comments on PDTR 24772, contributed by John Benito revision of N0180

18/05/2009

N0183

Schedule, version 3 revision of N0167

2009-06-22

N0182

Four vulnerability descriptions approved for inclusion in the next draft of 24772 by Meeting 10, revision of N0177

2009-04-15

N0181

Disposition of WG9 comments in N0174 performed during the meeting revised as N0174

2009-04-17

N0180

Disposition of NB technical comments on PDTR 24772 (N0176) performed during Meeting 10 revised as N0184

2009-04-17

N0179

Draft Minutes: Meeting 10 of ISO/IEC JTC 1/SC 22/WG 23, 15-17 April 2009, San Diego, CA

2009-04-17

N0178

2nd Preliminary Agenda, Meeting 10, San Diego, CA, 15-17 April 2008, contributed by convenerreplaces N0169

2009-04-13

N0177

Four vulnerabilities recommended for inclusion in 24772 by the editorial team revised as N0182

2009-04-04

N0176

Results of Balloting on PDTR 24772: Summary of voting [pdf]; collated NB comments disposed in N0180

2009-02-20

N0175

Report of Editors' Meeting, 18 February 2009, contributed by Jim Moore: Report [pdf]. Supplementary documents [zip]

2009-02-18

N0174

Liaison comments from SC 22/WG 9 on PDTR 24774, contributed by Joyce Tokar, Convener, SC 22/WG 9 [doc].

2009-02-14

N0173

Report of Editors' Meeting, 28 January 2009, contributed by Jim Moore: Report [pdf]. Supplementary documents [zip].

2009-02-14

N0172

Report of Editors' Meeting, 12 December 2008, contributed by Jim Moore [pdf]

2008-12-13

N0171

Presentation to DHS Software Assurance Working Group, December 2008, contributed by Jim Moore [pdf]. Narrative version, submitted to Ada User as an article.

2008-12-09

N0170

Draft of 24772 submitted to SC 22 for PDTR ballot replaced by N0181

2008-12-09

N0169

Preliminary Agenda, Meeting 10, San Diego, CA, 15-17 April 2008, contributed by convener, replaced by N0178

2008-12-09

N0168

Meeting Logistics: Meeting #10, San Diego, CA, contributed by James.W.Moore [pdf]

2009-04-09

N0167

Schedule, version 2 replacing N0130, replaced by N0183

2008-10-22

N0166

Revised commenting template replacing N0115

2008-10-06

N0165

Meeting #9 revision of [N0144] Proposed template for language specific annexes

2008-10-06

N0164

Meeting#9 revision of [N0143] New Vulnerability Descriptions Proposed by J3 (Fortran)"" [doc]

2008-10-06

N0163

Meeting #9 revision of [N0152] Proposed rewrite of 7.13 of Editor's draft of PDTR 24772 [N0138]

2008-10-06

N0162

Meeting 9 revision of [N0151] Proposed rewrite of 7.10 of Editor's draft of PDTR 24772 [N0138]

2008-10-06

N0161

Meeting 9 revision of [N0156], 6.20 Buffer Overflow [XZB]

2008-10-06

N0160

Meeting 9 revision of [N0157] 6.17 Unchecked Pointer Arithmetic in Buffer Access (XYX)

2008-10-06

N0159

Meeting 9 disposition of comments contained in [N0148]

2008-10-06

N0158

Proposed rewrite of 6.18 of Editor's draft of PDTR 24772 [N0138], contributed by Larry Wagoner [doc]

2008-10-06

N0157

Proposed revision of 6.17 Unchecked Pointer Arithmetic in Buffer Access (XYX), contributed by Erhard Ploedereder (see N0138)

2008-10-06

N0156

Proposed revision of 6.20 Buffer Overflow [XZB], contributed by Erhard Ploedereder (see N0138), replaced by N161

2008-10-06

N0155

Proposed Vulnerability Description on Concurrency, contributed by Steve Michell, see N0138

2008-10-06

N0154

Resolutions Approved at the 22-24 September 2008 JTC 1/SC 22 Plenary in Milan, Italy

2008-10-06

N0153

Minutes: Meeting #9 of ISO/IEC JTC 1/SC 22/OWG: Vulnerability, 29 September to 01 October, 2008 [html]

2008-12-09

N0152

Proposed rewrite of 7.13 of Editor's draft of PDTR 24772 [N0138], contributed by Larry Wagoner replaced by N0163

2008-09-26

N0151

Proposed rewrite of 7.10 of Editor's draft of PDTR 24772 [N0138], contributed by Larry Wagoner replaced by N0162

2008-09-26

N0150

Proposed rewrite of 6.18 of Editor's draft of PDTR 24772 [N0138], contributed by Larry Wagoner (see N0138)

2008-09-26

N0149

Comments on the Draft of the Fortran Annex of the OWG-V TR [N0145] contributed by Nick Mclaren (see N0145)

2008-09-26

N0148

2nd version of Consolidated comments on [N0138], including comments received as of the date issued. Replacing N0148

2008-09-26

N0147

2nd Preliminary Agenda, Meeting 9 of ISO/IEC JTC 1/SC 22/OWG: Vulnerability, Stuttgart, Germany, 29 September 2008 / 01 October 2008, replacing N0141

2008-09-10

N0146

Consolidated comments on [N0138], as of the date issued. It includes comments from Jones and Pygott., replaced by N0146

2008-09-10

N0145

Draft of language-specific annex for Fortran, contributed by Dan Nagle replaced by N0198

2008-09-05

N0144

Proposed template for language specific annexes, contributed by Larry Wagoner replaced by N0165

2008-09-05

N0143

New Vulnerability Descriptions Proposed by J3 (Fortran), contributed by Dan Nagle replaced by N0165

2008-08-26

N0142

Logistics, OWGV Meeting #9, Stuttgart, Germany, 2008-09-29/10-01, contributed by Erhard Ploedereder

2008-08-27

N0141

Preliminary Agenda, Meeting 9 of ISO/IEC JTC 1/SC 22/OWG: Vulnerability, Stuttgart, Germany, 29 September 2008 / 01 October 2008, contributed by convener [html]

2008-08-26

N0140

Presentation made by Jim Moore to ISO/IEC JTC 1/SC 22/WG 9 with slide added to record discussion

2008-07-29

N0139

Presentation made by John Benito to Military & Aerospace Electronics Forum [pdf], 2008-04

2008-07-29

N0138

Editor's draft of PDTR 24772, prepared by John Benito With Spreadsheet for providing comments

2008-08-20

N0137

Business Plan and Convener's Report, ISO/IEC JTC 1/SC 22/OWG:Vulnerability, for 2008 SC 22 plenary,

2008-07-29

N0136

Results of OWGV Editorial Meeting, 30 June to 02 July 2008, submitted by secretary:

2008-07-07

N0135

Preliminary agenda, Editorial Meeting, 30 June - 02 July 2008, submitted by convener [pdf]

2008-06-10

N0134

Editor's draft of PDTR 24772, prepared by John Benito replacing N0125, replaced by N0138

2008-06-03

N0133

Template for Language-Independent Descriptions of Vulnerabilities, Version 7 revision of N0092

2008-04-16

N0132

Suggested editorial corrections to PDTR, Larry Wagoner [doc]

2008-04-10

N0131

Superseded directory of vulnerabilities, as of 13 March 2008 (Posted only for archival purposes.)

2008-04-10

N0130

Schedule moving forward toward PDTR version 1 replaced by N0167

2008-04-10

N0129

Disposition of consolidated comments on vulnerability descriptions, (N0127) prepared by Secretary

2008-04-09

N0128

Minutes: Meeting 8 of ISO/IEC JTC 1/SC 22/OWG: Vulnerability, 9-11 April 2008, Amsterdam, Netherlands

2008-04-09

N0127

Consolidated comments on vulnerability descriptions (N0129)

2008-03-31

N0126

2nd Preliminary Agenda: Meeting 8 of ISO/IEC JTC 1/SC 22/OWG: Vulnerability, 9-11 April 2008, Amsterdam, Netherlands replacing N0118

30/03/2008

N0125

Editor's draft of PDTR 24772, prepared by John Benito replacing N0118, replaced by N0134

2008-03-26

N0124

Mapping between OWGV language vulnerabilities and the JSF, MISRA C, CERT C, and CERT C++, Version 2, Robert Seacord replacing N0120

2008-03-26

N0123

Editor's Report for Meeting #8, TR 24772 [pdf]

2008-03-26

N0122

Array bounds checking bibliography, Derek Jones

2008-02-14

N0121

(Revised) Forms of language specification: Examples from commonly used computer languages Derek Jones replacing N0078

2008-02-14

N0120

Mapping between OWGV language vulnerabilities and the JSF, MISRA, CERT C, and CERT C++ rule sets, Robert Seacord, replaced by N0124

2008-02-14

N0119

A new type of Working Group used for a new SC22 Working Group: OWG Vulnerability"", John Benito, convener

2008-02-14

N0118

Preliminary Agenda: Meeting 8 of ISO/IEC JTC 1/SC 22/OWG: Vulnerability, 9-11 April 2008, Amsterdam, Netherlands, replaced by N0126

2008-02-14

N0117

Outline of Vulnerability Descriptions, 24 December 2007 (with assignments for update), contributed by John Benito, replacing N0112

2007-12-24

N0116

Safety considerations in programming systems, contributed by Steve Michell [pdf]

2007-12-16

N0115

Commenting spreadsheet to be used in making comments on vulnerability descriptions, replaced by N0166

2007-12-15

N0114

Automatically Generated Code, contributed by Robert Seacord

2007-12-15

N0113

List of Coding Guideline Documents, contributed by Derek Jones [pdf]

2007-12-14

N0112

Proposed organization of vulnerability descriptions (with annotations from OWGV Meeting #7) , annotation of N0109, replaced by N0117

2007-12-14

N0111

Minutes: Meeting 7 of ISO/JTC1/SC22/OWG: Vulnerability 12-14 December 2007, Pittsburgh, Pennsylvania, USA

2007-12-15

N0110

Final Resolutions of the 20th Plenary meeting of ISO/IEC JTC 1/SC 22, 24-28 September 2007, Singapore

2007-12-11

N0109

Proposed organization of vulnerability descriptions, contributed by Larry Wagoner, annotated as N0112

2007-12-13

N0108

Proposed additions to ISO/IEC PDTR 24772, contributed by C H Pygott [pdf]

2007-11-28

N0107

Editor's report, project 24772, contributed by John Benito

2007-11-28

N0106

Editor's draft of PDTR 24772, prepared by John Benito replacing N0095, replaced by N0125

2007-11-28

N0105

Examples of Mapping MISRA-C Rules to COBOL, contributed by Barry Tauber [pdf]

2007-11-24

N0104

Distinguishing Criticality of Undefined Behavior, contributed by Tom Plum [html]

2007-11-24

N0103

Preliminary Agenda: Meeting #7 of ISO/IEC JTC 1/SC 22/OWG: Vulnerability, 12-14 December 2007, Pittsburgh, Pennsylvania, USA [html], prepared by convener

2007-11-15

N0102

Annotations to N0099 made during Meeting 6 of OWGV annotates N0099

2007-10-25

N0101

John Benito, OWG: Vulnerability,"" [pdf] presentation to conference associated with meeting of ISO/IEC JTC 1/SC 22, 28 September 2007.

2007-10-15

N0100

Minutes: Meeting #6 of ISO/JTC1/SC22/OWG: Vulnerability 1-3 October 2007, Kona, Hawaii, USA

2007-10-25

N0099

Proposal to the ISO/IEC Project 22.24772: Guidance for Avoiding Vulnerabilities through Language Selection and Use, contributed by Larry Wagoner [pdf]. (All of the papers's references can be located using this website's list of [References].)

2007-09-29

N0098

Logistics information for OWGV Meeting 8, Amsterdam, Netherlands [html]

2007-09-12

N0097

Preliminary Agenda: Meeting 6 of ISO/JTC1/SC22/OWG: Vulnerability 1-3 October 2007, Kona, Hawaii, USA

2007-09-04

N0096

Logistics information for OWGV Meeting #6, Kona, Hawaii, USA, see also N0058.

2007-08-06

N0095

Editor's draft of PDTR 24772, prepared by John Benito, submitted for PDTR registration revising N0079, replaced by N0106

2007-08-06

N0094

Business Plan and Convener's Report, ISO/IEC JTC 1/SC 22/OWG:Vulnerability 2007-07-31, contributed by John Benito [pdf]

2007-08-03

N0093

Proposed vulnerabilities as of the close of Meeting #5. [This is posted only as a snapshot of the results. For the most recent status use the current directory of vulnerability proposals.]

2007-07-24

N0092

Template for Language-Independent Descriptions of Vulnerabilities, Version 6 replacing N0072, replaced by N0133

2007-07-24

N0091

Definitions agreed at Meeting 5 for use in the TR, replacing N0085

2007-07-24

N0090

Text for sub-clause 1.4, as agreed at Meeting 5 replacing N0087

2007-07-24

N0089

Approved Minutes of 19-20 July 2007 Meeting of ISO/IEC JTC 1/SC 22/OWG:Vulnerability (OWG:V Meeting #5), Ottawa, Canada [html].

2007-08-20

N0088

Liaison Report: JSR-282 (Real-Time Specification for Java) and JSR-302 (Safety-Critical Java Technologies), Ben Brosgol

2007-07-16

N0087

Possible text for sub-clause 1.4, contributed by Jim Moore, replaced by N0090

2007-07-13

N0086

The Physics of a Vulnerability, [pdf] by Bob Martin. Contributed by Jim Moore with the permission of The MITRE Corporation.

2007-07-13

N0085

Definition of Vulnerability [pdf] contribution by Ben Brosgol, replaced by N0091

2007-07-12

N0084

(2nd Revision) Proposal to the ISO/IEC Project 22.24772: Guidance for Avoiding Vulnerabilities through Language Selection and Use; directory of proposed vulnerability descriptions ; and cover note -- contribution by Larry Wagoner, replacing N0073

2007-07-12

N0083

Comments on "Software for Dependable Systems", contribution by Tom Plum [html]

2007-07-02

N0082

James W. Moore and Robert Seacord, Secure Coding becomes Standard [pdf] presentation to Systems and Software Technology Conference (SSTC), June 19, 2007. Also see related article.

2007-07-02

N0081

Pre-Meeting Package, Meeting 5 -- VOIDED

2007-07-01

N0080

Agenda: Meeting 5 of ISO / IEC / JTC1 / SC22/OWG: Vulnerability 18th - 20th July 2007, Ottawa, Canada

2007-06-30

N0079

Editor's draft 070629 of PDTR 24772, prepared by John Benito replacing N0074.

2007-06-30

N0078

(Revised) Forms of language specification: Examples from commonly used computer languages and directory of proposed vulnerability descriptions from Derek M. Jones, replaces N0060

2007-06-30

N0077

Post-Meeting Package, Meeting 4 [zip] -- VOIDED

2007-06-04

N0076

Logistics information for OWGV Meeting 5, Ottawa, Canada

2007-06-01

N0075

Response of ISO/IEC JTC 1/SC 22/OWGV to: ISO/IEC JTC 1/SC 27 N5494, JTC 1/SC 27/WG 4 Liaison Statement to JTC 1/SC 22 on Collaborative work on Application Security""; and to ISO/IEC JTC 1/SC 27 N5482, ""Report of the Application Security meeting, held in Glenburn Lodge (South Africa), Nov. 17th 2006"" response to N0070 and N0071

2007-05-10

N0074

Editor's draft 3 of intended PDTR 24772, prepared by John Benito [pdf]

30/06/2007

N0073

(Revised) Proposal to the ISO/IEC Project 22.24772: Guidance for Avoiding Vulnerabilities through Language Selection and Use"" [pdf] and directory of proposed vulnerability descriptions [dir, zip], personal contribution by Larry Wagoner

21 June 2007

N0072

Template for Language-Independent Descriptions of Vulnerabilities, Version 5 [html]

2007-05-05

N0071

ISO/IEC JTC 1/SC 27 N5494 - JTC 1/SC 27/WG 4 Liaison Statement to JTC 1/SC 22 on Collaborative work on Application Security [pdf]

2007-04-30

N0070

ISO/IEC JTC 1/SC 27 N5482, Report of the Application Security meeting, held in Glenburn Lodge (South Africa), Nov. 17th 2006"" [pdf]

2007-04-30

N0069

Approved Minutes of 30 April-2 May 2007 Meeting of ISO/IEC JTC 1/SC 22/OWG:Vulnerability (OWG:V Meeting #4), Padua, Italy [html].

2007-04-30

N0068

Proposal to the ISO/IEC Project 22.24772: Guidance for Avoiding Vulnerabilities through Language Selection and Use: Vulnerabilities to Address in CWE - Part 3"" [pdf], personal contribution by Larry Wagoner.

2007-04-23

N0067

Proposal to the ISO/IEC Project 22.24772: Guidance for Avoiding Vulnerabilities through Language Selection and Use: Vulnerabilities to Address in CWE,"" Part 2 [pdf], personal contribution by Larry Wagoner

2007-04-18

N0066

Proposal to the ISO/IEC Project 22.24772: Guidance for Avoiding Vulnerabilities through Language Selection and Use [pdf], personal contribution by Larry Wagoner

2007-04-11

N0065

Pre-Meeting Package, Meeting #4 - VOID

2007-04-05

N0064

Ben Brosgol and Andy Wellings, A Comparison of Ada and Real-time Java for Safety-Critical Applications,"" contributed by Ben Brosgol [pdf]. Posted by permission [txt].

2007-04-04

N0063

Agenda for 30 April-2 May 2007 Meeting of ISO/IEC JTC 1/SC 22/OWG:Vulnerability (OWG:V Meeting #4), Padua, Italy [html]

2007-04-04

N0062

Vulnerability, Safety, Security, and Quality, [html] personal contribution by Tom Plum

2007-04-04

N0061

Editor's draft 2 of intended PDTR 24772, prepared by John Benito [pdf]

2007-04-04

N0060

Forms of language specification: Examples from commonly used computer languages, [pdf] contributed by Derek Jones. Permission [txt].

2007-04-04

N0059

Preliminary draft of the CERT C Programming Language Secure Coding Standard [pdf], contributed by Robert Seacord. Permission [txt]

2007-04-04

N0058

Hotel registration form for Meeting #6, Kona, Hawaii [pdf].

2006-12-29

N0057r

Announcement and logistics information for OWGV Meeting #4, Padua, Italy [pdf].

2006-12-31

N0056

Various Versions of a Template for Language-Independent Descriptions of Vulnerabilities [html]

2006-12-14

N0055

Approved Minutes of 11-13 December 2006 Meeting of ISO/IEC JTC 1/SC 22/OWG:Vulnerability (OWG:V Meeting #3), Washington, DC [html]

2006-12-14

N0054

Stephen Michell, Revisions of Vulnerabilities Issues from TR15942 [pdf]

2006-12-12

N0053

Pre-Meeting Package, Meeting 3 VOID

2006-11-22

N0052

Agenda for 11-13 December 2006 Meeting of ISO/IEC JTC 1/SC 22/OWG:Vulnerability (OWG:V Meeting #3), Washington, DC [html]

2006-11-22

N0051

Derek Jones, Some proposed language vulnerability guidelines, 20 November 2006 [pdf]

2006-11-22

N0050

Derek Jones, Expertise: Discussion of guideline related issues, 28 August 2006 [pdf]

2006-11-22

N0049

Brian Wichmann, Tool assurance for predictable execution, 3 November 2006 [pdf]

2006-11-22

N0048

Stephen Michell, Vulnerabilities Issues from TR15942 [pdf]. (Revised)

2006-12-11

N0047

Post-Meeting Package, Meeting 2 VOID

2006-10-17

N0046

Meeting information, OWG:V Meeting #3, Washington DC, 11-13 December 2006 [html]

2006-09-28

N0045

Jim Moore, Meeting Report of SC22 Plenary, September 2006 [pdf] (Corrected version)

2006-12-15

N0044

Vulnerability classifications used in QinetiQ report [N0043], submitted by Clive Pygott following Meeting #2 [pdf]

2006-09-19

N0043

Adam Schofield & Clive Pygott, "A Tabulation of the unpredictable features of the C++ language" September 2006, QINETIQ/SDU/TIM/CR060019, submitted by Clive Pygott following Meeting #2 [pdf]. Posted by permission [pdf]

2006-09-19

N0042

Corrected and Approved Minutes of 14-15 September 2006 Meeting of ISO/IEC JTC 1/SC 22/OWG:Vulnerability (OWG:V Meeting #2), London, UK [html] (These minutes were approved with corrections at Meeting #3.)

2006-12-14

N0041

Paul Caseley, "Dependable software dependent systems?", presentation at Meeting #2 [pdf]. Permission to post [htm]

2007-04-04

N0040

Working draft 61106 of intended PDTR 24772 [pdf], prepared by John Benito.

2006-11-06

N0039

Clive Pygott, Summary of the Discussion at the HIRTS DARP C/C++ workshop 25/4/2006, personal submission to Meeting #2 [doc]

2006-09-15

N0038

Clive Pygott - Summary of DARP Workshop personal submission to Meeting #2

2006-09-15

N0037

Derek Jones, Culture and Education, personal submission to Meeting #2 [pdf]

2006-09-15

N0036

Derek Jones, Developer beliefs about binary operator precedence, personal submission to Meeting #2 [pdf]

2006-09-15

N0035

Pre-Meeting Package, Meeting 2 - VOID

2006-08-28

N0034

UK Contribution, Proposed Base Document for OWGV [html], revised

2006-08-28

N0033

Derek Jones, Culture and Formal Education Issues: Discussion and Proposed Guidelines, personal submission [pdf]

2006-08-28

N0032

Brian Wichmann, "What is Predictable Execution?", personal submission [pdf]

2006-08-24

N0031

Robert Seacord, Email dated 2006-08-22, outlining planned CERT approach to levels, first draft of response to Action Item 01-09 [txt, jpg]

2006-08-22

N0030

Jim Moore, Proposal for Vulnerability Descriptions, Draft 1, prepared in response to Action Item 01-10 [html]

2006-08-08

N0029

Preliminary Agenda for 14-15 September 2006 Meeting of ISO/IEC JTC 1/SC 22/OWG:Vulnerability (OWG:V Meeting #2), London, UK [html]

2006-08-14

N0027

Post-Meeting Package, Meeting 1 - VOID

2006-07-24

N0026

Annual Business Plan and Convener's Report, ISO/IEC JTC 1/SC22 OWG:Vulnerability [pdf]. (This document was published by SC22 as N4078.)

2006-07-06

N0025

Minutes of 26-27 June 2006 Meeting of ISO/IEC JTC 1/SC 22/OWG:Vulnerability (OWG:V Meeting #1), Washington, DC [html]

2006-06-29

N0024

James W. Moore, Terms of Reference: ISO/IEC Project 22.24772, "Guidance to Avoiding Vulnerabilities in Programming Languages through Language Selection and Use" (Revision resulting from Meeting #1.) [pdf]

2006-06-28

N0023

Robert C. Seacord, CERT, "CERT Secure Coding Standards" (Presented at Meeting #1 of OWGV, 27 June 2006) [pdf]

2006-06-26

N0022

Derek Jones, UK, Base Document Proposal (Presented at Meeting #1 of OWGV, 27 June 2006) [pdf]

2006-06-26

N0021

Stephen Michell, Canada, "Ada's approach to Software Vulnerabilities" (Presented at Meeting #1 of OWGV, 27 June 2006) [pdf]

2006-06-26

N0020

Derek Jones, UK, Information regarding Meeting #2 of OWGV, 14-15 Sep 2006, London (Presented at Meeting #1 of OWGV, 27 June 2006) [pdf]

2006-06-26

N0019

Robert A. Martin, The MITRE Corporation, "The Common Weakness Enumeration Initiative," (Presented at Meeting #1 of OWGV, 27 June 2006) [pdf]

2006-06-23

N0018

Joe Jarzombek, US Department of Homeland Security, Considerations in Advancing the National Strategy to Secure Cyberspace for presentation to Meeting #1 of OWGV, 27 June 2006 [pdf]

27 June 2006

N0017

Robert Seacord, Carnegie-Mellon University CERT, 'Secure Coding Standards' (permission to post) [pdf]

2006-06-22

N0016

Revised Agenda for 26-27 June 2006 Meeting of ISO/IEC JTC 1/SC 22/OWG:Vulnerability (OWG:V Meeting #1), Washington, DC [html]

2006-06-22

N0015

James W. Moore, Terms of Reference: ISO/IEC Project 22.24772, "Guidance to Avoiding Vulnerabilities in Programming Languages through Language Selection and Use" [pdf]

2006-06-21

N0014

James W. Moore, Convener's Remarks, Meeting #1 of ISO/IEC JTC 1/SC 22/OWG:V [pdf]

2006-06-21

N0013

ISO/IEC TR 15942:2000, Information technology -- Programming languages -- Guide for the use of the Ada programming language in high integrity systems [web, pdf]

2006-06-20

N0012

UK Contribution, Proposed Base Document for OWGV [html]

2006-06-14

N0011

John Benito, OWG: Vulnerability -- A new type of Working Group used for a new SC22 Working Group, SC 22/WG 9 Meeting, Porto, Portugal [pdf]

2006-05-15

N0010

Meeting Announcement and Logistics for the 19-22 September 2006 JTC 1/SC 22 Plenary in London, England (cover [html], document [pdf])

2006-04-17

N0009

Meeting information, OWG:V Meeting #1, Washington DC, 26-27 June 2006 [html]

2006-04-11

N0008

Preliminary Agenda for 26-27 June 2006 Meeting of ISO/IEC JTC 1/SC 22/OWG:Vulnerability (OWG:V Meeting #1), Washington, DC [html]

2006-04-13

N0007

Disposition of Comments for SC22 N3913, "New Work Item Proposal for Guidance to Avoiding Vulnerabilities in Programming Languages through Language Selection and Use" [html]. (This document was published by SC22 as N4027.)

2006-03-13

N0006

James W. Moore, A New Standards Project on "Avoiding Programming Language Vulnerabilities", SC 22/WG 14 Meeting, Berlin, Germany [pdf]

01/03/06

N0005

James W. Moore, A New Standards Project on "Avoiding Programming Language Vulnerabilities", SIGAda Conference and SC 22/WG 9 Meeting, Atlanta, GA [pdf]

2005-11-17

N0004

James W. Moore, "Moving Forward" - -report to the SC22 High Integrity Study Group Mailer [pdf],

2005-10-06

N0003

Excerpts of SC 22 N 3989, "Resolutions Prepared at the Eighteenth Plenary Meeting of ISO/IEC JTC 1/SC 22, 30 September-2 October 2005, Mont Tremblant, Canada" [pdf]

2 October 2005

N0002

SC22 N3990 Summary of Voting for SC 22 N 3913, New Work Item Proposal for Guidance to Avoiding Vulnerabilities in Programming Languages through Language Selection and Use

5 October 2005

N0001

SC 3913 New Work Item Proposal for Guidance to Avoiding Vulnerabilities in Programming Languages through Language Selection and Use

2005-06-28