/[secure-testing]/data/ospu-candidates.txt
ViewVC logotype

Contents of /data/ospu-candidates.txt

Parent Directory Parent Directory | Revision Log Revision Log

Revision 14482 - (hide annotations) (download)
Wed Apr 14 17:41:59 2010 UTC (3 years, 2 months ago) by jmm-guest
Original Path: data/spu-candidates.txt
File MIME type: text/plain
File size: 7151 byte(s) 
- logrotate no-dsa
- fix source package names for kdm
- add refs to texlive issues
1 jmm-guest 7532 This file records minor security issues, which do not warrant a DSA,
2     but which could be fixed in a stable point update if people feel like
3     it. If someone wants to address these, please add a note about it
4     and get in contact with debian-release@lists.debian.org
5    
6 jmm-guest 13302
7 jmm-guest 7532 --
8    
9 jmm-guest 13932 acidbase (CVE-2009-4590, CVE-2009-4591, CVE-2009-4592)
10 derevko-guest 13977 notified maintainer
11 jmm-guest 13932
12     --
13    
14 jmm-guest 14019 acl (CVE-2009-4411)
15     #499076
16     notified maintainer
17    
18     --
19    
20 jmm-guest 11373 asterisk (CVE-2009-0041)
21     #513413
22 nion 11718 notified maintainer
23 jmm-guest 11373
24 derevko-guest 13696 asterisk (CVE-2008-3903)
25 jmm-guest 11956 #522528
26 derevko-guest 12038 notified maintainer
27 jmm-guest 11956
28 jmm-guest 11373 --
29    
30 jmm-guest 11559 avahi (CVE-2009-0758)
31     #517683
32 nion 11718 notified maintainer
33 jmm-guest 11559
34     --
35    
36 jmm-guest 13490 babel (CVE-2009-3736)
37     #559843
38 derevko-guest 13617 notified maintainer
39 jmm-guest 13490
40     --
41    
42 jmm-guest 11507 bugzilla (CVE-2009-0481 to CVE-2009-0485)
43 nion 11718 notified maintainer
44 jmm-guest 11507
45     --
46    
47 jmm-guest 12757 buildbot (CVE-2009-2959, CVE-2009-2967)
48     #543822
49 derevko-guest 12789 notified maintainer
50 jmm-guest 12757
51     --
52    
53 jmm-guest 11963 compiz-fusion-plugins-main (CVE-2008-6514)
54 derevko-guest 12024 notified maintainer
55 jmm-guest 11963
56     --
57    
58 jmm-guest 14241 cpio (CVE-2010-0624)
59     notified maintainer
60    
61     --
62    
63 jmm-guest 11911 cron: Incomplete fix for CVE-2006-2607 (setgid() and initgroups() not checked
64     #528434
65 derevko-guest 12038 notified maintainer
66 jmm-guest 11911
67     --
68    
69 jmm-guest 13678 cups (CVE-2009-3553)
70     #557740
71     maintainer notified in initial bug report
72 derevko-guest 14351 Initial patch was incomplete;
73 jmm-guest 13678
74 derevko-guest 14351 cups (CVE-2010-0302)
75     #572940
76     notified maintainer
77 jmm-guest 14210
78 jmm-guest 13678 --
79    
80 jmm-guest 13618 devil (CVE-2009-3994)
81     #560080
82 derevko-guest 13696 notified maintainer
83 jmm-guest 13618
84     --
85    
86 gilbert-guest 13009 dopewars (CVE-2009-3591)
87     #550913
88     notified maintainer
89    
90     --
91    
92 jmm-guest 13374 dstat (CVE-2009-3894)
93     http://svn.rpmforge.net/svn/trunk/tools/dstat/ChangeLog
94 derevko-guest 13464 notified maintainer
95 jmm-guest 13374
96 derevko-guest 13464 dstat (CVE-2009-4081)
97     #559667
98     notified maintainer
99    
100 jmm-guest 13374 --
101    
102 white 12460 evolution (CVE-2009-1631)
103     #526409
104 derevko-guest 12477 notified maintainer through initial bugreport
105 white 12460
106     --
107    
108 jmm-guest 14208 fcron (CVE-2010-0791)
109     #572587
110     notified maintainer through initial bugreport
111    
112     --
113    
114 jmm-guest 14439 imp4 (CVE-2010-0463)
115     #569661
116    
117     --
118    
119 jmm-guest 13932 libgnucrypto-java (CVE-2008-5659)
120     #559789
121 derevko-guest 13977 removed
122 jmm-guest 13932
123     --
124    
125 jmm-guest 12020 gnutls26 (CVE-2009-1417)
126     #531614
127 derevko-guest 12038 notified maintainer
128 jmm-guest 12020
129     --
130    
131 jmm-guest 12757 gri (no CVE)
132     fixed in gri 2.12.18-1:
133     "Improve security when creating temporary files."
134 derevko-guest 12789 notified maintainer
135 jmm-guest 12757
136     --
137    
138 jmm-guest 12830 gupnp (CVE-2009-2174)
139     #534594
140 derevko-guest 12869 notified maintainer
141 jmm-guest 12830
142     --
143    
144     htmldoc (CVE-2009-3050)
145     #537637
146 derevko-guest 12947 notified maintainer through initial bugreport
147 jmm-guest 12830
148     --
149    
150 jmm-guest 13490 hypre (CVE-2009-3736)
151     #559834
152 derevko-guest 13617 notified maintainer
153 jmm-guest 13490
154     --
155    
156 gilbert-guest 14398 iceweasel (CVE-2009-0777)
157     #576466
158     notified maintainer
159    
160     --
161    
162 jmm-guest 12830 kde4libs (CVE-2009-2702)
163     #546218
164 derevko-guest 13013 notified maintainer
165 jmm-guest 12830
166 derevko-guest 14351 kde4libs (CVE-2009-0689)
167     notified maintainer
168 jmm-guest 14124
169 jmm-guest 12830 --
170    
171 jmm-guest 12108 kfreebsd-6
172     [freebsd Missing permission check on SIOCSIFINFO_IN6 ioctl]
173     http://security.freebsd.org/advisories/FreeBSD-SA-09:10.ipv6.asc
174 derevko-guest 12200 notified maintainer
175 jmm-guest 12108
176 jmm-guest 12191 [freebsd Local information disclosure via direct pipe writes] (CVE-2009-1935)
177 jmm-guest 12108 http://security.freebsd.org/advisories/FreeBSD-SA-09:09.pipe.asc
178 derevko-guest 12200 notified maintainer
179 jmm-guest 12108
180     --
181    
182     kfreebsd-7
183     [freebsd Missing permission check on SIOCSIFINFO_IN6 ioctl]
184     http://security.freebsd.org/advisories/FreeBSD-SA-09:10.ipv6.asc
185 derevko-guest 12200 notified maintainer
186 jmm-guest 12108
187 jmm-guest 12191 [freebsd Local information disclosure via direct pipe writes] (CVE-2009-1935)
188 jmm-guest 12108 http://security.freebsd.org/advisories/FreeBSD-SA-09:09.pipe.asc
189 derevko-guest 12200 notified maintainer
190 jmm-guest 12108
191     --
192    
193 jmm-guest 11729 kvm 82-1 (CVE-2008-5714)
194     #509997
195 derevko-guest 12047 notified maintainer
196 jmm-guest 11729
197     --
198    
199 derevko-guest 12292 lcms (CVE-2009-0793)
200     notified maintainer through initial bugreport
201    
202     --
203    
204 jmm-guest 14420 libesmtp (CVE-2010-1192)
205     #572960
206    
207     --
208    
209 jmm-guest 12626 libpam-ssh (CVE-2009-1273)
210     #535877
211 jmm-guest 12655 maintainer notified through initial bug report, said he would work on an update
212 jmm-guest 12626
213     --
214    
215 jmm-guest 12244 libpng (CVE-2009-2042)
216     #533676
217 derevko-guest 12292 notified maintainer
218 jmm-guest 12244
219 jmm-guest 14185 CVE-2010-0205
220     #572308
221    
222 jmm-guest 12244 --
223    
224 derevko-guest 12292 libsndfile
225     potential dos via crafted input
226     #530831
227 derevko-guest 14351 notified maintainer
228 derevko-guest 12292
229     --
230    
231 gilbert-guest 11775 libvorbis (CVE-2008-2009)
232     notified maintainer and release team
233    
234     --
235    
236 jmm-guest 14019 libstruts1.2-java (CVE-2008-2025)
237     #528352
238 derevko-guest 14351 notified maintainer
239 jmm-guest 14019
240     --
241    
242 jmm-guest 14226 linux-ftpd: null ptr dereference
243     #572813
244 derevko-guest 14351 notified maintainer
245 jmm-guest 14226
246     --
247    
248 jmm-guest 14482 logrotate [logrotate race condition could lead to file disclosure]
249     Fixed in sid in 3.7.8-4
250    
251     --
252    
253 jmm-guest 14136 makepasswd (no CVE ID)
254     #564559
255 derevko-guest 14351 notified maintainer
256 jmm-guest 14136
257     --
258    
259 derevko-guest 13892 maradns
260     http://maradns.org/download/maradns-1.4.02-parse_segfault.patch
261     notified maintainer
262    
263     --
264    
265 jmm-guest 12352 memcached (CVE-2009-1255)
266 derevko-guest 12387 notified maintainer
267 jmm-guest 12352
268 derevko-guest 12387 --
269 jmm-guest 12352
270 derevko-guest 12292 mimedecode
271     potential dos/crash due to invalid input
272 derevko-guest 12387 orphaned
273 derevko-guest 12292 #530430
274    
275     --
276    
277 jmm-guest 11704 mpg123 (CVE-2009-1301)
278 nion 11718 notified maintainer
279 jmm-guest 11704
280     --
281    
282 jmm-guest 12830 neon27 (CVE-2009-2474)
283     #542926
284 derevko-guest 12891 notified maintainer
285 jmm-guest 12830
286     --
287    
288     neon26 (CVE-2009-2474)
289     #542926
290 derevko-guest 12891 notified maintainer
291 jmm-guest 12830
292     --
293    
294 derevko-guest 13697 network-manager-applet (CVE-2009-4144)
295     #560067
296     notified maintainer through initial bugreport
297    
298     CVE-2009-4145
299     #563371
300     notified maintainer through initial bugreport
301    
302     --
303    
304 jmm-guest 12711 ntop (CVE-2009-2732)
305     #543312
306 derevko-guest 12892 notified maintainer through initial bugreport
307 jmm-guest 12711
308     --
309    
310 derevko-guest 12891 postfix (CVE-2009-2939)
311     notified maintainer
312    
313     --
314    
315 derevko-guest 12445 squid (CVE-2009-0801)
316     #521053
317 derevko-guest 14351 notified maintainer
318 derevko-guest 12445
319     --
320    
321     squid3 (CVE-2009-0801)
322     #521052
323 derevko-guest 14351 notified maintainer
324 derevko-guest 12445
325     --
326    
327 jmm-guest 13932 t-prot (CVE-2009-4404)
328 derevko-guest 14351 notified maintainer
329 jmm-guest 13932
330     --
331    
332 thijs 11319 net-snmp (CVE-2008-6123)
333     Noah will see to it.
334    
335     --
336    
337 jmm-guest 12830 ocsinventory-server (CVE-2009-3040, CVE-2009-3042, CVE-2009-1443)
338     #541995
339 derevko-guest 12928 notified maintainer
340 jmm-guest 12830
341     --
342    
343 jmm-guest 11490 openldap
344     #253838
345 derevko-guest 12047 notified maintainer
346 jmm-guest 11490
347     --
348    
349 jmm-guest 14218 openssl (CVE-2009-3245)
350     notified maintainer
351    
352     --
353    
354 jmm-guest 12925 overkill (no CVE yet)
355     #549310
356    
357     --
358    
359 jmm-guest 12830 owl (CVE-2009-0363)
360     #515118
361 derevko-guest 13013 notified maintainer
362 jmm-guest 12830
363     --
364    
365 gilbert-guest 11732 pam (CVE-2009-0579)
366     #514437
367     asked maintainer in mail
368    
369     --
370    
371 jmm-guest 12830 pidgin (CVE-2009-1889, CVE-2009-3083, CVE-2009-3084, CVE-2009-3085)
372     #535790
373     http://developer.pidgin.im/ticket/9483
374     http://developer.pidgin.im/viewmtn/revision/info/9bac0a540156fb1848eedd61c8630737dee752c7
375 derevko-guest 13013 notified maintainer
376 jmm-guest 12830
377     --
378    
379 jmm-guest 11712 pptp-linux (no CVE)
380     #523476
381 jmm-guest 11758 Ola will prepare a fix in a point update
382 jmm-guest 11712
383     --
384    
385 derevko-guest 13021 puppet (CVE-2009-3564)
386     #551073
387     notified maintainer in initial bug report
388    
389 jmm-guest 14214 CVE-2010-0156
390     #https://bugzilla.redhat.com/show_bug.cgi?id=502881
391 derevko-guest 14351 notified maintainer
392 jmm-guest 14214
393 derevko-guest 13021 --
394    
395 derevko-guest 13696 python-4suite (CVE-2009-3560, CVE-2009-3720)
396 jmm-guest 13640 #560914
397 derevko-guest 13696 notified maintainer
398 jmm-guest 13640
399     --
400    
401 derevko-guest 12869 rails (CVE-2009-3086)
402     bug #545063
403 derevko-guest 13013 notified maintainer
404 derevko-guest 12869
405     --
406    
407 jmm-guest 14212 shibboleth-sp2: world-readable key (no CVE)
408     #571631
409     notified maintainer through bugreport
410    
411     --
412    
413 jmm-guest 12029 slim (CVE-2009-1756)
414     bug #529306
415     Maintainer notified through followup in #529306
416    
417     --
418    
419 jmm-guest 14186 squid (CVE-2010-0639)
420     #572553
421     Maintainer notified through initial bugreport
422    
423     --
424    
425     squid3 (CVE-2010-0639)
426     #572554
427     Maintainer notified through initial bugreport
428    
429     --
430    
431 jmm-guest 13932 sqlite
432     #566326
433    
434     --
435    
436 jmm-guest 11184 tau (CVE-2008-5157)
437     #506348
438 nion 11202 notified maintainer
439 jmm-guest 11184
440     --
441    
442 jmm-guest 14482 texlive-bin (CVE-2010-0739, CVE-2010-0827)
443     notified maintainer
444    
445     --
446    
447 jmm-guest 14470 trac (CVE-2009-4405)
448    
449     --
450    
451 jmm-guest 12258 udev (#462655)
452 gilbert-guest 12260 notified maintainer
453 jmm-guest 12258
454     --
455    
456 derevko-guest 12873 planet (CVE-2009-2937)
457     bug #546178
458     notified maintainer through initial bugreport
459    
460     --
461    
462 gilbert-guest 12148 webkit (CVE-2008-4724)
463 gilbert-guest 12147 #520052
464     asked maintainer
465    
466     --
467    
468 jmm-guest 8912 xemacs21 (CVE-2008-2142)
469     bug #480877
470 nion 8916 notified maintainer
471 jmm-guest 8912
472 jmm-guest 12626 xemacs21 (CVE-2009-2688)
473     #540470
474     Patches at https://bugzilla.redhat.com/show_bug.cgi?id=511994
475 derevko-guest 12630 notified maintainer
476 jmm-guest 12626
477     --
478    
479 jmm-guest 11386 xen-3 (CVE-2008-4993)
480 jmm-guest 9973 #496367
481 nion 9991 notified maintainer
482 jmm-guest 11553
483     --
484    
485 derevko-guest 13013 xerces-c2 (CVE-2009-1885)
486     #541986
487     notified maintainer
488 jmm-guest 12830
489     --
490    
491 jmm-guest 11553 xfig
492 derevko-guest 12057 25_mkstemp added in 1:3.2.5.a-1
493     notified maintainer
494 jmm-guest 11553
495 jmm-guest 13557 CVE-2009-4228/CVE-2009-4227
496     #559274)
497     https://bugzilla.redhat.com/show_bug.cgi?id=543905
498    
499 jmm-guest 11704 --
500    
501 jmm-guest 13040 xmp (CVE-2007-6731, CVE-2007-6732)
502     #546730
503 derevko-guest 13339 notified maintainer
504 jmm-guest 13040
505     --
506    
507 jmm-guest 13932 xserver-xorg (no CVE)
508     #555308
509    
510     --
511    
512 jmm-guest 13969 ytnef (CVE-2009-3887, CVE-2009-3721)
513 derevko-guest 14351 notified maintainer
514 jmm-guest 13969
515     --
516    
517 jmm-guest 11704 ziproxy (CVE-2009-0804)
518     #521051
519 derevko-guest 13777 notified maintainer
520    
521 jmm-guest 13932 --
522    
523     zope2.10 (no CVE)
524     https://mail.zope.org/pipermail/zope-announce/2010-January/002229.html
525 jmm-guest 13938
526     --
527    
528     zoph (CVE-2008-6838, CVE-2008-6837, CVE-2009-2343)
529     http://sourceforge.net/tracker/?func=detail&aid=2815898&group_id=69353&atid=524249
530     http://sourceforge.net/project/shownotes.php?group_id=69353&release_id=694128
531 derevko-guest 14351 notified maintainer
532    
  ViewVC Help
Powered by ViewVC 1.1.5