/[secure-testing]/data/ospu-candidates.txt

Diff of /data/ospu-candidates.txt

Parent Directory | Revision Log | View Patch Patch

-revision 7986 by jmm-guest,
Sun Jan 20 12:11:17 2008 UTC
+revision 12571 by derevko-guest,
Tue Aug 11 20:45:32 2009 UTC
 Line 5 
 and get in contact with debian-release@l
  --
- audacity (CVE-2007-6061)
+ asterisk (CVE-2009-0041)
- http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=453283
+ #513413
+ notified maintainer
+ CVE-2008-3903
+ #522528
  notified maintainer
  --
- balsa (CVE-2007-5007)
+ avahi (CVE-2009-0758)
- http://bugzilla.gnome.org/attachment.cgi?id=95088&action=view
+ #517683
  notified maintainer
  --
- beagle (CVE-2005-4791)
+ bugzilla (CVE-2009-0481 to CVE-2009-0485)
  notified maintainer
  --
- blam (CVE-2005-4791)
+ compiz-fusion-plugins-main (CVE-2008-6514)
  notified maintainer
  --
- flac123 (CVE-2007-3507)
+ cron: Incomplete fix for CVE-2006-2607 (setgid() and initgroups() not checked
+ #528434
  notified maintainer
  --
- libapache2-mod-perl2 (CVE-2007-1349)
+ evolution (CVE-2009-1631)
- http://svn.apache.org/viewvc?view=rev&revision=521584
+ #526409
- #433549
+ notified maintainer through initial bugreport
+ --
+ firebird2.0 (CVE-2009-2620)
+ #539477
+ --
+ gnutls26 (CVE-2009-1417)
+ #531614
+ notified maintainer
+ --
+ kfreebsd-6
+ [freebsd Missing permission check on SIOCSIFINFO_IN6 ioctl]
+ http://security.freebsd.org/advisories/FreeBSD-SA-09:10.ipv6.asc
+ notified maintainer
+ [freebsd Local information disclosure via direct pipe writes] (CVE-2009-1935)
+ http://security.freebsd.org/advisories/FreeBSD-SA-09:09.pipe.asc
  notified maintainer
  --
- libcdio (CVE-2007-6613)
+ kfreebsd-7
- https://bugs.gentoo.org/show_bug.cgi?id=203777
+ [freebsd Missing permission check on SIOCSIFINFO_IN6 ioctl]
- http://savannah.gnu.org/bugs/?21910
+ http://security.freebsd.org/advisories/FreeBSD-SA-09:10.ipv6.asc
- http://lists.gnu.org/archive/html/libcdio-devel/2007-12/msg00009.html
+ notified maintainer
- http://cvs.savannah.gnu.org/viewvc/libcdio/src/iso-info.c?root=libcdio&r1=1.35&r2=1.36
- http://cvs.savannah.gnu.org/viewvc/libcdio/src/cd-info.c?root=libcdio&r1=1.149&r2=1.150
+ [freebsd Local information disclosure via direct pipe writes] (CVE-2009-1935)
- http://cvs.savannah.gnu.org/viewvc/libcdio/src/iso-info.c?root=libcdio&r1=1.36&r2=1.37
+ http://security.freebsd.org/advisories/FreeBSD-SA-09:09.pipe.asc
- http://cvs.savannah.gnu.org/viewvc/libcdio/src/cd-info.c?root=libcdio&r1=1.150&r2=1.151
+ notified maintainer
  --
- libpam-ssh (CVE-2007-0844)
+ kvm 82-1 (CVE-2008-5714)
- #410236
+ #509997
  notified maintainer
  --
+ lcms (CVE-2009-0793)
+ notified maintainer through initial bugreport
- liferea (CVE-2005-4791)
+ --
+ libpng (CVE-2009-2042)
+ #533676
  notified maintainer
  --
- lighttpd (CVE-2007-3948)
+ libsndfile
- #434888
+ potential dos via crafted input
- Was accidentally omitted during DSA 1362, but doesn't warrant a DSA on it's own.
+ #530831
- http://trac.lighttpd.net/trac/changeset/1873?format=diff&new=1873
- http://trac.lighttpd.net/trac/ticket/1216
+ --
+ libvorbis (CVE-2008-2009)
+ notified maintainer and release team
+ --
+ memcached (CVE-2009-1255)
  notified maintainer
  --
- linux-ftpd-ssl (CVE-2007-6263)
+ mimedecode
- #454733
+ potential dos/crash due to invalid input
+ orphaned
+ #530430
+ --
+ mpg123 (CVE-2009-1301)
  notified maintainer
  --
- mecab (CVE-2007-3231)
+ squid (CVE-2009-0801)
- #429174
+ #521053
+ --
+ squid3 (CVE-2009-0801)
+ #521052
+ --
+ stardict (CVE-2009-2260)
+ #534731
  notified maintainer
  --
- mldonkey (CVE-2007-4100)
+ net-snmp (CVE-2008-6123)
- #435439
+ Noah will see to it.
+ --
+ openldap
+ #253838
  notified maintainer
- ---
+ --
+ pam (CVE-2009-0579)
+ #514437
+ asked maintainer in mail
- proftpd-dfsg, proftpd (CVE-2007-2165)
+ --
- update in progress
+ pptp-linux (no CVE)
+ #523476
+ Ola will prepare a fix in a point update
  --
- python2.4, python2.5 (CVE-2007-4965)
+ slim (CVE-2009-1756)
- http://bugs.python.org/issue1179
+ bug #529306
+ Maintainer notified through followup in #529306
+ --
+ smarty (CVE-2009-1669)
+ #529810
+ http://groups.google.com/group/smarty-svn/browse_thread/thread/b2da2e5d1ef8b462
  notified maintainer
  --
- slocate (CVE-2007-0227)
+ tau (CVE-2008-5157)
- #411937
+ #506348
  notified maintainer
  --
- sylpheed (CVE-2007-2958)
+ texlive-bin (CVE-2009-1284)
- #441854
+ #520920
- http://www.colino.net/claws-mail/getpatchset.php3?ver=2.10.0cvs153 fixes the bug
+ https://bugzilla.redhat.com/show_bug.cgi?id=492136
+ --
+ udev (#462655)
  notified maintainer
  --
- tomboy (CVE-2005-4790)
+ webkit (CVE-2008-4724)
+ #520052
+ asked maintainer
+ --
+ xemacs21 (CVE-2008-2142)
+ bug #480877
  notified maintainer
  --
- vobcopy (CVE-2007-5718)
+ xen-3 (CVE-2008-4993)
- bug #448319
+ #496367
  notified maintainer
  --
- zsh (CVE-2007-6209)
+ xfig
- bug #454073)
+_mkstemp added in 1:3.2.5.a-1
  notified maintainer
+ --
+ ziproxy (CVE-2009-0804)
+ #521051

 Legend:



Removed from v.7986
 


changed lines


 
Added in v.12571
 Legend:



Removed from v.7986
 


changed lines


 
Added in v.12571
-Removed from v.7986
+Added in v.12571

	ViewVC Help
Powered by ViewVC 1.1.5