/[secure-testing]/data/ospu-candidates.txt

Diff of /data/ospu-candidates.txt

Parent Directory | Revision Log | View Patch Patch

-revision 13013 by derevko-guest,
Wed Oct 14 07:31:39 2009 UTC
+revision 15243 by jmm-guest,
Tue Aug 31 16:20:21 2010 UTC
 Line 3 
 but which could be fixed in a stable poi
  it. If someone wants to address these, please add a note about it
  and get in contact with debian-release@lists.debian.org
+ --
+ abcm2ps (no CVE)
+ #577014
+ --
+ acidbase (CVE-2009-4590, CVE-2009-4591, CVE-2009-4592)
+ notified maintainer
+ CVE-2009-4839  CVE-2009-4838 CVE-2009-4837
+ maintainer contacted us, notified about spu status
+ --
+ acl (CVE-2009-4411)
+ #499076
+ notified maintainer
  --
  asterisk (CVE-2009-0041)
  #513413
  notified maintainer
- CVE-2008-3903
+ asterisk (CVE-2008-3903)
  #522528
  notified maintainer
-Line 21 
 notified maintainer
+Line 42 
 notified maintainer
  --
- backuppc (CVE-2009-3369)
+ babel (CVE-2009-3736)
- #542218
+ #559843
  notified maintainer
  --
-Line 30 
 notified maintainer
+Line 51 
 notified maintainer
  bugzilla (CVE-2009-0481 to CVE-2009-0485)
  notified maintainer
+ CVE-2010-1204
+ notified maintainer through initial bugreport
  --
  buildbot (CVE-2009-2959, CVE-2009-2967)
-Line 43 
 notified maintainer
+Line 67 
 notified maintainer
  --
+ couchdb (CVE-2010-0009)
+ #576304
+ notified maintainer
+ --
  cron: Incomplete fix for CVE-2006-2607 (setgid() and initgroups() not checked
  #528434
  notified maintainer
  --
+ cups (CVE-2009-3553)
+ #557740
+ maintainer notified in initial bug report
+ Initial patch was incomplete;
+ cups (CVE-2010-0302)
+ #572940
+ notified maintainer
+ --
+ devil (CVE-2009-3994)
+ #560080
+ notified maintainer
+ --
  dopewars (CVE-2009-3591)
  #550913
  notified maintainer
  --
+ dstat (CVE-2009-3894)
+ http://svn.rpmforge.net/svn/trunk/tools/dstat/ChangeLog
+ notified maintainer
+ dstat (CVE-2009-4081)
+ #559667
+ notified maintainer
+ --
  evolution (CVE-2009-1631)
  #526409
  notified maintainer through initial bugreport
  --
- firebird2.0 (CVE-2009-2620)
+ exim4 (CVE-2010-2023, CVE-2010-2024)
- #539477
+ notified maintainers
- notified maintainer
+ --
+ fastjar (CVE-2010-0831, CVE-2010-2322)
+ --
+ fcron (CVE-2010-0791)
+ #572587
+ notified maintainer through initial bugreport
  --
- glib2.0 (CVE-2009-3289)
+ imp4 (CVE-2010-0463)
- https://bugzilla.gnome.org/show_bug.cgi?id=593406
+ #569661
  notified maintainer
  --
+ libgnucrypto-java (CVE-2008-5659)
+ #559789
+ removed
+ --
  gnutls26 (CVE-2009-1417)
  #531614
  notified maintainer
-Line 98 
 notified maintainer through initial bugr
+Line 170 
 notified maintainer through initial bugr
  --
+ hypre (CVE-2009-3736)
+ #559834
+ notified maintainer
+ --
+ iceweasel (CVE-2009-0777)
+ #576466
+ notified maintainer
+ --
  kde4libs (CVE-2009-2702)
  #546218
  notified maintainer
+ kde4libs (CVE-2009-0689)
+ notified maintainer
  --
  kfreebsd-6
-Line 137 
 notified maintainer through initial bugr
+Line 224 
 notified maintainer through initial bugr
  --
+ libesmtp (CVE-2010-1192)
+ #572960
+ maintainer contacted us, notified about spu status
+ --
+ libnss-db (CVE-2010-0826)
+ #577057
+ --
  libpam-ssh (CVE-2009-1273)
  #535877
  maintainer notified through initial bug report, said he would work on an update
-Line 149 
 notified maintainer
+Line 247 
 notified maintainer
  --
+ libpoe-component-irc-perl
+ #581194
+ maintainer contacted us
+ --
  libsndfile
  potential dos via crafted input
  #530831
+ notified maintainer
  --
-Line 160 
 notified maintainer and release team
+Line 265 
 notified maintainer and release team
  --
+ libstruts1.2-java (CVE-2008-2025)
+ #528352
+ notified maintainer
+ --
+ linux-ftpd: null ptr dereference
+ #572813
+ notified maintainer
+ --
+ logrotate [logrotate race condition could lead to file disclosure]
+ Fixed in sid in 3.7.8-4
+ --
+ makepasswd (no CVE ID)
+ #564559
+ notified maintainer
+ --
+ mako (CVE-2010-2480)
+ http://bugs.python.org/issue9061
+ --
+ mapserver (CVE-2010-3484, CVE-2010-3485)
+ fixed in 5.6.4-1
+ --
+ maradns
+ http://maradns.org/download/maradns-1.4.02-parse_segfault.patch
+ notified maintainer
+ --
  memcached (CVE-2009-1255)
  notified maintainer
-Line 172 
 orphaned
+Line 316 
 orphaned
  --
- movabletype-opensource (CVE-2009-2492)
- #537935
- notified maintainer
- --
  mpg123 (CVE-2009-1301)
  notified maintainer
-Line 195 
 notified maintainer
+Line 333 
 notified maintainer
  --
+ network-manager-applet (CVE-2009-4144)
+ #560067
+ notified maintainer through initial bugreport
+ CVE-2009-4145
+ #563371
+ notified maintainer through initial bugreport
+ --
  ntop (CVE-2009-2732)
  #543312
  notified maintainer through initial bugreport
-Line 206 
 notified maintainer
+Line 354 
 notified maintainer
  --
+ ruby1.8 (CVE-2010-0541)
+ --
+ ruby1.9 (CVE-2010-0541)
+ --
  squid (CVE-2009-0801)
  #521053
+ notified maintainer
  --
  squid3 (CVE-2009-0801)
  #521052
+ notified maintainer
+ --
+ t-prot (CVE-2009-4404)
+ notified maintainer
  --
-Line 227 
 notified maintainer
+Line 390 
 notified maintainer
  --
- open-iscsi (CVE-2009-1297)
- notified maintainer in initial bug report
- --
  openldap
  #253838
  notified maintainer
-Line 269 
 Ola will prepare a fix in a point update
+Line 427 
 Ola will prepare a fix in a point update
  --
+ prewikka (CVE-2010-2058)
+ #584469
+ --
+ puppet (CVE-2009-3564)
+ #551073
+ notified maintainer in initial bug report
+ CVE-2010-0156
+ #https://bugzilla.redhat.com/show_bug.cgi?id=502881
+ notified maintainer
+ --
+ python-4suite (CVE-2009-3560, CVE-2009-3720)
+ #560914
+ notified maintainer
+ --
+ python2.4 (CVE-2010-2089, CVE-2010-1634, CVE-2010-1450, CVE-2010-1449, CVE-2009-4134)
+ --
+ python2.5 (CVE-2010-2089, CVE-2010-1634, CVE-2010-1450, CVE-2010-1449, CVE-2009-4134)
+ --
  rails (CVE-2009-3086)
  bug #545063
  notified maintainer
  --
- slim (CVE-2009-1756)
+ shibboleth-sp2: world-readable key (no CVE)
- bug #529306
+ #571631
- Maintainer notified through followup in #529306
+ notified maintainer through bugreport
  --
- smarty (CVE-2009-1669)
+ squid (CVE-2010-0639)
- #529810
+ #572553
- http://groups.google.com/group/smarty-svn/browse_thread/thread/b2da2e5d1ef8b462
+ Maintainer notified through initial bugreport
- notified maintainer
+ --
+ squid3 (CVE-2010-0639)
+ #572554
+ Maintainer notified through initial bugreport
+ --
+ sqlite
+ #566326
  --
-Line 294 
 notified maintainer
+Line 494 
 notified maintainer
  --
- texlive-bin (CVE-2009-1284)
+ trac (CVE-2009-4405)
- #520920
+ notified maintainer
- https://bugzilla.redhat.com/show_bug.cgi?id=492136
  --
-Line 311 
 notified maintainer through initial bugr
+Line 510 
 notified maintainer through initial bugr
  --
+ w3m (CVE-2010-2074)
+ maintainer notified through bug report
+ --
  webkit (CVE-2008-4724)
  #520052
  asked maintainer
-Line 338 
 xerces-c2 (CVE-2009-1885)
+Line 542 
 xerces-c2 (CVE-2009-1885)
  #541986
  notified maintainer
  --
  xfig
 _mkstemp added in 1:3.2.5.a-1
  notified maintainer
+ CVE-2009-4228/CVE-2009-4227
+ #559274)
+ https://bugzilla.redhat.com/show_bug.cgi?id=543905
+ notified maintainer
  --
- xscreensaver (no CVE)
+ xmp (CVE-2007-6731, CVE-2007-6732)
- #539699
+ #546730
+ notified maintainer
+ --
+ xserver-xorg (no CVE)
+ #555308
+ --
+ ytnef (CVE-2009-3887, CVE-2009-3721)
  notified maintainer
  --
  ziproxy (CVE-2009-0804)
  #521051
+ notified maintainer
+ --
+ zope2.10 (no CVE)
+ https://mail.zope.org/pipermail/zope-announce/2010-January/002229.html
+ --
+ zoph (CVE-2008-6838, CVE-2008-6837, CVE-2009-2343)
+ http://sourceforge.net/tracker/?func=detail&aid=2815898&group_id=69353&atid=524249
+ http://sourceforge.net/project/shownotes.php?group_id=69353&release_id=694128
+ notified maintainer

 Legend:



Removed from v.13013
 


changed lines


 
Added in v.15243
 Legend:



Removed from v.13013
 


changed lines


 
Added in v.15243
-Removed from v.13013
+Added in v.15243

	ViewVC Help
Powered by ViewVC 1.1.5