/[secure-testing]/data/ospu-candidates.txt
ViewVC logotype

Contents of /data/ospu-candidates.txt

Parent Directory Parent Directory | Revision Log Revision Log

Revision 12121 - (show annotations) (download)
Sun Jun 14 07:12:37 2009 UTC (4 years ago) by derevko-guest
File MIME type: text/plain
File size: 8711 byte(s) 
tracked some packages accepted in stable and oldstable
1 This file records minor security issues, which do not warrant a DSA,
2 but which could be fixed in a oldstable point update if people feel like
3 it. If someone wants to address these, please add a note about it
4 and get in contact with debian-release@lists.debian.org
5
6 --
7
8 acidbase (CVE-2007-5578)
9 notified maintainer
10
11 --
12
13 aegis (CVE-2008-4938)
14 #496400
15 notified maintainer
16
17 --
18
19 apertium (CVE-2008-4939)
20 #496395
21 notified maintainer
22
23 --
24
25 asterisk (CVE-2009-0041)
26 #513413
27 notified maintainer
28
29 CVE-2008-3903
30 #522528
31 notified maintainer
32
33 --
34
35 audacity (CVE-2007-6061)
36 http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=453283
37 notified maintainer
38
39 --
40
41 auctex (no CVE)
42 #506961
43 notified maintainer
44
45 --
46
47 audiolink (CVE-2008-4942)
48 #496433
49 notified maintainer
50
51 --
52
53 avahi (CVE-2009-0758)
54 #517683
55 notified maintainer
56
57 --
58
59 aview (CVE-2008-4935)
60 #496422
61 notified maintainer
62
63 --
64
65 beagle (CVE-2005-4791)
66 notified maintainer
67
68 --
69
70 blam (CVE-2005-4791)
71 notified maintainer
72
73 --
74
75 bluez-libs/bluez-utils (CVE-2008-2374)
76 https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2008-2374
77 notified maintainer
78
79 --
80
81 boost (CVE-2008-0172/CVE-2008-0171)
82 #461236
83 notified maintainer
84
85 --
86
87 bugzilla (CVE-2008-2103)
88 #480190
89 notified maintainer
90
91 CVE-2008-4437
92 #502019
93 notified maintainer
94
95 bugzilla (CVE-2009-0481 to CVE-2009-0485)
96
97 --
98
99 byacc (CVE-2008-3196)
100 #491182
101 notified maintainer
102
103 --
104
105 bzip2 (CVE-2008-1372)
106 #471670
107 Maintainer has been notified
108
109 --
110
111 cdcontrol
112 #496438
113 notified maintainer
114
115 --
116
117 cdrw-taper (CVE-2008-4945)
118 #496380
119 notified maintainer
120
121 --
122
123 cecilia (CVE-2008-1832)
124 #476321
125 notified maintainer
126
127 --
128
129 chillispot
130 #500181
131 notified maintainer
132
133 --
134
135 comix (CVE-2008-1568)
136 #462840
137 notified maintainer
138
139 --
140
141 cron: Incomplete fix for CVE-2006-2607 (setgid() and initgroups() not checked
142 #528434
143 notified maintainer
144
145 --
146
147 cupsys (CVE-2008-5377)
148 notified maintainer
149
150 --
151
152 cyrus-sasl2 (no CVE)
153 #465561
154 notified maintainer
155
156 --
157
158 dia (CVE-2008-5984)
159 #504251
160 notified maintainer
161
162 --
163
164 digitaldj (CVE-2008-4948)
165 #496399
166 notified maintainer
167
168 --
169
170 ed (CVE-2008-3916)
171 Fix from 0.7-2
172 notified maintainer
173
174 --
175
176 emacs21 (CVE-2007-6109/CVE-2008-1694)
177 bug #455433, bug #476612
178 notified maintainer
179
180 emacs21 (CVE-2008-2142)
181 bug #480877
182 notified maintainer
183
184 --
185
186 emacs-jabber (CVE-2008-4952)
187 #496428
188 notified maintainer
189
190 --
191
192 emacspeak (CVE-2008-4191)
193 #496431
194 notified maintainer
195
196 --
197
198 epiphany-browser (CVE-2008-5985)
199 #504363
200 notified maintainer
201
202 --
203
204 evolution (CVE-2008-1108, CVE-2008-1109)
205 #484639
206 notified maintainer
207
208 evolution (no CVE)
209 #484639
210 notified maintainer
211
212 --
213
214 exiv2 (CVE-2008-2696)
215 bug #486328
216 http://dev.robotbattle.com/cgi-bin/viewvc.cgi/exiv2/trunk/src/nikonmn.cpp?r1=1473&r2=1499
217 notified maintainer
218
219 --
220
221 flac123 (CVE-2007-3507)
222 notified maintainer
223
224 --
225
226 fml (CVE-2008-4954)
227 #496370
228 notified maintainer
229
230 --
231
232 freeradius (CVE-2008-4474)
233 #496489
234 notified maintainer
235
236 --
237
238 fwbuilder (CVE-2008-4956)
239 #496406
240 notified maintainer
241
242 --
243
244 gedit (CVE-2009-0314)
245 #513513
246 notified maintainer
247
248 --
249
250 gdrae
251 #496378
252 notified maintainer
253
254 --
255
256 gmanedit (CVE-2008-3971)
257 #497835
258 notified maintainer
259
260 --
261
262 gnutls13 (CVE-2009-1417)
263 #531614
264 notified maintainer
265
266 --
267
268 gpsdrive (CVE-2008-5704, CVE-2008-5703, CVE-2008-5380)
269 #496436, #508597, #508595
270 notified maintainer
271
272 --
273
274 hplip (CVE-2008-2940/CVE-2008-2941)
275 #499842
276 notified maintainer
277
278 --
279
280 ipsec-tools (CVE-2008-3651)
281 http://sourceforge.net/mailarchive/forum.php?thread_name=48a0c7a0.qPeWZAE0PY8bDDq%2B%25olel%40ans.pl&forum_name=ipsec-tools-devel
282 notified maintainer
283
284 ipsec-tools (CVE-2008-3652)
285 #501026
286 https://bugzilla.redhat.com/show_bug.cgi?id=456660
287 notified maintainer
288
289 --
290
291 kaya (CVE-2008-6428)
292 notified maintainer
293
294 --
295
296 konwert (CVE-2008-4964)
297 #496379
298 notified maintainer
299
300 --
301
302 lcms (CVE-2009-0793)
303 notified maintainer through initial bugreport
304
305 --
306
307 libapache2-mod-perl2 (CVE-2007-1349)
308 http://svn.apache.org/viewvc?view=rev&revision=521584
309 #433549
310 notified maintainer
311
312 --
313
314 libpam-ssh (CVE-2007-0844)
315 #410236
316 notified maintainer
317
318 --
319
320 libsamplerate (CVE-2008-5008)
321 https://bugzilla.redhat.com/attachment.cgi?id=323069
322 notified maintainer
323
324 --
325
326 libpng (CVE-2008-1382)
327 #476669
328 notified maintainer
329
330 --
331
332 libvorbis (CVE-2008-2009)
333 notified maintainer and release team
334
335 --
336
337 liferea (CVE-2005-4791)
338 notified maintainer
339
340 --
341
342 lighttpd (CVE-2007-3948)
343 #434888
344 Was accidentally omitted during DSA 1362, but doesn't warrant a DSA on it's own.
345 http://trac.lighttpd.net/trac/changeset/1873?format=diff&new=1873
346 http://trac.lighttpd.net/trac/ticket/1216
347 notified maintainer
348
349 --
350
351 links2 (CVE-2008-3329)
352 bug #492744
353 notified maintainer
354
355 --
356
357 linux-ftpd (CVE-2008-4247)
358 #500278
359 notified maintainer
360
361 --
362
363 linux-ftpd-ssl (CVE-2007-6263)
364 #454733
365 notified maintainer
366
367 --
368
369 mailscanner (CVE-2008-5312, CVE-2008-5313)
370 #506353
371 notified maintainer
372
373 --
374
375 mecab (CVE-2007-3231)
376 #429174
377 notified maintainer
378
379 --
380
381 mercurial (CVE-2008-4297)
382 #500781
383 notified maintainer
384
385 --
386
387 mgetty (CVE-2008-4936)
388 #496403
389 notified maintainer
390
391 --
392
393 mgt
394 #496434
395 notified maintainer
396
397 --
398
399 mksh (CVE-2008-1845)
400 notified maintainer
401
402 --
403
404 mldonkey (CVE-2007-4100)
405 #435439
406 notified maintainer
407
408 --
409
410 mnogosearch (CVE-2007-5588)
411 #447753
412 notified maintainer
413
414 --
415
416 motion (CVE-2008-2654)
417 #484572
418 notified maintainer
419
420 --
421
422 mpg123 (CVE-2009-1301)
423 notified maintainer
424
425 --
426
427 multi-gnome-terminal (CVE-2008-5143)
428 notified maintainer
429
430 --
431
432 myspell
433 #496392
434 notified maintainer
435
436 --
437
438 net-snmp (CVE-2008-6123)
439 Noah will see to it.
440
441 --
442
443 nfs-utils (CVE-2008-4552)
444 notified maintainer
445
446 --
447
448 ngircd (CVE-2008-0285)
449 notified maintainer
450
451 --
452
453 nvi
454 #496462
455 notified maintainer
456
457 --
458
459 openldap
460 #253838
461 notified maintainer
462
463 --
464
465 p3nfs (CVE-2008-5154)
466 bug #506270
467 notified maintainer
468
469 --
470
471 pam (CVE-2009-0579)
472 #514437
473 asked maintainer in mail
474
475 --
476
477 paramiko (CVE-2008-0299)
478 #460706
479 notified maintainer
480
481 --
482
483 pptp-linux (no CVE)
484 #523476
485 Ola will prepare a fix in a point update
486
487 --
488
489 python2.4 (CVE-2008-4864, CVE-2008-5031)
490 #504620
491 notified maintainer
492
493 python2.5 (CVE-2008-4864, CVE-2008-5031)
494 #504619
495 notified maintainer
496
497 --
498
499 r-base (CVE-2008-3931)
500 #496418
501 notified maintainer
502
503 --
504
505 rancid (CVE-2008-4979)
506 #496426
507 notified maintainer
508
509 --
510
511 rccp (CVE-2008-4980)
512 #496364
513 notified maintainer
514
515 --
516
517 realtimebattle (CVE-2008-4981)
518 #496385
519 notified maintainer
520
521 --
522
523 redhat-cluster (CVE-2008-4192, CVE-2008-4579, CVE-2008-4580)
524 #496410
525 notified maintainer
526
527 --
528
529 rkhunter (CVE-2008-4982)
530 #496375
531 notified maintainer
532
533 --
534
535 rsync (CVE-2007-6200)
536 #453652
537 notified maintainer
538
539 --
540
541 sabre (CVE-2008-4406, CVE-2008-4407)
542 #433996
543 notified maintainer
544
545 --
546
547 scilab (CVE-2008-4983)
548 #496414
549 notified maintainer
550
551 --
552
553 sgml2x (CVE-2008-6397)
554 #496368
555 notified maintainer
556
557 --
558
559 sip-tester (CVE-2008-1959, CVE-2008-2085)
560 #479039
561 notified maintainer
562
563 --
564
565 slocate (CVE-2007-0227)
566 #411937
567 notified maintainer
568
569 --
570
571 smb4k (CVE-2007-0475, CVE-2007-0474, CVE-2007-0473, CVE-2007-0472)
572 notified maintainer
573
574 --
575
576 sng
577 #496407
578 notified maintainer
579
580 --
581
582 ssmtp (CVE-2008-3962)
583 #498366
584 notified maintainer
585
586 --
587
588 sylpheed (CVE-2007-2958)
589 #441854
590 http://www.colino.net/claws-mail/getpatchset.php3?ver=2.10.0cvs153 fixes the bug
591 notified maintainer
592
593 --
594
595 sympa (CVE-2008-4476)
596 #496405; bug #494969
597 notified maintainer
598
599 --
600
601 tau (CVE-2008-5157)
602 #506348
603 notified maintainer
604
605 --
606
607 tcl8.3/tcl8.4 (CVE-2007-4772)
608 notified maintainer
609
610 tcl8.3/tcl8.4 (CVE-2007-6067)
611 notified maintainer
612
613 --
614
615 tetex-bin (CVE-2009-1284)
616 #520920
617 https://bugzilla.redhat.com/show_bug.cgi?id=492136
618
619 --
620
621 texlive-bin (CVE-2007-5935 CVE-2007-5936 CVE-2007-5937)
622 notified maintainer
623
624 --
625
626 tintin++ (CVE-2008-0673 CVE-2008-0672 CVE-2008-0671)
627 #465643
628 notified maintainer
629
630 --
631
632 tomboy (CVE-2005-4790)
633 notified maintainer
634
635 --
636
637 tqsllib 2.0-8 (CVE-2009-0124)
638 #511509
639 notified maintainer
640
641 --
642
643 trac (CVE-2008-5646 CVE-2008-5647)
644 #509342, #505197
645 notified maintainer
646
647 --
648
649 trickle (CVE-2009-0415)
650 #513456
651 notified maintainer
652
653 --
654
655 unp (CVE-2007-6610)
656 #448437
657 notified maintainer
658
659 --
660
661 xmcd (CVE-2008-4994)
662 #496416
663 notified maintainer
664
665 --
666
667 vobcopy (CVE-2007-5718)
668 bug #448319
669 notified maintainer
670
671 --
672
673 wdiff [insecure tempfile in wdiff]
674 bug #425254
675 notified maintainer
676
677 --
678
679 wims (CVE-2008-4986)
680 #496387
681 notified maintainer
682
683 --
684
685 wyrd (CVE-2008-0806)
686 bug #466382
687 notified maintainer
688
689 --
690
691 xastir (CVE-2008-4987)
692 #496383
693 notified maintainer
694
695 --
696
697 xcal (CVE-2008-4988)
698 #496393
699 notified maintainer
700
701 --
702
703 xchat (CVE-2009-0315)
704 #513509
705 notified maintainer
706
707 --
708
709 xemacs21 (CVE-2007-6109/CVE-2008-1694)
710 bug #457764, bug #476613
711 notified maintainer
712
713 xemacs21 (CVE-2008-2142)
714 bug #480877
715 notified maintainer
716
717 --
718
719 xen-3 (CVE-2008-4993)
720 #496367
721 notified maintainer
722
723 --
724
725 xfce4 (CVE-2007-6351 CVE-2007-6352)
726 notified maintainer
727
728 --
729
730 xfig
731 25_mkstemp added in 1:3.2.5.a-1
732 notified maintainer
733
734 --
735
736 zabbix (CVE-2008-1353)
737 bug #471678
738 notified maintainer
739
740 --
741
742 zope-cmfplone (CVE-2008-1394)
743 notified maintainer
744
745 --
746
747 zsh (CVE-2007-6209)
748 bug #454073)
749 notified maintainer
750
  ViewVC Help
Powered by ViewVC 1.1.5