| /[secure-testing]/data/ospu-candidates.txt |
Parent Directory
| 
Revision Log
| Sticky Revision: |
o/spu candidate magpierss
php5 won't be updated via {o,}spu
thanks for the help, but no, I won't be releasing a DSA and then
another update via {o,}spu for sec issues.
CVE-2011-0420 no-dsa
gif2png prsc liason
new feh tmp race, no-dsa
krb5 is a candidate asterisk/avahi fixed
mailman CVEfied magpierss no-dsa
- stunnel, pidgin no-dsa - 2008 eclipse issue already fixed before, 2010 fixed in sid - one kfreebsd issue fixed long ago, the other no-dsa
gif2png fixed
Remove unneeded ospu candidates
mediatomb no-dsa
four new minor issues from Ubuntu reported by Kees, all no-dsa
eclipse bugnum and spu candidate
add file for squeeze
rename spu-candidates to ospu-candidate to allow us to track Squeeze
- new postgres issue - sssd tpu - various CVE assignments - mingetty, numpy no-dsa
maradns NMUd
- egroupware/kses not-affected - liboggz, mercurial, greylistd, dbus-glib no-dsa - libxml2 issue is actually a php issue - proftpd fixed - pixelpost removed - yet another weborf issue - new nbd issue
add latest oo.o issues, not tracking libreoffice yet, we can start once it has been uploaded initially to unstable
hypermail no-dsa puppet issue doesn't affect Lenny
NFUs new minor pam issues two ffmpeg issues (probably related to CVE-2010-0480)
sssd NMUed offlineimap no-dsa filed bugs for qemu and mojarra
mono-debugger no-dsa
centerim no-dsa matrixssl no-dsa add spu notifications
gnome-subtitles no-dsa
new python path issues
record latest point release
- new chrome/webkit issues - new library path issues in banshee, gnome-shell, gnucash, tomboy - vim issue Windows-specific - one typo3 issue was fixed in previous DSA - NFUs
- ember fixed - two more dovecot issues (fixed in Squeeze, N/A in Lenny) - new mozilla issue and various mozilla updates - postgresql9 issue (sid only) - new python issue (already fixed in 3.1, 2.6 and 2.5 still needed) - eglibc issue unimportant - NFUs - mantis fixed
ust fixed new issues in fusionforge and flash-kernel
- torcs fixed and no-dsa - typo3 CVEfied
- tau, python-cjson fixed
- lastfm, roaraudio, ike no-dsa - mahara/tinymce code copy fixed - otrs fixed - cleanup older issues
- fix spu version number for libpoe-component-irc-perl - record lenny kernel point update fixes - mark several issues not affecting lenny kernel - scilab and teamspeak are non-free and no-dsa
- ardour and magics++ fixed - bristol and ardour not in Lenny, remove no-dsa tags and spu-candidates entry - bug filed for mysql
- multiple CVE IDs assigned for typo3 DSA - ardour and brostol fixed and no-dsa for Lenny - new Chromium/Webkit issue - NFUs Further cleanups of issues w/o a CVE ID: - remove /dev/mem entry, this is a hardening feature not a vulnerability - remove gmanedit and warzone entries, not a vulnerability as config files are under local control - remove duplicated piwigo entry
xserver spu upload new piwigo issue (fixed in squeeze, not in lenny) record clamav/bzip2 issue
- new clamav issue (already fixed in sid) - qtparted and dropbox: fixed and no-dsa - add srcpkg names for new poppler issues - mydms has been removed - new wireshark issue no-dsa, only code injection bugs are treated as DSA-worthy issues
- remove rejected LXR issue, mark remaining ones no-dsa - libgdiplus stable point update - remove one phpbb3 dupe, two no-dsa
- fix drupal c&p error - no-dsa: libhx, libgdiplus, mapserver - fix phpmyadmin entry, was still marked as unfixed for lenny
#581194 is a spu candidate
socat fixed exim no-dsa
prewikka no-dsa
- qt issue got a separate CVE ID - mako fixed in sid, no-dsa for Lenny
- fix incorrect Plone NFU - spu status updates - openttd CVEfied - libesmtp fixed - Mozilla fixes - new rpcbind issue
- NFUs - redmine not in Lenny - rewrite old kdebase entry - rewrite old rails entry - fastjar fixed - remove policykit TODO, has been removed - webkit issue is in Ruby - old OO exploit never appeared, mark as NFU. If there ever is one, we'll learn about it anyway - remove a few obsolete TODOs
- moodle fixed - adapt severity of tiff crashers; without real security impact - bugnums - acidbase issue (mostly fixed, all no-dsa) - rewrite cherokee entry
- three new bugzilla issues, two not-affected, one no-dsa - new minor xulrunner issue, one xulrunner issue not-affected - Fix openjdk srcpkg name - remove a few old undetermined entries for webkit copies for new, we won't be able to realistically triage/support them if this isn't even done upstream
- pgp4pine removed - squirrelmail already tracked by separate ID - remove spu entries for issues fixed in latest point release - mono fix was uploaded to unstable - another slim issue was fixed in 5.0.5 point update - 5.0.5 point update also introduced fixed sun-java[56] packages - ziproxy fixed - feh fixed - new issues in wget (dsa), lftp (dsa) and libwww-perl (no-dsa) - bug filed for w3m/ssl validation - convert older safari TODOs to undetermined entries - bug filed for tomcat6 information disclosure
- new squirrelmail non-issue (Thijs, please change severity if you disagree) - pyftpd fixed in spu upload - hamlib/ltdl code copy fixed - multiple moodle issues fixed - new moodle issues - new htmlpurifier issue - new bozohttpd issues - horde not affected by Xinha issue - new ziproxy issue not in Lenny - activeldap prototype.js code copy fixed - mono fixed - new round of mozilla issues, already fixed in unstable and experimental for xulrunner and in iceape - two new pscs assignments already covered by CVE ID from DSA - new fastjar issue no-dsa - xen issue is in the Hypervisor, not the kernel (but already fixed anyway)
- new minor w3m issue - notified maintainer on pyftpd spu upload, he's preparing one - deluge of new webkit issues
python no-dsa
openssl spu fix
spu notifications nano issues fixed in spu
- libnss-db no-dsa - remove duplicated theora entry
- rewrite clamav with EOL tag - couchdb fixed - two fixes in Sun Java 6 - couchdb no-dsa - begin qt4-x11 triage
new typo3 issue
abcm2ps no-dsa tla spu fixes
- logrotate no-dsa - fix source package names for kdm - add refs to texlive issues
- konversation not-affected - trac no-dsa - more information on RTSP issue affecting mplayer and VLC - opendchub not-affected in Lenny - tgt fixed
- new mediawiki issue - new udisks issue - imp no-dsa
- opendchub CVEfied - new libnss-db issue - latest round of mozilla issues affects icedove as well - emacsen movemail issues no-dsa - fix entry for fwbuilder - squid not affected by slowloris attack - postgres no-dsa - arora issue a non-issue - one libesmtp issue fixed in 2008, the other one no-dsa
submitted a couple bugs
spu notifications
- mod-security fixed - cpio fixed - removed temp entries for moin issues already CVEfied
- libpurple/qutecom code copy fixed - new minor mediawiki issues - cpio/tar maintainers notified about no-dsa for minor rmt issue
ftpd no-dsa
openssl no-dsa
puppet no-dsa bugnums for linux-ftpd and libesmtp samba/dir trav no-dsa fix bugnum for kfreebsd
shibboleth no-dsa esmtp unimportant sudo unimportant add cups bugnum
filed bugs for cups and ncpfs issues
- filed bug for ncpfs issues, no-dsa for Lenny - fcron maintainers notified for no-dsa status
- mp4h fixed - fcron no-dsa
- squid bugnums - new xar issue
- libpng no-dsa - new moin issues fixed - fix version for sudo NMU - annotate the split for CVE-2009-3297 (splitting this several weeks after multiple issues have been released really sucks) - asterisk design issue discussed with maintainers, no update planned - fix typo in wordpress source package name - flex fixed even before Lenny
- webworker issues affects Firefox 3.0 according to Mozilla - remove dead ITP for webmin - iceape fixed - don't treat pidgin as unimportant - ircd-hybrid fixed - automake1.10 fixed - makepasswd fixed - overkill fixed - pyfribidi fixed - python-4suite fixed
hamlib fixed kde4libs no-dsa gnome-screensaver fix in unstable, dupe of existing issue?
- acl fixed - xotcl fixed by using system copy of expat - asterisk issue unstable/testing only - acl/struts no-dsa
centerim spu
spu notifications
stable point update
docutils insecure usage of temporary files has been fixed in lenny.
ratbox fixed filed bug for ytnef and fuse issues
more lenny triage
Lenny status triage: - multiple no-dsa - acidbase CVEfied - ocsinventory unimportant
New maradns minor issue
dokuwiki triage removed already uploaded spu/ospu
NFU spu notifications
NFUs and ITPs two minor network-manager issues
SPU notifications
- ltdl copy in bochs fixed - libextractor ltdl fixed - cups, asterisk no-dsa
* imagemagick uses system copy of ltdl * several no-dsa for ltdl issue * new libhaml-ruby issue already fixed * another expat no-dsa * qt4 triage * python expat issues should be fixed through DSAs
CVE-2009-4079 and CVE-2009-4078 fixed in redmine 0.9.0~svn2902-1 CVE-2009-3701 fixed in horde3 3.3.6+debian0-1 jbossas4 issues
* mark several ltdl issues as no-dsa * devil no-dsa * jetty issues not in binary package * record more openjdk fixes * iceape in lenny only a stub package
spu notifications
add python-docutils to spu candidates
* updates on libtool issues * xfig fixed * zoph fixed * liboggplay fixed * update fixed version for firefox-sage * wxwidgets code copies of expat fixed * ayttm/expat fixed * start readjusting some of the expat issue, calling most of them security issues is stretching things too far * fix acpid entry * xen fixed
- updates on libtool code copies: * snbc, dico and unixodbc use the system copy * hypre and babel fixed, but no-dsa for Lenny/Etch - update poppler issue for code copies - fix kfreebsd bug num - new devil issue - fix tracking for dstat
- NFUs - spu notifications
new minor dstat issue
spu notifications CVE-2009-3300 fixed in shibboleth-sp2 2.3+dfsg-1
- track grub2 fix for unstable, not experimental - asterisk, kernel, xmltooling, net-snmp fixed - various no-dsa - remove dubious VulnDisco "issues" from the tracker until details are published - old kvm issue doesn't affect us, CVE description is wrong, confirmed by KVM upstream
- wireshark issues - CVE-2009-3765: mutt not-affected, our mutt is linked against gnutls - CVE-2009-3641: DoS while printing specially-crafted IPv6 packet using the -v option in snort - CVE-2009-3616: Multiple use-after-free vulnerabilities in qemu and kvm - CVE-2006-5031: fixed in cakephp 1.1.13.4450-1 - CVE-2006-4067: fixed in cakephp 1.1.13.4450-1
- xmp no-dsa - new pidgin issue - rejected cleaups
- oping CVEfied - xscreensaver spu fix - dhttpd no-dsa - mono fixed - new backintime issue
- CVE-2009-3564 no-dsa - CVE-2009-3589 fixed in incron 0.5.7-1 - CVE-2009-3575: Buffer overflow in DHTRoutingTableDeserializer.cc in aria2 - openoffice.org issues - NFUs
- NFUs - spu notifications
- dopewars non-issue - tracking for dsa-1906
- htmldoc NMUed - CVE-2009-3242,CVE-2009-3241 fixed in wireshark 1.2.2-1 - CVE-2009-3490 fixed in wget 1.12-1
spu notifications
no-dsa: glib, overkill
- planet-venus scheduled for point update - backuppc no-dsa - new libfwbuilder issue - new opensaml issue - rewrite some not-affected entries
spu notification
- spu notifications - neon26 fixed in unstable
- NFUs - planet issue no-dsa - chromium itp
- spu notifications - CVE-2009-3235 is a different vulnerability than CVE-2009-2632
cleanups from issue review, new issues, no-dsas, not-affected, etc. pp
- rails fixed - rhythmbox, libdkim unimportant - wireshark, movable type no-dsa
spu notifications
- NFUs
- two minor no-dsa candidate mod_proxy_ftp issues
- CVE-2008-607{0,1,2) were fixed in graphicsmagick 1.2.3-1
- two new rails issues
- gri, buildbot no-dsa - xulrunner fixes for Lenny - sdm, burn fixed - remove silc temp entry - gaim not affected in lenny, only a transitional package
- ntop indeed no-dsa - new ikiwiki issue - new serveez issue (no-dsa candidate)
- NFUs - some issues fixed in spu - chromium-browser itp
checked some not-affected states
new burn issue (no-dsa)
- spu notifications - OCS Inventory NG Server Sql injection fixed in unstable
- openvpn, xemacs, libpam-ssh no-dsa - new gri issue
etch and lenny are not affected by wordpress password reset issue
wordpress issue is an spu/ospu candidate
- tor issues scheduled for spu - mark firebird as spu candidate
spu notifications
evolution mailer issue no-dsa
CVE-2009-0801 spu/ospu candidate NFUs
NFUs spu notification
stardict no-dsa
memcachedb doesn't exist in stable and oldstable
spu and ospu notifications
mark wordpress info leaks as unimportant
NFUs CVE-2009-2175 fixed in spu two new fckeditor issues
spu and ospu notifications
etch also affected by udev issue and mainainer notified
udev no-dsa
- new phpmyadmin issue - libpng and browser randomness issues no-dsa - ocsinventory documented as not to be used with a public web server (TODO: document in debtag) - moin non-issue - samba fixed - add epoch to compface entry - new icedove issues
spu notifications
- xfs fixed - convirt fixed - jasper fixed - some cleanups of CVE requests - I've begun triaging the xine-lib issues for etch
typo
webkit issue is an spu-candidate
- new issues: kfreebsd (2x), adtool, kernel, webkit (2x), tomcat - bugnum - cscope fixed - fix webkit entries, all issues are tracked by source packages, not binary package names - atmailopen was removed from the archive
ospu and spu notifications
ospu and spu notifications
ospu and spu notifications
coccinelle is only in unstable and testing
slim no-dsa
- compiz-fusion-plugins-main spu notification - new gst-plugins-good0.10 Integer Overflow Vulnerability
- gnutls no-dsa - mozilla non-issue
minor lcms issue
- compiz-fusion-plugins-main no-dsa - two new kernel issues - requested removal for verlihub
one pidgin issue doesn't affect Etch asterisk no-dsa
- minor ntp issue has been fixed in DSA alongside with a more severe issue, remove from ospu/spu candidates list - kernel fixed - selinux issue was fixed for 2.6.29 through stable kernel update - issue tracked as openjdk is actually a lcms issue - CVE-2008-5519 is listed on the Tomcat web site, but it's actually within mod-jk only - clone ffmpeg-debian issue for the ffmpeg version in etch - clone gnutls issue for the gnutls version in etch - remove duplicate etch entry for older apache issue
cron no-dsa
CVE-2009-0757 doesnt affect etch/lenny
- CVE-2009-0164 won't be fixed in spu updates - fix date in DSA list - new minor hex-a-hop issue - fix jetty issue, why was this marked unimportant?
Requested CVE id for coccinelle issue, no-dsa for oldstable/stable
CVE-2008-2009 vulnerability already fixed; additional hardening features to be considered as an spu/ospu candidate
kfreebsd spu preparation
- new kernel issue - spu updates - add samba issue (already fixed) - bugnums
- pptp-linux issue fixed in unstable - pam issue unimportant and candidate for spu/ospu
- various no-dsa issues triaged
some spu notices
- mark slurm as fixed for lenny - remove wireshark duplicates - one kernel issue has been renamed - pptp-linux no-dsa
Filled bug for ntp, severity low, no-dsa
cups no-dsa issues
lots of no-dsas
marked as no-dsa, added to xspu candidates. Please remember to do so if you mark an issue as no-dsa and if it makes sense
xfig no-dsa
- bugzilla no-dsa - xulrunner fixed
- multiple java6 issues fixed - new xfig issue - systemtap fixed - avahi fixed - opensc fixed - openldap no-dsa
- new kfreebsd issue - remove etch-specific unfixed entry, unneeded and might cause problems - clone mikmod no-dsas for lenny - unimportant bash issue fixed
lenny is already fixed
kaya no-dsa
split and update spu candidates
- asterisk no-dsa for Lenny as well - mysql 5.1 available in experimental
- spu notifications - CVE-2009-0819 does not affect mysql in Debian - CVE-2009-0737 fixed in mediawiki 1:1.14.0-1 - CVE-2008-5076 fixed in htop 0.8.1-2 - CVE-2008-4968 fixed in lmbench 3.0-a9-1
this should be fixed
new mpfr issue already fixed in sid, no-dsa for released suites
no-dsa for psi
net-snmp no-dsa as per RT #1152
- add libarchive-tar-perl to spu candidates - libsamplerate, python/imageop no-dsa - add one missing CVE ID to python-dns DSA - two mediawiki issues don't affect etch - tar module not yet present in Etch's perl
- no-dsa: mailscanner, tsqllib, mikmod, sdlmixer - remove CVEfied trac temp entry - one tomcat issue is actually a JVM issue - libnet-dns-perl isn't fixed DNS randomisation-wise
spu notifications
- no-dsa: acidbase, bluez, motion, nfs-utils, systemimager, kdelibs - three new wireshark issues already resolved for etch and lenny - arb fixed
tau no-dsa new tor issues
add latest point update
sput notification
new kernel issues NFUs gnumeric fixed evolution no-dsa ktorrent CVEfied
gnumeric stable update proposed
* no-dsa for some python2.5 issues which have been fixed for 2.4 (even through they've been borderline cases already) * tcl no-dsa * cleanup older php issue
spu notification
auctex, cyrus-sasl no-dsa
gnumeric untrusted search path issue can be fixed via s-p-u
New trickle issue, CVE id requested
New gedit python path issue
New xchat python path issue
spu notification
Mark unp issue as no-dsa, it is not really used as archiver by any package in stable
spu notification
- xrdp fixed - tcl no-dsa - fix gstreamer srcpkg name
spu notification
mark as spu candidate
fill in xrdp bug, NFU, spu notification
multi-gnome-terminal issue is low, can be fixed via s-p-u
spu notice
spu notice
devscripts no-dsa
p3nfs no-dsa
minor/unimportant issues
spu notification
muttprint fixed in sid, s-p-u candidate
CVE-2008-4247 fixed via spu
graphviz in s-p-u accepted
stable point release candidates in preparation
spu notifications
dnspython no-dsa one kernel issue fixed
spu notifications
spu notifications
CVE-2008-4863 fixed for stable
spu notification
Mark horde3 XSS with no-dsa; use no-das as well and document dup
* add one CVD ID to horde3 DSA * bugzilla <no-dsa> * add a TODO a <confirmed> tag * document glibc stub resolver situation
some no-dsas two typo3 issues don't affect etch
spu notification
Add urgency to blender issue
spu notification
hplip no-dsa
spu notification
python issues are low priority; two don't affect etch, one no-dsa
dia maintainer notified
Add new dia issue; only vulnerable when called from certain dir, so no-dsa
spu notification
- record latest stable update - two no-dsa for minor ftpd issues
spu notification
ipsec-tools no-dsa some kernel issues fixed mantis updated fix one network issue affects freeBSD
spu notification
gmanedit no-dsa various minor updates
two new kernel issues new minor graphiv issue
spu notification
CVE allocations and temp updates
dist package uploaded
no spu for crossfire-maps
spu notifications
ssmtp no-dsa
nvi spu notification
more no-dsa sql-ledger not fully supported in Etch/Lenny
Etch triage: - Three recent kernel issues don't affect 2.6.18 from Etch - twiki issue has been rejected - ed issue no-dsa, was also duplicated - links2 minor information leak no-dsa
spu notifications
temp triage finished feta CVEfied
more SPUs openswan should be fixed not much point in fixing LTP in Etch, in Lenny it has been documented to only work for isolated environments
more SPUs bulmages not in etch some bugs were already archived, which initially confused me
more temp triage
more SPUs r-base-core-ra and dtc tracked, but not in Etch
more temp triage
spu notifications
remove plait and lazarus from spu-candidates, they're not present in Etch more temp triage new kernel issue
spu notification
realtimebattle issue already in tracker; not run as root and minor issue, no-dsa
chillispot tmp race is low, no-dsa, maintainer notified
sabre maintainer notified for spu
temp file issue in game sabre is minor
notifications for spu candidates
more tmp triage it seems as if Dmitry didn't file bugs for all issues in his MBF, the remaining ones need to be evaluated and filed
more temp triage
start triaging temp file issue mass bug filing
Add information about jumpnbump issue to tracker
CVE-2008-3688 fixed in havp 20070509-1.1 notified ipsec-tools maintainer for spu, fixed upstream link
new kernel issue add entries for 2.6.24 no-dsas
notified exiv2,links2 and wdiff maintainers for spu
links2, exiv2 no-dsa add php to packages with special security support add one missing mozilla CVE ID, which was split off one moin issue doesn't affect etch two dnsmasq issues don't affect etch, dnsmasq CVEfied one iceweasel issue Mac specific add note on firebird in etch one issues marked as php is only relevant to libgd
rather removed fixed spu candidates instead of marking them fixed
mark balsa, cbrpager, proftpd-dfsg fixed via spu
notified baycc maintainer for spu
new issue no-dsas
record several upstream fixes for the upcoming 2.6.26 upload remove <unfixed> entries for [etch], since they're always implicitly unfixed if the version number is lower than the entry for unstable do not record 2.6.24 entries if the fixed version in unstable is lower than 2.6.24
notified bugzilla maintainer for spu
updates on embedded code copies bugzilla no-dsa add missing CVE ID to libimager-perl DSA fix two incorrect ruby entries remove some NOTEs present in the respective CVE entries new kernel issue, mark unfixed for now until it's been figured out when this was fixed upstream resolve old gpg TODO NFUs
cbrpager is being worked on
notified maintainers for spu
more no-dsa
mksh no-dsa two DSAs imlib1 not affected by recent issues
notified x/emacs21 maintainer for spu
emacs no-dsa one missing ID for openssh snort issue doesn't affect etch sql-ledger issues fixed
notified maintainers for spu
two no-dsa one openssh issue doesn't affect etch mondo CVEfied
notified libpng maintainer for spu
libpng no-dsa add one CVE id for clamav adjust eterm severity to rvxt entry
spu notifications
emacsen no-dsa fix typos (had been too late)
notified cecilia maintainer
cecilia no-dsa python issue will be fixed in DSA along with other issues
notified paramiko maintainer for spu
- bzip2 and paramiko no-dsa - two new python issues - mediawiki/etch not affected twice
notified comix maintainer for spu update
comix no-dsa
notified boost maintainers for spu update
boost spu no-dsa cld issue/glibc not needed for etch eterm rather harmless, more of a design bug than a vulnerability
zabbix maintainer notified for spu
two more DSAs one no-dsa
notified wyrd maintainer for stable update
more no-dsa
maintainer notifications
two more no-dsa
notified python-django maintainer for stable update
django no-dsa
spu maintainer notifications
xfce no-dsa
one kernel issue doesn't affect etch denyhosts fixed in stable update php5 ini issue no-dsa due to regressions one php issue unimportant ruby1.9 no-dsa streamripper no-dsa
notified mnogosearch maintainer for stable update
one kernel issue not affecting etch safe mode bypass unimportant (report has been posted to full disclosure) mnogosearch minor issue
turned out that etch and sarge don't ship the affected tool in the libcdio binary packages
notified libcdio maintainer
libcdio no-dsa older tomcat issue only affecting examples, rewriting
notified balsa maintainer
remove xine dupe balsa no-dsa qt ssl cert issue doesn't affect sarge or etch
duplicity sarge/etch not affected
notified lighttpd maintainer
minor lighttpd issue to spu candidates gforge will be fixed in a DSA one nagios-plugins issue doesn't affect Etch
notified duplicity maintainer
duplicity no-dsa
maintainer notifications for flac and libpam-ssh
two new no-dsa issues xscreensaver issue doesn't affect etch rss-glx was only a workaround, the real fix was xscreensaver two moin issues were mixed around
maintainers notified for new spu candidates
more no-dsa on search path issues
- When I tried to assist the maintainer to extract a patch to backport I noticed the code isn't present in Etch at all, noting accordingly - Sylpheed issue not worth a DSA
three new DSAs one issue no-dsa
notified mldonkey and nufw maintainers
- Firefly Media Server is in the archive, but under a different name (marked
unfixed w/o further checks for now as a temporary measure)
- one rails issue doesn't affect Etch
- nufw, mldonkey no-dsa
- rewrite phpsysinfo as unimportant, rather than no-dsa
notified mecab maintainer
mecab no-dsa
CVE-2007-6211 fixed in stable/oldstable by regular update
two no-dsa
notified maintainer for proftpd update
updates on minor issues
notified all maintainers for possible security updates for stable
- syslog dos does not affect Sarge - sing candidate for stable update
remove rejected ID from qemu DSA remove some notes on rejected entries one older php issue unimportant per PHP security policy
iwlwifi kernel issue doesn't affect etch netkit-ftpd-ssl no-dsa
two more no-dsa issues
This file records minor security issues, which do not warrant a DSA, but which could be fixed in a stable point update if people feel like it. If someone wants to address these, please add a note about it and get in contact with debian-release@lists.debian.org
This form allows you to request diffs between any two revisions of this file. For each of the two "sides" of the diff, enter a numeric revision.
| ViewVC Help | |
| Powered by ViewVC 1.1.5 |