/[secure-testing]/data/spu-candidates.txt
ViewVC logotype

Contents of /data/spu-candidates.txt

Parent Directory Parent Directory | Revision Log Revision Log

Revision 13974 - (hide annotations) (download)
Sat Jan 30 19:11:22 2010 UTC (3 years, 4 months ago) by derevko-guest
File MIME type: text/plain
File size: 5880 byte(s) 
stable point update
1 jmm-guest 7532 This file records minor security issues, which do not warrant a DSA,
2     but which could be fixed in a stable point update if people feel like
3     it. If someone wants to address these, please add a note about it
4     and get in contact with debian-release@lists.debian.org
5    
6 jmm-guest 13302
7 jmm-guest 7532 --
8    
9 jmm-guest 13932 acidbase (CVE-2009-4590, CVE-2009-4591, CVE-2009-4592)
10    
11     --
12    
13 jmm-guest 11373 asterisk (CVE-2009-0041)
14     #513413
15 nion 11718 notified maintainer
16 jmm-guest 11373
17 derevko-guest 13696 asterisk (CVE-2008-3903)
18 jmm-guest 11956 #522528
19 derevko-guest 12038 notified maintainer
20 jmm-guest 11956
21 jmm-guest 11373 --
22    
23 jmm-guest 11559 avahi (CVE-2009-0758)
24     #517683
25 nion 11718 notified maintainer
26 jmm-guest 11559
27     --
28    
29 jmm-guest 13490 babel (CVE-2009-3736)
30     #559843
31 derevko-guest 13617 notified maintainer
32 jmm-guest 13490
33     --
34    
35 jmm-guest 11507 bugzilla (CVE-2009-0481 to CVE-2009-0485)
36 nion 11718 notified maintainer
37 jmm-guest 11507
38     --
39    
40 jmm-guest 12757 buildbot (CVE-2009-2959, CVE-2009-2967)
41     #543822
42 derevko-guest 12789 notified maintainer
43 jmm-guest 12757
44     --
45    
46 jmm-guest 13932 centerim (CVE-2008-4776)
47     #559782
48    
49     --
50    
51 jmm-guest 11963 compiz-fusion-plugins-main (CVE-2008-6514)
52 derevko-guest 12024 notified maintainer
53 jmm-guest 11963
54     --
55    
56 jmm-guest 11911 cron: Incomplete fix for CVE-2006-2607 (setgid() and initgroups() not checked
57     #528434
58 derevko-guest 12038 notified maintainer
59 jmm-guest 11911
60     --
61    
62 jmm-guest 13678 cups (CVE-2009-3553)
63     #557740
64     maintainer notified in initial bug report
65    
66     --
67    
68 jmm-guest 13618 devil (CVE-2009-3994)
69     #560080
70 derevko-guest 13696 notified maintainer
71 jmm-guest 13618
72     --
73    
74 gilbert-guest 13009 dopewars (CVE-2009-3591)
75     #550913
76     notified maintainer
77    
78     --
79    
80 jmm-guest 13374 dstat (CVE-2009-3894)
81     http://svn.rpmforge.net/svn/trunk/tools/dstat/ChangeLog
82 derevko-guest 13464 notified maintainer
83 jmm-guest 13374
84 derevko-guest 13464 dstat (CVE-2009-4081)
85     #559667
86     notified maintainer
87    
88 jmm-guest 13374 --
89    
90 white 12460 evolution (CVE-2009-1631)
91     #526409
92 derevko-guest 12477 notified maintainer through initial bugreport
93 white 12460
94     --
95    
96 jmm-guest 13932 libgnucrypto-java (CVE-2008-5659)
97     #559789
98    
99     --
100    
101 jmm-guest 12020 gnutls26 (CVE-2009-1417)
102     #531614
103 derevko-guest 12038 notified maintainer
104 jmm-guest 12020
105     --
106    
107 jmm-guest 12757 gri (no CVE)
108     fixed in gri 2.12.18-1:
109     "Improve security when creating temporary files."
110 derevko-guest 12789 notified maintainer
111 jmm-guest 12757
112     --
113    
114 jmm-guest 12830 gupnp (CVE-2009-2174)
115     #534594
116 derevko-guest 12869 notified maintainer
117 jmm-guest 12830
118     --
119    
120     htmldoc (CVE-2009-3050)
121     #537637
122 derevko-guest 12947 notified maintainer through initial bugreport
123 jmm-guest 12830
124     --
125    
126 jmm-guest 13490 hypre (CVE-2009-3736)
127     #559834
128 derevko-guest 13617 notified maintainer
129 jmm-guest 13490
130     --
131    
132 jmm-guest 12830 kde4libs (CVE-2009-2702)
133     #546218
134 derevko-guest 13013 notified maintainer
135 jmm-guest 12830
136     --
137    
138 jmm-guest 12108 kfreebsd-6
139     [freebsd Missing permission check on SIOCSIFINFO_IN6 ioctl]
140     http://security.freebsd.org/advisories/FreeBSD-SA-09:10.ipv6.asc
141 derevko-guest 12200 notified maintainer
142 jmm-guest 12108
143 jmm-guest 12191 [freebsd Local information disclosure via direct pipe writes] (CVE-2009-1935)
144 jmm-guest 12108 http://security.freebsd.org/advisories/FreeBSD-SA-09:09.pipe.asc
145 derevko-guest 12200 notified maintainer
146 jmm-guest 12108
147     --
148    
149     kfreebsd-7
150     [freebsd Missing permission check on SIOCSIFINFO_IN6 ioctl]
151     http://security.freebsd.org/advisories/FreeBSD-SA-09:10.ipv6.asc
152 derevko-guest 12200 notified maintainer
153 jmm-guest 12108
154 jmm-guest 12191 [freebsd Local information disclosure via direct pipe writes] (CVE-2009-1935)
155 jmm-guest 12108 http://security.freebsd.org/advisories/FreeBSD-SA-09:09.pipe.asc
156 derevko-guest 12200 notified maintainer
157 jmm-guest 12108
158     --
159    
160 jmm-guest 11729 kvm 82-1 (CVE-2008-5714)
161     #509997
162 derevko-guest 12047 notified maintainer
163 jmm-guest 11729
164     --
165    
166 derevko-guest 12292 lcms (CVE-2009-0793)
167     notified maintainer through initial bugreport
168    
169     --
170    
171 jmm-guest 12626 libpam-ssh (CVE-2009-1273)
172     #535877
173 jmm-guest 12655 maintainer notified through initial bug report, said he would work on an update
174 jmm-guest 12626
175     --
176    
177 jmm-guest 12244 libpng (CVE-2009-2042)
178     #533676
179 derevko-guest 12292 notified maintainer
180 jmm-guest 12244
181     --
182    
183 derevko-guest 12292 libsndfile
184     potential dos via crafted input
185     #530831
186    
187     --
188    
189 gilbert-guest 11775 libvorbis (CVE-2008-2009)
190     notified maintainer and release team
191    
192     --
193    
194 derevko-guest 13892 maradns
195     http://maradns.org/download/maradns-1.4.02-parse_segfault.patch
196     notified maintainer
197    
198     --
199    
200 jmm-guest 12352 memcached (CVE-2009-1255)
201 derevko-guest 12387 notified maintainer
202 jmm-guest 12352
203 derevko-guest 12387 --
204 jmm-guest 12352
205 derevko-guest 12292 mimedecode
206     potential dos/crash due to invalid input
207 derevko-guest 12387 orphaned
208 derevko-guest 12292 #530430
209    
210     --
211    
212 jmm-guest 11704 mpg123 (CVE-2009-1301)
213 nion 11718 notified maintainer
214 jmm-guest 11704
215     --
216    
217 jmm-guest 12830 neon27 (CVE-2009-2474)
218     #542926
219 derevko-guest 12891 notified maintainer
220 jmm-guest 12830
221     --
222    
223     neon26 (CVE-2009-2474)
224     #542926
225 derevko-guest 12891 notified maintainer
226 jmm-guest 12830
227     --
228    
229 derevko-guest 13697 network-manager-applet (CVE-2009-4144)
230     #560067
231     notified maintainer through initial bugreport
232    
233     CVE-2009-4145
234     #563371
235     notified maintainer through initial bugreport
236    
237     --
238    
239 jmm-guest 12711 ntop (CVE-2009-2732)
240     #543312
241 derevko-guest 12892 notified maintainer through initial bugreport
242 jmm-guest 12711
243     --
244    
245 derevko-guest 12891 postfix (CVE-2009-2939)
246     notified maintainer
247    
248     --
249    
250 derevko-guest 12445 squid (CVE-2009-0801)
251     #521053
252    
253     --
254    
255     squid3 (CVE-2009-0801)
256     #521052
257    
258     --
259    
260 jmm-guest 13932 t-prot (CVE-2009-4404)
261    
262     --
263    
264 thijs 11319 net-snmp (CVE-2008-6123)
265     Noah will see to it.
266    
267     --
268    
269 jmm-guest 12830 ocsinventory-server (CVE-2009-3040, CVE-2009-3042, CVE-2009-1443)
270     #541995
271 derevko-guest 12928 notified maintainer
272 jmm-guest 12830
273     --
274    
275     open-iscsi (CVE-2009-1297)
276     notified maintainer in initial bug report
277    
278     --
279    
280 jmm-guest 11490 openldap
281     #253838
282 derevko-guest 12047 notified maintainer
283 jmm-guest 11490
284     --
285    
286 jmm-guest 12925 overkill (no CVE yet)
287     #549310
288    
289     --
290    
291 jmm-guest 12830 owl (CVE-2009-0363)
292     #515118
293 derevko-guest 13013 notified maintainer
294 jmm-guest 12830
295     --
296    
297 gilbert-guest 11732 pam (CVE-2009-0579)
298     #514437
299     asked maintainer in mail
300    
301     --
302    
303 jmm-guest 12830 pidgin (CVE-2009-1889, CVE-2009-3083, CVE-2009-3084, CVE-2009-3085)
304     #535790
305     http://developer.pidgin.im/ticket/9483
306     http://developer.pidgin.im/viewmtn/revision/info/9bac0a540156fb1848eedd61c8630737dee752c7
307 derevko-guest 13013 notified maintainer
308 jmm-guest 12830
309     --
310    
311 jmm-guest 11712 pptp-linux (no CVE)
312     #523476
313 jmm-guest 11758 Ola will prepare a fix in a point update
314 jmm-guest 11712
315     --
316    
317 derevko-guest 13021 puppet (CVE-2009-3564)
318     #551073
319     notified maintainer in initial bug report
320    
321     --
322    
323 derevko-guest 13696 python-4suite (CVE-2009-3560, CVE-2009-3720)
324 jmm-guest 13640 #560914
325 derevko-guest 13696 notified maintainer
326 jmm-guest 13640
327     --
328    
329 derevko-guest 12869 rails (CVE-2009-3086)
330     bug #545063
331 derevko-guest 13013 notified maintainer
332 derevko-guest 12869
333     --
334    
335 jmm-guest 12029 slim (CVE-2009-1756)
336     bug #529306
337     Maintainer notified through followup in #529306
338    
339     --
340    
341 jmm-guest 13932 sqlite
342     #566326
343    
344     --
345    
346 jmm-guest 11184 tau (CVE-2008-5157)
347     #506348
348 nion 11202 notified maintainer
349 jmm-guest 11184
350     --
351    
352 jmm-guest 12258 udev (#462655)
353 gilbert-guest 12260 notified maintainer
354 jmm-guest 12258
355     --
356    
357 derevko-guest 12873 planet (CVE-2009-2937)
358     bug #546178
359     notified maintainer through initial bugreport
360    
361     --
362    
363 gilbert-guest 12148 webkit (CVE-2008-4724)
364 gilbert-guest 12147 #520052
365     asked maintainer
366    
367     --
368    
369 jmm-guest 8912 xemacs21 (CVE-2008-2142)
370     bug #480877
371 nion 8916 notified maintainer
372 jmm-guest 8912
373 jmm-guest 12626 xemacs21 (CVE-2009-2688)
374     #540470
375     Patches at https://bugzilla.redhat.com/show_bug.cgi?id=511994
376 derevko-guest 12630 notified maintainer
377 jmm-guest 12626
378     --
379    
380 jmm-guest 11386 xen-3 (CVE-2008-4993)
381 jmm-guest 9973 #496367
382 nion 9991 notified maintainer
383 jmm-guest 11553
384     --
385    
386 derevko-guest 13013 xerces-c2 (CVE-2009-1885)
387     #541986
388     notified maintainer
389 jmm-guest 12830
390     --
391    
392 jmm-guest 11553 xfig
393 derevko-guest 12057 25_mkstemp added in 1:3.2.5.a-1
394     notified maintainer
395 jmm-guest 11553
396 jmm-guest 13557 CVE-2009-4228/CVE-2009-4227
397     #559274)
398     https://bugzilla.redhat.com/show_bug.cgi?id=543905
399    
400 jmm-guest 11704 --
401    
402 jmm-guest 13040 xmp (CVE-2007-6731, CVE-2007-6732)
403     #546730
404 derevko-guest 13339 notified maintainer
405 jmm-guest 13040
406     --
407    
408 jmm-guest 13932 xserver-xorg (no CVE)
409     #555308
410    
411     --
412    
413 jmm-guest 13969 ytnef (CVE-2009-3887, CVE-2009-3721)
414    
415     --
416    
417 jmm-guest 11704 ziproxy (CVE-2009-0804)
418     #521051
419 derevko-guest 13777 notified maintainer
420    
421 jmm-guest 13932 --
422    
423     zope2.10 (no CVE)
424     https://mail.zope.org/pipermail/zope-announce/2010-January/002229.html
425 jmm-guest 13938
426     --
427    
428     zoph (CVE-2008-6838, CVE-2008-6837, CVE-2009-2343)
429     http://sourceforge.net/tracker/?func=detail&aid=2815898&group_id=69353&atid=524249
430     http://sourceforge.net/project/shownotes.php?group_id=69353&release_id=694128
  ViewVC Help
Powered by ViewVC 1.1.5