/[secure-testing]/data/spu-candidates.txt
ViewVC logotype

Contents of /data/spu-candidates.txt

Parent Directory Parent Directory | Revision Log Revision Log

Revision 13984 - (hide annotations) (download)
Sun Jan 31 19:52:48 2010 UTC (3 years, 4 months ago) by jmm-guest
File MIME type: text/plain
File size: 5870 byte(s) 
centerim spu
1 jmm-guest 7532 This file records minor security issues, which do not warrant a DSA,
2     but which could be fixed in a stable point update if people feel like
3     it. If someone wants to address these, please add a note about it
4     and get in contact with debian-release@lists.debian.org
5    
6 jmm-guest 13302
7 jmm-guest 7532 --
8    
9 jmm-guest 13932 acidbase (CVE-2009-4590, CVE-2009-4591, CVE-2009-4592)
10 derevko-guest 13977 notified maintainer
11 jmm-guest 13932
12     --
13    
14 jmm-guest 11373 asterisk (CVE-2009-0041)
15     #513413
16 nion 11718 notified maintainer
17 jmm-guest 11373
18 derevko-guest 13696 asterisk (CVE-2008-3903)
19 jmm-guest 11956 #522528
20 derevko-guest 12038 notified maintainer
21 jmm-guest 11956
22 jmm-guest 11373 --
23    
24 jmm-guest 11559 avahi (CVE-2009-0758)
25     #517683
26 nion 11718 notified maintainer
27 jmm-guest 11559
28     --
29    
30 jmm-guest 13490 babel (CVE-2009-3736)
31     #559843
32 derevko-guest 13617 notified maintainer
33 jmm-guest 13490
34     --
35    
36 jmm-guest 11507 bugzilla (CVE-2009-0481 to CVE-2009-0485)
37 nion 11718 notified maintainer
38 jmm-guest 11507
39     --
40    
41 jmm-guest 12757 buildbot (CVE-2009-2959, CVE-2009-2967)
42     #543822
43 derevko-guest 12789 notified maintainer
44 jmm-guest 12757
45     --
46    
47 jmm-guest 11963 compiz-fusion-plugins-main (CVE-2008-6514)
48 derevko-guest 12024 notified maintainer
49 jmm-guest 11963
50     --
51    
52 jmm-guest 11911 cron: Incomplete fix for CVE-2006-2607 (setgid() and initgroups() not checked
53     #528434
54 derevko-guest 12038 notified maintainer
55 jmm-guest 11911
56     --
57    
58 jmm-guest 13678 cups (CVE-2009-3553)
59     #557740
60     maintainer notified in initial bug report
61    
62     --
63    
64 jmm-guest 13618 devil (CVE-2009-3994)
65     #560080
66 derevko-guest 13696 notified maintainer
67 jmm-guest 13618
68     --
69    
70 gilbert-guest 13009 dopewars (CVE-2009-3591)
71     #550913
72     notified maintainer
73    
74     --
75    
76 jmm-guest 13374 dstat (CVE-2009-3894)
77     http://svn.rpmforge.net/svn/trunk/tools/dstat/ChangeLog
78 derevko-guest 13464 notified maintainer
79 jmm-guest 13374
80 derevko-guest 13464 dstat (CVE-2009-4081)
81     #559667
82     notified maintainer
83    
84 jmm-guest 13374 --
85    
86 white 12460 evolution (CVE-2009-1631)
87     #526409
88 derevko-guest 12477 notified maintainer through initial bugreport
89 white 12460
90     --
91    
92 jmm-guest 13932 libgnucrypto-java (CVE-2008-5659)
93     #559789
94 derevko-guest 13977 removed
95 jmm-guest 13932
96     --
97    
98 jmm-guest 12020 gnutls26 (CVE-2009-1417)
99     #531614
100 derevko-guest 12038 notified maintainer
101 jmm-guest 12020
102     --
103    
104 jmm-guest 12757 gri (no CVE)
105     fixed in gri 2.12.18-1:
106     "Improve security when creating temporary files."
107 derevko-guest 12789 notified maintainer
108 jmm-guest 12757
109     --
110    
111 jmm-guest 12830 gupnp (CVE-2009-2174)
112     #534594
113 derevko-guest 12869 notified maintainer
114 jmm-guest 12830
115     --
116    
117     htmldoc (CVE-2009-3050)
118     #537637
119 derevko-guest 12947 notified maintainer through initial bugreport
120 jmm-guest 12830
121     --
122    
123 jmm-guest 13490 hypre (CVE-2009-3736)
124     #559834
125 derevko-guest 13617 notified maintainer
126 jmm-guest 13490
127     --
128    
129 jmm-guest 12830 kde4libs (CVE-2009-2702)
130     #546218
131 derevko-guest 13013 notified maintainer
132 jmm-guest 12830
133     --
134    
135 jmm-guest 12108 kfreebsd-6
136     [freebsd Missing permission check on SIOCSIFINFO_IN6 ioctl]
137     http://security.freebsd.org/advisories/FreeBSD-SA-09:10.ipv6.asc
138 derevko-guest 12200 notified maintainer
139 jmm-guest 12108
140 jmm-guest 12191 [freebsd Local information disclosure via direct pipe writes] (CVE-2009-1935)
141 jmm-guest 12108 http://security.freebsd.org/advisories/FreeBSD-SA-09:09.pipe.asc
142 derevko-guest 12200 notified maintainer
143 jmm-guest 12108
144     --
145    
146     kfreebsd-7
147     [freebsd Missing permission check on SIOCSIFINFO_IN6 ioctl]
148     http://security.freebsd.org/advisories/FreeBSD-SA-09:10.ipv6.asc
149 derevko-guest 12200 notified maintainer
150 jmm-guest 12108
151 jmm-guest 12191 [freebsd Local information disclosure via direct pipe writes] (CVE-2009-1935)
152 jmm-guest 12108 http://security.freebsd.org/advisories/FreeBSD-SA-09:09.pipe.asc
153 derevko-guest 12200 notified maintainer
154 jmm-guest 12108
155     --
156    
157 jmm-guest 11729 kvm 82-1 (CVE-2008-5714)
158     #509997
159 derevko-guest 12047 notified maintainer
160 jmm-guest 11729
161     --
162    
163 derevko-guest 12292 lcms (CVE-2009-0793)
164     notified maintainer through initial bugreport
165    
166     --
167    
168 jmm-guest 12626 libpam-ssh (CVE-2009-1273)
169     #535877
170 jmm-guest 12655 maintainer notified through initial bug report, said he would work on an update
171 jmm-guest 12626
172     --
173    
174 jmm-guest 12244 libpng (CVE-2009-2042)
175     #533676
176 derevko-guest 12292 notified maintainer
177 jmm-guest 12244
178     --
179    
180 derevko-guest 12292 libsndfile
181     potential dos via crafted input
182     #530831
183    
184     --
185    
186 gilbert-guest 11775 libvorbis (CVE-2008-2009)
187     notified maintainer and release team
188    
189     --
190    
191 derevko-guest 13892 maradns
192     http://maradns.org/download/maradns-1.4.02-parse_segfault.patch
193     notified maintainer
194    
195     --
196    
197 jmm-guest 12352 memcached (CVE-2009-1255)
198 derevko-guest 12387 notified maintainer
199 jmm-guest 12352
200 derevko-guest 12387 --
201 jmm-guest 12352
202 derevko-guest 12292 mimedecode
203     potential dos/crash due to invalid input
204 derevko-guest 12387 orphaned
205 derevko-guest 12292 #530430
206    
207     --
208    
209 jmm-guest 11704 mpg123 (CVE-2009-1301)
210 nion 11718 notified maintainer
211 jmm-guest 11704
212     --
213    
214 jmm-guest 12830 neon27 (CVE-2009-2474)
215     #542926
216 derevko-guest 12891 notified maintainer
217 jmm-guest 12830
218     --
219    
220     neon26 (CVE-2009-2474)
221     #542926
222 derevko-guest 12891 notified maintainer
223 jmm-guest 12830
224     --
225    
226 derevko-guest 13697 network-manager-applet (CVE-2009-4144)
227     #560067
228     notified maintainer through initial bugreport
229    
230     CVE-2009-4145
231     #563371
232     notified maintainer through initial bugreport
233    
234     --
235    
236 jmm-guest 12711 ntop (CVE-2009-2732)
237     #543312
238 derevko-guest 12892 notified maintainer through initial bugreport
239 jmm-guest 12711
240     --
241    
242 derevko-guest 12891 postfix (CVE-2009-2939)
243     notified maintainer
244    
245     --
246    
247 derevko-guest 12445 squid (CVE-2009-0801)
248     #521053
249    
250     --
251    
252     squid3 (CVE-2009-0801)
253     #521052
254    
255     --
256    
257 jmm-guest 13932 t-prot (CVE-2009-4404)
258    
259     --
260    
261 thijs 11319 net-snmp (CVE-2008-6123)
262     Noah will see to it.
263    
264     --
265    
266 jmm-guest 12830 ocsinventory-server (CVE-2009-3040, CVE-2009-3042, CVE-2009-1443)
267     #541995
268 derevko-guest 12928 notified maintainer
269 jmm-guest 12830
270     --
271    
272     open-iscsi (CVE-2009-1297)
273     notified maintainer in initial bug report
274    
275     --
276    
277 jmm-guest 11490 openldap
278     #253838
279 derevko-guest 12047 notified maintainer
280 jmm-guest 11490
281     --
282    
283 jmm-guest 12925 overkill (no CVE yet)
284     #549310
285    
286     --
287    
288 jmm-guest 12830 owl (CVE-2009-0363)
289     #515118
290 derevko-guest 13013 notified maintainer
291 jmm-guest 12830
292     --
293    
294 gilbert-guest 11732 pam (CVE-2009-0579)
295     #514437
296     asked maintainer in mail
297    
298     --
299    
300 jmm-guest 12830 pidgin (CVE-2009-1889, CVE-2009-3083, CVE-2009-3084, CVE-2009-3085)
301     #535790
302     http://developer.pidgin.im/ticket/9483
303     http://developer.pidgin.im/viewmtn/revision/info/9bac0a540156fb1848eedd61c8630737dee752c7
304 derevko-guest 13013 notified maintainer
305 jmm-guest 12830
306     --
307    
308 jmm-guest 11712 pptp-linux (no CVE)
309     #523476
310 jmm-guest 11758 Ola will prepare a fix in a point update
311 jmm-guest 11712
312     --
313    
314 derevko-guest 13021 puppet (CVE-2009-3564)
315     #551073
316     notified maintainer in initial bug report
317    
318     --
319    
320 derevko-guest 13696 python-4suite (CVE-2009-3560, CVE-2009-3720)
321 jmm-guest 13640 #560914
322 derevko-guest 13696 notified maintainer
323 jmm-guest 13640
324     --
325    
326 derevko-guest 12869 rails (CVE-2009-3086)
327     bug #545063
328 derevko-guest 13013 notified maintainer
329 derevko-guest 12869
330     --
331    
332 jmm-guest 12029 slim (CVE-2009-1756)
333     bug #529306
334     Maintainer notified through followup in #529306
335    
336     --
337    
338 jmm-guest 13932 sqlite
339     #566326
340    
341     --
342    
343 jmm-guest 11184 tau (CVE-2008-5157)
344     #506348
345 nion 11202 notified maintainer
346 jmm-guest 11184
347     --
348    
349 jmm-guest 12258 udev (#462655)
350 gilbert-guest 12260 notified maintainer
351 jmm-guest 12258
352     --
353    
354 derevko-guest 12873 planet (CVE-2009-2937)
355     bug #546178
356     notified maintainer through initial bugreport
357    
358     --
359    
360 gilbert-guest 12148 webkit (CVE-2008-4724)
361 gilbert-guest 12147 #520052
362     asked maintainer
363    
364     --
365    
366 jmm-guest 8912 xemacs21 (CVE-2008-2142)
367     bug #480877
368 nion 8916 notified maintainer
369 jmm-guest 8912
370 jmm-guest 12626 xemacs21 (CVE-2009-2688)
371     #540470
372     Patches at https://bugzilla.redhat.com/show_bug.cgi?id=511994
373 derevko-guest 12630 notified maintainer
374 jmm-guest 12626
375     --
376    
377 jmm-guest 11386 xen-3 (CVE-2008-4993)
378 jmm-guest 9973 #496367
379 nion 9991 notified maintainer
380 jmm-guest 11553
381     --
382    
383 derevko-guest 13013 xerces-c2 (CVE-2009-1885)
384     #541986
385     notified maintainer
386 jmm-guest 12830
387     --
388    
389 jmm-guest 11553 xfig
390 derevko-guest 12057 25_mkstemp added in 1:3.2.5.a-1
391     notified maintainer
392 jmm-guest 11553
393 jmm-guest 13557 CVE-2009-4228/CVE-2009-4227
394     #559274)
395     https://bugzilla.redhat.com/show_bug.cgi?id=543905
396    
397 jmm-guest 11704 --
398    
399 jmm-guest 13040 xmp (CVE-2007-6731, CVE-2007-6732)
400     #546730
401 derevko-guest 13339 notified maintainer
402 jmm-guest 13040
403     --
404    
405 jmm-guest 13932 xserver-xorg (no CVE)
406     #555308
407    
408     --
409    
410 jmm-guest 13969 ytnef (CVE-2009-3887, CVE-2009-3721)
411    
412     --
413    
414 jmm-guest 11704 ziproxy (CVE-2009-0804)
415     #521051
416 derevko-guest 13777 notified maintainer
417    
418 jmm-guest 13932 --
419    
420     zope2.10 (no CVE)
421     https://mail.zope.org/pipermail/zope-announce/2010-January/002229.html
422 jmm-guest 13938
423     --
424    
425     zoph (CVE-2008-6838, CVE-2008-6837, CVE-2009-2343)
426     http://sourceforge.net/tracker/?func=detail&aid=2815898&group_id=69353&atid=524249
427     http://sourceforge.net/project/shownotes.php?group_id=69353&release_id=694128
  ViewVC Help
Powered by ViewVC 1.1.5