/[secure-testing]/data/spu-candidates.txt
ViewVC logotype

Contents of /data/spu-candidates.txt

Parent Directory Parent Directory | Revision Log Revision Log

Revision 14186 - (hide annotations) (download)
Thu Mar 4 21:02:52 2010 UTC (3 years, 3 months ago) by jmm-guest
File MIME type: text/plain
File size: 6207 byte(s) 
- squid bugnums
- new xar issue
1 jmm-guest 7532 This file records minor security issues, which do not warrant a DSA,
2     but which could be fixed in a stable point update if people feel like
3     it. If someone wants to address these, please add a note about it
4     and get in contact with debian-release@lists.debian.org
5    
6 jmm-guest 13302
7 jmm-guest 7532 --
8    
9 jmm-guest 13932 acidbase (CVE-2009-4590, CVE-2009-4591, CVE-2009-4592)
10 derevko-guest 13977 notified maintainer
11 jmm-guest 13932
12     --
13    
14 jmm-guest 14019 acl (CVE-2009-4411)
15     #499076
16     notified maintainer
17    
18     --
19    
20 jmm-guest 11373 asterisk (CVE-2009-0041)
21     #513413
22 nion 11718 notified maintainer
23 jmm-guest 11373
24 derevko-guest 13696 asterisk (CVE-2008-3903)
25 jmm-guest 11956 #522528
26 derevko-guest 12038 notified maintainer
27 jmm-guest 11956
28 jmm-guest 11373 --
29    
30 jmm-guest 11559 avahi (CVE-2009-0758)
31     #517683
32 nion 11718 notified maintainer
33 jmm-guest 11559
34     --
35    
36 jmm-guest 13490 babel (CVE-2009-3736)
37     #559843
38 derevko-guest 13617 notified maintainer
39 jmm-guest 13490
40     --
41    
42 jmm-guest 11507 bugzilla (CVE-2009-0481 to CVE-2009-0485)
43 nion 11718 notified maintainer
44 jmm-guest 11507
45     --
46    
47 jmm-guest 12757 buildbot (CVE-2009-2959, CVE-2009-2967)
48     #543822
49 derevko-guest 12789 notified maintainer
50 jmm-guest 12757
51     --
52    
53 jmm-guest 11963 compiz-fusion-plugins-main (CVE-2008-6514)
54 derevko-guest 12024 notified maintainer
55 jmm-guest 11963
56     --
57    
58 jmm-guest 11911 cron: Incomplete fix for CVE-2006-2607 (setgid() and initgroups() not checked
59     #528434
60 derevko-guest 12038 notified maintainer
61 jmm-guest 11911
62     --
63    
64 jmm-guest 13678 cups (CVE-2009-3553)
65     #557740
66     maintainer notified in initial bug report
67    
68     --
69    
70 jmm-guest 13618 devil (CVE-2009-3994)
71     #560080
72 derevko-guest 13696 notified maintainer
73 jmm-guest 13618
74     --
75    
76 gilbert-guest 13009 dopewars (CVE-2009-3591)
77     #550913
78     notified maintainer
79    
80     --
81    
82 jmm-guest 13374 dstat (CVE-2009-3894)
83     http://svn.rpmforge.net/svn/trunk/tools/dstat/ChangeLog
84 derevko-guest 13464 notified maintainer
85 jmm-guest 13374
86 derevko-guest 13464 dstat (CVE-2009-4081)
87     #559667
88     notified maintainer
89    
90 jmm-guest 13374 --
91    
92 white 12460 evolution (CVE-2009-1631)
93     #526409
94 derevko-guest 12477 notified maintainer through initial bugreport
95 white 12460
96     --
97    
98 jmm-guest 13932 libgnucrypto-java (CVE-2008-5659)
99     #559789
100 derevko-guest 13977 removed
101 jmm-guest 13932
102     --
103    
104 jmm-guest 12020 gnutls26 (CVE-2009-1417)
105     #531614
106 derevko-guest 12038 notified maintainer
107 jmm-guest 12020
108     --
109    
110 jmm-guest 12757 gri (no CVE)
111     fixed in gri 2.12.18-1:
112     "Improve security when creating temporary files."
113 derevko-guest 12789 notified maintainer
114 jmm-guest 12757
115     --
116    
117 jmm-guest 12830 gupnp (CVE-2009-2174)
118     #534594
119 derevko-guest 12869 notified maintainer
120 jmm-guest 12830
121     --
122    
123     htmldoc (CVE-2009-3050)
124     #537637
125 derevko-guest 12947 notified maintainer through initial bugreport
126 jmm-guest 12830
127     --
128    
129 jmm-guest 13490 hypre (CVE-2009-3736)
130     #559834
131 derevko-guest 13617 notified maintainer
132 jmm-guest 13490
133     --
134    
135 jmm-guest 12830 kde4libs (CVE-2009-2702)
136     #546218
137 derevko-guest 13013 notified maintainer
138 jmm-guest 12830
139 jmm-guest 14124 CVE-2009-0689
140    
141 jmm-guest 12830 --
142    
143 jmm-guest 12108 kfreebsd-6
144     [freebsd Missing permission check on SIOCSIFINFO_IN6 ioctl]
145     http://security.freebsd.org/advisories/FreeBSD-SA-09:10.ipv6.asc
146 derevko-guest 12200 notified maintainer
147 jmm-guest 12108
148 jmm-guest 12191 [freebsd Local information disclosure via direct pipe writes] (CVE-2009-1935)
149 jmm-guest 12108 http://security.freebsd.org/advisories/FreeBSD-SA-09:09.pipe.asc
150 derevko-guest 12200 notified maintainer
151 jmm-guest 12108
152     --
153    
154     kfreebsd-7
155     [freebsd Missing permission check on SIOCSIFINFO_IN6 ioctl]
156     http://security.freebsd.org/advisories/FreeBSD-SA-09:10.ipv6.asc
157 derevko-guest 12200 notified maintainer
158 jmm-guest 12108
159 jmm-guest 12191 [freebsd Local information disclosure via direct pipe writes] (CVE-2009-1935)
160 jmm-guest 12108 http://security.freebsd.org/advisories/FreeBSD-SA-09:09.pipe.asc
161 derevko-guest 12200 notified maintainer
162 jmm-guest 12108
163     --
164    
165 jmm-guest 11729 kvm 82-1 (CVE-2008-5714)
166     #509997
167 derevko-guest 12047 notified maintainer
168 jmm-guest 11729
169     --
170    
171 derevko-guest 12292 lcms (CVE-2009-0793)
172     notified maintainer through initial bugreport
173    
174     --
175    
176 jmm-guest 12626 libpam-ssh (CVE-2009-1273)
177     #535877
178 jmm-guest 12655 maintainer notified through initial bug report, said he would work on an update
179 jmm-guest 12626
180     --
181    
182 jmm-guest 12244 libpng (CVE-2009-2042)
183     #533676
184 derevko-guest 12292 notified maintainer
185 jmm-guest 12244
186 jmm-guest 14185 CVE-2010-0205
187     #572308
188    
189 jmm-guest 12244 --
190    
191 derevko-guest 12292 libsndfile
192     potential dos via crafted input
193     #530831
194    
195     --
196    
197 gilbert-guest 11775 libvorbis (CVE-2008-2009)
198     notified maintainer and release team
199    
200     --
201    
202 jmm-guest 14019 libstruts1.2-java (CVE-2008-2025)
203     #528352
204    
205     --
206    
207 jmm-guest 14136 makepasswd (no CVE ID)
208     #564559
209    
210     --
211    
212 derevko-guest 13892 maradns
213     http://maradns.org/download/maradns-1.4.02-parse_segfault.patch
214     notified maintainer
215    
216     --
217    
218 jmm-guest 12352 memcached (CVE-2009-1255)
219 derevko-guest 12387 notified maintainer
220 jmm-guest 12352
221 derevko-guest 12387 --
222 jmm-guest 12352
223 derevko-guest 12292 mimedecode
224     potential dos/crash due to invalid input
225 derevko-guest 12387 orphaned
226 derevko-guest 12292 #530430
227    
228     --
229    
230 jmm-guest 11704 mpg123 (CVE-2009-1301)
231 nion 11718 notified maintainer
232 jmm-guest 11704
233     --
234    
235 jmm-guest 12830 neon27 (CVE-2009-2474)
236     #542926
237 derevko-guest 12891 notified maintainer
238 jmm-guest 12830
239     --
240    
241     neon26 (CVE-2009-2474)
242     #542926
243 derevko-guest 12891 notified maintainer
244 jmm-guest 12830
245     --
246    
247 derevko-guest 13697 network-manager-applet (CVE-2009-4144)
248     #560067
249     notified maintainer through initial bugreport
250    
251     CVE-2009-4145
252     #563371
253     notified maintainer through initial bugreport
254    
255     --
256    
257 jmm-guest 12711 ntop (CVE-2009-2732)
258     #543312
259 derevko-guest 12892 notified maintainer through initial bugreport
260 jmm-guest 12711
261     --
262    
263 derevko-guest 12891 postfix (CVE-2009-2939)
264     notified maintainer
265    
266     --
267    
268 derevko-guest 12445 squid (CVE-2009-0801)
269     #521053
270    
271     --
272    
273     squid3 (CVE-2009-0801)
274     #521052
275    
276     --
277    
278 jmm-guest 13932 t-prot (CVE-2009-4404)
279    
280     --
281    
282 thijs 11319 net-snmp (CVE-2008-6123)
283     Noah will see to it.
284    
285     --
286    
287 jmm-guest 12830 ocsinventory-server (CVE-2009-3040, CVE-2009-3042, CVE-2009-1443)
288     #541995
289 derevko-guest 12928 notified maintainer
290 jmm-guest 12830
291     --
292    
293     open-iscsi (CVE-2009-1297)
294     notified maintainer in initial bug report
295    
296     --
297    
298 jmm-guest 11490 openldap
299     #253838
300 derevko-guest 12047 notified maintainer
301 jmm-guest 11490
302     --
303    
304 jmm-guest 12925 overkill (no CVE yet)
305     #549310
306    
307     --
308    
309 jmm-guest 12830 owl (CVE-2009-0363)
310     #515118
311 derevko-guest 13013 notified maintainer
312 jmm-guest 12830
313     --
314    
315 gilbert-guest 11732 pam (CVE-2009-0579)
316     #514437
317     asked maintainer in mail
318    
319     --
320    
321 jmm-guest 12830 pidgin (CVE-2009-1889, CVE-2009-3083, CVE-2009-3084, CVE-2009-3085)
322     #535790
323     http://developer.pidgin.im/ticket/9483
324     http://developer.pidgin.im/viewmtn/revision/info/9bac0a540156fb1848eedd61c8630737dee752c7
325 derevko-guest 13013 notified maintainer
326 jmm-guest 12830
327     --
328    
329 jmm-guest 11712 pptp-linux (no CVE)
330     #523476
331 jmm-guest 11758 Ola will prepare a fix in a point update
332 jmm-guest 11712
333     --
334    
335 derevko-guest 13021 puppet (CVE-2009-3564)
336     #551073
337     notified maintainer in initial bug report
338    
339     --
340    
341 derevko-guest 13696 python-4suite (CVE-2009-3560, CVE-2009-3720)
342 jmm-guest 13640 #560914
343 derevko-guest 13696 notified maintainer
344 jmm-guest 13640
345     --
346    
347 derevko-guest 12869 rails (CVE-2009-3086)
348     bug #545063
349 derevko-guest 13013 notified maintainer
350 derevko-guest 12869
351     --
352    
353 jmm-guest 12029 slim (CVE-2009-1756)
354     bug #529306
355     Maintainer notified through followup in #529306
356    
357     --
358    
359 jmm-guest 14186 squid (CVE-2010-0639)
360     #572553
361     Maintainer notified through initial bugreport
362    
363     --
364    
365     squid3 (CVE-2010-0639)
366     #572554
367     Maintainer notified through initial bugreport
368    
369     --
370    
371 jmm-guest 13932 sqlite
372     #566326
373    
374     --
375    
376 jmm-guest 11184 tau (CVE-2008-5157)
377     #506348
378 nion 11202 notified maintainer
379 jmm-guest 11184
380     --
381    
382 jmm-guest 12258 udev (#462655)
383 gilbert-guest 12260 notified maintainer
384 jmm-guest 12258
385     --
386    
387 derevko-guest 12873 planet (CVE-2009-2937)
388     bug #546178
389     notified maintainer through initial bugreport
390    
391     --
392    
393 gilbert-guest 12148 webkit (CVE-2008-4724)
394 gilbert-guest 12147 #520052
395     asked maintainer
396    
397     --
398    
399 jmm-guest 8912 xemacs21 (CVE-2008-2142)
400     bug #480877
401 nion 8916 notified maintainer
402 jmm-guest 8912
403 jmm-guest 12626 xemacs21 (CVE-2009-2688)
404     #540470
405     Patches at https://bugzilla.redhat.com/show_bug.cgi?id=511994
406 derevko-guest 12630 notified maintainer
407 jmm-guest 12626
408     --
409    
410 jmm-guest 11386 xen-3 (CVE-2008-4993)
411 jmm-guest 9973 #496367
412 nion 9991 notified maintainer
413 jmm-guest 11553
414     --
415    
416 derevko-guest 13013 xerces-c2 (CVE-2009-1885)
417     #541986
418     notified maintainer
419 jmm-guest 12830
420     --
421    
422 jmm-guest 11553 xfig
423 derevko-guest 12057 25_mkstemp added in 1:3.2.5.a-1
424     notified maintainer
425 jmm-guest 11553
426 jmm-guest 13557 CVE-2009-4228/CVE-2009-4227
427     #559274)
428     https://bugzilla.redhat.com/show_bug.cgi?id=543905
429    
430 jmm-guest 11704 --
431    
432 jmm-guest 13040 xmp (CVE-2007-6731, CVE-2007-6732)
433     #546730
434 derevko-guest 13339 notified maintainer
435 jmm-guest 13040
436     --
437    
438 jmm-guest 13932 xserver-xorg (no CVE)
439     #555308
440    
441     --
442    
443 jmm-guest 13969 ytnef (CVE-2009-3887, CVE-2009-3721)
444    
445     --
446    
447 jmm-guest 11704 ziproxy (CVE-2009-0804)
448     #521051
449 derevko-guest 13777 notified maintainer
450    
451 jmm-guest 13932 --
452    
453     zope2.10 (no CVE)
454     https://mail.zope.org/pipermail/zope-announce/2010-January/002229.html
455 jmm-guest 13938
456     --
457    
458     zoph (CVE-2008-6838, CVE-2008-6837, CVE-2009-2343)
459     http://sourceforge.net/tracker/?func=detail&aid=2815898&group_id=69353&atid=524249
460     http://sourceforge.net/project/shownotes.php?group_id=69353&release_id=694128
  ViewVC Help
Powered by ViewVC 1.1.5