/[secure-testing]/data/spu-candidates.txt
ViewVC logotype

Contents of /data/spu-candidates.txt

Parent Directory Parent Directory | Revision Log Revision Log

Revision 14734 - (hide annotations) (download)
Mon May 24 10:17:15 2010 UTC (3 years ago) by derevko-guest
File MIME type: text/plain
File size: 7315 byte(s) 
spu notifications
nano issues fixed in spu
1 jmm-guest 7532 This file records minor security issues, which do not warrant a DSA,
2     but which could be fixed in a stable point update if people feel like
3     it. If someone wants to address these, please add a note about it
4     and get in contact with debian-release@lists.debian.org
5    
6 jmm-guest 13302
7 jmm-guest 7532 --
8    
9 jmm-guest 14483 abcm2ps (no CVE)
10     #577014
11    
12    
13     --
14    
15 jmm-guest 13932 acidbase (CVE-2009-4590, CVE-2009-4591, CVE-2009-4592)
16 derevko-guest 13977 notified maintainer
17 jmm-guest 13932
18     --
19    
20 jmm-guest 14019 acl (CVE-2009-4411)
21     #499076
22     notified maintainer
23    
24     --
25    
26 jmm-guest 11373 asterisk (CVE-2009-0041)
27     #513413
28 nion 11718 notified maintainer
29 jmm-guest 11373
30 derevko-guest 13696 asterisk (CVE-2008-3903)
31 jmm-guest 11956 #522528
32 derevko-guest 12038 notified maintainer
33 jmm-guest 11956
34 jmm-guest 11373 --
35    
36 jmm-guest 11559 avahi (CVE-2009-0758)
37     #517683
38 nion 11718 notified maintainer
39 jmm-guest 11559
40     --
41    
42 jmm-guest 13490 babel (CVE-2009-3736)
43     #559843
44 derevko-guest 13617 notified maintainer
45 jmm-guest 13490
46     --
47    
48 jmm-guest 11507 bugzilla (CVE-2009-0481 to CVE-2009-0485)
49 nion 11718 notified maintainer
50 jmm-guest 11507
51     --
52    
53 jmm-guest 12757 buildbot (CVE-2009-2959, CVE-2009-2967)
54     #543822
55 derevko-guest 12789 notified maintainer
56 jmm-guest 12757
57     --
58    
59 jmm-guest 11963 compiz-fusion-plugins-main (CVE-2008-6514)
60 derevko-guest 12024 notified maintainer
61 jmm-guest 11963
62     --
63    
64 jmm-guest 14241 cpio (CVE-2010-0624)
65     notified maintainer
66    
67     --
68    
69 jmm-guest 14529 couchdb (CVE-2010-0009)
70     #576304
71 derevko-guest 14734 notified maintainer
72 jmm-guest 14529
73     --
74    
75 jmm-guest 11911 cron: Incomplete fix for CVE-2006-2607 (setgid() and initgroups() not checked
76     #528434
77 derevko-guest 12038 notified maintainer
78 jmm-guest 11911
79     --
80    
81 jmm-guest 13678 cups (CVE-2009-3553)
82     #557740
83     maintainer notified in initial bug report
84 derevko-guest 14351 Initial patch was incomplete;
85 jmm-guest 13678
86 derevko-guest 14351 cups (CVE-2010-0302)
87     #572940
88     notified maintainer
89 jmm-guest 14210
90 jmm-guest 13678 --
91    
92 jmm-guest 13618 devil (CVE-2009-3994)
93     #560080
94 derevko-guest 13696 notified maintainer
95 jmm-guest 13618
96     --
97    
98 gilbert-guest 13009 dopewars (CVE-2009-3591)
99     #550913
100     notified maintainer
101    
102     --
103    
104 jmm-guest 13374 dstat (CVE-2009-3894)
105     http://svn.rpmforge.net/svn/trunk/tools/dstat/ChangeLog
106 derevko-guest 13464 notified maintainer
107 jmm-guest 13374
108 derevko-guest 13464 dstat (CVE-2009-4081)
109     #559667
110     notified maintainer
111    
112 jmm-guest 13374 --
113    
114 white 12460 evolution (CVE-2009-1631)
115     #526409
116 derevko-guest 12477 notified maintainer through initial bugreport
117 white 12460
118     --
119    
120 jmm-guest 14208 fcron (CVE-2010-0791)
121     #572587
122     notified maintainer through initial bugreport
123    
124     --
125    
126 jmm-guest 14439 imp4 (CVE-2010-0463)
127     #569661
128 derevko-guest 14734 notified maintainer
129 jmm-guest 14439
130     --
131    
132 jmm-guest 13932 libgnucrypto-java (CVE-2008-5659)
133     #559789
134 derevko-guest 13977 removed
135 jmm-guest 13932
136     --
137    
138 jmm-guest 12020 gnutls26 (CVE-2009-1417)
139     #531614
140 derevko-guest 12038 notified maintainer
141 jmm-guest 12020
142     --
143    
144 jmm-guest 12757 gri (no CVE)
145     fixed in gri 2.12.18-1:
146     "Improve security when creating temporary files."
147 derevko-guest 12789 notified maintainer
148 jmm-guest 12757
149     --
150    
151 jmm-guest 12830 gupnp (CVE-2009-2174)
152     #534594
153 derevko-guest 12869 notified maintainer
154 jmm-guest 12830
155     --
156    
157     htmldoc (CVE-2009-3050)
158     #537637
159 derevko-guest 12947 notified maintainer through initial bugreport
160 jmm-guest 12830
161     --
162    
163 jmm-guest 13490 hypre (CVE-2009-3736)
164     #559834
165 derevko-guest 13617 notified maintainer
166 jmm-guest 13490
167     --
168    
169 gilbert-guest 14398 iceweasel (CVE-2009-0777)
170     #576466
171     notified maintainer
172    
173     --
174    
175 jmm-guest 12830 kde4libs (CVE-2009-2702)
176     #546218
177 derevko-guest 13013 notified maintainer
178 jmm-guest 12830
179 derevko-guest 14351 kde4libs (CVE-2009-0689)
180     notified maintainer
181 jmm-guest 14124
182 jmm-guest 12830 --
183    
184 jmm-guest 12108 kfreebsd-6
185     [freebsd Missing permission check on SIOCSIFINFO_IN6 ioctl]
186     http://security.freebsd.org/advisories/FreeBSD-SA-09:10.ipv6.asc
187 derevko-guest 12200 notified maintainer
188 jmm-guest 12108
189 jmm-guest 12191 [freebsd Local information disclosure via direct pipe writes] (CVE-2009-1935)
190 jmm-guest 12108 http://security.freebsd.org/advisories/FreeBSD-SA-09:09.pipe.asc
191 derevko-guest 12200 notified maintainer
192 jmm-guest 12108
193     --
194    
195     kfreebsd-7
196     [freebsd Missing permission check on SIOCSIFINFO_IN6 ioctl]
197     http://security.freebsd.org/advisories/FreeBSD-SA-09:10.ipv6.asc
198 derevko-guest 12200 notified maintainer
199 jmm-guest 12108
200 jmm-guest 12191 [freebsd Local information disclosure via direct pipe writes] (CVE-2009-1935)
201 jmm-guest 12108 http://security.freebsd.org/advisories/FreeBSD-SA-09:09.pipe.asc
202 derevko-guest 12200 notified maintainer
203 jmm-guest 12108
204     --
205    
206 jmm-guest 11729 kvm 82-1 (CVE-2008-5714)
207     #509997
208 derevko-guest 12047 notified maintainer
209 jmm-guest 11729
210     --
211    
212 derevko-guest 12292 lcms (CVE-2009-0793)
213     notified maintainer through initial bugreport
214    
215     --
216    
217 jmm-guest 14420 libesmtp (CVE-2010-1192)
218     #572960
219    
220     --
221    
222 jmm-guest 14606 libnss-db (CVE-2010-0826)
223     #577057
224    
225     --
226    
227 jmm-guest 12626 libpam-ssh (CVE-2009-1273)
228     #535877
229 jmm-guest 12655 maintainer notified through initial bug report, said he would work on an update
230 jmm-guest 12626
231     --
232    
233 jmm-guest 12244 libpng (CVE-2009-2042)
234     #533676
235 derevko-guest 12292 notified maintainer
236 jmm-guest 12244
237     --
238    
239 derevko-guest 12292 libsndfile
240     potential dos via crafted input
241     #530831
242 derevko-guest 14351 notified maintainer
243 derevko-guest 12292
244     --
245    
246 gilbert-guest 11775 libvorbis (CVE-2008-2009)
247     notified maintainer and release team
248    
249     --
250    
251 jmm-guest 14019 libstruts1.2-java (CVE-2008-2025)
252     #528352
253 derevko-guest 14351 notified maintainer
254 jmm-guest 14019
255     --
256    
257 jmm-guest 14226 linux-ftpd: null ptr dereference
258     #572813
259 derevko-guest 14351 notified maintainer
260 jmm-guest 14226
261     --
262    
263 jmm-guest 14482 logrotate [logrotate race condition could lead to file disclosure]
264     Fixed in sid in 3.7.8-4
265    
266     --
267    
268 jmm-guest 14136 makepasswd (no CVE ID)
269     #564559
270 derevko-guest 14351 notified maintainer
271 jmm-guest 14136
272     --
273    
274 derevko-guest 13892 maradns
275     http://maradns.org/download/maradns-1.4.02-parse_segfault.patch
276     notified maintainer
277    
278     --
279    
280 jmm-guest 12352 memcached (CVE-2009-1255)
281 derevko-guest 12387 notified maintainer
282 jmm-guest 12352
283 derevko-guest 12387 --
284 jmm-guest 12352
285 derevko-guest 12292 mimedecode
286     potential dos/crash due to invalid input
287 derevko-guest 12387 orphaned
288 derevko-guest 12292 #530430
289    
290     --
291    
292 jmm-guest 11704 mpg123 (CVE-2009-1301)
293 nion 11718 notified maintainer
294 jmm-guest 11704
295     --
296    
297 jmm-guest 12830 neon27 (CVE-2009-2474)
298     #542926
299 derevko-guest 12891 notified maintainer
300 jmm-guest 12830
301     --
302    
303     neon26 (CVE-2009-2474)
304     #542926
305 derevko-guest 12891 notified maintainer
306 jmm-guest 12830
307     --
308    
309 derevko-guest 13697 network-manager-applet (CVE-2009-4144)
310     #560067
311     notified maintainer through initial bugreport
312    
313     CVE-2009-4145
314     #563371
315     notified maintainer through initial bugreport
316    
317     --
318    
319 jmm-guest 12711 ntop (CVE-2009-2732)
320     #543312
321 derevko-guest 12892 notified maintainer through initial bugreport
322 jmm-guest 12711
323     --
324    
325 derevko-guest 12891 postfix (CVE-2009-2939)
326     notified maintainer
327    
328     --
329    
330 derevko-guest 12445 squid (CVE-2009-0801)
331     #521053
332 derevko-guest 14351 notified maintainer
333 derevko-guest 12445
334     --
335    
336     squid3 (CVE-2009-0801)
337     #521052
338 derevko-guest 14351 notified maintainer
339 derevko-guest 12445
340     --
341    
342 jmm-guest 13932 t-prot (CVE-2009-4404)
343 derevko-guest 14351 notified maintainer
344 jmm-guest 13932
345     --
346    
347 thijs 11319 net-snmp (CVE-2008-6123)
348     Noah will see to it.
349    
350     --
351    
352 jmm-guest 12830 ocsinventory-server (CVE-2009-3040, CVE-2009-3042, CVE-2009-1443)
353     #541995
354 derevko-guest 12928 notified maintainer
355 jmm-guest 12830
356     --
357    
358 jmm-guest 11490 openldap
359     #253838
360 derevko-guest 12047 notified maintainer
361 jmm-guest 11490
362     --
363    
364 jmm-guest 14218 openssl (CVE-2009-3245)
365     notified maintainer
366    
367     --
368    
369 jmm-guest 12925 overkill (no CVE yet)
370     #549310
371    
372     --
373    
374 jmm-guest 12830 owl (CVE-2009-0363)
375     #515118
376 derevko-guest 13013 notified maintainer
377 jmm-guest 12830
378     --
379    
380 gilbert-guest 11732 pam (CVE-2009-0579)
381     #514437
382     asked maintainer in mail
383    
384     --
385    
386 jmm-guest 12830 pidgin (CVE-2009-1889, CVE-2009-3083, CVE-2009-3084, CVE-2009-3085)
387     #535790
388     http://developer.pidgin.im/ticket/9483
389     http://developer.pidgin.im/viewmtn/revision/info/9bac0a540156fb1848eedd61c8630737dee752c7
390 derevko-guest 13013 notified maintainer
391 jmm-guest 12830
392     --
393    
394 jmm-guest 11712 pptp-linux (no CVE)
395     #523476
396 jmm-guest 11758 Ola will prepare a fix in a point update
397 jmm-guest 11712
398     --
399    
400 derevko-guest 13021 puppet (CVE-2009-3564)
401     #551073
402     notified maintainer in initial bug report
403    
404 jmm-guest 14214 CVE-2010-0156
405     #https://bugzilla.redhat.com/show_bug.cgi?id=502881
406 derevko-guest 14351 notified maintainer
407 jmm-guest 14214
408 derevko-guest 13021 --
409    
410 derevko-guest 13696 python-4suite (CVE-2009-3560, CVE-2009-3720)
411 jmm-guest 13640 #560914
412 derevko-guest 13696 notified maintainer
413 jmm-guest 13640
414     --
415    
416 derevko-guest 12869 rails (CVE-2009-3086)
417     bug #545063
418 derevko-guest 13013 notified maintainer
419 derevko-guest 12869
420     --
421    
422 jmm-guest 14212 shibboleth-sp2: world-readable key (no CVE)
423     #571631
424     notified maintainer through bugreport
425    
426     --
427    
428 jmm-guest 12029 slim (CVE-2009-1756)
429     bug #529306
430     Maintainer notified through followup in #529306
431    
432     --
433    
434 jmm-guest 14186 squid (CVE-2010-0639)
435     #572553
436     Maintainer notified through initial bugreport
437    
438     --
439    
440     squid3 (CVE-2010-0639)
441     #572554
442     Maintainer notified through initial bugreport
443    
444     --
445    
446 jmm-guest 13932 sqlite
447     #566326
448    
449     --
450    
451 jmm-guest 11184 tau (CVE-2008-5157)
452     #506348
453 nion 11202 notified maintainer
454 jmm-guest 11184
455     --
456    
457 jmm-guest 14482 texlive-bin (CVE-2010-0739, CVE-2010-0827)
458     notified maintainer
459    
460     --
461    
462 jmm-guest 14470 trac (CVE-2009-4405)
463 derevko-guest 14734 notified maintainer
464 jmm-guest 14470
465     --
466    
467 jmm-guest 12258 udev (#462655)
468 gilbert-guest 12260 notified maintainer
469 jmm-guest 12258
470     --
471    
472 derevko-guest 12873 planet (CVE-2009-2937)
473     bug #546178
474     notified maintainer through initial bugreport
475    
476     --
477    
478 gilbert-guest 12148 webkit (CVE-2008-4724)
479 gilbert-guest 12147 #520052
480     asked maintainer
481    
482     --
483    
484 jmm-guest 8912 xemacs21 (CVE-2008-2142)
485     bug #480877
486 nion 8916 notified maintainer
487 jmm-guest 8912
488 jmm-guest 12626 xemacs21 (CVE-2009-2688)
489     #540470
490     Patches at https://bugzilla.redhat.com/show_bug.cgi?id=511994
491 derevko-guest 12630 notified maintainer
492 jmm-guest 12626
493     --
494    
495 jmm-guest 11386 xen-3 (CVE-2008-4993)
496 jmm-guest 9973 #496367
497 nion 9991 notified maintainer
498 jmm-guest 11553
499     --
500    
501 derevko-guest 13013 xerces-c2 (CVE-2009-1885)
502     #541986
503     notified maintainer
504 jmm-guest 12830
505     --
506    
507 jmm-guest 11553 xfig
508 derevko-guest 12057 25_mkstemp added in 1:3.2.5.a-1
509     notified maintainer
510 jmm-guest 11553
511 jmm-guest 13557 CVE-2009-4228/CVE-2009-4227
512     #559274)
513     https://bugzilla.redhat.com/show_bug.cgi?id=543905
514 derevko-guest 14734 notified maintainer
515 jmm-guest 13557
516 jmm-guest 11704 --
517    
518 jmm-guest 13040 xmp (CVE-2007-6731, CVE-2007-6732)
519     #546730
520 derevko-guest 13339 notified maintainer
521 jmm-guest 13040
522     --
523    
524 jmm-guest 13932 xserver-xorg (no CVE)
525     #555308
526    
527     --
528    
529 jmm-guest 13969 ytnef (CVE-2009-3887, CVE-2009-3721)
530 derevko-guest 14351 notified maintainer
531 jmm-guest 13969
532     --
533    
534 jmm-guest 11704 ziproxy (CVE-2009-0804)
535     #521051
536 derevko-guest 13777 notified maintainer
537    
538 jmm-guest 13932 --
539    
540     zope2.10 (no CVE)
541     https://mail.zope.org/pipermail/zope-announce/2010-January/002229.html
542 jmm-guest 13938
543     --
544    
545     zoph (CVE-2008-6838, CVE-2008-6837, CVE-2009-2343)
546     http://sourceforge.net/tracker/?func=detail&aid=2815898&group_id=69353&atid=524249
547     http://sourceforge.net/project/shownotes.php?group_id=69353&release_id=694128
548 derevko-guest 14351 notified maintainer
549    
  ViewVC Help
Powered by ViewVC 1.1.5