/[secure-testing]/data/spu-candidates.txt
ViewVC logotype

Contents of /data/spu-candidates.txt

Parent Directory Parent Directory | Revision Log Revision Log

Revision 13696 - (show annotations) (download)
Sat Jan 2 09:30:05 2010 UTC (3 years, 4 months ago) by derevko-guest
File MIME type: text/plain
File size: 5571 byte(s) 
SPU notifications
1 This file records minor security issues, which do not warrant a DSA,
2 but which could be fixed in a stable point update if people feel like
3 it. If someone wants to address these, please add a note about it
4 and get in contact with debian-release@lists.debian.org
5
6
7 --
8
9 alien-arena (CVE-2009-3637)
10 #552038
11
12 --
13
14 asterisk (CVE-2009-0041)
15 #513413
16 notified maintainer
17
18 asterisk (CVE-2008-3903)
19 #522528
20 notified maintainer
21
22 --
23
24 avahi (CVE-2009-0758)
25 #517683
26 notified maintainer
27
28 --
29
30 babel (CVE-2009-3736)
31 #559843
32 notified maintainer
33
34 --
35
36 backuppc (CVE-2009-3369)
37 #542218
38 notified maintainer
39
40 --
41
42 bugzilla (CVE-2009-0481 to CVE-2009-0485)
43 notified maintainer
44
45 --
46
47 buildbot (CVE-2009-2959, CVE-2009-2967)
48 #543822
49 notified maintainer
50
51 --
52
53 compiz-fusion-plugins-main (CVE-2008-6514)
54 notified maintainer
55
56 --
57
58 cron: Incomplete fix for CVE-2006-2607 (setgid() and initgroups() not checked
59 #528434
60 notified maintainer
61
62 --
63
64 cups (CVE-2009-3553)
65 #557740
66 maintainer notified in initial bug report
67
68 --
69
70 devil (CVE-2009-3994)
71 #560080
72 notified maintainer
73
74 --
75
76 dopewars (CVE-2009-3591)
77 #550913
78 notified maintainer
79
80 --
81
82 dstat (CVE-2009-3894)
83 http://svn.rpmforge.net/svn/trunk/tools/dstat/ChangeLog
84 notified maintainer
85
86 dstat (CVE-2009-4081)
87 #559667
88 notified maintainer
89
90 --
91
92 evolution (CVE-2009-1631)
93 #526409
94 notified maintainer through initial bugreport
95
96 --
97
98 firebird2.0 (CVE-2009-2620)
99 #539477
100 notified maintainer
101
102 --
103
104 glib2.0 (CVE-2009-3289)
105 https://bugzilla.gnome.org/show_bug.cgi?id=593406
106 notified maintainer
107
108 --
109
110 gnutls26 (CVE-2009-1417)
111 #531614
112 notified maintainer
113
114 --
115
116 gri (no CVE)
117 fixed in gri 2.12.18-1:
118 "Improve security when creating temporary files."
119 notified maintainer
120
121 --
122
123 gupnp (CVE-2009-2174)
124 #534594
125 notified maintainer
126
127 --
128
129 horde3 (CVE-2009-3701)
130
131 --
132
133 htmldoc (CVE-2009-3050)
134 #537637
135 notified maintainer through initial bugreport
136
137 --
138
139 hypre (CVE-2009-3736)
140 #559834
141 notified maintainer
142
143 --
144
145 kde4libs (CVE-2009-2702)
146 #546218
147 notified maintainer
148
149 --
150
151 kfreebsd-6
152 [freebsd Missing permission check on SIOCSIFINFO_IN6 ioctl]
153 http://security.freebsd.org/advisories/FreeBSD-SA-09:10.ipv6.asc
154 notified maintainer
155
156 [freebsd Local information disclosure via direct pipe writes] (CVE-2009-1935)
157 http://security.freebsd.org/advisories/FreeBSD-SA-09:09.pipe.asc
158 notified maintainer
159
160 --
161
162 kfreebsd-7
163 [freebsd Missing permission check on SIOCSIFINFO_IN6 ioctl]
164 http://security.freebsd.org/advisories/FreeBSD-SA-09:10.ipv6.asc
165 notified maintainer
166
167 [freebsd Local information disclosure via direct pipe writes] (CVE-2009-1935)
168 http://security.freebsd.org/advisories/FreeBSD-SA-09:09.pipe.asc
169 notified maintainer
170
171 --
172
173 kvm 82-1 (CVE-2008-5714)
174 #509997
175 notified maintainer
176
177 --
178
179 lcms (CVE-2009-0793)
180 notified maintainer through initial bugreport
181
182 --
183
184 libpam-ssh (CVE-2009-1273)
185 #535877
186 maintainer notified through initial bug report, said he would work on an update
187
188 --
189
190 libpng (CVE-2009-2042)
191 #533676
192 notified maintainer
193
194 --
195
196 libsndfile
197 potential dos via crafted input
198 #530831
199
200 --
201
202 libvorbis (CVE-2008-2009)
203 notified maintainer and release team
204
205 --
206
207 memcached (CVE-2009-1255)
208 notified maintainer
209
210 --
211
212 mimedecode
213 potential dos/crash due to invalid input
214 orphaned
215 #530430
216
217 --
218
219 movabletype-opensource (CVE-2009-2492)
220 #537935
221 notified maintainer
222
223 --
224
225 mpg123 (CVE-2009-1301)
226 notified maintainer
227
228 --
229
230 neon27 (CVE-2009-2474)
231 #542926
232 notified maintainer
233
234 --
235
236 neon26 (CVE-2009-2474)
237 #542926
238 notified maintainer
239
240 --
241
242 ntop (CVE-2009-2732)
243 #543312
244 notified maintainer through initial bugreport
245
246 --
247
248 postfix (CVE-2009-2939)
249 notified maintainer
250
251 --
252
253 snort (CVE-2009-3641)
254 #553584
255
256 --
257
258 squid (CVE-2009-0801)
259 #521053
260
261 --
262
263 squid3 (CVE-2009-0801)
264 #521052
265
266 --
267
268 net-snmp (CVE-2008-6123)
269 Noah will see to it.
270
271 --
272
273 ocsinventory-server (CVE-2009-3040, CVE-2009-3042, CVE-2009-1443)
274 #541995
275 notified maintainer
276
277 --
278
279 open-iscsi (CVE-2009-1297)
280 notified maintainer in initial bug report
281
282 --
283
284 openldap
285 #253838
286 notified maintainer
287
288 --
289
290 overkill (no CVE yet)
291 #549310
292
293 --
294
295 owl (CVE-2009-0363)
296 #515118
297 notified maintainer
298
299 --
300
301 pam (CVE-2009-0579)
302 #514437
303 asked maintainer in mail
304
305 --
306
307 pidgin (CVE-2009-1889, CVE-2009-3083, CVE-2009-3084, CVE-2009-3085)
308 #535790
309 http://developer.pidgin.im/ticket/9483
310 http://developer.pidgin.im/viewmtn/revision/info/9bac0a540156fb1848eedd61c8630737dee752c7
311 notified maintainer
312
313 --
314
315 pptp-linux (no CVE)
316 #523476
317 Ola will prepare a fix in a point update
318
319 --
320
321 puppet (CVE-2009-3564)
322 #551073
323 notified maintainer in initial bug report
324
325 --
326
327 python-4suite (CVE-2009-3560, CVE-2009-3720)
328 #560914
329 notified maintainer
330
331 --
332
333 python-docutils
334 #560755
335 notified maintainer
336
337 --
338
339 rails (CVE-2009-3086)
340 bug #545063
341 notified maintainer
342
343 --
344
345 slim (CVE-2009-1756)
346 bug #529306
347 Maintainer notified through followup in #529306
348
349 --
350
351 tau (CVE-2008-5157)
352 #506348
353 notified maintainer
354
355 --
356
357 texlive-bin (CVE-2009-1284)
358 #520920
359 https://bugzilla.redhat.com/show_bug.cgi?id=492136
360 notified maintainer
361
362 --
363
364 udev (#462655)
365 notified maintainer
366
367 --
368
369 planet (CVE-2009-2937)
370 bug #546178
371 notified maintainer through initial bugreport
372
373 --
374
375 webkit (CVE-2008-4724)
376 #520052
377 asked maintainer
378
379 --
380
381 xemacs21 (CVE-2008-2142)
382 bug #480877
383 notified maintainer
384
385 xemacs21 (CVE-2009-2688)
386 #540470
387 Patches at https://bugzilla.redhat.com/show_bug.cgi?id=511994
388 notified maintainer
389
390 --
391
392 xen-3 (CVE-2008-4993)
393 #496367
394 notified maintainer
395
396 --
397
398 xerces-c2 (CVE-2009-1885)
399 #541986
400 notified maintainer
401
402
403 --
404
405 xfig
406 25_mkstemp added in 1:3.2.5.a-1
407 notified maintainer
408
409 CVE-2009-4228/CVE-2009-4227
410 #559274)
411 https://bugzilla.redhat.com/show_bug.cgi?id=543905
412
413 --
414
415 xmp (CVE-2007-6731, CVE-2007-6732)
416 #546730
417 notified maintainer
418
419 --
420
421 ziproxy (CVE-2009-0804)
422 #521051
  ViewVC Help
Powered by ViewVC 1.1.5