/[secure-testing]/data/spu-candidates.txt
ViewVC logotype

Diff of /data/spu-candidates.txt

Parent Directory Parent Directory | Revision Log Revision Log | View Patch Patch

revision 12460 by white, Sun Aug 2 02:15:37 2009 UTC revision 14136 by jmm-guest, Mon Feb 22 18:10:14 2010 UTC
# Line 3  but which could be fixed in a stable poi Line 3  but which could be fixed in a stable poi
3  it. If someone wants to address these, please add a note about it  it. If someone wants to address these, please add a note about it
4  and get in contact with debian-release@lists.debian.org  and get in contact with debian-release@lists.debian.org
5    
6    
7    --
8    
9    acidbase (CVE-2009-4590, CVE-2009-4591, CVE-2009-4592)
10    notified maintainer
11    
12    --
13    
14    acl (CVE-2009-4411)
15    #499076
16    notified maintainer
17    
18  --  --
19    
20  asterisk (CVE-2009-0041)  asterisk (CVE-2009-0041)
21  #513413  #513413
22  notified maintainer  notified maintainer
23    
24  CVE-2008-3903  asterisk (CVE-2008-3903)
25  #522528  #522528
26  notified maintainer  notified maintainer
27    
# Line 21  notified maintainer Line 33  notified maintainer
33    
34  --  --
35    
36    babel (CVE-2009-3736)
37    #559843
38    notified maintainer
39    
40    --
41    
42  bugzilla (CVE-2009-0481 to CVE-2009-0485)  bugzilla (CVE-2009-0481 to CVE-2009-0485)
43  notified maintainer  notified maintainer
44    
45  --  --
46    
47    buildbot (CVE-2009-2959, CVE-2009-2967)
48    #543822
49    notified maintainer
50    
51    --
52    
53  compiz-fusion-plugins-main (CVE-2008-6514)  compiz-fusion-plugins-main (CVE-2008-6514)
54  notified maintainer  notified maintainer
55    
# Line 37  notified maintainer Line 61  notified maintainer
61    
62  --  --
63    
64    cups (CVE-2009-3553)
65    #557740
66    maintainer notified in initial bug report
67    
68    --
69    
70    devil (CVE-2009-3994)
71    #560080
72    notified maintainer
73    
74    --
75    
76    dopewars (CVE-2009-3591)
77    #550913
78    notified maintainer
79    
80    --
81    
82    dstat (CVE-2009-3894)
83    http://svn.rpmforge.net/svn/trunk/tools/dstat/ChangeLog
84    notified maintainer
85    
86    dstat (CVE-2009-4081)
87    #559667
88    notified maintainer
89    
90    --
91    
92  evolution (CVE-2009-1631)  evolution (CVE-2009-1631)
93  #526409  #526409
94    notified maintainer through initial bugreport
95    
96    --
97    
98    libgnucrypto-java (CVE-2008-5659)
99    #559789
100    removed
101    
102  --  --
103    
# Line 48  notified maintainer Line 107  notified maintainer
107    
108  --  --
109    
110    gri (no CVE)
111    fixed in gri 2.12.18-1:
112    "Improve security when creating temporary files."
113    notified maintainer
114    
115    --
116    
117    gupnp (CVE-2009-2174)
118    #534594
119    notified maintainer
120    
121    --
122    
123    htmldoc (CVE-2009-3050)
124    #537637
125    notified maintainer through initial bugreport
126    
127    --
128    
129    hypre (CVE-2009-3736)
130    #559834
131    notified maintainer
132    
133    --
134    
135    kde4libs (CVE-2009-2702)
136    #546218
137    notified maintainer
138    
139    CVE-2009-0689
140    
141    --
142    
143  kfreebsd-6  kfreebsd-6
144  [freebsd Missing permission check on SIOCSIFINFO_IN6 ioctl]  [freebsd Missing permission check on SIOCSIFINFO_IN6 ioctl]
145  http://security.freebsd.org/advisories/FreeBSD-SA-09:10.ipv6.asc  http://security.freebsd.org/advisories/FreeBSD-SA-09:10.ipv6.asc
# Line 81  notified maintainer through initial bugr Line 173  notified maintainer through initial bugr
173    
174  --  --
175    
176    libpam-ssh (CVE-2009-1273)
177    #535877
178    maintainer notified through initial bug report, said he would work on an update
179    
180    --
181    
182  libpng (CVE-2009-2042)  libpng (CVE-2009-2042)
183  #533676  #533676
184  notified maintainer  notified maintainer
# Line 98  notified maintainer and release team Line 196  notified maintainer and release team
196    
197  --  --
198    
199    libstruts1.2-java (CVE-2008-2025)
200    #528352
201    
202    --
203    
204    makepasswd (no CVE ID)
205    #564559
206    
207    --
208    
209    maradns
210    http://maradns.org/download/maradns-1.4.02-parse_segfault.patch
211    notified maintainer
212    
213    --
214    
215  memcached (CVE-2009-1255)  memcached (CVE-2009-1255)
216  notified maintainer  notified maintainer
217    
# Line 115  notified maintainer Line 229  notified maintainer
229    
230  --  --
231    
232    neon27 (CVE-2009-2474)
233    #542926
234    notified maintainer
235    
236    --
237    
238    neon26 (CVE-2009-2474)
239    #542926
240    notified maintainer
241    
242    --
243    
244    network-manager-applet (CVE-2009-4144)
245    #560067
246    notified maintainer through initial bugreport
247    
248    CVE-2009-4145
249    #563371
250    notified maintainer through initial bugreport
251    
252    --
253    
254    ntop (CVE-2009-2732)
255    #543312
256    notified maintainer through initial bugreport
257    
258    --
259    
260    postfix (CVE-2009-2939)
261    notified maintainer
262    
263    --
264    
265  squid (CVE-2009-0801)  squid (CVE-2009-0801)
266  #521053  #521053
267    
# Line 125  squid3 (CVE-2009-0801) Line 272  squid3 (CVE-2009-0801)
272    
273  --  --
274    
275  stardict (CVE-2009-2260)  t-prot (CVE-2009-4404)
 #534731  
 notified maintainer  
276    
277  --  --
278    
# Line 136  Noah will see to it. Line 281  Noah will see to it.
281    
282  --  --
283    
284    ocsinventory-server (CVE-2009-3040, CVE-2009-3042, CVE-2009-1443)
285    #541995
286    notified maintainer
287    
288    --
289    
290    open-iscsi (CVE-2009-1297)
291    notified maintainer in initial bug report
292    
293    --
294    
295  openldap  openldap
296  #253838  #253838
297  notified maintainer  notified maintainer
298    
299  --  --
300    
301    overkill (no CVE yet)
302    #549310
303    
304    --
305    
306    owl (CVE-2009-0363)
307    #515118
308    notified maintainer
309    
310    --
311    
312  pam (CVE-2009-0579)  pam (CVE-2009-0579)
313  #514437  #514437
314  asked maintainer in mail  asked maintainer in mail
315    
316  --  --
317    
318    pidgin (CVE-2009-1889, CVE-2009-3083, CVE-2009-3084, CVE-2009-3085)
319    #535790
320    http://developer.pidgin.im/ticket/9483
321    http://developer.pidgin.im/viewmtn/revision/info/9bac0a540156fb1848eedd61c8630737dee752c7
322    notified maintainer
323    
324    --
325    
326  pptp-linux (no CVE)  pptp-linux (no CVE)
327  #523476  #523476
328  Ola will prepare a fix in a point update  Ola will prepare a fix in a point update
329    
330  --  --
331    
332    puppet (CVE-2009-3564)
333    #551073
334    notified maintainer in initial bug report
335    
336    --
337    
338    python-4suite (CVE-2009-3560, CVE-2009-3720)
339    #560914
340    notified maintainer
341    
342    --
343    
344    rails (CVE-2009-3086)
345    bug #545063
346    notified maintainer
347    
348    --
349    
350  slim (CVE-2009-1756)  slim (CVE-2009-1756)
351  bug #529306  bug #529306
352  Maintainer notified through followup in #529306  Maintainer notified through followup in #529306
353    
354  --  --
355    
356  smarty (CVE-2009-1669)  sqlite
357  #529810  #566326
 http://groups.google.com/group/smarty-svn/browse_thread/thread/b2da2e5d1ef8b462  
 notified maintainer  
358    
359  --  --
360    
# Line 173  notified maintainer Line 364  notified maintainer
364    
365  --  --
366    
367  texlive-bin (CVE-2009-1284)  udev (#462655)
368  #520920  notified maintainer
 https://bugzilla.redhat.com/show_bug.cgi?id=492136  
369    
370  --  --
371    
372  udev (#462655)  planet (CVE-2009-2937)
373  notified maintainer  bug #546178
374    notified maintainer through initial bugreport
375    
376  --  --
377    
# Line 194  xemacs21 (CVE-2008-2142) Line 385  xemacs21 (CVE-2008-2142)
385  bug #480877  bug #480877
386  notified maintainer  notified maintainer
387    
388    xemacs21 (CVE-2009-2688)
389    #540470
390    Patches at https://bugzilla.redhat.com/show_bug.cgi?id=511994
391    notified maintainer
392    
393  --  --
394    
395  xen-3 (CVE-2008-4993)  xen-3 (CVE-2008-4993)
# Line 202  notified maintainer Line 398  notified maintainer
398    
399  --  --
400    
401    xerces-c2 (CVE-2009-1885)
402    #541986
403    notified maintainer
404    
405    --
406    
407  xfig  xfig
408  25_mkstemp added in 1:3.2.5.a-1  25_mkstemp added in 1:3.2.5.a-1
409  notified maintainer  notified maintainer
410    
411    CVE-2009-4228/CVE-2009-4227
412    #559274)
413    https://bugzilla.redhat.com/show_bug.cgi?id=543905
414    
415    --
416    
417    xmp (CVE-2007-6731, CVE-2007-6732)
418    #546730
419    notified maintainer
420    
421    --
422    
423    xserver-xorg (no CVE)
424    #555308
425    
426    --
427    
428    ytnef (CVE-2009-3887, CVE-2009-3721)
429    
430  --  --
431    
432  ziproxy (CVE-2009-0804)  ziproxy (CVE-2009-0804)
433  #521051  #521051
434    notified maintainer
435    
436    --
437    
438    zope2.10 (no CVE)
439    https://mail.zope.org/pipermail/zope-announce/2010-January/002229.html
440    
441    --
442    
443    zoph (CVE-2008-6838, CVE-2008-6837, CVE-2009-2343)
444    http://sourceforge.net/tracker/?func=detail&aid=2815898&group_id=69353&atid=524249
445    http://sourceforge.net/project/shownotes.php?group_id=69353&release_id=694128
Legend:
Removed from v.12460  
changed lines
  Added in v.14136
  ViewVC Help
Powered by ViewVC 1.1.5