/[secure-testing]/data/spu-candidates.txt
ViewVC logotype

Diff of /data/spu-candidates.txt

Parent Directory Parent Directory | Revision Log Revision Log | View Patch Patch

revision 9638 by jmm-guest, Sun Aug 24 21:10:13 2008 UTC revision 12460 by white, Sun Aug 2 02:15:37 2009 UTC
# Line 5  and get in contact with debian-release@l Line 5  and get in contact with debian-release@l
5    
6  --  --
7    
8  audacity (CVE-2007-6061)  asterisk (CVE-2009-0041)
9  http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=453283  #513413
10  notified maintainer  notified maintainer
11    
12  --  CVE-2008-3903
13    #522528
 beagle (CVE-2005-4791)  
14  notified maintainer  notified maintainer
15    
16  --  --
17    
18  blam (CVE-2005-4791)  avahi (CVE-2009-0758)
19    #517683
20  notified maintainer  notified maintainer
21    
22  --  --
23    
24  boost (CVE-2008-0172/CVE-2008-0171)  bugzilla (CVE-2009-0481 to CVE-2009-0485)
 #461236  
25  notified maintainer  notified maintainer
26    
27  --  --
28    
29  bugzilla (CVE-2008-2103)  compiz-fusion-plugins-main (CVE-2008-6514)
 #480190)  
30  notified maintainer  notified maintainer
31    
32  --  --
33    
34  byacc (CVE-2008-3196)  cron: Incomplete fix for CVE-2006-2607 (setgid() and initgroups() not checked
35  #491182  #528434
36  notified maintainer  notified maintainer
37    
38  --  --
39    
40  bzip2 (CVE-2008-1372)  evolution (CVE-2009-1631)
41  #471670  #526409
 Maintainer has been notified  
42    
43  --  --
44    
45  cecilia (CVE-2008-1832)  gnutls26 (CVE-2009-1417)
46  #476321  #531614
47  notified maintainer  notified maintainer
48    
49  --  --
50    
51  comix (CVE-2008-1568)  kfreebsd-6
52  #462840  [freebsd Missing permission check on SIOCSIFINFO_IN6 ioctl]
53    http://security.freebsd.org/advisories/FreeBSD-SA-09:10.ipv6.asc
54  notified maintainer  notified maintainer
55    
56  --  [freebsd Local information disclosure via direct pipe writes] (CVE-2009-1935)
57    http://security.freebsd.org/advisories/FreeBSD-SA-09:09.pipe.asc
 emacs21 (CVE-2007-6109/CVE-2008-1694)  
 bug #455433, bug #476612  
 notified maintainer  
   
 emacs21 (CVE-2008-2142)  
 bug #480877  
58  notified maintainer  notified maintainer
59    
60  --  --
61    
62  exiv2 (CVE-2008-2696)  kfreebsd-7
63  bug #486328)  [freebsd Missing permission check on SIOCSIFINFO_IN6 ioctl]
64  http://dev.robotbattle.com/cgi-bin/viewvc.cgi/exiv2/trunk/src/nikonmn.cpp?r1=1473&r2=1499  http://security.freebsd.org/advisories/FreeBSD-SA-09:10.ipv6.asc
65  notified maintainer  notified maintainer
66    
67  --  [freebsd Local information disclosure via direct pipe writes] (CVE-2009-1935)
68    http://security.freebsd.org/advisories/FreeBSD-SA-09:09.pipe.asc
 flac123 (CVE-2007-3507)  
69  notified maintainer  notified maintainer
70    
71  --  --
72    
73  ipsec-tools (CVE-2008-3651)  kvm 82-1 (CVE-2008-5714)
74  +http://sourceforge.net/mailarchive/forum.php?thread_name=48a0c7a0.qPeWZAE0PY8bDDq%2B%25olel%40ans.pl&forum_name=ipsec-tools-dev+el  #509997
   
 --  
   
 libapache2-mod-perl2 (CVE-2007-1349)  
 http://svn.apache.org/viewvc?view=rev&revision=521584  
 #433549  
 notified maintainer  
   
 --  
   
 libpam-ssh (CVE-2007-0844)  
 #410236  
75  notified maintainer  notified maintainer
76    
77  --  --
78    
79  libpng (CVE-2008-1382)  lcms (CVE-2009-0793)
80  #476669  notified maintainer through initial bugreport
 notified maintainer  
   
 --  
   
 liferea (CVE-2005-4791)  
 notified maintainer  
81    
82  --  --
83    
84  lighttpd (CVE-2007-3948)  libpng (CVE-2009-2042)
85  #434888  #533676
 Was accidentally omitted during DSA 1362, but doesn't warrant a DSA on it's own.  
 http://trac.lighttpd.net/trac/changeset/1873?format=diff&new=1873  
 http://trac.lighttpd.net/trac/ticket/1216  
86  notified maintainer  notified maintainer
87    
88  --  --
89    
90  links2 (CVE-2008-3329)  libsndfile
91  bug #492744)  potential dos via crafted input
92  notified maintainer  #530831
93    
94  --  --
95    
96  linux-ftpd-ssl (CVE-2007-6263)  libvorbis (CVE-2008-2009)
97  #454733  notified maintainer and release team
 notified maintainer  
98    
99  --  --
100    
101  mecab (CVE-2007-3231)  memcached (CVE-2009-1255)
 #429174  
102  notified maintainer  notified maintainer
103    
104  --  --
105    
106  mksh (CVE-2008-1845)  mimedecode
107  notified maintainer  potential dos/crash due to invalid input
108    orphaned
109    #530430
110    
111  --  --
112    
113  mldonkey (CVE-2007-4100)  mpg123 (CVE-2009-1301)
 #435439  
114  notified maintainer  notified maintainer
115    
116  --  --
117    
118  mnogosearch (CVE-2007-5588)  squid (CVE-2009-0801)
119  #447753)  #521053
 notified maintainer  
   
 ---  
   
 ngircd (CVE-2008-0285)  
 notified maintainer  
120    
121  --  --
122    
123  paramiko (CVE-2008-0299)  squid3 (CVE-2009-0801)
124  #460706  #521052
 notified maintainer  
125    
126  --  --
127    
128  python-django (CVE-2007-5712)  stardict (CVE-2009-2260)
129  http://media.djangoproject.com/patches/2007-10-26-security-fix/  #534731
 #448838  
130  notified maintainer  notified maintainer
131    
132  --  --
133    
134  rsync (CVE-2007-6200)  net-snmp (CVE-2008-6123)
135  #453652  Noah will see to it.
 notified maintainer  
136    
137  --  --
 sip-tester (CVE-2008-1959, CVE-2008-2085)  
 #479039  
 notified maintainer  
138    
139  --  openldap
140    #253838
 slocate (CVE-2007-0227)  
 #411937  
141  notified maintainer  notified maintainer
142    
143  --  --
144    
145  smb4k (CVE-2007-0475, CVE-2007-0474, CVE-2007-0473, CVE-2007-0472)  pam (CVE-2009-0579)
146  notified maintainer  #514437
147    asked maintainer in mail
148    
149  --  --
150    
151  streamripper (CVE-2007-4337)  pptp-linux (no CVE)
152  notified maintainer  #523476
153    Ola will prepare a fix in a point update
154    
155  --  --
156    
157  sylpheed (CVE-2007-2958)  slim (CVE-2009-1756)
158  #441854  bug #529306
159  http://www.colino.net/claws-mail/getpatchset.php3?ver=2.10.0cvs153 fixes the bug  Maintainer notified through followup in #529306
 notified maintainer  
160    
161  --  --
162    
163  tintin++ (CVE-2008-0673 CVE-2008-0672 CVE-2008-0671)  smarty (CVE-2009-1669)
164  #465643  #529810
165    http://groups.google.com/group/smarty-svn/browse_thread/thread/b2da2e5d1ef8b462
166  notified maintainer  notified maintainer
167    
168  --  --
169    
170  tomboy (CVE-2005-4790)  tau (CVE-2008-5157)
171    #506348
172  notified maintainer  notified maintainer
173    
174  --  --
175    
176  vobcopy (CVE-2007-5718)  texlive-bin (CVE-2009-1284)
177  bug #448319  #520920
178  notified maintainer  https://bugzilla.redhat.com/show_bug.cgi?id=492136
179    
180  --  --
181    
182  wdiff [insecure tempfile in wdiff]  udev (#462655)
 bug #425254  
183  notified maintainer  notified maintainer
184    
185  --  --
186    
187  wyrd (CVE-2008-0806)  webkit (CVE-2008-4724)
188  bug #466382  #520052
189  notified maintainer  asked maintainer
190    
191  --  --
192    
 xemacs21 (CVE-2007-6109/CVE-2008-1694)  
 bug #457764, bug #476613  
 notified maintainer  
   
193  xemacs21 (CVE-2008-2142)  xemacs21 (CVE-2008-2142)
194  bug #480877  bug #480877
195  notified maintainer  notified maintainer
196    
197  --  --
198    
199  xfce4 (CVE-2007-6351 CVE-2007-6352)  xen-3 (CVE-2008-4993)
200    #496367
201  notified maintainer  notified maintainer
202    
203  --  --
204    
205  zabbix (CVE-2008-1353)  xfig
206  bug #471678  25_mkstemp added in 1:3.2.5.a-1
207  notified maintainer  notified maintainer
208    
209  --  --
210    
211  zsh (CVE-2007-6209)  ziproxy (CVE-2009-0804)
212  bug #454073)  #521051
 notified maintainer  
   
Legend:
Removed from v.9638  
changed lines
  Added in v.12460
  ViewVC Help
Powered by ViewVC 1.1.5