/[secure-testing]/data/spu-candidates.txt
ViewVC logotype

Diff of /data/spu-candidates.txt

Parent Directory Parent Directory | Revision Log Revision Log | View Patch Patch

revision 12653 by jmm-guest, Fri Aug 21 17:50:45 2009 UTC revision 14226 by jmm-guest, Mon Mar 8 22:47:00 2010 UTC
# Line 3  but which could be fixed in a stable poi Line 3  but which could be fixed in a stable poi
3  it. If someone wants to address these, please add a note about it  it. If someone wants to address these, please add a note about it
4  and get in contact with debian-release@lists.debian.org  and get in contact with debian-release@lists.debian.org
5    
6    
7    --
8    
9    acidbase (CVE-2009-4590, CVE-2009-4591, CVE-2009-4592)
10    notified maintainer
11    
12    --
13    
14    acl (CVE-2009-4411)
15    #499076
16    notified maintainer
17    
18  --  --
19    
20  asterisk (CVE-2009-0041)  asterisk (CVE-2009-0041)
21  #513413  #513413
22  notified maintainer  notified maintainer
23    
24  CVE-2008-3903  asterisk (CVE-2008-3903)
25  #522528  #522528
26  notified maintainer  notified maintainer
27    
# Line 21  notified maintainer Line 33  notified maintainer
33    
34  --  --
35    
36    babel (CVE-2009-3736)
37    #559843
38    notified maintainer
39    
40    --
41    
42  bugzilla (CVE-2009-0481 to CVE-2009-0485)  bugzilla (CVE-2009-0481 to CVE-2009-0485)
43  notified maintainer  notified maintainer
44    
45  --  --
46    
47  burn: (no CVE yet)  buildbot (CVE-2009-2959, CVE-2009-2967)
48  #542329  #543822
49  notified maintainer through bug report  notified maintainer
50    
51  --  --
52    
# Line 43  notified maintainer Line 61  notified maintainer
61    
62  --  --
63    
64    cups (CVE-2009-3553)
65    #557740
66    maintainer notified in initial bug report
67    Initial patch was incomplete; CVE-2010-0302
68    
69    
70    --
71    
72    devil (CVE-2009-3994)
73    #560080
74    notified maintainer
75    
76    --
77    
78    dopewars (CVE-2009-3591)
79    #550913
80    notified maintainer
81    
82    --
83    
84    dstat (CVE-2009-3894)
85    http://svn.rpmforge.net/svn/trunk/tools/dstat/ChangeLog
86    notified maintainer
87    
88    dstat (CVE-2009-4081)
89    #559667
90    notified maintainer
91    
92    --
93    
94  evolution (CVE-2009-1631)  evolution (CVE-2009-1631)
95  #526409  #526409
96  notified maintainer through initial bugreport  notified maintainer through initial bugreport
97    
98  --  --
99    
100  firebird2.0 (CVE-2009-2620)  fcron (CVE-2010-0791)
101  #539477  #572587
102  notified maintainer  notified maintainer through initial bugreport
103    
104    --
105    
106    libgnucrypto-java (CVE-2008-5659)
107    #559789
108    removed
109    
110  --  --
111    
# Line 61  notified maintainer Line 115  notified maintainer
115    
116  --  --
117    
118    gri (no CVE)
119    fixed in gri 2.12.18-1:
120    "Improve security when creating temporary files."
121    notified maintainer
122    
123    --
124    
125    gupnp (CVE-2009-2174)
126    #534594
127    notified maintainer
128    
129    --
130    
131    htmldoc (CVE-2009-3050)
132    #537637
133    notified maintainer through initial bugreport
134    
135    --
136    
137    hypre (CVE-2009-3736)
138    #559834
139    notified maintainer
140    
141    --
142    
143    kde4libs (CVE-2009-2702)
144    #546218
145    notified maintainer
146    
147    CVE-2009-0689
148    
149    --
150    
151  kfreebsd-6  kfreebsd-6
152  [freebsd Missing permission check on SIOCSIFINFO_IN6 ioctl]  [freebsd Missing permission check on SIOCSIFINFO_IN6 ioctl]
153  http://security.freebsd.org/advisories/FreeBSD-SA-09:10.ipv6.asc  http://security.freebsd.org/advisories/FreeBSD-SA-09:10.ipv6.asc
# Line 96  notified maintainer through initial bugr Line 183  notified maintainer through initial bugr
183    
184  libpam-ssh (CVE-2009-1273)  libpam-ssh (CVE-2009-1273)
185  #535877  #535877
186  maintainer notified through initial bug report  maintainer notified through initial bug report, said he would work on an update
187    
188  --  --
189    
# Line 104  libpng (CVE-2009-2042) Line 191  libpng (CVE-2009-2042)
191  #533676  #533676
192  notified maintainer  notified maintainer
193    
194    CVE-2010-0205
195    #572308
196    
197  --  --
198    
199  libsndfile  libsndfile
# Line 117  notified maintainer and release team Line 207  notified maintainer and release team
207    
208  --  --
209    
210    libstruts1.2-java (CVE-2008-2025)
211    #528352
212    
213    --
214    
215    linux-ftpd: null ptr dereference
216    #572813
217    
218    --
219    
220    makepasswd (no CVE ID)
221    #564559
222    
223    --
224    
225    maradns
226    http://maradns.org/download/maradns-1.4.02-parse_segfault.patch
227    notified maintainer
228    
229    --
230    
231  memcached (CVE-2009-1255)  memcached (CVE-2009-1255)
232  notified maintainer  notified maintainer
233    
# Line 134  notified maintainer Line 245  notified maintainer
245    
246  --  --
247    
248    neon27 (CVE-2009-2474)
249    #542926
250    notified maintainer
251    
252    --
253    
254    neon26 (CVE-2009-2474)
255    #542926
256    notified maintainer
257    
258    --
259    
260    network-manager-applet (CVE-2009-4144)
261    #560067
262    notified maintainer through initial bugreport
263    
264    CVE-2009-4145
265    #563371
266    notified maintainer through initial bugreport
267    
268    --
269    
270    ntop (CVE-2009-2732)
271    #543312
272    notified maintainer through initial bugreport
273    
274    --
275    
276    postfix (CVE-2009-2939)
277    notified maintainer
278    
279    --
280    
281  squid (CVE-2009-0801)  squid (CVE-2009-0801)
282  #521053  #521053
283    
# Line 144  squid3 (CVE-2009-0801) Line 288  squid3 (CVE-2009-0801)
288    
289  --  --
290    
291  stardict (CVE-2009-2260)  t-prot (CVE-2009-4404)
 #534731  
 notified maintainer  
292    
293  --  --
294    
# Line 155  Noah will see to it. Line 297  Noah will see to it.
297    
298  --  --
299    
300    ocsinventory-server (CVE-2009-3040, CVE-2009-3042, CVE-2009-1443)
301    #541995
302    notified maintainer
303    
304    --
305    
306  openldap  openldap
307  #253838  #253838
308  notified maintainer  notified maintainer
309    
310  --  --
311    
312    openssl (CVE-2009-3245)
313    notified maintainer
314    
315    --
316    
317    overkill (no CVE yet)
318    #549310
319    
320    --
321    
322    owl (CVE-2009-0363)
323    #515118
324    notified maintainer
325    
326    --
327    
328  pam (CVE-2009-0579)  pam (CVE-2009-0579)
329  #514437  #514437
330  asked maintainer in mail  asked maintainer in mail
331    
332  --  --
333    
334    pidgin (CVE-2009-1889, CVE-2009-3083, CVE-2009-3084, CVE-2009-3085)
335    #535790
336    http://developer.pidgin.im/ticket/9483
337    http://developer.pidgin.im/viewmtn/revision/info/9bac0a540156fb1848eedd61c8630737dee752c7
338    notified maintainer
339    
340    --
341    
342  pptp-linux (no CVE)  pptp-linux (no CVE)
343  #523476  #523476
344  Ola will prepare a fix in a point update  Ola will prepare a fix in a point update
345    
346  --  --
347    
348    puppet (CVE-2009-3564)
349    #551073
350    notified maintainer in initial bug report
351    
352    CVE-2010-0156
353    #https://bugzilla.redhat.com/show_bug.cgi?id=502881
354    
355    --
356    
357    python-4suite (CVE-2009-3560, CVE-2009-3720)
358    #560914
359    notified maintainer
360    
361    --
362    
363    rails (CVE-2009-3086)
364    bug #545063
365    notified maintainer
366    
367    --
368    
369    shibboleth-sp2: world-readable key (no CVE)
370    #571631
371    notified maintainer through bugreport
372    
373    --
374    
375  slim (CVE-2009-1756)  slim (CVE-2009-1756)
376  bug #529306  bug #529306
377  Maintainer notified through followup in #529306  Maintainer notified through followup in #529306
378    
379  --  --
380    
381  smarty (CVE-2009-1669)  squid (CVE-2010-0639)
382  #529810  #572553
383  http://groups.google.com/group/smarty-svn/browse_thread/thread/b2da2e5d1ef8b462  Maintainer notified through initial bugreport
384  notified maintainer  
385    --
386    
387    squid3 (CVE-2010-0639)
388    #572554
389    Maintainer notified through initial bugreport
390    
391    --
392    
393    sqlite
394    #566326
395    
396  --  --
397    
# Line 192  notified maintainer Line 401  notified maintainer
401    
402  --  --
403    
404  texlive-bin (CVE-2009-1284)  udev (#462655)
405  #520920  notified maintainer
 https://bugzilla.redhat.com/show_bug.cgi?id=492136  
406    
407  --  --
408    
409  udev (#462655)  planet (CVE-2009-2937)
410  notified maintainer  bug #546178
411    notified maintainer through initial bugreport
412    
413  --  --
414    
# Line 226  notified maintainer Line 435  notified maintainer
435    
436  --  --
437    
438    xerces-c2 (CVE-2009-1885)
439    #541986
440    notified maintainer
441    
442    --
443    
444  xfig  xfig
445  25_mkstemp added in 1:3.2.5.a-1  25_mkstemp added in 1:3.2.5.a-1
446  notified maintainer  notified maintainer
447    
448    CVE-2009-4228/CVE-2009-4227
449    #559274)
450    https://bugzilla.redhat.com/show_bug.cgi?id=543905
451    
452    --
453    
454    xmp (CVE-2007-6731, CVE-2007-6732)
455    #546730
456    notified maintainer
457    
458  --  --
459    
460  xscreensaver (no CVE)  xserver-xorg (no CVE)
461  #539699  #555308
462    
463    --
464    
465    ytnef (CVE-2009-3887, CVE-2009-3721)
466    
467  --  --
468    
469  ziproxy (CVE-2009-0804)  ziproxy (CVE-2009-0804)
470  #521051  #521051
471    notified maintainer
472    
473    --
474    
475    zope2.10 (no CVE)
476    https://mail.zope.org/pipermail/zope-announce/2010-January/002229.html
477    
478    --
479    
480    zoph (CVE-2008-6838, CVE-2008-6837, CVE-2009-2343)
481    http://sourceforge.net/tracker/?func=detail&aid=2815898&group_id=69353&atid=524249
482    http://sourceforge.net/project/shownotes.php?group_id=69353&release_id=694128
Legend:
Removed from v.12653  
changed lines
  Added in v.14226
  ViewVC Help
Powered by ViewVC 1.1.5