/[secure-testing]/data/spu-candidates.txt
ViewVC logotype

Contents of /data/spu-candidates.txt

Parent Directory Parent Directory | Revision Log Revision Log

Revision 13697 - (show annotations) (download)
Sat Jan 2 15:01:04 2010 UTC (3 years, 4 months ago) by derevko-guest
File MIME type: text/plain
File size: 5738 byte(s) 
NFUs and ITPs
two minor network-manager issues
1 This file records minor security issues, which do not warrant a DSA,
2 but which could be fixed in a stable point update if people feel like
3 it. If someone wants to address these, please add a note about it
4 and get in contact with debian-release@lists.debian.org
5
6
7 --
8
9 alien-arena (CVE-2009-3637)
10 #552038
11
12 --
13
14 asterisk (CVE-2009-0041)
15 #513413
16 notified maintainer
17
18 asterisk (CVE-2008-3903)
19 #522528
20 notified maintainer
21
22 --
23
24 avahi (CVE-2009-0758)
25 #517683
26 notified maintainer
27
28 --
29
30 babel (CVE-2009-3736)
31 #559843
32 notified maintainer
33
34 --
35
36 backuppc (CVE-2009-3369)
37 #542218
38 notified maintainer
39
40 --
41
42 bugzilla (CVE-2009-0481 to CVE-2009-0485)
43 notified maintainer
44
45 --
46
47 buildbot (CVE-2009-2959, CVE-2009-2967)
48 #543822
49 notified maintainer
50
51 --
52
53 compiz-fusion-plugins-main (CVE-2008-6514)
54 notified maintainer
55
56 --
57
58 cron: Incomplete fix for CVE-2006-2607 (setgid() and initgroups() not checked
59 #528434
60 notified maintainer
61
62 --
63
64 cups (CVE-2009-3553)
65 #557740
66 maintainer notified in initial bug report
67
68 --
69
70 devil (CVE-2009-3994)
71 #560080
72 notified maintainer
73
74 --
75
76 dopewars (CVE-2009-3591)
77 #550913
78 notified maintainer
79
80 --
81
82 dstat (CVE-2009-3894)
83 http://svn.rpmforge.net/svn/trunk/tools/dstat/ChangeLog
84 notified maintainer
85
86 dstat (CVE-2009-4081)
87 #559667
88 notified maintainer
89
90 --
91
92 evolution (CVE-2009-1631)
93 #526409
94 notified maintainer through initial bugreport
95
96 --
97
98 firebird2.0 (CVE-2009-2620)
99 #539477
100 notified maintainer
101
102 --
103
104 glib2.0 (CVE-2009-3289)
105 https://bugzilla.gnome.org/show_bug.cgi?id=593406
106 notified maintainer
107
108 --
109
110 gnutls26 (CVE-2009-1417)
111 #531614
112 notified maintainer
113
114 --
115
116 gri (no CVE)
117 fixed in gri 2.12.18-1:
118 "Improve security when creating temporary files."
119 notified maintainer
120
121 --
122
123 gupnp (CVE-2009-2174)
124 #534594
125 notified maintainer
126
127 --
128
129 horde3 (CVE-2009-3701)
130
131 --
132
133 htmldoc (CVE-2009-3050)
134 #537637
135 notified maintainer through initial bugreport
136
137 --
138
139 hypre (CVE-2009-3736)
140 #559834
141 notified maintainer
142
143 --
144
145 kde4libs (CVE-2009-2702)
146 #546218
147 notified maintainer
148
149 --
150
151 kfreebsd-6
152 [freebsd Missing permission check on SIOCSIFINFO_IN6 ioctl]
153 http://security.freebsd.org/advisories/FreeBSD-SA-09:10.ipv6.asc
154 notified maintainer
155
156 [freebsd Local information disclosure via direct pipe writes] (CVE-2009-1935)
157 http://security.freebsd.org/advisories/FreeBSD-SA-09:09.pipe.asc
158 notified maintainer
159
160 --
161
162 kfreebsd-7
163 [freebsd Missing permission check on SIOCSIFINFO_IN6 ioctl]
164 http://security.freebsd.org/advisories/FreeBSD-SA-09:10.ipv6.asc
165 notified maintainer
166
167 [freebsd Local information disclosure via direct pipe writes] (CVE-2009-1935)
168 http://security.freebsd.org/advisories/FreeBSD-SA-09:09.pipe.asc
169 notified maintainer
170
171 --
172
173 kvm 82-1 (CVE-2008-5714)
174 #509997
175 notified maintainer
176
177 --
178
179 lcms (CVE-2009-0793)
180 notified maintainer through initial bugreport
181
182 --
183
184 libpam-ssh (CVE-2009-1273)
185 #535877
186 maintainer notified through initial bug report, said he would work on an update
187
188 --
189
190 libpng (CVE-2009-2042)
191 #533676
192 notified maintainer
193
194 --
195
196 libsndfile
197 potential dos via crafted input
198 #530831
199
200 --
201
202 libvorbis (CVE-2008-2009)
203 notified maintainer and release team
204
205 --
206
207 memcached (CVE-2009-1255)
208 notified maintainer
209
210 --
211
212 mimedecode
213 potential dos/crash due to invalid input
214 orphaned
215 #530430
216
217 --
218
219 movabletype-opensource (CVE-2009-2492)
220 #537935
221 notified maintainer
222
223 --
224
225 mpg123 (CVE-2009-1301)
226 notified maintainer
227
228 --
229
230 neon27 (CVE-2009-2474)
231 #542926
232 notified maintainer
233
234 --
235
236 neon26 (CVE-2009-2474)
237 #542926
238 notified maintainer
239
240 --
241
242 network-manager-applet (CVE-2009-4144)
243 #560067
244 notified maintainer through initial bugreport
245
246 CVE-2009-4145
247 #563371
248 notified maintainer through initial bugreport
249
250 --
251
252 ntop (CVE-2009-2732)
253 #543312
254 notified maintainer through initial bugreport
255
256 --
257
258 postfix (CVE-2009-2939)
259 notified maintainer
260
261 --
262
263 snort (CVE-2009-3641)
264 #553584
265
266 --
267
268 squid (CVE-2009-0801)
269 #521053
270
271 --
272
273 squid3 (CVE-2009-0801)
274 #521052
275
276 --
277
278 net-snmp (CVE-2008-6123)
279 Noah will see to it.
280
281 --
282
283 ocsinventory-server (CVE-2009-3040, CVE-2009-3042, CVE-2009-1443)
284 #541995
285 notified maintainer
286
287 --
288
289 open-iscsi (CVE-2009-1297)
290 notified maintainer in initial bug report
291
292 --
293
294 openldap
295 #253838
296 notified maintainer
297
298 --
299
300 overkill (no CVE yet)
301 #549310
302
303 --
304
305 owl (CVE-2009-0363)
306 #515118
307 notified maintainer
308
309 --
310
311 pam (CVE-2009-0579)
312 #514437
313 asked maintainer in mail
314
315 --
316
317 pidgin (CVE-2009-1889, CVE-2009-3083, CVE-2009-3084, CVE-2009-3085)
318 #535790
319 http://developer.pidgin.im/ticket/9483
320 http://developer.pidgin.im/viewmtn/revision/info/9bac0a540156fb1848eedd61c8630737dee752c7
321 notified maintainer
322
323 --
324
325 pptp-linux (no CVE)
326 #523476
327 Ola will prepare a fix in a point update
328
329 --
330
331 puppet (CVE-2009-3564)
332 #551073
333 notified maintainer in initial bug report
334
335 --
336
337 python-4suite (CVE-2009-3560, CVE-2009-3720)
338 #560914
339 notified maintainer
340
341 --
342
343 python-docutils
344 #560755
345 notified maintainer
346
347 --
348
349 rails (CVE-2009-3086)
350 bug #545063
351 notified maintainer
352
353 --
354
355 slim (CVE-2009-1756)
356 bug #529306
357 Maintainer notified through followup in #529306
358
359 --
360
361 tau (CVE-2008-5157)
362 #506348
363 notified maintainer
364
365 --
366
367 texlive-bin (CVE-2009-1284)
368 #520920
369 https://bugzilla.redhat.com/show_bug.cgi?id=492136
370 notified maintainer
371
372 --
373
374 udev (#462655)
375 notified maintainer
376
377 --
378
379 planet (CVE-2009-2937)
380 bug #546178
381 notified maintainer through initial bugreport
382
383 --
384
385 webkit (CVE-2008-4724)
386 #520052
387 asked maintainer
388
389 --
390
391 xemacs21 (CVE-2008-2142)
392 bug #480877
393 notified maintainer
394
395 xemacs21 (CVE-2009-2688)
396 #540470
397 Patches at https://bugzilla.redhat.com/show_bug.cgi?id=511994
398 notified maintainer
399
400 --
401
402 xen-3 (CVE-2008-4993)
403 #496367
404 notified maintainer
405
406 --
407
408 xerces-c2 (CVE-2009-1885)
409 #541986
410 notified maintainer
411
412
413 --
414
415 xfig
416 25_mkstemp added in 1:3.2.5.a-1
417 notified maintainer
418
419 CVE-2009-4228/CVE-2009-4227
420 #559274)
421 https://bugzilla.redhat.com/show_bug.cgi?id=543905
422
423 --
424
425 xmp (CVE-2007-6731, CVE-2007-6732)
426 #546730
427 notified maintainer
428
429 --
430
431 ziproxy (CVE-2009-0804)
432 #521051
  ViewVC Help
Powered by ViewVC 1.1.5