[Secure-testing-commits] r16035 - data
Moritz Muehlenhoff
jmm at alioth.debian.org
Wed Feb 2 20:22:09 UTC 2011
Author: jmm
Date: 2011-02-02 20:22:09 +0000 (Wed, 02 Feb 2011)
New Revision: 16035
Added:
data/ospu-candidates.txt
Removed:
data/spu-candidates.txt
Log:
rename spu-candidates to ospu-candidate to allow us to
track Squeeze
Copied: data/ospu-candidates.txt (from rev 16032, data/spu-candidates.txt)
===================================================================
--- data/ospu-candidates.txt (rev 0)
+++ data/ospu-candidates.txt 2011-02-02 20:22:09 UTC (rev 16035)
@@ -0,0 +1,757 @@
+This file records minor security issues, which do not warrant a DSA,
+but which could be fixed in a stable point update if people feel like
+it. If someone wants to address these, please add a note about it
+and get in contact with debian-release at lists.debian.org
+
+
+--
+
+abcm2ps (no CVE)
+#577014
+
+
+--
+
+acidbase (CVE-2009-4590, CVE-2009-4591, CVE-2009-4592)
+notified maintainer
+
+CVE-2009-4839 CVE-2009-4838 CVE-2009-4837
+maintainer contacted us, notified about spu status
+
+--
+
+acl (CVE-2009-4411)
+#499076
+notified maintainer
+
+--
+
+asterisk (CVE-2009-0041)
+#513413
+notified maintainer
+
+asterisk (CVE-2008-3903)
+#522528
+notified maintainer
+
+--
+
+avahi (CVE-2009-0758)
+#517683
+notified maintainer
+
+--
+
+babel (CVE-2009-3736)
+#559843
+notified maintainer
+
+--
+
+bugzilla (CVE-2009-0481 to CVE-2009-0485)
+notified maintainer
+
+CVE-2010-1204
+notified maintainer through initial bugreport
+
+--
+
+buildbot (CVE-2009-2959, CVE-2009-2967)
+#543822
+notified maintainer
+
+--
+
+calendarserver
+#605157
+
+--
+
+centerim
+CVE-2009-3720
+
+--
+
+compiz-fusion-plugins-main (CVE-2008-6514)
+notified maintainer
+
+--
+
+couchdb (CVE-2010-0009)
+#576304
+notified maintainer
+
+--
+
+cron: Incomplete fix for CVE-2006-2607 (setgid() and initgroups() not checked
+#528434
+notified maintainer
+
+--
+
+cups (CVE-2009-3553)
+#557740
+maintainer notified in initial bug report
+Initial patch was incomplete;
+
+cups (CVE-2010-0302)
+#572940
+notified maintainer
+
+--
+
+dbus-glib (CVE-2010-1172)
+#592753
+
+--
+
+devil (CVE-2009-3994)
+#560080
+notified maintainer
+
+--
+
+dopewars (CVE-2009-3591)
+#550913
+notified maintainer
+
+--
+
+dropbox (CVE-2010-3354)
+bug #598287
+
+--
+
+dstat (CVE-2009-3894)
+http://svn.rpmforge.net/svn/trunk/tools/dstat/ChangeLog
+notified maintainer
+
+dstat (CVE-2009-4081)
+#559667
+notified maintainer
+
+--
+
+evolution (CVE-2009-1631)
+#526409
+notified maintainer through initial bugreport
+
+--
+
+exim4 (CVE-2010-2023, CVE-2010-2024)
+notified maintainers
+
+--
+
+fastjar (CVE-2010-0831, CVE-2010-2322)
+
+--
+
+fcron (CVE-2010-0791)
+#572587
+notified maintainer through initial bugreport
+
+--
+
+flash-kernel temp file handling (fixed in 2.33)
+
+
+--
+
+gnome-shell (CVE-2010-4000)
+
+--
+
+gnome-subtitles (CVE-2010-3357)
+#598289
+
+--
+
+CVE-2008-XXXX [greylistd bypass]
+#464084
+
+--
+
+ika (CVE-2010-3361)
+#5982925B
+notified maintainer
+
+--
+
+imp4 (CVE-2010-0463)
+#569661
+notified maintainer
+
+--
+
+libgnucrypto-java (CVE-2008-5659)
+#559789
+removed
+
+--
+
+gnome-schedule
+#605169
+
+--
+
+gnucash (CVE-2010-3999)
+#603329
+
+--
+
+gnumed-client
+#605159
+
+--
+
+gnutls26 (CVE-2009-1417)
+#531614
+notified maintainer
+
+--
+
+gri (no CVE)
+fixed in gri 2.12.18-1:
+"Improve security when creating temporary files."
+notified maintainer
+
+--
+
+gupnp (CVE-2009-2174)
+#534594
+notified maintainer
+
+--
+
+htmldoc (CVE-2009-3050)
+#537637
+notified maintainer through initial bugreport
+
+--
+
+hypermail (CVE-2010-4339)
+#598743
+
+--
+
+hypre (CVE-2009-3736)
+#559834
+notified maintainer
+
+--
+
+iceweasel (CVE-2009-0777)
+#576466
+notified maintainer
+
+--
+
+ironpython
+#605158
+
+--
+
+kde4libs (CVE-2009-2702)
+#546218
+notified maintainer
+
+kde4libs (CVE-2009-0689)
+notified maintainer
+
+--
+
+kfreebsd-6
+[freebsd Missing permission check on SIOCSIFINFO_IN6 ioctl]
+http://security.freebsd.org/advisories/FreeBSD-SA-09:10.ipv6.asc
+notified maintainer
+
+[freebsd Local information disclosure via direct pipe writes] (CVE-2009-1935)
+http://security.freebsd.org/advisories/FreeBSD-SA-09:09.pipe.asc
+notified maintainer
+
+--
+
+kfreebsd-7
+[freebsd Missing permission check on SIOCSIFINFO_IN6 ioctl]
+http://security.freebsd.org/advisories/FreeBSD-SA-09:10.ipv6.asc
+notified maintainer
+
+[freebsd Local information disclosure via direct pipe writes] (CVE-2009-1935)
+http://security.freebsd.org/advisories/FreeBSD-SA-09:09.pipe.asc
+notified maintainer
+
+--
+
+kvm 82-1 (CVE-2008-5714)
+#509997
+notified maintainer
+
+--
+
+lcms (CVE-2009-0793)
+notified maintainer through initial bugreport
+
+--
+
+libesmtp (CVE-2010-1192)
+#572960
+maintainer contacted us, notified about spu status
+
+--
+
+libnss-db (CVE-2010-0826)
+#577057
+
+--
+
+liboggz (CVE-2009-3377)
+Fixed in 0.9.9-1
+Too intrusive to backport, needs to be updated to 0.9.9. Requires additional rebuild of rev dep.
+
+--
+
+libpam-ssh (CVE-2009-1273)
+#535877
+maintainer notified through initial bug report, said he would work on an update
+
+--
+
+libglpng (CVE-2010-1516)
+
+--
+
+libpoe-component-irc-perl
+#581194
+maintainer contacted us
+
+--
+
+libsndfile
+potential dos via crafted input
+#530831
+notified maintainer
+
+--
+
+libvorbis (CVE-2008-2009)
+notified maintainer and release team
+
+--
+
+libstruts1.2-java (CVE-2008-2025)
+#528352
+notified maintainer
+
+--
+
+linux-ftpd: null ptr dereference
+#572813
+notified maintainer
+
+--
+
+logrotate [logrotate race condition could lead to file disclosure]
+Fixed in sid in 3.7.8-4
+
+--
+
+makepasswd (no CVE ID)
+#564559
+notified maintainer
+
+--
+
+mako (CVE-2010-2480)
+http://bugs.python.org/issue9061
+
+--
+
+mapserver (CVE-2010-3484, CVE-2010-3485)
+fixed in 5.6.4-1
+
+--
+
+maradns
+http://maradns.org/download/maradns-1.4.02-parse_segfault.patch
+notified maintainer
+
+--
+
+matrixssl
+CVE-2009-3555
+
+
+--
+
+memcached (CVE-2009-1255)
+notified maintainer
+
+--
+
+mercurial (CVE-2010-4237)
+#598841
+
+--
+
+mimedecode
+potential dos/crash due to invalid input
+orphaned
+#530430
+
+--
+
+mingetty
+#597382
+
+--
+
+mono-debugger (CVE-2010-3369)
+#598299
+
+--
+
+mpg123 (CVE-2009-1301)
+notified maintainer
+
+--
+
+neon27 (CVE-2009-2474)
+#542926
+notified maintainer
+
+--
+
+neon26 (CVE-2009-2474)
+#542926
+notified maintainer
+
+--
+
+network-manager-applet (CVE-2009-4144)
+#560067
+notified maintainer through initial bugreport
+
+CVE-2009-4145
+#563371
+notified maintainer through initial bugreport
+
+--
+
+ntop (CVE-2009-2732)
+#543312
+notified maintainer through initial bugreport
+
+--
+
+phpbb3 (CVE-2010-1630, 1627)
+
+--
+
+postfix (CVE-2009-2939)
+notified maintainer
+
+--
+
+proftpd-dfsg (CVE-2008-7265)
+
+--
+
+puppet (CVE-2009-3564, CVE-2010-0156)
+
+--
+
+python-numpy (CVE-2010-XXXX [numpy memory corruption])
+#581058
+http://projects.scipy.org/numpy/changeset/8364
+
+--
+
+roaraudio (CVE-2010-3362)
+#598295
+
+--
+
+ruby1.8 (CVE-2010-0541)
+
+--
+
+ruby1.9 (CVE-2010-0541)
+
+--
+
+squid (CVE-2009-0801)
+#521053
+notified maintainer
+
+--
+
+squid3 (CVE-2009-0801)
+#521052
+notified maintainer
+
+--
+
+tangerine (CVE-2010-3381)
+#598302
+
+--
+
+t-prot (CVE-2009-4404)
+notified maintainer
+
+--
+
+texmacs (CVE-2010-3394)
+#598424
+
+--
+
+tomcat-native (CVE-2009-3555)
+
+--
+
+torcs (CVE-2010-3384)
+#598306
+
+--
+
+net-snmp (CVE-2008-6123)
+Noah will see to it.
+
+--
+
+ocsinventory-server (CVE-2009-3040, CVE-2009-3042, CVE-2009-1443)
+#541995
+notified maintainer
+
+--
+
+offlineimap (CVE-2010-4533, CVE-2010-4532)
+#606962
+
+--
+
+openldap
+#253838
+notified maintainer
+
+--
+
+overkill (no CVE yet)
+#549310
+
+--
+
+owl (CVE-2009-0363)
+#515118
+notified maintainer
+
+--
+
+pam (CVE-2009-0579)
+#514437
+asked maintainer in mail
+
+CVE-2010-4708/CVE-2010-4707/CVE-2010-4706
+
+--
+
+pidgin (CVE-2009-1889, CVE-2009-3085)
+#535790
+http://developer.pidgin.im/ticket/9483
+http://developer.pidgin.im/viewmtn/revision/info/9bac0a540156fb1848eedd61c8630737dee752c7
+notified maintainer
+
+--
+
+pptp-linux (no CVE)
+#523476
+Ola will prepare a fix in a point update
+
+--
+
+prewikka (CVE-2010-2058)
+#584469
+
+
+--
+
+puppet (CVE-2009-3564)
+#551073
+notified maintainer in initial bug report
+
+CVE-2010-0156
+#https://bugzilla.redhat.com/show_bug.cgi?id=502881
+notified maintainer
+
+--
+
+python-4suite (CVE-2009-3560, CVE-2009-3720)
+#560914
+notified maintainer
+
+--
+
+python-cjson (CVE-2009-4924)
+#593302
+
+--
+
+python2.4 (CVE-2010-2089, CVE-2010-1634, CVE-2010-1450, CVE-2010-1449, CVE-2009-4134)
+
+
+--
+
+python2.5 (CVE-2010-2089, CVE-2010-1634, CVE-2010-1450, CVE-2010-1449, CVE-2009-4134, CVE-2010-3493)
+
+--
+
+qtparted (CVE-2010-3375)
+#598301
+
+--
+
+rails (CVE-2009-3086)
+bug #545063
+notified maintainer
+
+--
+
+scilab (CVE-2010-3378)
+#598423; #598422
+
+--
+
+shibboleth-sp2: world-readable key (no CVE)
+#571631
+notified maintainer through bugreport
+
+--
+
+snappea
+#605151
+
+--
+
+squid (CVE-2010-0639)
+#572553
+Maintainer notified through initial bugreport
+
+--
+
+squid3 (CVE-2010-0639)
+#572554
+Maintainer notified through initial bugreport
+
+--
+
+sqlite
+#566326
+
+--
+
+tau (CVE-2008-5157)
+#506348
+notified maintainer
+
+--
+
+teamspeak-client
+#598304
+
+--
+
+teamspeak-server
+#598305
+
+--
+
+trac (CVE-2009-4405)
+notified maintainer
+
+--
+
+udev (#462655)
+notified maintainer
+
+--
+
+planet (CVE-2009-2937)
+bug #546178
+notified maintainer through initial bugreport
+
+--
+
+w3m (CVE-2010-2074)
+maintainer notified through bug report
+
+--
+
+webkit (CVE-2008-4724)
+#520052
+asked maintainer
+
+--
+
+xemacs21 (CVE-2008-2142)
+bug #480877
+notified maintainer
+
+xemacs21 (CVE-2009-2688)
+#540470
+Patches at https://bugzilla.redhat.com/show_bug.cgi?id=511994
+notified maintainer
+
+--
+
+xen-3 (CVE-2008-4993)
+#496367
+notified maintainer
+
+--
+
+xerces-c2 (CVE-2009-1885)
+#541986
+notified maintainer
+
+--
+
+xfig
+25_mkstemp added in 1:3.2.5.a-1
+notified maintainer
+
+CVE-2009-4228/CVE-2009-4227
+#559274)
+https://bugzilla.redhat.com/show_bug.cgi?id=543905
+notified maintainer
+
+--
+
+xmp (CVE-2007-6731, CVE-2007-6732)
+#546730
+notified maintainer
+
+--
+
+ytnef (CVE-2009-3887, CVE-2009-3721)
+notified maintainer
+
+--
+
+ziproxy (CVE-2009-0804)
+#521051
+notified maintainer
+
+--
+
+zope2.10 (no CVE)
+https://mail.zope.org/pipermail/zope-announce/2010-January/002229.html
+
+--
+
+zoph (CVE-2008-6838, CVE-2008-6837, CVE-2009-2343)
+http://sourceforge.net/tracker/?func=detail&aid=2815898&group_id=69353&atid=524249
+http://sourceforge.net/project/shownotes.php?group_id=69353&release_id=694128
+notified maintainer
+
Deleted: data/spu-candidates.txt
===================================================================
--- data/spu-candidates.txt 2011-02-02 20:21:30 UTC (rev 16034)
+++ data/spu-candidates.txt 2011-02-02 20:22:09 UTC (rev 16035)
@@ -1,757 +0,0 @@
-This file records minor security issues, which do not warrant a DSA,
-but which could be fixed in a stable point update if people feel like
-it. If someone wants to address these, please add a note about it
-and get in contact with debian-release at lists.debian.org
-
-
---
-
-abcm2ps (no CVE)
-#577014
-
-
---
-
-acidbase (CVE-2009-4590, CVE-2009-4591, CVE-2009-4592)
-notified maintainer
-
-CVE-2009-4839 CVE-2009-4838 CVE-2009-4837
-maintainer contacted us, notified about spu status
-
---
-
-acl (CVE-2009-4411)
-#499076
-notified maintainer
-
---
-
-asterisk (CVE-2009-0041)
-#513413
-notified maintainer
-
-asterisk (CVE-2008-3903)
-#522528
-notified maintainer
-
---
-
-avahi (CVE-2009-0758)
-#517683
-notified maintainer
-
---
-
-babel (CVE-2009-3736)
-#559843
-notified maintainer
-
---
-
-bugzilla (CVE-2009-0481 to CVE-2009-0485)
-notified maintainer
-
-CVE-2010-1204
-notified maintainer through initial bugreport
-
---
-
-buildbot (CVE-2009-2959, CVE-2009-2967)
-#543822
-notified maintainer
-
---
-
-calendarserver
-#605157
-
---
-
-centerim
-CVE-2009-3720
-
---
-
-compiz-fusion-plugins-main (CVE-2008-6514)
-notified maintainer
-
---
-
-couchdb (CVE-2010-0009)
-#576304
-notified maintainer
-
---
-
-cron: Incomplete fix for CVE-2006-2607 (setgid() and initgroups() not checked
-#528434
-notified maintainer
-
---
-
-cups (CVE-2009-3553)
-#557740
-maintainer notified in initial bug report
-Initial patch was incomplete;
-
-cups (CVE-2010-0302)
-#572940
-notified maintainer
-
---
-
-dbus-glib (CVE-2010-1172)
-#592753
-
---
-
-devil (CVE-2009-3994)
-#560080
-notified maintainer
-
---
-
-dopewars (CVE-2009-3591)
-#550913
-notified maintainer
-
---
-
-dropbox (CVE-2010-3354)
-bug #598287
-
---
-
-dstat (CVE-2009-3894)
-http://svn.rpmforge.net/svn/trunk/tools/dstat/ChangeLog
-notified maintainer
-
-dstat (CVE-2009-4081)
-#559667
-notified maintainer
-
---
-
-evolution (CVE-2009-1631)
-#526409
-notified maintainer through initial bugreport
-
---
-
-exim4 (CVE-2010-2023, CVE-2010-2024)
-notified maintainers
-
---
-
-fastjar (CVE-2010-0831, CVE-2010-2322)
-
---
-
-fcron (CVE-2010-0791)
-#572587
-notified maintainer through initial bugreport
-
---
-
-flash-kernel temp file handling (fixed in 2.33)
-
-
---
-
-gnome-shell (CVE-2010-4000)
-
---
-
-gnome-subtitles (CVE-2010-3357)
-#598289
-
---
-
-CVE-2008-XXXX [greylistd bypass]
-#464084
-
---
-
-ika (CVE-2010-3361)
-#5982925B
-notified maintainer
-
---
-
-imp4 (CVE-2010-0463)
-#569661
-notified maintainer
-
---
-
-libgnucrypto-java (CVE-2008-5659)
-#559789
-removed
-
---
-
-gnome-schedule
-#605169
-
---
-
-gnucash (CVE-2010-3999)
-#603329
-
---
-
-gnumed-client
-#605159
-
---
-
-gnutls26 (CVE-2009-1417)
-#531614
-notified maintainer
-
---
-
-gri (no CVE)
-fixed in gri 2.12.18-1:
-"Improve security when creating temporary files."
-notified maintainer
-
---
-
-gupnp (CVE-2009-2174)
-#534594
-notified maintainer
-
---
-
-htmldoc (CVE-2009-3050)
-#537637
-notified maintainer through initial bugreport
-
---
-
-hypermail (CVE-2010-4339)
-#598743
-
---
-
-hypre (CVE-2009-3736)
-#559834
-notified maintainer
-
---
-
-iceweasel (CVE-2009-0777)
-#576466
-notified maintainer
-
---
-
-ironpython
-#605158
-
---
-
-kde4libs (CVE-2009-2702)
-#546218
-notified maintainer
-
-kde4libs (CVE-2009-0689)
-notified maintainer
-
---
-
-kfreebsd-6
-[freebsd Missing permission check on SIOCSIFINFO_IN6 ioctl]
-http://security.freebsd.org/advisories/FreeBSD-SA-09:10.ipv6.asc
-notified maintainer
-
-[freebsd Local information disclosure via direct pipe writes] (CVE-2009-1935)
-http://security.freebsd.org/advisories/FreeBSD-SA-09:09.pipe.asc
-notified maintainer
-
---
-
-kfreebsd-7
-[freebsd Missing permission check on SIOCSIFINFO_IN6 ioctl]
-http://security.freebsd.org/advisories/FreeBSD-SA-09:10.ipv6.asc
-notified maintainer
-
-[freebsd Local information disclosure via direct pipe writes] (CVE-2009-1935)
-http://security.freebsd.org/advisories/FreeBSD-SA-09:09.pipe.asc
-notified maintainer
-
---
-
-kvm 82-1 (CVE-2008-5714)
-#509997
-notified maintainer
-
---
-
-lcms (CVE-2009-0793)
-notified maintainer through initial bugreport
-
---
-
-libesmtp (CVE-2010-1192)
-#572960
-maintainer contacted us, notified about spu status
-
---
-
-libnss-db (CVE-2010-0826)
-#577057
-
---
-
-liboggz (CVE-2009-3377)
-Fixed in 0.9.9-1
-Too intrusive to backport, needs to be updated to 0.9.9. Requires additional rebuild of rev dep.
-
---
-
-libpam-ssh (CVE-2009-1273)
-#535877
-maintainer notified through initial bug report, said he would work on an update
-
---
-
-libglpng (CVE-2010-1516)
-
---
-
-libpoe-component-irc-perl
-#581194
-maintainer contacted us
-
---
-
-libsndfile
-potential dos via crafted input
-#530831
-notified maintainer
-
---
-
-libvorbis (CVE-2008-2009)
-notified maintainer and release team
-
---
-
-libstruts1.2-java (CVE-2008-2025)
-#528352
-notified maintainer
-
---
-
-linux-ftpd: null ptr dereference
-#572813
-notified maintainer
-
---
-
-logrotate [logrotate race condition could lead to file disclosure]
-Fixed in sid in 3.7.8-4
-
---
-
-makepasswd (no CVE ID)
-#564559
-notified maintainer
-
---
-
-mako (CVE-2010-2480)
-http://bugs.python.org/issue9061
-
---
-
-mapserver (CVE-2010-3484, CVE-2010-3485)
-fixed in 5.6.4-1
-
---
-
-maradns
-http://maradns.org/download/maradns-1.4.02-parse_segfault.patch
-notified maintainer
-
---
-
-matrixssl
-CVE-2009-3555
-
-
---
-
-memcached (CVE-2009-1255)
-notified maintainer
-
---
-
-mercurial (CVE-2010-4237)
-#598841
-
---
-
-mimedecode
-potential dos/crash due to invalid input
-orphaned
-#530430
-
---
-
-mingetty
-#597382
-
---
-
-mono-debugger (CVE-2010-3369)
-#598299
-
---
-
-mpg123 (CVE-2009-1301)
-notified maintainer
-
---
-
-neon27 (CVE-2009-2474)
-#542926
-notified maintainer
-
---
-
-neon26 (CVE-2009-2474)
-#542926
-notified maintainer
-
---
-
-network-manager-applet (CVE-2009-4144)
-#560067
-notified maintainer through initial bugreport
-
-CVE-2009-4145
-#563371
-notified maintainer through initial bugreport
-
---
-
-ntop (CVE-2009-2732)
-#543312
-notified maintainer through initial bugreport
-
---
-
-phpbb3 (CVE-2010-1630, 1627)
-
---
-
-postfix (CVE-2009-2939)
-notified maintainer
-
---
-
-proftpd-dfsg (CVE-2008-7265)
-
---
-
-puppet (CVE-2009-3564, CVE-2010-0156)
-
---
-
-python-numpy (CVE-2010-XXXX [numpy memory corruption])
-#581058
-http://projects.scipy.org/numpy/changeset/8364
-
---
-
-roaraudio (CVE-2010-3362)
-#598295
-
---
-
-ruby1.8 (CVE-2010-0541)
-
---
-
-ruby1.9 (CVE-2010-0541)
-
---
-
-squid (CVE-2009-0801)
-#521053
-notified maintainer
-
---
-
-squid3 (CVE-2009-0801)
-#521052
-notified maintainer
-
---
-
-tangerine (CVE-2010-3381)
-#598302
-
---
-
-t-prot (CVE-2009-4404)
-notified maintainer
-
---
-
-texmacs (CVE-2010-3394)
-#598424
-
---
-
-tomcat-native (CVE-2009-3555)
-
---
-
-torcs (CVE-2010-3384)
-#598306
-
---
-
-net-snmp (CVE-2008-6123)
-Noah will see to it.
-
---
-
-ocsinventory-server (CVE-2009-3040, CVE-2009-3042, CVE-2009-1443)
-#541995
-notified maintainer
-
---
-
-offlineimap (CVE-2010-4533, CVE-2010-4532)
-#606962
-
---
-
-openldap
-#253838
-notified maintainer
-
---
-
-overkill (no CVE yet)
-#549310
-
---
-
-owl (CVE-2009-0363)
-#515118
-notified maintainer
-
---
-
-pam (CVE-2009-0579)
-#514437
-asked maintainer in mail
-
-CVE-2010-4708/CVE-2010-4707/CVE-2010-4706
-
---
-
-pidgin (CVE-2009-1889, CVE-2009-3085)
-#535790
-http://developer.pidgin.im/ticket/9483
-http://developer.pidgin.im/viewmtn/revision/info/9bac0a540156fb1848eedd61c8630737dee752c7
-notified maintainer
-
---
-
-pptp-linux (no CVE)
-#523476
-Ola will prepare a fix in a point update
-
---
-
-prewikka (CVE-2010-2058)
-#584469
-
-
---
-
-puppet (CVE-2009-3564)
-#551073
-notified maintainer in initial bug report
-
-CVE-2010-0156
-#https://bugzilla.redhat.com/show_bug.cgi?id=502881
-notified maintainer
-
---
-
-python-4suite (CVE-2009-3560, CVE-2009-3720)
-#560914
-notified maintainer
-
---
-
-python-cjson (CVE-2009-4924)
-#593302
-
---
-
-python2.4 (CVE-2010-2089, CVE-2010-1634, CVE-2010-1450, CVE-2010-1449, CVE-2009-4134)
-
-
---
-
-python2.5 (CVE-2010-2089, CVE-2010-1634, CVE-2010-1450, CVE-2010-1449, CVE-2009-4134, CVE-2010-3493)
-
---
-
-qtparted (CVE-2010-3375)
-#598301
-
---
-
-rails (CVE-2009-3086)
-bug #545063
-notified maintainer
-
---
-
-scilab (CVE-2010-3378)
-#598423; #598422
-
---
-
-shibboleth-sp2: world-readable key (no CVE)
-#571631
-notified maintainer through bugreport
-
---
-
-snappea
-#605151
-
---
-
-squid (CVE-2010-0639)
-#572553
-Maintainer notified through initial bugreport
-
---
-
-squid3 (CVE-2010-0639)
-#572554
-Maintainer notified through initial bugreport
-
---
-
-sqlite
-#566326
-
---
-
-tau (CVE-2008-5157)
-#506348
-notified maintainer
-
---
-
-teamspeak-client
-#598304
-
---
-
-teamspeak-server
-#598305
-
---
-
-trac (CVE-2009-4405)
-notified maintainer
-
---
-
-udev (#462655)
-notified maintainer
-
---
-
-planet (CVE-2009-2937)
-bug #546178
-notified maintainer through initial bugreport
-
---
-
-w3m (CVE-2010-2074)
-maintainer notified through bug report
-
---
-
-webkit (CVE-2008-4724)
-#520052
-asked maintainer
-
---
-
-xemacs21 (CVE-2008-2142)
-bug #480877
-notified maintainer
-
-xemacs21 (CVE-2009-2688)
-#540470
-Patches at https://bugzilla.redhat.com/show_bug.cgi?id=511994
-notified maintainer
-
---
-
-xen-3 (CVE-2008-4993)
-#496367
-notified maintainer
-
---
-
-xerces-c2 (CVE-2009-1885)
-#541986
-notified maintainer
-
---
-
-xfig
-25_mkstemp added in 1:3.2.5.a-1
-notified maintainer
-
-CVE-2009-4228/CVE-2009-4227
-#559274)
-https://bugzilla.redhat.com/show_bug.cgi?id=543905
-notified maintainer
-
---
-
-xmp (CVE-2007-6731, CVE-2007-6732)
-#546730
-notified maintainer
-
---
-
-ytnef (CVE-2009-3887, CVE-2009-3721)
-notified maintainer
-
---
-
-ziproxy (CVE-2009-0804)
-#521051
-notified maintainer
-
---
-
-zope2.10 (no CVE)
-https://mail.zope.org/pipermail/zope-announce/2010-January/002229.html
-
---
-
-zoph (CVE-2008-6838, CVE-2008-6837, CVE-2009-2343)
-http://sourceforge.net/tracker/?func=detail&aid=2815898&group_id=69353&atid=524249
-http://sourceforge.net/project/shownotes.php?group_id=69353&release_id=694128
-notified maintainer
-
More information about the Secure-testing-commits
mailing list