Vulnerable source packages in the unstable suite

Note that the list below is based on source packages. This means that packages are not listed here once a new, fixed source version has been uploaded to the archive, even if there are still some vulnerably binary packages present in the archive.

Package	Bug	Urgency	Remote
acidbase	CVE-2012-1017	high**	yes
	CVE-2012-1198	high**	yes
	CVE-2012-1199	high**	yes
backuppc	CVE-2011-5081	low	yes
chromium-browser	CVE-2011-2599	medium**	yes
	CVE-2011-3015	high**	yes
	CVE-2011-3083	not yet assigned	???
	CVE-2011-3084	not yet assigned	???
	CVE-2011-3085	not yet assigned	???
	CVE-2011-3086	not yet assigned	???
	CVE-2011-3087	not yet assigned	???
	CVE-2011-3088	not yet assigned	???
	CVE-2011-3089	not yet assigned	???
	CVE-2011-3090	not yet assigned	???
	CVE-2011-3091	not yet assigned	???
	CVE-2011-3093	not yet assigned	???
	CVE-2011-3094	not yet assigned	???
	CVE-2011-3095	not yet assigned	???
	CVE-2011-3096	not yet assigned	???
	CVE-2011-3097	not yet assigned	???
	CVE-2011-3099	not yet assigned	???
	CVE-2011-3100	not yet assigned	???
	CVE-2011-3101	not yet assigned	???
	CVE-2011-3389	medium**	yes
	CVE-2011-3640	low	yes
	CVE-2012-0695	high**	yes
clamav	CVE-2012-1419	low	yes
	CVE-2012-1443	low	yes
	CVE-2012-1457	low	yes
	CVE-2012-1458	low	yes
	CVE-2012-1459	low	yes
connman	CVE-2012-2320	not yet assigned	???
	CVE-2012-2321	not yet assigned	???
	CVE-2012-2322	not yet assigned	???
djbdns	CVE-2008-4392	high	yes
dokuwiki	CVE-2012-2128	not yet assigned	???
dotclear	CVE-2011-5083	low	yes
eglibc	CVE-2011-1658	low	no
	CVE-2011-4609	low	???
elixir	CVE-2012-2146	low	???
flightgear	CVE-2012-2090	low	???
	CVE-2012-2091	not yet assigned	???
fprobe	TEMP-0322699-57F099	low	???
gajim	CVE-2012-2093	low	???
gridengine	CVE-2012-0523	high**	no
horde3	CVE-2012-0909	medium**	yes
iceape	CVE-2011-1187	low	yes
	CVE-2012-0475	low	yes
icecast2	CVE-2011-4612	not yet assigned	???
icedove	CVE-2011-1187	low	yes
	CVE-2012-0442	high**	yes
	CVE-2012-0444	high**	yes
	CVE-2012-0445	medium**	yes
	CVE-2012-0446	medium**	yes
	CVE-2012-0447	medium**	yes
	CVE-2012-0449	high**	yes
	CVE-2012-0450	low**	no
	CVE-2012-0451	medium**	yes
	CVE-2012-0455	medium**	yes
	CVE-2012-0456	medium**	yes
	CVE-2012-0457	high**	yes
	CVE-2012-0458	medium**	yes
	CVE-2012-0459	high**	yes
	CVE-2012-0460	medium**	yes
	CVE-2012-0461	high**	yes
	CVE-2012-0462	high**	yes
	CVE-2012-0464	high**	yes
icedtea-web	CVE-2011-2513	not yet assigned	???
iceweasel	CVE-2011-1187	low	yes
	CVE-2012-0475	low	yes
imp4	CVE-2012-0791	medium**	yes
	CVE-2012-0909	medium**	yes
inkscape	TEMP-0654341-5A7001	low	???
jruby	CVE-2011-4838	high**	yes
kde4libs	CVE-2011-3365	medium**	yes
kdenetwork	CVE-2011-1586	medium**	yes
kolab-cyrus-imapd	CVE-2011-3208	medium	yes
	CVE-2011-3372	medium	yes
	CVE-2011-3481	medium**	yes
libarchive	CVE-2010-4666	high**	yes
	CVE-2011-1779	high**	yes
libcloud	CVE-2010-4340	low	yes
libconfig-inifiles-perl	CVE-2012-2451	low	???
libggi	TEMP-0608981-E607B0	not yet assigned	???
libparallel-forkmanager-perl	CVE-2011-4115	low	???
libproc-processtable-perl	CVE-2011-4363	low	???
libsoup2.4	CVE-2012-2132	low	???
libspring-java	CVE-2011-2894	medium**	yes
libspring-security-2.0-java	CVE-2011-2731	not yet assigned	???
	CVE-2011-2732	not yet assigned	???
	CVE-2011-2894	medium**	yes
libv8	CVE-2011-2875	high**	yes
	CVE-2011-2881	medium**	yes
	CVE-2011-3057	medium**	yes
	CVE-2011-3092	not yet assigned	???
libvorbisidec	CVE-2007-3106	medium**	yes
	CVE-2007-4029	medium**	yes
	CVE-2007-4065	medium**	yes
	CVE-2007-4066	medium**	yes
	CVE-2008-1419	medium**	yes
	CVE-2008-1420	medium**	yes
	CVE-2008-1423	high**	yes
	CVE-2008-2009	medium**	yes
	CVE-2009-2663	high**	yes
	CVE-2009-3379	high**	yes
	CVE-2012-0444	high**	yes
libx11	CVE-2006-0197	low	yes
libzip	CVE-2012-1162	not yet assigned	???
	CVE-2012-1163	not yet assigned	???
linux-2.6	CVE-2011-1747	low	no
	CVE-2011-4086	low	???
	CVE-2011-4127	not yet assigned	???
	CVE-2011-4347	not yet assigned	???
	CVE-2011-4604	not yet assigned	???
	CVE-2012-2119	not yet assigned	???
	CVE-2012-2133	not yet assigned	???
	CVE-2012-2313	not yet assigned	???
mathopd	CVE-2012-1050	low	yes
mediawiki	CVE-2012-1581	not yet assigned	???
	CVE-2012-1582	not yet assigned	???
mojarra	CVE-2010-2087	medium**	yes
moodle	CVE-2012-1104	not yet assigned	???
	CVE-2012-1105	not yet assigned	???
munin	CVE-2012-2103	not yet assigned	???
	CVE-2012-2104	not yet assigned	???
	CVE-2012-2147	not yet assigned	???
mysql-5.1	CVE-2008-7247	low	yes
	CVE-2012-0882	not yet assigned	???
	CVE-2012-2102	low	???
mysql-5.5	CVE-2012-2102	low	???
nagios3	CVE-2011-2477	low**	yes
ncpfs	CVE-2011-1679	low	no
	CVE-2011-1680	low	no
net-snmp	CVE-2012-2141	not yet assigned	???
network-manager	CVE-2006-7246	not yet assigned	???
	CVE-2012-1096	not yet assigned	???
nspluginwrapper (contrib)	CVE-2011-2486	not yet assigned	???
obby	CVE-2011-4092	low	???
ocaml	CVE-2012-0839	low	yes
offlineimap	CVE-2010-4533	low	???
okular	CVE-2010-2575	low	yes
openjpeg	CVE-2009-5030	medium	???
openldap	CVE-2012-1164	low	???
openssl	CVE-2011-1473	not yet assigned	???
pam-shield	CVE-2012-2350	low	???
pastescript	CVE-2012-0878	low	yes
php5	CVE-2010-4657	low	???
pidgin-otr	CVE-2012-2369	medium	???
polipo	CVE-2011-3596	not yet assigned	???
python2.6	CVE-2011-1015	low	yes
	CVE-2011-4944	not yet assigned	???
	CVE-2012-0845	not yet assigned	???
python2.7	CVE-2012-0845	not yet assigned	???
python3.2	CVE-2012-0845	not yet assigned	???
	CVE-2012-2135	not yet assigned	???
qpid-cpp	CVE-2011-3620	high**	yes
	CVE-2012-2145	not yet assigned	???
rampart	CVE-2011-2329	medium**	yes
rocksndiamonds (contrib)	CVE-2011-4606	low**	no
ruby-actionpack-2.3	CVE-2012-1098	medium**	yes
ruby1.8	CVE-2011-3624	low	???
ruby1.9.1	CVE-2011-2686	low	yes
	CVE-2011-2705	low	yes
	CVE-2011-3624	low	???
rubygems	CVE-2012-2125	not yet assigned	???
	CVE-2012-2126	not yet assigned	???
samba4	CVE-2012-0817	medium**	yes
sbuild	TEMP-0661037-1A43A9	not yet assigned	???
serendipity	CVE-2011-1133	not yet assigned	???
	CVE-2011-1134	not yet assigned	???
	CVE-2011-1135	not yet assigned	???
	CVE-2011-4090	not yet assigned	???
	CVE-2012-2331	medium	???
	CVE-2012-2332	medium	???
simgear	CVE-2012-2090	low	???
socat	CVE-2012-0219	not yet assigned	???
spip	TEMP-0000000-42228B	not yet assigned	???
swftools	CVE-2007-3387	medium**	yes
	CVE-2007-4352	medium	yes
	CVE-2007-5392	medium	yes
	CVE-2007-5393	medium	yes
	CVE-2009-0146	medium	yes
	CVE-2009-0147	medium	yes
	CVE-2009-0166	medium	yes
	CVE-2009-0799	medium	yes
	CVE-2009-0800	medium	yes
	CVE-2009-1179	medium	yes
	CVE-2009-1180	medium	yes
	CVE-2009-1181	medium	yes
	CVE-2009-1182	medium	yes
	CVE-2009-1183	medium	yes
	CVE-2009-1188	medium**	yes
	CVE-2009-3603	medium	yes
	CVE-2009-3604	medium	yes
	CVE-2009-3606	medium	yes
	CVE-2009-3608	medium	yes
	CVE-2009-3609	medium	yes
	CVE-2009-4035	high**	yes
sympa	CVE-2012-2352	high	???
system-config-printer	CVE-2011-2899	low	yes
texlive-extra	CVE-2012-2120	low	???
tiff	CVE-2010-4665	medium**	yes
	TEMP-0668087-2BC9BC	low	???
typo3-src	CVE-2012-2112	not yet assigned	???
udns	CVE-2008-1447	medium**	yes
viewvc	CVE-2009-5024	medium**	yes
webkit	CVE-2010-1806	high**	yes
	CVE-2010-1825	high**	yes
	CVE-2010-3249	high**	yes
	CVE-2010-4205	high**	yes
	CVE-2011-0471	high**	yes
	CVE-2011-0473	high**	yes
	CVE-2011-0478	high**	yes
	CVE-2011-0777	high**	yes
	CVE-2011-0981	high**	yes
	CVE-2011-0982	high**	yes
	CVE-2011-1109	high**	yes
	CVE-2011-1111	high**	yes
	CVE-2011-1115	high**	yes
	CVE-2011-1116	high**	yes
	CVE-2011-1117	high**	yes
	CVE-2011-1118	medium**	yes
	CVE-2011-1121	high**	yes
	CVE-2011-1185	high**	yes
	CVE-2011-1189	high**	yes
	CVE-2011-1190	medium**	yes
	CVE-2011-1203	high**	yes
	CVE-2011-1204	low	yes
	CVE-2011-1290	high**	yes
	CVE-2011-1774	high**	yes
	CVE-2011-2830	high**	yes
	CVE-2011-3389	medium**	yes
	TEMP-0000000-F56399	low	???
	TEMP-0579136-23AF31	low	???
wordpress	CVE-2011-4898	medium**	yes
	CVE-2011-4899	high**	yes
	CVE-2012-0782	medium**	yes
wpasupplicant	CVE-2006-7246	not yet assigned	???
	CVE-2012-1096	not yet assigned	???
x11-apps	TEMP-0321447-C22A86	low	???
xen	CVE-2012-0029	medium	yes
xinetd	CVE-2012-0862	not yet assigned	???
xorg-server	CVE-2012-2118	not yet assigned	???

If a "**" is included, the urgency field was automatically assigned by the NVD (National Vulnerability Database). Note that this rating is automatically derived from a set of known factors about the issue (such as access complexity, confidentiality impact, exploitability, remediation level, and others). Human intervention is involved in determining the values of these factors, but the rating itself comes from a fully automated formula.

Home - Testing Security Team - Debian Security - Source (SVN)