| Release | Version |
|---|---|
| buster | 1:2.8-1 |
| bullseye | 1:2.15.2-1 |
| bookworm | 1:2.21-1 |
| sid | 1:2.21-1 |
| Bug | buster | bullseye | bookworm | sid | Description |
|---|---|---|---|---|---|
| CVE-2021-36377 | vulnerable (no DSA) | fixed | fixed | fixed | Fossil before 2.14.2 and 2.15.x before 2.15.2 often skips the hostname ... |
| CVE-2020-24614 | vulnerable (no DSA) | fixed | fixed | fixed | Fossil before 2.10.2, 2.11.x before 2.11.2, and 2.12.x before 2.12.1 a ... |
| Bug | Description |
|---|---|
| CVE-2022-34009 | Fossil 2.18 on Windows allows attackers to cause a denial of service ( ... |
| CVE-2017-17459 | http_transport.c in Fossil before 2.4, when the SSH sync protocol is u ... |