Candidates for DTSAs

The table below lists packages which are fixed in unstable, but unfixed in testing. Use the testing migration checker to find out why they have not entered testing yet.

List of vulnerable packages in testing

Package	Migration	Bug	Urgency	Remote
botan	check	CVE-2018-20187	not yet assigned	?
firmware-nonfree (non-free)	check	CVE-2018-5383	medium**	yes
libapache-poi-java	check	CVE-2017-5644	high**	yes
		CVE-2017-12626	medium**	yes
linux	check	CVE-2018-16882	not yet assigned	no
		CVE-2018-19985	not yet assigned	?
mumble	check	TEMP-0919249-E10379	not yet assigned	?
ncmpc	check	CVE-2018-9240	low	yes
ntopng	check	CVE-2017-7416	medium**	yes
ntpsec	check	CVE-2019-6442	not yet assigned	no
		CVE-2019-6443	not yet assigned	no
		CVE-2019-6444	not yet assigned	no
		CVE-2019-6445	not yet assigned	no
openjdk-8	check	CVE-2018-3136	low**	yes	(fixed in stable?)
		CVE-2018-3139	low**	yes	(fixed in stable?)
		CVE-2018-2952	medium**	yes	(fixed in stable?)
		CVE-2018-3149	medium**	yes	(fixed in stable?)
		CVE-2018-3169	medium**	yes	(fixed in stable?)
		CVE-2018-3180	medium**	yes	(fixed in stable?)
		CVE-2018-3183	medium**	yes	(fixed in stable?)
		CVE-2018-3214	medium**	yes	(fixed in stable?)
php-pear	check	CVE-2018-1000888	not yet assigned	no
rails	check	CVE-2018-16476	medium**	yes
		CVE-2018-16477	medium**	yes
virtualbox (contrib)	check	CVE-2019-2446	not yet assigned	no
virtualbox (contrib)		CVE-2019-2448	not yet assigned	no
virtualbox (contrib)		CVE-2019-2450	not yet assigned	no
virtualbox (contrib)		CVE-2019-2451	not yet assigned	no
virtualbox (contrib)		CVE-2019-2500	not yet assigned	no
virtualbox (contrib)		CVE-2019-2501	not yet assigned	no
virtualbox (contrib)		CVE-2019-2504	not yet assigned	no
virtualbox (contrib)		CVE-2019-2505	not yet assigned	no
virtualbox (contrib)		CVE-2019-2506	not yet assigned	no
virtualbox (contrib)		CVE-2019-2508	not yet assigned	no
virtualbox (contrib)		CVE-2019-2509	not yet assigned	no
virtualbox (contrib)		CVE-2019-2511	not yet assigned	no
virtualbox (contrib)		CVE-2019-2520	not yet assigned	no
virtualbox (contrib)		CVE-2019-2521	not yet assigned	no
virtualbox (contrib)		CVE-2019-2522	not yet assigned	no
virtualbox (contrib)		CVE-2019-2523	not yet assigned	no
virtualbox (contrib)		CVE-2019-2524	not yet assigned	no
virtualbox (contrib)		CVE-2019-2525	not yet assigned	no
virtualbox (contrib)		CVE-2019-2526	not yet assigned	no
virtualbox (contrib)		CVE-2019-2527	not yet assigned	no
virtualbox (contrib)		CVE-2019-2548	not yet assigned	no
virtualbox (contrib)		CVE-2019-2552	not yet assigned	no
virtualbox (contrib)		CVE-2019-2553	not yet assigned	no
virtualbox (contrib)		CVE-2019-2554	not yet assigned	no
virtualbox (contrib)		CVE-2019-2555	not yet assigned	no
virtualbox (contrib)		CVE-2019-2556	not yet assigned	no
virtualbox (contrib)		CVE-2019-3309	not yet assigned	?
zeromq3	check	CVE-2019-6250	not yet assigned	no