Candidates for DTSAs

The table below lists packages which are fixed in unstable, but unfixed in testing. Use the testing migration checker to find out why they have not entered testing yet.

List of vulnerable packages in testing

Package	Migration	Bug	Urgency	Remote
elfutils	check	CVE-2018-16402	low	yes
		CVE-2018-16403	low	yes
		CVE-2018-18520	low	no
		CVE-2018-18521	low	no
		CVE-2018-16062	medium**	yes
		CVE-2018-18310	medium**	yes
gnutls28	check	CVE-2018-16868	not yet assigned	no
golang-1.10	check	CVE-2018-16873	not yet assigned	no
		CVE-2018-16874	not yet assigned	no
		CVE-2018-16875	not yet assigned	no
golang-1.11	check	CVE-2018-16873	not yet assigned	no
		CVE-2018-16874	not yet assigned	no
		CVE-2018-16875	not yet assigned	no
htslib	check	CVE-2018-13843	low	yes
		CVE-2018-13844	low	yes
		CVE-2018-13845	low	yes
linux	check	CVE-2018-14610	high**	yes
		CVE-2018-14611	high**	yes
		CVE-2018-14613	high**	yes
		CVE-2018-14614	high**	yes
		CVE-2018-14615	high**	yes
		CVE-2018-14616	high**	yes
		CVE-2018-1129	low**	yes
		CVE-2018-1128	medium**	yes
		CVE-2018-13096	medium**	yes
		CVE-2018-13097	medium**	yes
		CVE-2018-14625	medium**	no
		CVE-2018-16862	not yet assigned	no
		CVE-2018-18397	not yet assigned	no
		CVE-2018-19407	not yet assigned	no
		CVE-2018-19824	not yet assigned	no
		CVE-2018-20169	not yet assigned	no
mosquitto	check	CVE-2018-20145	not yet assigned	no
ntopng	check	CVE-2017-7416	medium**	yes
openjdk-8	check	CVE-2018-3136	low**	yes	(fixed in stable?)
		CVE-2018-3139	low**	yes	(fixed in stable?)
		CVE-2018-2952	medium**	yes	(fixed in stable?)
		CVE-2018-3149	medium**	yes	(fixed in stable?)
		CVE-2018-3169	medium**	yes	(fixed in stable?)
		CVE-2018-3180	medium**	yes	(fixed in stable?)
		CVE-2018-3183	medium**	yes	(fixed in stable?)
		CVE-2018-3214	medium**	yes	(fixed in stable?)
qemu	check	CVE-2018-11806	high**	no
		CVE-2018-17963	high**	yes
		CVE-2018-12617	low	yes
		CVE-2018-18954	low	no
		CVE-2018-15746	low**	no
		CVE-2018-18438	low**	no
		CVE-2018-17958	medium**	yes
		CVE-2018-17962	medium**	yes
		CVE-2018-10839	not yet assigned	no
		CVE-2018-16847	not yet assigned	no
		CVE-2018-16867	not yet assigned	no
		CVE-2018-18849	not yet assigned	?
		CVE-2018-19364	not yet assigned	no
		CVE-2018-19489	not yet assigned	no
radare2	check	CVE-2018-19842	low	no
		CVE-2018-19843	low	no
terminology	check	CVE-2018-20167	not yet assigned	no
wordpress	check	CVE-2018-20147	not yet assigned	no
		CVE-2018-20148	not yet assigned	no
		CVE-2018-20149	not yet assigned	no
		CVE-2018-20150	not yet assigned	no
		CVE-2018-20151	not yet assigned	no
		CVE-2018-20152	not yet assigned	no
		CVE-2018-20153	not yet assigned	no