Vulnerable source packages in the testing suite

Candidates for DTSAs

Package	Bug	Urgency	Remote	Status
389-ds-base	CVE-2016-5416	medium**	yes	unstable is vulnerable
accountsservice	CVE-2012-6655	low	?	unstable is vulnerable
ansible	CVE-2017-7473	not yet assigned	?	unstable is vulnerable
	CVE-2017-7481	not yet assigned	?	unstable is vulnerable
apache2	CVE-2017-3167	not yet assigned	no	fixed in unstable
	CVE-2017-3169	not yet assigned	no	fixed in unstable
	CVE-2017-7659	not yet assigned	?	fixed in unstable
	CVE-2017-7668	not yet assigned	no	fixed in unstable
	CVE-2017-7679	not yet assigned	no	fixed in unstable
apng2gif	CVE-2017-6960	medium**	yes	unstable is vulnerable
	CVE-2017-6961	medium**	yes	unstable is vulnerable
	CVE-2017-6962	medium**	yes	unstable is vulnerable
arc	TEMP-0774439-ECBE09	low	?	unstable is vulnerable
	TEMP-0774527-3B586F	low	?	unstable is vulnerable
avahi	CVE-2017-6519	medium**	yes	unstable is vulnerable
batik	CVE-2017-5662	high**	yes	unstable is vulnerable
bind9	CVE-2016-6170	medium**	yes	unstable is vulnerable
binutils	CVE-2017-9040	low	yes	unstable is vulnerable
	CVE-2017-9042	low	yes	unstable is vulnerable
	CVE-2017-9043	low	yes	unstable is vulnerable
	CVE-2017-9044	low	yes	unstable is vulnerable
	CVE-2017-9742	low	no	unstable is vulnerable
	CVE-2017-9743	low	no	unstable is vulnerable
	CVE-2017-9744	low	no	unstable is vulnerable
	CVE-2017-9745	low	no	unstable is vulnerable
	CVE-2017-9746	low	no	unstable is vulnerable
	CVE-2017-9747	low	no	unstable is vulnerable
	CVE-2017-9748	low	no	unstable is vulnerable
	CVE-2017-9749	low	no	unstable is vulnerable
	CVE-2017-9750	low	no	unstable is vulnerable
	CVE-2017-9751	low	no	unstable is vulnerable
	CVE-2017-9752	low	no	unstable is vulnerable
	CVE-2017-9753	low	no	unstable is vulnerable
	CVE-2017-9754	low	no	unstable is vulnerable
	CVE-2017-9755	low	no	unstable is vulnerable
	CVE-2017-9756	low	no	unstable is vulnerable
bluez	CVE-2016-9797	medium**	yes	unstable is vulnerable
	CVE-2016-9798	medium**	yes	unstable is vulnerable
	CVE-2016-9799	medium**	yes	unstable is vulnerable
	CVE-2016-9800	medium**	yes	unstable is vulnerable
	CVE-2016-9801	medium**	yes	unstable is vulnerable
	CVE-2016-9802	medium**	yes	unstable is vulnerable
	CVE-2016-9803	medium**	yes	unstable is vulnerable
	CVE-2016-9804	medium**	yes	unstable is vulnerable
	CVE-2016-9917	medium**	yes	unstable is vulnerable
	CVE-2016-9918	medium**	yes	unstable is vulnerable
bundler	CVE-2016-7954	high**	yes	unstable is vulnerable
busybox	CVE-2016-2148	high**	yes	unstable is vulnerable
	CVE-2016-2147	medium**	yes	unstable is vulnerable
	CVE-2011-5325	not yet assigned	?	unstable is vulnerable
	TEMP-0803097-A74121	not yet assigned	?	unstable is vulnerable
byzanz	CVE-2015-2785	low	yes	unstable is vulnerable
c-ares	CVE-2017-1000381	not yet assigned	?	unstable is vulnerable
cargo	CVE-2016-10128	high**	yes	unstable is vulnerable
	CVE-2016-10129	medium**	yes	unstable is vulnerable
	CVE-2016-10130	medium**	yes	unstable is vulnerable
	CVE-2016-8568	medium**	yes	unstable is vulnerable
	CVE-2016-8569	medium**	yes	unstable is vulnerable
ceph	CVE-2017-7519	not yet assigned	?	unstable is vulnerable
check-mk	CVE-2017-9781	not yet assigned	?	unstable is vulnerable
chef	CVE-2015-8559	not yet assigned	?	unstable is vulnerable
chicken	CVE-2016-6830	high**	yes	unstable is vulnerable
	CVE-2016-9954	low	yes	unstable is vulnerable
	CVE-2017-9334	low	yes	unstable is vulnerable
	CVE-2016-6831	medium**	yes	unstable is vulnerable
	CVE-2017-6949	medium**	yes	unstable is vulnerable
chromium-browser	CVE-2017-5087	not yet assigned	?	fixed in unstable
	CVE-2017-5088	not yet assigned	?	fixed in unstable
	CVE-2017-5089	not yet assigned	?	fixed in unstable
collectd	CVE-2017-7401	medium**	yes	unstable is vulnerable
coreutils	CVE-2016-2781	low**	no	unstable is vulnerable
cron	CVE-2017-9525	not yet assigned	no	unstable is vulnerable
dcraw	CVE-2015-8366	not yet assigned	?	unstable is vulnerable
dokuwiki	CVE-2016-7964	medium**	yes	unstable is vulnerable
	CVE-2016-7965	medium**	yes	unstable is vulnerable
dolibarr	CVE-2017-7886	high**	yes	unstable is vulnerable
	CVE-2017-9435	high**	yes	unstable is vulnerable
	CVE-2017-7887	medium**	yes	unstable is vulnerable
	CVE-2017-7888	medium**	yes	unstable is vulnerable
	CVE-2017-8879	medium**	no	unstable is vulnerable
drupal7	CVE-2017-6922	not yet assigned	?	fixed in unstable
dwarfutils	CVE-2017-9052	high**	yes	fixed in unstable
	CVE-2017-9053	high**	yes	fixed in unstable
	CVE-2017-9054	high**	yes	fixed in unstable
	CVE-2017-9055	high**	yes	fixed in unstable
flatpak	CVE-2017-9780	not yet assigned	?	fixed in unstable
gdb	CVE-2017-9778	not yet assigned	?	unstable is vulnerable
gdk-pixbuf	CVE-2017-6312	medium**	yes	unstable is vulnerable
	CVE-2017-6313	medium**	yes	unstable is vulnerable
	CVE-2017-6314	medium**	yes	unstable is vulnerable
gdm3	CVE-2016-1000002	low	?	unstable is vulnerable
ghostscript	CVE-2016-10317	medium**	yes	unstable is vulnerable
gksu	CVE-2014-2886	medium**	yes	unstable is vulnerable
glibc	CVE-2017-8804	high**	yes	unstable is vulnerable
	CVE-2016-10228	medium**	yes	unstable is vulnerable
gnome-keyring	TEMP-0395572-55D193	low	?	unstable is vulnerable
golang-1.8	CVE-2017-8932	not yet assigned	?	fixed in unstable
guacamole-client	CVE-2016-1566	low**	yes	unstable is vulnerable
haskell-tls	CVE-2013-0169	low**	yes	unstable is vulnerable
hesiod	CVE-2016-10151	low	no	unstable is vulnerable
	CVE-2016-10152	low	yes	unstable is vulnerable
hexchat	CVE-2016-2087	medium**	yes	unstable is vulnerable
icedove	CVE-2017-5470	not yet assigned	?	fixed in unstable
	CVE-2017-5472	not yet assigned	?	fixed in unstable
	CVE-2017-7749	not yet assigned	?	fixed in unstable
	CVE-2017-7750	not yet assigned	?	fixed in unstable
	CVE-2017-7751	not yet assigned	?	fixed in unstable
	CVE-2017-7752	not yet assigned	?	fixed in unstable
	CVE-2017-7754	not yet assigned	?	fixed in unstable
	CVE-2017-7756	not yet assigned	?	fixed in unstable
	CVE-2017-7757	not yet assigned	?	fixed in unstable
	CVE-2017-7758	not yet assigned	?	fixed in unstable
	CVE-2017-7763	not yet assigned	?	fixed in unstable
	CVE-2017-7764	not yet assigned	?	fixed in unstable
	CVE-2017-7771	not yet assigned	?	fixed in unstable
	CVE-2017-7772	not yet assigned	?	fixed in unstable
	CVE-2017-7773	not yet assigned	?	fixed in unstable
	CVE-2017-7774	not yet assigned	?	fixed in unstable
	CVE-2017-7775	not yet assigned	?	fixed in unstable
	CVE-2017-7776	not yet assigned	?	fixed in unstable
	CVE-2017-7777	not yet assigned	?	fixed in unstable
	CVE-2017-7778	not yet assigned	?	fixed in unstable
imagemagick	CVE-2017-9439	low	yes	unstable is vulnerable
	CVE-2017-9440	low	yes	unstable is vulnerable
	CVE-2017-9499	low	yes	unstable is vulnerable
	CVE-2017-9500	low	yes	unstable is vulnerable
	CVE-2017-9501	low	yes	unstable is vulnerable
jbig2dec	CVE-2017-9216	medium**	yes	unstable is vulnerable
	CVE-2016-8729	not yet assigned	?	unstable is vulnerable
jetty9	CVE-2017-9735	not yet assigned	no	fixed in unstable
jython	CVE-2013-2027	low	no	unstable is vulnerable
	CVE-2016-4000	not yet assigned	?	fixed in unstable
kdesudo	CVE-2016-7787	medium**	yes	unstable is vulnerable
kgb-bot	CVE-2015-1554	low	?	unstable is vulnerable
kodi	CVE-2017-5982	medium**	yes	unstable is vulnerable
libapache-poi-java	CVE-2017-5644	high**	yes	unstable is vulnerable
libapache2-mod-nss	CVE-2015-3277	not yet assigned	?	unstable is vulnerable
libarchive	CVE-2016-10209	low	yes	unstable is vulnerable
	CVE-2016-10349	medium**	yes	unstable is vulnerable
	CVE-2016-10350	medium**	yes	unstable is vulnerable
libcroco	CVE-2017-8834	low	yes	unstable is vulnerable
	CVE-2017-8871	low	yes	unstable is vulnerable
libgc	CVE-2016-9427	high**	yes	unstable is vulnerable
libiberty	CVE-2016-4491	low	yes	unstable is vulnerable
libical	CVE-2016-5824	medium**	yes	unstable is vulnerable
	CVE-2016-5825	medium**	yes	unstable is vulnerable
	CVE-2016-5826	medium**	yes	unstable is vulnerable
	CVE-2016-5827	medium**	yes	unstable is vulnerable
	CVE-2016-9584	medium**	yes	unstable is vulnerable
libjgroups-java	CVE-2016-2141	low	yes	unstable is vulnerable
libnet-server-perl	CVE-2013-1841	low	yes	unstable is vulnerable
libpodofo	CVE-2017-8378	high**	yes	unstable is vulnerable
	CVE-2017-5852	medium**	yes	unstable is vulnerable
	CVE-2017-6841	medium**	yes	unstable is vulnerable
	CVE-2017-6845	medium**	yes	unstable is vulnerable
	CVE-2017-6846	medium**	yes	unstable is vulnerable
	CVE-2017-6849	medium**	yes	unstable is vulnerable
	CVE-2017-7994	medium**	yes	unstable is vulnerable
	CVE-2017-8053	medium**	yes	unstable is vulnerable
	CVE-2017-8054	medium**	yes	unstable is vulnerable
	CVE-2017-8787	medium**	yes	unstable is vulnerable
libquicktime	CVE-2017-9122	high**	yes	unstable is vulnerable
	CVE-2017-9123	medium**	yes	unstable is vulnerable
	CVE-2017-9124	medium**	yes	unstable is vulnerable
	CVE-2017-9125	medium**	yes	unstable is vulnerable
	CVE-2017-9126	medium**	yes	unstable is vulnerable
	CVE-2017-9127	medium**	yes	unstable is vulnerable
	CVE-2017-9128	medium**	yes	unstable is vulnerable
libraw	CVE-2017-6886	high**	yes	unstable is vulnerable
	CVE-2017-6887	medium**	yes	unstable is vulnerable
librsync	CVE-2014-8242	low	yes	unstable is vulnerable
libsamplerate	CVE-2017-7697	medium**	yes	unstable is vulnerable
libsndfile	CVE-2017-6892	medium**	yes	fixed in unstable
libvirt	CVE-2015-5160	low	?	unstable is vulnerable
libxml-twig-perl	CVE-2016-9180	low	yes	unstable is vulnerable
libxml2	CVE-2017-5969	low**	yes	unstable is vulnerable
	CVE-2016-9318	medium**	yes	unstable is vulnerable
	CVE-2017-8872	medium**	yes	unstable is vulnerable
	CVE-2017-9047	medium**	yes	unstable is vulnerable
	CVE-2017-9048	medium**	yes	unstable is vulnerable
	CVE-2017-9049	medium**	yes	unstable is vulnerable
	CVE-2017-9050	medium**	yes	unstable is vulnerable
	CVE-2017-7375	not yet assigned	?	unstable is vulnerable
	CVE-2017-7376	not yet assigned	?	unstable is vulnerable
libytnef	CVE-2017-9146	medium**	yes	unstable is vulnerable
	CVE-2017-9470	medium**	yes	unstable is vulnerable
	CVE-2017-9471	medium**	yes	unstable is vulnerable
	CVE-2017-9472	medium**	yes	unstable is vulnerable
	CVE-2017-9473	medium**	yes	unstable is vulnerable
	CVE-2017-9474	medium**	yes	unstable is vulnerable
linux	CVE-2013-7445	high**	yes	unstable is vulnerable
	CVE-2017-8831	high**	no	unstable is vulnerable
	CVE-2015-8553	low**	no	unstable is vulnerable
	CVE-2016-8660	medium**	no	unstable is vulnerable
	CVE-2017-7346	medium**	no	fixed in unstable
	CVE-2017-1000364	not yet assigned	no	fixed in unstable
	CVE-2017-1000365	not yet assigned	no	unstable is vulnerable
	CVE-2017-1000370	not yet assigned	no	unstable is vulnerable
	CVE-2017-1000371	not yet assigned	no	unstable is vulnerable
	CVE-2017-1000379	not yet assigned	no	unstable is vulnerable
	CVE-2017-1000380	not yet assigned	no	fixed in unstable
	CVE-2017-9605	not yet assigned	no	fixed in unstable
	TEMP-0000000-A7C6D6	not yet assigned	?	unstable is vulnerable
lrzip	CVE-2017-8844	medium**	yes	unstable is vulnerable
	CVE-2017-8846	medium**	yes	unstable is vulnerable
mercurial	CVE-2017-9462	high**	yes	unstable is vulnerable
mruby	CVE-2017-9527	low	no	unstable is vulnerable
mysql-workbench	CVE-2017-3469	low	yes	unstable is vulnerable
netbeans	CVE-2016-5537	medium**	no	unstable is vulnerable
network-manager	CVE-2012-1096	low	?	unstable is vulnerable
nginx	CVE-2013-0337	low	yes	unstable is vulnerable
openexr	CVE-2017-9110	medium**	yes	unstable is vulnerable
	CVE-2017-9111	medium**	yes	unstable is vulnerable
	CVE-2017-9112	medium**	yes	unstable is vulnerable
	CVE-2017-9113	medium**	yes	unstable is vulnerable
	CVE-2017-9114	medium**	yes	unstable is vulnerable
	CVE-2017-9115	medium**	yes	unstable is vulnerable
	CVE-2017-9116	medium**	yes	unstable is vulnerable
openjpeg2	CVE-2016-1626	medium**	yes	unstable is vulnerable
	CVE-2016-1628	medium**	yes	unstable is vulnerable
	CVE-2016-5152	medium**	yes	unstable is vulnerable
	CVE-2016-5158	medium**	yes	unstable is vulnerable
	CVE-2016-9112	medium**	yes	unstable is vulnerable
	CVE-2016-9118	medium**	yes	unstable is vulnerable
openvpn	CVE-2017-7508	not yet assigned	?	fixed in unstable
	CVE-2017-7520	not yet assigned	?	fixed in unstable
	CVE-2017-7521	not yet assigned	?	fixed in unstable
openvswitch	CVE-2017-9214	high**	yes	unstable is vulnerable
	CVE-2017-9264	high**	yes	unstable is vulnerable
	CVE-2017-9265	high**	yes	unstable is vulnerable
	CVE-2017-9263	low**	yes	unstable is vulnerable
php-gettext	CVE-2016-6175	high**	yes	unstable is vulnerable
php-horde-image	CVE-2017-9773	not yet assigned	?	unstable is vulnerable
	CVE-2017-9774	not yet assigned	?	unstable is vulnerable
php7.0	CVE-2017-8923	high**	yes	unstable is vulnerable
php7.1	CVE-2017-8923	high**	yes	unstable is vulnerable
	CVE-2017-9119	high**	yes	unstable is vulnerable
policykit-1	CVE-2016-2568	medium**	no	unstable is vulnerable
poppler	CVE-2017-9406	low	yes	unstable is vulnerable
	CVE-2017-9408	low	yes	unstable is vulnerable
potrace	CVE-2017-7263	medium**	yes	unstable is vulnerable
pyrad	CVE-2013-0342	low	?	unstable is vulnerable
python-pysaml2	CVE-2016-10127	low	yes	unstable is vulnerable
python-restkit	CVE-2015-2674	not yet assigned	?	unstable is vulnerable
python-tablib	CVE-2017-2810	not yet assigned	no	unstable is vulnerable
qemu	CVE-2017-9310	low**	no	unstable is vulnerable
	CVE-2017-9330	low**	no	unstable is vulnerable
	CVE-2017-9373	low**	no	unstable is vulnerable
	CVE-2017-9375	low**	no	unstable is vulnerable
	CVE-2017-9503	low**	no	unstable is vulnerable
	CVE-2017-9374	not yet assigned	no	unstable is vulnerable
	CVE-2017-9524	not yet assigned	?	unstable is vulnerable
	TEMP-0000000-A7C6D6	not yet assigned	?	unstable is vulnerable
qpdf	CVE-2017-9208	low	yes	unstable is vulnerable
	CVE-2017-9209	low	yes	unstable is vulnerable
	CVE-2017-9210	low	yes	unstable is vulnerable
qt4-x11	CVE-2016-10040	medium**	yes	unstable is vulnerable
qtbase-opensource-src	CVE-2016-10040	medium**	yes	unstable is vulnerable
rabbitmq-server	CVE-2017-4965	low	no	unstable is vulnerable
	CVE-2017-4966	low	no	unstable is vulnerable
	CVE-2017-4967	low	no	unstable is vulnerable
radare2	CVE-2017-9520	low	yes	unstable is vulnerable
	CVE-2017-9761	low	no	unstable is vulnerable
	CVE-2017-9762	low	no	unstable is vulnerable
	CVE-2017-9763	not yet assigned	no	unstable is vulnerable
rar (non-free)	CVE-2014-9983	medium**	yes	unstable is vulnerable
resteasy	CVE-2016-6345	low	yes	unstable is vulnerable
	CVE-2016-6346	low	yes	unstable is vulnerable
	CVE-2016-6347	low	yes	unstable is vulnerable
	CVE-2016-6348	low	yes	unstable is vulnerable
	CVE-2016-9606	not yet assigned	?	unstable is vulnerable
rhn-client-tools	CVE-2015-1777	not yet assigned	?	unstable is vulnerable
rubocop	CVE-2017-8418	low**	no	unstable is vulnerable
ruby2.3	CVE-2016-7798	medium**	yes	unstable is vulnerable
	CVE-2015-9096	not yet assigned	no	unstable is vulnerable
rxvt	CVE-2017-7483	low	yes	unstable is vulnerable
telegram-desktop	CVE-2016-10351	low**	no	unstable is vulnerable
thrift-compiler	CVE-2015-3254	medium**	yes	unstable is vulnerable
tinymce	CVE-2012-4230	low	yes	unstable is vulnerable
undertow	CVE-2017-2666	not yet assigned	?	unstable is vulnerable
	CVE-2017-2670	not yet assigned	?	unstable is vulnerable
unrar-nonfree (non-free)	CVE-2012-6706	not yet assigned	?	fixed in unstable
util-linux	CVE-2016-2779	high**	no	unstable is vulnerable
wireshark	CVE-2017-9345	high**	yes	unstable is vulnerable
	CVE-2017-9346	high**	yes	unstable is vulnerable
	CVE-2017-9349	high**	yes	unstable is vulnerable
	CVE-2017-9350	high**	yes	unstable is vulnerable
	CVE-2017-9352	high**	yes	unstable is vulnerable
	CVE-2017-9616	low	yes	unstable is vulnerable
	CVE-2017-9617	low	yes	unstable is vulnerable
	CVE-2017-9343	medium**	yes	unstable is vulnerable
	CVE-2017-9344	medium**	yes	unstable is vulnerable
	CVE-2017-9347	medium**	yes	unstable is vulnerable
	CVE-2017-9348	medium**	yes	unstable is vulnerable
	CVE-2017-9351	medium**	yes	unstable is vulnerable
	CVE-2017-9353	medium**	yes	unstable is vulnerable
	CVE-2017-9354	medium**	yes	unstable is vulnerable
	CVE-2017-9766	not yet assigned	?	unstable is vulnerable
x11vnc	TEMP-0672435-7C494C	not yet assigned	?	unstable is vulnerable
xen	TEMP-0000000-19BACE	not yet assigned	?	unstable is vulnerable
	TEMP-0000000-2EA1E2	not yet assigned	?	unstable is vulnerable
	TEMP-0000000-481368	not yet assigned	?	unstable is vulnerable
	TEMP-0000000-9291D7	not yet assigned	?	unstable is vulnerable
	TEMP-0000000-ACE0FE	not yet assigned	?	unstable is vulnerable
	TEMP-0000000-B1966C	not yet assigned	?	unstable is vulnerable
	TEMP-0000000-C28143	not yet assigned	?	unstable is vulnerable
	TEMP-0000000-E1580E	not yet assigned	?	unstable is vulnerable
	TEMP-0000000-E267D4	not yet assigned	?	unstable is vulnerable
yaml-cpp	CVE-2017-5950	low	yes	unstable is vulnerable
yaml-cpp0.3	CVE-2017-5950	low	yes	unstable is vulnerable
yara	CVE-2017-9438	low	yes	unstable is vulnerable
	CVE-2017-9465	low	yes	unstable is vulnerable
	CVE-2017-8294	medium**	yes	unstable is vulnerable
	CVE-2017-9304	medium**	yes	unstable is vulnerable
zoo	TEMP-0774453-CA58EE	low	?	unstable is vulnerable
zziplib	CVE-2017-5977	medium**	yes	unstable is vulnerable

If a "**" is included, the urgency field was automatically assigned by the NVD (National Vulnerability Database). Note that this rating is automatically derived from a set of known factors about the issue (such as access complexity, confidentiality impact, exploitability, remediation level, and others). Human intervention is involved in determining the values of these factors, but the rating itself comes from a fully automated formula.