Vulnerable source packages in the testing suite

Candidates for DTSAs

Package	Bug	Urgency	Remote	Status
audiofile	CVE-2018-17095	low	yes	unstable is vulnerable
binutils	CVE-2017-13716	low	yes	unstable is vulnerable
	CVE-2018-12641	low	yes	unstable is vulnerable
	CVE-2018-12697	low	yes	unstable is vulnerable
	CVE-2018-12698	low	yes	unstable is vulnerable
	CVE-2018-12699	low	yes	unstable is vulnerable
	CVE-2018-12700	low	yes	unstable is vulnerable
	CVE-2018-12934	low	yes	unstable is vulnerable
	CVE-2018-17794	low	yes	unstable is vulnerable
	CVE-2018-20657	low	yes	unstable is vulnerable
	CVE-2018-9138	low	yes	unstable is vulnerable
	CVE-2018-9996	low	yes	unstable is vulnerable
	CVE-2018-1000876	medium**	no	unstable is vulnerable
	CVE-2018-17358	medium**	yes	unstable is vulnerable
	CVE-2018-17359	medium**	yes	unstable is vulnerable
	CVE-2018-17360	medium**	yes	unstable is vulnerable
	CVE-2018-17985	medium**	yes	unstable is vulnerable
	CVE-2018-18309	medium**	yes	unstable is vulnerable
	CVE-2018-18483	medium**	yes	unstable is vulnerable
	CVE-2018-18484	medium**	yes	unstable is vulnerable
	CVE-2018-18605	medium**	yes	unstable is vulnerable
	CVE-2018-18606	medium**	yes	unstable is vulnerable
	CVE-2018-18607	medium**	yes	unstable is vulnerable
	CVE-2018-18700	medium**	yes	unstable is vulnerable
	CVE-2018-18701	medium**	yes	unstable is vulnerable
	CVE-2018-19931	medium**	yes	unstable is vulnerable
	CVE-2018-19932	medium**	yes	unstable is vulnerable
	CVE-2018-20002	medium**	yes	unstable is vulnerable
	CVE-2018-20623	medium**	yes	unstable is vulnerable
	CVE-2018-20651	medium**	yes	unstable is vulnerable
	CVE-2018-20671	medium**	yes	unstable is vulnerable
	CVE-2018-20673	medium**	yes	unstable is vulnerable
	CVE-2018-20712	medium**	yes	unstable is vulnerable
	CVE-2019-9070	medium**	yes	unstable is vulnerable
	CVE-2019-9071	medium**	yes	unstable is vulnerable
	CVE-2019-9072	medium**	yes	unstable is vulnerable
	CVE-2019-9073	medium**	yes	unstable is vulnerable
	CVE-2019-9074	medium**	yes	unstable is vulnerable
	CVE-2019-9075	medium**	yes	unstable is vulnerable
	CVE-2019-9076	medium**	yes	unstable is vulnerable
	CVE-2019-9077	medium**	yes	unstable is vulnerable
bro	CVE-2018-16807	low	yes	unstable is vulnerable
	CVE-2018-17019	medium**	yes	unstable is vulnerable
ceilometer	CVE-2019-3830	not yet assigned	?	unstable is vulnerable
checkstyle	CVE-2019-9658	medium**	yes	unstable is vulnerable
chef	CVE-2015-8559	medium**	yes	unstable is vulnerable
chromium	CVE-2019-5786	not yet assigned	?	fixed in unstable
	CVE-2019-5787	not yet assigned	?	fixed in unstable
	CVE-2019-5788	not yet assigned	?	fixed in unstable
	CVE-2019-5789	not yet assigned	?	fixed in unstable
	CVE-2019-5790	not yet assigned	?	fixed in unstable
	CVE-2019-5791	not yet assigned	?	fixed in unstable
	CVE-2019-5792	not yet assigned	?	fixed in unstable
	CVE-2019-5793	not yet assigned	?	fixed in unstable
	CVE-2019-5794	not yet assigned	?	fixed in unstable
	CVE-2019-5795	not yet assigned	?	fixed in unstable
	CVE-2019-5796	not yet assigned	?	fixed in unstable
	CVE-2019-5797	not yet assigned	?	fixed in unstable
	CVE-2019-5798	not yet assigned	?	fixed in unstable
	CVE-2019-5799	not yet assigned	?	fixed in unstable
	CVE-2019-5800	not yet assigned	?	fixed in unstable
	CVE-2019-5802	not yet assigned	?	fixed in unstable
	CVE-2019-5803	not yet assigned	?	fixed in unstable
cloud-init	CVE-2019-0816	not yet assigned	?	unstable is vulnerable
cron	CVE-2019-9704	low	no	fixed in unstable
	CVE-2019-9705	low	no	fixed in unstable
	CVE-2019-9706	low**	no	fixed in unstable
evolution	CVE-2018-15587	medium**	yes	unstable is vulnerable
evolution-data-server	CVE-2018-15587	medium**	yes	unstable is vulnerable
exiv2	CVE-2018-17581	low	yes	unstable is vulnerable
	CVE-2018-20097	low	yes	unstable is vulnerable
	CVE-2017-14859	medium**	yes	unstable is vulnerable
	CVE-2017-14862	medium**	yes	unstable is vulnerable
	CVE-2017-14864	medium**	yes	unstable is vulnerable
	CVE-2017-17669	medium**	yes	unstable is vulnerable
	CVE-2018-16336	medium**	yes	unstable is vulnerable
	CVE-2018-19107	medium**	yes	unstable is vulnerable
	CVE-2018-19108	medium**	yes	unstable is vulnerable
	CVE-2018-19535	medium**	yes	unstable is vulnerable
faad2	CVE-2018-19504	low	yes	unstable is vulnerable
	CVE-2018-19502	medium**	yes	unstable is vulnerable
	CVE-2018-19503	medium**	yes	unstable is vulnerable
	CVE-2018-20194	medium**	yes	unstable is vulnerable
	CVE-2018-20196	medium**	yes	unstable is vulnerable
	CVE-2018-20197	medium**	yes	unstable is vulnerable
ffmpeg	CVE-2019-9718	low	yes	unstable is vulnerable
	CVE-2019-9721	medium**	yes	unstable is vulnerable
firefox-esr	CVE-2018-18506	medium**	yes	fixed in unstable
	CVE-2019-9788	not yet assigned	?	fixed in unstable
	CVE-2019-9790	not yet assigned	?	fixed in unstable
	CVE-2019-9791	not yet assigned	?	fixed in unstable
	CVE-2019-9792	not yet assigned	?	fixed in unstable
	CVE-2019-9793	not yet assigned	?	fixed in unstable
	CVE-2019-9795	not yet assigned	?	fixed in unstable
	CVE-2019-9796	not yet assigned	?	fixed in unstable
	CVE-2019-9810	not yet assigned	?	fixed in unstable
	CVE-2019-9813	not yet assigned	?	fixed in unstable
ghostscript	CVE-2019-3835	not yet assigned	?	unstable is vulnerable
	CVE-2019-3838	not yet assigned	?	unstable is vulnerable
glib2.0	CVE-2019-9633	medium**	yes	unstable is vulnerable
glibc	CVE-2019-9169	high**	yes	unstable is vulnerable
golang-1.11	CVE-2019-9741	medium**	yes	fixed in unstable
golang-golang-x-net-dev	CVE-2018-17847	low	yes	unstable is vulnerable
	CVE-2018-17848	low	yes	unstable is vulnerable
	CVE-2018-17846	medium**	yes	unstable is vulnerable
gpac	CVE-2018-13005	high**	yes	unstable is vulnerable
	CVE-2018-13006	high**	yes	unstable is vulnerable
	CVE-2018-20760	medium**	yes	unstable is vulnerable
	CVE-2018-20761	medium**	yes	unstable is vulnerable
	CVE-2018-20762	medium**	yes	unstable is vulnerable
	CVE-2018-20763	medium**	yes	unstable is vulnerable
	CVE-2018-7752	medium**	yes	unstable is vulnerable
gpsd	CVE-2018-17937	medium**	yes	unstable is vulnerable
graphviz	CVE-2019-9904	low	no	unstable is vulnerable
hdf5	CVE-2019-9152	medium**	yes	unstable is vulnerable
imagemagick	CVE-2019-9956	not yet assigned	no	unstable is vulnerable
jruby	CVE-2018-1000073	medium**	yes	unstable is vulnerable
	CVE-2018-1000078	medium**	yes	unstable is vulnerable
jupyter-notebook	CVE-2019-9644	medium**	yes	unstable is vulnerable
kde-runtime	CVE-2018-19120	medium**	yes	unstable is vulnerable
kde4libs	CVE-2019-7443	not yet assigned	?	unstable is vulnerable
libcaca	CVE-2018-20544	low	yes	unstable is vulnerable
	CVE-2018-20546	low	yes	unstable is vulnerable
	CVE-2018-20547	low	yes	unstable is vulnerable
	CVE-2018-20549	low	yes	unstable is vulnerable
libical	CVE-2016-5824	medium**	yes	unstable is vulnerable
	CVE-2016-5825	medium**	yes	unstable is vulnerable
	CVE-2016-5826	medium**	yes	unstable is vulnerable
	CVE-2016-5827	medium**	yes	unstable is vulnerable
	CVE-2016-9584	medium**	yes	unstable is vulnerable
libjpeg-turbo	CVE-2017-15232	low	yes	unstable is vulnerable
	CVE-2018-1152	low	yes	unstable is vulnerable
	CVE-2018-14498	medium**	yes	unstable is vulnerable
liblivemedia	CVE-2019-7314	high**	yes	unstable is vulnerable
	CVE-2019-9215	high**	yes	unstable is vulnerable
	CVE-2019-7732	low	yes	unstable is vulnerable
	CVE-2019-7733	low	yes	unstable is vulnerable
libmatio	CVE-2019-9026	low	yes	fixed in unstable
	CVE-2019-9027	low	yes	fixed in unstable
	CVE-2019-9028	low	yes	fixed in unstable
	CVE-2019-9029	low	yes	fixed in unstable
	CVE-2019-9030	low	yes	fixed in unstable
	CVE-2019-9031	low	yes	fixed in unstable
	CVE-2019-9032	low	yes	fixed in unstable
	CVE-2019-9033	low	yes	fixed in unstable
	CVE-2019-9034	low	yes	fixed in unstable
	CVE-2019-9035	low	yes	fixed in unstable
	CVE-2019-9036	low	yes	fixed in unstable
	CVE-2019-9037	low	yes	fixed in unstable
	CVE-2019-9038	low	yes	fixed in unstable
libpodofo	CVE-2019-9687	high**	yes	unstable is vulnerable
	CVE-2018-11255	low	yes	unstable is vulnerable
	CVE-2018-12983	low	yes	unstable is vulnerable
	CVE-2018-15889	low	yes	unstable is vulnerable
	CVE-2019-9199	low	yes	unstable is vulnerable
libsass	CVE-2018-11499	high**	yes	unstable is vulnerable
	CVE-2017-10687	low	yes	unstable is vulnerable
	CVE-2017-12962	low	yes	unstable is vulnerable
	CVE-2017-12963	low	yes	unstable is vulnerable
	CVE-2017-12964	low	yes	unstable is vulnerable
	CVE-2018-20190	low	yes	unstable is vulnerable
	CVE-2019-6283	low	yes	unstable is vulnerable
	CVE-2019-6284	low	yes	unstable is vulnerable
	CVE-2019-6286	low	yes	unstable is vulnerable
	CVE-2017-11341	medium**	yes	unstable is vulnerable
	CVE-2017-11342	medium**	yes	unstable is vulnerable
	CVE-2017-11554	medium**	yes	unstable is vulnerable
	CVE-2017-11555	medium**	yes	unstable is vulnerable
	CVE-2017-11556	medium**	yes	unstable is vulnerable
	CVE-2017-11605	medium**	yes	unstable is vulnerable
	CVE-2018-11693	medium**	yes	unstable is vulnerable
	CVE-2018-11694	medium**	yes	unstable is vulnerable
	CVE-2018-11695	medium**	yes	unstable is vulnerable
	CVE-2018-11697	medium**	yes	unstable is vulnerable
	CVE-2018-11698	medium**	yes	unstable is vulnerable
	CVE-2018-19797	medium**	yes	unstable is vulnerable
	CVE-2018-19826	medium**	yes	unstable is vulnerable
	CVE-2018-19827	medium**	yes	unstable is vulnerable
	CVE-2018-19838	medium**	yes	unstable is vulnerable
	CVE-2018-19839	medium**	yes	unstable is vulnerable
libsdl1.2	CVE-2019-7572	medium**	yes	unstable is vulnerable
	CVE-2019-7573	medium**	yes	unstable is vulnerable
	CVE-2019-7574	medium**	yes	unstable is vulnerable
	CVE-2019-7575	medium**	yes	unstable is vulnerable
	CVE-2019-7576	medium**	yes	unstable is vulnerable
	CVE-2019-7577	medium**	yes	unstable is vulnerable
	CVE-2019-7578	medium**	yes	unstable is vulnerable
	CVE-2019-7635	medium**	yes	unstable is vulnerable
	CVE-2019-7636	medium**	yes	unstable is vulnerable
	CVE-2019-7637	medium**	yes	unstable is vulnerable
	CVE-2019-7638	medium**	yes	unstable is vulnerable
libsdl2	CVE-2019-7572	medium**	yes	unstable is vulnerable
	CVE-2019-7573	medium**	yes	unstable is vulnerable
	CVE-2019-7574	medium**	yes	unstable is vulnerable
	CVE-2019-7575	medium**	yes	unstable is vulnerable
	CVE-2019-7576	medium**	yes	unstable is vulnerable
	CVE-2019-7577	medium**	yes	unstable is vulnerable
	CVE-2019-7578	medium**	yes	unstable is vulnerable
	CVE-2019-7635	medium**	yes	unstable is vulnerable
	CVE-2019-7636	medium**	yes	unstable is vulnerable
	CVE-2019-7637	medium**	yes	unstable is vulnerable
	CVE-2019-7638	medium**	yes	unstable is vulnerable
libsdl2-image	CVE-2019-7635	medium**	yes	unstable is vulnerable
libsolv	CVE-2018-20532	low	yes	unstable is vulnerable
	CVE-2018-20533	low	yes	unstable is vulnerable
	CVE-2018-20534	low	yes	unstable is vulnerable
libssh2	CVE-2019-3855	not yet assigned	no	unstable is vulnerable
	CVE-2019-3856	not yet assigned	?	unstable is vulnerable
	CVE-2019-3857	not yet assigned	?	unstable is vulnerable
	CVE-2019-3858	not yet assigned	no	unstable is vulnerable
	CVE-2019-3859	not yet assigned	no	unstable is vulnerable
	CVE-2019-3860	not yet assigned	?	unstable is vulnerable
	CVE-2019-3861	not yet assigned	?	unstable is vulnerable
	CVE-2019-3862	not yet assigned	no	unstable is vulnerable
	CVE-2019-3863	not yet assigned	?	unstable is vulnerable
libxml-twig-perl	CVE-2016-9180	low	yes	unstable is vulnerable
libxml2	CVE-2016-9318	medium**	yes	unstable is vulnerable
	CVE-2017-16932	medium**	yes	unstable is vulnerable
	CVE-2017-18258	medium**	yes	unstable is vulnerable
	CVE-2018-14404	medium**	yes	unstable is vulnerable
	CVE-2018-14567	medium**	yes	unstable is vulnerable
linux	CVE-2013-7445	high**	yes	unstable is vulnerable
	CVE-2017-1000379	high**	no	unstable is vulnerable
	CVE-2018-12930	high**	no	unstable is vulnerable
	CVE-2018-12931	high**	no	unstable is vulnerable
	CVE-2019-7308	high**	yes	fixed in unstable
	CVE-2019-8912	high**	no	fixed in unstable
	CVE-2019-8980	high**	yes	fixed in unstable
	CVE-2019-9003	high**	yes	fixed in unstable
	CVE-2016-8660	low	no	unstable is vulnerable
	CVE-2018-12928	low	no	unstable is vulnerable
	CVE-2015-8553	low**	no	unstable is vulnerable
	CVE-2017-0630	low**	yes	unstable is vulnerable
	CVE-2019-5489	low**	no	unstable is vulnerable
	CVE-2016-10723	medium**	no	unstable is vulnerable
	CVE-2018-12929	medium**	no	unstable is vulnerable
	CVE-2018-16880	medium**	no	fixed in unstable
	CVE-2018-3693	medium**	no	unstable is vulnerable
	CVE-2019-3819	medium**	no	fixed in unstable
	CVE-2019-6974	medium**	yes	fixed in unstable
	CVE-2019-9162	medium**	no	fixed in unstable
	CVE-2019-9213	medium**	no	fixed in unstable
	CVE-2019-3459	not yet assigned	?	unstable is vulnerable
	CVE-2019-3460	not yet assigned	?	unstable is vulnerable
	CVE-2019-3874	not yet assigned	?	unstable is vulnerable
	CVE-2019-7221	not yet assigned	no	fixed in unstable
	CVE-2019-7222	not yet assigned	no	fixed in unstable
	CVE-2019-8956	not yet assigned	?	fixed in unstable
	CVE-2019-9857	not yet assigned	no	unstable is vulnerable
lua5.3	CVE-2019-6706	medium**	yes	unstable is vulnerable
mupdf	CVE-2018-16647	medium**	yes	fixed in unstable
	CVE-2018-16648	medium**	yes	fixed in unstable
ntp	CVE-2019-8936	not yet assigned	?	unstable is vulnerable
nuget	CVE-2019-0757	not yet assigned	?	unstable is vulnerable
opencv	CVE-2017-18009	medium**	yes	unstable is vulnerable
openexr	CVE-2017-9114	medium**	yes	unstable is vulnerable
	CVE-2017-9115	medium**	yes	unstable is vulnerable
openjdk-8	CVE-2018-3136	low**	yes	fixed in unstable
	CVE-2018-3139	low**	yes	fixed in unstable
	CVE-2018-2952	medium**	yes	fixed in unstable
	CVE-2018-3149	medium**	yes	fixed in unstable
	CVE-2018-3169	medium**	yes	fixed in unstable
	CVE-2018-3180	medium**	yes	fixed in unstable
	CVE-2018-3183	medium**	yes	fixed in unstable
	CVE-2018-3214	medium**	yes	fixed in unstable
	CVE-2019-2422	medium**	yes	fixed in unstable
openssl	CVE-2019-1543	medium**	yes	unstable is vulnerable
otrs2 (non-free)	CVE-2019-9751	low**	yes	fixed in unstable
passenger	CVE-2017-16355	low**	yes	fixed in unstable
pdns	CVE-2019-3871	not yet assigned	no	unstable is vulnerable
poppler	CVE-2019-9631	high**	yes	unstable is vulnerable
	CVE-2018-16646	low	yes	unstable is vulnerable
	CVE-2018-18897	low	yes	unstable is vulnerable
	CVE-2018-19058	low	yes	unstable is vulnerable
	CVE-2018-20481	low	yes	unstable is vulnerable
	CVE-2018-20551	low	yes	unstable is vulnerable
	CVE-2018-20662	low	yes	unstable is vulnerable
	CVE-2019-7310	medium**	yes	unstable is vulnerable
	CVE-2019-9200	medium**	yes	unstable is vulnerable
	CVE-2019-9543	medium**	yes	unstable is vulnerable
	CVE-2019-9545	medium**	yes	unstable is vulnerable
	CVE-2019-9903	not yet assigned	no	unstable is vulnerable
pspp	CVE-2018-20230	medium**	yes	unstable is vulnerable
putty	CVE-2019-9895	high**	yes	fixed in unstable
	CVE-2019-9898	high**	yes	fixed in unstable
	CVE-2019-9894	medium**	yes	fixed in unstable
	CVE-2019-9897	medium**	yes	fixed in unstable
python-urllib3	CVE-2019-9740	medium**	yes	unstable is vulnerable
python2.7	CVE-2019-9636	medium**	yes	unstable is vulnerable
	CVE-2019-9740	medium**	yes	unstable is vulnerable
	CVE-2019-9947	not yet assigned	no	unstable is vulnerable
	CVE-2019-9948	not yet assigned	no	unstable is vulnerable
python3.7	CVE-2019-9740	medium**	yes	unstable is vulnerable
	CVE-2019-9947	not yet assigned	no	unstable is vulnerable
qemu	CVE-2019-9824	not yet assigned	?	fixed in unstable
qt4-x11	CVE-2018-19870	low	yes	unstable is vulnerable
	CVE-2018-19871	low	yes	unstable is vulnerable
	CVE-2018-19873	low	yes	unstable is vulnerable
rabbitmq-server	CVE-2018-1279	low**	yes	unstable is vulnerable
rails	CVE-2019-5418	not yet assigned	?	fixed in unstable
	CVE-2019-5419	not yet assigned	?	fixed in unstable
	CVE-2019-5420	not yet assigned	?	fixed in unstable
ruby-doorkeeper-openid-connect	CVE-2019-9837	not yet assigned	no	fixed in unstable
sdl-image1.2	CVE-2019-7635	medium**	yes	unstable is vulnerable
shadow	CVE-2018-7169	medium**	yes	unstable is vulnerable
simple-xml	CVE-2017-1000190	medium**	yes	unstable is vulnerable
sleuthkit	CVE-2018-19497	low	yes	unstable is vulnerable
sox	CVE-2019-8354	medium**	yes	unstable is vulnerable
	CVE-2019-8355	medium**	yes	unstable is vulnerable
	CVE-2019-8356	medium**	yes	unstable is vulnerable
	CVE-2019-8357	medium**	yes	unstable is vulnerable
spice-gtk	CVE-2018-10893	medium**	yes	unstable is vulnerable
sqlalchemy	CVE-2019-7164	high**	yes	unstable is vulnerable
	CVE-2019-7548	medium**	yes	unstable is vulnerable
sqlite3	CVE-2019-9936	low	no	fixed in unstable
	CVE-2019-9937	low	no	fixed in unstable
sssd	CVE-2018-16883	low**	no	unstable is vulnerable
	CVE-2019-3811	low**	yes	unstable is vulnerable
	CVE-2018-10852	medium**	yes	unstable is vulnerable
	CVE-2018-16838	not yet assigned	?	unstable is vulnerable
sysstat	CVE-2018-19416	low	yes	unstable is vulnerable
	CVE-2018-19517	low	yes	unstable is vulnerable
tcc	CVE-2019-9754	low	yes	unstable is vulnerable
tintin++	CVE-2019-7629	low	yes	fixed in unstable
uap-core	CVE-2018-20164	medium**	yes	fixed in unstable
wordpress	CVE-2019-8943	medium**	yes	unstable is vulnerable
	CVE-2019-9787	medium**	yes	fixed in unstable
xen	TEMP-0000000-09CDD1	not yet assigned	?	unstable is vulnerable
	TEMP-0000000-332628	not yet assigned	?	unstable is vulnerable
	TEMP-0000000-341CE5	not yet assigned	?	unstable is vulnerable
	TEMP-0000000-4E12B0	not yet assigned	?	unstable is vulnerable
	TEMP-0000000-4F975A	not yet assigned	?	unstable is vulnerable
	TEMP-0000000-6BCADF	not yet assigned	?	unstable is vulnerable
	TEMP-0000000-839329	not yet assigned	?	unstable is vulnerable
	TEMP-0000000-A28E7B	not yet assigned	?	unstable is vulnerable
	TEMP-0000000-F97A6B	not yet assigned	?	unstable is vulnerable
znc	CVE-2019-9917	not yet assigned	?	unstable is vulnerable
zziplib	CVE-2017-5977	medium**	yes	unstable is vulnerable

If a "**" is included, the urgency field was automatically assigned by the NVD (National Vulnerability Database). Note that this rating is automatically derived from a set of known factors about the issue (such as access complexity, confidentiality impact, exploitability, remediation level, and others). Human intervention is involved in determining the values of these factors, but the rating itself comes from a fully automated formula.