Vulnerable source packages in the unstable suite

Note that the list below is based on source packages. This means that packages are not listed here once a new, fixed source version has been uploaded to the archive, even if there are still some vulnerable binary packages present in the archive.


PackageBugUrgencyRemote
389-ds-baseCVE-2016-5416not yet assigned?
CVE-2017-2668not yet assigned?
accountsserviceCVE-2012-6655low?
ansibleCVE-2017-7473not yet assigned?
apng2gifCVE-2017-6960medium**yes
CVE-2017-6961medium**yes
CVE-2017-6962medium**yes
arcTEMP-0774439-ECBE09low?
TEMP-0774527-3B586Flow?
batikCVE-2017-5662high**yes
bind9CVE-2016-6170medium**yes
CVE-2017-3136not yet assigned?
CVE-2017-3137not yet assigned?
CVE-2017-3138not yet assigned?
bluezCVE-2016-9797medium**yes
CVE-2016-9798medium**yes
CVE-2016-9799medium**yes
CVE-2016-9800medium**yes
CVE-2016-9801medium**yes
CVE-2016-9802medium**yes
CVE-2016-9803medium**yes
CVE-2016-9804medium**yes
CVE-2016-9917medium**yes
CVE-2016-9918medium**yes
botan1.10CVE-2017-2801not yet assigned?
bundlerCVE-2016-7954high**yes
busyboxCVE-2011-5325not yet assigned?
CVE-2016-2147medium**yes
CVE-2016-2148high**yes
TEMP-0803097-A74121not yet assigned?
byzanzCVE-2015-2785lowyes
bzrtpCVE-2016-6271medium**yes
cargoCVE-2016-10128high**yes
CVE-2016-10129medium**yes
CVE-2016-10130medium**yes
CVE-2016-8568medium**yes
CVE-2016-8569medium**yes
chefCVE-2015-8559not yet assigned?
chickenCVE-2016-6830high**yes
CVE-2016-6831medium**yes
CVE-2016-9954lowyes
CVE-2017-6949medium**yes
cinderCVE-2013-2255not yet assigned?
cobblerCVE-2016-9605not yet assigned?
collectdCVE-2017-7401medium**yes
coreutilsCVE-2016-2781low**no
couchdbCVE-2014-2668lowyes
dc3ddTEMP-0801872-E034E1not yet assigned?
dcrawCVE-2015-8366not yet assigned?
djbdnsCVE-2008-4392highyes
CVE-2012-1191medium**yes
docker.ioCVE-2016-9962medium**no
dokuwikiCVE-2016-7964medium**yes
CVE-2016-7965medium**yes
elfutilsCVE-2017-7607medium**yes
CVE-2017-7608medium**yes
CVE-2017-7609medium**yes
CVE-2017-7610medium**yes
CVE-2017-7611medium**yes
CVE-2017-7612medium**yes
CVE-2017-7613medium**yes
ffmpegCVE-2017-5047medium**yes
CVE-2017-5048medium**yes
CVE-2017-5049medium**yes
CVE-2017-5050medium**yes
CVE-2017-5051medium**yes
CVE-2017-7859high**yes
fopCVE-2017-5661high**yes
freeipaCVE-2015-5179not yet assigned?
CVE-2016-7030not yet assigned?
CVE-2016-9575not yet assigned?
gdbCVE-2016-2226lowyes
CVE-2016-4487lowyes
CVE-2016-4488lowyes
CVE-2016-4489lowyes
CVE-2016-4490lowyes
CVE-2016-4491lowyes
CVE-2016-4492lowyes
CVE-2016-4493lowyes
CVE-2016-6131lowyes
gdk-pixbufCVE-2017-6312medium**yes
CVE-2017-6313medium**yes
CVE-2017-6314medium**yes
gdm3CVE-2016-1000002low?
ghostscriptCVE-2016-10317medium**yes
gksuCVE-2014-2886medium**yes
glibcCVE-2016-10228medium**yes
gnome-keyringTEMP-0395572-55D193low?
guacamole-clientCVE-2016-1566low**yes
haskell-tlsCVE-2013-0169low**yes
hesiodCVE-2016-10151lowno
CVE-2016-10152lowyes
hexchatCVE-2016-2087medium**yes
htCVE-2016-4491lowyes
jbig2decCVE-2017-7885medium**yes
CVE-2017-7975medium**yes
CVE-2017-7976medium**yes
jitsiCVE-2017-5603medium**yes
jythonCVE-2013-2027lowno
kde4libsCVE-2017-6410medium**yes
kdesudoCVE-2016-7787medium**yes
kgb-botCVE-2015-1554low?
kodiCVE-2017-5982medium**yes
libapache-poi-javaCVE-2017-5644high**yes
libapache2-mod-nssCVE-2015-3277not yet assigned?
libarchiveCVE-2016-10209medium**yes
libcspCVE-2016-8596high**yes
CVE-2016-8597high**yes
CVE-2016-8598high**yes
libgcCVE-2016-9427high**yes
libgit2CVE-2016-10128high**yes
CVE-2016-10129medium**yes
CVE-2016-10130medium**yes
libibertyCVE-2016-4491lowyes
libicalCVE-2016-5824medium**yes
CVE-2016-5825medium**yes
CVE-2016-5826medium**yes
CVE-2016-5827medium**yes
CVE-2016-9584medium**yes
libjgroups-javaCVE-2016-2141lowyes
libjpeg8CVE-2016-3616medium**yes
libnet-server-perlCVE-2013-1841lowyes
libplistCVE-2017-7982medium**yes
libpodofoCVE-2017-5852medium**yes
CVE-2017-5853medium**yes
CVE-2017-5854medium**yes
CVE-2017-5855medium**yes
CVE-2017-5886medium**yes
CVE-2017-6840medium**yes
CVE-2017-6841medium**yes
CVE-2017-6842medium**yes
CVE-2017-6843medium**yes
CVE-2017-6844medium**yes
CVE-2017-6845medium**yes
CVE-2017-6846medium**yes
CVE-2017-6847medium**yes
CVE-2017-6848medium**yes
CVE-2017-6849medium**yes
CVE-2017-7378medium**yes
CVE-2017-7379medium**yes
CVE-2017-7380medium**yes
CVE-2017-7381medium**yes
CVE-2017-7382medium**yes
CVE-2017-7383medium**yes
CVE-2017-7994medium**yes
CVE-2017-8053medium**yes
CVE-2017-8054medium**yes
TEMP-0854605-651F03not yet assigned?
librsyncCVE-2014-8242lowyes
libsamplerateCVE-2017-7697medium**yes
libsndfileCVE-2017-7742medium**yes
libui-dialog-perlCVE-2008-7315not yet assigned?
libvirtCVE-2015-5160low?
libxml-twig-perlCVE-2016-9180medium**yes
libxml2CVE-2016-9318medium**yes
CVE-2017-5969low**yes
libxsltCVE-2015-9019lowyes
libxstream-javaCVE-2017-7957not yet assigned?
linuxCVE-2013-7445high**yes
CVE-2015-8553low**no
CVE-2016-8660medium**no
CVE-2016-9604not yet assigned?
CVE-2017-2671medium**no
CVE-2017-7346medium**no
CVE-2017-7374high**no
CVE-2017-7472not yet assigned?
CVE-2017-7477not yet assignedno
CVE-2017-7616low**no
CVE-2017-7618high**yes
CVE-2017-7645high**yes
CVE-2017-7889high**no
CVE-2017-7895not yet assignedno
CVE-2017-8061high**no
CVE-2017-8063high**no
CVE-2017-8064high**no
CVE-2017-8067high**no
lshellCVE-2016-6902high**yes
CVE-2016-6903high**yes
mcollectiveCVE-2016-2788high**yes
mp3spltCVE-2017-5666medium**yes
msgpuckCVE-2016-9036medium**yes
mysql-connector-javaCVE-2017-3586not yet assignedno
CVE-2017-3589not yet assignedno
mysql-connector-pythonCVE-2017-3590not yet assignedno
mysql-workbenchCVE-2017-3469not yet assignedno
netbeansCVE-2016-5537medium**no
network-managerCVE-2012-1096low?
newlibCVE-2015-2305medium**yes
nginxCVE-2013-0337lowyes
novaCVE-2013-2255not yet assigned?
npmCVE-2016-3956medium**yes
nssCVE-2017-5461not yet assigned?
CVE-2017-5462not yet assigned?
openjdk-8CVE-2017-3509not yet assignedno
CVE-2017-3511not yet assignedno
CVE-2017-3526not yet assignedno
CVE-2017-3533not yet assignedno
CVE-2017-3539not yet assignedno
CVE-2017-3544not yet assignedno
openjpeg2CVE-2016-1626medium**yes
CVE-2016-1628medium**yes
CVE-2016-5152medium**yes
CVE-2016-5158medium**yes
CVE-2016-9112medium**yes
CVE-2016-9118medium**yes
openstack-troveCVE-2015-3156low?
percona-xtrabackupCVE-2016-6225medium**yes
phantomjsCVE-2013-4549medium**yes
php-gettextCVE-2016-6175high**yes
php-horde-cryptCVE-2017-7413high**yes
CVE-2017-7414medium**yes
php7.0CVE-2017-7272medium**yes
php7.1CVE-2017-7272medium**yes
policykit-1CVE-2016-2568medium**no
potraceCVE-2017-7263medium**yes
profanityCVE-2017-5592medium**yes
TEMP-0857546-8B0EB6not yet assigned?
pyradCVE-2013-0342low?
python-pysaml2CVE-2016-10127medium**yes
python-restkitCVE-2015-2674not yet assigned?
qemuCVE-2017-7471not yet assigned?
CVE-2017-8086not yet assigned?
CVE-2017-8112not yet assigned?
qpid-cppCVE-2012-4446lowyes
CVE-2012-4458lowyes
CVE-2012-4459lowyes
CVE-2012-4460lowyes
CVE-2014-0212low?
CVE-2014-3629lowyes
CVE-2015-0203not yet assigned?
CVE-2015-0223medium**yes
qt4-x11CVE-2016-10040medium**yes
qtbase-opensource-srcCVE-2016-10040medium**yes
rar (non-free)TEMP-0774172-B2A845not yet assigned?
resteasyCVE-2016-6345lowyes
CVE-2016-6346lowyes
CVE-2016-6347lowyes
CVE-2016-6348lowyes
CVE-2016-9606not yet assigned?
rhn-client-toolsCVE-2015-1777not yet assigned?
roundcubeCVE-2017-8114not yet assigned?
ruby2.3CVE-2016-7798medium**yes
saltCVE-2017-8109not yet assignedno
spice-gtkCVE-2016-3066not yet assigned?
tiffCVE-2015-7554high**yes
CVE-2016-10095medium**yes
CVE-2016-5318medium**yes
tikaCVE-2016-4434not yet assigned?
tinymceCVE-2012-4230lowyes
udfclientCVE-2017-8305not yet assignedno
util-linuxCVE-2016-2779high**no
valgrindCVE-2016-2226lowyes
CVE-2016-4487lowyes
CVE-2016-4488lowyes
CVE-2016-4489lowyes
CVE-2016-4490lowyes
CVE-2016-4491lowyes
CVE-2016-4492lowyes
CVE-2016-4493lowyes
CVE-2016-6131lowyes
virglrendererCVE-2016-10163medium**no
CVE-2016-10214medium**no
CVE-2017-5580low**no
CVE-2017-5937low**no
CVE-2017-5956low**no
CVE-2017-5957low**no
CVE-2017-5993medium**no
CVE-2017-5994low**no
CVE-2017-6209low**no
CVE-2017-6210low**no
CVE-2017-6317medium**no
CVE-2017-6355low**no
CVE-2017-6386medium**no
web2pyCVE-2016-10321medium**yes
CVE-2016-4806medium**yes
CVE-2016-4807low**yes
CVE-2016-4808medium**yes
wiresharkCVE-2017-7700lowyes
CVE-2017-7701lowyes
CVE-2017-7702lowyes
CVE-2017-7703medium**yes
CVE-2017-7704high**yes
CVE-2017-7705lowyes
CVE-2017-7745lowyes
CVE-2017-7746lowyes
CVE-2017-7747medium**yes
CVE-2017-7748lowyes
x11vncTEMP-0672435-7C494Cnot yet assigned?
xdebTEMP-0781595-E39EEEnot yet assigned?
xenCVE-2014-9066medium**no
xrdpCVE-2017-6967high**yes
yaml-cppCVE-2017-5950lowyes
yaml-cpp0.3CVE-2017-5950lowyes
yaraCVE-2017-8294not yet assignedno
zoneminderCVE-2016-10140medium**yes
CVE-2016-10201medium**yes
CVE-2016-10202medium**yes
CVE-2016-10203medium**yes
CVE-2016-10204high**yes
CVE-2016-10205high**yes
CVE-2016-10206medium**yes
CVE-2017-5367medium**yes
CVE-2017-5368medium**yes
CVE-2017-5595low**no
CVE-2017-7203medium**yes
zooTEMP-0774453-CA58EElow?
zziplibCVE-2017-5974medium**yes
CVE-2017-5975medium**yes
CVE-2017-5976medium**yes
CVE-2017-5977medium**yes
CVE-2017-5978medium**yes
CVE-2017-5979medium**yes
CVE-2017-5980medium**yes
CVE-2017-5981medium**yes

If a "**" is included, the urgency field was automatically assigned by the NVD (National Vulnerability Database). Note that this rating is automatically derived from a set of known factors about the issue (such as access complexity, confidentiality impact, exploitability, remediation level, and others). Human intervention is involved in determining the values of these factors, but the rating itself comes from a fully automated formula.


Search for package or bug name: Reporting problems