Vulnerable source packages in the unstable suite

Note that the list below is based on source packages. This means that packages are not listed here once a new, fixed source version has been uploaded to the archive, even if there are still some vulnerable binary packages present in the archive.


PackageBugUrgencyRemote
389-ds-baseCVE-2016-5416medium**yes
accountsserviceCVE-2012-6655low?
ansibleCVE-2017-7473not yet assigned?
CVE-2017-7481not yet assigned?
apng2gifCVE-2017-6960medium**yes
CVE-2017-6961medium**yes
CVE-2017-6962medium**yes
arcTEMP-0774439-ECBE09low?
TEMP-0774527-3B586Flow?
avahiCVE-2017-6519medium**yes
batikCVE-2017-5662high**yes
bind9CVE-2016-6170medium**yes
binutilsCVE-2017-9040lowyes
CVE-2017-9042lowyes
CVE-2017-9043lowyes
CVE-2017-9044lowyes
CVE-2017-9742lowno
CVE-2017-9743lowno
CVE-2017-9744lowno
CVE-2017-9745lowno
CVE-2017-9746lowno
CVE-2017-9747lowno
CVE-2017-9748lowno
CVE-2017-9749lowno
CVE-2017-9750lowno
CVE-2017-9751lowno
CVE-2017-9752lowno
CVE-2017-9753lowno
CVE-2017-9754lowno
CVE-2017-9755lowno
CVE-2017-9756lowno
bluezCVE-2016-9797medium**yes
CVE-2016-9798medium**yes
CVE-2016-9799medium**yes
CVE-2016-9800medium**yes
CVE-2016-9801medium**yes
CVE-2016-9802medium**yes
CVE-2016-9803medium**yes
CVE-2016-9804medium**yes
CVE-2016-9917medium**yes
CVE-2016-9918medium**yes
bundlerCVE-2016-7954high**yes
busyboxCVE-2011-5325not yet assigned?
CVE-2016-2147medium**yes
CVE-2016-2148high**yes
TEMP-0803097-A74121not yet assigned?
byzanzCVE-2015-2785lowyes
c-aresCVE-2017-1000381not yet assigned?
cargoCVE-2016-10128high**yes
CVE-2016-10129medium**yes
CVE-2016-10130medium**yes
CVE-2016-8568medium**yes
CVE-2016-8569medium**yes
cephCVE-2017-7519not yet assigned?
check-mkCVE-2017-9781not yet assignedno
chefCVE-2015-8559not yet assigned?
chickenCVE-2016-6830high**yes
CVE-2016-6831medium**yes
CVE-2016-9954lowyes
CVE-2017-6949medium**yes
CVE-2017-9334lowyes
cobblerCVE-2016-9605not yet assigned?
collectdCVE-2017-7401medium**yes
coreutilsCVE-2016-2781low**no
couchdbCVE-2014-2668lowyes
cronCVE-2017-9525high**yes
dcrawCVE-2015-8366not yet assigned?
djbdnsCVE-2008-4392highyes
CVE-2012-1191medium**yes
dokuwikiCVE-2016-7964medium**yes
CVE-2016-7965medium**yes
dolibarrCVE-2017-7886high**yes
CVE-2017-7887medium**yes
CVE-2017-7888medium**yes
CVE-2017-8879medium**no
CVE-2017-9435high**yes
faac (non-free)CVE-2017-9129not yet assignedno
faac (non-free)CVE-2017-9130not yet assignedno
freeipaCVE-2015-5179not yet assigned?
CVE-2016-7030not yet assigned?
CVE-2016-9575not yet assigned?
gdbCVE-2017-9778not yet assignedno
gdk-pixbufCVE-2017-6312medium**yes
CVE-2017-6313medium**yes
CVE-2017-6314medium**yes
gdm3CVE-2016-1000002low?
ghostscriptCVE-2016-10317medium**yes
gksuCVE-2014-2886medium**yes
glibcCVE-2016-10228medium**yes
CVE-2017-8804high**yes
gnome-keyringTEMP-0395572-55D193low?
guacamole-clientCVE-2016-1566low**yes
haskell-tlsCVE-2013-0169low**yes
hesiodCVE-2016-10151lowno
CVE-2016-10152lowyes
hexchatCVE-2016-2087medium**yes
imagemagickCVE-2017-9439lowyes
CVE-2017-9440lowyes
CVE-2017-9499lowyes
CVE-2017-9500lowyes
CVE-2017-9501lowyes
jbig2decCVE-2016-8729not yet assigned?
CVE-2017-9216medium**yes
jitsiCVE-2017-5603medium**yes
jythonCVE-2013-2027lowno
kdesudoCVE-2016-7787medium**yes
kgb-botCVE-2015-1554low?
knotTEMP-0865678-5A785Fnot yet assigned?
kodiCVE-2017-5982medium**yes
libapache-poi-javaCVE-2017-5644high**yes
libapache2-mod-nssCVE-2015-3277not yet assigned?
libarchiveCVE-2016-10209lowyes
CVE-2016-10349medium**yes
CVE-2016-10350medium**yes
libcrocoCVE-2017-8834lowyes
CVE-2017-8871lowyes
libcspCVE-2016-8596high**yes
CVE-2016-8597high**yes
CVE-2016-8598high**yes
libgcCVE-2016-9427high**yes
libibertyCVE-2016-4491lowyes
libicalCVE-2016-5824medium**yes
CVE-2016-5825medium**yes
CVE-2016-5826medium**yes
CVE-2016-5827medium**yes
CVE-2016-9584medium**yes
libjgroups-javaCVE-2016-2141lowyes
libjpeg8CVE-2016-3616medium**yes
libnet-server-perlCVE-2013-1841lowyes
libpodofoCVE-2017-5852medium**yes
CVE-2017-6841medium**yes
CVE-2017-6845medium**yes
CVE-2017-6846medium**yes
CVE-2017-6849medium**yes
CVE-2017-7994medium**yes
CVE-2017-8053medium**yes
CVE-2017-8054medium**yes
CVE-2017-8378high**yes
CVE-2017-8787medium**yes
libquicktimeCVE-2017-9122high**yes
CVE-2017-9123medium**yes
CVE-2017-9124medium**yes
CVE-2017-9125medium**yes
CVE-2017-9126medium**yes
CVE-2017-9127medium**yes
CVE-2017-9128medium**yes
librawCVE-2017-6886high**yes
CVE-2017-6887medium**yes
librsyncCVE-2014-8242lowyes
libsamplerateCVE-2017-7697medium**yes
libtorrent-rasterbarCVE-2017-9847not yet assigned?
libui-dialog-perlCVE-2008-7315not yet assigned?
libvirtCVE-2015-5160low?
libxml-twig-perlCVE-2016-9180lowyes
libxml2CVE-2016-9318medium**yes
CVE-2017-5969low**yes
CVE-2017-7375not yet assigned?
CVE-2017-7376not yet assigned?
CVE-2017-8872medium**yes
CVE-2017-9047medium**yes
CVE-2017-9048medium**yes
CVE-2017-9049medium**yes
CVE-2017-9050medium**yes
libytnefCVE-2017-9146medium**yes
CVE-2017-9470medium**yes
CVE-2017-9471medium**yes
CVE-2017-9472medium**yes
CVE-2017-9473medium**yes
CVE-2017-9474medium**yes
linuxCVE-2013-7445high**yes
CVE-2015-8553low**no
CVE-2016-8660medium**no
CVE-2017-1000365not yet assignedno
CVE-2017-1000370not yet assignedno
CVE-2017-1000371not yet assignedno
CVE-2017-1000379not yet assignedno
CVE-2017-7482not yet assigned?
CVE-2017-7518not yet assigned?
CVE-2017-8831high**no
TEMP-0000000-A7C6D6not yet assigned?
lrzipCVE-2017-8844medium**yes
CVE-2017-8846medium**yes
mcollectiveCVE-2016-2788high**yes
mercurialCVE-2017-9462high**yes
moodleCVE-2017-7489medium**yes
CVE-2017-7490medium**yes
CVE-2017-7491medium**yes
mp3spltCVE-2017-5666medium**yes
mrubyCVE-2017-9527lowyes
mysql-workbenchCVE-2017-3469lowyes
netbeansCVE-2016-5537medium**no
network-managerCVE-2012-1096low?
nginxCVE-2013-0337lowyes
npmCVE-2016-3956medium**yes
openexrCVE-2017-9110medium**yes
CVE-2017-9111medium**yes
CVE-2017-9112medium**yes
CVE-2017-9113medium**yes
CVE-2017-9114medium**yes
CVE-2017-9115medium**yes
CVE-2017-9116medium**yes
openjpeg2CVE-2016-1626medium**yes
CVE-2016-1628medium**yes
CVE-2016-5152medium**yes
CVE-2016-5158medium**yes
CVE-2016-9112medium**yes
CVE-2016-9118medium**yes
openvswitchCVE-2017-9214high**yes
CVE-2017-9263low**yes
CVE-2017-9264high**yes
CVE-2017-9265high**yes
percona-xtrabackupCVE-2016-6225medium**yes
php-gettextCVE-2016-6175high**yes
php-horde-imageCVE-2017-9773not yet assignedno
CVE-2017-9774not yet assignedno
php7.0CVE-2017-8923high**yes
php7.1CVE-2017-8923high**yes
CVE-2017-9119high**yes
policykit-1CVE-2016-2568medium**no
popplerCVE-2017-9406lowyes
CVE-2017-9408lowyes
CVE-2017-9775not yet assignedno
CVE-2017-9776not yet assignedno
potraceCVE-2017-7263medium**yes
profanityCVE-2017-5592medium**yes
TEMP-0857546-8B0EB6not yet assigned?
pyradCVE-2013-0342low?
python-pysaml2CVE-2016-10127lowyes
python-restkitCVE-2015-2674not yet assigned?
python-tablibCVE-2017-2810not yet assignedno
qemuCVE-2017-9310low**no
CVE-2017-9330low**no
CVE-2017-9373low**no
CVE-2017-9374low**no
CVE-2017-9375low**no
CVE-2017-9503low**no
CVE-2017-9524not yet assigned?
TEMP-0000000-A7C6D6not yet assigned?
qpdfCVE-2017-9208lowyes
CVE-2017-9209lowyes
CVE-2017-9210lowyes
qpid-cppCVE-2012-4446lowyes
CVE-2012-4458lowyes
CVE-2012-4459lowyes
CVE-2012-4460lowyes
CVE-2014-0212low?
CVE-2014-3629lowyes
CVE-2015-0203not yet assigned?
CVE-2015-0223medium**yes
qt4-x11CVE-2016-10040medium**yes
qtbase-opensource-srcCVE-2016-10040medium**yes
rabbitmq-serverCVE-2017-4965lowyes
CVE-2017-4966lowno
CVE-2017-4967lowyes
radare2CVE-2017-9520lowyes
CVE-2017-9761lowno
CVE-2017-9762lowno
CVE-2017-9763not yet assignedno
rar (non-free)CVE-2014-9983medium**yes
resteasyCVE-2016-6345lowyes
CVE-2016-6346lowyes
CVE-2016-6347lowyes
CVE-2016-6348lowyes
CVE-2016-9606not yet assigned?
rhn-client-toolsCVE-2015-1777not yet assigned?
rubocopCVE-2017-8418low**no
ruby2.3CVE-2015-9096not yet assignedno
CVE-2016-7798medium**yes
rxvtCVE-2017-7483lowyes
telegram-desktopCVE-2016-10351low**no
thrift-compilerCVE-2015-3254medium**yes
tiffCVE-2017-9815not yet assignedno
tikaCVE-2016-4434not yet assigned?
tinymceCVE-2012-4230lowyes
undertowCVE-2017-2666not yet assigned?
CVE-2017-2670not yet assigned?
util-linuxCVE-2016-2779high**no
virglrendererCVE-2016-10163medium**no
CVE-2016-10214medium**no
CVE-2017-5580low**no
CVE-2017-5937low**no
CVE-2017-5956low**no
CVE-2017-5957low**no
CVE-2017-5993medium**no
CVE-2017-5994low**no
CVE-2017-6209low**no
CVE-2017-6210low**no
CVE-2017-6317medium**no
CVE-2017-6355low**no
CVE-2017-6386medium**no
web2pyCVE-2016-10321medium**yes
CVE-2016-4806medium**yes
CVE-2016-4807low**yes
CVE-2016-4808medium**yes
wiresharkCVE-2017-9343medium**yes
CVE-2017-9344medium**yes
CVE-2017-9345high**yes
CVE-2017-9346high**yes
CVE-2017-9347medium**yes
CVE-2017-9348medium**yes
CVE-2017-9349high**yes
CVE-2017-9350high**yes
CVE-2017-9351medium**yes
CVE-2017-9352high**yes
CVE-2017-9353medium**yes
CVE-2017-9354medium**yes
CVE-2017-9616lowyes
CVE-2017-9617lowyes
CVE-2017-9766not yet assignedno
wolfsslCVE-2017-2800high**yes
CVE-2017-8855medium**yes
x11vncTEMP-0672435-7C494Cnot yet assigned?
xdebTEMP-0781595-E39EEEnot yet assigned?
xenTEMP-0000000-19BACEnot yet assigned?
TEMP-0000000-2EA1E2not yet assigned?
TEMP-0000000-481368not yet assigned?
TEMP-0000000-9291D7not yet assigned?
TEMP-0000000-ACE0FEnot yet assigned?
TEMP-0000000-B1966Cnot yet assigned?
TEMP-0000000-C28143not yet assigned?
TEMP-0000000-E1580Enot yet assigned?
TEMP-0000000-E267D4not yet assigned?
yaml-cppCVE-2017-5950lowyes
yaml-cpp0.3CVE-2017-5950lowyes
yaraCVE-2017-9465lowyes
zoneminderCVE-2016-10140medium**yes
CVE-2016-10201medium**yes
CVE-2016-10202medium**yes
CVE-2016-10203medium**yes
CVE-2016-10204high**yes
CVE-2016-10205high**yes
CVE-2016-10206medium**yes
CVE-2017-5367medium**yes
CVE-2017-5368medium**yes
CVE-2017-5595low**no
CVE-2017-7203medium**yes
zooTEMP-0774453-CA58EElow?
zziplibCVE-2017-5977medium**yes

If a "**" is included, the urgency field was automatically assigned by the NVD (National Vulnerability Database). Note that this rating is automatically derived from a set of known factors about the issue (such as access complexity, confidentiality impact, exploitability, remediation level, and others). Human intervention is involved in determining the values of these factors, but the rating itself comes from a fully automated formula.


Search for package or bug name: Reporting problems