Vulnerable source packages in the unstable suite

Note that the list below is based on source packages. This means that packages are not listed here once a new, fixed source version has been uploaded to the archive, even if there are still some vulnerable binary packages present in the archive.


PackageBugUrgencyRemote
9baseCVE-2014-1935low?
accountsserviceCVE-2012-6655low?
acidbaseCVE-2012-1017lowyes
android-toolsCVE-2012-5564low**no
apache2CVE-2015-0228low?
arcTEMP-0774439-ECBE09low?
TEMP-0774527-3B586Flow?
arjCVE-2015-0556low?
CVE-2015-0557low?
asteriskCVE-2015-1558low**yes
automake-1.14TEMP-0760455-22ED59low?
axis2cCVE-2012-5351lowyes
CVE-2012-6107medium**yes
binutils-mingw-w64CVE-2014-8484medium**yes
CVE-2014-8485high**yes
CVE-2014-8501high**yes
CVE-2014-8502high**yes
CVE-2014-8503high**yes
CVE-2014-8504high**yes
CVE-2014-8737low**no
CVE-2014-8738medium**yes
blenderCVE-2010-5105lowno
busyboxCVE-2014-9645not yet assigned?
byzanzTEMP-0778261-A44A2Dlow?
cabextractCVE-2015-2060not yet assigned?
check-mkCVE-2014-2330not yet assigned?
CVE-2014-2331not yet assigned?
CVE-2014-5338low**yes
CVE-2014-5339medium**yes
CVE-2014-5340high**yes
chickenCVE-2014-9651not yet assigned?
cinderCVE-2013-2255not yet assigned?
commons-httpclientCVE-2012-6153medium**yes
couchdbCVE-2014-2668lowyes
cpioCVE-2015-1197lowno
cyasslCVE-2011-3389medium**yes
CVE-2014-2901not yet assigned?
CVE-2014-2902not yet assigned?
CVE-2014-2903not yet assigned?
CVE-2014-2904not yet assigned?
CVE-2014-3566medium**yes
CVE-2014-6491high**yes
CVE-2014-6494medium**yes
CVE-2014-6495medium**yes
CVE-2014-6496medium**yes
CVE-2014-6500high**yes
TEMP-0000000-2D36D7not yet assigned?
djbdnsCVE-2008-4392highyes
CVE-2012-1191medium**yes
djvulibreTEMP-0775193-7F000Enot yet assigned?
dokuwikiCVE-2014-9253medium**yes
CVE-2015-2172not yet assigned?
duplicityCVE-2014-3495low?
ecryptfs-utilsCVE-2014-9687not yet assigned?
elixirCVE-2012-2146lowyes
encfsCVE-2014-3462low?
extplorerCVE-2013-5951low**yes
eyed3CVE-2014-1934lowno
facterCVE-2015-1426low**no
fckeditorCVE-2014-4037lowyes
fence-agentsCVE-2014-0104low?
freeipaCVE-2014-7850medium**yes
fuseisoTEMP-0779047-8CABD5not yet assigned?
TEMP-0779047-E29D8Enot yet assigned?
gcc-4.4CVE-2002-2439low?
CVE-2014-5044not yet assigned?
gcc-4.6CVE-2002-2439low?
CVE-2014-5044not yet assigned?
gcc-4.7CVE-2002-2439low?
CVE-2014-5044not yet assigned?
glibcCVE-2013-2207lowno
CVE-2014-8121low?
TEMP-0779587-B973D8not yet assigned?
TEMP-0779587-F20A8Anot yet assigned?
glusterfsCVE-2014-3619not yet assigned?
gnome-orcaCVE-2013-4245not yet assigned?
gnupgCVE-2014-3591not yet assigned?
CVE-2015-0837not yet assigned?
CVE-2015-1606not yet assigned?
CVE-2015-1607not yet assigned?
grml-debootstrapCVE-2015-1378low?
haCVE-2015-1198low?
haskell-tlsCVE-2013-0169low**yes
hexchatTEMP-0776609-026A07not yet assigned?
htTEMP-0773308-EE1012low?
icuTEMP-0778511-AAAFE7low?
jabberd2CVE-2015-2058not yet assigned?
jenkinsCVE-2014-3665not yet assigned?
jgitCVE-2014-9390not yet assigned?
jythonCVE-2013-2027lowno
kde-workspaceCVE-2015-1308lowyes
kdeplasma-addonsCVE-2013-2120low?
kexec-toolsTEMP-0766772-93FAA3not yet assigned?
kfreebsd-10CVE-2011-2393lowyes
kgbCVE-2015-1192medium**yes
libarchiveTEMP-0778266-55EAF2not yet assigned?
libavCVE-2014-7933high**yes
CVE-2014-7937high**yes
CVE-2014-8544high**yes
CVE-2014-9318high**yes
CVE-2014-9604high**yes
libblurayTEMP-0000000-EA424Anot yet assigned?
libcsoapTEMP-0778599-3C8F34not yet assigned?
libdata-uuid-perlCVE-2013-4184low?
libgcrypt11CVE-2014-3591not yet assigned?
CVE-2015-0837not yet assigned?
libhibernate-validator-javaCVE-2014-3558lowyes
libhtpTEMP-0000000-4C0B51not yet assigned?
TEMP-0774897-BC9A31not yet assigned?
TEMP-0777522-650525not yet assigned?
libmp3-info-perlCVE-2013-6499not yet assigned?
libnet-server-perlCVE-2013-1841lowyes
libphp-snoopyCVE-2008-7313not yet assigned?
CVE-2014-5008not yet assigned?
librsyncCVE-2014-8242low?
libspring-javaCVE-2014-3578lowyes
CVE-2014-3625medium**yes
libxerces2-javaCVE-2012-0881low?
linuxCVE-2010-5321not yet assigned?
CVE-2015-0275not yet assigned?
CVE-2015-1350not yet assigned?
CVE-2015-2041not yet assigned?
CVE-2015-2042not yet assigned?
TEMP-0000000-1E2093not yet assigned?
TEMP-0000000-3D1157not yet assigned?
llvm-toolchain-3.4TEMP-0778389-A8C6F9low?
llvm-toolchain-3.5TEMP-0778389-A8C6F9low?
llvm-toolchain-3.6TEMP-0778389-A8C6F9not yet assigned?
llvm-toolchain-snapshotTEMP-0778389-A8C6F9not yet assigned?
mediatombTEMP-0580120-33FF40low?
midgard2-coreCVE-2014-8148high**no
mini-httpdCVE-2015-1548medium**yes
moodleCVE-2013-3630medium**yes
CVE-2014-2054high**yes
muttTEMP-0775199-D05A9Elow?
nagios3CVE-2013-7107lowyes
CVE-2013-7108lowyes
CVE-2013-7205lowyes
network-managerCVE-2012-1096low?
newlibTEMP-0778389-A8C6F9not yet assigned?
nginxCVE-2011-4968low?
novaCVE-2013-2255not yet assigned?
novncTEMP-0778618-D459EEnot yet assigned?
ntopCVE-2014-4165medium**yes
ntpCVE-2013-5211lowyes
obbyCVE-2011-4092lowyes
opencryptokiCVE-2012-4454lowyes
CVE-2012-4455lowno
openjdk-6CVE-2012-5373lowyes
TEMP-0774953-4B9AFEnot yet assigned?
openjdk-7CVE-2012-5373lowyes
TEMP-0774953-4B9AFEnot yet assigned?
openjdk-8CVE-2014-3566medium**yes
TEMP-0774953-4B9AFEnot yet assigned?
opensslCVE-2015-0209not yet assigned?
opus-toolsCVE-2014-9639medium**yes
oss4TEMP-0775662-9BBEA1not yet assigned?
p7zipCVE-2015-1038medium**yes
paxCVE-2015-1193lowyes
CVE-2015-1194lowyes
percona-xtradb-cluster-5.5CVE-2014-4243low**yes
phantomjsCVE-2013-4549medium**yes
php5CVE-2013-6501not yet assigned?
CVE-2014-5459lowno
pillowCVE-2014-9601medium**yes
pngcrushCVE-2015-2158not yet assigned?
potraceTEMP-0778646-705695not yet assigned?
poundCVE-2009-3555medium**yes
puppet-module-puppetlabs-stdlibCVE-2015-1029medium**yes
pyradCVE-2013-0342low?
python-rplyCVE-2014-1938low?
qpid-cppCVE-2012-4446lowyes
CVE-2012-4458lowyes
CVE-2012-4459lowyes
CVE-2012-4460lowyes
CVE-2014-0212low?
CVE-2014-3629lowyes
CVE-2015-0203not yet assigned?
CVE-2015-0223medium**yes
qt4-x11CVE-2015-0295not yet assigned?
qtbase-opensource-srcCVE-2015-0295not yet assigned?
radare2TEMP-0778389-A8C6F9low?
rar (non-free)TEMP-0774172-B2A845not yet assigned?
ropeCVE-2014-3539not yet assigned?
roundcubeCVE-2014-9587medium**yes
rsyncCVE-2014-9512lowyes
TEMP-0000000-948688low?
squidCVE-2014-7141medium**yes
CVE-2014-7142medium**yes
CVE-2015-0881medium**yes
sssdCVE-2014-0249lowno
suricataCVE-2015-0928not yet assigned?
TEMP-0000000-4C0B51not yet assigned?
TEMP-0000000-C04FE8not yet assigned?
tiffCVE-2014-8127not yet assigned?
CVE-2014-8128not yet assigned?
CVE-2015-1547not yet assigned?
tinymceCVE-2012-4230lowyes
trafficserverCVE-2014-10022medium**yes
tweepyCVE-2012-5825lowyes
typo3-srcCVE-2014-9509high**yes
unrar-nonfree (non-free)TEMP-0774171-B2A845not yet assigned?
unshieldCVE-2015-1386low?
vala-0.26CVE-2014-8154high**yes
vorbis-toolsCVE-2014-9639lowyes
w3afCVE-2013-2099lowyes
web2ldapCVE-2013-7258lowyes
xbindkeys-configCVE-2014-9513not yet assigned?
xbmcCVE-2014-3800lowno
TEMP-0000000-9FAB83low?
xcfaCVE-2014-5254low?
CVE-2014-5255low?
xchatTEMP-0776609-026A07not yet assigned?
xchat-gnomeTEMP-0776609-026A07not yet assigned?
xenCVE-2014-9066medium**no
xerces-cCVE-2012-0880low?
yuiCVE-2013-6780lowyes
zooTEMP-0774453-CA58EElow?

If a "**" is included, the urgency field was automatically assigned by the NVD (National Vulnerability Database). Note that this rating is automatically derived from a set of known factors about the issue (such as access complexity, confidentiality impact, exploitability, remediation level, and others). Human intervention is involved in determining the values of these factors, but the rating itself comes from a fully automated formula.


Search for package or bug name: Reporting problems