Vulnerable source packages in the unstable suite

Note that the list below is based on source packages. This means that packages are not listed here once a new, fixed source version has been uploaded to the archive, even if there are still some vulnerable binary packages present in the archive.


PackageBugUrgencyRemote
9baseCVE-2014-1935low?
accountsserviceCVE-2012-6655low?
acidbaseCVE-2012-1017lowyes
android-toolsCVE-2012-5564low**no
arcTEMP-0774439-ECBE09low?
TEMP-0774527-3B586Flow?
arjCVE-2015-0556low?
CVE-2015-0557low?
TEMP-0774015-4CE61Cnot yet assigned?
asteriskCVE-2015-1558low**yes
automake-1.14TEMP-0760455-22ED59low?
axis2cCVE-2012-5351lowyes
CVE-2012-6107medium**yes
blenderCVE-2010-5105lowno
byzanzTEMP-0778261-A44A2Dlow?
cabextractCVE-2015-2060not yet assigned?
capnprotoCVE-2015-2310not yet assigned?
CVE-2015-2311not yet assigned?
CVE-2015-2312not yet assigned?
CVE-2015-2313not yet assigned?
check-mkCVE-2014-2330not yet assigned?
CVE-2014-2331not yet assigned?
CVE-2014-5338low**yes
CVE-2014-5339medium**yes
CVE-2014-5340high**yes
chickenCVE-2014-9651not yet assigned?
cinderCVE-2013-2255not yet assigned?
commons-httpclientCVE-2012-6153medium**yes
couchdbCVE-2014-2668lowyes
cupsCVE-2014-8166low?
cyasslCVE-2011-3389medium**yes
CVE-2014-2901not yet assigned?
CVE-2014-2902not yet assigned?
CVE-2014-2903not yet assigned?
CVE-2014-2904not yet assigned?
CVE-2014-3566medium**yes
CVE-2014-6491high**yes
CVE-2014-6494medium**yes
CVE-2014-6495medium**yes
CVE-2014-6496medium**yes
CVE-2014-6500high**yes
TEMP-0000000-2D36D7not yet assigned?
djbdnsCVE-2008-4392highyes
CVE-2012-1191medium**yes
djvulibreTEMP-0775193-7F000Enot yet assigned?
docker.ioCVE-2014-0047not yet assigned?
CVE-2014-0048not yet assigned?
duplicityCVE-2014-3495low?
elixirCVE-2012-2146lowyes
encfsCVE-2014-3462low?
erlangCVE-2015-2774not yet assigned?
extplorerCVE-2013-5951low**yes
eyed3CVE-2014-1934lowno
facterCVE-2015-1426low**no
fckeditorCVE-2014-4037lowyes
fence-agentsCVE-2014-0104low?
fuseisoTEMP-0779047-8CABD5not yet assigned?
TEMP-0779047-E29D8Enot yet assigned?
gcc-4.4CVE-2002-2439low?
CVE-2014-5044not yet assigned?
gcc-4.6CVE-2002-2439low?
CVE-2014-5044not yet assigned?
gcc-4.7CVE-2002-2439low?
CVE-2014-5044not yet assigned?
glibcCVE-2013-2207lowno
CVE-2014-8121low?
TEMP-0779587-B973D8not yet assigned?
TEMP-0779587-F20A8Anot yet assigned?
gnome-orcaCVE-2013-4245not yet assigned?
haCVE-2015-1198low?
haskell-tlsCVE-2013-0169low**yes
hexchatTEMP-0776609-026A07not yet assigned?
htTEMP-0773308-EE1012low?
icuTEMP-0778511-AAAFE7low?
imagemagickTEMP-0000000-2FC21Enot yet assigned?
TEMP-0000000-7C079Fnot yet assigned?
TEMP-0000000-EEF23Cnot yet assigned?
TEMP-0000000-FDAC72not yet assigned?
jabberd2CVE-2015-2058not yet assigned?
jenkinsCVE-2014-3665not yet assigned?
CVE-2015-1806not yet assigned?
CVE-2015-1807not yet assigned?
CVE-2015-1808not yet assigned?
CVE-2015-1809not yet assigned?
CVE-2015-1810not yet assigned?
CVE-2015-1811not yet assigned?
CVE-2015-1812not yet assigned?
CVE-2015-1813not yet assigned?
CVE-2015-1814not yet assigned?
jgitCVE-2014-9390not yet assigned?
jythonCVE-2013-2027lowno
kde-workspaceCVE-2015-1308lowyes
kdeplasma-addonsCVE-2013-2120low?
kexec-toolsTEMP-0766772-93FAA3not yet assigned?
kfreebsd-10CVE-2011-2393lowyes
kgbCVE-2015-1192medium**yes
libavCVE-2014-7937high**yes
libblurayTEMP-0000000-EA424Anot yet assigned?
libcsoapCVE-2015-2297not yet assigned?
libdata-uuid-perlCVE-2013-4184low?
libdbd-firebird-perlTEMP-0780925-F636E7not yet assigned?
libhibernate-validator-javaCVE-2014-3558lowyes
libhtpTEMP-0000000-4C0B51not yet assigned?
TEMP-0774897-BC9A31not yet assigned?
TEMP-0777522-650525not yet assigned?
libjbcrypt-javaCVE-2015-0886medium**yes
libmp3-info-perlCVE-2013-6499not yet assigned?
libnet-server-perlCVE-2013-1841lowyes
libopensaml2-javaCVE-2015-1796not yet assigned?
librsyncCVE-2014-8242low?
libspring-javaCVE-2014-3578lowyes
CVE-2014-3625medium**yes
libxerces2-javaCVE-2012-0881low?
linuxCVE-2010-5321not yet assigned?
CVE-2014-8159medium**no
CVE-2014-9710not yet assigned?
CVE-2015-0275not yet assigned?
CVE-2015-1350not yet assigned?
CVE-2015-2041not yet assigned?
CVE-2015-2042not yet assigned?
CVE-2015-2150medium**no
CVE-2015-2666not yet assigned?
TEMP-0000000-1E2093not yet assigned?
llvm-toolchain-3.4CVE-2015-2305low?
llvm-toolchain-3.5CVE-2015-2305low?
llvm-toolchain-3.6CVE-2015-2305not yet assigned?
llvm-toolchain-snapshotCVE-2015-2305not yet assigned?
mediatombTEMP-0580120-33FF40low?
mercurialCVE-2014-9462not yet assigned?
midgard2-coreCVE-2014-8148high**no
mini-httpdCVE-2015-1548medium**yes
monopdCVE-2015-0841low?
muttTEMP-0775199-D05A9Elow?
nagios3CVE-2013-7107lowyes
CVE-2013-7108lowyes
CVE-2013-7205lowyes
network-managerCVE-2012-1096low?
newlibCVE-2015-2305not yet assigned?
nginxCVE-2011-4968low?
novaCVE-2013-2255not yet assigned?
CVE-2015-2687low?
ntopCVE-2014-4165medium**yes
ntpCVE-2013-5211lowyes
obbyCVE-2011-4092lowyes
opencryptokiCVE-2012-4454lowyes
CVE-2012-4455lowno
openjdk-6CVE-2012-5373lowyes
TEMP-0774953-4B9AFEnot yet assigned?
openjdk-7CVE-2012-5373lowyes
TEMP-0774953-4B9AFEnot yet assigned?
openjdk-8CVE-2014-3566medium**yes
TEMP-0774953-4B9AFEnot yet assigned?
opus-toolsCVE-2014-9639medium**yes
p7zipCVE-2015-1038medium**yes
paxCVE-2015-1193lowyes
CVE-2015-1194lowyes
percona-xtradb-cluster-5.5CVE-2014-4243low**yes
phantomjsCVE-2013-4549medium**yes
php5CVE-2013-6501not yet assigned?
CVE-2014-5459lowno
potraceTEMP-0778646-705695not yet assigned?
poundCVE-2009-3555medium**yes
puppet-module-puppetlabs-stdlibCVE-2015-1029medium**yes
pyradCVE-2013-0342low?
python-restkitCVE-2015-2674not yet assigned?
python-rplyCVE-2014-1938low?
qemuCVE-2015-1779not yet assigned?
TEMP-0781250-99009Enot yet assigned?
qpid-cppCVE-2012-4446lowyes
CVE-2012-4458lowyes
CVE-2012-4459lowyes
CVE-2012-4460lowyes
CVE-2014-0212low?
CVE-2014-3629lowyes
CVE-2015-0203not yet assigned?
CVE-2015-0223medium**yes
qtbase-opensource-srcCVE-2015-0295medium**yes
quasselTEMP-0781024-D91776not yet assigned?
radare2CVE-2015-2305low?
rar (non-free)TEMP-0774172-B2A845not yet assigned?
realmdCVE-2015-2704not yet assigned?
TEMP-0781179-EEF84Fnot yet assigned?
rhn-client-toolsCVE-2015-1777not yet assigned?
ropeCVE-2014-3539not yet assigned?
roundcubeCVE-2014-9587medium**yes
rsyncTEMP-0000000-948688low?
ruby-rest-clientCVE-2015-1820not yet assigned?
shibboleth-sp2CVE-2015-2684not yet assigned?
slapi-nisCVE-2015-0283not yet assigned?
squidCVE-2014-7141medium**yes
CVE-2014-7142medium**yes
CVE-2015-0881lowyes
sssdCVE-2014-0249lowno
tiffCVE-2015-1547not yet assigned?
tinymceCVE-2012-4230lowyes
tweepyCVE-2012-5825lowyes
typo3-srcCVE-2014-9509high**yes
unrar-nonfree (non-free)TEMP-0774171-B2A845not yet assigned?
unshieldCVE-2015-1386low?
vorbis-toolsCVE-2014-9639lowyes
w3afCVE-2013-2099lowyes
web2ldapCVE-2013-7258lowyes
xbindkeys-configCVE-2014-9513not yet assigned?
xbmcCVE-2014-3800lowno
TEMP-0000000-9FAB83low?
xcfaCVE-2014-5254low?
CVE-2014-5255low?
xchatTEMP-0776609-026A07not yet assigned?
xchat-gnomeTEMP-0776609-026A07not yet assigned?
xenCVE-2014-9066medium**no
CVE-2015-2152lowno
xerces-cCVE-2012-0880low?
yuiCVE-2013-6780lowyes
zooTEMP-0774453-CA58EElow?

If a "**" is included, the urgency field was automatically assigned by the NVD (National Vulnerability Database). Note that this rating is automatically derived from a set of known factors about the issue (such as access complexity, confidentiality impact, exploitability, remediation level, and others). Human intervention is involved in determining the values of these factors, but the rating itself comes from a fully automated formula.


Search for package or bug name: Reporting problems