Vulnerable source packages in the unstable suite

Note that the list below is based on source packages. This means that packages are not listed here once a new, fixed source version has been uploaded to the archive, even if there are still some vulnerable binary packages present in the archive.


PackageBugUrgencyRemote
9baseCVE-2014-1935low?
accountsserviceCVE-2012-6655low?
acidbaseCVE-2012-1017lowyes
android-toolsCVE-2012-5564low**no
arcTEMP-0774439-ECBE09low?
TEMP-0774527-3B586Flow?
asteriskCVE-2015-1558low**yes
CVE-2015-3008medium**yes
atticCVE-2015-4082not yet assigned?
automake-1.14TEMP-0760455-22ED59low?
axis2cCVE-2012-5351lowyes
CVE-2012-6107medium**yes
blenderCVE-2010-5105lowno
byzanzCVE-2015-2785lowyes
chickenCVE-2014-9651not yet assigned?
CVE-2015-4556not yet assigned?
cinderCVE-2013-2255not yet assigned?
cobblerCVE-2011-1551medium**no
couchdbCVE-2014-2668lowyes
courierTEMP-0000000-116B28not yet assigned?
cyasslCVE-2011-3389medium**yes
CVE-2014-2901not yet assigned?
CVE-2014-2902not yet assigned?
CVE-2014-2903not yet assigned?
CVE-2014-2904not yet assigned?
CVE-2014-3566medium**yes
CVE-2014-6491high**yes
CVE-2014-6494medium**yes
CVE-2014-6495medium**yes
CVE-2014-6496medium**yes
CVE-2014-6500high**yes
TEMP-0000000-2D36D7not yet assigned?
dcrawCVE-2015-3885medium**yes
djbdnsCVE-2008-4392highyes
CVE-2012-1191medium**yes
dolibarrCVE-2015-3935medium**yes
duplicityCVE-2014-3495low?
elasticsearchCVE-2015-4165not yet assigned?
elixirCVE-2012-2146lowyes
encfsCVE-2014-3462low?
extplorerCVE-2013-5951low**yes
CVE-2015-0896medium**yes
eyed3CVE-2014-1934lowno
facterCVE-2015-1426low**no
fckeditorCVE-2014-4037lowyes
freeimageCVE-2015-3885medium**yes
freeradiusCVE-2015-4680not yet assigned?
fuseisoTEMP-0779047-8CABD5not yet assigned?
TEMP-0779047-E29D8Enot yet assigned?
gcc-4.4CVE-2002-2439low?
CVE-2014-5044not yet assigned?
gcc-4.6CVE-2002-2439low?
CVE-2014-5044not yet assigned?
glibcCVE-2013-2207lowno
CVE-2014-8121lowyes
CVE-2015-1781not yet assigned?
TEMP-0779587-B973D8not yet assigned?
TEMP-0779587-F20A8Anot yet assigned?
gnome-orcaCVE-2013-4245not yet assigned?
gst-plugins-bad0.10CVE-2015-0797medium**yes
haCVE-2015-1198low?
haskell-tlsCVE-2013-0169low**yes
hexchatTEMP-0776609-026A07not yet assigned?
hplipCVE-2015-0839not yet assigned?
htTEMP-0773308-EE1012low?
icuTEMP-0778511-AAAFE7low?
imagemagickTEMP-0000000-2FC21Elow?
TEMP-0000000-7C079Fnot yet assigned?
TEMP-0000000-EEF23Clow?
TEMP-0000000-FDAC72not yet assigned?
ipythonCVE-2015-4707not yet assigned?
jenkinsCVE-2014-3665not yet assigned?
CVE-2015-1806not yet assigned?
CVE-2015-1807not yet assigned?
CVE-2015-1808not yet assigned?
CVE-2015-1809not yet assigned?
CVE-2015-1810not yet assigned?
CVE-2015-1811not yet assigned?
CVE-2015-1812not yet assigned?
CVE-2015-1813not yet assigned?
CVE-2015-1814not yet assigned?
jythonCVE-2013-2027lowno
kde-workspaceCVE-2015-1308lowyes
kdeplasma-addonsCVE-2013-2120low?
kexec-toolsTEMP-0766772-93FAA3not yet assigned?
kfreebsd-10CVE-2011-2393lowyes
kgbCVE-2015-1192medium**yes
libarchiveTEMP-0784213-45868Blow?
libblurayTEMP-0000000-EA424Anot yet assigned?
libcsoapCVE-2015-2297not yet assigned?
libdata-uuid-perlCVE-2013-4184low?
libhibernate-validator-javaCVE-2014-3558lowyes
libhtpTEMP-0774897-BC9A31not yet assigned?
TEMP-0777522-650525not yet assigned?
TEMP-0783007-4C0B51not yet assigned?
libjbcrypt-javaCVE-2015-0886medium**yes
libmp3-info-perlCVE-2013-6499not yet assigned?
libnet-server-perlCVE-2013-1841lowyes
libopensaml2-javaCVE-2015-1796not yet assigned?
librsyncCVE-2014-8242low?
libspring-javaCVE-2014-3578lowyes
CVE-2014-3625medium**yes
libsshCVE-2015-3146not yet assigned?
libwmfCVE-2015-0848not yet assigned?
CVE-2015-4588not yet assigned?
CVE-2015-4695not yet assigned?
CVE-2015-4696not yet assigned?
libxerces2-javaCVE-2012-0881low?
libxml2CVE-2015-1819low?
TEMP-0782985-586F49not yet assigned?
TEMP-0783010-C482B4not yet assigned?
lighttpdCVE-2015-3200lowyes
linuxCVE-2015-1350not yet assigned?
CVE-2015-2925not yet assigned?
CVE-2015-3212not yet assigned?
CVE-2015-4692not yet assigned?
CVE-2015-4700not yet assigned?
TEMP-0000000-1CBA65not yet assigned?
llvm-toolchain-3.4CVE-2015-2305lowyes
llvm-toolchain-3.5CVE-2015-2305lowyes
llvm-toolchain-3.6CVE-2015-2305medium**yes
llvm-toolchain-snapshotCVE-2015-2305medium**yes
mediatombTEMP-0580120-33FF40low?
midgard2-coreCVE-2014-8148high**no
mini-httpdCVE-2015-1548medium**yes
muttTEMP-0775199-D05A9Elow?
mysql-5.5CVE-2015-0499low**yes
CVE-2015-0501medium**yes
CVE-2015-0505low**yes
CVE-2015-2571medium**yes
nagios3CVE-2013-7107lowyes
CVE-2013-7108lowyes
CVE-2013-7205lowyes
net-snmpTEMP-0788964-455201not yet assigned?
nettyCVE-2015-2156not yet assigned?
netty-3.9CVE-2015-2156not yet assigned?
netty3.1CVE-2015-2156not yet assigned?
network-managerCVE-2012-1096low?
CVE-2015-2924not yet assigned?
newlibCVE-2015-2305medium**yes
nginxCVE-2011-4968low?
nodeCVE-2015-2927not yet assigned?
novaCVE-2013-2255not yet assigned?
CVE-2015-1850not yet assigned?
CVE-2015-2687low?
ntopCVE-2014-4165medium**yes
ntpCVE-2013-5211lowyes
TEMP-0000000-19499Dnot yet assigned?
obbyCVE-2011-4092lowyes
opencryptokiCVE-2012-4454lowyes
CVE-2012-4455lowno
openhpiCVE-2015-3248not yet assigned?
openjdk-6CVE-2012-5373lowyes
openjdk-7CVE-2012-5373lowyes
openjdk-8CVE-2014-3566medium**yes
opensslCVE-2015-4000medium**yes
openstack-troveCVE-2015-3156low?
opus-toolsCVE-2014-9639medium**yes
pamCVE-2015-3238not yet assigned?
parallelCVE-2015-4155low**no
CVE-2015-4156low**no
paxCVE-2015-1193lowyes
CVE-2015-1194lowyes
pcre3CVE-2015-2326not yet assigned?
CVE-2015-3210not yet assigned?
CVE-2015-3217not yet assigned?
TEMP-0000000-5D3D68low?
TEMP-0000000-DDAEEElow?
percona-xtradb-cluster-5.5CVE-2014-4243low**yes
CVE-2015-3152not yet assigned?
phantomjsCVE-2013-4549medium**yes
php5CVE-2013-6501medium**no
CVE-2014-5459lowno
CVE-2015-4598not yet assigned?
CVE-2015-4643not yet assigned?
CVE-2015-4644not yet assigned?
policykit-1CVE-2015-3218not yet assigned?
CVE-2015-4625low?
puppet-module-puppetlabs-stdlibCVE-2015-1029medium**yes
pure-ftpdTEMP-0000000-5314C6not yet assigned?
pyjwtTEMP-0781640-F16931not yet assigned?
pykerberosCVE-2015-3206not yet assigned?
pyradCVE-2013-0342low?
python-restkitCVE-2015-2674not yet assigned?
python-rplyCVE-2014-1938low?
python2.7CVE-2013-7440not yet assigned?
qemuCVE-2015-3214not yet assigned?
qpid-cppCVE-2012-4446lowyes
CVE-2012-4458lowyes
CVE-2012-4459lowyes
CVE-2012-4460lowyes
CVE-2014-0212low?
CVE-2014-3629lowyes
CVE-2015-0203not yet assigned?
CVE-2015-0223medium**yes
radare2CVE-2015-2305lowyes
railsCVE-2015-3226not yet assigned?
CVE-2015-3227not yet assigned?
rar (non-free)TEMP-0774172-B2A845not yet assigned?
rhn-client-toolsCVE-2015-1777not yet assigned?
ropeCVE-2014-3539not yet assigned?
rsyncTEMP-0786423-948688low?
ruby-bsonCVE-2015-4410not yet assigned?
ruby-jquery-railsCVE-2015-1840not yet assigned?
ruby-jwtTEMP-0781640-F16931not yet assigned?
ruby-omniauthTEMP-0000000-2F3E8Bnot yet assigned?
ruby-rackCVE-2015-3225not yet assigned?
ruby-redcarpetCVE-2015-5147not yet assigned?
ruby2.1CVE-2015-3900medium**yes
ruby2.2CVE-2015-3900medium**yes
squashfs-toolsCVE-2015-4645not yet assigned?
CVE-2015-4646not yet assigned?
sssdCVE-2014-0249lowno
tidyTEMP-0000000-616DBBnot yet assigned?
tinymceCVE-2012-4230lowyes
tweepyCVE-2012-5825lowyes
unshieldCVE-2015-1386low?
vorbis-toolsCVE-2014-9639lowyes
w3afCVE-2013-2099lowyes
web2ldapCVE-2013-7258lowyes
wpaCVE-2015-4141medium**yes
CVE-2015-4142medium**yes
CVE-2015-4143medium**yes
CVE-2015-4144medium**yes
CVE-2015-4145medium**yes
CVE-2015-4146medium**yes
xbindkeys-configCVE-2014-9513not yet assigned?
xbmcCVE-2014-3800lowno
CVE-2015-3885medium**yes
TEMP-0000000-9FAB83low?
xchatTEMP-0776609-026A07not yet assigned?
xchat-gnomeTEMP-0776609-026A07not yet assigned?
xdebTEMP-0781595-E39EEEnot yet assigned?
xenCVE-2014-9066medium**no
CVE-2015-4163medium**no
CVE-2015-4164medium**no
xerces-cCVE-2012-0880low?
xorg-serverCVE-2015-3164not yet assigned?
yuiCVE-2013-6780lowyes
zooTEMP-0774453-CA58EElow?

If a "**" is included, the urgency field was automatically assigned by the NVD (National Vulnerability Database). Note that this rating is automatically derived from a set of known factors about the issue (such as access complexity, confidentiality impact, exploitability, remediation level, and others). Human intervention is involved in determining the values of these factors, but the rating itself comes from a fully automated formula.


Search for package or bug name: Reporting problems