Vulnerable source packages in the unstable suite

Note that the list below is based on source packages. This means that packages are not listed here once a new, fixed source version has been uploaded to the archive, even if there are still some vulnerable binary packages present in the archive.


PackageBugUrgencyRemote
389-ds-baseCVE-2016-4992not yet assigned?
CVE-2016-5405not yet assigned?
CVE-2016-5416not yet assigned?
accountsserviceCVE-2012-6655low?
android-platform-external-libunwindCVE-2015-3239low**no
android-platform-system-coreCVE-2012-5564low**no
android-toolsCVE-2012-5564low**no
ansibleCVE-2016-8647not yet assigned?
apache2CVE-2016-8740not yet assigned?
arcTEMP-0774439-ECBE09low?
TEMP-0774527-3B586Flow?
autotraceCVE-2016-7392not yet assigned?
bashCVE-2016-9401not yet assigned?
bind9CVE-2016-2775medium**yes
CVE-2016-2776high**yes
CVE-2016-6170medium**yes
CVE-2016-8864medium**yes
binutilsCVE-2016-4491low?
bundlerCVE-2016-7954not yet assigned?
busyboxCVE-2011-5325not yet assigned?
CVE-2016-2147not yet assigned?
CVE-2016-2148not yet assigned?
TEMP-0803097-A74121not yet assigned?
byzanzCVE-2015-2785lowyes
bzip2CVE-2016-3189lowyes
cephCVE-2016-5009medium**yes
CVE-2016-7031medium**yes
CVE-2016-8626not yet assigned?
chefCVE-2015-8559not yet assigned?
chickenCVE-2016-6830not yet assigned?
CVE-2016-6831not yet assigned?
chromium-browserCVE-2016-5199not yet assigned?
cinderCVE-2013-2255not yet assigned?
CVE-2015-5162high**yes
core-networkTEMP-0799756-21B18Cnot yet assigned?
coreutilsCVE-2016-2781not yet assigned?
couchdbCVE-2014-2668lowyes
cracklib2TEMP-0835386-E163DCnot yet assigned?
dc3ddTEMP-0801872-E034E1not yet assigned?
dcrawCVE-2015-8366not yet assigned?
debian-installerTEMP-0788634-523580low?
dhcpcd5CVE-2014-7913medium**yes
djbdnsCVE-2008-4392highyes
CVE-2012-1191medium**yes
docker.ioCVE-2016-8867medium**yes
dokuwikiCVE-2016-7964medium**yes
CVE-2016-7965medium**yes
dovecotCVE-2016-8652not yet assigned?
dracutCVE-2016-8637low?
duplicityCVE-2014-3495low?
freeipaCVE-2015-5179not yet assigned?
CVE-2016-5414not yet assigned?
gcc-mingw-w64CVE-2016-4973not yet assigned?
gdbCVE-2016-2226low?
CVE-2016-4487low?
CVE-2016-4488low?
CVE-2016-4489low?
CVE-2016-4490low?
CVE-2016-4491low?
CVE-2016-4492low?
CVE-2016-4493low?
CVE-2016-6131low?
gdk-pixbufCVE-2016-6352medium**yes
gdm3CVE-2016-1000002low?
gksuCVE-2014-2886medium**yes
glanceCVE-2015-5162lowyes
CVE-2016-8611not yet assigned?
glibcCVE-2015-5180low?
graphicsmagickCVE-2016-9830not yet assigned?
haskell-tlsCVE-2013-0169low**yes
heatCVE-2016-9185medium**yes
hhvmCVE-2014-9709medium**yes
CVE-2015-8865high**yes
CVE-2016-1903medium**yes
CVE-2016-4070medium**yes
CVE-2016-4539high**yes
CVE-2016-6870not yet assigned?
CVE-2016-6871not yet assigned?
CVE-2016-6872not yet assigned?
CVE-2016-6873not yet assigned?
CVE-2016-6874not yet assigned?
CVE-2016-6875not yet assigned?
htCVE-2016-4491low?
jackson-dataformat-xmlCVE-2016-7051not yet assigned?
jythonCVE-2013-2027lowno
kde-runtimeCVE-2016-7787not yet assigned?
kdesudoCVE-2016-7787not yet assigned?
keystoneCVE-2015-7546medium**yes
kf5-messagelibCVE-2016-7967not yet assigned?
CVE-2016-7968not yet assigned?
kgbCVE-2015-1192medium**yes
leptonlibTEMP-0830660-09AE85not yet assigned?
libapache2-mod-nssCVE-2015-3277not yet assigned?
libcspCVE-2016-8596high**yes
CVE-2016-8597high**yes
CVE-2016-8598high**yes
libdata-uuid-perlCVE-2013-4184low?
libgcCVE-2016-9427not yet assigned?
libgcrypt20TEMP-0000000-96B2E9not yet assigned?
libibertyCVE-2016-4491low?
libicalCVE-2016-5824not yet assigned?
CVE-2016-5825not yet assigned?
CVE-2016-5826not yet assigned?
CVE-2016-5827not yet assigned?
libjackson-json-javaCVE-2015-5211not yet assigned?
libjgroups-javaCVE-2016-2141lowyes
libjpeg8CVE-2016-3616not yet assigned?
libnet-server-perlCVE-2013-1841lowyes
librsyncCVE-2014-8242lowyes
libtirpcCVE-2016-4429high**yes
libtorrent-rasterbarCVE-2016-7164not yet assigned?
libui-dialog-perlCVE-2008-7315not yet assigned?
libupnpCVE-2016-8863not yet assigned?
libvirtCVE-2015-5160low?
libvpxCVE-2015-4506medium**yes
CVE-2016-1621high**yes
libwebpCVE-2016-9085not yet assigned?
libx11CVE-2016-7942low?
CVE-2016-7943low?
libxfixesCVE-2016-7944low?
libxiCVE-2016-7945low?
CVE-2016-7946low?
libxml-twig-perlCVE-2016-9180not yet assigned?
libxml2CVE-2016-9318medium**yes
libxrandrCVE-2016-7947low?
CVE-2016-7948low?
libxrenderCVE-2016-7949low?
CVE-2016-7950low?
libxtstCVE-2016-7951low?
CVE-2016-7952low?
libxvCVE-2016-5407low?
libxvmcCVE-2016-7953low?
linuxCVE-2013-7445high**yes
CVE-2015-8553low**no
CVE-2016-2188medium**no
CVE-2016-8632high**no
CVE-2016-8660medium**no
CVE-2016-9191medium**no
CVE-2016-9755not yet assigned?
CVE-2016-9756not yet assigned?
CVE-2016-9777not yet assigned?
CVE-2016-9793not yet assigned?
lshellCVE-2016-6902not yet assigned?
CVE-2016-6903not yet assigned?
mactelnetCVE-2016-7115high**yes
man-dbCVE-2015-1336not yet assigned?
mariadb-10.0CVE-2016-5617medium**no
CVE-2016-6664not yet assigned?
mcabberTEMP-0845258-9D258Fnot yet assigned?
mingCVE-2016-9264not yet assigned?
CVE-2016-9265not yet assigned?
CVE-2016-9266not yet assigned?
CVE-2016-9827not yet assigned?
CVE-2016-9828not yet assigned?
CVE-2016-9829not yet assigned?
CVE-2016-9831not yet assigned?
moinCVE-2016-7146medium**yes
CVE-2016-7148medium**yes
CVE-2016-9119not yet assigned?
moodleCVE-2016-9186lowyes
CVE-2016-9187lowyes
CVE-2016-9188lowyes
mysql-connector-pythonCVE-2016-5598medium**yes
netty-3.9CVE-2015-2156not yet assigned?
network-managerCVE-2012-1096low?
newlibCVE-2015-2305medium**yes
nginxCVE-2013-0337lowyes
novaCVE-2013-2255not yet assigned?
CVE-2015-3241medium**yes
CVE-2015-5162lowyes
CVE-2015-7548low**yes
CVE-2015-8749medium**yes
CVE-2016-2140low**yes
npmCVE-2016-3956medium**yes
ocamlCVE-2015-8869medium**yes
openjpeg2CVE-2016-1626medium**yes
CVE-2016-1628medium**yes
CVE-2016-5152medium**yes
CVE-2016-5158medium**yes
CVE-2016-9112medium**yes
CVE-2016-9113medium**yes
CVE-2016-9114medium**yes
CVE-2016-9115medium**yes
CVE-2016-9116medium**yes
CVE-2016-9117medium**yes
CVE-2016-9118medium**yes
openssl1.0CVE-2016-7055low?
openstack-troveCVE-2015-3156low?
opus-toolsCVE-2014-9639medium**yes
phantomjsCVE-2013-4549medium**yes
php5CVE-2014-5459lowno
CVE-2016-9137not yet assigned?
CVE-2016-9138not yet assigned?
TEMP-0800564-79703Bnot yet assigned?
php7.0CVE-2016-9138not yet assigned?
policykit-1CVE-2016-2568not yet assigned?
potraceCVE-2016-8685not yet assigned?
CVE-2016-8686not yet assigned?
proftpd-dfsgCVE-2016-3125medium**yes
TEMP-0000000-3815A2not yet assigned?
pyradCVE-2013-0342low?
python-keystonemiddlewareCVE-2015-7546medium**yes
python-restkitCVE-2015-2674not yet assigned?
python-sqlalchemy-utilsTEMP-0000000-EBC4D4not yet assigned?
qemuCVE-2014-3672low**no
CVE-2016-7170not yet assigned?
CVE-2016-7907low**no
CVE-2016-7908low**no
CVE-2016-7909medium**no
CVE-2016-7994not yet assigned?
CVE-2016-7995not yet assigned?
CVE-2016-8576low**no
CVE-2016-8577low**no
CVE-2016-8578low**no
CVE-2016-8667low**no
CVE-2016-8668low**no
CVE-2016-8669low**no
CVE-2016-8909low**no
CVE-2016-8910low**no
CVE-2016-9101not yet assigned?
CVE-2016-9102not yet assigned?
CVE-2016-9103not yet assigned?
CVE-2016-9104not yet assigned?
CVE-2016-9105not yet assigned?
CVE-2016-9106not yet assigned?
CVE-2016-9776not yet assigned?
qpid-cppCVE-2012-4446lowyes
CVE-2012-4458lowyes
CVE-2012-4459lowyes
CVE-2012-4460lowyes
CVE-2014-0212low?
CVE-2014-3629lowyes
CVE-2015-0203not yet assigned?
CVE-2015-0223medium**yes
rar (non-free)TEMP-0774172-B2A845not yet assigned?
resteasyCVE-2016-6345lowyes
CVE-2016-6346lowyes
CVE-2016-6347low?
CVE-2016-6348low?
CVE-2016-7050not yet assigned?
rhn-client-toolsCVE-2015-1777not yet assigned?
ropeCVE-2014-3539not yet assigned?
rsyncTEMP-0786423-948688low?
ruby-sidekiqTEMP-0000000-23C1BDnot yet assigned?
TEMP-0000000-BD209Fnot yet assigned?
TEMP-0000000-F9A459not yet assigned?
ruby2.3CVE-2016-7798not yet assigned?
runcCVE-2016-8867medium**yes
shadowCVE-2016-6252not yet assigned?
sogoCVE-2014-9905not yet assigned?
CVE-2015-5395not yet assigned?
CVE-2016-6188not yet assigned?
CVE-2016-6189not yet assigned?
CVE-2016-6190not yet assigned?
CVE-2016-6191not yet assigned?
spice-gtkCVE-2016-3066not yet assigned?
sudoCVE-2016-7076not yet assigned?
tiffCVE-2015-7554high**yes
CVE-2015-8668high**yes
CVE-2016-3619lowyes
CVE-2016-3620lowyes
CVE-2016-3621lowyes
CVE-2016-3625medium**yes
CVE-2016-3632medium**yes
CVE-2016-3634medium**yes
CVE-2016-5318not yet assigned?
CVE-2016-5319not yet assigned?
TEMP-0846837-70DD1Dnot yet assigned?
TEMP-0846838-9738BDnot yet assigned?
tigervncCVE-2014-8240high**yes
CVE-2014-8241not yet assigned?
tikaCVE-2016-4434not yet assigned?
tinymceCVE-2012-4230lowyes
tomcat8CVE-2016-9774not yet assigned?
unshieldCVE-2015-1386low?
util-linuxCVE-2016-2779not yet assigned?
valgrindCVE-2016-2226low?
CVE-2016-4487low?
CVE-2016-4488low?
CVE-2016-4489low?
CVE-2016-4490low?
CVE-2016-4491low?
CVE-2016-4492low?
CVE-2016-4493low?
CVE-2016-6131low?
w3afCVE-2013-2099lowyes
wolfsslCVE-2015-6925medium**yes
x11vncTEMP-0672435-7C494Cnot yet assigned?
xdebTEMP-0781595-E39EEEnot yet assigned?
xenCVE-2013-4538high**yes
CVE-2014-9066medium**no
CVE-2016-9377not yet assigned?
CVE-2016-9378not yet assigned?
CVE-2016-9379not yet assigned?
CVE-2016-9380not yet assigned?
CVE-2016-9382not yet assigned?
CVE-2016-9383not yet assigned?
CVE-2016-9384not yet assigned?
CVE-2016-9385not yet assigned?
CVE-2016-9386not yet assigned?
CVE-2016-9815not yet assigned?
CVE-2016-9816not yet assigned?
CVE-2016-9817not yet assigned?
CVE-2016-9818not yet assigned?
zooTEMP-0774453-CA58EElow?

If a "**" is included, the urgency field was automatically assigned by the NVD (National Vulnerability Database). Note that this rating is automatically derived from a set of known factors about the issue (such as access complexity, confidentiality impact, exploitability, remediation level, and others). Human intervention is involved in determining the values of these factors, but the rating itself comes from a fully automated formula.


Search for package or bug name: Reporting problems