Vulnerable source packages in the unstable suite

Note that the list below is based on source packages. This means that packages are not listed here once a new, fixed source version has been uploaded to the archive, even if there are still some vulnerable binary packages present in the archive.


PackageBugUrgencyRemote
389-ds-baseCVE-2016-5416medium**yes
accountsserviceCVE-2012-6655low?
ansibleCVE-2017-7473not yet assigned?
CVE-2017-7481not yet assigned?
apng2gifCVE-2017-6960medium**yes
CVE-2017-6961medium**yes
CVE-2017-6962medium**yes
arcTEMP-0774439-ECBE09low?
TEMP-0774527-3B586Flow?
atrilCVE-2017-1000083not yet assigned?
avahiCVE-2017-6519medium**yes
batikCVE-2017-5662high**yes
bind9CVE-2016-6170medium**yes
binutilsCVE-2017-9040lowyes
CVE-2017-9042lowyes
CVE-2017-9043lowyes
CVE-2017-9044lowyes
CVE-2017-9742lowyes
CVE-2017-9743lowyes
CVE-2017-9744lowyes
CVE-2017-9745lowyes
CVE-2017-9746lowyes
CVE-2017-9747lowyes
CVE-2017-9748lowyes
CVE-2017-9749lowyes
CVE-2017-9750lowyes
CVE-2017-9751lowyes
CVE-2017-9752lowyes
CVE-2017-9753lowyes
CVE-2017-9754lowyes
CVE-2017-9755lowyes
CVE-2017-9756lowyes
CVE-2017-9954medium**yes
CVE-2017-9955medium**yes
bluezCVE-2016-9797medium**yes
CVE-2016-9798medium**yes
CVE-2016-9799medium**yes
CVE-2016-9800medium**yes
CVE-2016-9801medium**yes
CVE-2016-9802medium**yes
CVE-2016-9803medium**yes
CVE-2016-9804medium**yes
CVE-2016-9917medium**yes
CVE-2016-9918medium**yes
bundlerCVE-2016-7954high**yes
busyboxCVE-2011-5325not yet assigned?
CVE-2016-2147medium**yes
CVE-2016-2148high**yes
TEMP-0803097-A74121not yet assigned?
byzanzCVE-2015-2785lowyes
cactiCVE-2017-1000031medium**yes
cairoCVE-2017-7475lowyes
CVE-2017-9814lowyes
cargoCVE-2016-10128high**yes
CVE-2016-10129medium**yes
CVE-2016-10130medium**yes
CVE-2016-8568medium**yes
CVE-2016-8569medium**yes
cephCVE-2017-7519not yet assigned?
check-mkCVE-2017-9781medium**yes
chefCVE-2015-8559not yet assigned?
chickenCVE-2016-6830high**yes
CVE-2016-6831medium**yes
CVE-2016-9954lowyes
CVE-2017-11343not yet assignedno
CVE-2017-6949medium**yes
CVE-2017-9334lowyes
cobblerCVE-2016-9605not yet assigned?
collectdCVE-2017-7401medium**yes
coreutilsCVE-2016-2781low**no
couchdbCVE-2014-2668lowyes
cronCVE-2017-9525high**yes
dcrawCVE-2015-8366not yet assigned?
djbdnsCVE-2008-4392highyes
CVE-2012-1191medium**yes
docker-registryCVE-2017-11468not yet assigned?
dokuwikiCVE-2016-7964medium**yes
CVE-2016-7965medium**yes
dolibarrCVE-2017-9840medium**yes
exiv2CVE-2017-11336not yet assignedno
CVE-2017-11337not yet assignedno
CVE-2017-11338not yet assignedno
CVE-2017-11339not yet assignedno
CVE-2017-11340not yet assignedno
fedmsgCVE-2017-1000001not yet assignedno
ffmpegCVE-2017-11399not yet assignedno
firefoxCVE-2017-7789low?
firefox-esrCVE-2017-7789low?
freeipaCVE-2015-5179not yet assigned?
CVE-2016-7030not yet assigned?
CVE-2016-9575not yet assigned?
gdk-pixbufCVE-2017-6312medium**yes
CVE-2017-6313medium**yes
CVE-2017-6314medium**yes
gdm3CVE-2016-1000002low?
ghostscriptCVE-2016-10317medium**yes
gitlabCVE-2017-11437not yet assigned?
gksuCVE-2014-2886medium**yes
glanceCVE-2016-4383high**yes
glibcCVE-2016-10228medium**yes
CVE-2017-8804high**yes
gnome-keyringTEMP-0395572-55D193low?
guacamole-clientCVE-2016-1566low**yes
haskell-tlsCVE-2013-0169low**yes
hesiodCVE-2016-10151lowno
CVE-2016-10152lowyes
imagemagickCVE-2017-10995medium**yes
CVE-2017-11446not yet assignedno
CVE-2017-9500lowyes
TEMP-0869209-C370FAnot yet assigned?
TEMP-0869210-B2333Anot yet assigned?
ipsec-toolsCVE-2016-10396not yet assignedno
jackson-databindCVE-2017-7525not yet assigned?
jbig2decCVE-2016-8729not yet assigned?
CVE-2017-9216medium**yes
jitsiCVE-2017-5603medium**yes
jythonCVE-2013-2027lowno
kdesudoCVE-2016-7787medium**yes
kgb-botCVE-2015-1554low?
kodiCVE-2017-5982medium**yes
lameCVE-2017-9869medium**yes
CVE-2017-9870medium**yes
CVE-2017-9871medium**yes
CVE-2017-9872medium**yes
libapache-poi-javaCVE-2017-5644high**yes
libapache2-mod-nssCVE-2015-3277not yet assigned?
libarchiveCVE-2016-10209lowyes
CVE-2016-10349medium**yes
CVE-2016-10350medium**yes
libcrocoCVE-2017-8834lowyes
CVE-2017-8871lowyes
libcspCVE-2016-8596high**yes
CVE-2016-8597high**yes
CVE-2016-8598high**yes
libdbd-mysql-perlCVE-2017-10788high**yes
CVE-2017-10789medium**yes
libgcCVE-2016-9427high**yes
libicalCVE-2016-5824medium**yes
CVE-2016-5825medium**yes
CVE-2016-5826medium**yes
CVE-2016-5827medium**yes
CVE-2016-9584medium**yes
libjgroups-javaCVE-2016-2141lowyes
libmspackCVE-2017-11423not yet assignedno
libnet-server-perlCVE-2013-1841lowyes
libpodofoCVE-2017-5852lowyes
CVE-2017-6841medium**yes
CVE-2017-6845medium**yes
CVE-2017-6846medium**yes
CVE-2017-6849medium**yes
CVE-2017-7994medium**yes
CVE-2017-8053medium**yes
CVE-2017-8054medium**yes
CVE-2017-8378high**yes
CVE-2017-8787medium**yes
librsyncCVE-2014-8242lowyes
libsamplerateCVE-2017-7697medium**yes
libsassCVE-2017-10687lowyes
CVE-2017-11341medium**yes
CVE-2017-11342medium**yes
libtasn1-6CVE-2017-10790medium**yes
libtorrent-rasterbarCVE-2017-9847medium**yes
libui-dialog-perlCVE-2008-7315not yet assigned?
libvirtCVE-2015-5160low?
libxml-libxml-perlCVE-2017-10672high**yes
libxml-twig-perlCVE-2016-9180lowyes
libxml2CVE-2016-9318medium**yes
CVE-2017-5969low**yes
CVE-2017-7375not yet assigned?
CVE-2017-7376not yet assigned?
CVE-2017-8872medium**yes
CVE-2017-9047medium**yes
CVE-2017-9048medium**yes
CVE-2017-9049medium**yes
CVE-2017-9050medium**yes
libytnefCVE-2017-9146medium**yes
CVE-2017-9470medium**yes
CVE-2017-9471medium**yes
CVE-2017-9472medium**yes
CVE-2017-9473medium**yes
CVE-2017-9474medium**yes
linuxCVE-2013-7445high**yes
CVE-2015-8553low**no
CVE-2016-8660medium**no
CVE-2017-1000379high**no
CVE-2017-11472not yet assignedno
CVE-2017-11473not yet assignedno
CVE-2017-7541not yet assigned?
CVE-2017-7542not yet assigned?
CVE-2017-8831high**no
lrzipCVE-2017-8844medium**yes
CVE-2017-8846medium**yes
CVE-2017-9928medium**yes
CVE-2017-9929medium**yes
lucene-solrCVE-2017-3163not yet assigned?
mcollectiveCVE-2016-2788high**yes
CVE-2017-2292high**yes
memcachedCVE-2017-9951not yet assignedno
mercurialCVE-2017-9462high**yes
moodleCVE-2017-2642medium**yes
CVE-2017-7489medium**yes
CVE-2017-7490medium**yes
CVE-2017-7491medium**yes
CVE-2017-7532medium**yes
mosquittoCVE-2017-9868low**no
mp3spltCVE-2017-5666medium**yes
mrubyCVE-2017-9527lowyes
mysql-5.7CVE-2017-3529not yet assigned?
CVE-2017-3633not yet assigned?
CVE-2017-3634not yet assigned?
CVE-2017-3635not yet assigned?
CVE-2017-3637not yet assigned?
CVE-2017-3638not yet assigned?
CVE-2017-3639not yet assigned?
CVE-2017-3640not yet assigned?
CVE-2017-3641not yet assigned?
CVE-2017-3642not yet assigned?
CVE-2017-3643not yet assigned?
CVE-2017-3644not yet assigned?
CVE-2017-3645not yet assigned?
CVE-2017-3647not yet assigned?
CVE-2017-3648not yet assigned?
CVE-2017-3649not yet assigned?
CVE-2017-3650not yet assigned?
CVE-2017-3651not yet assigned?
CVE-2017-3652not yet assigned?
CVE-2017-3653not yet assigned?
mysql-workbenchCVE-2017-3469lowyes
nasmCVE-2017-10686high**yes
CVE-2017-11111medium**yes
netbeansCVE-2016-5537medium**no
network-managerCVE-2012-1096low?
nginxCVE-2013-0337lowyes
npmCVE-2016-3956medium**yes
ntopngCVE-2017-7416medium**yes
CVE-2017-7458medium**yes
CVE-2017-7459medium**yes
openexrCVE-2017-9110medium**yes
CVE-2017-9111medium**yes
CVE-2017-9112medium**yes
CVE-2017-9113medium**yes
CVE-2017-9114medium**yes
CVE-2017-9115medium**yes
CVE-2017-9116medium**yes
openjdk-8CVE-2017-10111not yet assigned?
openjdk-9CVE-2017-10053not yet assigned?
CVE-2017-10067not yet assigned?
CVE-2017-10074not yet assigned?
CVE-2017-10078not yet assigned?
CVE-2017-10081not yet assigned?
CVE-2017-10087not yet assigned?
CVE-2017-10089not yet assigned?
CVE-2017-10090not yet assigned?
CVE-2017-10096not yet assigned?
CVE-2017-10101not yet assigned?
CVE-2017-10102not yet assigned?
CVE-2017-10107not yet assigned?
CVE-2017-10108not yet assigned?
CVE-2017-10109not yet assigned?
CVE-2017-10110not yet assigned?
CVE-2017-10111not yet assigned?
CVE-2017-10115not yet assigned?
CVE-2017-10116not yet assigned?
CVE-2017-10118not yet assigned?
CVE-2017-10135not yet assigned?
CVE-2017-10176not yet assigned?
CVE-2017-10193not yet assigned?
CVE-2017-10198not yet assigned?
openjfxCVE-2017-10086not yet assigned?
CVE-2017-10114not yet assigned?
openjpeg2CVE-2016-1626medium**yes
CVE-2016-1628medium**yes
CVE-2016-5152medium**yes
CVE-2016-5158medium**yes
CVE-2016-9112medium**yes
CVE-2016-9118medium**yes
openvswitchCVE-2017-9214high**yes
percona-xtrabackupCVE-2016-6225medium**yes
phammCVE-2017-0378not yet assigned?
php-casCVE-2017-1000071not yet assignedno
php-gettextCVE-2016-6175high**yes
php7.0CVE-2017-11144medium**yes
CVE-2017-11145medium**yes
CVE-2017-8923high**yes
php7.1CVE-2017-11144medium**yes
CVE-2017-11145medium**yes
CVE-2017-8923high**yes
phpldapadminCVE-2017-11107medium**yes
policykit-1CVE-2016-2568medium**no
popplerCVE-2017-9406lowyes
CVE-2017-9408lowyes
CVE-2017-9775medium**yes
CVE-2017-9776medium**yes
CVE-2017-9865medium**yes
potraceCVE-2017-7263medium**yes
profanityCVE-2017-5592medium**yes
TEMP-0857546-8B0EB6not yet assigned?
pyradCVE-2013-0342low?
python-pysaml2CVE-2016-10127lowyes
python-restkitCVE-2015-2674not yet assigned?
python-tablibCVE-2017-2810high**yes
qemuCVE-2017-10664not yet assigned?
CVE-2017-10806not yet assigned?
CVE-2017-10911medium**no
CVE-2017-11334not yet assigned?
CVE-2017-11434not yet assigned?
CVE-2017-9310low**no
CVE-2017-9330low**no
CVE-2017-9373low**no
CVE-2017-9374low**no
CVE-2017-9375low**no
CVE-2017-9503low**no
CVE-2017-9524medium**yes
qpdfCVE-2017-9208lowyes
CVE-2017-9209lowyes
CVE-2017-9210lowyes
qpid-cppCVE-2012-4446lowyes
CVE-2012-4458lowyes
CVE-2012-4459lowyes
CVE-2012-4460lowyes
CVE-2014-0212low?
CVE-2014-3629lowyes
CVE-2015-0203not yet assigned?
CVE-2015-0223medium**yes
qt4-x11CVE-2016-10040medium**yes
qtbase-opensource-srcCVE-2016-10040medium**yes
radare2CVE-2017-10929lowyes
CVE-2017-9520lowyes
CVE-2017-9761lowyes
CVE-2017-9762lowyes
CVE-2017-9763medium**yes
CVE-2017-9949medium**yes
rar (non-free)CVE-2014-9983medium**yes
rbenvCVE-2017-1000047not yet assignedno
resteasyCVE-2016-6345lowyes
CVE-2016-6346lowyes
CVE-2016-6347lowyes
CVE-2016-6348lowyes
CVE-2016-9606not yet assigned?
rhn-client-toolsCVE-2015-1777not yet assigned?
rubocopCVE-2017-8418low**no
ruby2.3CVE-2015-9096medium**yes
CVE-2016-7798medium**yes
rxvtCVE-2017-7483lowyes
spiceCVE-2017-7506not yet assignedno
swftoolsCVE-2017-11098medium**yes
CVE-2017-11099medium**yes
tcpdumpCVE-2017-11108medium**yes
telegram-desktopCVE-2016-10351low**no
tiffCVE-2017-9935medium**yes
tikaCVE-2016-4434not yet assigned?
tinymceCVE-2012-4230lowyes
torTEMP-0869153-41A60Cnot yet assigned?
tpm2-toolsCVE-2017-7524medium**yes
util-linuxCVE-2016-2779high**no
virglrendererCVE-2016-10163medium**no
CVE-2016-10214medium**no
CVE-2017-5580low**no
CVE-2017-5937low**no
CVE-2017-5956low**no
CVE-2017-5957low**no
CVE-2017-5993medium**no
CVE-2017-5994low**no
CVE-2017-6209low**no
CVE-2017-6210low**no
CVE-2017-6317medium**no
CVE-2017-6355low**no
CVE-2017-6386medium**no
web2pyCVE-2016-10321medium**yes
CVE-2016-4806medium**yes
CVE-2016-4807low**yes
CVE-2016-4808medium**yes
wiresharkCVE-2017-11406not yet assignedno
CVE-2017-11407not yet assignedno
CVE-2017-11408not yet assignedno
CVE-2017-11409not yet assignedno
CVE-2017-11410not yet assignedno
CVE-2017-11411not yet assignedno
CVE-2017-9616lowyes
CVE-2017-9617lowyes
CVE-2017-9766medium**yes
wolfsslCVE-2017-2800high**yes
CVE-2017-8855medium**yes
x11vncTEMP-0672435-7C494Cnot yet assigned?
xdebTEMP-0781595-E39EEEnot yet assigned?
xenCVE-2017-10912high**yes
CVE-2017-10913high**yes
CVE-2017-10914medium**yes
CVE-2017-10915medium**yes
CVE-2017-10916medium**yes
CVE-2017-10917high**yes
CVE-2017-10918high**yes
CVE-2017-10919medium**yes
CVE-2017-10920high**yes
CVE-2017-10921high**yes
CVE-2017-10922medium**yes
CVE-2017-10923medium**yes
yadmCVE-2017-11353not yet assignedno
yaml-cppCVE-2017-5950lowyes
yaml-cpp0.3CVE-2017-5950lowyes
zoneminderCVE-2016-10140medium**yes
CVE-2016-10201medium**yes
CVE-2016-10202medium**yes
CVE-2016-10203medium**yes
CVE-2016-10204high**yes
CVE-2016-10205high**yes
CVE-2016-10206medium**yes
CVE-2017-5367medium**yes
CVE-2017-5368medium**yes
CVE-2017-5595low**no
CVE-2017-7203medium**yes
zooTEMP-0774453-CA58EElow?
zziplibCVE-2017-5977medium**yes

If a "**" is included, the urgency field was automatically assigned by the NVD (National Vulnerability Database). Note that this rating is automatically derived from a set of known factors about the issue (such as access complexity, confidentiality impact, exploitability, remediation level, and others). Human intervention is involved in determining the values of these factors, but the rating itself comes from a fully automated formula.


Search for package or bug name: Reporting problems