Bugs with TODO items

Show "check" TODOs

BugDescriptionNote
CVE-2017-11750The ReadOneJNGImage function in coders/png.c in ImageMagick 6.9.9-4 an ...check if patch simplifying patch applied in any suite
CVE-2018-16981stb stb_image.h 2.19, as used in catimg, Emscripten, and other product ...further check, stb_image.h in older version is embedded in src:catimg
CVE-2018-18653The Linux kernel, as used in Ubuntu 18.10 and when booted with UEFI Se ...check, this should be very Ubuntu specific, but it is introduced with the out-of-tree patch from the Lockdown patchset https://git.launchpad.net/~ubuntu-kernel/ubuntu/+source/linux/+git/cosmic/commit/?id=03c7de9e956395f3b36f86f89b62780ad9501eef and so possibly affect our kernel as well in some way.
CVE-2018-20871In Univa Grid Engine before 8.6.3, when configured for Docker jobs and ...check, might affect src:gridengine as well
CVE-2019-10214RESERVEDcheck, issue is in containers library, which is at least embedded in src:singularity-container
CVE-2019-1021920190910: Asked for more information in #1738673. (apo)
CVE-2019-12107The upnp_event_prepare function in upnpevents.c in MiniUPnP MiniUPnPd ...check, might affect minidlna
CVE-2019-14493An issue was discovered in OpenCV before 4.1.1. There is a NULL pointe ...check if the old code though is really affected, might been introduced with the refactoring
CVE-2019-14513Improper bounds checking in Dnsmasq before 2.76 allows an attacker con ...Find the relevant isolated changes in the 2.76 release to address the issue.
CVE-2019-15486django-js-reverse (aka Django JS Reverse) before 0.9.1 has XSS via js_ ...check, might actually only have been introduced in upstream v0.9.0 with commits around 9850b675e3d988341c05302df236a560f7985184
CVE-2019-16921In the Linux kernel before 4.17, hns_roce_alloc_ucontext in drivers/in ...check, see kernel-sec
CVE-2019-3685Fails to adequately verify TLS certificates allowing for a man in the middle attackcheck, might affect only 0.165.0 through 0.165.2, but not earlier versions
CVE-2019-9946Cloud Native Computing Foundation (CNCF) CNI (Container Networking Int ...singularity-container seems to embed as well a copy of cni

Search for package or bug name: Reporting problems