Bugs with TODO items

Show "check" TODOs

BugDescriptionNote
CVE-2017-11750The ReadOneJNGImage function in coders/png.c in ImageMagick 6.9.9-4 an ...check if patch simplifying patch applied in any suite
CVE-2018-16838A flaw was found in sssd Group Policy Objects implementation. When the ...check, Bugzilla entry does not provide details
CVE-2018-16873In Go before 1.10.6 and 1.11.x before 1.11.3, the "go get" command is ...check other versions
CVE-2018-16874In Go before 1.10.6 and 1.11.x before 1.11.3, the "go get" command is ...check other versions
CVE-2018-16875The crypto/x509 package of Go before 1.10.6 and 1.11.x before 1.11.3 d ...check other versions
CVE-2018-16981stb stb_image.h 2.19, as used in catimg, Emscripten, and other product ...further check, stb_image.h in older version is embedded in src:catimg
CVE-2018-18653The Linux kernel, as used in Ubuntu 18.10 and when booted with UEFI Se ...check, this should be very Ubuntu specific, but it is introduced with the out-of-tree patch from the Lockdown patchset https://git.launchpad.net/~ubuntu-kernel/ubuntu/+source/linux/+git/cosmic/commit/?id=03c7de9e956395f3b36f86f89b62780ad9501eef and so possibly affect our kernel as well in some way.
CVE-2018-19969phpMyAdmin 4.7.x and 4.8.x versions prior to 4.8.4 are affected by a s ...check, upstream explicitly fixed only the 4.7/4.8 branch but not entirely clear if only introduced in 4.7.0, and older versions are EOLed, and only on best-effort mentioned in affected versions informations.
CVE-2019-0199The HTTP/2 implementation in Apache Tomcat 9.0.0.M1 to 9.0.14 and 8.5. ...check if other versions might be affected.
CVE-2019-10714LocaleLowercase in MagickCore/locale.c in ImageMagick before 7.0.8-32 ...check, potentially only introduced in later versions than present in unstable as LocaleLowercase not present, but check if present before refactoring
CVE-2019-2692check if this is actually true or only 8.x listed because supported
CVE-2019-9946Cloud Native Computing Foundation (CNCF) CNI (Container Networking Int ...singularity-container seems to embed as well a copy of cni

Search for package or bug name: Reporting problems