Bugs with TODO items

Show "check" TODOs

BugDescriptionNote
CVE-2018-18653The Linux kernel, as used in Ubuntu 18.10 and when booted with UEFI Se ...check, this should be very Ubuntu specific, but it is introduced with the out-of-tree patch from the Lockdown patchset https://git.launchpad.net/~ubuntu-kernel/ubuntu/+source/linux/+git/cosmic/commit/?id=03c7de9e956395f3b36f86f89b62780ad9501eef and so possibly affect our kernel as well in some way.
CVE-2018-8956ntpd in ntp 4.2.8p10, 4.2.8p11, 4.2.8p12 and 4.2.8p13 allow remote att ...check ntpsec
CVE-2019-12107The upnp_event_prepare function in upnpevents.c in MiniUPnP MiniUPnPd ...check, might affect minidlna
CVE-2019-14493An issue was discovered in OpenCV before 4.1.1. There is a NULL pointe ...check if the old code though is really affected, might been introduced with the refactoring
CVE-2019-14871The REENT_CHECK macro (see newlib/libc/include/sys/reent.h) as used by ...picolibc might be affected
CVE-2019-14872The _dtoa_r function of the newlib libc library, prior to version 3.3. ...picolibc might be affected
CVE-2019-14873In the __multadd function of the newlib libc library, prior to version ...picolibc might be affected
CVE-2019-14877In the __mdiff function of the newlib libc library, all versions prior ...picolibc might be affected
CVE-2019-14878In the __d2b function of the newlib libc library, all versions prior t ...picolibc might be affected, not yet in the archive
CVE-2019-14900check with Red Hat, unspecific information apart the it affecting 4.3 to 5.4 inclusive
CVE-2019-17558Apache Solr 5.0.0 to Apache Solr 8.3.1 are vulnerable to a Remote Code ...check, whilst the advisory claims 5.0.0 upwards only the SolrParamResourceLoader might be of issue already earlier?
CVE-2019-9946Cloud Native Computing Foundation (CNCF) CNI (Container Networking Int ...singularity-container seems to embed as well a copy of cni
CVE-2020-10688check details, not much information provided by Red Hat.
CVE-2020-10719A flaw was found in Undertow in versions before 2.1.1.Final, regarding ...check, no details on Red Hat bugreport
CVE-2020-10755check, affects as well python-os-brick or needs a respective update?
CVE-2020-10759Possible bypass in signature verificationcheck details, more information seem to be provided in a non-public bug
CVE-2020-10809An issue was discovered in HDF5 through 1.12.0. A heap-based buffer ov ...check details
CVE-2020-10810An issue was discovered in HDF5 through 1.12.0. A NULL pointer derefer ...check details
CVE-2020-10811An issue was discovered in HDF5 through 1.12.0. A heap-based buffer ov ...check details
CVE-2020-10812An issue was discovered in HDF5 through 1.12.0. A NULL pointer derefer ...check details
CVE-2020-11724An issue was discovered in OpenResty before 1.15.8.4. ngx_http_lua_sub ...check details (patch applies to src:ngnix, but check if issue is specific to OpenResty before 1.15.8.4)
CVE-2020-11759An issue was discovered in OpenEXR before 2.4.1. Because of integer ov ...check completeness for upstream commits to cover CVE-2020-11759
CVE-2020-13817ntpd in ntp before 4.2.8p14 and 4.3.x before 4.3.100 allows remote att ...check ntpsec
CVE-2020-5529HtmlUnit prior to 2.37.0 contains code execution vulnerabilities. Html ...check details, might affect jenkins-htmlunit
CVE-2020-7919Go before 1.12.16 and 1.13.x before 1.13.7 (and the crypto/cryptobyte ...check older versions than golang-1.11
CVE-2020-9794unknown input leads to a memory corruption vulnerabilityTry to get more information, as usual Apple advisories are too unspecific

Search for package or bug name: Reporting problems