Navigation: Suites / Filters / Types / Fields / Sort / Format / Search / Results

Bugs search

Useful queries for testing (buster)

Suites[1]

Filters

off / include / exclude
  • tagged patch
  • tagged pending
  • tagged security
  • tagged wontfix
  • tagged moreinfo
  • tagged upstream
  • tagged unreproducible
  • tagged help
  • tagged d-i
  • forwarded upstream
  • claimed bugs
  • fixed in deferred/delayed
  • packages not in main
  • packages not in jessie
  • packages not in stretch
  • packages not in buster
  • packages in base system
  • packages in standard installation
  • orphaned packages
  • merged bugs
  • marked as done
  • outdated binaries in jessie
  • outdated binaries in stretch
  • outdated binaries in buster
  • outdated binaries in sid
  • different versions in buster and sid
  • newer in Ubuntu than in sid
  • RT tag for jessie: ignore
  • RT tag for jessie: will-remove
  • RT tag for jessie: can-defer
  • RT tag for jessie: is-blocker
  • RT tag for jessie: no-auto-remove
  • RT tag for stretch: ignore
  • RT tag for stretch: will-remove
  • RT tag for stretch: can-defer
  • RT tag for stretch: is-blocker
  • RT tag for stretch: no-auto-remove
  • RT tag for buster: ignore
  • RT tag for buster: will-remove
  • RT tag for buster: can-defer
  • RT tag for buster: is-blocker
  • RT tag for buster: no-auto-remove
  • RT unblock hint
  • key packages
  • pseudo packages
  • packages marked for autoremoval
  • closed in packages in new
  • newer than days
  • modified in the last days

Bugs or packages selection


  ignore:
  ignore:
  ignore:
 
 

Additional fields

Sort

Format

56 bugs found

bug# tags package title popcon severity modified
#876109 [S|u]   src:apache2 apache2: CVE-2017-9798: HTTP OPTIONS method can leak Apache's server memory 91719 5 serious 2017-09-23
#876328 [+|S|u]   src:asterisk asterisk: CVE-2017-14603: RTP/RTCP information leak (AST-2017-008) 4891 6 grave 2017-09-23
#859263 [+|S]   bash maintain PIE enabled bash 200676 5 serious 2017-08-05
#863884 [U|S|u]   chicken CVE-2017-9334 145 6 grave 2017-06-01
#834845 [jes-i|+|S|str-i|u]   src:chicken chicken: CVE-2016-6830 CVE-2016-6831 145 6 grave 2017-04-19
#857662 [+|S]   cron cron broken in SELinux enforced mode due to system_u login mapping removal 200315 6 grave 2017-08-05
#869639 [S|u]   firmware-brcm80211 firmware-brcm80211: BroadPwn vulnerability CVE-2017-9417 32875 7 critical 2017-07-25
#869614 [S|u]   src:fontforge fontforge: CVE-2017-11568 CVE-2017-11569 CVE-2017-11571 CVE-2017-11572 CVE-2017-11574 CVE-2017-11575 CVE-2017-11576 CVE-2017-11577 1999 5 serious 2017-09-13
#874552 [U|+|S|u]   src:gdk-pixbuf gdk-pixbuf: CVE-2017-2862: JPEG gdk_pixbuf__jpeg_image_load_increment Code Execution Vulnerability 164096 6 grave 2017-09-23
#869916 [U|+|S|u]   src:ghostscript ghostscript: CVE-2017-9612: heap-use-after-free in Ins_IP(base/ttinterp.c) 137140 6 grave 2017-09-13
#869907 [U|+|S|u]   src:ghostscript ghostscript: CVE-2017-9835: heap-buffer-overflow in gs_alloc_ref_array(ialloc.c) 137140 6 grave 2017-09-13
#869917 [U|+|S|u]   src:ghostscript ghostscript: CVE-2017-9611: heap-buffer-overflow in Ins_MIRP(base/ttinterp.c) 137140 6 grave 2017-09-13
#869977 [U|+|S|u]   src:ghostscript ghostscript: CVE-2017-11714: Out of bounds read in igc_reloc_struct_ptr() 137140 6 grave 2017-09-13
#869913 [U|+|S|u]   src:ghostscript ghostscript: CVE-2017-9727: heap-buffer-overflow in gx_ttfReader__Read(base/gxttfb.c) 137140 6 grave 2017-09-13
#869910 [U|+|S|u]   src:ghostscript ghostscript: CVE-2017-9739: heap-buffer-overflow in Ins_JMPR 137140 6 grave 2017-09-13
#869915 [U|+|S|u]   src:ghostscript ghostscript: CVE-2017-9726: heap-use-after-free in Ins_MDRP(base/ttinterp.c) 137140 6 grave 2017-09-13
#876488 [+|S|u]   src:imagemagick imagemagick: CVE-2017-14682: Heap buffer overflow in GetNextToken() 111114 6 grave 2017-09-22
#872374 [U|S]   imagemagick CVE-2017-12876 111114 6 grave 2017-08-21
#872373 [U|S]   imagemagick CVE-2017-12877 111114 6 grave 2017-08-21
#870848 [U|S|u]   src:jackson-databind jackson-databind: CVE-2017-7525: Deserialization vulnerability via readValue method of ObjectMapper 370 6 grave 2017-08-10
#867725 [S]   src:lame CVE-2017-9869 CVE-2017-9870 CVE-2017-9871 CVE-2017-9872 116475 6 grave 2017-07-08
#873718 [S|u]   src:libgig Multiple security issues (CVE-2017-12950 to CVE-2017-12954) 104 6 grave 2017-08-30
#760385 [U|jes-i|S|str-i|u]   libv8-3.14 nodejs: CVE-2014-5256 9006 5 serious 2017-04-19
#773671 [jes-i|S|str-i]   src:libv8-3.14 libv8-3.14: multiple security issues 9006 5 serious 2017-04-19
#773623 [jes-i|S|str-i]   libv8-3.14 nodejs: CVE-2014-7192 9006 5 serious 2017-04-19
#866676 [S|u]   src:libxml-libxml-perl libxml-libxml-perl: CVE-2017-10672: Use-after-free in XML::LibXML::Node::replaceChild 104609 6 grave 2017-08-04
#862373 [C|S]   libyaml-libyaml-perl libyaml-libyaml-perl: Unconditionally instantiates objects from yaml data 24498 6 grave 2017-05-12
#862475 [C|S]   libyaml-syck-perl libyaml-syck-perl: Unconditionally instantiates objects from yaml data 13449 6 grave 2017-07-10
#870815 [S|u]   src:libytnef libytnef: CVE-2017-12141: heap-buffer-overflow 50353 6 grave 2017-08-05
#875881 [C|U|S|u]   src:linux linux: CVE-2017-1000251 122468 7 critical 2017-09-20
#871709 [S|u]   src:mercurial mercurial: CVE-2017-1000115: path traversal via symlink 12461 6 grave 2017-08-26
#871710 [S|u]   src:mercurial mercurial: CVE-2017-1000116: command injection on clients through malicious ssh URLs 12461 6 grave 2017-08-11
#867988 [S|u]   nasm CVE-2017-11111 CVE-2017-10686 3905 6 grave 2017-09-21
#874430 [U|+|S|u]   src:openjpeg2 openjpeg2: CVE-2017-14151: heap-based buffer overflow in opj_mqc_flush 66210 6 grave 2017-09-11
#874115 [U|+|S|u]   src:openjpeg2 openjpeg2: CVE-2017-14041: Stack-based buffer over-write in pgxtoimage function in bin/jp2/convert.c 66210 6 grave 2017-09-07
#874431 [U|+|S|u]   src:openjpeg2 openjpeg2: CVE-2017-14152: heap-based buffer overflow in opj_write_bytes_LE 66210 6 grave 2017-09-11
#873201 [U|S|u]   openssh-client openssh-client: command line parsing with -- between option and non-option arguments completely broken 200002 6 grave 2017-08-27
#876462 [S|u]   src:otrs2 otrs2: CVE-2017-14635: Code Injection / Privilege Escalation OTRS 103 6 grave 2017-09-22
#851771 [jes-i|S|str-i|u|whe-i]   src:php-gettext php-gettext: CVE-2016-6175 11528 6 grave 2017-04-22
#876400 [+|S|u]   src:php-horde-image php-horde-image: CVE-2017-14650: remote code execution n _raw() via $index parameter 175 6 grave 2017-09-21
#864219 [U|+|S|u]   src:qemu qemu: CVE-2017-9375: usb: xhci infinite recursive call via xhci_kick_ep 18981 5 serious 2017-09-23
#862899 [S|u]   rsync rsync: insufficient escaping/quoting of arguments 119681 5 serious 2017-05-22
#874070 [S|u]   src:rtpproxy rtpproxy: CVE-2017-14114 57 6 grave 2017-09-02
#873906 [+|S|u]   src:ruby2.3 ruby2.3: CVE-2017-14064 34357 6 grave 2017-09-23
#842432 [U|+|S|u]   src:ruby2.3 ruby2.3: CVE-2016-7798: IV Reuse in GCM Mode 34357 5 serious 2017-09-23
#873802 [S|u]   src:ruby2.3 Multiple vulnerabilities in rubygems (CVE-2017-0899 to CVE-2017-0902) 34357 5 serious 2017-09-23
#864860 [+|S|u]   src:ruby2.3 ruby2.3: CVE-2015-9096: SMTP command injection via CRLF sequences in RCPT TO or MAIL FROM commands in Net::SMTP 34357 5 serious 2017-09-23
#872399 [U|+|S|u]   src:salt salt: CVE-2017-12791: Directory traversal vulnerability on salt-master via crafted minion IDs 2197 6 grave 2017-08-21
#866109 [S|u]   src:tiff tiff: CVE-2017-9935: Heap-based buffer overflow in t2p_write_pdf 151056 6 grave 2017-06-27
#876221 [U|S|u]   tor log uninitialized stack in non-default configuration [CVE-2017-0380] 6800 5 serious 2017-09-20
#874059 [+|S|u]   src:unrar-free unrar-free: CVE-2017-14120: directory traversal vulnerability 9045 6 grave 2017-09-07
#874061 [S|u]   src:unrar-free unrar-free: CVE-2017-14121: null pointer dereference 9045 6 grave 2017-09-04
#874060 [S|u]   src:unrar-free unrar-free: CVE-2017-14122: stack overread vulnerability 9045 6 grave 2017-09-04
#876274 [P|S|u]   src:wordpress wordpress: 9 security bugs in wordpress 4.8.1 and earlier 872 6 grave 2017-09-23
#876315 [U|S|u]   src:yadifa CVE-2017-14339 1 6 grave 2017-09-21
#870271 [S]   src:zookeeper zookeeper: insecure permissions of /var/lib/zookeeper 189 6 grave 2017-07-31

Generated in 1.127 seconds.

select id, bugs.package, bugs.source, severity, title, last_modified, affects_stable, affects_testing, affects_unstable, affects_experimental , coalesce(popcon_src.insts, 0) as popcon
from bugs  left join popcon_src on (bugs.source = popcon_src.source) 
where id in (select id from bugs_rt_affects_testing) 
and id in (select id from bugs_tags where tag='security') 
AND (severity >= 'serious')
order by source asc