Navigation: Suites / Filters / Types / Fields / Sort / Format / Search / Results

Bugs search

Useful queries

Suites[1]

Filters

off / include / exclude
  • tagged patch
  • tagged pending
  • tagged security
  • tagged wontfix
  • tagged moreinfo
  • tagged upstream
  • tagged unreproducible
  • tagged help
  • tagged d-i
  • forwarded upstream
  • claimed bugs
  • fixed in deferred/delayed
  • packages not in main
  • packages not in wheezy
  • packages not in jessie
  • packages not in stretch
  • packages in base system
  • packages in standard installation
  • orphaned packages
  • merged bugs
  • marked as done
  • outdated binaries in wheezy
  • outdated binaries in jessie
  • outdated binaries in stretch
  • outdated binaries in sid
  • different versions in stretch and sid
  • newer in Ubuntu than in sid
  • RT tag for wheezy: ignore
  • RT tag for wheezy: will-remove
  • RT tag for wheezy: can-defer
  • RT tag for wheezy: is-blocker
  • RT tag for jessie: ignore
  • RT tag for jessie: will-remove
  • RT tag for jessie: can-defer
  • RT tag for jessie: is-blocker
  • RT tag for jessie: no-auto-remove
  • RT tag for stretch: ignore
  • RT tag for stretch: will-remove
  • RT tag for stretch: can-defer
  • RT tag for stretch: is-blocker
  • RT tag for stretch: no-auto-remove
  • RT unblock hint
  • key packages
  • pseudo packages
  • packages marked for autoremoval
  • closed in packages in new
  • newer than days
  • modified in the last days

Bugs or packages selection


  ignore:
  ignore:
  ignore:
 
 

Additional fields

Sort

Format

32 bugs found

bug# tags package title popcon severity modified
#855588 [U|+|S]   atheme-services memory leak could lead to Denial Of Service 10 6 grave 2017-02-23
#809167 [S]   cron cron: Cron Daemon Use-After-Free Vulnerability May Cause Local Root Privilege Escalation 197352 7 critical 2017-01-29
#766397 [jes-i|S]   emacs24 emacs/gnus: Uses s_client to for SSL. 16080 5 serious 2017-02-22
#816063 [S]   emacs24 emacs24: TLS certificate validation is silently broken 16080 5 serious 2017-02-23
#827395 [S|u]   firefox-esr firefox-esr: Firefox-esr privacy invading defaults load beacons on 1st run 91756 5 serious 2017-01-23
#854050 [S|u]   icoutils icoutils: CVE-2017-6009 14806 6 grave 2017-02-16
#854054 [S|u]   icoutils icoutils: CVE-2017-6010 CVE-2017-6011 14806 6 grave 2017-02-16
#844584 [S]   isc-dhcp-client dhclient should perform additional validity checks 190899 5 serious 2017-01-23
#853232 [S]   libphp-phpmailer libphp-phpmailer: CVE-2017-5223 2778 6 grave 2017-02-14
#851196 [U|+|S|u]   src:libplist libplist: CVE-2017-5209 72323 6 grave 2017-02-12
#854000 [S|u]   src:libplist CVE-2017-5834 CVE-2017-5835 CVE-2017-5836 72323 6 grave 2017-02-14
#852385 [U|+|S|u]   src:libplist libplist: CVE-2017-5545 72323 6 grave 2017-02-02
#854738 [S]   mcabber CVE-2017-5604 402 6 grave 2017-02-17
#854278 [S|u]   mp3splt CVE-2017-5666 1041 6 grave 2017-02-14
#855705 [+|P|S|u]   munin munin: CVE-2017-6188: munin-cgi-graph local file write vulnerability 12321 6 grave 2017-02-24
#855277 [S]   src:nvidia-graphics-drivers nvidia-graphics-drivers: CVE-2017-0309, CVE-2017-0310, CVE-2017-0311, CVE-2017-0321, CVE-2017-0318 8954 5 serious 2017-02-23
#855279 [S]   src:nvidia-graphics-drivers-legacy-304xx nvidia-graphics-drivers-legacy-304xx: CVE-2017-0309, CVE-2017-0310, CVE-2017-0311, CVE-2017-0321, CVE-2017-0318 859 5 serious 2017-02-16
#855278 [S]   src:nvidia-graphics-drivers-legacy-340xx nvidia-graphics-drivers-legacy-340xx: CVE-2017-0309, CVE-2017-0310, CVE-2017-0311, CVE-2017-0321, CVE-2017-0318 570 5 serious 2017-02-24
#855405 [+|S|u]   src:pcre3 pcre3: CVE-2017-6004 197229 6 grave 2017-02-17
#844285 [M|S|R]   pidgin pidgin: steals (warps) mouse cursor (not just focus) when new message comes in [SEC=UNCLASSIFIED] 65481 6 grave 2017-02-25
#854735 [S]   profanity CVE-2017-5592 195 6 grave 2017-02-09
#855227 [+|S|u]   src:qemu qemu: CVE-2017-2630: nbd: oob stack write in client routine drop_sync 18350 6 grave 2017-02-15
#855791 [+|S|u]   src:qemu qemu: CVE-2017-2620: cirrus_bitblt_cputovideo does not check if memory region is safe 18350 6 grave 2017-02-21
#853006 [S|u]   src:qemu qemu: CVE-2016-9602: 9p: virtfs allows guest to access host filesystem 18350 6 grave 2017-01-31
#854804 [S|u]   sane-utils saned: CVE-2017-6318: SANE_NET_CONTROL_OPTION response packet may contain memory contents of the server 119695 6 grave 2017-02-25
#855943 [+|S|u]   src:shadow shadow: CVE-2017-2616: Sending SIGKILL to other processes with root privileges via su 197722 6 grave 2017-02-24
#854739 [S]   src:sleekxmpp CVE-2017-5591 124 6 grave 2017-02-20
#854740 [S]   src:slixmpp CVE-2017-5591 8 6 grave 2017-02-09
#856117 [U|S|u]   src:tnef tnef: CVE-2017-6307 CVE-2017-6308 CVE-2017-6309 CVE-2017-6310 2256 6 grave 2017-02-25
#853034 [+|S|u]   unar unar: Fuzzer-generated crashing testcases for a dozen identified file formats 54659 5 serious 2017-02-23
#856114 [U|+|S|u]   src:wolfssl wolfssl: CVE-2017-6076 3 6 grave 2017-02-25
#854727 [S]   src:zziplib Multiple vulnerabilities / unsuitable for stretch? 28125 6 grave 2017-02-25

Generated in 1.008 seconds.

select id, bugs.package, bugs.source, severity, title, last_modified, affects_stable, affects_testing, affects_unstable, affects_experimental, coalesce(popcon_src.insts, 0) as popcon
from bugs left join popcon_src on (bugs.source = popcon_src.source) 
where id in (select id from bugs_rt_affects_testing) 
and id in (select id from bugs_tags where tag='security') 
AND (severity >= 'serious')
order by source asc