|
Bug #13516: imagemagick: information disclosure from exif thumbnails
|
 CVE-2005-0406 |
|
imagemagick (Ubuntu Feisty)
|
Won't fix (unassigned)
|
|
Bug #76321: improper shell quoting
|
CVE-2006-5875 |
|
enemies-of-carlotta (Ubuntu Feisty)
|
Invalid (unassigned)
|
|
Bug #76374: MIME bypass
|
CVE-2006-6406 |
|
clamav (Ubuntu Feisty)
|
Fix released (unassigned)
|
|
Bug #78144: CVE-2006-6142 Cross site scripting in compose, draft & HTML mail viewing
|
CVE-2006-6142 |
|
squirrelmail (Ubuntu Feisty)
|
Fix released (unassigned)
|
|
Bug #78145: XSS and SQL injections
|
CVE-2007-0106
CVE-2007-0107 |
|
wordpress (Ubuntu Feisty)
|
Fix released, assigned to StefanPotyra
|
|
Bug #78339: Universal XSS
|
CVE-2007-0045
CVE-2007-0046 |
|
acroread (Ubuntu Feisty)
|
Fix released, assigned to Daniel T Chen
|
|
Bug #78610: URL format string injection in CDDA and VCDX plugins
|
CVE-2007-0017 |
|
vlc (Ubuntu Feisty)
|
Fix released, assigned to Daniel T Chen
|
|
Bug #80569: Java 1.5.0_08 security problem
|
CVE-2007-0234
CVE-2007-0243 |
|
sun-java5 (Ubuntu Feisty)
|
Won't fix (unassigned)
|
|
Bug #82003: phpmyadmin has several security bugs
|
CVE-2006-1804
CVE-2006-2031 |
|
phpmyadmin (Ubuntu Feisty)
|
Fix released (unassigned)
|
|
Bug #83508: Buffer overflow in ZABBIX before 1.1.5 has unknown impact and attack vectors related to "SNMP IP addresses."
|
CVE-2007-0640 |
|
zabbix (Ubuntu Feisty)
|
Fix released (unassigned)
|
|
Bug #84657: Security update for rar/unrar (CVE-2007-0855)
|
CVE-2007-0855 |
|
unrar-nonfree (Ubuntu Feisty)
|
Fix released, assigned to Martin Meredith
|
|
rar (Ubuntu Feisty)
|
Fix released, assigned to Martin Meredith
|
|
Bug #86908: wireshark 0.99.4 has security vulnerabilities (upgrade to wireshark 0.99.5)
|
CVE-2007-0456
CVE-2007-0457
CVE-2007-0458
CVE-2007-0459 |
|
wireshark (Ubuntu Feisty)
|
Fix released (unassigned)
|
|
Bug #88981: Please update mozilla-thunderbird to 1.5.0.10
|
CVE-2007-0008
CVE-2007-0009
CVE-2007-0775
CVE-2007-0776
CVE-2007-0777 |
|
mozilla-thunderbird (Ubuntu Feisty)
|
Fix released, assigned to Mozilla Bugs
|
|
Bug #90864: Debdiff to fix CVE-2007-1263 in feisty and edgy
|
CVE-2007-1263 |
|
gpgme1.0 (Ubuntu Feisty)
|
Fix released, assigned to Kees Cook
|
|
Bug #94792: Asterisk 1.2.17 fixes SIP DoS vulnerability
|
CVE-2007-1561 |
|
asterisk (Ubuntu Feisty)
|
Fix released, assigned to Kees Cook
|
|
Bug #96723: [Sync request] Sync nas (1.8-4) from Debian unstable (main)
|
CVE-2007-1543
CVE-2007-1544
CVE-2007-1545
CVE-2007-1546
CVE-2007-1547 |
|
nas (Ubuntu Feisty)
|
Fix released (unassigned)
|
|
Bug #99062: Debdiff for CVE-2007-1253 for blender in edgy
|
CVE-2007-1253 |
|
blender (Ubuntu Feisty)
|
Invalid (unassigned)
|
|
Bug #106006: CVE-2007-2028: vulnerable to memory exhaustion via malformed Diameter format attributes inside of an EAP-TTLS tunnel
|
CVE-2007-2028 |
|
freeradius (Ubuntu Feisty)
|
Fix released, assigned to William Grant
|
|
Bug #107350: pptpd freeze/disconnect
|
CVE-2007-0244 |
|
pptpd (Ubuntu Feisty)
|
Fix released, assigned to Kees Cook
|
|
Bug #107628: DoS-vulnerability in lighttpd
|
CVE-2007-1869
CVE-2007-1870 |
|
lighttpd (Ubuntu Feisty)
|
Invalid (unassigned)
|
|
Bug #108907: Merge with 0.7-3 from debian unstable (#SA24880)
|
CVE-2007-2057 |
|
aircrack-ng (Ubuntu Feisty)
|
Fix released, assigned to Kees Cook
|
|
Bug #110066: Multiple security holes in Asterisk
|
CVE-2007-2294
CVE-2007-2297 |
|
asterisk (Ubuntu Feisty)
|
Fix released, assigned to Kees Cook
|
|
Bug #113725: Cross site scripting in HTML filter
|
CVE-2007-1262 |
|
squirrelmail (Ubuntu Feisty)
|
Fix released (unassigned)
|
|
Bug #117988: Remote attack in OLE parser and PDF handler
|
CVE-2007-2029
CVE-2007-2650 |
|
clamav (Ubuntu Feisty)
|
Fix released, assigned to Leonel Nunez
|
|
Bug #118855: CVE-2007-2948: Stack overflow in mplayer cddb handling
|
CVE-2007-2948 |
|
mplayer (Ubuntu Feisty)
|
Fix released, assigned to William Grant
|
|
Bug #119739: libapache-mod-jk is vulnerable to CVE-2007-1860
|
CVE-2007-1860 |
|
libapache-mod-jk (Ubuntu Feisty)
|
Fix released, assigned to Lionel Porcheron
|
|
Bug #120400: heap overflow in OpenOffice.org RTF parsing routine
|
CVE-2007-0245 |
|
openoffice.org (Ubuntu Feisty)
|
Fix released, assigned to Matthias Klose
|
|
Bug #121780: DoS via local buffer overflow
|
CVE-2007-3374 |
|
redhat-cluster-suite (Ubuntu Feisty)
|
Fix released, assigned to Kees Cook
|
|
Bug #122207: vlc before 0.8.6c allows arbitrary code execution via a multitude of vectors
|
CVE-2007-0256
CVE-2007-3316
CVE-2007-3467
CVE-2007-3468 |
|
vlc (Ubuntu Feisty)
|
Won't fix (unassigned)
|
|
Bug #124629: [CVE-2007-2838] Unsafe tmp file usage
|
CVE-2007-2838 |
|
gsambad (Ubuntu Feisty)
|
Fix released, assigned to Michael Bienia
|
|
Bug #124725: [CVE-2007-2837] Unsafe tmp file handling
|
CVE-2007-2837 |
|
fireflier (Ubuntu Feisty)
|
Fix released (unassigned)
|
|
Bug #125131: Need to be updated for new stable version (9,0,48,0)
|
CVE-2007-3456 |
|
flashplugin-nonfree (Ubuntu Feisty)
|
Invalid by John Vivirito
|
|
Bug #125180: id sequence is predictable and the same in all child processes
|
CVE-2007-3377 |
|
libnet-dns-perl (Ubuntu Feisty)
|
Fix released, assigned to Scott Kitterman
|
|
Bug #125236: Bugs in dn_expand (XS and PP) on mailformed packages
|
CVE-2007-3409 |
|
libnet-dns-perl (Ubuntu Feisty)
|
Fix released (unassigned)
|
|
Bug #125816: linux-image postinst matches header_postinst_hook for postinst_hook incorrectly
|
CVE-2006-6058
CVE-2007-4849
CVE-2007-4997
CVE-2007-5500
CVE-2007-5501 |
|
kernel-package (Ubuntu Feisty)
|
Won't fix (unassigned)
|
|
linux-source-2.6.20 (Ubuntu Feisty)
|
Invalid (unassigned)
|
|
linux-source-2.6.22 (Ubuntu Feisty)
|
Invalid (unassigned)
|
|
Bug #126471: unrar.c Remote DoS in clamav 0.90
|
CVE-2007-3725 |
|
clamav (Ubuntu Feisty)
|
Fix released, assigned to Kees Cook
|
|
Bug #127718: lighttpd security fixes
|
CVE-2007-3946
CVE-2007-3947
CVE-2007-3948
CVE-2007-3949
CVE-2007-3950 |
|
lighttpd (Ubuntu Feisty)
|
Fix released, assigned to Áron Sisak
|
|
Bug #129771: remote IRC servers can execute arbitrary commands
|
CVE-2007-3360 |
|
ircii-pana (Ubuntu Feisty)
|
Fix released, assigned to Kees Cook
|
|
Bug #130091: CVE-2007-2500: memory corruption vulnerability in gnash
|
CVE-2007-2500 |
|
gnash (Ubuntu Feisty)
|
Fix released, assigned to William Grant
|
|
Bug #132046: SECURITY: URL handling allows remote shell command execution
|
CVE-2007-3770 |
|
xfce4-terminal (Ubuntu Feisty)
|
Fix released, assigned to Kees Cook
|
|
Bug #132161: vulnerable to CVE-2007-2165
|
CVE-2007-2165 |
|
proftpd (Ubuntu Feisty)
|
Invalid (unassigned)
|
|
proftpd-dfsg (Ubuntu Feisty)
|
Won't fix (unassigned)
|
|
Bug #132915: WireShark versions prior to 0.99.6 vulnerability
|
CVE-2006-4574
CVE-2006-4805
CVE-2006-5468
CVE-2006-5469
CVE-2006-5740
CVE-2007-0456
CVE-2007-0457
CVE-2007-0458
CVE-2007-0459
CVE-2007-3389
CVE-2007-3390
CVE-2007-3391
CVE-2007-3392
CVE-2007-3393
CVE-2007-4721 |
|
wireshark (Ubuntu Feisty)
|
Fix released, assigned to Stephan Rügamer
|
|
Bug #133569: regex error causes hosts to not be denied
|
CVE-2007-4323
CVE-2007-5715 |
|
denyhosts (Ubuntu Feisty)
|
Fix released, assigned to William Grant
|
|
Bug #135332: TCP wrapper not working ?
|
CVE-2007-4601 |
|
tcp-wrappers (Ubuntu Feisty)
|
Fix released, assigned to Kees Cook
|
|
Bug #136302: Sylpheed POP3 Format String Vulnerability
|
CVE-2007-2958 |
|
claws-mail (Ubuntu Feisty)
|
Invalid (unassigned)
|
|
sylpheed (Ubuntu Feisty)
|
Fix released (unassigned)
|
|
sylpheed-claws (Ubuntu Feisty)
|
Fix released (unassigned)
|
|
sylpheed-claws-gtk2 (Ubuntu Feisty)
|
Fix released (unassigned)
|
|
Bug #136687: buffer overflow in w_read function (possible DoS and execution of arbitary code)
|
CVE-2007-3791 |
|
postfix-policyd (Ubuntu Feisty)
|
Fix released, assigned to Kees Cook
|
|
Bug #140707: [Qt 3, Qt 4] Potential vulnerability in QUtf8Decoder
|
CVE-2007-4137 |
|
qt-x11-free (Ubuntu Feisty)
|
Fix released, assigned to Kees Cook
|
|
qt4-x11 (Ubuntu Feisty)
|
Won't fix (unassigned)
|
|
Bug #140891: [mplayer] Heap overflow causes potential arbitrary code execution
|
CVE-2007-4938 |
|
kmplayer (Ubuntu Feisty)
|
Invalid (unassigned)
|
|
mplayer (Ubuntu Feisty)
|
Fix released, assigned to William Grant
|
|
Bug #141378: [Security] KDM Password-less login vulnerability
|
CVE-2007-4569 |
|
kdebase (Ubuntu Feisty)
|
Fix released, assigned to Kees Cook
|
|
Bug #144425: [ImageMagick] security issues with releases prior to 6.3.5-9
|
CVE-2007-4985
CVE-2007-4986
CVE-2007-4987
CVE-2007-4988 |
|
imagemagick (Ubuntu Feisty)
|
Fix released, assigned to Kees Cook
|
|
graphicsmagick (Ubuntu Feisty)
|
Won't fix (unassigned)
|
|
Bug #146269: [openssl security] OpenSSL SSL_get_shared_ciphers() off-by-one buffer overflow
|
CVE-2007-3108
CVE-2007-5135 |
|
openssl (Ubuntu Feisty)
|
Fix released (unassigned)
|
|
openssl097 (Ubuntu Feisty)
|
Won't fix (unassigned)
|
|
Bug #147993: XSS vulnerability in dokuwiki
|
CVE-2007-3930 |
|
dokuwiki (Ubuntu Feisty)
|
Fix released, assigned to Kees Cook
|
|
Bug #148940: [X font server] integer overflow and heap corruption vulnerability
|
CVE-2007-4568 |
|
xfs (Ubuntu Feisty)
|
Won't fix (unassigned)
|
|
Bug #149121: hpssd vulnerable to command injection
|
CVE-2007-5208 |
|
hplip (Ubuntu Feisty)
|
Fix released, assigned to Kees Cook
|
|
Bug #149616: Net::HTTPS Vulnerability
|
CVE-2007-5162
CVE-2007-5770 |
|
ruby1.8 (Ubuntu Feisty)
|
Fix released, assigned to Stephan Rügamer
|
|
ruby1.9 (Ubuntu Feisty)
|
Won't fix (unassigned)
|
|
Bug #150848: [CVE-2007-5226] dircproxy segfault on blank /me
|
CVE-2007-5226 |
|
dircproxy (Ubuntu Feisty)
|
Fix released, assigned to Stephan Rügamer
|
|
Bug #151078: Please sync rails 1.2.4-1 from Debian unstable (main)
|
CVE-2007-3227 |
|
rails (Ubuntu Feisty)
|
Won't fix (unassigned)
|
|
Bug #151806: CVE-2007-5301 buffer overflow in vorbis input plugi
|
CVE-2007-5301 |
|
alsaplayer (Ubuntu Feisty)
|
Won't fix (unassigned)
|
|
Bug #151946: CVE-2007-5300 remote denial of service
|
CVE-2007-0428
CVE-2007-5300 |
|
wzdftpd (Ubuntu Feisty)
|
Fix released, assigned to Stephan Rügamer
|
|
Bug #152069: remote-exploit by default
|
CVE-2005-3252 |
|
snort (Ubuntu Feisty)
|
Won't fix (unassigned)
|
|
Bug #152624: Buffer overflow in check_http.c (CVE-2007-5198)
|
CVE-2007-5198 |
|
nagios-plugins (Ubuntu Feisty)
|
Fix released, assigned to Jamie Strandboge
|
|
Bug #154393: [Firefox] security update release 2.0.0.8 available from upstream
|
CVE-2006-2894
CVE-2007-1095
CVE-2007-2292
CVE-2007-3511
CVE-2007-4841
CVE-2007-5334
CVE-2007-5337
CVE-2007-5338
CVE-2007-5339
CVE-2007-5340 |
|
firefox (Ubuntu Feisty)
|
Fix released, assigned to Kees Cook
|
|
Bug #157903: security vulnerabiity in django i18n system
|
CVE-2007-5712 |
|
python-django (Ubuntu Feisty)
|
Fix released, assigned to William Grant
|
|
Bug #158414: denial of service in wesnoth client and server prior 1.2.7 release
|
CVE-2007-3917 |
|
wesnoth (Ubuntu Feisty)
|
Fix released (unassigned)
|
|
Bug #160454: [pcre3] several security issues in Perl-Compatible Regular Expression library
|
CVE-2006-7227
CVE-2006-7228
CVE-2006-7230
CVE-2007-1659
CVE-2007-1660
CVE-2007-1661
CVE-2007-1662
CVE-2007-4766
CVE-2007-4767
CVE-2007-4768 |
|
pcre3 (Ubuntu Feisty)
|
Fix released, assigned to Kees Cook
|
|
Bug #161173: [CVE-2007-4476] cpio is affected by this CVE as tar.
|
CVE-2007-4476 |
|
cpio (Ubuntu Feisty)
|
Fix released (unassigned)
|
|
Bug #162171: [CVE-2007-4752] ssh in OpenSSH before 4.7 does not properly handle...
|
CVE-2007-4752 |
|
openssh (Ubuntu Feisty)
|
Fix released, assigned to Stephan Rügamer
|
|
Bug #162295: CVE-2007-5839: Insecure temporary file creation
|
CVE-2007-5839 |
|
ircii-pana (Ubuntu Feisty)
|
Won't fix (unassigned)
|
|
Bug #162296: CVE-2007-4584 stack based buffer overflow via long MODE command
|
CVE-2007-4584 |
|
ircii-pana (Ubuntu Feisty)
|
Won't fix (unassigned)
|
|
Bug #162351: CVE-2007-5837: Code injection through badly formatted URL
|
CVE-2007-5837 |
|
yarssr (Ubuntu Feisty)
|
Fix released, assigned to William Grant
|
|
Bug #162406: CVE-2007-4323: DoS via log injection
|
CVE-2007-4323
CVE-2007-5715 |
|
denyhosts (Ubuntu Feisty)
|
Fix released, assigned to William Grant
|
|
Bug #162511: [CVE-2007-5395] link-grammar is vulnerable
|
CVE-2007-5395 |
|
link-grammar (Ubuntu Feisty)
|
Fix released, assigned to Kees Cook
|
|
Bug #162520: [CVE-2005-4790] tomboy has an untrusted search path
|
CVE-2005-4790 |
|
tomboy (Ubuntu Feisty)
|
Fix released (unassigned)
|
|
Bug #162543: CVE-2007-5740: format string vulnerability
|
CVE-2007-5740 |
|
perdition (Ubuntu Feisty)
|
Fix released, assigned to Stephan Rügamer
|
|
Bug #162599: few serious security issues for phpMyAdmin
|
CVE-2006-6942
CVE-2006-6944
CVE-2007-1325
CVE-2007-1395
CVE-2007-2245
CVE-2007-5386
CVE-2007-5589
CVE-2007-5976
CVE-2007-5977
CVE-2007-6100 |
|
phpmyadmin (Ubuntu Feisty)
|
Fix released, assigned to William Grant
|
|
Bug #162602: [CVE-2007-5200] hugin allows local users to overwrite arbitrary files via a symlink attack on a temporary file.
|
CVE-2007-5200 |
|
hugin (Ubuntu Feisty)
|
Fix released, assigned to Stephan Rügamer
|
|
Bug #162826: [Mono] Buffer overflow in Mono 1.2.5.1 and earlier
|
CVE-2007-5197 |
|
mono (Ubuntu Feisty)
|
Fix released, assigned to Kees Cook
|
|
Bug #163056: CVE-2007-5933: Remote denial of service
|
CVE-2007-5933
CVE-2007-6010 |
|
pioneers (Ubuntu Feisty)
|
Fix released, assigned to William Grant
|
|
Bug #163492: CVE-2007-4650: Unauthorised editing of item properties
|
CVE-2007-4650 |
|
gallery2 (Ubuntu Feisty)
|
Won't fix (unassigned)
|
|
Bug #163740: [CVE-2007-5707] OpenLDAP before 2.3.39 allows remote attackers to cause a denial of service (slapd crash)
|
CVE-2007-5707 |
|
openldap2.2 (Ubuntu Feisty)
|
Invalid (unassigned)
|
|
openldap2.3 (Ubuntu Feisty)
|
Fix released, assigned to Jamie Strandboge
|
|
Bug #163832: [rails] Several vulnerabilities allowing for file disclosure and theft of user credentials
|
CVE-2007-3227
CVE-2007-5379
CVE-2007-5380
CVE-2007-6077 |
|
rails (Ubuntu Feisty)
|
Won't fix (unassigned)
|
|
Bug #163833: [tikiwiki] Multiple vulnerabilities possibly resulting in the remote execution of arbitrary code
|
CVE-2006-2635
CVE-2006-6457
CVE-2007-4554
CVE-2007-5423
CVE-2007-5682 |
|
tikiwiki (Ubuntu Feisty)
|
Fix released, assigned to Stephan Rügamer
|
|
Bug #163845: [python] Multiple integer overflow vulnerabilities possibly resulting in the execution of arbitrary code or DoS
|
CVE-2007-4965 |
|
python2.2 (Ubuntu Feisty)
|
Invalid (unassigned)
|
|
python2.3 (Ubuntu Feisty)
|
Invalid (unassigned)
|
|
python2.4 (Ubuntu Feisty)
|
Fix released, assigned to Stephan Rügamer
|
|
python2.5 (Ubuntu Feisty)
|
Fix released, assigned to Stephan Rügamer
|
|
Bug #164007: [net-snmp] remote Denial of Service vulnerability
|
CVE-2007-5846 |
|
net-snmp (Ubuntu Feisty)
|
Fix released (unassigned)
|
|
Bug #164072: [CVE-2007-6035] cacti has a sql injection vulnerability
|
CVE-2007-3112
CVE-2007-3113
CVE-2007-6035 |
|
cacti (Ubuntu Feisty)
|
Fix released, assigned to Stephan Rügamer
|
|
Bug #164231: NFS regression causes subsequent mounts from same superblock to silently use previous mount options
|
CVE-2006-6058
CVE-2007-3107
CVE-2007-4567
CVE-2007-4849
CVE-2007-4997
CVE-2007-5093
CVE-2007-5500
CVE-2007-5501
CVE-2007-5966
CVE-2007-6063
CVE-2007-6151
CVE-2007-6206
CVE-2007-6417
CVE-2008-0001 |
|
linux-source-2.6.22 (Ubuntu Feisty)
|
Invalid (unassigned)
|
|
linux (Ubuntu Feisty)
|
Invalid (unassigned)
|
|
linux-source-2.6.20 (Ubuntu Feisty)
|
Fix released (unassigned)
|
|
Bug #164501: more security issues with wireshark from 0.99.6 down to ...
|
CVE-2007-6111
CVE-2007-6112
CVE-2007-6113
CVE-2007-6114
CVE-2007-6115
CVE-2007-6116
CVE-2007-6117
CVE-2007-6118
CVE-2007-6119
CVE-2007-6120
CVE-2007-6121 |
|
wireshark (Ubuntu Feisty)
|
Fix released, assigned to Stephan Rügamer
|
|
Bug #172260: [mysql] multiple vulnerabilities
|
CVE-2007-2583
CVE-2007-2691
CVE-2007-2692
CVE-2007-3780
CVE-2007-3781
CVE-2007-3782
CVE-2007-5925
CVE-2007-5969
CVE-2007-6303
CVE-2008-0226
CVE-2008-0227 |
|
mysql-dfsg (Ubuntu Feisty)
|
Invalid (unassigned)
|
|
mysql-dfsg-4.1 (Ubuntu Feisty)
|
Invalid (unassigned)
|
|
mysql-dfsg-5.0 (Ubuntu Feisty)
|
Fix released, assigned to Jamie Strandboge
|
|
mysql-dfsg-5.1 (Ubuntu Feisty)
|
Invalid (unassigned)
|
|
Bug #172265: [feynmf] Insecure temporary file creation
|
CVE-2007-5940 |
|
feynmf (Ubuntu Feisty)
|
Fix released (unassigned)
|
|
Bug #172277: [CVE-2007-6110] Cross-site scripting (XSS) vulnerability in htsearch in htdig 3.2.0b6
|
CVE-2007-6110 |
|
htdig (Ubuntu Feisty)
|
Fix released, assigned to William Grant
|
|
Bug #172440: [CVE-2007-6013] Authentication cookies easily derivable from password hash
|
CVE-2007-6013 |
|
wordpress (Ubuntu Feisty)
|
Won't fix (unassigned)
|
|
Bug #172518: [firefox] regression in recent update to 2.0.0.10
|
CVE-2007-5947
CVE-2007-5959
CVE-2007-5960 |
|
firefox (Ubuntu Feisty)
|
Fix released, assigned to Alexander Sack
|
|
Bug #172783: wesnoth exploit allows others to view the content of files on a remote computer
|
CVE-2007-3917
CVE-2007-5742 |
|
wesnoth (Ubuntu Feisty)
|
Fix released, assigned to Kees Cook
|
|
Bug #173153: [CVE-2007-6061] Denial of service and deletion of an arbitrary directory tree via symlink attack
|
CVE-2007-6061 |
|
audacity (Ubuntu Feisty)
|
Fix released, assigned to Kees Cook
|
|
Bug #173164: [CVE-2007-6062] Denial of service via JOIN command without channel
|
CVE-2007-6062 |
|
ngircd (Ubuntu Feisty)
|
Fix released, assigned to William Grant
|
|
Bug #173203: [CVE-2007-6077] Potential session fixation attack
|
CVE-2007-6077 |
|
rails (Ubuntu Feisty)
|
Won't fix (unassigned)
|
|
Bug #173377: [CVE-2007-44{08,1[01]}] Various vulnerabilities in ircd-ircu before 2.10.12.06
|
CVE-2007-4408
CVE-2007-4410
CVE-2007-4411 |
|
ircd-ircu (Ubuntu Feisty)
|
Won't fix (unassigned)
|
|
Bug #173610: [asterisk] [CVE-2007-6170] missing input sanitising
|
CVE-2007-6170 |
|
asterisk (Ubuntu Feisty)
|
Won't fix (unassigned)
|
|
Bug #173881: the option "turn_cmd" can stall a computer or maybe start another application
|
CVE-2007-3917
CVE-2007-5742
CVE-2007-6201 |
|
wesnoth (Ubuntu Feisty)
|
Fix released, assigned to Stephan Rügamer
|
|
Bug #173948: [CVE-2007-6211] sing in debian is vulnerable
|
CVE-2007-6211 |
|
sing (Ubuntu Feisty)
|
Fix released, assigned to Stephan Rügamer
|
|
Bug #174112: [openoffice.org] [CVE-2007-4575] Potential arbitrary code execution vulnerability in 3rd party module (HSQLDB)
|
CVE-2007-4575 |
|
openoffice.org (Ubuntu Feisty)
|
Fix released, assigned to Kees Cook
|
|
Bug #174177: [emacs] [CVE-2007-6109] buffer overflow
|
CVE-2007-6109
CVE-2008-1694 |
|
emacs21 (Ubuntu Feisty)
|
Fix released, assigned to Jamie Strandboge
|
|
emacs22 (Ubuntu Feisty)
|
Invalid (unassigned)
|
|
Bug #174352: [CVE-2007-6239] squid-2.X and squid-3.x are vulnerable
|
CVE-2007-6239 |
|
squid (Ubuntu Feisty)
|
Fix released (unassigned)
|
|
squid3 (Ubuntu Feisty)
|
Fix released (unassigned)
|
|
Bug #174356: [zabbix] [CVE-2007-6210] privilege escalation
|
CVE-2007-6210 |
|
zabbix (Ubuntu Feisty)
|
Won't fix (unassigned)
|
|
Bug #174615: [heimdal] [CVE-2007-5939] possible remote vulnerability of unknown impact via an invalid username
|
CVE-2007-5939 |
|
heimdal (Ubuntu Feisty)
|
Won't fix (unassigned)
|
|
Bug #175319: [sitebar] Several remote vulnerabilities
|
CVE-2007-5491
CVE-2007-5492
CVE-2007-5692
CVE-2007-5693
CVE-2007-5694
CVE-2007-5695 |
|
sitebar (Ubuntu Feisty)
|
Won't fix (unassigned)
|
|
Bug #175505: [tomcat5] multiple vulnerabilities
|
CVE-2007-0450
CVE-2007-2449
CVE-2007-2450
CVE-2007-3382
CVE-2007-3385
CVE-2007-3386
CVE-2007-5342
CVE-2007-5461
CVE-2008-0128 |
|
tomcat5 (Ubuntu Feisty)
|
Won't fix (unassigned)
|
|
tomcat5.5 (Ubuntu Feisty)
|
Won't fix (unassigned)
|
|
Bug #175827: [ruby-gnome2] [CVE-2007-6183] improper input sanitizing / format string vulnerability
|
CVE-2007-6183 |
|
ruby-gnome2 (Ubuntu Feisty)
|
Won't fix (unassigned)
|
|
Bug #176175: CVE-2007-6263: security vulnerability in linux-ftpd-ssl
|
CVE-2007-6263 |
|
linux-ftpd-ssl (Ubuntu Feisty)
|
Won't fix (unassigned)
|
|
Bug #176917: [centericq] [CVE-2007-3713] buffer overflow
|
CVE-2007-3713 |
|
centericq (Ubuntu Feisty)
|
Won't fix (unassigned)
|
|
Bug #176927: [ia32-libs-kde] Qt vulnerabilities inherited?
|
CVE-2006-4811
CVE-2007-3388
CVE-2007-4137 |
|
ia32-libs-kde (Ubuntu Feisty)
|
Won't fix (unassigned)
|
|
Bug #176931: [lookup-el] [CVE-2007-0237] possible local symlink attack
|
CVE-2007-0237 |
|
lookup-el (Ubuntu Feisty)
|
Fix released, assigned to Emanuele Gentili
|
|
Bug #177537: Remote Code Execution
|
CVE-2007-6335
CVE-2007-6336
CVE-2007-6337 |
|
clamav (Ubuntu Feisty)
|
Fix released, assigned to Leonel Nunez
|
|
Bug #180300: [typo3-src] [CVE-2007-6381] SQL injection vulnerability
|
CVE-2007-6381 |
|
typo3-src (Ubuntu Feisty)
|
Won't fix (unassigned)
|
|
Bug #180303: [peercast] [CVE-2007-6454] buffer overflow, remote vulnerability allowing DoS or arbitrary code execution
|
CVE-2007-6454 |
|
peercast (Ubuntu Feisty)
|
Won't fix (unassigned)
|
|
Bug #180702: Multiple vulnerabilities allow XSS and reading of arbitrary files
|
CVE-2007-6526
CVE-2007-6528
CVE-2007-6529 |
|
tikiwiki (Ubuntu Feisty)
|
Fix released, assigned to Emanuele Gentili
|
|
Bug #181416: SQL injection vulnerability in wp-includes/query.php in WordPress CVE-2007-6318
|
CVE-2007-6318 |
|
wordpress (Ubuntu Feisty)
|
Fix released, assigned to Kees Cook
|
|
Bug #181714: [libexiv2] [CVE-2007-6353] possibility of arbitrary code execution
|
CVE-2007-6353 |
|
exiv2 (Ubuntu Feisty)
|
Fix released, assigned to Kees Cook
|
|
Bug #181720: [postgresql] multiple vulnerabilities
|
CVE-2007-3278
CVE-2007-4769
CVE-2007-4772
CVE-2007-6067
CVE-2007-6600
CVE-2007-6601 |
|
postgresql (Ubuntu Feisty)
|
Fix released (unassigned)
|
|
Bug #181722: [fail2ban] [CVE-2007-4321] DoS vulnerability
|
CVE-2007-4321 |
|
fail2ban (Ubuntu Feisty)
|
Won't fix (unassigned)
|
|
Bug #181830: CVE-2007-6337 Unknown impact remote attack
|
CVE-2007-6337 |
|
clamav (Ubuntu Feisty)
|
Invalid (unassigned)
|
|
Bug #181984: Drupal5: SA-2007-031, SA-2008-005,SA-2008-006: SQL injection and XSS
|
CVE-2007-6299
CVE-2008-0272
CVE-2008-0273 |
|
drupal (Ubuntu Feisty)
|
Fix released (unassigned)
|
|
drupal5 (Ubuntu Feisty)
|
Fix released (unassigned)
|
|
Bug #183389: [SECURITY] CVE-2007-6437 prone to denial of service attack
|
CVE-2007-6437 |
|
syslog-ng (Ubuntu Feisty)
|
Fix released (unassigned)
|
|
Bug #185021: [mantis] [CVE-2006-6574] [CVE-2007-6611] remote vulnerabilities
|
CVE-2006-6574
CVE-2007-6611 |
|
mantis (Ubuntu Feisty)
|
Won't fix (unassigned)
|
|
Bug #185034: [xine-lib] [CVE-2008-0225] insufficient input sanitising during the handling of RTSP streams
|
CVE-2008-0225
CVE-2008-0238 |
|
xine-lib (Ubuntu Feisty)
|
Fix released (unassigned)
|
|
Bug #185035: [scponly] [CVE-2007-6350] [CVE-2007-6415] design flaw may lead to execution of arbitrary commands
|
CVE-2007-6350
CVE-2007-6415 |
|
scponly (Ubuntu Feisty)
|
Won't fix (unassigned)
|
|
Bug #185534: [SECURITY] Fix unchecked setuid() return values (feisty-security, gutsy)
|
CVE-2008-0008 |
|
pulseaudio (Ubuntu Feisty)
|
Fix released (unassigned)
|
|
Bug #185782: Buffer overflow in GIF and IFF ILBM handling
|
CVE-2007-6697
CVE-2008-0544 |
|
sdl-image1.2 (Ubuntu Feisty)
|
Fix released, assigned to Kees Cook
|
|
Bug #186578: [libicu] [CVE-2007-4770] [CVE-2007-4771] potential execution of arbitrary code via malformed regular expressions
|
CVE-2007-4770
CVE-2007-4771 |
|
icu (Ubuntu Feisty)
|
Fix released, assigned to Jamie Strandboge
|
|
Bug #186978: [mysql] [CVE-2008-0226] [CVE-2008-0227] buffer overflows in YaSSL
|
CVE-2007-2692
CVE-2007-6303
CVE-2007-6304
CVE-2008-0226
CVE-2008-0227 |
|
mysql-dfsg-5.0 (Ubuntu Feisty)
|
Fix released, assigned to Jamie Strandboge
|
|
Bug #187481: [CVE-2008-0252] Directory traversal vulnerability allows modification of arbitrary files
|
CVE-2008-0252 |
|
cherrypy3 (Ubuntu Feisty)
|
Invalid (unassigned)
|
|
python-cherrypy (Ubuntu Feisty)
|
Fix released, assigned to William Grant
|
|
Bug #190020: Stack-based buffer overflow
|
CVE-2007-6531 |
|
xfce4-panel (Ubuntu Feisty)
|
Fix released, assigned to Gauvain Pocentek
|
|
Bug #190021: Double-free vulnerability
|
CVE-2007-6532 |
|
libxfcegui4 (Ubuntu Feisty)
|
Fix released, assigned to Gauvain Pocentek
|
|
Bug #191150: possible integer overflow
|
CVE-2007-6595
CVE-2008-0318 |
|
clamav (Ubuntu Feisty)
|
Fix released (unassigned)
|
|
Bug #191196: [gnatsweb] [CVE-2007-2808] cross-site scripting vulnerability
|
CVE-2007-2808 |
|
gnatsweb (Ubuntu Feisty)
|
Fix released, assigned to Emanuele Gentili
|
|
Bug #191201: [phpbb2] several remote vulnerabilities
|
CVE-2006-4758
CVE-2006-6508
CVE-2006-6839
CVE-2006-6840
CVE-2006-6841
CVE-2008-0471 |
|
phpbb2 (Ubuntu Feisty)
|
Won't fix (unassigned)
|
|
Bug #191205: [wml] [CVE-2008-0665] [CVE-2008-0666] insecure temporary files
|
CVE-2008-0665
CVE-2008-0666 |
|
wml (Ubuntu Feisty)
|
Fix released, assigned to Emanuele Gentili
|
|
Bug #191216: [libcdio] [CVE-2007-6613] stack-based buffer overflow
|
CVE-2007-6613 |
|
libcdio (Ubuntu Feisty)
|
Fix released, assigned to Emanuele Gentili
|
|
Bug #191488: [mplayer] [DSA-1496-1] several buffer overflows
|
CVE-2008-0225
CVE-2008-0238
CVE-2008-0485
CVE-2008-0486
CVE-2008-0629
CVE-2008-0630 |
|
mplayer (Ubuntu Feisty)
|
Fix released, assigned to William Grant
|
|
Bug #192199: [SECURITY] CVE-2008-0783 and CVE-2008-0784
|
CVE-2008-0783
CVE-2008-0784 |
|
cacti (Ubuntu Feisty)
|
Fix released, assigned to Stephan Rügamer
|
|
Bug #193744: [SECURITY] cacti - CVE-2008-0785 and CVE-2008-0786
|
CVE-2008-0785
CVE-2008-0786 |
|
cacti (Ubuntu Feisty)
|
Won't fix (unassigned)
|
|
Bug #194687: cacti web frontend fails with 'Invalid PHP_SELF Path' after upgrade
|
CVE-2008-0783
CVE-2008-0784 |
|
cacti (Ubuntu Feisty)
|
Fix released, assigned to Jamie Strandboge
|
|
Bug #195688: [libimager-perl] [CVE-2007-2459] buffer overflow which could allow the execution of arbitrary code
|
CVE-2007-2459 |
|
libimager-perl (Ubuntu Feisty)
|
Won't fix (unassigned)
|
|
Bug #195689: [splitvt] [CVE-2008-0162] privilege escalation
|
CVE-2008-0162 |
|
splitvt (Ubuntu Feisty)
|
Won't fix (unassigned)
|
|
Bug #195691: [dspam] [CVE-2007-6418] programming error leading to information disclosure
|
CVE-2007-6418 |
|
dspam (Ubuntu Feisty)
|
Fix released, assigned to Daniel Hahler
|
|
Bug #195695: [turba2] [CVE-2008-0807] programming error in permission testing
|
CVE-2008-0807 |
|
turba2 (Ubuntu Feisty)
|
Won't fix (unassigned)
|
|
Bug #195696: [diatheke] [CVE-2008-0932] insufficient input sanitising
|
CVE-2008-0932 |
|
sword (Ubuntu Feisty)
|
Won't fix (unassigned)
|
|
Bug #195700: [xine-lib] [CVE-2008-0486] possible buffer overflow in the FLAC audio demuxer
|
CVE-2008-0073
CVE-2008-0486
CVE-2008-1482 |
|
xine-lib (Ubuntu Feisty)
|
Fix released, assigned to Jamie Strandboge
|
|
Bug #195949: VLC Arbitrary memory overwrite in the MP4 demuxer
|
CVE-2008-0984 |
|
vlc (Ubuntu Feisty)
|
Fix released, assigned to Emanuele Gentili
|
|
Bug #196397: [ghostscript] [CVE-2008-0411] buffer overflow in the color space handling code
|
CVE-2008-0411 |
|
ghostscript (Ubuntu Feisty)
|
Invalid (unassigned)
|
|
gs-esp (Ubuntu Feisty)
|
Fix released, assigned to Jamie Strandboge
|
|
gs-gpl (Ubuntu Feisty)
|
Fix released, assigned to Jamie Strandboge
|
|
Bug #196404: [cupsys] [MDVSA-2008:050] multiple vulnerabilities
|
CVE-2008-0047
CVE-2008-0596
CVE-2008-0597
CVE-2008-0882 |
|
cupsys (Ubuntu Feisty)
|
Fix released, assigned to Jamie Strandboge
|
|
Bug #196452: Multiple vulnerabilites in vlc prior to 0.8.6e
|
CVE-2007-6682
CVE-2007-6684
CVE-2008-0295
CVE-2008-0296
CVE-2008-0984 |
|
vlc (Ubuntu Feisty)
|
Won't fix (unassigned)
|
|
Bug #197077: 6.06 LTS: CVE-2007-6698, CVE-2008-0658
|
CVE-2007-6698
CVE-2008-0658 |
|
openldap2.2 (Ubuntu Feisty)
|
Fix released, assigned to Emanuele Gentili
|
|
Bug #198731: [CVE-2008-1111] Failure to Handle Exceptional Conditions
|
CVE-2008-1111 |
|
lighttpd (Ubuntu Feisty)
|
Fix released, assigned to Emanuele Gentili
|
|
Bug #198745: [phpmyadmin] [PMASA-2008-1] SQL injection vulnerability (Delayed Cross Site Request Forgery)
|
CVE-2008-1149 |
|
phpmyadmin (Ubuntu Feisty)
|
Fix released, assigned to Emanuele Gentili
|
|
Bug #199118: [asterisk] [CVE-2007-6430] possibility of bypassing host based authentication by using a valid user name
|
CVE-2007-6430 |
|
asterisk (Ubuntu Feisty)
|
Won't fix (unassigned)
|
|
Bug #199338: [CVE-2008-0564] Multiple cross-site scripting (XSS) vulnerabilities in Mailman
|
CVE-2008-0564 |
|
mailman (Ubuntu Feisty)
|
Fix released, assigned to Emanuele Gentili
|
|
Bug #200987: CVE-2008-1270 when mod_userdir is loaded but not configured, the server's whole disk becomes remotely readable
|
CVE-2008-0983
CVE-2008-1270 |
|
lighttpd (Ubuntu Feisty)
|
Fix released, assigned to Emanuele Gentili
|
|
Bug #201009: [mysql-dfsg-5.0] fix for several open vulnerabilities in -proposed
|
CVE-2006-7232
CVE-2007-2692
CVE-2007-6303
CVE-2008-0226
CVE-2008-0227 |
|
mysql-dfsg-5.0 (Ubuntu Feisty)
|
Fix released, assigned to Jamie Strandboge
|
|
Bug #202332: REGRESSION: mailman broken after security upgrade on gutsy
|
CVE-2008-0564 |
|
mailman (Ubuntu Feisty)
|
Fix released, assigned to Martin Pitt
|
|
Bug #202422: CVE-2008-1066 smarty allows attackers to call arbitrary PHP functions via templates
|
CVE-2008-1066
CVE-2008-2720
CVE-2008-2721
CVE-2008-2722
CVE-2008-2723
CVE-2008-2724 |
|
smarty (Ubuntu Feisty)
|
Fix released, assigned to Emanuele Gentili
|
|
gallery2 (Ubuntu Feisty)
|
Won't fix (unassigned)
|
|
Bug #202758: [CVE-2008-1168] XSS in log and useragent parser
|
CVE-2008-1167
CVE-2008-1168 |
|
sarg (Ubuntu Feisty)
|
Won't fix (unassigned)
|
|
Bug #203449: [dovecot] [CVE-2008-1199, CVE-2008-1218] privilege escalation
|
CVE-2008-1199
CVE-2008-1218 |
|
dovecot (Ubuntu Feisty)
|
Fix released, assigned to Kees Cook
|
|
Bug #203450: [ldapscripts] [CVE-2007-5373] information disclosure
|
CVE-2007-5373 |
|
ldapscripts (Ubuntu Feisty)
|
Won't fix (unassigned)
|
|
Bug #203456: [horde3] [CVE-2008-1284] information disclosure
|
CVE-2008-1284 |
|
horde3 (Ubuntu Feisty)
|
Fix released, assigned to Emanuele Gentili
|
|
Bug #203476: [libbind9] [CVE-2008-0122] off-by-one error in the inet_network function
|
CVE-2008-0122 |
|
bind9 (Ubuntu Feisty)
|
Won't fix (unassigned)
|
|
Bug #205721: CVE-2007-6341 libnet-dns-perl possible denial of service (program "croak") via a crafted DNS response.
|
CVE-2007-6341 |
|
libnet-dns-perl (Ubuntu Feisty)
|
Fix released, assigned to Emanuele Gentili
|
|
Bug #207284: [CVE-2008-1489] buffer overflow in MP4 demuxer in vlc 0.8.6e
|
CVE-2008-1489 |
|
vlc (Ubuntu Feisty)
|
Fix released, assigned to Emanuele Gentili
|
|
Bug #209627: lighttpd (security) ssl fix
|
CVE-2008-1531 |
|
lighttpd (Ubuntu Feisty)
|
Fix released, assigned to Emanuele Gentili
|
|
Bug #210124: [asterisk] several vulnerabilities
|
CVE-2008-1289
CVE-2008-1332
CVE-2008-1333 |
|
asterisk (Ubuntu Feisty)
|
Won't fix (unassigned)
|
|
Bug #210150: [policyd-weight] [CVE-2008-1569, CVE-2008-1570] insecure temporary files
|
CVE-2008-1569
CVE-2008-1570 |
|
policyd-weight (Ubuntu Feisty)
|
Won't fix (unassigned)
|
|
Bug #210155: various outstanding security updates in mozilla universe packages (as of 1.8.1.13)
|
CVE-2007-4879
CVE-2008-1233
CVE-2008-1235
CVE-2008-1236
CVE-2008-1237
CVE-2008-1238
CVE-2008-1240
CVE-2008-1241 |
|
iceape (Ubuntu Feisty)
|
Invalid (unassigned)
|
|
seamonkey (Ubuntu Feisty)
|
Invalid (unassigned)
|
|
xulrunner (Ubuntu Feisty)
|
Won't fix (unassigned)
|
|
Bug #210163: [xine-lib] [DSA-1536-1] several vulnerabilities
|
CVE-2007-1246
CVE-2007-1387
CVE-2008-0073
CVE-2008-0486
CVE-2008-1161 |
|
xine-lib (Ubuntu Feisty)
|
Fix released, assigned to Jamie Strandboge
|
|
Bug #210175: [openssh] [CVE-2008-1483] allows local users to hijack forwarded X connections
|
CVE-2008-1483 |
|
openssh (Ubuntu Feisty)
|
Fix released, assigned to Kees Cook
|
|
Bug #210718: CVE-2008-1373: CUPS GIF image filter overflow
|
CVE-2006-4484
CVE-2007-4045
CVE-2007-6697
CVE-2008-0053
CVE-2008-0553
CVE-2008-0554
CVE-2008-1373 |
|
cupsys (Ubuntu Feisty)
|
Fix released, assigned to Jamie Strandboge
|
|
Bug #212065: More vulnerabilities in wireshark 0.99.2 through 0.99.8 (CVE-2008-156[1-3])
|
CVE-2008-1561
CVE-2008-1562
CVE-2008-1563 |
|
wireshark (Ubuntu Feisty)
|
Won't fix (unassigned)
|
|
Bug #212088: [CVE-2008-1467] remote command execution via crafted URL
|
CVE-2008-1467 |
|
centericq (Ubuntu Feisty)
|
Won't fix (unassigned)
|
|
centerim (Ubuntu Feisty)
|
Invalid (unassigned)
|
|
Bug #212196: [CVE-2008-1468] XSS vulnerability via UTF-7 encoded input
|
CVE-2008-1468 |
|
namazu2 (Ubuntu Feisty)
|
Won't fix (unassigned)
|
|
Bug #212211: [CVE-2008-1502] XSS
|
CVE-2008-1502 |
|
egroupware (Ubuntu Feisty)
|
Won't fix (unassigned)
|
|
Bug #212601: [CVE-2008-1558] arbitrary code execution via uncontrolled array index
|
CVE-2008-1558
CVE-2008-3827 |
|
mplayer (Ubuntu Feisty)
|
Won't fix (unassigned)
|
|
Bug #213500: heap corruption before 0.92.1
|
CVE-2008-0728 |
|
clamav (Ubuntu Feisty)
|
Fix released (unassigned)
|
|
Bug #213570: kvm vulnerable to several CVEs
|
CVE-2007-1320
CVE-2007-1321
CVE-2007-1322
CVE-2007-1323
CVE-2007-1366
CVE-2007-2893
CVE-2007-5729
CVE-2007-5730
CVE-2008-0928 |
|
kvm (Ubuntu Feisty)
|
Won't fix (unassigned)
|
|
qemu (Ubuntu Feisty)
|
Won't fix (unassigned)
|
|
Bug #214980: [pdns-recursor] [CVE-2008-1637] cache poisoning vulnerability
|
CVE-2008-1637 |
|
pdns-recursor (Ubuntu Feisty)
|
Won't fix (unassigned)
|
|
Bug #216245: [CVE-2008-1614] privilege escalation via symlink attack
|
CVE-2008-1614 |
|
suphp (Ubuntu Feisty)
|
Won't fix (unassigned)
|
|
Bug #216301: [CVE-2008-0444, CVE-2008-0445] XSS and DoS
|
CVE-2008-0444
CVE-2008-0445 |
|
elog (Ubuntu Feisty)
|
Won't fix (unassigned)
|
|
Bug #216591: [CVE-2008-1648] denial of service via crafted Content-Type header
|
CVE-2008-1648 |
|
sympa (Ubuntu Feisty)
|
Won't fix (unassigned)
|
|
Bug #216601: [CVE-2008-1633] unspecified vulnerability relating to use of /tmp
|
CVE-2008-1633 |
|
mondo (Ubuntu Feisty)
|
Won't fix (unassigned)
|
|
Bug #216604: [CVE-2008-1692] opens on :0 if DISPLAY not set
|
CVE-2008-1692 |
|
eterm (Ubuntu Feisty)
|
Fix released, assigned to Emanuele Gentili
|
|
Bug #217128: CVE-2008-1382: libpng zero-length chunks incorrect handling
|
CVE-2007-5268
CVE-2007-5269
CVE-2008-1382
CVE-2008-3964
CVE-2008-5907
CVE-2009-0040 |
|
libpng (Ubuntu Feisty)
|
Won't fix (unassigned)
|
|
Bug #217256: ClamAV Upack Processing Buffer Overflow Vulnerability
|
CVE-2007-6596
CVE-2008-0314
CVE-2008-1100
CVE-2008-1387
CVE-2008-1833
CVE-2008-1835
CVE-2008-1836
CVE-2008-1837 |
|
clamav (Ubuntu Feisty)
|
Fix released (unassigned)
|
|
Bug #218534: [Needs Packaging] JavaScript vulnerability in Firefox/Thunderbird/SeaMonkey/Xulrunner before 2.0.0.14/1.1.10/1.8.1.14
|
CVE-2008-0016
CVE-2008-0304
CVE-2008-1237
CVE-2008-1380
CVE-2008-2785
CVE-2008-2798
CVE-2008-2800
CVE-2008-2801
CVE-2008-2802
CVE-2008-2803
CVE-2008-2805
CVE-2008-2806
CVE-2008-2807
CVE-2008-2808
CVE-2008-2809
CVE-2008-2810
CVE-2008-2811
CVE-2008-3835
CVE-2008-3837
CVE-2008-4058
CVE-2008-4061
CVE-2008-4065
CVE-2008-4067
CVE-2008-4069
CVE-2008-4070 |
|
firefox (Ubuntu Feisty)
|
Fix released, assigned to Alexander Sack
|
|
seamonkey (Ubuntu Feisty)
|
Invalid (unassigned)
|
|
thunderbird (Ubuntu Feisty)
|
Fix released, assigned to Alexander Sack
|
|
xulrunner (Ubuntu Feisty)
|
Invalid (unassigned)
|
|
Bug #218640: Multiple vulnerabilities in OpenOffice.org (CVE-2007-574{5-7}, CVE-2008-0320)
|
CVE-2007-5745
CVE-2007-5746
CVE-2007-5747
CVE-2008-0320 |
|
openoffice.org (Ubuntu Feisty)
|
Fix released, assigned to Chris Cheney
|
|
Bug #218652: CVE-2008-1686: Multiple speex implementations insufficient boundary checks
|
CVE-2008-1686
CVE-2008-1878 |
|
gst-plugins-good0.10 (Ubuntu Feisty)
|
Fix released, assigned to Jamie Strandboge
|
|
libannodex (Ubuntu Feisty)
|
Won't fix (unassigned)
|
|
libfishsound (Ubuntu Feisty)
|
Won't fix (unassigned)
|
|
libsdl-sound1.2 (Ubuntu Feisty)
|
Won't fix (unassigned)
|
|
speex (Ubuntu Feisty)
|
Fix released, assigned to Jamie Strandboge
|
|
sweep (Ubuntu Feisty)
|
Won't fix (unassigned)
|
|
vlc (Ubuntu Feisty)
|
Won't fix (unassigned)
|
|
vorbis-tools (Ubuntu Feisty)
|
Fix released, assigned to Jamie Strandboge
|
|
xine-lib (Ubuntu Feisty)
|
Fix released, assigned to Jamie Strandboge
|
|
xmms-speex (Ubuntu Feisty)
|
Won't fix (unassigned)
|
|
Bug #219491: [CVE-2008-1722] CUPS integer overflows in PNG image handling (in files filter/image-{png,zoom}.c)
|
CVE-2008-1722 |
|
cupsys (Ubuntu Feisty)
|
Fix released, assigned to Jamie Strandboge
|
|
Bug #221541: [CVE-2008-1927] Perl 5.8.8 vulnerability via UTF-8 regular expression
|
CVE-2008-1927 |
|
perl (Ubuntu Feisty)
|
Fix released (unassigned)
|
|
Bug #227239: [xpdf] [CVE-2008-1693] possibility of arbitrary code execution
|
CVE-2008-1693 |
|
xpdf (Ubuntu Feisty)
|
Won't fix (unassigned)
|
|
Bug #227246: several vulnerabilities
|
CVE-2008-1679
CVE-2008-1721
CVE-2008-1887 |
|
python2.4 (Ubuntu Feisty)
|
Fix released, assigned to Kees Cook
|
|
python2.5 (Ubuntu Feisty)
|
Fix released, assigned to Kees Cook
|
|
Bug #227276: [roundup] [CVE-2008-1474] cross-site scripting vulnerability
|
CVE-2008-1474 |
|
roundup (Ubuntu Feisty)
|
Won't fix (unassigned)
|
|
Bug #227283: [phpmyadmin] [CVE-2008-1567 CVE-2008-1924] insufficient input sanitising
|
CVE-2008-1567
CVE-2008-1924 |
|
phpmyadmin (Ubuntu Feisty)
|
Won't fix (unassigned)
|
|
Bug #227288: [phpgedview] [CVE-2007-5051] cross site scripting vulnerability due to insufficient input sanitising
|
CVE-2007-5051 |
|
phpgedview (Ubuntu Feisty)
|
Won't fix (unassigned)
|
|
Bug #227291: [kronolith2] [CVE-2008-1974] cross site scripting
|
CVE-2008-1974 |
|
kronolith2 (Ubuntu Feisty)
|
Won't fix (unassigned)
|
|
Bug #227295: [ldm] [CVE-2008-1293] information disclosure
|
CVE-2008-1293 |
|
ldm (Ubuntu Feisty)
|
Fix released, assigned to Oliver Grawert
|
|
Bug #227307: [wordpress] [DSA-1564-1] several vulnerabilities
|
CVE-2007-0540
CVE-2007-3639
CVE-2007-4153
CVE-2007-4154 |
|
wordpress (Ubuntu Feisty)
|
Won't fix (unassigned)
|
|
Bug #227311: [b2evolution] [CVE-2007-0175] cross site scripting
|
CVE-2007-0175 |
|
b2evolution (Ubuntu Feisty)
|
Won't fix (unassigned)
|
|
Bug #227345: [CVE-2008-1103] Multiple temporary files vulnerabilities
|
CVE-2008-1103 |
|
blender (Ubuntu Feisty)
|
Won't fix (unassigned)
|
|
Bug #227464: Please roll out security fixes from PHP 5.2.6
|
CVE-2007-4782
CVE-2007-4850
CVE-2007-5898
CVE-2007-5899
CVE-2008-0599
CVE-2008-1384
CVE-2008-2050
CVE-2008-2051
CVE-2008-2107
CVE-2008-2108
CVE-2008-2371
CVE-2008-2829 |
|
php5 (Ubuntu Feisty)
|
Fix released, assigned to Jamie Strandboge
|
|
Bug #228095: php5 5.2.4 and lower vulnerable to several CVEs
|
CVE-2007-5898 |
|
php5 (Ubuntu Feisty)
|
Fix released (unassigned)
|
|
Bug #228193: rdesktop 1.5.0 multiple remote vulnerabilities [CVE-2008-1801, -1802, -1803]
|
CVE-2008-1801
CVE-2008-1802
CVE-2008-1803 |
|
rdesktop (Ubuntu Feisty)
|
Fix released, assigned to Jamie Strandboge
|
|
Bug #231300: contained libssl needs updating for CVE-2008-0166
|
CVE-2008-0166 |
|
ia32-libs (Ubuntu Feisty)
|
Invalid (unassigned)
|
|
Bug #234631: security vulnerability in django admin
|
CVE-2008-2302 |
|
python-django (Ubuntu Feisty)
|
Fix released, assigned to Andrea Gasparini
|
|
Bug #235909: [CVE-2008-1767] Buffer overflow in libxslt
|
CVE-2008-1767 |
|
libxslt (Ubuntu Feisty)
|
Fix released, assigned to Kees Cook
|
|
Bug #235912: [CVE-2008-1105] Samba: boundary failure when parsing SMB responses
|
CVE-2007-4572
CVE-2008-1105 |
|
samba (Ubuntu Feisty)
|
Fix released, assigned to Jamie Strandboge
|
|
Bug #235915: [CVE-2008-2426] imlib2 PNM and XPM buffer overflows
|
CVE-2008-2426 |
|
imlib2 (Ubuntu Feisty)
|
Won't fix (unassigned)
|
|
Bug #237956: [CVE-2008-1108, CVE-2008-1109] Evolution iCalendar buffer overflows
|
CVE-2008-1108
CVE-2008-1109 |
|
evolution (Ubuntu Feisty)
|
Fix released, assigned to Jamie Strandboge
|
|
Bug #238516: XSS issues in Nagios CGI (CVE-2007-5803)
|
CVE-2007-5803 |
|
nagios2 (Ubuntu Feisty)
|
Won't fix (unassigned)
|
|
nagios3 (Ubuntu Feisty)
|
Invalid (unassigned)
|
|
Bug #238575: Possible invalid memory access in versions before 0.93.1
|
CVE-2008-2713 |
|
clamav (Ubuntu Feisty)
|
Fix released, assigned to Leonel Nunez
|
|
Bug #238873: vlc in Hardy needs a security update
|
CVE-2007-6681
CVE-2007-6683
CVE-2008-0073
CVE-2008-1489
CVE-2008-1686
CVE-2008-1768
CVE-2008-1769
CVE-2008-1881
CVE-2008-2147
CVE-2008-2430 |
|
vlc (Ubuntu Feisty)
|
Won't fix (unassigned)
|
|
Bug #239129: [CVE-2008-0960] Multiple SNMP implementations HMAC authentication spoofing
|
CVE-2008-0960 |
|
ecos (Ubuntu Feisty)
|
Won't fix (unassigned)
|
|
net-snmp (Ubuntu Feisty)
|
Won't fix (unassigned)
|
|
ucd-snmp (Ubuntu Feisty)
|
Won't fix (unassigned)
|
|
Bug #239894: CVE-2008-2364 Apache2 mod_proxy_http.c DOS
|
CVE-2007-6420
CVE-2008-1678
CVE-2008-2168
CVE-2008-2364
CVE-2008-2939 |
|
apache2 (Ubuntu Feisty)
|
Won't fix, assigned to Emanuele Gentili
|
|
Bug #240549: fetchmail denial of service CVE-2008-2711
|
CVE-2008-2711 |
|
fetchmail (Ubuntu Feisty)
|
Won't fix (unassigned)
|
|
Bug #241421: [CVE-2008-2719] nasm vulnerability (DoS and possible arbitrary code execution)
|
CVE-2008-2719 |
|
nasm (Ubuntu Feisty)
|
Invalid (unassigned)
|
|
Bug #241448: Playing from Samba SMB shared folder now is not possible (it could be done until last upgrade).
|
CVE-2008-1105 |
|
samba (Ubuntu Feisty)
|
Fix released, assigned to Jamie Strandboge
|
|
totem (Ubuntu Feisty)
|
Invalid (unassigned)
|
|
Bug #241457: CVE-2008-1832: Insecure tempfile handling
|
CVE-2008-1832 |
|
cecilia (Ubuntu Feisty)
|
Won't fix (unassigned)
|
|
Bug #241657: Multiple vulnerabilities in Ruby may lead to a denial of service (DoS) condition or allow execution of arbitrary code.
|
CVE-2008-2662
CVE-2008-2663
CVE-2008-2664
CVE-2008-2725
CVE-2008-2726
CVE-2008-2727
CVE-2008-2728 |
|
ruby1.8 (Ubuntu Feisty)
|
Fix released, assigned to Jamie Strandboge
|
|
ruby1.9 (Ubuntu Feisty)
|
Won't fix (unassigned)
|
|
Bug #244804: mercurial: insufficient input validation allowing file renames out of repository
|
CVE-2008-2942 |
|
mercurial (Ubuntu Feisty)
|
Won't fix (unassigned)
|
|
Bug #246818: [CVE-2008-2376] Integer overflow in the rb_ary_fill function in array.c in Ruby
|
CVE-2008-1447
CVE-2008-2376
CVE-2008-3443
CVE-2008-3655
CVE-2008-3656
CVE-2008-3657
CVE-2008-3790
CVE-2008-3905 |
|
ruby1.8 (Ubuntu Feisty)
|
Fix released, assigned to Jamie Strandboge
|
|
Bug #247409: Python-dns does not randomize TID causing DNS poisoning risk
|
CVE-2008-1447 |
|
python-dns (Ubuntu Feisty)
|
Fix released, assigned to Scott Kitterman
|
|
linux-source-2.6.15 (Ubuntu Feisty)
|
Invalid (unassigned)
|
|
linux-source-2.6.20 (Ubuntu Feisty)
|
Won't fix (unassigned)
|
|
linux-source-2.6.22 (Ubuntu Feisty)
|
Invalid (unassigned)
|
|
Bug #247598: dnsmasq might be vulnerable to recent DNS spoofing issue
|
CVE-2008-1447 |
|
dnsmasq (Ubuntu Feisty)
|
Won't fix (unassigned)
|
|
Bug #248674: CVE-2008-3162 Stack-based buffer overflow
|
CVE-2008-3162 |
|
ffmpeg (Ubuntu Feisty)
|
Fix released, assigned to Emanuele Gentili
|
|
Bug #249316: libclamav petite.c denial of sevice issue
|
CVE-2008-2713 |
|
clamav (Ubuntu Feisty)
|
Fix released, assigned to Michael Casadevall
|
|
Bug #249593: CVE-2007-6415 - scponly allows remote command execution
|
CVE-2007-6350
CVE-2007-6415 |
|
scponly (Ubuntu Feisty)
|
Won't fix, assigned to Michael Casadevall
|
|
Bug #253787: [CVE-2008-2931] Local privilege escalation in Linux (do_change_type() in fs/namespace.c)
|
CVE-2008-2931 |
|
linux (Ubuntu Feisty)
|
Invalid (unassigned)
|
|
linux-source-2.6.15 (Ubuntu Feisty)
|
Invalid (unassigned)
|
|
linux-source-2.6.20 (Ubuntu Feisty)
|
Fix released (unassigned)
|
|
Bug #254129: Sync with upstream 5.0.51-10 for CVE-2008-2079
|
CVE-2008-2079 |
|
mysql-dfsg-5.0 (Ubuntu Feisty)
|
Won't fix (unassigned)
|
|
Bug #257122: Multiple vulnerabilities in Ruby
|
CVE-2008-1447
CVE-2008-2376
CVE-2008-3443
CVE-2008-3655
CVE-2008-3656
CVE-2008-3657
CVE-2008-3790
CVE-2008-3905 |
|
ruby1.8 (Ubuntu Feisty)
|
Fix released, assigned to Jamie Strandboge
|
|
ruby1.9 (Ubuntu Feisty)
|
Won't fix (unassigned)
|
|
Bug #258180: [CVE-2008-3276] Linux kernel dccp_setsockopt_change() integer overflow
|
CVE-2008-3276 |
|
linux (Ubuntu Feisty)
|
Invalid (unassigned)
|
|
linux-source-2.6.20 (Ubuntu Feisty)
|
Won't fix (unassigned)
|
|
linux-source-2.6.22 (Ubuntu Feisty)
|
Invalid (unassigned)
|
|
Bug #267067: [CVE-2008-2149] wordnet 2.0, 2.1, 3 affected by multiple buffer overflows
|
CVE-2008-2149 |
|
wordnet (Ubuntu Feisty)
|
Fix released (unassigned)
|
|
Bug #271025: Multiple security vulnerabilities
|
CVE-2008-2469 |
|
libspf2 (Ubuntu Feisty)
|
Fix released (unassigned)
|
|
Bug #277110: [CVE-2008-4201] faad2 2.6.1 - Heap-based buffer overflow in the decodeMP4file function and possibly execute arbitrary code via a crafted MPEG-4 (MP4) file
|
CVE-2008-4201 |
|
faad2 (Ubuntu Feisty)
|
Fix released, assigned to Stefan Lesicnik
|
