Bug #46649: Cron not checking setgid return value
|
CVE-2006-2607 |
cron (Ubuntu Jaunty)
|
Fix released, assigned to Jamie Strandboge
|
Bug #125250: Don't recognise USB Pendrive -> sr0: disc change detected.
|
CVE-2007-2876
CVE-2007-3105
CVE-2007-3848
CVE-2007-3851
CVE-2007-4571
CVE-2007-4573
CVE-2007-6282
CVE-2007-6694
CVE-2008-0001
CVE-2008-0007
CVE-2008-0009
CVE-2008-1375
CVE-2008-1615
CVE-2008-1669
CVE-2008-1673
CVE-2008-1675
CVE-2008-2136
CVE-2008-2137
CVE-2008-2148
CVE-2008-2358
CVE-2008-2372
CVE-2008-2750
CVE-2008-2812
CVE-2008-2826
CVE-2008-3272
CVE-2008-3275
CVE-2008-3276
CVE-2008-3525
CVE-2008-3526
CVE-2008-3534
CVE-2008-3535
CVE-2008-3792
CVE-2008-3915
CVE-2008-4113
CVE-2008-4445
CVE-2008-4554
CVE-2008-4576
CVE-2008-4618
CVE-2008-4933
CVE-2008-4934
CVE-2008-5025
CVE-2008-5029
CVE-2008-5033 |
linux (Ubuntu Jaunty)
|
Fix released, assigned to Stefan Bader
|
linux-source-2.6.20 (Ubuntu Jaunty)
|
Invalid (unassigned)
|
Bug #193970: iwl3945 | iwl4965: Wireless can't be activated after disabling kill switch
|
CVE-2009-0028
CVE-2009-0029
CVE-2009-0031
CVE-2009-0065
CVE-2009-0269
CVE-2009-0322
CVE-2009-0605
CVE-2009-0675
CVE-2009-0676
CVE-2009-0745
CVE-2009-0746
CVE-2009-0747
CVE-2009-0748
CVE-2009-0834
CVE-2009-0835
CVE-2009-0859
CVE-2009-1046 |
hal (Ubuntu Jaunty)
|
Invalid (unassigned)
|
linux (Ubuntu Jaunty)
|
Fix released, assigned to Andy Whitcroft
|
linux-backports-modules-2.6.24 (Ubuntu Jaunty)
|
Invalid (unassigned)
|
linux-ubuntu-modules-2.6.24 (Ubuntu Jaunty)
|
Invalid (unassigned)
|
Bug #200897: [moin] [DSA-1514-1] multiple vulnerabilities
|
CVE-2008-0780
CVE-2008-0781
CVE-2008-0782
CVE-2008-1098
CVE-2008-1099
CVE-2009-0260
CVE-2009-0312 |
moin (Ubuntu Jaunty)
|
Invalid (unassigned)
|
Bug #222592: [CVE-2008-1102] Blender imb_loadhdr() buffer overflow
|
CVE-2008-1102
CVE-2008-1103
CVE-2008-4863 |
blender (Ubuntu Jaunty)
|
Invalid (unassigned)
|
Bug #238089: [CVE-2008-2363] Heap overflow in PartsBatch class via .nzb files
|
CVE-2008-2363 |
pan (Ubuntu Jaunty)
|
Fix released (unassigned)
|
Bug #239129: [CVE-2008-0960] Multiple SNMP implementations HMAC authentication spoofing
|
CVE-2008-0960 |
ecos (Ubuntu Jaunty)
|
Invalid (unassigned)
|
net-snmp (Ubuntu Jaunty)
|
Fix released (unassigned)
|
ucd-snmp (Ubuntu Jaunty)
|
Invalid (unassigned)
|
Bug #239513: [SRU] stack smashing detected when calling xmlrpc_set_type
|
CVE-2008-7068
CVE-2009-3291
CVE-2009-3292
CVE-2009-3557
CVE-2009-3558
CVE-2009-4017
CVE-2009-4018 |
php5 (Ubuntu Jaunty)
|
Fix released, assigned to Marc Deslauriers
|
Bug #255651: floppy disk drive not detected (module not loaded) in Intrepid and Jaunty
|
CVE-2009-0028
CVE-2009-0029
CVE-2009-0031
CVE-2009-0065
CVE-2009-0269
CVE-2009-0322
CVE-2009-0605
CVE-2009-0675
CVE-2009-0676
CVE-2009-0745
CVE-2009-0746
CVE-2009-0747
CVE-2009-0748
CVE-2009-0834
CVE-2009-0835
CVE-2009-0859
CVE-2009-1046 |
linux (Ubuntu Jaunty)
|
Fix released, assigned to Andy Whitcroft
|
module-init-tools (Ubuntu Jaunty)
|
Invalid (unassigned)
|
Bug #261721: X never sees brightness key release events on Dell laptops
|
CVE-2009-0028
CVE-2009-0029
CVE-2009-0031
CVE-2009-0065
CVE-2009-0269
CVE-2009-0322
CVE-2009-0605
CVE-2009-0675
CVE-2009-0676
CVE-2009-0745
CVE-2009-0746
CVE-2009-0747
CVE-2009-0748
CVE-2009-0834
CVE-2009-0835
CVE-2009-0859
CVE-2009-1046 |
acpid (Ubuntu Jaunty)
|
Invalid (unassigned)
|
linux (Ubuntu Jaunty)
|
Fix released, assigned to Tim Gardner
|
xorg-server (Ubuntu Jaunty)
|
Invalid (unassigned)
|
Bug #279490: new lighttpd security fixes
|
CVE-2008-1531
CVE-2008-4298
CVE-2008-4359
CVE-2008-4360 |
lighttpd (Ubuntu Jaunty)
|
Fix released (unassigned)
|
Bug #281993: [intrepid] REGRESSION: multimedia keys no longer working
|
CVE-2009-0028
CVE-2009-0029
CVE-2009-0031
CVE-2009-0065
CVE-2009-0269
CVE-2009-0322
CVE-2009-0605
CVE-2009-0675
CVE-2009-0676
CVE-2009-0745
CVE-2009-0746
CVE-2009-0747
CVE-2009-0748
CVE-2009-0834
CVE-2009-0835
CVE-2009-0859
CVE-2009-1046 |
linux (Ubuntu Jaunty)
|
Fix released, assigned to Andy Whitcroft
|
Bug #285156: mdadm RAID10 arrays cannot be rebuilt, will not use available spare drives
|
CVE-2008-5025 |
linux (Ubuntu Jaunty)
|
Fix released, assigned to Stefan Bader
|
mdadm (Ubuntu Jaunty)
|
Invalid (unassigned)
|
Bug #294243: Buffer overflow in CUE image support
|
CVE-2008-5032 |
vlc (Ubuntu Jaunty)
|
Fix released (unassigned)
|
Bug #299627: [CVE-2008-5076] htop does not filter non-printable characters in process names
|
CVE-2008-5076 |
htop (Ubuntu Jaunty)
|
Fix released (unassigned)
|
Bug #304017: Recursive stack overflow in jpeg parsing code
|
CVE-2008-1389
CVE-2008-2713
CVE-2008-3912
CVE-2008-3913
CVE-2008-3914
CVE-2008-5314 |
clamav (Ubuntu Jaunty)
|
Fix released, assigned to Scott Kitterman
|
Bug #305264: gnutls regression: failure in certificate chain validation
|
CVE-2008-4989
CVE-2009-2409 |
gnutls12 (Ubuntu Jaunty)
|
Invalid (unassigned)
|
gnutls13 (Ubuntu Jaunty)
|
Invalid (unassigned)
|
gnutls26 (Ubuntu Jaunty)
|
Fix released, assigned to Jamie Strandboge
|
openldap (Ubuntu Jaunty)
|
Fix released, assigned to Mathias Gug
|
Bug #306536: CVE-2008-2379 insufficient input sanitising
|
CVE-2008-2379
CVE-2008-3663 |
squirrelmail (Ubuntu Jaunty)
|
Fix released (unassigned)
|
Bug #307239: Please backport vlc to 0.9.8a in Intrepid (important security update)
|
CVE-2008-3964
CVE-2008-4654
CVE-2008-4686
CVE-2008-5032
CVE-2008-5036
CVE-2008-5276 |
vlc (Ubuntu Jaunty)
|
Fix released (unassigned)
|
Bug #310949: ProFTPD in Hardy vulnerable to CVE-2008-4242
|
CVE-2008-4242
CVE-2008-4247 |
proftpd-dfsg (Ubuntu Jaunty)
|
Fix released (unassigned)
|
Bug #311932: SD card insertion is not detected on HP EliteBook 6930p
|
CVE-2009-0028
CVE-2009-0029
CVE-2009-0031
CVE-2009-0065
CVE-2009-0269
CVE-2009-0322
CVE-2009-0605
CVE-2009-0675
CVE-2009-0676
CVE-2009-0745
CVE-2009-0746
CVE-2009-0747
CVE-2009-0748
CVE-2009-0834
CVE-2009-0835
CVE-2009-0859
CVE-2009-1046 |
linux (Ubuntu Jaunty)
|
Fix released, assigned to Stefan Bader
|
Bug #314637: debian/{config,postinst} are both broken for dpkg-reconfigure
|
CVE-2010-0209
CVE-2010-1297
CVE-2010-2188
CVE-2010-2213
CVE-2010-2214
CVE-2010-2215
CVE-2010-2216 |
flashplugin-nonfree (Ubuntu Jaunty)
|
Fix released (unassigned)
|
Bug #317181: [CVE-2009-0050] - Lasso 2.2.1 and earlier does not properly check the return value from the OpenSSL DSA_verify function
|
CVE-2009-0050 |
lasso (Ubuntu Jaunty)
|
Fix released, assigned to Stefan Lesicnik
|
Bug #318555: Amarok - integer overflows and unchecked allocation vulnerabilities
|
CVE-2009-0135
CVE-2009-0136 |
amarok (Ubuntu Jaunty)
|
Fix released (unassigned)
|
Bug #319367: security vulnerability in sun java packages
|
CVE-2008-5353 |
sun-java5 (Ubuntu Jaunty)
|
Invalid (unassigned)
|
sun-java6 (Ubuntu Jaunty)
|
Invalid (unassigned)
|
Bug #321474: [Intrepid] Update kernel to Linux 2.6.27.13
|
CVE-2009-0028
CVE-2009-0029
CVE-2009-0031
CVE-2009-0065
CVE-2009-0269
CVE-2009-0322
CVE-2009-0605
CVE-2009-0675
CVE-2009-0676
CVE-2009-0745
CVE-2009-0746
CVE-2009-0747
CVE-2009-0748
CVE-2009-0834
CVE-2009-0835
CVE-2009-0859
CVE-2009-1046 |
linux (Ubuntu Jaunty)
|
Fix released (unassigned)
|
Bug #322961: merge moodle 1.8.2.dfsg-3
|
CVE-2007-3215
CVE-2008-1502
CVE-2008-3326
CVE-2008-4796
CVE-2008-5153
CVE-2008-5432
CVE-2009-0499
CVE-2009-0500
CVE-2009-0501
CVE-2009-0502 |
moodle (Ubuntu Jaunty)
|
Fix released, assigned to LaserJock
|
Bug #323842: Multiple security problems found: [CVE-2008-5249] [CVE-2008-5250] [CVE-2008-5252]
|
CVE-2008-5249
CVE-2008-5250
CVE-2008-5252 |
mediawiki (Ubuntu Jaunty)
|
Invalid (unassigned)
|
Bug #324258: [CVE-2008-5907] libpng: png_check_keyword() in pngwutil.c might allow overwriting arbitrary memory location
|
CVE-2007-5268
CVE-2007-5269
CVE-2008-1382
CVE-2008-3964
CVE-2008-5907
CVE-2009-0040 |
libpng (Ubuntu Jaunty)
|
Fix released, assigned to Jamie Strandboge
|
Bug #326674: Logitech Quickcam E2500 not supported
|
CVE-2009-0829 |
linux (Ubuntu Jaunty)
|
Fix released, assigned to Manoj Iyer
|
Bug #329165: CVE-2009-0363: multiple remote buffer overflows
|
CVE-2009-0363 |
barnowl (Ubuntu Jaunty)
|
Fix released (unassigned)
|
owl (Ubuntu Jaunty)
|
Won't fix (unassigned)
|
Bug #329489: locks on unlinked files leak memory in apparmor
|
CVE-2008-4307
CVE-2008-6107
CVE-2009-0028
CVE-2009-0031
CVE-2009-0065
CVE-2009-0269
CVE-2009-0322
CVE-2009-0605
CVE-2009-0675
CVE-2009-0676
CVE-2009-0745
CVE-2009-0746
CVE-2009-0747
CVE-2009-0748
CVE-2009-0834
CVE-2009-0835
CVE-2009-0859
CVE-2009-1046 |
apparmor (Ubuntu Jaunty)
|
Invalid by Kees Cook
|
linux (Ubuntu Jaunty)
|
Fix released, assigned to Tim Gardner
|
Bug #330192: squid affected by CVE-2009-0478
|
CVE-2009-0478 |
squid (Ubuntu Jaunty)
|
Fix released, assigned to Jamie Strandboge
|
squid3 (Ubuntu Jaunty)
|
Fix released (unassigned)
|
Bug #331410: CVE-2008-6123: not fixed in latest security releases
|
CVE-2008-6123 |
net-snmp (Ubuntu Jaunty)
|
Invalid by Stephan Rügamer
|
Bug #334134: flashplugin-nonfree update needed due to upstream change(APSB09-01)
|
CVE-2009-0114
CVE-2009-0519
CVE-2009-0520
CVE-2009-0521
CVE-2009-0522 |
flashplugin-nonfree (Ubuntu Jaunty)
|
Fix released, assigned to Jamie Strandboge
|
Bug #336396: Wesnoth security fixes
|
CVE-2009-0366
CVE-2009-0367
CVE-2009-0878 |
wesnoth (Ubuntu Jaunty)
|
Invalid (unassigned)
|
Bug #338027: libpng code injection CVE-2009-0040
|
CVE-2007-5268
CVE-2007-5269
CVE-2008-1382
CVE-2008-3964
CVE-2008-5907
CVE-2009-0040 |
libpng (Ubuntu Jaunty)
|
Fix released, assigned to Jamie Strandboge
|
Bug #340863: CVE-2009-0660 Multiple XSS vulnerabilities in Mahara 1.0.9
|
CVE-2009-0660 |
mahara (Ubuntu Jaunty)
|
Fix released (unassigned)
|
Bug #341278: CVE-2009-0781: XSS in tomcat6 and tomcat5.5
|
CVE-2008-5515
CVE-2009-0033
CVE-2009-0580
CVE-2009-0781
CVE-2009-0783 |
tomcat6 (Ubuntu Jaunty)
|
Fix released (unassigned)
|
tomcat5.5 (Ubuntu Jaunty)
|
Won't fix (unassigned)
|
Bug #342790: DoS crash when receiving a certain color code
|
CVE-2009-0661 |
weechat (Ubuntu Jaunty)
|
Fix released (unassigned)
|
Bug #345217: Fix vulnerabilities in channels/chan_ia2x.c
|
CVE-2008-1390
CVE-2008-1897
CVE-2008-1923
CVE-2008-3263
CVE-2008-3264
CVE-2008-3903
CVE-2009-0041
CVE-2009-0871 |
asterisk (Ubuntu Jaunty)
|
Fix released, assigned to Brian Thomason
|
Bug #345544: ecryptfs stores ram contents in plaintext in the container as padding
|
CVE-2009-0787 |
ecryptfs-utils (Ubuntu Jaunty)
|
Fix released (unassigned)
|
linux (Ubuntu Jaunty)
|
Fix released, assigned to Tim Gardner
|
Bug #354793: date returns "invalid date" for some timezone's DST
|
CVE-2009-1300 |
apt (Ubuntu Jaunty)
|
Fix released, assigned to Michael Vogt
|
coreutils (Ubuntu Jaunty)
|
Won't fix (unassigned)
|
Bug #356012: APT does not properly handle expired or revoked key signatures
|
CVE-2009-1358 |
apt (Ubuntu Jaunty)
|
Fix released, assigned to Michael Casadevall
|
Bug #356274: [MASTER] Please update seamonkey to version 2.0*
|
CVE-2009-1307
CVE-2009-1311
CVE-2009-1392
CVE-2009-1832
CVE-2009-1833
CVE-2009-1835
CVE-2009-1836
CVE-2009-1838
CVE-2009-1841 |
seamonkey (Ubuntu Jaunty)
|
Fix released (unassigned)
|
Bug #356861: OpenAFS Security Advisories 2009-001 and 2009-002
|
CVE-2007-1507
CVE-2007-6599
CVE-2009-1250
CVE-2009-1251 |
openafs (Ubuntu Jaunty)
|
Fix released (unassigned)
|
Bug #357024: security hole in /etc/cron.daily/apport
|
CVE-2009-1295 |
apport (Ubuntu Jaunty)
|
Fix released, assigned to Jamie Strandboge
|
Bug #357732: cups always prints with the default page size
|
CVE-2008-5183
CVE-2009-0163
CVE-2009-0164 |
cups (Ubuntu Jaunty)
|
Fix released, assigned to Till Kamppeter
|
ghostscript (Ubuntu Jaunty)
|
Invalid (unassigned)
|
Bug #359407: Jaunty icedtea6-plugin doesn’t work in Firefox 3.5
|
CVE-2009-2409
CVE-2009-3728
CVE-2009-3869
CVE-2009-3871
CVE-2009-3873
CVE-2009-3874
CVE-2009-3875
CVE-2009-3876
CVE-2009-3877
CVE-2009-3879
CVE-2009-3880
CVE-2009-3881
CVE-2009-3882
CVE-2009-3883
CVE-2009-3884
CVE-2009-3885
CVE-2010-0082
CVE-2010-0084
CVE-2010-0085
CVE-2010-0088
CVE-2010-0091
CVE-2010-0092
CVE-2010-0093
CVE-2010-0094
CVE-2010-0095
CVE-2010-0837
CVE-2010-0838
CVE-2010-0840
CVE-2010-0845
CVE-2010-0847
CVE-2010-0848 |
firefox-3.5 (Ubuntu Jaunty)
|
Invalid (unassigned)
|
openjdk-6 (Ubuntu Jaunty)
|
Fix released (unassigned)
|
Bug #361866: FreezeException for cups (CVE-2009-0163)
|
CVE-2009-0163 |
cups (Ubuntu Jaunty)
|
Fix released, assigned to Jamie Strandboge
|
Bug #363904: [CVE-2008-5077] SLURM Security Flaw
|
CVE-2008-5077 |
slurm-llnl (Ubuntu Jaunty)
|
Fix released (unassigned)
|
Bug #364346: CVE-2009-1271: denial of service via segfault (ext/json)
|
CVE-2009-1271 |
php5 (Ubuntu Jaunty)
|
Fix released (unassigned)
|
Bug #370031: Integer signedness error in the store_id3_text function in the ID3v2 code in mpg123 before 1.7.2 allows remote attackers to cause a denial of service (out-of-bounds memory access) and possibly execute arbitrary code
|
CVE-2009-1301 |
mpg123 (Ubuntu Jaunty)
|
Fix released, assigned to Stefan Lesicnik
|
Bug #371651: [Jaunty] Update kernel to Linux 2.6.28.10
|
CVE-2009-1184
CVE-2009-1337 |
linux (Ubuntu Jaunty)
|
Fix released, assigned to Stefan Bader
|
Bug #372757: quagga: Assertion `len < str_size' failed in file bgp_aspath.c, line 619
|
CVE-2009-1572 |
quagga (Ubuntu Jaunty)
|
Fix released, assigned to Kees Cook
|
Bug #375513: Multiple CVEs for Squirrelmail <1.4.17
|
CVE-2009-1578
CVE-2009-1579
CVE-2009-1580
CVE-2009-1581 |
squirrelmail (Ubuntu Jaunty)
|
Fix released (unassigned)
|
Bug #377054: eggdrop/windrop remote crash vulnerability
|
CVE-2007-2807
CVE-2009-1789 |
eggdrop (Ubuntu Jaunty)
|
Fix released (unassigned)
|
Bug #379329: CVE-2008-5161: OpenSSH CBC plaintext recovery
|
CVE-2008-5161 |
openssh (Ubuntu Jaunty)
|
Won't fix (unassigned)
|
Bug #380149: tiff2ps crashed with SIGSEGV in TIFFReadScanline()
|
CVE-2009-2285
CVE-2009-2347 |
tiff (Ubuntu Jaunty)
|
Fix released, assigned to Jamie Strandboge
|
Bug #382215: Update aMule to 2.2.5 ASAP (security issue fixed)
|
CVE-2009-1440 |
amule (Ubuntu Jaunty)
|
Fix released (unassigned)
|
Bug #383300: cyrus-sasl2 buffer overflow vulnerability: CVE-2009-0688
|
CVE-2009-0688 |
cyrus-sasl2 (Ubuntu Jaunty)
|
Fix released, assigned to Kees Cook
|
Bug #383650: leakage in the installer
|
CVE-2009-1296 |
ecryptfs-utils (Ubuntu Jaunty)
|
Fix released, assigned to Dustin Kirkland 
|
Bug #384222: Various security issues fixed in pidgin 2.5.6
|
CVE-2009-1373
CVE-2009-1374
CVE-2009-1375
CVE-2009-1376 |
pidgin (Ubuntu Jaunty)
|
Fix released, assigned to Marc Deslauriers
|
Bug #387073: BUG: unable to handle kernel NULL pointer dereference at 0000000000000228
|
CVE-2009-2908 |
mutt (Ubuntu Jaunty)
|
Invalid (unassigned)
|
ecryptfs-utils (Ubuntu Jaunty)
|
Invalid (unassigned)
|
linux (Ubuntu Jaunty)
|
Fix released (unassigned)
|
Bug #387215: phpMyAdmin: CVE-2009-1151: Arbitrary code execution
|
CVE-2009-1151 |
phpmyadmin (Ubuntu Jaunty)
|
Fix released (unassigned)
|
Bug #390471: Cross-site scripting vulnerabilities
|
CVE-2009-2170
CVE-2009-2171 |
mahara (Ubuntu Jaunty)
|
Fix released (unassigned)
|
Bug #392324: CVE-2009-1285: Insufficient output sanitizing when generating configuration file
|
CVE-2009-1285
CVE-2009-3696
CVE-2009-3697 |
phpmyadmin (Ubuntu Jaunty)
|
Fix released, assigned to Marc Deslauriers
|
Bug #392501: readdir_r smashes stack on long dir entry
|
CVE-2008-1391
CVE-2010-0296
CVE-2010-0830 |
eglibc (Ubuntu Jaunty)
|
Invalid (unassigned)
|
glibc (Ubuntu Jaunty)
|
Fix released (unassigned)
|
Bug #394290: Trac needs security fixes
|
CVE-2008-2951
CVE-2008-3328
CVE-2008-5646
CVE-2008-5647
CVE-2009-4405 |
trac (Ubuntu Jaunty)
|
Fix released (unassigned)
|
Bug #395004: Drupal 6.13 released to fix moderately critical security vulnerability
|
CVE-2009-2372
CVE-2009-2373
CVE-2009-2374 |
drupal6 (Ubuntu Jaunty)
|
Invalid by Scott Testerman
|
Bug #395006: Drupal 5.19 released to fix moderately critical security vulnerability
|
CVE-2009-2374 |
drupal5 (Ubuntu Jaunty)
|
Invalid by Scott Testerman
|
Bug #396306: [CVE-2009-1381] Incomplete fix for CVE-2009-1579
|
CVE-2009-1381
CVE-2009-1579 |
squirrelmail (Ubuntu Jaunty)
|
Fix released (unassigned)
|
Bug #396807: Security issue allows code execution, CVE-2009-1440
|
CVE-2009-1440 |
amule (Ubuntu Jaunty)
|
Fix released (unassigned)
|
Bug #398814: security: anyone can make mapserv read or write arbitrary files
|
CVE-2009-0839
CVE-2009-0840
CVE-2009-0841
CVE-2009-0842
CVE-2009-0843
CVE-2009-2281 |
mapserver (Ubuntu Jaunty)
|
Fix released (unassigned)
|
Bug #403647: compiled without -fno-delete-null-pointer-checks
|
CVE-2009-1389
CVE-2009-1895
CVE-2009-2287
CVE-2009-2406
CVE-2009-2407 |
linux (Ubuntu Jaunty)
|
Fix released, assigned to Stefan Bader
|
linux-source-2.6.15 (Ubuntu Jaunty)
|
Invalid (unassigned)
|
Bug #403957: Variable mismatch in /etc/init.d/pdns-recursor
|
CVE-2009-4009
CVE-2009-4010 |
pdns-recursor (Ubuntu Jaunty)
|
Fix released (unassigned)
|
Bug #406122: BIND Dynamic Update DoS
|
CVE-2009-0696 |
bind9 (Ubuntu Jaunty)
|
Fix released, assigned to Kees Cook
|
Bug #406584: CVE 2009-2287: does not validate the page table root in a KVM_SET_SREGS call
|
CVE-2009-2287 |
kvm (Ubuntu Jaunty)
|
Won't fix (unassigned)
|
Bug #408825: security update micro-release
|
CVE-2009-2659 |
python-django (Ubuntu Jaunty)
|
Fix released (unassigned)
|
Bug #408915: Temporary file vulnerability in iscsi_discovery
|
CVE-2009-1297 |
open-iscsi (Ubuntu Jaunty)
|
Won't fix (unassigned)
|
Bug #409559: version 1.6.0_15 is available
|
CVE-2009-0217
CVE-2009-2475
CVE-2009-2476
CVE-2009-2625
CVE-2009-2670
CVE-2009-2671
CVE-2009-2672
CVE-2009-2673
CVE-2009-2674
CVE-2009-2675
CVE-2009-2676
CVE-2009-2690 |
sun-java6 (Ubuntu Jaunty)
|
Fix released (unassigned)
|
Bug #410171: pam-auth-update does not prohibit selecting an empty set of modules
|
CVE-2009-0887
CVE-2009-3232 |
pam (Ubuntu Jaunty)
|
Fix released, assigned to Kees Cook
|
Bug #413136: gnutls vulnerable to CVE-2009-2730
|
CVE-2009-2730 |
gnutls26 (Ubuntu Jaunty)
|
Fix released, assigned to Jamie Strandboge
|
gnutls13 (Ubuntu Jaunty)
|
Invalid (unassigned)
|
gnutls12 (Ubuntu Jaunty)
|
Invalid (unassigned)
|
Bug #413656: Local root exploit via CVE-2009-2692 (incorrect proto_ops initializations)
|
CVE-2009-1895
CVE-2009-2692
CVE-2009-2962 |
linux (Ubuntu Jaunty)
|
Fix released (unassigned)
|
linux-source-2.6.15 (Ubuntu Jaunty)
|
Invalid (unassigned)
|
Bug #418135: Permissions of symlinked source file/folder set to 777 if symlink is copied via nautilus
|
CVE-2009-3289 |
glib2.0 (Ubuntu Jaunty)
|
Fix released, assigned to Martin Erik Werner
|
Bug #420426: sun-java6 6b16 update for karmic, hardy and jaunty
|
CVE-2009-0217
CVE-2009-2475
CVE-2009-2476
CVE-2009-2625
CVE-2009-2670
CVE-2009-2671
CVE-2009-2672
CVE-2009-2673
CVE-2009-2674
CVE-2009-2675
CVE-2009-2676
CVE-2009-2690
CVE-2009-3867
CVE-2009-3868
CVE-2009-3869
CVE-2009-3871
CVE-2009-3872
CVE-2009-3873
CVE-2009-3874
CVE-2009-3875
CVE-2009-3876
CVE-2009-3877 |
sun-java6 (Ubuntu Jaunty)
|
Fix released (unassigned)
|
Bug #423565: Format string vulnerability
|
CVE-2009-3051 |
silc-client (Ubuntu Jaunty)
|
Invalid (unassigned)
|
silc-toolkit (Ubuntu Jaunty)
|
Won't fix (unassigned)
|
silc-server (Ubuntu Jaunty)
|
Invalid (unassigned)
|
Bug #425988: all versions of rails are vunerable to CVE-2009-3009
|
CVE-2009-3009
CVE-2009-3086 |
rails (Ubuntu Jaunty)
|
Won't fix (unassigned)
|
Bug #428183: Directory traversal vulnerability
|
CVE-2009-1760 |
libtorrent-rasterbar (Ubuntu Jaunty)
|
Won't fix (unassigned)
|
Bug #430544: New security/bug fix microreleases: 8.1.18, 8.3.8
|
CVE-2007-6600 |
postgresql-8.3 (Ubuntu Jaunty)
|
Fix released, assigned to Martin Pitt
|
postgresql-8.1 (Ubuntu Jaunty)
|
Invalid (unassigned)
|
Bug #431080: Fix critical security issues in drupal packages
|
CVE-2008-6171
CVE-2008-6532
CVE-2008-6533
CVE-2009-1576
CVE-2009-2372
CVE-2009-2373
CVE-2009-2374
CVE-2009-4370 |
drupal5 (Ubuntu Jaunty)
|
Fix released (unassigned)
|
drupal6 (Ubuntu Jaunty)
|
Fix released (unassigned)
|
Bug #446838: Multiple cross-site request forgery (CSRF) vulnerabilities in SquirrelMail 1.4.19 and earlier
|
CVE-2009-2964 |
squirrelmail (Ubuntu Jaunty)
|
Fix released (unassigned)
|
Bug #447617: DoS attack on Django 1.0.x and 1.1.x disclosed
|
CVE-2009-3695 |
python-django (Ubuntu Jaunty)
|
Fix released, assigned to Krzysztof Klimonda
|
Bug #463082: privilege escalation for institution admins CVE-2009-3298
|
CVE-2009-3298
CVE-2009-3299 |
mahara (Ubuntu Jaunty)
|
Fix released (unassigned)
|
Bug #463083: cross-site scripting vulnerability in resume blocktype CVE-2009-3299
|
CVE-2009-3298
CVE-2009-3299 |
mahara (Ubuntu Jaunty)
|
Fix released (unassigned)
|
Bug #467981: Integer overflow in the wxImage::Create function
|
CVE-2009-2369 |
wxwidgets2.6 (Ubuntu Jaunty)
|
Fix released (unassigned)
|
Bug #472845: wrong metric for Chinese font in OpenJDK applications
|
CVE-2009-2409
CVE-2009-3728
CVE-2009-3869
CVE-2009-3871
CVE-2009-3873
CVE-2009-3874
CVE-2009-3875
CVE-2009-3876
CVE-2009-3877
CVE-2009-3879
CVE-2009-3880
CVE-2009-3881
CVE-2009-3882
CVE-2009-3883
CVE-2009-3884
CVE-2009-3885
CVE-2010-0082
CVE-2010-0084
CVE-2010-0085
CVE-2010-0088
CVE-2010-0091
CVE-2010-0092
CVE-2010-0093
CVE-2010-0094
CVE-2010-0095
CVE-2010-0837
CVE-2010-0838
CVE-2010-0840
CVE-2010-0845
CVE-2010-0847
CVE-2010-0848 |
openjdk-6 (Ubuntu Jaunty)
|
Fix released (unassigned)
|
Bug #473707: Please update clamav to 0.95.3
|
CVE-2006-2406 |
clamav (Ubuntu Jaunty)
|
Fix released, assigned to Scott Kitterman
|
Bug #485556: inotify oops with wd == 4096
|
CVE-2009-4537
CVE-2010-0298
CVE-2010-0306
CVE-2010-0419
CVE-2010-0437
CVE-2010-0727
CVE-2010-0741
CVE-2010-1083
CVE-2010-1084
CVE-2010-1085
CVE-2010-1086
CVE-2010-1087
CVE-2010-1088
CVE-2010-1146
CVE-2010-1148
CVE-2010-1162
CVE-2010-1187 |
linux (Ubuntu Jaunty)
|
Fix released (unassigned)
|
Bug #485973: php5-cgi: IMAP toolkit crash
|
CVE-2008-2829 |
php-imap (Ubuntu Jaunty)
|
Fix released, assigned to Devid Antonio Filoni
|
Bug #491637: SIP responses expose valid usernames
|
CVE-2009-3723
CVE-2009-3727
CVE-2009-4055 |
asterisk (Ubuntu Jaunty)
|
Won't fix (unassigned)
|
Bug #496923: Security/bug fix release: 8.4.2, 8.3.9, 8.1.19
|
CVE-2009-4034
CVE-2009-4136 |
postgresql-8.4 (Ubuntu Jaunty)
|
Invalid (unassigned)
|
postgresql-8.3 (Ubuntu Jaunty)
|
Fix released, assigned to Jamie Strandboge
|
postgresql-8.1 (Ubuntu Jaunty)
|
Invalid (unassigned)
|
Bug #499425: getpwnam shows shadow passwords of NIS users
|
CVE-2010-0015 |
eglibc (Ubuntu Jaunty)
|
Won't fix (unassigned)
|
Bug #500625: Local file overwriting due to directory traversal
|
CVE-2010-0012 |
transmission (Ubuntu Jaunty)
|
Fix released, assigned to Jamie Strandboge
|
Bug #502987: PowerDNS Recursor Critical Security Issue - PDNS-2010-01
|
CVE-2009-4009
CVE-2009-4010 |
pdns-recursor (Ubuntu Jaunty)
|
Fix released (unassigned)
|
Bug #503725: CVE-2009-4007 (DoS of OpenTTD < 0.7.5)
|
CVE-2009-4007 |
openttd (Ubuntu Jaunty)
|
Won't fix (unassigned)
|
Bug #507939: CVE-2009-4012: arbitrary code execution
|
CVE-2009-4012 |
libthai (Ubuntu Jaunty)
|
Fix released (unassigned)
|
Bug #508738: proftpd sql injection
|
CVE-2009-0542
CVE-2009-0543
CVE-2009-3639 |
proftpd-dfsg (Ubuntu Jaunty)
|
Fix released (unassigned)
|
Bug #510421: Drupal 6.15 - Security patches released
|
CVE-2009-4369
CVE-2009-4370
CVE-2009-4371 |
drupal6 (Ubuntu Jaunty)
|
Fix released (unassigned)
|
drupal5 (Ubuntu Jaunty)
|
Fix released (unassigned)
|
Bug #511189: security update missed
|
CVE-2009-4427 |
phpldapadmin (Ubuntu Jaunty)
|
Fix released, assigned to Brian Thomason
|
Bug #518226: DSA-1980-1 fix not in lucid, or karmic
|
CVE-2009-4016 |
ircd-hybrid (Ubuntu Jaunty)
|
Fix released (unassigned)
|
Bug #521659: New upstream 1.4.26, fixes CVE-2010-0295
|
CVE-2008-4359
CVE-2010-0295 |
lighttpd (Ubuntu Jaunty)
|
Won't fix (unassigned)
|
Bug #522093: flashplugin-installer security update request
|
CVE-2010-0186
CVE-2010-0187 |
flashplugin-nonfree (Ubuntu Jaunty)
|
Fix released (unassigned)
|
Bug #523473: CVE-2010-0438 Multiple SQL injection vulnerabilities
|
CVE-2010-0438 |
otrs2 (Ubuntu Jaunty)
|
Won't fix (unassigned)
|
Bug #527033: CVE-2008-5824 audiofile denial of service (application crash) or possibly execute arbitrary code via a crafted WAV file
|
CVE-2008-5824 |
audiofile (Ubuntu Jaunty)
|
Fix released (unassigned)
|
Bug #531569: Emacs movemail race condition
|
CVE-2010-0825 |
emacs21 (Ubuntu Jaunty)
|
Won't fix (unassigned)
|
emacs22 (Ubuntu Jaunty)
|
Fix released (unassigned)
|
emacs23 (Ubuntu Jaunty)
|
Invalid (unassigned)
|
Bug #531976: libnss_db reads a DB_CONFIG file in the current directory
|
CVE-2010-0826 |
libnss-db (Ubuntu Jaunty)
|
Fix released, assigned to Kees Cook
|
Bug #532445: Arbitrary diff application hole in upload processor
|
CVE-2010-0396 |
dpkg (Ubuntu Jaunty)
|
Fix released, assigned to Kees Cook
|
Bug #532852: pkexec information disclosure vulnerability
|
CVE-2010-0750 |
policykit-1 (Ubuntu Jaunty)
|
Invalid (unassigned)
|
Bug #535090: CVE-2008-2371 (outer level option with alternatives caused crash)
|
CVE-2008-2371 |
erlang (Ubuntu Jaunty)
|
Fix released (unassigned)
|
Bug #537297: security backports
|
CVE-2009-4631
CVE-2009-4632
CVE-2009-4633
CVE-2009-4634
CVE-2009-4635
CVE-2009-4636
CVE-2009-4637
CVE-2009-4638
CVE-2009-4640 |
ffmpeg (Ubuntu Jaunty)
|
Won't fix (unassigned)
|
Bug #537974: 1.15.2 security update released; CSS validation issue
|
CVE-2009-0737 |
mediawiki (Ubuntu Jaunty)
|
Fix released (unassigned)
|
Bug #538022: XSS in Despam action
|
CVE-2010-0828 |
moin (Ubuntu Jaunty)
|
Fix released, assigned to Jamie Strandboge
|
Bug #539056: backport security fixes from 6.19 and 5.23
|
CVE-2010-3091
CVE-2010-3092
CVE-2010-3093
CVE-2010-3094
CVE-2010-3685
CVE-2010-3686 |
drupal5 (Ubuntu Jaunty)
|
Won't fix (unassigned)
|
drupal6 (Ubuntu Jaunty)
|
Won't fix (unassigned)
|
Bug #540575: Directory traversal vulnerabilities
|
CVE-2006-3619
CVE-2010-0831 |
fastjar (Ubuntu Jaunty)
|
Fix released (unassigned)
|
Bug #542197: Memory corruption in ld.so
|
CVE-2008-1391
CVE-2010-0296
CVE-2010-0830 |
glibc (Ubuntu Jaunty)
|
Fix released (unassigned)
|
eglibc (Ubuntu Jaunty)
|
Invalid (unassigned)
|
Bug #551193: typo in mod() macro leads to 3rd-party controllable Xorg crash/exploit
|
CVE-2009-1573
CVE-2010-1166 |
xorg-server (Ubuntu Jaunty)
|
Fix released (unassigned)
|
Bug #553266: Update for clamav security fixes from 0.96 release
|
CVE-2010-0098 |
clamav (Ubuntu Jaunty)
|
Fix released, assigned to Jamie Strandboge
|
Bug #556369: SQL injection in username field
|
CVE-2010-0400 |
mahara (Ubuntu Jaunty)
|
Fix released (unassigned)
|
Bug #557159: 1.15.3 security release: CSRF login vulnerability
|
CVE-2010-1150 |
mediawiki (Ubuntu Jaunty)
|
Fix released (unassigned)
|
Bug #557408: New upstream microreleases: 8.4.3, 8.3.10, 8.1.20
|
CVE-2009-3555
CVE-2010-0442 |
postgresql-8.4 (Ubuntu Jaunty)
|
Invalid (unassigned)
|
postgresql-8.3 (Ubuntu Jaunty)
|
Fix released, assigned to Martin Pitt
|
postgresql-8.1 (Ubuntu Jaunty)
|
Invalid (unassigned)
|
Bug #562440: [CVE-2010-0436] KDM Local Privilege Escalation Vulnerability
|
CVE-2010-0436 |
kdebase-workspace (Ubuntu Jaunty)
|
Fix released, assigned to Jamie Strandboge
|
Bug #569292: opiepasswd does not always generate valid seeds
|
CVE-2010-1938 |
opie (Ubuntu Jaunty)
|
Fix released (unassigned)
|
Bug #574809: Symlink attacks possible with pmount
|
CVE-2010-2192 |
pmount (Ubuntu Jaunty)
|
Fix released (unassigned)
|
Bug #578856: security bug in kget
|
CVE-2010-1000 |
kdenetwork (Ubuntu Jaunty)
|
Fix released, assigned to Jonathan Riddell
|
Bug #585274: Buffer overrun in encode_string
|
CVE-2010-1666 |
python-cjson (Ubuntu Jaunty)
|
Fix released (unassigned)
|
Bug #586773: CSRF and XSS vulnerability; new version 1.15.4 released
|
CVE-2010-1647
CVE-2010-1648 |
mediawiki (Ubuntu Jaunty)
|
Fix released, assigned to Andreas Wenning
|
Bug #588928: Circumvention of sudo's secure path option
|
CVE-2010-0426
CVE-2010-1163
CVE-2010-1646 |
sudo (Ubuntu Jaunty)
|
Fix released, assigned to Jamie Strandboge
|
Bug #598077: CVE-2010-1637 Mail fetch plugin can be used as proxy for port scan
|
CVE-2010-1637 |
squirrelmail (Ubuntu Jaunty)
|
Fix released (unassigned)
|
Bug #599892: [Security] cacti - CVE-2009-4032, CVE-2010-1431, and CVE-2010-2092
|
CVE-2009-4032
CVE-2009-4112
CVE-2010-1431
CVE-2010-1644
CVE-2010-1645
CVE-2010-2092
CVE-2010-2543
CVE-2010-2544
CVE-2010-2545 |
cacti (Ubuntu Jaunty)
|
Won't fix, assigned to Brian Thomason
|
Bug #601702: CVE-2010-2451, CVE-2010-2452 Multiple vulnerabilities in DCC
|
CVE-2010-2451
CVE-2010-2452 |
kvirc (Ubuntu Jaunty)
|
Fix released (unassigned)
|
Bug #602772: Sync mahara 1.2.5-1 (universe) from Debian unstable (main)
|
CVE-2010-1667
CVE-2010-1668
CVE-2010-1669
CVE-2010-1670
CVE-2010-2479 |
mahara (Ubuntu Jaunty)
|
Fix released (unassigned)
|
Bug #603657: [Security] pcsc-lite buffer overflows - CVE-2010-0407
|
CVE-2010-0407 |
pcsc-lite (Ubuntu Jaunty)
|
Fix released, assigned to Brian Thomason
|
Bug #603689: [Security] devil - Fix buffer overflows
|
CVE-2008-5262
CVE-2009-3994 |
devil (Ubuntu Jaunty)
|
Invalid (unassigned)
|
Bug #603703: [Security] opensc OpenSC stores private data without proper access restrictions - CVE-2009-0368
|
CVE-2009-0368 |
opensc (Ubuntu Jaunty)
|
Fix released (unassigned)
|
Bug #603740: [CVE-2010-1190] Data leakage vulnerability in thumb.php
|
CVE-2010-1190 |
mediawiki (Ubuntu Jaunty)
|
Fix released (unassigned)
|
Bug #616510: Insufficient validation of ID3v2 tags
|
CVE-2010-2937 |
vlc (Ubuntu Jaunty)
|
Won't fix (unassigned)
|
Bug #616759: CVE-2009-3555 tracking bug
|
CVE-2009-3555 |
apache2 (Ubuntu Jaunty)
|
Fix released, assigned to Marc Deslauriers
|
openssl (Ubuntu Jaunty)
|
Fix released, assigned to Marc Deslauriers
|
Bug #617019: FreeType security fixes in 2.4.2
|
CVE-2010-1797
CVE-2010-2541
CVE-2010-2805
CVE-2010-2806
CVE-2010-2807
CVE-2010-2808 |
freetype (Ubuntu Jaunty)
|
Fix released (unassigned)
|
Bug #617489: [Security] mapserver DoS vuln and CGI arg passing vuln
|
CVE-2010-2539
CVE-2010-2540 |
mapserver (Ubuntu Jaunty)
|
Fix released, assigned to Brian Thomason
|
Bug #642518: [MASTER] package fglrx 2:8.723.1-0ubuntu4 failed to install/upgrade: Kernel fix for CVE-2010-3081 breaks fglrx
|
CVE-2010-3081 |
fglrx-installer (Ubuntu Jaunty)
|
Fix released, assigned to Alberto Milone
|
linux-restricted-modules-envy-2.6.24 (Ubuntu Jaunty)
|
Invalid (unassigned)
|
linux-restricted-modules-2.6.24 (Ubuntu Jaunty)
|
Invalid (unassigned)
|
Bug #643682: DoS due to PDF parsing issues
|
CVE-2010-0405
CVE-2010-1639
CVE-2010-1640 |
clamav (Ubuntu Jaunty)
|
Fix released (unassigned)
|
Bug #643811: Update flashplugin-installer for CVE-2010-2884
|
CVE-2010-2884 |
adobe-flashplugin (Ubuntu Jaunty)
|
Fix released (unassigned)
|
flashplugin-nonfree (Ubuntu Jaunty)
|
Fix released (unassigned)
|
Bug #646114: mlock on stack will create guard page gap
|
CVE-2009-4895
CVE-2010-0435
CVE-2010-2066
CVE-2010-2226
CVE-2010-2248
CVE-2010-2478
CVE-2010-2495
CVE-2010-2521
CVE-2010-2524
CVE-2010-2798
CVE-2010-2942
CVE-2010-2943
CVE-2010-2946
CVE-2010-2954
CVE-2010-2955
CVE-2010-2960
CVE-2010-2962
CVE-2010-2963
CVE-2010-3015
CVE-2010-3067
CVE-2010-3078
CVE-2010-3080
CVE-2010-3081
CVE-2010-3084
CVE-2010-3301
CVE-2010-3310
CVE-2010-3432
CVE-2010-3437
CVE-2010-3442
CVE-2010-3477
CVE-2010-3705
CVE-2010-3848
CVE-2010-3849
CVE-2010-3850
CVE-2010-3861
CVE-2010-3865
CVE-2010-3875
CVE-2010-3876
CVE-2010-3877
CVE-2010-3880
CVE-2010-3904
CVE-2010-4072
CVE-2010-4073
CVE-2010-4076
CVE-2010-4077
CVE-2010-4158
CVE-2010-4163
CVE-2010-4165
CVE-2010-4169
CVE-2010-4175 |
linux (Ubuntu Jaunty)
|
Fix released (unassigned)
|
linux-mvl-dove (Ubuntu Jaunty)
|
Invalid (unassigned)
|
Bug #655293: New security/bug fix releases: 8.4.5, 8.3.12, 8.1.22
|
CVE-2010-3433 |
postgresql-8.4 (Ubuntu Jaunty)
|
Invalid (unassigned)
|
postgresql-8.3 (Ubuntu Jaunty)
|
Fix released, assigned to Martin Pitt
|
postgresql-8.1 (Ubuntu Jaunty)
|
Invalid (unassigned)
|
Bug #655884: CVE-2009-3245 not fixed for 8.04LTS
|
CVE-2009-3245
CVE-2010-2939 |
openssl (Ubuntu Jaunty)
|
Fix released (unassigned)
|