| 16461 |
hornetq new security issue CVE-2015-3208 |
Nicolas Lécureuil |
7 |
|
2015-07-24 |
66 |
Bugzilla |
| 19800 |
dracut new security issue CVE-2016-4484 |
Mageia tools maintainers |
Cauldron, 7, 8 |
Should be mitigated by the installer |
2016-11-16 |
49 |
Bugzilla |
| 21999 |
hadoop new security issues CVE-2016-6811, CVE-2017-3166, CVE-2017-1571[38], CVE-2018-1296, CVE-2018-[...] |
Nicolas Lécureuil |
7 |
Fixed upstream in 2.10.1 |
2017-11-09 |
35 |
Bugzilla |
| 22029 |
cxf new security issue CVE-2017-12624 (and possibly several older ones) |
Nicolas Lécureuil |
7 |
Fixed upstream in 3.1.14 |
2017-11-15 |
108 |
Bugzilla |
| 22697 |
solr3 new security issues CVE-2017-3163, CVE-2017-3164, CVE-2017-12629, CVE-2018-1308, CVE-2018-1180[...] |
Java Stack Maintainers |
7 |
Patches available from Debian |
2018-03-03 |
66 |
Bugzilla |
| 22954 |
tika new security issues CVE-2018-133[589], CVE-2018-8017, CVE-2018-1176[12], CVE-2018-11796, CVE-20[...] |
Java Stack Maintainers |
7 |
Fixed upstream in 1.24 |
2018-04-26 |
48 |
Bugzilla |
| 22955 |
uimaj new security issue CVE-2017-15691 |
Java Stack Maintainers |
7 |
Fixed upstream in 2.10.2 |
2018-04-27 |
65 |
Bugzilla |
| 23003 |
derby new security issue CVE-2018-1313 |
Java Stack Maintainers |
7 |
Fixed upstream in 10.14.2.0 |
2018-05-08 |
65 |
Bugzilla |
| 23074 |
zookeeper new security issues CVE-2018-8012 and CVE-2019-0201 |
Java Stack Maintainers |
7 |
Patches available from Debian |
2018-05-23 |
65 |
Bugzilla |
| 23249 |
cxf new security issues CVE-2018-8039, CVE-2019-12406, CVE-2019-12419, CVE-2019-12423, CVE-2019-1757[...] |
Java Stack Maintainers |
7 |
Fixed upstream in 3.3.8 |
2018-06-29 |
108 |
Bugzilla |
| 23251 |
pdfbox new security issues CVE-2018-8036, CVE-2018-11797, and CVE-2019-0228 |
Java Stack Maintainers |
7 |
Fixed upstream in 2.0.16 |
2018-06-29 |
69 |
Bugzilla |
| 23724 |
hibernate-validator new security issues CVE-2017-7536 and CVE-2020-10693 |
Java Stack Maintainers |
7 |
|
2018-10-17 |
124 |
Bugzilla |
| 23799 |
u-boot new security issues CVE-2018-18439, CVE-2018-18440 |
Olivier Blin |
7 |
Fixed upstream in 2019.04 |
2018-11-02 |
65 |
Bugzilla |
| 23859 |
qpid-proton-java new security issues CVE-2018-17187 and CVE-2019-0223 |
Java Stack Maintainers |
7 |
Fixed upstream in 0.30.0 |
2018-11-19 |
66 |
Bugzilla |
| 23973 |
scala new security issue CVE-2017-15288 |
Java Stack Maintainers |
7 |
Fixed upstream in 2.10.7 |
2018-12-08 |
55 |
Bugzilla |
| 23975 |
springframework new security issues CVE-2018-1257 and CVE-2020-5421 |
Java Stack Maintainers |
7 |
|
2018-12-08 |
68 |
Bugzilla |
| 23976 |
springframework-data-commons new security issue CVE-2018-1273 |
Java Stack Maintainers |
7 |
|
2018-12-08 |
66 |
Bugzilla |
| 24107 |
dcraw new security issues CVE-2018-1956[5-8] |
All Packagers |
Cauldron, 7, 8 |
No fix available as of end of 2020 |
2019-01-01 |
63 |
|
| 24174 |
thrift new security issues CVE-2018-1320 and CVE-2018-11798 |
Java Stack Maintainers |
7 |
Fixed upstream in 0.12.0 |
2019-01-13 |
11 |
Bugzilla |
| 24509 |
guacd new security issue CVE-2018-1340 |
Nicolas Lécureuil |
7 |
Fixed upstream in 1.0.0 |
2019-03-13 |
15 |
Bugzilla |
| 24668 |
apache-mina new security issue CVE-2019-0231 |
Java Stack Maintainers |
7 |
Fixed upstream in 2.0.21 |
2019-04-15 |
66 |
Bugzilla |
| 24817 |
resteasy new security issue CVE-2016-6346 |
Java Stack Maintainers |
Cauldron, 7, 8 |
Fixed upstream in 3.5.1 |
2019-05-14 |
57 |
Bugzilla |
| 24899 |
python-django new security issues CVE-2019-12308, CVE-2019-12781, CVE-2019-1423[2-5], CVE-2019-19118[...] |
Nicolas Lécureuil |
7 |
Needs 5+ more patches to be added |
2019-06-04 |
4 |
Bugzilla |
| 25112 |
libosinfo new security issue CVE-2019-13313 |
Nicolas Lécureuil |
7 |
|
2019-07-12 |
276 |
Bugzilla |
| 25266 |
jackson-databind new security issues CVE-2019-12086, CVE-2019-12384, CVE-2019-12814, CVE-2019-14379,[...] |
Java Stack Maintainers |
7 |
Fixed upstream in 2.10.5.1 |
2019-08-11 |
3 |
Bugzilla |
| 25599 |
apache-poi new security issue CVE-2019-12415 |
Java Stack Maintainers |
7 |
Fixed upstream in 4.1.1 |
2019-10-23 |
65 |
Bugzilla |
| 25799 |
u-boot new security issues CVE-2019-1310[3-6] |
Olivier Blin |
7 |
Patches available from upstream |
2019-12-03 |
55 |
Bugzilla |
| 25959 |
koji new security issue CVE-2019-17109 |
Neal Gompa |
7 |
Fixed upstream in 1.18.1 |
2019-12-26 |
64 |
Bugzilla |
| 25965 |
ruby-rubyzip new security issue CVE-2019-16892 |
All Packagers |
7 |
Fixed upstream in 1.3.0 |
2019-12-27 |
282 |
Bugzilla |
| 25970 |
rabbitmq-server new security issues CVE-2019-1128[17] |
Nicolas Lécureuil |
7 |
Fixed upstream in 3.7.21 |
2019-12-27 |
182 |
Bugzilla |
| 25971 |
librabbitmq new security issue CVE-2019-18609 |
Nicolas Lécureuil |
7 |
Fixed upstream in 0.10.0 |
2019-12-27 |
117 |
Bugzilla |
| 26019 |
netty, netty3 new security issues CVE-2019-16869, CVE-2019-20444, CVE-2019-20445, CVE-2020-7238, CVE[...] |
Java Stack Maintainers |
7 |
Fixed upstream in 4.1.59 |
2020-01-05 |
4 |
Bugzilla |
| 26066 |
virglrenderer new security issues CVE-2019-1838[89] and CVE-2019-1839[01] |
Nicolas Lécureuil |
7 |
Fixes available in upstream git |
2020-01-13 |
282 |
Bugzilla |
| 26080 |
mysql-workbench new security issues CVE-2019-16168, CVE-2020-1730, CVE-2020-1967 |
All Packagers |
7 |
Fixed upstream in 8.0.22 |
2020-01-15 |
124 |
Bugzilla |
| 26147 |
aws-cli new security issue CVE-2018-15869 |
Buchan Milne |
7 |
Fixed upstream in 1.16.297 |
2020-01-29 |
65 |
Bugzilla |
| 26213 |
ksh new security issue CVE-2019-14868 |
Stig-Ørjan Smelror |
7 |
Patch available from Fedora |
2020-02-18 |
0 |
Bugzilla |
| 26270 |
sqlite3 new security issues CVE-2019-1992[3-5], CVE-2019-19959, CVE-2019-20218, CVE-2020-6405, CVE-2[...] |
Thierry Vignaud |
7 |
Patches available from Google and Ubuntu |
2020-02-27 |
118 |
Bugzilla |
| 26273 |
pycharm-community new security issue CVE-2019-14958 |
Stig-Ørjan Smelror |
7 |
Fixed upstream in 2019.2, needs to be built from source rather than shipping pre-built binaries |
2020-02-29 |
64 |
Bugzilla |
| 26358 |
u-boot new security issues CVE-2020-8432 and CVE-2020-10648 |
Olivier Blin |
7 |
Patches proposed upstream |
2020-03-18 |
55 |
Bugzilla |
| 26481 |
quartz new security issue CVE-2019-13990 |
Java Stack Maintainers |
7 |
|
2020-04-14 |
65 |
Bugzilla |
| 26521 |
mysql-workbench new security issues CVE-2019-14889, CVE-2019-15601, CVE-2019-19646 |
All Packagers |
7 |
|
2020-04-21 |
66 |
Bugzilla |
| 26530 |
puppet new security issues CVE-2018-11751 and CVE-2020-794[23] |
All Packagers |
7 |
Fixed upstream in 6.13.0 |
2020-04-23 |
62 |
Bugzilla |
| 26541 |
log4j, log4j12 new security issue CVE-2020-9488 |
Java Stack Maintainers |
7 |
Fixed upstream in 2.13.2, log4j12 also needs to be patched |
2020-04-26 |
65 |
Bugzilla |
| 26549 |
re2c new infinite loop security issue (CVE-2018-21232) |
All Packagers |
Cauldron, 7, 8 |
Apparently not fully fixed upstream as of 2.0.3 |
2020-04-27 |
64 |
Bugzilla |
| 26556 |
snakeyaml new security issue CVE-2017-18640 |
Java Stack Maintainers |
7 |
Fixed upstream in 1.26 |
2020-04-28 |
282 |
Bugzilla |
| 26629 |
python-beaker new security issue due to deserialization of untrusted data CVE-2013-7489 |
Philippe Makowski |
Cauldron, 7, 8 |
No fix available as of end of 2020 |
2020-05-15 |
63 |
Bugzilla |
| 26658 |
trousers new security issues in tscd (CVE-2020-2433[0-2]) |
Nicolas Lécureuil |
7 |
Needs change to tcsd.conf from Fedora |
2020-05-21 |
64 |
Bugzilla |
| 26756 |
sympa new security issues CVE-2020-10936, CVE-2020-26880, and CVE-2020-29668 |
All Packagers |
7 |
Fixed upstream in 6.2.60 |
2020-06-09 |
41 |
Bugzilla |
| 26800 |
batik new security issue CVE-2019-17566 |
Java Stack Maintainers |
7 |
Fixed upstream in 1.13 |
2020-06-15 |
1 |
Bugzilla |
| 26854 |
fwupd new security issue CVE-2020-10759 |
Thierry Vignaud |
7 |
Patch available from upstream and Fedora |
2020-06-24 |
64 |
Bugzilla |
| 27018 |
grub2 new security issues CVE-2020-10713, CVE-2020-1430[89], CVE-2020-1431[01], CVE-2020-1570[5-7] |
All Packagers |
Cauldron, 7, 8 |
Fixed upstream in git |
2020-07-29 |
0 |
Bugzilla |
| 27034 |
net-snmp new security issues CVE-2019-20892, CVE-2020-15861, and CVE-2020-15862 |
All Packagers |
7 |
snmpd fails looking for /dev/kmem |
2020-08-04 |
41 |
Bugzilla |
| 27043 |
systemd new security issue CVE-2020-13776 |
Stig-Ørjan Smelror |
7 |
Patches available from upstream |
2020-08-05 |
64 |
Bugzilla |
| 27108 |
libcroco new security issue CVE-2020-12825 (and others unfixed due to it being unmaintained) |
All Packagers |
7 |
inkscape and cinnamon need to be patched |
2020-08-14 |
65 |
Bugzilla |
| 27126 |
flatpak new security issue fixed upstream in 1.8.5 (CVE-2021-21261) |
Neal Gompa |
7 |
Fixed upstream in 1.8.5 |
2020-08-17 |
5 |
Bugzilla |
| 27131 |
Possible missing security fixes in several libraries used by PHP modules |
All Packagers |
7 |
|
2020-08-18 |
52 |
|
| 27167 |
htmlunit new security issue CVE-2020-5529 |
Java Stack Maintainers |
7 |
Patch available from Debian and Ubuntu |
2020-08-21 |
64 |
Bugzilla |
| 27171 |
perl-PlRPC new security issue CVE-2013-7284 |
All Packagers |
7 |
Not fixed upstream as of end of 2020 |
2020-08-21 |
59 |
Bugzilla |
| 27200 |
guile1.8 missing fixes for CVE-2016-8605 and CVE-2016-8606 |
All Packagers |
7 |
Patch available in Cauldron |
2020-08-26 |
64 |
Bugzilla |
| 27212 |
mongodb new security issue CVE-2020-7923 |
Joseph Wang |
7 |
Patches available from upstream and Debian |
2020-08-27 |
64 |
Bugzilla |
| 27218 |
qtbase5 new security issue CVE-2020-13962 |
KDE maintainers |
7 |
Patch available from openSUSE |
2020-08-28 |
64 |
Bugzilla |
| 27231 |
filezilla new security issue CVE-2020-14002 due to bundled PuTTY |
David GEIGER |
7 |
|
2020-08-31 |
183 |
Bugzilla |
| 27232 |
neomutt new security issues CVE-2020-14093, CVE-2020-14154, CVE-2020-14954, CVE-2020-28896 |
Stig-Ørjan Smelror |
7 |
Fixed upstream in 20201120 |
2020-08-31 |
64 |
Bugzilla |
| 27303 |
gnome-shell new security issue CVE-2020-17489 |
GNOME maintainers |
7 |
Patch available from upstream and openSUSE |
2020-09-22 |
64 |
Bugzilla |
| 27329 |
libraw new security issue CVE-2020-24890 |
All Packagers |
7 |
|
2020-09-26 |
153 |
Bugzilla |
| 27386 |
ant new security issue CVE-2020-11979 |
Java Stack Maintainers |
7 |
Fixed upstream in 1.10.9 |
2020-10-11 |
88 |
Bugzilla |
| 27389 |
httpcomponents-client new security issue CVE-2020-13956 |
Java Stack Maintainers |
7 |
jakarta-commons-httpclient also needs to be addressed |
2020-10-11 |
60 |
Bugzilla |
| 27487 |
pagure new security issue CVE-2019-11556 |
Neal Gompa |
7 |
Fixed upstream in 5.6 |
2020-10-29 |
98 |
Bugzilla |
| 27560 |
qtwebsockets5 new security issue CVE-2018-21035 |
KDE maintainers |
7 |
Patch available from RedHat |
2020-11-04 |
64 |
Bugzilla |
| 27593 |
guacd new security issue CVE-2020-949[78] |
Nicolas Lécureuil |
7 |
Fixed upstream in 1.2.0 |
2020-11-11 |
14 |
Bugzilla |
| 27626 |
mediainfo new security issue CVE-2020-15395 |
All Packagers |
7 |
Fixed upstream in 20.09 |
2020-11-17 |
64 |
Bugzilla |
| 27649 |
jetty new security issues CVE-2020-2721[68] |
Java Stack Maintainers |
7 |
Fixed upstream in 9.4.35, jetty8 also needs to be patched |
2020-11-23 |
57 |
Bugzilla |
| 27706 |
openssh new security issue CVE-2020-14145 |
Guillaume Rousse |
7 |
Patch available from openSUSE |
2020-12-02 |
64 |
Bugzilla |
| 27709 |
docker new security issue CVE-2020-15257 |
Bruno Cornec |
7 |
|
2020-12-02 |
2 |
Bugzilla |
| 27723 |
ampache new security issues CVE-2019-1238[56] |
All Packagers |
7 |
Patches available from Debian and Ubuntu |
2020-12-04 |
46 |
Bugzilla |
| 27735 |
checkstyle new security issue CVE-2019-10782 |
Nicolas Lécureuil |
7 |
Patch available from Debian |
2020-12-04 |
64 |
Bugzilla |
| 27750 |
resteasy new security issue CVE-2020-25633 |
Java Stack Maintainers |
Cauldron, 7, 8 |
No fix available as of end of 2020 |
2020-12-05 |
10 |
Bugzilla |
| 27752 |
db48 new security issue CVE-2019-2708 |
Thierry Vignaud |
7 |
db48 needs patch to be backported |
2020-12-05 |
60 |
Bugzilla |
| 27756 |
libndpi securty issue CVE-2020-15475 |
Stig-Ørjan Smelror |
7 |
Fixed upstream in 3.4, updating would require updating ntopng |
2020-12-06 |
64 |
Bugzilla |
| 27757 |
ganglia-web security vulnerability CVE-2019-20379 |
Johnny A. Solbu |
Cauldron, 7, 8 |
No fix available as of end of 2020 |
2020-12-06 |
64 |
Bugzilla |
| 27767 |
groovy new security issue CVE-2020-17521 |
Java Stack Maintainers |
7 |
Fixed upstream in 2.4.21 |
2020-12-06 |
60 |
Bugzilla |
| 27771 |
hdf5 new security issue CVE-2020-10812 |
Chris Denice |
Cauldron, 7, 8 |
No fix available as of end of 2020 |
2020-12-07 |
64 |
Bugzilla |
| 27831 |
opencv possible new security issue CVE-2019-19624 |
All Packagers |
7 |
|
2020-12-15 |
77 |
Bugzilla |
| 27849 |
xstream new security issue CVE-2020-26217 |
Java Stack Maintainers |
7 |
Fixed upstream in 1.4.14, patch available from Debian |
2020-12-16 |
38 |
Bugzilla |
| 27879 |
qemu several security issues |
Thierry Vignaud |
7 |
|
2020-12-19 |
64 |
Bugzilla |
| 27904 |
gdm new security issue CVE-2020-27837 |
All Packagers |
7 |
Upstream patch needs to be backported to 3.32.x |
2020-12-22 |
64 |
Bugzilla |
| 27964 |
glpi new security issues CVE-2020-5248, CVE-2020-1106[02], CVE-2020-11031, CVE-2020-15108, CVE-2020-[...] |
Guillaume Rousse |
7 |
Fixed upstream in 9.5.3 |
2020-12-29 |
43 |
Bugzilla |
| 27971 |
nodejs-chownr new security issue CVE-2017-18869 |
Stig-Ørjan Smelror |
7 |
Fixed upstream in 1.1.0 |
2020-12-29 |
62 |
Bugzilla |
| 27972 |
nodejs-handlebars new security issue CVE-2019-20922 |
Stig-Ørjan Smelror |
7 |
Fixed upstream in 4.4.5 |
2020-12-29 |
61 |
Bugzilla |
| 27973 |
nodejs-lodash new security issue CVE-2020-8203 |
Joseph Wang |
7 |
Fixed upstream in 4.17.20 |
2020-12-29 |
61 |
Bugzilla |
| 27974 |
nodejs-minimist new security issue CVE-2020-7598 |
All Packagers |
7 |
Fixed upstream in 1.2.2 |
2020-12-29 |
62 |
Bugzilla |
| 27975 |
nodejs-yargs-parser new security issue CVE-2020-7608 |
Stig-Ørjan Smelror |
7 |
|
2020-12-29 |
63 |
Bugzilla |
| 27976 |
ruby-em-http-request new security issue CVE-2020-13482 |
All Packagers |
7 |
Fixed upstream in 1.1.6 |
2020-12-29 |
47 |
Bugzilla |
| 27978 |
xymon new security issues CVE-2019-1327[34] CVE-2019-1345[125] CVE-2019-1347[34] CVE-2019-1348[4-6] |
All Packagers |
7 |
Fixed upstream in 4.3.29 (regression fixes in 4.3.30), patches available from Debian |
2020-12-29 |
62 |
Bugzilla |
| 27980 |
xstream new security issues CVE-2020-2625[89] |
Java Stack Maintainers |
7 |
Fixed upstream in 1.4.15 |
2020-12-29 |
38 |
Bugzilla |
| 28085 |
wavpack new security issue CVE-2020-35738 |
Nicolas Lécureuil |
7 |
Patch available from upstream and Ubuntu |
2021-01-13 |
40 |
Bugzilla |
| 28087 |
libzypp, zypper new security issue CVE-2017-9271 |
Nicolas Lécureuil |
7 |
Fixed upstream in libzypp 17.25.4 / zypper 1.14.41 |
2021-01-13 |
46 |
Bugzilla |
| 28088 |
graphicsmagick 1.3.36 fixes security issues |
Stig-Ørjan Smelror |
7 |
|
2021-01-13 |
47 |
Bugzilla |
| 28089 |
binutils new security issues CVE-2020-3549[3-6] |
Base system maintainers |
7 |
|
2021-01-13 |
24 |
Bugzilla |
| 28090 |
xmlbeans new security issue CVE-2021-23926 |
Java Stack Maintainers |
7 |
Fixed upstream in 3.0.0 |
2021-01-13 |
48 |
Bugzilla |
| 28108 |
open-iscsi new security issues CVE-2020-1398[78] and CVE-2020-1743[78] |
All Packagers |
7 |
Fixed upstream in 2.1.3 |
2021-01-15 |
36 |
Bugzilla |
| 28109 |
adplug new security issues CVE-2019-1469[0-2] CVE-2019-1473[2-4] CVE-2019-15151 |
David GEIGER |
7 |
Fixed upstream in 2.3.3 |
2021-01-15 |
43 |
Bugzilla |
| 28122 |
python-cairosvg new security issue CVE-2021-21236 |
All Packagers |
7 |
Fixed upstream in 2.5.1 |
2021-01-16 |
43 |
Bugzilla |
| 28137 |
python-pillow new security issue CVE-2020-3565[3-5] |
All Packagers |
7 |
Fixed upstream in 8.1.0 |
2021-01-17 |
40 |
Bugzilla |
| 28144 |
itop-itsm new security issue CVE-2020-15221 |
Bruno Cornec |
7 |
Fixed upstream in 2.7.2 |
2021-01-17 |
43 |
Bugzilla |
| 28181 |
gdk-pixbuf2.0 possible new security issues in GIF loader (including CVE-2020-29385 and CVE-2021-2024[...] |
Olav Vitters |
7 |
|
2021-01-21 |
3 |
Bugzilla |
| 28195 |
stunnel new security issue fixed upstream in 5.57 (CVE-2021-20230) |
All Packagers |
7 |
|
2021-01-22 |
7 |
Bugzilla |
| 28205 |
python-yaml new security issue CVE-2020-14343 |
Python Stack Maintainers |
7 |
Fixed upstream in 5.4 |
2021-01-23 |
10 |
Bugzilla |
| 28219 |
python-bottle new security issue CVE-2020-28473 |
Philippe Makowski |
7 |
Fixed upstream in 0.12.19 |
2021-01-26 |
35 |
Bugzilla |
| 28228 |
golang new security issues CVE-2021-3114 and CVE-2021-3115 |
Joseph Wang |
7 |
Fixed upstream in 1.15.7 |
2021-01-26 |
4 |
Bugzilla |
| 28246 |
glibc new security issues CVE-2020-27618 and CVE-2021-3326 |
Thomas Backlund |
7 |
|
2021-01-29 |
2 |
Bugzilla |
| 28252 |
erlang new security issue CVE-2020-35733 |
Jani Välimaa |
7 |
Fixed upstream in 23.2.2 |
2021-01-29 |
32 |
Bugzilla |
| 28275 |
sdl2 new security issues CVE-2020-14409 and CVE-2020-14410 |
David GEIGER |
7 |
|
2021-02-02 |
24 |
Bugzilla |
| 28276 |
ffmpeg new security issue CVE-2020-35965 |
All Packagers |
7 |
Patches available from upstream |
2021-02-02 |
6 |
Bugzilla |
| 28277 |
cups new security issue CVE-2020-10001 |
Thierry Vignaud |
7 |
Fixed upstream in 2.3.3op2 |
2021-02-02 |
22 |
Bugzilla |
| 28278 |
libebml new use-after-free security issue |
All Packagers |
7 |
Fixed upstream in 1.4.1 |
2021-02-02 |
27 |
Bugzilla |
| 28279 |
qtwebengine5 new security issues fixed upstream in 5.15.2 |
KDE maintainers |
7 |
|
2021-02-02 |
28 |
Bugzilla |
| 28282 |
docker new security issues CVE-2021-21284 and CVE-2021-21285 |
Bruno Cornec |
7 |
Fixed upstream in 19.03.15 |
2021-02-02 |
2 |
Bugzilla |
| 28296 |
mutt new denial of service security issue (CVE-2021-3181). Is neomutt affected? |
All Packagers |
7 |
|
2021-02-05 |
25 |
Bugzilla |
| 28305 |
binutils new security issue CVE-2021-20197 |
Thomas Backlund |
Cauldron, 7, 8 |
Upstream fixes WIP as of early February 2021 |
2021-02-06 |
20 |
Bugzilla |
| 28369 |
chromium-browser-stable new security issues fixed in 88.0.4324.182 |
Christiaan Welvaart |
Cauldron, 7, 8 |
|
2021-02-17 |
12 |
Bugzilla |
| 28380 |
thrift, golang-github-apache-thrift new security issue CVE-2020-13949 |
Java Stack Maintainers |
Cauldron, 7, 8 |
Fixed upstream in 0.14.0 |
2021-02-19 |
8 |
Bugzilla |
| 28392 |
glib2.0 new security issues fixed upstream in 2.66.6 |
Olav Vitters |
7, 8 |
|
2021-02-20 |
3 |
Bugzilla |
| 28408 |
python, python3 new security issue CVE-2021-23336 |
Python Stack Maintainers |
Cauldron, 7, 8 |
|
2021-02-23 |
3 |
Bugzilla |
| 28444 |
zstd creates compressed files with incorrect permissions (bdo#981404, bdo#982519) |
Thierry Vignaud |
7, 8 |
Patches available from upstream and Debian |
2021-02-26 |
3 |
Bugzilla |
| 28447 |
unbound new security issue CVE-2020-28935 |
Chris Denice |
7 |
Patch available from upstream and Debian |
2021-02-26 |
4 |
Bugzilla |
| 28448 |
ruby-mechanize new security issue CVE-2021-21289 |
All Packagers |
Cauldron, 7, 8 |
Fixed upstream in 2.7.7 |
2021-02-26 |
1 |
Bugzilla |
| 28460 |
krb5-appl new security issues CVE-2019-25017 and CVE-2019-25018 |
All Packagers |
Cauldron, 7, 8 |
|
2021-02-26 |
3 |
Bugzilla |
| 28462 |
imagemagick new security issues CVE-2021-2024[1346] |
Nicolas Lécureuil |
7, 8 |
Some more packages need rebuilt against updated libraries |
2021-02-26 |
3 |
Bugzilla |
| 28476 |
radare2 new security issues CVE-2020-16269 and CVE-2020-17487 |
David GEIGER |
Cauldron, 7, 8 |
Fixed upstream in 5.1.1 |
2021-02-27 |
3 |
Bugzilla |
| 28491 |
batik new security issue CVE-2020-11987 |
Java Stack Maintainers |
7 |
Fixed upstream in 1.14 |
2021-02-28 |
1 |
Bugzilla |
| 28492 |
redis new security issue CVE-2021-21309 |
Colin Guthrie |
7 |
Patch available from Debian |
2021-02-28 |
1 |
Bugzilla |