Vulnerability Roundup 28

Auto-generated from `vulnix $( nix-instantiate -I nixpkgs=. '<nixpkgs/nixos/tests/login.nix>' )` on current master.

### audiofile-0.3.6 ([search](https://search.nix.gsc.io/?q=audiofile&i=fosho&repos=nixos-nixpkgs), [files](https://github.com/NixOS/nixpkgs/search?utf8=%E2%9C%93&q=audiofile+in%3Apath&type=Code))
 - [x] [CVE-2017-6827](https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-6827)
 - [x] [CVE-2017-6828](https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-6828)
 - [x] [CVE-2017-6829](https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-6829)
 - [x] [CVE-2017-6830](https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-6830)
 - [x] [CVE-2017-6831](https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-6831)
 - [x] [CVE-2017-6832](https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-6832)
 - [x] [CVE-2017-6833](https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-6833)
 - [x] [CVE-2017-6834](https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-6834)
 - [x] [CVE-2017-6835](https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-6835)
 - [x] [CVE-2017-6836](https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-6836)
 - [x] [CVE-2017-6837](https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-6837)
 - [x] [CVE-2017-6838](https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-6838)
 - [x] [CVE-2017-6839](https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-6839)

### cyrus-sasl-2.1.26 ([search](https://search.nix.gsc.io/?q=cyrus-sasl&i=fosho&repos=nixos-nixpkgs), [files](https://github.com/NixOS/nixpkgs/search?utf8=%E2%9C%93&q=cyrus-sasl+in%3Apath&type=Code))
 - [x] [CVE-2013-4122](https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2013-4122)

### freetype-2.7.1 ([search](https://search.nix.gsc.io/?q=freetype&i=fosho&repos=nixos-nixpkgs), [files](https://github.com/NixOS/nixpkgs/search?utf8=%E2%9C%93&q=freetype+in%3Apath&type=Code))
 - [x] [CVE-2017-8105](https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-8105)

### jquery-ui-1.11.4 ([search](https://search.nix.gsc.io/?q=jquery-ui&i=fosho&repos=nixos-nixpkgs), [files](https://github.com/NixOS/nixpkgs/search?utf8=%E2%9C%93&q=jquery-ui+in%3Apath&type=Code))
 - [x] [CVE-2016-7103](https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-7103)

### libarchive-3.3.2 ([search](https://search.nix.gsc.io/?q=libarchive&i=fosho&repos=nixos-nixpkgs), [files](https://github.com/NixOS/nixpkgs/search?utf8=%E2%9C%93&q=libarchive+in%3Apath&type=Code))
 - [x] [CVE-2017-14166](https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-14166)
 - [ ] [CVE-2017-14501](https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-14501) [no upstream fix]
 - [x] [CVE-2017-14502](https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-14502)
 - [ ] [CVE-2017-14503](https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-14503) [no upstream fix]

### libjpeg-turbo-1.5.2 ([search](https://search.nix.gsc.io/?q=libjpeg-turbo&i=fosho&repos=nixos-nixpkgs), [files](https://github.com/NixOS/nixpkgs/search?utf8=%E2%9C%93&q=libjpeg-turbo+in%3Apath&type=Code))
 - [ ] [CVE-2017-15232](https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-15232) [[patch](https://github.com/libjpeg-turbo/libjpeg-turbo/commit/5bc43c7821df982f65aa1c738f67fbf7cba8bd69) doesn't apply cleanly to stable version]

### libsndfile-1.0.28 ([search](https://search.nix.gsc.io/?q=libsndfile&i=fosho&repos=nixos-nixpkgs), [files](https://github.com/NixOS/nixpkgs/search?utf8=%E2%9C%93&q=libsndfile+in%3Apath&type=Code))
 - [x] [CVE-2017-12562](https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-12562)
 - [ ] [CVE-2017-14245](https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-14245) [no upstream fix]
 - [ ] [CVE-2017-14246](https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-14246) [no upstream fix]
 - [x] [CVE-2017-14634](https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-14634)
 - [x] [CVE-2017-6892](https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-6892)
 - [x] [CVE-2017-8361](https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-8361)
 - [x] [CVE-2017-8362](https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-8362)
 - [x] [CVE-2017-8363](https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-8363)
 - [x] [CVE-2017-8365](https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-8365)

### libtasn1-4.12 ([search](https://search.nix.gsc.io/?q=libtasn1&i=fosho&repos=nixos-nixpkgs), [files](https://github.com/NixOS/nixpkgs/search?utf8=%E2%9C%93&q=libtasn1+in%3Apath&type=Code))
 - [x] [CVE-2017-10790](https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-10790)

### libtiff-4.0.8 ([search](https://search.nix.gsc.io/?q=libtiff&i=fosho&repos=nixos-nixpkgs), [files](https://github.com/NixOS/nixpkgs/search?utf8=%E2%9C%93&q=libtiff+in%3Apath&type=Code))
 - [x] [CVE-2017-10688](https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-10688)
 - [x] [CVE-2017-11335](https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-11335)
 - [ ] [CVE-2017-11613](https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-11613) [no upstream fix, debian and redhat won't fix this]
 - [x] [CVE-2017-12944](https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-12944)
 - [x] [CVE-2017-13726](https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-13726)
 - [x] [CVE-2017-13727](https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-13727)
 - [ ] [CVE-2017-9935](https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-9935) [no upstream fix]
 - [x] [CVE-2017-9936](https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-9936)
 - [x] [CVE-2017-9937](https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-9937)

### libvorbis-1.3.5 ([search](https://search.nix.gsc.io/?q=libvorbis&i=fosho&repos=nixos-nixpkgs), [files](https://github.com/NixOS/nixpkgs/search?utf8=%E2%9C%93&q=libvorbis+in%3Apath&type=Code))
 - [ ] [CVE-2017-11333](https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-11333) [no upstream fix]
 - [ ] [CVE-2017-14160](https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-14160) [no upstream fix]
 - [ ] [CVE-2017-14632](https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-14632) [no upstream fix]
 - [ ] [CVE-2017-14633](https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-14633) [no upstream fix]

### libxslt-1.1.29 ([search](https://search.nix.gsc.io/?q=libxslt&i=fosho&repos=nixos-nixpkgs), [files](https://github.com/NixOS/nixpkgs/search?utf8=%E2%9C%93&q=libxslt+in%3Apath&type=Code))
 - [x] [CVE-2017-5029](https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-5029)

### openjpeg-2.1.2 ([search](https://search.nix.gsc.io/?q=openjpeg&i=fosho&repos=nixos-nixpkgs), [files](https://github.com/NixOS/nixpkgs/search?utf8=%E2%9C%93&q=openjpeg+in%3Apath&type=Code))
 - [x] [CVE-2016-10504](https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-10504)
 - [x] [CVE-2016-10505](https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-10505)
 - [x] [CVE-2016-10506](https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-10506)
 - [x] [CVE-2016-10507](https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-10507)
 - [x] [CVE-2016-9112](https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-9112)
 - [x] [CVE-2016-9113](https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-9113)
 - [x] [CVE-2016-9114](https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-9114)
 - [x] [CVE-2016-9115](https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-9115)
 - [x] [CVE-2016-9116](https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-9116)
 - [x] [CVE-2016-9117](https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-9117)
 - [x] [CVE-2016-9118](https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-9118)

### openldap-2.4.45 ([search](https://search.nix.gsc.io/?q=openldap&i=fosho&repos=nixos-nixpkgs), [files](https://github.com/NixOS/nixpkgs/search?utf8=%E2%9C%93&q=openldap+in%3Apath&type=Code))
 - [x] [CVE-2017-14159](https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-14159)

### pcre-8.40 ([search](https://search.nix.gsc.io/?q=pcre&i=fosho&repos=nixos-nixpkgs), [files](https://github.com/NixOS/nixpkgs/search?utf8=%E2%9C%93&q=pcre+in%3Apath&type=Code))
 - [x] [CVE-2017-7186](https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-7186)
 - [x] [CVE-2017-7244](https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-7244)
 - [x] [CVE-2017-7245](https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-7245)
 - [x] [CVE-2017-7246](https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-7246)

### perl-5.24.2 ([search](https://search.nix.gsc.io/?q=perl&i=fosho&repos=nixos-nixpkgs), [files](https://github.com/NixOS/nixpkgs/search?utf8=%E2%9C%93&q=perl+in%3Apath&type=Code))
 - [x] [CVE-2017-12814](https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-12814)
 - [x] [CVE-2017-12837](https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-12837)
 - [x] [CVE-2017-12883](https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-12883)

### sqlite-3.20.0 ([search](https://search.nix.gsc.io/?q=sqlite&i=fosho&repos=nixos-nixpkgs), [files](https://github.com/NixOS/nixpkgs/search?utf8=%E2%9C%93&q=sqlite+in%3Apath&type=Code))
 - [x] [CVE-2017-13685](https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-13685)

### owncloud-7.0.5 ([search](https://search.nix.gsc.io/?q=owncloud&i=fosho&repos=nixos-nixpkgs), [files](https://github.com/NixOS/nixpkgs/search?utf8=%E2%9C%93&q=owncloud+in%3Apath&type=Code))
 - [x] [CVE-2015-4717](https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2015-4717)
 - [x] [CVE-2015-4718](https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2015-4718)
 - [x] [CVE-2015-5954](https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2015-5954)
 - [x] [CVE-2015-6500](https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2015-6500)
 - [x] [CVE-2015-6670](https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2015-6670)
 - [x] [CVE-2015-7699](https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2015-7699)

### jython-2.7.0 ([search](https://search.nix.gsc.io/?q=jython&i=fosho&repos=nixos-nixpkgs), [files](https://github.com/NixOS/nixpkgs/search?utf8=%E2%9C%93&q=jython+in%3Apath&type=Code))
 - [x] [CVE-2016-4000](https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-4000)

### zabbix-2.0.11 ([search](https://search.nix.gsc.io/?q=zabbix&i=fosho&repos=nixos-nixpkgs), [files](https://github.com/NixOS/nixpkgs/search?utf8=%E2%9C%93&q=zabbix+in%3Apath&type=Code))
 - [x] [CVE-2014-9450](https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2014-9450)
 - [x] [CVE-2016-4338](https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-4338)

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Uh oh!

Vulnerability Roundup 28 #30959

audiofile-0.3.6 (search, files)

cyrus-sasl-2.1.26 (search, files)

freetype-2.7.1 (search, files)

jquery-ui-1.11.4 (search, files)

libarchive-3.3.2 (search, files)

libjpeg-turbo-1.5.2 (search, files)

libsndfile-1.0.28 (search, files)

libtasn1-4.12 (search, files)

libtiff-4.0.8 (search, files)

libvorbis-1.3.5 (search, files)

libxslt-1.1.29 (search, files)

openjpeg-2.1.2 (search, files)

openldap-2.4.45 (search, files)

pcre-8.40 (search, files)

perl-5.24.2 (search, files)

sqlite-3.20.0 (search, files)

owncloud-7.0.5 (search, files)

jython-2.7.0 (search, files)

zabbix-2.0.11 (search, files)

Metadata

Assignees

Labels

Fields

Projects

Milestone

Relationships

Development

Uh oh!

Vulnerability Roundup 28 #30959

Description

audiofile-0.3.6 (search, files)

cyrus-sasl-2.1.26 (search, files)

freetype-2.7.1 (search, files)

jquery-ui-1.11.4 (search, files)

libarchive-3.3.2 (search, files)

libjpeg-turbo-1.5.2 (search, files)

libsndfile-1.0.28 (search, files)

libtasn1-4.12 (search, files)

libtiff-4.0.8 (search, files)

libvorbis-1.3.5 (search, files)

libxslt-1.1.29 (search, files)

openjpeg-2.1.2 (search, files)

openldap-2.4.45 (search, files)

pcre-8.40 (search, files)

perl-5.24.2 (search, files)

sqlite-3.20.0 (search, files)

owncloud-7.0.5 (search, files)

jython-2.7.0 (search, files)

zabbix-2.0.11 (search, files)

Metadata

Metadata

Assignees

Labels

Fields

Projects

Milestone

Relationships

Development

Issue actions