gfbgraph - Debian Package Tracker

1 security issue in sid high

1 important issue:

CVE-2021-39358: In GNOME libgfbgraph through 0.2.4, gfbgraph-photo.c does not enable TLS certificate verification on the SoupSessionSync objects it creates, leaving users vulnerable to network MITM attacks. NOTE: this is similar to CVE-2016-20011.

Created: 2021-08-23 Last update: 2021-09-03 00:35

1 security issue in bookworm high

There is 1 open security issue in bookworm.

1 important issue:

CVE-2021-39358: In GNOME libgfbgraph through 0.2.4, gfbgraph-photo.c does not enable TLS certificate verification on the SoupSessionSync objects it creates, leaving users vulnerable to network MITM attacks. NOTE: this is similar to CVE-2016-20011.

Created: 2021-08-23 Last update: 2021-09-03 00:35

1 low-priority security issue in buster low

1 issue left for the package maintainer to handle:

CVE-2021-39358: (needs triaging) In GNOME libgfbgraph through 0.2.4, gfbgraph-photo.c does not enable TLS certificate verification on the SoupSessionSync objects it creates, leaving users vulnerable to network MITM attacks. NOTE: this is similar to CVE-2016-20011.

You can find information about how to handle this issue in the security team's documentation.

Created: 2021-08-23 Last update: 2021-09-03 00:35

1 low-priority security issue in bullseye low

There is 1 open security issue in bullseye.

1 issue left for the package maintainer to handle:

CVE-2021-39358: (needs triaging) In GNOME libgfbgraph through 0.2.4, gfbgraph-photo.c does not enable TLS certificate verification on the SoupSessionSync objects it creates, leaving users vulnerable to network MITM attacks. NOTE: this is similar to CVE-2016-20011.

You can find information about how to handle this issue in the security team's documentation.

Created: 2021-08-23 Last update: 2021-09-03 00:35

Standards version of the package is outdated. wishlist

The package should be updated to follow the last version of Debian Policy (Standards-Version 4.6.0 instead of 4.3.0).

Created: 2019-07-08 Last update: 2021-08-18 14:03