| Bug | jessie | stretch | buster | bullseye | bookworm | trixie | sid | Description |
|---|
| CVE-2021-36377 | vulnerable | vulnerable (no DSA) | vulnerable (no DSA) | fixed | fixed | fixed | fixed | Fossil before 2.14.2 and 2.15.x before 2.15.2 often skips the hostname ... |
| CVE-2020-24614 | vulnerable | vulnerable (no DSA) | vulnerable (no DSA) | fixed | fixed | fixed | fixed | Fossil before 2.10.2, 2.11.x before 2.11.2, and 2.12.x before 2.12.1 a ... |
| CVE-2017-17459 | vulnerable (no DSA) | vulnerable (no DSA, ignored) | fixed | fixed | fixed | fixed | fixed | http_transport.c in Fossil before 2.4, when the SSH sync protocol is u ... |