| Release | Version |
|---|---|
| jessie | 3.1.1-1+deb8u1 |
| stretch | 3.3.3-1 |
| buster | 3.5.2-1 |
| bullseye | 4.0.4-1 |
| bookworm | 4.2.2.20221110-2 |
| trixie | 4.4.2-1 |
| sid | 4.4.2-1 |
| Bug | jessie | stretch | buster | bullseye | bookworm | trixie | sid | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2020-27637 | vulnerable (no DSA) | vulnerable (no DSA) | vulnerable (no DSA) | fixed | fixed | fixed | fixed | The R programming language\u2019s default package manager CRAN is affe ... |
| Bug | jessie | stretch | buster | bullseye | bookworm | trixie | sid | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2024-27322 | vulnerable | vulnerable | vulnerable | vulnerable | vulnerable | fixed | fixed | Deserialization of untrusted data can occur in the R statistical progr ... |
| Bug | Description |
|---|---|
| CVE-2016-8714 | An exploitable buffer overflow vulnerability exists in the LoadEncodin ... |
| CVE-2008-3931 | javareconf in R 2.7.2 allows local users to overwrite arbitrary files ... |
| DSA / DLA | Description |
|---|---|
| DSA-3813-1 | r-base - security update |
| DLA-861-1 | r-base - security update |