CVEs related to bugs in Launchpad itself

Open bugs

Bug CVE(s)
Bug #605026: edge.launchpad.net : server does not support RFC 5746, see CVE-2009-3555 CVE-2009-3555
Launchpad itself New (unassigned)
Bug #651128: Email bug submission fails due to erroneous bad signature detection CVE-2010-3362
Launchpad itself New (unassigned)
Bug #1255120: Support listing HTTPS archive mirrors CVE-2016-1252
Launchpad itself Triaged (unassigned)
Bug #1473091: default PPAs to HTTPS CVE-2016-1252
Launchpad itself Triaged (unassigned)
Bug #1473092: Move all subdomains of launchpad.net to HTTPS CVE-2016-1252
Launchpad itself Triaged (unassigned)

Resolved bugs

Bug CVE(s)
Bug #134477: With Gutsy - Nikon cameras need support in unusual_devs.h CVE-2007-4571
CVE-2007-4573
Launchpad itself Invalid (unassigned)
Bug #532445: Arbitrary diff application hole in upload processor CVE-2010-0396
Launchpad itself Invalid (unassigned)
Bug #566467: potentially vulnerable to cve-2009-3555 CVE-2009-3555
Launchpad itself Won't fix, assigned to Robert Collins
Bug #670678: libc translations not imported from upstream CVE-2010-3847
CVE-2010-3856
Launchpad itself Invalid (unassigned)
Bug #740142: persistent xss vector in (unescaped) filenames in revision views CVE-2011-0728
Launchpad itself Fix released, assigned to William Grant
Bug #741527: XSS issue in lists.launchpad.net CVE-2010-4524
Launchpad itself Fix released (unassigned)
Bug #1696154: [18.04 FEAT] Sign POWER host/NV kernels CVE-2017-5715
CVE-2017-5753
CVE-2017-5754
Launchpad itself Fix released, assigned to Andy Whitcroft
Bug #1750473: Can't link to CVE number in the form of YYYY-NNNNN CVE-2017-18191
Launchpad itself Invalid (unassigned)