fedora-security/audit fc6,1.3,1.4
Mark Cox (mjc)
fedora-extras-commits at redhat.com
Mon Aug 14 19:56:48 UTC 2006
Author: mjc
Update of /cvs/fedora/fedora-security/audit
In directory cvs-int.fedora.redhat.com:/tmp/cvs-serv25287
Modified Files:
fc6
Log Message:
More work, this is the easy part where we're mostly working on things
that were fixed in fc5 by version number so we only need to check that the
fc6 version is similar and greater (or more work if for some package like
Apache where the 2.2 branch and 2.0 branches are such that you can't just
assume fixed if > 2.0.54 say). 70% done, with the hard 30% left
Index: fc6
===================================================================
RCS file: /cvs/fedora/fedora-security/audit/fc6,v
retrieving revision 1.3
retrieving revision 1.4
diff -u -r1.3 -r1.4
--- fc6 14 Aug 2006 18:51:00 -0000 1.3
+++ fc6 14 Aug 2006 19:56:45 -0000 1.4
@@ -57,7 +57,7 @@
CVE-2006-3801 version (thunderbird, fixed 1.5.0.5) [since FEDORA-2006-903] ###
CVE-2006-3801 VULNERABLE (mozilla) ###
CVE-2006-3747 backport (httpd, fixed 2.2.3) ###
-CVE-2006-3746 version (gnupg, fixed 1.4.5) #200904 [since FEDORA-2006-868] ###
+CVE-2006-3746 version (gnupg, fixed 1.4.5)
CVE-2006-3731 ignore (firefox) just a user complicit crash
CVE-2006-3694 backport (ruby, fixed 1.8.5) #199538 #199543 [since FEDORA-2006-849] ###
CVE-2006-3677 version (firefox, fixed 1.5.0.5) [since FEDORA-2006-902] ###
@@ -86,7 +86,7 @@
CVE-2006-3461 backport (libtiff) [since FEDORA-2006-877] ###
CVE-2006-3460 backport (libtiff) [since FEDORA-2006-877] ###
CVE-2006-3459 backport (libtiff) [since FEDORA-2006-877] ###
-CVE-2006-3404 version (gimp, fixed 2.2.12) #198270 [since FEDORA-2006-794] ###
+CVE-2006-3404 version (gimp, fixed 2.2.12)
CVE-2006-3403 version (samba, fixed 3.0.23)
CVE-2006-3378 ignore (shadow-utils) we don't ship passwd from shadow-utils
CVE-2006-3376 backport (libwmf) #198291 [since FEDORA-2006-805] ###
@@ -95,18 +95,18 @@
CVE-2006-3242 version (mutt, fixed 1.4.2.2, 1.5.12)
CVE-2006-3174 version (squirrelmail, fixed 1.4.7)
CVE-2006-3145 version (netpbm, fixed 10.34)
-CVE-2006-3127 version (nss, only affected 3.11) [since FEDORA-2006-728] ###
+CVE-2006-3127 version (nss, only affected 3.11)
CVE-2006-3122 ** dhcp ###
-CVE-2006-3117 backport (openoffice.org, fixed 2.0.3) [since FEDORA-2006-770] ###
+CVE-2006-3117 version (openoffice.org, fixed 2.0.3)
CVE-2006-3113 version (firefox, fixed 1.5.0.5) [since FEDORA-2006-902] ###
CVE-2006-3113 version (thunderbird, fixed 1.5.0.5) [since FEDORA-2006-903] ###
CVE-2006-3113 VULNERABLE (mozilla) ###
CVE-2006-3085 version (kernel, fixed 2.6.17.1)
CVE-2006-3084 ignore (krb5) seteuid() calls never fail on linux
CVE-2006-3083 backport (krb5, fixed 1.5.1, 1.4.4) [since FEDORA-2006-905] ###
-CVE-2006-3082 version (gnupg, fixed 1.4.4) #195946 [since FEDORA-2006-755] ###
+CVE-2006-3082 version (gnupg, fixed 1.4.4)
CVE-2006-3081 version (mysql, fixed 5.1.18)
-CVE-2006-3057 version (dhcdbd, fixed 1.14) [since FEDORA-2006-609] ###
+CVE-2006-3057 version (dhcdbd, fixed 1.14)
CVE-2006-3018 version (php, fixed 5.1.3)
CVE-2006-3017 version (php, fixed 5.1.3)
CVE-2006-3016 version (php, fixed 5.1.3)
@@ -114,7 +114,7 @@
CVE-2006-2936 version (kernel, fixed 2.6.17.7)
CVE-2006-2935 version (kernel, fixed 2.6.17.7)
CVE-2006-2934 version (kernel, fixed 2.6.17.3)
-CVE-2006-2933 version (kde, not 3.2+) ###
+CVE-2006-2933 version (kde, not 3.2+)
CVE-2006-2916 ignore (arts) not shipped setuid ###
CVE-2006-2906 VULNERABLE (gd) #194520 ###
CVE-2006-2894 VULNERABLE (firefox) ###
@@ -157,7 +157,7 @@
CVE-2006-2754 ignore (openldap) This issue is not exploitable
CVE-2006-2753 version (mysql, fixed 5.0.22)
CVE-2006-2723 ignore (firefox) disputed
-CVE-2006-2661 VULNERABLE (freetype, fixed 2.2.1) #183677 ###
+CVE-2006-2661 version (freetype, fixed 2.2.1)
CVE-2006-2660 ignore (php) see bz#195539
CVE-2006-2656 backport (libtiff) [since FEDORA-2006-592] ###
CVE-2006-2629 ignore (kernel) couldn't be reproduced on FC
@@ -166,28 +166,28 @@
CVE-2006-2563 ignore (php) safe mode isn't safe
CVE-2006-2452 version (gdm) [since FEDORA-2006-674] ###
CVE-2006-2451 version (kernel, fixed 2.6.17.4)
-CVE-2006-2449 backport (kdebase, fixed 3.5.4) #194659 [since FEDORA-2006-726] ###
+CVE-2006-2449 version (kdebase, fixed 3.5.4)
CVE-2006-2448 version (kernel, fixed 2.6.17)
CVE-2006-2447 version (spamassassin, fixed 3.1.3)
CVE-2006-2445 version (kernel, fixed 2.6.17)
CVE-2006-2444 version (kernel, fixed 2.6.17)
CVE-2006-2440 backport (ImageMagick) #192279 [since FEDORA-2006-588] ###
-CVE-2006-2414 version (dovecot, fixed 1.0.beta8) [since FEDORA-2006-647] is not a security issue ###
-CVE-2006-2369 backport (vnc, fixed 4.1.2) #191692 [since FEDORA-2006-558] ###
+CVE-2006-2414 version (dovecot, fixed 1.0.beta8) not a security issue
+CVE-2006-2369 version (vnc, fixed 4.1.2)
CVE-2006-2366 VULNERABLE (openobex) #192087 ###
CVE-2006-2362 ignore (binutils) minor crash (not exploitable)
CVE-2006-2332 ignore (firefox) disputed
CVE-2006-2314 version (postgresql, fixed 8.1.4)
CVE-2006-2313 version (postgresql, fixed 8.1.4)
-CVE-2006-2276 version (quagga, fixed 0.98.6) #191377 [since FEDORA-2006-845] ###
+CVE-2006-2276 version (quagga, fixed 0.98.6)
CVE-2006-2275 version (kernel, fixed 2.6.16.15)
CVE-2006-2274 version (kernel, fixed 2.6.16.15)
CVE-2006-2272 version (kernel, fixed 2.6.16.15)
CVE-2006-2271 version (kernel, fixed 2.6.16.15)
-CVE-2006-2224 version (quagga, fixed 0.98.6) #191085 [since FEDORA-2006-845] ###
-CVE-2006-2223 version (quagga, fixed 0.98.6) #191081 [since FEDORA-2006-845] ###
-CVE-2006-2199 backport (openoffice.org, fixed 2.0.3) [since FEDORA-2006-770] ###
-CVE-2006-2198 backport (openoffice.org, fixed 2.0.3) [since FEDORA-2006-770] ###
+CVE-2006-2224 version (quagga, fixed 0.98.6)
+CVE-2006-2223 version (quagga, fixed 0.98.6)
+CVE-2006-2199 version (openoffice.org, fixed 2.0.3)
+CVE-2006-2198 version (openoffice.org, fixed 2.0.3)
CVE-2006-2194 ignore (ppp) pppd not suid
CVE-2006-2193 VULNERABLE (libtiff) #194363 ###
CVE-2006-2120 backport (libtiff) #189976 [since FEDORA-2006-473] ###
@@ -195,9 +195,9 @@
CVE-2006-2083 version (rsync, fixed 2.6.8)
CVE-2006-2071 version (kernel, fixed 2.6.16.6)
CVE-2006-2057 ignore (firefox) not Linux
-CVE-2006-2026 backport (libtiff, fixed 3.8.1) #189934 [since FEDORA-2006-473] ###
-CVE-2006-2025 backport (libtiff, fixed 3.8.1) #189934 [since FEDORA-2006-473] ###
-CVE-2006-2024 backport (libtiff, fixed 3.8.1) #189934 [since FEDORA-2006-473] ###
+CVE-2006-2026 version (libtiff, fixed 3.8.1)
+CVE-2006-2025 version (libtiff, fixed 3.8.1)
+CVE-2006-2024 version (libtiff, fixed 3.8.1)
CVE-2006-1993 version (firefox, fixed 1.5.0.3) #190124 [since FEDORA-2006-547] ###
CVE-2006-1991 version (php)
CVE-2006-1990 version (php)
@@ -315,7 +315,7 @@
CVE-2006-1343 version (kernel, fixed 2.6.16.19)
CVE-2006-1342 version (kernel, not 2.6)
CVE-2006-1335 version (gnome-screensaver, fixed 2.14)
-CVE-2006-1296 version (beagle, fixed 0.2.4) [since FEDORA-2006-305] was backport since FEDORA-2006-188 ###
+CVE-2006-1296 version (beagle, fixed 0.2.4)
CVE-2006-1273 ignore (firefox) this issue only affects IE
CVE-2006-1244 ignore (xpdf) duplicate of other cve named issues
CVE-2006-1242 version (kernel, fixed 2.6.16.1)
@@ -329,7 +329,7 @@
CVE-2006-1061 version (curl, fixed 7.15.3)
CVE-2006-1059 version (samba, fixed 3.0.22 at least)
CVE-2006-1058 backport (busybox) [since FEDORA-2006-510] ###
-CVE-2006-1057 version (gdm, fixed 2.14.1) [since FEDORA-2006-338] ###
+CVE-2006-1057 version (gdm, fixed 2.14.1)
CVE-2006-1056 version (kernel, fixed 2.6.16.9)
CVE-2006-1055 version (kernel, fixed 2.6.17)
CVE-2006-1052 version (kernel, fixed 2.6.16)
@@ -352,7 +352,7 @@
CVE-2006-0744 version (kernel, fixed 2.6.16.5)
CVE-2006-0742 version (kernel, fixed 2.6.16)
CVE-2006-0741 version (kernel, fixed 2.6.15.5)
-CVE-2006-0730 version (dovecot, 1.0beta[12] only) ###
+CVE-2006-0730 version (dovecot, 1.0beta[12] only)
CVE-2006-0678 ignore (postgresql) we don't build --enable-cassert ###
CVE-2006-0670 VULNERABLE (bluez-hcidump) ###
CVE-2006-0645 version (gnutls, fixed 1.2.10)
@@ -368,12 +368,12 @@
CVE-2006-0496 VULNERABLE (firefox) not fixed upstream ###
CVE-2006-0482 ignore (kernel) sparc only
CVE-2006-0481 version (libpng, 1.2.7 only)
-CVE-2006-0459 version (flex) by inspection ###
+CVE-2006-0459 version (flex) by inspection
CVE-2006-0457 version (kernel, fixed 2.6.16)
CVE-2006-0456 ignore (kernel) s390 only
-CVE-2006-0455 version (gnupg, fixed 1.4.2.1) ###
+CVE-2006-0455 version (gnupg, fixed 1.4.2.1)
CVE-2006-0454 version (kernel, fixed 2.6.15.3)
-CVE-2006-0405 version (libtiff, 3.8.0 only) ###
+CVE-2006-0405 version (libtiff, 3.8.0 only)
CVE-2006-0377 version (squirrelmail, fixed 1.4.6)
CVE-2006-0369 ignore (mysql) this is not a security issue
CVE-2006-0321 version (fetchmail, fixed 6.3.2)
@@ -421,7 +421,7 @@
CVE-2006-0082 version (ImageMagick, not 6.2.5.4)
CVE-2006-0058 version (sendmail, fixed 8.13.6)
CVE-2006-0052 version (mailman, fixed 2.1.6)
-CVE-2006-0049 version (gnupg, fixed 1.4.2.2) ###
+CVE-2006-0049 version (gnupg, fixed 1.4.2.2)
CVE-2006-0039 version (kernel, fixed 2.6.16.17)
CVE-2006-0037 version (kernel, only 2.6.14 and 2.6.15)
CVE-2006-0036 version (kernel, only 2.6.14 and 2.6.15)
@@ -441,7 +441,7 @@
CVE-2005-4684 ignore (kdebase) not fixed upstream, low, can't fix
CVE-2005-4667 backport (unzip) ###
CVE-2005-4639 version (kernel, fixed 2.6.15)
-CVE-2005-4636 version (openoffice.org, fixed 2.0.1) ###
+CVE-2005-4636 version (openoffice.org, fixed 2.0.1)
CVE-2005-4635 version (kernel, fixed 2.6.15)
CVE-2005-4618 version (kernel, fixed 2.6.15)
CVE-2005-4605 version (kernel, fixed 2.6.15)
@@ -473,9 +473,9 @@
CVE-2005-3783 version (kernel, fixed 2.6.15)
CVE-2005-3753 version (kernel, fixed 2.6.14)
CVE-2005-3745 ignore (struts, fixed 1.2.8) but not through tomcat
-CVE-2005-3732 version (ipsec-tools, fixed 0.6.3) ###
+CVE-2005-3732 version (ipsec-tools, fixed 0.6.3)
CVE-2005-3675 VULNERABLE (kernel) optack, no upstream fix
-CVE-2005-3671 version (openswan, fixed 2.4.4) ###
+CVE-2005-3671 version (openswan, fixed 2.4.4)
CVE-2005-3662 version (netpbm)
CVE-2005-3656 version (mod_auth_pgsql, fixed 2.0.3)
CVE-2005-3651 version (wireshark, fixed 0.10.14)
@@ -559,7 +559,7 @@
CVE-2005-3191 backport (xpdf) xpdf-3.01pl2.patch ###
CVE-2005-3191 backport (tetex) tetex-3.0-CVE-2005-3193.patch ###
CVE-2005-3191 version (cups, fixed 1.2.0)
-CVE-2005-3186 version (gtk2, fixed 2.8.7 at least) ###
+CVE-2005-3186 version (gtk2, fixed 2.8.7 at least)
CVE-2005-3185 version (wget, fixed 1.10.2 at least)
CVE-2005-3185 version (curl, fixed 7.15)
CVE-2005-3184 version (wireshark, fixed 0.10.13)
@@ -584,8 +584,8 @@
CVE-2005-3011 backport (texinfo) texinfo-CAN-2005-3011.patch ###
CVE-2005-2991 ignore (ncompress) don't ship zdiff or zcmp scripts ####
CVE-2005-2978 version (netpbm, fixed 10.25)
-CVE-2005-2977 version (pam, fixed 0.99.2.1 at least) ###
-CVE-2005-2975 version (gtk2, fixed 2.8.7) ###
+CVE-2005-2977 version (pam, fixed 0.99.2.1 at least)
+CVE-2005-2975 version (gtk2, fixed 2.8.7)
CVE-2005-2973 version (kernel, fixed 2.6.14)
CVE-2005-2970 version (httpd, not 2.2)
CVE-2005-2969 version (openssl, fixed 0.9.8a)
@@ -595,7 +595,7 @@
CVE-2005-2968 version (firefox) ###
CVE-2005-2959 ignore (sudo) not a vulnerability
CVE-2005-2946 version (openssl, fixed 0.9.8)
-CVE-2005-2933 version (libc-client, fixed 2004g at least) ###
+CVE-2005-2933 version (libc-client, fixed 2004g at least)
CVE-2005-2929 backport (lynx) ###
CVE-2005-2917 version (squid, fixed 2.5.STABLE11)
CVE-2005-2876 version (util-linux, fixed 2.13-pre3)
@@ -605,7 +605,7 @@
CVE-2005-2871 version (thunderbird) ###
CVE-2005-2871 version (mozilla, fixed 1.7.12) ###
CVE-2005-2871 version (firefox, fixed 1.0.7) ###
-CVE-2005-2811 version (net-snmp) not upstream, gentoo only ###
+CVE-2005-2811 version (net-snmp) not upstream, gentoo only
CVE-2005-2801 version (kernel, fixed 2.6.11)
CVE-2005-2800 version (kernel, fixed 2.6.12.6)
CVE-2005-2798 version (openssh, fixed 4.2)
@@ -637,10 +637,10 @@
CVE-2005-2701 version (firefox, fixed 1.0.7) ###
CVE-2005-2700 version (httpd, not 2.2)
CVE-2005-2693 backport (cvs) cvs-1.11.19-tmp.patch ###
-CVE-2005-2672 version (lm_sensors, fixed 2.9.2) ###
+CVE-2005-2672 version (lm_sensors, fixed 2.9.2)
CVE-2005-2666 version (openssh, fixed 4.0p1)
CVE-2005-2642 version (mutt) openbsd only
-CVE-2005-2641 version (nss_ldap, fixed pam_ldap:180) ###
+CVE-2005-2641 version (nss_ldap, fixed pam_ldap:180)
CVE-2005-2617 version (kernel, fixed 2.6.12.5)
CVE-2005-2602 ignore (thunderbird) probably
CVE-2005-2602 ignore (firefox) https://bugzilla.mozilla.org/show_bug.cgi?id=237085
@@ -651,15 +651,15 @@
CVE-2005-2550 version (evolution, fixed after 2.3.6.1)
CVE-2005-2549 version (evolution, fixed after 2.3.6.1)
CVE-2005-2548 version (kernel, fixed 2.6.9) only affected 2.6.8
-CVE-2005-2547 version (bluez-pin, fixed 2.19) not before 2.16 ###
+CVE-2005-2547 version (bluez-pin, fixed 2.19) not before 2.16
CVE-2005-2541 ignore (tar) is documented behaviour
CVE-2005-2500 version (kernel, fixed 2.6.13)
CVE-2005-2498 version (php, fixed xml_rpc:1.4.0)
-CVE-2005-2496 backport (ntp, fixed 4.2.0b) ...0a-20040617-ntpd_guid.patch ###
+CVE-2005-2496 version (ntp, fixed 4.2.0b)
CVE-2005-2495 version (xorg-x11-server, fixed 0.99.3 at least) ###
-CVE-2005-2494 version (kdebase, fixed after 3.4.2) ###
+CVE-2005-2494 version (kdebase, fixed after 3.4.2)
CVE-2005-2492 version (kernel, fixed 2.6.13.1)
-CVE-2005-2491 version (pcre, fixed 6.2) ###
+CVE-2005-2491 version (pcre, fixed 6.2)
CVE-2005-2491 ignore (python) fc4 python does not contain pcre ###
CVE-2005-2491 ignore (php) php uses system pcre
CVE-2005-2491 ignore (httpd) httpd uses system pcre
@@ -670,15 +670,15 @@
CVE-2005-2458 version (kernel, fixed 2.6.12.5)
CVE-2005-2457 version (kernel, fixed 2.6.12.5)
CVE-2005-2456 version (kernel, fixed 2.6.12.5)
-CVE-2005-2452 version (libtiff, fixed 3.7.0) ###
-CVE-2005-2448 version (kdenetwork, fixed 3.4.2) ###
+CVE-2005-2452 version (libtiff, fixed 3.7.0)
+CVE-2005-2448 version (kdenetwork, fixed 3.4.2)
CVE-2005-2414 ignore (mozilla) not being fixed upstream, just a crash
-CVE-2005-2410 version (NetworkManager, fixed 5.0) ###
+CVE-2005-2410 version (NetworkManager, fixed 5.0)
CVE-2005-2395 ignore (firefox) https://bugzilla.mozilla.org/show_bug.cgi?id=281851
-CVE-2005-2370 version (kdenetwork, fixed 3.4.2) ###
+CVE-2005-2370 version (kdenetwork, fixed 3.4.2)
CVE-2005-2370 version (gaim, fixed 1.5.0)
-CVE-2005-2369 version (kdenetwork, fixed 3.4.2) ###
-CVE-2005-2368 version (vim, fixed 6.3.086 at least) ###
+CVE-2005-2369 version (kdenetwork, fixed 3.4.2)
+CVE-2005-2368 version (vim, fixed 6.3.086 at least)
CVE-2005-2367 version (wireshark, fixed 0.10.12)
CVE-2005-2366 version (wireshark, fixed 0.10.12)
CVE-2005-2365 version (wireshark, fixed 0.10.12)
@@ -715,26 +715,26 @@
CVE-2005-2261 version (firefox, fixed 1.0.5) ###
CVE-2005-2260 version (mozilla, fixed 1.7.9) ###
CVE-2005-2260 version (firefox, fixed 1.0.5) ###
-CVE-2005-2177 version (net-snmp, fixed 5.2.1.2) ###
+CVE-2005-2177 version (net-snmp, fixed 5.2.1.2)
CVE-2005-2114 version (mozilla, fixed 1.7.9) ###
CVE-2005-2114 version (firefox, fixed 1.0.5) ###
-CVE-2005-2104 version (sysreport, fixed 1.4.1-5) ###
+CVE-2005-2104 version (sysreport, fixed 1.4.1-5)
CVE-2005-2103 version (gaim, fixed 1.5.0)
CVE-2005-2102 version (gaim, fixed 1.5.0)
-CVE-2005-2101 version (kdeedu, fixed after 3.4.2) ###
+CVE-2005-2101 version (kdeedu, fixed after 3.4.2)
CVE-2005-2100 version (kernel, not 2.6) not upstream only RHEL4
CVE-2005-2099 version (kernel, fixed 2.6.12.5)
CVE-2005-2098 version (kernel, fixed 2.6.12.5)
CVE-2005-2097 version (xpdf, fixed 3.0.1)
CVE-2005-2097 version (cups)
-CVE-2005-2096 version (rpm, fixed 4.4.2) ###
+CVE-2005-2096 version (rpm, fixed 4.4.2)
CVE-2005-2096 backport (zlib, fixed 1.2.2.4)
CVE-2005-2095 version (squirrelmail, fixed 1.4.5)
CVE-2005-2088 version (httpd, not 2.2)
-CVE-2005-2069 version (nss_ldap, fixed pam_ldap:180) ###
+CVE-2005-2069 version (nss_ldap, fixed pam_ldap:180)
CVE-2005-2069 backport (openldap) openldap-2.2.13-tls-fix-connection-test.patch ###
-CVE-2005-2023 version (gnupg, fixed 1.9.15) ###
-CVE-2005-1993 version (sudo, fixed 1.6.8p9) ###
+CVE-2005-2023 version (gnupg, fixed 1.9.15??) ###
+CVE-2005-1993 version (sudo, fixed 1.6.8p9)
CVE-2005-1992 version (ruby, fixed 1.8.3 at least)
CVE-2005-1937 version (mozilla, fixed 1.7.9) ###
CVE-2005-1937 version (firefox, fixed 1.0.5) ###
@@ -754,23 +754,23 @@
CVE-2005-1763 version (kernel, fixed 2.6.12)
CVE-2005-1762 version (kernel, fixed 2.6.12)
CVE-2005-1761 version (kernel, fixed 2.6.12.2)
-CVE-2005-1760 version (sysreport, fixed 1.4.1-3) ###
+CVE-2005-1760 version (sysreport, fixed 1.4.1-3)
CVE-2005-1759 ignore (php) dead code path
CVE-2005-1759 ignore (openldap) fixed shtool 2.0.2 flawed code path not used
-CVE-2005-1751 version (nmap, fixed 3.93 at least) ###
+CVE-2005-1751 version (nmap, fixed 3.93 at least)
CVE-2005-1751 ignore (openldap) fixed shtool 2.0.2. Flawed code path not used
CVE-2005-1751 ignore (ncpfs) part of shtool in ncpfs is not vulnerable
-CVE-2005-1740 version (net-snmp, fixed 5.2.2.rc5 at least) ###
+CVE-2005-1740 version (net-snmp, fixed 5.2.2.rc5 at least)
CVE-2005-1739 version (ImageMagick, fixed 6.2.2.3)
CVE-2005-1705 backport (gdb) gdb-6.3-security-errata-20050610.patch ###
-CVE-2005-1704 version (binutils, fixed 2.16.91.0.3 at least) ###
+CVE-2005-1704 version (binutils, fixed 2.16.91.0.3 at least)
CVE-2005-1704 backport (gdb) gdb-6.3-security-errata-20050610.patch ###
CVE-2005-1689 version (krb5, fixed 1.4.2)
CVE-2005-1686 ignore (gedit) not a vulnerability
CVE-2005-1636 version (mysql, fixed 4.1.12)
CVE-2005-1589 version (kernel, fixed 2.6.11.10)
CVE-2005-1571 version (php, fixed shtool 2.0.2)
-CVE-2005-1544 version (libtiff, fixed 3.7.1 at least) ###
+CVE-2005-1544 version (libtiff, fixed 3.7.1 at least)
CVE-2005-1532 version (thunderbird) ###
CVE-2005-1532 version (mozilla, fixed 1.7.8) ###
CVE-2005-1532 version (firefox, fixed 1.0.4) ###
@@ -816,7 +816,7 @@
CVE-2005-1263 version (kernel)
CVE-2005-1262 version (gaim, fixed 1.3.0)
CVE-2005-1261 version (gaim, fixed 1.3.0)
-CVE-2005-1260 version (bzip2, fixed 1.0.3) ###
+CVE-2005-1260 version (bzip2, fixed 1.0.3)
CVE-2005-1229 backport (cpio) ###
CVE-2005-1228 backport (gzip) ###
CVE-2005-1194 backport (nasm) ###
@@ -842,14 +842,14 @@
CVE-2005-1153 version (firefox) ###
CVE-2005-1111 backport (cpio) ###
CVE-2005-1065 version (tetex) not upstream version ###
-CVE-2005-1061 version (logwatch, fixed 4.3.2 at least) ###
+CVE-2005-1061 version (logwatch, fixed 4.3.2 at least)
CVE-2005-1046 version (kdelibs, fixed after 3.4.0)
CVE-2005-1043 version (php, fixed 4.3.11)
CVE-2005-1042 version (php, fixed 4.3.11)
CVE-2005-1041 version (kernel, fixed 2.6.12)
CVE-2005-1039 ignore (coreutils) not fixed upstream, not a real issue
CVE-2005-1038 backport (vixie-cron) ###
-CVE-2005-0990 version (sharutils, fixed 4.6 at least) ###
+CVE-2005-0990 version (sharutils, fixed 4.6 at least)
CVE-2005-0989 version (thunderbird) ###
CVE-2005-0989 version (mozilla, fixed 1.7.7) ###
CVE-2005-0989 version (firefox, fixed 1.0.3) ###
@@ -859,12 +859,12 @@
CVE-2005-0966 version (gaim, fixed 1.2.1)
CVE-2005-0965 version (gaim, fixed 1.2.1)
CVE-2005-0953 backport (bzip2) bzip2-1.0.2-chmod.patch ###
-CVE-2005-0941 version (ooffice, fixed 1.9 m95) ###
+CVE-2005-0941 version (openoffice.org, fixed 1.9 m95)
CVE-2005-0937 version (kernel, fixed 2.6.11)
CVE-2005-0916 version (kernel, fixed 2.6.12)
-CVE-2005-0891 version (gtk2, fixed 2.2.4) ###
+CVE-2005-0891 version (gtk2, fixed 2.2.4)
CVE-2005-0867 version (kernel, fixed 2.6.11)
-CVE-2005-0866 version (cdrecord) DEBUG isn't enabled anyway ###
+CVE-2005-0866 version (cdrecord) DEBUG isn't enabled anyway
CVE-2005-0839 version (kernel, fixed 2.6.11)
CVE-2005-0815 version (kernel, fixed 2.6.11.6)
CVE-2005-0808 version (tomcat, fixed 5.x)
@@ -878,11 +878,11 @@
CVE-2005-0761 version (ImageMagick, fixed 6.1.8)
CVE-2005-0760 version (ImageMagick, fixed 6.0)
CVE-2005-0759 version (ImageMagick, fixed 6.0)
-CVE-2005-0758 version (gzip, fixed 1.3.5) ###
+CVE-2005-0758 version (gzip, fixed 1.3.5)
CVE-2005-0758 backport (bzip2) ###
CVE-2005-0757 version (kernel, not 2.6)
CVE-2005-0756 version (kernel, fixed 2.6.12)
-CVE-2005-0754 version (kdewebdev, fixed after 3.4.0) ###
+CVE-2005-0754 version (kdewebdev, fixed after 3.4.0)
CVE-2005-0753 version (cvs, fixed 1.11.20)
CVE-2005-0752 version (firefox, fixed 1.0.3) ###
CVE-2005-0750 version (kernel, fixed 2.6.11.6)
@@ -897,11 +897,11 @@
CVE-2005-0704 version (wireshark, fixed after 0.10.9)
CVE-2005-0698 version (wireshark, fixed after 0.10.9)
CVE-2005-0670 VULNERABLE (hcidump) ###
-CVE-2005-0664 version (libexif, fixed 0.6.12) ###
+CVE-2005-0664 version (libexif, fixed 0.6.12)
CVE-2005-0654 ignore (gimp, not fixed 2.2) upstream considers harmless
-CVE-2005-0627 version (qt, fixed 3.3.4) ###
+CVE-2005-0627 version (qt, fixed 3.3.4)
CVE-2005-0626 version (squid, fixed 2.5.STABLE10)
-CVE-2005-0605 version (libXpm, fixed 3.5.4 at least) ###
+CVE-2005-0605 version (libXpm, fixed 3.5.4 at least)
CVE-2005-0605 backport (openmotif) ###
CVE-2005-0602 ignore (unzip, fixed 5.52) this is really expected behaviour
CVE-2005-0596 version (php, fixed 5.0)
@@ -911,7 +911,7 @@
CVE-2005-0592 version (firefox) ###
CVE-2005-0591 version (firefox, fixed 1.0.1) ###
CVE-2005-0590 version (thunderbird) ###
-CVE-2005-0590 version (openswan, fixed 2.1.4) ###
+CVE-2005-0590 version (openswan, fixed 2.1.4)
CVE-2005-0590 version (mozilla) ###
CVE-2005-0590 version (firefox) ###
CVE-2005-0589 version (firefox, fixed 1.0.1) ###
@@ -936,7 +936,7 @@
CVE-2005-0527 version (firefox, fixed 1.0.1) ###
CVE-2005-0525 version (php, fixed 5.0.4)
CVE-2005-0524 version (php, fixed 5.0.4)
-CVE-2005-0509 version (mono, not after 1.0.5) ###
+CVE-2005-0509 version (mono, not after 1.0.5)
CVE-2005-0504 version (kernel, not 2.6) doesn't build in 2.6
CVE-2005-0490 version (curl, fixed 7.13.1)
CVE-2005-0489 version (kernel, not 2.6)
@@ -960,11 +960,11 @@
CVE-2005-0399 version (thunderbird) ###
CVE-2005-0399 version (mozilla) ###
CVE-2005-0399 version (firefox) ###
-CVE-2005-0398 version (ipsec-tools, fixed 0.5) ###
+CVE-2005-0398 version (ipsec-tools, fixed 0.5)
CVE-2005-0397 version (ImageMagick, fixed 6.0.2.5)
CVE-2005-0396 version (kdelibs, fixed 3.4.0)
CVE-2005-0384 version (kernel, fixed 2.6.11.4)
-CVE-2005-0372 version (gftp, fixed 2.0.18 at least) ###
+CVE-2005-0372 version (gftp, fixed 2.0.18 at least)
CVE-2005-0365 version (kdelibs, not 3.4)
CVE-2005-0337 version (postfix, not 2.2) ###
CVE-2005-0255 version (thunderbird, fixed 1.0.2) ###
@@ -994,10 +994,10 @@
CVE-2005-0208 version (gaim, fixed 1.1.4)
CVE-2005-0207 version (kernel, fixed 2.6.11)
CVE-2005-0206 version (xpdf) only bad patch for 2004-0888
-CVE-2005-0205 version (kdenetwork, not 3.3+) ###
+CVE-2005-0205 version (kdenetwork, not 3.3+)
CVE-2005-0204 version (kernel) didn't affect upstream
CVE-2005-0202 version (mailman, fixed 2.1.6)
-CVE-2005-0201 version (dbus, fixed 0.36.1) ###
+CVE-2005-0201 version (dbus, fixed 0.36.1)
CVE-2005-0194 version (squid, fixed 2.5.STABLE8)
CVE-2005-0180 version (kernel, fixed 2.6.11)
CVE-2005-0179 version (kernel, fixed 2.6.11)
@@ -1007,7 +1007,7 @@
CVE-2005-0175 version (squid, fixed 2.5.STABLE8)
CVE-2005-0174 version (squid, fixed 2.5.STABLE8)
CVE-2005-0173 version (squid, fixed 2.5.STABLE8)
-CVE-2005-0162 version (openswan, fixed 2.3.0) ###
+CVE-2005-0162 version (openswan, fixed 2.3.0)
CVE-2005-0156 version (perl, fixed 5.8.8)
CVE-2005-0155 version (perl, fixed 5.8.8)
CVE-2005-0152 version (squirrelmail, not 1.4)
@@ -1037,7 +1037,7 @@
CVE-2005-0104 version (squirrelmail, fixed 1.4.4)
CVE-2005-0103 version (squirrelmail, fixed 1.4.4)
CVE-2005-0102 version (evolution-data-server, fixed 1.2.2 at least)
-CVE-2005-0100 version (emacs, fixed 21.4 at least) ###
+CVE-2005-0100 version (emacs, fixed 21.4 at least)
CVE-2005-0097 version (squid, fixed 2.5.STABLE8)
CVE-2005-0096 version (squid, fixed 2.5.STABLE8)
CVE-2005-0095 version (squid, fixed 2.5.STABLE8)
@@ -1045,28 +1045,28 @@
CVE-2005-0092 version (kernel, not affected)
CVE-2005-0091 version (kernel, not affected)
CVE-2005-0090 version (kernel, not affected)
-CVE-2005-0089 version (python, fixed 2.4.1 at least) ###
+CVE-2005-0089 version (python, fixed 2.4.1 at least)
CVE-2005-0088 version (mod_python, fixed after 2.7.8)
-CVE-2005-0087 version (alsa-lib, fixed 1.0.9) ###
-CVE-2005-0086 version (less) didn't affect upstream ###
-CVE-2005-0085 version (htdig, fixed 3.1.6-r7) ###
+CVE-2005-0087 version (alsa-lib, fixed 1.0.9)
+CVE-2005-0086 version (less) didn't affect upstream
+CVE-2005-0085 version (htdig, fixed 3.1.6-r7)
CVE-2005-0084 version (wireshark, fixed 0.10.9)
CVE-2005-0080 version (mailman) not upstream
-CVE-2005-0078 version (kde, fixed 3.0.5) ###
-CVE-2005-0077 version (perl-DBI, fixed 1.48 at least) ###
+CVE-2005-0078 version (kde, fixed 3.0.5)
+CVE-2005-0077 version (perl-DBI, fixed 1.48 at least)
CVE-2005-0075 version (squirrelmail, fixed 1.4.4)
CVE-2005-0069 backport (vim) vim-6.4-tmpfile.patch ###
CVE-2005-0064 version (xpdf, fixed 3.0.1)
-CVE-2005-0064 version (tetex, fixed 3.0) ###
+CVE-2005-0064 version (tetex, fixed 3.0)
CVE-2005-0064 version (kdegraphics, not 3.4)
CVE-2005-0064 backport (cups) cups-CAN-2005-0064.patch ###
CVE-2005-0039 ignore (kernel) not a vulnerability: don't do this says the rfc
-CVE-2005-0034 version (bind, fixed after 9.3.0) ###
-CVE-2005-0033 version (bind, not 9) ###
+CVE-2005-0034 version (bind, fixed after 9.3.0)
+CVE-2005-0033 version (bind, not 9)
CVE-2005-0023 ignore (libvte) not a security risk
-CVE-2005-0014 version (ncpfs, fixed 2.2.6) ###
-CVE-2005-0013 version (ncpfs, fixed 2.2.6) ###
-CVE-2005-0011 version (kdeedu, not 3.4) ###
+CVE-2005-0014 version (ncpfs, fixed 2.2.6)
+CVE-2005-0013 version (ncpfs, fixed 2.2.6)
+CVE-2005-0011 version (kdeedu, not 3.4)
CVE-2005-0010 version (wireshark, fixed 0.10.9)
CVE-2005-0009 version (wireshark, fixed 0.10.9)
CVE-2005-0008 version (wireshark, fixed 0.10.9)
@@ -1087,13 +1087,13 @@
CVE-2004-2531 version (gnutls, fixed 1.0.17)
CVE-2004-2480 ignore (squid) , not reproducable
CVE-2004-2479 version (squid, fixed 2.5.STABLE8)
-CVE-2004-2396 version (passwd, fixed 0.69) ###
-CVE-2004-2395 version (passwd, fixed 0.69) ###
-CVE-2004-2394 version (passwd, fixed 0.69) ###
-CVE-2004-2392 version (libuser, fixed 0.51.10) ###
+CVE-2004-2396 version (passwd, fixed 0.69)
+CVE-2004-2395 version (passwd, fixed 0.69)
+CVE-2004-2394 version (passwd, fixed 0.69)
+CVE-2004-2392 version (libuser, fixed 0.51.10)
CVE-2004-2343 ignore (httpd) not a security issue
CVE-2004-2302 version (kernel, fixed 2.6.10)
-CVE-2004-2259 version (vsftpd, fixed 1.2.2) ###
+CVE-2004-2259 version (vsftpd, fixed 1.2.2)
CVE-2004-2228 version (firefox, fixed 1.0) ###
CVE-2004-2227 version (firefox, fixed 1.0) ###
CVE-2004-2225 version (firefox, fixed 0.10.1) ###
@@ -1105,17 +1105,17 @@
CVE-2004-2069 version (openssh, not 4)
CVE-2004-2014 version (wget, fixed 1.10.1)
CVE-2004-2013 version (kernel, not 2.6)
-CVE-2004-2004 version (configuration) SUSE only ###
-CVE-2004-1880 version (openldap, fixed 2.2.21) ###
+CVE-2004-2004 version (configuration) SUSE only
+CVE-2004-1880 version (openldap, fixed 2.2.21)
CVE-2004-1834 version (httpd, not 2.2)
-CVE-2004-1773 version (sharutils, not 4.6) ###
-CVE-2004-1772 version (sharutils, not 4.6) ###
+CVE-2004-1773 version (sharutils, not 4.6)
+CVE-2004-1772 version (sharutils, not 4.6)
CVE-2004-1761 version (wireshark, fixed 0.10.3)
-CVE-2004-1689 version (sudo, fixed 1.6.8p1) ###
+CVE-2004-1689 version (sudo, fixed 1.6.8p1)
CVE-2004-1653 ignore (openssh)
CVE-2004-1639 version (mozilla) ###
CVE-2004-1639 version (firefox) ###
-CVE-2004-1617 ignore (lynx) not able to verify flaw ###
+CVE-2004-1617 ignore (lynx) not able to verify flaw
CVE-2004-1614 version (mozilla, fixed 1.7.5) ###
CVE-2004-1613 version (mozilla, fixed 1.7.5) ###
CVE-2004-1488 version (wget, fixed 1.10.1)
@@ -1139,14 +1139,14 @@
CVE-2004-1380 version (firefox) ###
CVE-2004-1377 backport (a2ps) a2ps-4.13-security.patch ###
CVE-2004-1337 version (kernel, fixed 2.6.11)
-CVE-2004-1336 version (tetex, fixed 3.0 at least) ###
+CVE-2004-1336 version (tetex, fixed 3.0 at least)
CVE-2004-1335 version (kernel, fixed 2.6.10)
CVE-2004-1334 version (kernel, fixed 2.6.10)
CVE-2004-1333 version (kernel, fixed 2.6.10)
CVE-2004-1316 version (thunderbird, fixed 0.9) ###
CVE-2004-1316 version (mozilla, fixed 1.7.5) ###
-CVE-2004-1308 version (libtiff, fixed 3.7.1 at least) ###
-CVE-2004-1307 version (libtiff, was already fixed with 0886) ###
+CVE-2004-1308 version (libtiff, fixed 3.7.1 at least)
+CVE-2004-1307 version (libtiff, was already fixed with 0886)
CVE-2004-1304 version (file, fixed 4.12)
CVE-2004-1296 backport (groff) from srpm ###
CVE-2004-1287 backport (nasm) ###
@@ -1157,16 +1157,16 @@
CVE-2004-1237 version (kernel, not 2.6) not upstream
CVE-2004-1235 version (kernel, fixed 2.6.11)
CVE-2004-1234 version (kernel, not 2.6)
-CVE-2004-1224 version (mtr, fixed after 0.65) ###
+CVE-2004-1224 version (mtr, fixed after 0.65)
CVE-2004-1200 ignore (firefox, mozilla) not a security issue
CVE-2004-1191 version (kernel, fixed 2.6.9)
CVE-2004-1190 version (kernel, fixed 2.6.10)
CVE-2004-1189 version (krb5, fixed 1.4)
CVE-2004-1186 backport (enscript) ###
CVE-2004-1185 backport (enscript) ###
-CVE-2004-1184 version (enscript, fixed 1.6.4 at least) ###
-CVE-2004-1183 version (libtiff, fixed 3.7.2) ###
-CVE-2004-1180 version (rwho, fixed 0.17) ###
+CVE-2004-1184 version (enscript, fixed 1.6.4 at least)
+CVE-2004-1183 version (libtiff, fixed 3.7.2)
+CVE-2004-1180 version (rwho, fixed 0.17)
CVE-2004-1177 version (mailman, fixed 2.1.6)
CVE-2004-1176 version (mc, fixed 4.6.0)
CVE-2004-1175 version (mc, fixed 4.6.0)
@@ -1178,24 +1178,24 @@
CVE-2004-1156 version (mozilla, firefox) ###
CVE-2004-1154 version (samba, fixed 3.0.10)
CVE-2004-1151 version (kernel, fixed 2.6.10)
-CVE-2004-1145 version (kde, not 3.4) ###
+CVE-2004-1145 version (kde, not 3.4)
CVE-2004-1144 version (kernel, not 2.6)
CVE-2004-1143 version (mailman, fixed 2.1.5)
CVE-2004-1142 version (wireshark, fixed 0.10.8)
CVE-2004-1141 version (wireshark, fixed 0.10.8)
CVE-2004-1140 version (wireshark, fixed 0.10.8)
CVE-2004-1139 version (wireshark, fixed 0.10.8)
-CVE-2004-1138 version (vim, fixed 6.3) ###
+CVE-2004-1138 version (vim, fixed 6.3)
CVE-2004-1137 version (kernel, fixed 2.6.10)
CVE-2004-1125 version (xpdf, fixed 3.0.1)
-CVE-2004-1125 version (tetex, at least 3.0) ###
+CVE-2004-1125 version (tetex, at least 3.0)
CVE-2004-1125 version (kdegraphics, not 3.4)
-CVE-2004-1096 version (perl-Archive-Zip, fixed 1.14) ###
+CVE-2004-1096 version (perl-Archive-Zip, fixed 1.14)
CVE-2004-1093 version (mc, fixed 4.6.0)
CVE-2004-1092 version (mc, fixed 4.6.0)
CVE-2004-1091 version (mc, fixed 4.6.0)
CVE-2004-1090 version (mc, fixed 4.6.0)
-CVE-2004-1079 version (ncpfs, fixed 2.2.6 at least) ###
+CVE-2004-1079 version (ncpfs, fixed 2.2.6 at least)
CVE-2004-1074 version (kernel, fixed 2.6.10)
CVE-2004-1073 version (kernel, fixed 2.6.10)
CVE-2004-1072 version (kernel, fixed 2.6.10)
@@ -1210,7 +1210,7 @@
CVE-2004-1058 version (kernel, fixed 2.6.9)
CVE-2004-1057 version (kernel, fixed 2.6.10)
CVE-2004-1056 version (kernel, fixed 2.6.10)
-CVE-2004-1051 version (sudo, fixed 1.6.8p2) ###
+CVE-2004-1051 version (sudo, fixed 1.6.8p2)
CVE-2004-1036 version (squirrelmail, fixed 1.4.4)
CVE-2004-1020 version (php, fixed after 5.0.2)
CVE-2004-1019 version (php, fixed after 5.0.2)
@@ -1219,29 +1219,29 @@
CVE-2004-1016 version (kernel, fixed 2.6.10)
CVE-2004-1014 version (nfs-utils, fixed 1.0.7)
CVE-2004-1009 version (mc, fixed 4.6.0)
-CVE-2004-1006 version (dhcp, not 3) ###
+CVE-2004-1006 version (dhcp, not 3)
CVE-2004-1005 version (mc, fixed 4.6.0)
CVE-2004-1004 version (mc, fixed 4.6.0)
CVE-2004-1002 ignore (ppp) not a security issue
CVE-2004-0997 version (kernel, not 2.6)
CVE-2004-0996 backport (cscope) not fixed in 15.5 ###
-CVE-2004-0990 version (gd, fixed 2.0.33 at least) ###
+CVE-2004-0990 version (gd, fixed 2.0.33 at least)
CVE-2004-0989 version (libxml2, fixed 2.6.15)
-CVE-2004-0986 version (iptables, fixed 1.2.12) ###
+CVE-2004-0986 version (iptables, fixed 1.2.12)
CVE-2004-0983 version (ruby, fixed 1.8.2)
CVE-2004-0981 version (ImageMagick, fixed 6.1.0)
CVE-2004-0977 version (postgresql, fixed after 7.4.6)
CVE-2004-0976 backport (perl) perl-5.8.7-CAN-2004-0976.patch ###
CVE-2004-0975 version (openssl, not 0.9.8)
CVE-2004-0975 backport (openssl097a, fixed 0.9.7f)
-CVE-2004-0974 version (netatalk, fixed 2.0.1) ###
-CVE-2004-0972 version (lvm2, fixed 2.2.01.8 at least) ###
+CVE-2004-0974 version (netatalk, fixed 2.0.1)
+CVE-2004-0972 version (lvm2, fixed 2.2.01.8 at least)
CVE-2004-0971 backport (krb5) krb5-1.3.4-send-pr-tempfile.patch ###
-CVE-2004-0970 version (gzip) ###
-CVE-2004-0969 version (groff, fixed 1.18.1.1) ###
+CVE-2004-0970 version (gzip)
+CVE-2004-0969 version (groff, fixed 1.18.1.1)
CVE-2004-0968 version (glibc, fixed 2.3.5 at least)
CVE-2004-0967 version (ghostscript, fixed 8.15.1)
-CVE-2004-0966 version (gettext, fixed 0.14.3 at least) ###
+CVE-2004-0966 version (gettext, fixed 0.14.3 at least)
CVE-2004-0961 version (freeradius, fixed 1.0.1)
CVE-2004-0960 version (freeradius, fixed 1.0.1)
CVE-2004-0959 version (php, fixed 4.3.9)
@@ -1254,7 +1254,7 @@
CVE-2004-0940 version (httpd, not 2.2)
CVE-2004-0938 version (freeradius, fixed 1.0.1)
CVE-2004-0930 version (samba, fixed 3.0.8)
-CVE-2004-0929 version (libtiff, fixed 3.7.0) ###
+CVE-2004-0929 version (libtiff, fixed 3.7.0)
CVE-2004-0923 version (cups, fixed 1.2.22)
CVE-2004-0918 version (squid, fixed 2.4.STABLE7)
CVE-2004-0914 version (xorg-x11, fixed after 6.8.1) ###
@@ -1276,14 +1276,14 @@
CVE-2004-0891 version (gaim, fixed 1.0.2)
CVE-2004-0889 version (xpdf, fixed 3.0.1)
CVE-2004-0888 version (xpdf, fixed 3.0.1)
-CVE-2004-0888 version (tetex, fixed 3.0) ###
-CVE-2004-0888 version (kpdegraphics, not 3.4) ###
+CVE-2004-0888 version (tetex, fixed 3.0)
+CVE-2004-0888 version (kdegraphics, not 3.4) ###
CVE-2004-0888 version (cups)
CVE-2004-0887 version (kernel, fixed 2.6.10)
-CVE-2004-0886 version (libtiff, fixed 3.7.1 at least) ###
+CVE-2004-0886 version (libtiff, fixed 3.7.1 at least)
CVE-2004-0886 version (kdegraphics, fixed by Update on 20041109)
CVE-2004-0885 version (httpd, not 2.2)
-CVE-2004-0884 version (cyrus-sasl, fixed 2.1.20) ###
+CVE-2004-0884 version (cyrus-sasl, fixed 2.1.20)
CVE-2004-0883 version (kernel, fixed 2.6.11)
CVE-2004-0883 version (kernel, fixed 2.6.11)
CVE-2004-0882 version (samba, fixed 3.0.8)
@@ -1296,8 +1296,8 @@
CVE-2004-0832 version (squid, fixed 2.5.STABLE7)
CVE-2004-0829 version (samba, fixed 2.2.11)
CVE-2004-0827 version (ImageMagick, fixed 6.0.6.2)
-CVE-2004-0826 version (nss, fixed 3.9.2) ###
-CVE-2004-0823 version (openldap, fixed after 2.1.19) ###
+CVE-2004-0826 version (nss, fixed 3.9.2)
+CVE-2004-0823 version (openldap, fixed after 2.1.19)
CVE-2004-0816 version (kernel, fixed 2.6.8)
CVE-2004-0815 version (samba, fixed 3.0.2a)
CVE-2004-0814 version (kernel, fixed 2.6.9)
@@ -1307,10 +1307,10 @@
CVE-2004-0809 version (httpd, not 2.2)
CVE-2004-0808 version (samba, fixed 3.0.7)
CVE-2004-0807 version (samba, fixed 3.0.7)
-CVE-2004-0806 version (cdrtools, fixed 2.0.1) ###
-CVE-2004-0804 version (libtiff, fixed after 3.6.1) ###
+CVE-2004-0806 version (cdrtools, fixed 2.0.1)
+CVE-2004-0804 version (libtiff, fixed after 3.6.1)
CVE-2004-0804 version (kdegraphics)
-CVE-2004-0803 version (libtiff, fixed after 3.6.1) ###
+CVE-2004-0803 version (libtiff, fixed after 3.6.1)
CVE-2004-0803 version (kdegraphics)
CVE-2004-0801 version (foomatic, fixed 3.0.2)
CVE-2004-0797 version (zlib, fixed 1.2.2.2 at least)
@@ -1319,12 +1319,12 @@
CVE-2004-0792 version (rsync, fixed 2.6.3)
CVE-2004-0791 version (kernel, fixed 2.6.9)
CVE-2004-0790 version (kernel, not 2.6)
-CVE-2004-0788 version (gtk2, fixed 2.6.7 at least) ###
-CVE-2004-0786 version (apr-util, fixed 2.0.51) ###
+CVE-2004-0788 version (gtk2, fixed 2.6.7 at least)
+CVE-2004-0786 version (apr-util, not httpd-2.2)
CVE-2004-0785 version (gaim, fixed 0.82)
CVE-2004-0784 version (gaim, fixed 0.82)
-CVE-2004-0783 version (gtk2, fixed 2.6.7 at least) ###
-CVE-2004-0782 version (gtk2, fixed 2.6.7 at least) ###
+CVE-2004-0783 version (gtk2, fixed 2.6.7 at least)
+CVE-2004-0782 version (gtk2, fixed 2.6.7 at least)
CVE-2004-0779 version (thunderbird) ###
CVE-2004-0779 version (mozilla) ###
CVE-2004-0779 version (firefox) ###
@@ -1344,27 +1344,27 @@
CVE-2004-0757 version (mozilla, fixed 1.7) ###
CVE-2004-0755 version (ruby, fixed 1.8.1)
CVE-2004-0754 version (gaim, fixed 0.82)
-CVE-2004-0753 version (gtk2, fixed after 2.2.4) ###
-CVE-2004-0752 version (openoffice.org, fixed after 1.1.2) ###
+CVE-2004-0753 version (gtk2, fixed after 2.2.4)
+CVE-2004-0752 version (openoffice.org, fixed after 1.1.2)
CVE-2004-0751 version (httpd, not 2.2)
-CVE-2004-0750 version (system-config-nfs, fixed 1.0.13) ###
-CVE-2004-0749 version (subversion, fixed 1.0.8) ###
+CVE-2004-0750 version (system-config-nfs, fixed 1.0.13)
+CVE-2004-0749 version (subversion, fixed 1.0.8)
CVE-2004-0748 version (httpd, not 2.2)
CVE-2004-0747 version (httpd, not 2.2)
-CVE-2004-0746 version (kde, fixed 3.3) ###
+CVE-2004-0746 version (kde, fixed 3.3)
CVE-2004-0745 backport (lha) ###
CVE-2004-0722 version (mozilla, fixed 1.7) ###
CVE-2004-0721 version (kdelibs, fixed 3.3)
CVE-2004-0718 version (mozilla, fixed 1.7) ###
CVE-2004-0700 version (httpd, not 2.2)
CVE-2004-0694 backport (lha, changelog) ###
-CVE-2004-0693 version (qt, fixed 3.3.3) ###
-CVE-2004-0692 version (qt, fixed 3.3.3) ###
-CVE-2004-0691 version (qt, fixed 3.3.3) ###
+CVE-2004-0693 version (qt, fixed 3.3.3)
+CVE-2004-0692 version (qt, fixed 3.3.3)
+CVE-2004-0691 version (qt, fixed 3.3.3)
CVE-2004-0690 version (kdelibs, fixed after 3.2.3)
CVE-2004-0689 version (kdelibs, fixed 3.3.0)
-CVE-2004-0688 version (openmotif) ###
-CVE-2004-0687 version (openmotif) ###
+CVE-2004-0688 version (openmotif)
+CVE-2004-0687 version (openmotif)
CVE-2004-0686 version (samba, fixed 3.0.6)
CVE-2004-0685 version (kernel, not 2.6)
CVE-2004-0658 ignore (kernel) not a security issue
@@ -1401,7 +1401,7 @@
CVE-2004-0547 version (postgresql, fixed 7.2.1)
CVE-2004-0541 version (squid)
CVE-2004-0535 version (kernel, fixed 2.6.6)
-CVE-2004-0527 version (konqueror, not 3+) ###
+CVE-2004-0527 version (konqueror, not 3+)
CVE-2004-0523 version (krb5, fixed 1.3.4)
CVE-2004-0521 version (squirrelmail, fixed 1.4.3a)
CVE-2004-0520 version (squirrelmail, fixed 1.4.3a)
@@ -1420,8 +1420,8 @@
CVE-2004-0491 version (kernel, not upstream)
CVE-2004-0488 version (httpd, not 2.2)
CVE-2004-0478 ignore (mozilla) not a security issue
-CVE-2004-0461 version (dhcp, fixed after 3.0.1rc13) ###
-CVE-2004-0460 version (dhcp, fixed after 3.0.1rc13) ###
+CVE-2004-0461 version (dhcp, fixed after 3.0.1rc13)
+CVE-2004-0460 version (dhcp, fixed after 3.0.1rc13)
CVE-2004-0457 version (mysql, fixed after 4.0.20)
CVE-2004-0452 version (perl, fixed 5.8.8)
CVE-2004-0447 version (kernel, fixed 2.6.5)
@@ -1442,7 +1442,7 @@
CVE-2004-0405 version (cvs, fixed 1.11)
CVE-2004-0403 version (racoon, fixed 20040408a) ###
CVE-2004-0398 version (neon, fixed 0.24.6)
-CVE-2004-0397 version (subversion, fixed 1.0.1) ###
+CVE-2004-0397 version (subversion, fixed 1.0.1)
CVE-2004-0396 version (cvs, fixed 1.12.8)
CVE-2004-0394 version (kernel, not 2.6) also not a vulnerability
CVE-2004-0392 version (racoon, fixed 20040407b) ###
@@ -1451,7 +1451,7 @@
CVE-2004-0367 version (wireshark, fixed 0.10.3)
CVE-2004-0365 version (wireshark, fixed 0.10.3)
CVE-2004-0263 version (php, fixed 4.3.5)
-CVE-2004-0256 version (libtool, fixed 1.5.2) ###
+CVE-2004-0256 version (libtool, fixed 1.5.2)
CVE-2004-0235 backport (lha, changelog) ###
CVE-2004-0234 backport (lha, changelog) ###
CVE-2004-0232 version (mc, fixed 4.6.0)
@@ -1467,7 +1467,7 @@
CVE-2004-0182 version (mailman) only affected Red Hat packages
CVE-2004-0181 version (kernel, fixed 2.6.5)
CVE-2004-0180 version (cvs, fixed 1.11.15)
-CVE-2004-0179 version (openoffice.org) ###
+CVE-2004-0179 version (openoffice.org)
CVE-2004-0179 version (neon, fixed 0.24.5)
CVE-2004-0178 version (kernel, not 2.6)
CVE-2004-0177 version (kernel, fixed 2.6.6)
@@ -1479,9 +1479,9 @@
CVE-2004-0164 version (racoon) ###
CVE-2004-0155 version (racoon) ###
CVE-2004-0154 version (nfs-utils, fixed 1.0.6)
-CVE-2004-0150 version (python, fixed 2.2.2) ###
+CVE-2004-0150 version (python, fixed 2.2.2)
CVE-2004-0138 version (kernel, fixed 2.6.0)
-CVE-2004-0133 version (kernel, 2.6.4) ###
+CVE-2004-0133 version (kernel, 2.6.4)
CVE-2004-0113 version (httpd, not 2.2)
CVE-2004-0112 version (openssl, not 0.9.8)
CVE-2004-0112 backport (openssl097a, fixed 0.9.7d)
More information about the scm-commits
mailing list