fedora-security/audit fc5,1.458,1.459

Lubomir Kundrak (lkundrak) fedora-extras-commits at redhat.com
Fri Mar 23 13:32:27 UTC 2007 

Author: lkundrak

Update of /cvs/fedora/fedora-security/audit
In directory cvs-int.fedora.redhat.com:/tmp/cvs-serv15670

Modified Files:
	fc5 
Log Message:
Huge sync with what is already fixed.
Fixed order of the CVEs.

Added:

CVE-2007-0002 version (libwpd, fixed 0.8.9) #222808 [since FEDORA-2007-350]
CVE-2007-0998 backport (xen) #230295 [since FEDORA-2007-344]
CVE-2007-1218 backport (tcpdump) #232349 [since FEDORA-2007-348]
CVE-2007-1000 version (kernel, fixed 2.6.20) [since FEDORA-2007-336]
CVE-2007-0006 version (kernel, fixed 2.6.20) [since FEDORA-2007-336]
CVE-2007-0005 version (kernel, fixed 2.6.20) [since FEDORA-2007-336]
CVE-2007-1263 version (gnupg, fixed 1.4.7) [since FEDORA-2007-316]
CVE-2007-0772 version (kernel) [since FEDORA-2007-277]
CVE-2007-0906 backport (php) #228011 [since FEDORA-2007-261]
CVE-2007-0907 backport (php) #228011 [since FEDORA-2007-261]
CVE-2007-0908 backport (php) #228011 [since FEDORA-2007-261]
CVE-2007-0909 backport (php) #228011 [since FEDORA-2007-261]
CVE-2007-0910 backport (php) #228011 [since FEDORA-2007-261]
CVE-2007-0988 backport (php) #228011 [since FEDORA-2007-261]
CVE-2007-0008 version (nss, fixed 3.11.5) (nspr, fixed 4.6.5) [since FEDORA-2007-278]
CVE-2007-0009 version (nss, fixed 3.11.5) (nspr, fixed 4.6.5) [since FEDORA-2007-278]



Index: fc5
===================================================================
RCS file: /cvs/fedora/fedora-security/audit/fc5,v
retrieving revision 1.458
retrieving revision 1.459
diff -u -r1.458 -r1.459
--- fc5	23 Mar 2007 11:34:28 -0000	1.458
+++ fc5	23 Mar 2007 13:32:24 -0000	1.459
@@ -4,6 +4,7 @@
 ** are items that need attention
 
 CVE-2007-1565 ignore (konqueror) client crash
+CVE-2007-1564 vulnerable (konqueror) [#CVE-2007-1564] 
 CVE-2007-1475 ignore (php) unshipped ibase extension
 CVE-2007-1420 VULNERABLE (mysql, fixed 5.0.36) #232604
 CVE-2007-1413 ignore (php) Windows NT SNMP specific
@@ -11,12 +12,23 @@
 CVE-2007-1411 ignore (php) unshipped mssql extension
 CVE-2007-1401 ignore (php) unshipped cracklib extension
 CVE-2007-1396 ignore (php) feature, not a flaw
-CVE-2007-1006 VULNERABLE (ekiga, fixed 2.0.5) #229259
+CVE-2007-1263 version (gnupg, fixed 1.4.7) [since FEDORA-2007-316]
+CVE-2007-1218 backport (tcpdump) #232349 [since FEDORA-2007-348]
+CVE-2007-1006 backport (ekiga, fixed 2.0.5) #229259 [since FEDORA-2007-321] 
 CVE-2007-1004 VULNERABLE (firefox, ...)
 CVE-2007-1002 VULNERABLE (evolution) #233587
+CVE-2007-1000 version (kernel, fixed 2.6.20) [since FEDORA-2007-336] 
+CVE-2007-0998 backport (xen) #230295 [since FEDORA-2007-344]
+CVE-2007-0988 backport (php) #228011 [since FEDORA-2007-261]
 CVE-2007-0981 VULNERABLE (firefox, ...)
+CVE-2007-0910 backport (php) #228011 [since FEDORA-2007-261]
+CVE-2007-0909 backport (php) #228011 [since FEDORA-2007-261]
+CVE-2007-0908 backport (php) #228011 [since FEDORA-2007-261]
+CVE-2007-0907 backport (php) #228011 [since FEDORA-2007-261]
+CVE-2007-0906 backport (php) #228011 [since FEDORA-2007-261]
 CVE-2007-0823 ignore (xterm) feature, not a bug
 CVE-2007-0822 ignore (util-linux) NULL dereference
+CVE-2007-0772 version (kernel) [since FEDORA-2007-277]
 CVE-2007-0770 ignore (ImageMagick) only if incomplete CVE-2006-5456
 CVE-2007-0720 version (cups, fixed 1.2.7) #232243 [since FEDORA-2007-1219]
 CVE-2007-0650 ignore (tetex) needs user's assistance
@@ -28,11 +40,16 @@
 CVE-2007-0104 ignore (poppler) only client DoS
 CVE-2007-0104 ignore (kdegraphics) only client DoS
 CVE-2007-0086 ignore (apache) not a security issue
+CVE-2007-0009 version (nss, fixed 3.11.5) (nspr, fixed 4.6.5) [since FEDORA-2007-278]
+CVE-2007-0008 version (nss, fixed 3.11.5) (nspr, fixed 4.6.5) [since FEDORA-2007-278]
 CVE-2007-0007 ignore (gnucsh) doesn't affect this version
+CVE-2007-0006 version (kernel, fixed 2.6.20) [since FEDORA-2007-336] 
 CVE-2007-0006 backport (kernel, fixed in -mm) [since FEDORA-2007-225]
+CVE-2007-0005 version (kernel, fixed 2.6.20) [since FEDORA-2007-336] 
+CVE-2007-0002 version (libwpd, fixed 0.8.9) #222808 [since FEDORA-2007-350]
 CVE-2006-6939 VULNERABLE (ed, fixed 0.3) #223075
-CVE-2006-6870 backport (avahi, fixed 0.6.16) #221726 [since FEDORA-2007-018]
 CVE-2006-6899 version (bluez-utils, fixed 2.23)
+CVE-2006-6870 backport (avahi, fixed 0.6.16) #221726 [since FEDORA-2007-018]
 CVE-2006-6772 backport (w3m) #221484 [since FEDORA-2007-078]
 CVE-2006-6719 backport (wget) #221469 [since FEDORA-2007-037]
 CVE-2006-6698 VULNERABLE (GConf2) #219280
@@ -64,8 +81,8 @@
 CVE-2006-6054 VULNERABLE (kernel, fixed **)
 CVE-2006-6053 backport (kernel) [since FEDORA-2006-1221]
 CVE-2006-5989 backport (mod_auth_kerb) [since FEDORA-2006-1341]
-CVE-2006-5973 VULNERABLE (dovecot, fixed 1.0.rc15) #216508
 CVE-2006-5974 ignore (fetchmail, fixed 6.3.6) only 6.3.5
+CVE-2006-5973 VULNERABLE (dovecot, fixed 1.0.rc15) #216508
 CVE-2006-5925 backport (elinks) #215734 [since FEDORA-2006-1277]
 CVE-2006-5876 VULNERABLE (libsoup) #223144
 CVE-2006-5871 version (kernel, fixed 2.6.10)
@@ -78,7 +95,7 @@
 CVE-2006-5783 ignore (firefox) disputed
 CVE-2006-5779 VULNERABLE (openldap, 2.3.29) #214768
 CVE-2006-5757 backport (kernel, fixed 2.6.19-rc2) [since FEDORA-2006-1221]
-CVE-2006-5753 VULNERABLE (kernel)
+CVE-2006-5753 backport (kernel, fixed 2.6.20.1) [since FEDORA-2007-277]
 CVE-2006-5751 version (kernel, fixed 2.6.19, fixed 2.6.18.4) [since FEDORA-2006-1470]
 CVE-2006-5749 VULNERABLE (kernel, fixed 2.6.20-rc2)
 CVE-2006-5748 version (thunderbird) [since FEDORA-2006-1194]
@@ -112,12 +129,12 @@
 CVE-2006-5298 backport (mutt) [since FEDORA-2006-1061]
 CVE-2006-5297 backport (mutt) [since FEDORA-2006-1061]
 CVE-2006-5229 ignore (openssh) reported not an issue
-CVE-2006-5215 VULNERABLE (xorg-x11-xdm) #212167
-CVE-2006-5215 VULNERABLE (xorg-x11-xinit) #212167
 CVE-2006-5215 ignore (kdebase) #212166 links to xinit Xsession
-CVE-2006-5214 VULNERABLE (xorg-x11-xdm) #212167
-CVE-2006-5214 VULNERABLE (xorg-x11-xinit) #212167
+CVE-2006-5215 VULNERABLE (xorg-x11-xinit) #212167
+CVE-2006-5215 VULNERABLE (xorg-x11-xdm) #212167
 CVE-2006-5214 ignore (kdebase) #212166 links to xinit Xsession
+CVE-2006-5214 VULNERABLE (xorg-x11-xinit) #212167
+CVE-2006-5214 VULNERABLE (xorg-x11-xdm) #212167
 CVE-2006-5178 VULNERABLE (php) can't be fixed
 CVE-2006-5174 ignore (kernel, fixed 2.6.19-rc1) s390 only
 CVE-2006-5173 version (kernel, fixed 2.6.18) [since FEDORA-2006-1022] protected by exec-shield
@@ -148,22 +165,22 @@
 CVE-2006-4573 VULNERABLE (screen) #212057
 CVE-2006-4572 VULNERABLE (kernel, fixed 2.6.19-rc4)
 CVE-2006-4571 version (thunderbird, fixed 1.5.0.7) [since FEDORA-2006-977]
-CVE-2006-4571 VULNERABLE (mozilla)
 CVE-2006-4571 version (firefox, fixed 1.5.0.7) [since FEDORA-2006-976]
+CVE-2006-4571 VULNERABLE (mozilla)
 CVE-2006-4570 version (thunderbird, fixed 1.5.0.7) [since FEDORA-2006-977]
 CVE-2006-4570 VULNERABLE (mozilla)
 CVE-2006-4569 version (firefox, fixed 1.5.0.7) [since FEDORA-2006-976]
 CVE-2006-4569 VULNERABLE (mozilla)
 CVE-2006-4568 version (firefox, fixed 1.5.0.7) [since FEDORA-2006-976]
 CVE-2006-4568 VULNERABLE (mozilla)
-CVE-2006-4567 version (firefox, fixed 1.5.0.7) [since FEDORA-2006-976]
 CVE-2006-4567 version (thunderbird, fixed 1.5.0.7) [since FEDORA-2006-977]
+CVE-2006-4567 version (firefox, fixed 1.5.0.7) [since FEDORA-2006-976]
+CVE-2006-4566 version (thunderbird, fixed 1.5.0.7) [since FEDORA-2006-977]
 CVE-2006-4566 version (firefox, fixed 1.5.0.7) [since FEDORA-2006-976]
 CVE-2006-4566 VULNERABLE (mozilla)
-CVE-2006-4566 version (thunderbird, fixed 1.5.0.7) [since FEDORA-2006-977]
+CVE-2006-4565 version (thunderbird, fixed 1.5.0.7) [since FEDORA-2006-977]
 CVE-2006-4565 version (firefox, fixed 1.5.0.7) [since FEDORA-2006-976]
 CVE-2006-4565 VULNERABLE (mozilla)
-CVE-2006-4565 version (thunderbird, fixed 1.5.0.7) [since FEDORA-2006-977]
 CVE-2006-4561 VULNERABLE (firefox)
 CVE-2006-4538 version (kernel, fixed 2.6.18) [since FEDORA-2006-1022] ia64 and sparc only
 CVE-2006-4535 version (kernel, fixed 2.6.17.12, fixed 2.6.18-rc6) [since FEDORA-2006-967]
@@ -179,26 +196,26 @@
 CVE-2006-4455 ignore (xchat) client DoS
 CVE-2006-4447 ignore (xorg) not a security issue
 CVE-2006-4434 ignore (sendmail, fixed 8.13.8) not exploitable
+CVE-2006-4433 version (php, fixed 5.1.4) [since FEDORA-2006-1024]
 CVE-2006-4380 version (mysql, fixed 4.1.13)
 CVE-2006-4343 backport (openssl, fixed 0.9.8d) [since FEDORA-2006-1004]
 CVE-2006-4342 ignore (kernel) rhel3 only
 CVE-2006-4340 version (nss, fixed 3.11.3) [since FEDORA-2006-979]
-CVE-2006-4339 backport (openssl) [since FEDORA-2006-953]
 CVE-2006-4339 backport (openssl097a) [since FEDORA-2006-953]
+CVE-2006-4339 backport (openssl) [since FEDORA-2006-953]
 CVE-2006-4338 version (gzip) #207643 [since FEDORA-2006-993]
 CVE-2006-4337 version (gzip) #207643 [since FEDORA-2006-993]
 CVE-2006-4336 version (gzip) #207643 [since FEDORA-2006-993]
 CVE-2006-4335 version (gzip) #207643 [since FEDORA-2006-993]
 CVE-2006-4334 version (gzip) #207643 [since FEDORA-2006-993]
-CVE-2006-4433 version (php, fixed 5.1.4) [since FEDORA-2006-1024]
 CVE-2006-4333 version (wireshark, fixed 0.99.3) [since FEDORA-2006-936]
 CVE-2006-4332 version (wireshark, fixed 0.99.3) [since FEDORA-2006-936]
 CVE-2006-4331 version (wireshark, fixed 0.99.3) [since FEDORA-2006-936]
 CVE-2006-4330 version (wireshark, fixed 0.99.3) [since FEDORA-2006-936]
 CVE-2006-4310 VULNERABLE (firefox)
 CVE-2006-4262 backport (cscope) #203649 [since FEDORA-2006-932]
-CVE-2006-4253 version (firefox, fixed 1.5.0.7) [since FEDORA-2006-976]
 CVE-2006-4253 version (thunderbird, fixed 1.5.0.7) [since FEDORA-2006-977]
+CVE-2006-4253 version (firefox, fixed 1.5.0.7) [since FEDORA-2006-976]
 CVE-2006-4227 version (mysql, fixed 5.0.25,5.1.12) #203432 [since FEDORA-2006-1298]
 CVE-2006-4226 version (mysql, fixed 5.0.25,5.1.12) #203427 [since FEDORA-2006-1298]
 CVE-2006-4146 backport (gdb) [since FEDORA-2006-975]
@@ -214,41 +231,41 @@
 CVE-2006-3879 version (mikmod, not 3.1.6)
 CVE-2006-3835 VULNERABLE (tomcat, fixed 5.5.17)
 CVE-2006-3813 version (perl) only Red Hat Enterprise Linux affected
-CVE-2006-3812 version (firefox, fixed 1.5.0.5) [since FEDORA-2006-902]
 CVE-2006-3812 version (thunderbird, fixed 1.5.0.5) [since FEDORA-2006-903]
+CVE-2006-3812 version (firefox, fixed 1.5.0.5) [since FEDORA-2006-902]
 CVE-2006-3812 VULNERABLE (mozilla)
-CVE-2006-3811 version (firefox, fixed 1.5.0.5) [since FEDORA-2006-902]
 CVE-2006-3811 version (thunderbird, fixed 1.5.0.5) [since FEDORA-2006-903]
+CVE-2006-3811 version (firefox, fixed 1.5.0.5) [since FEDORA-2006-902]
 CVE-2006-3811 VULNERABLE (mozilla)
-CVE-2006-3810 version (firefox, fixed 1.5.0.5) [since FEDORA-2006-902]
 CVE-2006-3810 version (thunderbird, fixed 1.5.0.5) [since FEDORA-2006-903]
+CVE-2006-3810 version (firefox, fixed 1.5.0.5) [since FEDORA-2006-902]
 CVE-2006-3810 VULNERABLE (mozilla)
-CVE-2006-3809 version (firefox, fixed 1.5.0.5) [since FEDORA-2006-902]
 CVE-2006-3809 version (thunderbird, fixed 1.5.0.5) [since FEDORA-2006-903]
+CVE-2006-3809 version (firefox, fixed 1.5.0.5) [since FEDORA-2006-902]
 CVE-2006-3809 VULNERABLE (mozilla)
-CVE-2006-3808 version (firefox, fixed 1.5.0.5) [since FEDORA-2006-902]
 CVE-2006-3808 version (thunderbird, fixed 1.5.0.5) [since FEDORA-2006-903]
+CVE-2006-3808 version (firefox, fixed 1.5.0.5) [since FEDORA-2006-902]
 CVE-2006-3808 VULNERABLE (mozilla)
-CVE-2006-3807 version (firefox, fixed 1.5.0.5) [since FEDORA-2006-902]
 CVE-2006-3807 version (thunderbird, fixed 1.5.0.5) [since FEDORA-2006-903]
+CVE-2006-3807 version (firefox, fixed 1.5.0.5) [since FEDORA-2006-902]
 CVE-2006-3807 VULNERABLE (mozilla)
-CVE-2006-3806 version (firefox, fixed 1.5.0.5) [since FEDORA-2006-902]
 CVE-2006-3806 version (thunderbird, fixed 1.5.0.5) [since FEDORA-2006-903]
+CVE-2006-3806 version (firefox, fixed 1.5.0.5) [since FEDORA-2006-902]
 CVE-2006-3806 VULNERABLE (mozilla)
-CVE-2006-3805 version (firefox, fixed 1.5.0.5) [since FEDORA-2006-902]
 CVE-2006-3805 version (thunderbird, fixed 1.5.0.5) [since FEDORA-2006-903]
+CVE-2006-3805 version (firefox, fixed 1.5.0.5) [since FEDORA-2006-902]
 CVE-2006-3805 VULNERABLE (mozilla)
-CVE-2006-3804 version (firefox, fixed 1.5.0.5) [since FEDORA-2006-902]
 CVE-2006-3804 version (thunderbird, fixed 1.5.0.5) [since FEDORA-2006-903]
+CVE-2006-3804 version (firefox, fixed 1.5.0.5) [since FEDORA-2006-902]
 CVE-2006-3804 VULNERABLE (mozilla)
-CVE-2006-3803 version (firefox, fixed 1.5.0.5) [since FEDORA-2006-902]
 CVE-2006-3803 version (thunderbird, fixed 1.5.0.5) [since FEDORA-2006-903]
+CVE-2006-3803 version (firefox, fixed 1.5.0.5) [since FEDORA-2006-902]
 CVE-2006-3803 VULNERABLE (mozilla)
-CVE-2006-3802 version (firefox, fixed 1.5.0.5) [since FEDORA-2006-902]
 CVE-2006-3802 version (thunderbird, fixed 1.5.0.5) [since FEDORA-2006-903]
+CVE-2006-3802 version (firefox, fixed 1.5.0.5) [since FEDORA-2006-902]
 CVE-2006-3802 VULNERABLE (mozilla)
-CVE-2006-3801 version (firefox, fixed 1.5.0.5) [since FEDORA-2006-902]
 CVE-2006-3801 version (thunderbird, fixed 1.5.0.5) [since FEDORA-2006-903]
+CVE-2006-3801 version (firefox, fixed 1.5.0.5) [since FEDORA-2006-902]
 CVE-2006-3801 VULNERABLE (mozilla)
 CVE-2006-3747 backport (httpd, fixed 2.2.3) [since FEDORA-2006-863]
 CVE-2006-3746 version (gnupg, fixed 1.4.5) #200904 [since FEDORA-2006-868]
@@ -262,8 +279,8 @@
 CVE-2006-3738 backport (openssl, fixed 0.9.8d) [since FEDORA-2006-1004]
 CVE-2006-3731 ignore (firefox) just a user complicit crash
 CVE-2006-3694 backport (ruby, fixed 1.8.5) #199538 #199543 [since FEDORA-2006-849]
-CVE-2006-3677 version (firefox, fixed 1.5.0.5) [since FEDORA-2006-902]
 CVE-2006-3677 version (thunderbird, fixed 1.5.0.5) [since FEDORA-2006-903]
+CVE-2006-3677 version (firefox, fixed 1.5.0.5) [since FEDORA-2006-902]
 CVE-2006-3677 VULNERABLE (mozilla)
 CVE-2006-3672 ignore (konqueror) just a crash
 CVE-2006-3665 ignore (squirrelmail) don't enable register_globals!
@@ -280,9 +297,9 @@
 CVE-2006-3486 ignore (mysql, fixed 5.0.23) not exploitable
 CVE-2006-3469 VULNERABLE (mysql)
 CVE-2006-3468 version (kernel, fixed 2.6.17.8) [since FEDORA-2006-906]
-CVE-2006-3467 VULNERABLE (freetype)
 CVE-2006-3467 ignore (vnc) #203174 not a vulnerability
 CVE-2006-3467 backport (libXfont) #202475 [since FEDORA-2006-912]
+CVE-2006-3467 VULNERABLE (freetype)
 CVE-2006-3465 backport (libtiff) [since FEDORA-2006-877]
 CVE-2006-3464 backport (libtiff) [since FEDORA-2006-877]
 CVE-2006-3463 backport (libtiff) [since FEDORA-2006-877]
@@ -302,8 +319,8 @@
 CVE-2006-3127 version (nss, only affected 3.11) [since FEDORA-2006-728]
 CVE-2006-3122 version (dhcp, only 2.x)
 CVE-2006-3117 backport (openoffice.org, fixed 2.0.3) [since FEDORA-2006-770]
-CVE-2006-3113 version (firefox, fixed 1.5.0.5) [since FEDORA-2006-902]
 CVE-2006-3113 version (thunderbird, fixed 1.5.0.5) [since FEDORA-2006-903]
+CVE-2006-3113 version (firefox, fixed 1.5.0.5) [since FEDORA-2006-902]
 CVE-2006-3113 VULNERABLE (mozilla)
 CVE-2006-3085 version (kernel, fixed 2.6.16.21, fixed 2.6.17.1) [since FEDORA-2006-735]
 CVE-2006-3084 ignore (krb5) seteuid() calls never fail on linux
@@ -326,42 +343,42 @@
 CVE-2006-2932 ignore (kernel) no 4G/4G split support
 CVE-2006-2916 ignore (arts) not shipped setuid
 CVE-2006-2906 VULNERABLE (gd) #194520
-CVE-2006-2894 VULNERABLE (firefox) https://bugzilla.mozilla.org/show_bug.cgi?id=56236
 CVE-2006-2894 VULNERABLE (mozilla) https://bugzilla.mozilla.org/show_bug.cgi?id=56236
+CVE-2006-2894 VULNERABLE (firefox) https://bugzilla.mozilla.org/show_bug.cgi?id=56236
 CVE-2006-2842 version (squirrelmail, fixed 1.4.6) #194286 [since FEDORA-2006-680]
 CVE-2006-2789 version (evolution, fixed 2.4.X)
 CVE-2006-2788 version (firefox, fixed 1.5.0.4) [since FEDORA-2006-715]
-CVE-2006-2787 version (firefox, fixed 1.5.0.4) [since FEDORA-2006-715]
 CVE-2006-2787 version (thunderbird, fixed 1.5.0.4) [since FEDORA-2006-717]
+CVE-2006-2787 version (firefox, fixed 1.5.0.4) [since FEDORA-2006-715]
 CVE-2006-2787 VULNERABLE (mozilla)
-CVE-2006-2786 version (firefox, fixed 1.5.0.4) [since FEDORA-2006-715]
 CVE-2006-2786 version (thunderbird, fixed 1.5.0.4) [since FEDORA-2006-717]
+CVE-2006-2786 version (firefox, fixed 1.5.0.4) [since FEDORA-2006-715]
 CVE-2006-2786 VULNERABLE (mozilla)
 CVE-2006-2785 version (firefox, fixed 1.5.0.4) [since FEDORA-2006-715]
 CVE-2006-2785 VULNERABLE (mozilla)
 CVE-2006-2784 version (firefox, fixed 1.5.0.4) [since FEDORA-2006-715]
 CVE-2006-2784 VULNERABLE (mozilla)
-CVE-2006-2783 version (firefox, fixed 1.5.0.4) [since FEDORA-2006-715]
 CVE-2006-2783 version (thunderbird, fixed 1.5.0.4) [since FEDORA-2006-717]
+CVE-2006-2783 version (firefox, fixed 1.5.0.4) [since FEDORA-2006-715]
 CVE-2006-2783 VULNERABLE (mozilla)
 CVE-2006-2782 version (firefox, fixed 1.5.0.4) [since FEDORA-2006-715]
 CVE-2006-2781 version (thunderbird, fixed 1.5.0.4) [since FEDORA-2006-717]
-CVE-2006-2780 VULNERABLE (firefox)
 CVE-2006-2780 version (thunderbird, fixed 1.5.0.4) [since FEDORA-2006-717]
 CVE-2006-2780 VULNERABLE (mozilla)
-CVE-2006-2779 version (firefox, fixed 1.5.0.4) [since FEDORA-2006-715]
+CVE-2006-2780 VULNERABLE (firefox)
 CVE-2006-2779 version (thunderbird, fixed 1.5.0.4) [since FEDORA-2006-717]
+CVE-2006-2779 version (firefox, fixed 1.5.0.4) [since FEDORA-2006-715]
 CVE-2006-2779 VULNERABLE (mozilla)
-CVE-2006-2778 version (firefox, fixed 1.5.0.4) [since FEDORA-2006-715]
 CVE-2006-2778 version (thunderbird, fixed 1.5.0.4) [since FEDORA-2006-717]
+CVE-2006-2778 version (firefox, fixed 1.5.0.4) [since FEDORA-2006-715]
 CVE-2006-2778 VULNERABLE (mozilla)
 CVE-2006-2777 version (firefox, fixed 1.5.0.4) [since FEDORA-2006-715]
 CVE-2006-2777 VULNERABLE (mozilla)
-CVE-2006-2776 version (firefox, fixed 1.5.0.4) [since FEDORA-2006-715]
 CVE-2006-2776 version (thunderbird, fixed 1.5.0.4) [since FEDORA-2006-717]
+CVE-2006-2776 version (firefox, fixed 1.5.0.4) [since FEDORA-2006-715]
 CVE-2006-2776 VULNERABLE (mozilla)
-CVE-2006-2775 version (firefox, fixed 1.5.0.4) [since FEDORA-2006-715]
 CVE-2006-2775 version (thunderbird, fixed 1.5.0.4) [since FEDORA-2006-717]
+CVE-2006-2775 version (firefox, fixed 1.5.0.4) [since FEDORA-2006-715]
 CVE-2006-2775 VULNERABLE (mozilla)
 CVE-2006-2754 ignore (openldap) This issue is not exploitable
 CVE-2006-2753 version (mysql, fixed 5.0.22) #193828 [since FEDORA-2006-702]
@@ -435,9 +452,9 @@
 CVE-2006-1857 version (kernel, fixed 2.6.16.17) [since FEDORA-2006-572]
 CVE-2006-1856 version (kernel, fixed 2.6.16.12) [since FEDORA-2006-499]
 CVE-2006-1855 version (kernel, fixed 2.6.11.12)
-CVE-2006-1790 version (firefox, fixed 1.5.0.2) [since FEDORA-2006-411]
 CVE-2006-1790 version (thunderbird, fixed 1.5.0.2) [since FEDORA-2006-490]
 CVE-2006-1790 version (mozilla, fixed 1.7.13) [since FEDORA-2006-487]
+CVE-2006-1790 version (firefox, fixed 1.5.0.2) [since FEDORA-2006-411]
 CVE-2006-1742 version (thunderbird, fixed 1.5.0.2) [since FEDORA-2006-490]
 CVE-2006-1742 version (mozilla, fixed 1.7.13) [since FEDORA-2006-487]
 CVE-2006-1742 version (firefox, fixed 1.5.0.2) [since FEDORA-2006-411]
@@ -455,25 +472,25 @@
 CVE-2006-1737 version (thunderbird, fixed 1.5.0.2) [since FEDORA-2006-490]
 CVE-2006-1737 version (mozilla, fixed 1.7.13) [since FEDORA-2006-487]
 CVE-2006-1737 version (firefox, fixed 1.5.0.2) [since FEDORA-2006-411]
-CVE-2006-1736 version (mozilla, fixed 1.7.13) [since FEDORA-2006-487]
 CVE-2006-1736 versions (firefox, fixed 1.5.0.2) [since FEDORA-2006-411]
-CVE-2006-1735 version (mozilla, fixed 1.7.13) [since FEDORA-2006-487]
+CVE-2006-1736 version (mozilla, fixed 1.7.13) [since FEDORA-2006-487]
 CVE-2006-1735 version (thunderbird, fixed 1.5.0.2) [since FEDORA-2006-490]
+CVE-2006-1735 version (mozilla, fixed 1.7.13) [since FEDORA-2006-487]
 CVE-2006-1735 version (firefox, fixed 1.5.0.2) [since FEDORA-2006-411]
-CVE-2006-1734 version (mozilla, fixed 1.7.13) [since FEDORA-2006-487]
 CVE-2006-1734 version (thunderbird, fixed 1.5.0.2) [since FEDORA-2006-490]
+CVE-2006-1734 version (mozilla, fixed 1.7.13) [since FEDORA-2006-487]
 CVE-2006-1734 version (firefox, fixed 1.5.0.2) [since FEDORA-2006-411]
-CVE-2006-1733 version (mozilla, fixed 1.7.13) [since FEDORA-2006-487]
 CVE-2006-1733 version (thunderbird, fixed 1.5.0.2) [since FEDORA-2006-490]
+CVE-2006-1733 version (mozilla, fixed 1.7.13) [since FEDORA-2006-487]
 CVE-2006-1733 version (firefox, fixed 1.5.0.2) [since FEDORA-2006-411]
-CVE-2006-1732 version (mozilla, fixed 1.7.13) [since FEDORA-2006-487]
 CVE-2006-1732 version (thunderbird, fixed 1.5.0.2) [since FEDORA-2006-490]
+CVE-2006-1732 version (mozilla, fixed 1.7.13) [since FEDORA-2006-487]
 CVE-2006-1732 version (firefox, fixed 1.5.0.2) [since FEDORA-2006-411]
-CVE-2006-1731 version (mozilla, fixed 1.7.13) [since FEDORA-2006-487]
 CVE-2006-1731 version (thunderbird, fixed 1.5.0.2) [since FEDORA-2006-490]
+CVE-2006-1731 version (mozilla, fixed 1.7.13) [since FEDORA-2006-487]
 CVE-2006-1731 version (firefox, fixed 1.5.0.2) [since FEDORA-2006-411]
-CVE-2006-1730 version (mozilla, fixed 1.7.13) [since FEDORA-2006-487]
 CVE-2006-1730 version (thunderbird, fixed 1.5.0.2) [since FEDORA-2006-490]
+CVE-2006-1730 version (mozilla, fixed 1.7.13) [since FEDORA-2006-487]
 CVE-2006-1730 version (firefox, fixed 1.5.0.2) [since FEDORA-2006-411]
 CVE-2006-1729 version (mozilla, fixed 1.7.13) [since FEDORA-2006-487]
 CVE-2006-1729 version (firefox, fixed 1.5.0.2) [since FEDORA-2006-411]
@@ -483,8 +500,8 @@
 CVE-2006-1727 version (thunderbird, fixed 1.5.0.2) [since FEDORA-2006-490]
 CVE-2006-1727 version (mozilla, fixed 1.7.13) [since FEDORA-2006-487]
 CVE-2006-1727 version (firefox, fixed 1.5.0.2) [since FEDORA-2006-411]
-CVE-2006-1726 version (firefox, fixed 1.5.0.2) [since FEDORA-2006-411]
 CVE-2006-1726 version (thunderbird, fixed 1.5.0.2) [since FEDORA-2006-490]
+CVE-2006-1726 version (firefox, fixed 1.5.0.2) [since FEDORA-2006-411]
 CVE-2006-1725 version (firefox, fixed 1.5.0.2) [since FEDORA-2006-411]
 CVE-2006-1724 version (thunderbird, fixed 1.5.0.2) [since FEDORA-2006-490]
 CVE-2006-1724 version (mozilla, fixed 1.7.13) [since FEDORA-2006-487]
@@ -589,8 +606,8 @@
 CVE-2006-0369 ignore (mysql) this is not a security issue
 CVE-2006-0321 version (fetchmail, fixed 6.3.2)
 CVE-2006-0301 version (poppler, fixed 0.4.5)
-CVE-2006-0301 backport (xpdf) xpdf-3.01pl2.patch
 CVE-2006-0301 version (kdegraphics, fixed 3.5.2) [since FEDORA-2006-352] was backport since GA
+CVE-2006-0301 backport (xpdf) xpdf-3.01pl2.patch
 CVE-2006-0300 version (tar, fixed 1.15.90 at least) [since FEDORA-2006-958]
 CVE-2006-0299 version (thunderbird, fixed 1.5)
 CVE-2006-0299 version (mozilla, 1.8 branch only)
@@ -634,16 +651,16 @@
 CVE-2006-0052 version (mailman, fixed 2.1.6)
 CVE-2006-0049 version (gnupg, fixed 1.4.2.2)
 CVE-2006-0040 VULNERABLE (gtkhtml) #183680 no upstream fix
-CVE-2006-0040 ** (gtkhtml2)
 CVE-2006-0040 ** (gtkhtml3)
+CVE-2006-0040 ** (gtkhtml2)
 CVE-2006-0039 version (kernel, fixed 2.6.16.17) [since FEDORA-2006-572]
 CVE-2006-0037 version (kernel, only 2.6.14 and 2.6.15) patch-2.6.16-rc6 [since FEDORA-2006-233]
 CVE-2006-0036 version (kernel, only 2.6.14 and 2.6.15) patch-2.6.16-rc6 [since FEDORA-2006-233]
 CVE-2006-0035 version (kernel, only 2.6.14 and 2.6.15) patch-2.6.16-rc6 [since FEDORA-2006-233]
 CVE-2006-0019 version (kdelibs, fixed 3.5.1)
 CVE-2005-4811 version (kernel, fixed 2.6.13)
-CVE-2005-4809 VULNERABLE (firefox)
 CVE-2005-4809 VULNERABLE (seamonkey)
+CVE-2005-4809 VULNERABLE (firefox)
 CVE-2005-4808 ignore (binutils, gas fixed 20050714) this is a bug
 CVE-2005-4807 ignore (binutils, gas fixed 20050721) this is a bug
 CVE-2005-4798 version (kernel, not 2.6)
@@ -706,29 +723,29 @@
 CVE-2005-3629 version (initscripts, fixed 8.29 at least)
 CVE-2005-3628 version (poppler, fixed 0.4.4)
 CVE-2005-3628 version (kdegraphics, fixed 3.5.1)
+CVE-2005-3628 version (cups, fixed 1.2.0) [since FEDORA-2006-252] was backport since GA
 CVE-2005-3628 backport (xpdf) xpdf-3.01pl2.patch
 CVE-2005-3628 backport (tetex) tetex-3.0-CVE-2005-3193.patch
-CVE-2005-3628 version (cups, fixed 1.2.0) [since FEDORA-2006-252] was backport since GA
 CVE-2005-3627 version (poppler, fixed 0.4.4)
 CVE-2005-3627 version (kdegraphics, fixed 3.5.1)
+CVE-2005-3627 version (cups, fixed 1.2.0) [since FEDORA-2006-252] was backport since GA
 CVE-2005-3627 backport (xpdf) xpdf-3.01pl2.patch
 CVE-2005-3627 backport (tetex)
-CVE-2005-3627 version (cups, fixed 1.2.0) [since FEDORA-2006-252] was backport since GA
 CVE-2005-3626 version (poppler, fixed 0.4.4)
 CVE-2005-3626 version (kdegraphics, fixed 3.5.1)
+CVE-2005-3626 version (cups, fixed 1.2.0) [since FEDORA-2006-252] was backport since GA
 CVE-2005-3626 backport (xpdf) xpdf-3.01pl2.patch
 CVE-2005-3626 backport (tetex)
-CVE-2005-3626 version (cups, fixed 1.2.0) [since FEDORA-2006-252] was backport since GA
 CVE-2005-3625 version (poppler, fixed 0.4.4)
 CVE-2005-3625 version (kdegraphics, fixed 3.5.1)
+CVE-2005-3625 version (cups, fixed 1.2.0) [since FEDORA-2006-252] was backport since GA
 CVE-2005-3625 backport (xpdf) xpdf-3.01pl2.patch
 CVE-2005-3625 backport (tetex)
-CVE-2005-3625 version (cups, fixed 1.2.0) [since FEDORA-2006-252] was backport since GA
 CVE-2005-3624 version (poppler, fixed 0.4.4)
 CVE-2005-3624 version (kdegraphics, fixed 3.5.1)
+CVE-2005-3624 version (cups, fixed 1.2.0) [since FEDORA-2006-252] was backport since GA
 CVE-2005-3624 backport (xpdf) xpdf-3.01pl2.patch
 CVE-2005-3624 backport (tetex)
-CVE-2005-3624 version (cups, fixed 1.2.0) [since FEDORA-2006-252] was backport since GA
 CVE-2005-3623 version (kernel, fixed 2.6.14.5)
 CVE-2005-3582 version (ImageMagick) gentoo only
 CVE-2005-3573 version (mailman, fixed 2.1.7)
@@ -768,19 +785,19 @@
 CVE-2005-3241 version (ethereal, fixed 0.10.13)
 CVE-2005-3193 version (poppler, fixed 0.4.4)
 CVE-2005-3193 version (kdegraphics, fixed 3.5.1)
+CVE-2005-3193 version (cups, fixed 1.2.0) [since FEDORA-2006-252] was backport since GA
 CVE-2005-3193 backport (xpdf) xpdf-3.01pl2.patch
 CVE-2005-3193 backport (tetex) tetex-3.0-CVE-2005-3193.patch
-CVE-2005-3193 version (cups, fixed 1.2.0) [since FEDORA-2006-252] was backport since GA
 CVE-2005-3192 version (poppler, fixed 0.4.4)
 CVE-2005-3192 version (kdegraphics, fixed 3.5.1)
+CVE-2005-3192 version (cups, fixed 1.2.0) [since FEDORA-2006-252] was backport since GA
 CVE-2005-3192 backport (xpdf) xpdf-3.01pl2.patch
 CVE-2005-3192 backport (tetex) tetex-3.0-CVE-2005-3193.patch
-CVE-2005-3192 version (cups, fixed 1.2.0) [since FEDORA-2006-252] was backport since GA
 CVE-2005-3191 version (poppler, fixed 0.4.4)
 CVE-2005-3191 version (kdegraphics, fixed 3.5.1)
+CVE-2005-3191 version (cups, fixed 1.2.0) [since FEDORA-2006-252] was backport since GA
 CVE-2005-3191 backport (xpdf) xpdf-3.01pl2.patch
 CVE-2005-3191 backport (tetex) tetex-3.0-CVE-2005-3193.patch
-CVE-2005-3191 version (cups, fixed 1.2.0) [since FEDORA-2006-252] was backport since GA
 CVE-2005-3186 version (gtk2, fixed 2.8.7 at least)
 CVE-2005-3186 backport (gdk-pixbuf)
 CVE-2005-3185 version (wget, fixed 1.10.2 at least)

More information about the scm-commits mailing list