fedora-security/audit fc7,1.25,1.26
Josh Bressers (bressers)
fedora-extras-commits at redhat.com
Wed Jun 27 21:22:50 UTC 2007
Author: bressers
Update of /cvs/fedora/fedora-security/audit
In directory cvs-int.fedora.redhat.com:/tmp/cvs-serv24517
Modified Files:
fc7
Log Message:
Deal with some ids
Index: fc7
===================================================================
RCS file: /cvs/fedora/fedora-security/audit/fc7,v
retrieving revision 1.25
retrieving revision 1.26
diff -u -r1.25 -r1.26
--- fc7 27 Jun 2007 20:12:10 -0000 1.25
+++ fc7 27 Jun 2007 21:22:48 -0000 1.26
@@ -26,7 +26,7 @@
CVE-2007-3025 ignore (clamav, Solaris only)
CVE-2007-3024 VULNERABLE (clamav, fixed 0.90.3) #245219
CVE-2007-3023 VULNERABLE (clamav, fixed 0.90.3) #245219
-*CVE-2007-3007 ignore (php) safe mode isn't safe
+CVE-2007-3007 ignore (php) safe mode isn't safe
*CVE-2007-2975 (openfire)
*CVE-2007-2894 VULNERABLE (bochs) #241799
CVE-2007-2876 version (kernel, fixed 2.6.21.5) [ since FEDORA-2007-0409 ]
@@ -38,7 +38,7 @@
*CVE-2007-2868 version (seamonkey, fixed 1.0.9)
*CVE-2007-2867 version (seamonkey, fixed 1.0.9)
*CVE-2007-2865 VULNERABLE (phpPgAdmin) #241489
-*CVE-2007-2844 ignore (php) #241641
+CVE-2007-2844 ignore (php) #241641
*CVE-2007-2843 ignore (konqueror) safari specific
*CVE-2007-2821 VULNERABLE (wordpress, fixed 2.2) #240970
*CVE-2007-2799 (file)
@@ -54,10 +54,10 @@
*CVE-2007-2627 ** (wordpress) #239904
*CVE-2007-2589 (squirrelmail)
*CVE-2007-2583 (mysql)
-*CVE-2007-2519 ignore (php-pear) no trust boundary is crossed
-*CVE-2007-2511 ignore (php) #239011 see the bug
-*CVE-2007-2510 (php)
-*CVE-2007-2509 (php)
+CVE-2007-2519 ignore (php-pear) no trust boundary is crossed
+CVE-2007-2511 ignore (php) #239011 see the bug
+CVE-2007-2510 version (php, fixed 5.2.2)
+CVE-2007-2509 version (php, fixed 5.2.2)
*CVE-2007-2500 patch (gnash, fixed 0.7.2-2) #239213
CVE-2007-2453 version (kernel, fixed 2.6.21.4) [ since FEDORA-2007-0409 ]
CVE-2007-2451 version (kernel, fixed 2.6.21.4) [ since FEDORA-2007-0409 ]
@@ -88,7 +88,7 @@
CVE-2007-2029 VULNERABLE (clamav, fixed 0.90.3)
*CVE-2007-2028 (freeradius)
*CVE-2007-2026 (file)
-*CVE-2007-2016 ignore (phpMyAdmin, < 2.8.0.2 never shipped)
+CVE-2007-2016 ignore (phpMyAdmin, < 2.8.0.2 never shipped)
CVE-2007-1997 version (clamav, fixed in 0.90.2)
*CVE-2007-1995 (quagga) #240488
*CVE-2007-1897 version (wordpress, fixed 2.1.3) #235912
@@ -96,7 +96,7 @@
*CVE-2007-1893 version (wordpress, fixed 2.1.3) #235912
*CVE-2007-1870 version (lighttpd, fixed 1.4.14) #236489
*CVE-2007-1869 version (lighttpd, fixed 1.4.14) #236489
-*CVE-2007-1864 (php)
+CVE-2007-1864 version (php, fixed 5.2.2)
*CVE-2007-1862 (httpd)
*CVE-2007-1859 (xscreensaver)
*CVE-2007-1858 (tomcat)
@@ -109,17 +109,17 @@
*CVE-2007-1742 (httpd)
*CVE-2007-1741 (httpd)
*CVE-2007-1732 ignore (wordpress) #235015
-*CVE-2007-1718 (php)
-*CVE-2007-1717 (php)
-*CVE-2007-1711 (php)
-*CVE-2007-1710 (php)
-*CVE-2007-1709 (php)
+CVE-2007-1718 version (php, fixed 5.2.2)
+CVE-2007-1717 version (php, fixed 5.2.2)
+CVE-2007-1711 version (php, 4.4.5 and 4.4.6 only)
+CVE-2007-1710 version (php, fixed 5.2.2)
+CVE-2007-1709 ignore (php) no security impact
*CVE-2007-1667 (xorg-x11)
-*CVE-2007-1649 (php)
+CVE-2007-1649 version (php, fixed 5.2.2)
*CVE-2007-1622 version (wordpress, fixed 2.1.3-0.rc2) #233703
*CVE-2007-1614 version (zziplib, fixed 0.13.49) #233700
*CVE-2007-1599 version (wordpress, fixed 2.1.3-0.rc2) #233703
-*CVE-2007-1583 (php)
+CVE-2007-1583 version (php, fixed 5.2.2)
*CVE-2007-1565 ignore (konqueror) client crash
*CVE-2007-1564 vulnerable (konqueror) [#CVE-2007-1564]
*CVE-2007-1562 (firefox, seamonkey, thunderbird)
@@ -132,34 +132,34 @@
*CVE-2007-1544 version (nas, fixed 1.8a-2) #233353
*CVE-2007-1543 version (nas, fixed 1.8a-2) #233353
*CVE-2007-1536 (file)
-*CVE-2007-1521 (php)
+CVE-2007-1521 ignore (php) See NVD
*CVE-2007-1515 version (imp, fixed 4.1.4)
CVE-2007-1496 version (kernel, fixed 2.6.20.3)
-*CVE-2007-1484 (php)
-*CVE-2007-1475 ignore (php) unshipped ibase extension
+CVE-2007-1484 ignore (php) See NVD
+CVE-2007-1475 ignore (php) unshipped ibase extension
*CVE-2007-1474 version (horde, fixed 3.1.4)
*CVE-2007-1474 ignore (imp, < 4.x only)
*CVE-2007-1473 version (horde, fixed 3.1.4)
*CVE-2007-1466 (openoffice.org)
*CVE-2007-1464 version (inkscape, fixed 0.45.1)
*CVE-2007-1463 version (inkscape, fixed 0.45.1)
-*CVE-2007-1460 (php)
+CVE-2007-1460 version (php, fixed 5.2.2)
*CVE-2007-1429 version (moodle, fixed 1.6.5) #232103
*CVE-2007-1420 VULNERABLE (mysql, fixed 5.0.36) #232604
-*CVE-2007-1413 ignore (php) Windows NT SNMP specific
-*CVE-2007-1412 ignore (php) unshipped cpdf extension
-*CVE-2007-1411 ignore (php) unshipped mssql extension
+CVE-2007-1413 ignore (php) Windows NT SNMP specific
+CVE-2007-1412 ignore (php) unshipped cpdf extension
+CVE-2007-1411 ignore (php) unshipped mssql extension
*CVE-2007-1406 version (trac, fixed 0.10.3.1) #231729
*CVE-2007-1405 version (trac, fixed 0.10.3.1) #231729
-*CVE-2007-1401 ignore (php) unshipped cracklib extension
-*CVE-2007-1399 version (php-pecl-zip, fixed 1.8.5)
+CVE-2007-1401 ignore (php) unshipped cracklib extension
+CVE-2007-1399 version (php-pecl-zip, fixed 1.8.5)
*CVE-2007-1398 ignore (snort, inline mode not shipped) #232109
-*CVE-2007-1396 ignore (php) feature, not a flaw
+CVE-2007-1396 ignore (php) feature, not a flaw
*CVE-2007-1395 version (phpMyAdmin, fixed 2.10.0.2)
*CVE-2007-1387 patch (xine-lib, fixed 1.1.4-3)
*CVE-2007-1385 version (ktorrent, fixed 2.1.2)
*CVE-2007-1384 version (ktorrent, fixed 2.1.2)
-*CVE-2007-1375 (php)
+CVE-2007-1375 version (php, fixed 5.2.2)
*CVE-2007-1366 ** (qemu) #238723
*CVE-2007-1362 version (seamonkey, fixed 1.0.9)
*CVE-2007-1359 patch (mod_security, fixed 2.1.0-3) #231728
@@ -171,9 +171,9 @@
*CVE-2007-1322 ** (qemu) #238723
*CVE-2007-1321 ** (qemu) #238723
*CVE-2007-1320 ** (qemu) #238723
-*CVE-2007-1287 (php)
-*CVE-2007-1286 (php)
-*CVE-2007-1285 (php)
+CVE-2007-1287 ignore (php) See NVD
+CVE-2007-1286 version (php, PHP4 only)
+CVE-2007-1285 version (php, 5.2.2)
*CVE-2007-1282 version (seamonkey, fixed 1.0.8)
*CVE-2007-1277 version (wordpress, fixed 2.1.2)
*CVE-2007-1267 ignore (sylpheed, uses gpgme) #231733
@@ -185,7 +185,7 @@
*CVE-2007-1244 version (wordpress, fixed 2.1.2) #230898
*CVE-2007-1230 version (wordpress, fixed 2.1.2)
*CVE-2007-1218 backport (tcpdump) 232349 [since FEDORA-2007-347]
-CVE-2007-1216 patch (krb5, fixed 1.6-3) #231537
+CVE-2007-1216 version (krb5, fixed 1.6-3) #231537
*CVE-2007-1103 VULNERABLE (tor) #230927
*CVE-2007-1092 version (seamonkey, fixed 1.0.8)
*CVE-2007-1055 version (mediawiki, fixed 1.8.3)
@@ -198,24 +198,24 @@
*CVE-2007-1004 VULNERABLE (firefox, ...)
*CVE-2007-1003 VULNERABLE (xorg-x11-server, fixed > X11R7.2) #235263
*CVE-2007-1002 VULNERABLE (evolution) #233587
-*CVE-2007-1001 (php)
+CVE-2007-1001 version (php, fixed 5.2.2)
CVE-2007-1000 version (kernel, fixed 2.6.20.2) [since FEDORA-2007-335]
*CVE-2007-0999 (ekiga)
*CVE-2007-0998 version (qemu, fixed 0.8.2)
*CVE-2007-0998 backport (xen) #230295 [since FEDORA-2007-343]
*CVE-2007-0996 version (seamonkey, fixed 1.0.8)
*CVE-2007-0995 version (seamonkey, fixed 1.0.8)
-*CVE-2007-0988 (php)
+CVE-2007-0988 version (php, fixed 5.2.1)
*CVE-2007-0981 VULNERABLE (firefox, ...)
*CVE-2007-0981 version (seamonkey, fixed 1.0.8) #229253
CVE-2007-0957 patch (krb5, fixed 1.6-3) #231528
CVE-2007-0956 patch (krb5, fixed 1.6-3) #229782
-*CVE-2007-0911 (php)
-*CVE-2007-0910 (php)
-*CVE-2007-0909 (php)
-*CVE-2007-0908 (php)
-*CVE-2007-0907 (php)
-*CVE-2007-0906 (php)
+CVE-2007-0911 version (php, 5.2.1 only)
+CVE-2007-0910 version (php, fixed 5.2.1)
+CVE-2007-0909 version (php, fixed 5.2.1)
+CVE-2007-0908 version (php, fixed 5.2.1)
+CVE-2007-0907 version (php, fixed 5.2.1)
+CVE-2007-0906 version (php, fixed 5.2.1)
*CVE-2007-0903 version (ejabberd, fixed 1.1.3)
*CVE-2007-0902 patch (moin, fixed 1.5.7-2) #228764
*CVE-2007-0901 patch (moin, fixed 1.5.7-2) #228764
@@ -236,7 +236,7 @@
CVE-2007-0771 patch (kernel, fixed 2.6.20-1.2933) #227952
*CVE-2007-0770 patch (GraphicsMagick, fixed 1.1.7-7) #228758
*CVE-2007-0770 ignore (ImageMagick) only if incomplete CVE-2006-5456
-*CVE-2007-0720 ignore (cups, fixed 1.2.7) cups is already updated
+CVE-2007-0720 ignore (cups, fixed 1.2.7) cups is already updated
*CVE-2007-0657 ignore (nexuiz, 2.2.2 only (not shipped), fixed 2.2.3)
*CVE-2007-0654 VULNERABLE (xmms) #233705
*CVE-2007-0653 VULNERABLE (xmms) #233705
@@ -248,8 +248,8 @@
*CVE-2007-0540 version (wordpress, fixed 2.1-0) #225469
*CVE-2007-0539 version (wordpress, fixed 2.1-0) #225469
*CVE-2007-0537 VULNERABLE (kdebase) #225420
-*CVE-2007-0494 version (bind, fixed 9.3.4) #225268 [since FEDORA-2007-147]
-*CVE-2007-0493 version (bind, fixed 9.3.4) #224443 [since FEDORA-2007-147]
+CVE-2007-0494 version (bind, fixed 9.3.4) #225268 [since FEDORA-2007-147]
+CVE-2007-0493 version (bind, fixed 9.3.4) #224443 [since FEDORA-2007-147]
*CVE-2007-0475 version (smb4k, fixed 0.8.0)
*CVE-2007-0474 version (smb4k, fixed 0.8.0)
*CVE-2007-0473 version (smb4k, fixed 0.8.0)
@@ -264,7 +264,7 @@
*CVE-2007-0452 (samba)
*CVE-2007-0451 version (spamassassin, fixed 3.1.8) [since FEDORA-2007-241]
*CVE-2007-0450 (tomcat)
-*CVE-2007-0448 (php)
+CVE-2007-0448 ignore (php) safe mode isn't safe
*CVE-2007-0405 version (Django, fixed 0.95.1)
*CVE-2007-0404 version (Django, fixed 0.95.1)
*CVE-2007-0341 ignore (phpMyAdmin, 2.8.x only)
@@ -303,8 +303,8 @@
CVE-2007-0005 version (kernel, fixed 2.6.20) [since FEDORA-2007-335]
*CVE-2007-0002 version (libwpd, fixed 0.8.9) #222808 [since FEDORA-2007-351]
CVE-2007-0001 ignore (kernel) rhel4 2.6.9 only known affected
-*CVE-2006-7205 (php)
-*CVE-2006-7204 (php)
+CVE-2006-7205 ignore (php) See NVD
+CVE-2006-7204 ignore (php) See NVD
*CVE-2006-7197 (tomcat)
*CVE-2006-7196 (tomcat)
*CVE-2006-7195 (tomcat)
@@ -358,7 +358,7 @@
CVE-2006-6481 version (clamav, fixed 0.88.7)
CVE-2006-6406 version (clamav, fixed 0.88.7) #219095
CVE-2006-6385 ignore (kernel) windows only
-*CVE-2006-6383 ignore (php) safe mode isn't safe
+CVE-2006-6383 ignore (php) safe mode isn't safe
*CVE-2006-6374 ** (phpMyAdmin) #218853
*CVE-2006-6373 version (phpMyAdmin, fixed 2.9.1.1) #218853
CVE-2006-6333 version (kernel, fixed 2.6.19.1) [since FEDORA-2007-058]
@@ -436,7 +436,7 @@
*CVE-2006-5747 version (thunderbird, fixed 1.5.0.8) [since FEDORA-2006-1192]
*CVE-2006-5747 version (seamonkey, fixed 1.0.6) #214822
*CVE-2006-5747 version (firefox, fixed 1.5.0.8) [since FEDORA-2006-1191]
-*CVE-2006-5706 ignore (php, fixed 5.2.0) safe mode isn't safe
+CVE-2006-5706 ignore (php, fixed 5.2.0) safe mode isn't safe
*CVE-2006-5705 backport (wordpress, fixed 2.0.4-3) #213985
*CVE-2006-5701 VULNERABLE (kernel) squashfs is not included upstream
*CVE-2006-5633 ignore (firefox) just a client DoS
@@ -452,7 +452,7 @@
*CVE-2006-5468 version (wireshark, fixed 0.99.4) [since FEDORA-2006-1140]
*CVE-2006-5467 backport (ruby) #212396 [since FEDORA-2006-1109]
*CVE-2006-5466 VULNERABLE (rpm) #212833
-*CVE-2006-5465 backport (php, fixed 5.2.0) #213732 [since FEDOA-2006-1169]
+CVE-2006-5465 backport (php, fixed 5.2.0) #213732 [since FEDOA-2006-1169]
*CVE-2006-5464 version (thunderbird, fixed 1.5.0.8) [since FEDORA-2006-1192]
*CVE-2006-5464 version (seamonkey, fixed 1.0.6) #214822
*CVE-2006-5464 version (firefox, fixed 1.5.0.8) [since FEDORA-2006-1191]
@@ -480,7 +480,7 @@
*CVE-2006-5214 VULNERABLE (xorg-x11-xinit) #212167
*CVE-2006-5214 version (xorg-x11-xdm)
*CVE-2006-5214 ignore (kdebase) #212166 links to xinit Xsession
-*CVE-2006-5178 VULNERABLE (php) can't be fixed
+CVE-2006-5178 VULNERABLE (php) can't be fixed
*CVE-2006-5174 ignore (kernel, fixed 2.6.19-rc1) s390 only
*CVE-2006-5173 ignore (kernel, fixed 2.6.18) protected by exec-shield
*CVE-2006-5170 VULNERABLE (nss_ldap, fixed 183)
@@ -510,7 +510,7 @@
*CVE-2006-4816 (php)
*CVE-2006-4814 version (kernel, fixed 2.6.19.2) [since FEDORA-2007-058]
*CVE-2006-4813 version (kernel, fixed 2.6.13)
-*CVE-2006-4812 backport (php) php-5.1.6-ecalloc.patch
+CVE-2006-4812 version (php, fixed 5.2)
*CVE-2006-4811 version (qt, fixed 3.3.7) [since FEDORA-2006-1055]
*CVE-2006-4810 backport (texinfo) [since FEDORA-2006-1203]
*CVE-2006-4809 patch (imlib2, fixed 1.3.0-3) #214676
@@ -526,7 +526,7 @@
*CVE-2006-4684 version (zope, fixed 2.9.2)
*CVE-2006-4663 ignore (kernel) not a vulnerability
CVE-2006-4640 ignore, no-ship (flash-plugin)
-*CVE-2006-4625 ignore (php) safe mode isn't safe
+CVE-2006-4625 ignore (php) safe mode isn't safe
*CVE-2006-4624 version (mailman, fixed 2.1.9rc1)
*CVE-2006-4623 version (kernel, fixed 2.6.18-rc1)
*CVE-2006-4600 version (openldap, fixed 2.3.25)
@@ -556,18 +556,18 @@
*CVE-2006-4513 version (wv, fixed 1.2.4) #212696
*CVE-2006-4513 ** (abiword) #212698
*CVE-2006-4507 ignore (libtiff) can't reproduce
-*CVE-2006-4486 version (php, fixed 5.1.6)
-*CVE-2006-4485 version (php, fixed 5.1.5)
-*CVE-2006-4484 version (php, fixed 5.1.5)
+CVE-2006-4486 version (php, fixed 5.1.6)
+CVE-2006-4485 version (php, fixed 5.1.5)
+CVE-2006-4484 version (php, fixed 5.1.5)
*CVE-2006-4484 ignore (gd)
-*CVE-2006-4483 ignore (php) not linux
-*CVE-2006-4482 version (php, fixed 5.1.5)
-*CVE-2006-4481 ignore (php) safe mode isn't safe
-*CVE-2006-4455 ignore (xchat) client DoS
+CVE-2006-4483 ignore (php) not linux
+CVE-2006-4482 version (php, fixed 5.1.5)
+CVE-2006-4481 ignore (php) safe mode isn't safe
+CVE-2006-4455 ignore (xchat) client DoS
*CVE-2006-4447 ignore (xorg) not a security issue
*CVE-2006-4434 ignore (sendmail, fixed 8.13.8) not exploitable
-*CVE-2006-4433 version (php, fixed 5.1.4)
-*CVE-2006-4433 version (php, fixed 5.1.4)
+CVE-2006-4433 version (php, fixed 5.1.4)
+CVE-2006-4433 version (php, fixed 5.1.4)
*CVE-2006-4380 version (mysql, fixed 4.1.13)
*CVE-2006-4343 backport (openssl, fixed 0.9.8d)
*CVE-2006-4342 ignore (kernel) rhel3 only
@@ -602,12 +602,12 @@
*CVE-2006-4145 version (kernel, fixed 2.6.17.10, fixed 2.6.18-rc5) needs a better upstream fix
*CVE-2006-4144 backport (ImageMagick, fixed 6.2.9)
*CVE-2006-4124 (lesstif)
-*CVE-2006-4096 backport (bind)
-*CVE-2006-4095 backport (bind)
+CVE-2006-4096 version (bind, fixed 9.3.2-P1)
+CVE-2006-4095 version (bind, fixed 9.3.2-P1)
*CVE-2006-4093 version (kernel, fixed 2.6.17.9, fixed 2.6.18-rc5)
*CVE-2006-4031 version (mysql, fixed 5.0.24) #202675 [since FEDORA-2006-1297]
*CVE-2006-4028 version (wordpress, fixed 2.0.4) #201989
-*CVE-2006-4020 version (php, fixed 5.1.5)
+CVE-2006-4020 version (php, fixed 5.1.5)
*CVE-2006-4019 version (squirrelmail, fixed 1.4.8)
CVE-2006-4018 version (clamav, fixed 0.88.4-1) #201688
*CVE-2006-3918 version (httpd, fixed 2.2.2)
@@ -722,16 +722,16 @@
*CVE-2006-3113 version (firefox, fixed 1.5.0.5)
*CVE-2006-3093 ignore (acroread) windows only
*CVE-2006-3085 version (kernel, fixed 2.6.17.1)
-*CVE-2006-3084 ignore (krb5) seteuid() calls never fail on linux
-*CVE-2006-3083 backport (krb5, fixed 1.5.1, 1.4.4)
+CVE-2006-3084 ignore (krb5) seteuid() calls never fail on linux
+CVE-2006-3083 backport (krb5, fixed 1.5.1, 1.4.4)
*CVE-2006-3082 version (gnupg, fixed 1.4.4)
*CVE-2006-3081 version (mysql, fixed 5.1.18)
*CVE-2006-3057 version (dhcdbd, fixed 1.14)
-*CVE-2006-3018 version (php, fixed 5.1.3)
-*CVE-2006-3017 version (php, fixed 5.1.3)
-*CVE-2006-3016 version (php, fixed 5.1.3)
+CVE-2006-3018 version (php, fixed 5.1.3)
+CVE-2006-3017 version (php, fixed 5.1.3)
+CVE-2006-3016 version (php, fixed 5.1.3)
*CVE-2006-3014 ignore (flash-plugin) windows only
-*CVE-2006-3011 ignore (php) safe mode isn't safe
+CVE-2006-3011 ignore (php) safe mode isn't safe
*CVE-2006-3005 ignore (libjpeg) not a vuln
*CVE-2006-2941 version (mailman, fixed 2.1.9)
*CVE-2006-2940 backport (openssl, fixed 0.9.8d)
@@ -777,15 +777,15 @@
*CVE-2006-2753 version (mysql, fixed 5.0.22)
*CVE-2006-2723 ignore (firefox) disputed
*CVE-2006-2661 version (freetype, fixed 2.2.1)
-*CVE-2006-2660 ignore (php) see #195539
+CVE-2006-2660 ignore (php) see #195539
*CVE-2006-2658 version (xsp, fixed 1.1.14) #206510
-*CVE-2006-2657 (php)
+CVE-2006-2657 (php) DUPE CVE-2006-3017
*CVE-2006-2656 backport (libtiff) tiffsplit-overflow.patch
*CVE-2006-2629 ignore (kernel) couldn't be reproduced on FC
*CVE-2006-2613 ignore (firefox) This isn't an issue on FC
CVE-2006-2607 backport (vixie-cron) vixie-cron-4.1-_48-security.patch
*CVE-2006-2575 patch (netpanzer, fixed 0.8-4) bz#192983
-*CVE-2006-2563 ignore (php) safe mode isn't safe
+CVE-2006-2563 ignore (php) safe mode isn't safe
*CVE-2006-2502 (cyrus-imapd)
*CVE-2006-2489 version (nagios, fixed 2.3.1)
*CVE-2006-2480 patch (dia, fixed 0.95-2) bz#192535
@@ -829,17 +829,17 @@
*CVE-2006-2120 version (libtiff, fixed 3.8.2 at least)
*CVE-2006-2093 version (nessus, fixed 2.2.7) bz#191053
CVE-2006-2083 version (rsync, fixed 2.6.8)
-*CVE-2006-2073 ignore (bind) http://www.kb.cert.org/vuls/id/MIMG-6P8GRP
+CVE-2006-2073 ignore (bind) http://www.kb.cert.org/vuls/id/MIMG-6P8GRP
*CVE-2006-2071 version (kernel, fixed 2.6.16.6)
*CVE-2006-2057 ignore (firefox) not Linux
*CVE-2006-2026 version (libtiff, fixed 3.8.1)
*CVE-2006-2025 version (libtiff, fixed 3.8.1)
*CVE-2006-2024 version (libtiff, fixed 3.8.1)
*CVE-2006-2017 version (dnsmasq, fixed 2.30)
-*CVE-2006-2016 version (phpldapadmin, fixed 0.9.8.1)
+CVE-2006-2016 version (phpldapadmin, fixed 0.9.8.1)
*CVE-2006-1993 version (firefox, fixed 1.5.0.3)
-*CVE-2006-1991 version (php)
-*CVE-2006-1990 version (php)
+CVE-2006-1991 version (php, fixed 5.1.3)
+CVE-2006-1990 version (php, fixed 5.1.3)
CVE-2006-1989 version (clamav, fixed 0.88.2)
*CVE-2006-1945 backport (awstats, fixed 6.5-4) bz#190922 awstats-6.5-CVE-2006-1945.patch
*CVE-2006-1942 version (firefox, fixed 1.5.0.4)
@@ -936,11 +936,11 @@
*CVE-2006-1624 ignore (sysklogd) Silly configuration is not a security issue
CVE-2006-1615 version (clamav, fixed 0.88.1) bz#188286
CVE-2006-1614 version (clamav, fixed 0.88.1) bz#188286
-*CVE-2006-1608 ignore (php) safe mode isn't safe
+CVE-2006-1608 ignore (php) safe mode isn't safe
*CVE-2006-1577 version (mantis, fixed 1.0.5) bz#191089
*CVE-2006-1566 ignore (libtunepimp, Debian-specific problem)
*CVE-2006-1550 version (dia, fixed 0.95) bz#187556
-*CVE-2006-1549 ignore (php) this is not a security issue
+CVE-2006-1549 ignore (php) this is not a security issue
*CVE-2006-1548 version (struts, fixed 1.2.9)
*CVE-2006-1547 version (struts, fixed 1.2.9)
*CVE-2006-1546 version (struts, fixed 1.2.9)
@@ -966,8 +966,8 @@
*CVE-2006-1517 version (mysql, fixed 5.0.21)
*CVE-2006-1516 version (mysql, fixed 5.0.21)
*CVE-2006-1498 version (mediawiki, fixed 1.5.8) bz#188122
-*CVE-2006-1494 version (php)
-*CVE-2006-1490 version (php, fixed 5.1.4)
+CVE-2006-1494 version (php, fixed 5.1.3)
+CVE-2006-1490 version (php, fixed 5.1.4)
*CVE-2006-1470 version (openldap, not 2.3.24 at least)
*CVE-2006-1390 ignore (nethack, Gentoo-specific problem) bz#187353
*CVE-2006-1370 (helixplayer)
@@ -1000,10 +1000,10 @@
*CVE-2006-1053 (fedora directory server)
*CVE-2006-1052 version (kernel, fixed 2.6.16)
*CVE-2006-1045 version (thunderbird, fixed 1.5.0.2)
-*CVE-2006-1015 ignore (php) safe mode isn't safe
-*CVE-2006-1014 ignore (php) safe mode isn't safe
-*CVE-2006-0996 version (php, fixed 5.1.4)
-*CVE-2006-0987 (bind)
+CVE-2006-1015 ignore (php) safe mode isn't safe
+CVE-2006-1014 ignore (php) safe mode isn't safe
+CVE-2006-0996 version (php, fixed 5.1.4)
+CVE-2006-0987 VULNERABLE (bind) example config file only
*CVE-2006-0903 version (mysql, 4.1.19)
*CVE-2006-0884 version (thunderbird, fixed 1.5.0.2)
CVE-2006-0883 version (openssh, fixed 3.8.1p1)
@@ -1091,20 +1091,20 @@
*CVE-2006-0254 version (tomcat5, fixed 5.5.16)
*CVE-2006-0236 ignore (thunderbird) windows only
CVE-2006-0225 version (openssh, fixed 4.3p2) #168167
-*CVE-2006-0208 version (php, fixed 5.1.2)
-*CVE-2006-0207 version (php, fixed 5.1.2)
-*CVE-2006-0200 version (php, fixed 5.1.2)
+CVE-2006-0208 version (php, fixed 5.1.2)
+CVE-2006-0207 version (php, fixed 5.1.2)
+CVE-2006-0200 version (php, fixed 5.1.2)
*CVE-2006-0197 ignore (xorg-x11) not an issue
*CVE-2006-0195 version (squirrelmail, fixed 1.4.6)
*CVE-2006-0188 version (squirrelmail, fixed 1.4.6)
CVE-2006-0162 version (clamav, fixed 0.88)
-*CVE-2006-0151 (sudo)
+CVE-2006-0151 ignore (sudo) only env_reset will properly clean the environment
*CVE-2006-0150 (auth_ldap)
-*CVE-2006-0144 version (php-pear, not 1.4.4)
+CVE-2006-0144 version (php-pear, not 1.4.4)
*CVE-2006-0126 version (rxvt-unicode, fixed 7.5)
*CVE-2006-0106 version (wine, fixed 0.9.10)
*CVE-2006-0105 (postgresql)
-*CVE-2006-0097 ignore (php) Windows only
+CVE-2006-0097 ignore (php) Windows only
*CVE-2006-0096 ignore (kernel) minor and requires root
*CVE-2006-0095 version (kernel, fixed 2.6.16)
*CVE-2006-0082 version (ImageMagick, not 6.2.5.4)
@@ -1153,8 +1153,8 @@
*CVE-2005-4352 version (kernel, fixed 2.6.18.3) [since FEDORA-2006-1471]
*CVE-2005-4348 version (fetchmail, fixed 6.3.1)
CVE-2005-4268 backport (cpio) cpio-2.6-writeOutHeaderBufferOverflow.patch
-*CVE-2005-4158 ignore (sudo) only env_reset will properly clean the environment
-*CVE-2005-4154 ignore (php) don't install untrusted pear packages
+CVE-2005-4158 ignore (sudo) only env_reset will properly clean the environment
+CVE-2005-4154 ignore (php) don't install untrusted pear packages
*CVE-2005-4153 version (mailman)
*CVE-2005-4134 ignore (firefox) http://www.mozilla.org/security/history-title.html
*CVE-2005-4130 (helixplayer)
@@ -1167,7 +1167,7 @@
*CVE-2005-3890 (pidgin)
*CVE-2005-3889 (pidgin)
*CVE-2005-3888 (pidgin)
-*CVE-2005-3883 version (php, fixed 5.1.1 at least)
+CVE-2005-3883 version (php, fixed 5.1.1 at least)
*CVE-2005-3858 version (kernel, fixed 2.6.13)
*CVE-2005-3857 version (kernel, fixed 2.6.15)
*CVE-2005-3848 version (kernel, fixed 2.6.13)
@@ -1195,23 +1195,23 @@
*CVE-2005-3629 version (initscripts, fixed 8.29 at least)
*CVE-2005-3628 version (poppler, fixed 0.4.4)
*CVE-2005-3628 version (kdegraphics, fixed 3.5.1)
-*CVE-2005-3628 version (cups, fixed 1.2.0)
+CVE-2005-3628 version (cups, fixed 1.2.0)
*CVE-2005-3628 backport (tetex) tetex-3.0-CVE-2005-3193.patch
*CVE-2005-3627 version (poppler, fixed 0.4.4)
*CVE-2005-3627 version (kdegraphics, fixed 3.5.1)
-*CVE-2005-3627 version (cups, fixed 1.2.0)
+CVE-2005-3627 version (cups, fixed 1.2.0)
*CVE-2005-3627 backport (tetex)
*CVE-2005-3626 version (poppler, fixed 0.4.4)
*CVE-2005-3626 version (kdegraphics, fixed 3.5.1)
-*CVE-2005-3626 version (cups, fixed 1.2.0)
+CVE-2005-3626 version (cups, fixed 1.2.0)
*CVE-2005-3626 backport (tetex)
*CVE-2005-3625 version (poppler, fixed 0.4.4)
*CVE-2005-3625 version (kdegraphics, fixed 3.5.1)
-*CVE-2005-3625 version (cups, fixed 1.2.0)
+CVE-2005-3625 version (cups, fixed 1.2.0)
*CVE-2005-3625 backport (tetex)
*CVE-2005-3624 version (poppler, fixed 0.4.4)
*CVE-2005-3624 version (kdegraphics, fixed 3.5.1)
-*CVE-2005-3624 version (cups, fixed 1.2.0)
+CVE-2005-3624 version (cups, fixed 1.2.0)
*CVE-2005-3624 backport (tetex)
*CVE-2005-3623 version (kernel, fixed 2.6.14.5)
CVE-2005-3591 ignore, no-ship (flash-plugin)
@@ -1220,22 +1220,22 @@
*CVE-2005-3527 version (kernel, fixed 2.6.14)
*CVE-2005-3510 (tomcat)
*CVE-2005-3402 ignore (thunderbird) mozilla say by design
-*CVE-2005-3392 version (php, not 5.0)
-*CVE-2005-3391 version (php, not 5.0)
-*CVE-2005-3390 version (php, fixed 5.1.0)
-*CVE-2005-3389 version (php, fixed 5.1.1)
-*CVE-2005-3388 version (php, fixed 5.1.1)
+CVE-2005-3392 version (php, not 5.0)
+CVE-2005-3391 version (php, not 5.0)
+CVE-2005-3390 version (php, fixed 5.1.0)
+CVE-2005-3389 version (php, fixed 5.1.1)
+CVE-2005-3388 version (php, fixed 5.1.1)
*CVE-2005-3359 version (kernel, fixed 2.6.14)
*CVE-2005-3358 version (kernel, fixed 2.6.11)
*CVE-2005-3357 version (httpd, fixed 2.2.1)
*CVE-2005-3356 version (kernel, fixed 2.6.16)
*CVE-2005-3354 (sylpheed)
-*CVE-2005-3353 version (php, not 5.0)
+CVE-2005-3353 version (php, not 5.0)
*CVE-2005-3352 version (httpd, fixed 2.2.1)
*CVE-2005-3351 version (spamassassin, fixed 3.1.0)
*CVE-2005-3350 (libungif)
CVE-2005-3322 version (squid) not upstream, SUSE only
-*CVE-2005-3319 ignore (mod_php) no security consequence
+CVE-2005-3319 ignore (mod_php) no security consequence
*CVE-2005-3313 version (wireshark, fixed after 0.10.13)
*CVE-2005-3276 version (kernel, fixed 2.6.12.4)
*CVE-2005-3275 version (kernel, fixed 2.6.13)
@@ -1257,15 +1257,15 @@
*CVE-2005-3241 version (wireshark, fixed 0.10.13)
*CVE-2005-3193 version (poppler, fixed 0.4.4)
*CVE-2005-3193 version (kdegraphics, fixed 3.5.1)
-*CVE-2005-3193 version (cups, fixed 1.2.0)
+CVE-2005-3193 version (cups, fixed 1.2.0)
*CVE-2005-3193 backport (tetex) tetex-3.0-CVE-2005-3193.patch
*CVE-2005-3192 version (poppler, fixed 0.4.4)
*CVE-2005-3192 version (kdegraphics, fixed 3.5.1)
-*CVE-2005-3192 version (cups, fixed 1.2.0)
+CVE-2005-3192 version (cups, fixed 1.2.0)
*CVE-2005-3192 backport (tetex) tetex-3.0-CVE-2005-3193.patch
*CVE-2005-3191 version (poppler, fixed 0.4.4)
*CVE-2005-3191 version (kdegraphics, fixed 3.5.1)
-*CVE-2005-3191 version (cups, fixed 1.2.0)
+CVE-2005-3191 version (cups, fixed 1.2.0)
*CVE-2005-3191 backport (tetex) tetex-3.0-CVE-2005-3193.patch
*CVE-2005-3186 version (gtk2, fixed 2.8.7 at least)
*CVE-2005-3185 version (wget, fixed 1.10.2 at least)
@@ -1287,7 +1287,7 @@
*CVE-2005-3089 version (firefox, fixed 1.0.7)
*CVE-2005-3088 ignore (fetchmail) fetchmailconf not shipped
*CVE-2005-3055 version (kernel, fixed 2.6.14)
-*CVE-2005-3054 ignore (php)
+CVE-2005-3054 ignore (php)
*CVE-2005-3053 version (kernel, fixed 2.6.12.5)
*CVE-2005-3044 version (kernel, fixed 2.6.13.2)
*CVE-2005-3011 backport (texinfo) texinfo-CAN-2005-3011.patch
@@ -1303,7 +1303,7 @@
*CVE-2005-2969 backport (openssl097a, fixed 0.9.7h)
*CVE-2005-2968 version (thunderbird)
*CVE-2005-2968 version (firefox)
-*CVE-2005-2959 ignore (sudo) not a vulnerability
+CVE-2005-2959 ignore (sudo) not a vulnerability
*CVE-2005-2958 (libgda)
*CVE-2005-2946 version (openssl, fixed 0.9.8)
*CVE-2005-2933 version (libc-client, fixed 2004g at least)
@@ -1311,7 +1311,7 @@
*CVE-2005-2922 (helixplayer)
CVE-2005-2917 version (squid, fixed 2.5.STABLE11)
*CVE-2005-2876 version (util-linux, fixed 2.13-pre3)
-*CVE-2005-2874 version (cups, fixed 1.1.23)
+CVE-2005-2874 version (cups, fixed 1.1.23)
*CVE-2005-2873 version (kernel, fixed 2.6.18-rc1)
*CVE-2005-2872 version (kernel, fixed 2.6.12)
*CVE-2005-2871 version (thunderbird)
@@ -1361,14 +1361,14 @@
*CVE-2005-2547 version (bluez-pin, fixed 2.19) not before 2.16
*CVE-2005-2541 ignore (tar) is documented behaviour
*CVE-2005-2500 version (kernel, fixed 2.6.13)
-*CVE-2005-2498 version (php, fixed xml_rpc:1.4.0)
+CVE-2005-2498 version (php, fixed xml_rpc:1.4.0)
*CVE-2005-2496 version (ntp, fixed 4.2.0b)
*CVE-2005-2495 version (xorg-x11-server, fixed 0.99.3 at least)
*CVE-2005-2494 version (kdebase, fixed after 3.4.2)
*CVE-2005-2492 version (kernel, fixed 2.6.13.1)
*CVE-2005-2491 version (pcre, fixed 6.2)
*CVE-2005-2491 ignore (python) fc6 python does not contain pcre
-*CVE-2005-2491 ignore (php) php uses system pcre
+CVE-2005-2491 ignore (php) php uses system pcre
*CVE-2005-2491 ignore (httpd) httpd uses system pcre
*CVE-2005-2490 version (kernel, fixed 2.6.13.1)
*CVE-2005-2475 backport (unzip) unzip-5.52-toctou.patch
@@ -1422,7 +1422,7 @@
*CVE-2005-2100 version (kernel, not 2.6) not upstream only RHEL4
*CVE-2005-2099 version (kernel, fixed 2.6.12.5)
*CVE-2005-2098 version (kernel, fixed 2.6.12.5)
-*CVE-2005-2097 version (cups)
+CVE-2005-2097 version (cups, fixed 1.2)
*CVE-2005-2096 version (rpm, fixed 4.4.2)
*CVE-2005-2096 backport (zlib, fixed 1.2.2.4)
*CVE-2005-2095 version (squirrelmail, fixed 1.4.5)
@@ -1431,17 +1431,17 @@
*CVE-2005-2069 version (nss_ldap, fixed pam_ldap:180)
*CVE-2005-2069 backport (openldap) openldap-2.2.13-tls-fix-connection-test.patch
*CVE-2005-2023 version (gnupg, only 1.9.14)
-*CVE-2005-1993 version (sudo, fixed 1.6.8p9)
+CVE-2005-1993 version (sudo, fixed 1.6.8p9)
*CVE-2005-1992 version (ruby, fixed 1.8.3 at least)
*CVE-2005-1937 version (firefox, fixed 1.0.5)
CVE-2005-1934 version (gaim, fixed gaim:1.5.0)
-*CVE-2005-1921 version (php, fixed xml_rpc:1.3.1)
+CVE-2005-1921 version (php, fixed xml_rpc:1.3.1)
*CVE-2005-1920 version (kdelibs, fixed 3.4.1)
*CVE-2005-1918 version (tar)
*CVE-2005-1913 version (kernel, fixed 2.6.12.2)
*CVE-2005-1852 version (kdenetwork, fixed 3.4.2)
*CVE-2005-1849 version (zlib, fixed 1.2.3)
-*CVE-2005-1831 ignore (sudo) unsubstantiated report
+CVE-2005-1831 ignore (sudo) unsubstantiated report
*CVE-2005-1769 version (squirrelmail, fixed 1.4.5)
*CVE-2005-1768 version (kernel, fixed 2.6.6)
*CVE-2005-1767 version (kernel, fixed 2.6.7)
@@ -1451,7 +1451,7 @@
*CVE-2005-1762 version (kernel, fixed 2.6.12)
*CVE-2005-1761 version (kernel, fixed 2.6.12.2)
*CVE-2005-1760 version (sysreport, fixed 1.4.1-3)
-*CVE-2005-1759 ignore (php) dead code path
+CVE-2005-1759 ignore (php) dead code path
*CVE-2005-1759 ignore (openldap) fixed shtool 2.0.2 flawed code path not used
*CVE-2005-1753 (tomcat)
*CVE-2005-1751 version (nmap, fixed 3.93 at least)
@@ -1463,11 +1463,11 @@
*CVE-2005-1705 backport (gdb) gdb-6.3-security-errata-20050610.patch
*CVE-2005-1704 version (binutils, fixed 2.16.91.0.3 at least)
*CVE-2005-1704 backport (gdb) gdb-6.3-security-errata-20050610.patch
-*CVE-2005-1689 version (krb5, fixed 1.4.2)
+CVE-2005-1689 version (krb5, fixed 1.4.2)
*CVE-2005-1686 ignore (gedit) not a vulnerability
*CVE-2005-1636 version (mysql, fixed 4.1.12)
*CVE-2005-1589 version (kernel, fixed 2.6.11.10)
-*CVE-2005-1571 version (php, fixed shtool 2.0.2)
+CVE-2005-1571 version (php, fixed shtool 2.0.2)
*CVE-2005-1544 version (libtiff, fixed 3.7.1 at least)
*CVE-2005-1532 version (thunderbird)
*CVE-2005-1532 version (firefox, fixed 1.0.4)
@@ -1518,8 +1518,8 @@
*CVE-2005-1228 backport (gzip) changelog
*CVE-2005-1194 backport (nasm) changelog
*CVE-2005-1184 ignore (kernel) expected to not be an issue
-*CVE-2005-1175 version (krb5, fixed 1.4.2)
-*CVE-2005-1174 version (krb5, fixed 1.4.2)
+CVE-2005-1175 version (krb5, fixed 1.4.2)
+CVE-2005-1174 version (krb5, fixed 1.4.2)
*CVE-2005-1160 version (thunderbird)
*CVE-2005-1160 version (firefox)
*CVE-2005-1159 version (thunderbird)
@@ -1534,8 +1534,8 @@
*CVE-2005-1065 version (tetex) not upstream version
*CVE-2005-1061 version (logwatch, fixed 4.3.2 at least)
*CVE-2005-1046 version (kdelibs, fixed after 3.4.0)
-*CVE-2005-1043 version (php, fixed 4.3.11)
-*CVE-2005-1042 version (php, fixed 4.3.11)
+CVE-2005-1043 version (php, fixed 4.3.11)
+CVE-2005-1042 version (php, fixed 4.3.11)
*CVE-2005-1041 version (kernel, fixed 2.6.12)
*CVE-2005-1039 ignore (coreutils) not fixed upstream, not a real issue
CVE-2005-1038 backport (vixie-cron) vixie-cron-4.1-CAN-2005-1038-fix-race.patch
@@ -1593,7 +1593,7 @@
*CVE-2005-0611 (helixplayer)
*CVE-2005-0605 version (libXpm, fixed 3.5.4 at least)
*CVE-2005-0602 ignore (unzip, fixed 5.52) this is really expected behaviour
-*CVE-2005-0596 version (php, fixed 5.0)
+CVE-2005-0596 version (php, fixed 5.0)
*CVE-2005-0593 version (firefox)
*CVE-2005-0592 version (firefox)
*CVE-2005-0591 version (firefox, fixed 1.0.1)
@@ -1614,20 +1614,20 @@
*CVE-2005-0530 version (kernel, fixed 2.6.11)
*CVE-2005-0529 version (kernel, fixed 2.6.11)
*CVE-2005-0527 version (firefox, fixed 1.0.1)
-*CVE-2005-0525 version (php, fixed 5.0.4)
-*CVE-2005-0524 version (php, fixed 5.0.4)
+CVE-2005-0525 version (php, fixed 5.0.4)
+CVE-2005-0524 version (php, fixed 5.0.4)
*CVE-2005-0509 version (mono, not after 1.0.5)
*CVE-2005-0504 version (kernel, not 2.6) doesn't build in 2.6
*CVE-2005-0490 version (curl, fixed 7.13.1)
*CVE-2005-0489 version (kernel, not 2.6)
*CVE-2005-0488 backport (telnet)
-*CVE-2005-0488 backport (krb5) krb5-1.4.1-telnet-environ.patch
+CVE-2005-0488 backport (krb5) krb5-1.4.1-telnet-environ.patch
CVE-2005-0473 version (gaim, fixed gaim:1.5.0)
CVE-2005-0472 version (gaim, fixed gaim:1.5.0)
*CVE-2005-0470 version (wpa_supplicant, fixed 0.2.7)
-*CVE-2005-0469 version (krb5, fixed 1.4.1)
+CVE-2005-0469 version (krb5, fixed 1.4.1)
*CVE-2005-0469 backport (telnet) telnet-0.17-CAN-2005-468_469.patch
-*CVE-2005-0468 version (krb5, fixed 1.4.1)
+CVE-2005-0468 version (krb5, fixed 1.4.1)
*CVE-2005-0468 backport (telnet) telnet-0.17-CAN-2005-468_469.patch
*CVE-2005-0455 (helixplayer)
*CVE-2005-0452 (perl)
@@ -1728,10 +1728,10 @@
*CVE-2005-0069 version (vim, fixed 7.0 at least)
*CVE-2005-0064 version (tetex, fixed 3.0)
*CVE-2005-0064 version (kdegraphics, not 3.4)
-*CVE-2005-0064 version (cups, fixed 1.2.2)
+CVE-2005-0064 version (cups, fixed 1.2.2)
*CVE-2005-0039 ignore (kernel) not a vulnerability: don't do this says the rfc
-*CVE-2005-0034 version (bind, fixed after 9.3.0)
-*CVE-2005-0033 version (bind, not 9)
+CVE-2005-0034 version (bind, fixed after 9.3.0)
+CVE-2005-0033 version (bind, not 9)
*CVE-2005-0023 ignore (libvte) not a security risk
*CVE-2005-0022 (exim)
*CVE-2005-0014 version (ncpfs, fixed 2.2.6)
@@ -1770,7 +1770,7 @@
*CVE-2004-2228 version (firefox, fixed 1.0)
*CVE-2004-2227 version (firefox, fixed 1.0)
*CVE-2004-2225 version (firefox, fixed 0.10.1)
-*CVE-2004-2154 version (cups, fixed 1.2.21rc1)
+CVE-2004-2154 version (cups, fixed 1.1.21rc1)
*CVE-2004-2149 version (mysql, fixed 4.1.5)
*CVE-2004-2136 ignore (dm-crypt) design
*CVE-2004-2135 ignore (kernel) design
@@ -1784,7 +1784,7 @@
*CVE-2004-1773 version (sharutils, not 4.6)
*CVE-2004-1772 version (sharutils, not 4.6)
*CVE-2004-1761 version (wireshark, fixed 0.10.3)
-*CVE-2004-1689 version (sudo, fixed 1.6.8p1)
+CVE-2004-1689 version (sudo, fixed 1.6.8p1)
CVE-2004-1653 ignore (openssh)
*CVE-2004-1639 version (firefox)
*CVE-2004-1617 ignore (lynx) not able to verify flaw
@@ -1798,7 +1798,7 @@
*CVE-2004-1450 version (firefox)
*CVE-2004-1449 version (thunderbird)
*CVE-2004-1449 version (firefox)
-*CVE-2004-1392 version (php, fixed 5.0.4)
+CVE-2004-1392 version (php, fixed 5.0.4)
*CVE-2004-1382 version (glibc, not 2.3.5)
*CVE-2004-1381 version (firefox)
*CVE-2004-1380 version (firefox)
@@ -1812,12 +1812,12 @@
*CVE-2004-1308 version (libtiff, fixed 3.7.1 at least)
*CVE-2004-1307 version (libtiff, was already fixed with 0886)
*CVE-2004-1304 version (file, fixed 4.12)
-*CVE-2004-1296 backport (groff) from srpm
+CVE-2004-1296 backport (groff) patch groff-1.18.1.1-tempfile.patch
*CVE-2004-1287 backport (nasm) changelog
-*CVE-2004-1270 version (cups, fixed 1.1.23)
-*CVE-2004-1269 version (cups, fixed 1.1.23)
-*CVE-2004-1268 version (cups, fixed 1.1.23)
-*CVE-2004-1267 version (cups, fixed 1.1.23)
+CVE-2004-1270 version (cups, fixed 1.1.23)
+CVE-2004-1269 version (cups, fixed 1.1.23)
+CVE-2004-1268 version (cups, fixed 1.1.23)
+CVE-2004-1267 version (cups, fixed 1.1.23)
*CVE-2004-1237 version (kernel, not 2.6) not upstream
*CVE-2004-1235 version (kernel, fixed 2.6.11)
*CVE-2004-1234 version (kernel, not 2.6)
@@ -1825,7 +1825,7 @@
*CVE-2004-1200 ignore (firefox, mozilla) not a security issue
*CVE-2004-1191 version (kernel, fixed 2.6.9)
*CVE-2004-1190 version (kernel, fixed 2.6.10)
-*CVE-2004-1189 version (krb5, fixed 1.4)
+CVE-2004-1189 version (krb5, fixed 1.4)
*CVE-2004-1186 backport (enscript) enscript-1.6.1-CAN-2004-1186.patch
*CVE-2004-1185 backport (enscript) enscript-1.6.1-CAN-2004-1185.patch
*CVE-2004-1184 version (enscript, fixed 1.6.4 at least)
@@ -1867,20 +1867,20 @@
*CVE-2004-1070 version (kernel, fixed 2.6.10)
*CVE-2004-1069 version (kernel, fixed 2.6.10)
*CVE-2004-1068 version (kernel, fixed 2.6.10)
-*CVE-2004-1065 version (php, fixed after 5.0.2)
-*CVE-2004-1064 version (php, fixed after 5.0.2)
-*CVE-2004-1063 version (php, fixed after 5.0.2)
+CVE-2004-1065 version (php, fixed after 5.0.2)
+CVE-2004-1064 version (php, fixed after 5.0.2)
+CVE-2004-1063 version (php, fixed after 5.0.2)
*CVE-2004-1060 version (kernel) all verifies sequence number
*CVE-2004-1058 version (kernel, fixed 2.6.9)
*CVE-2004-1057 version (kernel, fixed 2.6.10)
*CVE-2004-1056 version (kernel, fixed 2.6.10)
-*CVE-2004-1051 version (sudo, fixed 1.6.8p2)
+CVE-2004-1051 version (sudo, fixed 1.6.8p2)
*CVE-2004-1036 version (squirrelmail, fixed 1.4.4)
*CVE-2004-1026 patch (imlib, fixed 1.9.15-2) #235416
*CVE-2004-1025 patch (imlib, fixed 1.9.15-2) #235416
-*CVE-2004-1020 version (php, fixed after 5.0.2)
-*CVE-2004-1019 version (php, fixed after 5.0.2)
-*CVE-2004-1018 version (php, fixed after 5.0.2)
+CVE-2004-1020 version (php, fixed after 5.0.2)
+CVE-2004-1019 version (php, fixed after 5.0.2)
+CVE-2004-1018 version (php, fixed after 5.0.2)
*CVE-2004-1017 version (kernel, fixed 2.6.10)
*CVE-2004-1016 version (kernel, fixed 2.6.10)
*CVE-2004-1014 version (nfs-utils, fixed 1.0.7)
@@ -1902,16 +1902,16 @@
*CVE-2004-0975 backport (openssl097a, fixed 0.9.7f)
*CVE-2004-0974 version (netatalk, fixed 2.0.1)
*CVE-2004-0972 version (lvm2, fixed 2.2.01.8 at least)
-*CVE-2004-0971 backport (krb5) krb5-1.3.4-send-pr-tempfile.patch
+CVE-2004-0971 backport (krb5) krb5-1.3.4-send-pr-tempfile.patch
*CVE-2004-0970 version (gzip)
-*CVE-2004-0969 version (groff, fixed 1.18.1.1)
+CVE-2004-0969 version (groff, fixed 1.18.1.1)
*CVE-2004-0968 version (glibc, fixed 2.3.5 at least)
*CVE-2004-0967 version (ghostscript, fixed 8.15.1)
*CVE-2004-0966 version (gettext, fixed 0.14.3 at least)
*CVE-2004-0961 version (freeradius, fixed 1.0.1)
*CVE-2004-0960 version (freeradius, fixed 1.0.1)
-*CVE-2004-0959 version (php, fixed 4.3.9)
-*CVE-2004-0958 version (php, fixed 4.3.9)
+CVE-2004-0959 version (php, fixed 4.3.9)
+CVE-2004-0958 version (php, fixed 4.3.9)
*CVE-2004-0957 version (mysql, fixed 4.0.21)
*CVE-2004-0956 version (mysql, fixed 4.0.20)
*CVE-2004-0946 version (nfs-utils, fixed 1.0.6-r6)
@@ -1921,7 +1921,7 @@
*CVE-2004-0938 version (freeradius, fixed 1.0.1)
*CVE-2004-0930 version (samba, fixed 3.0.8)
*CVE-2004-0929 version (libtiff, fixed 3.7.0)
-*CVE-2004-0923 version (cups, fixed 1.2.22)
+CVE-2004-0923 version (cups, fixed 1.1.22)
CVE-2004-0918 version (squid, fixed 2.4.STABLE7)
*CVE-2004-0914 version (xorg-x11, fixed after 6.8.1)
*CVE-2004-0909 version (thunderbird)
@@ -1933,7 +1933,7 @@
CVE-2004-0891 version (gaim, fixed gaim:1.0.2)
*CVE-2004-0888 version (tetex, fixed 3.0)
*CVE-2004-0888 version (kdegraphics, not 3.4)
-*CVE-2004-0888 version (cups)
+*CVE-2004-0888 version (cups, fixed 1.2)
*CVE-2004-0887 version (kernel, fixed 2.6.10)
*CVE-2004-0886 version (libtiff, fixed 3.7.1 at least)
*CVE-2004-0886 version (kdegraphics, fixed by Update on 20041109)
@@ -1982,7 +1982,7 @@
*CVE-2004-0779 version (thunderbird)
*CVE-2004-0779 version (firefox)
*CVE-2004-0778 version (cvs, fixed 1.11.17)
-*CVE-2004-0772 version (krb5, fixed after 1.2.8)
+CVE-2004-0772 version (krb5, fixed after 1.2.8)
*CVE-2004-0768 version (libpng, fixed 1.2.6)
*CVE-2004-0755 version (ruby, fixed 1.8.1)
CVE-2004-0754 version (gaim, fixed gaim:0.82.1)
@@ -2006,9 +2006,9 @@
*CVE-2004-0658 ignore (kernel) not a security issue
*CVE-2004-0648 version (thunderbird)
*CVE-2004-0648 version (firefox)
-*CVE-2004-0644 version (krb5, fixed after 1.3.4)
-*CVE-2004-0643 version (krb5, fixed after 1.3.1)
-*CVE-2004-0642 version (krb5, fixed after 1.3.4)
+CVE-2004-0644 version (krb5, fixed after 1.3.4)
+CVE-2004-0643 version (krb5, fixed after 1.3.1)
+CVE-2004-0642 version (krb5, fixed after 1.3.4)
*CVE-2004-0639 version (squirrelmail, fixed after 1.2.10)
*CVE-2004-0635 version (wireshark, fixed 0.10.5)
*CVE-2004-0634 version (wireshark, fixed 0.10.5)
@@ -2023,11 +2023,11 @@
*CVE-2004-0599 version (libpng, fixed 1.2.6)
*CVE-2004-0598 version (libpng, fixed 1.2.6)
*CVE-2004-0597 version (libpng, fixed 1.2.6)
-*CVE-2004-0595 version (php, fixed 4.3.8)
-*CVE-2004-0594 version (php, fixed 4.3.8)
+CVE-2004-0595 version (php, fixed 4.3.8)
+CVE-2004-0594 version (php, fixed 4.3.8)
*CVE-2004-0592 version (kernel) not upstream flaw
*CVE-2004-0587 version (kernel) not upstream flaw
-*CVE-2004-0558 version (cups, fixed 1.1.21)
+CVE-2004-0558 version (cups, fixed 1.1.21)
*CVE-2004-0557 version (sox, fixed after 12.17.4)
*CVE-2004-0554 version (kernel, fixed 2.6.7)
*CVE-2004-0550 (helixplayer)
@@ -2036,7 +2036,7 @@
CVE-2004-0541 version (squid, fixed 2.5.STABLE6)
*CVE-2004-0535 version (kernel, fixed 2.6.6)
*CVE-2004-0527 version (konqueror, not 3+)
-*CVE-2004-0523 version (krb5, fixed 1.3.4)
+CVE-2004-0523 version (krb5, fixed 1.3.4)
*CVE-2004-0521 version (squirrelmail, fixed 1.4.3a)
*CVE-2004-0520 version (squirrelmail, fixed 1.4.3a)
*CVE-2004-0519 version (squirrelmail, fixed 1.4.3a)
@@ -2071,7 +2071,7 @@
*CVE-2004-0413 version (subversion, fixed 1.0.5)
*CVE-2004-0412 version (mailman, fixed 2.1.5)
*CVE-2004-0411 version (kdelibs, fixed 3.3)
-*CVE-2004-0409 version (xchat, fixed 2.0.9)
+CVE-2004-0409 version (xchat, fixed 2.0.9)
*CVE-2004-0405 version (cvs, fixed 1.11)
*CVE-2004-0403 version (racoon, fixed ipsec-tools-0.6.5 at least)
*CVE-2004-0398 version (neon, fixed 0.24.6)
@@ -2084,7 +2084,7 @@
*CVE-2004-0381 version (mysql, fixed 4.1.11 at least)
*CVE-2004-0367 version (wireshark, fixed 0.10.3)
*CVE-2004-0365 version (wireshark, fixed 0.10.3)
-*CVE-2004-0263 version (php, fixed 4.3.5)
+CVE-2004-0263 version (php, fixed 4.3.5)
*CVE-2004-0256 version (libtool, fixed 1.5.2)
*CVE-2004-0233 version (libutempter, fixed 0.5.5)
*CVE-2004-0232 version (mc, fixed 4.6.0)
@@ -2107,7 +2107,7 @@
*CVE-2004-0177 version (kernel, fixed 2.6.6)
*CVE-2004-0176 version (wireshark, fixed 0.10.3)
CVE-2004-0175 version (openssh, fixed 3.4p1)
-*CVE-2004-0175 backport (krb5) krb5-1.3.3-rcp-markus.patch
+CVE-2004-0175 backport (krb5) krb5-1.3.3-rcp-markus.patch
*CVE-2004-0174 version (httpd, not 2.2)
*CVE-2004-0173 version (httpd, not 2.2)
*CVE-2004-0164 version (racoon)
@@ -2124,7 +2124,7 @@
*CVE-2004-0108 version (sysstat)
*CVE-2004-0107 version (sysstat, fixed after 4.0.7)
*CVE-2004-0106 version (XFree86)
-*CVE-2004-0098 version (php)
+CVE-2004-0098 ignore (php) no security implications
*CVE-2004-0097 version (pwlib, fixed 1.6.0)
*CVE-2004-0096 version (mod_python, fixed after 2.7.9)
*CVE-2004-0094 version (XFree86, fixed 4.3.0)
@@ -2151,9 +2151,9 @@
*CVE-2004-0003 version (kernel, not 2.6)
*CVE-2004-0001 version (kernel, not 2.6)
CVE-2003-1329 ignore, no-ship (wu-ftpd)
-*CVE-2003-1307 ignore (mod_php) not a vulnerability
-*CVE-2003-1303 version (php, fixed 4.3.3)
-*CVE-2003-1302 version (php, fixed 4.3.1)
+CVE-2003-1307 ignore (mod_php) not a vulnerability
+CVE-2003-1303 version (php, fixed 4.3.3)
+CVE-2003-1302 version (php, fixed 4.3.1)
*CVE-2003-1295 (xscreensaver)
*CVE-2003-1294 (xscreensaver)
*CVE-2003-1265 VULNERABLE (thunderbird) https://bugzilla.mozilla.org/show_bug.cgi?id=198442
@@ -2196,14 +2196,14 @@
*CVE-2003-0926 version (wireshark, fixed 0.9.16)
*CVE-2003-0925 version (wireshark, fixed 0.9.16)
*CVE-2003-0924 version (netpbm, fixed 9.26)
-*CVE-2003-0914 version (bind, not 9)
+CVE-2003-0914 version (bind, not 9)
*CVE-2003-0901 version (postgresql, not 8)
*CVE-2003-0900 version (perl, only 5.8.1)
*CVE-2003-0885 (xscreensaver)
*CVE-2003-0865 version (tomcat, fixed after 4.0.3)
-*CVE-2003-0863 ignore (php) http://lists.nyphp.org/pipermail/talk/2003-November/006392.html
-*CVE-2003-0861 version (php, fixed 4.3.3)
-*CVE-2003-0860 version (php, fixed 4.3.3)
+CVE-2003-0863 ignore (php) http://lists.nyphp.org/pipermail/talk/2003-November/006392.html
+CVE-2003-0861 version (php, fixed 4.3.3)
+CVE-2003-0860 version (php, fixed 4.3.3)
*CVE-2003-0859 version (glibc, checked fc5 source)
*CVE-2003-0858 version (quagga, fixed 0.95)
*CVE-2003-0856 version (iproute)
@@ -2216,7 +2216,7 @@
*CVE-2003-0793 version (gdm, fixed 2.4.1.7)
*CVE-2003-0792 version (fetchmail, 6.2.4 only)
*CVE-2003-0789 version (httpd, not 2.2)
-*CVE-2003-0788 version (cups, fixed 1.1.19)
+CVE-2003-0788 version (cups, fixed 1.1.19)
CVE-2003-0787 version (openssh, fixed 3.7.1p2)
CVE-2003-0786 version (openssh, fixed 3.7.1p2)
*CVE-2003-0780 version (mysql, not 4.1)
@@ -2275,7 +2275,7 @@
*CVE-2003-0461 version (kernel, fixed 2.6.1)
*CVE-2003-0459 version (kdelibs, not 3.2)
*CVE-2003-0455 version (ImageMagick)
-*CVE-2003-0442 version (php, fixed 4.3.2)
+CVE-2003-0442 version (php, fixed 4.3.2)
*CVE-2003-0432 version (wireshark, fixed after 0.9.12)
*CVE-2003-0431 version (wireshark, fixed after 0.9.12)
*CVE-2003-0430 version (wireshark, fixed after 0.9.12)
@@ -2301,7 +2301,7 @@
*CVE-2003-0253 version (httpd, not 2.2)
*CVE-2003-0252 version (nfs-utils, fixed 1.0.4)
*CVE-2003-0251 version (ypserv, fixed 2.7)
-*CVE-2003-0249 ignore (php) see CVE
+CVE-2003-0249 ignore (php) see CVE
*CVE-2003-0248 version (kernel, not 2.6)
*CVE-2003-0247 version (kernel, not 2.6)
*CVE-2003-0246 version (kernel, not 2.6)
@@ -2312,7 +2312,7 @@
*CVE-2003-0204 version (kde, fixed after 3.1.1)
*CVE-2003-0201 version (samba, fixed 2.2.8a)
*CVE-2003-0196 version (samba, fixed 2.2.8a)
-*CVE-2003-0195 version (cups, fixed 1.1.19)
+CVE-2003-0195 version (cups, fixed 1.1.19)
*CVE-2003-0194 version (tcpdump, not upstream)
*CVE-2003-0192 version (httpd, not 2.2)
CVE-2003-0190 version (openssh, fixed after 3.6.1p1)
@@ -2320,7 +2320,7 @@
*CVE-2003-0188 version (lv, fixed 4.51 at least)
*CVE-2003-0187 version (kernel, not 2.6)
*CVE-2003-0167 version (mutt, fixed 1.4.1)
-*CVE-2003-0166 version (php, fixed 4.3.2)
+CVE-2003-0166 version (php, fixed 4.3.2)
*CVE-2003-0165 version (eog, fixed 2.2.2)
*CVE-2003-0161 version (sendmail, fixed 8.12.9)
*CVE-2003-0160 version (squirrelmail, fixed 1.2.11)
@@ -2331,8 +2331,8 @@
*CVE-2003-0146 version (netpbm, fixed 10.18)
*CVE-2003-0145 version (tcpdump, fixed 3.7.2)
*CVE-2003-0140 version (mutt, fixed 1.4.1)
-*CVE-2003-0139 version (krb5, fixed 1.3)
-*CVE-2003-0138 version (krb5, fixed 1.3)
+CVE-2003-0139 version (krb5, fixed 1.3)
+CVE-2003-0138 version (krb5, fixed 1.3)
*CVE-2003-0135 version (vsftpd, not upstream)
*CVE-2003-0133 version (evolution, fixed 1.2.4)
*CVE-2003-0132 version (httpd, not 2.2)
@@ -2346,28 +2346,28 @@
*CVE-2003-0108 version (tcpdump, fixed after 3.7.1)
*CVE-2003-0107 version (zlib, fixed 1.2.0.2 at least)
*CVE-2003-0102 version (file, fixed 3.41)
-*CVE-2003-0097 version (php, fixed 4.3.1)
+CVE-2003-0097 version (php, fixed 4.3.1)
*CVE-2003-0093 version (tcpdump, fixed 3.7.2)
*CVE-2003-0086 version (samba, fixed 2.2.8)
*CVE-2003-0085 version (samba, fixed 2.2.8)
*CVE-2003-0083 version (httpd, not 2.2)
-*CVE-2003-0082 version (krb5, fixed after 1.2.7)
+CVE-2003-0082 version (krb5, fixed after 1.2.7)
*CVE-2003-0081 version (wireshark, fixed after 0.9.9)
*CVE-2003-0078 version (openssl, not 0.9.8)
*CVE-2003-0078 version (openssl097a, fixed 0.9.7a)
*CVE-2003-0073 version (mysql, fixed 3.23.55)
-*CVE-2003-0072 version (krb5, fixed after 1.2.7)
+CVE-2003-0072 version (krb5, fixed after 1.2.7)
*CVE-2003-0071 version (xorg-x11, fixed in 6.8.2 at least)
*CVE-2003-0070 version (vte, fixed 0.11.1 at least)
*CVE-2003-0063 version (xorg-x11, fixed in 4.2.99 at least)
-*CVE-2003-0060 version (krb5, fixed 1.2.5)
-*CVE-2003-0059 version (krb5, fixed 1.2.5)
-*CVE-2003-0058 version (krb5, fixed 1.2.5)
+CVE-2003-0060 version (krb5, fixed 1.2.5)
+CVE-2003-0059 version (krb5, fixed 1.2.5)
+CVE-2003-0058 version (krb5, fixed 1.2.5)
*CVE-2003-0044 version (tomcat, fixed after 3.3.1a)
*CVE-2003-0043 version (tomcat, fixed 3.3.1a)
-*CVE-2003-0041 version (krb5, fixed after 1.2.7)
+CVE-2003-0041 version (krb5, fixed after 1.2.7)
*CVE-2003-0038 version (mailman, fixed 2.0.13 at least)
-*CVE-2003-0028 version (krb5, fixed after 1.2.7)
+CVE-2003-0028 version (krb5, fixed after 1.2.7)
*CVE-2003-0028 version (glibc, fixed after 2.3.1)
*CVE-2003-0026 version (dhcp, fixed 3.0.1)
*CVE-2003-0020 version (httpd, not 2.2)
@@ -2377,9 +2377,9 @@
*CVE-2003-0016 version (httpd, not 2.2)
*CVE-2003-0015 version (cvs, fixed 1.11.5)
*CVE-2003-0001 version (kernel, not 2.6)
-*CVE-2002-2215 version (php, fixed 4.3.0)
-*CVE-2002-2214 version (php, fixed 4.2.2)
-*CVE-2002-2211 ignore (bind) see http://www.kb.cert.org/vuls/id/457875
+CVE-2002-2215 version (php, fixed 4.3.0)
+CVE-2002-2214 version (php, fixed 4.2.2)
+CVE-2002-2211 ignore (bind) see http://www.kb.cert.org/vuls/id/457875
*CVE-2002-2210 ignore (openoffice) binary install only (not rpm install)
*CVE-2002-2204 ignore (rpm) by design
*CVE-2002-2196 version (samba, fixed 2.2.5)
@@ -2399,7 +2399,7 @@
*CVE-2002-1827 version (sendmail, fixed after 8.12.3)
*CVE-2002-1814 ignore (libbonobo) not shipped setuid
*CVE-2002-1793 version (mod_ssl) not upstream, only hp
-*CVE-2002-1783 version (php, fixed after 4.2.3)
+CVE-2002-1783 version (php, fixed after 4.2.3)
*CVE-2002-1765 version (evolution, fixed 1.0.5)
*CVE-2002-1658 ignore (httpd) not a vulnerability
*CVE-2002-1657 ignore (postgresql) upstream disagree
@@ -2433,13 +2433,13 @@
*CVE-2002-1399 version (postgresql, fixed 7.2.3)
*CVE-2002-1398 version (postgresql, fixed 7.2.2)
*CVE-2002-1397 version (postgresql, fixed 7.2.3)
-*CVE-2002-1396 version (php, fixed 4.3.0)
+CVE-2002-1396 version (php, fixed 4.3.0)
*CVE-2002-1394 version (tomcat, fixed 4.0.6)
*CVE-2002-1393 version (kde, fixed 3.0.5a)
*CVE-2002-1392 version (mgetty, fixed 1.1.29)
*CVE-2002-1391 version (mgetty, fixed 1.1.29)
-*CVE-2002-1384 version (cups, fixed 1.1.18)
-*CVE-2002-1383 version (cups, fixed 1.1.18)
+CVE-2002-1384 version (cups, fixed 1.1.18)
+CVE-2002-1383 version (cups, fixed 1.1.18)
*CVE-2002-1380 version (kernel, not 2.6)
*CVE-2002-1379 version (openldap, not 2.3.24+)
*CVE-2002-1378 version (openldap, not 2.3.24+)
@@ -2448,12 +2448,12 @@
*CVE-2002-1375 version (mysql, fixed 4.0.6)
*CVE-2002-1374 version (mysql, fixed 4.0.6)
*CVE-2002-1373 version (mysql, fixed 3.23.54)
-*CVE-2002-1372 version (cups, fixed 1.1.18)
-*CVE-2002-1371 version (cups, fixed 1.1.18)
-*CVE-2002-1369 version (cups, fixed 1.1.18)
-*CVE-2002-1368 version (cups, fixed 1.1.18)
-*CVE-2002-1367 version (cups, fixed 1.1.18)
-*CVE-2002-1366 version (cups, fixed 1.1.18)
+CVE-2002-1372 version (cups, fixed 1.1.18)
+CVE-2002-1371 version (cups, fixed 1.1.18)
+CVE-2002-1369 version (cups, fixed 1.1.18)
+CVE-2002-1368 version (cups, fixed 1.1.18)
+CVE-2002-1367 version (cups, fixed 1.1.18)
+CVE-2002-1366 version (cups, fixed 1.1.18)
*CVE-2002-1365 version (fetchmail, fixed 6.2.0)
*CVE-2002-1363 version (libpng, fixed 1.2.6)
*CVE-2002-1356 version (wireshark, fixed after 0.9.7)
@@ -2474,15 +2474,15 @@
*CVE-2002-1281 version (kde, fixed 3.0.5)
*CVE-2002-1276 version (squirrelmail, fixed 1.4.2)
*CVE-2002-1247 version (kdenetwork, fixed 3.0.5)
-*CVE-2002-1235 version (krb5, fixed after 1.2.6)
+CVE-2002-1235 version (krb5, fixed after 1.2.6)
*CVE-2002-1233 ignore (httpd) Debian regression
*CVE-2002-1232 version (ypserv, fixed 2.5)
*CVE-2002-1227 version (pam, only 0.76)
*CVE-2002-1224 version (kde, fixed 3.0.4)
*CVE-2002-1223 version (kdegraphics, fixed 3.0.4)
-*CVE-2002-1221 version (bind, not 9)
-*CVE-2002-1220 version (bind, not 9)
-*CVE-2002-1219 version (bind, not 9)
+CVE-2002-1221 version (bind, not 9)
+CVE-2002-1220 version (bind, not 9)
+CVE-2002-1219 version (bind, not 9)
*CVE-2002-1217 version (tar, fixed 1.13.25)
*CVE-2002-1175 version (fetchmail, fixed 6.2.0)
*CVE-2002-1174 version (fetchmail, fixed 6.2.0)
@@ -2495,12 +2495,12 @@
*CVE-2002-1151 version (kdenetwork, fixed 3.0.3a)
*CVE-2002-1148 version (tomcat, fixed 4.0.5)
*CVE-2002-1146 version (glibc, fixed 2.2.6)
-*CVE-2002-1146 version (bind, not 8.3+)
+CVE-2002-1146 version (bind, not 8.3+)
*CVE-2002-1131 version (squirrelmail, fixed 1.2.8)
*CVE-2002-1119 version (python, fixed 2.2.2)
CVE-2002-0989 version (gaim, fixed gaim:0.59.1)
-*CVE-2002-0986 version (php, fixed 4.2.3)
-*CVE-2002-0985 version (php, fixed 4.2.3)
+CVE-2002-0986 version (php, fixed 4.2.3)
+CVE-2002-0985 version (php, fixed 4.2.3)
*CVE-2002-0972 version (postgresql, fixed 7.2.2)
*CVE-2002-0970 version (kdenetwork, fixed 3.0.3)
*CVE-2002-0935 version (tomcat, fixed 4.1.3)
@@ -2524,7 +2524,7 @@
*CVE-2002-0760 version (bzip2, fixed 1.0.2)
*CVE-2002-0759 version (bzip2, fixed 1.0.2)
*CVE-2002-0728 version (libpng, fixed 1.2.4)
-*CVE-2002-0717 version (php, fixed 4.2.2)
+CVE-2002-0717 version (php, fixed 4.2.2)
CVE-2002-0715 version (squid, fixed 2.4.STABLE6)
CVE-2002-0714 version (squid, fixed 2.4.STABLE6)
CVE-2002-0713 version (squid, fixed 2.4.STABLE6)
@@ -2543,7 +2543,7 @@
*CVE-2002-0655 version (openssl, not 0.9.8)
*CVE-2002-0655 version (openssl097a, not 0.9.7)
*CVE-2002-0653 version (mod_ssl, not httpd 2.2)
-*CVE-2002-0651 version (bind, not 9)
+CVE-2002-0651 version (bind, not 9)
CVE-2002-0640 version (openssh, fixed after 3.3)
CVE-2002-0639 version (openssh, fixed after 3.3)
*CVE-2002-0638 version (util-linux, fixed 2.13 at least)
@@ -2562,15 +2562,15 @@
*CVE-2002-0403 version (wireshark, fixed ethereal 0.9.3)
*CVE-2002-0402 version (wireshark, fixed ethereal 0.9.3)
*CVE-2002-0401 version (wireshark, fixed ethereal 0.9.3)
-*CVE-2002-0400 version (bind, fixed 9.2.1)
+CVE-2002-0400 version (bind, fixed 9.2.1)
*CVE-2002-0399 version (tar, fixed 1.13.26)
*CVE-2002-0392 version (httpd, not 2.2)
-*CVE-2002-0391 version (krb5, fixed after 1.2.5)
+CVE-2002-0391 version (krb5, fixed after 1.2.5)
*CVE-2002-0391 version (glibc, fixed after 2.2.5)
*CVE-2002-0389 ignore (mailman) upstream say not a vulnerability
*CVE-2002-0388 version (mailman, fixed 2.0.11)
CVE-2002-0384 version (gaim, fixed gaim:0.58)
-*CVE-2002-0382 version (xchat, fixed 1.9.1)
+CVE-2002-0382 version (xchat, fixed 1.9.1)
*CVE-2002-0380 version (tcpdump, fixed 3.7.2 at least)
*CVE-2002-0379 version (imap, vuln code removed imap-2002)
CVE-2002-0377 version (gaim, fixed gaim:0.58)
@@ -2579,12 +2579,12 @@
*CVE-2002-0353 version (wireshark, fixed ethereal 0.9.3)
*CVE-2002-0342 version (kde, not 2.2+)
*CVE-2002-0318 version (freeradius, fixed 0.7)
-*CVE-2002-0253 ignore (php) not a vulnerability
-*CVE-2002-0240 ignore (php) windows only
+CVE-2002-0253 ignore (php) not a vulnerability
+CVE-2002-0240 ignore (php) windows only
*CVE-2002-0232 version (mrtg, not 2.11.1 at least)
-*CVE-2002-0229 version (php)
+CVE-2002-0229 ignore (php) safe mode isn't safe
*CVE-2002-0185 version (mod_python, fixed 2.7.7)
-*CVE-2002-0184 version (sudo, fixed 1.6.6)
+CVE-2002-0184 version (sudo, fixed 1.6.6)
*CVE-2002-0180 version (webalizer, fixed 2.01-10)
*CVE-2002-0169 ignore (docbook) was RHL only
*CVE-2002-0165 version (logwatch, fixed 2.6)
@@ -2595,16 +2595,16 @@
*CVE-2002-0146 version (fetchmail, fixed 5.9.10)
*CVE-2002-0130 ignore (efax) not setuid root
*CVE-2002-0129 ignore (efax) not setuid root
-*CVE-2002-0121 version (php, fixed after 4.1.1)
+CVE-2002-0121 version (php, fixed after 4.1.1)
*CVE-2002-0092 version (cve, fixed 1.10.8)
CVE-2002-0083 version (openssh, fixed 3.1)
*CVE-2002-0082 version (mod_ssl, not httpd 2.2)
-*CVE-2002-0081 version (php, not 4.2+)
+CVE-2002-0081 version (php, not 4.2+)
CVE-2002-0080 version (rsync, fixed 2.5.3)
CVE-2002-0069 version (squid, fixed 2.4STABLE4)
CVE-2002-0068 version (squid, fixed 2.4STABLE4)
CVE-2002-0067 version (squid, fixed 2.4STABLE4)
-*CVE-2002-0063 version (cups, fixed 1.1.14)
+CVE-2002-0063 version (cups, fixed 1.1.14)
*CVE-2002-0062 version (ncurses, only 5.0)
*CVE-2002-0060 version (kernel, fixed 2.5.5)
*CVE-2002-0059 ** zlib (cvs, dump, gcc, libgcj, kernel, vnc)
@@ -2614,14 +2614,14 @@
*CVE-2002-0046 version (kernel, fixed 2.4.0)
*CVE-2002-0045 version (openldap, fixed 2.0.20)
*CVE-2002-0044 version (enscript, fixed 1.6.4 at least)
-*CVE-2002-0043 version (sudo, fixed 1.6.4)
-*CVE-2002-0036 version (krb5, fixed 1.2.5)
-*CVE-2002-0029 version (bind, not 9)
+CVE-2002-0043 version (sudo, fixed 1.6.4)
+CVE-2002-0036 version (krb5, fixed 1.2.5)
+CVE-2002-0029 version (bind, not 9)
CVE-2002-0013 version (net-snmp, fixed 4.2.3)
CVE-2002-0012 version (net-snmp, fixed 4.2.3)
-*CVE-2002-0006 verison (xchat, fixed 1.8.7) cve is wrong
+CVE-2002-0006 verison (xchat, fixed 1.8.7) cve is wrong
CVE-2002-0004 backport (at) issue was in a patch, fixed at-3.1.8-11-lexer-parser.diff
-*CVE-2002-0003 version (groff, fixed 1.17.2)
+CVE-2002-0003 version (groff, fixed 1.17.2)
*CVE-2002-0002 version (stunnel, fixed 3.22)
*CVE-2002-0001 version (mutt, fixed 1.3.25)
*CVE-2001-1494 version (util-linux, fixed 2.11n)
@@ -2641,4 +2641,4 @@
CVE-1999-0997 ignore, no-ship (wu-ftpd)
CVE-1999-0710 version (squid, fixed 2.5.STABLE10)
CVE-1999-0473 version (rsync, fixed 2.3.1)
-*CVE-1999-0103 (bind)
+CVE-1999-0103 ignore (bind) this is the nature of UDP
--
fedora-extras-commits mailing list
fedora-extras-commits at redhat.com
https://www.redhat.com/mailman/listinfo/fedora-extras-commits
More information about the security
mailing list