[Bug 241489] New: CVE-2007-2865: phpPgAdmin 4.1.1 XSS vulnerability
by Red Hat Bugzilla
Please do not reply directly to this email. All additional
comments should be made in the comments box of this bug report.
https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=241489
Summary: CVE-2007-2865: phpPgAdmin 4.1.1 XSS vulnerability
Product: Fedora Extras
Version: fc6
Platform: All
URL: http://nvd.nist.gov/nvd.cfm?cvename=CVE-2007-2865
OS/Version: Linux
Status: NEW
Severity: medium
Priority: medium
Component: phpPgAdmin
AssignedTo: devrim(a)commandprompt.com
ReportedBy: ville.skytta(a)iki.fi
QAContact: extras-qa(a)fedoraproject.org
CC: fedora-security-list(a)redhat.com
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2007-2865
"Cross-site scripting (XSS) vulnerability in sqledit.php in phpPgAdmin 4.1.1
allows remote attackers to inject arbitrary web script or HTML via the server
parameter."
--
Configure bugmail: https://bugzilla.redhat.com/bugzilla/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are on the CC list for the bug, or are watching someone who is.
16 years, 9 months
- 1
- 2
fedora-security/audit fc7,1.38,1.39
by fedora-extras-commits@redhat.com
Author: bressers
Update of /cvs/fedora/fedora-security/audit
In directory cvs-int.fedora.redhat.com:/tmp/cvs-serv5528
Modified Files:
fc7
Log Message:
Deal with gd and gdm
Index: fc7
===================================================================
RCS file: /cvs/fedora/fedora-security/audit/fc7,v
retrieving revision 1.38
retrieving revision 1.39
diff -u -r1.38 -r1.39
--- fc7 11 Jul 2007 00:07:58 -0000 1.38
+++ fc7 12 Jul 2007 00:52:20 -0000 1.39
@@ -62,11 +62,11 @@
CVE-2007-2867 version (seamonkey, fixed 1.0.9)
CVE-2007-2865 VULNERABLE (phpPgAdmin) #241489
CVE-2007-2844 ignore (php) #241641
-*CVE-2007-2843 ignore (konqueror) safari specific
+CVE-2007-2843 ignore (konqueror) safari specific
*CVE-2007-2821 VULNERABLE (wordpress, fixed 2.2) #240970
*CVE-2007-2799 (file)
CVE-2007-2768 ignore (openssh) needs pam OPIE which is not shipped.
-*CVE-2007-2756 ignore (gd) DoS only
+CVE-2007-2756 ignore (gd) DoS only
*CVE-2007-2754 (freetype)
CVE-2007-2721 patch (jasper, fixed 1.900.1-2) #240397
*CVE-2007-2683 (mutt)
@@ -147,7 +147,7 @@
*CVE-2007-1599 version (wordpress, fixed 2.1.3-0.rc2) #233703
CVE-2007-1583 version (php, fixed 5.2.2)
CVE-2007-1565 ignore (konqueror) client crash
-*CVE-2007-1564 vulnerable (konqueror) [#CVE-2007-1564]
+CVE-2007-1564 vulnerable (konqueror) [#CVE-2007-1564]
CVE-2007-1562 (firefox, seamonkey, thunderbird)
CVE-2007-1560 version (squid, fixed 2.6.STABLE12)
*CVE-2007-1558 version (claws-mail, fixed 2.9.1) #237293
@@ -285,7 +285,7 @@
CVE-2007-0458 version (wireshark, fixed 0.99.5) #227140
CVE-2007-0457 version (wireshark, fixed 0.99.5) #227140
CVE-2007-0456 version (wireshark, fixed 0.99.5) #227140
-*CVE-2007-0455 VULNERABLE (gd) #224610
+CVE-2007-0455 version (gd, fixed 2.0.34) #224610
*CVE-2007-0454 (samba)
*CVE-2007-0452 (samba)
*CVE-2007-0451 version (spamassassin, fixed 3.1.8) [since FEDORA-2007-241]
@@ -394,7 +394,7 @@
*CVE-2006-6303 version (ruby, fixed 1.8.5.2) [since FEDORA-2006-1441]
*CVE-2006-6301 version (denyhosts, fixed 2.6-2) #218824
*CVE-2006-6297 ignore (kdegraphics) just a crash
-*CVE-2006-6238 (konqueror) probably safari only
+CVE-2006-6238 (konqueror) probably safari only
CVE-2006-6236 ignore, no-ship (acroread)
*CVE-2006-6235 patch (gnupg2, fixed 2.0.1-2) #218821
*CVE-2006-6235 backport (gnupg, fixed 1.4.6) [since FEDORA-2006-1406]
@@ -410,7 +410,7 @@
*CVE-2006-6120 version (koffice, fixed 1.6.1) #218030
*CVE-2006-6107 VULNERABLE (dbus, fixed 1.0.2) #219665
CVE-2006-6106 version (kernel, fixed 2.6.19.2, fixed 2.6.20-rc5) [since FEDORA-2006-1471]
-*CVE-2006-6105 version (gdm, fixed 2.14.11) [since FEDORA-2006-1468]
+CVE-2006-6105 version (gdm, fixed 2.14.11) [since FEDORA-2006-1468]
*CVE-2006-6104 backport (mono, fixed 1.1.13.8.2) #220853 [since FEDORA-2007-067]
*CVE-2006-6103 (xorg-x11)
*CVE-2006-6102 (xorg-x11)
@@ -586,7 +586,7 @@
CVE-2006-4486 version (php, fixed 5.1.6)
CVE-2006-4485 version (php, fixed 5.1.5)
CVE-2006-4484 version (php, fixed 5.1.5)
-*CVE-2006-4484 ignore (gd)
+CVE-2006-4484 ignore (gd)
CVE-2006-4483 ignore (php) not linux
CVE-2006-4482 version (php, fixed 5.1.5)
CVE-2006-4481 ignore (php) safe mode isn't safe
@@ -625,7 +625,7 @@
*CVE-2006-4192 patch (libmodplug, fixed 0.8-3)
CVE-2006-4182 version (clamav, fixed 0.88.5) #210973
*CVE-2006-4181 (gnuradius)
-*CVE-2006-4146 backport (gdb)
+CVE-2006-4146 backport (gdb)
*CVE-2006-4145 version (kernel, fixed 2.6.17.10, fixed 2.6.18-rc5) needs a better upstream fix
*CVE-2006-4144 backport (ImageMagick, fixed 6.2.9)
*CVE-2006-4124 (lesstif)
@@ -770,7 +770,7 @@
*CVE-2006-2932 ignore (kernel) no 4G/4G split support
*CVE-2006-2920 version (sylpheed-claws, fixed 2.2.2)
*CVE-2006-2916 ignore (arts) not shipped setuid
-*CVE-2006-2906 backport (gd) from changelog
+CVE-2006-2906 backport (gd) from changelog
CVE-2006-2894 VULNERABLE (seamonkey) #194511
CVE-2006-2894 VULNERABLE (firefox) https://bugzilla.mozilla.org/show_bug.cgi?id=56236
CVE-2006-2842 version (squirrelmail, fixed 1.4.6)
@@ -817,7 +817,7 @@
*CVE-2006-2489 version (nagios, fixed 2.3.1)
*CVE-2006-2480 patch (dia, fixed 0.95-2) bz#192535
*CVE-2006-2453 patch (dia, fixed 0.95-3) #192830
-*CVE-2006-2452 version (gdm)
+CVE-2006-2452 version (gdm)
*CVE-2006-2451 version (kernel, fixed 2.6.17.4)
*CVE-2006-2450 (vnc)
*CVE-2006-2449 version (kdebase, fixed 3.5.4)
@@ -1021,7 +1021,7 @@
*CVE-2006-1061 version (curl, fixed 7.15.3)
*CVE-2006-1059 version (samba, fixed 3.0.22 at least)
*CVE-2006-1058 version (busybox, fixed 1.2.x)
-*CVE-2006-1057 version (gdm, fixed 2.14.1)
+CVE-2006-1057 version (gdm, fixed 2.14.1)
*CVE-2006-1056 version (kernel, fixed 2.6.16.9)
*CVE-2006-1055 version (kernel, fixed 2.6.17)
*CVE-2006-1053 (fedora directory server)
@@ -1918,7 +1918,7 @@
*CVE-2004-1002 ignore (ppp) not a security issue
*CVE-2004-0997 version (kernel, not 2.6)
*CVE-2004-0996 backport (cscope) not fixed in 15.5
-*CVE-2004-0990 version (gd, fixed 2.0.33 at least)
+CVE-2004-0990 version (gd, fixed 2.0.33 at least)
*CVE-2004-0989 version (libxml2, fixed 2.6.15)
*CVE-2004-0986 version (iptables, fixed 1.2.12)
*CVE-2004-0983 version (ruby, fixed 1.8.2)
@@ -1943,7 +1943,7 @@
*CVE-2004-0956 version (mysql, fixed 4.0.20)
*CVE-2004-0946 version (nfs-utils, fixed 1.0.6-r6)
*CVE-2004-0942 version (httpd, not 2.2)
-*CVE-2004-0941 backport (gd)
+CVE-2004-0941 backport (gd)
*CVE-2004-0940 version (httpd, not 2.2)
*CVE-2004-0938 version (freeradius, fixed 1.0.1)
*CVE-2004-0930 version (samba, fixed 3.0.8)
@@ -2062,7 +2062,7 @@
*CVE-2004-0547 version (postgresql, fixed 7.2.1)
CVE-2004-0541 version (squid, fixed 2.5.STABLE6)
*CVE-2004-0535 version (kernel, fixed 2.6.6)
-*CVE-2004-0527 version (konqueror, not 3+)
+CVE-2004-0527 version (konqueror, not 3+)
CVE-2004-0523 version (krb5, fixed 1.3.4)
*CVE-2004-0521 version (squirrelmail, fixed 1.4.3a)
*CVE-2004-0520 version (squirrelmail, fixed 1.4.3a)
@@ -2239,8 +2239,8 @@
*CVE-2003-0851 version (openssl, not 0.9.8)
*CVE-2003-0851 version (openssl097a, not 0.9.7)
*CVE-2003-0795 version (quagga, fixed 0.96.4)
-*CVE-2003-0794 version (gdm, fixed 2.4.1.7)
-*CVE-2003-0793 version (gdm, fixed 2.4.1.7)
+CVE-2003-0794 version (gdm, fixed 2.4.1.7)
+CVE-2003-0793 version (gdm, fixed 2.4.1.7)
*CVE-2003-0792 version (fetchmail, 6.2.4 only)
*CVE-2003-0789 version (httpd, not 2.2)
CVE-2003-0788 version (cups, fixed 1.1.19)
@@ -2277,9 +2277,9 @@
*CVE-2003-0552 version (kernel, not 2.6)
*CVE-2003-0551 version (kernel, not 2.6)
*CVE-2003-0550 version (kernel, not 2.6)
-*CVE-2003-0549 version (gdm, fixed 2.4.1.6)
-*CVE-2003-0548 version (gdm, fixed 2.4.1.6)
-*CVE-2003-0547 version (gdm, fixed 2.4.1.6)
+CVE-2003-0549 version (gdm, fixed 2.4.1.6)
+CVE-2003-0548 version (gdm, fixed 2.4.1.6)
+CVE-2003-0547 version (gdm, fixed 2.4.1.6)
*CVE-2003-0545 version (openssl, not 0.9.8)
*CVE-2003-0545 backport (openssl097a, fixed 0.9.7c)
*CVE-2003-0544 version (openssl, not 0.9.8)
--
fedora-extras-commits mailing list
fedora-extras-commits(a)redhat.com
https://www.redhat.com/mailman/listinfo/fedora-extras-commits
16 years, 9 months
- 1
- 0
Information page about last security advisories
by Monlong Pierre
Hi all,
I'm new with fedora, and i'm looking for a security information
page/site about latest security advisories,
Like debian secu. Page : www.debian.org/security/ where I can find :
-lastest advisories, with pb classification, description, CVE ref, and
of course links to individual patches ...
-security repositories, where I can find patches only related to
security concerns.
I searched these type informations on fedora homepage and wiki but I
don't find it.
Indeed, if I install critical app on a fedora server , each
patches/updates must be qualified before applying, I can't patches these
server without assessing impact of
Each patches.
As some servers are not connected to Internet, I need too to be able to
download patches on media (CDROM, USB key,...)...
(I think it's possible with yum to make a local repository)
Note that RedHat solution is not suitable, as even if the rhn is useful
to extract only security updates, it's not possible to easily update
server offline, nor to update
Package list of a server without connecting it to Internet.
Thank for your help.
==
Pierre Monlong - Antiope/IF/IE
Tel : +594 (0)5 94 33 47 53 / Fax : +594 (0)5 94 33 42 59
pierre.monlong(a)cnes.fr
==
16 years, 9 months
- 3
- 2
rpmverify output
by Emanuele Maiarelli
i'm running rpmverify its return a strange output:
rpmverify -a|grep bin
........C /usr/share/locale/en_GB/LC_MESSAGES/kgreet_winbind.mo
........C /usr/share/locale/fi/LC_MESSAGES/kabcformat_binary.mo
........C /usr/share/locale/fi/LC_MESSAGES/kbinaryclock.mo
........C /usr/share/locale/fi/LC_MESSAGES/kgreet_winbind.mo
........C /usr/share/locale/ja/LC_MESSAGES/kabcformat_binary.mo
........C /usr/share/locale/ja/LC_MESSAGES/kbinaryclock.mo
........C /usr/share/locale/ja/LC_MESSAGES/kgreet_winbind.mo
........C /usr/share/locale/sk/LC_MESSAGES/kabcformat_binary.mo
........C /usr/share/locale/sk/LC_MESSAGES/kbinaryclock.mo
........C /usr/share/locale/sk/LC_MESSAGES/kgreet_winbind.mo
........C /usr/bin/firefox
........C /usr/lib/firefox-1.0.7/components/libinspector.so
........C /usr/lib/firefox-1.0.7/firefox-bin
........C /usr/lib/firefox-1.0.7/libgtkxtbin.so
........C /usr/lib/firefox-1.0.7/res/html/gopher-binary.gif
........C /usr/bin/viewfax
........C /usr/sbin/openldap/back_sql-2.2.so.7
........C /usr/sbin/openldap/back_sql-2.2.so.7.0.22
........C /usr/sbin/openldap/back_sql.la
........C /usr/bin/amstex
........C /usr/bin/bamstex
........C /usr/bin/bplain
........C /usr/bin/lambda
what's mean ........C ? isn't reported in rpm manpages
thanks in advice
Emanuele Maiarelli
16 years, 9 months
- 2
- 5
fedora-security/audit fc7,1.37,1.38
by fedora-extras-commits@redhat.com
Author: bressers
Update of /cvs/fedora/fedora-security/audit
In directory cvs-int.fedora.redhat.com:/tmp/cvs-serv28365
Modified Files:
fc7
Log Message:
Sort out wireshark and the Mozilla products
Index: fc7
===================================================================
RCS file: /cvs/fedora/fedora-security/audit/fc7,v
retrieving revision 1.37
retrieving revision 1.38
diff -u -r1.37 -r1.38
--- fc7 10 Jul 2007 23:54:03 -0000 1.37
+++ fc7 11 Jul 2007 00:07:58 -0000 1.38
@@ -55,11 +55,11 @@
CVE-2007-2876 version (kernel, fixed 2.6.21.5) [ since FEDORA-2007-0409 ]
*CVE-2007-2874 (wpa_supplicant) #242455
CVE-2007-2873 version (spamassassin, fixed 3.2.1)
-*CVE-2007-2871 version (seamonkey, fixed 1.0.9)
-*CVE-2007-2870 version (seamonkey, fixed 1.0.9)
-*CVE-2007-2869 (firefox)
-*CVE-2007-2868 version (seamonkey, fixed 1.0.9)
-*CVE-2007-2867 version (seamonkey, fixed 1.0.9)
+CVE-2007-2871 version (seamonkey, fixed 1.0.9)
+CVE-2007-2870 version (seamonkey, fixed 1.0.9)
+CVE-2007-2869 (firefox)
+CVE-2007-2868 version (seamonkey, fixed 1.0.9)
+CVE-2007-2867 version (seamonkey, fixed 1.0.9)
CVE-2007-2865 VULNERABLE (phpPgAdmin) #241489
CVE-2007-2844 ignore (php) #241641
*CVE-2007-2843 ignore (konqueror) safari specific
@@ -103,7 +103,7 @@
*CVE-2007-2245 VULNERABLE (phpMyAdmin, fixed 2.10.1) #237882
CVE-2007-2243 ignore (openssh, fixed 4.6) needs S/KEY support which is not shipped.
*CVE-2007-2241 (bind)
-*CVE-2007-2176 ignore (firefox) only affects the java quicktime interaction
+CVE-2007-2176 ignore (firefox) only affects the java quicktime interaction
CVE-2007-2172 version (kernel, fixed 2.6.21-rc6)
*CVE-2007-2165 VULNERABLE (proftpd) #237533
*CVE-2007-2138 (postgresql)
@@ -146,9 +146,9 @@
*CVE-2007-1614 version (zziplib, fixed 0.13.49) #233700
*CVE-2007-1599 version (wordpress, fixed 2.1.3-0.rc2) #233703
CVE-2007-1583 version (php, fixed 5.2.2)
-*CVE-2007-1565 ignore (konqueror) client crash
+CVE-2007-1565 ignore (konqueror) client crash
*CVE-2007-1564 vulnerable (konqueror) [#CVE-2007-1564]
-*CVE-2007-1562 (firefox, seamonkey, thunderbird)
+CVE-2007-1562 (firefox, seamonkey, thunderbird)
CVE-2007-1560 version (squid, fixed 2.6.STABLE12)
*CVE-2007-1558 version (claws-mail, fixed 2.9.1) #237293
*CVE-2007-1558 backport (sylpheed, fixed 2.3.1-1)
@@ -221,7 +221,7 @@
*CVE-2007-1030 (libevent)
*CVE-2007-1007 (ekiga)
*CVE-2007-1006 version (ekiga, fixed 2.0.5) #229259 [since FEDORA-2007-322]
-*CVE-2007-1004 VULNERABLE (firefox, ...)
+CVE-2007-1004 VULNERABLE (firefox, ...)
*CVE-2007-1003 VULNERABLE (xorg-x11-server, fixed > X11R7.2) #235263
*CVE-2007-1002 VULNERABLE (evolution) #233587
CVE-2007-1001 version (php, fixed 5.2.2)
@@ -232,7 +232,7 @@
*CVE-2007-0996 version (seamonkey, fixed 1.0.8)
*CVE-2007-0995 version (seamonkey, fixed 1.0.8)
CVE-2007-0988 version (php, fixed 5.2.1)
-*CVE-2007-0981 VULNERABLE (firefox, ...)
+CVE-2007-0981 VULNERABLE (firefox, ...)
*CVE-2007-0981 version (seamonkey, fixed 1.0.8) #229253
CVE-2007-0957 patch (krb5, fixed 1.6-3) #231528
CVE-2007-0956 patch (krb5, fixed 1.6-3) #229782
@@ -281,10 +281,10 @@
*CVE-2007-0473 version (smb4k, fixed 0.8.0)
*CVE-2007-0472 version (smb4k, fixed 0.8.0)
*CVE-2007-0469 version (rubygems, fixed 0.9.1)
-*CVE-2007-0459 VULNERABLE (wireshark, fixed 0.99.5) #227140
-*CVE-2007-0458 VULNERABLE (wireshark, fixed 0.99.5) #227140
-*CVE-2007-0457 VULNERABLE (wireshark, fixed 0.99.5) #227140
-*CVE-2007-0456 VULNERABLE (wireshark, fixed 0.99.5) #227140
+CVE-2007-0459 version (wireshark, fixed 0.99.5) #227140
+CVE-2007-0458 version (wireshark, fixed 0.99.5) #227140
+CVE-2007-0457 version (wireshark, fixed 0.99.5) #227140
+CVE-2007-0456 version (wireshark, fixed 0.99.5) #227140
*CVE-2007-0455 VULNERABLE (gd) #224610
*CVE-2007-0454 (samba)
*CVE-2007-0452 (samba)
@@ -417,7 +417,7 @@
*CVE-2006-6101 (xorg-x11)
*CVE-2006-6097 backport (tar) [since FEDORA-2006-1393]
*CVE-2006-6085 version (kile, fixed 1.9.3) #217238
-*CVE-2006-6077 VULNERABLE (firefox)
+CVE-2006-6077 VULNERABLE (firefox)
CVE-2006-6060 ignore (kernel, fixed 2.6.19-rc2) no NTFS support
CVE-2006-6058 VULNERABLE (kernel, fixed **)
CVE-2006-6057 VULNERABLE (kernel, fixed **)
@@ -448,7 +448,7 @@
CVE-2006-5794 version (openssh, fixed 4.5) #214641 [since FEDORA-2006-1215]
CVE-2006-5793 version (libpng10, fixed 1.0.21) #216263
*CVE-2006-5793 ignore (libpng, fixed 1.2.13) just a client crash
-*CVE-2006-5783 ignore (firefox) disputed
+CVE-2006-5783 ignore (firefox) disputed
*CVE-2006-5779 VULNERABLE (openldap, 2.3.29) #214768
*CVE-2006-5757 version (kernel, fixed 2.6.19) [since FEDORA-2007-058] was backport since FEDORA-2006-1223
*CVE-2006-5754 (kernel)
@@ -456,37 +456,37 @@
*CVE-2006-5751 version (kernel, fixed 2.6.19, fixed 2.6.18.4) [since FEDORA-2006-1471]
*CVE-2006-5750 (jboss)
*CVE-2006-5749 VULNERABLE (kernel, fixed 2.6.20-rc2)
-*CVE-2006-5748 version (thunderbird, fixed 1.5.0.8) [since FEDORA-2006-1192]
-*CVE-2006-5748 version (seamonkey, fixed 1.0.6) #214822
-*CVE-2006-5748 version (firefox, fixed 1.5.0.8) [since FEDORA-2006-1191]
-*CVE-2006-5747 version (thunderbird, fixed 1.5.0.8) [since FEDORA-2006-1192]
-*CVE-2006-5747 version (seamonkey, fixed 1.0.6) #214822
-*CVE-2006-5747 version (firefox, fixed 1.5.0.8) [since FEDORA-2006-1191]
+CVE-2006-5748 version (thunderbird, fixed 1.5.0.8) [since FEDORA-2006-1192]
+CVE-2006-5748 version (seamonkey, fixed 1.0.6) #214822
+CVE-2006-5748 version (firefox, fixed 1.5.0.8) [since FEDORA-2006-1191]
+CVE-2006-5747 version (thunderbird, fixed 1.5.0.8) [since FEDORA-2006-1192]
+CVE-2006-5747 version (seamonkey, fixed 1.0.6) #214822
+CVE-2006-5747 version (firefox, fixed 1.5.0.8) [since FEDORA-2006-1191]
CVE-2006-5706 ignore (php, fixed 5.2.0) safe mode isn't safe
*CVE-2006-5705 backport (wordpress, fixed 2.0.4-3) #213985
*CVE-2006-5701 VULNERABLE (kernel) squashfs is not included upstream
-*CVE-2006-5633 ignore (firefox) just a client DoS
+CVE-2006-5633 ignore (firefox) just a client DoS
*CVE-2006-5619 version (kernel, fixed 2.6.18.2, fixed 2.6.19-rc4) [since FEDORA-2006-1223]
*CVE-2006-5602 version (xsupplicant, fixed 1.2.6)
*CVE-2006-5601 version (xsupplicant, fixed 1.2.8) #212700
-*CVE-2006-5595 version (wireshark, fixed 0.99.4) [since FEDORA-2006-1140]
+CVE-2006-5595 version (wireshark, fixed 0.99.4) [since FEDORA-2006-1140]
*CVE-2006-5542 version (postgresql, fixed 8.1.5) #212360 [since FEDORA-2007-053]
*CVE-2006-5541 version (postgresql, fixed 8.1.5) #212360 [since FEDORA-2007-053]
*CVE-2006-5540 version (postgresql, fixed 8.1.5) #212360 [since FEDORA-2007-053]
-*CVE-2006-5470 version (wireshark, fixed 0.99.4) [since FEDORA-2006-1140]
-*CVE-2006-5469 version (wireshark, fixed 0.99.4) [since FEDORA-2006-1140]
-*CVE-2006-5468 version (wireshark, fixed 0.99.4) [since FEDORA-2006-1140]
+CVE-2006-5470 version (wireshark, fixed 0.99.4) [since FEDORA-2006-1140]
+CVE-2006-5469 version (wireshark, fixed 0.99.4) [since FEDORA-2006-1140]
+CVE-2006-5468 version (wireshark, fixed 0.99.4) [since FEDORA-2006-1140]
*CVE-2006-5467 backport (ruby) #212396 [since FEDORA-2006-1109]
*CVE-2006-5466 VULNERABLE (rpm) #212833
CVE-2006-5465 backport (php, fixed 5.2.0) #213732 [since FEDOA-2006-1169]
-*CVE-2006-5464 version (thunderbird, fixed 1.5.0.8) [since FEDORA-2006-1192]
-*CVE-2006-5464 version (seamonkey, fixed 1.0.6) #214822
-*CVE-2006-5464 version (firefox, fixed 1.5.0.8) [since FEDORA-2006-1191]
-*CVE-2006-5463 version (thunderbird, fixed 1.5.0.8) [since FEDORA-2006-1192]
-*CVE-2006-5463 version (seamonkey, fixed 1.0.6) #214822
-*CVE-2006-5463 version (firefox, fixed 1.5.0.8) [since FEDORA-2006-1191]
-*CVE-2006-5462 version (thunderbird, fixed 1.5.0.8) [since FEDORA-2006-1192]
-*CVE-2006-5462 version (firefox, fixed 1.5.0.8) [since FEDORA-2006-1191]
+CVE-2006-5464 version (thunderbird, fixed 1.5.0.8) [since FEDORA-2006-1192]
+CVE-2006-5464 version (seamonkey, fixed 1.0.6) #214822
+CVE-2006-5464 version (firefox, fixed 1.5.0.8) [since FEDORA-2006-1191]
+CVE-2006-5463 version (thunderbird, fixed 1.5.0.8) [since FEDORA-2006-1192]
+CVE-2006-5463 version (seamonkey, fixed 1.0.6) #214822
+CVE-2006-5463 version (firefox, fixed 1.5.0.8) [since FEDORA-2006-1191]
+CVE-2006-5462 version (thunderbird, fixed 1.5.0.8) [since FEDORA-2006-1192]
+CVE-2006-5462 version (firefox, fixed 1.5.0.8) [since FEDORA-2006-1191]
*CVE-2006-5461 VULNERABLE (avahi, fixed 0.6.15)
*CVE-2006-5456 backport (ImageMagick) #210921 [since FEDORA-2006-1285]
*CVE-2006-5455 patch (bugzilla, fixed 2.22-7) #212355
@@ -510,8 +510,8 @@
*CVE-2006-5174 ignore (kernel, fixed 2.6.19-rc1) s390 only
*CVE-2006-5173 ignore (kernel, fixed 2.6.18) protected by exec-shield
*CVE-2006-5170 VULNERABLE (nss_ldap, fixed 183)
-*CVE-2006-5160 ignore (firefox) unverified
-*CVE-2006-5159 ignore (firefox) unverified
+CVE-2006-5160 ignore (firefox) unverified
+CVE-2006-5159 ignore (firefox) unverified
*CVE-2006-5158 version (kernel, fixed 2.6.15)
*CVE-2006-5129 version (moodle, fixed 1.6.3) #206516
*CVE-2006-5111 version (libksba, fixed 0.9.14)
@@ -543,7 +543,7 @@
*CVE-2006-4808 patch (imlib2, fixed 1.3.0-3) #214676
*CVE-2006-4807 patch (imlib2, fixed 1.3.0-3) #214676
*CVE-2006-4806 patch (imlib2, fixed 1.3.0-3) #214676
-*CVE-2006-4805 version (wireshark, fixed 0.99.4) [since FEDORA-2006-1140]
+CVE-2006-4805 version (wireshark, fixed 0.99.4) [since FEDORA-2006-1140]
*CVE-2006-4790 backport (gnutls, fixed 1.4.4)
*CVE-2006-4786 version (moodle, fixed 1.6.3) #206516
*CVE-2006-4785 version (moodle, fixed 1.6.3) #206516
@@ -556,26 +556,26 @@
*CVE-2006-4624 version (mailman, fixed 2.1.9rc1)
*CVE-2006-4623 version (kernel, fixed 2.6.18-rc1)
*CVE-2006-4600 version (openldap, fixed 2.3.25)
-*CVE-2006-4574 version (wireshark, fixed 0.99.4) [since FEDORA-2006-1140]
+CVE-2006-4574 version (wireshark, fixed 0.99.4) [since FEDORA-2006-1140]
*CVE-2006-4573 VULNERABLE (screen) #212057
*CVE-2006-4572 version (kernel, fixed 2.6.19) [since FEDORA-2007-058]
-*CVE-2006-4571 version (thunderbird, fixed 1.5.0.7)
-*CVE-2006-4571 version (seamonkey, fixed 1.0.5) #209167
-*CVE-2006-4571 version (firefox, fixed 1.5.0.7)
-*CVE-2006-4570 version (thunderbird, fixed 1.5.0.7)
-*CVE-2006-4570 version (seamonkey, fixed 1.0.5) #209167
-*CVE-2006-4569 version (firefox, fixed 1.5.0.7)
-*CVE-2006-4568 version (seamonkey, fixed 1.0.5) #209167
-*CVE-2006-4568 version (firefox, fixed 1.5.0.7)
-*CVE-2006-4567 version (thunderbird, fixed 1.5.0.7)
-*CVE-2006-4567 version (firefox, fixed 1.5.0.7)
-*CVE-2006-4566 version (thunderbird, fixed 1.5.0.7)
-*CVE-2006-4566 version (seamonkey, fixed 1.0.5) #209167
-*CVE-2006-4566 version (firefox, fixed 1.5.0.7)
-*CVE-2006-4565 version (thunderbird, fixed 1.5.0.7)
-*CVE-2006-4565 version (seamonkey, fixed 1.0.5) #209167
-*CVE-2006-4565 version (firefox, fixed 1.5.0.7)
-*CVE-2006-4561 VULNERABLE (firefox)
+CVE-2006-4571 version (thunderbird, fixed 1.5.0.7)
+CVE-2006-4571 version (seamonkey, fixed 1.0.5) #209167
+CVE-2006-4571 version (firefox, fixed 1.5.0.7)
+CVE-2006-4570 version (thunderbird, fixed 1.5.0.7)
+CVE-2006-4570 version (seamonkey, fixed 1.0.5) #209167
+CVE-2006-4569 version (firefox, fixed 1.5.0.7)
+CVE-2006-4568 version (seamonkey, fixed 1.0.5) #209167
+CVE-2006-4568 version (firefox, fixed 1.5.0.7)
+CVE-2006-4567 version (thunderbird, fixed 1.5.0.7)
+CVE-2006-4567 version (firefox, fixed 1.5.0.7)
+CVE-2006-4566 version (thunderbird, fixed 1.5.0.7)
+CVE-2006-4566 version (seamonkey, fixed 1.0.5) #209167
+CVE-2006-4566 version (firefox, fixed 1.5.0.7)
+CVE-2006-4565 version (thunderbird, fixed 1.5.0.7)
+CVE-2006-4565 version (seamonkey, fixed 1.0.5) #209167
+CVE-2006-4565 version (firefox, fixed 1.5.0.7)
+CVE-2006-4561 VULNERABLE (firefox)
*CVE-2006-4538 version (kernel, fixed after 2.6.18-rc6)
*CVE-2006-4535 version (kernel, fixed 2.6.18-rc6)
CVE-2006-4519 VULNERABLE (gimp) #247566
@@ -607,16 +607,16 @@
*CVE-2006-4336 backport (gzip)
*CVE-2006-4335 backport (gzip) lha still VULNERABLE to the same flaw
*CVE-2006-4334 backport (gzip)
-*CVE-2006-4333 version (wireshark, fixed 0.99.3)
-*CVE-2006-4332 version (wireshark, fixed 0.99.3)
-*CVE-2006-4331 version (wireshark, fixed 0.99.3)
-*CVE-2006-4330 version (wireshark, fixed 0.99.3)
-*CVE-2006-4310 ignore (firefox) crash only
+CVE-2006-4333 version (wireshark, fixed 0.99.3)
+CVE-2006-4332 version (wireshark, fixed 0.99.3)
+CVE-2006-4331 version (wireshark, fixed 0.99.3)
+CVE-2006-4330 version (wireshark, fixed 0.99.3)
+CVE-2006-4310 ignore (firefox) crash only
*CVE-2006-4262 backport (cscope)
-*CVE-2006-4261 (firefox)
-*CVE-2006-4253 version (thunderbird, fixed 1.5.0.7)
-*CVE-2006-4253 version (seamonkey, fixed 1.0.5) #209167
-*CVE-2006-4253 version (firefox, fixed 1.5.0.7)
+CVE-2006-4261 (firefox)
+CVE-2006-4253 version (thunderbird, fixed 1.5.0.7)
+CVE-2006-4253 version (seamonkey, fixed 1.0.5) #209167
+CVE-2006-4253 version (firefox, fixed 1.5.0.7)
*CVE-2006-4249 patch (plone, fixed 2.5.1-3) #213983
*CVE-2006-4248 ignore (thttpd, Debian specific issue)
*CVE-2006-4247 patch (plone, fixed 2.5-4) #209163
@@ -644,42 +644,42 @@
*CVE-2006-3816 version (krusader, fixed 1.70.1) #200323
*CVE-2006-3815 version (heartbeat, fixed 2.0.6)
*CVE-2006-3813 version (perl) only Red Hat Enterprise Linux affected
-*CVE-2006-3812 version (thunderbird, fixed 1.5.0.5)
-*CVE-2006-3812 version (seamonkey, fixed 1.0.4) #200455
-*CVE-2006-3812 version (firefox, fixed 1.5.0.5)
-*CVE-2006-3811 version (thunderbird, fixed 1.5.0.5)
-*CVE-2006-3811 version (seamonkey, fixed 1.0.4) #200455
-*CVE-2006-3811 version (firefox, fixed 1.5.0.5)
-*CVE-2006-3810 version (thunderbird, fixed 1.5.0.5)
-*CVE-2006-3810 version (seamonkey, fixed 1.0.4) #200455
-*CVE-2006-3810 version (firefox, fixed 1.5.0.5)
-*CVE-2006-3809 version (thunderbird, fixed 1.5.0.5)
-*CVE-2006-3809 version (seamonkey, fixed 1.0.4) #200455
-*CVE-2006-3809 version (firefox, fixed 1.5.0.5)
-*CVE-2006-3808 version (thunderbird, fixed 1.5.0.5)
-*CVE-2006-3808 version (seamonkey, fixed 1.0.4) #200455
-*CVE-2006-3808 version (firefox, fixed 1.5.0.5)
-*CVE-2006-3807 version (thunderbird, fixed 1.5.0.5)
-*CVE-2006-3807 version (seamonkey, fixed 1.0.4) #200455
-*CVE-2006-3807 version (firefox, fixed 1.5.0.5)
-*CVE-2006-3806 version (thunderbird, fixed 1.5.0.5)
-*CVE-2006-3806 version (seamonkey, fixed 1.0.4) #200455
-*CVE-2006-3806 version (firefox, fixed 1.5.0.5)
-*CVE-2006-3805 version (thunderbird, fixed 1.5.0.5)
-*CVE-2006-3805 version (seamonkey, fixed 1.0.4) #200455
-*CVE-2006-3805 version (firefox, fixed 1.5.0.5)
-*CVE-2006-3804 version (thunderbird, fixed 1.5.0.5)
-*CVE-2006-3804 version (seamonkey, fixed 1.0.4) #200455
-*CVE-2006-3804 version (firefox, fixed 1.5.0.5)
-*CVE-2006-3803 version (thunderbird, fixed 1.5.0.5)
-*CVE-2006-3803 version (seamonkey, fixed 1.0.4) #200455
-*CVE-2006-3803 version (firefox, fixed 1.5.0.5)
-*CVE-2006-3802 version (thunderbird, fixed 1.5.0.5)
-*CVE-2006-3802 version (seamonkey, fixed 1.0.4) #200455
-*CVE-2006-3802 version (firefox, fixed 1.5.0.5)
-*CVE-2006-3801 version (thunderbird, fixed 1.5.0.5)
-*CVE-2006-3801 version (seamonkey, fixed 1.0.4) #200455
-*CVE-2006-3801 version (firefox, fixed 1.5.0.5)
+CVE-2006-3812 version (thunderbird, fixed 1.5.0.5)
+CVE-2006-3812 version (seamonkey, fixed 1.0.4) #200455
+CVE-2006-3812 version (firefox, fixed 1.5.0.5)
+CVE-2006-3811 version (thunderbird, fixed 1.5.0.5)
+CVE-2006-3811 version (seamonkey, fixed 1.0.4) #200455
+CVE-2006-3811 version (firefox, fixed 1.5.0.5)
+CVE-2006-3810 version (thunderbird, fixed 1.5.0.5)
+CVE-2006-3810 version (seamonkey, fixed 1.0.4) #200455
+CVE-2006-3810 version (firefox, fixed 1.5.0.5)
+CVE-2006-3809 version (thunderbird, fixed 1.5.0.5)
+CVE-2006-3809 version (seamonkey, fixed 1.0.4) #200455
+CVE-2006-3809 version (firefox, fixed 1.5.0.5)
+CVE-2006-3808 version (thunderbird, fixed 1.5.0.5)
+CVE-2006-3808 version (seamonkey, fixed 1.0.4) #200455
+CVE-2006-3808 version (firefox, fixed 1.5.0.5)
+CVE-2006-3807 version (thunderbird, fixed 1.5.0.5)
+CVE-2006-3807 version (seamonkey, fixed 1.0.4) #200455
+CVE-2006-3807 version (firefox, fixed 1.5.0.5)
+CVE-2006-3806 version (thunderbird, fixed 1.5.0.5)
+CVE-2006-3806 version (seamonkey, fixed 1.0.4) #200455
+CVE-2006-3806 version (firefox, fixed 1.5.0.5)
+CVE-2006-3805 version (thunderbird, fixed 1.5.0.5)
+CVE-2006-3805 version (seamonkey, fixed 1.0.4) #200455
+CVE-2006-3805 version (firefox, fixed 1.5.0.5)
+CVE-2006-3804 version (thunderbird, fixed 1.5.0.5)
+CVE-2006-3804 version (seamonkey, fixed 1.0.4) #200455
+CVE-2006-3804 version (firefox, fixed 1.5.0.5)
+CVE-2006-3803 version (thunderbird, fixed 1.5.0.5)
+CVE-2006-3803 version (seamonkey, fixed 1.0.4) #200455
+CVE-2006-3803 version (firefox, fixed 1.5.0.5)
+CVE-2006-3802 version (thunderbird, fixed 1.5.0.5)
+CVE-2006-3802 version (seamonkey, fixed 1.0.4) #200455
+CVE-2006-3802 version (firefox, fixed 1.5.0.5)
+CVE-2006-3801 version (thunderbird, fixed 1.5.0.5)
+CVE-2006-3801 version (seamonkey, fixed 1.0.4) #200455
+CVE-2006-3801 version (firefox, fixed 1.5.0.5)
*CVE-2006-3747 version (httpd, fixed 2.2.3)
*CVE-2006-3746 version (gnupg, fixed 1.4.5)
*CVE-2006-3745 version (kernel, fixed 2.6.17.10, fixed 2.6.18-rc5)
@@ -691,22 +691,22 @@
*CVE-2006-3739 version (libXfont, fixed 1.2.2)
*CVE-2006-3738 backport (openssl, fixed 0.9.8d)
*CVE-2006-3733 ignore (jboss) cisco only
-*CVE-2006-3731 ignore (firefox) just a user complicit crash
+CVE-2006-3731 ignore (firefox) just a user complicit crash
*CVE-2006-3694 version (ruby, fixed 1.8.5)
-*CVE-2006-3677 version (thunderbird, fixed 1.5.0.5)
-*CVE-2006-3677 version (seamonkey, fixed 1.0.4) #200455
-*CVE-2006-3677 version (firefox, fixed 1.5.0.5)
-*CVE-2006-3672 ignore (konqueror) just a crash
+CVE-2006-3677 version (thunderbird, fixed 1.5.0.5)
+CVE-2006-3677 version (seamonkey, fixed 1.0.4) #200455
+CVE-2006-3677 version (firefox, fixed 1.5.0.5)
+CVE-2006-3672 ignore (konqueror) just a crash
*CVE-2006-3668 patch (dumb, fixed 0.9.3-4) #200370
*CVE-2006-3665 ignore (squirrelmail) don't enable register_globals!
*CVE-2006-3636 version (mailman, fixed 2.1.9)
*CVE-2006-3634 ignore (kernel, fixed 2.6.17.8) s390 only
-*CVE-2006-3632 version (wireshark, fixed 0.99.2)
-*CVE-2006-3631 version (wireshark, fixed 0.99.2)
-*CVE-2006-3630 version (wireshark, fixed 0.99.2)
-*CVE-2006-3629 version (wireshark, fixed 0.99.2)
-*CVE-2006-3628 version (wireshark, fixed 0.99.2)
-*CVE-2006-3627 version (wireshark, fixed 0.99.2)
+CVE-2006-3632 version (wireshark, fixed 0.99.2)
+CVE-2006-3631 version (wireshark, fixed 0.99.2)
+CVE-2006-3630 version (wireshark, fixed 0.99.2)
+CVE-2006-3629 version (wireshark, fixed 0.99.2)
+CVE-2006-3628 version (wireshark, fixed 0.99.2)
+CVE-2006-3627 version (wireshark, fixed 0.99.2)
*CVE-2006-3626 version (kernel, fixed 2.6.17.6)
*CVE-2006-3619 version (gcc, fixed 4.1.1-20060828 at least)
CVE-2006-3587 ignore, no-ship (flash-plugin)
@@ -731,7 +731,7 @@
*CVE-2006-3390 ignore (wordpress, not an issue) #198107
*CVE-2006-3378 ignore (shadow-utils) we don't ship passwd from shadow-utils
*CVE-2006-3376 backport (libwmf) from changelog
-*CVE-2006-3352 ignore (firefox) not a vulnerability
+CVE-2006-3352 ignore (firefox) not a vulnerability
*CVE-2006-3334 ignore (libpng, fixed 1.2.12) not exploitable
CVE-2006-3311 ignore, no-ship (flash-plugin)
*CVE-2006-3276 (helixplayer)
@@ -744,10 +744,10 @@
*CVE-2006-3121 version (heartbeat, fixed 2.0.7)
*CVE-2006-3119 patch (fbida, fixed 2.0.3-12) #200321
*CVE-2006-3117 version (openoffice.org, fixed 2.0.3)
-*CVE-2006-3113 version (thunderbird, fixed 1.5.0.5)
-*CVE-2006-3113 version (seamonkey, fixed 1.0.4) #200455
-*CVE-2006-3113 version (firefox, fixed 1.5.0.5)
-*CVE-2006-3093 ignore (acroread) windows only
+CVE-2006-3113 version (thunderbird, fixed 1.5.0.5)
+CVE-2006-3113 version (seamonkey, fixed 1.0.4) #200455
+CVE-2006-3113 version (firefox, fixed 1.5.0.5)
+CVE-2006-3093 ignore (acroread) windows only
*CVE-2006-3085 version (kernel, fixed 2.6.17.1)
CVE-2006-3084 ignore (krb5) seteuid() calls never fail on linux
CVE-2006-3083 backport (krb5, fixed 1.5.1, 1.4.4)
@@ -771,45 +771,45 @@
*CVE-2006-2920 version (sylpheed-claws, fixed 2.2.2)
*CVE-2006-2916 ignore (arts) not shipped setuid
*CVE-2006-2906 backport (gd) from changelog
-*CVE-2006-2894 VULNERABLE (seamonkey) #194511
-*CVE-2006-2894 VULNERABLE (firefox) https://bugzilla.mozilla.org/show_bug.cgi?id=56236
-*CVE-2006-2842 version (squirrelmail, fixed 1.4.6)
-*CVE-2006-2789 version (evolution, fixed 2.4.X)
-*CVE-2006-2788 version (firefox, fixed 1.5.0.4)
-*CVE-2006-2787 version (thunderbird, fixed 1.5.0.4)
-*CVE-2006-2787 version (firefox, fixed 1.5.0.4)
-*CVE-2006-2786 version (thunderbird, fixed 1.5.0.4)
-*CVE-2006-2786 version (firefox, fixed 1.5.0.4)
-*CVE-2006-2785 version (firefox, fixed 1.5.0.4)
-*CVE-2006-2784 version (firefox, fixed 1.5.0.4)
-*CVE-2006-2783 version (thunderbird, fixed 1.5.0.4)
-*CVE-2006-2783 version (firefox, fixed 1.5.0.4)
-*CVE-2006-2782 version (firefox, fixed 1.5.0.4)
-*CVE-2006-2781 version (thunderbird, fixed 1.5.0.4)
-*CVE-2006-2781 version (seamonkey, fixed 1.0.2-1) #193963
-*CVE-2006-2780 version (thunderbird, fixed 1.5.0.4)
-*CVE-2006-2780 version (firefox, fixed 1.5.0.4)
-*CVE-2006-2779 version (thunderbird, fixed 1.5.0.4)
-*CVE-2006-2779 version (firefox, fixed 1.5.0.4)
-*CVE-2006-2778 version (thunderbird, fixed 1.5.0.4)
-*CVE-2006-2778 version (firefox, fixed 1.5.0.4)
-*CVE-2006-2777 version (seamonkey, fixed 1.0.2-1) #193962
-*CVE-2006-2777 version (firefox, fixed 1.5.0.4)
-*CVE-2006-2776 version (thunderbird, fixed 1.5.0.4)
-*CVE-2006-2776 version (firefox, fixed 1.5.0.4)
-*CVE-2006-2775 version (thunderbird, fixed 1.5.0.4)
-*CVE-2006-2775 version (firefox, fixed 1.5.0.4)
+CVE-2006-2894 VULNERABLE (seamonkey) #194511
+CVE-2006-2894 VULNERABLE (firefox) https://bugzilla.mozilla.org/show_bug.cgi?id=56236
+CVE-2006-2842 version (squirrelmail, fixed 1.4.6)
+CVE-2006-2789 version (evolution, fixed 2.4.X)
+CVE-2006-2788 version (firefox, fixed 1.5.0.4)
+CVE-2006-2787 version (thunderbird, fixed 1.5.0.4)
+CVE-2006-2787 version (firefox, fixed 1.5.0.4)
+CVE-2006-2786 version (thunderbird, fixed 1.5.0.4)
+CVE-2006-2786 version (firefox, fixed 1.5.0.4)
+CVE-2006-2785 version (firefox, fixed 1.5.0.4)
+CVE-2006-2784 version (firefox, fixed 1.5.0.4)
+CVE-2006-2783 version (thunderbird, fixed 1.5.0.4)
+CVE-2006-2783 version (firefox, fixed 1.5.0.4)
+CVE-2006-2782 version (firefox, fixed 1.5.0.4)
+CVE-2006-2781 version (thunderbird, fixed 1.5.0.4)
+CVE-2006-2781 version (seamonkey, fixed 1.0.2-1) #193963
+CVE-2006-2780 version (thunderbird, fixed 1.5.0.4)
+CVE-2006-2780 version (firefox, fixed 1.5.0.4)
+CVE-2006-2779 version (thunderbird, fixed 1.5.0.4)
+CVE-2006-2779 version (firefox, fixed 1.5.0.4)
+CVE-2006-2778 version (thunderbird, fixed 1.5.0.4)
+CVE-2006-2778 version (firefox, fixed 1.5.0.4)
+CVE-2006-2777 version (seamonkey, fixed 1.0.2-1) #193962
+CVE-2006-2777 version (firefox, fixed 1.5.0.4)
+CVE-2006-2776 version (thunderbird, fixed 1.5.0.4)
+CVE-2006-2776 version (firefox, fixed 1.5.0.4)
+CVE-2006-2775 version (thunderbird, fixed 1.5.0.4)
+CVE-2006-2775 version (firefox, fixed 1.5.0.4)
*CVE-2006-2769 patch (snort, fixed 2.4.4-4) #193809
*CVE-2006-2754 ignore (openldap) This issue is not exploitable
*CVE-2006-2753 version (mysql, fixed 5.0.22)
-*CVE-2006-2723 ignore (firefox) disputed
-*CVE-2006-2661 version (freetype, fixed 2.2.1)
+CVE-2006-2723 ignore (firefox) disputed
+CVE-2006-2661 version (freetype, fixed 2.2.1)
CVE-2006-2660 ignore (php) see #195539
*CVE-2006-2658 version (xsp, fixed 1.1.14) #206510
CVE-2006-2657 (php) DUPE CVE-2006-3017
*CVE-2006-2656 backport (libtiff) tiffsplit-overflow.patch
-*CVE-2006-2629 ignore (kernel) couldn't be reproduced on FC
-*CVE-2006-2613 ignore (firefox) This isn't an issue on FC
+CVE-2006-2629 ignore (kernel) couldn't be reproduced on FC
+CVE-2006-2613 ignore (firefox) This isn't an issue on FC
CVE-2006-2607 backport (vixie-cron) vixie-cron-4.1-_48-security.patch
*CVE-2006-2575 patch (netpanzer, fixed 0.8-4) bz#192983
CVE-2006-2563 ignore (php) safe mode isn't safe
@@ -833,7 +833,7 @@
*CVE-2006-2369 version (vnc, fixed 4.1.2)
*CVE-2006-2366 ignore (openobex) we don't ship ircp
*CVE-2006-2362 ignore (binutils) minor crash (not exploitable)
-*CVE-2006-2332 ignore (firefox) disputed
+CVE-2006-2332 ignore (firefox) disputed
*CVE-2006-2314 version (postgresql, fixed 8.1.4)
*CVE-2006-2313 version (postgresql, fixed 8.1.4)
*CVE-2006-2276 version (quagga, fixed 0.98.6)
@@ -858,27 +858,27 @@
CVE-2006-2083 version (rsync, fixed 2.6.8)
CVE-2006-2073 ignore (bind) http://www.kb.cert.org/vuls/id/MIMG-6P8GRP
*CVE-2006-2071 version (kernel, fixed 2.6.16.6)
-*CVE-2006-2057 ignore (firefox) not Linux
-*CVE-2006-2026 version (libtiff, fixed 3.8.1)
-*CVE-2006-2025 version (libtiff, fixed 3.8.1)
-*CVE-2006-2024 version (libtiff, fixed 3.8.1)
-*CVE-2006-2017 version (dnsmasq, fixed 2.30)
+CVE-2006-2057 ignore (firefox) not Linux
+CVE-2006-2026 version (libtiff, fixed 3.8.1)
+CVE-2006-2025 version (libtiff, fixed 3.8.1)
+CVE-2006-2024 version (libtiff, fixed 3.8.1)
+CVE-2006-2017 version (dnsmasq, fixed 2.30)
CVE-2006-2016 version (phpldapadmin, fixed 0.9.8.1)
-*CVE-2006-1993 version (firefox, fixed 1.5.0.3)
+CVE-2006-1993 version (firefox, fixed 1.5.0.3)
CVE-2006-1991 version (php, fixed 5.1.3)
CVE-2006-1990 version (php, fixed 5.1.3)
CVE-2006-1989 version (clamav, fixed 0.88.2)
*CVE-2006-1945 backport (awstats, fixed 6.5-4) bz#190922 awstats-6.5-CVE-2006-1945.patch
-*CVE-2006-1942 version (firefox, fixed 1.5.0.4)
-*CVE-2006-1940 version (wireshark, fixed 0.99.0)
-*CVE-2006-1939 version (wireshark, fixed 0.99.0)
-*CVE-2006-1938 version (wireshark, fixed 0.99.0)
-*CVE-2006-1937 version (wireshark, fixed 0.99.0)
-*CVE-2006-1936 version (wireshark, fixed 0.99.0)
-*CVE-2006-1935 version (wireshark, fixed 0.99.0)
-*CVE-2006-1934 version (wireshark, fixed 0.99.0)
-*CVE-2006-1933 version (wireshark, fixed 0.99.0)
-*CVE-2006-1932 version (wireshark, fixed 0.99.0)
+CVE-2006-1942 version (firefox, fixed 1.5.0.4)
+CVE-2006-1940 version (wireshark, fixed 0.99.0)
+CVE-2006-1939 version (wireshark, fixed 0.99.0)
+CVE-2006-1938 version (wireshark, fixed 0.99.0)
+CVE-2006-1937 version (wireshark, fixed 0.99.0)
+CVE-2006-1936 version (wireshark, fixed 0.99.0)
+CVE-2006-1935 version (wireshark, fixed 0.99.0)
+CVE-2006-1934 version (wireshark, fixed 0.99.0)
+CVE-2006-1933 version (wireshark, fixed 0.99.0)
+CVE-2006-1932 version (wireshark, fixed 0.99.0)
*CVE-2006-1931 version (ruby, fixed 1.8.3)
*CVE-2006-1902 ignore (gcc) not a vulnerability
*CVE-2006-1900 version (amaya, fixed 9.5) bz#190324
@@ -893,70 +893,70 @@
*CVE-2006-1857 version (kernel, fixed 2.6.16.17)
*CVE-2006-1856 version (kernel, fixed 2.6.16.12)
*CVE-2006-1855 version (kernel, fixed 2.6.11.12)
-*CVE-2006-1790 version (thunderbird, fixed 1.5.0.2)
-*CVE-2006-1790 version (firefox, fixed 1.5.0.2)
-*CVE-2006-1742 version (thunderbird, fixed 1.5.0.2)
-*CVE-2006-1742 version (seamonkey, fixed 1.0)
-*CVE-2006-1742 version (firefox, fixed 1.5.0.2)
-*CVE-2006-1741 version (thunderbird, fixed 1.5.0.2)
-*CVE-2006-1741 version (seamonkey, fixed 1.0)
-*CVE-2006-1741 version (firefox, fixed 1.5.0.2)
-*CVE-2006-1740 version (seamonkey, fixed 1.0)
-*CVE-2006-1740 version (firefox, fixed 1.5.0.2)
-*CVE-2006-1739 version (thunderbird, fixed 1.5.0.2)
-*CVE-2006-1739 version (seamonkey, fixed 1.0)
-*CVE-2006-1739 version (firefox, fixed 1.5.0.2)
-*CVE-2006-1738 version (thunderbird, fixed 1.5.0.2)
-*CVE-2006-1738 version (seamonkey, fixed 1.0)
-*CVE-2006-1738 version (firefox, fixed 1.5.0.2)
-*CVE-2006-1737 version (thunderbird, fixed 1.5.0.2)
-*CVE-2006-1737 version (seamonkey, fixed 1.0)
-*CVE-2006-1737 version (firefox, fixed 1.5.0.2)
-*CVE-2006-1736 version (seamonkey, fixed 1.0)
-*CVE-2006-1736 version (firefox, fixed 1.5.0.2)
-*CVE-2006-1735 version (thunderbird, fixed 1.5.0.2)
-*CVE-2006-1735 version (seamonkey, fixed 1.0)
-*CVE-2006-1735 version (firefox, fixed 1.5.0.2)
-*CVE-2006-1734 version (thunderbird, fixed 1.5.0.2)
-*CVE-2006-1734 version (seamonkey, fixed 1.0)
-*CVE-2006-1734 version (firefox, fixed 1.5.0.2)
-*CVE-2006-1733 version (thunderbird, fixed 1.5.0.2)
-*CVE-2006-1733 version (seamonkey, fixed 1.0)
-*CVE-2006-1733 version (firefox, fixed 1.5.0.2)
-*CVE-2006-1732 version (thunderbird, fixed 1.5.0.2)
-*CVE-2006-1732 version (seamonkey, fixed 1.0)
-*CVE-2006-1732 version (firefox, fixed 1.5.0.2)
-*CVE-2006-1731 version (thunderbird, fixed 1.5.0.2)
-*CVE-2006-1731 version (seamonkey, fixed 1.0)
-*CVE-2006-1731 version (firefox, fixed 1.5.0.2)
-*CVE-2006-1730 version (thunderbird, fixed 1.5.0.2)
-*CVE-2006-1730 version (seamonkey, fixed 1.0.1)
-*CVE-2006-1730 version (firefox, fixed 1.5.0.2)
-*CVE-2006-1729 version (seamonkey, fixed 1.0.1)
-*CVE-2006-1729 version (firefox, fixed 1.5.0.2)
-*CVE-2006-1728 version (thunderbird, fixed 1.5.0.2)
-*CVE-2006-1728 version (seamonkey, fixed 1.0.1)
-*CVE-2006-1728 version (firefox, fixed 1.5.0.2)
-*CVE-2006-1727 version (thunderbird, fixed 1.5.0.2)
-*CVE-2006-1727 version (seamonkey, fixed 1.0.1)
-*CVE-2006-1727 version (firefox, fixed 1.5.0.2)
-*CVE-2006-1726 version (thunderbird, fixed 1.5.0.2)
-*CVE-2006-1726 version (seamonkey, fixed 1.0.1)
-*CVE-2006-1726 version (firefox, fixed 1.5.0.2)
-*CVE-2006-1725 version (seamonkey, fixed 1.0.1)
-*CVE-2006-1725 version (firefox, fixed 1.5.0.2)
-*CVE-2006-1724 version (thunderbird, fixed 1.5.0.2)
-*CVE-2006-1724 version (seamonkey, fixed 1.0.1)
-*CVE-2006-1724 version (firefox, fixed 1.5.0.2)
-*CVE-2006-1723 version (thunderbird, fixed 1.5.0.2)
-*CVE-2006-1723 version (seamonkey, fixed 1.0.1)
-*CVE-2006-1723 version (firefox, fixed 1.5.0.2)
+CVE-2006-1790 version (thunderbird, fixed 1.5.0.2)
+CVE-2006-1790 version (firefox, fixed 1.5.0.2)
+CVE-2006-1742 version (thunderbird, fixed 1.5.0.2)
+CVE-2006-1742 version (seamonkey, fixed 1.0)
+CVE-2006-1742 version (firefox, fixed 1.5.0.2)
+CVE-2006-1741 version (thunderbird, fixed 1.5.0.2)
+CVE-2006-1741 version (seamonkey, fixed 1.0)
+CVE-2006-1741 version (firefox, fixed 1.5.0.2)
+CVE-2006-1740 version (seamonkey, fixed 1.0)
+CVE-2006-1740 version (firefox, fixed 1.5.0.2)
+CVE-2006-1739 version (thunderbird, fixed 1.5.0.2)
+CVE-2006-1739 version (seamonkey, fixed 1.0)
+CVE-2006-1739 version (firefox, fixed 1.5.0.2)
+CVE-2006-1738 version (thunderbird, fixed 1.5.0.2)
+CVE-2006-1738 version (seamonkey, fixed 1.0)
+CVE-2006-1738 version (firefox, fixed 1.5.0.2)
+CVE-2006-1737 version (thunderbird, fixed 1.5.0.2)
+CVE-2006-1737 version (seamonkey, fixed 1.0)
+CVE-2006-1737 version (firefox, fixed 1.5.0.2)
+CVE-2006-1736 version (seamonkey, fixed 1.0)
+CVE-2006-1736 version (firefox, fixed 1.5.0.2)
+CVE-2006-1735 version (thunderbird, fixed 1.5.0.2)
+CVE-2006-1735 version (seamonkey, fixed 1.0)
+CVE-2006-1735 version (firefox, fixed 1.5.0.2)
+CVE-2006-1734 version (thunderbird, fixed 1.5.0.2)
+CVE-2006-1734 version (seamonkey, fixed 1.0)
+CVE-2006-1734 version (firefox, fixed 1.5.0.2)
+CVE-2006-1733 version (thunderbird, fixed 1.5.0.2)
+CVE-2006-1733 version (seamonkey, fixed 1.0)
+CVE-2006-1733 version (firefox, fixed 1.5.0.2)
+CVE-2006-1732 version (thunderbird, fixed 1.5.0.2)
+CVE-2006-1732 version (seamonkey, fixed 1.0)
+CVE-2006-1732 version (firefox, fixed 1.5.0.2)
+CVE-2006-1731 version (thunderbird, fixed 1.5.0.2)
+CVE-2006-1731 version (seamonkey, fixed 1.0)
+CVE-2006-1731 version (firefox, fixed 1.5.0.2)
+CVE-2006-1730 version (thunderbird, fixed 1.5.0.2)
+CVE-2006-1730 version (seamonkey, fixed 1.0.1)
+CVE-2006-1730 version (firefox, fixed 1.5.0.2)
+CVE-2006-1729 version (seamonkey, fixed 1.0.1)
+CVE-2006-1729 version (firefox, fixed 1.5.0.2)
+CVE-2006-1728 version (thunderbird, fixed 1.5.0.2)
+CVE-2006-1728 version (seamonkey, fixed 1.0.1)
+CVE-2006-1728 version (firefox, fixed 1.5.0.2)
+CVE-2006-1727 version (thunderbird, fixed 1.5.0.2)
+CVE-2006-1727 version (seamonkey, fixed 1.0.1)
+CVE-2006-1727 version (firefox, fixed 1.5.0.2)
+CVE-2006-1726 version (thunderbird, fixed 1.5.0.2)
+CVE-2006-1726 version (seamonkey, fixed 1.0.1)
+CVE-2006-1726 version (firefox, fixed 1.5.0.2)
+CVE-2006-1725 version (seamonkey, fixed 1.0.1)
+CVE-2006-1725 version (firefox, fixed 1.5.0.2)
+CVE-2006-1724 version (thunderbird, fixed 1.5.0.2)
+CVE-2006-1724 version (seamonkey, fixed 1.0.1)
+CVE-2006-1724 version (firefox, fixed 1.5.0.2)
+CVE-2006-1723 version (thunderbird, fixed 1.5.0.2)
+CVE-2006-1723 version (seamonkey, fixed 1.0.1)
+CVE-2006-1723 version (firefox, fixed 1.5.0.2)
*CVE-2006-1721 version (cyrus-sasl, fixed 2.1.21)
*CVE-2006-1712 version (mailman, only 2.1.7)
*CVE-2006-1711 version (plone, fixed 2.1.2) bz#188886
*CVE-2006-1695 patch (fbida, fixed 2.03-11) bz#189721
*CVE-2006-1656 version (util-vserver, fixed 0.30.210)
-*CVE-2006-1650 ignore (firefox) a number of reports don't confirm this
+CVE-2006-1650 ignore (firefox) a number of reports don't confirm this
*CVE-2006-1646 ignore (ipsec-tools) KAME racoon, not ipsec-tools racoon
CVE-2006-1630 version (clamav, fixed 0.88.1) bz#188286
*CVE-2006-1629 version (openvpn, fixed 2.0.6) bz#188050
@@ -972,18 +972,18 @@
*CVE-2006-1547 version (struts, fixed 1.2.9)
*CVE-2006-1546 version (struts, fixed 1.2.9)
*CVE-2006-1542 backport (python) python-2.4.1-canonicalize.patch
-*CVE-2006-1539 ignore (bsd-games, Gentoo-specific problem)
-*CVE-2006-1531 version (thunderbird, fixed 1.5.0.2)
-*CVE-2006-1531 version (seamonkey, fixed 1.0.1)
-*CVE-2006-1531 version (firefox, fixed 1.5.0.2)
-*CVE-2006-1530 version (thunderbird, fixed 1.5.0.2)
-*CVE-2006-1530 version (seamonkey, fixed 1.0.1)
-*CVE-2006-1530 version (firefox, fixed 1.5.0.2)
-*CVE-2006-1529 version (thunderbird, fixed 1.5.0.2)
-*CVE-2006-1529 version (seamonkey, fixed 1.0.1)
-*CVE-2006-1529 version (firefox, fixed 1.5.0.2)
-*CVE-2006-1528 version (kernel, fixed 2.6.13)
-*CVE-2006-1527 version (kernel, fixed 2.6.17)
+CVE-2006-1539 ignore (bsd-games, Gentoo-specific problem)
+CVE-2006-1531 version (thunderbird, fixed 1.5.0.2)
+CVE-2006-1531 version (seamonkey, fixed 1.0.1)
+CVE-2006-1531 version (firefox, fixed 1.5.0.2)
+CVE-2006-1530 version (thunderbird, fixed 1.5.0.2)
+CVE-2006-1530 version (seamonkey, fixed 1.0.1)
+CVE-2006-1530 version (firefox, fixed 1.5.0.2)
+CVE-2006-1529 version (thunderbird, fixed 1.5.0.2)
+CVE-2006-1529 version (seamonkey, fixed 1.0.1)
+CVE-2006-1529 version (firefox, fixed 1.5.0.2)
+CVE-2006-1528 version (kernel, fixed 2.6.13)
+CVE-2006-1527 version (kernel, fixed 2.6.17)
*CVE-2006-1526 version (xorg-x11-server, fixed 1.1.1 at least)
*CVE-2006-1525 version (kernel, fixed 2.6.16.8)
*CVE-2006-1524 version (kernel, fixed 2.6.16.7)
@@ -1005,7 +1005,7 @@
*CVE-2006-1335 version (gnome-screensaver, fixed 2.14)
*CVE-2006-1329 version (jabberd, fixed 2.0s11)
*CVE-2006-1296 version (beagle, fixed 0.2.4)
-*CVE-2006-1273 ignore (firefox) this issue only affects IE
+CVE-2006-1273 ignore (firefox) this issue only affects IE
*CVE-2006-1269 patch (zoo, fixed 2.10-7) bz#183109
*CVE-2006-1251 ignore (exim-sa, configuration not vulnerable) bz#191082
*CVE-2006-1242 version (kernel, fixed 2.6.16.1)
@@ -1043,14 +1043,14 @@
*CVE-2006-0814 ignore (lighttpd, Windows-specific problem)
*CVE-2006-0804 ignore (tin, <= 1.8.0 not shipped)
*CVE-2006-0760 version (lighttpd, fixed 1.4.10)
-*CVE-2006-0749 version (thunderbird, fixed 1.5.0.2)
-*CVE-2006-0749 version (seamonkey, fixed 1.0)
-*CVE-2006-0749 version (firefox, fixed 1.5.0.2)
-*CVE-2006-0748 version (thunderbird, fixed 1.5.0.2)
-*CVE-2006-0748 version (seamonkey, fixed 1.0.1)
-*CVE-2006-0748 version (firefox, fixed 1.5.0.2)
-*CVE-2006-0747 version (freetype, fixed 2.2.1)
-*CVE-2006-0746 version (kdegraphics, fixed 3.4)
+CVE-2006-0749 version (thunderbird, fixed 1.5.0.2)
+CVE-2006-0749 version (seamonkey, fixed 1.0)
+CVE-2006-0749 version (firefox, fixed 1.5.0.2)
+CVE-2006-0748 version (thunderbird, fixed 1.5.0.2)
+CVE-2006-0748 version (seamonkey, fixed 1.0.1)
+CVE-2006-0748 version (firefox, fixed 1.5.0.2)
+CVE-2006-0747 version (freetype, fixed 2.2.1)
+CVE-2006-0746 version (kdegraphics, fixed 3.4)
*CVE-2006-0745 version (xorg-x11-server, fixed 1.1.1 at least)
*CVE-2006-0744 version (kernel, fixed 2.6.16.5)
*CVE-2006-0743 (log4net)
@@ -1072,7 +1072,7 @@
*CVE-2006-0554 version (kernel, fixed 2.6.16)
*CVE-2006-0553 version (postgresql, only 8.1, fixed 8.1.3)
*CVE-2006-0528 version (cairo, fixed 1.0.4)
-*CVE-2006-0496 VULNERABLE (firefox) https://bugzilla.mozilla.org/show_bug.cgi?id=324253
+CVE-2006-0496 VULNERABLE (firefox) https://bugzilla.mozilla.org/show_bug.cgi?id=324253
*CVE-2006-0482 ignore (kernel) sparc only
*CVE-2006-0481 version (libpng, 1.2.7 only)
*CVE-2006-0459 version (flex) by inspection
@@ -1093,30 +1093,30 @@
*CVE-2006-0301 version (poppler, fixed 0.4.5)
*CVE-2006-0301 version (kdegraphics, fixed 3.5.2)
*CVE-2006-0300 version (tar, fixed 1.15.90 at least)
-*CVE-2006-0299 version (thunderbird, fixed 1.5)
-*CVE-2006-0299 version (seamonkey, fixed 1.0)
-*CVE-2006-0299 version (firefox, fixed 1.5.0.1)
-*CVE-2006-0298 version (thunderbird, fixed 1.5)
-*CVE-2006-0298 version (seamonkey, fixed 1.0)
-*CVE-2006-0298 version (firefox, fixed 1.5.0.1)
-*CVE-2006-0297 version (thunderbird, fixed 1.5)
-*CVE-2006-0297 version (seamonkey, fixed 1.0)
-*CVE-2006-0297 version (firefox, fixed 1.5.0.1)
-*CVE-2006-0296 version (thunderbird, fixed 1.5)
-*CVE-2006-0296 version (seamonkey, fixed 1.0)
-*CVE-2006-0296 version (firefox, fixed 1.5.0.1)
-*CVE-2006-0295 version (thunderbird, fixed 1.5)
-*CVE-2006-0295 version (seamonkey, fixed 1.0)
-*CVE-2006-0295 version (firefox, fixed 1.5.0.1)
-*CVE-2006-0294 version (thunderbird, fixed 1.5)
-*CVE-2006-0294 version (seamonkey, fixed 1.0)
-*CVE-2006-0294 version (firefox, fixed 1.5.0.1)
-*CVE-2006-0293 version (thunderbird, fixed 1.5)
-*CVE-2006-0293 version (firefox, fixed 1.5.0.1)
-*CVE-2006-0292 version (thunderbird, fixed 1.5)
-*CVE-2006-0292 version (firefox, fixed 1.5.1)
+CVE-2006-0299 version (thunderbird, fixed 1.5)
+CVE-2006-0299 version (seamonkey, fixed 1.0)
+CVE-2006-0299 version (firefox, fixed 1.5.0.1)
+CVE-2006-0298 version (thunderbird, fixed 1.5)
+CVE-2006-0298 version (seamonkey, fixed 1.0)
+CVE-2006-0298 version (firefox, fixed 1.5.0.1)
+CVE-2006-0297 version (thunderbird, fixed 1.5)
+CVE-2006-0297 version (seamonkey, fixed 1.0)
+CVE-2006-0297 version (firefox, fixed 1.5.0.1)
+CVE-2006-0296 version (thunderbird, fixed 1.5)
+CVE-2006-0296 version (seamonkey, fixed 1.0)
+CVE-2006-0296 version (firefox, fixed 1.5.0.1)
+CVE-2006-0295 version (thunderbird, fixed 1.5)
+CVE-2006-0295 version (seamonkey, fixed 1.0)
+CVE-2006-0295 version (firefox, fixed 1.5.0.1)
+CVE-2006-0294 version (thunderbird, fixed 1.5)
+CVE-2006-0294 version (seamonkey, fixed 1.0)
+CVE-2006-0294 version (firefox, fixed 1.5.0.1)
+CVE-2006-0293 version (thunderbird, fixed 1.5)
+CVE-2006-0293 version (firefox, fixed 1.5.0.1)
+CVE-2006-0292 version (thunderbird, fixed 1.5)
+CVE-2006-0292 version (firefox, fixed 1.5.1)
*CVE-2006-0254 version (tomcat5, fixed 5.5.16)
-*CVE-2006-0236 ignore (thunderbird) windows only
+CVE-2006-0236 ignore (thunderbird) windows only
CVE-2006-0225 version (openssh, fixed 4.3p2) #168167
CVE-2006-0208 version (php, fixed 5.1.2)
CVE-2006-0207 version (php, fixed 5.1.2)
@@ -1154,7 +1154,7 @@
CVE-2005-4837 version (net-snmp, fixed 5.2.2)
*CVE-2005-4836 (tomcat)
*CVE-2005-4811 version (kernel, fixed 2.6.13)
-*CVE-2005-4809 VULNERABLE (firefox)
+CVE-2005-4809 VULNERABLE (firefox)
*CVE-2005-4808 ignore (binutils, gas fixed 20050714) this is a bug
*CVE-2005-4807 ignore (binutils, gas fixed 20050721) this is a bug
*CVE-2005-4803 version (graphviz, fixed 2.2.1)
@@ -1163,11 +1163,11 @@
*CVE-2005-4746 version (freeradius, fixed 1.0.5)
*CVE-2005-4745 version (freeradius, fixed 1.0.5)
*CVE-2005-4744 version (freeradius, fixed 1.0.5)
-*CVE-2005-4720 version (thunderbird, fixed 1.5)
-*CVE-2005-4720 version (firefox, fixed 1.5)
+CVE-2005-4720 version (thunderbird, fixed 1.5)
+CVE-2005-4720 version (firefox, fixed 1.5)
*CVE-2005-4703 ignore (tomcat) windows only
-*CVE-2005-4685 ignore (firefox) not fixed upstream, low, can't fix
-*CVE-2005-4684 ignore (kdebase) not fixed upstream, low, can't fix
+CVE-2005-4685 ignore (firefox) not fixed upstream, low, can't fix
+CVE-2005-4684 ignore (kdebase) not fixed upstream, low, can't fix
*CVE-2005-4667 backport (unzip) changelog
*CVE-2005-4639 version (kernel, fixed 2.6.15)
*CVE-2005-4636 version (openoffice.org, fixed 2.0.1)
@@ -1175,7 +1175,7 @@
*CVE-2005-4618 version (kernel, fixed 2.6.15)
*CVE-2005-4605 version (kernel, fixed 2.6.15)
*CVE-2005-4601 (ImageMagick)
-*CVE-2005-4585 version (wireshark, fixed 0.10.14)
+CVE-2005-4585 version (wireshark, fixed 0.10.14)
*CVE-2005-4442 version (openldap) gentoo only
*CVE-2005-4352 version (kernel, fixed 2.6.18.3) [since FEDORA-2006-1471]
*CVE-2005-4348 version (fetchmail, fixed 6.3.1)
@@ -1183,13 +1183,13 @@
CVE-2005-4158 ignore (sudo) only env_reset will properly clean the environment
CVE-2005-4154 ignore (php) don't install untrusted pear packages
*CVE-2005-4153 version (mailman)
-*CVE-2005-4134 ignore (firefox) http://www.mozilla.org/security/history-title.html
+CVE-2005-4134 ignore (firefox) http://www.mozilla.org/security/history-title.html
*CVE-2005-4130 (helixplayer)
*CVE-2005-4126 (helixplayer)
*CVE-2005-4077 version (curl, fixed 7.15.1)
*CVE-2005-3964 (openmotif)
*CVE-2005-3962 version (perl, fixed 5.8.8)
-*CVE-2005-3896 (firefox,seamonkey,thunderbird)
+CVE-2005-3896 (firefox,seamonkey,thunderbird)
*CVE-2005-3891 (pidgin)
*CVE-2005-3890 (pidgin)
*CVE-2005-3889 (pidgin)
@@ -1199,7 +1199,7 @@
*CVE-2005-3857 version (kernel, fixed 2.6.15)
*CVE-2005-3848 version (kernel, fixed 2.6.13)
*CVE-2005-3847 version (kernel, fixed 2.6.12.6)
-*CVE-2005-3812 (firefox,seamonkey,thunderbird)
+CVE-2005-3812 (firefox,seamonkey,thunderbird)
*CVE-2005-3810 version (kernel, fixed 2.6.15)
*CVE-2005-3809 version (kernel, fixed 2.6.15)
*CVE-2005-3808 version (kernel, fixed 2.6.15)
@@ -1215,7 +1215,7 @@
*CVE-2005-3671 version (openswan, fixed 2.4.4)
*CVE-2005-3662 version (netpbm)
*CVE-2005-3656 version (mod_auth_pgsql, fixed 2.0.3)
-*CVE-2005-3651 version (wireshark, fixed 0.10.14)
+CVE-2005-3651 version (wireshark, fixed 0.10.14)
*CVE-2005-3632 version (netpbm)
*CVE-2005-3631 version (udev)
*CVE-2005-3630 (fedora directory server)
@@ -1263,7 +1263,7 @@
*CVE-2005-3350 (libungif)
CVE-2005-3322 version (squid) not upstream, SUSE only
CVE-2005-3319 ignore (mod_php) no security consequence
-*CVE-2005-3313 version (wireshark, fixed after 0.10.13)
+CVE-2005-3313 version (wireshark, fixed after 0.10.13)
*CVE-2005-3276 version (kernel, fixed 2.6.12.4)
*CVE-2005-3275 version (kernel, fixed 2.6.13)
*CVE-2005-3274 version (kernel, fixed 2.6.13)
@@ -1273,15 +1273,15 @@
*CVE-2005-3269 (fedora directory server)
CVE-2005-3258 version (squid, fixed 2.5STABLE12)
*CVE-2005-3257 version (kernel, fixed 2.6.15)
-*CVE-2005-3249 version (wireshark, fixed 0.10.13)
-*CVE-2005-3248 version (wireshark, fixed 0.10.13)
-*CVE-2005-3247 version (wireshark, fixed 0.10.13)
-*CVE-2005-3246 version (wireshark, fixed 0.10.13)
-*CVE-2005-3245 version (wireshark, fixed 0.10.13)
-*CVE-2005-3244 version (wireshark, fixed 0.10.13)
-*CVE-2005-3243 version (wireshark, fixed 0.10.13)
-*CVE-2005-3242 version (wireshark, fixed 0.10.13)
-*CVE-2005-3241 version (wireshark, fixed 0.10.13)
+CVE-2005-3249 version (wireshark, fixed 0.10.13)
+CVE-2005-3248 version (wireshark, fixed 0.10.13)
+CVE-2005-3247 version (wireshark, fixed 0.10.13)
+CVE-2005-3246 version (wireshark, fixed 0.10.13)
+CVE-2005-3245 version (wireshark, fixed 0.10.13)
+CVE-2005-3244 version (wireshark, fixed 0.10.13)
+CVE-2005-3243 version (wireshark, fixed 0.10.13)
+CVE-2005-3242 version (wireshark, fixed 0.10.13)
+CVE-2005-3241 version (wireshark, fixed 0.10.13)
*CVE-2005-3193 version (poppler, fixed 0.4.4)
*CVE-2005-3193 version (kdegraphics, fixed 3.5.1)
CVE-2005-3193 version (cups, fixed 1.2.0)
@@ -1297,7 +1297,7 @@
*CVE-2005-3186 version (gtk2, fixed 2.8.7 at least)
*CVE-2005-3185 version (wget, fixed 1.10.2 at least)
*CVE-2005-3185 version (curl, fixed 7.15)
-*CVE-2005-3184 version (wireshark, fixed 0.10.13)
+CVE-2005-3184 version (wireshark, fixed 0.10.13)
*CVE-2005-3183 (w3c-libwww)
*CVE-2005-3181 version (kernel, fixed 2.6.13.4)
*CVE-2005-3180 version (kernel, fixed 2.6.13.4)
@@ -1311,7 +1311,7 @@
*CVE-2005-3107 version (kernel, fixed 2.6.11)
*CVE-2005-3106 version (kernel, fixed 2.6.11)
*CVE-2005-3105 version (kernel, fixed 2.6.12)
-*CVE-2005-3089 version (firefox, fixed 1.0.7)
+CVE-2005-3089 version (firefox, fixed 1.0.7)
*CVE-2005-3088 ignore (fetchmail) fetchmailconf not shipped
*CVE-2005-3055 version (kernel, fixed 2.6.14)
CVE-2005-3054 ignore (php)
@@ -1328,8 +1328,8 @@
*CVE-2005-2970 version (httpd, not 2.2)
*CVE-2005-2969 version (openssl, fixed 0.9.8a)
*CVE-2005-2969 backport (openssl097a, fixed 0.9.7h)
-*CVE-2005-2968 version (thunderbird)
-*CVE-2005-2968 version (firefox)
+CVE-2005-2968 version (thunderbird)
+CVE-2005-2968 version (firefox)
CVE-2005-2959 ignore (sudo) not a vulnerability
*CVE-2005-2958 (libgda)
*CVE-2005-2946 version (openssl, fixed 0.9.8)
@@ -1341,8 +1341,8 @@
CVE-2005-2874 version (cups, fixed 1.1.23)
*CVE-2005-2873 version (kernel, fixed 2.6.18-rc1)
*CVE-2005-2872 version (kernel, fixed 2.6.12)
-*CVE-2005-2871 version (thunderbird)
-*CVE-2005-2871 version (firefox, fixed 1.0.7)
+CVE-2005-2871 version (thunderbird)
+CVE-2005-2871 version (firefox, fixed 1.0.7)
CVE-2005-2811 version (net-snmp) not upstream, gentoo only
*CVE-2005-2801 version (kernel, fixed 2.6.11)
*CVE-2005-2800 version (kernel, fixed 2.6.12.6)
@@ -1354,19 +1354,19 @@
*CVE-2005-2710 (helixplayer)
*CVE-2005-2709 version (kernel, fixed 2.6.14.3)
*CVE-2005-2708 ignore (kernel) not reproducable on x86_64
-*CVE-2005-2707 version (thunderbird)
-*CVE-2005-2707 version (firefox, fixed 1.0.7)
-*CVE-2005-2706 version (thunderbird)
-*CVE-2005-2706 version (firefox, fixed 1.0.7)
-*CVE-2005-2705 version (thunderbird)
-*CVE-2005-2705 version (firefox, fixed 1.0.7)
-*CVE-2005-2704 version (thunderbird)
-*CVE-2005-2704 version (firefox, fixed 1.0.7)
-*CVE-2005-2703 version (thunderbird)
-*CVE-2005-2703 version (firefox, fixed 1.0.7)
-*CVE-2005-2702 version (thunderbird)
-*CVE-2005-2702 version (firefox, fixed 1.0.7)
-*CVE-2005-2701 version (firefox, fixed 1.0.7)
+CVE-2005-2707 version (thunderbird)
+CVE-2005-2707 version (firefox, fixed 1.0.7)
+CVE-2005-2706 version (thunderbird)
+CVE-2005-2706 version (firefox, fixed 1.0.7)
+CVE-2005-2705 version (thunderbird)
+CVE-2005-2705 version (firefox, fixed 1.0.7)
+CVE-2005-2704 version (thunderbird)
+CVE-2005-2704 version (firefox, fixed 1.0.7)
+CVE-2005-2703 version (thunderbird)
+CVE-2005-2703 version (firefox, fixed 1.0.7)
+CVE-2005-2702 version (thunderbird)
+CVE-2005-2702 version (firefox, fixed 1.0.7)
+CVE-2005-2701 version (firefox, fixed 1.0.7)
*CVE-2005-2700 version (httpd, not 2.2)
*CVE-2005-2693 backport (cvs) cvs-1.11.19-tmp.patch
*CVE-2005-2672 version (lm_sensors, fixed 2.9.2)
@@ -1376,8 +1376,8 @@
*CVE-2005-2629 (helixplayer)
CVE-2005-2628 ignore, no-ship (flash-plugin)
*CVE-2005-2617 version (kernel, fixed 2.6.12.5)
-*CVE-2005-2602 ignore (thunderbird) probably
-*CVE-2005-2602 ignore (firefox) https://bugzilla.mozilla.org/show_bug.cgi?id=237085
+CVE-2005-2602 ignore (thunderbird) probably
+CVE-2005-2602 ignore (firefox) https://bugzilla.mozilla.org/show_bug.cgi?id=237085
*CVE-2005-2558 version (mysql, fixed 4.1.13)
*CVE-2005-2558 ignore (mysql) not an issue
*CVE-2005-2555 version (kernel, fixed 2.6.12.6)
@@ -1407,39 +1407,39 @@
*CVE-2005-2452 version (libtiff, fixed 3.7.0)
*CVE-2005-2448 version (kdenetwork, fixed 3.4.2)
*CVE-2005-2410 version (NetworkManager, fixed 5.0)
-*CVE-2005-2395 ignore (firefox) https://bugzilla.mozilla.org/show_bug.cgi?id=281851
+CVE-2005-2395 ignore (firefox) https://bugzilla.mozilla.org/show_bug.cgi?id=281851
*CVE-2005-2370 version (kdenetwork, fixed 3.4.2)
CVE-2005-2370 version (gaim, fixed gaim:1.5.0)
*CVE-2005-2369 version (kdenetwork, fixed 3.4.2)
*CVE-2005-2368 version (vim, fixed 6.3.086 at least)
-*CVE-2005-2367 version (wireshark, fixed 0.10.12)
-*CVE-2005-2366 version (wireshark, fixed 0.10.12)
-*CVE-2005-2365 version (wireshark, fixed 0.10.12)
-*CVE-2005-2364 version (wireshark, fixed 0.10.12)
-*CVE-2005-2363 version (wireshark, fixed 0.10.12)
-*CVE-2005-2362 version (wireshark, fixed 0.10.12)
-*CVE-2005-2361 version (wireshark, fixed 0.10.12)
-*CVE-2005-2360 version (wireshark, fixed 0.10.12)
+CVE-2005-2367 version (wireshark, fixed 0.10.12)
+CVE-2005-2366 version (wireshark, fixed 0.10.12)
+CVE-2005-2365 version (wireshark, fixed 0.10.12)
+CVE-2005-2364 version (wireshark, fixed 0.10.12)
+CVE-2005-2363 version (wireshark, fixed 0.10.12)
+CVE-2005-2362 version (wireshark, fixed 0.10.12)
+CVE-2005-2361 version (wireshark, fixed 0.10.12)
+CVE-2005-2360 version (wireshark, fixed 0.10.12)
*CVE-2005-2353 ignore (thunderbird) debug mode only
*CVE-2005-2337 version (ruby, fixed 1.8.3)
*CVE-2005-2335 version (fetchmail, fixed 6.2.5.2)
*CVE-2005-2295 patch (netpanzer, fixed 0.8-4) bz#192990
-*CVE-2005-2270 version (thunderbird, fixed 1.0.5)
-*CVE-2005-2270 version (firefox, fixed 1.0.5)
-*CVE-2005-2269 version (thunderbird, fixed 1.0.5)
-*CVE-2005-2269 version (firefox, fixed 1.0.5)
-*CVE-2005-2268 version (firefox, fixed 1.0.5)
-*CVE-2005-2267 version (firefox, fixed 1.0.5)
-*CVE-2005-2266 version (thunderbird, fixed 1.0.5)
-*CVE-2005-2266 version (firefox, fixed 1.0.5)
-*CVE-2005-2265 version (thunderbird, fixed 1.0.5)
-*CVE-2005-2265 version (firefox, fixed 1.0.5)
-*CVE-2005-2264 version (firefox, fixed 1.0.5)
-*CVE-2005-2263 version (firefox, fixed 1.0.5)
-*CVE-2005-2262 version (firefox, fixed 1.0.5)
-*CVE-2005-2261 version (thunderbird, fixed 1.0.5)
-*CVE-2005-2261 version (firefox, fixed 1.0.5)
-*CVE-2005-2260 version (firefox, fixed 1.0.5)
+CVE-2005-2270 version (thunderbird, fixed 1.0.5)
+CVE-2005-2270 version (firefox, fixed 1.0.5)
+CVE-2005-2269 version (thunderbird, fixed 1.0.5)
+CVE-2005-2269 version (firefox, fixed 1.0.5)
+CVE-2005-2268 version (firefox, fixed 1.0.5)
+CVE-2005-2267 version (firefox, fixed 1.0.5)
+CVE-2005-2266 version (thunderbird, fixed 1.0.5)
+CVE-2005-2266 version (firefox, fixed 1.0.5)
+CVE-2005-2265 version (thunderbird, fixed 1.0.5)
+CVE-2005-2265 version (firefox, fixed 1.0.5)
+CVE-2005-2264 version (firefox, fixed 1.0.5)
+CVE-2005-2263 version (firefox, fixed 1.0.5)
+CVE-2005-2262 version (firefox, fixed 1.0.5)
+CVE-2005-2261 version (thunderbird, fixed 1.0.5)
+CVE-2005-2261 version (firefox, fixed 1.0.5)
+CVE-2005-2260 version (firefox, fixed 1.0.5)
CVE-2005-2177 version (net-snmp, fixed 5.2.1.2)
*CVE-2005-2114 version (firefox, fixed 1.0.5)
*CVE-2005-2104 version (sysreport, fixed 1.4.1-5)
@@ -1460,7 +1460,7 @@
*CVE-2005-2023 version (gnupg, only 1.9.14)
CVE-2005-1993 version (sudo, fixed 1.6.8p9)
*CVE-2005-1992 version (ruby, fixed 1.8.3 at least)
-*CVE-2005-1937 version (firefox, fixed 1.0.5)
+CVE-2005-1937 version (firefox, fixed 1.0.5)
CVE-2005-1934 version (gaim, fixed gaim:1.5.0)
CVE-2005-1921 version (php, fixed xml_rpc:1.3.1)
*CVE-2005-1920 version (kdelibs, fixed 3.4.1)
@@ -1497,27 +1497,27 @@
CVE-2005-1571 version (php, fixed shtool 2.0.2)
*CVE-2005-1544 version (libtiff, fixed 3.7.1 at least)
*CVE-2005-1532 version (thunderbird)
-*CVE-2005-1532 version (firefox, fixed 1.0.4)
-*CVE-2005-1531 version (firefox, fixed 1.0.4)
+CVE-2005-1532 version (firefox, fixed 1.0.4)
+CVE-2005-1531 version (firefox, fixed 1.0.4)
CVE-2005-1519 version (squid, fixed 2.5.STABLE10)
-*CVE-2005-1476 (firefox,seamonkey,thunderbird)
-*CVE-2005-1470 version (wireshark, fixed 0.10.11)
-*CVE-2005-1469 version (wireshark, fixed 0.10.11)
-*CVE-2005-1468 version (wireshark, fixed 0.10.11)
-*CVE-2005-1467 version (wireshark, fixed 0.10.11)
-*CVE-2005-1466 version (wireshark, fixed 0.10.11)
-*CVE-2005-1465 version (wireshark, fixed 0.10.11)
-*CVE-2005-1464 version (wireshark, fixed 0.10.11)
-*CVE-2005-1463 version (wireshark, fixed 0.10.11)
-*CVE-2005-1462 version (wireshark, fixed 0.10.11)
-*CVE-2005-1461 version (wireshark, fixed 0.10.11)
-*CVE-2005-1460 version (wireshark, fixed 0.10.11)
-*CVE-2005-1459 version (wireshark, fixed 0.10.11)
-*CVE-2005-1458 version (wireshark, fixed 0.10.11)
-*CVE-2005-1457 version (wireshark, fixed 0.10.11)
-*CVE-2005-1456 version (wireshark, fixed 0.10.11)
-*CVE-2005-1455 version (freeradius, fixed 1.0.3)
-*CVE-2005-1454 version (freeradius, fixed 1.0.3)
+CVE-2005-1476 (firefox,seamonkey,thunderbird)
+CVE-2005-1470 version (wireshark, fixed 0.10.11)
+CVE-2005-1469 version (wireshark, fixed 0.10.11)
+CVE-2005-1468 version (wireshark, fixed 0.10.11)
+CVE-2005-1467 version (wireshark, fixed 0.10.11)
+CVE-2005-1466 version (wireshark, fixed 0.10.11)
+CVE-2005-1465 version (wireshark, fixed 0.10.11)
+CVE-2005-1464 version (wireshark, fixed 0.10.11)
+CVE-2005-1463 version (wireshark, fixed 0.10.11)
+CVE-2005-1462 version (wireshark, fixed 0.10.11)
+CVE-2005-1461 version (wireshark, fixed 0.10.11)
+CVE-2005-1460 version (wireshark, fixed 0.10.11)
+CVE-2005-1459 version (wireshark, fixed 0.10.11)
+CVE-2005-1458 version (wireshark, fixed 0.10.11)
+CVE-2005-1457 version (wireshark, fixed 0.10.11)
+CVE-2005-1456 version (wireshark, fixed 0.10.11)
+CVE-2005-1455 version (freeradius, fixed 1.0.3)
+CVE-2005-1454 version (freeradius, fixed 1.0.3)
*CVE-2005-1431 version (gnutls, fixed 1.0.25)
*CVE-2005-1410 version (postgresql, fixed 8.0.2)
*CVE-2005-1409 version (postgresql, fixed 8.0.1)
@@ -1525,7 +1525,7 @@
*CVE-2005-1368 version (kernel, fixed 2.6.12)
CVE-2005-1345 version (squid, fixed 2.5.STABLE10)
*CVE-2005-1344 ignore (httpd) not a vulnerability
-*CVE-2005-1281 version (wireshark, fixed 0.10.11)
+CVE-2005-1281 version (wireshark, fixed 0.10.11)
*CVE-2005-1280 version (tcpdump, fixed 3.9.2)
*CVE-2005-1279 version (tcpdump, fixed 3.9.2)
*CVE-2005-1278 version (tcpdump, fixed 3.9.2)
@@ -1547,16 +1547,16 @@
*CVE-2005-1184 ignore (kernel) expected to not be an issue
CVE-2005-1175 version (krb5, fixed 1.4.2)
CVE-2005-1174 version (krb5, fixed 1.4.2)
-*CVE-2005-1160 version (thunderbird)
-*CVE-2005-1160 version (firefox)
-*CVE-2005-1159 version (thunderbird)
-*CVE-2005-1159 version (firefox)
-*CVE-2005-1158 version (firefox, fixed 1.0.3)
-*CVE-2005-1157 version (firefox)
-*CVE-2005-1156 version (firefox)
-*CVE-2005-1155 version (firefox)
-*CVE-2005-1154 version (firefox)
-*CVE-2005-1153 version (firefox)
+CVE-2005-1160 version (thunderbird)
+CVE-2005-1160 version (firefox)
+CVE-2005-1159 version (thunderbird)
+CVE-2005-1159 version (firefox)
+CVE-2005-1158 version (firefox, fixed 1.0.3)
+CVE-2005-1157 version (firefox)
+CVE-2005-1156 version (firefox)
+CVE-2005-1155 version (firefox)
+CVE-2005-1154 version (firefox)
+CVE-2005-1153 version (firefox)
CVE-2005-1111 backport (cpio) cpio-2.6-chmodRaceC.patch
*CVE-2005-1065 version (tetex) not upstream version
*CVE-2005-1061 version (logwatch, fixed 4.3.2 at least)
@@ -1567,8 +1567,8 @@
*CVE-2005-1039 ignore (coreutils) not fixed upstream, not a real issue
CVE-2005-1038 backport (vixie-cron) vixie-cron-4.1-CAN-2005-1038-fix-race.patch
*CVE-2005-0990 version (sharutils, fixed 4.6 at least)
-*CVE-2005-0989 version (thunderbird)
-*CVE-2005-0989 version (firefox, fixed 1.0.3)
+CVE-2005-0989 version (thunderbird)
+CVE-2005-0989 version (firefox, fixed 1.0.3)
*CVE-2005-0988 backport (gzip) changelog
*CVE-2005-0977 version (kernel, fixed 2.6.11)
CVE-2005-0967 version (gaim, fixed gaim:1.5.0)
@@ -1587,8 +1587,8 @@
*CVE-2005-0806 version (evolution, fixed 2.0.4)
*CVE-2005-0799 version (mysql) not linux
*CVE-2005-0767 version (kernel, fixed 2.6.11)
-*CVE-2005-0766 version (wireshark, fixed after 0.10.9)
-*CVE-2005-0765 version (wireshark, fixed after 0.10.9)
+CVE-2005-0766 version (wireshark, fixed after 0.10.9)
+CVE-2005-0765 version (wireshark, fixed after 0.10.9)
*CVE-2005-0763 version (mc, fixed 4.6.0)
*CVE-2005-0762 version (ImageMagick, fixed 6.0)
*CVE-2005-0761 version (ImageMagick, fixed 6.1.8)
@@ -1600,19 +1600,19 @@
*CVE-2005-0756 version (kernel, fixed 2.6.12)
*CVE-2005-0754 version (kdewebdev, fixed after 3.4.0)
*CVE-2005-0753 version (cvs, fixed 1.11.20)
-*CVE-2005-0752 version (firefox, fixed 1.0.3)
+CVE-2005-0752 version (firefox, fixed 1.0.3)
*CVE-2005-0750 version (kernel, fixed 2.6.11.6)
*CVE-2005-0749 version (kernel, fixed 2.6.11.6)
-*CVE-2005-0739 version (wireshark, fixed after 0.10.9)
+CVE-2005-0739 version (wireshark, fixed after 0.10.9)
*CVE-2005-0736 version (kernel, fixed 2.6.11)
CVE-2005-0718 version (squid, fixed 2.5.STABLE8)
*CVE-2005-0711 version (mysql, fixed 4.1.11)
*CVE-2005-0710 version (mysql, fixed 4.1.11)
*CVE-2005-0709 version (mysql, fixed 4.1.11)
-*CVE-2005-0705 version (wireshark, fixed after 0.10.9)
-*CVE-2005-0704 version (wireshark, fixed after 0.10.9)
-*CVE-2005-0699 (wireshark)
-*CVE-2005-0698 version (wireshark, fixed after 0.10.9)
+CVE-2005-0705 version (wireshark, fixed after 0.10.9)
+CVE-2005-0704 version (wireshark, fixed after 0.10.9)
+CVE-2005-0699 version (wireshark, fixed after 0.10.9)
+CVE-2005-0698 version (wireshark, fixed after 0.10.9)
*CVE-2005-0664 version (libexif, fixed 0.6.12)
*CVE-2005-0654 ignore (gimp, not fixed 2.2) upstream considers harmless
*CVE-2005-0627 version (qt, fixed 3.3.4)
@@ -1621,26 +1621,26 @@
*CVE-2005-0605 version (libXpm, fixed 3.5.4 at least)
*CVE-2005-0602 ignore (unzip, fixed 5.52) this is really expected behaviour
CVE-2005-0596 version (php, fixed 5.0)
-*CVE-2005-0593 version (firefox)
-*CVE-2005-0592 version (firefox)
-*CVE-2005-0591 version (firefox, fixed 1.0.1)
-*CVE-2005-0590 version (thunderbird)
+CVE-2005-0593 version (firefox)
+CVE-2005-0592 version (firefox)
+CVE-2005-0591 version (firefox, fixed 1.0.1)
+CVE-2005-0590 version (thunderbird)
*CVE-2005-0590 version (openswan, fixed 2.1.4)
-*CVE-2005-0590 version (firefox)
-*CVE-2005-0589 version (firefox, fixed 1.0.1)
-*CVE-2005-0588 version (firefox)
-*CVE-2005-0587 version (firefox)
-*CVE-2005-0586 version (firefox)
-*CVE-2005-0585 version (firefox)
-*CVE-2005-0584 version (firefox)
-*CVE-2005-0578 version (firefox)
+CVE-2005-0590 version (firefox)
+CVE-2005-0589 version (firefox, fixed 1.0.1)
+CVE-2005-0588 version (firefox)
+CVE-2005-0587 version (firefox)
+CVE-2005-0586 version (firefox)
+CVE-2005-0585 version (firefox)
+CVE-2005-0584 version (firefox)
+CVE-2005-0578 version (firefox)
*CVE-2005-0565 version (kernel, not 2.6)
*CVE-2005-0546 (cyrus-imapd)
*CVE-2005-0532 version (kernel, fixed 2.6.11)
*CVE-2005-0531 version (kernel, fixed 2.6.11)
*CVE-2005-0530 version (kernel, fixed 2.6.11)
*CVE-2005-0529 version (kernel, fixed 2.6.11)
-*CVE-2005-0527 version (firefox, fixed 1.0.1)
+CVE-2005-0527 version (firefox, fixed 1.0.1)
CVE-2005-0525 version (php, fixed 5.0.4)
CVE-2005-0524 version (php, fixed 5.0.4)
*CVE-2005-0509 version (mono, not after 1.0.5)
@@ -1663,11 +1663,11 @@
CVE-2005-0446 version (squid, fixed 2.5.STABLE9)
*CVE-2005-0404 ignore (kde) won't fix http://bugs.kde.org/show_bug.cgi?id=96020
*CVE-2005-0403 version (kernel) not upstream
-*CVE-2005-0402 version (firefox, fixed 1.0.2)
-*CVE-2005-0401 version (firefox, fixed 1.0.2)
+CVE-2005-0402 version (firefox, fixed 1.0.2)
+CVE-2005-0401 version (firefox, fixed 1.0.2)
*CVE-2005-0400 version (kernel, fixed 2.6.11.6)
-*CVE-2005-0399 version (thunderbird)
-*CVE-2005-0399 version (firefox)
+CVE-2005-0399 version (thunderbird)
+CVE-2005-0399 version (firefox)
*CVE-2005-0398 version (ipsec-tools, fixed 0.5)
*CVE-2005-0397 version (ImageMagick, fixed 6.0.2.5)
*CVE-2005-0396 version (kdelibs, fixed 3.4.0)
@@ -1675,8 +1675,8 @@
*CVE-2005-0372 version (gftp, fixed 2.0.18 at least)
*CVE-2005-0365 version (kdelibs, not 3.4)
*CVE-2005-0337 version (postfix, fixed 2.1.4)
-*CVE-2005-0255 version (thunderbird, fixed 1.0.2)
-*CVE-2005-0255 version (firefox, fixed 1.0.1)
+CVE-2005-0255 version (thunderbird, fixed 1.0.2)
+CVE-2005-0255 version (firefox, fixed 1.0.1)
*CVE-2005-0247 version (postgresql, fixed after 8.0)
*CVE-2005-0246 version (postgresql, fixed 8.0.1)
*CVE-2005-0245 version (postgresql, fixed 8.0.1)
@@ -1684,11 +1684,11 @@
CVE-2005-0241 version (squid, fixed 2.5.STABLE8)
*CVE-2005-0238 version (epiphany, fixed since mozilla 1.7.6)
*CVE-2005-0237 version (kdelibs, fixed 3.4.0)
-*CVE-2005-0233 version (firefox, fixed 1.0.1)
-*CVE-2005-0232 version (firefox, fixed 1.0.1)
-*CVE-2005-0231 version (firefox, fixed 1.0.1)
-*CVE-2005-0230 version (thunderbird, fixed 1.0.2)
-*CVE-2005-0230 version (firefox, fixed 1.0.1)
+CVE-2005-0233 version (firefox, fixed 1.0.1)
+CVE-2005-0232 version (firefox, fixed 1.0.1)
+CVE-2005-0231 version (firefox, fixed 1.0.1)
+CVE-2005-0230 version (thunderbird, fixed 1.0.2)
+CVE-2005-0230 version (firefox, fixed 1.0.1)
*CVE-2005-0227 version (postgresql, fixed 8.0.1)
CVE-2005-0211 version (squid, fixed 2.5.STABLE8)
*CVE-2005-0210 version (kernel, fixed 2.6.11)
@@ -1714,16 +1714,16 @@
*CVE-2005-0156 version (perl, fixed 5.8.8)
*CVE-2005-0155 version (perl, fixed 5.8.8)
*CVE-2005-0152 version (squirrelmail, not 1.4)
-*CVE-2005-0150 version (firefox, fixed 1.0)
-*CVE-2005-0149 version (firefox)
-*CVE-2005-0147 version (firefox)
-*CVE-2005-0146 version (firefox)
-*CVE-2005-0145 version (firefox, fixed 1.0)
-*CVE-2005-0144 version (firefox)
-*CVE-2005-0143 version (firefox)
-*CVE-2005-0142 version (thunderbird)
-*CVE-2005-0142 version (firefox)
-*CVE-2005-0141 version (firefox)
+CVE-2005-0150 version (firefox, fixed 1.0)
+CVE-2005-0149 version (firefox)
+CVE-2005-0147 version (firefox)
+CVE-2005-0146 version (firefox)
+CVE-2005-0145 version (firefox, fixed 1.0)
+CVE-2005-0144 version (firefox)
+CVE-2005-0143 version (firefox)
+CVE-2005-0142 version (thunderbird)
+CVE-2005-0142 version (firefox)
+CVE-2005-0141 version (firefox)
*CVE-2005-0137 version (kernel, not 2.6)
*CVE-2005-0136 version (kernel, fixed 2.6.11)
*CVE-2005-0135 version (kernel, fixed 2.6.11)
@@ -1747,7 +1747,7 @@
*CVE-2005-0087 version (alsa-lib, fixed 1.0.9)
*CVE-2005-0086 version (less) didn't affect upstream
CVE-2005-0085 version (htdig, fixed 3.1.6-r7)
-*CVE-2005-0084 version (wireshark, fixed 0.10.9)
+CVE-2005-0084 version (wireshark, fixed 0.10.9)
*CVE-2005-0080 version (mailman) not upstream
*CVE-2005-0078 version (kde, fixed 3.0.5)
*CVE-2005-0077 version (perl-DBI, fixed 1.48 at least)
@@ -1764,17 +1764,17 @@
*CVE-2005-0014 version (ncpfs, fixed 2.2.6)
*CVE-2005-0013 version (ncpfs, fixed 2.2.6)
*CVE-2005-0011 version (kdeedu, not 3.4)
-*CVE-2005-0010 version (wireshark, fixed 0.10.9)
-*CVE-2005-0009 version (wireshark, fixed 0.10.9)
-*CVE-2005-0008 version (wireshark, fixed 0.10.9)
-*CVE-2005-0007 version (wireshark, fixed 0.10.9)
-*CVE-2005-0006 version (wireshark, fixed 0.10.9)
+CVE-2005-0010 version (wireshark, fixed 0.10.9)
+CVE-2005-0009 version (wireshark, fixed 0.10.9)
+CVE-2005-0008 version (wireshark, fixed 0.10.9)
+CVE-2005-0007 version (wireshark, fixed 0.10.9)
+CVE-2005-0006 version (wireshark, fixed 0.10.9)
*CVE-2005-0005 version (ImageMagick, fixed after 6.1.7)
*CVE-2005-0004 version (mysql, fixed 4.1.10)
*CVE-2005-0003 version (kernel, fixed 2.6.10)
*CVE-2005-0001 version (kernel, fixed 2.6.10)
*CVE-2004-2660 version (kernel, fixed 2.6.10)
-*CVE-2004-2657 ignore (firefox) windows only
+CVE-2004-2657 ignore (firefox) windows only
*CVE-2004-2655 (xscreensaver)
CVE-2004-2654 version (squid, fixed 2.6STABLE6)
*CVE-2004-2645 (asn1c)
@@ -1794,9 +1794,9 @@
*CVE-2004-2343 ignore (httpd) not a security issue
*CVE-2004-2302 version (kernel, fixed 2.6.10)
*CVE-2004-2259 version (vsftpd, fixed 1.2.2)
-*CVE-2004-2228 version (firefox, fixed 1.0)
-*CVE-2004-2227 version (firefox, fixed 1.0)
-*CVE-2004-2225 version (firefox, fixed 0.10.1)
+CVE-2004-2228 version (firefox, fixed 1.0)
+CVE-2004-2227 version (firefox, fixed 1.0)
+CVE-2004-2225 version (firefox, fixed 0.10.1)
CVE-2004-2154 version (cups, fixed 1.1.21rc1)
*CVE-2004-2149 version (mysql, fixed 4.1.5)
*CVE-2004-2136 ignore (dm-crypt) design
@@ -1810,25 +1810,25 @@
*CVE-2004-1834 version (httpd, not 2.2)
*CVE-2004-1773 version (sharutils, not 4.6)
*CVE-2004-1772 version (sharutils, not 4.6)
-*CVE-2004-1761 version (wireshark, fixed 0.10.3)
+CVE-2004-1761 version (wireshark, fixed 0.10.3)
CVE-2004-1689 version (sudo, fixed 1.6.8p1)
CVE-2004-1653 ignore (openssh)
-*CVE-2004-1639 version (firefox)
+CVE-2004-1639 version (firefox)
*CVE-2004-1617 ignore (lynx) not able to verify flaw
*CVE-2004-1488 version (wget, fixed 1.10.1)
*CVE-2004-1471 version (cvs, fixed 1.12.9)
*CVE-2004-1453 version (glibc, fixed 2.3.5)
*CVE-2004-1452 version (tomcat, fixed 5.0.27-r3)
-*CVE-2004-1451 version (thunderbird)
-*CVE-2004-1451 version (firefox)
-*CVE-2004-1450 version (thunderbird)
-*CVE-2004-1450 version (firefox)
-*CVE-2004-1449 version (thunderbird)
-*CVE-2004-1449 version (firefox)
+CVE-2004-1451 version (thunderbird)
+CVE-2004-1451 version (firefox)
+CVE-2004-1450 version (thunderbird)
+CVE-2004-1450 version (firefox)
+CVE-2004-1449 version (thunderbird)
+CVE-2004-1449 version (firefox)
CVE-2004-1392 version (php, fixed 5.0.4)
*CVE-2004-1382 version (glibc, not 2.3.5)
-*CVE-2004-1381 version (firefox)
-*CVE-2004-1380 version (firefox)
+CVE-2004-1381 version (firefox)
+CVE-2004-1380 version (firefox)
*CVE-2004-1377 backport (a2ps) a2ps-4.13-security.patch
*CVE-2004-1337 version (kernel, fixed 2.6.11)
*CVE-2004-1336 version (tetex, fixed 3.0 at least)
@@ -1849,7 +1849,7 @@
*CVE-2004-1235 version (kernel, fixed 2.6.11)
*CVE-2004-1234 version (kernel, not 2.6)
*CVE-2004-1224 version (mtr, fixed after 0.65)
-*CVE-2004-1200 ignore (firefox, mozilla) not a security issue
+CVE-2004-1200 ignore (firefox, mozilla) not a security issue
*CVE-2004-1191 version (kernel, fixed 2.6.9)
*CVE-2004-1190 version (kernel, fixed 2.6.10)
CVE-2004-1189 version (krb5, fixed 1.4)
@@ -1867,16 +1867,16 @@
*CVE-2004-1170 backport (a2ps) a2ps-shell.patch
*CVE-2004-1165 version (kdelibs, not 3.4)
*CVE-2004-1158 version (kdelibs, not 3.4)
-*CVE-2004-1156 version (firefox)
+CVE-2004-1156 version (firefox)
*CVE-2004-1154 version (samba, fixed 3.0.10)
*CVE-2004-1151 version (kernel, fixed 2.6.10)
*CVE-2004-1145 version (kde, not 3.4)
*CVE-2004-1144 version (kernel, not 2.6)
*CVE-2004-1143 version (mailman, fixed 2.1.5)
-*CVE-2004-1142 version (wireshark, fixed 0.10.8)
-*CVE-2004-1141 version (wireshark, fixed 0.10.8)
-*CVE-2004-1140 version (wireshark, fixed 0.10.8)
-*CVE-2004-1139 version (wireshark, fixed 0.10.8)
+CVE-2004-1142 version (wireshark, fixed 0.10.8)
+CVE-2004-1141 version (wireshark, fixed 0.10.8)
+CVE-2004-1140 version (wireshark, fixed 0.10.8)
+CVE-2004-1139 version (wireshark, fixed 0.10.8)
*CVE-2004-1138 version (vim, fixed 6.3)
*CVE-2004-1137 version (kernel, fixed 2.6.10)
*CVE-2004-1125 version (tetex, at least 3.0)
@@ -1952,11 +1952,11 @@
CVE-2004-0918 version (squid, fixed 2.4.STABLE7)
*CVE-2004-0914 version (xorg-x11, fixed after 6.8.1)
*CVE-2004-0909 version (thunderbird)
-*CVE-2004-0909 version (firefox)
-*CVE-2004-0907 version (thunderbird)
-*CVE-2004-0907 version (firefox)
-*CVE-2004-0906 version (thunderbird)
-*CVE-2004-0906 version (firefox)
+CVE-2004-0909 version (firefox)
+CVE-2004-0907 version (thunderbird)
+CVE-2004-0907 version (firefox)
+CVE-2004-0906 version (thunderbird)
+CVE-2004-0906 version (firefox)
CVE-2004-0891 version (gaim, fixed gaim:1.0.2)
*CVE-2004-0888 version (tetex, fixed 3.0)
*CVE-2004-0888 version (kdegraphics, not 3.4)
@@ -1970,7 +1970,7 @@
*CVE-2004-0883 version (kernel, fixed 2.6.11)
*CVE-2004-0882 version (samba, fixed 3.0.8)
*CVE-2004-0870 ignore (kde) upstream won't fix
-*CVE-2004-0867 version (firefox, fixed after 0.9.2)
+CVE-2004-0867 version (firefox, fixed after 0.9.2)
*CVE-2004-0837 version (mysql, fixed 4.0.21)
*CVE-2004-0836 version (mysql, fixed 4.0.21)
*CVE-2004-0835 version (mysql, fixed 4.1.2)
@@ -2007,7 +2007,7 @@
*CVE-2004-0783 version (gtk2, fixed 2.6.7 at least)
*CVE-2004-0782 version (gtk2, fixed 2.6.7 at least)
*CVE-2004-0779 version (thunderbird)
-*CVE-2004-0779 version (firefox)
+CVE-2004-0779 version (firefox)
*CVE-2004-0778 version (cvs, fixed 1.11.17)
CVE-2004-0772 version (krb5, fixed after 1.2.8)
*CVE-2004-0768 version (libpng, fixed 1.2.6)
@@ -2031,15 +2031,15 @@
*CVE-2004-0686 version (samba, fixed 3.0.6)
*CVE-2004-0685 version (kernel, not 2.6)
*CVE-2004-0658 ignore (kernel) not a security issue
-*CVE-2004-0648 version (thunderbird)
-*CVE-2004-0648 version (firefox)
+CVE-2004-0648 version (thunderbird)
+CVE-2004-0648 version (firefox)
CVE-2004-0644 version (krb5, fixed after 1.3.4)
CVE-2004-0643 version (krb5, fixed after 1.3.1)
CVE-2004-0642 version (krb5, fixed after 1.3.4)
*CVE-2004-0639 version (squirrelmail, fixed after 1.2.10)
-*CVE-2004-0635 version (wireshark, fixed 0.10.5)
-*CVE-2004-0634 version (wireshark, fixed 0.10.5)
-*CVE-2004-0633 version (wireshark, fixed 0.10.5)
+CVE-2004-0635 version (wireshark, fixed 0.10.5)
+CVE-2004-0634 version (wireshark, fixed 0.10.5)
+CVE-2004-0633 version (wireshark, fixed 0.10.5)
*CVE-2004-0628 version (mysql, fixed 4.1.3)
*CVE-2004-0627 version (mysql, fixed 4.1.3)
*CVE-2004-0626 version (kernel, fixed 2.6.8)
@@ -2067,10 +2067,10 @@
*CVE-2004-0521 version (squirrelmail, fixed 1.4.3a)
*CVE-2004-0520 version (squirrelmail, fixed 1.4.3a)
*CVE-2004-0519 version (squirrelmail, fixed 1.4.3a)
-*CVE-2004-0507 version (wireshark, fixed 0.10.4)
-*CVE-2004-0506 version (wireshark, fixed 0.10.4)
-*CVE-2004-0505 version (wireshark, fixed 0.10.4)
-*CVE-2004-0504 version (wireshark, fixed 0.10.4)
+CVE-2004-0507 version (wireshark, fixed 0.10.4)
+CVE-2004-0506 version (wireshark, fixed 0.10.4)
+CVE-2004-0505 version (wireshark, fixed 0.10.4)
+CVE-2004-0504 version (wireshark, fixed 0.10.4)
CVE-2004-0500 version (gaim, fixed gaim:0.82.1)
*CVE-2004-0497 version (kernel, fixed 2.6.8)
*CVE-2004-0496 version (kernel, fixed 2.6.8)
@@ -2109,8 +2109,8 @@
*CVE-2004-0388 version (mysql, fixed 4.1.11 at least)
*CVE-2004-0387 (helixplayer)
*CVE-2004-0381 version (mysql, fixed 4.1.11 at least)
-*CVE-2004-0367 version (wireshark, fixed 0.10.3)
-*CVE-2004-0365 version (wireshark, fixed 0.10.3)
+CVE-2004-0367 version (wireshark, fixed 0.10.3)
+CVE-2004-0365 version (wireshark, fixed 0.10.3)
CVE-2004-0263 version (php, fixed 4.3.5)
*CVE-2004-0256 version (libtool, fixed 1.5.2)
*CVE-2004-0233 version (libutempter, fixed 0.5.5)
@@ -2132,7 +2132,7 @@
*CVE-2004-0179 version (neon, fixed 0.24.5)
*CVE-2004-0178 version (kernel, not 2.6)
*CVE-2004-0177 version (kernel, fixed 2.6.6)
-*CVE-2004-0176 version (wireshark, fixed 0.10.3)
+CVE-2004-0176 version (wireshark, fixed 0.10.3)
CVE-2004-0175 version (openssh, fixed 3.4p1)
CVE-2004-0175 backport (krb5) krb5-1.3.3-rcp-markus.patch
*CVE-2004-0174 version (httpd, not 2.2)
@@ -2183,16 +2183,16 @@
CVE-2003-1302 version (php, fixed 4.3.1)
*CVE-2003-1295 (xscreensaver)
*CVE-2003-1294 (xscreensaver)
-*CVE-2003-1265 VULNERABLE (thunderbird) https://bugzilla.mozilla.org/show_bug.cgi?id=198442
-*CVE-2003-1265 VULNERABLE (firefox) https://bugzilla.mozilla.org/show_bug.cgi?id=198442
+CVE-2003-1265 VULNERABLE (thunderbird) https://bugzilla.mozilla.org/show_bug.cgi?id=198442
+CVE-2003-1265 VULNERABLE (firefox) https://bugzilla.mozilla.org/show_bug.cgi?id=198442
*CVE-2003-1232 version (emacs, fixed 21.3)
*CVE-2003-1201 version (openldap, not 2.2)
*CVE-2003-1161 version (kernel, not released version)
*CVE-2003-1138 backport (httpd, Red Hat only) contains /+ now
*CVE-2003-1029 version (tcpdump, fixed after 3.8.1)
*CVE-2003-1023 version (mc, 4.6.1)
-*CVE-2003-1013 version (wireshark, fixed 0.10.0)
-*CVE-2003-1012 version (wireshark, fixed 0.10.0)
+CVE-2003-1013 version (wireshark, fixed 0.10.0)
+CVE-2003-1012 version (wireshark, fixed 0.10.0)
*CVE-2003-0993 version (httpd, not 2.2)
*CVE-2003-0992 version (mailman, fixed 2.1.4)
*CVE-2003-0992 version (mailman, fixed 2.1.3)
@@ -2219,9 +2219,9 @@
*CVE-2003-0959 version (kernel, fixed 2.4.21)
*CVE-2003-0956 version (kernel, fixed 2.4.22)
CVE-2003-0935 version (net-snmp, fixed 5.0.9)
-*CVE-2003-0927 version (wireshark, fixed 0.9.16)
-*CVE-2003-0926 version (wireshark, fixed 0.9.16)
-*CVE-2003-0925 version (wireshark, fixed 0.9.16)
+CVE-2003-0927 version (wireshark, fixed 0.9.16)
+CVE-2003-0926 version (wireshark, fixed 0.9.16)
+CVE-2003-0925 version (wireshark, fixed 0.9.16)
*CVE-2003-0924 version (netpbm, fixed 9.26)
CVE-2003-0914 version (bind, not 9)
*CVE-2003-0901 version (postgresql, not 8)
@@ -2303,11 +2303,11 @@
*CVE-2003-0459 version (kdelibs, not 3.2)
*CVE-2003-0455 version (ImageMagick)
CVE-2003-0442 version (php, fixed 4.3.2)
-*CVE-2003-0432 version (wireshark, fixed after 0.9.12)
-*CVE-2003-0431 version (wireshark, fixed after 0.9.12)
-*CVE-2003-0430 version (wireshark, fixed after 0.9.12)
-*CVE-2003-0429 version (wireshark, fixed after 0.9.12)
-*CVE-2003-0428 version (wireshark, fixed after 0.9.12)
+CVE-2003-0432 version (wireshark, fixed after 0.9.12)
+CVE-2003-0431 version (wireshark, fixed after 0.9.12)
+CVE-2003-0430 version (wireshark, fixed after 0.9.12)
+CVE-2003-0429 version (wireshark, fixed after 0.9.12)
+CVE-2003-0428 version (wireshark, fixed after 0.9.12)
*CVE-2003-0427 backport (mikmod) from changelog
*CVE-2003-0418 version (kernel, not 2.6)
*CVE-2003-0388 version (pam, fixed 0.78)
@@ -2315,8 +2315,8 @@
*CVE-2003-0370 version (kde, fixed 3.0)
*CVE-2003-0367 backport (gzip) gzip-1.3.5-openbsd-owl-tmp.patch
*CVE-2003-0364 version (kernel, not 2.6)
-*CVE-2003-0357 version (wireshark, fixed after 0.9.11)
-*CVE-2003-0356 version (wireshark, fixed after 0.9.11)
+CVE-2003-0357 version (wireshark, fixed after 0.9.11)
+CVE-2003-0356 version (wireshark, fixed after 0.9.11)
*CVE-2003-0354 version (ghostscript, fixed 7.07)
*CVE-2003-0328 version (epic, fixed epic4-2.2 at least)
*CVE-2003-0300 ignore (sylpheed) only a crasher
@@ -2351,7 +2351,7 @@
*CVE-2003-0165 version (eog, fixed 2.2.2)
*CVE-2003-0161 version (sendmail, fixed 8.12.9)
*CVE-2003-0160 version (squirrelmail, fixed 1.2.11)
-*CVE-2003-0159 version (wireshark, fixed after 0.9.9)
+CVE-2003-0159 version (wireshark, fixed after 0.9.9)
*CVE-2003-0150 version (mysql, fixed 3.23.56)
*CVE-2003-0147 version (openssl, not 0.9.8)
*CVE-2003-0147 backport (openssl097a, fixed 0.9.7b)
@@ -2379,7 +2379,7 @@
*CVE-2003-0085 version (samba, fixed 2.2.8)
*CVE-2003-0083 version (httpd, not 2.2)
CVE-2003-0082 version (krb5, fixed after 1.2.7)
-*CVE-2003-0081 version (wireshark, fixed after 0.9.9)
+CVE-2003-0081 version (wireshark, fixed after 0.9.9)
*CVE-2003-0078 version (openssl, not 0.9.8)
*CVE-2003-0078 version (openssl097a, fixed 0.9.7a)
*CVE-2003-0073 version (mysql, fixed 3.23.55)
@@ -2483,8 +2483,8 @@
CVE-2002-1366 version (cups, fixed 1.1.18)
*CVE-2002-1365 version (fetchmail, fixed 6.2.0)
*CVE-2002-1363 version (libpng, fixed 1.2.6)
-*CVE-2002-1356 version (wireshark, fixed after 0.9.7)
-*CVE-2002-1355 version (wireshark, fixed after 0.9.7)
+CVE-2002-1356 version (wireshark, fixed after 0.9.7)
+CVE-2002-1355 version (wireshark, fixed after 0.9.7)
*CVE-2002-1350 version (tcpdump, fixed 3.7)
*CVE-2002-1348 version (w3m, fixed 0.3.2.2)
*CVE-2002-1347 version (cyrus-sasl, fixed 2.1.10)
@@ -2541,10 +2541,10 @@
*CVE-2002-0838 version (ggv, fixed 20030119, 2.8.0 at least)
*CVE-2002-0837 version (wordtrans, fixed 1.1pre13 at least)
*CVE-2002-0836 version (tetex, fixed 2.0.2 at least)
-*CVE-2002-0834 version (wireshark)
+CVE-2002-0834 version (wireshark, fixed after 0.9.5)
*CVE-2002-0825 version (nss_ldap, fixed nss_ldap-198)
-*CVE-2002-0822 version (wireshark)
-*CVE-2002-0821 version (wireshark)
+CVE-2002-0822 version (wireshark, fixed 0.9.5)
+CVE-2002-0821 version (wireshark, fixed 0.9.5)
*CVE-2002-0819 version (arts, fixed cvs 20020707)
*CVE-2002-0802 version (postgresql, fixed 7.2)
*CVE-2002-0761 version (bzip2, fixed 1.0.2)
@@ -2585,10 +2585,10 @@
*CVE-2002-0493 version (tomcat, fixed 4.1.12)
*CVE-2002-0435 version (fileutils, fixed 4.1.7)
*CVE-2002-0429 version (kernel, not 2.6)
-*CVE-2002-0404 version (wireshark, fixed ethereal 0.9.3)
-*CVE-2002-0403 version (wireshark, fixed ethereal 0.9.3)
-*CVE-2002-0402 version (wireshark, fixed ethereal 0.9.3)
-*CVE-2002-0401 version (wireshark, fixed ethereal 0.9.3)
+CVE-2002-0404 version (wireshark, fixed 0.9.3)
+CVE-2002-0403 version (wireshark, fixed 0.9.3)
+CVE-2002-0402 version (wireshark, fixed 0.9.3)
+CVE-2002-0401 version (wireshark, fixed 0.9.3)
CVE-2002-0400 version (bind, fixed 9.2.1)
*CVE-2002-0399 version (tar, fixed 1.13.26)
*CVE-2002-0392 version (httpd, not 2.2)
@@ -2603,7 +2603,7 @@
CVE-2002-0377 version (gaim, fixed gaim:0.58)
*CVE-2002-0374 version (pam_ldap, fixed 144)
*CVE-2002-0363 version (ghostscript, fixed 6.53)
-*CVE-2002-0353 version (wireshark, fixed ethereal 0.9.3)
+CVE-2002-0353 version (wireshark, fixed 0.9.3)
*CVE-2002-0342 version (kde, not 2.2+)
*CVE-2002-0318 version (freeradius, fixed 0.7)
CVE-2002-0253 ignore (php) not a vulnerability
--
fedora-extras-commits mailing list
fedora-extras-commits(a)redhat.com
https://www.redhat.com/mailman/listinfo/fedora-extras-commits
16 years, 9 months
- 1
- 0
fedora-security/audit fc6,1.220,1.221 fc7,1.36,1.37
by fedora-extras-commits@redhat.com
Author: bressers
Update of /cvs/fedora/fedora-security/audit
In directory cvs-int.fedora.redhat.com:/tmp/cvs-serv19654
Modified Files:
fc6 fc7
Log Message:
Note a gimp flaw
Index: fc6
===================================================================
RCS file: /cvs/fedora/fedora-security/audit/fc6,v
retrieving revision 1.220
retrieving revision 1.221
diff -u -r1.220 -r1.221
--- fc6 4 Jul 2007 17:46:02 -0000 1.220
+++ fc6 10 Jul 2007 23:54:03 -0000 1.221
@@ -195,6 +195,7 @@
CVE-2006-4561 VULNERABLE (firefox)
CVE-2006-4538 version (kernel, fixed after 2.6.18-rc6)
CVE-2006-4535 version (kernel, fixed 2.6.18-rc6)
+CVE-2006-4519 VULNERABLE (gimp) #247567
CVE-2006-4514 backport (libgsf) [since FEDORA-2006-1417]
CVE-2006-4507 ignore (libtiff) can't reproduce
CVE-2006-4486 version (php, fixed 5.1.6)
Index: fc7
===================================================================
RCS file: /cvs/fedora/fedora-security/audit/fc7,v
retrieving revision 1.36
retrieving revision 1.37
diff -u -r1.36 -r1.37
--- fc7 9 Jul 2007 19:12:51 -0000 1.36
+++ fc7 10 Jul 2007 23:54:03 -0000 1.37
@@ -60,7 +60,7 @@
*CVE-2007-2869 (firefox)
*CVE-2007-2868 version (seamonkey, fixed 1.0.9)
*CVE-2007-2867 version (seamonkey, fixed 1.0.9)
-*CVE-2007-2865 VULNERABLE (phpPgAdmin) #241489
+CVE-2007-2865 VULNERABLE (phpPgAdmin) #241489
CVE-2007-2844 ignore (php) #241641
*CVE-2007-2843 ignore (konqueror) safari specific
*CVE-2007-2821 VULNERABLE (wordpress, fixed 2.2) #240970
@@ -578,6 +578,7 @@
*CVE-2006-4561 VULNERABLE (firefox)
*CVE-2006-4538 version (kernel, fixed after 2.6.18-rc6)
*CVE-2006-4535 version (kernel, fixed 2.6.18-rc6)
+CVE-2006-4519 VULNERABLE (gimp) #247566
*CVE-2006-4514 backport (libgsf) [since FEDORA-2006-1417]
*CVE-2006-4513 version (wv, fixed 1.2.4) #212696
*CVE-2006-4513 ** (abiword) #212698
--
fedora-extras-commits mailing list
fedora-extras-commits(a)redhat.com
https://www.redhat.com/mailman/listinfo/fedora-extras-commits
16 years, 9 months
- 1
- 0
fedora-security/audit fc7,1.35,1.36 fe6,1.125,1.126
by fedora-extras-commits@redhat.com
Author: scop
Update of /cvs/fedora/fedora-security/audit
In directory cvs-int.fedora.redhat.com:/tmp/cvs-serv21691
Modified Files:
fc7 fe6
Log Message:
+php-pear-Structures-DataGrid-DataSource-MDB2,moodle
Index: fc7
===================================================================
RCS file: /cvs/fedora/fedora-security/audit/fc7,v
retrieving revision 1.35
retrieving revision 1.36
diff -u -r1.35 -r1.36
--- fc7 4 Jul 2007 17:47:49 -0000 1.35
+++ fc7 9 Jul 2007 19:12:51 -0000 1.36
@@ -5,6 +5,8 @@
*CVE are items that need verification for Fedora 7
CVE-2007-4168 VULNERABLE (libexif) #243890
+CVE-2007-3628 version (php-pear-Structures-DataGrid-DataSource-MDB2, fixed 0.1.10)
+CVE-2007-3555 VULNERABLE (moodle) #247528
CVE-2007-3546 ignore (nessus-core) Windows only
CVE-2007-3528 VULNERABLE (dar, fixed 2.3.4) #246760
CVE-2007-3544 ** (wordpress) #245211
Index: fe6
===================================================================
RCS file: /cvs/fedora/fedora-security/audit/fe6,v
retrieving revision 1.125
retrieving revision 1.126
diff -u -r1.125 -r1.126
--- fe6 4 Jul 2007 17:24:39 -0000 1.125
+++ fe6 9 Jul 2007 19:12:51 -0000 1.126
@@ -2,6 +2,8 @@
** are items that need attention
+CVE-2007-3628 version (php-pear-Structures-DataGrid-DataSource-MDB2, fixed 0.1.10)
+CVE-2007-3555 VULNERABLE (moodle) #247528
CVE-2007-3546 ignore (nessus-core) Windows only
CVE-2007-3544 ** (wordpress) #245211
CVE-2007-3543 ** (wordpress) #245211
--
fedora-extras-commits mailing list
fedora-extras-commits(a)redhat.com
https://www.redhat.com/mailman/listinfo/fedora-extras-commits
16 years, 9 months
- 1
- 0
[Bug 247528] CVE-2007-3555: moodle cross site scripting vulnerability
by Red Hat Bugzilla
Please do not reply directly to this email. All additional
comments should be made in the comments box of this bug report.
Summary: CVE-2007-3555: moodle cross site scripting vulnerability
Alias: CVE-2007-3555
https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=247528
ville.skytta(a)iki.fi changed:
What |Removed |Added
----------------------------------------------------------------------------
CC| |fedora-security-
| |list(a)redhat.com
Alias| |CVE-2007-3555
--
Configure bugmail: https://bugzilla.redhat.com/bugzilla/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are on the CC list for the bug, or are watching someone who is.
16 years, 9 months
- 1
- 0
[Bug 246760] New: CVE-2007-3528 dar Blowfish-CBC weakness
by Red Hat Bugzilla
Please do not reply directly to this email. All additional
comments should be made in the comments box of this bug report.
https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=246760
Summary: CVE-2007-3528 dar Blowfish-CBC weakness
Product: Fedora
Version: f7
Platform: All
OS/Version: Linux
Status: NEW
Severity: low
Priority: low
Component: dar
AssignedTo: lists(a)forevermore.net
ReportedBy: ville.skytta(a)iki.fi
QAContact: extras-qa(a)fedoraproject.org
CC: fedora-security-list(a)redhat.com
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2007-3528
"The blowfish mode in DAR before 2.3.4 uses weak Blowfish-CBC cryptography by
(1) discarding random bits by the blowfish::make_ivec function in
libdar/crypto.cpp that results in predictable and repeating IV values, and (2)
direct use of a password for keying, which makes it easier for context-dependent
attackers to decrypt files."
2.3.4 is in CVS for F-7+, FC-6 appears untreated at the moment.
Please mark the F-7 update as a security one in the updates system and add the
CVE reference to it (I have no permissions to do that).
--
Configure bugmail: https://bugzilla.redhat.com/bugzilla/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are on the CC list for the bug, or are watching someone who is.
16 years, 9 months
- 1
- 4
[Bug 240970] New: CVE-2007-2821: wordpress < 2.2 admin-ajax.php SQL injection
by Red Hat Bugzilla
Please do not reply directly to this email. All additional
comments should be made in the comments box of this bug report.
https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=240970
Summary: CVE-2007-2821: wordpress < 2.2 admin-ajax.php SQL
injection
Product: Fedora Extras
Version: fc6
Platform: All
URL: http://nvd.nist.gov/nvd.cfm?cvename=CVE-2007-2821
OS/Version: Linux
Status: NEW
Severity: medium
Priority: medium
Component: wordpress
AssignedTo: jwb(a)redhat.com
ReportedBy: ville.skytta(a)iki.fi
QAContact: extras-qa(a)fedoraproject.org
CC: fedora-security-list(a)redhat.com
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2007-2821
"SQL injection vulnerability in wp-admin/admin-ajax.php in WordPress before 2.2
allows remote attackers to execute arbitrary SQL commands via the cookie parameter."
--
Configure bugmail: https://bugzilla.redhat.com/bugzilla/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are on the CC list for the bug, or are watching someone who is.
16 years, 9 months
- 1
- 2