Oh.. I sent a reply to Kevin and did not sent to mailing list,
resending...
Kevin Fenzi wrote, at 06/12/2007 12:04 PM +9:00:
ok. Looking at the nice big pile you checked in, I think we might be
served better by folks taking particular packages. Ie, if you are
already examining a package for one CVE, it might be easier to just
keep going on that package rather than switch to another one and have
to pull up more cvs files, bugzilla, etc.
Here's the top 10 of the ones you just checked in today:
30 (php)
14 (helixplayer)
11 (tomcat)
8 (fedoradirectoryserver)
7 (flash-plugin)
7 (acroread)
6 (
openoffice.org)
6 (kernel)
5 (xscreensaver)
5 (wu-ftpd)
For xscreensaver, all CVE entries which were added today are
for <4.18 and no longer affects FC-5+ xscreensaver (4.24<=)
Mamoru (xscreensaver maintainer)