fedora-security/audit fc6,NONE,1.1
Mark Cox (mjc)
fedora-extras-commits at redhat.com
Mon Aug 14 13:40:31 UTC 2006
Author: mjc
Update of /cvs/fedora/fedora-security/audit
In directory cvs-int.fedora.redhat.com:/tmp/cvs-serv5486
Added Files:
fc6
Log Message:
Start on FC6; 45% done
--- NEW FILE fc6 ---
**********************************************************************
* WORK IN PROGRESS
**********************************************************************
Up to date CVE as of CVE email 20060813
Up to date FC6 as of Test2
Notes:
1. Removed packages no longer shipped (except mozilla!)
2. Added packages newly shipped
3. Deal with libutempter/utempter
4. ### left to do (was 1771)
** are items that need attention
CVE-2006-4031 VULNERABLE (mysql, fixed 5.0.24) #202247 ###
CVE-2006-4020 VULNERABLE (php) #201767 ###
CVE-2006-4019 VULNERABLE (squirrelmail, fixed 1.4.8) #202196 ###
CVE-2006-3918 version (httpd, fixed 2.2.2)
CVE-2006-3879 version (mikmod, not 3.1.6)
CVE-2006-3835 version (tomcat, fixed 5.5.17)
CVE-2006-3813 version (perl) only Red Hat Enterprise Linux affected
CVE-2006-3812 version (firefox, fixed 1.5.0.5) [since FEDORA-2006-902] ###
CVE-2006-3812 version (thunderbird, fixed 1.5.0.5) [since FEDORA-2006-903] ###
CVE-2006-3812 VULNERABLE (mozilla) ###
CVE-2006-3811 version (firefox, fixed 1.5.0.5) [since FEDORA-2006-902] ###
CVE-2006-3811 version (thunderbird, fixed 1.5.0.5) [since FEDORA-2006-903] ###
CVE-2006-3811 VULNERABLE (mozilla) ###
CVE-2006-3810 version (firefox, fixed 1.5.0.5) [since FEDORA-2006-902] ###
CVE-2006-3810 version (thunderbird, fixed 1.5.0.5) [since FEDORA-2006-903] ###
CVE-2006-3810 VULNERABLE (mozilla) ###
CVE-2006-3809 version (firefox, fixed 1.5.0.5) [since FEDORA-2006-902] ###
CVE-2006-3809 version (thunderbird, fixed 1.5.0.5) [since FEDORA-2006-903] ###
CVE-2006-3809 VULNERABLE (mozilla) ###
CVE-2006-3808 version (firefox, fixed 1.5.0.5) [since FEDORA-2006-902] ###
CVE-2006-3808 version (thunderbird, fixed 1.5.0.5) [since FEDORA-2006-903] ###
CVE-2006-3808 VULNERABLE (mozilla) ###
CVE-2006-3807 version (firefox, fixed 1.5.0.5) [since FEDORA-2006-902] ###
CVE-2006-3807 version (thunderbird, fixed 1.5.0.5) [since FEDORA-2006-903] ###
CVE-2006-3807 VULNERABLE (mozilla) ###
CVE-2006-3806 version (firefox, fixed 1.5.0.5) [since FEDORA-2006-902] ###
CVE-2006-3806 version (thunderbird, fixed 1.5.0.5) [since FEDORA-2006-903] ###
CVE-2006-3806 VULNERABLE (mozilla) ###
CVE-2006-3805 version (firefox, fixed 1.5.0.5) [since FEDORA-2006-902] ###
CVE-2006-3805 version (thunderbird, fixed 1.5.0.5) [since FEDORA-2006-903] ###
CVE-2006-3805 VULNERABLE (mozilla) ###
CVE-2006-3804 version (firefox, fixed 1.5.0.5) [since FEDORA-2006-902] ###
CVE-2006-3804 version (thunderbird, fixed 1.5.0.5) [since FEDORA-2006-903] ###
CVE-2006-3804 VULNERABLE (mozilla) ###
CVE-2006-3803 version (firefox, fixed 1.5.0.5) [since FEDORA-2006-902] ###
CVE-2006-3803 version (thunderbird, fixed 1.5.0.5) [since FEDORA-2006-903] ###
CVE-2006-3803 VULNERABLE (mozilla) ###
CVE-2006-3802 version (firefox, fixed 1.5.0.5) [since FEDORA-2006-902] ###
CVE-2006-3802 version (thunderbird, fixed 1.5.0.5) [since FEDORA-2006-903] ###
CVE-2006-3802 VULNERABLE (mozilla) ###
CVE-2006-3801 version (firefox, fixed 1.5.0.5) [since FEDORA-2006-902] ###
CVE-2006-3801 version (thunderbird, fixed 1.5.0.5) [since FEDORA-2006-903] ###
CVE-2006-3801 VULNERABLE (mozilla) ###
CVE-2006-3747 backport (httpd, fixed 2.2.3) ###
CVE-2006-3746 version (gnupg, fixed 1.4.5) #200904 [since FEDORA-2006-868] ###
CVE-2006-3731 ignore (firefox) just a user complicit crash
CVE-2006-3694 backport (ruby, fixed 1.8.5) #199538 #199543 [since FEDORA-2006-849] ###
CVE-2006-3677 version (firefox, fixed 1.5.0.5) [since FEDORA-2006-902] ###
CVE-2006-3677 version (thunderbird, fixed 1.5.0.5) [since FEDORA-2006-903] ###
CVE-2006-3677 VULNERABLE (mozilla) ###
CVE-2006-3672 ignore (konqueror) just a crash
CVE-2006-3665 ignore (squirrelmail) don't enable register_globals!
CVE-2006-3634 ignore (kernel, fixed 2.6.17.8) s390 only
CVE-2006-3632 version (wireshark, fixed 0.99.2)
CVE-2006-3631 version (wireshark, fixed 0.99.2)
CVE-2006-3630 version (wireshark, fixed 0.99.2)
CVE-2006-3629 version (wireshark, fixed 0.99.2)
CVE-2006-3628 version (wireshark, fixed 0.99.2)
CVE-2006-3627 version (wireshark, fixed 0.99.2)
CVE-2006-3626 version (kernel, fixed 2.6.17.6) [since FEDORA-2006-906] ###
CVE-2006-3619 VULNERABLE (gcc/fastjar) ###
CVE-2006-3486 ignore (mysql, fixed 5.0.23) not exploitable
CVE-2006-3469 VULNERABLE (mysql) ###
CVE-2006-3468 version (kernel, fixed 2.6.17.8) [since FEDORA-2006-906] ###
CVE-2006-3467 VULNERABLE (freetype) ###
CVE-2006-3465 backport (libtiff) [since FEDORA-2006-877] ###
CVE-2006-3464 backport (libtiff) [since FEDORA-2006-877] ###
CVE-2006-3463 backport (libtiff) [since FEDORA-2006-877] ###
CVE-2006-3462 backport (libtiff) [since FEDORA-2006-877] ###
CVE-2006-3461 backport (libtiff) [since FEDORA-2006-877] ###
CVE-2006-3460 backport (libtiff) [since FEDORA-2006-877] ###
CVE-2006-3459 backport (libtiff) [since FEDORA-2006-877] ###
CVE-2006-3404 version (gimp, fixed 2.2.12) #198270 [since FEDORA-2006-794] ###
CVE-2006-3403 version (samba, fixed 3.0.23)
CVE-2006-3378 ignore (shadow-utils) we don't ship passwd from shadow-utils
CVE-2006-3376 backport (libwmf) #198291 [since FEDORA-2006-805] ###
CVE-2006-3352 ignore (firefox) not a vulnerability
CVE-2006-3334 ignore (libpng, fixed 1.2.12) not exploitable
CVE-2006-3242 version (mutt, fixed 1.4.2.2, 1.5.12)
CVE-2006-3174 version (squirrelmail, fixed 1.4.7)
CVE-2006-3145 version (netpbm, fixed 10.34)
CVE-2006-3127 version (nss, only affected 3.11) [since FEDORA-2006-728] ###
CVE-2006-3122 ** dhcp ###
CVE-2006-3117 backport (openoffice.org, fixed 2.0.3) [since FEDORA-2006-770] ###
CVE-2006-3113 version (firefox, fixed 1.5.0.5) [since FEDORA-2006-902] ###
CVE-2006-3113 version (thunderbird, fixed 1.5.0.5) [since FEDORA-2006-903] ###
CVE-2006-3113 VULNERABLE (mozilla) ###
CVE-2006-3085 version (kernel, fixed 2.6.16.21, fixed 2.6.17.1) [since FEDORA-2006-735] ###
CVE-2006-3084 ignore (krb5) seteuid() calls never fail on linux
CVE-2006-3083 backport (krb5, fixed 1.5.1, 1.4.4) [since FEDORA-2006-905] ###
CVE-2006-3082 version (gnupg, fixed 1.4.4) #195946 [since FEDORA-2006-755] ###
CVE-2006-3081 version (mysql, fixed 5.1.18)
CVE-2006-3057 version (dhcdbd, fixed 1.14) [since FEDORA-2006-609] ###
CVE-2006-3018 version (php, fixed 5.1.3)
CVE-2006-3017 version (php, fixed 5.1.3)
CVE-2006-3016 version (php, fixed 5.1.3)
CVE-2006-3011 ignore (php) safe mode isn't safe
CVE-2006-2936 version (kernel, fixed 2.6.16.27, fixed 2.6.17.7) [since FEDORA-2006-906] ###
CVE-2006-2935 version (kernel, fixed 2.6.17.7) [since FEDORA-2006-906] ###
CVE-2006-2934 version (kernel, fixed 2.6.17.3) [since FEDORA-2006-772] ###
CVE-2006-2933 version (kde, not 3.2+) ###
CVE-2006-2916 ignore (arts) not shipped setuid ###
CVE-2006-2906 VULNERABLE (gd) #194520 ###
CVE-2006-2894 VULNERABLE (firefox) ###
CVE-2006-2894 VULNERABLE (mozilla) ###
CVE-2006-2842 version (squirrelmail, fixed 1.4.6)
CVE-2006-2789 version (evolution, fixed 2.4.X)
CVE-2006-2788 version (firefox, fixed 1.5.0.4) [since FEDORA-2006-715] ###
CVE-2006-2787 version (firefox, fixed 1.5.0.4) [since FEDORA-2006-715] ###
CVE-2006-2787 version (thunderbird, fixed 1.5.0.4) [since FEDORA-2006-717] ###
CVE-2006-2787 VULNERABLE (mozilla) ###
CVE-2006-2786 version (firefox, fixed 1.5.0.4) [since FEDORA-2006-715] ###
CVE-2006-2786 version (thunderbird, fixed 1.5.0.4) [since FEDORA-2006-717] ###
CVE-2006-2786 VULNERABLE (mozilla) ###
CVE-2006-2785 version (firefox, fixed 1.5.0.4) [since FEDORA-2006-715] ###
CVE-2006-2785 VULNERABLE (mozilla) ###
CVE-2006-2784 version (firefox, fixed 1.5.0.4) [since FEDORA-2006-715] ###
CVE-2006-2784 VULNERABLE (mozilla) ###
CVE-2006-2783 version (firefox, fixed 1.5.0.4) [since FEDORA-2006-715] ###
CVE-2006-2783 version (thunderbird, fixed 1.5.0.4) [since FEDORA-2006-717] ###
CVE-2006-2783 VULNERABLE (mozilla) ###
CVE-2006-2782 version (firefox, fixed 1.5.0.4) [since FEDORA-2006-715] ###
CVE-2006-2781 version (thunderbird, fixed 1.5.0.4) [since FEDORA-2006-717] ###
CVE-2006-2780 VULNERABLE (firefox) ###
CVE-2006-2780 version (thunderbird, fixed 1.5.0.4) [since FEDORA-2006-717] ###
CVE-2006-2780 VULNERABLE (mozilla) ###
CVE-2006-2779 version (firefox, fixed 1.5.0.4) [since FEDORA-2006-715] ###
CVE-2006-2779 version (thunderbird, fixed 1.5.0.4) [since FEDORA-2006-717] ###
CVE-2006-2779 VULNERABLE (mozilla) ###
CVE-2006-2778 version (firefox, fixed 1.5.0.4) [since FEDORA-2006-715] ###
CVE-2006-2778 version (thunderbird, fixed 1.5.0.4) [since FEDORA-2006-717] ###
CVE-2006-2778 VULNERABLE (mozilla) ###
CVE-2006-2777 version (firefox, fixed 1.5.0.4) [since FEDORA-2006-715] ###
CVE-2006-2777 VULNERABLE (mozilla) ###
CVE-2006-2776 version (firefox, fixed 1.5.0.4) [since FEDORA-2006-715] ###
CVE-2006-2776 version (thunderbird, fixed 1.5.0.4) [since FEDORA-2006-717] ###
CVE-2006-2776 VULNERABLE (mozilla) ###
CVE-2006-2775 version (firefox, fixed 1.5.0.4) [since FEDORA-2006-715] ###
CVE-2006-2775 version (thunderbird, fixed 1.5.0.4) [since FEDORA-2006-717] ###
CVE-2006-2775 VULNERABLE (mozilla) ###
CVE-2006-2754 ignore (openldap) This issue is not exploitable
CVE-2006-2753 version (mysql, fixed 5.0.22)
CVE-2006-2723 ignore (firefox) disputed
CVE-2006-2661 VULNERABLE (freetype, fixed 2.2.1) #183677 ###
CVE-2006-2660 ignore (php) see bz#195539
CVE-2006-2656 backport (libtiff) [since FEDORA-2006-592] ###
CVE-2006-2629 ignore (kernel) couldn't be reproduced on FC
CVE-2006-2613 ignore (firefox) This isn't an issue on FC
CVE-2006-2607 backport (vixie-cron) #177476 ###
CVE-2006-2563 ignore (php) safe mode isn't safe
CVE-2006-2452 version (gdm) [since FEDORA-2006-674] ###
CVE-2006-2451 version (kernel, fixed 2.6.17.4) [since FEDORA-2006-806] ###
CVE-2006-2449 backport (kdebase, fixed 3.5.4) #194659 [since FEDORA-2006-726] ###
CVE-2006-2448 version (kernel, fixed 2.6.16.21, fixed 2.6.17) [since FEDORA-2006-735] ###
CVE-2006-2447 version (spamassassin, fixed 3.1.3)
CVE-2006-2445 version (kernel, fixed 2.6.16.21, fixed 2.6.17) [since FEDORA-2006-735] ###
CVE-2006-2444 version (kernel, fixed 2.6.16.18) [since FEDORA-2006-698] ###
CVE-2006-2440 backport (ImageMagick) #192279 [since FEDORA-2006-588] ###
CVE-2006-2414 version (dovecot, fixed 1.0.beta8) [since FEDORA-2006-647] is not a security issue ###
CVE-2006-2369 backport (vnc, fixed 4.1.2) #191692 [since FEDORA-2006-558] ###
CVE-2006-2366 VULNERABLE (openobex) #192087 ###
CVE-2006-2362 ignore (binutils) minor crash (not exploitable)
CVE-2006-2332 ignore (firefox) disputed
CVE-2006-2314 version (postgresql, fixed 8.1.4)
CVE-2006-2313 version (postgresql, fixed 8.1.4)
CVE-2006-2276 version (quagga, fixed 0.98.6) #191377 [since FEDORA-2006-845] ###
CVE-2006-2275 version (kernel, fixed 2.6.16.15) [since FEDORA-2006-572] ###
CVE-2006-2274 version (kernel, fixed 2.6.16.15) [since FEDORA-2006-572] ###
CVE-2006-2272 version (kernel, fixed 2.6.16.15) [since FEDORA-2006-572] ###
CVE-2006-2271 version (kernel, fixed 2.6.16.15) [since FEDORA-2006-572] ###
CVE-2006-2224 version (quagga, fixed 0.98.6) #191085 [since FEDORA-2006-845] ###
CVE-2006-2223 version (quagga, fixed 0.98.6) #191081 [since FEDORA-2006-845] ###
CVE-2006-2199 backport (openoffice.org, fixed 2.0.3) [since FEDORA-2006-770] ###
CVE-2006-2198 backport (openoffice.org, fixed 2.0.3) [since FEDORA-2006-770] ###
CVE-2006-2194 ignore (ppp) pppd not suid
CVE-2006-2193 VULNERABLE (libtiff) #194363 ###
CVE-2006-2120 backport (libtiff) #189976 [since FEDORA-2006-473] ###
CVE-2006-2073 VULNERABLE (bind) ###
CVE-2006-2083 version (rsync, fixed 2.6.8)
CVE-2006-2071 version (kernel, fixed 2.6.16.6) [since FEDORA-2006-421] ###
CVE-2006-2057 ignore (firefox) not Linux
CVE-2006-2026 backport (libtiff, fixed 3.8.1) #189934 [since FEDORA-2006-473] ###
CVE-2006-2025 backport (libtiff, fixed 3.8.1) #189934 [since FEDORA-2006-473] ###
CVE-2006-2024 backport (libtiff, fixed 3.8.1) #189934 [since FEDORA-2006-473] ###
CVE-2006-1993 version (firefox, fixed 1.5.0.3) #190124 [since FEDORA-2006-547] ###
CVE-2006-1991 version (php)
CVE-2006-1990 version (php)
CVE-2006-1942 version (firefox, fixed 1.5.0.4) [since FEDORA-2006-715] ###
CVE-2006-1940 version (wireshark, fixed 0.99.0)
CVE-2006-1939 version (wireshark, fixed 0.99.0)
CVE-2006-1938 version (wireshark, fixed 0.99.0)
CVE-2006-1937 version (wireshark, fixed 0.99.0)
CVE-2006-1936 version (wireshark, fixed 0.99.0)
CVE-2006-1935 version (wireshark, fixed 0.99.0)
CVE-2006-1934 version (wireshark, fixed 0.99.0)
CVE-2006-1933 version (wireshark, fixed 0.99.0)
CVE-2006-1932 version (wireshark, fixed 0.99.0)
CVE-2006-1931 version (ruby, fixed 1.8.3)
CVE-2006-1902 ignore (gcc) not a vulnerability
CVE-2006-1865 version (beagle, fixed 0.2.5)
CVE-2006-1864 ignore (kernel, fixed 2.6.16.14) not compiled in ###
CVE-2006-1863 version (kernel, fixed 2.6.16.11) [since FEDORA-2006-499] ###
CVE-2006-1862 version (kernel) not upstream kernels, only RHEL ###
CVE-2006-1861 version (freetype, fixed 2.2.1)
CVE-2006-1860 version (kernel, fixed 2.6.16.16) [since FEDORA-2006-572] ###
CVE-2006-1859 version (kernel, fixed 2.6.16.16) [since FEDORA-2006-572] ###
CVE-2006-1858 version (kernel, fixed 2.6.16.17) [since FEDORA-2006-572] ###
CVE-2006-1857 version (kernel, fixed 2.6.16.17) [since FEDORA-2006-572] ###
CVE-2006-1856 version (kernel, fixed 2.6.16.12) [since FEDORA-2006-499] ###
CVE-2006-1855 version (kernel, fixed 2.6.11.12) ###
CVE-2006-1790 version (firefox, fixed 1.5.0.2) [since FEDORA-2006-411] ###
CVE-2006-1790 version (thunderbird, fixed 1.5.0.2) [since FEDORA-2006-490] ###
CVE-2006-1790 version (mozilla, fixed 1.7.13) [since FEDORA-2006-487] ###
CVE-2006-1742 version (thunderbird, fixed 1.5.0.2) [since FEDORA-2006-490] ###
CVE-2006-1742 version (mozilla, fixed 1.7.13) [since FEDORA-2006-487] ###
CVE-2006-1742 version (firefox, fixed 1.5.0.2) [since FEDORA-2006-411] ###
CVE-2006-1741 version (thunderbird, fixed 1.5.0.2) [since FEDORA-2006-490] ###
CVE-2006-1741 version (mozilla, fixed 1.7.13) [since FEDORA-2006-487] ###
CVE-2006-1741 version (firefox, fixed 1.5.0.2) [since FEDORA-2006-411] ###
CVE-2006-1740 version (mozilla, fixed 1.7.13) [since FEDORA-2006-487] ###
CVE-2006-1740 version (firefox, fixed 1.5.0.2) [since FEDORA-2006-411] ###
CVE-2006-1739 version (thunderbird, fixed 1.5.0.2) [since FEDORA-2006-490] ###
CVE-2006-1739 version (mozilla, fixed 1.7.13) [since FEDORA-2006-487] ###
CVE-2006-1739 version (firefox, fixed 1.5.0.2) [since FEDORA-2006-411] ###
CVE-2006-1738 version (thunderbird, fixed 1.5.0.2) [since FEDORA-2006-490] ###
CVE-2006-1738 version (mozilla, fixed 1.7.13) [since FEDORA-2006-487] ###
CVE-2006-1738 version (firefox, fixed 1.5.0.2) [since FEDORA-2006-411] ###
CVE-2006-1737 version (thunderbird, fixed 1.5.0.2) [since FEDORA-2006-490] ###
CVE-2006-1737 version (mozilla, fixed 1.7.13) [since FEDORA-2006-487] ###
CVE-2006-1737 version (firefox, fixed 1.5.0.2) [since FEDORA-2006-411] ###
CVE-2006-1736 version (mozilla, fixed 1.7.13) [since FEDORA-2006-487] ###
CVE-2006-1736 versions (firefox, fixed 1.5.0.2) [since FEDORA-2006-411] ###
CVE-2006-1735 version (mozilla, fixed 1.7.13) [since FEDORA-2006-487] ###
CVE-2006-1735 version (thunderbird, fixed 1.5.0.2) [since FEDORA-2006-490] ###
CVE-2006-1735 version (firefox, fixed 1.5.0.2) [since FEDORA-2006-411] ###
CVE-2006-1734 version (mozilla, fixed 1.7.13) [since FEDORA-2006-487] ###
CVE-2006-1734 version (thunderbird, fixed 1.5.0.2) [since FEDORA-2006-490] ###
CVE-2006-1734 version (firefox, fixed 1.5.0.2) [since FEDORA-2006-411] ###
CVE-2006-1733 version (mozilla, fixed 1.7.13) [since FEDORA-2006-487] ###
CVE-2006-1733 version (thunderbird, fixed 1.5.0.2) [since FEDORA-2006-490] ###
CVE-2006-1733 version (firefox, fixed 1.5.0.2) [since FEDORA-2006-411] ###
CVE-2006-1732 version (mozilla, fixed 1.7.13) [since FEDORA-2006-487] ###
CVE-2006-1732 version (thunderbird, fixed 1.5.0.2) [since FEDORA-2006-490] ###
CVE-2006-1732 version (firefox, fixed 1.5.0.2) [since FEDORA-2006-411] ###
CVE-2006-1731 version (mozilla, fixed 1.7.13) [since FEDORA-2006-487] ###
CVE-2006-1731 version (thunderbird, fixed 1.5.0.2) [since FEDORA-2006-490] ###
CVE-2006-1731 version (firefox, fixed 1.5.0.2) [since FEDORA-2006-411] ###
CVE-2006-1730 version (mozilla, fixed 1.7.13) [since FEDORA-2006-487] ###
CVE-2006-1730 version (thunderbird, fixed 1.5.0.2) [since FEDORA-2006-490] ###
CVE-2006-1730 version (firefox, fixed 1.5.0.2) [since FEDORA-2006-411] ###
CVE-2006-1729 version (mozilla, fixed 1.7.13) [since FEDORA-2006-487] ###
CVE-2006-1729 version (firefox, fixed 1.5.0.2) [since FEDORA-2006-411] ###
CVE-2006-1728 version (thunderbird, fixed 1.5.0.2) [since FEDORA-2006-490] ###
CVE-2006-1728 version (mozilla, fixed 1.7.13) [since FEDORA-2006-487] ###
CVE-2006-1728 version (firefox, fixed 1.5.0.2) [since FEDORA-2006-411] ###
CVE-2006-1727 version (thunderbird, fixed 1.5.0.2) [since FEDORA-2006-490] ###
CVE-2006-1727 version (mozilla, fixed 1.7.13) [since FEDORA-2006-487] ###
CVE-2006-1727 version (firefox, fixed 1.5.0.2) [since FEDORA-2006-411] ###
CVE-2006-1726 version (firefox, fixed 1.5.0.2) [since FEDORA-2006-411] ###
CVE-2006-1726 version (thunderbird, fixed 1.5.0.2) [since FEDORA-2006-490] ###
CVE-2006-1725 version (firefox, fixed 1.5.0.2) [since FEDORA-2006-411] ###
CVE-2006-1724 version (thunderbird, fixed 1.5.0.2) [since FEDORA-2006-490] ###
CVE-2006-1724 version (mozilla, fixed 1.7.13) [since FEDORA-2006-487] ###
CVE-2006-1724 version (firefox, fixed 1.5.0.2) [since FEDORA-2006-411] ###
CVE-2006-1723 version (thunderbird, fixed 1.5.0.2) [since FEDORA-2006-490] ###
CVE-2006-1723 version (firefox, fixed 1.5.0.2) [since FEDORA-2006-411] ###
CVE-2006-1721 version (cyrus-sasl, fixed 2.1.21)
CVE-2006-1712 version (mailman, only 2.1.7)
CVE-2006-1650 ignore (firefox) a number of reports don't confirm this
CVE-2006-1646 ignore (ipsec-tools) KAME racoon, not ipsec-tools racoon
CVE-2006-1624 ignore (sysklogd) Silly configuration is not a security issue
CVE-2006-1608 ignore (php) safe mode isn't safe
CVE-2006-1549 ignore (php) this is not a security issue
CVE-2006-1548 VULNERABLE (struts, fixed 1.2.9) ###
CVE-2006-1547 VULNERABLE (struts, fixed 1.2.9) ###
CVE-2006-1546 VULNERABLE (struts, fixed 1.2.9) ###
CVE-2006-1542 backport (python) [since FEDORA-2006-689] ###
CVE-2006-1531 version (thunderbird, fixed 1.5.0.2) [since FEDORA-2006-490] ###
CVE-2006-1531 version (firefox, fixed 1.5.0.2) [since FEDORA-2006-411] ###
CVE-2006-1530 version (thunderbird, fixed 1.5.0.2) [since FEDORA-2006-490] ###
CVE-2006-1530 version (firefox, fixed 1.5.0.2) [since FEDORA-2006-411] ###
CVE-2006-1529 version (thunderbird, fixed 1.5.0.2) [since FEDORA-2006-490] ###
CVE-2006-1529 version (firefox, fixed 1.5.0.2) [since FEDORA-2006-411] ###
CVE-2006-1528 version (kernel, fixed 2.6.13) ###
CVE-2006-1527 version (kernel, fixed 2.6.16.13, fixed 2.6.17-rc4) [since FEDORA-2006-499] ###
CVE-2006-1526 backport (xorg-x11) [since FEDORA-2006-483] ###
CVE-2006-1525 version (kernel, fixed 2.6.16.8) [since FEDORA-2006-421] ###
CVE-2006-1524 version (kernel, fixed 2.6.16.7) [since FEDORA-2006-421] ###
CVE-2006-1523 version (kernel, fixed 2.6.16.4) [since FEDORA-2006-421] ###
CVE-2006-1522 version (kernel, fixed 2.6.16.3) [since FEDORA-2006-421] ###
CVE-2006-1518 version (mysql, fixed 5.0.21)
CVE-2006-1517 version (mysql, fixed 5.0.21)
CVE-2006-1516 version (mysql, fixed 5.0.21)
CVE-2006-1494 version (php)
CVE-2006-1490 version (php, fixed 5.1.4)
CVE-2006-1470 VULNERABLE (openldap) #197278 ###
CVE-2006-1368 version (kernel, fixed 2.6.16) [since FEDORA-2006-233] ###
CVE-2006-1354 VULNERABLE (freeradius) ###
CVE-2006-1343 version (kernel, fixed 2.6.16.19) [since FEDORA-2006-698] ###
CVE-2006-1342 version (kernel, not 2.6) not vulnerable ###
CVE-2006-1335 version (gnome-screensaver, fixed 2.14)
CVE-2006-1296 version (beagle, fixed 0.2.4) [since FEDORA-2006-305] was backport since FEDORA-2006-188 ###
CVE-2006-1273 ignore (firefox) this issue only affects IE
CVE-2006-1244 ignore (xpdf) duplicate of other cve named issues
CVE-2006-1242 version (kernel, fixed 2.6.16.1) [since FEDORA-2006-233] ###
CVE-2006-1174 version (shadow-utils, fixed 4.0.3)
CVE-2006-1173 version (sendmail, fixed 8.13.7)
CVE-2006-1168 VULNERABLE (ncompress) #201919 ###
CVE-2006-1095 version (mod_python, 3.2.7 only)
CVE-2006-1079 ignore (httpd) not a vulnerability
CVE-2006-1078 ignore (httpd) not a vulnerability
CVE-2006-1066 version (kernel, fixed 2.6.16) [since FEDORA-2006-233] ###
CVE-2006-1061 version (curl, fixed 7.15.3)
CVE-2006-1059 version (samba, fixed 3.0.22 at least)
CVE-2006-1058 backport (busybox) [since FEDORA-2006-510] ###
CVE-2006-1057 version (gdm, fixed 2.14.1) [since FEDORA-2006-338] ###
CVE-2006-1056 version (kernel, fixed 2.6.16.9) [since FEDORA-2006-421] ###
CVE-2006-1055 version (kernel, fixed 2.6.17-rc1) [since FEDORA-2006-421] ###
CVE-2006-1052 version (kernel, fixed 2.6.16) [since FEDORA-2006-421] was patch-2.6.16-rc6 since FEDORA-2006-233 ###
CVE-2006-1045 version (thunderbird, fixed 1.5.0.2) [since FEDORA-2006-490] ###
CVE-2006-1015 ignore (php) safe mode isn't safe
CVE-2006-1014 ignore (php) safe mode isn't safe
CVE-2006-0996 version (php, fixed 5.1.4)
CVE-2006-0903 version (mysql, 4.1.19)
CVE-2006-0884 version (thunderbird, fixed 1.5.0.2) [since FEDORA-2006-490] ###
CVE-2006-0836 VULNERABLE (thunderbird) ###
CVE-2006-0749 version (thunderbird, fixed 1.5.0.2) [since FEDORA-2006-490] ###
CVE-2006-0749 version (mozilla, fixed 1.7.13) [since FEDORA-2006-487] ###
CVE-2006-0749 version (firefox, fixed 1.5.0.2) [since FEDORA-2006-411] ###
CVE-2006-0748 version (thunderbird, fixed 1.5.0.2) [since FEDORA-2006-490] ###
CVE-2006-0748 version (mozilla, fixed 1.7.13) [since FEDORA-2006-487] ###
CVE-2006-0748 version (firefox, fixed 1.5.0.2) [since FEDORA-2006-411] ###
CVE-2006-0747 version (freetype, fixed 2.2.1)
CVE-2006-0746 version (kdegraphics, fixed 3.4)
CVE-2006-0745 backport (xorg-x11) [since FEDORA-2006-172] ###
CVE-2006-0744 version (kernel, fixed 2.6.16.5) [since FEDORA-2006-421] ###
CVE-2006-0742 version (kernel, fixed 2.6.16) patch-2.6.16-rc6 [since FEDORA-2006-233] ###
CVE-2006-0741 version (kernel, fixed 2.6.15.5) patch-2.6.16-rc6 [since FEDORA-2006-233] ###
CVE-2006-0730 version (dovecot, 1.0beta[12] only) ###
CVE-2006-0678 ignore (postgresql) we don't build --enable-cassert ###
CVE-2006-0670 VULNERABLE (bluez-hcidump) ###
CVE-2006-0645 version (gnutls, fixed 1.2.10)
CVE-2006-0591 version (postgresql, fixed 8.0.6)
CVE-2006-0576 backport (oprofile) oprofile_opcontrol.patch ###
CVE-2006-0558 version (kernel, fixed 2.6.16) [since FEDORA-2006-233] ###
CVE-2006-0557 version (kernel, fixed 2.6.15.6) patch-2.6.16-rc6 [since FEDORA-2006-233] ###
CVE-2006-0555 version (kernel, fixed 2.6.16) patch-2.6.16-rc6-git3 [since FEDORA-2006-233] ###
CVE-2006-0554 version (kernel, fixed 2.6.16) patch-2.6.16-rc6 [since FEDORA-2006-233] ###
CVE-2006-0553 version (postgresql, only 8.1, fixed 8.1.3)
CVE-2006-0528 backport (cairo) cairo-1.0.2-chunk-glyphs-CVE-2006-0528.patch ###
CVE-2006-0496 VULNERABLE (mozilla) not fixed upstream ###
CVE-2006-0496 VULNERABLE (firefox) not fixed upstream ###
CVE-2006-0482 ignore (kernel) sparc only
CVE-2006-0481 version (libpng, 1.2.7 only)
CVE-2006-0459 version (flex) by inspection ###
CVE-2006-0457 version (kernel, fixed 2.6.16) patch-2.6.16-rc6 [since FEDORA-2006-233] ###
CVE-2006-0456 ignore (kernel, s390 only)
CVE-2006-0455 version (gnupg, fixed 1.4.2.1) ###
CVE-2006-0454 version (kernel, fixed 2.6.15.3) patch-2.6.16-rc6 [since FEDORA-2006-233] ###
CVE-2006-0405 version (libtiff, 3.8.0 only) ###
CVE-2006-0377 version (squirrelmail, fixed 1.4.6)
CVE-2006-0369 ignore (mysql) this is not a security issue
CVE-2006-0321 version (fetchmail, fixed 6.3.2)
CVE-2006-0301 version (poppler, fixed 0.4.5)
CVE-2006-0301 backport (xpdf) xpdf-3.01pl2.patch ###
CVE-2006-0301 version (kdegraphics, fixed 3.5.2)
CVE-2006-0300 VULNERABLE (tar) [fixed rawhide in tar-1.15.1-13] ###
CVE-2006-0299 version (thunderbird, fixed 1.5) ###
CVE-2006-0299 version (mozilla, 1.8 branch only) ###
CVE-2006-0299 version (firefox, fixed 1.5.0.1) ###
CVE-2006-0298 version (thunderbird, fixed 1.5) ###
CVE-2006-0298 version (mozilla, 1.8 branch only) ###
CVE-2006-0298 version (firefox, fixed 1.5.0.1) ###
CVE-2006-0297 version (thunderbird, fixed 1.5) ###
CVE-2006-0297 version (mozilla, 1.8 branch only) ###
CVE-2006-0297 version (firefox, fixed 1.5.0.1) ###
CVE-2006-0296 version (thunderbird, fixed 1.5) [since FEDORA-2006-490] ###
CVE-2006-0296 version (firefox, fixed 1.5.0.1) ###
CVE-2006-0296 backport (mozilla) mozilla-1.7.12-CVE-2006-0296-XULDocument.persist.patch ###
CVE-2006-0295 version (thunderbird, fixed 1.5) ###
CVE-2006-0295 version (mozilla, 1.8 branch only) ###
CVE-2006-0295 version (firefox, fixed 1.5.0.1) ###
CVE-2006-0294 version (thunderbird, fixed 1.5) ###
CVE-2006-0294 version (mozilla, 1.8 branch only) ###
CVE-2006-0294 version (firefox, fixed 1.5.0.1) ###
CVE-2006-0293 version (thunderbird, fixed 1.5) ###
CVE-2006-0293 version (mozilla, 1.8 branch only) ###
CVE-2006-0293 version (firefox, fixed 1.5.0.1) ###
CVE-2006-0292 version (thunderbird, fixed 1.5) [since FEDORA-2006-490] ###
CVE-2006-0292 version (firefox, fixed 1.5.1) ###
CVE-2006-0292 backport (mozilla) mozilla-1.7.12-CVE-2006-0292-javascript-unrooted.patch ###
CVE-2006-0254 version (tomcat5, fixed 5.5.16)
CVE-2006-0236 ignore (thunderbird) windows only
CVE-2006-0225 version (openssh, fixed 4.3p2)
CVE-2006-0208 version (php, fixed 5.1.2)
CVE-2006-0207 version (php, fixed 5.1.2)
CVE-2006-0200 version (php, fixed 5.1.2)
CVE-2006-0197 ignore (xorg-x11) not an issue
CVE-2006-0195 version (squirrelmail, fixed 1.4.6)
CVE-2006-0188 version (squirrelmail, fixed 1.4.6)
CVE-2006-0144 version (php-pear, not 1.4.4)
CVE-2006-0097 ignore (php) Windows only
CVE-2006-0096 ignore (kernel) minor and requires root
CVE-2006-0095 version (kernel, fixed 2.6.16) patch-2.6.16-rc6 [since FEDORA-2006-233] ###
CVE-2006-0082 version (ImageMagick, not 6.2.5.4)
CVE-2006-0058 version (sendmail, fixed 8.13.6)
CVE-2006-0052 version (mailman, fixed 2.1.6)
CVE-2006-0049 version (gnupg, fixed 1.4.2.2) ###
CVE-2006-0039 version (kernel, fixed 2.6.16.17) [since FEDORA-2006-572] ###
CVE-2006-0037 version (kernel, only 2.6.14 and 2.6.15) patch-2.6.16-rc6 [since FEDORA-2006-233] ###
CVE-2006-0036 version (kernel, only 2.6.14 and 2.6.15) patch-2.6.16-rc6 [since FEDORA-2006-233] ###
CVE-2006-0035 version (kernel, only 2.6.14 and 2.6.15) patch-2.6.16-rc6 [since FEDORA-2006-233] ###
CVE-2006-0019 version (kdelibs, fixed 3.5.1)
CVE-2005-4798 version (kernel, not 2.6) ###
CVE-2005-4784 ignore (glibc) struct dirent is big enough
CVE-2005-4746 version (freeradius) we don't build vulnerable bits ###
CVE-2005-4745 version (freeradius) we don't build vulnerable bits ###
CVE-2005-4744 version (freeradius, fixed 1.0.5)
CVE-2005-4720 version (thunderbird, fixed 1.5) ###
CVE-2005-4720 version (firefox, fixed 1.5) ###
CVE-2005-4720 VULNERABLE (mozilla) not fixed upstream plus only DoS ###
CVE-2005-4703 ignore (tomcat) windows only
CVE-2005-4685 VULNERABLE (mozilla) not fixed upstream ###
CVE-2005-4685 VULNERABLE (firefox) not fixed upstream ###
CVE-2005-4684 ignore (kdebase) not fixed upstream, low, can't fix
CVE-2005-4667 backport (unzip) ###
CVE-2005-4639 version (kernel, fixed 2.6.15) ###
CVE-2005-4636 version (openoffice.org, fixed 2.0.1) ###
CVE-2005-4635 version (kernel, fixed 2.6.15) ###
CVE-2005-4618 version (kernel, fixed 2.6.15) ###
CVE-2005-4605 version (kernel, fixed 2.6.15) ###
CVE-2005-4585 version (wireshark, fixed 0.10.14)
CVE-2005-4442 version (openldap) gentoo only
CVE-2005-4348 version (fetchmail, fixed 6.3.1)
CVE-2005-4268 backport (cpio) also blocked by FORTIFY_SOURCE ###
CVE-2005-4158 ignore (sudo) only env_reset will properly clean the environment
CVE-2005-4154 ignore (php) don't install untrusted pear packages
CVE-2005-4153 version (mailman)
CVE-2005-4134 ignore (firefox) http://www.mozilla.org/security/history-title.html
CVE-2005-4134 backport (mozilla) mozilla-1.7.12-CVE-2005-4134-long-history-dos.patch ###
CVE-2005-4077 version (curl, fixed 7.15.1)
CVE-2005-3964 backport (openmotif) ###
CVE-2005-3962 version (perl, fixed 5.8.8)
CVE-2005-3896 ignore (mozilla) recoverable DoS only
CVE-2005-3883 version (php, fixed 5.1.1 at least)
CVE-2005-3858 version (kernel, fixed 2.6.13) ###
CVE-2005-3857 version (kernel, fixed 2.6.15) ###
CVE-2005-3848 version (kernel, fixed 2.6.13) ###
CVE-2005-3847 version (kernel, fixed 2.6.12.6) ###
CVE-2005-3810 version (kernel, fixed 2.6.15) ###
CVE-2005-3809 version (kernel, fixed 2.6.15) ###
CVE-2005-3808 version (kernel, fixed 2.6.15) ###
CVE-2005-3807 version (kernel, fixed 2.6.15) ###
CVE-2005-3806 version (kernel, fixed 2.6.14) ###
CVE-2005-3805 version (kernel, fixed 2.6.14) ###
CVE-2005-3784 version (kernel, fixed 2.6.15) ###
CVE-2005-3783 version (kernel, fixed 2.6.15) ###
CVE-2005-3753 version (kernel, fixed 2.6.14) also not a vuln ###
CVE-2005-3745 ignore (struts, fixed 1.2.8) but not through tomcat
CVE-2005-3732 version (ipsec-tools, fixed 0.6.3) ###
CVE-2005-3675 VULNERABLE (kernel) optack, no upstream fix ###
CVE-2005-3671 version (openswan, fixed 2.4.4) ###
CVE-2005-3662 version (netpbm)
CVE-2005-3656 version (mod_auth_pgsql, fixed 2.0.3)
CVE-2005-3651 version (wireshark, fixed 0.10.14)
CVE-2005-3632 version (netpbm)
CVE-2005-3631 version (udev)
CVE-2005-3629 version (initscripts, fixed 8.29 at least)
CVE-2005-3628 version (poppler, fixed 0.4.4)
CVE-2005-3628 version (kdegraphics, fixed 3.5.1)
CVE-2005-3628 backport (xpdf) xpdf-3.01pl2.patch ###
CVE-2005-3628 backport (tetex) tetex-3.0-CVE-2005-3193.patch ###
CVE-2005-3628 version (cups, fixed 1.2.0)
CVE-2005-3627 version (poppler, fixed 0.4.4)
CVE-2005-3627 version (kdegraphics, fixed 3.5.1)
CVE-2005-3627 backport (xpdf) xpdf-3.01pl2.patch ###
CVE-2005-3627 backport (tetex) ###
CVE-2005-3627 version (cups, fixed 1.2.0)
CVE-2005-3626 version (poppler, fixed 0.4.4)
CVE-2005-3626 version (kdegraphics, fixed 3.5.1)
CVE-2005-3626 backport (xpdf) xpdf-3.01pl2.patch ###
CVE-2005-3626 backport (tetex) ###
CVE-2005-3626 version (cups, fixed 1.2.0)
CVE-2005-3625 version (poppler, fixed 0.4.4)
CVE-2005-3625 version (kdegraphics, fixed 3.5.1)
CVE-2005-3625 backport (xpdf) xpdf-3.01pl2.patch ###
CVE-2005-3625 backport (tetex) ###
CVE-2005-3625 version (cups, fixed 1.2.0)
CVE-2005-3624 version (poppler, fixed 0.4.4)
CVE-2005-3624 version (kdegraphics, fixed 3.5.1)
CVE-2005-3624 backport (xpdf) xpdf-3.01pl2.patch ###
CVE-2005-3624 backport (tetex) ###
CVE-2005-3624 version (cups, fixed 1.2.0)
CVE-2005-3623 version (kernel, fixed 2.6.14.5) ###
CVE-2005-3582 version (ImageMagick) gentoo only
CVE-2005-3573 version (mailman, fixed 2.1.7)
CVE-2005-3527 version (kernel, fixed 2.6.14 at least) ###
CVE-2005-3402 ignore (thunderbird) mozilla say by design
CVE-2005-3392 version (php, not 5.0)
CVE-2005-3391 version (php, not 5.0)
CVE-2005-3390 version (php, fixed 5.1.0)
CVE-2005-3389 version (php, fixed 5.1.1)
CVE-2005-3388 version (php, fixed 5.1.1)
CVE-2005-3359 version (kernel, fixed 2.6.14) ###
CVE-2005-3358 version (kernel, fixed 2.6.11) ###
CVE-2005-3357 version (httpd, fixed 2.2.1)
CVE-2005-3356 version (kernel, fixed 2.6.16) patch-2.6.16-rc6 [since FEDORA-2006-233] ###
CVE-2005-3353 version (php, not 5.0)
CVE-2005-3352 version (httpd, fixed 2.2.1)
CVE-2005-3351 version (spamassassin, fixed 3.1.0)
CVE-2005-3322 version (squid) not upstream, SUSE only
CVE-2005-3319 ignore (mod_php) no security consequence
CVE-2005-3313 version (wireshark, fixed after 0.10.13)
CVE-2005-3276 version (kernel, fixed 2.6.12.4) ###
CVE-2005-3275 version (kernel, fixed 2.6.13) ###
CVE-2005-3274 version (kernel, fixed 2.6.13) ###
CVE-2005-3273 version (kernel, fixed 2.6.12) ###
CVE-2005-3272 version (kernel, fixed 2.6.13) ###
CVE-2005-3271 version (kernel, fixed 2.6.9) ###
CVE-2005-3258 version (squid, fixed 2.5STABLE12)
CVE-2005-3257 version (kernel, fixed 2.6.15) ###
CVE-2005-3249 version (wireshark, fixed 0.10.13)
CVE-2005-3248 version (wireshark, fixed 0.10.13)
CVE-2005-3247 version (wireshark, fixed 0.10.13)
CVE-2005-3246 version (wireshark, fixed 0.10.13)
CVE-2005-3245 version (wireshark, fixed 0.10.13)
CVE-2005-3244 version (wireshark, fixed 0.10.13)
CVE-2005-3243 version (wireshark, fixed 0.10.13)
CVE-2005-3242 version (wireshark, fixed 0.10.13)
CVE-2005-3241 version (wireshark, fixed 0.10.13)
CVE-2005-3193 version (poppler, fixed 0.4.4)
CVE-2005-3193 version (kdegraphics, fixed 3.5.1)
CVE-2005-3193 backport (xpdf) xpdf-3.01pl2.patch ###
CVE-2005-3193 backport (tetex) tetex-3.0-CVE-2005-3193.patch ###
CVE-2005-3193 version (cups, fixed 1.2.0)
CVE-2005-3192 version (poppler, fixed 0.4.4)
CVE-2005-3192 version (kdegraphics, fixed 3.5.1)
CVE-2005-3192 backport (xpdf) xpdf-3.01pl2.patch ###
CVE-2005-3192 backport (tetex) tetex-3.0-CVE-2005-3193.patch ###
CVE-2005-3192 version (cups, fixed 1.2.0)
CVE-2005-3191 version (poppler, fixed 0.4.4)
CVE-2005-3191 version (kdegraphics, fixed 3.5.1)
CVE-2005-3191 backport (xpdf) xpdf-3.01pl2.patch ###
CVE-2005-3191 backport (tetex) tetex-3.0-CVE-2005-3193.patch ###
CVE-2005-3191 version (cups, fixed 1.2.0)
CVE-2005-3186 version (gtk2, fixed 2.8.7 at least) ###
CVE-2005-3185 version (wget, fixed 1.10.2 at least)
CVE-2005-3185 version (curl, fixed 7.15)
CVE-2005-3184 version (wireshark, fixed 0.10.13)
CVE-2005-3181 version (kernel, fixed 2.6.13.4 at least) ###
CVE-2005-3180 version (kernel, fixed 2.6.13.4 at least) ###
CVE-2005-3179 version (kernel, fixed 2.6.13.4 at least) ###
CVE-2005-3164 version (tomcat, not 5)
CVE-2005-3120 backport (lynx) ###
CVE-2005-3119 version (kernel, fixed 2.6.13.4 at least) ###
CVE-2005-3110 version (kernel, fixed 2.6.12) ###
CVE-2005-3109 version (kernel, fixed 2.6.12) ###
CVE-2005-3108 version (kernel, fixed 2.6.12) ###
CVE-2005-3107 version (kernel, fixed 2.6.11) ###
CVE-2005-3106 version (kernel, fixed 2.6.11) ###
CVE-2005-3105 version (kernel, fixed 2.6.12) ###
CVE-2005-3089 version (firefox, fixed 1.0.7) ###
CVE-2005-3088 ignore (fetchmail) fetchmailconf not shipped
CVE-2005-3055 version (kernel, fixed 2.6.14 at least) ###
CVE-2005-3054 ignore (php)
CVE-2005-3053 version (kernel) ###
CVE-2005-3044 version (kernel, fixed 2.6.13.2) ###
CVE-2005-3011 backport (texinfo) texinfo-CAN-2005-3011.patch ###
CVE-2005-2991 ignore (ncompress) don't ship zdiff or zcmp scripts ####
CVE-2005-2978 version (netpbm, fixed 10.25)
CVE-2005-2977 version (pam, fixed 0.99.2.1 at least) ###
CVE-2005-2975 version (gtk2, fixed 2.8.7) ###
CVE-2005-2973 version (kernel, fixed 2.6.14 at least) ###
CVE-2005-2970 version (httpd, not 2.2)
CVE-2005-2969 version (openssl, fixed 0.9.8a)
CVE-2005-2969 backport (openssl097a, fixed 0.9.7h)
CVE-2005-2968 version (thunderbird) ###
CVE-2005-2968 version (mozilla, not 1.7.10) ###
CVE-2005-2968 version (firefox) ###
CVE-2005-2959 ignore (sudo) not a vulnerability
CVE-2005-2946 version (openssl, fixed 0.9.8)
CVE-2005-2933 version (libc-client, fixed 2004g at least) ###
CVE-2005-2929 backport (lynx) ###
CVE-2005-2917 version (squid, fixed 2.5.STABLE11)
CVE-2005-2876 version (util-linux, fixed 2.13-pre3)
CVE-2005-2874 version (cups, fixed 1.1.23)
CVE-2005-2873 VULNERABLE (kernel) not fixed upstream ###
CVE-2005-2872 version (kernel, fixed 2.6.12) ###
CVE-2005-2871 version (thunderbird) ###
CVE-2005-2871 version (mozilla, fixed 1.7.12) ###
CVE-2005-2871 version (firefox, fixed 1.0.7) ###
CVE-2005-2811 version (net-snmp) not upstream, gentoo only ###
CVE-2005-2801 version (kernel, fixed 2.6.11) ###
CVE-2005-2800 version (kernel, fixed 2.6.12.6) ###
CVE-2005-2798 version (openssh, fixed 4.2)
CVE-2005-2797 version (openssh, fixed 4.2)
CVE-2005-2796 version (squid, fixed 2.5.STABLE11)
CVE-2005-2794 version (squid, fixed 2.5.STABLE11)
CVE-2005-2728 version (httpd, not 2.2)
CVE-2005-2709 version (kernel, fixed 2.6.14.3) ###
CVE-2005-2708 ignore (kernel) not reproducable on x86_64 ###
CVE-2005-2707 version (thunderbird) ###
CVE-2005-2707 version (mozilla, fixed 1.7.12) ###
CVE-2005-2707 version (firefox, fixed 1.0.7) ###
CVE-2005-2706 version (thunderbird) ###
CVE-2005-2706 version (mozilla, fixed 1.7.12) ###
CVE-2005-2706 version (firefox, fixed 1.0.7) ###
CVE-2005-2705 version (thunderbird) ###
CVE-2005-2705 version (mozilla, fixed 1.7.12) ###
CVE-2005-2705 version (firefox, fixed 1.0.7) ###
CVE-2005-2704 version (thunderbird) ###
CVE-2005-2704 version (mozilla, fixed 1.7.12) ###
CVE-2005-2704 version (firefox, fixed 1.0.7) ###
CVE-2005-2703 version (thunderbird) ###
CVE-2005-2703 version (mozilla, fixed 1.7.12) ###
CVE-2005-2703 version (firefox, fixed 1.0.7) ###
CVE-2005-2702 version (thunderbird) ###
CVE-2005-2702 version (mozilla, fixed 1.7.12) ###
CVE-2005-2702 version (firefox, fixed 1.0.7) ###
CVE-2005-2701 version (mozilla, fixed 1.7.12) ###
CVE-2005-2701 version (firefox, fixed 1.0.7) ###
CVE-2005-2700 version (httpd, not 2.2)
CVE-2005-2693 backport (cvs) cvs-1.11.19-tmp.patch ###
CVE-2005-2672 version (lm_sensors, fixed 2.9.2) ###
CVE-2005-2666 version (openssh, fixed 4.0p1)
CVE-2005-2642 version (mutt) openbsd only
CVE-2005-2641 version (nss_ldap, fixed pam_ldap:180) ###
CVE-2005-2617 version (kernel, fixed 2.6.12.5) ###
CVE-2005-2602 ignore (thunderbird) probably
CVE-2005-2602 ignore (firefox) https://bugzilla.mozilla.org/show_bug.cgi?id=237085
CVE-2005-2558 version (mysql, fixed 4.1.13)
CVE-2005-2558 ignore (mysql) not an issue
CVE-2005-2555 version (kernel, fixed 2.6.12.6pre) ###
CVE-2005-2553 version (kernel, not 2.6) ###
CVE-2005-2550 version (evolution, fixed after 2.3.6.1)
CVE-2005-2549 version (evolution, fixed after 2.3.6.1)
CVE-2005-2548 version (kernel, fixed 2.6.9) only affected 2.6.8 ###
CVE-2005-2547 version (bluez-pin, fixed 2.19) not before 2.16 ###
CVE-2005-2541 ignore (tar) is documented behaviour
CVE-2005-2500 version (kernel, fixed 2.6.13) ###
CVE-2005-2498 version (php, fixed xml_rpc:1.4.0)
CVE-2005-2496 backport (ntp, fixed 4.2.0b) ...0a-20040617-ntpd_guid.patch ###
CVE-2005-2495 version (xorg-x11-server, fixed 0.99.3 at least) ###
CVE-2005-2494 version (kdebase, fixed after 3.4.2) ###
CVE-2005-2492 version (kernel, fixed 2.6.13.1) ###
CVE-2005-2491 version (pcre, fixed 6.2) ###
CVE-2005-2491 ignore (python) fc4 python does not contain pcre ###
CVE-2005-2491 ignore (php) php uses system pcre
CVE-2005-2491 ignore (httpd) httpd uses system pcre
CVE-2005-2490 version (kernel, fixed 2.6.13.1) ###
CVE-2005-2475 backport (unzip) unzip-5.52-toctou.patch ###
CVE-2005-2471 version (netpbm, fixed 10.31)
CVE-2005-2459 ignore (kernel, fixed 2.6.12.5) dropped as code path not possible
CVE-2005-2458 version (kernel, fixed 2.6.12.5) ###
CVE-2005-2457 version (kernel, fixed 2.6.12.5) ###
CVE-2005-2456 version (kernel, fixed 2.6.12.5) ###
CVE-2005-2452 version (libtiff, fixed 3.7.0) ###
CVE-2005-2448 version (kdenetwork, fixed 3.4.2) ###
CVE-2005-2414 ignore (mozilla) not being fixed upstream, just a crash
CVE-2005-2410 version (NetworkManager, fixed 5.0) ###
CVE-2005-2395 ignore (firefox) https://bugzilla.mozilla.org/show_bug.cgi?id=281851
CVE-2005-2370 version (kdenetwork, fixed 3.4.2) ###
CVE-2005-2370 version (gaim, fixed 1.5.0)
CVE-2005-2369 version (kdenetwork, fixed 3.4.2) ###
CVE-2005-2368 version (vim, fixed 6.3.086 at least) ###
CVE-2005-2367 version (wireshark, fixed 0.10.12)
CVE-2005-2366 version (wireshark, fixed 0.10.12)
CVE-2005-2365 version (wireshark, fixed 0.10.12)
CVE-2005-2364 version (wireshark, fixed 0.10.12)
CVE-2005-2363 version (wireshark, fixed 0.10.12)
CVE-2005-2362 version (wireshark, fixed 0.10.12)
CVE-2005-2361 version (wireshark, fixed 0.10.12)
CVE-2005-2360 version (wireshark, fixed 0.10.12)
CVE-2005-2353 ignore (thunderbird) debug mode only
CVE-2005-2337 version (ruby, fixed 1.8.3)
CVE-2005-2335 version (fetchmail, fixed 6.2.5.2)
CVE-2005-2270 version (thunderbird, fixed 1.0.5) ###
CVE-2005-2270 version (mozilla, fixed 1.7.9) ###
CVE-2005-2270 version (firefox, fixed 1.0.5) ###
CVE-2005-2269 version (thunderbird, fixed 1.0.5) ###
CVE-2005-2269 version (mozilla, fixed 1.7.9) ###
CVE-2005-2269 version (firefox, fixed 1.0.5) ###
CVE-2005-2268 version (mozilla, fixed 1.7.9) ###
CVE-2005-2268 version (firefox, fixed 1.0.5) ###
CVE-2005-2267 version (mozilla, fixed 1.7.9) ###
CVE-2005-2267 version (firefox, fixed 1.0.5) ###
CVE-2005-2266 version (thunderbird, fixed 1.0.5) ###
CVE-2005-2266 version (mozilla, fixed 1.7.9) ###
CVE-2005-2266 version (firefox, fixed 1.0.5) ###
CVE-2005-2265 version (thunderbird, fixed 1.0.5) ###
CVE-2005-2265 version (mozilla, fixed 1.7.9) ###
CVE-2005-2265 version (firefox, fixed 1.0.5) ###
CVE-2005-2264 version (firefox, fixed 1.0.5) ###
CVE-2005-2263 version (mozilla, fixed 1.7.9) ###
CVE-2005-2263 version (firefox, fixed 1.0.5) ###
CVE-2005-2262 version (firefox, fixed 1.0.5) ###
CVE-2005-2261 version (thunderbird, fixed 1.0.5) ###
CVE-2005-2261 version (mozilla, fixed 1.7.9) ###
CVE-2005-2261 version (firefox, fixed 1.0.5) ###
CVE-2005-2260 version (mozilla, fixed 1.7.9) ###
CVE-2005-2260 version (firefox, fixed 1.0.5) ###
CVE-2005-2177 version (net-snmp, fixed 5.2.1.2) ###
CVE-2005-2114 version (mozilla, fixed 1.7.9) ###
CVE-2005-2114 version (firefox, fixed 1.0.5) ###
CVE-2005-2104 version (sysreport, fixed 1.4.1-5) ###
CVE-2005-2103 version (gaim, fixed 1.5.0)
CVE-2005-2102 version (gaim, fixed 1.5.0)
CVE-2005-2101 version (kdeedu, fixed after 3.4.2) ###
CVE-2005-2100 version (kernel, not 2.6) not upstream only RHEL4 ###
CVE-2005-2099 version (kernel, fixed 2.6.12.5) ###
CVE-2005-2098 version (kernel, fixed 2.6.12.5) ###
CVE-2005-2097 version (xpdf, fixed 3.0.1)
CVE-2005-2097 version (cups)
CVE-2005-2096 version (rpm, fixed 4.4.2) ###
CVE-2005-2096 backport (zlib, fixed 1.2.2.4)
CVE-2005-2095 version (squirrelmail, fixed 1.4.5)
CVE-2005-2088 version (httpd, not 2.2)
CVE-2005-2069 version (nss_ldap, fixed pam_ldap:180) ###
CVE-2005-2069 backport (openldap) openldap-2.2.13-tls-fix-connection-test.patch ###
CVE-2005-2023 version (gnupg, fixed 1.9.15) ###
CVE-2005-1993 version (sudo, fixed 1.6.8p9) ###
CVE-2005-1992 version (ruby, fixed 1.8.3 at least)
CVE-2005-1937 version (mozilla, fixed 1.7.9) ###
CVE-2005-1937 version (firefox, fixed 1.0.5) ###
CVE-2005-1934 version (gaim, fixed 1.3.1)
CVE-2005-1921 version (php, fixed xml_rpc:1.3.1)
CVE-2005-1920 version (kdelibs, fixed 3.4.1)
CVE-2005-1918 version (tar)
CVE-2005-1913 version (kernel, fixed 2.6.12.2) ###
CVE-2005-1852 version (kdenetwork, fixed 3.4.2) ###
CVE-2005-1849 version (zlib, fixed 1.2.3)
CVE-2005-1831 ignore (sudo) unsubstantiated report
CVE-2005-1769 version (squirrelmail, fixed 1.4.5)
CVE-2005-1768 version (kernel, fixed 2.6.6) ###
CVE-2005-1767 version (kernel, fixed 2.6.7) ###
CVE-2005-1765 version (kernel, fixed 2.6.12) ###
CVE-2005-1764 version (kernel, fixed 2.6.12) ###
CVE-2005-1763 version (kernel, fixed 2.6.12) ###
CVE-2005-1762 version (kernel, fixed 2.6.12) ###
CVE-2005-1761 version (kernel, fixed 2.6.12.2) ###
CVE-2005-1760 version (sysreport, fixed 1.4.1-3) ###
CVE-2005-1759 ignore (php) dead code path
CVE-2005-1759 ignore (openldap) fixed shtool 2.0.2 flawed code path not used
CVE-2005-1751 version (nmap, fixed 3.93 at least) ###
CVE-2005-1751 ignore (openldap) fixed shtool 2.0.2. Flawed code path not used
CVE-2005-1751 ignore (ncpfs) part of shtool in ncpfs is not vulnerable
CVE-2005-1740 version (net-snmp, fixed 5.2.2.rc5 at least) ###
CVE-2005-1739 version (ImageMagick, fixed 6.2.2.3)
CVE-2005-1705 backport (gdb) gdb-6.3-security-errata-20050610.patch ###
CVE-2005-1704 version (binutils, fixed 2.16.91.0.3 at least) ###
CVE-2005-1704 backport (gdb) gdb-6.3-security-errata-20050610.patch ###
CVE-2005-1689 version (krb5, fixed 1.4.2)
CVE-2005-1686 ignore (gedit) not a vulnerability
CVE-2005-1636 version (mysql, fixed 4.1.12)
CVE-2005-1589 version (kernel, fixed 2.6.11.10) ###
CVE-2005-1571 version (php, fixed shtool 2.0.2)
CVE-2005-1544 version (libtiff, fixed 3.7.1 at least) ###
CVE-2005-1532 version (thunderbird) ###
CVE-2005-1532 version (mozilla, fixed 1.7.8) ###
CVE-2005-1532 version (firefox, fixed 1.0.4) ###
CVE-2005-1531 version (mozilla, fixed 1.7.8) ###
CVE-2005-1531 version (firefox, fixed 1.0.4) ###
CVE-2005-1519 version (squid, fixed 2.5.STABLE10)
CVE-2005-1470 version (wireshark, fixed 0.10.11)
CVE-2005-1469 version (wireshark, fixed 0.10.11)
CVE-2005-1468 version (wireshark, fixed 0.10.11)
CVE-2005-1467 version (wireshark, fixed 0.10.11)
CVE-2005-1466 version (wireshark, fixed 0.10.11)
CVE-2005-1465 version (wireshark, fixed 0.10.11)
CVE-2005-1464 version (wireshark, fixed 0.10.11)
CVE-2005-1463 version (wireshark, fixed 0.10.11)
CVE-2005-1462 version (wireshark, fixed 0.10.11)
CVE-2005-1461 version (wireshark, fixed 0.10.11)
CVE-2005-1460 version (wireshark, fixed 0.10.11)
CVE-2005-1459 version (wireshark, fixed 0.10.11)
CVE-2005-1458 version (wireshark, fixed 0.10.11)
CVE-2005-1457 version (wireshark, fixed 0.10.11)
CVE-2005-1456 version (wireshark, fixed 0.10.11)
CVE-2005-1455 version (freeradius, fixed 1.0.3)
CVE-2005-1454 version (freeradius, fixed 1.0.3)
CVE-2005-1431 version (gnutls, fixed 1.0.25)
CVE-2005-1410 version (postgresql, fixed 8.0.2)
CVE-2005-1409 version (postgresql, fixed 8.0.1)
CVE-2005-1369 version (kernel, fixed 2.6.12) ###
CVE-2005-1368 version (kernel, fixed 2.6.12) ###
CVE-2005-1345 version (squid, fixed 2.5.STABLE10)
CVE-2005-1344 ignore (httpd) not a vulnerability
CVE-2005-1281 version (wireshark, fixed 0.10.11)
CVE-2005-1280 version (tcpdump, fixed 3.9.2)
CVE-2005-1279 version (tcpdump, fixed 3.9.2)
CVE-2005-1278 version (tcpdump, fixed 3.9.2)
CVE-2005-1277 ignore (dupe)
CVE-2005-1275 version (ImageMagick, fixed 6.2.2)
CVE-2005-1269 version (gaim, fixed 1.3.1)
CVE-2005-1268 version (httpd, not 2.2)
CVE-2005-1267 version (tcpdump, fixed 3.9.4 at least)
CVE-2005-1266 version (spamassassin, fixed 3.0.4)
CVE-2005-1265 version (kernel) ###
CVE-2005-1264 version (kernel) ###
CVE-2005-1263 version (kernel) ###
CVE-2005-1262 version (gaim, fixed 1.3.0)
CVE-2005-1261 version (gaim, fixed 1.3.0)
CVE-2005-1260 version (bzip2, fixed 1.0.3) ###
CVE-2005-1229 backport (cpio) ###
CVE-2005-1228 backport (gzip) ###
CVE-2005-1194 backport (nasm) ###
CVE-2005-1184 ignore (kernel) expected to not be an issue
CVE-2005-1175 version (krb5, fixed 1.4.2)
CVE-2005-1174 version (krb5, fixed 1.4.2)
CVE-2005-1160 version (thunderbird) ###
CVE-2005-1160 version (mozilla) ###
CVE-2005-1160 version (firefox) ###
CVE-2005-1159 version (thunderbird) ###
CVE-2005-1159 version (mozilla) ###
CVE-2005-1159 version (firefox) ###
CVE-2005-1158 version (firefox, fixed 1.0.3) ###
CVE-2005-1157 version (mozilla) ###
CVE-2005-1157 version (firefox) ###
CVE-2005-1156 version (mozilla) ###
CVE-2005-1156 version (firefox) ###
CVE-2005-1155 version (mozilla) ###
CVE-2005-1155 version (firefox) ###
CVE-2005-1154 version (mozilla) ###
CVE-2005-1154 version (firefox) ###
CVE-2005-1153 version (mozilla) ###
CVE-2005-1153 version (firefox) ###
CVE-2005-1111 backport (cpio) ###
CVE-2005-1065 version (tetex) not upstream version ###
CVE-2005-1061 version (logwatch, fixed 4.3.2 at least) ###
CVE-2005-1046 version (kdelibs, fixed after 3.4.0)
CVE-2005-1043 version (php, fixed 4.3.11)
CVE-2005-1042 version (php, fixed 4.3.11)
CVE-2005-1041 version (kernel, fixed 2.6.12) ###
CVE-2005-1039 ignore (coreutils) not fixed upstream, not a real issue
CVE-2005-1038 backport (vixie-cron) ###
CVE-2005-0990 version (sharutils, fixed 4.6 at least) ###
CVE-2005-0989 version (thunderbird) ###
CVE-2005-0989 version (mozilla, fixed 1.7.7) ###
CVE-2005-0989 version (firefox, fixed 1.0.3) ###
CVE-2005-0988 backport (gzip) ###
CVE-2005-0977 version (kernel, fixed 2.6.11) ###
CVE-2005-0967 version (gaim, fixed 1.2.1)
CVE-2005-0966 version (gaim, fixed 1.2.1)
CVE-2005-0965 version (gaim, fixed 1.2.1)
CVE-2005-0953 backport (bzip2) bzip2-1.0.2-chmod.patch ###
CVE-2005-0941 version (ooffice, fixed 1.9 m95) ###
CVE-2005-0937 version (kernel, fixed 2.6.11) ###
CVE-2005-0916 version (kernel, fixed 2.6.12) ###
CVE-2005-0891 version (gtk2, fixed 2.2.4) ###
CVE-2005-0867 version (kernel, fixed 2.6.11) ###
CVE-2005-0866 version (cdrecord) DEBUG isn't enabled anyway ###
CVE-2005-0839 version (kernel, fixed 2.6.11) ###
CVE-2005-0815 version (kernel, fixed 2.6.11.6) ###
CVE-2005-0808 version (tomcat, fixed 5.x)
CVE-2005-0806 version (evolution, fixed 2.0.4)
CVE-2005-0799 version (mysql) not linux
CVE-2005-0767 version (kernel, fixed 2.6.11) ###
CVE-2005-0766 version (wireshark, fixed after 0.10.9)
CVE-2005-0765 version (wireshark, fixed after 0.10.9)
CVE-2005-0763 version (mc, fixed 4.6.0)
CVE-2005-0762 version (ImageMagick, fixed 6.0)
CVE-2005-0761 version (ImageMagick, fixed 6.1.8)
CVE-2005-0760 version (ImageMagick, fixed 6.0)
CVE-2005-0759 version (ImageMagick, fixed 6.0)
CVE-2005-0758 version (gzip, fixed 1.3.5) ###
CVE-2005-0758 backport (bzip2) ###
CVE-2005-0757 version (kernel, not 2.6) ###
CVE-2005-0756 version (kernel, fixed 2.6.12) ###
CVE-2005-0754 version (kdewebdev, fixed after 3.4.0) ###
CVE-2005-0753 version (cvs, fixed 1.11.20)
CVE-2005-0752 version (firefox, fixed 1.0.3) ###
CVE-2005-0750 version (kernel, fixed 2.6.11.6) ###
CVE-2005-0749 version (kernel, fixed 2.6.11.6) ###
CVE-2005-0739 version (wireshark, fixed after 0.10.9)
CVE-2005-0736 version (kernel, fixed 2.6.11) ###
CVE-2005-0718 version (squid, fixed 2.5.STABLE8)
CVE-2005-0711 version (mysql, fixed 4.1.11)
CVE-2005-0710 version (mysql, fixed 4.1.11)
CVE-2005-0709 version (mysql, fixed 4.1.11)
CVE-2005-0705 version (wireshark, fixed after 0.10.9)
CVE-2005-0704 version (wireshark, fixed after 0.10.9)
CVE-2005-0698 version (wireshark, fixed after 0.10.9)
CVE-2005-0670 VULNERABLE (hcidump) ###
CVE-2005-0664 version (libexif, fixed 0.6.12) ###
CVE-2005-0654 ignore (gimp, not fixed 2.2) upstream considers harmless
CVE-2005-0627 version (qt, fixed 3.3.4) ###
CVE-2005-0626 version (squid, fixed 2.5.STABLE10)
CVE-2005-0605 version (libXpm, fixed 3.5.4 at least) ###
CVE-2005-0605 backport (openmotif) ###
CVE-2005-0602 ignore (unzip, fixed 5.52) this is really expected behaviour
CVE-2005-0596 version (php, fixed 5.0)
CVE-2005-0593 version (mozilla) ###
CVE-2005-0593 version (firefox) ###
CVE-2005-0592 version (mozilla) ###
CVE-2005-0592 version (firefox) ###
CVE-2005-0591 version (firefox, fixed 1.0.1) ###
CVE-2005-0590 version (thunderbird) ###
CVE-2005-0590 version (openswan, fixed 2.1.4) ###
CVE-2005-0590 version (mozilla) ###
CVE-2005-0590 version (firefox) ###
CVE-2005-0589 version (firefox, fixed 1.0.1) ###
CVE-2005-0588 version (mozilla) ###
CVE-2005-0588 version (firefox) ###
CVE-2005-0587 version (mozilla) ###
CVE-2005-0587 version (firefox) ###
CVE-2005-0586 version (mozilla) ###
CVE-2005-0586 version (firefox) ###
CVE-2005-0585 version (mozilla) ###
CVE-2005-0585 version (firefox) ###
CVE-2005-0584 version (mozilla) ###
CVE-2005-0584 version (firefox) ###
CVE-2005-0578 version (mozilla) ###
CVE-2005-0578 version (firefox) ###
CVE-2005-0565 version (kernel, not 2.6) ###
CVE-2005-0532 version (kernel, fixed 2.6.11) ###
CVE-2005-0531 version (kernel, fixed 2.6.11) ###
CVE-2005-0530 version (kernel, fixed 2.6.11) ###
CVE-2005-0529 version (kernel, fixed 2.6.11) ###
CVE-2005-0527 version (mozilla, fixed 1.7.6) ###
CVE-2005-0527 version (firefox, fixed 1.0.1) ###
CVE-2005-0525 version (php, fixed 5.0.4)
CVE-2005-0524 version (php, fixed 5.0.4)
CVE-2005-0509 version (mono, not after 1.0.5) ###
CVE-2005-0504 version (kernel, not 2.6) doesn't build in 2.6 ###
CVE-2005-0490 version (curl, fixed 7.13.1)
CVE-2005-0489 version (kernel, not 2.6) ###
CVE-2005-0488 backport (telnet) ###
CVE-2005-0488 backport (krb5) krb5-1.4.1-telnet-environ.patch ###
CVE-2005-0473 version (gaim, fixed 1.1.3)
CVE-2005-0472 version (gaim, fixed 1.1.3)
CVE-2005-0469 version (krb5, fixed 1.4.1)
CVE-2005-0469 backport (telnet) telnet-0.17-CAN-2005-468_469.patch ###
CVE-2005-0468 version (krb5, fixed 1.4.1)
CVE-2005-0468 backport (telnet) telnet-0.17-CAN-2005-468_469.patch ###
CVE-2005-0449 version (kernel, fixed 2.6.11) ###
CVE-2005-0448 version (perl, fixed 5.8.6)
CVE-2005-0446 version (squid, fixed 2.5.STABLE9)
CVE-2005-0404 ignore (kde) won't fix http://bugs.kde.org/show_bug.cgi?id=96020
CVE-2005-0403 version (kernel) not upstream ###
CVE-2005-0402 version (firefox, fixed 1.0.2) ###
CVE-2005-0401 version (mozilla, fixed 1.7.7) ###
CVE-2005-0401 version (firefox, fixed 1.0.2) ###
CVE-2005-0400 version (kernel, fixed 2.6.11.6) ###
CVE-2005-0399 version (thunderbird) ###
CVE-2005-0399 version (mozilla) ###
CVE-2005-0399 version (firefox) ###
CVE-2005-0398 version (ipsec-tools, fixed 0.5) ###
CVE-2005-0397 version (ImageMagick, fixed 6.0.2.5)
CVE-2005-0396 version (kdelibs, fixed 3.4.0)
CVE-2005-0384 version (kernel, fixed 2.6.11.4) ###
CVE-2005-0372 version (gftp, fixed 2.0.18 at least) ###
CVE-2005-0365 version (kdelibs, not 3.4)
CVE-2005-0337 version (postfix, not 2.2) ###
CVE-2005-0255 version (thunderbird, fixed 1.0.2) ###
CVE-2005-0255 version (mozilla, fixed 1.7.6) ###
CVE-2005-0255 version (firefox, fixed 1.0.1) ###
CVE-2005-0247 version (postgresql, fixed after 8.0)
CVE-2005-0246 version (postgresql, fixed 8.0.1)
CVE-2005-0245 version (postgresql, fixed 8.0.1)
CVE-2005-0244 version (postgresql, fixed 8.0.1)
CVE-2005-0241 version (squid, fixed 2.5.STABLE8)
CVE-2005-0238 version (epiphany, fixed since mozilla 1.7.6) ###
CVE-2005-0237 version (kdelibs, fixed 3.4.0)
CVE-2005-0233 version (mozilla, fixed 1.7.6) ###
CVE-2005-0233 version (firefox, fixed 1.0.1) ###
CVE-2005-0232 version (mozilla, fixed 1.7.6) ###
CVE-2005-0232 version (firefox, fixed 1.0.1) ###
CVE-2005-0231 version (mozilla, fixed 1.7.6) ###
CVE-2005-0231 version (firefox, fixed 1.0.1) ###
CVE-2005-0230 version (thunderbird, fixed 1.0.2) ###
CVE-2005-0230 version (mozilla, fixed 1.7.6) ###
CVE-2005-0230 version (firefox, fixed 1.0.1) ###
CVE-2005-0227 version (postgresql, fixed 8.0.1)
CVE-2005-0215 version (mozilla) ###
CVE-2005-0211 version (squid, fixed 2.5.STABLE8)
CVE-2005-0210 version (kernel, fixed 2.6.11) ###
CVE-2005-0209 version (kernel, fixed 2.6.11) ###
CVE-2005-0208 version (gaim, fixed 1.1.4)
CVE-2005-0207 version (kernel, fixed 2.6.11) ###
CVE-2005-0206 version (xpdf) only bad patch for 2004-0888
CVE-2005-0205 version (kdenetwork, not 3.3+) ###
CVE-2005-0204 version (kernel) didn't affect upstream ###
CVE-2005-0202 version (mailman, fixed 2.1.6)
CVE-2005-0201 version (dbus, fixed 0.36.1) ###
CVE-2005-0194 version (squid, fixed 2.5.STABLE8)
CVE-2005-0180 version (kernel, fixed 2.6.11) ###
CVE-2005-0179 version (kernel, fixed 2.6.11) ###
CVE-2005-0178 version (kernel, fixed 2.6.11) ###
CVE-2005-0177 version (kernel, fixed 2.6.11) ###
CVE-2005-0176 version (kernel, fixed 2.6.10) only affected 2.6.9 ###
CVE-2005-0175 version (squid, fixed 2.5.STABLE8)
CVE-2005-0174 version (squid, fixed 2.5.STABLE8)
CVE-2005-0173 version (squid, fixed 2.5.STABLE8)
CVE-2005-0162 version (openswan, fixed 2.3.0) ###
CVE-2005-0156 version (perl, fixed 5.8.8)
CVE-2005-0155 version (perl, fixed 5.8.8)
CVE-2005-0152 version (squirrelmail, not 1.4)
CVE-2005-0150 version (firefox, fixed 1.0) ###
CVE-2005-0149 version (mozilla) ###
CVE-2005-0149 version (firefox) ###
CVE-2005-0147 version (mozilla) ###
CVE-2005-0147 version (firefox) ###
CVE-2005-0146 version (mozilla) ###
CVE-2005-0146 version (firefox) ###
CVE-2005-0145 version (firefox, fixed 1.0) ###
CVE-2005-0144 version (mozilla) ###
CVE-2005-0144 version (firefox) ###
CVE-2005-0143 version (mozilla) ###
CVE-2005-0143 version (firefox) ###
CVE-2005-0142 version (thunderbird) ###
CVE-2005-0142 version (mozilla) ###
CVE-2005-0142 version (firefox) ###
CVE-2005-0141 version (mozilla) ###
CVE-2005-0141 version (firefox) ###
CVE-2005-0137 version (kernel, not 2.6) ###
CVE-2005-0136 version (kernel, fixed 2.6.11) ###
CVE-2005-0135 version (kernel, fixed 2.6.11) ###
CVE-2005-0124 version (kernel, fixed 2.6.11) ###
CVE-2005-0109 version (openssl, not 0.9.8a)
CVE-2005-0109 backport (openssl097a)
CVE-2005-0104 version (squirrelmail, fixed 1.4.4)
CVE-2005-0103 version (squirrelmail, fixed 1.4.4)
CVE-2005-0102 version (evolution-data-server, fixed 1.2.2 at least)
CVE-2005-0100 version (emacs, fixed 21.4 at least) ###
CVE-2005-0097 version (squid, fixed 2.5.STABLE8)
CVE-2005-0096 version (squid, fixed 2.5.STABLE8)
CVE-2005-0095 version (squid, fixed 2.5.STABLE8)
CVE-2005-0094 version (squid, fixed 2.5.STABLE8)
CVE-2005-0092 version (kernel, not affected) ###
CVE-2005-0091 version (kernel, not affected) ###
CVE-2005-0090 version (kernel, not affected) ###
CVE-2005-0089 version (python, fixed 2.4.1 at least) ###
CVE-2005-0088 version (mod_python, fixed after 2.7.8)
CVE-2005-0087 version (alsa-lib, fixed 1.0.9) ###
CVE-2005-0086 version (less) didn't affect upstream ###
CVE-2005-0085 version (htdig, fixed 3.1.6-r7) ###
CVE-2005-0084 version (wireshark, fixed 0.10.9)
CVE-2005-0080 version (mailman) not upstream
CVE-2005-0078 version (kde, fixed 3.0.5) ###
CVE-2005-0077 version (perl-DBI, fixed 1.48 at least) ###
CVE-2005-0075 version (squirrelmail, fixed 1.4.4)
CVE-2005-0069 backport (vim) vim-6.4-tmpfile.patch ###
CVE-2005-0064 version (xpdf, fixed 3.0.1)
CVE-2005-0064 version (tetex, fixed 3.0) ###
CVE-2005-0064 version (kdegraphics, not 3.4)
CVE-2005-0064 backport (cups) cups-CAN-2005-0064.patch ###
CVE-2005-0039 ignore (kernel) not a vulnerability: don't do this says the rfc
CVE-2005-0034 version (bind, fixed after 9.3.0) ###
CVE-2005-0033 version (bind, not 9) ###
CVE-2005-0023 ignore (libvte) not a security risk
CVE-2005-0014 version (ncpfs, fixed 2.2.6) ###
CVE-2005-0013 version (ncpfs, fixed 2.2.6) ###
CVE-2005-0011 version (kdeedu, not 3.4) ###
CVE-2005-0010 version (wireshark, fixed 0.10.9)
CVE-2005-0009 version (wireshark, fixed 0.10.9)
CVE-2005-0008 version (wireshark, fixed 0.10.9)
CVE-2005-0007 version (wireshark, fixed 0.10.9)
CVE-2005-0006 version (wireshark, fixed 0.10.9)
CVE-2005-0005 version (ImageMagick, fixed after 6.1.7)
CVE-2005-0004 version (mysql, fixed 4.1.10)
CVE-2005-0003 version (kernel, fixed 2.6.10) ###
CVE-2005-0001 version (kernel, fixed 2.6.10) ###
CVE-2004-2660 version (kernel, fixed 2.6.10) ###
CVE-2004-2657 ignore (firefox) windows only
CVE-2004-2654 version (squid, fixed 2.6STABLE6)
CVE-2004-2607 version (kernel, fixed 2.6.5) ###
CVE-2004-2589 version (gaim, fixed 0.82)
CVE-2004-2546 version (samba, fixed 3.0.6)
CVE-2004-2541 ignore (cscope) blocked by FORTIFY_SOURCE
CVE-2004-2536 version (kernel, fixed 2.6.7) ###
CVE-2004-2531 version (gnutls, fixed 1.0.17)
CVE-2004-2480 ignore (squid) , not reproducable
CVE-2004-2479 version (squid, fixed 2.5.STABLE8)
CVE-2004-2396 version (passwd, fixed 0.69) ###
CVE-2004-2395 version (passwd, fixed 0.69) ###
CVE-2004-2394 version (passwd, fixed 0.69) ###
CVE-2004-2392 version (libuser, fixed 0.51.10) ###
CVE-2004-2343 ignore (httpd) not a security issue
CVE-2004-2302 version (kernel, fixed 2.6.10) ###
CVE-2004-2259 version (vsftpd, fixed 1.2.2) ###
CVE-2004-2228 version (firefox, fixed 1.0) ###
CVE-2004-2227 version (firefox, fixed 1.0) ###
CVE-2004-2225 version (firefox, fixed 0.10.1) ###
CVE-2004-2154 version (cups, fixed 1.2.21rc1)
CVE-2004-2149 version (mysql, fixed 4.1.5)
CVE-2004-2136 ignore (dm-crypt) design
CVE-2004-2135 ignore (kernel) design
CVE-2004-2093 ignore (rsync) not security issue
CVE-2004-2069 version (openssh, not 4)
CVE-2004-2014 version (wget, fixed 1.10.1)
CVE-2004-2013 version (kernel, not 2.6)
CVE-2004-2004 version (configuration) SUSE only ###
CVE-2004-1880 version (openldap, fixed 2.2.21) ###
CVE-2004-1834 version (httpd, not 2.2)
CVE-2004-1773 version (sharutils, not 4.6) ###
CVE-2004-1772 version (sharutils, not 4.6) ###
CVE-2004-1761 version (wireshark, fixed 0.10.3)
CVE-2004-1689 version (sudo, fixed 1.6.8p1) ###
CVE-2004-1653 ignore (openssh)
CVE-2004-1639 version (mozilla) ###
CVE-2004-1639 version (firefox) ###
CVE-2004-1617 ignore (lynx) not able to verify flaw ###
CVE-2004-1614 version (mozilla, fixed 1.7.5) ###
CVE-2004-1613 version (mozilla, fixed 1.7.5) ###
CVE-2004-1488 version (wget, fixed 1.10.1)
CVE-2004-1471 version (cvs, fixed 1.12.9)
CVE-2004-1453 version (glibc, fixed 2.3.5)
CVE-2004-1452 version (tomcat, fixed 5.0.27-r3)
CVE-2004-1451 version (thunderbird) ###
CVE-2004-1451 version (mozilla) ###
CVE-2004-1451 version (firefox) ###
CVE-2004-1450 version (thunderbird) ###
CVE-2004-1450 version (mozilla) ###
CVE-2004-1450 version (firefox) ###
CVE-2004-1449 version (thunderbird) ###
CVE-2004-1449 version (mozilla) ###
CVE-2004-1449 version (firefox) ###
CVE-2004-1392 version (php, fixed 5.0.4)
CVE-2004-1382 version (glibc, not 2.3.5)
CVE-2004-1381 version (mozilla) ###
CVE-2004-1381 version (firefox) ###
CVE-2004-1380 version (mozilla) ###
CVE-2004-1380 version (firefox) ###
CVE-2004-1377 backport (a2ps) a2ps-4.13-security.patch ###
CVE-2004-1337 version (kernel, fixed 2.6.11) ###
CVE-2004-1336 version (tetex, fixed 3.0 at least) ###
CVE-2004-1335 version (kernel, fixed 2.6.10) ###
CVE-2004-1334 version (kernel, fixed 2.6.10) ###
CVE-2004-1333 version (kernel, fixed 2.6.10) ###
CVE-2004-1316 version (thunderbird, fixed 0.9) ###
CVE-2004-1316 version (mozilla, fixed 1.7.5) ###
CVE-2004-1308 version (libtiff, fixed 3.7.1 at least) ###
CVE-2004-1307 version (libtiff, was already fixed with 0886) ###
CVE-2004-1304 version (file, fixed 4.12)
CVE-2004-1296 backport (groff) from srpm ###
CVE-2004-1287 backport (nasm) ###
CVE-2004-1270 version (cups, fixed 1.1.23)
CVE-2004-1269 version (cups, fixed 1.1.23)
CVE-2004-1268 version (cups, fixed 1.1.23)
CVE-2004-1267 version (cups, fixed 1.1.23)
CVE-2004-1237 version (kernel, not 2.6) not upstream ###
CVE-2004-1235 version (kernel, fixed 2.6.11) ###
CVE-2004-1234 version (kernel, not 2.6) ###
CVE-2004-1224 version (mtr, fixed after 0.65) ###
CVE-2004-1200 ignore (firefox, mozilla) not a security issue
CVE-2004-1191 version (kernel, fixed 2.6.9) ###
CVE-2004-1190 version (kernel, fixed 2.6.10) ###
CVE-2004-1189 version (krb5, fixed 1.4)
CVE-2004-1186 backport (enscript) ###
CVE-2004-1185 backport (enscript) ###
CVE-2004-1184 version (enscript, fixed 1.6.4 at least) ###
CVE-2004-1183 version (libtiff, fixed 3.7.2) ###
CVE-2004-1180 version (rwho, fixed 0.17) ###
CVE-2004-1177 version (mailman, fixed 2.1.6)
CVE-2004-1176 version (mc, fixed 4.6.0)
CVE-2004-1175 version (mc, fixed 4.6.0)
CVE-2004-1174 version (mc, fixed 4.6.0)
CVE-2004-1171 version (kdelibs, not 3.4)
CVE-2004-1170 backport (a2ps) a2ps-shell.patch ###
CVE-2004-1165 version (kdelibs, not 3.4)
CVE-2004-1158 version (kdelibs, not 3.4)
CVE-2004-1156 version (mozilla, firefox) ###
CVE-2004-1154 version (samba, fixed 3.0.10)
CVE-2004-1151 version (kernel, fixed 2.6.10) ###
CVE-2004-1145 version (kde, not 3.4) ###
CVE-2004-1144 version (kernel, not 2.6) ###
CVE-2004-1143 version (mailman, fixed 2.1.5)
CVE-2004-1142 version (wireshark, fixed 0.10.8)
CVE-2004-1141 version (wireshark, fixed 0.10.8)
CVE-2004-1140 version (wireshark, fixed 0.10.8)
CVE-2004-1139 version (wireshark, fixed 0.10.8)
CVE-2004-1138 version (vim, fixed 6.3) ###
CVE-2004-1137 version (kernel, fixed 2.6.10) ###
CVE-2004-1125 version (xpdf, fixed 3.0.1)
CVE-2004-1125 version (tetex, at least 3.0) ###
CVE-2004-1125 version (kdegraphics, not 3.4)
CVE-2004-1096 version (perl-Archive-Zip, fixed 1.14) ###
CVE-2004-1093 version (mc, fixed 4.6.0)
CVE-2004-1092 version (mc, fixed 4.6.0)
CVE-2004-1091 version (mc, fixed 4.6.0)
CVE-2004-1090 version (mc, fixed 4.6.0)
CVE-2004-1079 version (ncpfs, fixed 2.2.6 at least) ###
CVE-2004-1074 version (kernel, fixed 2.6.10) ###
CVE-2004-1073 version (kernel, fixed 2.6.10) ###
CVE-2004-1072 version (kernel, fixed 2.6.10) ###
CVE-2004-1071 version (kernel, fixed 2.6.10) ###
CVE-2004-1070 version (kernel, fixed 2.6.10) ###
CVE-2004-1069 version (kernel, fixed 2.6.10) ###
CVE-2004-1068 version (kernel, fixed 2.6.10) ###
CVE-2004-1065 version (php, fixed after 5.0.2)
CVE-2004-1064 version (php, fixed after 5.0.2)
CVE-2004-1063 version (php, fixed after 5.0.2)
CVE-2004-1060 version (kernel) all verifies sequence number ###
CVE-2004-1058 version (kernel, fixed 2.6.9) ###
CVE-2004-1057 version (kernel, fixed 2.6.10) ###
CVE-2004-1056 version (kernel, fixed 2.6.10) ###
CVE-2004-1051 version (sudo, fixed 1.6.8p2) ###
CVE-2004-1036 version (squirrelmail, fixed 1.4.4)
CVE-2004-1020 version (php, fixed after 5.0.2)
CVE-2004-1019 version (php, fixed after 5.0.2)
CVE-2004-1018 version (php, fixed after 5.0.2)
CVE-2004-1017 version (kernel, fixed 2.6.10) ###
CVE-2004-1016 version (kernel, fixed 2.6.10) ###
CVE-2004-1014 version (nfs-utils, fixed 1.0.7)
CVE-2004-1009 version (mc, fixed 4.6.0)
CVE-2004-1006 version (dhcp, not 3) ###
CVE-2004-1005 version (mc, fixed 4.6.0)
CVE-2004-1004 version (mc, fixed 4.6.0)
CVE-2004-1002 ignore (ppp) not a security issue
CVE-2004-0997 version (kernel, not 2.6) ###
CVE-2004-0996 backport (cscope) not fixed in 15.5 ###
CVE-2004-0990 version (gd, fixed 2.0.33 at least) ###
CVE-2004-0989 version (libxml2, fixed 2.6.15)
CVE-2004-0986 version (iptables, fixed 1.2.12) ###
CVE-2004-0983 version (ruby, fixed 1.8.2)
CVE-2004-0981 version (ImageMagick, fixed 6.1.0)
CVE-2004-0977 version (postgresql, fixed after 7.4.6)
CVE-2004-0976 backport (perl) perl-5.8.7-CAN-2004-0976.patch ###
CVE-2004-0975 version (openssl, not 0.9.8)
CVE-2004-0975 backport (openssl097a, fixed 0.9.7f)
CVE-2004-0974 version (netatalk, fixed 2.0.1) ###
CVE-2004-0972 version (lvm2, fixed 2.2.01.8 at least) ###
CVE-2004-0971 backport (krb5) krb5-1.3.4-send-pr-tempfile.patch ###
CVE-2004-0970 version (gzip) ###
CVE-2004-0969 version (groff, fixed 1.18.1.1) ###
CVE-2004-0968 version (glibc, fixed 2.3.5 at least)
CVE-2004-0967 version (ghostscript, fixed 8.15.1)
CVE-2004-0966 version (gettext, fixed 0.14.3 at least) ###
CVE-2004-0961 version (freeradius, fixed 1.0.1)
CVE-2004-0960 version (freeradius, fixed 1.0.1)
CVE-2004-0959 version (php, fixed 4.3.9)
CVE-2004-0958 version (php, fixed 4.3.9)
CVE-2004-0957 version (mysql, fixed 4.0.21)
CVE-2004-0956 version (mysql, fixed 4.0.20)
CVE-2004-0946 version (nfs-utils, fixed 1.0.6-r6)
CVE-2004-0942 version (httpd, not 2.2)
CVE-2004-0941 backport (gd) ###
CVE-2004-0940 version (httpd, not 2.2)
CVE-2004-0938 version (freeradius, fixed 1.0.1)
CVE-2004-0930 version (samba, fixed 3.0.8)
CVE-2004-0929 version (libtiff, fixed 3.7.0) ###
CVE-2004-0923 version (cups, fixed 1.2.22)
CVE-2004-0918 version (squid, fixed 2.4.STABLE7)
CVE-2004-0914 version (xorg-x11, fixed after 6.8.1) ###
CVE-2004-0914 backport (openmotif) ###
CVE-2004-0909 version (thunderbird) ###
CVE-2004-0909 version (mozilla) ###
CVE-2004-0909 version (firefox) ###
CVE-2004-0908 version (mozilla, fixed 1.7.3) ###
CVE-2004-0907 version (thunderbird) ###
CVE-2004-0907 version (mozilla) ###
CVE-2004-0907 version (firefox) ###
CVE-2004-0906 version (thunderbird) ###
CVE-2004-0906 version (mozilla) ###
CVE-2004-0906 version (firefox) ###
CVE-2004-0905 version (mozilla, fixed 1.7.3) ###
CVE-2004-0904 version (mozilla, fixed 1.7.3) ###
CVE-2004-0903 version (mozilla, fixed 1.7.3) ###
CVE-2004-0902 version (mozilla, fixed 1.7.3) ###
CVE-2004-0891 version (gaim, fixed 1.0.2)
CVE-2004-0889 version (xpdf, fixed 3.0.1)
CVE-2004-0888 version (xpdf, fixed 3.0.1)
CVE-2004-0888 version (tetex, fixed 3.0) ###
CVE-2004-0888 version (kpdegraphics, not 3.4) ###
CVE-2004-0888 version (cups)
CVE-2004-0887 version (kernel, fixed 2.6.10) ###
CVE-2004-0886 version (libtiff, fixed 3.7.1 at least) ###
CVE-2004-0886 version (kdegraphics, fixed by Update on 20041109)
CVE-2004-0885 version (httpd, not 2.2)
CVE-2004-0884 version (cyrus-sasl, fixed 2.1.20) ###
CVE-2004-0883 version (kernel, fixed 2.6.11) ###
CVE-2004-0883 version (kernel, fixed 2.6.11) ###
CVE-2004-0882 version (samba, fixed 3.0.8)
CVE-2004-0871 ignore (mozilla) unfixed upstream with no patch
CVE-2004-0870 ignore (kde) upstream won't fix
CVE-2004-0867 version (firefox, after 0.9.2) ###
CVE-2004-0837 version (mysql, fixed 4.0.21)
CVE-2004-0836 version (mysql, fixed 4.0.21)
CVE-2004-0835 version (mysql, fixed 4.1.2)
CVE-2004-0832 version (squid, fixed 2.5.STABLE7)
CVE-2004-0829 version (samba, fixed 2.2.11)
CVE-2004-0827 version (ImageMagick, fixed 6.0.6.2)
CVE-2004-0826 version (nss, fixed 3.9.2) ###
CVE-2004-0823 version (openldap, fixed after 2.1.19) ###
CVE-2004-0816 version (kernel, fixed 2.6.8) ###
CVE-2004-0815 version (samba, fixed 3.0.2a)
CVE-2004-0814 version (kernel, fixed 2.6.9) ###
CVE-2004-0813 version (kernel, fixed 2.6.8) ###
CVE-2004-0812 version (kernel, not 2.6) ###
CVE-2004-0811 version (httpd, not 2.2)
CVE-2004-0809 version (httpd, not 2.2)
CVE-2004-0808 version (samba, fixed 3.0.7)
CVE-2004-0807 version (samba, fixed 3.0.7)
CVE-2004-0806 version (cdrtools, fixed 2.0.1) ###
CVE-2004-0804 version (libtiff, fixed after 3.6.1) ###
CVE-2004-0804 version (kdegraphics)
CVE-2004-0803 version (libtiff, fixed after 3.6.1) ###
CVE-2004-0803 version (kdegraphics)
CVE-2004-0801 version (foomatic, fixed 3.0.2)
CVE-2004-0797 version (zlib, fixed 1.2.2.2 at least)
CVE-2004-0797 version (zlib)
CVE-2004-0796 version (spamassassin, fixed 2.64)
CVE-2004-0792 version (rsync, fixed 2.6.3)
CVE-2004-0791 version (kernel, fixed 2.6.9) ###
CVE-2004-0790 version (kernel) doesn't affect linux 2.6 ###
CVE-2004-0788 version (gtk2, fixed 2.6.7 at least) ###
CVE-2004-0786 version (apr-util, fixed 2.0.51) ###
CVE-2004-0785 version (gaim, fixed 0.82)
CVE-2004-0784 version (gaim, fixed 0.82)
CVE-2004-0783 version (gtk2, fixed 2.6.7 at least) ###
CVE-2004-0782 version (gtk2, fixed 2.6.7 at least) ###
CVE-2004-0779 version (thunderbird) ###
CVE-2004-0779 version (mozilla) ###
CVE-2004-0779 version (firefox) ###
CVE-2004-0778 version (cvs, fixed 1.11.17)
CVE-2004-0772 version (krb5, fixed after 1.2.8)
CVE-2004-0771 backport (lha, changelog) ###
CVE-2004-0769 backport (lha, changelog) ###
CVE-2004-0768 version (libpng, fixed 1.2.6)
CVE-2004-0765 version (mozilla, fixed 1.7) ###
CVE-2004-0764 version (mozilla, fixed 1.7) ###
CVE-2004-0763 version (mozilla, fixed 1.7.2) ###
CVE-2004-0762 version (mozilla, fixed 1.7) ###
CVE-2004-0761 version (mozilla, fixed 1.7) ###
CVE-2004-0760 version (mozilla, fixed 1.7.2) ###
CVE-2004-0759 version (mozilla, fixed 1.7) ###
CVE-2004-0758 version (mozilla, fixed 1.7.2) ###
CVE-2004-0757 version (mozilla, fixed 1.7) ###
CVE-2004-0755 version (ruby, fixed 1.8.1)
CVE-2004-0754 version (gaim, fixed 0.82)
CVE-2004-0753 version (gtk2, fixed after 2.2.4) ###
CVE-2004-0752 version (openoffice.org, fixed after 1.1.2) ###
CVE-2004-0751 version (httpd, not 2.2)
CVE-2004-0750 version (system-config-nfs, fixed 1.0.13) ###
CVE-2004-0749 version (subversion, fixed 1.0.8) ###
CVE-2004-0748 version (httpd, not 2.2)
CVE-2004-0747 version (httpd, not 2.2)
CVE-2004-0746 version (kde, fixed 3.3) ###
CVE-2004-0745 backport (lha) ###
CVE-2004-0722 version (mozilla, fixed 1.7) ###
CVE-2004-0721 version (kdelibs, fixed 3.3)
CVE-2004-0718 version (mozilla, fixed 1.7) ###
CVE-2004-0700 version (httpd, not 2.2)
CVE-2004-0694 backport (lha, changelog) ###
CVE-2004-0693 version (qt, fixed 3.3.3) ###
CVE-2004-0692 version (qt, fixed 3.3.3) ###
CVE-2004-0691 version (qt, fixed 3.3.3) ###
CVE-2004-0690 version (kdelibs, fixed after 3.2.3)
CVE-2004-0689 version (kdelibs, fixed 3.3.0)
CVE-2004-0688 version (openmotif) ###
CVE-2004-0687 version (openmotif) ###
CVE-2004-0686 version (samba, fixed 3.0.6)
CVE-2004-0685 version (kernel, not 2.6) ###
CVE-2004-0658 ignore (kernel) not a security issue
CVE-2004-0648 version (thunderbird) ###
CVE-2004-0648 version (mozilla) ###
CVE-2004-0648 version (firefox) ###
CVE-2004-0644 version (krb5, fixed after 1.3.4)
CVE-2004-0643 version (krb5, fixed after 1.3.1)
CVE-2004-0642 version (krb5, fixed after 1.3.4)
CVE-2004-0639 version (squirrelmail, fixed after 1.2.10)
CVE-2004-0635 version (wireshark, fixed 0.10.5)
CVE-2004-0634 version (wireshark, fixed 0.10.5)
CVE-2004-0633 version (wireshark, fixed 0.10.5)
CVE-2004-0628 version (mysql, fixed 4.1.3)
CVE-2004-0627 version (mysql, fixed 4.1.3)
CVE-2004-0626 version (kernel, fixed 2.6.8) ###
CVE-2004-0619 version (kernel) no driver ###
CVE-2004-0607 version (racoon)
CVE-2004-0603 backport (gzip) gzip-1.3.5-openbsd-owl-tmp.patch ###
CVE-2004-0600 version (samba, fixed 3.0.6)
CVE-2004-0599 version (mozilla, fixed 1.7.2) ###
CVE-2004-0599 version (libpng, fixed 1.2.6)
CVE-2004-0598 version (libpng, fixed 1.2.6)
CVE-2004-0597 version (mozilla, fixed 1.7.2) ###
CVE-2004-0597 version (libpng, fixed 1.2.6)
CVE-2004-0595 version (php, fixed 4.3.8)
CVE-2004-0594 version (php, fixed 4.3.8)
CVE-2004-0592 version (kernel, not upstream flaw) ###
CVE-2004-0587 version (kernel) not upstream flaw ###
CVE-2004-0558 version (cups, fixed 1.1.21)
CVE-2004-0557 version (sox, fixed after 12.17.4)
CVE-2004-0554 version (kernel, fixed 2.6.7) ###
CVE-2004-0548 ignore (aspell, not fixed 0.50.5) not a security issue
CVE-2004-0547 version (postgresql, fixed 7.2.1)
CVE-2004-0541 version (squid)
CVE-2004-0535 version (kernel, fixed 2.6.6) ###
CVE-2004-0527 version (konqueror, not 3+) ###
CVE-2004-0523 version (krb5, fixed 1.3.4)
CVE-2004-0521 version (squirrelmail, fixed 1.4.3a)
CVE-2004-0520 version (squirrelmail, fixed 1.4.3a)
CVE-2004-0519 version (squirrelmail, fixed 1.4.3a)
CVE-2004-0507 version (wireshark, fixed 0.10.4)
CVE-2004-0506 version (wireshark, fixed 0.10.4)
CVE-2004-0505 version (wireshark, fixed 0.10.4)
CVE-2004-0504 version (wireshark, fixed 0.10.4)
CVE-2004-0500 version (gaim, fixed 0.82)
CVE-2004-0497 version (kernel, fixed 2.6.8) ###
CVE-2004-0496 version (kernel, fixed 2.6.8) ###
CVE-2004-0495 version (kernel, fixed 2.6.8) ###
CVE-2004-0494 version (mc, fixed 4.6.1)
CVE-2004-0493 version (httpd, not 2.2)
CVE-2004-0492 version (httpd, not 2.2)
CVE-2004-0491 version (kernel, not upstream) ###
CVE-2004-0488 version (httpd, not 2.2)
CVE-2004-0478 ignore (mozilla) not a security issue
CVE-2004-0461 version (dhcp, fixed after 3.0.1rc13) ###
CVE-2004-0460 version (dhcp, fixed after 3.0.1rc13) ###
CVE-2004-0457 version (mysql, fixed after 4.0.20)
CVE-2004-0452 version (perl, fixed 5.8.8)
CVE-2004-0447 version (kernel, fixed 2.6.5) ###
CVE-2004-0427 version (kernel, fixed 2.6.6) ###
CVE-2004-0426 version (rsync, fixed 2.6.1)
CVE-2004-0424 version (kernel, fixed 2.6.4) ###
CVE-2004-0421 version (libpng, fixed 1.0.16)
CVE-2004-0419 version (xorg-x11, fixed 6.8.2 at least) ###
CVE-2004-0418 version (cvs, fixed 1.11.17)
CVE-2004-0417 version (cvs, fixed 1.11.17)
CVE-2004-0416 version (cvs, fixed 1.11.17)
CVE-2004-0415 version (kernel, fixed 2.6.8) ###
CVE-2004-0414 version (cvs, fixed 1.11.17)
CVE-2004-0413 version (subversion, fixed 1.0.5)
CVE-2004-0412 version (mailman, fixed 2.1.5)
CVE-2004-0411 version (kdelibs, fixed 3.3)
CVE-2004-0409 version (xchat, fixed after 2.0.8)
CVE-2004-0405 version (cvs, fixed 1.11)
CVE-2004-0403 version (racoon, fixed 20040408a) ###
CVE-2004-0398 version (neon, fixed 0.24.6)
CVE-2004-0397 version (subversion, fixed 1.0.1) ###
CVE-2004-0396 version (cvs, fixed 1.12.8)
CVE-2004-0394 version (kernel, not 2.6) also not a vulnerability ###
CVE-2004-0392 version (racoon, fixed 20040407b) ###
CVE-2004-0388 version (mysql, fixed 4.1.11 at least)
CVE-2004-0381 version (mysql, fixed 4.1.11 at least)
CVE-2004-0367 version (wireshark, fixed 0.10.3)
CVE-2004-0365 version (wireshark, fixed 0.10.3)
CVE-2004-0263 version (php, fixed 4.3.5)
CVE-2004-0256 version (libtool, fixed 1.5.2) ###
CVE-2004-0235 backport (lha, changelog) ###
CVE-2004-0234 backport (lha, changelog) ###
CVE-2004-0232 version (mc, fixed 4.6.0)
CVE-2004-0231 version (mc, fixed 4.6.0)
CVE-2004-0229 version (kernel, fixed 2.6.6) ###
CVE-2004-0228 version (kernel, fixed 2.6.6) ###
CVE-2004-0226 version (mc, fixed 4.6.0)
CVE-2004-0191 version (mozilla, fixed 1.4.2) ###
CVE-2004-0189 version (squid, fixed 2.5.STABLE5)
CVE-2004-0186 version (samba, not 3.0.2a)
CVE-2004-0184 version (tcpdump, fixed 3.8.2)
CVE-2004-0183 version (tcpdump, fixed 3.8.2)
CVE-2004-0182 version (mailman) only affected Red Hat packages
CVE-2004-0181 version (kernel, fixed 2.6.5) ###
CVE-2004-0180 version (cvs, fixed 1.11.15)
CVE-2004-0179 version (openoffice.org) ###
CVE-2004-0179 version (neon, fixed 0.24.5)
CVE-2004-0178 version (kernel, not 2.6) ###
CVE-2004-0177 version (kernel, fixed 2.6.6) ###
CVE-2004-0176 version (wireshark, fixed 0.10.3)
CVE-2004-0175 version (openssh, fixed 3.4p1)
CVE-2004-0175 backport (krb5) krb5-1.3.3-rcp-markus.patch ###
CVE-2004-0174 version (httpd, not 2.2)
CVE-2004-0173 version (httpd, not 2.2)
CVE-2004-0164 version (racoon) ###
CVE-2004-0155 version (racoon) ###
CVE-2004-0154 version (nfs-utils, fixed 1.0.6)
CVE-2004-0150 version (python, fixed 2.2.2) ###
CVE-2004-0138 version (kernel, fixed 2.6.0) ###
CVE-2004-0133 version (kernel, 2.6.4) ###
CVE-2004-0113 version (httpd, not 2.2)
CVE-2004-0112 version (openssl, not 0.9.8)
CVE-2004-0112 backport (openssl097a, fixed 0.9.7d)
CVE-2004-0110 version (libxml2, fixed 2.6.6)
CVE-2004-0109 version (kernel, fixed 2.6.6) ###
CVE-2004-0108 version (sysstat)
CVE-2004-0107 version (sysstat, fixed after 4.0.7)
CVE-2004-0106 version (XFree86) ###
CVE-2004-0098 version (php)
CVE-2004-0097 version (pwlib, fixed 1.6.0)
CVE-2004-0096 version (mod_python, fixed after 2.7.9)
CVE-2004-0094 version (XFree86, fixed 4.3.0) ###
CVE-2004-0093 version (XFree86, fixed 4.3.0) ###
CVE-2004-0084 version (XFree86) ###
CVE-2004-0083 version (XFree86) ###
CVE-2004-0082 version (samba, fixed 3.0.2)
CVE-2004-0081 version (openssl097a, not 0.9.7)
CVE-2004-0081 version (openssl, not 0.9.8)
CVE-2004-0080 version (util-linux, fixed after 2.11f)
CVE-2004-0079 version (openssl, not 0.9.8)
CVE-2004-0079 backport (openssl097a, fixed 0.9.7c)
CVE-2004-0078 version (mutt, fixed 1.4.2)
CVE-2004-0077 version (kernel, fixed 2.6.3) ###
CVE-2004-0075 version (kernel, not 2.6) ###
CVE-2004-0057 version (tcpdump, fixed 3.8.2)
CVE-2004-0055 version (tcpdump, fixed 3.8.2)
CVE-2004-0042 ignore (vsftpd) disputed
CVE-2004-0010 version (kernel, not 2.6) ###
CVE-2004-0008 version (gaim, fixed 0.75)
CVE-2004-0007 version (gaim, fixed 0.75)
CVE-2004-0006 version (gaim, fixed 0.76)
CVE-2004-0005 version (gaim, fixed 0.76)
CVE-2004-0003 version (kernel, not 2.6) ###
CVE-2004-0001 version (kernel, not 2.6) ###
CVE-2003-1303 version (php, fixed 4.3.3)
CVE-2003-1302 version (php, fixed 4.3.1)
CVE-2003-1265 VULNERABLE (mozilla) not fixed upstream ###
CVE-2003-1265 VULNERABLE (firefox) not fixed upstream ###
CVE-2003-1232 version (emacs, fixed 21.3)
CVE-2003-1201 version (openldap, not 2.2)
CVE-2003-1161 version (kernel, not released version) ###
CVE-2003-1138 backport (httpd, Red Hat only) contains /+ now
CVE-2003-1029 version (tcpdump, fixed after 3.8.1)
CVE-2003-1023 version (mc, 4.6.1)
CVE-2003-1013 version (wireshark, fixed 0.10.0)
CVE-2003-1012 version (wireshark, fixed 0.10.0)
CVE-2003-0993 version (httpd, not 2.2)
CVE-2003-0992 version (mailman, fixed 2.1.4)
CVE-2003-0992 version (mailman, fixed 2.1.3)
CVE-2003-0991 version (mailman, fixed 2.0.14)
CVE-2003-0990 version (squirrelmail, fixed after 1.4.0)
CVE-2003-0989 version (tcpdump, fixed 3.8.1)
CVE-2003-0989 version (tcpdump, fixed 3.8.1)
CVE-2003-0988 version (kdepim, fixed 3.1.5)
CVE-2003-0988 version (kde, fixed 3.1.5)
CVE-2003-0987 version (httpd, not 2.2)
CVE-2003-0986 version (kernel, fixed 2.6.2) ###
CVE-2003-0985 version (kernel, not 2.6) ###
CVE-2003-0984 version (kernel, fixed 2.4.23) ###
CVE-2003-0977 version (cvs, fixed 1.11.10)
CVE-2003-0973 version (mod_python, fixed 3.0.4)
CVE-2003-0972 version (screen, fixed after 4.0.1)
CVE-2003-0971 version (gnupg, fixed after 1.0.2)
CVE-2003-0968 version (freeradius, fixed after 0.9.3)
CVE-2003-0967 version (freeradius, fixed after 0.9.2)
CVE-2003-0965 version (mailman, fixed 2.1.4)
CVE-2003-0963 version (lftp, fixed after 2.6.9)
CVE-2003-0962 version (rsync, fixed 2.5.7)
CVE-2003-0961 version (kernel, fixed 2.4.23) ###
CVE-2003-0959 version (kernel, fixed 2.4.21) ###
CVE-2003-0956 version (kernel, fixed 2.4.22) ###
CVE-2003-0935 version (net-snmp, fixed 5.0.9)
CVE-2003-0927 version (wireshark, fixed 0.9.16)
CVE-2003-0926 version (wireshark, fixed 0.9.16)
CVE-2003-0925 version (wireshark, fixed 0.9.16)
CVE-2003-0924 version (netpbm, fixed 9.26)
CVE-2003-0914 version (bind, not 9)
CVE-2003-0901 version (postgresql, not 8)
CVE-2003-0900 version (perl, only 5.8.1)
CVE-2003-0865 version (tomcat, fixed after 4.0.3)
CVE-2003-0863 ignore (php) http://lists.nyphp.org/pipermail/talk/2003-November/006392.html
CVE-2003-0861 version (php, fixed 4.3.3)
CVE-2003-0860 version (php, fixed 4.3.3)
CVE-2003-0859 version (glibc, checked fc5 source)
CVE-2003-0858 version (quagga, fixed 0.95)
CVE-2003-0856 version (iproute)
CVE-2003-0854 version (coreutils, fixed 5.1.3)
CVE-2003-0853 version (coreutils, fixed 5.1.3)
CVE-2003-0851 version (openssl097a, not 0.9.7)
CVE-2003-0851 version (openssl, not 0.9.8)
CVE-2003-0795 version (quagga, fixed 0.96.4)
CVE-2003-0794 version (gdm, fixed 2.4.1.7)
CVE-2003-0793 version (gdm, fixed 2.4.1.7)
CVE-2003-0792 version (fetchmail, 6.2.4 only)
CVE-2003-0791 version (mozilla, not after 1.4) ###
CVE-2003-0789 version (httpd, not 2.2)
CVE-2003-0788 version (cups, fixed 1.1.19)
CVE-2003-0787 version (openssh, fixed 3.7.1p2)
CVE-2003-0786 version (openssh, fixed 3.7.1p2)
CVE-2003-0780 version (mysql, not 4.1)
CVE-2003-0778 version (sane-backends, fixed 1.0.10)
CVE-2003-0777 version (sane-backends, fixed 1.0.10)
CVE-2003-0776 version (sane-backends, fixed 1.0.10)
CVE-2003-0775 version (sane-backends, fixed 1.0.10)
CVE-2003-0774 version (sane-backends, fixed 1.0.10)
CVE-2003-0773 version (sane-backends, fixed 1.0.10)
CVE-2003-0740 version (stunnel, fixed 3.26)
CVE-2003-0730 version (xfree86, fixed after 4.3.0) ###
CVE-2003-0700 version (kernel, not 2.6) ###
CVE-2003-0699 version (kernel, not 2.6) ###
CVE-2003-0695 version (openssh, fixed 3.7.1)
CVE-2003-0694 version (sendmail, fixed 8.12.10)
CVE-2003-0693 version (openssh, fixed 3.7)
CVE-2003-0692 version (kde, fixed after 3.1.3)
CVE-2003-0690 version (kde, fixed after 3.1.3)
CVE-2003-0689 version (glibc, fixed 2.3.2 at least)
CVE-2003-0688 version (sendmail, fixed 8.12.9)
CVE-2003-0686 version (pam_smb, fixed 1.1.7)
CVE-2003-0682 version (openssh, fixed 4.0p1 at least)
CVE-2003-0681 version (sendmail, fixed 8.12.10)
CVE-2003-0655 version (cdrtools, fixed 2.01a18)
CVE-2003-0644 version (kdbg, not after 1.2.8)
CVE-2003-0643 version (kernel, not 2.6) ###
CVE-2003-0619 version (kernel, not 2.6) ###
CVE-2003-0618 version (suidperl, fixed 5.8.6 at least)
CVE-2003-0594 version (mozilla, ICAT) ###
CVE-2003-0592 version (kde, fixed 3.1.3)
CVE-2003-0564 version (mozilla, ICAT) ###
CVE-2003-0555 ignore (ImageMagick) wasn't reproducable
CVE-2003-0552 version (kernel, not 2.6) ###
CVE-2003-0551 version (kernel, not 2.6) ###
CVE-2003-0550 version (kernel, not 2.6) ###
CVE-2003-0549 version (gdm, fixed 2.4.1.6)
CVE-2003-0548 version (gdm, fixed 2.4.1.6)
CVE-2003-0547 version (gdm, fixed 2.4.1.6)
CVE-2003-0545 version (openssl, not 0.9.8)
CVE-2003-0545 backport (openssl097a, fixed 0.9.7c)
CVE-2003-0544 version (openssl, not 0.9.8)
CVE-2003-0544 backport (openssl097a, fixed 0.9.7c)
CVE-2003-0543 version (openssl, not 0.9.8)
CVE-2003-0543 backport (openssl097a, fixed 0.9.7c)
CVE-2003-0542 version (httpd, not 2.2)
CVE-2003-0540 version (postfix, not 2.0 onwards)
CVE-2003-0517 version (mgetty, fixed 1.1.29)
CVE-2003-0516 version (mgetty, fixed 1.1.29)
CVE-2003-0501 version (kernel, fixed 2.6.1) ###
CVE-2003-0476 version (kernel, fixed 2.6.1) ###
CVE-2003-0468 version (postfix, fixed 1.1.12)
CVE-2003-0467 version (kernel, not 2.6) ###
CVE-2003-0465 version (kernel, not 2.6) ###
CVE-2003-0464 version (kernel, not 2.6) ###
CVE-2003-0462 version (kernel, fixed 2.6.1) ###
CVE-2003-0461 version (kernel, fixed 2.6.1) ###
CVE-2003-0459 version (kdelibs, not 3.2)
CVE-2003-0455 version (ImageMagick)
CVE-2003-0442 version (php, fixed 4.3.2)
CVE-2003-0434 version (xpdf, fixed 2.02pl1)
CVE-2003-0432 version (wireshark, fixed after 0.9.12)
CVE-2003-0431 version (wireshark, fixed after 0.9.12)
CVE-2003-0430 version (wireshark, fixed after 0.9.12)
CVE-2003-0429 version (wireshark, fixed after 0.9.12)
CVE-2003-0428 version (wireshark, fixed after 0.9.12)
CVE-2003-0427 backport (mikmod) ###
CVE-2003-0418 version (kernel, not 2.6) ###
CVE-2003-0388 version (pam, fixed 0.78)
CVE-2003-0386 version (openssh, fixed after 3.6.1)
CVE-2003-0370 version (kde, fixed 3.0)
CVE-2003-0367 backport (gzip) ###
CVE-2003-0364 version (kernel, not 2.6) ###
CVE-2003-0357 version (wireshark, fixed after 0.9.11)
CVE-2003-0356 version (wireshark, fixed after 0.9.11)
CVE-2003-0354 version (ghostscript, fixed 7.07)
CVE-2003-0328 version (epic, fixed epic4-2.2 at least)
CVE-2003-0300 ignore (sylpheed) only a crasher
CVE-2003-0299 ignore (mutt) only a crasher
CVE-2003-0298 version (mozilla, fixed after 1.4a) ###
CVE-2003-0296 version (evolution, fixed 1.4.5 at least)
CVE-2003-0289 version (cdrtools, fixed 2.01a14)
CVE-2003-0282 version (unzip, fixed 5.51)
CVE-2003-0255 version (gnupg, fixed 1.2.2)
CVE-2003-0253 version (httpd, not 2.2)
CVE-2003-0252 version (nfs-utils, fixed 1.0.4)
CVE-2003-0251 version (ypserv, fixed 2.7)
CVE-2003-0249 ignore (php) see CVE
CVE-2003-0248 version (kernel, not 2.6) ###
CVE-2003-0247 version (kernel, not 2.6) ###
CVE-2003-0246 version (kernel, not 2.6) ###
CVE-2003-0245 version (httpd, not 2.2)
CVE-2003-0245 version (httpd, not 2.2)
CVE-2003-0244 version (kernel, not 2.6) ###
CVE-2003-0211 version (xinetd, fixed 2.3.11)
CVE-2003-0204 version (kde, fixed after 3.1.1)
CVE-2003-0201 version (samba, fixed 2.2.8a)
CVE-2003-0196 version (samba, fixed 2.2.8a)
CVE-2003-0195 version (cups, fixed 1.1.19)
CVE-2003-0194 version (tcpdump, not upstream)
CVE-2003-0192 version (httpd, not 2.2)
CVE-2003-0190 version (openssh, fixed 3.6.1p1)
CVE-2003-0189 version (httpd, not 2.2)
CVE-2003-0188 version (lv, fixed 4.51 at least)
CVE-2003-0187 version (kernel, not 2.6) ###
CVE-2003-0167 version (mutt, fixed 1.4.1)
CVE-2003-0166 version (php, fixed 4.3.2)
CVE-2003-0165 version (eog, fixed 2.2.2??) ###
CVE-2003-0161 version (sendmail, fixed 8.12.9)
CVE-2003-0160 version (squirrelmail, fixed 1.2.11)
CVE-2003-0159 version (wireshark, fixed after 0.9.9)
CVE-2003-0150 version (mysql, fixed 3.23.56)
CVE-2003-0147 version (openssl, not 0.9.8)
CVE-2003-0147 backport (openssl097a, fixed 0.9.7b)
CVE-2003-0146 version (netpbm, fixed 10.18)
CVE-2003-0145 version (tcpdump, fixed 3.7.2)
CVE-2003-0140 version (mutt, fixed 1.4.1)
CVE-2003-0139 version (krb5, fixed 1.3)
CVE-2003-0138 version (krb5, fixed 1.3)
CVE-2003-0135 version (vsftpd, not upstream)
CVE-2003-0133 version (evolution, fixed 1.2.4)
CVE-2003-0132 version (httpd, not 2.2)
CVE-2003-0131 version (openssl, not 0.9.8)
CVE-2003-0131 backport (openssl097a, fixed 0.9.7b)
CVE-2003-0130 version (evolution, fixed 1.2.3)
CVE-2003-0129 version (evolution, fixed 1.2.3)
CVE-2003-0128 version (evolution, fixed 1.2.3)
CVE-2003-0127 version (kernel, not 2.6) ###
CVE-2003-0124 version (man, fixed 1.5l)
CVE-2003-0108 version (tcpdump, fixed after 3.7.1)
CVE-2003-0107 version (zlib, fixed 1.2.0.2 at least)
CVE-2003-0102 version (file, fixed 3.41)
CVE-2003-0097 version (php, fixed 4.3.1)
CVE-2003-0093 version (tcpdump, fixed 3.7.2)
CVE-2003-0086 version (samba, fixed 2.2.8)
CVE-2003-0085 version (samba, fixed 2.2.8)
CVE-2003-0083 version (httpd, not 2.2)
CVE-2003-0082 version (krb5, fixed after 1.2.7)
CVE-2003-0081 version (wireshark, fixed after 0.9.9)
CVE-2003-0078 version (openssl097a, fixed 0.9.7a)
CVE-2003-0078 version (openssl, not 0.9.8)
CVE-2003-0073 version (mysql, fixed 3.23.55)
CVE-2003-0072 version (krb5, fixed after 1.2.7)
CVE-2003-0071 version (xorg-x11, fixed in 6.8.2 at least) ###
CVE-2003-0070 version (vte, fixed 0.11.1 at least)
CVE-2003-0063 version (xorg-x11, fixed at least in 4.2.99) ###
CVE-2003-0060 version (krb5, fixed 1.2.5)
CVE-2003-0059 version (krb5, fixed 1.2.5)
CVE-2003-0058 version (krb5, fixed 1.2.5)
CVE-2003-0044 version (tomcat, fixed after 3.3.1a)
CVE-2003-0043 version (tomcat, fixed 3.3.1a)
CVE-2003-0041 version (krb5, fixed after 1.2.7)
CVE-2003-0038 version (mailman, fixed 2.0.13 at least)
CVE-2003-0028 version (krb5, fixed after 1.2.7)
CVE-2003-0028 version (glibc, fixed after 2.3.1)
CVE-2003-0026 version (dhcp, fixed 3.0.1)
CVE-2003-0020 version (httpd, not 2.2)
CVE-2003-0019 version (kernel-utils, not upstream)
CVE-2003-0018 version (kernel, not 2.6) ###
CVE-2003-0017 version (httpd, not 2.2)
CVE-2003-0016 version (httpd, not 2.2)
CVE-2003-0015 version (cvs, fixed 1.11.5)
CVE-2003-0001 version (kernel, not 2.6) ###
older, happened to deal with at same time:
CVE-2002-2215 version (php, fixed 4.3.0)
CVE-2002-2214 version (php, fixed 4.2.2)
CVE-2002-2211 ** bind ###
CVE-2002-2210 ignore (openoffice) binary install only (not rpm install)
CVE-2002-2204 ignore (rpm) by design
CVE-2002-2196 version (samba, fixed 2.2.5)
CVE-2002-2185 version (kernel, fixed 2.6.15) ###
CVE-2002-2103 version (httpd, not 2.0)
CVE-2002-1963 version (kernel, not 2.6) ###
CVE-2002-1976 ignore (ifconfig) "use ip"
CVE-2002-1914 version (dump, fixed 0.4b29)
CVE-2002-1850 version (mod_cgi, fixed 2.0.41)
CVE-2002-1827 version (sendmail, fixed after 8.12.3)
CVE-2002-1814 ignore (bonobo) not shipped setuid ###
CVE-2002-1793 version (mod_ssl), also only hp
CVE-2002-1783 version (php, fixed after 4.2.3)
CVE-2002-1765 version (evolution, fixed 1.0.5)
CVE-2002-1593 version (httpd, not 2.2)
CVE-2002-1573 version (kernel, not 2.6) ###
CVE-2002-1572 version (kernel, not 2.6) ###
CVE-2002-1571 version (kernel, not 2.6) ###
CVE-2002-1510 version (XFree86, fixed 4.2.0) ###
CVE-2002-1472 version (XFree86, fixed 4.2.1) ###
CVE-2002-1363 version (libpng, fixed 1.2.6)
CVE-2002-0517 version (XFree86, didn't affect Linux) ###
CVE-2002-0164 version (XFree86, fixed 4.2.1) ###
CVE-2001-1490 version (mozilla, fixed 1.0.0) ###
CVE-2001-1494 version (util-linux, fixed 2.11n)
CVE-2001-0955 version (XFree86, fixed 4.2.0) ###
CVE-2001-0474 version (mesa, fixed 3.3-14)
CVE-2000-0504 version (libICE, fixed XFree86:4.0.1) ###
CVE-1999-1572 backport (cpio) ###
More information about the fedora-extras-commits
mailing list