fedora-security/audit fc6,1.8,1.9

Mark Cox (mjc) fedora-extras-commits at redhat.com
Tue Aug 15 07:47:36 UTC 2006 

Author: mjc

Update of /cvs/fedora/fedora-security/audit
In directory cvs-int.fedora.redhat.com:/tmp/cvs-serv30638

Modified Files:
	fc6 
Log Message:
Deal with Mozilla (gone, and no Seamonkey) and Firefox.  This leaves around
130 issues that'll need mostly individual investigation.  The last 10% will
take 50% of the time to review.



Index: fc6
===================================================================
RCS file: /cvs/fedora/fedora-security/audit/fc6,v
retrieving revision 1.8
retrieving revision 1.9
diff -u -r1.8 -r1.9
--- fc6	15 Aug 2006 07:35:37 -0000	1.8
+++ fc6	15 Aug 2006 07:47:33 -0000	1.9
@@ -6,7 +6,7 @@
 Up to date FC6 as of Test2
 
 Notes:
-1. Removed packages no longer shipped (except mozilla!)
+1. Removed packages no longer shipped
 2. Added packages newly shipped
 3. Deal with libutempter/utempter
 4. ### left to do (was 1771)
@@ -20,49 +20,36 @@
 CVE-2006-3879 version (mikmod, not 3.1.6)
 CVE-2006-3835 version (tomcat, fixed 5.5.17)
 CVE-2006-3813 version (perl) only Red Hat Enterprise Linux affected
-CVE-2006-3812 version (firefox, fixed 1.5.0.5) [since FEDORA-2006-902] ###
+CVE-2006-3812 version (firefox, fixed 1.5.0.5)
 CVE-2006-3812 VULNERABLE (thunderbird, fixed 1.5.0.5)
-CVE-2006-3812 VULNERABLE (mozilla) ###
-CVE-2006-3811 version (firefox, fixed 1.5.0.5) [since FEDORA-2006-902] ###
+CVE-2006-3811 version (firefox, fixed 1.5.0.5)
 CVE-2006-3811 VULNERABLE (thunderbird, fixed 1.5.0.5)
-CVE-2006-3811 VULNERABLE (mozilla) ###
-CVE-2006-3810 version (firefox, fixed 1.5.0.5) [since FEDORA-2006-902] ###
+CVE-2006-3810 version (firefox, fixed 1.5.0.5)
 CVE-2006-3810 VULNERABLE (thunderbird, fixed 1.5.0.5)
-CVE-2006-3810 VULNERABLE (mozilla) ###
-CVE-2006-3809 version (firefox, fixed 1.5.0.5) [since FEDORA-2006-902] ###
+CVE-2006-3809 version (firefox, fixed 1.5.0.5)
 CVE-2006-3809 VULNERABLE (thunderbird, fixed 1.5.0.5)
-CVE-2006-3809 VULNERABLE (mozilla) ###
-CVE-2006-3808 version (firefox, fixed 1.5.0.5) [since FEDORA-2006-902] ###
+CVE-2006-3808 version (firefox, fixed 1.5.0.5)
 CVE-2006-3808 VULNERABLE (thunderbird, fixed 1.5.0.5)
-CVE-2006-3808 VULNERABLE (mozilla) ###
-CVE-2006-3807 version (firefox, fixed 1.5.0.5) [since FEDORA-2006-902] ###
+CVE-2006-3807 version (firefox, fixed 1.5.0.5)
 CVE-2006-3807 VULNERABLE (thunderbird, fixed 1.5.0.5)
-CVE-2006-3807 VULNERABLE (mozilla) ###
-CVE-2006-3806 version (firefox, fixed 1.5.0.5) [since FEDORA-2006-902] ###
+CVE-2006-3806 version (firefox, fixed 1.5.0.5)
 CVE-2006-3806 VULNERABLE (thunderbird, fixed 1.5.0.5)
-CVE-2006-3806 VULNERABLE (mozilla) ###
-CVE-2006-3805 version (firefox, fixed 1.5.0.5) [since FEDORA-2006-902] ###
+CVE-2006-3805 version (firefox, fixed 1.5.0.5)
 CVE-2006-3805 VULNERABLE (thunderbird, fixed 1.5.0.5)
-CVE-2006-3805 VULNERABLE (mozilla) ###
-CVE-2006-3804 version (firefox, fixed 1.5.0.5) [since FEDORA-2006-902] ###
+CVE-2006-3804 version (firefox, fixed 1.5.0.5)
 CVE-2006-3804 VULNERABLE (thunderbird, fixed 1.5.0.5)
-CVE-2006-3804 VULNERABLE (mozilla) ###
-CVE-2006-3803 version (firefox, fixed 1.5.0.5) [since FEDORA-2006-902] ###
+CVE-2006-3803 version (firefox, fixed 1.5.0.5)
 CVE-2006-3803 VULNERABLE (thunderbird, fixed 1.5.0.5)
-CVE-2006-3803 VULNERABLE (mozilla) ###
-CVE-2006-3802 version (firefox, fixed 1.5.0.5) [since FEDORA-2006-902] ###
+CVE-2006-3802 version (firefox, fixed 1.5.0.5)
 CVE-2006-3802 VULNERBALE (thunderbird, fixed 1.5.0.5)
-CVE-2006-3802 VULNERABLE (mozilla) ###
-CVE-2006-3801 version (firefox, fixed 1.5.0.5) [since FEDORA-2006-902] ###
+CVE-2006-3801 version (firefox, fixed 1.5.0.5)
 CVE-2006-3801 VULNERABLER (thunderbird, fixed 1.5.0.5)
-CVE-2006-3801 VULNERABLE (mozilla) ###
 CVE-2006-3747 backport (httpd, fixed 2.2.3) ###
 CVE-2006-3746 version (gnupg, fixed 1.4.5)
 CVE-2006-3731 ignore (firefox) just a user complicit crash
 CVE-2006-3694 backport (ruby, fixed 1.8.5) #199538 #199543 [since FEDORA-2006-849] ###
-CVE-2006-3677 version (firefox, fixed 1.5.0.5) [since FEDORA-2006-902] ###
+CVE-2006-3677 version (firefox, fixed 1.5.0.5)
 CVE-2006-3677 VULNERABLE (thunderbird, fixed 1.5.0.5)
-CVE-2006-3677 VULNERABLE (mozilla) ###
 CVE-2006-3672 ignore (konqueror) just a crash
 CVE-2006-3665 ignore (squirrelmail) don't enable register_globals!
 CVE-2006-3634 ignore (kernel, fixed 2.6.17.8) s390 only
@@ -98,9 +85,8 @@
 CVE-2006-3127 version (nss, only affected 3.11)
 CVE-2006-3122 ** dhcp ###
 CVE-2006-3117 version (openoffice.org, fixed 2.0.3)
-CVE-2006-3113 version (firefox, fixed 1.5.0.5) [since FEDORA-2006-902] ###
+CVE-2006-3113 version (firefox, fixed 1.5.0.5)
 CVE-2006-3113 VULNERABLE (thunderbird, fixed 1.5.0.5)
-CVE-2006-3113 VULNERABLE (mozilla) ###
 CVE-2006-3085 version (kernel, fixed 2.6.17.1)
 CVE-2006-3084 ignore (krb5) seteuid() calls never fail on linux
 CVE-2006-3083 backport (krb5, fixed 1.5.1, 1.4.4) [since FEDORA-2006-905] ###
@@ -118,42 +104,30 @@
 CVE-2006-2916 ignore (arts) not shipped setuid ###
 CVE-2006-2906 VULNERABLE (gd) #194520 ###
 CVE-2006-2894 VULNERABLE (firefox) ###
-CVE-2006-2894 VULNERABLE (mozilla) ###
 CVE-2006-2842 version (squirrelmail, fixed 1.4.6)
 CVE-2006-2789 version (evolution, fixed 2.4.X)
-CVE-2006-2788 version (firefox, fixed 1.5.0.4) [since FEDORA-2006-715] ###
-CVE-2006-2787 version (firefox, fixed 1.5.0.4) [since FEDORA-2006-715] ###
+CVE-2006-2788 version (firefox, fixed 1.5.0.4)
+CVE-2006-2787 version (firefox, fixed 1.5.0.4)
 CVE-2006-2787 version (thunderbird, fixed 1.5.0.4)
-CVE-2006-2787 VULNERABLE (mozilla) ###
-CVE-2006-2786 version (firefox, fixed 1.5.0.4) [since FEDORA-2006-715] ###
+CVE-2006-2786 version (firefox, fixed 1.5.0.4)
 CVE-2006-2786 version (thunderbird, fixed 1.5.0.4)
-CVE-2006-2786 VULNERABLE (mozilla) ###
-CVE-2006-2785 version (firefox, fixed 1.5.0.4) [since FEDORA-2006-715] ###
-CVE-2006-2785 VULNERABLE (mozilla) ###
-CVE-2006-2784 version (firefox, fixed 1.5.0.4) [since FEDORA-2006-715] ###
-CVE-2006-2784 VULNERABLE (mozilla) ###
-CVE-2006-2783 version (firefox, fixed 1.5.0.4) [since FEDORA-2006-715] ###
+CVE-2006-2785 version (firefox, fixed 1.5.0.4)
+CVE-2006-2784 version (firefox, fixed 1.5.0.4)
+CVE-2006-2783 version (firefox, fixed 1.5.0.4)
 CVE-2006-2783 version (thunderbird, fixed 1.5.0.4)
-CVE-2006-2783 VULNERABLE (mozilla) ###
-CVE-2006-2782 version (firefox, fixed 1.5.0.4) [since FEDORA-2006-715] ###
+CVE-2006-2782 version (firefox, fixed 1.5.0.4)
 CVE-2006-2781 version (thunderbird, fixed 1.5.0.4)
 CVE-2006-2780 VULNERABLE (firefox) ###
 CVE-2006-2780 version (thunderbird, fixed 1.5.0.4)
-CVE-2006-2780 VULNERABLE (mozilla) ###
-CVE-2006-2779 version (firefox, fixed 1.5.0.4) [since FEDORA-2006-715] ###
+CVE-2006-2779 version (firefox, fixed 1.5.0.4)
 CVE-2006-2779 version (thunderbird, fixed 1.5.0.4)
-CVE-2006-2779 VULNERABLE (mozilla) ###
-CVE-2006-2778 version (firefox, fixed 1.5.0.4) [since FEDORA-2006-715] ###
+CVE-2006-2778 version (firefox, fixed 1.5.0.4)
 CVE-2006-2778 version (thunderbird, fixed 1.5.0.4)
-CVE-2006-2778 VULNERABLE (mozilla) ###
-CVE-2006-2777 version (firefox, fixed 1.5.0.4) [since FEDORA-2006-715] ###
-CVE-2006-2777 VULNERABLE (mozilla) ###
-CVE-2006-2776 version (firefox, fixed 1.5.0.4) [since FEDORA-2006-715] ###
+CVE-2006-2777 version (firefox, fixed 1.5.0.4)
+CVE-2006-2776 version (firefox, fixed 1.5.0.4)
 CVE-2006-2776 version (thunderbird, fixed 1.5.0.4)
-CVE-2006-2776 VULNERABLE (mozilla) ###
-CVE-2006-2775 version (firefox, fixed 1.5.0.4) [since FEDORA-2006-715] ###
+CVE-2006-2775 version (firefox, fixed 1.5.0.4)
 CVE-2006-2775 version (thunderbird, fixed 1.5.0.4)
-CVE-2006-2775 VULNERABLE (mozilla) ###
 CVE-2006-2754 ignore (openldap) This issue is not exploitable
 CVE-2006-2753 version (mysql, fixed 5.0.22)
 CVE-2006-2723 ignore (firefox) disputed
@@ -198,10 +172,10 @@
 CVE-2006-2026 version (libtiff, fixed 3.8.1)
 CVE-2006-2025 version (libtiff, fixed 3.8.1)
 CVE-2006-2024 version (libtiff, fixed 3.8.1)
-CVE-2006-1993 version (firefox, fixed 1.5.0.3) #190124 [since FEDORA-2006-547] ###
+CVE-2006-1993 version (firefox, fixed 1.5.0.3)
 CVE-2006-1991 version (php)
 CVE-2006-1990 version (php)
-CVE-2006-1942 version (firefox, fixed 1.5.0.4) [since FEDORA-2006-715] ###
+CVE-2006-1942 version (firefox, fixed 1.5.0.4)
 CVE-2006-1940 version (wireshark, fixed 0.99.0)
 CVE-2006-1939 version (wireshark, fixed 0.99.0)
 CVE-2006-1938 version (wireshark, fixed 0.99.0)
@@ -224,62 +198,44 @@
 CVE-2006-1857 version (kernel, fixed 2.6.16.17)
 CVE-2006-1856 version (kernel, fixed 2.6.16.12)
 CVE-2006-1855 version (kernel, fixed 2.6.11.12)
-CVE-2006-1790 version (firefox, fixed 1.5.0.2) [since FEDORA-2006-411] ###
+CVE-2006-1790 version (firefox, fixed 1.5.0.2)
 CVE-2006-1790 version (thunderbird, fixed 1.5.0.2)
-CVE-2006-1790 version (mozilla, fixed 1.7.13) [since FEDORA-2006-487] ###
 CVE-2006-1742 version (thunderbird, fixed 1.5.0.2)
-CVE-2006-1742 version (mozilla, fixed 1.7.13) [since FEDORA-2006-487] ###
-CVE-2006-1742 version (firefox, fixed 1.5.0.2) [since FEDORA-2006-411] ###
+CVE-2006-1742 version (firefox, fixed 1.5.0.2)
 CVE-2006-1741 version (thunderbird, fixed 1.5.0.2)
-CVE-2006-1741 version (mozilla, fixed 1.7.13) [since FEDORA-2006-487] ###
-CVE-2006-1741 version (firefox, fixed 1.5.0.2) [since FEDORA-2006-411] ###
-CVE-2006-1740 version (mozilla, fixed 1.7.13) [since FEDORA-2006-487] ###
-CVE-2006-1740 version (firefox, fixed 1.5.0.2) [since FEDORA-2006-411] ###
+CVE-2006-1741 version (firefox, fixed 1.5.0.2)
+CVE-2006-1740 version (firefox, fixed 1.5.0.2)
 CVE-2006-1739 version (thunderbird, fixed 1.5.0.2)
-CVE-2006-1739 version (mozilla, fixed 1.7.13) [since FEDORA-2006-487] ###
-CVE-2006-1739 version (firefox, fixed 1.5.0.2) [since FEDORA-2006-411] ###
+CVE-2006-1739 version (firefox, fixed 1.5.0.2)
 CVE-2006-1738 version (thunderbird, fixed 1.5.0.2)
-CVE-2006-1738 version (mozilla, fixed 1.7.13) [since FEDORA-2006-487] ###
-CVE-2006-1738 version (firefox, fixed 1.5.0.2) [since FEDORA-2006-411] ###
+CVE-2006-1738 version (firefox, fixed 1.5.0.2)
 CVE-2006-1737 version (thunderbird, fixed 1.5.0.2)
-CVE-2006-1737 version (mozilla, fixed 1.7.13) [since FEDORA-2006-487] ###
-CVE-2006-1737 version (firefox, fixed 1.5.0.2) [since FEDORA-2006-411] ###
-CVE-2006-1736 version (mozilla, fixed 1.7.13) [since FEDORA-2006-487] ###
-CVE-2006-1736 versions (firefox, fixed 1.5.0.2) [since FEDORA-2006-411] ###
-CVE-2006-1735 version (mozilla, fixed 1.7.13) [since FEDORA-2006-487] ###
+CVE-2006-1737 version (firefox, fixed 1.5.0.2)
+CVE-2006-1736 version (firefox, fixed 1.5.0.2)
 CVE-2006-1735 version (thunderbird, fixed 1.5.0.2)
-CVE-2006-1735 version (firefox, fixed 1.5.0.2) [since FEDORA-2006-411] ###
-CVE-2006-1734 version (mozilla, fixed 1.7.13) [since FEDORA-2006-487] ###
+CVE-2006-1735 version (firefox, fixed 1.5.0.2)
 CVE-2006-1734 version (thunderbird, fixed 1.5.0.2)
-CVE-2006-1734 version (firefox, fixed 1.5.0.2) [since FEDORA-2006-411] ###
-CVE-2006-1733 version (mozilla, fixed 1.7.13) [since FEDORA-2006-487] ###
+CVE-2006-1734 version (firefox, fixed 1.5.0.2)
 CVE-2006-1733 version (thunderbird, fixed 1.5.0.2)
-CVE-2006-1733 version (firefox, fixed 1.5.0.2) [since FEDORA-2006-411] ###
-CVE-2006-1732 version (mozilla, fixed 1.7.13) [since FEDORA-2006-487] ###
+CVE-2006-1733 version (firefox, fixed 1.5.0.2)
 CVE-2006-1732 version (thunderbird, fixed 1.5.0.2)
-CVE-2006-1732 version (firefox, fixed 1.5.0.2) [since FEDORA-2006-411] ###
-CVE-2006-1731 version (mozilla, fixed 1.7.13) [since FEDORA-2006-487] ###
+CVE-2006-1732 version (firefox, fixed 1.5.0.2)
 CVE-2006-1731 version (thunderbird, fixed 1.5.0.2)
-CVE-2006-1731 version (firefox, fixed 1.5.0.2) [since FEDORA-2006-411] ###
-CVE-2006-1730 version (mozilla, fixed 1.7.13) [since FEDORA-2006-487] ###
+CVE-2006-1731 version (firefox, fixed 1.5.0.2)
 CVE-2006-1730 version (thunderbird, fixed 1.5.0.2)
-CVE-2006-1730 version (firefox, fixed 1.5.0.2) [since FEDORA-2006-411] ###
-CVE-2006-1729 version (mozilla, fixed 1.7.13) [since FEDORA-2006-487] ###
-CVE-2006-1729 version (firefox, fixed 1.5.0.2) [since FEDORA-2006-411] ###
+CVE-2006-1730 version (firefox, fixed 1.5.0.2)
+CVE-2006-1729 version (firefox, fixed 1.5.0.2)
 CVE-2006-1728 version (thunderbird, fixed 1.5.0.2)
-CVE-2006-1728 version (mozilla, fixed 1.7.13) [since FEDORA-2006-487] ###
-CVE-2006-1728 version (firefox, fixed 1.5.0.2) [since FEDORA-2006-411] ###
+CVE-2006-1728 version (firefox, fixed 1.5.0.2)
 CVE-2006-1727 version (thunderbird, fixed 1.5.0.2)
-CVE-2006-1727 version (mozilla, fixed 1.7.13) [since FEDORA-2006-487] ###
-CVE-2006-1727 version (firefox, fixed 1.5.0.2) [since FEDORA-2006-411] ###
-CVE-2006-1726 version (firefox, fixed 1.5.0.2) [since FEDORA-2006-411] ###
+CVE-2006-1727 version (firefox, fixed 1.5.0.2)
+CVE-2006-1726 version (firefox, fixed 1.5.0.2)
 CVE-2006-1726 version (thunderbird, fixed 1.5.0.2)
-CVE-2006-1725 version (firefox, fixed 1.5.0.2) [since FEDORA-2006-411] ###
+CVE-2006-1725 version (firefox, fixed 1.5.0.2)
 CVE-2006-1724 version (thunderbird, fixed 1.5.0.2)
-CVE-2006-1724 version (mozilla, fixed 1.7.13) [since FEDORA-2006-487] ###
-CVE-2006-1724 version (firefox, fixed 1.5.0.2) [since FEDORA-2006-411] ###
+CVE-2006-1724 version (firefox, fixed 1.5.0.2)
 CVE-2006-1723 version (thunderbird, fixed 1.5.0.2)
-CVE-2006-1723 version (firefox, fixed 1.5.0.2) [since FEDORA-2006-411] ###
+CVE-2006-1723 version (firefox, fixed 1.5.0.2)
 CVE-2006-1721 version (cyrus-sasl, fixed 2.1.21)
 CVE-2006-1712 version (mailman, only 2.1.7)
 CVE-2006-1650 ignore (firefox) a number of reports don't confirm this
@@ -292,11 +248,11 @@
 CVE-2006-1546 VULNERABLE (struts, fixed 1.2.9)  ###
 CVE-2006-1542 backport (python)  [since FEDORA-2006-689] ###
 CVE-2006-1531 version (thunderbird, fixed 1.5.0.2)
-CVE-2006-1531 version (firefox, fixed 1.5.0.2) [since FEDORA-2006-411] ###
+CVE-2006-1531 version (firefox, fixed 1.5.0.2)
 CVE-2006-1530 version (thunderbird, fixed 1.5.0.2)
-CVE-2006-1530 version (firefox, fixed 1.5.0.2) [since FEDORA-2006-411] ###
+CVE-2006-1530 version (firefox, fixed 1.5.0.2)
 CVE-2006-1529 version (thunderbird, fixed 1.5.0.2)
-CVE-2006-1529 version (firefox, fixed 1.5.0.2) [since FEDORA-2006-411] ###
+CVE-2006-1529 version (firefox, fixed 1.5.0.2)
 CVE-2006-1528 version (kernel, fixed 2.6.13)
 CVE-2006-1527 version (kernel, fixed 2.6.17)
 CVE-2006-1526 backport (xorg-x11)  [since FEDORA-2006-483] ###
@@ -341,11 +297,9 @@
 CVE-2006-0884 version (thunderbird, fixed 1.5.0.2)
 CVE-2006-0836 VULNERABLE (thunderbird) ###
 CVE-2006-0749 version (thunderbird, fixed 1.5.0.2)
-CVE-2006-0749 version (mozilla, fixed 1.7.13) [since FEDORA-2006-487] ###
-CVE-2006-0749 version (firefox, fixed 1.5.0.2) [since FEDORA-2006-411] ###
+CVE-2006-0749 version (firefox, fixed 1.5.0.2)
 CVE-2006-0748 version (thunderbird, fixed 1.5.0.2)
-CVE-2006-0748 version (mozilla, fixed 1.7.13) [since FEDORA-2006-487] ###
-CVE-2006-0748 version (firefox, fixed 1.5.0.2) [since FEDORA-2006-411] ###
+CVE-2006-0748 version (firefox, fixed 1.5.0.2)
 CVE-2006-0747 version (freetype, fixed 2.2.1)
 CVE-2006-0746 version (kdegraphics, fixed 3.4)
 CVE-2006-0745 backport (xorg-x11) [since FEDORA-2006-172] ###
@@ -364,7 +318,6 @@
 CVE-2006-0554 version (kernel, fixed 2.6.16)
 CVE-2006-0553 version (postgresql, only 8.1, fixed 8.1.3)
 CVE-2006-0528 backport (cairo) cairo-1.0.2-chunk-glyphs-CVE-2006-0528.patch ###
-CVE-2006-0496 VULNERABLE (mozilla) not fixed upstream ###
 CVE-2006-0496 VULNERABLE (firefox) not fixed upstream ###
 CVE-2006-0482 ignore (kernel) sparc only
 CVE-2006-0481 version (libpng, 1.2.7 only)
@@ -382,29 +335,21 @@
 CVE-2006-0301 version (kdegraphics, fixed 3.5.2)
 CVE-2006-0300 VULNERABLE (tar) [fixed rawhide in tar-1.15.1-13] ###
 CVE-2006-0299 version (thunderbird, fixed 1.5)
-CVE-2006-0299 version (mozilla, 1.8 branch only) ###
-CVE-2006-0299 version (firefox, fixed 1.5.0.1) ###
+CVE-2006-0299 version (firefox, fixed 1.5.0.1)
 CVE-2006-0298 version (thunderbird, fixed 1.5)
-CVE-2006-0298 version (mozilla, 1.8 branch only) ###
-CVE-2006-0298 version (firefox, fixed 1.5.0.1) ###
+CVE-2006-0298 version (firefox, fixed 1.5.0.1)
 CVE-2006-0297 version (thunderbird, fixed 1.5)
-CVE-2006-0297 version (mozilla, 1.8 branch only) ###
-CVE-2006-0297 version (firefox, fixed 1.5.0.1) ###
+CVE-2006-0297 version (firefox, fixed 1.5.0.1)
 CVE-2006-0296 version (thunderbird, fixed 1.5)
-CVE-2006-0296 version (firefox, fixed 1.5.0.1) ###
-CVE-2006-0296 backport (mozilla) mozilla-1.7.12-CVE-2006-0296-XULDocument.persist.patch ###
+CVE-2006-0296 version (firefox, fixed 1.5.0.1)
 CVE-2006-0295 version (thunderbird, fixed 1.5)
-CVE-2006-0295 version (mozilla, 1.8 branch only) ###
-CVE-2006-0295 version (firefox, fixed 1.5.0.1) ###
+CVE-2006-0295 version (firefox, fixed 1.5.0.1)
 CVE-2006-0294 version (thunderbird, fixed 1.5)
-CVE-2006-0294 version (mozilla, 1.8 branch only) ###
-CVE-2006-0294 version (firefox, fixed 1.5.0.1) ###
+CVE-2006-0294 version (firefox, fixed 1.5.0.1)
 CVE-2006-0293 version (thunderbird, fixed 1.5)
-CVE-2006-0293 version (mozilla, 1.8 branch only) ###
-CVE-2006-0293 version (firefox, fixed 1.5.0.1) ###
+CVE-2006-0293 version (firefox, fixed 1.5.0.1)
 CVE-2006-0292 version (thunderbird, fixed 1.5)
-CVE-2006-0292 version (firefox, fixed 1.5.1) ###
-CVE-2006-0292 backport (mozilla) mozilla-1.7.12-CVE-2006-0292-javascript-unrooted.patch ###
+CVE-2006-0292 version (firefox, fixed 1.5.1)
 CVE-2006-0254 version (tomcat5, fixed 5.5.16)
 CVE-2006-0236 ignore (thunderbird) windows only
 CVE-2006-0225 version (openssh, fixed 4.3p2)
@@ -433,10 +378,8 @@
 CVE-2005-4745 version (freeradius) we don't build vulnerable bits ###
 CVE-2005-4744 version (freeradius, fixed 1.0.5)
 CVE-2005-4720 version (thunderbird, fixed 1.5)
-CVE-2005-4720 version (firefox, fixed 1.5) ###
-CVE-2005-4720 VULNERABLE (mozilla) not fixed upstream plus only DoS ###
+CVE-2005-4720 version (firefox, fixed 1.5)
 CVE-2005-4703 ignore (tomcat) windows only
-CVE-2005-4685 VULNERABLE (mozilla) not fixed upstream ###
 CVE-2005-4685 VULNERABLE (firefox) not fixed upstream ###
 CVE-2005-4684 ignore (kdebase) not fixed upstream, low, can't fix
 CVE-2005-4667 backport (unzip) ###
@@ -453,11 +396,9 @@
 CVE-2005-4154 ignore (php) don't install untrusted pear packages
 CVE-2005-4153 version (mailman)
 CVE-2005-4134 ignore (firefox) http://www.mozilla.org/security/history-title.html
-CVE-2005-4134 backport (mozilla) mozilla-1.7.12-CVE-2005-4134-long-history-dos.patch ###
 CVE-2005-4077 version (curl, fixed 7.15.1)
 CVE-2005-3964 backport (openmotif) ###
 CVE-2005-3962 version (perl, fixed 5.8.8)
-CVE-2005-3896 ignore (mozilla) recoverable DoS only
 CVE-2005-3883 version (php, fixed 5.1.1 at least)
 CVE-2005-3858 version (kernel, fixed 2.6.13)
 CVE-2005-3857 version (kernel, fixed 2.6.15)
@@ -575,7 +516,7 @@
 CVE-2005-3107 version (kernel, fixed 2.6.11)
 CVE-2005-3106 version (kernel, fixed 2.6.11)
 CVE-2005-3105 version (kernel, fixed 2.6.12)
-CVE-2005-3089 version (firefox, fixed 1.0.7) ###
+CVE-2005-3089 version (firefox, fixed 1.0.7)
 CVE-2005-3088 ignore (fetchmail) fetchmailconf not shipped
 CVE-2005-3055 version (kernel, fixed 2.6.14)
 CVE-2005-3054 ignore (php)
@@ -591,8 +532,7 @@
 CVE-2005-2969 version (openssl, fixed 0.9.8a)
 CVE-2005-2969 backport (openssl097a, fixed 0.9.7h)
 CVE-2005-2968 version (thunderbird)
-CVE-2005-2968 version (mozilla, not 1.7.10) ###
-CVE-2005-2968 version (firefox) ###
+CVE-2005-2968 version (firefox)
 CVE-2005-2959 ignore (sudo) not a vulnerability
 CVE-2005-2946 version (openssl, fixed 0.9.8)
 CVE-2005-2933 version (libc-client, fixed 2004g at least)
@@ -603,8 +543,7 @@
 CVE-2005-2873 VULNERABLE (kernel) not fixed upstream
 CVE-2005-2872 version (kernel, fixed 2.6.12)
 CVE-2005-2871 version (thunderbird)
-CVE-2005-2871 version (mozilla, fixed 1.7.12) ###
-CVE-2005-2871 version (firefox, fixed 1.0.7) ###
+CVE-2005-2871 version (firefox, fixed 1.0.7)
 CVE-2005-2811 version (net-snmp) not upstream, gentoo only
 CVE-2005-2801 version (kernel, fixed 2.6.11)
 CVE-2005-2800 version (kernel, fixed 2.6.12.6)
@@ -616,25 +555,18 @@
 CVE-2005-2709 version (kernel, fixed 2.6.14.3)
 CVE-2005-2708 ignore (kernel) not reproducable on x86_64
 CVE-2005-2707 version (thunderbird)
-CVE-2005-2707 version (mozilla, fixed 1.7.12) ###
-CVE-2005-2707 version (firefox, fixed 1.0.7) ###
+CVE-2005-2707 version (firefox, fixed 1.0.7)
 CVE-2005-2706 version (thunderbird)
-CVE-2005-2706 version (mozilla, fixed 1.7.12) ###
-CVE-2005-2706 version (firefox, fixed 1.0.7) ###
+CVE-2005-2706 version (firefox, fixed 1.0.7)
 CVE-2005-2705 version (thunderbird)
-CVE-2005-2705 version (mozilla, fixed 1.7.12) ###
-CVE-2005-2705 version (firefox, fixed 1.0.7) ###
+CVE-2005-2705 version (firefox, fixed 1.0.7)
 CVE-2005-2704 version (thunderbird)
-CVE-2005-2704 version (mozilla, fixed 1.7.12) ###
-CVE-2005-2704 version (firefox, fixed 1.0.7) ###
+CVE-2005-2704 version (firefox, fixed 1.0.7)
 CVE-2005-2703 version (thunderbird)
-CVE-2005-2703 version (mozilla, fixed 1.7.12) ###
-CVE-2005-2703 version (firefox, fixed 1.0.7) ###
+CVE-2005-2703 version (firefox, fixed 1.0.7)
 CVE-2005-2702 version (thunderbird)
-CVE-2005-2702 version (mozilla, fixed 1.7.12) ###
-CVE-2005-2702 version (firefox, fixed 1.0.7) ###
-CVE-2005-2701 version (mozilla, fixed 1.7.12) ###
-CVE-2005-2701 version (firefox, fixed 1.0.7) ###
+CVE-2005-2702 version (firefox, fixed 1.0.7)
+CVE-2005-2701 version (firefox, fixed 1.0.7)
 CVE-2005-2700 version (httpd, not 2.2)
 CVE-2005-2693 backport (cvs) cvs-1.11.19-tmp.patch ###
 CVE-2005-2672 version (lm_sensors, fixed 2.9.2)
@@ -672,7 +604,6 @@
 CVE-2005-2456 version (kernel, fixed 2.6.12.5)
 CVE-2005-2452 version (libtiff, fixed 3.7.0)
 CVE-2005-2448 version (kdenetwork, fixed 3.4.2)
-CVE-2005-2414 ignore (mozilla) not being fixed upstream, just a crash
 CVE-2005-2410 version (NetworkManager, fixed 5.0)
 CVE-2005-2395 ignore (firefox) https://bugzilla.mozilla.org/show_bug.cgi?id=281851
 CVE-2005-2370 version (kdenetwork, fixed 3.4.2)
@@ -691,33 +622,23 @@
 CVE-2005-2337 version (ruby, fixed 1.8.3)
 CVE-2005-2335 version (fetchmail, fixed 6.2.5.2)
 CVE-2005-2270 version (thunderbird, fixed 1.0.5)
-CVE-2005-2270 version (mozilla, fixed 1.7.9) ###
-CVE-2005-2270 version (firefox, fixed 1.0.5) ###
+CVE-2005-2270 version (firefox, fixed 1.0.5)
 CVE-2005-2269 version (thunderbird, fixed 1.0.5)
-CVE-2005-2269 version (mozilla, fixed 1.7.9) ###
-CVE-2005-2269 version (firefox, fixed 1.0.5) ###
-CVE-2005-2268 version (mozilla, fixed 1.7.9) ###
-CVE-2005-2268 version (firefox, fixed 1.0.5) ###
-CVE-2005-2267 version (mozilla, fixed 1.7.9) ###
-CVE-2005-2267 version (firefox, fixed 1.0.5) ###
+CVE-2005-2269 version (firefox, fixed 1.0.5)
+CVE-2005-2268 version (firefox, fixed 1.0.5)
+CVE-2005-2267 version (firefox, fixed 1.0.5)
 CVE-2005-2266 version (thunderbird, fixed 1.0.5)
-CVE-2005-2266 version (mozilla, fixed 1.7.9) ###
-CVE-2005-2266 version (firefox, fixed 1.0.5) ###
+CVE-2005-2266 version (firefox, fixed 1.0.5)
 CVE-2005-2265 version (thunderbird, fixed 1.0.5)
-CVE-2005-2265 version (mozilla, fixed 1.7.9) ###
-CVE-2005-2265 version (firefox, fixed 1.0.5) ###
-CVE-2005-2264 version (firefox, fixed 1.0.5) ###
-CVE-2005-2263 version (mozilla, fixed 1.7.9) ###
-CVE-2005-2263 version (firefox, fixed 1.0.5) ###
-CVE-2005-2262 version (firefox, fixed 1.0.5) ###
+CVE-2005-2265 version (firefox, fixed 1.0.5)
+CVE-2005-2264 version (firefox, fixed 1.0.5)
+CVE-2005-2263 version (firefox, fixed 1.0.5)
+CVE-2005-2262 version (firefox, fixed 1.0.5)
 CVE-2005-2261 version (thunderbird, fixed 1.0.5)
-CVE-2005-2261 version (mozilla, fixed 1.7.9) ###
-CVE-2005-2261 version (firefox, fixed 1.0.5) ###
-CVE-2005-2260 version (mozilla, fixed 1.7.9) ###
-CVE-2005-2260 version (firefox, fixed 1.0.5) ###
+CVE-2005-2261 version (firefox, fixed 1.0.5)
+CVE-2005-2260 version (firefox, fixed 1.0.5)
 CVE-2005-2177 version (net-snmp, fixed 5.2.1.2)
-CVE-2005-2114 version (mozilla, fixed 1.7.9) ###
-CVE-2005-2114 version (firefox, fixed 1.0.5) ###
+CVE-2005-2114 version (firefox, fixed 1.0.5)
 CVE-2005-2104 version (sysreport, fixed 1.4.1-5)
 CVE-2005-2103 version (gaim, fixed 1.5.0)
 CVE-2005-2102 version (gaim, fixed 1.5.0)
@@ -736,8 +657,7 @@
 CVE-2005-2023 version (gnupg, fixed 1.9.15??) ###
 CVE-2005-1993 version (sudo, fixed 1.6.8p9)
 CVE-2005-1992 version (ruby, fixed 1.8.3 at least)
-CVE-2005-1937 version (mozilla, fixed 1.7.9) ###
-CVE-2005-1937 version (firefox, fixed 1.0.5) ###
+CVE-2005-1937 version (firefox, fixed 1.0.5)
 CVE-2005-1934 version (gaim, fixed 1.3.1)
 CVE-2005-1921 version (php, fixed xml_rpc:1.3.1)
 CVE-2005-1920 version (kdelibs, fixed 3.4.1)
@@ -772,10 +692,8 @@
 CVE-2005-1571 version (php, fixed shtool 2.0.2)
 CVE-2005-1544 version (libtiff, fixed 3.7.1 at least)
 CVE-2005-1532 version (thunderbird)
-CVE-2005-1532 version (mozilla, fixed 1.7.8) ###
-CVE-2005-1532 version (firefox, fixed 1.0.4) ###
-CVE-2005-1531 version (mozilla, fixed 1.7.8) ###
-CVE-2005-1531 version (firefox, fixed 1.0.4) ###
+CVE-2005-1532 version (firefox, fixed 1.0.4)
+CVE-2005-1531 version (firefox, fixed 1.0.4)
 CVE-2005-1519 version (squid, fixed 2.5.STABLE10)
 CVE-2005-1470 version (wireshark, fixed 0.10.11)
 CVE-2005-1469 version (wireshark, fixed 0.10.11)
@@ -824,22 +742,15 @@
 CVE-2005-1175 version (krb5, fixed 1.4.2)
 CVE-2005-1174 version (krb5, fixed 1.4.2)
 CVE-2005-1160 version (thunderbird)
-CVE-2005-1160 version (mozilla) ###
-CVE-2005-1160 version (firefox) ###
+CVE-2005-1160 version (firefox)
 CVE-2005-1159 version (thunderbird)
-CVE-2005-1159 version (mozilla) ###
-CVE-2005-1159 version (firefox) ###
-CVE-2005-1158 version (firefox, fixed 1.0.3) ###
-CVE-2005-1157 version (mozilla) ###
-CVE-2005-1157 version (firefox) ###
-CVE-2005-1156 version (mozilla) ###
-CVE-2005-1156 version (firefox) ###
-CVE-2005-1155 version (mozilla) ###
-CVE-2005-1155 version (firefox) ###
-CVE-2005-1154 version (mozilla) ###
-CVE-2005-1154 version (firefox) ###
-CVE-2005-1153 version (mozilla) ###
-CVE-2005-1153 version (firefox) ###
+CVE-2005-1159 version (firefox)
+CVE-2005-1158 version (firefox, fixed 1.0.3)
+CVE-2005-1157 version (firefox)
+CVE-2005-1156 version (firefox)
+CVE-2005-1155 version (firefox)
+CVE-2005-1154 version (firefox)
+CVE-2005-1153 version (firefox)
 CVE-2005-1111 backport (cpio) ###
 CVE-2005-1065 version (tetex) not upstream version ###
 CVE-2005-1061 version (logwatch, fixed 4.3.2 at least)
@@ -851,8 +762,7 @@
 CVE-2005-1038 backport (vixie-cron) ###
 CVE-2005-0990 version (sharutils, fixed 4.6 at least)
 CVE-2005-0989 version (thunderbird)
-CVE-2005-0989 version (mozilla, fixed 1.7.7) ###
-CVE-2005-0989 version (firefox, fixed 1.0.3) ###
+CVE-2005-0989 version (firefox, fixed 1.0.3)
 CVE-2005-0988 backport (gzip) ###
 CVE-2005-0977 version (kernel, fixed 2.6.11)
 CVE-2005-0967 version (gaim, fixed 1.2.1)
@@ -884,7 +794,7 @@
 CVE-2005-0756 version (kernel, fixed 2.6.12)
 CVE-2005-0754 version (kdewebdev, fixed after 3.4.0)
 CVE-2005-0753 version (cvs, fixed 1.11.20)
-CVE-2005-0752 version (firefox, fixed 1.0.3) ###
+CVE-2005-0752 version (firefox, fixed 1.0.3)
 CVE-2005-0750 version (kernel, fixed 2.6.11.6)
 CVE-2005-0749 version (kernel, fixed 2.6.11.6)
 CVE-2005-0739 version (wireshark, fixed after 0.10.9)
@@ -905,35 +815,25 @@
 CVE-2005-0605 backport (openmotif) ###
 CVE-2005-0602 ignore (unzip, fixed 5.52) this is really expected behaviour
 CVE-2005-0596 version (php, fixed 5.0)
-CVE-2005-0593 version (mozilla) ###
-CVE-2005-0593 version (firefox) ###
-CVE-2005-0592 version (mozilla) ###
-CVE-2005-0592 version (firefox) ###
-CVE-2005-0591 version (firefox, fixed 1.0.1) ###
+CVE-2005-0593 version (firefox)
+CVE-2005-0592 version (firefox)
+CVE-2005-0591 version (firefox, fixed 1.0.1)
 CVE-2005-0590 version (thunderbird)
 CVE-2005-0590 version (openswan, fixed 2.1.4)
-CVE-2005-0590 version (mozilla) ###
-CVE-2005-0590 version (firefox) ###
-CVE-2005-0589 version (firefox, fixed 1.0.1) ###
-CVE-2005-0588 version (mozilla) ###
-CVE-2005-0588 version (firefox) ###
-CVE-2005-0587 version (mozilla) ###
-CVE-2005-0587 version (firefox) ###
-CVE-2005-0586 version (mozilla) ###
-CVE-2005-0586 version (firefox) ###
-CVE-2005-0585 version (mozilla) ###
-CVE-2005-0585 version (firefox) ###
-CVE-2005-0584 version (mozilla) ###
-CVE-2005-0584 version (firefox) ###
-CVE-2005-0578 version (mozilla) ###
-CVE-2005-0578 version (firefox) ###
+CVE-2005-0590 version (firefox)
+CVE-2005-0589 version (firefox, fixed 1.0.1)
+CVE-2005-0588 version (firefox)
+CVE-2005-0587 version (firefox)
+CVE-2005-0586 version (firefox)
+CVE-2005-0585 version (firefox)
+CVE-2005-0584 version (firefox)
+CVE-2005-0578 version (firefox)
 CVE-2005-0565 version (kernel, not 2.6)
 CVE-2005-0532 version (kernel, fixed 2.6.11)
 CVE-2005-0531 version (kernel, fixed 2.6.11)
 CVE-2005-0530 version (kernel, fixed 2.6.11)
 CVE-2005-0529 version (kernel, fixed 2.6.11)
-CVE-2005-0527 version (mozilla, fixed 1.7.6) ###
-CVE-2005-0527 version (firefox, fixed 1.0.1) ###
+CVE-2005-0527 version (firefox, fixed 1.0.1)
 CVE-2005-0525 version (php, fixed 5.0.4)
 CVE-2005-0524 version (php, fixed 5.0.4)
 CVE-2005-0509 version (mono, not after 1.0.5)
@@ -953,13 +853,11 @@
 CVE-2005-0446 version (squid, fixed 2.5.STABLE9)
 CVE-2005-0404 ignore (kde) won't fix http://bugs.kde.org/show_bug.cgi?id=96020
 CVE-2005-0403 version (kernel) not upstream
-CVE-2005-0402 version (firefox, fixed 1.0.2) ###
-CVE-2005-0401 version (mozilla, fixed 1.7.7) ###
-CVE-2005-0401 version (firefox, fixed 1.0.2) ###
+CVE-2005-0402 version (firefox, fixed 1.0.2)
+CVE-2005-0401 version (firefox, fixed 1.0.2)
 CVE-2005-0400 version (kernel, fixed 2.6.11.6)
 CVE-2005-0399 version (thunderbird)
-CVE-2005-0399 version (mozilla) ###
-CVE-2005-0399 version (firefox) ###
+CVE-2005-0399 version (firefox)
 CVE-2005-0398 version (ipsec-tools, fixed 0.5)
 CVE-2005-0397 version (ImageMagick, fixed 6.0.2.5)
 CVE-2005-0396 version (kdelibs, fixed 3.4.0)
@@ -968,26 +866,20 @@
 CVE-2005-0365 version (kdelibs, not 3.4)
 CVE-2005-0337 version (postfix, not 2.2) ###
 CVE-2005-0255 version (thunderbird, fixed 1.0.2)
-CVE-2005-0255 version (mozilla, fixed 1.7.6) ###
-CVE-2005-0255 version (firefox, fixed 1.0.1) ###
+CVE-2005-0255 version (firefox, fixed 1.0.1)
 CVE-2005-0247 version (postgresql, fixed after 8.0)
 CVE-2005-0246 version (postgresql, fixed 8.0.1)
 CVE-2005-0245 version (postgresql, fixed 8.0.1)
 CVE-2005-0244 version (postgresql, fixed 8.0.1)
 CVE-2005-0241 version (squid, fixed 2.5.STABLE8)
-CVE-2005-0238 version (epiphany, fixed since mozilla 1.7.6) ###
+CVE-2005-0238 version (epiphany, fixed since mozilla 1.7.6)
 CVE-2005-0237 version (kdelibs, fixed 3.4.0)
-CVE-2005-0233 version (mozilla, fixed 1.7.6) ###
-CVE-2005-0233 version (firefox, fixed 1.0.1) ###
-CVE-2005-0232 version (mozilla, fixed 1.7.6) ###
-CVE-2005-0232 version (firefox, fixed 1.0.1) ###
-CVE-2005-0231 version (mozilla, fixed 1.7.6) ###
-CVE-2005-0231 version (firefox, fixed 1.0.1) ###
+CVE-2005-0233 version (firefox, fixed 1.0.1)
+CVE-2005-0232 version (firefox, fixed 1.0.1)
+CVE-2005-0231 version (firefox, fixed 1.0.1)
 CVE-2005-0230 version (thunderbird, fixed 1.0.2)
-CVE-2005-0230 version (mozilla, fixed 1.7.6) ###
-CVE-2005-0230 version (firefox, fixed 1.0.1) ###
+CVE-2005-0230 version (firefox, fixed 1.0.1)
 CVE-2005-0227 version (postgresql, fixed 8.0.1)
-CVE-2005-0215 version (mozilla) ###
 CVE-2005-0211 version (squid, fixed 2.5.STABLE8)
 CVE-2005-0210 version (kernel, fixed 2.6.11)
 CVE-2005-0209 version (kernel, fixed 2.6.11)
@@ -1011,23 +903,16 @@
 CVE-2005-0156 version (perl, fixed 5.8.8)
 CVE-2005-0155 version (perl, fixed 5.8.8)
 CVE-2005-0152 version (squirrelmail, not 1.4)
-CVE-2005-0150 version (firefox, fixed 1.0) ###
-CVE-2005-0149 version (mozilla) ###
-CVE-2005-0149 version (firefox) ###
-CVE-2005-0147 version (mozilla) ###
-CVE-2005-0147 version (firefox) ###
-CVE-2005-0146 version (mozilla) ###
-CVE-2005-0146 version (firefox) ###
-CVE-2005-0145 version (firefox, fixed 1.0) ###
-CVE-2005-0144 version (mozilla) ###
-CVE-2005-0144 version (firefox) ###
-CVE-2005-0143 version (mozilla) ###
-CVE-2005-0143 version (firefox) ###
+CVE-2005-0150 version (firefox, fixed 1.0)
+CVE-2005-0149 version (firefox)
+CVE-2005-0147 version (firefox)
+CVE-2005-0146 version (firefox)
+CVE-2005-0145 version (firefox, fixed 1.0)
+CVE-2005-0144 version (firefox)
+CVE-2005-0143 version (firefox)
 CVE-2005-0142 version (thunderbird)
-CVE-2005-0142 version (mozilla) ###
-CVE-2005-0142 version (firefox) ###
-CVE-2005-0141 version (mozilla) ###
-CVE-2005-0141 version (firefox) ###
+CVE-2005-0142 version (firefox)
+CVE-2005-0141 version (firefox)
 CVE-2005-0137 version (kernel, not 2.6)
 CVE-2005-0136 version (kernel, fixed 2.6.11)
 CVE-2005-0135 version (kernel, fixed 2.6.11)
@@ -1094,9 +979,9 @@
 CVE-2004-2343 ignore (httpd) not a security issue
 CVE-2004-2302 version (kernel, fixed 2.6.10)
 CVE-2004-2259 version (vsftpd, fixed 1.2.2)
-CVE-2004-2228 version (firefox, fixed 1.0) ###
-CVE-2004-2227 version (firefox, fixed 1.0) ###
-CVE-2004-2225 version (firefox, fixed 0.10.1) ###
+CVE-2004-2228 version (firefox, fixed 1.0)
+CVE-2004-2227 version (firefox, fixed 1.0)
+CVE-2004-2225 version (firefox, fixed 0.10.1)
 CVE-2004-2154 version (cups, fixed 1.2.21rc1)
 CVE-2004-2149 version (mysql, fixed 4.1.5)
 CVE-2004-2136 ignore (dm-crypt) design
@@ -1113,30 +998,22 @@
 CVE-2004-1761 version (wireshark, fixed 0.10.3)
 CVE-2004-1689 version (sudo, fixed 1.6.8p1)
 CVE-2004-1653 ignore (openssh)
-CVE-2004-1639 version (mozilla) ###
-CVE-2004-1639 version (firefox) ###
+CVE-2004-1639 version (firefox)
 CVE-2004-1617 ignore (lynx) not able to verify flaw
-CVE-2004-1614 version (mozilla, fixed 1.7.5) ###
-CVE-2004-1613 version (mozilla, fixed 1.7.5) ###
 CVE-2004-1488 version (wget, fixed 1.10.1)
 CVE-2004-1471 version (cvs, fixed 1.12.9)
 CVE-2004-1453 version (glibc, fixed 2.3.5)
 CVE-2004-1452 version (tomcat, fixed 5.0.27-r3)
 CVE-2004-1451 version (thunderbird)
-CVE-2004-1451 version (mozilla) ###
-CVE-2004-1451 version (firefox) ###
+CVE-2004-1451 version (firefox)
 CVE-2004-1450 version (thunderbird)
-CVE-2004-1450 version (mozilla) ###
-CVE-2004-1450 version (firefox) ###
+CVE-2004-1450 version (firefox)
 CVE-2004-1449 version (thunderbird)
-CVE-2004-1449 version (mozilla) ###
-CVE-2004-1449 version (firefox) ###
+CVE-2004-1449 version (firefox)
 CVE-2004-1392 version (php, fixed 5.0.4)
 CVE-2004-1382 version (glibc, not 2.3.5)
-CVE-2004-1381 version (mozilla) ###
-CVE-2004-1381 version (firefox) ###
-CVE-2004-1380 version (mozilla) ###
-CVE-2004-1380 version (firefox) ###
+CVE-2004-1381 version (firefox)
+CVE-2004-1380 version (firefox)
 CVE-2004-1377 backport (a2ps) a2ps-4.13-security.patch ###
 CVE-2004-1337 version (kernel, fixed 2.6.11)
 CVE-2004-1336 version (tetex, fixed 3.0 at least)
@@ -1144,7 +1021,6 @@
 CVE-2004-1334 version (kernel, fixed 2.6.10)
 CVE-2004-1333 version (kernel, fixed 2.6.10)
 CVE-2004-1316 version (thunderbird, fixed 0.9)
-CVE-2004-1316 version (mozilla, fixed 1.7.5) ###
 CVE-2004-1308 version (libtiff, fixed 3.7.1 at least)
 CVE-2004-1307 version (libtiff, was already fixed with 0886)
 CVE-2004-1304 version (file, fixed 4.12)
@@ -1175,7 +1051,7 @@
 CVE-2004-1170 backport (a2ps) a2ps-shell.patch ###
 CVE-2004-1165 version (kdelibs, not 3.4)
 CVE-2004-1158 version (kdelibs, not 3.4)
-CVE-2004-1156 version (mozilla, firefox) ###
+CVE-2004-1156 version (firefox)
 CVE-2004-1154 version (samba, fixed 3.0.10)
 CVE-2004-1151 version (kernel, fixed 2.6.10)
 CVE-2004-1145 version (kde, not 3.4)
@@ -1260,19 +1136,11 @@
 CVE-2004-0914 version (xorg-x11, fixed after 6.8.1)
 CVE-2004-0914 backport (openmotif) ###
 CVE-2004-0909 version (thunderbird)
-CVE-2004-0909 version (mozilla) ###
-CVE-2004-0909 version (firefox) ###
-CVE-2004-0908 version (mozilla, fixed 1.7.3) ###
+CVE-2004-0909 version (firefox)
 CVE-2004-0907 version (thunderbird)
-CVE-2004-0907 version (mozilla) ###
-CVE-2004-0907 version (firefox) ###
+CVE-2004-0907 version (firefox)
 CVE-2004-0906 version (thunderbird)
-CVE-2004-0906 version (mozilla) ###
-CVE-2004-0906 version (firefox) ###
-CVE-2004-0905 version (mozilla, fixed 1.7.3) ###
-CVE-2004-0904 version (mozilla, fixed 1.7.3) ###
-CVE-2004-0903 version (mozilla, fixed 1.7.3) ###
-CVE-2004-0902 version (mozilla, fixed 1.7.3) ###
+CVE-2004-0906 version (firefox)
 CVE-2004-0891 version (gaim, fixed 1.0.2)
 CVE-2004-0889 version (xpdf, fixed 3.0.1)
 CVE-2004-0888 version (xpdf, fixed 3.0.1)
@@ -1287,9 +1155,8 @@
 CVE-2004-0883 version (kernel, fixed 2.6.11)
 CVE-2004-0883 version (kernel, fixed 2.6.11)
 CVE-2004-0882 version (samba, fixed 3.0.8)
-CVE-2004-0871 ignore (mozilla) unfixed upstream with no patch
 CVE-2004-0870 ignore (kde) upstream won't fix
-CVE-2004-0867 version (firefox, after 0.9.2) ###
+CVE-2004-0867 version (firefox, fixed after 0.9.2)
 CVE-2004-0837 version (mysql, fixed 4.0.21)
 CVE-2004-0836 version (mysql, fixed 4.0.21)
 CVE-2004-0835 version (mysql, fixed 4.1.2)
@@ -1326,22 +1193,12 @@
 CVE-2004-0783 version (gtk2, fixed 2.6.7 at least)
 CVE-2004-0782 version (gtk2, fixed 2.6.7 at least)
 CVE-2004-0779 version (thunderbird)
-CVE-2004-0779 version (mozilla) ###
-CVE-2004-0779 version (firefox) ###
+CVE-2004-0779 version (firefox)
 CVE-2004-0778 version (cvs, fixed 1.11.17)
 CVE-2004-0772 version (krb5, fixed after 1.2.8)
 CVE-2004-0771 backport (lha, changelog) ###
 CVE-2004-0769 backport (lha, changelog) ###
 CVE-2004-0768 version (libpng, fixed 1.2.6)
-CVE-2004-0765 version (mozilla, fixed 1.7) ###
-CVE-2004-0764 version (mozilla, fixed 1.7) ###
-CVE-2004-0763 version (mozilla, fixed 1.7.2) ###
-CVE-2004-0762 version (mozilla, fixed 1.7) ###
-CVE-2004-0761 version (mozilla, fixed 1.7) ###
-CVE-2004-0760 version (mozilla, fixed 1.7.2) ###
-CVE-2004-0759 version (mozilla, fixed 1.7) ###
-CVE-2004-0758 version (mozilla, fixed 1.7.2) ###
-CVE-2004-0757 version (mozilla, fixed 1.7) ###
 CVE-2004-0755 version (ruby, fixed 1.8.1)
 CVE-2004-0754 version (gaim, fixed 0.82)
 CVE-2004-0753 version (gtk2, fixed after 2.2.4)
@@ -1353,9 +1210,7 @@
 CVE-2004-0747 version (httpd, not 2.2)
 CVE-2004-0746 version (kde, fixed 3.3)
 CVE-2004-0745 backport (lha) ###
-CVE-2004-0722 version (mozilla, fixed 1.7) ###
 CVE-2004-0721 version (kdelibs, fixed 3.3)
-CVE-2004-0718 version (mozilla, fixed 1.7) ###
 CVE-2004-0700 version (httpd, not 2.2)
 CVE-2004-0694 backport (lha, changelog) ###
 CVE-2004-0693 version (qt, fixed 3.3.3)
@@ -1369,8 +1224,7 @@
 CVE-2004-0685 version (kernel, not 2.6)
 CVE-2004-0658 ignore (kernel) not a security issue
 CVE-2004-0648 version (thunderbird)
-CVE-2004-0648 version (mozilla) ###
-CVE-2004-0648 version (firefox) ###
+CVE-2004-0648 version (firefox)
 CVE-2004-0644 version (krb5, fixed after 1.3.4)
 CVE-2004-0643 version (krb5, fixed after 1.3.1)
 CVE-2004-0642 version (krb5, fixed after 1.3.4)
@@ -1385,10 +1239,8 @@
 CVE-2004-0607 version (racoon)
 CVE-2004-0603 backport (gzip) gzip-1.3.5-openbsd-owl-tmp.patch ###
 CVE-2004-0600 version (samba, fixed 3.0.6)
-CVE-2004-0599 version (mozilla, fixed 1.7.2) ###
 CVE-2004-0599 version (libpng, fixed 1.2.6)
 CVE-2004-0598 version (libpng, fixed 1.2.6)
-CVE-2004-0597 version (mozilla, fixed 1.7.2) ###
 CVE-2004-0597 version (libpng, fixed 1.2.6)
 CVE-2004-0595 version (php, fixed 4.3.8)
 CVE-2004-0594 version (php, fixed 4.3.8)
@@ -1419,7 +1271,6 @@
 CVE-2004-0492 version (httpd, not 2.2)
 CVE-2004-0491 version (kernel, not upstream)
 CVE-2004-0488 version (httpd, not 2.2)
-CVE-2004-0478 ignore (mozilla) not a security issue
 CVE-2004-0461 version (dhcp, fixed after 3.0.1rc13)
 CVE-2004-0460 version (dhcp, fixed after 3.0.1rc13)
 CVE-2004-0457 version (mysql, fixed after 4.0.20)
@@ -1459,7 +1310,6 @@
 CVE-2004-0229 version (kernel, fixed 2.6.6)
 CVE-2004-0228 version (kernel, fixed 2.6.6)
 CVE-2004-0226 version (mc, fixed 4.6.0)
-CVE-2004-0191 version (mozilla, fixed 1.4.2) ###
 CVE-2004-0189 version (squid, fixed 2.5.STABLE5)
 CVE-2004-0186 version (samba, not 3.0.2a)
 CVE-2004-0184 version (tcpdump, fixed 3.8.2)
@@ -1518,7 +1368,6 @@
 CVE-2004-0001 version (kernel, not 2.6)
 CVE-2003-1303 version (php, fixed 4.3.3)
 CVE-2003-1302 version (php, fixed 4.3.1)
-CVE-2003-1265 VULNERABLE (mozilla) not fixed upstream ###
 CVE-2003-1265 VULNERABLE (firefox) not fixed upstream ###
 CVE-2003-1232 version (emacs, fixed 21.3)
 CVE-2003-1201 version (openldap, not 2.2)
@@ -1576,7 +1425,6 @@
 CVE-2003-0794 version (gdm, fixed 2.4.1.7)
 CVE-2003-0793 version (gdm, fixed 2.4.1.7)
 CVE-2003-0792 version (fetchmail, 6.2.4 only)
-CVE-2003-0791 version (mozilla, not after 1.4) ###
 CVE-2003-0789 version (httpd, not 2.2)
 CVE-2003-0788 version (cups, fixed 1.1.19)
 CVE-2003-0787 version (openssh, fixed 3.7.1p2)
@@ -1589,7 +1437,7 @@
 CVE-2003-0774 version (sane-backends, fixed 1.0.10)
 CVE-2003-0773 version (sane-backends, fixed 1.0.10)
 CVE-2003-0740 version (stunnel, fixed 3.26)
-CVE-2003-0730 version (xfree86, fixed after 4.3.0) ###
+CVE-2003-0730 version (XFree86, fixed after 4.3.0)
 CVE-2003-0700 version (kernel, not 2.6)
 CVE-2003-0699 version (kernel, not 2.6)
 CVE-2003-0695 version (openssh, fixed 3.7.1)
@@ -1607,9 +1455,7 @@
 CVE-2003-0643 version (kernel, not 2.6)
 CVE-2003-0619 version (kernel, not 2.6)
 CVE-2003-0618 version (suidperl, fixed 5.8.6 at least)
-CVE-2003-0594 version (mozilla, ICAT) ###
 CVE-2003-0592 version (kde, fixed 3.1.3)
-CVE-2003-0564 version (mozilla, ICAT) ###
 CVE-2003-0555 ignore (ImageMagick) wasn't reproducable
 CVE-2003-0552 version (kernel, not 2.6)
 CVE-2003-0551 version (kernel, not 2.6)
@@ -1657,7 +1503,6 @@
 CVE-2003-0328 version (epic, fixed epic4-2.2 at least)
 CVE-2003-0300 ignore (sylpheed) only a crasher
 CVE-2003-0299 ignore (mutt) only a crasher
-CVE-2003-0298 version (mozilla, fixed after 1.4a) ###
 CVE-2003-0296 version (evolution, fixed 1.4.5 at least)
 CVE-2003-0289 version (cdrtools, fixed 2.01a14)
 CVE-2003-0282 version (unzip, fixed 5.51)
@@ -1770,7 +1615,6 @@
 CVE-2002-1363 version (libpng, fixed 1.2.6)
 CVE-2002-0517 version (XFree86) didn't affect Linux
 CVE-2002-0164 version (XFree86, fixed 4.2.1)
-CVE-2001-1490 version (mozilla, fixed 1.0.0) ###
 CVE-2001-1494 version (util-linux, fixed 2.11n)
 CVE-2001-0955 version (XFree86, fixed 4.2.0)
 CVE-2001-0474 version (mesa, fixed 3.3-14)

More information about the fedora-extras-commits mailing list