fedora-security/audit fc6,1.212,1.213

Lubomir Kundrak (lkundrak) fedora-extras-commits at redhat.com
Fri Mar 23 13:44:00 UTC 2007 

Author: lkundrak

Update of /cvs/fedora/fedora-security/audit
In directory cvs-int.fedora.redhat.com:/tmp/cvs-serv16124

Modified Files:
	fc6 
Log Message:
Corrected ordering.
Added and updated the following:

-CVE-2007-1006 VULNERABLE (ekiga, fixed 2.0.5) #229259
+CVE-2007-1006 version (ekiga, fixed 2.0.5) #229259 [since FEDORA-2007-322]

-CVE-2007-0007 version (gnucash, fixed 2.0.5) #223233
+CVE-2007-0007 version (gnucash, fixed 2.0.5) since [FEDORA-2007-256] #223233

+CVE-2007-0002 version (libwpd, fixed 0.8.9) #222808 [since FEDORA-2007-351]
+CVE-2007-0998 backport (xen) #230295 [since FEDORA-2007-343]
+CVE-2007-1218 backport (tcpdump) 232349 [since FEDORA-2007-347]
+CVE-2007-1000 version (kernel, fixed 2.6.20) [since FEDORA-2007-335]
+CVE-2007-0006 version (kernel, fixed 2.6.20) [since FEDORA-2007-335]
+CVE-2007-0005 version (kernel, fixed 2.6.20) [since FEDORA-2007-335]
+CVE-2007-1263 version (gnupg, fixed 1.4.7) [since FEDORA-2007-315]
+CVE-2007-0772 version (kernel) [since FEDORA-2007-291]
+CVE-2007-0008 version (nss, fixed 3.11.5) (nspr, fixed 4.6.5) [since FEDORA-2007-279]
+CVE-2007-0009 version (nss, fixed 3.11.5) (nspr, fixed 4.6.5) [since FEDORA-2007-279]

-CVE-2006-5753 VULNERABLE (kernel)
+CVE-2006-5753 backport (kernel, fixed 2.6.20.1) [since FEDORA-2007-291]



Index: fc6
===================================================================
RCS file: /cvs/fedora/fedora-security/audit/fc6,v
retrieving revision 1.212
retrieving revision 1.213
diff -u -r1.212 -r1.213
--- fc6	23 Mar 2007 11:34:28 -0000	1.212
+++ fc6	23 Mar 2007 13:43:58 -0000	1.213
@@ -4,6 +4,7 @@
 ** are items that need attention
 
 CVE-2007-1565 ignore (konqueror) client crash
+CVE-2007-1564 vulnerable (konqueror) [#CVE-2007-1564]
 CVE-2007-1475 ignore (php) unshipped ibase extension
 CVE-2007-1420 VULNERABLE (mysql, fixed 5.0.36) #232604
 CVE-2007-1413 ignore (php) Windows NT SNMP specific
@@ -11,12 +12,17 @@
 CVE-2007-1411 ignore (php) unshipped mssql extension
 CVE-2007-1401 ignore (php) unshipped cracklib extension
 CVE-2007-1396 ignore (php) feature, not a flaw
-CVE-2007-1006 VULNERABLE (ekiga, fixed 2.0.5) #229259
+CVE-2007-1263 version (gnupg, fixed 1.4.7) [since FEDORA-2007-315]
+CVE-2007-1218 backport (tcpdump) 232349 [since FEDORA-2007-347]
+CVE-2007-1006 version (ekiga, fixed 2.0.5) #229259 [since FEDORA-2007-322]
 CVE-2007-1004 VULNERABLE (firefox, ...)
 CVE-2007-1002 VULNERABLE (evolution) #233587
+CVE-2007-1000 version (kernel, fixed 2.6.20) [since FEDORA-2007-335]
+CVE-2007-0998 backport (xen) #230295 [since FEDORA-2007-343]
 CVE-2007-0981 VULNERABLE (firefox, ...)
 CVE-2007-0823 ignore (xterm) feature, not a bug
 CVE-2007-0822 ignore (util-linux) NULL dereference
+CVE-2007-0772 version (kernel) [since FEDORA-2007-291]
 CVE-2007-0770 ignore (ImageMagick) only if incomplete CVE-2006-5456
 CVE-2007-0720 ignore (cups, fixed 1.2.7) cups is already updated
 CVE-2007-0650 ignore (tetex) needs user's assistance
@@ -35,8 +41,13 @@
 CVE-2007-0104 ignore (poppler) only client DoS
 CVE-2007-0104 ignore (kdegraphics) only client DoS
 CVE-2007-0086 ignore (apache) not a security issue
-CVE-2007-0007 version (gnucash, fixed 2.0.5) #223233
+CVE-2007-0009 version (nss, fixed 3.11.5) (nspr, fixed 4.6.5) [since FEDORA-2007-279]
+CVE-2007-0008 version (nss, fixed 3.11.5) (nspr, fixed 4.6.5) [since FEDORA-2007-279]
+CVE-2007-0007 version (gnucash, fixed 2.0.5) since [FEDORA-2007-256] #223233
+CVE-2007-0006 version (kernel, fixed 2.6.20) [since FEDORA-2007-335]
 CVE-2007-0006 backport (kernel, fixed in -mm) [since FEDORA-2007-226]
+CVE-2007-0005 version (kernel, fixed 2.6.20) [since FEDORA-2007-335]
+CVE-2007-0002 version (libwpd, fixed 0.8.9) #222808 [since FEDORA-2007-351]
 CVE-2006-6939 VULNERABLE (ed, fixed 0.3) #223075
 CVE-2006-6899 version (bluez-utils, fixed 2.23)
 CVE-2006-6870 version (avahi, fixed 0.6.16) #221440 [since FEDORA-2007-019]
@@ -85,13 +96,13 @@
 CVE-2006-5783 ignore (firefox) disputed
 CVE-2006-5779 VULNERABLE (openldap, 2.3.29) #214768
 CVE-2006-5757 version (kernel, fixed 2.6.19) [since FEDORA-2007-058] was backport since FEDORA-2006-1223
-CVE-2006-5753 VULNERABLE (kernel)
+CVE-2006-5753 backport (kernel, fixed 2.6.20.1) [since FEDORA-2007-291]
 CVE-2006-5751 version (kernel, fixed 2.6.19, fixed 2.6.18.4) [since FEDORA-2006-1471]
 CVE-2006-5749 VULNERABLE (kernel, fixed 2.6.20-rc2)
-CVE-2006-5748 version (firefox, fixed 1.5.0.8) [since FEDORA-2006-1191]
 CVE-2006-5748 version (thunderbird, fixed 1.5.0.8) [since FEDORA-2006-1192]
-CVE-2006-5747 version (firefox, fixed 1.5.0.8) [since FEDORA-2006-1191]
+CVE-2006-5748 version (firefox, fixed 1.5.0.8) [since FEDORA-2006-1191]
 CVE-2006-5747 version (thunderbird, fixed 1.5.0.8) [since FEDORA-2006-1192]
+CVE-2006-5747 version (firefox, fixed 1.5.0.8) [since FEDORA-2006-1191]
 CVE-2006-5706 ignore (php, fixed 5.2.0) safe mode isn't safe
 CVE-2006-5701 VULNERABLE (kernel) squashfs is not included upstream
 CVE-2006-5633 ignore (firefox) just a client DoS
@@ -106,12 +117,12 @@
 CVE-2006-5467 backport (ruby) #212396 [since FEDORA-2006-1109]
 CVE-2006-5466 VULNERABLE (rpm) #212833
 CVE-2006-5465 backport (php, fixed 5.2.0) #213732 [since FEDOA-2006-1169]
-CVE-2006-5464 version (firefox, fixed 1.5.0.8) [since FEDORA-2006-1191]
 CVE-2006-5464 version (thunderbird, fixed 1.5.0.8) [since FEDORA-2006-1192]
-CVE-2006-5463 version (firefox, fixed 1.5.0.8) [since FEDORA-2006-1191]
+CVE-2006-5464 version (firefox, fixed 1.5.0.8) [since FEDORA-2006-1191]
 CVE-2006-5463 version (thunderbird, fixed 1.5.0.8) [since FEDORA-2006-1192]
-CVE-2006-5462 version (firefox, fixed 1.5.0.8) [since FEDORA-2006-1191]
+CVE-2006-5463 version (firefox, fixed 1.5.0.8) [since FEDORA-2006-1191]
 CVE-2006-5462 version (thunderbird, fixed 1.5.0.8) [since FEDORA-2006-1192]
+CVE-2006-5462 version (firefox, fixed 1.5.0.8) [since FEDORA-2006-1191]
 CVE-2006-5461 VULNERABLE (avahi, fixed 0.6.15)
 CVE-2006-5456 backport (ImageMagick) #210921 [since FEDORA-2006-1285]
 CVE-2006-5397 VULNERABLE (libX11, 1.0.2 and 1.0.3 only) #213280
@@ -120,11 +131,11 @@
 CVE-2006-5297 backport (mutt) [since FEDORA-2006-1063]
 CVE-2006-5229 ignore (openssh) not reproduced
 CVE-2006-5215 version (xorg-x11-xdm)
-CVE-2006-5215 VULNERABLE (xorg-x11-xinit) #212167
 CVE-2006-5215 ignore (kdebase) #212166 links to xinit Xsession
+CVE-2006-5215 VULNERABLE (xorg-x11-xinit) #212167
 CVE-2006-5214 version (xorg-x11-xdm)
-CVE-2006-5214 VULNERABLE (xorg-x11-xinit) #212167
 CVE-2006-5214 ignore (kdebase) #212166 links to xinit Xsession
+CVE-2006-5214 VULNERABLE (xorg-x11-xinit) #212167
 CVE-2006-5178 VULNERABLE (php) can't be fixed
 CVE-2006-5174 ignore (kernel, fixed 2.6.19-rc1) s390 only
 CVE-2006-5173 ignore (kernel, fixed 2.6.18) protected by exec-shield
@@ -160,12 +171,12 @@
 CVE-2006-4570 version (thunderbird, fixed 1.5.0.7)
 CVE-2006-4569 version (firefox, fixed 1.5.0.7)
 CVE-2006-4568 version (firefox, fixed 1.5.0.7)
-CVE-2006-4567 version (firefox, fixed 1.5.0.7)
 CVE-2006-4567 version (thunderbird, fixed 1.5.0.7)
-CVE-2006-4566 version (firefox, fixed 1.5.0.7)
+CVE-2006-4567 version (firefox, fixed 1.5.0.7)
 CVE-2006-4566 version (thunderbird, fixed 1.5.0.7)
-CVE-2006-4565 version (firefox, fixed 1.5.0.7)
+CVE-2006-4566 version (firefox, fixed 1.5.0.7)
 CVE-2006-4565 version (thunderbird, fixed 1.5.0.7)
+CVE-2006-4565 version (firefox, fixed 1.5.0.7)
 CVE-2006-4561 VULNERABLE (firefox)
 CVE-2006-4538 version (kernel, fixed after 2.6.18-rc6)
 CVE-2006-4535 version (kernel, fixed 2.6.18-rc6)
@@ -182,28 +193,28 @@
 CVE-2006-4447 ignore (xorg) not a security issue
 CVE-2006-4434 ignore (sendmail, fixed 8.13.8) not exploitable
 CVE-2006-4433 version (php, fixed 5.1.4)
+CVE-2006-4433 version (php, fixed 5.1.4)
 CVE-2006-4380 version (mysql, fixed 4.1.13)
 CVE-2006-4343 backport (openssl, fixed 0.9.8d)
 CVE-2006-4342 ignore (kernel) rhel3 only
 CVE-2006-4340 version (nss, fixed 3.11.3)
-CVE-2006-4339 backport (openssl, fixed 0.9.8c)
 CVE-2006-4339 backport (openssl097)
+CVE-2006-4339 backport (openssl, fixed 0.9.8c)
 CVE-2006-4338 backport (gzip) lha still VULNERABLE to the same flaw
 CVE-2006-4337 backport (gzip) lha still VULNERABLE to the same flaw
 CVE-2006-4336 backport (gzip)
 CVE-2006-4335 backport (gzip) lha still VULNERABLE to the same flaw
 CVE-2006-4334 backport (gzip)
-CVE-2006-4433 version (php, fixed 5.1.4)
 CVE-2006-4333 version (wireshark, fixed 0.99.3)
 CVE-2006-4332 version (wireshark, fixed 0.99.3)
 CVE-2006-4331 version (wireshark, fixed 0.99.3)
 CVE-2006-4330 version (wireshark, fixed 0.99.3)
 CVE-2006-4310 ignore (firefox) crash only
 CVE-2006-4262 backport (cscope) 
-CVE-2006-4253 version (firefox, fixed 1.5.0.7)
 CVE-2006-4253 version (thunderbird, fixed 1.5.0.7)
-CVE-2006-4226 version (mysql, fixed 5.0.26,5.1.12) #203428 [since FEDORA-2006-1297]
+CVE-2006-4253 version (firefox, fixed 1.5.0.7)
 CVE-2006-4227 version (mysql, fixed 5.0.26,5.1.12) #203434 [since FEDORA-2006-1297]
+CVE-2006-4226 version (mysql, fixed 5.0.26,5.1.12) #203428 [since FEDORA-2006-1297]
 CVE-2006-4146 backport (gdb)
 CVE-2006-4145 version (kernel, fixed 2.6.17.10, fixed 2.6.18-rc5) needs a better upstream fix
 CVE-2006-4144 backport (ImageMagick, fixed 6.2.9)
@@ -217,30 +228,30 @@
 CVE-2006-3879 version (mikmod, not 3.1.6)
 CVE-2006-3835 version (tomcat, fixed 5.5.17)
 CVE-2006-3813 version (perl) only Red Hat Enterprise Linux affected
-CVE-2006-3812 version (firefox, fixed 1.5.0.5)
 CVE-2006-3812 version (thunderbird, fixed 1.5.0.5)
-CVE-2006-3811 version (firefox, fixed 1.5.0.5)
+CVE-2006-3812 version (firefox, fixed 1.5.0.5)
 CVE-2006-3811 version (thunderbird, fixed 1.5.0.5)
-CVE-2006-3810 version (firefox, fixed 1.5.0.5)
+CVE-2006-3811 version (firefox, fixed 1.5.0.5)
 CVE-2006-3810 version (thunderbird, fixed 1.5.0.5)
-CVE-2006-3809 version (firefox, fixed 1.5.0.5)
+CVE-2006-3810 version (firefox, fixed 1.5.0.5)
 CVE-2006-3809 version (thunderbird, fixed 1.5.0.5)
-CVE-2006-3808 version (firefox, fixed 1.5.0.5)
+CVE-2006-3809 version (firefox, fixed 1.5.0.5)
 CVE-2006-3808 version (thunderbird, fixed 1.5.0.5)
-CVE-2006-3807 version (firefox, fixed 1.5.0.5)
+CVE-2006-3808 version (firefox, fixed 1.5.0.5)
 CVE-2006-3807 version (thunderbird, fixed 1.5.0.5)
-CVE-2006-3806 version (firefox, fixed 1.5.0.5)
+CVE-2006-3807 version (firefox, fixed 1.5.0.5)
 CVE-2006-3806 version (thunderbird, fixed 1.5.0.5)
-CVE-2006-3805 version (firefox, fixed 1.5.0.5)
+CVE-2006-3806 version (firefox, fixed 1.5.0.5)
 CVE-2006-3805 version (thunderbird, fixed 1.5.0.5)
-CVE-2006-3804 version (firefox, fixed 1.5.0.5)
+CVE-2006-3805 version (firefox, fixed 1.5.0.5)
 CVE-2006-3804 version (thunderbird, fixed 1.5.0.5)
-CVE-2006-3803 version (firefox, fixed 1.5.0.5)
+CVE-2006-3804 version (firefox, fixed 1.5.0.5)
 CVE-2006-3803 version (thunderbird, fixed 1.5.0.5)
-CVE-2006-3802 version (firefox, fixed 1.5.0.5)
+CVE-2006-3803 version (firefox, fixed 1.5.0.5)
 CVE-2006-3802 version (thunderbird, fixed 1.5.0.5)
-CVE-2006-3801 version (firefox, fixed 1.5.0.5)
+CVE-2006-3802 version (firefox, fixed 1.5.0.5)
 CVE-2006-3801 version (thunderbird, fixed 1.5.0.5)
+CVE-2006-3801 version (firefox, fixed 1.5.0.5)
 CVE-2006-3747 version (httpd, fixed 2.2.3)
 CVE-2006-3746 version (gnupg, fixed 1.4.5)
 CVE-2006-3745 version (kernel, fixed 2.6.17.10, fixed 2.6.18-rc5)
@@ -253,8 +264,8 @@
 CVE-2006-3738 backport (openssl, fixed 0.9.8d)
 CVE-2006-3731 ignore (firefox) just a user complicit crash
 CVE-2006-3694 version (ruby, fixed 1.8.5)
-CVE-2006-3677 version (firefox, fixed 1.5.0.5)
 CVE-2006-3677 version (thunderbird, fixed 1.5.0.5)
+CVE-2006-3677 version (firefox, fixed 1.5.0.5)
 CVE-2006-3672 ignore (konqueror) just a crash
 CVE-2006-3665 ignore (squirrelmail) don't enable register_globals!
 CVE-2006-3636 version (mailman, fixed 2.1.9)
@@ -292,8 +303,8 @@
 CVE-2006-3127 version (nss, only affected 3.11)
 CVE-2006-3122 version (dhcp, only 2.x)
 CVE-2006-3117 version (openoffice.org, fixed 2.0.3)
-CVE-2006-3113 version (firefox, fixed 1.5.0.5)
 CVE-2006-3113 version (thunderbird, fixed 1.5.0.5)
+CVE-2006-3113 version (firefox, fixed 1.5.0.5)
 CVE-2006-3085 version (kernel, fixed 2.6.17.1)
 CVE-2006-3084 ignore (krb5) seteuid() calls never fail on linux
 CVE-2006-3083 backport (krb5, fixed 1.5.1, 1.4.4)
@@ -319,27 +330,27 @@
 CVE-2006-2842 version (squirrelmail, fixed 1.4.6)
 CVE-2006-2789 version (evolution, fixed 2.4.X)
 CVE-2006-2788 version (firefox, fixed 1.5.0.4)
-CVE-2006-2787 version (firefox, fixed 1.5.0.4)
 CVE-2006-2787 version (thunderbird, fixed 1.5.0.4)
-CVE-2006-2786 version (firefox, fixed 1.5.0.4)
+CVE-2006-2787 version (firefox, fixed 1.5.0.4)
 CVE-2006-2786 version (thunderbird, fixed 1.5.0.4)
+CVE-2006-2786 version (firefox, fixed 1.5.0.4)
 CVE-2006-2785 version (firefox, fixed 1.5.0.4)
 CVE-2006-2784 version (firefox, fixed 1.5.0.4)
-CVE-2006-2783 version (firefox, fixed 1.5.0.4)
 CVE-2006-2783 version (thunderbird, fixed 1.5.0.4)
+CVE-2006-2783 version (firefox, fixed 1.5.0.4)
 CVE-2006-2782 version (firefox, fixed 1.5.0.4)
 CVE-2006-2781 version (thunderbird, fixed 1.5.0.4)
-CVE-2006-2780 version (firefox, fixed 1.5.0.4)
 CVE-2006-2780 version (thunderbird, fixed 1.5.0.4)
-CVE-2006-2779 version (firefox, fixed 1.5.0.4)
+CVE-2006-2780 version (firefox, fixed 1.5.0.4)
 CVE-2006-2779 version (thunderbird, fixed 1.5.0.4)
-CVE-2006-2778 version (firefox, fixed 1.5.0.4)
+CVE-2006-2779 version (firefox, fixed 1.5.0.4)
 CVE-2006-2778 version (thunderbird, fixed 1.5.0.4)
+CVE-2006-2778 version (firefox, fixed 1.5.0.4)
 CVE-2006-2777 version (firefox, fixed 1.5.0.4)
-CVE-2006-2776 version (firefox, fixed 1.5.0.4)
 CVE-2006-2776 version (thunderbird, fixed 1.5.0.4)
-CVE-2006-2775 version (firefox, fixed 1.5.0.4)
+CVE-2006-2776 version (firefox, fixed 1.5.0.4)
 CVE-2006-2775 version (thunderbird, fixed 1.5.0.4)
+CVE-2006-2775 version (firefox, fixed 1.5.0.4)
 CVE-2006-2754 ignore (openldap) This issue is not exploitable
 CVE-2006-2753 version (mysql, fixed 5.0.22)
 CVE-2006-2723 ignore (firefox) disputed
@@ -412,8 +423,8 @@
 CVE-2006-1857 version (kernel, fixed 2.6.16.17)
 CVE-2006-1856 version (kernel, fixed 2.6.16.12)
 CVE-2006-1855 version (kernel, fixed 2.6.11.12)
-CVE-2006-1790 version (firefox, fixed 1.5.0.2)
 CVE-2006-1790 version (thunderbird, fixed 1.5.0.2)
+CVE-2006-1790 version (firefox, fixed 1.5.0.2)
 CVE-2006-1742 version (thunderbird, fixed 1.5.0.2)
 CVE-2006-1742 version (firefox, fixed 1.5.0.2)
 CVE-2006-1741 version (thunderbird, fixed 1.5.0.2)
@@ -443,8 +454,8 @@
 CVE-2006-1728 version (firefox, fixed 1.5.0.2)
 CVE-2006-1727 version (thunderbird, fixed 1.5.0.2)
 CVE-2006-1727 version (firefox, fixed 1.5.0.2)
-CVE-2006-1726 version (firefox, fixed 1.5.0.2)
 CVE-2006-1726 version (thunderbird, fixed 1.5.0.2)
+CVE-2006-1726 version (firefox, fixed 1.5.0.2)
 CVE-2006-1725 version (firefox, fixed 1.5.0.2)
 CVE-2006-1724 version (thunderbird, fixed 1.5.0.2)
 CVE-2006-1724 version (firefox, fixed 1.5.0.2)
@@ -641,24 +652,24 @@
 CVE-2005-3629 version (initscripts, fixed 8.29 at least)
 CVE-2005-3628 version (poppler, fixed 0.4.4)
 CVE-2005-3628 version (kdegraphics, fixed 3.5.1)
-CVE-2005-3628 backport (tetex) tetex-3.0-CVE-2005-3193.patch
 CVE-2005-3628 version (cups, fixed 1.2.0)
+CVE-2005-3628 backport (tetex) tetex-3.0-CVE-2005-3193.patch
 CVE-2005-3627 version (poppler, fixed 0.4.4)
 CVE-2005-3627 version (kdegraphics, fixed 3.5.1)
-CVE-2005-3627 backport (tetex)
 CVE-2005-3627 version (cups, fixed 1.2.0)
+CVE-2005-3627 backport (tetex)
 CVE-2005-3626 version (poppler, fixed 0.4.4)
 CVE-2005-3626 version (kdegraphics, fixed 3.5.1)
-CVE-2005-3626 backport (tetex)
 CVE-2005-3626 version (cups, fixed 1.2.0)
+CVE-2005-3626 backport (tetex)
 CVE-2005-3625 version (poppler, fixed 0.4.4)
 CVE-2005-3625 version (kdegraphics, fixed 3.5.1)
-CVE-2005-3625 backport (tetex)
 CVE-2005-3625 version (cups, fixed 1.2.0)
+CVE-2005-3625 backport (tetex)
 CVE-2005-3624 version (poppler, fixed 0.4.4)
 CVE-2005-3624 version (kdegraphics, fixed 3.5.1)
-CVE-2005-3624 backport (tetex)
 CVE-2005-3624 version (cups, fixed 1.2.0)
+CVE-2005-3624 backport (tetex)
 CVE-2005-3623 version (kernel, fixed 2.6.14.5)
 CVE-2005-3582 version (ImageMagick) gentoo only
 CVE-2005-3573 version (mailman, fixed 2.1.7)
@@ -698,16 +709,16 @@
 CVE-2005-3241 version (wireshark, fixed 0.10.13)
 CVE-2005-3193 version (poppler, fixed 0.4.4)
 CVE-2005-3193 version (kdegraphics, fixed 3.5.1)
-CVE-2005-3193 backport (tetex) tetex-3.0-CVE-2005-3193.patch
 CVE-2005-3193 version (cups, fixed 1.2.0)
+CVE-2005-3193 backport (tetex) tetex-3.0-CVE-2005-3193.patch
 CVE-2005-3192 version (poppler, fixed 0.4.4)
 CVE-2005-3192 version (kdegraphics, fixed 3.5.1)
-CVE-2005-3192 backport (tetex) tetex-3.0-CVE-2005-3193.patch
 CVE-2005-3192 version (cups, fixed 1.2.0)
+CVE-2005-3192 backport (tetex) tetex-3.0-CVE-2005-3193.patch
 CVE-2005-3191 version (poppler, fixed 0.4.4)
 CVE-2005-3191 version (kdegraphics, fixed 3.5.1)
-CVE-2005-3191 backport (tetex) tetex-3.0-CVE-2005-3193.patch
 CVE-2005-3191 version (cups, fixed 1.2.0)
+CVE-2005-3191 backport (tetex) tetex-3.0-CVE-2005-3193.patch
 CVE-2005-3186 version (gtk2, fixed 2.8.7 at least)
 CVE-2005-3185 version (wget, fixed 1.10.2 at least)
 CVE-2005-3185 version (curl, fixed 7.15)
@@ -1562,8 +1573,8 @@
 CVE-2003-1307 ignore (mod_php) not a vulnerability
 CVE-2003-1303 version (php, fixed 4.3.3)
 CVE-2003-1302 version (php, fixed 4.3.1)
-CVE-2003-1265 VULNERABLE (firefox) https://bugzilla.mozilla.org/show_bug.cgi?id=198442
 CVE-2003-1265 VULNERABLE (thunderbird) https://bugzilla.mozilla.org/show_bug.cgi?id=198442
+CVE-2003-1265 VULNERABLE (firefox) https://bugzilla.mozilla.org/show_bug.cgi?id=198442
 CVE-2003-1232 version (emacs, fixed 21.3)
 CVE-2003-1201 version (openldap, not 2.2)
 CVE-2003-1161 version (kernel, not released version)
@@ -1665,8 +1676,8 @@
 CVE-2003-0543 version (openssl, not 0.9.8)
 CVE-2003-0543 backport (openssl097a, fixed 0.9.7c)
 CVE-2003-0542 version (httpd, not 2.2)
-CVE-2003-0541 version (gtkhtml2)
 CVE-2003-0541 version (gtkhtml3)
+CVE-2003-0541 version (gtkhtml2)
 CVE-2003-0540 version (postfix, not 2.0 onwards)
 CVE-2003-0517 version (mgetty, fixed 1.1.29)
 CVE-2003-0516 version (mgetty, fixed 1.1.29)
@@ -1820,8 +1831,8 @@
 CVE-2002-1572 version (kernel, not 2.6)
 CVE-2002-1571 version (kernel, not 2.6)
 CVE-2002-1570 version (net-snmp, fixed in 5.0.8 at least)
-CVE-2002-1568 version (openssl, fixed 0.9.6f)
 CVE-2002-1568 version (openssl097a, fixed 0.9.6f)
+CVE-2002-1568 version (openssl, fixed 0.9.6f)
 CVE-2002-1567 version (tomcat, fixed 4.1.3)
 CVE-2002-1565 version (wget, not 1.9+)
 CVE-2002-1563 version (stunnel, fixed 4.04)
@@ -1899,8 +1910,8 @@
 CVE-2002-1152 version (kdenetwork, fixed 3.0.3)
 CVE-2002-1151 version (kdenetwork, fixed 3.0.3a)
 CVE-2002-1148 version (tomcat, fixed 4.0.5)
-CVE-2002-1146 version (bind, not 8.3+)
 CVE-2002-1146 version (glibc, fixed 2.2.6)
+CVE-2002-1146 version (bind, not 8.3+)
 CVE-2002-1131 version (squirrelmail, fixed 1.2.8)
 CVE-2002-1119 version (python, fixed 2.2.2)
 CVE-2002-0989 version (gaim, fixed 0.59.1)
@@ -1915,8 +1926,8 @@
 CVE-2002-0843 version (httpd, not 2.2)
 CVE-2002-0840 version (httpd, not 2.2)
 CVE-2002-0839 version (httpd, not 2.2)
-CVE-2002-0838 version (ggv, fixed 20030119, 2.8.0 at least)
 CVE-2002-0838 version (kdegraphics, fixed 3.0.4)
+CVE-2002-0838 version (ggv, fixed 20030119, 2.8.0 at least)
 CVE-2002-0837 version (wordtrans, fixed 1.1pre13 at least)
 CVE-2002-0836 version (tetex, fixed 2.0.2 at least)
 CVE-2002-0834 version (wireshark)
@@ -1939,14 +1950,14 @@
 CVE-2002-0682 version (tomcat, fixed 4.1.3)
 CVE-2002-0662 version (scrollkeeper, fixed after 0.3.11)
 CVE-2002-0660 version (libpng, fixed 1.0.14)
-CVE-2002-0659 version (openssl, not 0.9.8)
 CVE-2002-0659 version (openssl097a, not 0.9.7)
-CVE-2002-0657 version (openssl, not 0.9.8)
+CVE-2002-0659 version (openssl, not 0.9.8)
 CVE-2002-0657 version (openssl097a, not 0.9.7)
-CVE-2002-0656 version (openssl, not 0.9.8)
+CVE-2002-0657 version (openssl, not 0.9.8)
 CVE-2002-0656 version (openssl097a, not 0.9.7)
-CVE-2002-0655 version (openssl, not 0.9.8)
+CVE-2002-0656 version (openssl, not 0.9.8)
 CVE-2002-0655 version (openssl097a, not 0.9.7)
+CVE-2002-0655 version (openssl, not 0.9.8)
 CVE-2002-0653 version (mod_ssl, not httpd 2.2)
 CVE-2002-0651 version (bind, not 9)
 CVE-2002-0640 version (openssh, fixed after 3.3)
@@ -1970,8 +1981,8 @@
 CVE-2002-0400 version (bind, fixed 9.2.1)
 CVE-2002-0399 version (tar, fixed 1.13.26)
 CVE-2002-0392 version (httpd, not 2.2)
-CVE-2002-0391 version (glibc, fixed after 2.2.5)
 CVE-2002-0391 version (krb5, fixed after 1.2.5)
+CVE-2002-0391 version (glibc, fixed after 2.2.5)
 CVE-2002-0389 ignore (mailman) upstream say not a vulnerability
 CVE-2002-0388 version (mailman, fixed 2.0.11)
 CVE-2002-0384 version (gaim, fixed 0.58)

More information about the fedora-extras-commits mailing list