Contents of /fedora-security/audit/fc4

Up to date CVE as of CVE email 20060730
Up to date FC4 as of 20060730

This list is no longer maintained by the Red Hat security
response team as of 7th August 2006 (the release date of
Fedora Core 6 Test 2)

** are items that need attention

CVE-2006-3918 ** httpd, fixed 2.0.58
CVE-2006-3879 version (mikmod, not 3.1.6)
CVE-2006-3835 VULNERABLE (tomcat, fixed 5.5.17)
CVE-2006-3812 ** firefox/seamonkey/thunderbird
CVE-2006-3811 ** firefox/seamonkey/thunderbird
CVE-2006-3810 ** firefox/seamonkey/thunderbird
CVE-2006-3809 ** firefox/seamonkey/thunderbird
CVE-2006-3808 ** firefox/seamonkey/thunderbird
CVE-2006-3807 ** firefox/seamonkey/thunderbird
CVE-2006-3806 ** firefox/seamonkey/thunderbird
CVE-2006-3805 ** firefox/seamonkey/thunderbird
CVE-2006-3804 ** firefox/seamonkey/thunderbird
CVE-2006-3803 ** firefox/seamonkey/thunderbird
CVE-2006-3802 ** firefox/seamonkey/thunderbird
CVE-2006-3801 ** firefox/seamonkey/thunderbird
CVE-2006-3747 backport (httpd, fixed 2.0.59) [since FEDORA-2006-862]
CVE-2006-3746 version (gnupg, fixed 1.4.5) #200904 [since FEDORA-2006-867]
CVE-2006-3731 ignore (firefox) just a user complicit crash
CVE-2006-3694 backport (ruby, fixed 1.8.5) #199538 #199543 [since FEDORA-2006-842]
CVE-2006-3677 ** firefox/seamonkey
CVE-2006-3672 ignore (konqueror) just a crash
CVE-2006-3665 ignore (squirrelmail) don't enable register_globals!
CVE-2006-3634 ignore (kernel, fixed 2.6.17.8) s390 only
CVE-2006-3632 VULNERABLE (ethereal, fixed wireshark-0.99.2)
CVE-2006-3631 VULNERABLE (ethereal, fixed wireshark-0.99.2)
CVE-2006-3630 VULNERABLE (ethereal, fixed wireshark-0.99.2)
CVE-2006-3629 VULNERABLE (ethereal, fixed wireshark-0.99.2)
CVE-2006-3628 VULNERABLE (ethereal, fixed wireshark-0.99.2)
CVE-2006-3627 VULNERABLE (ethereal, fixed wireshark-0.99.2)
CVE-2006-3626 VULNERABLE (kernel, fixed 2.6.17.6)
CVE-2006-3619 ** gcc/fastjar
CVE-2006-3486 ignore (mysql) not exploitable
CVE-2006-3469 VULNERABLE (mysql)
CVE-2006-3468 VULNERABLE (kernel)
CVE-2006-3467 VULNERABLE (freetype)
CVE-2006-3465 backport (libtiff) [since FEDORA-2006-878]
CVE-2006-3464 backport (libtiff) [since FEDORA-2006-878]
CVE-2006-3463 backport (libtiff) [since FEDORA-2006-878]
CVE-2006-3462 backport (libtiff) [since FEDORA-2006-878]
CVE-2006-3461 backport (libtiff) [since FEDORA-2006-878]
CVE-2006-3460 backport (libtiff) [since FEDORA-2006-878]
CVE-2006-3459 backport (libtiff) [since FEDORA-2006-878]
CVE-2006-3404 version (gimp, fixed 2.2.12) #198270 [since FEDORA-2006-795]
CVE-2006-3403 version (samba, fixed 3.0.23) #198297 [since FEDORA-2006-808]
CVE-2006-3378 ignore (shadow-utils) we don't ship passwd from shadow-utils
CVE-2006-3376 backport (libwmf) #198291 [since FEDORA-2006-804]
CVE-2006-3352 ignore (firefox) not a vulnerability
CVE-2006-3334 ignore (libpng, fixed 1.2.12) not exploitable
CVE-2006-3242 backport (mutt) #197152 [since FEDORA-2006-761]
CVE-2006-3174 version (squirrelmail, fixed 1.4.7) #197369 [since FEDORA-2006-789]
CVE-2006-3145 VULNERABLE (netpbm, fixed 10.34)
CVE-2006-3117 backport (openoffice.org, fixed 2.0.3) [since FEDORA-2006-764]
CVE-2006-3085 version (kernel, fixed 2.6.16.21, fixed 2.6.17.1) [since FEDORA-2006-736]
CVE-2006-3082 version (gnupg, fixed 1.4.4) #195946 [since FEDORA-2006-757]
CVE-2006-3081 version (mysql, fixed 5.1.18) [since FEDORA-2006-703]
CVE-2006-3057 version (dhcdbd, fixed 1.14) [since FEDORA-2006-435]
CVE-2006-3018 VULNERABLE (php, fixed 5.1.3)
CVE-2006-3017 VULNERABLE (php, fixed 5.1.3) #197379
CVE-2006-3016 VULNERABLE (php, fixed 5.1.3)
CVE-2006-3011 VULNERABLE (php)
CVE-2006-2936 VULNERABLE (kernel, fixed 2.6.16.27, fixed 2.6.17.7)
CVE-2006-2935 VULNERABLE (kernel)
CVE-2006-2934 version (kernel, fixed 2.6.17.3) [since FEDORA-2006-769]
CVE-2006-2933 version (kde, not 3.2+)
CVE-2006-2916 ignore (arts) not shipped setuid
CVE-2006-2906 VULNERABLE (gd) #194520
CVE-2006-2894 VULNERABLE (firefox)
CVE-2006-2894 VULNERABLE (mozilla)
CVE-2006-2842 version (squirrelmail, fixed 1.4.6) #194286 [since FEDORA-2006-668]
CVE-2006-2789 VULNERABLE (evolution, fixed 2.4.X) #194108
CVE-2006-2788 VULNERABLE (firefox) (note, issue caught by fc glibc)
CVE-2006-2787 VULNERABLE (firefox)
CVE-2006-2787 VULNERABLE (thunderbird)
CVE-2006-2787 VULNERABLE (mozilla)
CVE-2006-2786 VULNERABLE (firefox)
CVE-2006-2786 VULNERABLE (thunderbird)
CVE-2006-2786 VULNERABLE (mozilla)
CVE-2006-2785 VULNERABLE (firefox)
CVE-2006-2785 VULNERABLE (mozilla)
CVE-2006-2784 VULNERABLE (firefox)
CVE-2006-2784 VULNERABLE (mozilla)
CVE-2006-2783 VULNERABLE (firefox)
CVE-2006-2783 VULNERABLE (thunderbird)
CVE-2006-2783 VULNERABLE (mozilla)
CVE-2006-2782 VULNERABLE (firefox)
CVE-2006-2781 VULNERABLE (thunderbird) (note, issue caught by fc glibc)
CVE-2006-2780 VULNERABLE (firefox)
CVE-2006-2780 VULNERABLE (thunderbird)
CVE-2006-2780 VULNERABLE (mozilla)
CVE-2006-2779 VULNERABLE (firefox)
CVE-2006-2779 VULNERABLE (thunderbird)
CVE-2006-2779 VULNERABLE (mozilla)
CVE-2006-2778 VULNERABLE (firefox)
CVE-2006-2778 VULNERABLE (thunderbird)
CVE-2006-2778 VULNERABLE (mozilla)
CVE-2006-2777 VULNERABLE (firefox)
CVE-2006-2777 VULNERABLE (thunderbird)
CVE-2006-2777 VULNERABLE (mozilla)
CVE-2006-2776 VULNERABLE (firefox)
CVE-2006-2776 VULNERABLE (thunderbird)
CVE-2006-2776 VULNERABLE (mozilla)
CVE-2006-2775 VULNERABLE (firefox)
CVE-2006-2775 VULNERABLE (thunderbird)
CVE-2006-2775 VULNERABLE (mozilla)
CVE-2006-2754 ignore (openldap) This issue is not exploitable
CVE-2006-2753 verson (mysql, fixed 4.1.20) #193828 [since FEDORA-2006-703]
CVE-2006-2723 ignore (firefox) disputed
CVE-2006-2661 VULNERABLE (freetype, fixed 2.2.1) #183677
CVE-2006-2660 ignore (php) #195539 see the bug
CVE-2006-2656 backport (libtiff) [since FEDORA-2006-591]
CVE-2006-2629 ignore (kernel) couldn't be reproduced on FC
CVE-2006-2613 ignore (firefox) This isn't an issue on FC
CVE-2006-2607 backport (vixie-cron) #178431
CVE-2006-2563 ignore (php) safe mode isn't safe
CVE-2006-2480 backport (dia) #192538 [since FEDORA-2006-580]
CVE-2006-2453 backport (dia) #192538 [since FEDORA-2006-580]
CVE-2006-2452 version (gdm, 2.8.X >= X < 2.15)
CVE-2006-2451 version (kernel, fixed 2.6.17.4) [since FEDORA-2006-801]
CVE-2006-2449 backport (kdebase) [since FEDORA-2006-725]
CVE-2006-2448 version (kernel, fixed 2.6.16.21, fixed 2.6.17) [since FEDORA-2006-736]
CVE-2006-2447 version (spamassassin, fixed 3.0.6) #194290 [since FEDORA-2006-658]
CVE-2006-2445 version (kernel, fixed 2.6.16.21, fixed 2.6.17) [since FEDORA-2006-736]
CVE-2006-2444 version (kernel, fixed 2.6.16.18) [since FEDORA-2006-697]
CVE-2006-2440 backport (ImageMagick) #192279 [since FEDORA-2006-587]
CVE-2006-2414 version (dovecot, fixed 1.0.beta8) 1.X only
CVE-2006-2369 backport (vnc, fixed 4.1.2) #191692 [since FEDORA-2006-557]
CVE-2006-2366 VULNERABLE (openobex) #192087
CVE-2006-2362 ignore (binutils) minor crash (not exploitable)
CVE-2006-2332 ignore (firefox) disputed
CVE-2006-2314 version (postgresql, fixed 8.0.8) [since FEDORA-2006-579]
CVE-2006-2313 version (postgresql, fixed 8.0.8) [since FEDORA-2006-579]
CVE-2006-2276 version (quagga) #191377 [since FEDORA-2006-843]
CVE-2006-2275 version (kernel, fixed 2.6.16.15) [since FEDORA-2006-573]
CVE-2006-2274 version (kernel, fixed 2.6.16.15) [since FEDORA-2006-573]
CVE-2006-2272 version (kernel, fixed 2.6.16.15) [since FEDORA-2006-573]
CVE-2006-2271 version (kernel, fixed 2.6.16.15) [since FEDORA-2006-573]
CVE-2006-2224 version (quagga, fixed 0.98.6) #191085 [since FEDORA-2006-843]
CVE-2006-2223 version (quagga, fixed 0.98.6) #191081 [since FEDORA-2006-843]
CVE-2006-2199 backport (openoffice.org, fixed 2.0.3) [since FEDORA-2006-764]
CVE-2006-2198 backport (openoffice.org, fixed 2.0.3) [since FEDORA-2006-764]
CVE-2006-2194 ignore (ppp) winbind pluging not shipped
CVE-2006-2193 VULNERABLE (libtiff) #194363
CVE-2006-2120 backport (libtiff) #189976 [since FEDORA-2006-473]
CVE-2006-2073 VULNERABLE (bind)
CVE-2006-2083 version (rsync, fixed 2.6.8) #190208 [since FEDORA-2006-601]
CVE-2006-2071 version (kernel, fixed 2.6.16.6) [since FEDORA-2006-423]
CVE-2006-2057 ignore (firefox) not Linux
CVE-2006-2026 backport (libtiff, fixed 3.8.1) #189934 [since FEDORA-2006-474]
CVE-2006-2025 backport (libtiff, fixed 3.8.1) #189934 [since FEDORA-2006-474]
CVE-2006-2024 backport (libtiff, fixed 3.8.1) #189934 [since FEDORA-2006-474]
CVE-2006-1993 version (firefox, 1.5 only)
CVE-2006-1991 VULNERABLE (php) #190034
CVE-2006-1990 VULNERABLE (php) #190034
CVE-2006-1942 VULNERABLE (firefox, fixed 1.5.0.4)
CVE-2006-1940 version (ethereal, fixed 0.99.0) #189909 [since FEDORA-2006-461]
CVE-2006-1939 version (ethereal, fixed 0.99.0) #189909 [since FEDORA-2006-461]
CVE-2006-1938 version (ethereal, fixed 0.99.0) #189909 [since FEDORA-2006-461]
CVE-2006-1937 version (ethereal, fixed 0.99.0) #189909 [since FEDORA-2006-461]
CVE-2006-1936 version (ethereal, fixed 0.99.0) #189909 [since FEDORA-2006-461]
CVE-2006-1935 version (ethereal, fixed 0.99.0) #189909 [since FEDORA-2006-461]
CVE-2006-1934 version (ethereal, fixed 0.99.0) #189909 [since FEDORA-2006-461]
CVE-2006-1933 version (ethereal, fixed 0.99.0) #189909 [since FEDORA-2006-461]
CVE-2006-1932 version (ethereal, fixed 0.99.0) #189909 [since FEDORA-2006-461]
CVE-2006-1931 version (ruby, fixed 1.8.3) #189540
CVE-2006-1902 ignore (gcc) not a vulnerability
CVE-2006-1864 version (kernel, fixed 2.6.16.14) [since FEDORA-2006-517]
CVE-2006-1863 version (kernel, fixed 2.6.16.11) [since FEDORA-2006-500]
CVE-2006-1862 version (kernel) not upstream kernels, only RHEL
CVE-2006-1861 VULNERABLE (freetype, fixed 2.2.1) #191771
CVE-2006-1860 version (kernel, fixed 2.6.16.16) [since FEDORA-2006-573]
CVE-2006-1859 version (kernel, fixed 2.6.16.16) [since FEDORA-2006-573]
CVE-2006-1858 version (kernel, fixed 2.6.16.17) [since FEDORA-2006-573]
CVE-2006-1857 version (kernel, fixed 2.6.16.17) [since FEDORA-2006-573]
CVE-2006-1856 version (kernel, fixed 2.6.16.12) [since FEDORA-2006-500]
CVE-2006-1855 version (kernel, fixed 2.6.11.12) [since FEDORA-2005-906] was backport since GA
CVE-2006-1790 version (firefox, fixed 1.0.8) [since FEDORA-2006-410]
CVE-2006-1790 version (thunderbird, fixed 1.0.8) [since FEDORA-2006-489]
CVE-2006-1790 version (mozilla, fixed 1.7.13) [since FEDORA-2006-488]
CVE-2006-1742 version (thunderbird, fixed 1.0.8) [since FEDORA-2006-489]
CVE-2006-1742 version (mozilla, fixed 1.7.13) [since FEDORA-2006-488]
CVE-2006-1742 version (firefox, fixed 1.0.8) [since FEDORA-2006-410]
CVE-2006-1741 version (thunderbird, fixed 1.0.8) [since FEDORA-2006-489]
CVE-2006-1741 version (mozilla, fixed 1.7.13) [since FEDORA-2006-488]
CVE-2006-1741 version (firefox, fixed 1.0.8) [since FEDORA-2006-410]
CVE-2006-1740 version (mozilla, fixed 1.7.13) [since FEDORA-2006-488]
CVE-2006-1740 version (firefox, fixed 1.0.8) [since FEDORA-2006-410]
CVE-2006-1739 version (thunderbird, fixed 1.0.8) [since FEDORA-2006-489]
CVE-2006-1739 version (mozilla, fixed 1.7.13) [since FEDORA-2006-488]
CVE-2006-1739 version (firefox, fixed 1.0.8) [since FEDORA-2006-410]
CVE-2006-1738 version (thunderbird, fixed 1.0.8) [since FEDORA-2006-489]
CVE-2006-1738 version (mozilla, fixed 1.7.13) [since FEDORA-2006-488]
CVE-2006-1738 version (firefox, fixed 1.0.8) [since FEDORA-2006-410]
CVE-2006-1737 version (thunderbird, fixed 1.0.8) [since FEDORA-2006-489]
CVE-2006-1737 version (mozilla, fixed 1.7.13) [since FEDORA-2006-488]
CVE-2006-1737 version (firefox, fixed 1.0.8) [since FEDORA-2006-410]
CVE-2006-1736 version (mozilla, fixed 1.7.13) [since FEDORA-2006-488]
CVE-2006-1736 VULNERABLE (firefox, fixed 1.0.8)
CVE-2006-1735 version (mozilla, fixed 1.7.13) [since FEDORA-2006-488]
CVE-2006-1735 version (thunderbird, fixed 1.0.8) [since FEDORA-2006-489]
CVE-2006-1735 version (firefox, fixed 1.0.8) [since FEDORA-2006-410]
CVE-2006-1734 version (mozilla, fixed 1.7.13) [since FEDORA-2006-488]
CVE-2006-1734 version (thunderbird, fixed 1.0.8) [since FEDORA-2006-489]
CVE-2006-1734 version (firefox, fixed 1.0.8) [since FEDORA-2006-410]
CVE-2006-1733 version (mozilla, fixed 1.7.13) [since FEDORA-2006-488]
CVE-2006-1733 version (thunderbird, fixed 1.0.8) [since FEDORA-2006-489]
CVE-2006-1733 version (firefox, fixed 1.0.8) [since FEDORA-2006-410]
CVE-2006-1732 version (mozilla, fixed 1.7.13) [since FEDORA-2006-488]
CVE-2006-1732 version (thunderbird, fixed 1.0.8) [since FEDORA-2006-489]
CVE-2006-1732 version (firefox, fixed 1.0.8) [since FEDORA-2006-410]
CVE-2006-1731 version (mozilla, fixed 1.7.13) [since FEDORA-2006-488]
CVE-2006-1731 version (thunderbird, fixed 1.0.8) [since FEDORA-2006-489]
CVE-2006-1731 version (firefox, fixed 1.0.8) [since FEDORA-2006-410]
CVE-2006-1730 version (mozilla, fixed 1.7.13) [since FEDORA-2006-488]
CVE-2006-1730 version (thunderbird, fixed 1.0.8) [since FEDORA-2006-489]
CVE-2006-1730 version (firefox, fixed 1.0.8) [since FEDORA-2006-410]
CVE-2006-1729 version (mozilla, fixed 1.7.13) [since FEDORA-2006-488]
CVE-2006-1729 version (firefox, fixed 1.0.8) [since FEDORA-2006-410]
CVE-2006-1728 version (thunderbird, fixed 1.0.8) [since FEDORA-2006-489]
CVE-2006-1728 version (mozilla, fixed 1.7.13) [since FEDORA-2006-488]
CVE-2006-1728 VULNERABLE (firefox, fixed 1.0.8)
CVE-2006-1727 version (thunderbird, fixed 1.0.8) [since FEDORA-2006-489]
CVE-2006-1727 version (mozilla, fixed 1.7.13) [since FEDORA-2006-488]
CVE-2006-1727 VULNERABLE (firefox, fixed 1.0.8)
CVE-2006-1726 version (firefox, fixed 1.5.0.2) 1.5 only
CVE-2006-1726 version (thunderbird, fixed 1.5.0.2) 1.5 only
CVE-2006-1725 version (firefox, fixed 1.5.0.2) 1.5 only
CVE-2006-1724 version (thunderbird, fixed 1.0.8) [since FEDORA-2006-489]
CVE-2006-1724 version (mozilla, fixed 1.7.13) [since FEDORA-2006-488]
CVE-2006-1724 version (firefox, fixed 1.0.8) [since FEDORA-2006-410]
CVE-2006-1723 version (thunderbird, fixed 1.0.8) [since FEDORA-2006-489]
CVE-2006-1723 VULNERABLE (firefox, fixed 1.0.8)
CVE-2006-1721 backport (cyrus-sasl, fixd 2.1.21) #189815 [since FEDORA-2006-515]
CVE-2006-1712 version (mailman, only 2.1.7)
CVE-2006-1650 ignore (firefox) a number of reports don't confirm this
CVE-2006-1646 ignore (ipsec-tools) KAME racoon, not ipsec-tools racoon
CVE-2006-1624 ignore (sysklogd) Silly configuration is not a security issue
CVE-2006-1608 ignore (php) safe mode isn't safe
CVE-2006-1550 backport (dia) #187402 [since FEDORA-2006-261]
CVE-2006-1549 ignore (php) this is not a security issue
CVE-2006-1548 VULNERABLE (struts, fixed 1.2.9) #187544
CVE-2006-1547 VULNERABLE (struts, fixed 1.2.9) #187544
CVE-2006-1546 VULNERABLE (struts, fixed 1.2.9) #187544
CVE-2006-1542 backport (python) #169046 [since FEDORA-2006-707]
CVE-2006-1531 version (thunderbird, fixed 1.0.8) [since FEDORA-2006-489]
CVE-2006-1531 VULNERABLE (firefox, fixed 1.0.8)
CVE-2006-1530 version (thunderbird, fixed 1.0.8) [since FEDORA-2006-489]
CVE-2006-1530 VULNERABLE (firefox, fixed 1.0.8)
CVE-2006-1529 version (thunderbird, fixed 1.0.8) [since FEDORA-2006-489]
CVE-2006-1529 VULNERABLE (firefox, fixed 1.0.8)
CVE-2006-1528 version (kernel, fixed 2.6.13) [since FEDORA-2006-131]
CVE-2006-1527 version (kernel, fixed 2.6.16.13, fixed 2.6.17-rc4) [since FEDORA-2006-500]
CVE-2006-1526 backport (xorg-x11) #189802 [since FEDORA-2006-484]
CVE-2006-1525 version (kernel, fixed 2.6.16.8) [since FEDORA-2006-423]
CVE-2006-1524 version (kernel, fixed 2.6.16.7) [since FEDORA-2006-423]
CVE-2006-1523 version (kernel, fixed 2.6.16.4) [since FEDORA-2006-423]
CVE-2006-1522 version (kernel, fixed 2.6.16.3) [since FEDORA-2006-423]
CVE-2006-1518 ignore (mysql) 5.x only [since FEDORA-2006-554]
CVE-2006-1517 version (mysql, fixed 4.1.19) #190868 [since FEDORA-2006-554]
CVE-2006-1516 version (mysql, fixed 4.1.19) #190866 [since FEDORA-2006-554]
CVE-2006-1494 VULNERABLE (php) #189592
CVE-2006-1490 VULNERABLE (php, fixed 5.1.4)
CVE-2006-1470 VULNERABLE (openldap) #197278
CVE-2006-1368 version (kernel, fixed 2.6.16) [since FEDORA-2006-245]
CVE-2006-1354 VULNERABLE (freeradius) #186084
CVE-2006-1343 version (kernel, fixed 2.6.16.19) [since FEDORA-2006-697]
CVE-2006-1342 version (kernel, not 2.6) not vulnerable
CVE-2006-1273 ignore (firefox) This is an IE only issue
CVE-2006-1244 ignore (xpdf) duplicate of other cve named issues
CVE-2006-1242 version (kernel, fixed 2.6.16.1) [since FEDORA-2006-245]
CVE-2006-1174 version (shadow-utils, fixed 4.0.3)
CVE-2006-1173 version (sendmail, fixed 8.13.7) [since FEDORA-2006-836]
CVE-2006-1168 VULNERABLE (ncompress) #201919
CVE-2006-1095 ignore (mod_python, 3.2.7 only)
CVE-2006-1079 ignore (httpd) not a vulnerability
CVE-2006-1078 ignore (httpd) not a vulnerability
CVE-2006-1066 version (kernel, fixed 2.6.16) [since FEDORA-2006-245]
CVE-2006-1061 version (curl, 7.15.0 - 7.15.2 only)
CVE-2006-1059 version (samba)
CVE-2006-1058 backport (busybox) #187386 [since FEDORA-2006-511]
CVE-2006-1057 VULNERABLE (gdm, fixed 2.14.1) #188303
CVE-2006-1056 version (kernel, fixed 2.6.16.9) [since FEDORA-2006-423]
CVE-2006-1055 version (kernel, fixed 2.6.17-rc1) [since FEDORA-2006-423]
CVE-2006-1052 version (kernel, fixed 2.6.16) [since FEDORA-2006-423] was backport since FEDORA-2006-245
CVE-2006-1045 version (thunderbird, fixed 1.0.8) [since FEDORA-2006-489]
CVE-2006-1015 ignore (php) safe mode isn't safe
CVE-2006-1014 ignore (php) safe mode isn't safe
CVE-2006-0996 VULNERABLE (php) #187511
CVE-2006-0903 version (mysql, fixed 4.1.19) #183261 [since FEDORA-2006-554]
CVE-2006-0884 version (thunderbird, fixed 1.0.8) [since FEDORA-2006-489]
CVE-2006-0836 version (thunderbird, 1.5 only)
CVE-2006-0749 version (thunderbird, fixed 1.0.8) [since FEDORA-2006-489]
CVE-2006-0749 version (mozilla, fixed 1.7.13) [since FEDORA-2006-488]
CVE-2006-0749 version (firefox, fixed 1.0.8) [since FEDORA-2006-410]
CVE-2006-0748 version (thunderbird, fixed 1.0.8) [since FEDORA-2006-489]
CVE-2006-0748 version (mozilla, fixed 1.7.13) [since FEDORA-2006-488]
CVE-2006-0748 VULNERABLE (firefox, fixed 1.0.8)
CVE-2006-0747 VULNERABLE (freetype, fixed 2.2.1) #183677
CVE-2006-0746 VULNERABLE (kpdf) #184308
CVE-2006-0745 version (xorg-x11) not fc4
CVE-2006-0744 version (kernel, fixed 2.6.16.5) [since FEDORA-2006-423]
CVE-2006-0742 version (kernel, fixed 2.6.16) patch-2.6.16-rc6 [since FEDORA-2006-245]
CVE-2006-0741 version (kernel, fixed 2.6.15.5) [since FEDORA-2006-245] was backport since FEDORA-2006-131
CVE-2006-0730 version (dovecot, 1.0beta[12] only)
CVE-2006-0678 version (postgresql, 8.1 only)
CVE-2006-0670 VULNERABLE (bluez-hcidump)
CVE-2006-0645 backport (gnutls) [since FEDORA-2006-107]
CVE-2006-0591 version (postgresql, fixed 8.0.6) #180537 [since FEDORA-2005-021]
CVE-2006-0576 VULNERABLE (oprofile) #180724
CVE-2006-0558 version (kernel, fixed 2.6.16) [since FEDORA-2006-245]
CVE-2006-0557 version (kernel, fixed 2.6.15.5) [since FEDORA-2006-245] was backport since FEDORA-2006-131
CVE-2006-0555 version (kernel, fixed 2.6.15.5) [since FEDORA-2006-245] was backport since FEDORA-2006-131
CVE-2006-0554 version (kernel, fixed 2.6.15.5) [since FEDORA-2006-245] was backport since FEDORA-2006-131
CVE-2006-0553 version (postgresql, 8.1 only)
CVE-2006-0528 version (evolution, 2.3 and above)
CVE-2006-0496 VULNERABLE (mozilla)
CVE-2006-0496 VULNERABLE (firefox)
CVE-2006-0482 ignore (kernel) sparc only
CVE-2006-0481 version (libpng, 1.2.7 only)
CVE-2006-0459 version (flex) by inspection
CVE-2006-0457 version (kernel, fixed 2.6.15.5) [since FEDORA-2006-245] was backport since FEDORA-2006-131
CVE-2006-0456 ignore (kernel, s390 only)
CVE-2006-0455 version (gnupg, fixed 1.4.2.1) [since FEDORA-2006-116]
CVE-2006-0454 version (kernel, fixed 2.6.15.3) [since FEDORA-2006-423] was backport since FEDORA-2006-102
CVE-2006-0405 version (libtiff, 3.8.0 only)
CVE-2006-0377 version (squirrelmail, fixed 1.4.6) [since FEDORA-2006-133]
CVE-2006-0369 ignore (mysql) this is not a security issue
CVE-2006-0321 version (fetchmail, fixed 6.3.2) 6.3.X only affected
CVE-2006-0301 version (poppler, fixed 0.4.5) [since FEDORA-2006-103]
CVE-2006-0301 backport (xpdf) [since FEDORA-2006-104]
CVE-2006-0301 version (kdegraphics, fixed 3.5.2) [since FEDORA-2006-385] was backport since FEDORA-2006-105
CVE-2006-0300 VULNERABLE (tar) #181773
CVE-2006-0299 version (thunderbird, 1.5 only)
CVE-2006-0299 version (mozilla, 1.8 branch only)
CVE-2006-0299 version (firefox, 1.5 only)
CVE-2006-0298 version (thunderbird, 1.5 only)
CVE-2006-0298 version (mozilla, 1.8 branch only)
CVE-2006-0298 version (firefox, 1.5 only)
CVE-2006-0297 version (thunderbird, 1.5 only)
CVE-2006-0297 version (mozilla, 1.8 branch only)
CVE-2006-0297 version (firefox, 1.5 only)
CVE-2006-0296 backport (mozilla) [since FEDORA-2006-075]
CVE-2006-0296 backport (firefox) [since FEDORA-2006-076]
CVE-2006-0296 version (thunderbird, fixed 1.0.8) [since FEDORA-2006-489]
CVE-2006-0295 version (thunderbird, 1.5 only)
CVE-2006-0295 version (mozilla, 1.8 branch only)
CVE-2006-0295 version (firefox, 1.5 only)
CVE-2006-0294 version (thunderbird, 1.5 only)
CVE-2006-0294 version (mozilla, 1.8 branch only)
CVE-2006-0294 version (firefox, 1.5 only)
CVE-2006-0293 version (thunderbird, 1.5 only)
CVE-2006-0293 version (mozilla, 1.8 branch only)
CVE-2006-0293 version (firefox, 1.5 only)
CVE-2006-0292 backport (mozilla) [since FEDORA-2006-075]
CVE-2006-0292 backport (firefox) [since FEDORA-2006-076]
CVE-2006-0292 version (thunderbird, fixed 1.0.8) [since FEDORA-2006-489]
CVE-2006-0254 VULNERABLE (tomcat5, fixed 5.5.16) #178178
CVE-2006-0236 ignore (thunderbird) windows only flaw
CVE-2006-0225 backport (openssh) #168167 [since FEDORA-2006-056]
CVE-2006-0208 VULNERABLE (php) #178036
CVE-2006-0207 VULNERABLE (php) #178044
CVE-2006-0200 version (php, 5.1.0 5.1.1 only)
CVE-2006-0197 ignore (xorg-x11) not an issue
CVE-2006-0195 version (squirrelmail, fixed 1.4.6) [since FEDORA-2006-133]
CVE-2006-0188 version (squirrelmail, fixed 1.4.6) [since FEDORA-2006-133]
CVE-2006-0097 ignore (php) Windows only
CVE-2006-0096 ignore (kernel) minor and requires root
CVE-2006-0095 version (kernel, fixed 2.6.15.5) [since FEDORA-2006-245] was backport since FEDORA-2006-102
CVE-2006-0082 version (ImageMagick, not 6.2.2.0)
CVE-2006-0058 version (sendmail, fixed 8.13.6) [since FEDORA-2006-194]
CVE-2006-0052 version (mailman, fixed 2.1.6) #187421 [since FEDORA-2006-534]
CVE-2006-0049 version (gnupg, fixed 1.4.2.2) [since FEDORA-2006-147]
CVE-2006-0040 VULNERABLE (gtkhtml)
CVE-2006-0039 version (kernel, fixed 2.6.16.17) [since FEDORA-2006-573]
CVE-2006-0037 version (kernel, fixed 2.6.15.5, only 2.6.14 and 2.6.15) [since FEDORA-2006-245] was backport since FEDORA-2006-077
CVE-2006-0036 version (kernel, fixed 2.6.15.5, only 2.6.14 and 2.6.15) [since FEDORA-2006-245] was backport since FEDORA-2006-077
CVE-2006-0035 version (kernel, fixed 2.6.15.5) [since FEDORA-2006-245] was backport since FEDORA-2006-077
CVE-2006-0019 version (kdelibs, fixed 3.5.1) [since FEDORA-2006-090] was backport since FEDORA-2006-050
CVE-2005-4798 version (kernel, not 2.6)
CVE-2005-4784 ignore (glibc) struct dirent is big enough
CVE-2005-4746 version (freeradius) we don't build vulnerable bits
CVE-2005-4745 version (freeradius) we don't build vulnerable bits
CVE-2005-4744 VULNERABLE (freeradius, fixed 1.0.5) #167677
CVE-2005-4720 VULNERABLE (thunderbird)
CVE-2005-4720 VULNERABLE (mozilla)
CVE-2005-4720 VULNERABLE (firefox)
CVE-2005-4703 ignore (tomcat) windows only
CVE-2005-4685 VULNERABLE (mozilla)
CVE-2005-4685 VULNERABLE (firefox)
CVE-2005-4684 VULNERABLE (kdebase) not fixed upstream
CVE-2005-4667 backport (unzip) [since FEDORA-2006-098] #178961
CVE-2005-4639 version (kernel, fixed 2.6.15) [since FEDORA-2006-077]
CVE-2005-4636 version (openoffice.org, fixed 2.0.1)
CVE-2005-4635 version (kernel, fixed 2.6.15) [since FEDORA-2006-077] was backport since FEDORA-2006-013
CVE-2005-4618 version (kernel, fixed 2.6.15) [since FEDORA-2006-077] was backport since FEDORA-2006-013
CVE-2005-4605 version (kernel, fixed 2.6.15) [since FEDORA-2006-077] was backport since FEDORA-2006-013
CVE-2005-4585 version (ethereal, fixed 0.10.14) [since FEDORA-2006-006]
CVE-2005-4442 version (openldap) gentoo only
CVE-2005-4348 version (fetchmail, fixed 6.2.5.5) #176267 [since FEDORA-2005-1187]
CVE-2005-4268 blocked (cpio) #172669 by FORTIFY_SOURCE
CVE-2005-4158 backport (sudo) [since FEDORA-2005-1147] was ignore only env_reset will properly clean the environment
CVE-2005-4154 ignore (php) don't install untrusted pear packages
CVE-2005-4153 version (mailman) [since FEDORA-2006-534]
CVE-2005-4134 backport (mozilla) [since FEDORA-2006-075]
CVE-2005-4134 backport (firefox) [since FEDORA-2006-076]
CVE-2005-4130 ignore (HelixPlayer) not verified
CVE-2005-4126 ignore (HelixPlayer) not verified
CVE-2005-4077 backport (curl) [since FEDORA-2005-1137]
CVE-2005-3964 backport (openmotif) #174815 [since FEDORA-2006-854]
CVE-2005-3962 backport (perl) [since FEDORA-2005-1144]
CVE-2005-3912 backport (perl) [since FEDORA-2005-1144]
CVE-2005-3896 ignore (mozilla) recoverable DoS only
CVE-2005-3883 VULNERABLE (php)
CVE-2005-3858 version (kernel, fixed 2.6.13) [since FEDORA-2005-949]
CVE-2005-3857 version (kernel, fixed 2.6.15) [since FEDORA-2006-077]
CVE-2005-3848 version (kernel, fixed 2.6.13) [since FEDORA-2005-949]
CVE-2005-3847 version (kernel, fixed 2.6.12.6) [since FEDORA-2005-949] was backport since [FEDORA-2005-906]
CVE-2005-3810 version (kernel, fixed 2.6.15) [since FEDORA-2006-077] was backport since FEDORA-2005-1104 affects 2.6.14 only [vulnerable since FEDORA-2005-1067]
CVE-2005-3809 version (kernel, fixed 2.6.15) [since FEDORA-2006-077] was backport since FEDORA-2005-1104 affects 2.6.14 only [vulnerable since FEDORA-2005-1067]
CVE-2005-3808 version (kernel, fixed 2.6.15) was backport since FEDORA-2005-1104
CVE-2005-3807 version (kernel, fixed 2.6.15) was backport since FEDORA-2005-1104
CVE-2005-3806 version (kernel, fixed 2.6.14) [since FEDORA-2005-1067]
CVE-2005-3805 version (kernel, fixed 2.6.14) [since FEDORA-2005-1067]
CVE-2005-3784 version (kernel, fixed 2.6.15) [since FEDORA-2006-077] was backport since FEDORA-2005-3784
CVE-2005-3783 version (kernel, fixed 2.6.14.2) [since FEDORA-2006-077] was backport since FEDORA-2005-1104
CVE-2005-3753 version (kernel, fixed 2.6.14) also not a vuln
CVE-2005-3745 ignore (struts, fixed 1.2.8) but not through tomcat
CVE-2005-3732 VULNERABLE (ipsec-tools, fixed 0.6.3) #173842
CVE-2005-3675 VULNERABLE (kernel) optack
CVE-2005-3671 version (openswan, fixed 2.4.4) [since FEDORA-2005-1093]
CVE-2005-3662 version (netpbm)
CVE-2005-3656 backport (mod_auth_pgsql, fixed 2.0.3) [since FEDORA-2006-015]
CVE-2005-3651 version (ethereal, fixed 0.10.14) [since FEDORA-2006-006]
CVE-2005-3632 version (netpbm)
CVE-2005-3631 version (udev)
CVE-2005-3629 VULNERABLE (initscripts, fixed 8.29 at least)
CVE-2005-3628 version (poppler, fixed 0.4.4) [since FEDORA-2005-026] was backport since FEDORA-2005-1171
CVE-2005-3628 version (kdegraphics, fixed 3.5.1) [since FEDORA-2006-088] was backport since FEDORA-2005-1160
CVE-2005-3628 backport (xpdf) [since FEDORA-2005-1169]
CVE-2005-3628 backport (tetex) [since FEDORA-2005-1126]
CVE-2005-3628 backport (cups) [since FEDORA-2005-1142]
CVE-2005-3627 version (poppler, fixed 0.4.4) [since FEDORA-2005-026]
CVE-2005-3627 version (kdegraphics, fixed 3.5.1) [since FEDORA-2006-088] was backport since FEDORA-2005-1160
CVE-2005-3627 backport (xpdf) [since FEDORA-2005-027]
CVE-2005-3627 backport (tetex) [since FEDORA-2006-028]
CVE-2005-3627 backport (cups) [since FEDORA-2006-010]
CVE-2005-3626 version (poppler, fixed 0.4.4) [since FEDORA-2005-026]
CVE-2005-3626 version (kdegraphics, fixed 3.5.1) [since FEDORA-2006-088] was backport since FEDORA-2005-1160
CVE-2005-3626 backport (xpdf) [since FEDORA-2005-027]
CVE-2005-3626 backport (tetex) [since FEDORA-2006-028]
CVE-2005-3626 backport (cups) [since FEDORA-2006-010]
CVE-2005-3625 version (poppler, fixed 0.4.4) [since FEDORA-2005-026]
CVE-2005-3625 version (kdegraphics, fixed 3.5.1) [since FEDORA-2006-088] was backport since FEDORA-2005-1160
CVE-2005-3625 backport (xpdf) [since FEDORA-2005-027]
CVE-2005-3625 backport (tetex) [since FEDORA-2006-028]
CVE-2005-3625 backport (cups) [since FEDORA-2006-010]
CVE-2005-3624 version (poppler, fixed 0.4.4) [since FEDORA-2005-026]
CVE-2005-3624 version (kdegraphics, fixed 3.5.1) [since FEDORA-2006-088] was backport since FEDORA-2005-1160
CVE-2005-3624 backport (xpdf) [since FEDORA-2005-027]
CVE-2005-3624 backport (tetex) [since FEDORA-2006-028]
CVE-2005-3624 backport (cups) [since FEDORA-2006-010]
CVE-2005-3623 version (kernel, fixed 2.6.14.5) [since FEDORA-2006-077] was backport since FEDORA-2006-013
CVE-2005-3582 version (ImageMagick) gentoo only
CVE-2005-3573 version (mailman, fixed 2.1.7) #173140 [since FEDORA-2006-534]
CVE-2005-3527 version (kernel, fixed 2.6.14 at least) [since FEDORA-2005-1067]
CVE-2005-3402 ignore (thunderbird) mozilla say by design
CVE-2005-3392 ignore (php) safe mode isn't safe
CVE-2005-3391 ignore (php) safe mode isn't safe
CVE-2005-3390 backport (php, fixed 5.1.2 at least) [since FEDORA-2005-1062]
CVE-2005-3389 backport (php) [since FEDORA-2005-1062]
CVE-2005-3388 backport (php) [since FEDORA-2005-1062]
CVE-2005-3359 version (kernel, fixed 2.6.14) [since FEDORA-2005-1067]
CVE-2005-3358 version (kernel, fixed 2.6.11)
CVE-2005-3357 backport (httpd, fixed 2.0.56) [since FEDORA-2006-052]
CVE-2005-3356 version (kernel, fixed 2.6.16) [since FEDORA-2006-245] was backport since FEDORA-2006-077
CVE-2005-3353 backport (php) [since FEDORA-2005-1062]
CVE-2005-3352 backport (httpd, fixed 2.0.56) [since FEDORA-2006-052]
CVE-2005-3351 version (spamassassin, fixed 3.0.5) [since FEDORA-2006-545] was backport since FEDORA-2005-1066
CVE-2005-3350 version (libungif, fixed 4.1.3) [since FEDORA-2005-1046]
CVE-2005-3322 version (squid, not upstream) SUSE only
CVE-2005-3319 ignore (mod_php) no security consequence
CVE-2005-3313 version (ethereal, fixed 0.10.14) [since FEDORA-2006-006]
CVE-2005-3276 version (kernel, fixed 2.6.12.4) [since FEDORA-2005-949] was backport since FEDORA-2005-820
CVE-2005-3275 version (kernel, fixed 2.6.13) [since FEDORA-2005-949] was backport since FEDORA-2005-820
CVE-2005-3274 version (kernel, fixed 2.6.13) [since FEDORA-2005-949]
CVE-2005-3273 version (kernel, fixed 2.6.12) [since FEDORA-2005-510]
CVE-2005-3272 version (kernel, fixed 2.6.13) [since FEDORA-2005-949]
CVE-2005-3271 version (kernel, fixed 2.6.9) since GA
CVE-2005-3258 version (squid, fixed 2.5.STABLE12) [since FEDORA-2006-150] was backport since FEDORA-2005-1009
CVE-2005-3257 version (kernel, fixed 2.6.15) [since FEDORA-2006-077] was backport since FEDORA-2005-1138
CVE-2005-3249 version (ethereal, fixed 0.10.13) [since FEDORA-2005-1011]
CVE-2005-3248 version (ethereal, fixed 0.10.13) [since FEDORA-2005-1011]
CVE-2005-3247 version (ethereal, fixed 0.10.13) [since FEDORA-2005-1011]
CVE-2005-3246 version (ethereal, fixed 0.10.13) [since FEDORA-2005-1011]
CVE-2005-3245 version (ethereal, fixed 0.10.13) [since FEDORA-2005-1011]
CVE-2005-3244 version (ethereal, fixed 0.10.13) [since FEDORA-2005-1011]
CVE-2005-3243 version (ethereal, fixed 0.10.13) [since FEDORA-2005-1011]
CVE-2005-3242 version (ethereal, fixed 0.10.13) [since FEDORA-2005-1011]
CVE-2005-3241 version (ethereal, fixed 0.10.13) [since FEDORA-2005-1011]
CVE-2005-3193 version (poppler, fixed 0.4.4) [since FEDORA-2005-026] was backport since FEDORA-2005-1171
CVE-2005-3193 version (kdegraphics, fixed 3.5.1) [since FEDORA-2006-088] was backport since FEDORA-2005-1160
CVE-2005-3193 backport (xpdf) [since FEDORA-2005-1169]
CVE-2005-3193 backport (tetex) [since FEDORA-2005-1126]
CVE-2005-3193 backport (cups) [since FEDORA-2005-1142]
CVE-2005-3192 version (poppler, fixed 0.4.4) [since FEDORA-2005-026] was backport since FEDORA-2005-1171
CVE-2005-3192 version (kdegraphics, fixed 3.5.1) [since FEDORA-2006-088] was backport since FEDORA-2005-1160
CVE-2005-3192 backport (xpdf) [since FEDORA-2005-1169]
CVE-2005-3192 backport (tetex) [since FEDORA-2005-1126]
CVE-2005-3192 backport (cups) [since FEDORA-2005-1142]
CVE-2005-3191 version (poppler, fixed 0.4.4) [since FEDORA-2005-026] was backport since FEDORA-2005-1171
CVE-2005-3191 version (kdegraphics, fixed 3.5.1) [since FEDORA-2006-088] was backport since FEDORA-2005-1160
CVE-2005-3191 backport (xpdf) [since FEDORA-2005-1169]
CVE-2005-3191 backport (tetex) [since FEDORA-2005-1126]
CVE-2005-3191 backport (cups) [since FEDORA-2005-1142]
CVE-2005-3186 backport (gtk2) [since FEDORA-2005-1088]
CVE-2005-3186 backport (gdk-pixbuf) [since FEDORA-2005-1085]
CVE-2005-3185 blocked (wget) by FORTIFY_SOURCE
CVE-2005-3185 backport (curl) [since FEDORA-2005-1129] was blocked (curl) by FORTIFY_SOURCE
CVE-2005-3184 version (ethereal, fixed 0.10.13) [since FEDORA-2005-1011]
CVE-2005-3183 backport (w3c-libwww) #159597 [since FEDORA-2005-952]
CVE-2005-3181 version (kernel, fixed 2.6.13.4 at least) [since FEDORA-2005-1067] was backport since FEDORA-2005-1013
CVE-2005-3180 version (kernel, fixed 2.6.13.4 at least) [since FEDORA-2005-1067] was backport since FEDORA-2005-1013
CVE-2005-3179 version (kernel, fixed 2.6.13.4 at least) [since FEDORA-2005-1067] was backport since FEDORA-2005-1013
CVE-2005-3164 version (tomcat, not 5)
CVE-2005-3120 backport (lynx) [since FEDORA-2005-994]
CVE-2005-3119 version (kernel, fixed 2.6.13.4 at least) [since FEDORA-2005-1067] was backport since FEDORA-2005-1013
CVE-2006-3113 ** firefox/seamonkey/thunderbird
CVE-2005-3110 version (kernel, fixed 2.6.12) [since FEDORA-2005-510]
CVE-2005-3109 version (kernel, fixed 2.6.12) [since FEDORA-2005-510]
CVE-2005-3108 version (kernel, fixed 2.6.12) [since FEDORA-2005-510]
CVE-2005-3107 version (kernel, fixed 2.6.11)
CVE-2005-3106 version (kernel, fixed 2.6.11)
CVE-2005-3105 version (kernel, fixed 2.6.12) [since FEDORA-2005-510]
CVE-2005-3089 version (firefox, fixed 1.0.7) [since FEDORA-2005-926]
CVE-2005-3088 ignore (fetchmail) fetchmailconf not shipped
CVE-2005-3055 version (kernel, fixed 2.6.14 at least) [since FEDORA-2005-1067]
CVE-2005-3054 ignore (php) see #169857
CVE-2005-3053 version (kernel) [since FEDORA-2005-949] was backport since FEDORA-2005-820
CVE-2005-3044 version (kernel, fixed 2.6.13.2) [since FEDORA-2005-1067] was backport since FEODRA-2005-949
CVE-2005-3011 backport (texinfo) #169585 [since FEDORA-2005-991]
CVE-2005-2991 ignore (ncompress) don't ship zdiff or zcmp scripts
CVE-2005-2978 version (netpbm, fixed 10.25)
CVE-2005-2977 backport (pam) [since FEDORA-2005-1031]
CVE-2005-2976 backport (gdk-pixbuf) [since FEDORA-2005-1085]
CVE-2005-2975 backport (gtk2) [since FEDORA-2005-1088]
CVE-2005-2975 backport (gdk-pixbuf) [since FEDORA-2005-1085]
CVE-2005-2974 version (libungif, fixed 4.1.3) [since FEDORA-2005-1046]
CVE-2005-2973 version (kernel, 2.6.14 at least) [since FEODRA-2005-1067]
CVE-2005-2970 backport (httpd) #171759 [since FEDORA-2006-052]
CVE-2005-2969 backport (openssl097a, fixed 0.9.7h) [since FEDORA-2005-986]
CVE-2005-2969 backport (openssl, fixed 0.9.7h) [since FEDORA-2005-986]
CVE-2005-2968 version (thunderbird) [since FEDORA-2005-963]
CVE-2005-2968 version (mozilla, not 1.7.10) +we include a different mozilla sh
CVE-2005-2968 version (firefox) [since FEDORA-2005-926]
CVE-2005-2959 ignore (sudo) not a vulnerability
CVE-2005-2946 VULNERABLE (openssl, fixed 0.9.8) (as it uses md5 md)
CVE-2005-2933 backport (libc-client) [since FEDORA-2005-1115]
CVE-2005-2933 VULNERABLE (uw-imap) #171345
CVE-2005-2929 backport (lynx) [since FEDORA-2005-1079]
CVE-2005-2922 version (HelixPlayer, fixed 1.0.6) [since FEDORA-2005-940]
CVE-2005-2917 version (squid, fixed 2.5.STABLE11) [since FEDORA-2005-913]
CVE-2005-2876 backport (util-linux, fixed 2.12r) [since FEDORA-2005-887]
CVE-2005-2874 version (cups, fixed 1.1.23)
CVE-2005-2873 VULNERABLE (kernel) not upstream fixed
CVE-2005-2872 version (kernel, fixed 2.6.12) [since FEDORA-2005-510]
CVE-2005-2871 version (thunderbird) (moderate only) [since FEDORA-2005-963]
CVE-2005-2871 version (mozilla, fixed 1.7.12) [since FEDORA-2005-927] was backport [since FEDORA-2005-873]
CVE-2005-2871 version (firefox, fixed 1.0.7) [since FEDORA-2005-926] was backport [since FEDORA-2005-871]
CVE-2005-2811 version (net-snmp, not upstream) gentoo only
CVE-2005-2801 version (kernel, fixed 2.6.11)
CVE-2005-2800 version (kernel, fixed 2.6.12.6) [since FEDORA-2005-949] was backport since FEDORA-2005-906
CVE-2005-2798 version (openssh, fixed 4.2) [since FEDORA-2005-860]
CVE-2005-2797 version (openssh, fixed 4.2) [since FEDORA-2005-860]
CVE-2005-2796 version (squid, fixed 2.5.STABLE11) [since FEDORA-2005-913] was backport since FEDORA-2005-851
CVE-2005-2794 version (squid, fixed 2.5.STABLE11) [since FEDORA-2005-913] was backport since FEDORA-2005-851
CVE-2005-2728 backport (httpd, fixed 2.0.55-dev) [since FEDORA-2005-849]
CVE-2005-2710 version (helixplayer, fixed 1.0.6) [since FEDORA-2005-940]
CVE-2005-2709 version (kernel, fixed 2.6.14.3) [since FEDORA-2006-077] was backport since FEDORA-2005-1104
CVE-2005-2708 ignore (kernel) not reproducable on x86_64
CVE-2005-2707 version (thunderbird) [since FEDORA-2005-963]
CVE-2005-2707 version (mozilla, fixed 1.7.12) [since FEDORA-2005-927]
CVE-2005-2707 version (firefox, fixed 1.0.7) [since FEDORA-2005-926]
CVE-2005-2706 version (thunderbird) [since FEDORA-2005-963]
CVE-2005-2706 version (mozilla, fixed 1.7.12) [since FEDORA-2005-927]
CVE-2005-2706 version (firefox, fixed 1.0.7) [since FEDORA-2005-926]
CVE-2005-2705 version (thunderbird) [since FEDORA-2005-963]
CVE-2005-2705 version (mozilla, fixed 1.7.12) [since FEDORA-2005-927]
CVE-2005-2705 version (firefox, fixed 1.0.7) [since FEDORA-2005-926]
CVE-2005-2704 version (thunderbird) [since FEDORA-2005-963]
CVE-2005-2704 version (mozilla, fixed 1.7.12) [since FEDORA-2005-927]
CVE-2005-2704 version (firefox, fixed 1.0.7) [since FEDORA-2005-926]
CVE-2005-2703 version (thunderbird) [since FEDORA-2005-963]
CVE-2005-2703 version (mozilla, fixed 1.7.12) [since FEDORA-2005-927]
CVE-2005-2703 version (firefox, fixed 1.0.7) [since FEDORA-2005-926]
CVE-2005-2702 version (thunderbird) [since FEDORA-2005-963]
CVE-2005-2702 version (mozilla, fixed 1.7.12) [since FEDORA-2005-927]
CVE-2005-2702 version (firefox, fixed 1.0.7) [since FEDORA-2005-926]
CVE-2005-2701 version (mozilla, fixed 1.7.12) [since FEDORA-2005-927]
CVE-2005-2701 version (firefox, fixed 1.0.7) [since FEDORA-2005-926]
CVE-2005-2700 backport (httpd, fixed 2.0.55-dev) [since FEDORA-2005-849]
CVE-2005-2693 backport (cvs) [since FEDORA-2005-790]
CVE-2005-2672 backport (lm_sensors) [since FEDORA-2005-1053]
CVE-2005-2666 VULNERABLE (openssh) #162681
CVE-2005-2642 version (mutt, openbsd only)
CVE-2005-2641 VULNERABLE (pam_ldap) #166164
CVE-2005-2629 version (helixplayer, fixed 1.0.6) [since FEDORA-2005-940]
CVE-2005-2617 version (kernel, fixed 2.6.12.5) [since FEDORA-2005-820]
CVE-2005-2602 ignore (thunderbird) probably
CVE-2005-2602 ignore (firefox) https://bugzilla.mozilla.org/show_bug.cgi?id=237085
CVE-2005-2558 version (mysql, fixed 4.1.13) [since FEDORA-2005-974]
CVE-2005-2558 ignore (mysql) not an issue
CVE-2005-2555 version (kernel, fixed 2.6.12.6pre) [since FEDORA-2005-949] was backport since FEDORA-2005-820
CVE-2005-2553 version (kernel, not 2.6)
CVE-2005-2550 backport (evolution) [since FEDORA-2005-743]
CVE-2005-2549 backport (evolution) [since FEDORA-2005-743]
CVE-2005-2548 version (kernel, fixed 2.6.9) only affected 2.6.8
CVE-2005-2547 version (bluez-pin, fixed 2.19) not before 2.16
CVE-2005-2541 ignore (tar) is documented behaviour
CVE-2005-2500 version (kernel, fixed 2.6.13) <2.6.13 was not vulnerable either
CVE-2005-2499 backport (slocate) [since FEDORA-2005-770]
CVE-2005-2498 version (php, fixed 1.4.0) [since FEDORA-2005-810]
CVE-2005-2496 backport (ntp, fixed 4.2.0b) ...0a-20040617-ntpd_guid.patch
CVE-2005-2495 backport (xorg-x11) [since FEDORA-2005-894]
CVE-2005-2494 version (kdebase, fixed after 3.4.2) #166997 [since FEDORA-2005-1152]
CVE-2005-2492 version (kernel, fixed 2.6.13.1) [since FEDORA-2005-949] was backport since FEDORA-2005-906
CVE-2005-2491 ignore (python, fc4 python does not contain pcre)
CVE-2005-2491 ignore (php, pcre uses system pcre)
CVE-2005-2491 ignore (httpd, pcre uses system pcre)
CVE-2005-2491 backport (pcre, fixed 6.2) [since FEDORA-2005-803]
CVE-2005-2490 version (kernel, fixed 2.6.13.1) [since FEDORA-2005-949] was backport since FEDORA-2005-906
CVE-2005-2475 VULNERABLE (unzip) #164928
CVE-2005-2471 version (netpbm, 10.31 at least) [since FEDORA-2005-000**] was backport since FEDORA-2005-728
CVE-2005-2459 ignore (kernel, fixed 2.6.12.5) dropped as code path not possible
CVE-2005-2458 version (kernel, fixed 2.6.12.5) [since FEDORA-2005-820]
CVE-2005-2457 ignore (kernel, fixed 2.6.12.5) this is just a bug
CVE-2005-2456 version (kernel, fixed 2.6.12.5) [since FEDORA-2005-820]
CVE-2005-2452 version (libtiff, fixed 3.7.0)
CVE-2005-2448 version (kdenetwork, fixed 3.4.2) [since FEDORA-2005-670] was backport since FEDORA-2005-624
CVE-2005-2414 ignore (mozilla) not being fixed upstream, just a crash
CVE-2005-2410 version (NetworkManager, fixed 5.0) [since FEDORA-2005-1027] was backport since FEDORA-2005-680
CVE-2005-2395 ignore (firefox) https://bugzilla.mozilla.org/show_bug.cgi?id=281851
CVE-2005-2370 version (kdenetwork, fixed 3.4.2) [since FEDORA-2005-670] was backport since FEDORA-2005-624
CVE-2005-2370 version (gaim, fixed 1.5.0) [since FEDORA-2005-751]
CVE-2005-2369 version (kdenetwork, fixed 3.4.2) [since FEDORA-2005-670] was backport since FEDORA-2005-624
CVE-2005-2368 version (vim, fixed 6.3.086 at least) [since FEDORA-2005-737]
CVE-2005-2367 version (ethereal, fixed 0.10.12) [since FEDORA-2005-655]
CVE-2005-2366 version (ethereal, fixed 0.10.12) [since FEDORA-2005-655]
CVE-2005-2365 version (ethereal, fixed 0.10.12) [since FEDORA-2005-655]
CVE-2005-2364 version (ethereal, fixed 0.10.12) [since FEDORA-2005-655]
CVE-2005-2363 version (ethereal, fixed 0.10.12) [since FEDORA-2005-655]
CVE-2005-2362 version (ethereal, fixed 0.10.12) [since FEDORA-2005-655]
CVE-2005-2361 version (ethereal, fixed 0.10.12) [since FEDORA-2005-655]
CVE-2005-2360 version (ethereal, fixed 0.10.12) [since FEDORA-2005-655]
CVE-2005-2353 ignore (thunderbird) debug mode only
CVE-2005-2337 version (ruby, fixed 1.8.3) [since FEDORA-2005-936]
CVE-2005-2335 version (fetchmail, fixed 6.2.5.2) [since FEDORA-2005-1108] was backport since FEDORA-2005-613
CVE-2005-2270 version (thunderbird, fixed 1.0.5) [since FEDORA-2005-606]
CVE-2005-2270 version (mozilla, fixed 1.7.9) [since FEDORA-2005-619]
CVE-2005-2270 version (firefox, fixed 1.0.5) [since FEDORA-2005-605]
CVE-2005-2269 version (thunderbird, fixed 1.0.5) [since FEDORA-2005-606]
CVE-2005-2269 version (mozilla, fixed 1.7.9) [since FEDORA-2005-619]
CVE-2005-2269 version (firefox, fixed 1.0.5) [since FEDORA-2005-605]
CVE-2005-2268 version (mozilla, fixed 1.7.9) [since FEDORA-2005-619]
CVE-2005-2268 version (firefox, fixed 1.0.5) [since FEDORA-2005-605]
CVE-2005-2267 version (mozilla, fixed 1.7.9) [since FEDORA-2005-619]
CVE-2005-2267 version (firefox, fixed 1.0.5) [since FEDORA-2005-605]
CVE-2005-2266 version (thunderbird, fixed 1.0.5) [since FEDORA-2005-606]
CVE-2005-2266 version (mozilla, fixed 1.7.9) [since FEDORA-2005-619]
CVE-2005-2266 version (firefox, fixed 1.0.5) [since FEDORA-2005-605]
CVE-2005-2265 version (thunderbird, fixed 1.0.5) [since FEDORA-2005-606]
CVE-2005-2265 version (mozilla, fixed 1.7.9) [si [since FEDORA-2005-619]
CVE-2005-2265 version (firefox, fixed 1.0.5) [since FEDORA-2005]
CVE-2005-2264 version (firefox, fixed 1.0.5) [since FEDORA-2005-605]
CVE-2005-2263 version (mozilla, fixed 1.7.9) [since FEDORA-2005-619]
CVE-2005-2263 version (firefox, fixed 1.0.5) [since FEDORA-2005-605]
CVE-2005-2262 version (firefox, fixed 1.0.5) [since FEDORA-2005-605]
CVE-2005-2261 version (thunderbird, fixed 1.0.5) [since FEDORA-2005-606]
CVE-2005-2261 version (mozilla, fixed 1.7.9) [since FEDORA-2005-619]
CVE-2005-2261 version (firefox, fixed 1.0.5) [since FEDORA-2005-605]
CVE-2005-2260 version (mozilla, fixed 1.7.9) [since FEDORA-2005-619]
CVE-2005-2260 version (firefox, fixed 1.0.5) [since FEDORA-2005-605]
CVE-2005-2177 version (net-snmp, fixed 5.2.1.2) [since FEDORA-2005-561]
CVE-2005-2114 version (mozilla, fixed 1.7.9) [since FEDORA-2005-619]
CVE-2005-2114 version (firefox, fixed 1.0.5) [since FEDORA-2005-605]
CVE-2005-2104 version (sysreport, fixed 1.4.1-5) [since FEDORA-2005-1071]
CVE-2005-2103 version (gaim, fixed 1.5.0) [since FEDORA-2005-751]
CVE-2005-2102 version (gaim, fixed 1.5.0) [since FEDORA-2005-751]
CVE-2005-2101 version (kdeedu, fixed after 3.4.2) [since FEDORA-2005-1158] was backport since FEDORA-2005-744
CVE-2005-2100 version (kernel, not upstream) only RHEL4
CVE-2005-2099 version (kernel, fixed 2.6.12.5) [since FEDORA-2005-820]
CVE-2005-2098 version (kernel, fixed 2.6.12.5) [since FEDORA-2005-820]
CVE-2005-2097 version (xpdf, fixed 3.0.1) [since FEDORA-2005-755] was backport since FEDORA-2005-729
CVE-2005-2097 backport (cups) [since FEDORA-2005-732]
CVE-2005-2096 backport (zlib) [since FEDORA-2005-523]
CVE-2005-2096 backport (rpm) [since FEDORA-2005-565]
CVE-2005-2095 version (squirrelmail, fixed 1.4.5) since [FEDORA-2005-780]
CVE-2005-2088 backport (httpd) [since FEDORA-2005-639]
CVE-2005-2069 backport (openldap) [since FEDORA-2005-992]
CVE-2005-2069 VULNERABLE (nss_ldap) http://bugzilla.padl.com/attachment.cgi?id=10&action=view
CVE-2005-2023 version (gnupg, fixed 1.9.15)
CVE-2005-1993 backport (sudo, fixed 1.6.8p9) [since FEDORA-2005-472]
CVE-2005-1992 version (ruby, fixed 1.8.3 at least) [since FEDORA-2005-936] was backport since FEDORA-2005-475
CVE-2005-1937 version (mozilla, fixed 1.7.9) [since FEDORA-2005-619]
CVE-2005-1937 version (firefox, fixed 1.0.5) [since FEDORA-2005-605]
CVE-2005-1934 version (gaim, fixed 1.3.1) [since FEDORA-2005-411]
CVE-2005-1921 version (php, fixed xml_rpm 1.3.1) [since FEDORA-2005-518]
CVE-2005-1920 version (kdelibs, fixed 3.4.1) [since FEDORA-2005-437]
CVE-2005-1918 version (tar)
CVE-2005-1913 version (kernel, fixed 2.6.12.2) [since FEDORA-2005-510]
CVE-2005-1852 version (kdenetwork, fixed 3.4.2) [since FEDORA-2005-670] was backport since FEDORA-2005-624
CVE-2005-1849 backport (zlib, fixed 1.2.3) [since FEDORA-2005-626]
CVE-2005-1831 ignore (sudo) unsubstantiated report
CVE-2005-1769 version (squirrelmail, fixed 1.4.5) since [FEDORA-2005-780]
CVE-2005-1768 version (kernel, fixed 2.6.6)
CVE-2005-1767 version (kernel, fixed 2.6.7)
CVE-2005-1766 version (HelixPlayer, fixed 1.0.5) [since FEDORA-2005-483]
CVE-2005-1765 version (kernel, fixed 2.6.12) [since FEDORA-2005-510]
CVE-2005-1764 version (kernel, fixed 2.6.12) [since FEDORA-2005-510]
CVE-2005-1763 version (kernel, fixed 2.6.12) [since FEDORA-2005-510]
CVE-2005-1762 version (kernel, fixed 2.6.12) [since FEDORA-2005-510]
CVE-2005-1761 version (kernel, fixed 2.6.12.2) [since FEDORA-2005-510]
CVE-2005-1760 VULNERABLE (sysreport)
CVE-2005-1759 ignore (php) dead code path
CVE-2005-1759 ignore (openldap, fixed shtool 2.0.2) flawed code path not used
CVE-2005-1751 ignore (openldap, fixed shtool 2.0.2) flawed code path not used
CVE-2005-1751 ignore (ncpfs) part of shtool in ncpfs is not vulnerable
CVE-2005-1751 VULNERABLE (nmap, fixed shtool 2.0.2) #158996
CVE-2005-1740 backport (net-snmp, not fixed)
CVE-2005-1739 backport (ImageMagick, fixed 6.2.2.3) [since re0526.1]
CVE-2005-1705 backport (gdb) [since FEDORA-2005-1033]
CVE-2005-1704 backport (gdb) [since FEDORA-2005-1033]
CVE-2005-1704 backport (binutils) ...eadelf-overflows.patch [since FEDORA-2005-498]
CVE-2005-1704 ** elfutils #159891
CVE-2005-1689 backport (krb5) [since FEDORA-2005-553]
CVE-2005-1686 ignore (gedit, not a vulnerability)
CVE-2005-1636 version (mysql, fixed 4.1.12) [since FEDORA-2005-557]
CVE-2005-1589 version (kernel, fixed 2.6.11.10) [since FEDORA-2005-510] was backport...2-rc4-git5 since re0522.0
CVE-2005-1571 version (php, fixed shtool 2.0.2) [since FEDORA-2005-518]
CVE-2005-1544 version (libtiff, fixed 3.7.1 at least)
CVE-2005-1532 version (thunderbird) [since FEDORA-2005-606]
CVE-2005-1532 version (mozilla, fixed 1.7.8) [since re0522.0]
CVE-2005-1532 version (firefox, fixed 1.0.4) [since re0522.0]
CVE-2005-1531 version (mozilla, fixed 1.7.8) [since re0522.0]
CVE-2005-1531 version (firefox, fixed 1.0.4) [since re0522.0]
CVE-2005-1519 version (squid, fixed 2.5.STABLE10) [since FEDORA-2005-913] was backport since GA (re0522.0)
CVE-2005-1470 version (ethereal, fixed 0.10.11)
CVE-2005-1469 version (ethereal, fixed 0.10.11)
CVE-2005-1468 version (ethereal, fixed 0.10.11)
CVE-2005-1467 version (ethereal, fixed 0.10.11)
CVE-2005-1466 version (ethereal, fixed 0.10.11)
CVE-2005-1465 version (ethereal, fixed 0.10.11)
CVE-2005-1464 version (ethereal, fixed 0.10.11)
CVE-2005-1463 version (ethereal, fixed 0.10.11)
CVE-2005-1462 version (ethereal, fixed 0.10.11)
CVE-2005-1461 version (ethereal, fixed 0.10.11)
CVE-2005-1460 version (ethereal, fixed 0.10.11)
CVE-2005-1459 version (ethereal, fixed 0.10.11)
CVE-2005-1458 version (ethereal, fixed 0.10.11)
CVE-2005-1457 version (ethereal, fixed 0.10.11)
CVE-2005-1456 version (ethereal, fixed 0.10.11)
CVE-2005-1455 version (freeradius, fixed 1.0.3) [since FEDORA-2005-602]
CVE-2005-1454 version (freeradius, fixed 1.0.3) [since FEDORA-2005-602]
CVE-2005-1431 version (gnutls, fixed 1.0.25)
CVE-2005-1410 version (postgresql, fixed 8.0.2)
CVE-2005-1409 version (postgresql, fixed 8.0.1)
CVE-2005-1369 version (kernel, fixed 2.6.12) [since FEDORA-2005-510] was backport in patch-2.6.12-rc3
CVE-2005-1368 version (kernel, fixed 2.6.12) [since FEDORA-2005-510] was backport in patch-2.6.12-rc3
CVE-2005-1345 version (squid, fixed 2.5.STABLE10) [since FEDORA-2005-913] was backport since GA
CVE-2005-1344 ignore (httpd) not a vulnerability
CVE-2005-1281 version (ethereal, fixed 0.10.11)
CVE-2005-1280 backport (tcpdump, not fixed in 3.8.3) in srpm
CVE-2005-1279 backport (tcpdump, not fixed in 3.8.3) in srpm
CVE-2005-1278 backport (tcpdump, not fixed in 3.8.3) in srpm
CVE-2005-1277 ignore (dupe)
CVE-2005-1275 version (ImageMagick, fixed 6.2.2)
CVE-2005-1269 version (gaim, fixed 1.3.1) [since FEDORA-2005-411]
CVE-2005-1268 backport (httpd) [since FEDORA-2005-639]
CVE-2005-1267 backport (tcpdump) [since FEDORA-2005-407]
CVE-2005-1266 version (spamassassin, fixed 3.0.4) [since FEDORA-2005-428]
CVE-2005-1265 version (kernel, fixed 2.6.12-rc5) [since FEDORA-2005-510] was backport since GA
CVE-2005-1264 version (kernel, fixed 2.6.11.10) [since FEDORA-2005-510] was backport since GA
CVE-2005-1263 version (kernel) [since FEDORA-2005-510] was patch-2.6.12-rc4-git5 since re0522.0
CVE-2005-1262 version (gaim, fixed 1.3.0) [since re0522.0]
CVE-2005-1261 version (gaim, fixed 1.3.0) [since re0522.0]
CVE-2005-1260 backport (bzip2) in srpm [since re0522.0]
CVE-2005-1229 backport (cpio) from srpm [since re0522.0]
CVE-2005-1228 backport (gzip) from srpm
CVE-2005-1194 backport (nasm) from srpm
CVE-2005-1184 ignore (kernel) expected to not be an issue
CVE-2005-1175 backport (krb5) [since FEDORA-2005-553]
CVE-2005-1174 backport (krb5) [since FEDORA-2005-553]
CVE-2005-1160 version (thunderbird) [since FEDORA-2005-606]
CVE-2005-1160 version (firefox)
CVE-2005-1160 version (mozilla)
CVE-2005-1159 version (thunderbird) [since FEDORA-2005-606]
CVE-2005-1159 version (firefox)
CVE-2005-1159 version (mozilla)
CVE-2005-1158 version (firefox, fixed 1.0.3)
CVE-2005-1157 version (firefox)
CVE-2005-1157 version (mozilla)
CVE-2005-1156 version (firefox)
CVE-2005-1156 version (mozilla)
CVE-2005-1155 version (firefox)
CVE-2005-1155 version (mozilla)
CVE-2005-1154 version (firefox)
CVE-2005-1154 version (mozilla)
CVE-2005-1153 version (firefox)
CVE-2005-1153 version (mozilla)
CVE-2005-1111 backport (cpio) from srpm
CVE-2005-1065 version (tetex, not upstream)
CVE-2005-1061 version (logwatch, in 4.3.2 at least)
CVE-2005-1046 version (kdelibs, fixed after 3.4.0) [since FEDORA-2005-437] was backport....delibs-kimgio-fixed.diff
CVE-2005-1043 version (php, fixed 4.3.11)
CVE-2005-1042 version (php, fixed 4.3.11)
CVE-2005-1041 version (kernel, fixed 2.6.12) was backport in patch-2.6.12-rc3
CVE-2005-1039 ignore (coreutils) not fixed upstream, not a real issue
CVE-2005-1038 backport (cron) from srpm
CVE-2005-0990 backport (sharutils) from srpm
CVE-2005-0989 version (thunderbird) [since FEDORA-2005-606]
CVE-2005-0989 version (mozilla, fixed 1.7.7)
CVE-2005-0989 version (firefox, fixed 1.0.3)
CVE-2005-0988 backport (gzip) from srpm
CVE-2005-0977 version (kernel, fixed 2.6.11)
CVE-2005-0967 version (gaim, fixed 1.2.1)
CVE-2005-0966 version (gaim, fixed 1.2.1)
CVE-2005-0965 version (gaim, fixed 1.2.1)
CVE-2005-0953 backport (bzip2) in srpm [since re0522.0]
CVE-2005-0941 version (ooffice, fixed 1.9 m95)
CVE-2005-0937 version (kernel, fixed 2.6.11)
CVE-2005-0916 version (kernel, fixed 2.6.12) was backport in patch-2.6.12-rc3
CVE-2005-0891 version (gtk2, fixed 2.2.4)
CVE-2005-0867 version (kernel, fixed 2.6.11)
CVE-2005-0866 version (cdrecord, DEBUG isn't enabled anyway)
CVE-2005-0839 version (kernel, fixed 2.6.11)
CVE-2005-0815 version (kernel, fixed 2.6.11.6) [since FEDORA-2005-510] was backport in patch-2.6.12-rc3
CVE-2005-0808 version (tomcat, fixed 5.x)
CVE-2005-0806 version (evolution, fixed 2.0.4)
CVE-2005-0799 version (mysql, not linux)
CVE-2005-0767 version (kernel, fixed 2.6.11)
CVE-2005-0766 version (ethereal, fixed after 0.10.9)
CVE-2005-0765 version (ethereal, fixed after 0.10.9)
CVE-2005-0763 version (mc, fixed 4.6.0)
CVE-2005-0762 version (ImageMagick, fixed 6.0)
CVE-2005-0761 version (ImageMagick, fixed 6.1.8)
CVE-2005-0760 version (ImageMagick, fixed 6.0)
CVE-2005-0759 version (ImageMagick, fixed 6.0)
CVE-2005-0758 version (gzip, fixed 1.3.5)
CVE-2005-0758 VULNERABLE (bzip2) by inspection #159819
CVE-2005-0757 version (kernel, not 2.6)
CVE-2005-0756 version (kernel, fixed 2.6.12) [since FEDORA-2005-510] was backport since GA
CVE-2005-0755 version (HelixPlayer, fixed 10.0.4)
CVE-2005-0754 version (kdewebdev, fixed after 3.4.0) [since FEDORA-2005-437] was backport since GA
CVE-2005-0753 backport (cvs, fixed 1.12.12) in cvs-1.11.17-CAN-2005-0753.patch
CVE-2005-0752 version (firefox, fixed 1.0.3)
CVE-2005-0750 version (kernel, fixed 2.6.11.6) was backport in patch-2.6.12-rc3
CVE-2005-0749 version (kernel, fixed 2.6.11.6) was backport in patch-2.6.12-rc3
CVE-2005-0739 version (ethereal, fixed after 0.10.9)
CVE-2005-0736 version (kernel, fixed 2.6.11)
CVE-2005-0718 version (squid, fixed 2.5.STABLE8)
CVE-2005-0711 version (mysql, fixed 4.1.11)
CVE-2005-0710 version (mysql, fixed 4.1.11)
CVE-2005-0709 version (mysql, fixed 4.1.11)
CVE-2005-0705 version (ethereal, fixed after 0.10.9)
CVE-2005-0704 version (ethereal, fixed after 0.10.9)
CVE-2005-0698 version (ethereal, fixed after 0.10.9)
CVE-2005-0664 version (libexif, fixed 0.6.12)
CVE-2005-0654 ignore (gimp, not fixed 2.2) upstream considers harmless
CVE-2005-0627 version (qt, fixed 3.3.4)
CVE-2005-0626 version (squid, fixed 2.5.STABLE10) [since FEDORA-2005-913] was backport since GA
CVE-2005-0611 version (HelixPlayer, fixed 1.0.3)
CVE-2005-0605 backport (xorg-x11) ...-fix-CAN-2005-0605.patch
CVE-2005-0605 ** openmotif
CVE-2005-0602 VULNERABLE (unzip, fixed 5.52) not in srpm
CVE-2005-0596 version (php, fixed 5.0)
CVE-2005-0593 version (firefox)
CVE-2005-0593 version (mozilla)
CVE-2005-0592 version (firefox)
CVE-2005-0592 version (mozilla)
CVE-2005-0591 version (firefox, fixed 1.0.1)
CVE-2005-0590 version (openswan, fixed 2.1.4)
CVE-2005-0590 version (firefox)
CVE-2005-0590 version (mozilla)
CVE-2005-0590 version (thunderbird)
CVE-2005-0589 version (firefox, fixed 1.0.1)
CVE-2005-0588 version (firefox)
CVE-2005-0588 version (mozilla)
CVE-2005-0587 version (firefox)
CVE-2005-0587 version (mozilla)
CVE-2005-0586 version (firefox)
CVE-2005-0586 version (mozilla)
CVE-2005-0585 version (firefox)
CVE-2005-0585 version (mozilla)
CVE-2005-0584 version (firefox)
CVE-2005-0584 version (mozilla)
CVE-2005-0578 version (firefox)
CVE-2005-0578 version (mozilla)
CVE-2005-0565 version (kernel, not 2.6)
CVE-2005-0532 version (kernel, fixed 2.6.11)
CVE-2005-0531 version (kernel, fixed 2.6.11)
CVE-2005-0530 version (kernel, fixed 2.6.11)
CVE-2005-0529 version (kernel, fixed 2.6.11)
CVE-2005-0527 version (mozilla, fixed 1.7.6)
CVE-2005-0527 version (firefox, fixed 1.0.1)
CVE-2005-0525 version (php, fixed 5.0.4)
CVE-2005-0524 version (php, fixed 5.0.4)
CVE-2005-0504 version (kernel, doesn't build in 2.6)
CVE-2005-0490 version (curl, fixed 7.13.1)
CVE-2005-0489 version (kernel, not 2.6)
CVE-2005-0488 backport (telnet) since ga
CVE-2005-0488 backport (krb5) [since FEDORA-2005-553]
CVE-2005-0473 version (gaim, fixed 1.1.3)
CVE-2005-0472 version (gaim, fixed 1.1.3)
CVE-2005-0469 version (krb5, fixed 1.4.1) [since FEDORA-2005-553] was backport since GA
CVE-2005-0469 backport (telnet) telnet-0.17-CAN-2005-468_469.patch
CVE-2005-0468 version (krb5, fixed 1.4.1) [since FEDORA-2005-553] was backport since GA
CVE-2005-0468 backport (telnet) telnet-0.17-CAN-2005-468_469.patch
CVE-2005-0455 version (HelixPlayer, fixed 1.0.3)
CVE-2005-0449 version (kernel, fixed 2.6.11)
CVE-2005-0448 version (perl, fixed 5.8.6) #173793
CVE-2005-0446 version (squid, fixed 2.5.STABLE9)
CVE-2005-0404 ignore (kde) won't fix http://bugs.kde.org/show_bug.cgi?id=96020
CVE-2005-0403 version (kernel, not upstream)
CVE-2005-0402 version (firefox, fixed 1.0.2)
CVE-2005-0401 version (mozilla, fixed 1.7.7)
CVE-2005-0401 version (firefox, fixed 1.0.2)
CVE-2005-0400 version (kernel, fixed in bk since 20050325, therefore 2.6.11.6) [since FEDORA-2005-510] was backport
CVE-2005-0399 version (mozilla)
CVE-2005-0399 verison (firefox)
CVE-2005-0399 version (thunderbird)
CVE-2005-0398 version (ipsec-tools, fixed 0.5)
CVE-2005-0397 version (ImageMagick, fixed 6.0.2.5)
CVE-2005-0396 version (kdelibs, fixed 3.4.0)
CVE-2005-0384 version (kernel, fixed 2.6.11.4)
CVE-2005-0372 version (gftp, fixed in 2.0.18 at least by inspection)
CVE-2005-0365 version (kdelibs, not 3.4)
CVE-2005-0337 version (postfix, not 2.2)
CVE-2005-0255 version (thunderbird, fixed 1.0.2)
CVE-2005-0255 version (mozilla, fixed 1.7.6)
CVE-2005-0255 version (firefox, fixed 1.0.1)
CVE-2005-0247 version (postgresql, fixed after 8.0)
CVE-2005-0246 version (postgresql, fixed 8.0.1)
CVE-2005-0245 version (postgresql, fixed 8.0.1)
CVE-2005-0244 version (postgresql, fixed 8.0.1)
CVE-2005-0241 version (squid, fixed 2.5.STABLE8)
CVE-2005-0238 version (epiphany, fixed since mozilla 1.7.6)
CVE-2005-0237 version (kdelibs, fixed 3.4.0)
CVE-2005-0233 version (mozilla, fixed 1.7.6)
CVE-2005-0233 version (firefox, fixed 1.0.1)
CVE-2005-0232 version (mozilla, fixed 1.7.6)
CVE-2005-0232 version (firefox, fixed 1.0.1)
CVE-2005-0231 version (mozilla, fixed 1.7.6)
CVE-2005-0231 version (firefox, fixed 1.0.1)
CVE-2005-0230 version (thunderbird, fixed 1.0.2)
CVE-2005-0230 version (mozilla, fixed 1.7.6)
CVE-2005-0230 version (firefox, fixed 1.0.1)
CVE-2005-0227 version (postgresql, fixed 8.0.1)
CVE-2005-0215 version (mozilla)
CVE-2005-0211 version (squid, fixed 2.5.STABLE8)
CVE-2005-0210 version (kernel, fixed 2.6.11)
CVE-2005-0209 version (kernel, fixed 2.6.11)
CVE-2005-0208 version (gaim, fixed 1.1.4)
CVE-2005-0207 version (kernel, fixed 2.6.11)
CVE-2005-0206 version (xpdf, only bad patch for 2004-0888)
CVE-2005-0205 version (kdenetwork, not 3.3 onwards)
CVE-2005-0204 version (kernel, didn't affect upstream)
CVE-2005-0202 version (mailman, fixed 2.1.6) [since FEDORA-2006-534] was backport since GA
CVE-2005-0201 backport (dbus) [since FEDORA-2005-822]
CVE-2005-0194 version (squid, fixed 2.5.STABLE8)
CVE-2005-0180 version (kernel, fixed 2.6.11)
CVE-2005-0179 version (kernel, fixed 2.6.11)
CVE-2005-0178 version (kernel, fixed 2.6.11)
CVE-2005-0177 version (kernel, fixed 2.6.11)
CVE-2005-0176 version (kernel, only affected 2.6.9)
CVE-2005-0175 version (squid, fixed 2.5.STABLE8)
CVE-2005-0174 version (squid, fixed 2.5.STABLE8)
CVE-2005-0173 version (squid, fixed 2.5.STABLE8)
CVE-2005-0162 version (openswan, fixed 2.3.0)
CVE-2005-0156 backport (perl, not 5.8.6) perl-5.8.5-CAN-2005-0155+0156.patch
CVE-2005-0155 backport (perl, not 5.8.6) perl-5.8.5-CAN-2005-0155+0156.patch
CVE-2005-0152 version (squirrelmail, not 1.4)
CVE-2005-0150 version (firefox, fixed 1.0)
CVE-2005-0149 version (mozilla)
CVE-2005-0149 version (firefox)
CVE-2005-0147 version (mozilla)
CVE-2005-0147 version (firefox)
CVE-2005-0146 version (mozilla)
CVE-2005-0146 version (firefox)
CVE-2005-0145 version (firefox, fixed 1.0)
CVE-2005-0144 version (mozilla)
CVE-2005-0144 version (firefox)
CVE-2005-0143 version (mozilla)
CVE-2005-0143 version (firefox)
CVE-2005-0142 version (mozilla)
CVE-2005-0142 version (firefox)
CVE-2005-0142 version (thunderbird)
CVE-2005-0141 version (mozilla)
CVE-2005-0141 version (firefox)
CVE-2005-0137 version (kernel, not 2.6)
CVE-2005-0136 version (kernel, fixed 2.6.11)
CVE-2005-0135 version (kernel, fixed 2.6.11)
CVE-2005-0124 version (kernel, fixed 2.6.11)
CVE-2005-0109 backport (openssl097a) [since FEDORA-2005-986]
CVE-2005-0109 backport (openssl) [since FEDORA-2005-986] 
CVE-2005-0104 version (squirrelmail, fixed 1.4.4)
CVE-2005-0103 version (squirrelmail, fixed 1.4.4)
CVE-2005-0102 version (evolution-data-server, fixed 1.2.2 at least)
CVE-2005-0100 version (emacs, fixed 21.4 at least)
CVE-2005-0097 version (squid, fixed 2.5.STABLE8)
CVE-2005-0096 version (squid, fixed 2.5.STABLE8)
CVE-2005-0095 version (squid, fixed 2.5.STABLE8)
CVE-2005-0094 version (squid, fixed 2.5.STABLE8)
CVE-2005-0092 version (kernel, not affected)
CVE-2005-0091 version (kernel, not affected)
CVE-2005-0090 version (kernel, not affected)
CVE-2005-0089 version (python, fixed 2.4.1 at least)
CVE-2005-0088 version (mod_python, fixed after 2.7.8)
CVE-2005-0087 version (alsa-lib, fixed 1.0.9) [since FEDORA-2005-470] was backport alsa-lib-mixer.patch since GA
CVE-2005-0086 version (less, didn't affect upstream)
CVE-2005-0085 version (htdig, fixed 3.1.6-r7)
CVE-2005-0084 version (ethereal, fixed 0.10.9)
CVE-2005-0080 version (mailman, not upstream)
CVE-2005-0078 version (kde, fixed 3.0.5)
CVE-2005-0077 version (perl-DBI, fixed in 1.48 at least)
CVE-2005-0075 version (squirrelmail, fixed 1.4.4)
CVE-2005-0069 backport (vim) in vim-6.3-tmpfile.patch
CVE-2005-0064 version (xpdf, fixed 3.0.1) [since FEDORA-2005-775] was backport since GA
CVE-2005-0064 version (tetex, fixed 3.0)
CVE-2005-0064 version (kpdf, not 3.4)
CVE-2005-0064 backport (cups) patch in SRPM
CVE-2005-0039 ignore (kernel) don't do this says the rfc
CVE-2005-0034 version (bind, fixed after 9.3.0)
CVE-2005-0033 version (bind, not 9)
CVE-2005-0023 ignore (libvte) not a security risk
CVE-2005-0014 backport (ncpfs) ncpfs-2.2.4-overflow2.patch [since re0522.0]
CVE-2005-0013 backport (ncpfs) in srpm
CVE-2005-0011 version (kdeedu, not 3.4)
CVE-2005-0010 version (ethereal, fixed 0.10.9)
CVE-2005-0009 version (ethereal, fixed 0.10.9)
CVE-2005-0008 version (ethereal, fixed 0.10.9)
CVE-2005-0007 version (ethereal, fixed 0.10.9)
CVE-2005-0006 version (ethereal, fixed 0.10.9)
CVE-2005-0005 version (ImageMagick, fixed after 6.1.7)
CVE-2005-0004 version (mysql, fixed 4.1.10)
CVE-2005-0003 version (kernel, fixed 2.6.10)
CVE-2005-0001 version (kernel, fixed 2.6.10)
CVE-2004-2660 version (kernel, fixed 2.6.10)
CVE-2004-2657 ignore (firefox) windows only
CVE-2004-2655 version (xscreensaver)
CVE-2004-2654 version (squid, fixed 2.6STABLE6)
CVE-2004-2607 version (kernel, fixed 2.6.5)
CVE-2004-2589 version (gaim, fixed 0.82)
CVE-2004-2546 version (samba, fixed 3.0.6)
CVE-2004-2541 blocked (cscope) by FORTIFY_SOURCE
CVE-2004-2536 version (kernel, fixed 2.6.7)
CVE-2004-2531 version (gnutls, fixed 1.0.17)
CVE-2004-2502 version (iiimf, fixed 11.4-46.1)
CVE-2004-2480 ignore (squid) #166523, not reproducable
CVE-2004-2479 version (squid, fixed 2.5.STABLE8)
CVE-2004-2396 version (passwd, fixed 0.69) verified in source
CVE-2004-2395 version (passwd, fixed 0.69) verified in source
CVE-2004-2394 version (passwd, fixed 0.69) verified in source
CVE-2004-2392 version (libuser, fixed 0.51.10)
CVE-2004-2343 ignore (httpd) not a security issue
CVE-2004-2302 version (kernel, fixed 2.6.10)
CVE-2004-2259 version (vsftpd, fixed 1.2.2)
CVE-2004-2228 version (firefox, fixed 1.0)
CVE-2004-2227 version (firefox, fixed 1.0)
CVE-2004-2225 version (firefox, fixed 0.10.1)
CVE-2004-2154 version (cups, fixed 1.2.21rc1)
CVE-2004-2149 version (mysql, fixed 4.1.5)
CVE-2004-2136 ignore (dm-crypt) design
CVE-2004-2135 ignore (kernel) design
CVE-2004-2093 ignore (rsync, not security issue)
CVE-2004-2069 version (openssh, not 4)
CVE-2004-2014 version (wget, fixed 1.10.1) [since FEDORA-2005-882]
CVE-2004-2013 ignore (kernel, not 2.6, also not exploitable)
CVE-2004-2004 ignore (openssh) SUSE LiveCD configuration only
CVE-2004-1880 version (openldap, fixed 2.2.21)
CVE-2004-1834 version (httpd, fixed 2.0.50)
CVE-2004-1773 backport (sharutils) from srpm
CVE-2004-1772 backport (sharutils) from srpm
CVE-2004-1761 version (ethereal, fixed 0.10.3)
CVE-2004-1689 version (sudo, fixed 1.6.8p1)
CVE-2004-1653 ignore (openssh)
CVE-2004-1639 version (mozilla)
CVE-2004-1639 version (firefox)
CVE-2004-1617 ignore (lynx) not able to verify flaw
CVE-2004-1614 version (mozilla, fixed 1.7.5)
CVE-2004-1613 version (mozilla, fixed 1.7.5)
CVE-2004-1488 version (wget, fixed 1.10.1) [since FEDORA-2005-882]
CVE-2004-1471 version (cvs, fixed 1.12.9)
CVE-2004-1453 version (glibc, fixed 2.3.5)
CVE-2004-1452 version (tomcat, fixed 5.0.27-r3)
CVE-2004-1451 version (mozilla)
CVE-2004-1451 version (firefox)
CVE-2004-1451 version (thunderbird)
CVE-2004-1450 version (mozilla)
CVE-2004-1450 version (firefox)
CVE-2004-1450 version (thunderbird)
CVE-2004-1449 version (mozilla)
CVE-2004-1449 version (firefox)
CVE-2004-1449 verison (thunderbird)
CVE-2004-1392 version (php, fixed 5.0.4)
CVE-2004-1382 version (glibc, not 2.3.5)
CVE-2004-1381 version (firefox)
CVE-2004-1381 version (mozilla)
CVE-2004-1380 version (firefox)
CVE-2004-1380 version (mozilla)
CVE-2004-1377 backport (a2ps, fixed 4.13?) patch included in srpm
CVE-2004-1337 version (kernel, fixed 2.6.11)
CVE-2004-1336 version (tetex, fixed 3.0) at least, checked source
CVE-2004-1335 version (kernel, fixed 2.6.10)
CVE-2004-1334 version (kernel, fixed 2.6.10)
CVE-2004-1333 version (kernel, fixed 2.6.10)
CVE-2004-1316 version (thunderbird, fixed 0.9)
CVE-2004-1316 version (mozilla, fixed 1.7.5)
CVE-2004-1308 version (libtiff, fixed in 3.7.1 at least)
CVE-2004-1307 version (libtiff, was already fixed with 0886)
CVE-2004-1304 version (file, fixed 4.12)
CVE-2004-1296 backport (groff) from srpm
CVE-2004-1287 backport (nasm) from srpm
CVE-2004-1270 version (cups, fixed 1.1.23)
CVE-2004-1269 version (cups, fixed 1.1.23)
CVE-2004-1268 version (cups, fixed 1.1.23)
CVE-2004-1267 version (cups, fixed 1.1.23)
CVE-2004-1237 version (kernel, not upstream)
CVE-2004-1235 version (kernel, fixed 2.6.11)
CVE-2004-1234 version (kernel, not 2.6)
CVE-2004-1224 version (mtr, fixed after 0.65)
CVE-2004-1200 ignore (firefox, mozilla) not a security issue
CVE-2004-1191 version (kernel, fixed 2.6.9)
CVE-2004-1190 version (kernel, fixed 2.6.10)
CVE-2004-1189 version (krb5, fixed 1.4)
CVE-2004-1186 backport (enscript) in srpm
CVE-2004-1185 backport (enscript) in srpm
CVE-2004-1184 backport (enscript) in srpm
CVE-2004-1183 backport (libtiff) libtiff-3.5.7-dump.patch
CVE-2004-1180 version (rwho, fixed 0.17)
CVE-2004-1177 version (mailman, fixed 2.1.6) [since FEDORA-2006-534] was backport since GA
CVE-2004-1176 version (mc, fixed 4.6.0)
CVE-2004-1175 version (mc, fixed 4.6.0)
CVE-2004-1174 version (mc, fixed 4.6.0)
CVE-2004-1171 version (kdelibs, not 3.4)
CVE-2004-1170 backport (a2ps) fixed 4.13b-40 from srpm
CVE-2004-1165 version (kdelibs, not 3.4)
CVE-2004-1158 version (kdelibs, not 3.4)
CVE-2004-1156 version (Mozilla, firefox)
CVE-2004-1154 version (samba, fixed 3.0.10)
CVE-2004-1151 version (kernel, fixed 2.6.10)
CVE-2004-1145 version (kde, not 3.4)
CVE-2004-1144 version (kernel, not 2.6)
CVE-2004-1143 version (mailman, fixed 2.1.5)
CVE-2004-1142 version (ethereal, fixed 0.10.8)
CVE-2004-1141 version (ethereal, fixed 0.10.8)
CVE-2004-1140 version (ethereal, fixed 0.10.8)
CVE-2004-1139 version (ethereal, fixed 0.10.8)
CVE-2004-1138 version (vim, fixed 6.3)
CVE-2004-1137 version (kernel, fixed 2.6.10)
CVE-2004-1125 version (xpdf, fixed 3.0.1) [since FEDORA-2005-775] was backport since ga
CVE-2004-1125 version (tetex, at least 3.0)
CVE-2004-1125 version (kdegraphics, not 3.4)
CVE-2004-1096 version (perl-Archive-Zip, fixed 1.14)
CVE-2004-1093 version (mc, fixed 4.6.0)
CVE-2004-1092 version (mc, fixed 4.6.0)
CVE-2004-1091 version (mc, fixed 4.6.0)
CVE-2004-1090 version (mc, fixed 4.6.0)
CVE-2004-1079 backport (ncpfs) from srpm
CVE-2004-1074 version (kernel, fixed 2.6.10)
CVE-2004-1073 version (kernel, fixed 2.6.10)
CVE-2004-1072 version (kernel, fixed 2.6.10)
CVE-2004-1071 version (kernel, fixed 2.6.10)
CVE-2004-1070 version (kernel, fixed 2.6.10)
CVE-2004-1069 version (kernel, fixed 2.6.10)
CVE-2004-1068 version (kernel, fixed 2.6.10)
CVE-2004-1065 version (php, fixed after 5.0.2)
CVE-2004-1064 version (php, fixed after 5.0.2)
CVE-2004-1063 version (php, fixed after 5.0.2)
CVE-2004-1060 version (kernel, all verifies sequence number)
CVE-2004-1058 version (kernel, fixed 2.6.9)
CVE-2004-1057 version (kernel, fixed 2.6.10)
CVE-2004-1056 version (kernel, fixed 2.6.10)
CVE-2004-1051 version (sudo, fixed 1.6.8p2)
CVE-2004-1036 version (squirrelmail, fixed 1.4.4)
CVE-2004-1026 backport (imlib) imlib-1.9.14-bounds.patch
CVE-2004-1025 backport (imlib) imlib-1.9.14-bounds.patch
CVE-2004-1020 version (php, fixed after 5.0.2)
CVE-2004-1019 version (php, fixed after 5.0.2)
CVE-2004-1018 version (php, fixed after 5.0.2)
CVE-2004-1017 version (kernel, fixed 2.6.10)
CVE-2004-1016 version (kernel, fixed 2.6.10)
CVE-2004-1014 version (nfs-utils, fixed 1.0.7)
CVE-2004-1009 version (mc, fixed 4.6.0)
CVE-2004-1006 version (dhcp, not 3)
CVE-2004-1005 version (mc, fixed 4.6.0)
CVE-2004-1004 version (mc, fixed 4.6.0)
CVE-2004-1002 ignore (ppp) not a security issue
CVE-2004-0997 version (kernel, not 2.6)
CVE-2004-0996 backport (cscope, not fixed in 15.5)
CVE-2004-0990 VULNERABLE (gd)
CVE-2004-0989 version (libxml2, fixed 2.6.15)
CVE-2004-0986 version (iptables, fixed 1.2.12)
CVE-2004-0983 version (ruby, fixed 1.8.2)
CVE-2004-0981 version (ImageMagick, fixed 6.1.0)
CVE-2004-0977 version (postgresql, fixed after 7.4.6)
CVE-2004-0976 backport (perl) [since FEDORA-2005-1077]
CVE-2004-0975 version (openssl, fixed 0.9.7f)
CVE-2004-0975 backport (openssl097a, fixed 0.9.7f) from srpm
CVE-2004-0974 version (netatalk, fixed 2.0.1 says netatalk ChangeLog)
CVE-2004-0972 version (lvm2, fixed 2.2.01.8 at least)
CVE-2004-0971 backport (krb5, see bug 136307) fixed by patch in SRPM
CVE-2004-0970 version (gzip) gzip-1.3.5-openbsd-owl-tmp.patch
CVE-2004-0969 version (groff, fixed 1.18.1.1)
CVE-2004-0968 version (glibc, fixed in 2.3.5 at least)
CVE-2004-0967 backport (ghostscript) srpm
CVE-2004-0966 version (gettext, fixed in 0.14.3 at least)
CVE-2004-0961 version (freeradius, fixed 1.0.1)
CVE-2004-0960 version (freeradius, fixed 1.0.1)
CVE-2004-0959 version (php, fixed 4.3.9)
CVE-2004-0958 version (php, fixed 4.3.9)
CVE-2004-0957 version (mysql, fixed 4.0.21)
CVE-2004-0956 version (mysql, fixed 4.0.20)
CVE-2004-0946 version (nfs-utils, fixed 1.0.6-r6)
CVE-2004-0942 version (httpd, fixed 2.0.53)
CVE-2004-0941 VULNERABLE (gd) seems wasn't fixed upstream #175414
CVE-2004-0940 version (httpd, not 2.0)
CVE-2004-0938 version (freeradius, fixed 1.0.1)
CVE-2004-0930 version (samba, fixed 3.0.8)
CVE-2004-0929 verison (libtiff, fixed 3.7.0)
CVE-2004-0923 version (cups, fixed 1.2.22)
CVE-2004-0918 version (squid, fixed 2.4.STABLE7)
CVE-2004-0914 version (xorg-x11, fixed after 6.8.1)
CVE-2004-0914 ** openmotif
CVE-2004-0909 version (mozilla)
CVE-2004-0909 version (thunderbird)
CVE-2004-0909 version (firefox)
CVE-2004-0908 version (mozilla, fixed 1.7.3) #133021
CVE-2004-0907 version (mozilla)
CVE-2004-0907 version (thunderbird)
CVE-2004-0907 version (firefox)
CVE-2004-0906 version (mozilla)
CVE-2004-0906 version (thunderbird)
CVE-2004-0906 version (firefox)
CVE-2004-0905 version (mozilla, fixed 1.7.3) #133012
CVE-2004-0904 version (mozilla, fixed 1.7.3) #133014
CVE-2004-0903 version (mozilla, fixed 1.7.3) #133016
CVE-2004-0902 version (mozilla, fixed 1.7.3) #133023
CVE-2004-0891 version (gaim, fixed 1.0.2)
CVE-2004-0889 version (xpdf, fixed 3.0.1) [since FEDORA-2005-775] was backport since ga
CVE-2004-0888 version (xpdf, fixed 3.0.1) [since FEDORA-2005-775] was backport since ga
CVE-2004-0888 version (tetex, fixed 3.0)
CVE-2004-0888 version (kpdegraphics, not 3.4)
CVE-2004-0888 backport (cups) patch in SRPM
CVE-2004-0887 version (kernel, fixed 2.6.10)
CVE-2004-0886 version (libtiff, fixed 3.7.1 at least)
CVE-2004-0886 version (kdegraphics, fixed by Update on 20041109)
CVE-2004-0885 version (httpd, fixed after 2.0.52)
CVE-2004-0884 version (cyrus-sasl, fixed 2.1.20)
CVE-2004-0883 version (kernel, fixed 2.6.11)
CVE-2004-0883 version (kernel, fixed 2.6.11)
CVE-2004-0882 version (samba, fixed 3.0.8)
CVE-2004-0871 ignore (mozilla, unfixed upstream with no patch)
CVE-2004-0870 ignore (kde) upstream won't fix
CVE-2004-0867 version (firefox, after 0.9.2)
CVE-2004-0837 version (mysql, fixed 4.0.21)
CVE-2004-0836 version (mysql, fixed 4.0.21)
CVE-2004-0835 version (mysql, fixed 4.1.2)
CVE-2004-0832 version (squid, fixed 2.5.STABLE7)
CVE-2004-0829 version (samba, fixed 2.2.11)
CVE-2004-0827 version (ImageMagick, fixed 6.0.6.2)
CVE-2004-0823 version (openldap, fixed after 2.1.19)
CVE-2004-0817 version (imlib, fixed at least by 2.1.20)
CVE-2004-0816 version (kernel, fixed 2.6.8)
CVE-2004-0815 version (samba, fixed 3.0.2a)
CVE-2004-0814 version (kernel, fixed 2.6.9)
CVE-2004-0813 version (kernel, fixed 2.6.8)
CVE-2004-0812 version (kernel, not 2.6)
CVE-2004-0811 version (httpd, fixed 2.0.52)
CVE-2004-0809 version (httpd, fixed 2.0.51)
CVE-2004-0808 version (samba, fixed 3.0.7)
CVE-2004-0807 version (samba, fixed 3.0.7)
CVE-2004-0806 version (cdrtools, fixed 2.0.1)
CVE-2004-0804 version (libtiff, fixed after 3.6.1)
CVE-2004-0804 version (kdegraphics)
CVE-2004-0803 version (libtiff, fixed after 3.6.1)
CVE-2004-0803 version (kdegraphics)
CVE-2004-0802 version (imlib, fixed 1.1.2)
CVE-2004-0801 version (foomatic, fixed 3.0.2)
CVE-2004-0797 version (zlib, fixed in 1.2.2.2 at least)
CVE-2004-0797 version (zlib)
CVE-2004-0796 version (spamassassin, fixed 2.64)
CVE-2004-0792 version (rsync, fixed 2.6.3)
CVE-2004-0791 version (kernel, fixed 2.6.9)
CVE-2004-0790 version (kernel) doesn't affect linux 2.4, 2.6
CVE-2004-0788 version (gtk2, fixed 2.6.7 at least by inspection)
CVE-2004-0788 version (gdk-pixbuf, fixed 0.22)
CVE-2004-0786 version (apr-util, fixed 2.0.51)
CVE-2004-0785 version (gaim, fixed 0.82)
CVE-2004-0784 version (gaim, fixed 0.82)
CVE-2004-0783 version (gtk2, fixed 2.6.7 at least by inspection)
CVE-2004-0783 version (gdk-pixbuf, fixed 0.22)
CVE-2004-0782 version (gtk2, fixed 2.6.7 at least by inspection)
CVE-2004-0782 version (gdk-pixbuf, fixed 0.22)
CVE-2004-0779 version (mozilla)
CVE-2004-0779 version (firefox)
CVE-2004-0779 version (thunderbird)
CVE-2004-0778 version (cvs, fixed 1.11.17)
CVE-2004-0772 version (krb5, fixed after 1.2.8)
CVE-2004-0771 backport (lha, changelog)
CVE-2004-0769 backport (lha, changelog)
CVE-2004-0768 version (libpng, fixed 1.2.6)
CVE-2004-0765 version (mozilla, fixed 1.7) #234058
CVE-2004-0764 version (mozilla, fixed 1.7) #244965
CVE-2004-0763 version (mozilla, fixed 1.7.2) #253121
CVE-2004-0762 version (mozilla, fixed 1.7) #162020
CVE-2004-0761 version (mozilla, fixed 1.7) #240053
CVE-2004-0760 version (mozilla, fixed 1.7.2) #250906
CVE-2004-0759 version (mozilla, fixed 1.7) #241924
CVE-2004-0758 version (mozilla, fixed 1.7.2)
CVE-2004-0757 version (mozilla, fixed 1.7) #229374
CVE-2004-0755 version (ruby, fixed 1.8.1)
CVE-2004-0754 version (gaim, fixed 0.82)
CVE-2004-0753 version (gtk2, fixed after 2.2.4)
CVE-2004-0753 version (gdk-pixbuf, fixed 0.22)
CVE-2004-0752 version (openoffice.org, fixed after 1.1.2)
CVE-2004-0751 version (httpd, fixed 2.0.51)
CVE-2004-0750 version (system-config-nfs, fixed 1.0.13)
CVE-2004-0749 version (subversion, fixed 1.0.8)
CVE-2004-0748 version (httpd, fixed 2.0.51)
CVE-2004-0747 version (httpd, fixed 2.0.51)
CVE-2004-0746 version (kde, fixed 3.3)
CVE-2004-0745 backport (lha, changelog)
CVE-2004-0722 version (mozilla, fixed 1.7) #236618
CVE-2004-0721 version (kdelibs, fixed 3.3)
CVE-2004-0718 version (mozilla, fixed 1.7) #246448
CVE-2004-0700 version (httpd, not 2.0)
CVE-2004-0694 backport (lha, changelog)
CVE-2004-0693 version (qt, fixed 3.3.3)
CVE-2004-0692 version (qt, fixed 3.3.3)
CVE-2004-0691 version (qt, fixed 3.3.3)
CVE-2004-0690 version (kdelibs, fixed after 3.2.3)
CVE-2004-0689 version (kdelibs, fixed 3.3.0)
CVE-2004-0688 version (openmotif)
CVE-2004-0687 version (openmotif)
CVE-2004-0686 version (samba, fixed 3.0.6)
CVE-2004-0685 version (kernel, not 2.6)
CVE-2004-0658 ignore (kernel) not a security issue
CVE-2004-0648 version (mozilla)
CVE-2004-0648 version (firefox)
CVE-2004-0648 version (thunderbird)
CVE-2004-0644 version (krb5, fixed after 1.3.4)
CVE-2004-0643 version (krb5, fixed after 1.3.1)
CVE-2004-0642 version (krb5, fixed after 1.3.4)
CVE-2004-0639 version (squirrelmail, fixed after 1.2.10)
CVE-2004-0635 version (ethereal, fixed 0.10.5)
CVE-2004-0634 version (ethereal, fixed 0.10.5)
CVE-2004-0633 version (ethereal, fixed 0.10.5)
CVE-2004-0628 version (mysql, fixed 4.1.3)
CVE-2004-0627 version (mysql, fixed 4.1.3)
CVE-2004-0626 version (kernel, fixed 2.6.8)
CVE-2004-0619 version (kernel, no driver)
CVE-2004-0607 version (racoon, note RHSA-2004:308 has wrong text)
CVE-2004-0603 backport (gzip) gzip-1.3.5-openbsd-owl-tmp.patch
CVE-2004-0600 version (samba, fixed 3.0.6)
CVE-2004-0599 version (mozilla, fixed 1.7.2)
CVE-2004-0599 version (libpng10, fixed 1.0.16)
CVE-2004-0599 version (libpng, fixed 1.2.6)
CVE-2004-0598 version (libpng10, fixed 1.0.16)
CVE-2004-0598 version (libpng, fixed 1.2.6)
CVE-2004-0597 version (mozilla, fixed 1.7.2)
CVE-2004-0597 version (libpng10, fixed 1.0.16)
CVE-2004-0597 version (libpng, fixed 1.2.6)
CVE-2004-0595 version (php, fixed 4.3.8)
CVE-2004-0594 version (php, fixed 4.3.8)
CVE-2004-0592 version (kernel, not upstream flaw)
CVE-2004-0587 version (kernel, not upstream flaw)
CVE-2004-0558 version (cups, fixed 1.1.21)
CVE-2004-0557 version (sox, fixed after 12.17.4)
CVE-2004-0554 version (kernel, fixed 2.6.7)
CVE-2004-0548 ignore (aspell, not fixed 0.50.5) not a security issue
CVE-2004-0547 version (postgresql, fixed 7.2.1)
CVE-2004-0541 version (squid)
CVE-2004-0535 version (kernel, fixed 2.6.6)
CVE-2004-0527 version (konqueror, not 3+)
CVE-2004-0523 version (krb5, fixed 1.3.4)
CVE-2004-0521 version (squirrelmail, fixed 1.4.3a)
CVE-2004-0520 version (squirrelmail, fixed 1.4.3a)
CVE-2004-0519 version (squirrelmail, fixed 1.4.3a)
CVE-2004-0507 version (ethereal, fixed 0.10.4)
CVE-2004-0506 version (ethereal, fixed 0.10.4)
CVE-2004-0505 version (ethereal, fixed 0.10.4)
CVE-2004-0504 version (ethereal, fixed 0.10.4)
CVE-2004-0500 version (gaim, fixed 0.82)
CVE-2004-0497 version (kernel, fixed 2.6.8)
CVE-2004-0496 version (kernel, fixed 2.6.8)
CVE-2004-0495 version (kernel, fixed 2.6.8)
CVE-2004-0494 version (mc, fixed 4.6.1)
CVE-2004-0493 version (httpd, fixed 2.0.50)
CVE-2004-0492 version (httpd, not 2.0)
CVE-2004-0491 version (kernel, not upstream)
CVE-2004-0488 version (httpd, fixed 2.0.50)
CVE-2004-0478 ignore (mozilla) not a security issue
CVE-2004-0461 version (dhcp, fixed after 3.0.1rc13)
CVE-2004-0460 version (dhcp, fixed after 3.0.1rc13)
CVE-2004-0457 version (mysql, fixed after 4.0.20)
CVE-2004-0452 backport (perl, not 5.8.6)
CVE-2004-0447 version (kernel, fixed 2.6.5)
CVE-2004-0427 version (kernel, fixed 2.6.6)
CVE-2004-0426 version (rsync, fixed 2.6.1)
CVE-2004-0424 version (kernel, fixed 2.6.4)
CVE-2004-0421 version (libpng10, fixed 1.0.16)
CVE-2004-0421 version (libpng, fixed 1.0.16)
CVE-2004-0419 version (xorg-x11, fixed 6.8.2 at least)
CVE-2004-0418 version (cvs, fixed 1.11.17)
CVE-2004-0417 version (cvs, fixed 1.11.17)
CVE-2004-0416 version (cvs, fixed 1.11.17)
CVE-2004-0415 version (kernel, fixed 2.6.8)
CVE-2004-0414 version (cvs, fixed 1.11.17)
CVE-2004-0413 version (subversion, fixed 1.0.5)
CVE-2004-0412 version (mailman, fixed 2.1.5)
CVE-2004-0411 version (kdelibs, fixed 3.3)
CVE-2004-0409 version (xchat, fixed after 2.0.8)
CVE-2004-0405 version (cvs, fixed 1.11)
CVE-2004-0403 version (racoon, fixed 20040408a)
CVE-2004-0398 version (neon, fixed 0.24.6)
CVE-2004-0397 version (subversion, fixed 1.0.1)
CVE-2004-0396 version (cvs, fixed 1.12.8)
CVE-2004-0394 version (kernel, not 2.6 and not a vuln)
CVE-2004-0392 version (racoon, fixed 20040407b)
CVE-2004-0388 version (mysql, 4.1.11 is okay at least)
CVE-2004-0381 version (mysql, 4.1.11 is okay at least)
CVE-2004-0367 version (ethereal, fixed 0.10.3)
CVE-2004-0365 version (ethereal, fixed 0.10.3)
CVE-2004-0263 version (php, fixed 4.3.5)
CVE-2004-0256 version (libtool, fixed 1.5.2)
CVE-2004-0235 backport (lha, changelog)
CVE-2004-0234 backport (lha, changelog)
CVE-2004-0233 version (utempter, fixed 0.5.5)
CVE-2004-0232 version (mc, fixed 4.6.0)
CVE-2004-0231 version (mc, fixed 4.6.0)
CVE-2004-0229 version (kernel, fixed 2.6.6)
CVE-2004-0228 version (kernel, fixed 2.6.6)
CVE-2004-0226 version (mc, fixed 4.6.0)
CVE-2004-0191 version (Mozilla, fixed 1.4.2)
CVE-2004-0189 version (squid, fixed 2.5.STABLE5)
CVE-2004-0186 version (samba, not 3.0.2a)
CVE-2004-0184 version (tcpdump, fixed 3.8.2)
CVE-2004-0183 version (tcpdump, fixed 3.8.2)
CVE-2004-0182 version (mailman, only affected Red Hat packages)
CVE-2004-0181 version (kernel, fixed 2.6.5)
CVE-2004-0180 version (cvs, fixed 1.11.15)
CVE-2004-0179 version (openoffice.org)
CVE-2004-0179 version (neon, fixed 0.24.5)
CVE-2004-0178 version (kernel, not 2.6)
CVE-2004-0177 version (kernel, fixed 2.6.6)
CVE-2004-0176 version (ethereal, fixed 0.10.3)
CVE-2004-0175 version (openssh, fixed 3.4p1)
CVE-2004-0175 backport (krb5) [since FEDORA-2005-553]
CVE-2004-0174 version (httpd, fixed 2.0.49)
CVE-2004-0173 version (httpd, fixed 2.0.49)
CVE-2004-0164 version (racoon)
CVE-2004-0155 version (racoon)
CVE-2004-0154 version (nfs-utils, fixed 1.0.6)
CVE-2004-0150 version (python, fixed 2.2.2)
CVE-2004-0138 version (kernel, fixed 2.6.0)
CVE-2004-0133 version (kernel, 2.6.4)
CVE-2004-0113 version (httpd, fixed 2.0.49)
CVE-2004-0112 version (openssl, fixed 0.9.7d)
CVE-2004-0112 backport (openssl097a, fixed 0.9.7d) from srpm
CVE-2004-0111 version (gdk-pixbuf, fixed 0.20)
CVE-2004-0110 version (libxml2, fixed 2.6.6)
CVE-2004-0109 version (kernel, fixed 2.6.6)
CVE-2004-0108 version (sysstat)
CVE-2004-0107 version (sysstat, fixed after 4.0.7)
CVE-2004-0106 version (XFree86)
CVE-2004-0098 version (php)
CVE-2004-0097 version (pwlib, fixed 1.6.0)
CVE-2004-0096 version (mod_python, fixed after 2.7.9)
CVE-2004-0094 version (XFree86, fixed 4.3.0)
CVE-2004-0093 version (XFree86, fixed 4.3.0)
CVE-2004-0084 version (XFree86)
CVE-2004-0083 version (XFree86)
CVE-2004-0082 version (samba, fixed 3.0.2)
CVE-2004-0081 version (openssl097a, fixed 0.9.6d)
CVE-2004-0081 version (openssl, fixed 0.9.6d)
CVE-2004-0080 version (util-linux, fixed after 2.11f)
CVE-2004-0079 version (openssl, fixed 0.9.7c)
CVE-2004-0079 backport (openssl097a, fixed 0.9.7c) in srpm
CVE-2004-0078 version (mutt, fixed 1.4.2)
CVE-2004-0077 version (kernel, fixed 2.6.3)
CVE-2004-0075 version (kernel, not 2.6)
CVE-2004-0057 version (tcpdump, fixed 3.8.2)
CVE-2004-0055 version (tcpdump, fixed 3.8.2)
CVE-2004-0042 ignore (vsftpd) disputed
CVE-2004-0010 version (kernel, not 2.6)
CVE-2004-0008 version (gaim, fixed 0.75)
CVE-2004-0007 version (gaim, fixed 0.75)
CVE-2004-0006 version (gaim, fixed 0.76)
CVE-2004-0005 version (gaim, fixed 0.76)
CVE-2004-0003 version (kernel, not 2.6)
CVE-2004-0001 version (kernel, not 2.6)
CVE-2003-1303 version (php, fixed 4.3.3)
CVE-2003-1302 version (php, fixed 4.3.1)
CVE-2003-1295 version (xscreensaver)
CVE-2003-1294 version (xscreensaver, fixed 4.15)
CVE-2003-1265 VULNERABLE (mozilla)
CVE-2003-1265 VULNERABLE (firefox)
CVE-2003-1232 version (emacs, fixed 21.3)
CVE-2003-1201 version (openldap, not 2.2)
CVE-2003-1161 version (kernel, not released version)
CVE-2003-1138 backport (httpd, Red Hat only) contains /+ now
CVE-2003-1029 version (tcpdump, fixed after 3.8.1)
CVE-2003-1023 version (mc, 4.6.1)
CVE-2003-1013 version (ethereal, fixed 0.10.0)
CVE-2003-1012 version (ethereal, fixed 0.10.0)
CVE-2003-0993 version (httpd, not 2.0)
CVE-2003-0992 version (mailman, fixed 2.1.4)
CVE-2003-0992 version (mailman, fixed 2.1.3)
CVE-2003-0991 version (mailman, fixed 2.0.14)
CVE-2003-0990 version (squirrelmail, fixed after 1.4.0)
CVE-2003-0989 version (tcpdump, fixed 3.8.1)
CVE-2003-0989 version (tcpdump, fixed 3.8.1)
CVE-2003-0988 version (kdepim, fixed 3.1.5)
CVE-2003-0988 version (kde, fixed 3.1.5)
CVE-2003-0987 version (httpd, not 2.0)
CVE-2003-0986 version (kernel, fixed 2.6.2)
CVE-2003-0985 version (kernel, not 2.6)
CVE-2003-0984 version (kernel, fixed 2.4.23)
CVE-2003-0977 version (cvs, fixed 1.11.10)
CVE-2003-0973 version (mod_python, fixed 3.0.4)
CVE-2003-0972 version (screen, fixed after 4.0.1)
CVE-2003-0971 version (gnupg, fixed after 1.0.2)
CVE-2003-0968 version (freeradius, fixed after 0.9.3)
CVE-2003-0967 version (freeradius, fixed after 0.9.2)
CVE-2003-0965 version (mailman, fixed 2.1.4)
CVE-2003-0963 version (lftp, fixed after 2.6.9)
CVE-2003-0962 version (rsync, fixed 2.5.7)
CVE-2003-0961 version (kernel, fixed 2.4.23)
CVE-2003-0959 version (kernel, fixed 2.4.21)
CVE-2003-0956 version (kernel, fixed 2.4.22)
CVE-2003-0935 version (netsnmp, fixed 5.0.9)
CVE-2003-0927 version (ethereal, fixed 0.9.16)
CVE-2003-0926 version (ethereal, fixed 0.9.16)
CVE-2003-0925 version (ethereal, fixed 0.9.16)
CVE-2003-0924 version (netpbm, fixed 9.26)
CVE-2003-0914 version (bind, not 9)
CVE-2003-0901 version (postgresql, not 8)
CVE-2003-0900 version (perl, only 5.8.1)
CVE-2003-0885 version (xscreensaver, fixed 4.15)
CVE-2003-0865 version (tomcat, fixed after 4.0.3)
CVE-2003-0863 ignore (php, not a bug) http://lists.nyphp.org/pipermail/talk/2003-November/006392.html
CVE-2003-0861 version (php, fixed 4.3.3)
CVE-2003-0860 version (php, fixed 4.3.3)
CVE-2003-0859 version (glibc, checked source)
CVE-2003-0858 version (quagga, fixed 0.95)
CVE-2003-0856 version (iproute)
CVE-2003-0854 version (coreutils, fixed 5.1.3)
CVE-2003-0853 version (coreutils, fixed 5.1.3)
CVE-2003-0851 version (openssl097a, not 0.9.7)
CVE-2003-0851 version (openssl, not 0.9.7)
CVE-2003-0848 backport (slocate, changelog)
CVE-2003-0795 version (quagga, fixed 0.96.4)
CVE-2003-0794 version (gdm, fixed 2.4.1.7)
CVE-2003-0793 version (gdm, fixed 2.4.1.7)
CVE-2003-0792 version (fetchmail, 6.2.4 only)
CVE-2003-0791 version (mozilla, not after 1.4)
CVE-2003-0789 version (httpd, fixed 2.0.48)
CVE-2003-0788 version (cups, fixed 1.1.19)
CVE-2003-0787 version (openssh, fixed 3.7.1p2)
CVE-2003-0786 version (openssh, fixed 3.7.1p2)
CVE-2003-0780 version (mysql, not 4.1)
CVE-2003-0778 version (sane-backends, fixed 1.0.10)
CVE-2003-0777 version (sane-backends, fixed 1.0.10)
CVE-2003-0776 version (sane-backends, fixed 1.0.10)
CVE-2003-0775 version (sane-backends, fixed 1.0.10)
CVE-2003-0774 version (sane-backends, fixed 1.0.10)
CVE-2003-0773 version (sane-backends, fixed 1.0.10)
CVE-2003-0740 version (stunnel, fixed 3.26)
CVE-2003-0730 version (xfree86, fixed after 4.3.0)
CVE-2003-0700 version (kernel, not 2.6)
CVE-2003-0699 version (kernel, not 2.6)
CVE-2003-0695 version (openssh, fixed 3.7.1)
CVE-2003-0694 version (sendmail, fixed 8.12.10)
CVE-2003-0693 version (openssh, fixed 3.7)
CVE-2003-0692 version (kde, fixed after 3.1.3)
CVE-2003-0690 version (kde, fixed after 3.1.3)
CVE-2003-0689 version (glibc, fixed at least in 2.3.2) by inspection
CVE-2003-0688 version (sendmail, fixed 8.12.9)
CVE-2003-0686 version (pam_smb, fixed 1.1.7)
CVE-2003-0682 version (openssh, fixed at least in 4.0p1) by inspection
CVE-2003-0681 version (sendmail, fixed 8.12.10)
CVE-2003-0655 version (cdrtools, fixed 2.01a18)
CVE-2003-0644 version (kdbg, not after 1.2.8)
CVE-2003-0643 version (kernel, not 2.6)
CVE-2003-0619 version (kernel, not 2.6)
CVE-2003-0618 version (suidperl, fixed at least 5.8.6) by inspection
CVE-2003-0594 version (Mozilla, ICAT)
CVE-2003-0592 version (kde, fixed 3.1.3)
CVE-2003-0564 version (Mozilla, ICAT)
CVE-2003-0555 ignore (ImageMagick) wasn't reproducable
CVE-2003-0552 version (kernel, not 2.6)
CVE-2003-0551 version (kernel, not 2.6)
CVE-2003-0550 version (kernel, not 2.6)
CVE-2003-0549 version (gdm, fixed 2.4.1.6)
CVE-2003-0548 version (gdm, fixed 2.4.1.6)
CVE-2003-0547 version (gdm, fixed 2.4.1.6)
CVE-2003-0546 version (up2date, fixed after 3.1.23)
CVE-2003-0545 version (openssl, fixed 0.9.7c)
CVE-2003-0545 backport (openssl097a, fixed 0.9.7c) in srpm
CVE-2003-0544 version (openssl, fixed 0.9.7c)
CVE-2003-0544 backport (openssl097a, fixed 0.9.7c) in srpm
CVE-2003-0543 version (openssl, fixed 0.9.7c)
CVE-2003-0543 backport (openssl097a, fixed 0.9.7c) in srpm
CVE-2003-0542 version (httpd, fixed 2.0.48)
CVE-2003-0541 backport (gtkhtml, fixed 1.1.10) gtkhtml-1.1.9-textslave.patch
CVE-2003-0540 version (postfix, not 2.0 onwards)
CVE-2003-0517 version (mgetty, fixed 1.1.29)
CVE-2003-0516 version (mgetty, fixed 1.1.29)
CVE-2003-0501 version (kernel, fixed 2.6.1)
CVE-2003-0476 version (kernel, fixed 2.6.1)
CVE-2003-0468 version (postfix, fixed 1.1.12)
CVE-2003-0467 version (kernel, not 2.6)
CVE-2003-0465 version (kernel, not 2.6)
CVE-2003-0464 version (kernel, not 2.6)
CVE-2003-0462 version (kernel, fixed 2.6.1)
CVE-2003-0461 version (kernel, fixed 2.6.1)
CVE-2003-0459 version (kdelibs, not 3.2)
CVE-2003-0455 version (ImageMagick)
CVE-2003-0442 version (php, fixed 4.3.2)
CVE-2003-0434 version (xpdf, fixed 2.02pl1)
CVE-2003-0432 version (ethereal, fixed after 0.9.12)
CVE-2003-0431 version (ethereal, fixed after 0.9.12)
CVE-2003-0430 version (ethereal, fixed after 0.9.12)
CVE-2003-0429 version (ethereal, fixed after 0.9.12)
CVE-2003-0428 version (ethereal, fixed after 0.9.12)
CVE-2003-0427 backport (mikmod) [since FEDORA-2005-405]
CVE-2003-0418 version (kernel, not 2.6)
CVE-2003-0388 version (pam, fixed 0.78)
CVE-2003-0386 version (openssh, fixed after 3.6.1)
CVE-2003-0370 version (kde, fixed 3.0)
CVE-2003-0367 backport (gzip)
CVE-2003-0364 version (kernel, not 2.6)
CVE-2003-0357 version (ethereal, fixed after 0.9.11)
CVE-2003-0356 version (ethereal, fixed after 0.9.11)
CVE-2003-0354 version (ghostscript, fixed 7.07)
CVE-2003-0328 backport (epic, changelog)
CVE-2003-0326 ignore (slocate)
CVE-2003-0300 ignore (sylpheed) only a crasher
CVE-2003-0299 ignmore (mutt) only a crasher
CVE-2003-0298 version (mozilla, fixed after 1.4a)
CVE-2003-0296 version (evolution, fixed at least in 1.4.5)
CVE-2003-0289 version (cdrtools, fixed 2.01a14)
CVE-2003-0282 version (unzip, fixed 5.51)
CVE-2003-0255 version (gnupg, fixed 1.2.2)
CVE-2003-0253 version (httpd, fixed 2.0.47)
CVE-2003-0252 version (nfs-utils, fixed 1.0.4)
CVE-2003-0251 version (ypserv, fixed 2.7)
CVE-2003-0249 ignore (php) see CVE
CVE-2003-0248 version (kernel, not 2.6)
CVE-2003-0247 version (kernel, not 2.6)
CVE-2003-0246 version (kernel, not 2.6)
CVE-2003-0245 version (httpd, fixed 2.0.47)
CVE-2003-0245 version (httpd, fixed 2.0.46)
CVE-2003-0244 version (kernel, not 2.6)
CVE-2003-0211 version (xinetd, fixed 2.3.11)
CVE-2003-0204 version (kde, fixed after 3.1.1)
CVE-2003-0201 version (samba, fixed 2.2.8a)
CVE-2003-0196 version (samba, fixed 2.2.8a)
CVE-2003-0195 version (cups, fixed 1.1.19)
CVE-2003-0194 version (tcpdump, not upstream)
CVE-2003-0192 version (httpd, fixed 2.0.47)
CVE-2003-0190 version (openssh, fixed 3.6.1p1)
CVE-2003-0189 version (httpd, fixed 2.0.46)
CVE-2003-0188 version (lv, fixed 4.51 at least) by inspection
CVE-2003-0187 version (kernel, not 2.6)
CVE-2003-0167 version (mutt, fixed 1.4.1)
CVE-2003-0166 version (php, fixed 4.3.2)
CVE-2003-0165 version (eog, fixed 2.2.2)
CVE-2003-0161 version (sendmail, fixed 8.12.9)
CVE-2003-0160 version (squirrelmail, fixed 1.2.11)
CVE-2003-0159 version (ethereal, fixed after 0.9.9)
CVE-2003-0150 version (mysql, fixed 3.23.56)
CVE-2003-0147 version (openssl, fixed 0.9.7b)
CVE-2003-0147 backport (openssl097a, fixed 0.9.7b) in srpm
CVE-2003-0146 version (netpbm, fixed 10.18)
CVE-2003-0145 version (tcpdump, fixed 3.7.2)
CVE-2003-0140 version (mutt, fixed 1.4.1)
CVE-2003-0139 version (krb5, fixed 1.3)
CVE-2003-0138 version (krb5, fixed 1.3)
CVE-2003-0135 version (vsftpd, not upstream)
CVE-2003-0133 version (evolution, fixed 1.2.4)
CVE-2003-0132 version (httpd, fixed 2.0.45)
CVE-2003-0131 version (openssl, fixed 0.9.7b)
CVE-2003-0131 backport (openssl097a, fixed 0.9.7b) in srpm
CVE-2003-0130 version (evolution, fixed 1.2.3)
CVE-2003-0129 version (evolution, fixed 1.2.3)
CVE-2003-0128 version (evolution, fixed 1.2.3)
CVE-2003-0127 version (kernel, not 2.6)
CVE-2003-0124 version (man, fixed 1.5l)
CVE-2003-0108 version (tcpdump, fixed after 3.7.1)
CVE-2003-0107 version (zlib, fixed 1.2.0.2 at least) changelog
CVE-2003-0102 version (file, fixed 3.41)
CVE-2003-0097 version (php, fixed 4.3.1)
CVE-2003-0093 version (tcpdump, fixed 3.7.2)
CVE-2003-0086 version (samba, fixed 2.2.8)
CVE-2003-0085 version (samba, fixed 2.2.8)
CVE-2003-0083 version (httpd, fixed 2.0.46)
CVE-2003-0082 version (krb5, fixed after 1.2.7)
CVE-2003-0081 version (ethereal, fixed after 0.9.9)
CVE-2003-0078 version (openssl097a, fixed 0.9.7a)
CVE-2003-0078 version (openssl, fixed 0.9.7a)
CVE-2003-0073 version (mysql, fixed 3.23.55)
CVE-2003-0072 version (krb5, fixed after 1.2.7)
CVE-2003-0071 version (xorg-x11, fixed in 6.8.2 at least) by inspection
CVE-2003-0070 version (vte, fixed 0.11.1 at least) by inspection
CVE-2003-0063 version (xorg-x11, fixed at least in 4.2.99)
CVE-2003-0060 version (krb5, fixed 1.2.5)
CVE-2003-0059 version (krb5, fixed 1.2.5)
CVE-2003-0058 version (krb5, fixed 1.2.5)
CVE-2003-0056 version (slocate, fixed 2.7)
CVE-2003-0044 version (tomcat, fixed after 3.3.1a)
CVE-2003-0043 version (tomcat, fixed 3.3.1a)
CVE-2003-0041 version (krb5, fixed after 1.2.7)
CVE-2003-0038 version (mailman, fixed 2.0.13 at least)
CVE-2003-0028 version (krb5, fixed after 1.2.7)
CVE-2003-0028 version (glibc, fixed after 2.3.1)
CVE-2003-0026 version (dhcpd, fixed 3.0.1)
CVE-2003-0020 version (httpd, fixed 2.0.49)
CVE-2003-0019 version (kernel-utils, not upstream)
CVE-2003-0018 version (kernel, not 2.6)
CVE-2003-0017 version (httpd, fixed 2.0.44)
CVE-2003-0016 version (httpd, fixed 2.0.44)
CVE-2003-0015 version (cvs, fixed 1.11.5)
CVE-2003-0001 version (kernel, not 2.6)

older, happened to deal with at same time:

CVE-2002-2215 version (php, fixed 4.3.0)
CVE-2002-2214 version (php, fixed 4.2.2)
CVE-2002-2211 ** bind
CVE-2002-2210 ignore (openoffice) binary install only (not rpm install)
CVE-2002-2204 ignore (rpm) by design
CVE-2002-2196 version (samba, fixed 2.2.5)
CVE-2002-2185 version (kernel, fixed 2.6.15) [since FEODRA-2006-077]
CVE-2002-2103 version (apache, not 2.0)
CVE-2002-1963 version (kernel, not 2.6)
CVE-2002-1976 ignore (ifconfig) "use ip"
CVE-2002-1914 version (dump, fixed 0.4b29)
CVE-2002-1850 version (mod_cgi, fixed 2.0.41)
CVE-2002-1827 version (sendmail, fixed after 8.12.3)
CVE-2002-1814 ignore (bonobo) not shipped setuid
CVE-2002-1793 version (mod_ssl), also only hp
CVE-2002-1783 version (php, fixed after 4.2.3)
CVE-2002-1765 version (evolution, fixed 1.0.5)
CVE-2002-1593 version (httpd, fixed 2.0.42)
CVE-2002-1573 version (kernel, not 2.6)
CVE-2002-1572 version (kernel, not 2.6)
CVE-2002-1571 version (kernel, not 2.6)
CVE-2002-1510 version (XFree86, fixed 4.2.0)
CVE-2002-1472 version (XFree86, fixed 4.2.1)
CVE-2002-1363 version (libpng, fixed 1.2.6)
CVE-2002-0517 version (XFree86, didn't affect Linux)
CVE-2002-0164 version (XFree86, fixed 4.2.1)
CVE-2001-1490 version (mozilla, fixed 1.0.0)
CVE-2001-1494 version (util-linux, fixed 2.11n)
CVE-2001-0955 version (XFree86, fixed 4.2.0)
CVE-1999-1572 backport (cpio) from srpm
admin@fedoraproject.org	ViewVC Help
Powered by ViewVC 1.1.2