/[fedora]/fedora-security/audit/fc6
ViewVC logotype

Contents of /fedora-security/audit/fc6

Parent Directory Parent Directory | Revision Log Revision Log

Revision 1.306 - (show annotations) (download)
Mon Dec 10 18:10:07 2007 UTC (23 months, 1 week ago) by thoger
Branch: MAIN
CVS Tags: HEAD
Changes since 1.305: +16 -7 lines 
note last FC6 updates that managed to get in before EOL
fix EOL message
1 # $Id: fc6,v 1.306 2007/12/10 18:10:07 thoger Exp $
2
3 # ** are items that need attention
4 # *CVE are items that need verification for Fedora Core 6
5 # (mozilla) = (firefox, seamonkey, thunderbird, yelp, devhelp, galeon, liferea. epiphany)
6
7 # Up to date CVE as of CVE email 20071030
8 # Up to date FC6 as of 20071207
9
10 # This list is no longer maintained by the Red Hat Security Response
11 # Team as of 7th December 2007 (EOL date of FC6, ~one month after the
12 # release date of Fedora 8)
13 #
14 # Zod's dead baby, Zod's dead...
15
16 CVE-2007-6209 ignore (zsh) #409871 We don't ship the script
17 CVE-2007-6207 VULNERABLE (kernel) Xen cross-domain memory read
18 CVE-2007-6206 VULNERABLE (kernel) Core dump owner issue
19 CVE-2007-6203 ignore (httpd) #409831 User can't unput garbage before method name
20 CVE-2007-6110 backport (htdig) [since FEDORA-2007-757]
21 CVE-2007-5960 backport (mozilla) [since FEDORA-2007-756]
22 CVE-2007-5959 backport (mozilla) [since FEDORA-2007-756]
23 CVE-2007-5947 backport (mozilla) [since FEDORA-2007-756]
24 CVE-2007-5938 VULNERABLE (kernel) #385861 iwlwifi
25 CVE-2007-5937 backport (tetex) #379841 [since FEDORA-2007-750] Multiple dviljk buffer overflows
26 CVE-2007-5936 backport (tetex) #379841 [since FEDORA-2007-750] dviljk uses insecure temporary file
27 CVE-2007-5935 backport (tetex) #379841 [since FEDORA-2007-750] dvips -z buffer overflow with long href
28 CVE-2007-5925 ignore (mysql) Authenticated user can restart mysql.
29 CVE-2007-5907 VULNERABLE (xen) #390091
30 CVE-2007-5906 VULNERABLE (xen) #390091
31 CVE-2007-5795 version (emacs, only 21)
32 CVE-2007-5770 backport (ruby) #373371 [since FEDORA-2007-738]
33 CVE-2007-5708 backport (openldap) [since FEDORA-2007-741]
34 CVE-2007-5707 backport (openldap) [since FEDORA-2007-741]
35 CVE-2007-5501 version (kernel) [since FEDORA-2007-759]
36 CVE-2007-5500 version (kernel) [since FEDORA-2007-759]
37 CVE-2007-5461 VULNERABLE (tomcat5) #334521
38 CVE-2007-5398 backport (samba) [since FEDORA-2007-751]
39 CVE-2007-5393 backport (cups) [since FEDORA-2007-746]
40 CVE-2007-5393 VULNERABLE (poppler) #372491
41 CVE-2007-5393 VULNERABLE (kdegraphics) #372551
42 CVE-2007-5393 backport (tetex) [since FEDORA-2007-750]
43 CVE-2007-5392 backport (cups) [since FEDORA-2007-746]
44 CVE-2007-5392 VULNERABLE (poppler) #372491
45 CVE-2007-5392 VULNERABLE (kdegraphics) #372551
46 CVE-2007-5392 backport (tetex) [since FEDORA-2007-750]
47 CVE-2007-5340 version (mozilla) ff 2.0.0.8, tb 2.0.0.6, sm 1.1.5
48 CVE-2007-5339 version (mozilla) ff 2.0.0.8, tb 2.0.0.6, sm 1.1.5
49 CVE-2007-5338 version (mozilla) ff 2.0.0.8, tb 2.0.0.6, sm 1.1.5
50 CVE-2007-5337 version (mozilla) ff 2.0.0.8, tb 2.0.0.6, sm 1.1.5
51 CVE-2007-5335 ignore (mozilla) ff2 only
52 CVE-2007-5334 version (mozilla) ff 2.0.0.8, tb 2.0.0.6, sm 1.1.5
53 CVE-2007-5269 backport (libpng, fixed 1.2.21) #337471 [since FEDORA-2007-734]
54 CVE-2007-5268 ignore (libpng) shipped version too old and not affected
55 CVE-2007-5267 ignore (libpng) shipped version too old and not affected
56 CVE-2007-5266 ignore (libpng) shipped version too old and not affected
57 CVE-2007-5208 backport (hplip) #329121 [since FEDORA-2007-724]
58 CVE-2007-5197 backport (mono, fixed 1.2.5.1) #367571 [since FEDORA-2007-745]
59 CVE-2007-5191 backport (util-linux) #320141 [since FEDORA-2007-722]
60 CVE-2007-5162 version (ruby) #313801 [since FEDORA-2007-718]
61 CVE-2007-5137 backport (tk, fixed 8.4.16) #332071 [since FEDORA-2007-728]
62 CVE-2007-5135 backport (openssl, fixed 0.9.8d) [since FEDORA-2007-725]
63 CVE-2007-5116 backport (perl) #378121 [since FEDORA-2007-748]
64 CVE-2007-5079 VULNERABLE (gdm) #363031
65 CVE-2007-5034 version (elinks) #297611 [since FEDORA-2007-710]
66 CVE-2007-4995 backport (openssl, fixed 0.9.8f) [since FEDORA-2007-725]
67 CVE-2007-4993 backport (xen) [since FEDORA-2007-713]
68 CVE-2007-4990 version (xorg-x11-xfs, fixed 1.0.5) #373321 [since FEDORA-2007-763]
69 CVE-2007-4965 VULNERABLE (python) imageop module heap overflow #373281
70 CVE-2007-4924 VULNERABLE (opal, fixed 2.2.10) #297561
71 CVE-2007-4897 VULNERABLE (opal, fixed 2.2.8) #297561
72 CVE-2007-4851 ignore (tk) duplicate of CVE-2007-5137
73 CVE-2007-4841 ignore (mozilla) Windows only
74 CVE-2007-4829 VULNERABLE (perl-Archive-Tar) #315331
75 CVE-2007-4826 VULNERABLE (quagga, fixed 0.99.9) #315301
76 CVE-2007-4752 backport (openssh) #280471 [since FEDORA-2007-715]
77 CVE-2007-4743 backport (krb5) incomplete CVE-2007-3999 fix [since FEDORA-2007-694]
78 CVE-2007-4730 ignore (xorg-x11) #286061 ajax says FC6 is not vulnerable
79 CVE-2007-4721 version (wireshark, fixed 0.99.6) [since FEDORA-2007-628]
80 CVE-2007-4670 backport (php) [since FEDORA-2007-709]
81 CVE-2007-4663 ignore (php, fixed 5.2.4) #277991 safe_mode
82 CVE-2007-4662 ignore (php, fixed 5.2.4) #278101 triggerable only by modification to openssl.conf
83 CVE-2007-4661 ignore (php, fixed 5.2.4) 5.2.3, incomplete CVE-2007-2872 fix
84 CVE-2007-4660 ignore (php, fixed 5.2.4) CVE-2007-4661 duplicate, jorton mailed Mitre
85 CVE-2007-4659 ignore (php, fixed 5.2.4) #276531 (FC7/php-5.2 only)
86 CVE-2007-4658 backport (php, fixed 5.2.4) #278011 [since FEDORA-2007-709]
87 CVE-2007-4657 ignore (php, fixed 5.2.4) arbitrary read not remotely triggerable
88 CVE-2007-4619 backport (flac, fixed 1.2) #332581 [since FEDORA-2007-730]
89 CVE-2007-4575 backport (openoffice.org, fixed 2.3.1) [since FEDORA-2007-762]
90 CVE-2007-4572 backport (samba) [since FEDORA-2007-751]
91 CVE-2007-4571 version (kernel) [since FEDORA-2007-714]
92 CVE-2007-4569 backport (kdebase) #299741 [since FEDORA-2007-716]
93 CVE-2007-4568 version (xorg-x11-xfs, fixed 1.0.5) #373251 [since FEDORA-2007-763]
94 CVE-2007-4565 backport (fetchmail) #260881 [since FEDORA-2007-689]
95 CVE-2007-4559 VULNERABLE (python, not fixed upstream) #315291 Upstream WONTFIX. See where we use the code.
96 CVE-2007-4558 ignore (star, fixed 1.5a84) duplicate of CVE-2007-4134
97 CVE-2007-4476 backport (cpio) [since FEDORA-2007-742]
98 CVE-2007-4476 backport (tar) [since FEDORA-2007-735]
99 CVE-2007-4465 version (httpd) [since FEDORA-2007-707]
100 CVE-2007-4357 ignore (firefox) status bar can be overwrittten
101 CVE-2007-4352 backport (cups) [since FEDORA-2007-746]
102 CVE-2007-4352 VULNERABLE (poppler) #372491
103 CVE-2007-4352 VULNERABLE (kdegraphics) #372551
104 CVE-2007-4352 backport (tetex) [since FEDORA-2007-750]
105 CVE-2007-4351 backport (cups) #361671 [since FEDORA-2007-740]
106 CVE-2007-4255 ignore (php) msql extension not shipped
107 CVE-2007-4251 ignore (openoffice.org) just a crash
108 CVE-2007-4229 ignore (kdebase) just an ASSERT fail
109 CVE-2007-4225 ignore (kdebase) caused by fix to CVE-2007-3820 which we never shipped
110 CVE-2007-4224 backport (kdebase) too obvious -- mouse pointer indicates script activity [since FEDORA-2007-716]
111 CVE-2007-4211 version (dovecot, fixed 1.0.3) #251009 [since FEDORA-2007-664]
112 CVE-2007-4137 backport (qt) #292951 [since FEDORA-2007-703]
113 CVE-2007-4134 backport (star, fixed 1.5a84) #254129
114 CVE-2007-4131 backport (tar) #253684 [since FEDORA-2007-683]
115 CVE-2007-4045 backport (cups) [since FEDORA-2007-746]
116 CVE-2007-4029 backport (libvorbis) #250600 [since FEDORA-2007-677]
117 CVE-2007-4168 backport (libexif) #243892 [since FEDORA-2007-614]
118 CVE-2007-4033 backport (tetex) [since FEDORA-2007-750]
119 CVE-2007-4000 backport (krb5) [since FEDORA-2007-690]
120 CVE-2007-3999 backport (krb5) [since FEDORA-2007-690]
121 CVE-2007-3999 VULNERABLE (nfs-utils-lib) #294911
122 CVE-2007-3999 VULNERABLE (libtirpc) #294931
123 CVE-2007-3998 backport (php) [since FEDORA-2007-709]
124 CVE-2007-3996 backport (php) [since FEDORA-2007-709]
125 CVE-2007-3962 ignore (gftp) multiple buffer overflows in fsplib, not on Linux
126 CVE-2007-3961 ignore (gftp) off-by-one error in fsplib
127 CVE-2007-3920 VULNERABLE (compiz) #350271
128 CVE-2007-3919 backport (xen) #362001 [since FEDORA-2007-737]
129 CVE-2007-3852 backport (sysstat) #252296 [since FEDORA-2007-675]
130 CVE-2007-3848 version (kernel) [since FEDORA-2007-679]
131 CVE-2007-3847 version (httpd) #250756 [since FEDORA-2007-707]
132 CVE-2007-3845 ignore (firefox) windows specific
133 CVE-2007-3844 version (firefox, fixed 2.0.0.6) #250648 "fixed on next update"
134 CVE-2007-3843 version (kernel) #246595
135 CVE-2007-3841 ignore (pidgin) ethically disclosed
136 CVE-2007-3820 backport (kdebase) #248537 [since FEDORA-2007-716]
137 CVE-2007-3799 backport (php) [since FEDORA-2007-709]
138 CVE-2007-3798 version (tcpdump, fixed 3.9.7) #250290 [since FEDORA-2007-654]
139 CVE-2007-3782 VULNERABLE (mysql, fixed 5.0.45) #372881
140 CVE-2007-3781 VULNERABLE (mysql, fixed 5.0.45) #372881
141 CVE-2007-3780 VULNERABLE (mysql, fixed 5.0.45) #372881
142 CVE-2007-3642 version (kernel, fixed 2.6.22) [since FEDORA-2007-655]
143 CVE-2007-3511 version (mozilla) ff 2.0.0.8, tb 2.0.0.6, sm 1.1.5
144 CVE-2007-3508 ignore (glibc) not an issue
145 CVE-2007-3506 backport (freetype, fixed 2.3.4) #235479 [since FEDORA-2007-561]
146 CVE-2007-3478 version (gd, fixed 2.0.35) #277421 [since FEDORA-2007-692]
147 CVE-2007-3477 version (gd, fixed 2.0.35) #277421 [since FEDORA-2007-692]
148 CVE-2007-3476 version (gd, fixed 2.0.35) #277421 [since FEDORA-2007-692]
149 CVE-2007-3475 version (gd, fixed 2.0.35) #277421 [since FEDORA-2007-692]
150 CVE-2007-3474 version (gd, fixed 2.0.35) #277421 [since FEDORA-2007-692]
151 CVE-2007-3473 version (gd, fixed 2.0.35) #277421 [since FEDORA-2007-692]
152 CVE-2007-3472 version (gd, fixed 2.0.35) #277421 [since FEDORA-2007-692]
153 CVE-2007-3409 version (perl-Net-DNS, fixed 0.60) #245809
154 CVE-2007-3393 version (wireshark, fixed 0.99.6) [since FEDORA-2007-628]
155 CVE-2007-3392 version (wireshark, fixed 0.99.6) [since FEDORA-2007-628]
156 CVE-2007-3391 version (wireshark, fixed 0.99.6) [since FEDORA-2007-628]
157 CVE-2007-3390 version (wireshark, fixed 0.99.6) [since FEDORA-2007-628]
158 CVE-2007-3389 version (wireshark, fixed 0.99.6) [since FEDORA-2007-628]
159 CVE-2007-3388 backport (qt) [since FEDORA-2007-703]
160 CVE-2007-3387 VULNERABLE (poppler) #251513
161 CVE-2007-3387 backport (tetex) #251515 [since FEDORA-2007-669]
162 CVE-2007-3387 backport (kdegraphics) #251511 [since FEDORA-2007-685]
163 CVE-2007-3387 backport (cups) #251519 [since FEDORA-2007-644]
164 CVE-2007-3384 ignore (tomcat) only affects 3.3.x and just affects an example
165 CVE-2007-3381 version (gdm, fixed 2.18.4) #250277 [since FEDORA-2007-653]
166 CVE-2007-3378 ignore (php) safe mode escape
167 CVE-2007-3377 version (perl-Net-DNS, fixed 0.60) #245614 [since FEDORA-2007-609]
168 CVE-2007-3741 version (gimp, fixed 2.2.16) #247567 [since FEDORA-2007-627]
169 CVE-2007-3304 backport (httpd) #244660 [since FEDORA-2007-615]
170 CVE-2007-3257 backport (evolution) #244287 [since FEDORA-2007-594]
171 CVE-2007-3126 ignore (gimp) just a crash
172 CVE-2007-3108 backport (openssl) #250574 [since FEDORA-2007-661]
173 CVE-2007-3106 backport (libvorbis) #250600 [since FEDORA-2007-677]
174 CVE-2007-3102 backport (openssh) [since FEDORA-2007-715]
175 CVE-2007-2926 backport (bind, fixed 9.4.1) [since FEDORA-2007-647]
176 CVE-2007-2876 version (kernel, fixed 2.6.21.5) [since FEDORA-2007-600]
177 CVE-2007-2875 version (kernel) [since FEDORA-2007-600]
178 *CVE-2007-2874 ** (wpa_supplicant) #242455
179 CVE-2007-2873 version (spamassassin, fixed 3.1.9) [since FEDORA-2007-582]
180 CVE-2007-2872 backport (php) [since FEDORA-2007-709]
181 CVE-2007-2871 version (mozilla) #241840 [since FEDORA-2007-549]
182 CVE-2007-2870 version (mozilla) #241840 [since FEDORA-2007-549]
183 CVE-2007-2869 version (mozilla) #241840 [since FEDORA-2007-549]
184 CVE-2007-2868 version (mozilla) #241840 [since FEDORA-2007-549]
185 CVE-2007-2867 version (mozilla) #241840 [since FEDORA-2007-549]
186 CVE-2007-2834 backport (openoffice.org, fixed 2.3) #293371 [since FEDORA-2007-700]
187 CVE-2007-2799 version (file, fixed 4.21) #241034 [since FEDORA-2007-538]
188 CVE-2007-2797 version (xterm)
189 CVE-2007-2756 backport (php) [since FEDORA-2007-709]
190 CVE-2007-2453 version (kernel) [since FEDORA-2007-600]
191 CVE-2007-2451 version (kernel, fixed 2.6.21.4) [since FEDORA-2007-600]
192 CVE-2007-2445 backport (libpng) #239542 [since FEDORA-2007-529]
193 CVE-2007-2438 version (vim, fixed 7.0.235) #238734 [since FEDORA-2007-492]
194 CVE-2007-2292 version (mozilla) ff 2.0.0.8, tb 2.0.0.6, sm 1.1.5
195 CVE-2007-2242 version (kernel) [since FEDORA-2007-482]
196 CVE-2007-2138 version (postgresql, fixed 8.1.9) [since FEDORA-2007-565]
197 CVE-2007-2028 backport (freeradius) [since FEDORA-2007-499]
198 CVE-2007-1995 version (quagga, fixed 0.99.7) [since FEDORA-2007-525]
199 CVE-2007-1863 backport (httpd) #244660 [since FEDORA-2007-615]
200 CVE-2007-1862 backport (httpd) #244660 [since FEDORA-2007-615]
201 CVE-2007-1861 version (kernel) [since FEDORA-2007-482]
202 CVE-2007-1856 backport (vixie-cron) #235882 [since FEDORA-2007-662]
203 CVE-2007-1841 backport (ipsec-tools) #238052 [since FEDORA-2007-665]
204 CVE-2007-1797 backport (ImageMagick) #235075 [since FEDORA-2007-413]
205 CVE-2007-1667 backport (libX11) [since FEDORA-2007-426]
206 CVE-2007-1660 VULNERABLE (pcre, fixed 7.3) #378401
207 CVE-2007-1659 VULNERABLE (pcre, fixed 7.3) #378401
208 CVE-2007-1565 ignore (kdebase) client crash
209 CVE-2007-1564 ignore (kdebase) Correct behavior according to RFC
210 CVE-2007-1562 version (mozilla) #241840 [since FEDORA-2007-549]
211 CVE-2007-1558 backport (evolution) #235290 [since FEDORA-2007-484]
212 CVE-2007-1536 backport (file, fixed 4.20) #233164 [since FEDORA-2007-391]
213 CVE-2007-1475 ignore (php) unshipped ibase extension
214 CVE-2007-1420 ignore (mysql, fixed 5.0.36) #232604 mysql_safe keeps the server alive
215 CVE-2007-1413 ignore (php) Windows NT SNMP specific
216 CVE-2007-1412 ignore (php) unshipped cpdf extension
217 CVE-2007-1411 ignore (php) unshipped mssql extension
218 CVE-2007-1401 ignore (php) unshipped cracklib extension
219 CVE-2007-1396 ignore (php) feature, not a flaw
220 CVE-2007-1362 version (mozilla) #241840 [since FEDORA-2007-549]
221 CVE-2007-1357 version (kernel) [since FEDORA-2007-432]
222 CVE-2007-1352 backport (libXfont) #235265 [since FEDORA-2007-423]
223 CVE-2007-1351 backport (libXfont) #235265 [since FEDORA-2007-423]
224 CVE-2007-1349 backport (mod_perl) [since FEDORA-2007-577]
225 CVE-2007-1321 backport (xen) #238723 [since FEDORA-2007-713]
226 CVE-2007-1320 backport (xen) #238723 [since FEDORA-2007-713]
227 CVE-2007-1308 version (kdelibs)
228 CVE-2007-1263 version (gnupg, fixed 1.4.7) [since FEDORA-2007-315]
229 CVE-2007-1262 version (squirrelmail, fixed 1.4.10a) #239704 [since FEDORA-2007-505]
230 CVE-2007-1218 backport (tcpdump) 232349 [since FEDORA-2007-347]
231 CVE-2007-1095 version (mozilla) ff 2.0.0.8, tb 2.0.0.6, sm 1.1.5
232 CVE-2007-1006 version (ekiga, fixed 2.0.5) #229259 [since FEDORA-2007-322]
233 CVE-2007-1004 version (firefox) https://bugzilla.mozilla.org/show_bug.cgi?id=390627
234 CVE-2007-1003 backport (xorg-x11-server, fixed > X11R7.2) #235263 [since FEDORA-2007-425]
235 CVE-2007-1002 backport (evolution) #233587 [since FEDORA-2007-393]
236 CVE-2007-1000 version (kernel, fixed 2.6.20) [since FEDORA-2007-335]
237 CVE-2007-0998 backport (xen) #230295 [since FEDORA-2007-343]
238 CVE-2007-0981 version (mozilla)
239 CVE-2007-0823 ignore (xterm) feature, not a bug
240 CVE-2007-0822 ignore (util-linux) NULL dereference
241 CVE-2007-0772 version (kernel) [since FEDORA-2007-291]
242 CVE-2007-0770 ignore (ImageMagick) only if incomplete CVE-2006-5456
243 CVE-2007-0720 ignore (cups, fixed 1.2.7) cups is already updated
244 CVE-2007-0650 ignore (tetex) needs user's assistance
245 CVE-2007-0537 backport (kdebase) #225420 [since FEDORA-2007-195]
246 CVE-2007-0494 version (bind, fixed 9.3.4) #225268 [since FEDORA-2007-147]
247 CVE-2007-0493 version (bind, fixed 9.3.4) #224443 [since FEDORA-2007-147]
248 CVE-2007-0459 version (wireshark, fixed 0.99.5) #227140
249 CVE-2007-0458 version (wireshark, fixed 0.99.5) #227140
250 CVE-2007-0457 version (wireshark, fixed 0.99.5) #227140
251 CVE-2007-0456 version (wireshark, fixed 0.99.5) #227140
252 CVE-2007-0455 backport (gd) #224610 [since FEDORA-2007-149]
253 CVE-2007-0451 version (spamassassin, fixed 3.1.8) [since FEDORA-2007-241]
254 CVE-2007-0248 version (squid, fixed 2.6.STABLE7) [since FEDORA-2007-073]
255 CVE-2007-0247 version (squid, fixed 2.6.STABLE7) #222883 [since FEDORA-2007-073]
256 CVE-2007-0242 backport (qt) [since FEDORA-2007-703]
257 CVE-2007-0235 version (libgtop2, fixed 2.14.6) #222637 [since FEDORA-2007-657]
258 CVE-2007-0104 ignore (poppler) only client DoS
259 CVE-2007-0104 ignore (kdegraphics) only client DoS
260 CVE-2007-0086 ignore (apache) not a security issue
261 CVE-2007-0009 version (nss, fixed 3.11.5) (nspr, fixed 4.6.5) [since FEDORA-2007-279]
262 CVE-2007-0008 version (nss, fixed 3.11.5) (nspr, fixed 4.6.5) [since FEDORA-2007-279]
263 CVE-2007-0007 version (gnucash, fixed 2.0.5) since [FEDORA-2007-256] #223233
264 CVE-2007-0006 version (kernel, fixed 2.6.20) [since FEDORA-2007-335]
265 CVE-2007-0006 backport (kernel, fixed in -mm) [since FEDORA-2007-226]
266 CVE-2007-0005 version (kernel, fixed 2.6.20) [since FEDORA-2007-335]
267 CVE-2007-0002 version (libwpd, fixed 0.8.9) #222808 [since FEDORA-2007-351]
268 CVE-2006-7224 VULNERABLE (pcre, fixed 6.7) #378401
269 CVE-2006-7221 ignore (gftp) single zero byte overflow in fsplib
270 CVE-2006-6939 version (ed, fixed 0.3) #223075 [since FEDORA-2007-100]
271 CVE-2006-6899 version (bluez-utils, fixed 2.23)
272 CVE-2006-6870 version (avahi, fixed 0.6.16) #221440 [since FEDORA-2007-019]
273 CVE-2006-6772 backport (w3m) #221484 [since FEDORA-2007-077]
274 CVE-2006-6719 backport (wget) #221469 [since FEDORA-2007-043]
275 CVE-2006-6698 VULNERABLE (GConf2) #219280 wontfix
276 CVE-2006-6660 ignore (kdelibs) client Dos only, not reproducible
277 CVE-2006-6385 ignore (kernel) windows only
278 CVE-2006-6383 ignore (php) safe mode isn't safe
279 CVE-2006-6333 version (kernel, fixed 2.6.19.1) [since FEDORA-2007-058]
280 CVE-2006-6332 ignore (kernel) no support for madwifi
281 CVE-2006-6305 ignore (net-snmp) already have the backported patch
282 CVE-2006-6304 version (kernel, fixed 2.6.19.1) [since FEDORA-2007-058]
283 CVE-2006-6303 version (ruby, fixed 1.8.5.2) [since FEDORA-2006-1441]
284 CVE-2006-6297 ignore (kdegraphics) just a crash
285 CVE-2006-6235 backport (gnupg, fixed 1.4.6) [since FEDORA-2006-1406]
286 CVE-2006-6169 backport (gnupg, fixed 1.4.6) [since FEDORA-2006-1406]
287 CVE-2006-6144 ** (krb5)
288 CVE-2006-6143 ** (krb5)
289 CVE-2006-6142 backport (squirrelmail) #218297 [since FEDORA-2007-089]
290 CVE-2006-6128 backport (kernel) #250625 [since FEDORA-2007-226] This was bug in our patch, not upstream
291 CVE-2006-6107 backport (dbus, fixed 1.0.2) #219665 [since FEDORA-2006-1475]
292 CVE-2006-6106 version (kernel, fixed 2.6.19.2, fixed 2.6.20-rc5) [since FEDORA-2006-1471]
293 CVE-2006-6105 version (gdm, fixed 2.14.11) [since FEDORA-2006-1468]
294 CVE-2006-6104 backport (mono, fixed 1.1.13.8.2) #220853 [since FEDORA-2007-067]
295 CVE-2006-6097 backport (tar) [since FEDORA-2006-1393]
296 CVE-2006-6077 version (firefox, fixed 1.5.0.10) [since FEDORA-2007-293]
297 CVE-2006-6060 ignore (kernel, fixed 2.6.19-rc2) no NTFS support
298 CVE-2006-6058 VULNERABLE (kernel, fixed 2.6.24) #250623
299 CVE-2006-6057 version (kernel, fixed kernel-2_6_20-1_2924_fc6) [since FEDORA-2007-432]
300 CVE-2006-6056 version (kernel, fixed 2.6.19) [since FEDORA-2007-058] was backport since FEDORA-2006-1471
301 CVE-2006-6054 version (kernel, fixed fixed 2.6.19.2) [since FEDORA-2007-058]
302 CVE-2006-6053 version (kernel, fixed 2.6.19.2) [since FEDORA-2007-058] was backport since FEDORA-2006-1223
303 CVE-2006-5989 ignore (mod_auth_kerb) did not affect fc6
304 CVE-2006-5974 ignore (fetchmail, fixed 6.3.6) only 6.3.5
305 CVE-2006-5973 version (dovecot, fixed 1.0.rc15) #216508 [since ???]
306 CVE-2006-5925 backport (elinks) [since FEDORA-2006-1278] but was never vulneable as didn't have smbclient support
307 CVE-2006-5876 version (libsoup) #223144 [since FEDORA-2007-109]
308 CVE-2006-5871 version (kernel, fixed 2.6.10)
309 CVE-2006-5868 version (ImageMagick, fixed 6.2.9.1) #217560
310 CVE-2006-5867 version (fetchmail, fixed 6.3.6) #221984 [since FEDORA-2007-042]
311 CVE-2006-5864 backport (evince) #217672 [since ???]
312 CVE-2006-5823 version (kernel, fixed 2.6.19.2) [since FEDORA-2007-058] was backport since FEDORA-2006-1223
313 CVE-2006-5794 backport (openssh, fixed 4.5) #214641 [since FEDORA-2006-1215]
314 CVE-2006-5793 backport (libpng, fixed 1.2.13) #215405 [since FEDORA-2007-529]
315 CVE-2006-5783 ignore (firefox) disputed
316 CVE-2006-5779 version (openldap, fixed 2.3.29) #214768 [since FEDORA-2007-467]
317 CVE-2006-5757 version (kernel, fixed 2.6.19) [since FEDORA-2007-058] was backport since FEDORA-2006-1223
318 CVE-2006-5753 backport (kernel, fixed 2.6.20.1) [since FEDORA-2007-291]
319 CVE-2006-5752 backport (httpd) #244660 [since FEDORA-2007-615]
320 CVE-2006-5751 version (kernel, fixed 2.6.19, fixed 2.6.18.4) [since FEDORA-2006-1471]
321 CVE-2006-5749 version (kernel, fixed 2.6.20-rc2) [since FEDORA-2007-335]
322 CVE-2006-5748 version (thunderbird, fixed 1.5.0.8) [since FEDORA-2006-1192]
323 CVE-2006-5748 version (firefox, fixed 1.5.0.8) [since FEDORA-2006-1191]
324 CVE-2006-5747 version (thunderbird, fixed 1.5.0.8) [since FEDORA-2006-1192]
325 CVE-2006-5747 version (firefox, fixed 1.5.0.8) [since FEDORA-2006-1191]
326 CVE-2006-5706 ignore (php, fixed 5.2.0) safe mode isn't safe
327 CVE-2006-5701 version (kernel, fixed kernel-2_6_20-1_2927_fc6) #219534 [since FEDORA-2007-600]
328 CVE-2006-5633 ignore (firefox) just a client DoS
329 CVE-2006-5619 version (kernel, fixed 2.6.18.2, fixed 2.6.19-rc4) [since FEDORA-2006-1223]
330 CVE-2006-5595 version (wireshark, fixed 0.99.4) [since FEDORA-2006-1140]
331 CVE-2006-5542 version (postgresql, fixed 8.1.5) #212360 [since FEDORA-2007-053]
332 CVE-2006-5541 version (postgresql, fixed 8.1.5) #212360 [since FEDORA-2007-053]
333 CVE-2006-5540 version (postgresql, fixed 8.1.5) #212360 [since FEDORA-2007-053]
334 CVE-2006-5470 version (wireshark, fixed 0.99.4) [since FEDORA-2006-1140]
335 CVE-2006-5469 version (wireshark, fixed 0.99.4) [since FEDORA-2006-1140]
336 CVE-2006-5468 version (wireshark, fixed 0.99.4) [since FEDORA-2006-1140]
337 CVE-2006-5467 backport (ruby) #212396 [since FEDORA-2006-1109]
338 CVE-2006-5466 version (rpm) #212833 [since FEDORA-2007-668]
339 CVE-2006-5465 backport (php, fixed 5.2.0) #213732 [since FEDOA-2006-1169]
340 CVE-2006-5464 version (thunderbird, fixed 1.5.0.8) [since FEDORA-2006-1192]
341 CVE-2006-5464 version (firefox, fixed 1.5.0.8) [since FEDORA-2006-1191]
342 CVE-2006-5463 version (thunderbird, fixed 1.5.0.8) [since FEDORA-2006-1192]
343 CVE-2006-5463 version (firefox, fixed 1.5.0.8) [since FEDORA-2006-1191]
344 CVE-2006-5462 version (thunderbird, fixed 1.5.0.8) [since FEDORA-2006-1192]
345 CVE-2006-5462 version (firefox, fixed 1.5.0.8) [since FEDORA-2006-1191]
346 CVE-2006-5461 version (avahi, fixed 0.6.15) [since FEDORA-2007-019]
347 CVE-2006-5456 backport (ImageMagick) #210921 [since FEDORA-2006-1285]
348 CVE-2006-5397 backport (libX11, 1.0.2 and 1.0.3 only) #213280 [since FEDORA-2007-162]
349 CVE-2006-5331 version (kernel, fixed 2.6.19) [since FEDORA-2007-058]
350 CVE-2006-5298 backport (mutt) [since FEDORA-2006-1063]
351 CVE-2006-5297 backport (mutt) [since FEDORA-2006-1063]
352 CVE-2006-5229 ignore (openssh) not reproduced
353 CVE-2006-5215 version (xorg-x11-xdm)
354 CVE-2006-5215 ignore (kdebase) #212166 links to xinit Xsession
355 CVE-2006-5215 ignore (xorg-x11-xinit) #212167 FC6 was not vulnerabe really
356 CVE-2006-5214 version (xorg-x11-xdm)
357 CVE-2006-5214 ignore (kdebase) #212166 links to xinit Xsession
358 CVE-2006-5214 backport (xorg-x11-xinit) #212167 [since FEDORA-2007-659]
359 CVE-2006-5178 ignore (php) safe mode escape
360 CVE-2006-5174 ignore (kernel, fixed 2.6.19-rc1) s390 only
361 CVE-2006-5173 ignore (kernel, fixed 2.6.18) protected by exec-shield
362 CVE-2006-5170 version (nss_ldap, fixed 183)
363 CVE-2006-5160 ignore (firefox) unverified
364 CVE-2006-5159 ignore (firefox) unverified
365 CVE-2006-5158 version (kernel, fixed 2.6.15)
366 CVE-2006-5072 backport (mono)
367 CVE-2006-5052 backport (openssh, fixed 4.4) [since FEDORA-2007-394]
368 CVE-2006-5051 backport (openssh, fixed 4.4)
369 CVE-2006-4997 version (kernel, fixed 2.6.18)
370 CVE-2006-4980 version (python, fixed 2.4.4 at least) [since FEDORA-2006-1050] was backport since GA
371 CVE-2006-4965 ignore (firefox, fixed 2.0.0.7) windows only
372 CVE-2006-4965 ignore (seamonkey) windows only
373 CVE-2006-4925 ignore (openssh) client crash only
374 CVE-2006-4924 backport (openssh, fixed 4.4)
375 CVE-2006-4842 ignore (nspr) Nothing setuid links with nspr
376 CVE-2006-4814 version (kernel, fixed 2.6.19.2) [since FEDORA-2007-058]
377 CVE-2006-4813 version (kernel, fixed 2.6.13)
378 CVE-2006-4812 backport (php) php-5.1.6-ecalloc.patch
379 CVE-2006-4811 version (qt, fixed 3.3.7) [since FEDORA-2006-1055]
380 CVE-2006-4810 backport (texinfo) [since FEDORA-2006-1203]
381 CVE-2006-4805 version (wireshark, fixed 0.99.4) [since FEDORA-2006-1140]
382 CVE-2006-4790 backport (gnutls, fixed 1.4.4)
383 CVE-2006-4663 ignore (kernel) not a vulnerability
384 CVE-2006-4625 ignore (php) safe mode isn't safe
385 CVE-2006-4624 version (mailman, fixed 2.1.9rc1)
386 CVE-2006-4623 version (kernel, fixed 2.6.18-rc1)
387 CVE-2006-4600 version (openldap, fixed 2.3.25)
388 CVE-2006-4574 version (wireshark, fixed 0.99.4) [since FEDORA-2006-1140]
389 CVE-2006-4573 version (screen, fixed 4.0.3) #212057 [since FEDORA-2007-106]
390 CVE-2006-4572 version (kernel, fixed 2.6.19) [since FEDORA-2007-058]
391 CVE-2006-4571 version (thunderbird, fixed 1.5.0.7)
392 CVE-2006-4571 version (firefox, fixed 1.5.0.7)
393 CVE-2006-4570 version (thunderbird, fixed 1.5.0.7)
394 CVE-2006-4569 version (firefox, fixed 1.5.0.7)
395 CVE-2006-4568 version (firefox, fixed 1.5.0.7)
396 CVE-2006-4567 version (thunderbird, fixed 1.5.0.7)
397 CVE-2006-4567 version (firefox, fixed 1.5.0.7)
398 CVE-2006-4566 version (thunderbird, fixed 1.5.0.7)
399 CVE-2006-4566 version (firefox, fixed 1.5.0.7)
400 CVE-2006-4565 version (thunderbird, fixed 1.5.0.7)
401 CVE-2006-4565 version (firefox, fixed 1.5.0.7)
402 CVE-2006-4561 ignore (firefox) An attacker needs to control DNS
403 CVE-2006-4538 version (kernel, fixed after 2.6.18-rc6)
404 CVE-2006-4535 version (kernel, fixed 2.6.18-rc6)
405 CVE-2006-4519 version (gimp, fixed 2.2.16) #247567 [since FEDORA-2007-627]
406 CVE-2006-4514 backport (libgsf) [since FEDORA-2006-1417]
407 CVE-2006-4507 ignore (libtiff) can't reproduce
408 CVE-2006-4486 version (php, fixed 5.1.6)
409 CVE-2006-4485 version (php, fixed 5.1.5)
410 CVE-2006-4484 version (php, fixed 5.1.5)
411 CVE-2006-4484 ignore (gd)
412 CVE-2006-4483 ignore (php) not linux
413 CVE-2006-4482 version (php, fixed 5.1.5)
414 CVE-2006-4481 ignore (php) safe mode isn't safe
415 CVE-2006-4455 ignore (xchat) client DoS
416 CVE-2006-4447 ignore (xorg) not a security issue
417 CVE-2006-4434 ignore (sendmail, fixed 8.13.8) not exploitable
418 CVE-2006-4433 version (php, fixed 5.1.4)
419 CVE-2006-4433 version (php, fixed 5.1.4)
420 CVE-2006-4380 version (mysql, fixed 4.1.13)
421 CVE-2006-4343 backport (openssl, fixed 0.9.8d)
422 CVE-2006-4342 ignore (kernel) rhel3 only
423 CVE-2006-4340 version (nss, fixed 3.11.3)
424 CVE-2006-4339 backport (openssl097)
425 CVE-2006-4339 backport (openssl, fixed 0.9.8c)
426 CVE-2006-4338 backport (gzip)
427 CVE-2006-4337 backport (gzip)
428 CVE-2006-4336 backport (gzip)
429 CVE-2006-4335 backport (gzip)
430 CVE-2006-4334 backport (gzip)
431 CVE-2006-4333 version (wireshark, fixed 0.99.3)
432 CVE-2006-4332 version (wireshark, fixed 0.99.3)
433 CVE-2006-4331 version (wireshark, fixed 0.99.3)
434 CVE-2006-4330 version (wireshark, fixed 0.99.3)
435 CVE-2006-4310 ignore (firefox) crash only
436 CVE-2006-4262 backport (cscope)
437 CVE-2006-4253 version (thunderbird, fixed 1.5.0.7)
438 CVE-2006-4253 version (firefox, fixed 1.5.0.7)
439 CVE-2006-4227 version (mysql, fixed 5.0.26,5.1.12) #203434 [since FEDORA-2006-1297]
440 CVE-2006-4226 version (mysql, fixed 5.0.26,5.1.12) #203428 [since FEDORA-2006-1297]
441 CVE-2006-4146 backport (gdb)
442 CVE-2006-4145 version (kernel, fixed 2.6.17.10, fixed 2.6.18-rc5) needs a better upstream fix
443 CVE-2006-4144 backport (ImageMagick, fixed 6.2.9)
444 CVE-2006-4096 backport (bind)
445 CVE-2006-4095 backport (bind)
446 CVE-2006-4093 version (kernel, fixed 2.6.17.9, fixed 2.6.18-rc5)
447 CVE-2006-4031 version (mysql, fixed 5.0.24) #202675 [since FEDORA-2006-1297]
448 CVE-2006-4020 version (php, fixed 5.1.5)
449 CVE-2006-4019 version (squirrelmail, fixed 1.4.8)
450 CVE-2006-3918 version (httpd, fixed 2.2.2)
451 CVE-2006-3879 version (mikmod, not 3.1.6)
452 CVE-2006-3835 version (tomcat, fixed 5.5.17)
453 CVE-2006-3813 version (perl) only Red Hat Enterprise Linux affected
454 CVE-2006-3812 version (thunderbird, fixed 1.5.0.5)
455 CVE-2006-3812 version (firefox, fixed 1.5.0.5)
456 CVE-2006-3811 version (thunderbird, fixed 1.5.0.5)
457 CVE-2006-3811 version (firefox, fixed 1.5.0.5)
458 CVE-2006-3810 version (thunderbird, fixed 1.5.0.5)
459 CVE-2006-3810 version (firefox, fixed 1.5.0.5)
460 CVE-2006-3809 version (thunderbird, fixed 1.5.0.5)
461 CVE-2006-3809 version (firefox, fixed 1.5.0.5)
462 CVE-2006-3808 version (thunderbird, fixed 1.5.0.5)
463 CVE-2006-3808 version (firefox, fixed 1.5.0.5)
464 CVE-2006-3807 version (thunderbird, fixed 1.5.0.5)
465 CVE-2006-3807 version (firefox, fixed 1.5.0.5)
466 CVE-2006-3806 version (thunderbird, fixed 1.5.0.5)
467 CVE-2006-3806 version (firefox, fixed 1.5.0.5)
468 CVE-2006-3805 version (thunderbird, fixed 1.5.0.5)
469 CVE-2006-3805 version (firefox, fixed 1.5.0.5)
470 CVE-2006-3804 version (thunderbird, fixed 1.5.0.5)
471 CVE-2006-3804 version (firefox, fixed 1.5.0.5)
472 CVE-2006-3803 version (thunderbird, fixed 1.5.0.5)
473 CVE-2006-3803 version (firefox, fixed 1.5.0.5)
474 CVE-2006-3802 version (thunderbird, fixed 1.5.0.5)
475 CVE-2006-3802 version (firefox, fixed 1.5.0.5)
476 CVE-2006-3801 version (thunderbird, fixed 1.5.0.5)
477 CVE-2006-3801 version (firefox, fixed 1.5.0.5)
478 CVE-2006-3747 version (httpd, fixed 2.2.3)
479 CVE-2006-3746 version (gnupg, fixed 1.4.5)
480 CVE-2006-3745 version (kernel, fixed 2.6.17.10, fixed 2.6.18-rc5)
481 CVE-2006-3744 backport (ImageMagick)
482 CVE-2006-3743 backport (ImageMagick)
483 CVE-2006-3742 backport (kdebase) inside kdebase-3.5.5-redhat-pam.patch
484 CVE-2006-3741 ignore (kernel, fixed 2.6.18-rc7) ia64 only
485 CVE-2006-3740 version (libXfont, fixed 1.2.2)
486 CVE-2006-3739 version (libXfont, fixed 1.2.2)
487 CVE-2006-3738 backport (openssl, fixed 0.9.8d)
488 CVE-2006-3731 ignore (firefox) just a user complicit crash
489 CVE-2006-3694 version (ruby, fixed 1.8.5)
490 CVE-2006-3677 version (thunderbird, fixed 1.5.0.5)
491 CVE-2006-3677 version (firefox, fixed 1.5.0.5)
492 CVE-2006-3672 ignore (konqueror) just a crash
493 CVE-2006-3665 ignore (squirrelmail) don't enable register_globals!
494 CVE-2006-3636 version (mailman, fixed 2.1.9)
495 CVE-2006-3634 ignore (kernel, fixed 2.6.17.8) s390 only
496 CVE-2006-3632 version (wireshark, fixed 0.99.2)
497 CVE-2006-3631 version (wireshark, fixed 0.99.2)
498 CVE-2006-3630 version (wireshark, fixed 0.99.2)
499 CVE-2006-3629 version (wireshark, fixed 0.99.2)
500 CVE-2006-3628 version (wireshark, fixed 0.99.2)
501 CVE-2006-3627 version (wireshark, fixed 0.99.2)
502 CVE-2006-3626 version (kernel, fixed 2.6.17.6)
503 CVE-2006-3619 version (gcc, fixed 4.1.1-20060828 at least)
504 CVE-2006-3486 ignore (mysql, fixed 5.0.23) not exploitable
505 CVE-2006-3469 version (mysql)
506 CVE-2006-3468 version (kernel, fixed 2.6.17.8, fixed 2.6.18-rc4)
507 CVE-2006-3467 version (freetype, fixed 2.2)
508 CVE-2006-3467 ignore (vnc) #204052 not a vulnerability
509 CVE-2006-3467 backport (libXfont) fdo-7535.patch
510 CVE-2006-3465 backport (libtiff) libtiff-3.8.2-ormandy.patch
511 CVE-2006-3464 backport (libtiff) libtiff-3.8.2-ormandy.patch
512 CVE-2006-3463 backport (libtiff) libtiff-3.8.2-ormandy.patch
513 CVE-2006-3462 backport (libtiff) libtiff-3.8.2-ormandy.patch
514 CVE-2006-3461 backport (libtiff) libtiff-3.8.2-ormandy.patch
515 CVE-2006-3460 backport (libtiff) libtiff-3.8.2-ormandy.patch
516 CVE-2006-3459 backport (libtiff) libtiff-3.8.2-ormandy.patch
517 CVE-2006-3404 version (gimp, fixed 2.2.12)
518 CVE-2006-3403 version (samba, fixed 3.0.23)
519 CVE-2006-3378 ignore (shadow-utils) we don't ship passwd from shadow-utils
520 CVE-2006-3376 backport (libwmf) from changelog
521 CVE-2006-3352 ignore (firefox) not a vulnerability
522 CVE-2006-3334 ignore (libpng, fixed 1.2.12) not exploitable
523 CVE-2006-3242 version (mutt, fixed 1.4.2.2, 1.5.12)
524 CVE-2006-3174 version (squirrelmail, fixed 1.4.7)
525 CVE-2006-3145 version (netpbm, fixed 10.34)
526 CVE-2006-3127 version (nss, only affected 3.11)
527 CVE-2006-3122 version (dhcp, only 2.x)
528 CVE-2006-3117 version (openoffice.org, fixed 2.0.3)
529 CVE-2006-3113 version (thunderbird, fixed 1.5.0.5)
530 CVE-2006-3113 version (firefox, fixed 1.5.0.5)
531 CVE-2006-3085 version (kernel, fixed 2.6.17.1)
532 CVE-2006-3084 ignore (krb5) seteuid() calls never fail on linux
533 CVE-2006-3083 backport (krb5, fixed 1.5.1, 1.4.4)
534 CVE-2006-3082 version (gnupg, fixed 1.4.4)
535 CVE-2006-3081 version (mysql, fixed 5.1.18)
536 CVE-2006-3057 version (dhcdbd, fixed 1.14)
537 CVE-2006-3018 version (php, fixed 5.1.3)
538 CVE-2006-3017 version (php, fixed 5.1.3)
539 CVE-2006-3016 version (php, fixed 5.1.3)
540 CVE-2006-3011 ignore (php) safe mode isn't safe
541 CVE-2006-3005 ignore (libjpeg) not a vuln
542 CVE-2006-2941 version (mailman, fixed 2.1.9)
543 CVE-2006-2940 backport (openssl, fixed 0.9.8d)
544 CVE-2006-2937 backport (openssl, fixed 0.9.8d)
545 CVE-2006-2936 version (kernel, fixed 2.6.17.7)
546 CVE-2006-2935 version (kernel, fixed 2.6.17.7)
547 CVE-2006-2934 version (kernel, fixed 2.6.17.3)
548 CVE-2006-2933 version (kde, not 3.2+)
549 CVE-2006-2932 ignore (kernel) no 4G/4G split support
550 CVE-2006-2916 ignore (arts) not shipped setuid
551 CVE-2006-2906 backport (gd) from changelog
552 CVE-2006-2894 version (firefox, fixed 2.0.0.8)
553 CVE-2006-2842 version (squirrelmail, fixed 1.4.6)
554 CVE-2006-2789 version (evolution, fixed 2.4.X)
555 CVE-2006-2788 version (firefox, fixed 1.5.0.4)
556 CVE-2006-2787 version (thunderbird, fixed 1.5.0.4)
557 CVE-2006-2787 version (firefox, fixed 1.5.0.4)
558 CVE-2006-2786 version (thunderbird, fixed 1.5.0.4)
559 CVE-2006-2786 version (firefox, fixed 1.5.0.4)
560 CVE-2006-2785 version (firefox, fixed 1.5.0.4)
561 CVE-2006-2784 version (firefox, fixed 1.5.0.4)
562 CVE-2006-2783 version (thunderbird, fixed 1.5.0.4)
563 CVE-2006-2783 version (firefox, fixed 1.5.0.4)
564 CVE-2006-2782 version (firefox, fixed 1.5.0.4)
565 CVE-2006-2781 version (thunderbird, fixed 1.5.0.4)
566 CVE-2006-2780 version (thunderbird, fixed 1.5.0.4)
567 CVE-2006-2780 version (firefox, fixed 1.5.0.4)
568 CVE-2006-2779 version (thunderbird, fixed 1.5.0.4)
569 CVE-2006-2779 version (firefox, fixed 1.5.0.4)
570 CVE-2006-2778 version (thunderbird, fixed 1.5.0.4)
571 CVE-2006-2778 version (firefox, fixed 1.5.0.4)
572 CVE-2006-2777 version (firefox, fixed 1.5.0.4)
573 CVE-2006-2776 version (thunderbird, fixed 1.5.0.4)
574 CVE-2006-2776 version (firefox, fixed 1.5.0.4)
575 CVE-2006-2775 version (thunderbird, fixed 1.5.0.4)
576 CVE-2006-2775 version (firefox, fixed 1.5.0.4)
577 CVE-2006-2754 ignore (openldap) This issue is not exploitable
578 CVE-2006-2753 version (mysql, fixed 5.0.22)
579 CVE-2006-2723 ignore (firefox) disputed
580 CVE-2006-2661 version (freetype, fixed 2.2.1)
581 CVE-2006-2660 ignore (php) see #195539
582 CVE-2006-2656 backport (libtiff) tiffsplit-overflow.patch
583 CVE-2006-2629 ignore (kernel) couldn't be reproduced on FC
584 CVE-2006-2613 ignore (firefox) This isn't an issue on FC
585 CVE-2006-2607 backport (vixie-cron) vixie-cron-4.1-_42-bz178431.patch
586 CVE-2006-2563 ignore (php) safe mode isn't safe
587 CVE-2006-2452 version (gdm)
588 CVE-2006-2451 version (kernel, fixed 2.6.17.4)
589 CVE-2006-2449 version (kdebase, fixed 3.5.4)
590 CVE-2006-2448 version (kernel, fixed 2.6.17)
591 CVE-2006-2447 version (spamassassin, fixed 3.1.3)
592 CVE-2006-2446 version (kernel, fixed 2.6.11)
593 CVE-2006-2445 version (kernel, fixed 2.6.17)
594 CVE-2006-2444 version (kernel, fixed 2.6.17)
595 CVE-2006-2440 version (ImageMagick, fixed 6.2.8 at least)
596 CVE-2006-2414 version (dovecot, fixed 1.0.beta8) not a security issue
597 CVE-2006-2369 version (vnc, fixed 4.1.2)
598 CVE-2006-2366 ignore (openobex) we don't ship ircp
599 CVE-2006-2362 ignore (binutils) minor crash (not exploitable)
600 CVE-2006-2332 ignore (firefox) disputed
601 CVE-2006-2314 version (postgresql, fixed 8.1.4)
602 CVE-2006-2313 version (postgresql, fixed 8.1.4)
603 CVE-2006-2276 version (quagga, fixed 0.98.6)
604 CVE-2006-2275 version (kernel, fixed 2.6.16.15)
605 CVE-2006-2274 version (kernel, fixed 2.6.16.15)
606 CVE-2006-2272 version (kernel, fixed 2.6.16.15)
607 CVE-2006-2271 version (kernel, fixed 2.6.16.15)
608 CVE-2006-2224 version (quagga, fixed 0.98.6)
609 CVE-2006-2223 version (quagga, fixed 0.98.6)
610 CVE-2006-2199 version (openoffice.org, fixed 2.0.3)
611 CVE-2006-2198 version (openoffice.org, fixed 2.0.3)
612 CVE-2006-2194 ignore (ppp) pppd not suid
613 CVE-2006-2193 backport (libtiff) libtiff-3.8.2-CVE-2006-2193.patch
614 CVE-2006-2191 ignore (mailman) disputed
615 CVE-2006-2120 version (libtiff, fixed 3.8.2 at least)
616 CVE-2006-2083 version (rsync, fixed 2.6.8)
617 CVE-2006-2073 ignore (bind) http://www.kb.cert.org/vuls/id/MIMG-6P8GRP
618 CVE-2006-2071 version (kernel, fixed 2.6.16.6)
619 CVE-2006-2057 ignore (firefox) not Linux
620 CVE-2006-2026 version (libtiff, fixed 3.8.1)
621 CVE-2006-2025 version (libtiff, fixed 3.8.1)
622 CVE-2006-2024 version (libtiff, fixed 3.8.1)
623 CVE-2006-1993 version (firefox, fixed 1.5.0.3)
624 CVE-2006-1991 version (php)
625 CVE-2006-1990 version (php)
626 CVE-2006-1942 version (firefox, fixed 1.5.0.4)
627 CVE-2006-1940 version (wireshark, fixed 0.99.0)
628 CVE-2006-1939 version (wireshark, fixed 0.99.0)
629 CVE-2006-1938 version (wireshark, fixed 0.99.0)
630 CVE-2006-1937 version (wireshark, fixed 0.99.0)
631 CVE-2006-1936 version (wireshark, fixed 0.99.0)
632 CVE-2006-1935 version (wireshark, fixed 0.99.0)
633 CVE-2006-1934 version (wireshark, fixed 0.99.0)
634 CVE-2006-1933 version (wireshark, fixed 0.99.0)
635 CVE-2006-1932 version (wireshark, fixed 0.99.0)
636 CVE-2006-1931 version (ruby, fixed 1.8.3)
637 CVE-2006-1902 ignore (gcc) not a vulnerability
638 CVE-2006-1865 version (beagle, fixed 0.2.5)
639 CVE-2006-1864 ignore (kernel, fixed 2.6.16.14) not compiled in
640 CVE-2006-1863 version (kernel, fixed 2.6.16.11)
641 CVE-2006-1862 version (kernel) not upstream kernels, only RHEL
642 CVE-2006-1861 version (freetype, fixed 2.2.1)
643 CVE-2006-1860 version (kernel, fixed 2.6.16.16)
644 CVE-2006-1859 version (kernel, fixed 2.6.16.16)
645 CVE-2006-1858 version (kernel, fixed 2.6.16.17)
646 CVE-2006-1857 version (kernel, fixed 2.6.16.17)
647 CVE-2006-1856 version (kernel, fixed 2.6.16.12)
648 CVE-2006-1855 version (kernel, fixed 2.6.11.12)
649 CVE-2006-1790 version (thunderbird, fixed 1.5.0.2)
650 CVE-2006-1790 version (firefox, fixed 1.5.0.2)
651 CVE-2006-1742 version (thunderbird, fixed 1.5.0.2)
652 CVE-2006-1742 version (firefox, fixed 1.5.0.2)
653 CVE-2006-1741 version (thunderbird, fixed 1.5.0.2)
654 CVE-2006-1741 version (firefox, fixed 1.5.0.2)
655 CVE-2006-1740 version (firefox, fixed 1.5.0.2)
656 CVE-2006-1739 version (thunderbird, fixed 1.5.0.2)
657 CVE-2006-1739 version (firefox, fixed 1.5.0.2)
658 CVE-2006-1738 version (thunderbird, fixed 1.5.0.2)
659 CVE-2006-1738 version (firefox, fixed 1.5.0.2)
660 CVE-2006-1737 version (thunderbird, fixed 1.5.0.2)
661 CVE-2006-1737 version (firefox, fixed 1.5.0.2)
662 CVE-2006-1736 version (firefox, fixed 1.5.0.2)
663 CVE-2006-1735 version (thunderbird, fixed 1.5.0.2)
664 CVE-2006-1735 version (firefox, fixed 1.5.0.2)
665 CVE-2006-1734 version (thunderbird, fixed 1.5.0.2)
666 CVE-2006-1734 version (firefox, fixed 1.5.0.2)
667 CVE-2006-1733 version (thunderbird, fixed 1.5.0.2)
668 CVE-2006-1733 version (firefox, fixed 1.5.0.2)
669 CVE-2006-1732 version (thunderbird, fixed 1.5.0.2)
670 CVE-2006-1732 version (firefox, fixed 1.5.0.2)
671 CVE-2006-1731 version (thunderbird, fixed 1.5.0.2)
672 CVE-2006-1731 version (firefox, fixed 1.5.0.2)
673 CVE-2006-1730 version (thunderbird, fixed 1.5.0.2)
674 CVE-2006-1730 version (firefox, fixed 1.5.0.2)
675 CVE-2006-1729 version (firefox, fixed 1.5.0.2)
676 CVE-2006-1728 version (thunderbird, fixed 1.5.0.2)
677 CVE-2006-1728 version (firefox, fixed 1.5.0.2)
678 CVE-2006-1727 version (thunderbird, fixed 1.5.0.2)
679 CVE-2006-1727 version (firefox, fixed 1.5.0.2)
680 CVE-2006-1726 version (thunderbird, fixed 1.5.0.2)
681 CVE-2006-1726 version (firefox, fixed 1.5.0.2)
682 CVE-2006-1725 version (firefox, fixed 1.5.0.2)
683 CVE-2006-1724 version (thunderbird, fixed 1.5.0.2)
684 CVE-2006-1724 version (firefox, fixed 1.5.0.2)
685 CVE-2006-1723 version (thunderbird, fixed 1.5.0.2)
686 CVE-2006-1723 version (firefox, fixed 1.5.0.2)
687 CVE-2006-1721 version (cyrus-sasl, fixed 2.1.21)
688 CVE-2006-1712 version (mailman, only 2.1.7)
689 CVE-2006-1650 ignore (firefox) a number of reports don't confirm this
690 CVE-2006-1646 ignore (ipsec-tools) KAME racoon, not ipsec-tools racoon
691 CVE-2006-1624 ignore (sysklogd) Silly configuration is not a security issue
692 CVE-2006-1608 ignore (php) safe mode isn't safe
693 CVE-2006-1549 ignore (php) this is not a security issue
694 CVE-2006-1548 version (struts, fixed 1.2.9)
695 CVE-2006-1547 version (struts, fixed 1.2.9)
696 CVE-2006-1546 version (struts, fixed 1.2.9)
697 CVE-2006-1542 backport (python) python-2.4.1-canonicalize.patch
698 CVE-2006-1531 version (thunderbird, fixed 1.5.0.2)
699 CVE-2006-1531 version (firefox, fixed 1.5.0.2)
700 CVE-2006-1530 version (thunderbird, fixed 1.5.0.2)
701 CVE-2006-1530 version (firefox, fixed 1.5.0.2)
702 CVE-2006-1529 version (thunderbird, fixed 1.5.0.2)
703 CVE-2006-1529 version (firefox, fixed 1.5.0.2)
704 CVE-2006-1528 version (kernel, fixed 2.6.13)
705 CVE-2006-1527 version (kernel, fixed 2.6.17)
706 CVE-2006-1526 version (xorg-x11-server, fixed 1.1.1 at least)
707 CVE-2006-1525 version (kernel, fixed 2.6.16.8)
708 CVE-2006-1524 version (kernel, fixed 2.6.16.7)
709 CVE-2006-1523 version (kernel, fixed 2.6.16.4)
710 CVE-2006-1522 version (kernel, fixed 2.6.16.3)
711 CVE-2006-1518 version (mysql, fixed 5.0.21)
712 CVE-2006-1517 version (mysql, fixed 5.0.21)
713 CVE-2006-1516 version (mysql, fixed 5.0.21)
714 CVE-2006-1494 version (php)
715 CVE-2006-1490 version (php, fixed 5.1.4)
716 CVE-2006-1470 version (openldap, not 2.3.24 at least)
717 CVE-2006-1368 version (kernel, fixed 2.6.16)
718 CVE-2006-1354 version (freeradius, fixed 1.1.2 at least)
719 CVE-2006-1343 version (kernel, fixed 2.6.16.19)
720 CVE-2006-1342 version (kernel, not 2.6)
721 CVE-2006-1335 version (gnome-screensaver, fixed 2.14)
722 CVE-2006-1296 version (beagle, fixed 0.2.4)
723 CVE-2006-1273 ignore (firefox) this issue only affects IE
724 CVE-2006-1242 version (kernel, fixed 2.6.16.1)
725 CVE-2006-1174 version (shadow-utils, fixed 4.0.3)
726 CVE-2006-1173 version (sendmail, fixed 8.13.7)
727 CVE-2006-1168 backport (ncompress) ncompress-4.2.4-bssUnderflow.patch
728 CVE-2006-1095 version (mod_python, 3.2.7 only)
729 CVE-2006-1079 ignore (httpd) not a vulnerability
730 CVE-2006-1078 ignore (httpd) not a vulnerability
731 CVE-2006-1066 version (kernel, fixed 2.6.16)
732 CVE-2006-1061 version (curl, fixed 7.15.3)
733 CVE-2006-1059 version (samba, fixed 3.0.22 at least)
734 CVE-2006-1058 version (busybox, fixed 1.2.x)
735 CVE-2006-1057 version (gdm, fixed 2.14.1)
736 CVE-2006-1056 version (kernel, fixed 2.6.16.9)
737 CVE-2006-1055 version (kernel, fixed 2.6.17)
738 CVE-2006-1052 version (kernel, fixed 2.6.16)
739 CVE-2006-1045 version (thunderbird, fixed 1.5.0.2)
740 CVE-2006-1015 ignore (php) safe mode isn't safe
741 CVE-2006-1014 ignore (php) safe mode isn't safe
742 CVE-2006-0996 version (php, fixed 5.1.4)
743 CVE-2006-0903 version (mysql, 4.1.19)
744 CVE-2006-0884 version (thunderbird, fixed 1.5.0.2)
745 CVE-2006-0836 ignore (thunderbird) only crash on manual import
746 CVE-2006-0749 version (thunderbird, fixed 1.5.0.2)
747 CVE-2006-0749 version (firefox, fixed 1.5.0.2)
748 CVE-2006-0748 version (thunderbird, fixed 1.5.0.2)
749 CVE-2006-0748 version (firefox, fixed 1.5.0.2)
750 CVE-2006-0747 version (freetype, fixed 2.2.1)
751 CVE-2006-0746 version (kdegraphics, fixed 3.4)
752 CVE-2006-0745 version (xorg-x11-server, fixed 1.1.1 at least)
753 CVE-2006-0744 version (kernel, fixed 2.6.16.5)
754 CVE-2006-0742 version (kernel, fixed 2.6.16)
755 CVE-2006-0741 version (kernel, fixed 2.6.15.5)
756 CVE-2006-0730 version (dovecot, 1.0beta[12] only)
757 CVE-2006-0678 ignore (postgresql) we don't build --enable-cassert
758 CVE-2006-0670 version (bluez-hcidump, fixed 1.30)
759 CVE-2006-0645 version (gnutls, fixed 1.2.10)
760 CVE-2006-0591 version (postgresql, fixed 8.0.6)
761 CVE-2006-0576 version (oprofile, fixed 0.9.2 at least) [since FEDORA-2006-1172] was backport since GA
762 CVE-2006-0558 version (kernel, fixed 2.6.16)
763 CVE-2006-0557 version (kernel, fixed 2.6.15.6)
764 CVE-2006-0555 version (kernel, fixed 2.6.16)
765 CVE-2006-0554 version (kernel, fixed 2.6.16)
766 CVE-2006-0553 version (postgresql, only 8.1, fixed 8.1.3)
767 CVE-2006-0528 version (cairo, fixed 1.0.4)
768 CVE-2006-0496 VULNERABLE (firefox) https://bugzilla.mozilla.org/show_bug.cgi?id=324253
769 CVE-2006-0482 ignore (kernel) sparc only
770 CVE-2006-0481 version (libpng, 1.2.7 only)
771 CVE-2006-0459 version (flex) by inspection
772 CVE-2006-0457 version (kernel, fixed 2.6.16)
773 CVE-2006-0456 ignore (kernel) s390 only
774 CVE-2006-0455 version (gnupg, fixed 1.4.2.1)
775 CVE-2006-0454 version (kernel, fixed 2.6.15.3)
776 CVE-2006-0405 version (libtiff, 3.8.0 only)
777 CVE-2006-0377 version (squirrelmail, fixed 1.4.6)
778 CVE-2006-0369 ignore (mysql) this is not a security issue
779 CVE-2006-0321 version (fetchmail, fixed 6.3.2)
780 CVE-2006-0301 version (poppler, fixed 0.4.5)
781 CVE-2006-0301 version (kdegraphics, fixed 3.5.2)
782 CVE-2006-0300 version (tar, fixed 1.15.90 at least)
783 CVE-2006-0299 version (thunderbird, fixed 1.5)
784 CVE-2006-0299 version (firefox, fixed 1.5.0.1)
785 CVE-2006-0298 version (thunderbird, fixed 1.5)
786 CVE-2006-0298 version (firefox, fixed 1.5.0.1)
787 CVE-2006-0297 version (thunderbird, fixed 1.5)
788 CVE-2006-0297 version (firefox, fixed 1.5.0.1)
789 CVE-2006-0296 version (thunderbird, fixed 1.5)
790 CVE-2006-0296 version (firefox, fixed 1.5.0.1)
791 CVE-2006-0295 version (thunderbird, fixed 1.5)
792 CVE-2006-0295 version (firefox, fixed 1.5.0.1)
793 CVE-2006-0294 version (thunderbird, fixed 1.5)
794 CVE-2006-0294 version (firefox, fixed 1.5.0.1)
795 CVE-2006-0293 version (thunderbird, fixed 1.5)
796 CVE-2006-0293 version (firefox, fixed 1.5.0.1)
797 CVE-2006-0292 version (thunderbird, fixed 1.5)
798 CVE-2006-0292 version (firefox, fixed 1.5.1)
799 CVE-2006-0254 version (tomcat5, fixed 5.5.16)
800 CVE-2006-0236 ignore (thunderbird) windows only
801 CVE-2006-0225 version (openssh, fixed 4.3p2)
802 CVE-2006-0208 version (php, fixed 5.1.2)
803 CVE-2006-0207 version (php, fixed 5.1.2)
804 CVE-2006-0200 version (php, fixed 5.1.2)
805 CVE-2006-0197 ignore (xorg-x11) not an issue
806 CVE-2006-0195 version (squirrelmail, fixed 1.4.6)
807 CVE-2006-0188 version (squirrelmail, fixed 1.4.6)
808 CVE-2006-0144 version (php-pear, not 1.4.4)
809 CVE-2006-0097 ignore (php) Windows only
810 CVE-2006-0096 ignore (kernel) minor and requires root
811 CVE-2006-0095 version (kernel, fixed 2.6.16)
812 CVE-2006-0082 version (ImageMagick, not 6.2.5.4)
813 CVE-2006-0058 version (sendmail, fixed 8.13.6)
814 CVE-2006-0052 version (mailman, fixed 2.1.6)
815 CVE-2006-0049 version (gnupg, fixed 1.4.2.2)
816 CVE-2006-0039 version (kernel, fixed 2.6.16.17)
817 CVE-2006-0037 version (kernel, only 2.6.14 and 2.6.15)
818 CVE-2006-0036 version (kernel, only 2.6.14 and 2.6.15)
819 CVE-2006-0035 version (kernel, only 2.6.14 and 2.6.15)
820 CVE-2006-0019 version (kdelibs, fixed 3.5.1)
821 CVE-2005-4811 version (kernel, fixed 2.6.13)
822 CVE-2005-4809 ignore (firefox) Status bar can be modified anyways
823 CVE-2005-4808 ignore (binutils, gas fixed 20050714) this is a bug
824 CVE-2005-4807 ignore (binutils, gas fixed 20050721) this is a bug
825 CVE-2005-4798 version (kernel, not 2.6)
826 CVE-2005-4790 VULNERABLE (tomboy) #252294
827 CVE-2005-4784 ignore (glibc) struct dirent is big enough
828 CVE-2005-4746 version (freeradius, fixed 1.0.5)
829 CVE-2005-4745 version (freeradius, fixed 1.0.5)
830 CVE-2005-4744 version (freeradius, fixed 1.0.5)
831 CVE-2005-4720 version (thunderbird, fixed 1.5)
832 CVE-2005-4720 version (firefox, fixed 1.5)
833 CVE-2005-4703 ignore (tomcat) windows only
834 CVE-2005-4685 ignore (firefox) not fixed upstream, low, can't fix
835 CVE-2005-4684 ignore (kdebase) not fixed upstream, low, can't fix
836 CVE-2005-4667 backport (unzip) changelog
837 CVE-2005-4639 version (kernel, fixed 2.6.15)
838 CVE-2005-4636 version (openoffice.org, fixed 2.0.1)
839 CVE-2005-4635 version (kernel, fixed 2.6.15)
840 CVE-2005-4618 version (kernel, fixed 2.6.15)
841 CVE-2005-4605 version (kernel, fixed 2.6.15)
842 CVE-2005-4585 version (wireshark, fixed 0.10.14)
843 CVE-2005-4442 version (openldap) gentoo only
844 CVE-2005-4352 version (kernel, fixed 2.6.18.3) [since FEDORA-2006-1471]
845 CVE-2005-4348 version (fetchmail, fixed 6.3.1)
846 CVE-2005-4268 backport (cpio) cpio-2.6-writeOutHeaderBufferOverflow.patch
847 CVE-2005-4158 ignore (sudo) only env_reset will properly clean the environment
848 CVE-2005-4154 ignore (php) don't install untrusted pear packages
849 CVE-2005-4153 version (mailman)
850 CVE-2005-4134 ignore (firefox) http://www.mozilla.org/security/history-title.html
851 CVE-2005-4077 version (curl, fixed 7.15.1)
852 CVE-2005-3962 version (perl, fixed 5.8.8)
853 CVE-2005-3883 version (php, fixed 5.1.1 at least)
854 CVE-2005-3858 version (kernel, fixed 2.6.13)
855 CVE-2005-3857 version (kernel, fixed 2.6.15)
856 CVE-2005-3848 version (kernel, fixed 2.6.13)
857 CVE-2005-3847 version (kernel, fixed 2.6.12.6)
858 CVE-2005-3810 version (kernel, fixed 2.6.15)
859 CVE-2005-3809 version (kernel, fixed 2.6.15)
860 CVE-2005-3808 version (kernel, fixed 2.6.15)
861 CVE-2005-3807 version (kernel, fixed 2.6.15)
862 CVE-2005-3806 version (kernel, fixed 2.6.14)
863 CVE-2005-3805 version (kernel, fixed 2.6.14)
864 CVE-2005-3784 version (kernel, fixed 2.6.15)
865 CVE-2005-3783 version (kernel, fixed 2.6.15)
866 CVE-2005-3753 version (kernel, fixed 2.6.14)
867 CVE-2005-3745 ignore (struts, fixed 1.2.8) but not through tomcat
868 CVE-2005-3732 version (ipsec-tools, fixed 0.6.3)
869 CVE-2005-3675 ignore (kernel) optack, not a bug
870 CVE-2005-3671 version (openswan, fixed 2.4.4)
871 CVE-2005-3662 version (netpbm)
872 CVE-2005-3656 version (mod_auth_pgsql, fixed 2.0.3)
873 CVE-2005-3651 version (wireshark, fixed 0.10.14)
874 CVE-2005-3632 version (netpbm)
875 CVE-2005-3631 version (udev)
876 CVE-2005-3629 version (initscripts, fixed 8.29 at least)
877 CVE-2005-3628 version (poppler, fixed 0.4.4)
878 CVE-2005-3628 version (kdegraphics, fixed 3.5.1)
879 CVE-2005-3628 version (cups, fixed 1.2.0)
880 CVE-2005-3628 backport (tetex) tetex-3.0-CVE-2005-3193.patch
881 CVE-2005-3627 version (poppler, fixed 0.4.4)
882 CVE-2005-3627 version (kdegraphics, fixed 3.5.1)
883 CVE-2005-3627 version (cups, fixed 1.2.0)
884 CVE-2005-3627 backport (tetex)
885 CVE-2005-3626 version (poppler, fixed 0.4.4)
886 CVE-2005-3626 version (kdegraphics, fixed 3.5.1)
887 CVE-2005-3626 version (cups, fixed 1.2.0)
888 CVE-2005-3626 backport (tetex)
889 CVE-2005-3625 version (poppler, fixed 0.4.4)
890 CVE-2005-3625 version (kdegraphics, fixed 3.5.1)
891 CVE-2005-3625 version (cups, fixed 1.2.0)
892 CVE-2005-3625 backport (tetex)
893 CVE-2005-3624 version (poppler, fixed 0.4.4)
894 CVE-2005-3624 version (kdegraphics, fixed 3.5.1)
895 CVE-2005-3624 version (cups, fixed 1.2.0)
896 CVE-2005-3624 backport (tetex)
897 CVE-2005-3623 version (kernel, fixed 2.6.14.5)
898 CVE-2005-3582 version (ImageMagick) gentoo only
899 CVE-2005-3573 version (mailman, fixed 2.1.7)
900 CVE-2005-3527 version (kernel, fixed 2.6.14)
901 CVE-2005-3402 ignore (thunderbird) mozilla say by design
902 CVE-2005-3392 version (php, not 5.0)
903 CVE-2005-3391 version (php, not 5.0)
904 CVE-2005-3390 version (php, fixed 5.1.0)
905 CVE-2005-3389 version (php, fixed 5.1.1)
906 CVE-2005-3388 version (php, fixed 5.1.1)
907 CVE-2005-3359 version (kernel, fixed 2.6.14)
908 CVE-2005-3358 version (kernel, fixed 2.6.11)
909 CVE-2005-3357 version (httpd, fixed 2.2.1)
910 CVE-2005-3356 version (kernel, fixed 2.6.16)
911 CVE-2005-3353 version (php, not 5.0)
912 CVE-2005-3352 version (httpd, fixed 2.2.1)
913 CVE-2005-3351 version (spamassassin, fixed 3.1.0)
914 CVE-2005-3322 version (squid) not upstream, SUSE only
915 CVE-2005-3319 ignore (mod_php) no security consequence
916 CVE-2005-3313 version (wireshark, fixed after 0.10.13)
917 CVE-2005-3276 version (kernel, fixed 2.6.12.4)
918 CVE-2005-3275 version (kernel, fixed 2.6.13)
919 CVE-2005-3274 version (kernel, fixed 2.6.13)
920 CVE-2005-3273 version (kernel, fixed 2.6.12)
921 CVE-2005-3272 version (kernel, fixed 2.6.13)
922 CVE-2005-3271 version (kernel, fixed 2.6.9)
923 CVE-2005-3258 version (squid, fixed 2.5STABLE12)
924 CVE-2005-3257 version (kernel, fixed 2.6.15)
925 CVE-2005-3249 version (wireshark, fixed 0.10.13)
926 CVE-2005-3248 version (wireshark, fixed 0.10.13)
927 CVE-2005-3247 version (wireshark, fixed 0.10.13)
928 CVE-2005-3246 version (wireshark, fixed 0.10.13)
929 CVE-2005-3245 version (wireshark, fixed 0.10.13)
930 CVE-2005-3244 version (wireshark, fixed 0.10.13)
931 CVE-2005-3243 version (wireshark, fixed 0.10.13)
932 CVE-2005-3242 version (wireshark, fixed 0.10.13)
933 CVE-2005-3241 version (wireshark, fixed 0.10.13)
934 CVE-2005-3193 version (poppler, fixed 0.4.4)
935 CVE-2005-3193 version (kdegraphics, fixed 3.5.1)
936 CVE-2005-3193 version (cups, fixed 1.2.0)
937 CVE-2005-3193 backport (tetex) tetex-3.0-CVE-2005-3193.patch
938 CVE-2005-3192 version (poppler, fixed 0.4.4)
939 CVE-2005-3192 version (kdegraphics, fixed 3.5.1)
940 CVE-2005-3192 version (cups, fixed 1.2.0)
941 CVE-2005-3192 backport (tetex) tetex-3.0-CVE-2005-3193.patch
942 CVE-2005-3191 version (poppler, fixed 0.4.4)
943 CVE-2005-3191 version (kdegraphics, fixed 3.5.1)
944 CVE-2005-3191 version (cups, fixed 1.2.0)
945 CVE-2005-3191 backport (tetex) tetex-3.0-CVE-2005-3193.patch
946 CVE-2005-3186 version (gtk2, fixed 2.8.7 at least)
947 CVE-2005-3185 version (wget, fixed 1.10.2 at least)
948 CVE-2005-3185 version (curl, fixed 7.15)
949 CVE-2005-3184 version (wireshark, fixed 0.10.13)
950 CVE-2005-3181 version (kernel, fixed 2.6.13.4)
951 CVE-2005-3180 version (kernel, fixed 2.6.13.4)
952 CVE-2005-3179 version (kernel, fixed 2.6.13.4)
953 CVE-2005-3164 version (tomcat, not 5)
954 CVE-2005-3120 backport (lynx) changelog
955 CVE-2005-3119 version (kernel, fixed 2.6.13.4)
956 CVE-2005-3110 version (kernel, fixed 2.6.12)
957 CVE-2005-3109 version (kernel, fixed 2.6.12)
958 CVE-2005-3108 version (kernel, fixed 2.6.12)
959 CVE-2005-3107 version (kernel, fixed 2.6.11)
960 CVE-2005-3106 version (kernel, fixed 2.6.11)
961 CVE-2005-3105 version (kernel, fixed 2.6.12)
962 CVE-2005-3089 version (firefox, fixed 1.0.7)
963 CVE-2005-3088 ignore (fetchmail) fetchmailconf not shipped
964 CVE-2005-3055 version (kernel, fixed 2.6.14)
965 CVE-2005-3054 ignore (php)
966 CVE-2005-3053 version (kernel, fixed 2.6.12.5)
967 CVE-2005-3044 version (kernel, fixed 2.6.13.2)
968 CVE-2005-3011 backport (texinfo) texinfo-CAN-2005-3011.patch
969 CVE-2005-2991 ignore (ncompress) don't ship zdiff or zcmp scripts
970 CVE-2005-2978 version (netpbm, fixed 10.25)
971 CVE-2005-2977 version (pam, fixed 0.99.2.1 at least)
972 CVE-2005-2975 version (gtk2, fixed 2.8.7)
973 CVE-2005-2973 version (kernel, fixed 2.6.14)
974 CVE-2005-2970 version (httpd, not 2.2)
975 CVE-2005-2969 version (openssl, fixed 0.9.8a)
976 CVE-2005-2969 backport (openssl097a, fixed 0.9.7h)
977 CVE-2005-2968 version (thunderbird)
978 CVE-2005-2968 version (firefox)
979 CVE-2005-2959 ignore (sudo) not a vulnerability
980 CVE-2005-2946 version (openssl, fixed 0.9.8)
981 CVE-2005-2933 version (libc-client, fixed 2004g at least)
982 CVE-2005-2929 backport (lynx) changelog
983 CVE-2005-2917 version (squid, fixed 2.5.STABLE11)
984 CVE-2005-2876 version (util-linux, fixed 2.13-pre3)
985 CVE-2005-2874 version (cups, fixed 1.1.23)
986 CVE-2005-2873 version (kernel, fixed 2.6.18-rc1)
987 CVE-2005-2872 version (kernel, fixed 2.6.12)
988 CVE-2005-2871 version (thunderbird)
989 CVE-2005-2871 version (firefox, fixed 1.0.7)
990 CVE-2005-2811 version (net-snmp) not upstream, gentoo only
991 CVE-2005-2801 version (kernel, fixed 2.6.11)
992 CVE-2005-2800 version (kernel, fixed 2.6.12.6)
993 CVE-2005-2798 version (openssh, fixed 4.2)
994 CVE-2005-2797 version (openssh, fixed 4.2)
995 CVE-2005-2796 version (squid, fixed 2.5.STABLE11)
996 CVE-2005-2794 version (squid, fixed 2.5.STABLE11)
997 CVE-2005-2728 version (httpd, not 2.2)
998 CVE-2005-2709 version (kernel, fixed 2.6.14.3)
999 CVE-2005-2708 ignore (kernel) not reproducable on x86_64
1000 CVE-2005-2707 version (thunderbird)
1001 CVE-2005-2707 version (firefox, fixed 1.0.7)
1002 CVE-2005-2706 version (thunderbird)
1003 CVE-2005-2706 version (firefox, fixed 1.0.7)
1004 CVE-2005-2705 version (thunderbird)
1005 CVE-2005-2705 version (firefox, fixed 1.0.7)
1006 CVE-2005-2704 version (thunderbird)
1007 CVE-2005-2704 version (firefox, fixed 1.0.7)
1008 CVE-2005-2703 version (thunderbird)
1009 CVE-2005-2703 version (firefox, fixed 1.0.7)
1010 CVE-2005-2702 version (thunderbird)
1011 CVE-2005-2702 version (firefox, fixed 1.0.7)
1012 CVE-2005-2701 version (firefox, fixed 1.0.7)
1013 CVE-2005-2700 version (httpd, not 2.2)
1014 CVE-2005-2693 backport (cvs) cvs-1.11.19-tmp.patch
1015 CVE-2005-2672 version (lm_sensors, fixed 2.9.2)
1016 CVE-2005-2666 version (openssh, fixed 4.0p1)
1017 CVE-2005-2642 version (mutt) openbsd only
1018 CVE-2005-2641 version (nss_ldap, fixed pam_ldap:180)
1019 CVE-2005-2617 version (kernel, fixed 2.6.12.5)
1020 CVE-2005-2602 ignore (thunderbird) probably
1021 CVE-2005-2602 ignore (firefox) https://bugzilla.mozilla.org/show_bug.cgi?id=237085
1022 CVE-2005-2558 version (mysql, fixed 4.1.13)
1023 CVE-2005-2558 ignore (mysql) not an issue
1024 CVE-2005-2555 version (kernel, fixed 2.6.12.6)
1025 CVE-2005-2553 version (kernel, not 2.6)
1026 CVE-2005-2550 version (evolution, fixed after 2.3.6.1)
1027 CVE-2005-2549 version (evolution, fixed after 2.3.6.1)
1028 CVE-2005-2548 version (kernel, fixed 2.6.9) only affected 2.6.8
1029 CVE-2005-2547 version (bluez-pin, fixed 2.19) not before 2.16
1030 CVE-2005-2541 ignore (tar) is documented behaviour
1031 CVE-2005-2500 version (kernel, fixed 2.6.13)
1032 CVE-2005-2498 version (php, fixed xml_rpc:1.4.0)
1033 CVE-2005-2496 version (ntp, fixed 4.2.0b)
1034 CVE-2005-2495 version (xorg-x11-server, fixed 0.99.3 at least)
1035 CVE-2005-2494 version (kdebase, fixed after 3.4.2)
1036 CVE-2005-2492 version (kernel, fixed 2.6.13.1)
1037 CVE-2005-2491 version (pcre, fixed 6.2)
1038 CVE-2005-2491 ignore (python) fc6 python does not contain pcre
1039 CVE-2005-2491 ignore (php) php uses system pcre
1040 CVE-2005-2491 ignore (httpd) httpd uses system pcre
1041 CVE-2005-2490 version (kernel, fixed 2.6.13.1)
1042 CVE-2005-2475 backport (unzip) unzip-5.52-toctou.patch
1043 CVE-2005-2471 version (netpbm, fixed 10.31)
1044 CVE-2005-2459 ignore (kernel, fixed 2.6.12.5) dropped as code path not possible
1045 CVE-2005-2458 version (kernel, fixed 2.6.12.5)
1046 CVE-2005-2457 version (kernel, fixed 2.6.12.5)
1047 CVE-2005-2456 version (kernel, fixed 2.6.12.5)
1048 CVE-2005-2452 version (libtiff, fixed 3.7.0)
1049 CVE-2005-2448 version (kdenetwork, fixed 3.4.2)
1050 CVE-2005-2410 version (NetworkManager, fixed 5.0)
1051 CVE-2005-2395 ignore (firefox) https://bugzilla.mozilla.org/show_bug.cgi?id=281851
1052 CVE-2005-2370 version (kdenetwork, fixed 3.4.2)
1053 CVE-2005-2370 version (gaim, fixed 1.5.0)
1054 CVE-2005-2369 version (kdenetwork, fixed 3.4.2)
1055 CVE-2005-2368 version (vim, fixed 6.3.086 at least)
1056 CVE-2005-2367 version (wireshark, fixed 0.10.12)
1057 CVE-2005-2366 version (wireshark, fixed 0.10.12)
1058 CVE-2005-2365 version (wireshark, fixed 0.10.12)
1059 CVE-2005-2364 version (wireshark, fixed 0.10.12)
1060 CVE-2005-2363 version (wireshark, fixed 0.10.12)
1061 CVE-2005-2362 version (wireshark, fixed 0.10.12)
1062 CVE-2005-2361 version (wireshark, fixed 0.10.12)
1063 CVE-2005-2360 version (wireshark, fixed 0.10.12)
1064 CVE-2005-2353 ignore (thunderbird) debug mode only
1065 CVE-2005-2337 version (ruby, fixed 1.8.3)
1066 CVE-2005-2335 version (fetchmail, fixed 6.2.5.2)
1067 CVE-2005-2270 version (thunderbird, fixed 1.0.5)
1068 CVE-2005-2270 version (firefox, fixed 1.0.5)
1069 CVE-2005-2269 version (thunderbird, fixed 1.0.5)
1070 CVE-2005-2269 version (firefox, fixed 1.0.5)
1071 CVE-2005-2268 version (firefox, fixed 1.0.5)
1072 CVE-2005-2267 version (firefox, fixed 1.0.5)
1073 CVE-2005-2266 version (thunderbird, fixed 1.0.5)
1074 CVE-2005-2266 version (firefox, fixed 1.0.5)
1075 CVE-2005-2265 version (thunderbird, fixed 1.0.5)
1076 CVE-2005-2265 version (firefox, fixed 1.0.5)
1077 CVE-2005-2264 version (firefox, fixed 1.0.5)
1078 CVE-2005-2263 version (firefox, fixed 1.0.5)
1079 CVE-2005-2262 version (firefox, fixed 1.0.5)
1080 CVE-2005-2261 version (thunderbird, fixed 1.0.5)
1081 CVE-2005-2261 version (firefox, fixed 1.0.5)
1082 CVE-2005-2260 version (firefox, fixed 1.0.5)
1083 CVE-2005-2177 version (net-snmp, fixed 5.2.1.2)
1084 CVE-2005-2114 version (firefox, fixed 1.0.5)
1085 CVE-2005-2104 version (sysreport, fixed 1.4.1-5)
1086 CVE-2005-2103 version (gaim, fixed 1.5.0)
1087 CVE-2005-2102 version (gaim, fixed 1.5.0)
1088 CVE-2005-2101 version (kdeedu, fixed after 3.4.2)
1089 CVE-2005-2100 version (kernel, not 2.6) not upstream only RHEL4
1090 CVE-2005-2099 version (kernel, fixed 2.6.12.5)
1091 CVE-2005-2098 version (kernel, fixed 2.6.12.5)
1092 CVE-2005-2097 version (cups)
1093 CVE-2005-2096 version (rpm, fixed 4.4.2)
1094 CVE-2005-2096 backport (zlib, fixed 1.2.2.4)
1095 CVE-2005-2095 version (squirrelmail, fixed 1.4.5)
1096 CVE-2005-2088 version (httpd, not 2.2)
1097 CVE-2005-2069 version (nss_ldap, fixed pam_ldap:180)
1098 CVE-2005-2069 backport (openldap) openldap-2.2.13-tls-fix-connection-test.patch
1099 CVE-2005-2023 version (gnupg, only 1.9.14)
1100 CVE-2005-1993 version (sudo, fixed 1.6.8p9)
1101 CVE-2005-1992 version (ruby, fixed 1.8.3 at least)
1102 CVE-2005-1937 version (firefox, fixed 1.0.5)
1103 CVE-2005-1934 version (gaim, fixed 1.3.1)
1104 CVE-2005-1921 version (php, fixed xml_rpc:1.3.1)
1105 CVE-2005-1920 version (kdelibs, fixed 3.4.1)
1106 CVE-2005-1918 version (tar)
1107 CVE-2005-1913 version (kernel, fixed 2.6.12.2)
1108 CVE-2005-1852 version (kdenetwork, fixed 3.4.2)
1109 CVE-2005-1849 version (zlib, fixed 1.2.3)
1110 CVE-2005-1831 ignore (sudo) unsubstantiated report
1111 CVE-2005-1769 version (squirrelmail, fixed 1.4.5)
1112 CVE-2005-1768 version (kernel, fixed 2.6.6)
1113 CVE-2005-1767 version (kernel, fixed 2.6.7)
1114 CVE-2005-1765 version (kernel, fixed 2.6.12)
1115 CVE-2005-1764 version (kernel, fixed 2.6.12)
1116 CVE-2005-1763 version (kernel, fixed 2.6.12)
1117 CVE-2005-1762 version (kernel, fixed 2.6.12)
1118 CVE-2005-1761 version (kernel, fixed 2.6.12.2)
1119 CVE-2005-1760 version (sysreport, fixed 1.4.1-3)
1120 CVE-2005-1759 ignore (php) dead code path
1121 CVE-2005-1759 ignore (openldap) fixed shtool 2.0.2 flawed code path not used
1122 CVE-2005-1751 version (nmap, fixed 3.93 at least)
1123 CVE-2005-1751 ignore (openldap) fixed shtool 2.0.2. Flawed code path not used
1124 CVE-2005-1751 ignore (ncpfs) part of shtool in ncpfs is not vulnerable
1125 CVE-2005-1740 version (net-snmp, fixed 5.2.2.rc5 at least)
1126 CVE-2005-1739 version (ImageMagick, fixed 6.2.2.3)
1127 CVE-2005-1705 backport (gdb) gdb-6.3-security-errata-20050610.patch
1128 CVE-2005-1704 version (binutils, fixed 2.16.91.0.3 at least)
1129 CVE-2005-1704 backport (gdb) gdb-6.3-security-errata-20050610.patch
1130 CVE-2005-1689 version (krb5, fixed 1.4.2)
1131 CVE-2005-1686 ignore (gedit) not a vulnerability
1132 CVE-2005-1636 version (mysql, fixed 4.1.12)
1133 CVE-2005-1589 version (kernel, fixed 2.6.11.10)
1134 CVE-2005-1571 version (php, fixed shtool 2.0.2)
1135 CVE-2005-1544 version (libtiff, fixed 3.7.1 at least)
1136 CVE-2005-1532 version (thunderbird)
1137 CVE-2005-1532 version (firefox, fixed 1.0.4)
1138 CVE-2005-1531 version (firefox, fixed 1.0.4)
1139 CVE-2005-1519 version (squid, fixed 2.5.STABLE10)
1140 CVE-2005-1470 version (wireshark, fixed 0.10.11)
1141 CVE-2005-1469 version (wireshark, fixed 0.10.11)
1142 CVE-2005-1468 version (wireshark, fixed 0.10.11)
1143 CVE-2005-1467 version (wireshark, fixed 0.10.11)
1144 CVE-2005-1466 version (wireshark, fixed 0.10.11)
1145 CVE-2005-1465 version (wireshark, fixed 0.10.11)
1146 CVE-2005-1464 version (wireshark, fixed 0.10.11)
1147 CVE-2005-1463 version (wireshark, fixed 0.10.11)
1148 CVE-2005-1462 version (wireshark, fixed 0.10.11)
1149 CVE-2005-1461 version (wireshark, fixed 0.10.11)
1150 CVE-2005-1460 version (wireshark, fixed 0.10.11)
1151 CVE-2005-1459 version (wireshark, fixed 0.10.11)
1152 CVE-2005-1458 version (wireshark, fixed 0.10.11)
1153 CVE-2005-1457 version (wireshark, fixed 0.10.11)
1154 CVE-2005-1456 version (wireshark, fixed 0.10.11)
1155 CVE-2005-1455 version (freeradius, fixed 1.0.3)
1156 CVE-2005-1454 version (freeradius, fixed 1.0.3)
1157 CVE-2005-1431 version (gnutls, fixed 1.0.25)
1158 CVE-2005-1410 version (postgresql, fixed 8.0.2)
1159 CVE-2005-1409 version (postgresql, fixed 8.0.1)
1160 CVE-2005-1369 version (kernel, fixed 2.6.12)
1161 CVE-2005-1368 version (kernel, fixed 2.6.12)
1162 CVE-2005-1345 version (squid, fixed 2.5.STABLE10)
1163 CVE-2005-1344 ignore (httpd) not a vulnerability
1164 CVE-2005-1281 version (wireshark, fixed 0.10.11)
1165 CVE-2005-1280 version (tcpdump, fixed 3.9.2)
1166 CVE-2005-1279 version (tcpdump, fixed 3.9.2)
1167 CVE-2005-1278 version (tcpdump, fixed 3.9.2)
1168 CVE-2005-1277 ignore (dupe)
1169 CVE-2005-1275 version (ImageMagick, fixed 6.2.2)
1170 CVE-2005-1269 version (gaim, fixed 1.3.1)
1171 CVE-2005-1268 version (httpd, not 2.2)
1172 CVE-2005-1267 version (tcpdump, fixed 3.9.4 at least)
1173 CVE-2005-1266 version (spamassassin, fixed 3.0.4)
1174 CVE-2005-1265 version (kernel)
1175 CVE-2005-1264 version (kernel)
1176 CVE-2005-1263 version (kernel)
1177 CVE-2005-1262 version (gaim, fixed 1.3.0)
1178 CVE-2005-1261 version (gaim, fixed 1.3.0)
1179 CVE-2005-1260 version (bzip2, fixed 1.0.3)
1180 CVE-2005-1229 backport (cpio) cpio-2.6-dirTraversal.patch
1181 CVE-2005-1228 backport (gzip) changelog
1182 CVE-2005-1194 backport (nasm) changelog
1183 CVE-2005-1184 ignore (kernel) expected to not be an issue
1184 CVE-2005-1175 version (krb5, fixed 1.4.2)
1185 CVE-2005-1174 version (krb5, fixed 1.4.2)
1186 CVE-2005-1160 version (thunderbird)
1187 CVE-2005-1160 version (firefox)
1188 CVE-2005-1159 version (thunderbird)
1189 CVE-2005-1159 version (firefox)
1190 CVE-2005-1158 version (firefox, fixed 1.0.3)
1191 CVE-2005-1157 version (firefox)
1192 CVE-2005-1156 version (firefox)
1193 CVE-2005-1155 version (firefox)
1194 CVE-2005-1154 version (firefox)
1195 CVE-2005-1153 version (firefox)
1196 CVE-2005-1111 backport (cpio) cpio-2.6-chmodRaceC.patch
1197 CVE-2005-1065 version (tetex) not upstream version
1198 CVE-2005-1061 version (logwatch, fixed 4.3.2 at least)
1199 CVE-2005-1046 version (kdelibs, fixed after 3.4.0)
1200 CVE-2005-1043 version (php, fixed 4.3.11)
1201 CVE-2005-1042 version (php, fixed 4.3.11)
1202 CVE-2005-1041 version (kernel, fixed 2.6.12)
1203 CVE-2005-1039 ignore (coreutils) not fixed upstream, not a real issue
1204 CVE-2005-1038 backport (vixie-cron)
1205 CVE-2005-0990 version (sharutils, fixed 4.6 at least)
1206 CVE-2005-0989 version (thunderbird)
1207 CVE-2005-0989 version (firefox, fixed 1.0.3)
1208 CVE-2005-0988 backport (gzip) changelog
1209 CVE-2005-0977 version (kernel, fixed 2.6.11)
1210 CVE-2005-0967 version (gaim, fixed 1.2.1)
1211 CVE-2005-0966 version (gaim, fixed 1.2.1)
1212 CVE-2005-0965 version (gaim, fixed 1.2.1)
1213 CVE-2005-0953 backport (bzip2) bzip2-1.0.2-chmod.patch
1214 CVE-2005-0941 version (openoffice.org, fixed 1.9 m95)
1215 CVE-2005-0937 version (kernel, fixed 2.6.11)
1216 CVE-2005-0916 version (kernel, fixed 2.6.12)
1217 CVE-2005-0891 version (gtk2, fixed 2.2.4)
1218 CVE-2005-0867 version (kernel, fixed 2.6.11)
1219 CVE-2005-0866 version (cdrecord) DEBUG isn't enabled anyway
1220 CVE-2005-0839 version (kernel, fixed 2.6.11)
1221 CVE-2005-0815 version (kernel, fixed 2.6.11.6)
1222 CVE-2005-0808 version (tomcat, fixed 5.x)
1223 CVE-2005-0806 version (evolution, fixed 2.0.4)
1224 CVE-2005-0799 version (mysql) not linux
1225 CVE-2005-0767 version (kernel, fixed 2.6.11)
1226 CVE-2005-0766 version (wireshark, fixed after 0.10.9)
1227 CVE-2005-0765 version (wireshark, fixed after 0.10.9)
1228 CVE-2005-0763 version (mc, fixed 4.6.0)
1229 CVE-2005-0762 version (ImageMagick, fixed 6.0)
1230 CVE-2005-0761 version (ImageMagick, fixed 6.1.8)
1231 CVE-2005-0760 version (ImageMagick, fixed 6.0)
1232 CVE-2005-0759 version (ImageMagick, fixed 6.0)
1233 CVE-2005-0758 version (gzip, fixed 1.3.5)
1234 CVE-2005-0758 backport (bzip2)
1235 CVE-2005-0757 version (kernel, not 2.6)
1236 CVE-2005-0756 version (kernel, fixed 2.6.12)
1237 CVE-2005-0754 version (kdewebdev, fixed after 3.4.0)
1238 CVE-2005-0753 version (cvs, fixed 1.11.20)
1239 CVE-2005-0752 version (firefox, fixed 1.0.3)
1240 CVE-2005-0750 version (kernel, fixed 2.6.11.6)
1241 CVE-2005-0749 version (kernel, fixed 2.6.11.6)
1242 CVE-2005-0739 version (wireshark, fixed after 0.10.9)
1243 CVE-2005-0736 version (kernel, fixed 2.6.11)
1244 CVE-2005-0718 version (squid, fixed 2.5.STABLE8)
1245 CVE-2005-0711 version (mysql, fixed 4.1.11)
1246 CVE-2005-0710 version (mysql, fixed 4.1.11)
1247 CVE-2005-0709 version (mysql, fixed 4.1.11)
1248 CVE-2005-0705 version (wireshark, fixed after 0.10.9)
1249 CVE-2005-0704 version (wireshark, fixed after 0.10.9)
1250 CVE-2005-0698 version (wireshark, fixed after 0.10.9)
1251 CVE-2005-0664 version (libexif, fixed 0.6.12)
1252 CVE-2005-0654 ignore (gimp, not fixed 2.2) upstream considers harmless
1253 CVE-2005-0627 version (qt, fixed 3.3.4)
1254 CVE-2005-0626 version (squid, fixed 2.5.STABLE10)
1255 CVE-2005-0605 version (libXpm, fixed 3.5.4 at least)
1256 CVE-2005-0602 ignore (unzip, fixed 5.52) this is really expected behaviour
1257 CVE-2005-0596 version (php, fixed 5.0)
1258 CVE-2005-0593 version (firefox)
1259 CVE-2005-0592 version (firefox)
1260 CVE-2005-0591 version (firefox, fixed 1.0.1)
1261 CVE-2005-0590 version (thunderbird)
1262 CVE-2005-0590 version (openswan, fixed 2.1.4)
1263 CVE-2005-0590 version (firefox)
1264 CVE-2005-0589 version (firefox, fixed 1.0.1)
1265 CVE-2005-0588 version (firefox)
1266 CVE-2005-0587 version (firefox)
1267 CVE-2005-0586 version (firefox)
1268 CVE-2005-0585 version (firefox)
1269 CVE-2005-0584 version (firefox)
1270 CVE-2005-0578 version (firefox)
1271 CVE-2005-0565 version (kernel, not 2.6)
1272 CVE-2005-0532 version (kernel, fixed 2.6.11)
1273 CVE-2005-0531 version (kernel, fixed 2.6.11)
1274 CVE-2005-0530 version (kernel, fixed 2.6.11)
1275 CVE-2005-0529 version (kernel, fixed 2.6.11)
1276 CVE-2005-0527 version (firefox, fixed 1.0.1)
1277 CVE-2005-0525 version (php, fixed 5.0.4)
1278 CVE-2005-0524 version (php, fixed 5.0.4)
1279 CVE-2005-0509 version (mono, not after 1.0.5)
1280 CVE-2005-0504 version (kernel, not 2.6) doesn't build in 2.6
1281 CVE-2005-0490 version (curl, fixed 7.13.1)
1282 CVE-2005-0489 version (kernel, not 2.6)
1283 CVE-2005-0488 backport (telnet)
1284 CVE-2005-0488 backport (krb5) krb5-1.4.1-telnet-environ.patch
1285 CVE-2005-0473 version (gaim, fixed 1.1.3)
1286 CVE-2005-0472 version (gaim, fixed 1.1.3)
1287 CVE-2005-0470 version (wpa_supplicant, fixed 0.2.7)
1288 CVE-2005-0469 version (krb5, fixed 1.4.1)
1289 CVE-2005-0469 backport (telnet) telnet-0.17-CAN-2005-468_469.patch
1290 CVE-2005-0468 version (krb5, fixed 1.4.1)
1291 CVE-2005-0468 backport (telnet) telnet-0.17-CAN-2005-468_469.patch
1292 CVE-2005-0449 version (kernel, fixed 2.6.11)
1293 CVE-2005-0448 version (perl, fixed 5.8.6)
1294 CVE-2005-0446 version (squid, fixed 2.5.STABLE9)
1295 CVE-2005-0404 ignore (kde) won't fix http://bugs.kde.org/show_bug.cgi?id=96020
1296 CVE-2005-0403 version (kernel) not upstream
1297 CVE-2005-0402 version (firefox, fixed 1.0.2)
1298 CVE-2005-0401 version (firefox, fixed 1.0.2)
1299 CVE-2005-0400 version (kernel, fixed 2.6.11.6)
1300 CVE-2005-0399 version (thunderbird)
1301 CVE-2005-0399 version (firefox)
1302 CVE-2005-0398 version (ipsec-tools, fixed 0.5)
1303 CVE-2005-0397 version (ImageMagick, fixed 6.0.2.5)
1304 CVE-2005-0396 version (kdelibs, fixed 3.4.0)
1305 CVE-2005-0384 version (kernel, fixed 2.6.11.4)
1306 CVE-2005-0372 version (gftp, fixed 2.0.18 at least)
1307 CVE-2005-0365 version (kdelibs, not 3.4)
1308 CVE-2005-0337 version (postfix, fixed 2.1.4)
1309 CVE-2005-0255 version (thunderbird, fixed 1.0.2)
1310 CVE-2005-0255 version (firefox, fixed 1.0.1)
1311 CVE-2005-0247 version (postgresql, fixed after 8.0)
1312 CVE-2005-0246 version (postgresql, fixed 8.0.1)
1313 CVE-2005-0245 version (postgresql, fixed 8.0.1)
1314 CVE-2005-0244 version (postgresql, fixed 8.0.1)
1315 CVE-2005-0241 version (squid, fixed 2.5.STABLE8)
1316 CVE-2005-0238 version (epiphany, fixed since mozilla 1.7.6)
1317 CVE-2005-0237 version (kdelibs, fixed 3.4.0)
1318 CVE-2005-0233 version (firefox, fixed 1.0.1)
1319 CVE-2005-0232 version (firefox, fixed 1.0.1)
1320 CVE-2005-0231 version (firefox, fixed 1.0.1)
1321 CVE-2005-0230 version (thunderbird, fixed 1.0.2)
1322 CVE-2005-0230 version (firefox, fixed 1.0.1)
1323 CVE-2005-0227 version (postgresql, fixed 8.0.1)
1324 CVE-2005-0211 version (squid, fixed 2.5.STABLE8)
1325 CVE-2005-0210 version (kernel, fixed 2.6.11)
1326 CVE-2005-0209 version (kernel, fixed 2.6.11)
1327 CVE-2005-0208 version (gaim, fixed 1.1.4)
1328 CVE-2005-0207 version (kernel, fixed 2.6.11)
1329 CVE-2005-0205 version (kdenetwork, not 3.3+)
1330 CVE-2005-0204 version (kernel) didn't affect upstream
1331 CVE-2005-0202 version (mailman, fixed 2.1.6)
1332 CVE-2005-0201 version (dbus, fixed 0.36.1)
1333 CVE-2005-0194 version (squid, fixed 2.5.STABLE8)
1334 CVE-2005-0180 version (kernel, fixed 2.6.11)
1335 CVE-2005-0179 version (kernel, fixed 2.6.11)
1336 CVE-2005-0178 version (kernel, fixed 2.6.11)
1337 CVE-2005-0177 version (kernel, fixed 2.6.11)
1338 CVE-2005-0176 version (kernel, fixed 2.6.10) only affected 2.6.9
1339 CVE-2005-0175 version (squid, fixed 2.5.STABLE8)
1340 CVE-2005-0174 version (squid, fixed 2.5.STABLE8)
1341 CVE-2005-0173 version (squid, fixed 2.5.STABLE8)
1342 CVE-2005-0162 version (openswan, fixed 2.3.0)
1343 CVE-2005-0156 version (perl, fixed 5.8.8)
1344 CVE-2005-0155 version (perl, fixed 5.8.8)
1345 CVE-2005-0152 version (squirrelmail, not 1.4)
1346 CVE-2005-0150 version (firefox, fixed 1.0)
1347 CVE-2005-0149 version (firefox)
1348 CVE-2005-0147 version (firefox)
1349 CVE-2005-0146 version (firefox)
1350 CVE-2005-0145 version (firefox, fixed 1.0)
1351 CVE-2005-0144 version (firefox)
1352 CVE-2005-0143 version (firefox)
1353 CVE-2005-0142 version (thunderbird)
1354 CVE-2005-0142 version (firefox)
1355 CVE-2005-0141 version (firefox)
1356 CVE-2005-0137 version (kernel, not 2.6)
1357 CVE-2005-0136 version (kernel, fixed 2.6.11)
1358 CVE-2005-0135 version (kernel, fixed 2.6.11)
1359 CVE-2005-0124 version (kernel, fixed 2.6.11)
1360 CVE-2005-0109 version (openssl, not 0.9.8a)
1361 CVE-2005-0109 backport (openssl097a)
1362 CVE-2005-0104 version (squirrelmail, fixed 1.4.4)
1363 CVE-2005-0103 version (squirrelmail, fixed 1.4.4)
1364 CVE-2005-0102 version (evolution-data-server, fixed 1.2.2 at least)
1365 CVE-2005-0100 version (emacs, fixed 21.4 at least)
1366 CVE-2005-0097 version (squid, fixed 2.5.STABLE8)
1367 CVE-2005-0096 version (squid, fixed 2.5.STABLE8)
1368 CVE-2005-0095 version (squid, fixed 2.5.STABLE8)
1369 CVE-2005-0094 version (squid, fixed 2.5.STABLE8)
1370 CVE-2005-0092 version (kernel, not affected)
1371 CVE-2005-0091 version (kernel, not affected)
1372 CVE-2005-0090 version (kernel, not affected)
1373 CVE-2005-0089 version (python, fixed 2.4.1 at least)
1374 CVE-2005-0088 version (mod_python, fixed after 2.7.8)
1375 CVE-2005-0087 version (alsa-lib, fixed 1.0.9)
1376 CVE-2005-0086 version (less) didn't affect upstream
1377 CVE-2005-0085 version (htdig, fixed 3.1.6-r7)
1378 CVE-2005-0084 version (wireshark, fixed 0.10.9)
1379 CVE-2005-0080 version (mailman) not upstream
1380 CVE-2005-0078 version (kde, fixed 3.0.5)
1381 CVE-2005-0077 version (perl-DBI, fixed 1.48 at least)
1382 CVE-2005-0075 version (squirrelmail, fixed 1.4.4)
1383 CVE-2005-0069 version (vim, fixed 7.0 at least)
1384 CVE-2005-0064 version (tetex, fixed 3.0)
1385 CVE-2005-0064 version (kdegraphics, not 3.4)
1386 CVE-2005-0064 version (cups, fixed 1.2.2)
1387 CVE-2005-0039 ignore (kernel) not a vulnerability: don't do this says the rfc
1388 CVE-2005-0034 version (bind, fixed after 9.3.0)
1389 CVE-2005-0033 version (bind, not 9)
1390 CVE-2005-0023 ignore (libvte) not a security risk
1391 CVE-2005-0014 version (ncpfs, fixed 2.2.6)
1392 CVE-2005-0013 version (ncpfs, fixed 2.2.6)
1393 CVE-2005-0011 version (kdeedu, not 3.4)
1394 CVE-2005-0010 version (wireshark, fixed 0.10.9)
1395 CVE-2005-0009 version (wireshark, fixed 0.10.9)
1396 CVE-2005-0008 version (wireshark, fixed 0.10.9)
1397 CVE-2005-0007 version (wireshark, fixed 0.10.9)
1398 CVE-2005-0006 version (wireshark, fixed 0.10.9)
1399 CVE-2005-0005 version (ImageMagick, fixed after 6.1.7)
1400 CVE-2005-0004 version (mysql, fixed 4.1.10)
1401 CVE-2005-0003 version (kernel, fixed 2.6.10)
1402 CVE-2005-0001 version (kernel, fixed 2.6.10)
1403 CVE-2004-2660 version (kernel, fixed 2.6.10)
1404 CVE-2004-2657 ignore (firefox) windows only
1405 CVE-2004-2654 version (squid, fixed 2.6STABLE6)
1406 CVE-2004-2607 version (kernel, fixed 2.6.5)
1407 CVE-2004-2589 version (gaim, fixed 0.82)
1408 CVE-2004-2546 version (samba, fixed 3.0.6)
1409 CVE-2004-2541 ignore (cscope) blocked by FORTIFY_SOURCE
1410 CVE-2004-2536 version (kernel, fixed 2.6.7)
1411 CVE-2004-2531 version (gnutls, fixed 1.0.17)
1412 CVE-2004-2480 ignore (squid) , not reproducable
1413 CVE-2004-2479 version (squid, fixed 2.5.STABLE8)
1414 CVE-2004-2396 version (passwd, fixed 0.69)
1415 CVE-2004-2395 version (passwd, fixed 0.69)
1416 CVE-2004-2394 version (passwd, fixed 0.69)
1417 CVE-2004-2392 version (libuser, fixed 0.51.10)
1418 CVE-2004-2343 ignore (httpd) not a security issue
1419 CVE-2004-2302 version (kernel, fixed 2.6.10)
1420 CVE-2004-2259 version (vsftpd, fixed 1.2.2)
1421 CVE-2004-2228 version (firefox, fixed 1.0)
1422 CVE-2004-2227 version (firefox, fixed 1.0)
1423 CVE-2004-2225 version (firefox, fixed 0.10.1)
1424 CVE-2004-2154 version (cups, fixed 1.2.21rc1)
1425 CVE-2004-2149 version (mysql, fixed 4.1.5)
1426 CVE-2004-2136 ignore (dm-crypt) design
1427 CVE-2004-2135 ignore (kernel) design
1428 CVE-2004-2093 ignore (rsync) not security issue
1429 CVE-2004-2069 version (openssh, not 4)
1430 CVE-2004-2014 version (wget, fixed 1.10.1)
1431 CVE-2004-2013 version (kernel, not 2.6)
1432 CVE-2004-2004 version (configuration) SUSE only
1433 CVE-2004-1880 version (openldap, fixed 2.2.21)
1434 CVE-2004-1834 version (httpd, not 2.2)
1435 CVE-2004-1773 version (sharutils, not 4.6)
1436 CVE-2004-1772 version (sharutils, not 4.6)
1437 CVE-2004-1761 version (wireshark, fixed 0.10.3)
1438 CVE-2004-1689 version (sudo, fixed 1.6.8p1)
1439 CVE-2004-1653 ignore (openssh)
1440 CVE-2004-1639 version (firefox)
1441 CVE-2004-1617 ignore (lynx) not able to verify flaw
1442 CVE-2004-1488 version (wget, fixed 1.10.1)
1443 CVE-2004-1471 version (cvs, fixed 1.12.9)
1444 CVE-2004-1453 version (glibc, fixed 2.3.5)
1445 CVE-2004-1452 version (tomcat, fixed 5.0.27-r3)
1446 CVE-2004-1451 version (thunderbird)
1447 CVE-2004-1451 version (firefox)
1448 CVE-2004-1450 version (thunderbird)
1449 CVE-2004-1450 version (firefox)
1450 CVE-2004-1449 version (thunderbird)
1451 CVE-2004-1449 version (firefox)
1452 CVE-2004-1392 version (php, fixed 5.0.4)
1453 CVE-2004-1382 version (glibc, not 2.3.5)
1454 CVE-2004-1381 version (firefox)
1455 CVE-2004-1380 version (firefox)
1456 CVE-2004-1377 backport (a2ps) a2ps-4.13-security.patch
1457 CVE-2004-1337 version (kernel, fixed 2.6.11)
1458 CVE-2004-1336 version (tetex, fixed 3.0 at least)
1459 CVE-2004-1335 version (kernel, fixed 2.6.10)
1460 CVE-2004-1334 version (kernel, fixed 2.6.10)
1461 CVE-2004-1333 version (kernel, fixed 2.6.10)
1462 CVE-2004-1316 version (thunderbird, fixed 0.9)
1463 CVE-2004-1308 version (libtiff, fixed 3.7.1 at least)
1464 CVE-2004-1307 version (libtiff, was already fixed with 0886)
1465 CVE-2004-1304 version (file, fixed 4.12)
1466 CVE-2004-1296 backport (groff) from srpm
1467 CVE-2004-1287 backport (nasm) changelog
1468 CVE-2004-1270 version (cups, fixed 1.1.23)
1469 CVE-2004-1269 version (cups, fixed 1.1.23)
1470 CVE-2004-1268 version (cups, fixed 1.1.23)
1471 CVE-2004-1267 version (cups, fixed 1.1.23)
1472 CVE-2004-1237 version (kernel, not 2.6) not upstream
1473 CVE-2004-1235 version (kernel, fixed 2.6.11)
1474 CVE-2004-1234 version (kernel, not 2.6)
1475 CVE-2004-1224 version (mtr, fixed after 0.65)
1476 CVE-2004-1200 ignore (firefox, mozilla) not a security issue
1477 CVE-2004-1191 version (kernel, fixed 2.6.9)
1478 CVE-2004-1190 version (kernel, fixed 2.6.10)
1479 CVE-2004-1189 version (krb5, fixed 1.4)
1480 CVE-2004-1186 backport (enscript) enscript-1.6.1-CAN-2004-1186.patch
1481 CVE-2004-1185 backport (enscript) enscript-1.6.1-CAN-2004-1185.patch
1482 CVE-2004-1184 version (enscript, fixed 1.6.4 at least)
1483 CVE-2004-1183 version (libtiff, fixed 3.7.2)
1484 CVE-2004-1180 version (rwho, fixed 0.17)
1485 CVE-2004-1177 version (mailman, fixed 2.1.6)
1486 CVE-2004-1176 version (mc, fixed 4.6.0)
1487 CVE-2004-1175 version (mc, fixed 4.6.0)
1488 CVE-2004-1174 version (mc, fixed 4.6.0)
1489 CVE-2004-1171 version (kdelibs, not 3.4)
1490 CVE-2004-1170 backport (a2ps) a2ps-shell.patch
1491 CVE-2004-1165 version (kdelibs, not 3.4)
1492 CVE-2004-1158 version (kdelibs, not 3.4)
1493 CVE-2004-1156 version (firefox)
1494 CVE-2004-1154 version (samba, fixed 3.0.10)
1495 CVE-2004-1151 version (kernel, fixed 2.6.10)
1496 CVE-2004-1145 version (kde, not 3.4)
1497 CVE-2004-1144 version (kernel, not 2.6)
1498 CVE-2004-1143 version (mailman, fixed 2.1.5)
1499 CVE-2004-1142 version (wireshark, fixed 0.10.8)
1500 CVE-2004-1141 version (wireshark, fixed 0.10.8)
1501 CVE-2004-1140 version (wireshark, fixed 0.10.8)
1502 CVE-2004-1139 version (wireshark, fixed 0.10.8)
1503 CVE-2004-1138 version (vim, fixed 6.3)
1504 CVE-2004-1137 version (kernel, fixed 2.6.10)
1505 CVE-2004-1125 version (tetex, at least 3.0)
1506 CVE-2004-1125 version (kdegraphics, not 3.4)
1507 CVE-2004-1096 version (perl-Archive-Zip, fixed 1.14)
1508 CVE-2004-1093 version (mc, fixed 4.6.0)
1509 CVE-2004-1092 version (mc, fixed 4.6.0)
1510 CVE-2004-1091 version (mc, fixed 4.6.0)
1511 CVE-2004-1090 version (mc, fixed 4.6.0)
1512 CVE-2004-1079 version (ncpfs, fixed 2.2.6 at least)
1513 CVE-2004-1074 version (kernel, fixed 2.6.10)
1514 CVE-2004-1073 version (kernel, fixed 2.6.10)
1515 CVE-2004-1072 version (kernel, fixed 2.6.10)
1516 CVE-2004-1071 version (kernel, fixed 2.6.10)
1517 CVE-2004-1070 version (kernel, fixed 2.6.10)
1518 CVE-2004-1069 version (kernel, fixed 2.6.10)
1519 CVE-2004-1068 version (kernel, fixed 2.6.10)
1520 CVE-2004-1065 version (php, fixed after 5.0.2)
1521 CVE-2004-1064 version (php, fixed after 5.0.2)
1522 CVE-2004-1063 version (php, fixed after 5.0.2)
1523 CVE-2004-1060 version (kernel) all verifies sequence number
1524 CVE-2004-1058 version (kernel, fixed 2.6.9)
1525 CVE-2004-1057 version (kernel, fixed 2.6.10)
1526 CVE-2004-1056 version (kernel, fixed 2.6.10)
1527 CVE-2004-1051 version (sudo, fixed 1.6.8p2)
1528 CVE-2004-1036 version (squirrelmail, fixed 1.4.4)
1529 CVE-2004-1020 version (php, fixed after 5.0.2)
1530 CVE-2004-1019 version (php, fixed after 5.0.2)
1531 CVE-2004-1018 version (php, fixed after 5.0.2)
1532 CVE-2004-1017 version (kernel, fixed 2.6.10)
1533 CVE-2004-1016 version (kernel, fixed 2.6.10)
1534 CVE-2004-1014 version (nfs-utils, fixed 1.0.7)
1535 CVE-2004-1009 version (mc, fixed 4.6.0)
1536 CVE-2004-1006 version (dhcp, not 3)
1537 CVE-2004-1005 version (mc, fixed 4.6.0)
1538 CVE-2004-1004 version (mc, fixed 4.6.0)
1539 CVE-2004-1002 ignore (ppp) not a security issue
1540 CVE-2004-0997 version (kernel, not 2.6)
1541 CVE-2004-0996 backport (cscope) not fixed in 15.5
1542 CVE-2004-0990 version (gd, fixed 2.0.33 at least)
1543 CVE-2004-0989 version (libxml2, fixed 2.6.15)
1544 CVE-2004-0986 version (iptables, fixed 1.2.12)
1545 CVE-2004-0983 version (ruby, fixed 1.8.2)
1546 CVE-2004-0981 version (ImageMagick, fixed 6.1.0)
1547 CVE-2004-0977 version (postgresql, fixed after 7.4.6)
1548 CVE-2004-0976 backport (perl) perl-5.8.7-CAN-2004-0976.patch
1549 CVE-2004-0975 version (openssl, not 0.9.8)
1550 CVE-2004-0975 backport (openssl097a, fixed 0.9.7f)
1551 CVE-2004-0974 version (netatalk, fixed 2.0.1)
1552 CVE-2004-0972 version (lvm2, fixed 2.2.01.8 at least)
1553 CVE-2004-0971 backport (krb5) krb5-1.3.4-send-pr-tempfile.patch
1554 CVE-2004-0970 version (gzip)
1555 CVE-2004-0969 version (groff, fixed 1.18.1.1)
1556 CVE-2004-0968 version (glibc, fixed 2.3.5 at least)
1557 CVE-2004-0967 version (ghostscript, fixed 8.15.1)
1558 CVE-2004-0966 version (gettext, fixed 0.14.3 at least)
1559 CVE-2004-0961 version (freeradius, fixed 1.0.1)
1560 CVE-2004-0960 version (freeradius, fixed 1.0.1)
1561 CVE-2004-0959 version (php, fixed 4.3.9)
1562 CVE-2004-0958 version (php, fixed 4.3.9)
1563 CVE-2004-0957 version (mysql, fixed 4.0.21)
1564 CVE-2004-0956 version (mysql, fixed 4.0.20)
1565 CVE-2004-0946 version (nfs-utils, fixed 1.0.6-r6)
1566 CVE-2004-0942 version (httpd, not 2.2)
1567 CVE-2004-0941 backport (gd)
1568 CVE-2004-0940 version (httpd, not 2.2)
1569 CVE-2004-0938 version (freeradius, fixed 1.0.1)
1570 CVE-2004-0930 version (samba, fixed 3.0.8)
1571 CVE-2004-0929 version (libtiff, fixed 3.7.0)
1572 CVE-2004-0923 version (cups, fixed 1.2.22)
1573 CVE-2004-0918 version (squid, fixed 2.4.STABLE7)
1574 CVE-2004-0914 version (xorg-x11, fixed after 6.8.1)
1575 CVE-2004-0909 version (thunderbird)
1576 CVE-2004-0909 version (firefox)
1577 CVE-2004-0907 version (thunderbird)
1578 CVE-2004-0907 version (firefox)
1579 CVE-2004-0906 version (thunderbird)
1580 CVE-2004-0906 version (firefox)
1581 CVE-2004-0891 version (gaim, fixed 1.0.2)
1582 CVE-2004-0888 version (tetex, fixed 3.0)
1583 CVE-2004-0888 version (kdegraphics, not 3.4)
1584 CVE-2004-0888 version (cups)
1585 CVE-2004-0887 version (kernel, fixed 2.6.10)
1586 CVE-2004-0886 version (libtiff, fixed 3.7.1 at least)
1587 CVE-2004-0886 version (kdegraphics, fixed by Update on 20041109)
1588 CVE-2004-0885 version (httpd, not 2.2)
1589 CVE-2004-0884 version (cyrus-sasl, fixed 2.1.20)
1590 CVE-2004-0883 version (kernel, fixed 2.6.11)
1591 CVE-2004-0883 version (kernel, fixed 2.6.11)
1592 CVE-2004-0882 version (samba, fixed 3.0.8)
1593 CVE-2004-0870 ignore (kde) upstream won't fix
1594 CVE-2004-0867 version (firefox, fixed after 0.9.2)
1595 CVE-2004-0837 version (mysql, fixed 4.0.21)
1596 CVE-2004-0836 version (mysql, fixed 4.0.21)
1597 CVE-2004-0835 version (mysql, fixed 4.1.2)
1598 CVE-2004-0832 version (squid, fixed 2.5.STABLE7)
1599 CVE-2004-0829 version (samba, fixed 2.2.11)
1600 CVE-2004-0827 version (ImageMagick, fixed 6.0.6.2)
1601 CVE-2004-0826 version (nss, fixed 3.9.2)
1602 CVE-2004-0823 version (openldap, fixed after 2.1.19)
1603 CVE-2004-0816 version (kernel, fixed 2.6.8)
1604 CVE-2004-0815 version (samba, fixed 3.0.2a)
1605 CVE-2004-0814 version (kernel, fixed 2.6.9)
1606 CVE-2004-0813 version (kernel, fixed 2.6.8)
1607 CVE-2004-0812 version (kernel, not 2.6)
1608 CVE-2004-0811 version (httpd, not 2.2)
1609 CVE-2004-0809 version (httpd, not 2.2)
1610 CVE-2004-0808 version (samba, fixed 3.0.7)
1611 CVE-2004-0807 version (samba, fixed 3.0.7)
1612 CVE-2004-0806 version (cdrtools, fixed 2.0.1)
1613 CVE-2004-0804 version (libtiff, fixed after 3.6.1)
1614 CVE-2004-0804 version (kdegraphics)
1615 CVE-2004-0803 version (libtiff, fixed after 3.6.1)
1616 CVE-2004-0803 version (kdegraphics)
1617 CVE-2004-0801 version (foomatic, fixed 3.0.2)
1618 CVE-2004-0797 version (zlib, fixed 1.2.2.2 at least)
1619 CVE-2004-0797 version (zlib)
1620 CVE-2004-0796 version (spamassassin, fixed 2.64)
1621 CVE-2004-0792 version (rsync, fixed 2.6.3)
1622 CVE-2004-0791 version (kernel, fixed 2.6.9)
1623 CVE-2004-0790 version (kernel, not 2.6)
1624 CVE-2004-0788 version (gtk2, fixed 2.6.7 at least)
1625 CVE-2004-0786 version (apr-util, not httpd-2.2)
1626 CVE-2004-0785 version (gaim, fixed 0.82)
1627 CVE-2004-0784 version (gaim, fixed 0.82)
1628 CVE-2004-0783 version (gtk2, fixed 2.6.7 at least)
1629 CVE-2004-0782 version (gtk2, fixed 2.6.7 at least)
1630 CVE-2004-0779 version (thunderbird)
1631 CVE-2004-0779 version (firefox)
1632 CVE-2004-0778 version (cvs, fixed 1.11.17)
1633 CVE-2004-0772 version (krb5, fixed after 1.2.8)
1634 CVE-2004-0768 version (libpng, fixed 1.2.6)
1635 CVE-2004-0755 version (ruby, fixed 1.8.1)
1636 CVE-2004-0754 version (gaim, fixed 0.82)
1637 CVE-2004-0753 version (gtk2, fixed after 2.2.4)
1638 CVE-2004-0752 version (openoffice.org, fixed after 1.1.2)
1639 CVE-2004-0751 version (httpd, not 2.2)
1640 CVE-2004-0750 version (system-config-nfs, fixed 1.0.13)
1641 CVE-2004-0749 version (subversion, fixed 1.0.8)
1642 CVE-2004-0748 version (httpd, not 2.2)
1643 CVE-2004-0747 version (httpd, not 2.2)
1644 CVE-2004-0746 version (kde, fixed 3.3)
1645 CVE-2004-0721 version (kdelibs, fixed 3.3)
1646 CVE-2004-0700 version (httpd, not 2.2)
1647 CVE-2004-0693 version (qt, fixed 3.3.3)
1648 CVE-2004-0692 version (qt, fixed 3.3.3)
1649 CVE-2004-0691 version (qt, fixed 3.3.3)
1650 CVE-2004-0690 version (kdelibs, fixed after 3.2.3)
1651 CVE-2004-0689 version (kdelibs, fixed 3.3.0)
1652 CVE-2004-0686 version (samba, fixed 3.0.6)
1653 CVE-2004-0685 version (kernel, not 2.6)
1654 CVE-2004-0658 ignore (kernel) not a security issue
1655 CVE-2004-0648 version (thunderbird)
1656 CVE-2004-0648 version (firefox)
1657 CVE-2004-0644 version (krb5, fixed after 1.3.4)
1658 CVE-2004-0643 version (krb5, fixed after 1.3.1)
1659 CVE-2004-0642 version (krb5, fixed after 1.3.4)
1660 CVE-2004-0639 version (squirrelmail, fixed after 1.2.10)
1661 CVE-2004-0635 version (wireshark, fixed 0.10.5)
1662 CVE-2004-0634 version (wireshark, fixed 0.10.5)
1663 CVE-2004-0633 version (wireshark, fixed 0.10.5)
1664 CVE-2004-0628 version (mysql, fixed 4.1.3)
1665 CVE-2004-0627 version (mysql, fixed 4.1.3)
1666 CVE-2004-0626 version (kernel, fixed 2.6.8)
1667 CVE-2004-0619 version (kernel) no driver
1668 CVE-2004-0607 version (racoon)
1669 CVE-2004-0603 backport (gzip) gzip-1.3.5-openbsd-owl-tmp.patch
1670 CVE-2004-0600 version (samba, fixed 3.0.6)
1671 CVE-2004-0599 version (libpng, fixed 1.2.6)
1672 CVE-2004-0598 version (libpng, fixed 1.2.6)
1673 CVE-2004-0597 version (libpng, fixed 1.2.6)
1674 CVE-2004-0595 version (php, fixed 4.3.8)
1675 CVE-2004-0594 version (php, fixed 4.3.8)
1676 CVE-2004-0592 version (kernel) not upstream flaw
1677 CVE-2004-0587 version (kernel) not upstream flaw
1678 CVE-2004-0558 version (cups, fixed 1.1.21)
1679 CVE-2004-0557 version (sox, fixed after 12.17.4)
1680 CVE-2004-0554 version (kernel, fixed 2.6.7)
1681 CVE-2004-0548 ignore (aspell, not fixed 0.50.5) not a security issue
1682 CVE-2004-0547 version (postgresql, fixed 7.2.1)
1683 CVE-2004-0541 version (squid)
1684 CVE-2004-0535 version (kernel, fixed 2.6.6)
1685 CVE-2004-0527 version (konqueror, not 3+)
1686 CVE-2004-0523 version (krb5, fixed 1.3.4)
1687 CVE-2004-0521 version (squirrelmail, fixed 1.4.3a)
1688 CVE-2004-0520 version (squirrelmail, fixed 1.4.3a)
1689 CVE-2004-0519 version (squirrelmail, fixed 1.4.3a)
1690 CVE-2004-0507 version (wireshark, fixed 0.10.4)
1691 CVE-2004-0506 version (wireshark, fixed 0.10.4)
1692 CVE-2004-0505 version (wireshark, fixed 0.10.4)
1693 CVE-2004-0504 version (wireshark, fixed 0.10.4)
1694 CVE-2004-0500 version (gaim, fixed 0.82)
1695 CVE-2004-0497 version (kernel, fixed 2.6.8)
1696 CVE-2004-0496 version (kernel, fixed 2.6.8)
1697 CVE-2004-0495 version (kernel, fixed 2.6.8)
1698 CVE-2004-0494 version (mc, fixed 4.6.1)
1699 CVE-2004-0493 version (httpd, not 2.2)
1700 CVE-2004-0492 version (httpd, not 2.2)
1701 CVE-2004-0491 version (kernel, not upstream)
1702 CVE-2004-0488 version (httpd, not 2.2)
1703 CVE-2004-0461 version (dhcp, fixed after 3.0.1rc13)
1704 CVE-2004-0460 version (dhcp, fixed after 3.0.1rc13)
1705 CVE-2004-0457 version (mysql, fixed after 4.0.20)
1706 CVE-2004-0452 version (perl, fixed 5.8.8)
1707 CVE-2004-0447 version (kernel, fixed 2.6.5)
1708 CVE-2004-0427 version (kernel, fixed 2.6.6)
1709 CVE-2004-0426 version (rsync, fixed 2.6.1)
1710 CVE-2004-0424 version (kernel, fixed 2.6.4)
1711 CVE-2004-0421 version (libpng, fixed 1.0.16)
1712 CVE-2004-0419 version (xorg-x11, fixed 6.8.2 at least)
1713 CVE-2004-0418 version (cvs, fixed 1.11.17)
1714 CVE-2004-0417 version (cvs, fixed 1.11.17)
1715 CVE-2004-0416 version (cvs, fixed 1.11.17)
1716 CVE-2004-0415 version (kernel, fixed 2.6.8)
1717 CVE-2004-0414 version (cvs, fixed 1.11.17)
1718 CVE-2004-0413 version (subversion, fixed 1.0.5)
1719 CVE-2004-0412 version (mailman, fixed 2.1.5)
1720 CVE-2004-0411 version (kdelibs, fixed 3.3)
1721 CVE-2004-0409 version (xchat, fixed 2.0.9)
1722 CVE-2004-0405 version (cvs, fixed 1.11)
1723 CVE-2004-0403 version (racoon, fixed ipsec-tools-0.6.5 at least)
1724 CVE-2004-0398 version (neon, fixed 0.24.6)
1725 CVE-2004-0397 version (subversion, fixed 1.0.1)
1726 CVE-2004-0396 version (cvs, fixed 1.12.8)
1727 CVE-2004-0394 version (kernel, not 2.6) also not a vulnerability
1728 CVE-2004-0392 version (racoon, fixed 20040407b)
1729 CVE-2004-0388 version (mysql, fixed 4.1.11 at least)
1730 CVE-2004-0381 version (mysql, fixed 4.1.11 at least)
1731 CVE-2004-0367 version (wireshark, fixed 0.10.3)
1732 CVE-2004-0365 version (wireshark, fixed 0.10.3)
1733 CVE-2004-0263 version (php, fixed 4.3.5)
1734 CVE-2004-0256 version (libtool, fixed 1.5.2)
1735 CVE-2004-0233 version (libutempter, fixed 0.5.5)
1736 CVE-2004-0232 version (mc, fixed 4.6.0)
1737 CVE-2004-0231 version (mc, fixed 4.6.0)
1738 CVE-2004-0229 version (kernel, fixed 2.6.6)
1739 CVE-2004-0228 version (kernel, fixed 2.6.6)
1740 CVE-2004-0226 version (mc, fixed 4.6.0)
1741 CVE-2004-0189 version (squid, fixed 2.5.STABLE5)
1742 CVE-2004-0186 version (samba, not 3.0.2a)
1743 CVE-2004-0184 version (tcpdump, fixed 3.8.2)
1744 CVE-2004-0183 version (tcpdump, fixed 3.8.2)
1745 CVE-2004-0182 version (mailman) only affected Red Hat packages
1746 CVE-2004-0181 version (kernel, fixed 2.6.5)
1747 CVE-2004-0180 version (cvs, fixed 1.11.15)
1748 CVE-2004-0179 version (openoffice.org)
1749 CVE-2004-0179 version (neon, fixed 0.24.5)
1750 CVE-2004-0178 version (kernel, not 2.6)
1751 CVE-2004-0177 version (kernel, fixed 2.6.6)
1752 CVE-2004-0176 version (wireshark, fixed 0.10.3)
1753 CVE-2004-0175 version (openssh, fixed 3.4p1)
1754 CVE-2004-0175 backport (krb5) krb5-1.3.3-rcp-markus.patch
1755 CVE-2004-0174 version (httpd, not 2.2)
1756 CVE-2004-0173 version (httpd, not 2.2)
1757 CVE-2004-0164 version (racoon)
1758 CVE-2004-0155 version (racoon)
1759 CVE-2004-0154 version (nfs-utils, fixed 1.0.6)
1760 CVE-2004-0150 version (python, fixed 2.2.2)
1761 CVE-2004-0138 version (kernel, fixed 2.6.0)
1762 CVE-2004-0133 version (kernel, fixed 2.6.4)
1763 CVE-2004-0113 version (httpd, not 2.2)
1764 CVE-2004-0112 version (openssl, not 0.9.8)
1765 CVE-2004-0112 backport (openssl097a, fixed 0.9.7d)
1766 CVE-2004-0110 version (libxml2, fixed 2.6.6)
1767 CVE-2004-0109 version (kernel, fixed 2.6.6)
1768 CVE-2004-0108 version (sysstat)
1769 CVE-2004-0107 version (sysstat, fixed after 4.0.7)
1770 CVE-2004-0106 version (XFree86)
1771 CVE-2004-0098 version (php)
1772 CVE-2004-0097 version (pwlib, fixed 1.6.0)
1773 CVE-2004-0096 version (mod_python, fixed after 2.7.9)
1774 CVE-2004-0094 version (XFree86, fixed 4.3.0)
1775 CVE-2004-0093 version (XFree86, fixed 4.3.0)
1776 CVE-2004-0084 version (XFree86)
1777 CVE-2004-0083 version (XFree86)
1778 CVE-2004-0082 version (samba, fixed 3.0.2)
1779 CVE-2004-0081 version (openssl097a, not 0.9.7)
1780 CVE-2004-0081 version (openssl, not 0.9.8)
1781 CVE-2004-0080 version (util-linux, fixed after 2.11f)
1782 CVE-2004-0079 version (openssl, not 0.9.8)
1783 CVE-2004-0079 backport (openssl097a, fixed 0.9.7c)
1784 CVE-2004-0078 version (mutt, fixed 1.4.2)
1785 CVE-2004-0077 version (kernel, fixed 2.6.3)
1786 CVE-2004-0075 version (kernel, not 2.6)
1787 CVE-2004-0057 version (tcpdump, fixed 3.8.2)
1788 CVE-2004-0055 version (tcpdump, fixed 3.8.2)
1789 CVE-2004-0042 ignore (vsftpd) disputed
1790 CVE-2004-0010 version (kernel, not 2.6)
1791 CVE-2004-0008 version (gaim, fixed 0.75)
1792 CVE-2004-0007 version (gaim, fixed 0.75)
1793 CVE-2004-0006 version (gaim, fixed 0.76)
1794 CVE-2004-0005 version (gaim, fixed 0.76)
1795 CVE-2004-0003 version (kernel, not 2.6)
1796 CVE-2004-0001 version (kernel, not 2.6)
1797 CVE-2003-1307 ignore (mod_php) not a vulnerability
1798 CVE-2003-1303 version (php, fixed 4.3.3)
1799 CVE-2003-1302 version (php, fixed 4.3.1)
1800 CVE-2003-1265 ignore (thunderbird) Stuff deleted from userspace is not guarranteed to go away physically moz#198442
1801 CVE-2003-1232 version (emacs, fixed 21.3)
1802 CVE-2003-1201 version (openldap, not 2.2)
1803 CVE-2003-1161 version (kernel, not released version)
1804 CVE-2003-1138 backport (httpd, Red Hat only) contains /+ now
1805 CVE-2003-1029 version (tcpdump, fixed after 3.8.1)
1806 CVE-2003-1023 version (mc, 4.6.1)
1807 CVE-2003-1013 version (wireshark, fixed 0.10.0)
1808 CVE-2003-1012 version (wireshark, fixed 0.10.0)
1809 CVE-2003-0993 version (httpd, not 2.2)
1810 CVE-2003-0992 version (mailman, fixed 2.1.4)
1811 CVE-2003-0992 version (mailman, fixed 2.1.3)
1812 CVE-2003-0991 version (mailman, fixed 2.0.14)
1813 CVE-2003-0990 version (squirrelmail, fixed after 1.4.0)
1814 CVE-2003-0989 version (tcpdump, fixed 3.8.1)
1815 CVE-2003-0989 version (tcpdump, fixed 3.8.1)
1816 CVE-2003-0988 version (kdepim, fixed 3.1.5)
1817 CVE-2003-0988 version (kde, fixed 3.1.5)
1818 CVE-2003-0987 version (httpd, not 2.2)
1819 CVE-2003-0986 version (kernel, fixed 2.6.2)
1820 CVE-2003-0985 version (kernel, not 2.6)
1821 CVE-2003-0984 version (kernel, fixed 2.4.23)
1822 CVE-2003-0977 version (cvs, fixed 1.11.10)
1823 CVE-2003-0973 version (mod_python, fixed 3.0.4)
1824 CVE-2003-0972 version (screen, fixed after 4.0.1)
1825 CVE-2003-0971 version (gnupg, fixed after 1.0.2)
1826 CVE-2003-0968 version (freeradius, fixed after 0.9.3)
1827 CVE-2003-0967 version (freeradius, fixed after 0.9.2)
1828 CVE-2003-0965 version (mailman, fixed 2.1.4)
1829 CVE-2003-0963 version (lftp, fixed after 2.6.9)
1830 CVE-2003-0962 version (rsync, fixed 2.5.7)
1831 CVE-2003-0961 version (kernel, fixed 2.4.23)
1832 CVE-2003-0959 version (kernel, fixed 2.4.21)
1833 CVE-2003-0956 version (kernel, fixed 2.4.22)
1834 CVE-2003-0935 version (net-snmp, fixed 5.0.9)
1835 CVE-2003-0927 version (wireshark, fixed 0.9.16)
1836 CVE-2003-0926 version (wireshark, fixed 0.9.16)
1837 CVE-2003-0925 version (wireshark, fixed 0.9.16)
1838 CVE-2003-0924 version (netpbm, fixed 9.26)
1839 CVE-2003-0914 version (bind, not 9)
1840 CVE-2003-0901 version (postgresql, not 8)
1841 CVE-2003-0900 version (perl, only 5.8.1)
1842 CVE-2003-0865 version (tomcat, fixed after 4.0.3)
1843 CVE-2003-0863 ignore (php) http://lists.nyphp.org/pipermail/talk/2003-November/006392.html
1844 CVE-2003-0861 version (php, fixed 4.3.3)
1845 CVE-2003-0860 version (php, fixed 4.3.3)
1846 CVE-2003-0859 version (glibc, checked fc5 source)
1847 CVE-2003-0858 version (quagga, fixed 0.95)
1848 CVE-2003-0856 version (iproute)
1849 CVE-2003-0854 version (coreutils, fixed 5.1.3)
1850 CVE-2003-0853 version (coreutils, fixed 5.1.3)
1851 CVE-2003-0851 version (openssl097a, not 0.9.7)
1852 CVE-2003-0851 version (openssl, not 0.9.8)
1853 CVE-2003-0795 version (quagga, fixed 0.96.4)
1854 CVE-2003-0794 version (gdm, fixed 2.4.1.7)
1855 CVE-2003-0793 version (gdm, fixed 2.4.1.7)
1856 CVE-2003-0792 version (fetchmail, 6.2.4 only)
1857 CVE-2003-0789 version (httpd, not 2.2)
1858 CVE-2003-0788 version (cups, fixed 1.1.19)
1859 CVE-2003-0787 version (openssh, fixed 3.7.1p2)
1860 CVE-2003-0786 version (openssh, fixed 3.7.1p2)
1861 CVE-2003-0780 version (mysql, not 4.1)
1862 CVE-2003-0778 version (sane-backends, fixed 1.0.10)
1863 CVE-2003-0777 version (sane-backends, fixed 1.0.10)
1864 CVE-2003-0776 version (sane-backends, fixed 1.0.10)
1865 CVE-2003-0775 version (sane-backends, fixed 1.0.10)
1866 CVE-2003-0774 version (sane-backends, fixed 1.0.10)
1867 CVE-2003-0773 version (sane-backends, fixed 1.0.10)
1868 CVE-2003-0740 version (stunnel, fixed 3.26)
1869 CVE-2003-0730 version (XFree86, fixed after 4.3.0)
1870 CVE-2003-0700 version (kernel, not 2.6)
1871 CVE-2003-0699 version (kernel, not 2.6)
1872 CVE-2003-0695 version (openssh, fixed 3.7.1)
1873 CVE-2003-0694 version (sendmail, fixed 8.12.10)
1874 CVE-2003-0693 version (openssh, fixed 3.7)
1875 CVE-2003-0692 version (kde, fixed after 3.1.3)
1876 CVE-2003-0690 version (kde, fixed after 3.1.3)
1877 CVE-2003-0689 version (glibc, fixed 2.3.2 at least)
1878 CVE-2003-0688 version (sendmail, fixed 8.12.9)
1879 CVE-2003-0686 version (pam_smb, fixed 1.1.7)
1880 CVE-2003-0682 version (openssh, fixed 4.0p1 at least)
1881 CVE-2003-0681 version (sendmail, fixed 8.12.10)
1882 CVE-2003-0655 version (cdrtools, fixed 2.01a18)
1883 CVE-2003-0644 version (kdbg, not after 1.2.8)
1884 CVE-2003-0643 version (kernel, not 2.6)
1885 CVE-2003-0619 version (kernel, not 2.6)
1886 CVE-2003-0618 version (suidperl, fixed 5.8.6 at least)
1887 CVE-2003-0592 version (kde, fixed 3.1.3)
1888 CVE-2003-0555 ignore (ImageMagick) wasn't reproducable
1889 CVE-2003-0552 version (kernel, not 2.6)
1890 CVE-2003-0551 version (kernel, not 2.6)
1891 CVE-2003-0550 version (kernel, not 2.6)
1892 CVE-2003-0549 version (gdm, fixed 2.4.1.6)
1893 CVE-2003-0548 version (gdm, fixed 2.4.1.6)
1894 CVE-2003-0547 version (gdm, fixed 2.4.1.6)
1895 CVE-2003-0545 version (openssl, not 0.9.8)
1896 CVE-2003-0545 backport (openssl097a, fixed 0.9.7c)
1897 CVE-2003-0544 version (openssl, not 0.9.8)
1898 CVE-2003-0544 backport (openssl097a, fixed 0.9.7c)
1899 CVE-2003-0543 version (openssl, not 0.9.8)
1900 CVE-2003-0543 backport (openssl097a, fixed 0.9.7c)
1901 CVE-2003-0542 version (httpd, not 2.2)
1902 CVE-2003-0541 version (gtkhtml3)
1903 CVE-2003-0541 version (gtkhtml2)
1904 CVE-2003-0540 version (postfix, not 2.0 onwards)
1905 CVE-2003-0517 version (mgetty, fixed 1.1.29)
1906 CVE-2003-0516 version (mgetty, fixed 1.1.29)
1907 CVE-2003-0501 version (kernel, fixed 2.6.1)
1908 CVE-2003-0476 version (kernel, fixed 2.6.1)
1909 CVE-2003-0468 version (postfix, fixed 1.1.12)
1910 CVE-2003-0467 version (kernel, not 2.6)
1911 CVE-2003-0465 version (kernel, not 2.6)
1912 CVE-2003-0464 version (kernel, not 2.6)
1913 CVE-2003-0462 version (kernel, fixed 2.6.1)
1914 CVE-2003-0461 version (kernel, fixed 2.6.1)
1915 CVE-2003-0459 version (kdelibs, not 3.2)
1916 CVE-2003-0455 version (ImageMagick)
1917 CVE-2003-0442 version (php, fixed 4.3.2)
1918 CVE-2003-0432 version (wireshark, fixed after 0.9.12)
1919 CVE-2003-0431 version (wireshark, fixed after 0.9.12)
1920 CVE-2003-0430 version (wireshark, fixed after 0.9.12)
1921 CVE-2003-0429 version (wireshark, fixed after 0.9.12)
1922 CVE-2003-0428 version (wireshark, fixed after 0.9.12)
1923 CVE-2003-0427 backport (mikmod) from changelog
1924 CVE-2003-0418 version (kernel, not 2.6)
1925 CVE-2003-0388 version (pam, fixed 0.78)
1926 CVE-2003-0386 version (openssh, fixed after 3.6.1)
1927 CVE-2003-0370 version (kde, fixed 3.0)
1928 CVE-2003-0367 backport (gzip) gzip-1.3.5-openbsd-owl-tmp.patch
1929 CVE-2003-0364 version (kernel, not 2.6)
1930 CVE-2003-0357 version (wireshark, fixed after 0.9.11)
1931 CVE-2003-0356 version (wireshark, fixed after 0.9.11)
1932 CVE-2003-0354 version (ghostscript, fixed 7.07)
1933 CVE-2003-0328 version (epic, fixed epic4-2.2 at least)
1934 CVE-2003-0300 ignore (sylpheed) only a crasher
1935 CVE-2003-0299 ignore (mutt) only a crasher
1936 CVE-2003-0296 version (evolution, fixed 1.4.5 at least)
1937 CVE-2003-0289 version (cdrtools, fixed 2.01a14)
1938 CVE-2003-0282 version (unzip, fixed 5.51)
1939 CVE-2003-0255 version (gnupg, fixed 1.2.2)
1940 CVE-2003-0253 version (httpd, not 2.2)
1941 CVE-2003-0252 version (nfs-utils, fixed 1.0.4)
1942 CVE-2003-0251 version (ypserv, fixed 2.7)
1943 CVE-2003-0249 ignore (php) see CVE
1944 CVE-2003-0248 version (kernel, not 2.6)
1945 CVE-2003-0247 version (kernel, not 2.6)
1946 CVE-2003-0246 version (kernel, not 2.6)
1947 CVE-2003-0245 version (httpd, not 2.2)
1948 CVE-2003-0245 version (httpd, not 2.2)
1949 CVE-2003-0244 version (kernel, not 2.6)
1950 CVE-2003-0211 version (xinetd, fixed 2.3.11)
1951 CVE-2003-0204 version (kde, fixed after 3.1.1)
1952 CVE-2003-0201 version (samba, fixed 2.2.8a)
1953 CVE-2003-0196 version (samba, fixed 2.2.8a)
1954 CVE-2003-0195 version (cups, fixed 1.1.19)
1955 CVE-2003-0194 version (tcpdump, not upstream)
1956 CVE-2003-0192 version (httpd, not 2.2)
1957 CVE-2003-0190 version (openssh, fixed 3.6.1p1)
1958 CVE-2003-0189 version (httpd, not 2.2)
1959 CVE-2003-0188 version (lv, fixed 4.51 at least)
1960 CVE-2003-0187 version (kernel, not 2.6)
1961 CVE-2003-0167 version (mutt, fixed 1.4.1)
1962 CVE-2003-0166 version (php, fixed 4.3.2)
1963 CVE-2003-0165 version (eog, fixed 2.2.2)
1964 CVE-2003-0161 version (sendmail, fixed 8.12.9)
1965 CVE-2003-0160 version (squirrelmail, fixed 1.2.11)
1966 CVE-2003-0159 version (wireshark, fixed after 0.9.9)
1967 CVE-2003-0150 version (mysql, fixed 3.23.56)
1968 CVE-2003-0147 version (openssl, not 0.9.8)
1969 CVE-2003-0147 backport (openssl097a, fixed 0.9.7b)
1970 CVE-2003-0146 version (netpbm, fixed 10.18)
1971 CVE-2003-0145 version (tcpdump, fixed 3.7.2)
1972 CVE-2003-0140 version (mutt, fixed 1.4.1)
1973 CVE-2003-0139 version (krb5, fixed 1.3)
1974 CVE-2003-0138 version (krb5, fixed 1.3)
1975 CVE-2003-0135 version (vsftpd, not upstream)
1976 CVE-2003-0133 version (evolution, fixed 1.2.4)
1977 CVE-2003-0132 version (httpd, not 2.2)
1978 CVE-2003-0131 version (openssl, not 0.9.8)
1979 CVE-2003-0131 backport (openssl097a, fixed 0.9.7b)
1980 CVE-2003-0130 version (evolution, fixed 1.2.3)
1981 CVE-2003-0129 version (evolution, fixed 1.2.3)
1982 CVE-2003-0128 version (evolution, fixed 1.2.3)
1983 CVE-2003-0127 version (kernel, not 2.6)
1984 CVE-2003-0124 version (man, fixed 1.5l)
1985 CVE-2003-0108 version (tcpdump, fixed after 3.7.1)
1986 CVE-2003-0107 version (zlib, fixed 1.2.0.2 at least)
1987 CVE-2003-0102 version (file, fixed 3.41)
1988 CVE-2003-0097 version (php, fixed 4.3.1)
1989 CVE-2003-0093 version (tcpdump, fixed 3.7.2)
1990 CVE-2003-0086 version (samba, fixed 2.2.8)
1991 CVE-2003-0085 version (samba, fixed 2.2.8)
1992 CVE-2003-0083 version (httpd, not 2.2)
1993 CVE-2003-0082 version (krb5, fixed after 1.2.7)
1994 CVE-2003-0081 version (wireshark, fixed after 0.9.9)
1995 CVE-2003-0078 version (openssl097a, fixed 0.9.7a)
1996 CVE-2003-0078 version (openssl, not 0.9.8)
1997 CVE-2003-0073 version (mysql, fixed 3.23.55)
1998 CVE-2003-0072 version (krb5, fixed after 1.2.7)
1999 CVE-2003-0071 version (xorg-x11, fixed in 6.8.2 at least)
2000 CVE-2003-0070 version (vte, fixed 0.11.1 at least)
2001 CVE-2003-0063 version (xorg-x11, fixed in 4.2.99 at least)
2002 CVE-2003-0060 version (krb5, fixed 1.2.5)
2003 CVE-2003-0059 version (krb5, fixed 1.2.5)
2004 CVE-2003-0058 version (krb5, fixed 1.2.5)
2005 CVE-2003-0044 version (tomcat, fixed after 3.3.1a)
2006 CVE-2003-0043 version (tomcat, fixed 3.3.1a)
2007 CVE-2003-0041 version (krb5, fixed after 1.2.7)
2008 CVE-2003-0038 version (mailman, fixed 2.0.13 at least)
2009 CVE-2003-0028 version (krb5, fixed after 1.2.7)
2010 CVE-2003-0028 version (glibc, fixed after 2.3.1)
2011 CVE-2003-0026 version (dhcp, fixed 3.0.1)
2012 CVE-2003-0020 version (httpd, not 2.2)
2013 CVE-2003-0019 version (kernel-utils, not upstream)
2014 CVE-2003-0018 version (kernel, not 2.6)
2015 CVE-2003-0017 version (httpd, not 2.2)
2016 CVE-2003-0016 version (httpd, not 2.2)
2017 CVE-2003-0015 version (cvs, fixed 1.11.5)
2018 CVE-2003-0001 version (kernel, not 2.6)
2019 CVE-2002-2215 version (php, fixed 4.3.0)
2020 CVE-2002-2214 version (php, fixed 4.2.2)
2021 CVE-2002-2211 ignore (bind) see http://www.kb.cert.org/vuls/id/457875
2022 CVE-2002-2210 ignore (openoffice) binary install only (not rpm install)
2023 CVE-2002-2204 ignore (rpm) by design
2024 CVE-2002-2196 version (samba, fixed 2.2.5)
2025 CVE-2002-2185 version (kernel, fixed 2.6.15)
2026 CVE-2002-2103 version (httpd, not 2.0)
2027 CVE-2002-2060 version (links, fixed after 2.0pre4)
2028 CVE-2002-2043 ignore (cyrus-sasl) patch against cyrus-sasl
2029 CVE-2002-2012 ignore (httpd) not upstream version
2030 CVE-2002-2010 version (htdig, fixed 3.1.6)
2031 CVE-2002-2009 version (tomcat, fixed 4.0.3)
2032 CVE-2002-2007 version (tomcat, not 5)
2033 CVE-2002-2006 version (tomcat, not 5)
2034 CVE-2002-1976 ignore (ifconfig) "use ip"
2035 CVE-2002-1963 version (kernel, not 2.6)
2036 CVE-2002-1914 version (dump, fixed 0.4b29)
2037 CVE-2002-1850 version (mod_cgi, fixed 2.0.41)
2038 CVE-2002-1827 version (sendmail, fixed after 8.12.3)
2039 CVE-2002-1814 ignore (libbonobo) not shipped setuid
2040 CVE-2002-1793 version (mod_ssl) not upstream, only hp
2041 CVE-2002-1783 version (php, fixed after 4.2.3)
2042 CVE-2002-1765 version (evolution, fixed 1.0.5)
2043 CVE-2002-1658 ignore (httpd) not a vulnerability
2044 CVE-2002-1657 ignore (postgresql) upstream disagree
2045 CVE-2002-1650 version (squirrelmail, fixed 1.2.3)
2046 CVE-2002-1649 version (squirrelmail, fixed 1.2.3)
2047 CVE-2002-1648 version (squirrelmail, fixed 1.2.3)
2048 CVE-2002-1642 version (postgresql, fixed 7.2.3)
2049 CVE-2002-1602 ignore (screen) not setuid
2050 CVE-2002-1593 version (httpd, not 2.2)
2051 CVE-2002-1592 version (httpd, not 2.2)
2052 CVE-2002-1574 version (kernel, not 2.6)
2053 CVE-2002-1573 version (kernel, not 2.6)
2054 CVE-2002-1572 version (kernel, not 2.6)
2055 CVE-2002-1571 version (kernel, not 2.6)
2056 CVE-2002-1570 version (net-snmp, fixed in 5.0.8 at least)
2057 CVE-2002-1568 version (openssl097a, fixed 0.9.6f)
2058 CVE-2002-1568 version (openssl, fixed 0.9.6f)
2059 CVE-2002-1567 version (tomcat, fixed 4.1.3)
2060 CVE-2002-1565 version (wget, not 1.9+)
2061 CVE-2002-1563 version (stunnel, fixed 4.04)
2062 CVE-2002-1511 version (vnc, fixed 3.3.3)
2063 CVE-2002-1510 version (XFree86, fixed 4.2.0)
2064 CVE-2002-1509 version (shadow-utils)
2065 CVE-2002-1508 version (openldap, not 2.3.24+)
2066 CVE-2002-1472 version (XFree86, fixed 4.2.1)
2067 CVE-2002-1471 version (evolution, fixed 1.1.1 at least)
2068 CVE-2002-1405 version (lynx, fixed 2.8.5dev9)
2069 CVE-2002-1402 version (postgresql, fixed 7.2.2)
2070 CVE-2002-1401 version (postgresql, fixed 7.2.4)
2071 CVE-2002-1400 version (postgresql, fixed 7.2.2)
2072 CVE-2002-1399 version (postgresql, fixed 7.2.3)
2073 CVE-2002-1398 version (postgresql, fixed 7.2.2)
2074 CVE-2002-1397 version (postgresql, fixed 7.2.3)
2075 CVE-2002-1396 version (php, fixed 4.3.0)
2076 CVE-2002-1394 version (tomcat, fixed 4.0.6)
2077 CVE-2002-1393 version (kde, fixed 3.0.5a)
2078 CVE-2002-1392 version (mgetty, fixed 1.1.29)
2079 CVE-2002-1391 version (mgetty, fixed 1.1.29)
2080 CVE-2002-1384 version (cups, fixed 1.1.18)
2081 CVE-2002-1383 version (cups, fixed 1.1.18)
2082 CVE-2002-1380 version (kernel, not 2.6)
2083 CVE-2002-1379 version (openldap, not 2.3.24+)
2084 CVE-2002-1378 version (openldap, not 2.3.24+)
2085 CVE-2002-1377 version (vim, fixed patch 6.1.265)
2086 CVE-2002-1376 version (mysql, fixed 4.0.6)
2087 CVE-2002-1375 version (mysql, fixed 4.0.6)
2088 CVE-2002-1374 version (mysql, fixed 4.0.6)
2089 CVE-2002-1373 version (mysql, fixed 3.23.54)
2090 CVE-2002-1372 version (cups, fixed 1.1.18)
2091 CVE-2002-1371 version (cups, fixed 1.1.18)
2092 CVE-2002-1369 version (cups, fixed 1.1.18)
2093 CVE-2002-1368 version (cups, fixed 1.1.18)
2094 CVE-2002-1367 version (cups, fixed 1.1.18)
2095 CVE-2002-1366 version (cups, fixed 1.1.18)
2096 CVE-2002-1365 version (fetchmail, fixed 6.2.0)
2097 CVE-2002-1363 version (libpng, fixed 1.2.6)
2098 CVE-2002-1356 version (wireshark, fixed after 0.9.7)
2099 CVE-2002-1355 version (wireshark, fixed after 0.9.7)
2100 CVE-2002-1350 version (tcpdump, fixed 3.7)
2101 CVE-2002-1348 version (w3m, fixed 0.3.2.2)
2102 CVE-2002-1347 version (cyrus-sasl, fixed 2.1.10)
2103 CVE-2002-1344 version (wget, fixed 1.8.2)
2104 CVE-2002-1341 version (squirrelmail, fixed after 1.2.10)
2105 CVE-2002-1337 version (sendmail, fixed 8.12.8)
2106 CVE-2002-1335 version (w3m, fixed 0.3.2.1)
2107 CVE-2002-1323 version (perl, fixed 5.8.0.1 at least)
2108 CVE-2002-1319 version (kernel, fixed 2.5.48)
2109 CVE-2002-1318 version (samba, fixed 2.2.7)
2110 CVE-2002-1306 version (kde, fixed 3.0.4)
2111 CVE-2002-1285 ignore (lprng) actually lpdfilter issue
2112 CVE-2002-1282 version (kde, fixed 3.0.5)
2113 CVE-2002-1281 version (kde, fixed 3.0.5)
2114 CVE-2002-1276 version (squirrelmail, fixed 1.4.2)
2115 CVE-2002-1247 version (kdenetwork, fixed 3.0.5)
2116 CVE-2002-1235 version (krb5, fixed after 1.2.6)
2117 CVE-2002-1233 ignore (httpd) Debian regression
2118 CVE-2002-1232 version (ypserv, fixed 2.5)
2119 CVE-2002-1227 version (pam, only 0.76)
2120 CVE-2002-1224 version (kde, fixed 3.0.4)
2121 CVE-2002-1223 version (kdegraphics, fixed 3.0.4)
2122 CVE-2002-1221 version (bind, not 9)
2123 CVE-2002-1220 version (bind, not 9)
2124 CVE-2002-1219 version (bind, not 9)
2125 CVE-2002-1217 version (tar, fixed 1.13.25)
2126 CVE-2002-1175 version (fetchmail, fixed 6.2.0)
2127 CVE-2002-1174 version (fetchmail, fixed 6.2.0)
2128 CVE-2002-1170 version (net-snmp, fixed 5.0.6)
2129 CVE-2002-1165 version (sendmail, fixed 8.12.10 at least)
2130 CVE-2002-1160 version (pam) was our config
2131 CVE-2002-1157 version (httpd, not 2.0)
2132 CVE-2002-1156 version (httpd, fixed 2.0.43)
2133 CVE-2002-1152 version (kdenetwork, fixed 3.0.3)
2134 CVE-2002-1151 version (kdenetwork, fixed 3.0.3a)
2135 CVE-2002-1148 version (tomcat, fixed 4.0.5)
2136 CVE-2002-1146 version (glibc, fixed 2.2.6)
2137 CVE-2002-1146 version (bind, not 8.3+)
2138 CVE-2002-1131 version (squirrelmail, fixed 1.2.8)
2139 CVE-2002-1119 version (python, fixed 2.2.2)
2140 CVE-2002-0989 version (gaim, fixed 0.59.1)
2141 CVE-2002-0986 version (php, fixed 4.2.3)
2142 CVE-2002-0985 version (php, fixed 4.2.3)
2143 CVE-2002-0972 version (postgresql, fixed 7.2.2)
2144 CVE-2002-0970 version (kdenetwork, fixed 3.0.3)
2145 CVE-2002-0935 version (tomcat, fixed 4.1.3)
2146 CVE-2002-0906 version (sendmail, fxied 8.12.5)
2147 CVE-2002-0871 version (xinetd, fixed 2.3.7)
2148 CVE-2002-0855 version (mailman, fixed 2.0.12)
2149 CVE-2002-0843 version (httpd, not 2.2)
2150 CVE-2002-0840 version (httpd, not 2.2)
2151 CVE-2002-0839 version (httpd, not 2.2)
2152 CVE-2002-0838 version (kdegraphics, fixed 3.0.4)
2153 CVE-2002-0838 version (ggv, fixed 20030119, 2.8.0 at least)
2154 CVE-2002-0837 version (wordtrans, fixed 1.1pre13 at least)
2155 CVE-2002-0836 version (tetex, fixed 2.0.2 at least)
2156 CVE-2002-0834 version (wireshark)
2157 CVE-2002-0825 version (nss_ldap, fixed nss_ldap-198)
2158 CVE-2002-0822 version (wireshark)
2159 CVE-2002-0821 version (wireshark)
2160 CVE-2002-0819 version (arts, fixed cvs 20020707)
2161 CVE-2002-0802 version (postgresql, fixed 7.2)
2162 CVE-2002-0761 version (bzip2, fixed 1.0.2)
2163 CVE-2002-0760 version (bzip2, fixed 1.0.2)
2164 CVE-2002-0759 version (bzip2, fixed 1.0.2)
2165 CVE-2002-0728 version (libpng, fixed 1.2.4)
2166 CVE-2002-0717 version (php, fixed 4.2.2)
2167 CVE-2002-0715 version (squid, fixed 2.4.STABLE6)