Security/Status/2005

2005-1934 VULNERABLE (gaim, fixed 1.3.1) [#159963] 2005-1831 ignore (sudo) unsubstantiated report 2005-1740 version (net-snmp, fixed 5.2.1) 2005-1739 backport (ImageMagick, fixed 6.2.2.3) [since re0526.1] 2005-1705 version (gdb, fixed 6.3) 2005-1704 version (gdb, fixed 6.3) 2005-1686 ignore (gedit, not a vulnerability) 2005-1636 VULNERABLE (mysql, fixed 4.1.12) minor issue 2005-1589 backport (kernel, fixed 2.6.11.10) ...2-rc4-git5 [since re0522.0] 2005-1544 version (libtiff, fixed 3.7.1 at least) 2005-1532 version (firefox, fixed 1.0.4) [since re0522.0] 2005-1532 version (mozilla, fixed 1.7.8) [since re0522.0] 2005-1531 version (firefox, fixed 1.0.4) [since re0522.0] 2005-1531 version (mozilla, fixed 1.7.8) [since re0522.0] 2005-1519 backport (squid, after 2.5.STABLE9) ..ry-5.patch [since re0522.0] 2005-1470 version (ethereal, fixed 0.10.11) 2005-1469 version (ethereal, fixed 0.10.11) 2005-1468 version (ethereal, fixed 0.10.11) 2005-1467 version (ethereal, fixed 0.10.11) 2005-1466 version (ethereal, fixed 0.10.11) 2005-1465 version (ethereal, fixed 0.10.11) 2005-1464 version (ethereal, fixed 0.10.11) 2005-1463 version (ethereal, fixed 0.10.11) 2005-1462 version (ethereal, fixed 0.10.11) 2005-1461 version (ethereal, fixed 0.10.11) 2005-1460 version (ethereal, fixed 0.10.11) 2005-1459 version (ethereal, fixed 0.10.11) 2005-1458 version (ethereal, fixed 0.10.11) 2005-1457 version (ethereal, fixed 0.10.11) 2005-1456 version (ethereal, fixed 0.10.11) 2005-1455 VULNERABLE (freeradius, affects 1.0.2) waiting for upstream 2005-1454 VULNERABLE (freeradius, affects 1.0.2) waiting for upstream 2005-1431 version (gnutls, fixed 1.0.25) 2005-1410 version (postgresql, fixed 8.0.2) 2005-1409 version (postgresql, fixed 8.0.1) 2005-1369 backport (kernel) in patch-2.6.12-rc3 2005-1368 backport (kernel) in patch-2.6.12-rc3 2005-1345 backport (squid, affects 2.5.STABLE9) ...-extaclauth.patch 2005-1344 ignore (httpd) not a vulnerability 2005-1281 version (ethereal, fixed 0.10.11) 2005-1280 backport (tcpdump, not fixed in 3.8.3) in srpm 2005-1279 backport (tcpdump, not fixed in 3.8.3) in srpm 2005-1278 backport (tcpdump, not fixed in 3.8.3) in srpm 2005-1275 version (ImageMagick, fixed 6.2.2) 2005-1264 backport (kernel, fixed 2.6.11.10) ..12-rc4-git5 [since re0522.0] 2005-1263 backport (kernel) patch-2.6.12-rc4-git5 [since re0522.0] 2005-1262 version (gaim, fixed 1.3.0) [since re0522.0] 2005-1261 version (gaim, fixed 1.3.0) [since re0522.0] 2005-1260 backport (bzip2) in srpm [since re0522.0] 2005-1229 backport (cpio) from srpm [since re0522.0] 2005-1228 backport (gzip) from srpm 2005-1194 backport (nasm) from srpm 2005-1184 ignore (kernel) expected to not be an issue 2005-1160 version (firefox, mozilla) 2005-1159 version (firefox, mozilla) 2005-1158 version (firefox, fixed 1.0.3) 2005-1157 version (firefox, mozilla) 2005-1156 version (firefox, mozilla) 2005-1155 version (firefox, mozilla) 2005-1154 version (firefox, mozilla) 2005-1153 version (firefox, mozilla) 2005-1111 backport (cpio) from srpm 2005-1065 version (tetex, not upstream) 2005-1061 version (logwatch, in 4.3.2 at least) 2005-1046 backport (kdelibs, fixed after 3.4.0) ....delibs-kimgio-fixed.diff 2005-1043 version (php, fixed 4.3.11) 2005-1042 version (php, fixed 4.3.11) 2005-1041 backport (kernel) in patch-2.6.12-rc3 2005-1039 ignore (coreutils) not fixed upstream, not a real issue 2005-1038 backport (cron) from srpm 2005-0990 backport (sharutils) from srpm 2005-0989 version (mozilla, fixed 1.7.7) 2005-0989 version (firefox, fixed 1.0.3) 2005-0988 backport (gzip) from srpm 2005-0977 version (kernel, fixed 2.6.11) 2005-0967 version (gaim, fixed 1.2.1) 2005-0966 version (gaim, fixed 1.2.1) 2005-0965 version (gaim, fixed 1.2.1) 2005-0953 backport (bzip2) in srpm [since re0522.0] 2005-0941 version (ooffice, fixed 1.9 m95) 2005-0937 version (kernel, fixed 2.6.11) 2005-0916 backport (kernel) in patch-2.6.12-rc3 2005-0891 version (gtk2, fixed 2.2.4) 2005-0867 version (kernel, fixed 2.6.11) 2005-0866 version (cdrecord, DEBUG isn't enabled anyway) 2005-0839 version (kernel, fixed 2.6.11) 2005-0815 backport (kernel, fixed 2.6.11.6) in patch-2.6.12-rc3 2005-0808 version (tomcat, fixed 5.x) 2005-0806 version (evolution, fixed 2.0.4) 2005-0799 version (mysql, not linux) 2005-0767 version (kernel, fixed 2.6.11) 2005-0766 version (ethereal, fixed after 0.10.9) 2005-0765 version (ethereal, fixed after 0.10.9) 2005-0763 version (mc, fixed 4.6.0) 2005-0762 version (ImageMagick, fixed 6.0) 2005-0761 version (ImageMagick, fixed 6.1.8) 2005-0760 version (ImageMagick, fixed 6.0) 2005-0759 version (ImageMagick, fixed 6.0) 2005-0758 version (gzip, fixed 1.3.5) 2005-0758 VULNERABLE (bzip2) by inspection [#159819] 2005-0757 version (kernel, not 2.6) 2005-0755 version (HelixPlayer, fixed 10.0.4) 2005-0754 backport (kdewebdev, fixed after 3.4.0) ...4.0-CAN-2005-0754.patch 2005-0753 backport (cvs, fixed 1.12.12) in cvs-1.11.17-CAN-2005-0753.patch 2005-0752 version (firefox, fixed 1.0.3) 2005-0750 backport (kernel, fixed 2.6.11.6) in patch-2.6.12-rc3 2005-0749 backport (kernel, fixed 2.6.11.6) in patch-2.6.12-rc3 2005-0739 version (ethereal, fixed after 0.10.9) 2005-0736 version (kernel, fixed 2.6.11) 2005-0718 version (squid, fixed 2.5.STABLE8) 2005-0711 version (mysql, fixed 4.1.11) 2005-0710 version (mysql, fixed 4.1.11) 2005-0709 version (mysql, fixed 4.1.11) 2005-0705 version (ethereal, fixed after 0.10.9) 2005-0704 version (ethereal, fixed after 0.10.9) 2005-0698 version (ethereal, fixed after 0.10.9) 2005-0664 version (libexif, fixed 0.6.12) 2005-0654 ignore (gimp, not fixed 2.2) upstream considers harmless 2005-0627 version (qt, fixed 3.3.4) 2005-0626 backport (squid, affects 2.5.STABLE9) ..-setcookie.patch 2005-0605 backport (xorg-x11) ...-fix-CAN-2005-0605.patch 2005-0602 VULNERABLE (unzip, fixed 5.52) not in srpm 2005-0596 version (php, fixed 5.0) 2005-0593 version (firefox, mozilla) 2005-0592 version (firefox, mozilla) 2005-0591 version (firefox, fixed 1.0.1) 2005-0590 version (firefox, mozilla, thunderbird) 2005-0589 version (firefox, fixed 1.0.1) 2005-0588 version (firefox, mozilla) 2005-0587 version (firefox, mozilla) 2005-0586 version (firefox, mozilla) 2005-0585 version (firefox, mozilla) 2005-0584 version (firefox, mozilla) 2005-0578 version (firefox, mozilla) 2005-0532 version (kernel, fixed 2.6.11) 2005-0531 version (kernel, fixed 2.6.11) 2005-0530 version (kernel, fixed 2.6.11) 2005-0529 version (kernel, fixed 2.6.11) 2005-0527 version (mozilla, fixed 1.7.6) 2005-0527 version (firefox, fixed 1.0.1) 2005-0525 version (php, fixed 5.0.4) 2005-0524 version (php, fixed 5.0.4) 2005-0504 version (kernel, doesn't build in 2.6) 2005-0490 version (curl, fixed 7.13.1) 2005-0473 version (gaim, fixed 1.1.3) 2005-0472 version (gaim, fixed 1.1.3) 2005-0469 backport (krb5, fixed 1.4.1) patch in srpm 2005-0469 backport (telnet) telnet-0.17-CAN-2005-468_469.patch 2005-0468 backport (krb5, fixed 1.4.1) patch in srpm 2005-0468 backport (telnet) telnet-0.17-CAN-2005-468_469.patch 2005-0449 version (kernel, fixed 2.6.11) 2005-0448 VULNERABLE (perl) 2005-0446 version (squid, fixed 2.5.STABLE9) 2005-0404 ignore (kde) won't fix http://bugs.kde.org/show_bug.cgi?id=96020 2005-0402 version (firefox, fixed 1.0.2) 2005-0401 version (firefox, fixed 1.0.2) 2005-0401 version (mozilla, fixed 1.7.7) 2005-0400 backport (kernel, fixed in bk since 20050325, therefore 2.6.11.6) 2005-0399 version (mozilla, Firefox, thunderbird) 2005-0398 version (ipsec-tools, fixed 0.5) 2005-0397 version (ImageMagick, fixed 6.0.2.5) 2005-0396 version (kdelibs, fixed 3.4.0) 2005-0384 version (kernel, fixed 2.6.11.4) 2005-0372 version (gftp, fixed in 2.0.18 at least by inspection) 2005-0365 version (kdelibs, not 3.4) 2005-0337 version (postfix, not 2.2) 2005-0255 version (mozilla, fixed 1.7.6) 2005-0255 version (thunderbird, fixed 1.0.2) 2005-0255 version (firefox, fixed 1.0.1) 2005-0247 version (postgresql, fixed after 8.0) 2005-0246 version (postgresql, fixed 8.0.1) 2005-0245 version (postgresql, fixed 8.0.1) 2005-0244 version (postgresql, fixed 8.0.1) 2005-0241 version (squid, fixed 2.5.STABLE8) 2005-0238 version (epiphany, fixed since mozilla 1.7.6) 2005-0237 version (kdelibs, fixed 3.4.0) 2005-0233 version (mozilla, fixed 1.7.6) 2005-0233 version (firefox, fixed 1.0.1) 2005-0232 version (mozilla, fixed 1.7.6) 2005-0232 version (firefox, fixed 1.0.1) 2005-0231 version (mozilla, fixed 1.7.6) 2005-0231 version (firefox, fixed 1.0.1) 2005-0230 version (mozilla, fixed 1.7.6) 2005-0230 version (thunderbird, fixed 1.0.2) 2005-0230 version (firefox, fixed 1.0.1) 2005-0227 version (postgresql, fixed 8.0.1) 2005-0215 version (mozilla) 2005-0211 version (squid, fixed 2.5.STABLE8) 2005-0210 version (kernel, fixed 2.6.11) 2005-0209 version (kernel, fixed 2.6.11) 2005-0208 version (gaim, fixed 1.1.4) 2005-0207 version (kernel, fixed 2.6.11) 2005-0206 version (xpdf, only bad patch for 2004-0888) 2005-0205 version (kdenetwork, not 3.3 onwards) 2005-0204 version (kernel, didn't affect upstream) 2005-0202 backport (mailman, fixed 2.1.6) from srpm 2005-0201 version (dbus) 2005-0194 version (squid, fixed 2.5.STABLE8) 2005-0180 version (kernel, fixed 2.6.11) 2005-0179 version (kernel, fixed 2.6.11) 2005-0178 version (kernel, fixed 2.6.11) 2005-0177 version (kernel, fixed 2.6.11) 2005-0176 version (kernel, only affected 2.6.9) 2005-0175 version (squid, fixed 2.5.STABLE8) 2005-0174 version (squid, fixed 2.5.STABLE8) 2005-0173 version (squid, fixed 2.5.STABLE8) 2005-0162 version (openswan, fixed 2.3.0) 2005-0156 backport (perl, not 5.8.6) perl-5.8.5-CAN-2005-0155+0156.patch 2005-0155 backport (perl, not 5.8.6) perl-5.8.5-CAN-2005-0155+0156.patch 2005-0152 version (squirrelmail, not 1.4) 2005-0150 version (firefox, fixed 1.0) 2005-0149 version (mozilla, firefox) 2005-0147 version (mozilla, firefox) 2005-0146 version (mozilla, firefox) 2005-0145 version (firefox, fixed 1.0) 2005-0144 version (mozilla, firefox) 2005-0143 version (mozilla, firefox) 2005-0142 version (mozilla, firefox, thunderbird) 2005-0141 version (mozilla, firefox) 2005-0137 version (kernel, not 2.6) 2005-0135 version (kernel, fixed 2.6.11) 2005-0124 version (kernel, fixed 2.6.11) 2005-0109 backport (openssl097a) [since re0522.0] 2005-0109 backport (openssl) [since re0522.0] 2005-0104 version (squirrelmail, fixed 1.4.4) 2005-0103 version (squirrelmail, fixed 1.4.4) 2005-0102 version (evolution-data-server, fixed 1.2.2 at least) 2005-0100 version (emacs, fixed 21.4 at least) 2005-0097 version (squid, fixed 2.5.STABLE8) 2005-0096 version (squid, fixed 2.5.STABLE8) 2005-0095 version (squid, fixed 2.5.STABLE8) 2005-0094 version (squid, fixed 2.5.STABLE8) 2005-0092 version (kernel, not affected) 2005-0091 version (kernel, not affected) 2005-0090 version (kernel, not affected) 2005-0089 version (python, fixed 2.4.1 at least) 2005-0088 version (mod_python, fixed after 2.7.8) 2005-0087 backport (alsa-lib) alsa-lib-mixer.patch 2005-0086 version (less, didn't affect upstream) 2005-0085 version (htdig, fixed 3.1.6-r7) 2005-0084 version (ethereal, fixed 0.10.9) 2005-0080 version (mailman, not upstream) 2005-0078 version (kde, fixed 3.0.5) 2005-0077 version (perl-DBI, fixed in 1.48 at least) 2005-0075 version (squirrelmail, fixed 1.4.4) 2005-0069 backport (vim) in vim-6.3-tmpfile.patch 2005-0064 version (tetex, fixed 3.0) 2005-0064 version (kpdf, not 3.4) 2005-0064 backport (cups) patch in SRPM 2005-0064 backport (xpdf) xpdf-3.00-CAN-2005-0064.patch 2005-0039 ignore (not a vulnerability) don't do this says the rfc 2005-0034 version (bind, fixed after 9.3.0) 2005-0033 version (bind, not 9) 2005-0014 backport (ncpfs) ncpfs-2.2.4-overflow2.patch [since re0522.0] 2005-0013 backport (ncpfs) in srpm 2005-0011 version (kdeedu, not 3.4) 2005-0010 version (ethereal, fixed 0.10.9) 2005-0009 version (ethereal, fixed 0.10.9) 2005-0008 version (ethereal, fixed 0.10.9) 2005-0007 version (ethereal, fixed 0.10.9) 2005-0006 version (ethereal, fixed 0.10.9) 2005-0005 version (ImageMagick, fixed after 6.1.7) 2005-0004 version (mysql, fixed 4.1.10) 2005-0003 version (kernel, fixed 2.6.10) 2005-0001 version (kernel, fixed 2.6.10)