Red Hat Bugzilla – Bug 179804
Multiple KDE package tracker for multiple vulnerabilities
Last modified: 2007-08-30 15:57:37 EDT
This bug ticket is being created to be a package tracker for multiple
security bugs identified in KDE from a list in Attachment 123541 [details] for Fedora
Legacy-maintained distros. Please add bugs to the "depends on" list as new
packages are identified which need patching from the Febr. 2005 last set of
Legacy packages up through CVE-2006-0019.
Bug 178606 is for the kdelibs package.
Created attachment 124082 [details]
Partially filled-out spreadsheet for vulnerabilities vs. distros
Attached is a spreadsheet I have partly completed in discerning which KDE
packages and which distros are affected by which vulnerability from the list
in attachment 123541 [details].
Created attachment 124098 [details]
Completed spreadsheet - KDE vulnerabilities
Here is the completed spreadsheet of KDE Security vulnerabilities versus the
KDE packages those vulnerabilties touch and the RHL/FC distributions which are
affected. Note that a new vulnerability (CVE-2006-0301) was added yesterday.
Created attachment 124200 [details]
Here's a more updated spreadsheet, verifying that CAN-2005-0064 is either
already fixed in current packages in the repository or does not affect the
remaining packages (for kdegraphics).
Created attachment 124249 [details]
Final version of spreadsheet for FedoraLegacy KDE security issues
Kept finding more things....
Created attachment 124667 [details]
Updated spreadsheet of KDE vulnerabilities
Fedora Legacy project has ended. These will not be fixed by Fedora Legacy.