2005-03-02 15:57:35 +00:00
|
|
|
<blacklist>
|
|
|
|
|
2005-03-07 14:54:52 +00:00
|
|
|
|
2005-03-24 13:44:47 +00:00
|
|
|
<item id='firefox-1.0.1-security'>
|
|
|
|
<condition>
|
|
|
|
<within>
|
|
|
|
<traverse><true /></traverse>
|
|
|
|
<hasAttr name='outputHash' value='ebaea974fea9460ab7050fff76b41cb1' />
|
|
|
|
</within>
|
|
|
|
</condition>
|
|
|
|
<reason>
|
|
|
|
Fixes several security bugs (see
|
|
|
|
http://www.mozilla.org/projects/security/known-vulnerabilities.html),
|
|
|
|
in particular MFSA 2005-30
|
|
|
|
(http://www.mozilla.org/security/announce/mfsa2005-30.html).
|
|
|
|
Upgrade to 1.0.2.
|
|
|
|
</reason>
|
|
|
|
<severity class="client" level="critical" />
|
|
|
|
</item>
|
|
|
|
|
|
|
|
|
2005-03-02 15:57:35 +00:00
|
|
|
<item id='openssl-0.9.7d-obsolete'>
|
|
|
|
<condition>
|
2005-03-07 16:26:05 +00:00
|
|
|
<within>
|
|
|
|
<traverse><true /></traverse>
|
|
|
|
<hasAttr name='outputHash' value='1b49e90fc8a75c3a507c0a624529aca5' />
|
|
|
|
</within>
|
2005-03-02 15:57:35 +00:00
|
|
|
</condition>
|
|
|
|
<reason>
|
|
|
|
Race condition in CRL checking code. Upgrade to 0.9.7e.
|
|
|
|
</reason>
|
|
|
|
<severity class="all" level="low" />
|
|
|
|
</item>
|
|
|
|
|
|
|
|
|
2005-03-07 14:54:52 +00:00
|
|
|
<item id='zlib-1.2.1-security' type='security'>
|
2005-03-02 15:57:35 +00:00
|
|
|
<condition>
|
2005-03-07 16:26:05 +00:00
|
|
|
<within>
|
2005-03-07 14:54:52 +00:00
|
|
|
<traverse>
|
2005-03-07 16:26:05 +00:00
|
|
|
<not><hasAttr name='outputHash' value='.+' /></not>
|
2005-03-07 14:54:52 +00:00
|
|
|
</traverse>
|
2005-03-07 16:26:05 +00:00
|
|
|
<hasAttr name='outputHash' value='ef1cb003448b4a53517b8f25adb12452' />
|
|
|
|
</within>
|
2005-03-02 15:57:35 +00:00
|
|
|
</condition>
|
|
|
|
<reason>
|
|
|
|
Zlib 1.2.1 is vulnerable to a denial-of-service condition. See
|
|
|
|
http://www.kb.cert.org/vuls/id/238678. Upgrade to 1.2.2.
|
|
|
|
</reason>
|
|
|
|
<severity class="server" level="critical" />
|
|
|
|
<severity class="client" level="medium" />
|
|
|
|
</item>
|
|
|
|
|
|
|
|
|
2005-03-07 14:54:52 +00:00
|
|
|
<!--
|
2005-03-02 15:57:35 +00:00
|
|
|
<item id='libpng-1.2.7-crash'>
|
|
|
|
<condition>
|
|
|
|
<containsName name="libpng" comparison="lte" version="1.2.7" />
|
|
|
|
</condition>
|
|
|
|
<reason>
|
|
|
|
libpng 1.2.7 is vulnerable to a crash bug. See
|
|
|
|
http://www.libpng.org/pub/png/libpng.html. Upgrade to 1.2.8.
|
|
|
|
</reason>
|
|
|
|
<severity class="client" level="low" />
|
|
|
|
</item>
|
2005-03-07 14:54:52 +00:00
|
|
|
-->
|
|
|
|
|
|
|
|
|
|
|
|
<!--
|
|
|
|
<item id='subversion-without-zlib' type='improvement'>
|
|
|
|
|
|
|
|
<condition>
|
|
|
|
<withinOutputClosure>
|
|
|
|
<not>
|
|
|
|
<containsName name='zlib' />
|
|
|
|
</not>
|
|
|
|
</withinOutputClosure>
|
|
|
|
</condition>
|
2005-03-02 15:57:35 +00:00
|
|
|
|
2005-03-07 14:54:52 +00:00
|
|
|
<reason>
|
|
|
|
Subversion can be compiled with Zlib compression support, which is a good thing.
|
|
|
|
</reason>
|
|
|
|
|
|
|
|
</item>
|
|
|
|
-->
|
2005-03-02 15:57:35 +00:00
|
|
|
|
|
|
|
</blacklist>
|