I'm not sure on Cyrus, but I don't think RedHat/Fedora has included Sun Java in any release. -Jeff On 12/3/04 7:11 AM, "John Dalbec" <jpdalbec@xxxxxxx> wrote: > Do these issues apply to -legacy? > > 04.47.8 CVE: CAN-2004-1011, CAN-2004-1012, CAN-2004-1013, > CAN-2004-1015 > Platform: Unix > Title: Cyrus IMAPD Multiple Remote Vulnerabilities > Description: Cyrus IMAPD is an IMAP daemon. It is reported to be > vulnerable to multiple remote buffer overflow issues. Cyrus IMAPD > versions 2.2.4 to 2.2.8 are reported to be vulnerable. > Ref: http://security.e-matters.de/advisories/152004.html > > 04.47.13 CVE: CAN-2004-1029 > Platform: Cross Platform > Title: Sun Java Plug-in Security Restriction Bypass > Description: Java Plug-in technology, part of the Java 2 Runtime > Environment (JRE), establishes a connection between popular browsers > and the Java platform. It is possible to bypass the Java sandbox and > all security restrictions imposed within Java Applets to execute > malicious applets and gain full control. Sun Java 2 Platform, Standard > Edition (J2SE) versions 1.4.2_01 and 1.4.2_04 are known to be > vulnerable. > Ref: > http://www.idefense.com/application/poi/display?id=158&type=vulnerabilities > > -- > > fedora-legacy-list@xxxxxxxxxx > http://www.redhat.com/mailman/listinfo/fedora-legacy-list -- fedora-legacy-list@xxxxxxxxxx http://www.redhat.com/mailman/listinfo/fedora-legacy-list
