[Fedora-security-commits] fedora-security/audit f8, 1.156, 1.157 f9, 1.147, 1.148 fc7, 1.312, 1.313
fedora-security-commits at redhat.com
fedora-security-commits at redhat.com
Thu Mar 13 08:29:31 UTC 2008
- Previous message (by thread): [Fedora-security-commits] fedora-security/audit f8, 1.155, 1.156 f9, 1.146, 1.147 fc7, 1.311, 1.312
- Next message (by thread): [Fedora-security-commits] fedora-security/audit f8, 1.157, 1.158 f9, 1.148, 1.149 fc7, 1.313, 1.314
- Messages sorted by:
[ date ]
[ thread ]
[ subject ]
[ author ]
Author: thoger
Update of /cvs/fedora/fedora-security/audit
In directory cvs-int.fedora.redhat.com:/tmp/cvs-serv26028/audit
Modified Files:
f8 f9 fc7
Log Message:
add dovecot
get updates
Index: f8
===================================================================
RCS file: /cvs/fedora/fedora-security/audit/f8,v
retrieving revision 1.156
retrieving revision 1.157
diff -u -r1.156 -r1.157
--- f8 12 Mar 2008 09:18:22 -0000 1.156
+++ f8 13 Mar 2008 08:29:01 -0000 1.157
@@ -15,10 +15,12 @@
CVE-2008-1284 VULNERABLE (horde) #436628
CVE-2008-1270 ignore (lighttpd) Not a bug, requires unlikely and incredibly stupid configuration change with well-documented effects.
**CVE-2008-1227 fixed (libsilc) We updated this as non-security
+CVE-2008-1218 version (dovecot, fixed 1.0.13) [since FEDORA-2008-2464] marginally affected
+CVE-2008-1199 version (dovecot, fixed 1.0.11) [since FEDORA-2008-2464] not in default config
CVE-2008-1184 version (dnssec-tools, fixed 1.3.2) [since FEDORA-2008-1771]
CVE-2008-1161 version (xine-lib, fixed 1.1.10.1) [since FEDORA-2008-1543]
CVE-2008-1149 version (phpMyAdmin, fixed 2.11.5) [since FEDORA-2008-2189]
-CVE-2008-1145 VULNERABLE (ruby, fixed 1.8.6-p114) minimal impact, will be fixed in future update
+CVE-2008-1145 version (ruby, fixed 1.8.6-p114) [since FEDORA-2008-2443]
CVE-2008-1133 ignore (drupal) #435816 drupal 6.x only
CVE-2008-1131 ignore (drupal) #435816 drupal 6.x only
CVE-2008-1111 VULNERABLE (lighttpd) #435807
Index: f9
===================================================================
RCS file: /cvs/fedora/fedora-security/audit/f9,v
retrieving revision 1.147
retrieving revision 1.148
diff -u -r1.147 -r1.148
--- f9 12 Mar 2008 09:18:22 -0000 1.147
+++ f9 13 Mar 2008 08:29:01 -0000 1.148
@@ -11,15 +11,17 @@
GENERIC-MAP-NOMATCH VULNERABLE (wyrd) #433722
GENERIC-MAP-NOMATCH fixed (inkscape) #432807 [since inkscape-0.45.1+0.46pre1-4.fc9]
GENERIC-MAP-NOMATCH ignore (mediawiki) 1.11.2 security fix applies only for 1.11 we never shipped
-GENERIC-MAP-NOMATCH VULNERABLE (roundup) #436549
+GENERIC-MAP-NOMATCH version (roundup) #436549 [since roundup-1.4.4-1.fc9]
CVE-2008-1284 fixed (horde) #436628
CVE-2008-1270 ignore (lighttpd) Not a bug, requires unlikely and incredibly stupid configuration change with well-documented effects.
**CVE-2008-1227 fixed (libsilc) We updated this as non-security
+CVE-2008-1218 version (dovecot, fixed 1.0.13) [since dovecot-1.0.13-6.fc9] marginally affected
+CVE-2008-1199 version (dovecot, fixed 1.0.11) [since dovecot-1.0.13-6.fc9] not in default config
CVE-2008-1142 ignore (rxvt) http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=469296
CVE-2008-1184 version (dnssec-tools, fixed 1.3.2) [since dnssec-tools-1.3.2-1.fc9]
CVE-2008-1161 version (xine-lib, fixed 1.1.10.1) [since xine-lib-1.1.10.1-1.fc9]
CVE-2008-1149 version (phpMyAdmin, fixed 2.11.5) [since phpMyAdmin-2.11.5-1.fc9]
-CVE-2008-1145 VULNERABLE (ruby, fixed 1.8.6-p114) minimal impact, will be fixed in future update
+CVE-2008-1145 version (ruby, fixed 1.8.6-p114) [since ruby-1.8.6.114-1.fc9]
CVE-2008-1133 version (drupal, fixed 6.1) #435817 [since drupal-6.1-1.fc9]
CVE-2008-1131 version (drupal, fixed 6.1) #435817 [since drupal-6.1-1.fc9]
CVE-2008-1111 backport (lighttpd) #435809 [since lighttpd-1.4.18-6.fc9]
Index: fc7
===================================================================
RCS file: /cvs/fedora/fedora-security/audit/fc7,v
retrieving revision 1.312
retrieving revision 1.313
diff -u -r1.312 -r1.313
--- fc7 12 Mar 2008 09:18:22 -0000 1.312
+++ fc7 13 Mar 2008 08:29:01 -0000 1.313
@@ -12,23 +12,25 @@
GENERIC-MAP-NOMATCH fixed (wyrd) #433721 [since FEDORA-2008-1986]
GENERIC-MAP-NOMATCH fixed (viewvc) #435349 [since FEDORA-2008-2159]
GENERIC-MAP-NOMATCH ignore (mediawiki) 1.11.2 security fix applies only for 1.11 we never shipped
-GENERIC-MAP-NOMATCH VULNERABLE (roundup) #436548
-CVE-2008-1284 VULNERABLE (horde) #436628
+GENERIC-MAP-NOMATCH fixed (roundup) #436548 [since FEDORA-2008-2471]
+CVE-2008-1284 fixed (horde) #436628 [since FEDORA-2008-2362]
CVE-2008-1270 ignore (lighttpd) Not a bug, requires unlikely and incredibly stupid configuration change with well-documented effects.
**CVE-2008-1227 fixed (libsilc) We updated this as non-security
+CVE-2008-1218 version (dovecot, fixed 1.0.13) [since FEDORA-2008-2475] marginally affected
+CVE-2008-1199 version (dovecot, fixed 1.0.11) [since FEDORA-2008-2475] not in default config
CVE-2008-1184 version (dnssec-tools, fixed 1.3.2) [since FEDORA-2008-1758]
CVE-2008-1161 version (xine-lib, fixed 1.1.10.1) [since FEDORA-2008-1581]
CVE-2008-1149 version (phpMyAdmin, fixed 2.11.5) [since FEDORA-2008-2229]
-CVE-2008-1145 VULNERABLE (ruby, fixed 1.8.6-p114) minimal impact, will be fixed in future update
+CVE-2008-1145 version (ruby, fixed 1.8.6-p114) [since FEDORA-2008-2458]
CVE-2008-1133 ignore (drupal) #435815 drupal 6.x only
CVE-2008-1131 ignore (drupal) #435815 drupal 6.x only
-CVE-2008-1111 VULNERABLE (lighttpd) #435808
+CVE-2008-1111 fixed (lighttpd) #435808 [since FEDORA-2008-2278]
CVE-2008-1110 version (xine-lib, fixed 1.1.10) [since FEDORA-2008-1047]
CVE-2008-1072 VULNERABLE (wireshark) #435487
CVE-2008-1071 VULNERABLE (wireshark) #435487
CVE-2008-1070 VULNERABLE (wireshark) #435487
CVE-2008-1066 version (php-Smarty, fixed 2.6.19) #435812 [since FEDORA-2008-1928]
-CVE-2008-0983 VULNERABLE (lighttpd) #435808
+CVE-2008-0983 fixed (lighttpd) #435808 [since FEDORA-2008-2278]
CVE-2008-0932 fixed (sword) #433725 [since FEDORA-2008-1951] why? diatheke.pl is not shipped...
CVE-2008-0928 fixed (qemu) #433562 [since FEDORA-2008-1995]
CVE-2008-0928 fixed (kvm) #433565 [since FEDORA-2008-1993]
@@ -43,7 +45,7 @@
CVE-2008-0784 version (cacti, fixed 0.8.7b) #432759
CVE-2008-0783 version (cacti, fixed 0.8.7b) #432759
CVE-2008-0728 fixed (clamav, fixed 0.92.1) [since FEDORA-2008-1608]
-CVE-2008-0674 VULNERABLE (pcre, fixed 7.6) #431676 [since FEDORA-2008-1842]
+CVE-2008-0674 fixed (pcre, fixed 7.6) #431676 [since FEDORA-2008-1842]
CVE-2008-0668 fixed (gnumeric, fixed 1.8.1) #431228 [since FEDORA-2008-1313] SA28725
CVE-2008-0664 fixed (wordpress, fixed 2.3.3) #431550 [since FEDORA-2008-1559]
CVE-2008-0658 fixed (openldap) #432013 [since FEDORA-2008-1568]
@@ -68,7 +70,7 @@
CVE-2008-0553 VULNERABLE (tk, fixed 8.5.1)
CVE-2008-0544 fixed (SDL_image) #430695 [since FEDORA-2008-1208] ILBM overflow
CVE-2008-0486 fixed (xine-lib, fixed 1.1.10.1) #431542 [since FEDORA-2008-1581]
-CVE-2008-0460 VULNERABLE (mediawiki) #430287
+CVE-2008-0460 fixed (mediawiki) #430287 [since FEDORA-2008-2245]
CVE-2008-0420 version (firefox, fixed 2.0.0.12) [since FEDORA-2008-1435]
CVE-2008-0420 version (seamonkey, fixed 1.1.8) [since FEDORA-2008-1669]
CVE-2008-0420 fixed (thunderbird, fixed 2.0.0.12) #432047 [since FEDORA-2008-2118]
@@ -91,7 +93,7 @@
CVE-2008-0412 fixed (firefox, fixed 2.0.0.12) #432042 [since FEDORA-2008-1435]
CVE-2008-0412 fixed (seamonkey, fixed 1.1.8) #432045 [since FEDORA-2008-1669]
CVE-2008-0412 fixed (thunderbird, fixed 2.0.0.12) #432047 [since FEDORA-2008-2118]
-CVE-2008-0411 VULNERABLE (ghostscript) #435145 [since FEDORA-2008-2084]
+CVE-2008-0411 fixed (ghostscript) #435145 [since FEDORA-2008-2084]
CVE-2008-0404 fixed (mantis) #429552 [since FEDORA-2008-0796]
CVE-2008-0386 fixed (xdg-utils) #429513 [since FEDORA-2008-1015]
CVE-2008-0364 ignore (bittorrent) Windows only
@@ -118,13 +120,13 @@
CVE-2008-0123 fixed (moodle) #428731 [since FEDORA-2008-0610]
CVE-2008-0122 fixed (bind) #429149 [since FEDORA-2008-0904]
CVE-2008-0095 version (asterisk, fixed 1.4.17) AST-2008-001 [since FEDORA-2008-0198]
-CVE-2008-0072 VULNERABLE (evolution) #436080
+CVE-2008-0072 fixed (evolution) #436080 [since FEDORA-2008-2290]
CVE-2008-0008 fixed (pulseaudio) #425481 [since FEDORA-2008-0994]
CVE-2008-0006 fixed (libXfont) #429131 [since FEDORA-2008-0891]
CVE-2008-0005 fixed (httpd, fixed 2.2.8) #427983 [since FEDORA-2008-1695]
CVE-2008-0003 fixed (tog-pegasus, fixed 2.7.0) #427828 [since FEDORA-2008-0506]
CVE-2008-0002 fixed (tomcat5) #432475 [since FEDORA-2008-1603]
-CVE-2007-6703 VULNERABLE (vdccm) #436026 [since FEDORA-2008-0680]
+CVE-2007-6703 fixed (vdccm) #436026 [since FEDORA-2008-0680]
CVE-2007-6698 fixed (openldap, fixed 2.3.36) #431409 [since FEDORA-2008-1307]
CVE-2007-6697 fixed (SDL_image, fixed 1.2.7) #430239 [since FEDORA-2008-1231]
CVE-2007-6693 version (gallery2, fixed 2.2.4) [since FEDORA-2007-4777]
@@ -318,7 +320,7 @@
CVE-2007-5037 version (inotify-tools) #299771 [since FEDORA-2007-3074]
CVE-2007-5034 version (elinks) #297981 [since FEDORA-2007-2224]
CVE-2007-5007 version (balsa) #297601 [since FEDORA-2007-2302]
-GENERIC-MAP-NOMATCH VULNERABLE (nx) #293031
+GENERIC-MAP-NOMATCH fixed (nx) #293031 [since FEDORA-2008-2258]
CVE-2007-5000 fixed (httpd, fixed 2.2.8) #427983 [since FEDORA-2008-1695]
CVE-2007-4999 version (pidgin, fixed 2.2.2) [since FEDORA-2007-2714]
CVE-2007-4996 version (pidgin, fixed 2.2.1) [since FEDORA-2007-2368]
@@ -342,9 +344,9 @@
CVE-2007-4771 fixed (icu) #430232 [since FEDORA-2008-1076]
CVE-2007-4770 fixed (icu) #430232 [since FEDORA-2008-1076]
CVE-2007-4769 fixed (postgresql, fixed 8.2.6) #427772 [since FEDORA-2008-0552]
-CVE-2007-4768 VULNERABLE (pcre, fixed 7.3) #378411 [since FEDORA-2008-1842]
-CVE-2007-4767 VULNERABLE (pcre, fixed 7.3) #378411 [since FEDORA-2008-1842]
-CVE-2007-4766 VULNERABLE (pcre, fixed 7.3) #378411 [since FEDORA-2008-1842]
+CVE-2007-4768 fixed (pcre, fixed 7.3) #378411 [since FEDORA-2008-1842]
+CVE-2007-4767 fixed (pcre, fixed 7.3) #378411 [since FEDORA-2008-1842]
+CVE-2007-4766 fixed (pcre, fixed 7.3) #378411 [since FEDORA-2008-1842]
CVE-2007-4752 VULNERABLE (openssh) #280461
CVE-2007-4743 backport (krb5) incomplete CVE-2007-3999 fix [since FEDORA-2007-2066]
CVE-2007-4730 ignore (xorg-x11) #286051 ajax says F7 is not vulnerable
@@ -641,10 +643,10 @@
CVE-2007-1665 version (ekg) #246034 [since FEDORA-2007-0791]
CVE-2007-1664 version (ekg) #246034 [since FEDORA-2007-0791]
CVE-2007-1663 version (ekg) #246034 [since FEDORA-2007-0791]
-CVE-2007-1662 VULNERABLE (pcre, fixed 7.3) #378411 [since FEDORA-2008-1842]
-CVE-2007-1661 VULNERABLE (pcre, fixed 7.3) #378411 [since FEDORA-2008-1842]
-CVE-2007-1660 VULNERABLE (pcre, fixed 7.3) #378411 [since FEDORA-2008-1842]
-CVE-2007-1659 VULNERABLE (pcre, fixed 7.3) #378411 [since FEDORA-2008-1842]
+CVE-2007-1662 fixed (pcre, fixed 7.3) #378411 [since FEDORA-2008-1842]
+CVE-2007-1661 fixed (pcre, fixed 7.3) #378411 [since FEDORA-2008-1842]
+CVE-2007-1660 fixed (pcre, fixed 7.3) #378411 [since FEDORA-2008-1842]
+CVE-2007-1659 fixed (pcre, fixed 7.3) #378411 [since FEDORA-2008-1842]
CVE-2007-1649 version (php, fixed 5.2.2)
CVE-2007-1622 version (wordpress, fixed 2.1.3-0.rc2) #233703
CVE-2007-1614 version (zziplib, fixed 0.13.49) #233700
- Previous message (by thread): [Fedora-security-commits] fedora-security/audit f8, 1.155, 1.156 f9, 1.146, 1.147 fc7, 1.311, 1.312
- Next message (by thread): [Fedora-security-commits] fedora-security/audit f8, 1.157, 1.158 f9, 1.148, 1.149 fc7, 1.313, 1.314
- Messages sorted by:
[ date ]
[ thread ]
[ subject ]
[ author ]
More information about the Fedora-security-commits
mailing list