Summary of vulnerabilities with FC3
Stephen J. Smoogen
smooge at gmail.com
Tue Nov 9 18:44:22 UTC 2004
On Tue, 9 Nov 2004 12:20:58 +0000 (GMT), Mark J Cox <mjc at redhat.com> wrote:
> Near the release time of each new distribution the Red Hat security team
> go through all the security advisories for the past few years as well as
> issues that affected others but not Red Hat to ensure that the new
> distribution is up to date with security patches. We did this with FC3 a
> few weeks ago and corrected most of the issues we found that were unfixed.
> So this email is just really a FYI so we have the details stored for
> future reference.
>
Will the following items listed as vulnerable be fixed in the near
future? And what can be done to help?
> CAN-2004-0081 VULNERABLE (openssl096b only, see bug 138365)
> CAN-2004-0687 VULNERABLE (lesstif libxpm, see bug 135080)
> CAN-2004-0687 VULNERABLE (lesstif libxpm, see bug 135081)
> CAN-2004-0888 VULNERABLE (tetex, see bug 137476)
> CAN-2004-0930 VULNERABLE (Samba, see bug 138326)
> CAN-2004-0942 VULNERABLE (httpd, see bug 138065)
> CAN-2004-0971 VULNERABLE (krb5, see bug 136307)
> CAN-2004-0972 VULNERABLE (lvm, see bug 136309)
> CAN-2004-0974 VULNERABLE (tetex, see bug 137966)
> CAN-2004-0975 VULNERABLE (openssl, see bug 136303)
> CAN-2004-0981 VULNERABLE (ImakeMagick, see bug 138385)
> CAN-2004-0983 VULNERABLE (Ruby, see bug 138366)
> CAN-2004-0990 VULNERABLE (gd, see bug 137247)
There may be 2 more Ruby items that have been listed in the last 2
weeks. I do not know if they were added to the original CAN or added.
--
Stephen J Smoogen.
CSIRT/Linux System Administrator
More information about the fedora-devel-list
mailing list