fedora-security/audit fc4,1.80,1.81

Wed Nov 9 12:52:50 UTC 2005

Author: mjc

Update of /cvs/fedora/fedora-security/audit
In directory cvs-int.fedora.redhat.com:/tmp/cvs-serv21454

Modified Files:
	fc4 
Log Message:
Add PHP details and new kernel issue



Index: fc4
===================================================================
RCS file: /cvs/fedora/fedora-security/audit/fc4,v
retrieving revision 1.80
retrieving revision 1.81
diff -u -r1.80 -r1.81

--- fc4	8 Nov 2005 09:15:38 -0000	1.80
+++ fc4	9 Nov 2005 12:52:48 -0000	1.81
@@ -1,15 +1,16 @@
-Up to date CVE as of CVE email 20051107
-Up to date FC4 as of 200501107
+Up to date CVE as of CVE email 20051108
+Up to date FC4 as of 200501108
 
 ** are items that need attention
 
+CVE-2005-3527 VULNERABLE (kernel)
 CVE-2005-3402 ** thunderbird
 CVE-2005-3392 ignore (php) safe mode isn't safe
 CVE-2005-3391 ignore (php) safe mode isn't safe
-CVE-2005-3390 VULNERABLE (php) bz#172208
-CVE-2005-3389 VULNERABLE (php) bz#172211
-CVE-2005-3388 VULNERABLE (php) bz#172213
-CVE-2005-3353 VULNERABLE (php) bz#172590
+CVE-2005-3390 backport (php) [since FEDORA-2005-1062]
+CVE-2005-3389 backport (php) [since FEDORA-2005-1062]
+CVE-2005-3388 backport (php) [since FEDORA-2005-1062]
+CVE-2005-3353 backport (php) [since FEDORA-2005-1062]
 CVE-2005-3350 version (libungif, fixed 4.1.3) [since FEDORA-2005-1046]
 CVE-2005-3322 version (squid, not upstream) SUSE only
 CVE-2005-3319 ** mod_php
@@ -202,6 +203,7 @@
 CVE-2005-2096 backport (rpm) [since FEDORA-2005-565]
 CVE-2005-2095 version (squirrelmail, fixed 1.4.5) since [FEDORA-2005-780]
 CVE-2005-2088 backport (httpd) [since FEDORA-2005-639]
+CVE-2005-2069 ** (openldap) [since FEDORA-2005-992]
 CVE-2005-2069 VULNERABLE (nss_ldap) http://bugzilla.padl.com/attachment.cgi?id=10&action=view
 CVE-2005-2023 version (gnupg, fixed 1.9.15)
 CVE-2005-1993 backport (sudo, fixed 1.6.8p9) [since FEDORA-2005-472]


