fedora-security/audit fc4,1.82,1.83
Mark Cox (mjc)
fedora-extras-commits at redhat.com
Thu Nov 10 14:00:34 UTC 2005
Author: mjc
Update of /cvs/fedora/fedora-security/audit
In directory cvs-int.fedora.redhat.com:/tmp/cvs-serv1814
Modified Files:
fc4
Log Message:
Finish off fc4 investigations so we are up to date
Index: fc4
===================================================================
RCS file: /cvs/fedora/fedora-security/audit/fc4,v
retrieving revision 1.82
retrieving revision 1.83
diff -u -r1.82 -r1.83
--- fc4 10 Nov 2005 10:52:03 -0000 1.82
+++ fc4 10 Nov 2005 14:00:32 -0000 1.83
@@ -49,8 +49,8 @@
CVE-2005-3107 version (kernel, fixed 2.6.11)
CVE-2005-3106 version (kernel, fixed 2.6.11)
CVE-2005-3105 version (kernel, fixed 2.6.12) [since FEDORA-2005-510]
-CVE-2005-3089 ** firefox
-CVE-2005-3088 ** fetchmailconf
+CVE-2005-3089 version (firefox, fixed 1.0.7) [since FEDORA-2005-926]
+CVE-2005-3088 ignore (fetchmail) fetchmailconf not shipped
CVE-2005-3055 VULNERABLE (kernel)
CVE-2005-3054 ignore (php) see bz#169857
CVE-2005-3053 version (kernel) [since FEDORA-2005-949] was backport since FEDORA-2005-820
@@ -75,8 +75,8 @@
CVE-2005-2874 version (cups, fixed 1.1.23)
CVE-2005-2873 VULNERABLE (kernel) not upstream fixed
CVE-2005-2872 version (kernel, fixed 2.6.12) [since FEDORA-2005-510]
-CVE-2005-2871 ** backport (firefox) [since FEDORA-2005-871]
-CVE-2005-2871 ** backport (mozilla) [since FEDORA-2005-873]
+CVE-2005-2871 version (firefox, fixed 1.0.7) [since FEDORA-2005-926] was backport [since FEDORA-2005-871]
+CVE-2005-2871 version (mozilla, fixed 1.7.12) [since FEDORA-2005-927] was backport [since FEDORA-2005-873]
CVE-2005-2871 version (thunderbird) (moderate only) [since FEDORA-2005-963]
CVE-2005-2811 version (net-snmp, not upstream) gentoo only
CVE-2005-2801 version (kernel, fixed 2.6.11)
@@ -111,7 +111,7 @@
CVE-2005-2700 backport (httpd, fixed 2.0.55-dev) [since FEDORA-2005-849]
CVE-2005-2693 backport (cvs) [since FEDORA-2005-790]
CVE-2005-2672 backport (lm_sensors) [since FEDORA-2005-1053]
-CVE-2005-2666 ** openssh (hmm)
+CVE-2005-2666 VULNERABLE (openssh) see bz#162681
CVE-2005-2642 version (mutt, openbsd only)
CVE-2005-2641 VULNERABLE (pam_ldap) bz#166164
CVE-2005-2617 version (kernel, fixed 2.6.12.5) [since FEDORA-2005-820]
@@ -148,7 +148,7 @@
CVE-2005-2448 version (kdenetwork, fixed 3.4.2) [since FEDORA-2005-670] was backport since FEDORA-2005-624
CVE-2005-2414 ignore (mozilla) not being fixed upstream, just a crash
CVE-2005-2410 version (NetworkManager, fixed 5.0) [since FEDORA-2005-1027] was backport since FEDORA-2005-680
-CVE-2005-2395 ** firefox
+CVE-2005-2395 VULNERABLE (firefox) not fixed upstream, maybe not security
CVE-2005-2370 version (kdenetwork, fixed 3.4.2) [since FEDORA-2005-670] was backport since FEDORA-2005-624
CVE-2005-2370 version (gaim, fixed 1.5.0) [since FEDORA-2005-751]
CVE-2005-2369 version (kdenetwork, fixed 3.4.2) [since FEDORA-2005-670] was backport since FEDORA-2005-624
@@ -162,7 +162,7 @@
CVE-2005-2361 version (ethereal, fixed 0.10.12) [since FEDORA-2005-655]
CVE-2005-2360 version (ethereal, fixed 0.10.12) [since FEDORA-2005-655]
CVE-2005-2353 ignore (thunderbird) debug mode only
-CVE-2005-2337 ** ruby [since FEDORA-2005-936]
+CVE-2005-2337 version (ruby, fixed 1.8.3) [since FEDORA-2005-936]
CVE-2005-2335 backport (fetchmail) [since FEDORA-2005-613]
CVE-2005-2270 version (firefox, fixed 1.0.5) [since FEDORA-2005-605]
CVE-2005-2270 version (mozilla, fixed 1.7.9) [since FEDORA-2005-619]
@@ -191,7 +191,7 @@
CVE-2005-2260 version (mozilla, fixed 1.7.9) [since FEDORA-2005-619]
CVE-2005-2177 version (net-snmp, fixed 5.2.1.2) [since FEDORA-2005-561]
CVE-2005-2114 ** mozilla, can't find out when this was fixed upstream
-CVE-2005-2104 ** sysreport #162979
+CVE-2005-2104 VULNERABLE (sysreport) #162979
CVE-2005-2103 version (gaim, fixed 1.5.0) [since FEDORA-2005-751]
CVE-2005-2102 version (gaim, fixed 1.5.0) [since FEDORA-2005-751]
CVE-2005-2101 backport (kdeedu) [since FEDORA-2005-744]
@@ -204,7 +204,7 @@
CVE-2005-2096 backport (rpm) [since FEDORA-2005-565]
CVE-2005-2095 version (squirrelmail, fixed 1.4.5) since [FEDORA-2005-780]
CVE-2005-2088 backport (httpd) [since FEDORA-2005-639]
-CVE-2005-2069 ** (openldap) [since FEDORA-2005-992]
+CVE-2005-2069 backport (openldap) [since FEDORA-2005-992]
CVE-2005-2069 VULNERABLE (nss_ldap) http://bugzilla.padl.com/attachment.cgi?id=10&action=view
CVE-2005-2023 version (gnupg, fixed 1.9.15)
CVE-2005-1993 backport (sudo, fixed 1.6.8p9) [since FEDORA-2005-472]
More information about the fedora-extras-commits
mailing list