fedora-security/audit fc4,1.91,1.92
Mark Cox (mjc)
fedora-extras-commits at redhat.com
Mon Nov 21 09:32:44 UTC 2005
Author: mjc
Update of /cvs/fedora/fedora-security/audit
In directory cvs-int.fedora.redhat.com:/tmp/cvs-serv18951
Modified Files:
fc4
Log Message:
Updates based on the last few days
Index: fc4
===================================================================
RCS file: /cvs/fedora/fedora-security/audit/fc4,v
retrieving revision 1.91
retrieving revision 1.92
diff -u -r1.91 -r1.92
--- fc4 18 Nov 2005 11:11:02 -0000 1.91
+++ fc4 21 Nov 2005 09:32:42 -0000 1.92
@@ -1,9 +1,11 @@
-Up to date CVE as of CVE email 20051117
-Up to date FC4 as of 200501117
+Up to date CVE as of CVE email 20051120
+Up to date FC4 as of 200501120
** are items that need attention
CVE-2005-3582 version (ImageMagick) gentoo only
+CVE-2005-3675 ** kernel (optack)
+CVE-2005-3671 VULNERABLE (openswan, fixed 2.4.4)
CVE-2005-3573 VULNERABLE (mailman)
CVE-2005-3527 version (kernel, fixed 2.6.14 at least) [since FEDORA-2005-1067]
CVE-2005-3402 ignore (thunderbird) mozilla say by design
@@ -122,6 +124,7 @@
CVE-2005-2666 VULNERABLE (openssh) see bz#162681
CVE-2005-2642 version (mutt, openbsd only)
CVE-2005-2641 VULNERABLE (pam_ldap) bz#166164
+CVE-2005-2629 version (helixplayer, fixed 1.0.6) [since FEDORA-2005-940]
CVE-2005-2617 version (kernel, fixed 2.6.12.5) [since FEDORA-2005-820]
CVE-2005-2602 VULNERABLE (firefox) probably
CVE-2005-2602 VULNERABLE (thunderbird) probably
@@ -410,7 +413,7 @@
CVE-2005-0468 version (krb5, fixed 1.4.1) [since FEDORA-2005-553] was backport since GA
CVE-2005-0468 backport (telnet) telnet-0.17-CAN-2005-468_469.patch
CVE-2005-0449 version (kernel, fixed 2.6.11)
-CVE-2005-0448 VULNERABLE (perl)
+CVE-2005-0448 VULNERABLE (perl) bz#173793
CVE-2005-0446 version (squid, fixed 2.5.STABLE9)
CVE-2005-0404 ignore (kde) won't fix http://bugs.kde.org/show_bug.cgi?id=96020
CVE-2005-0403 version (kernel, not upstream)
@@ -526,6 +529,7 @@
CVE-2005-0004 version (mysql, fixed 4.1.10)
CVE-2005-0003 version (kernel, fixed 2.6.10)
CVE-2005-0001 version (kernel, fixed 2.6.10)
+CVE-2004-2541 blocked (cscope) by FORTIFY_SOURCE
CVE-2004-2536 version (kernel, fixed 2.6.7)
CVE-2004-2531 version (gnutls, fixed 1.0.17)
CVE-2004-2502 version (iiimf, fixed 11.4-46.1)
@@ -667,7 +671,7 @@
CVE-2004-0983 version (ruby, fixed 1.8.2)
CVE-2004-0981 version (ImageMagick, fixed 6.1.0)
CVE-2004-0977 version (postgresql, fixed after 7.4.6)
-CVE-2004-0976 version (perl, since 5.8.4)
+CVE-2004-0976 backport (perl) [since FEDORA-2005-1077]
CVE-2004-0975 backport (openssl097a, fixed 0.9.7f) from srpm
CVE-2004-0975 version (openssl, fixed 0.9.7f)
CVE-2004-0974 version (netatalk, fixed 2.0.1 says netatalk ChangeLog)
@@ -1182,6 +1186,7 @@
older, happened to deal with at same time:
CVE-2002-2204 ignore (rpm) by design
+CVE-2002-2196 version (samba, fixed 2.2.5)
CVE-2002-2103 version (apache, not 2.0)
CVE-2002-1963 version (kernel, not 2.6)
CVE-2002-1976 ignore (ifconfig) "use ip"
More information about the fedora-extras-commits
mailing list