fedora-security/audit fc4,1.77,1.78

Mark Cox (mjc) fedora-extras-commits at redhat.com
Wed Oct 26 08:39:15 UTC 2005 

Author: mjc

Update of /cvs/fedora/fedora-security/audit
In directory cvs-int.fedora.redhat.com:/tmp/cvs-serv601

Modified Files:
	fc4 
Log Message:
Lastest updates 



Index: fc4
===================================================================
RCS file: /cvs/fedora/fedora-security/audit/fc4,v
retrieving revision 1.77
retrieving revision 1.78
diff -u -r1.77 -r1.78
--- fc4	25 Oct 2005 20:35:00 -0000	1.77
+++ fc4	26 Oct 2005 08:39:13 -0000	1.78
@@ -1,10 +1,8 @@
-Up to date CVE as of CVE email 20051023
-Up to date FC4 as of 200501023
+Up to date CVE as of CVE email 20051024
+Up to date FC4 as of 200501024
 
 ** are items that need attention
 
-CVE-2005-3300 ** php 4.6.4
-CVE-2005-3299 ** php 4.6.4
 CVE-2005-3276 version (kernel, fixed 2.6.12.4) [since FEDORA-2005-949] was backport since FEDORA-2005-820
 CVE-2005-3275 version (kernel, fixed 2.6.13) [since FEDORA-2005-949] was backport since FEDORA-2005-820
 CVE-2005-3274 version (kernel, fixed 2.6.13) [since FEDORA-2005-949]
@@ -46,11 +44,13 @@
 CVE-2005-3011 backport (texinfo) [since FEDORA-2005-991]
 CVE-2005-2991 ignore (ncompress) don't ship zdiff or zcmp scripts
 CVE-2005-2978 version (netpbm, fixed 10.25)
+CVE-2005-2970 ** httpd
 CVE-2005-2969 backport (openssl, fixed 0.9.7h) [since FEDORA-2005-986]
 CVE-2005-2969 backport (openssl097a, fixed 0.9.7h) [since FEDORA-2005-986]
 CVE-2005-2968 version (mozilla, not 1.7.10) +we include a different mozilla sh
 CVE-2005-2968 version (firefox) [since FEDORA-2005-926]
 CVE-2005-2968 version (thunderbird) [since FEDORA-2005-963]
+CVE-2005-2959 ignore (sudo) not a vulnerability
 CVE-2005-2946 VULNERABLE (openssl, fixed 0.9.8) (as it uses md5 md)
 CVE-2005-2933 ** uw-imap
 CVE-2005-2917 ** squid
@@ -178,7 +178,7 @@
 CVE-2005-2103 version (gaim, fixed 1.5.0) [since FEDORA-2005-751]
 CVE-2005-2102 version (gaim, fixed 1.5.0) [since FEDORA-2005-751]
 CVE-2005-2101 backport (kdeedu) [since FEDORA-2005-744]
-CVE-2005-2100 version (kernel, not upstream)
+CVE-2005-2100 version (kernel, not upstream) only RHEL4
 CVE-2005-2099 version (kernel, fixed 2.6.12.5) [since FEDORA-2005-820]
 CVE-2005-2098 version (kernel, fixed 2.6.12.5) [since FEDORA-2005-820]
 CVE-2005-2097 backport (cups) [since FEDORA-2005-732]
@@ -499,7 +499,9 @@
 CVE-2005-0004 version (mysql, fixed 4.1.10)
 CVE-2005-0003 version (kernel, fixed 2.6.10)
 CVE-2005-0001 version (kernel, fixed 2.6.10)
+CVE-2004-2536 version (kernel, fixed 2.6.7)
 CVE-2004-2531 version (gnutls, fixed 1.0.17)
+CVE-2004-2502 version (iiimf, fixed 11.4-46.1)
 CVE-2004-2480 ignore (squid) bz#166523, not reproducable
 CVE-2004-2479 version (squid, fixed 2.5.STABLE8)
 CVE-2004-2396 version (passwd, fixed 0.69) verified in source

More information about the fedora-extras-commits mailing list