fedora-security/audit fc4,1.63,1.64

Mark Cox (mjc) fedora-extras-commits at redhat.com
Tue Sep 27 09:36:53 UTC 2005 

Author: mjc

Update of /cvs/fedora/fedora-security/audit
In directory cvs-int.fedora.redhat.com:/tmp/cvs-serv14156

Modified Files:
	fc4 
Log Message:
Deal with the release of firefox, mozilla, and others



Index: fc4
===================================================================
RCS file: /cvs/fedora/fedora-security/audit/fc4,v
retrieving revision 1.63
retrieving revision 1.64
diff -u -r1.63 -r1.64
--- fc4	26 Sep 2005 08:19:41 -0000	1.63
+++ fc4	27 Sep 2005 09:36:51 -0000	1.64
@@ -1,22 +1,25 @@
-Up to date CVE as of CVE email 20050925
-Up to date FC4 as of 20050925
+Up to date CVE as of CVE email 20050926
+Up to date FC4 as of 20050926
 
 ** are items that need attention
 
+2005-3055 VULNERABLE (kernel)
+2005-3054 ** php
+2005-3053 backport (kernel) [since FEDORA-2005-820] patch-2.6.12.5
 2005-3044 VULNERABLE (kernel, fixed 2.6.13.2)
 2005-3011 ** texinfo
 2005-2991 ignore (ncompress) don't ship zdiff or zcmp scripts
 2005-2968 version (mozilla, not 1.7.10) +we include a different mozilla sh
-2005-2968 VULNERABLE (firefox)
+2005-2968 version (firefox) [since FEDORA-2005-926]
 2005-2946 VULNERABLE (openssl, fixed 0.9.8) (as it uses md5 md)
 2005-2876 backport (util-linux) [since FEDORA-2005-887]
 2005-2874 version (cups, fixed 1.1.23)
-2005-2873 ** kernel
+2005-2873 VULNERABLE (kernel) not upstream fixed
 2005-2872 version (kernel, fixed 2.6.12) [since FEDORA-2005-510]
-2005-2871 backport (firefox) [since FEDORA-2005-871]
-2005-2871 backport (mozilla) [since FEDORA-2005-873]
+2005-2871 ** backport (firefox) [since FEDORA-2005-871]
+2005-2871 ** backport (mozilla) [since FEDORA-2005-873]
 2005-2871 VULNERABLE (thunderbird) (moderate only)
-2005-2811 version (net-snmp, not upstream gentoo only)
+2005-2811 version (net-snmp, not upstream) gentoo only
 2005-2801 version (kernel, fixed 2.6.11)
 2005-2800 backport (kernel, fixed 2.6.12.6) [since FEDORA-2005-906]
 2005-2798 version (openssh, fixed 4.2) [since FEDORA-2005-860]
@@ -25,25 +28,25 @@
 2005-2794 version (squid, fixed 2.5.STABLE11) [since FEDORA-2005-913] was backport since FEDORA-2005-851
 2005-2728 backport (httpd, fixed 2.0.55-dev) [since FEDORA-2005-849]
 2005-2707 VULNERABLE (thunderbird)
-2005-2707 VULNERABLE (firefox, fixed 1.0.7)
-2005-2707 VULNERABLE (mozilla, fixed 1.7.12)
+2005-2707 version (firefox, fixed 1.0.7) [since FEDORA-2005-926]
+2005-2707 version (mozilla, fixed 1.7.12) [since FEDORA-2005-927]
 2005-2706 VULNERABLE (thunderbird)
-2005-2706 VULNERABLE (firefox, fixed 1.0.7)
-2005-2706 VULNERABLE (mozilla, fixed 1.7.12)
+2005-2706 version (firefox, fixed 1.0.7) [since FEDORA-2005-926]
+2005-2706 version (mozilla, fixed 1.7.12) [since FEDORA-2005-927]
 2005-2705 VULNERABLE (thunderbird)
-2005-2705 VULNERABLE (firefox, fixed 1.0.7)
-2005-2705 VULNERABLE (mozilla, fixed 1.7.12)
+2005-2705 version (firefox, fixed 1.0.7) [since FEDORA-2005-926]
+2005-2705 version (mozilla, fixed 1.7.12) [since FEDORA-2005-927]
 2005-2704 VULNERABLE (thunderbird)
-2005-2704 VULNERABLE (firefox, fixed 1.0.7)
-2005-2704 VULNERABLE (mozilla, fixed 1.7.12)
+2005-2704 version (firefox, fixed 1.0.7) [since FEDORA-2005-926]
+2005-2704 version (mozilla, fixed 1.7.12) [since FEDORA-2005-927]
 2005-2703 VULNERABLE (thunderbird)
-2005-2703 VULNERABLE (firefox, fixed 1.0.7)
-2005-2703 VULNERABLE (mozilla, fixed 1.7.12)
+2005-2703 version (firefox, fixed 1.0.7) [since FEDORA-2005-926]
+2005-2703 version (mozilla, fixed 1.7.12) [since FEDORA-2005-927]
 2005-2702 VULNERABLE (thunderbird)
-2005-2702 VULNERABLE (firefox, fixed 1.0.7)
-2005-2702 VULNERABLE (mozilla, fixed 1.7.12)
-2005-2701 VULNERABLE (firefox, fixed 1.0.7)
-2005-2701 VULNERABLE (mozilla, fixed 1.7.12)
+2005-2702 version (firefox, fixed 1.0.7) [since FEDORA-2005-926]
+2005-2702 version (mozilla, fixed 1.7.12) [since FEDORA-2005-927]
+2005-2701 version (firefox, fixed 1.0.7) [since FEDORA-2005-926]
+2005-2701 version (mozilla, fixed 1.7.12) [since FEDORA-2005-927]
 2005-2700 backport (httpd, fixed 2.0.55-dev) [since FEDORA-2005-849]
 2005-2693 backport (cvs) [since FEDORA-2005-790]
 2005-2672 VULNERABLE (lm_sensors) bz#166673
@@ -51,8 +54,8 @@
 2005-2642 version (mutt, openbsd only)
 2005-2641 VULNERABLE (pam_ldap) bz#166164
 2005-2617 version (kernel, fixed 2.6.12.5) [since FEDORA-2005-820]
-2005-2602 VULNERABLE (firefox) probably
-2005-2602 VULNERABLE (thunderbird) probably
+2005-2602 ** VULNERABLE (firefox) probably
+2005-2602 ** VULNERABLE (thunderbird) probably
 2005-2558 ignore (mysql) not an issue
 2005-2558 VULNERABLE (mysql, fixed 4.1.13) probably
 2005-2555 backport (kernel, fixed 2.6.12.6pre) [since FEDORA-2005-820] patch-2.6.12.6pre.patch
@@ -141,7 +144,7 @@
 2005-2069 VULNERABLE (nss_ldap) http://bugzilla.padl.com/attachment.cgi?id=10&action=view
 2005-2023 version (gnupg, fixed 1.9.15)
 2005-1993 backport (sudo, fixed 1.6.8p9) [since FEDORA-2005-472]
-2005-1992 backport (ruby) [since FEDORA-2005-475]
+2005-1992 version (ruby, fixed 1.8.3 at least) [since FEDORA-2005-936] was backport since FEDORA-2005-475
 2005-1937 version (firefox, fixed 1.0.5) [since FEDORA-2005-605]
 2005-1937 version (mozilla, fixed 1.7.9) [since FEDORA-2005-619]
 2005-1934 version (gaim, fixed 1.3.1) [since FEDORA-2005-411]
@@ -872,6 +875,7 @@
 2004-0005 version (gaim, fixed 0.76)
 2004-0003 version (kernel, not 2.6)
 2004-0001 version (kernel, not 2.6)
+2003-1232 version (emacs, fixed 21.3)
 2003-1201 version (openldap, not 2.2)
 2003-1161 version (kernel, not released version)
 2003-1138 backport (httpd, Red Hat only) contains /+ now

More information about the fedora-extras-commits mailing list