fedora-security/audit fc6,1.40,1.41

Mark Cox (mjc) fedora-extras-commits at redhat.com
Mon Aug 28 15:37:12 UTC 2006 

Author: mjc

Update of /cvs/fedora/fedora-security/audit
In directory cvs-int.fedora.redhat.com:/tmp/cvs-serv29026

Modified Files:
	fc6 
Log Message:
Go back to the start of 2002; but now we have 120 issues that need
sorting (most will be obvious that they are fixed upstream now)



Index: fc6
===================================================================
RCS file: /cvs/fedora/fedora-security/audit/fc6,v
retrieving revision 1.40
retrieving revision 1.41
diff -u -r1.40 -r1.41
--- fc6	25 Aug 2006 18:48:57 -0000	1.40
+++ fc6	28 Aug 2006 15:37:09 -0000	1.41
@@ -1644,6 +1644,7 @@
 CVE-2002-1568 version (openssl097a, fixed 0.9.6f)
 CVE-2002-1567 ** tomcat
 CVE-2002-1565 ** wget
+CVE-2002-1563 ** stunnel
 CVE-2002-1511 version (vnc, fixed 3.3.3)
 CVE-2002-1510 version (XFree86, fixed 4.2.0)
 CVE-2002-1509 ** shadow-utils
@@ -1758,11 +1759,98 @@
 CVE-2002-0702 ** dhcpd
 CVE-2002-0684 ** bind
 CVE-2002-0682 ** tomcat
+CVE-2002-0662 version (scrollkeeper, fixed after 0.3.11)
+CVE-2002-0660 ** libpng
+CVE-2002-0659 version (openssl, not 0.9.8)
+CVE-2002-0659 version (openssl097a, not 0.9.7)
+CVE-2002-0657 version (openssl, not 0.9.8)
+CVE-2002-0657 version (openssl097a, not 0.9.7)
+CVE-2002-0656 version (openssl, not 0.9.8)
+CVE-2002-0656 version (openssl097a, not 0.9.7)
+CVE-2002-0655 version (openssl, not 0.9.8)
+CVE-2002-0655 version (openssl097a, not 0.9.7)
+CVE-2002-0653 version (mod_ssl, not httpd 2.2)
+CVE-2002-0651 ** bind (+resolvers)
+CVE-2002-0640 ** openssh
+CVE-2002-0639 ** openssh
+CVE-2002-0638 ** util-linux
+CVE-2002-0575 version (openssh, fixed 3.2.1)
+CVE-2002-0570 ** kernel
+CVE-2002-0517 version (XFree86) didn't affect Linux
+CVE-2002-0516 ** squirrelmail
+CVE-2002-0510 ignore (kernel) see cve
+CVE-2002-0506 ** newt
+CVE-2002-0499 ** kernel
+CVE-2002-0497 ** mtr
+CVE-2002-0493 ** tomcat
+CVE-2002-0435 ** fileutils
+CVE-2002-0429 ** kernel
+CVE-2002-0404 version (wireshark, fixed ethereal 0.9.3)
+CVE-2002-0403 version (wireshark, fixed ethereal 0.9.3)
+CVE-2002-0402 version (wireshark, fixed ethereal 0.9.3)
+CVE-2002-0401 version (wireshark, fixed ethereal 0.9.3)
+CVE-2002-0400 version (bind, fixed 9.2.1)
+CVE-2002-0399 ** tar
+CVE-2002-0392 version (httpd, not 2.2)
+CVE-2002-0391 ** resolvers
+CVE-2002-0389 ** mailman
+CVE-2002-0388 version (mailman, fixed 2.0.11)
+CVE-2002-0384 version (gaim, fixed 0.58)
+CVE-2002-0382 ** xchat
+CVE-2002-0380 ** tcpdump
+CVE-2002-0379 ** imap
+CVE-2002-0377 ** gaim
+CVE-2002-0374 version (pam_ldap, fixed 144)
+CVE-2002-0363 version (ghostscript, fixed 6.53)
+CVE-2002-0353 version (wireshark, fixed ethereal 0.9.3)
+CVE-2002-0342 ** kde
+CVE-2002-0318 ** freeradius
+CVE-2002-0253 ** php
+CVE-2002-0240 ignore (php) windows only
+CVE-2002-0232 ** mrtg
+CVE-2002-0229 ** php
+CVE-2002-0185 ** mod_python
+CVE-2002-0184 version (sudo, fixed 1.6.6)
+CVE-2002-0180 ** webalizer
+CVE-2002-0169 ** docbook
+CVE-2002-0165 ** logwatch
+CVE-2002-0164 version (XFree86, fixed 4.2.1)
+CVE-2002-0163 version (squid, fixed 20020312)
+CVE-2002-0162 ** logwatch
+CVE-2002-0157 ** nautilus
+CVE-2002-0146 version (fetchmail, fixed 5.9.10)
+CVE-2002-0130 ** efax
+CVE-2002-0129 ** efax
+CVE-2002-0121 version (php, fixed after 4.1.1)
+CVE-2002-0092 version (cve, fixed 1.10.8)
+CVE-2002-0083 ** openssh
+CVE-2002-0082 version (mod_ssl, not httpd 2.2)
+CVE-2002-0081 ** php
+CVE-2002-0080 ** rsync
+CVE-2002-0069 ** squid
+CVE-2002-0068 ** squid
+CVE-2002-0067 ** squid
+CVE-2002-0063 version (cups, fixed 1.1.14)
+CVE-2002-0062 ** ncurses
+CVE-2002-0060 ** kernel
+CVE-2002-0059 ** zlib and 100 other things
+CVE-2002-0048 ** rsync
+CVE-2002-0046 ** kernel
+CVE-2002-0045 ** openldap
+CVE-2002-0044 ** enscript
+CVE-2002-0043 version (sudo, fixed 1.6.4)
+CVE-2002-0036 version (krb5, fixed 1.2.5)
+CVE-2002-0029 ** bind
+CVE-2002-0013 ** snmp stuff
+CVE-2002-0012 ** snmp stuff
+CVE-2002-0006 ** xchat
+CVE-2002-0004 ** at
+CVE-2002-0003 ** groff
+CVE-2002-0002 ** stunnel
+CVE-2002-0001 version (mutt, fixed 1.3.25)
 
 older, happened to deal with at same time:
 
-CVE-2002-0517 version (XFree86) didn't affect Linux
-CVE-2002-0164 version (XFree86, fixed 4.2.1)
 CVE-2001-1494 version (util-linux, fixed 2.11n)
 CVE-2001-0955 version (XFree86, fixed 4.2.0)
 CVE-2001-0474 version (mesa, fixed 3.3-14)

More information about the fedora-extras-commits mailing list