fedora-security/audit fc4,1.113,1.114 fc5,1.24,1.25
Mark Cox (mjc)
fedora-extras-commits at redhat.com
Tue Jan 3 16:34:13 UTC 2006
- Previous message (by thread): rpms/pbzip2/FC-4 .cvsignore, 1.2, 1.3 pbzip2.spec, 1.1, 1.2 sources, 1.2, 1.3
- Next message (by thread): fedora-security/audit fc4,1.114,1.115 fc5,1.25,1.26
- Messages sorted by:
[ date ]
[ thread ]
[ subject ]
[ author ]
Author: mjc
Update of /cvs/fedora/fedora-security/audit
In directory cvs-int.fedora.redhat.com:/tmp/cvs-serv24987
Modified Files:
fc4 fc5
Log Message:
Some fixes from over the holidays
Note ethereal isn't fixed in fc5t1 (but we'll update this file after t2)
Index: fc4
===================================================================
RCS file: /cvs/fedora/fedora-security/audit/fc4,v
retrieving revision 1.113
retrieving revision 1.114
diff -u -r1.113 -r1.114
--- fc4 3 Jan 2006 14:51:52 -0000 1.113
+++ fc4 3 Jan 2006 16:34:11 -0000 1.114
@@ -4,6 +4,7 @@
** are items that need attention
CVE-2005-4585 VULNERABLE (ethereal, fixed 0.10.14)
+CVE-2005-4442 version (openldap) gentoo only
CVE-2005-4348 version (fetchmail, fixed 6.2.5.5) [since FEDORA-2005-1187]
CVE-2005-4268 blocked (cpio) by FORTIFY_SOURCE
CVE-2005-4158 backport (sudo) [since FEDORA-2005-1147] was ignore only env_reset will properly clean the environment
@@ -11,6 +12,8 @@
CVE-2005-4153 VULNERABLE (mailman)
CVE-2005-4134 ignore (mozilla) http://www.mozilla.org/security/history-title.html
CVE-2005-4134 ignore (firefox) http://www.mozilla.org/security/history-title.html
+CVE-2005-4130 ** (HelixPlayer) no information available
+CVE-2005-4126 ** (HelixPlayer) no information available
CVE-2005-4077 backport (curl) [since FEDORA-2005-1137]
CVE-2005-3896 ignore (mozilla) recoverable DoS only
CVE-2005-3651 VULNERABLE (ethereal)
@@ -54,6 +57,7 @@
CVE-2005-3671 version (openswan, fixed 2.4.4) [since FEDORA-2005-1093]
CVE-2005-3662 version (netpbm)
CVE-2005-3632 version (netpbm)
+CVE-2005-3631 version (udev)
CVE-2005-3582 version (ImageMagick) gentoo only
CVE-2005-3573 VULNERABLE (mailman)
CVE-2005-3527 version (kernel, fixed 2.6.14 at least) [since FEDORA-2005-1067]
@@ -747,7 +751,7 @@
CVE-2004-0883 version (kernel, fixed 2.6.11)
CVE-2004-0946 version (nfs-utils, fixed 1.0.6-r6)
CVE-2004-0942 version (httpd, fixed 2.0.53)
-CVE-2004-0941 version (gd, fixed 2.0.22)
+CVE-2004-0941 VULNERABLE (gd) seems wasn't fixed upstream bz#175414
CVE-2004-0940 version (httpd, not 2.0)
CVE-2004-0938 version (freeradius, fixed 1.0.1)
CVE-2004-0930 version (samba, fixed 3.0.8)
@@ -1254,6 +1258,7 @@
CVE-2002-1793 version (mod_ssl), also only hp
CVE-2002-1783 version (php, fixed after 4.2.3)
CVE-2002-1765 version (evolution, fixed 1.0.5)
+CVE-2002-1593 version (httpd, fixed 2.0.42)
CVE-2002-1510 version (XFree86, fixed 4.2.0)
CVE-2002-1472 version (XFree86, fixed 4.2.1)
CVE-2002-1363 version (libpng, fixed 1.2.6)
Index: fc5
===================================================================
RCS file: /cvs/fedora/fedora-security/audit/fc5,v
retrieving revision 1.24
retrieving revision 1.25
diff -u -r1.24 -r1.25
--- fc5 3 Jan 2006 14:51:52 -0000 1.24
+++ fc5 3 Jan 2006 16:34:11 -0000 1.25
@@ -12,7 +12,8 @@
** are items that need attention
-CVE-2005-4585 version (ethereal, fixed 0.10.14)
+CVE-2005-4585 VULNERABLE (ethereal, fixed 0.10.14)
+CVE-2005-4442 version (openldap) gentoo only
CVE-2005-4348 VULNERABLE (fetchmail, fixed 6.3.1)
CVE-2005-4268 blocked (cpio) by FORTIFY_SOURCE
CVE-2005-4158 ignore (sudo) only env_reset will properly clean the environment
@@ -20,6 +21,8 @@
CVE-2005-4153 VULNERABLE (mailman)
CVE-2005-4134 ignore (mozilla) http://www.mozilla.org/security/history-title.html
CVE-2005-4134 ignore (firefox) http://www.mozilla.org/security/history-title.html
+CVE-2005-4130 ** (HelixPlayer) no information available
+CVE-2005-4126 ** (HelixPlayer) no information available
CVE-2005-4077 VULNERABLE (curl)
CVE-2005-3896 ignore (mozilla) recoverable DoS only
CVE-2005-3651 VULNERABLE (ethereal)
@@ -60,6 +63,7 @@
CVE-2005-3671 VULNERABLE (openswan, fixed 2.4.4) BZ#174165
CVE-2005-3662 version (netpbm)
CVE-2005-3632 version (netpbm)
+CVE-2005-3631 version (udev)
CVE-2005-3582 version (ImageMagick) gentoo only
CVE-2005-3573 VULNERABLE (mailman) not fixed 2.1.6 BZ#174166
CVE-2005-3527 version (kernel, fixed 2.6.14 at least)
@@ -783,7 +787,7 @@
CVE-2004-0883 version (kernel, fixed 2.6.11)
CVE-2004-0946 version (nfs-utils, fixed 1.0.6-r6)
CVE-2004-0942 version (httpd, fixed 2.0.53)
-CVE-2004-0941 version (gd, fixed 2.0.22)
+CVE-2004-0941 VULNERABLE (gd) seems wasn't fixed upstream fc4bz#175414
CVE-2004-0940 version (httpd, not 2.0)
CVE-2004-0938 version (freeradius, fixed 1.0.1)
CVE-2004-0930 version (samba, fixed 3.0.8)
@@ -1297,6 +1301,7 @@
CVE-2002-1793 version (mod_ssl), also only hp
CVE-2002-1783 version (php, fixed after 4.2.3)
CVE-2002-1765 version (evolution, fixed 1.0.5)
+CVE-2002-1593 version (httpd, fixed 2.0.42)
CVE-2002-1510 version (XFree86, fixed 4.2.0)
CVE-2002-1472 version (XFree86, fixed 4.2.1)
CVE-2002-1363 version (libpng, fixed 1.2.6)
- Previous message (by thread): rpms/pbzip2/FC-4 .cvsignore, 1.2, 1.3 pbzip2.spec, 1.1, 1.2 sources, 1.2, 1.3
- Next message (by thread): fedora-security/audit fc4,1.114,1.115 fc5,1.25,1.26
- Messages sorted by:
[ date ]
[ thread ]
[ subject ]
[ author ]
More information about the fedora-extras-commits
mailing list