fedora-security/audit fc4,1.116,1.117 fc5,1.27,1.28

Mark Cox (mjc) fedora-extras-commits at redhat.com
Fri Jan 6 11:19:12 UTC 2006 

Author: mjc

Update of /cvs/fedora/fedora-security/audit
In directory cvs-int.fedora.redhat.com:/tmp/cvs-serv1226

Modified Files:
	fc4 fc5 
Log Message:
Deal with new updates, bad ordering in fc4, and a stock of new fc4
releases, although we'll need to fill in their real FEDORA-2006 id's when
I've looked them up



Index: fc4
===================================================================
RCS file: /cvs/fedora/fedora-security/audit/fc4,v
retrieving revision 1.116
retrieving revision 1.117
diff -u -r1.116 -r1.117
--- fc4	5 Jan 2006 13:01:32 -0000	1.116
+++ fc4	6 Jan 2006 11:19:04 -0000	1.117
@@ -1,12 +1,12 @@
-Up to date CVE as of CVE email 20060104
-Up to date FC4 as of 20060104
+Up to date CVE as of CVE email 20060105
+Up to date FC4 as of 20060105 (except netpbm)
 
 ** are items that need attention
 
 CVE-2006-0082 version (ImageMagick, not 6.2.2.0)
 CVE-2005-4618 VULNERABLE (kernel)
 CVE-2005-4605 VULNERABLE (kernel) bz#176813
-CVE-2005-4585 VULNERABLE (ethereal, fixed 0.10.14)
+CVE-2005-4585 version (ethereal, fixed 0.10.14) [since FEDORA-2005-000**]
 CVE-2005-4442 version (openldap) gentoo only
 CVE-2005-4348 version (fetchmail, fixed 6.2.5.5) [since FEDORA-2005-1187]
 CVE-2005-4268 blocked (cpio) by FORTIFY_SOURCE
@@ -18,28 +18,10 @@
 CVE-2005-4130 ** (HelixPlayer) no information available
 CVE-2005-4126 ** (HelixPlayer) no information available
 CVE-2005-4077 backport (curl) [since FEDORA-2005-1137]
-CVE-2005-3896 ignore (mozilla) recoverable DoS only
-CVE-2005-3651 VULNERABLE (ethereal)
-CVE-2005-3358 version (kernel, fixed 2.6.11)
-CVE-2005-3352 VULNERABLE (httpd, fixed 2.0.56)
-CVE-2005-3193 backport (cups) [since FEDORA-2005-1142]
-CVE-2005-3193 backport (xpdf) [since FEDORA-2005-1169]
-CVE-2005-3193 backport (kdegraphics) [since FEDORA-2005-1160]
-CVE-2005-3193 backport (tetex) [since FEDORA-2005-1126]
-CVE-2005-3193 backport (poppler) [since FEDORA-2005-1171]
-CVE-2005-3192 backport (cups) [since FEDORA-2005-1142]
-CVE-2005-3192 backport (xpdf) [since FEDORA-2005-1169]
-CVE-2005-3192 backport (kdegraphics) [since FEDORA-2005-1160]
-CVE-2005-3192 backport (tetex) [since FEDORA-2005-1126]
-CVE-2005-3192 backport (poppler) [since FEDORA-2005-1171]
-CVE-2005-3191 backport (cups) [since FEDORA-2005-1142]
-CVE-2005-3191 backport (xpdf) [since FEDORA-2005-1169]
-CVE-2005-3191 backport (kdegraphics) [since FEDORA-2005-1160]
-CVE-2005-3191 backport (tetex) [since FEDORA-2005-1126]
-CVE-2005-3191 backport (poppler) [since FEDORA-2005-1171]
 CVE-2005-3964 VULNERABLE (openmotif) bz#174815
 CVE-2005-3962 backport (perl) [since FEDORA-2005-1144]
 CVE-2005-3912 backport (perl) [since FEDORA-2005-1144]
+CVE-2005-3896 ignore (mozilla) recoverable DoS only
 CVE-2005-3883 VULNERABLE (php)
 CVE-2005-3858 version (kernel, fixed 2.6.13) [since FEDORA-2005-949]
 CVE-2005-3857 VULNERABLE (kernel, fixed 2.6.15)
@@ -59,8 +41,13 @@
 CVE-2005-3675 VULNERABLE (kernel) optack
 CVE-2005-3671 version (openswan, fixed 2.4.4) [since FEDORA-2005-1093]
 CVE-2005-3662 version (netpbm)
+CVE-2005-3656 VULNERABLE (mod_auth_pgsql, fixed 2.0.3)
+CVE-2005-3651 version (ethereal, fixed 0.10.14) [since FEDORA-2005-000**]
 CVE-2005-3632 version (netpbm)
 CVE-2005-3631 version (udev)
+CVE-2005-3627 backport (cups) [since FEDORA-2005-000**]
+CVE-2005-3626 backport (cups) [since FEDORA-2005-000**]
+CVE-2005-3625 backport (cups) [since FEDORA-2005-000**]
 CVE-2005-3582 version (ImageMagick) gentoo only
 CVE-2005-3573 VULNERABLE (mailman)
 CVE-2005-3527 version (kernel, fixed 2.6.14 at least) [since FEDORA-2005-1067]
@@ -70,12 +57,14 @@
 CVE-2005-3390 backport (php) [since FEDORA-2005-1062]
 CVE-2005-3389 backport (php) [since FEDORA-2005-1062]
 CVE-2005-3388 backport (php) [since FEDORA-2005-1062]
+CVE-2005-3358 version (kernel, fixed 2.6.11)
 CVE-2005-3353 backport (php) [since FEDORA-2005-1062]
+CVE-2005-3352 VULNERABLE (httpd, fixed 2.0.56)
 CVE-2005-3351 backport (spamassassin) [since FEDORA-2005-1066]
 CVE-2005-3350 version (libungif, fixed 4.1.3) [since FEDORA-2005-1046]
 CVE-2005-3322 version (squid, not upstream) SUSE only
 CVE-2005-3319 ignore (mod_php) no security consequence
-CVE-2005-3313 VULNERABLE (ethereal)
+CVE-2005-3313 version (ethereal, fixed 0.10.14) [since FEDORA-2005-000**]
 CVE-2005-3276 version (kernel, fixed 2.6.12.4) [since FEDORA-2005-949] was backport since FEDORA-2005-820
 CVE-2005-3275 version (kernel, fixed 2.6.13) [since FEDORA-2005-949] was backport since FEDORA-2005-820
 CVE-2005-3274 version (kernel, fixed 2.6.13) [since FEDORA-2005-949]
@@ -93,9 +82,21 @@
 CVE-2005-3243 version (ethereal, fixed 0.10.13) [since FEDORA-2005-1011]
 CVE-2005-3242 version (ethereal, fixed 0.10.13) [since FEDORA-2005-1011]
 CVE-2005-3241 version (ethereal, fixed 0.10.13) [since FEDORA-2005-1011]
-CVE-2005-3193 backport (xpdf) [since FEDORA-2005-1122]
-CVE-2005-3192 backport (xpdf) [since FEDORA-2005-1122]
-CVE-2005-3191 backport (xpdf) [since FEDORA-2005-1122]
+CVE-2005-3193 backport (cups) [since FEDORA-2005-1142]
+CVE-2005-3193 backport (xpdf) [since FEDORA-2005-1169]
+CVE-2005-3193 backport (kdegraphics) [since FEDORA-2005-1160]
+CVE-2005-3193 backport (tetex) [since FEDORA-2005-1126]
+CVE-2005-3193 backport (poppler) [since FEDORA-2005-1171]
+CVE-2005-3192 backport (cups) [since FEDORA-2005-1142]
+CVE-2005-3192 backport (xpdf) [since FEDORA-2005-1169]
+CVE-2005-3192 backport (kdegraphics) [since FEDORA-2005-1160]
+CVE-2005-3192 backport (tetex) [since FEDORA-2005-1126]
+CVE-2005-3192 backport (poppler) [since FEDORA-2005-1171]
+CVE-2005-3191 backport (cups) [since FEDORA-2005-1142]
+CVE-2005-3191 backport (xpdf) [since FEDORA-2005-1169]
+CVE-2005-3191 backport (kdegraphics) [since FEDORA-2005-1160]
+CVE-2005-3191 backport (tetex) [since FEDORA-2005-1126]
+CVE-2005-3191 backport (poppler) [since FEDORA-2005-1171]
 CVE-2005-3186 backport (gdk-pixbuf) [since FEDORA-2005-1085]
 CVE-2005-3186 backport (gtk2) [since FEDORA-2005-1088]
 CVE-2005-3185 backport (curl) [since FEDORA-2005-1129] was blocked (curl) by FORTIFY_SOURCE


Index: fc5
===================================================================
RCS file: /cvs/fedora/fedora-security/audit/fc5,v
retrieving revision 1.27
retrieving revision 1.28
diff -u -r1.27 -r1.28
--- fc5	5 Jan 2006 13:01:32 -0000	1.27
+++ fc5	6 Jan 2006 11:19:04 -0000	1.28
@@ -29,6 +29,9 @@
 CVE-2005-4077 VULNERABLE (curl)
 CVE-2005-3896 ignore (mozilla) recoverable DoS only
 CVE-2005-3651 VULNERABLE (ethereal)
+CVE-2005-3627 VULNERABLE (cups)
+CVE-2005-3626 VULNERABLE (cups)
+CVE-2005-3625 VULNERABLE (cups)
 CVE-2005-3358 version (kernel, fixed 2.6.11)
 CVE-2005-3352 VULNERABLE (httpd, fixed 2.2.1)
 CVE-2005-3193 VULNERABLE (xpdf)
@@ -65,6 +68,7 @@
 CVE-2005-3675 VULNERABLE (kernel) optack
 CVE-2005-3671 VULNERABLE (openswan, fixed 2.4.4) BZ#174165
 CVE-2005-3662 version (netpbm)
+CVE-2005-3656 VULNERABLE (mod_auth_pgsql, fixed 2.0.3)
 CVE-2005-3632 version (netpbm)
 CVE-2005-3631 version (udev)
 CVE-2005-3582 version (ImageMagick) gentoo only

More information about the fedora-extras-commits mailing list