fedora-security/audit fc4,1.125,1.126 fc5,1.35,1.36

Mark Cox (mjc) fedora-extras-commits at redhat.com
Thu Jan 12 10:56:33 UTC 2006 

Author: mjc

Update of /cvs/fedora/fedora-security/audit
In directory cvs-int.fedora.redhat.com:/tmp/cvs-serv10651

Modified Files:
	fc4 fc5 
Log Message:
Deal with poppler and kernel issues



Index: fc4
===================================================================
RCS file: /cvs/fedora/fedora-security/audit/fc4,v
retrieving revision 1.125
retrieving revision 1.126
diff -u -r1.125 -r1.126
--- fc4	10 Jan 2006 15:35:28 -0000	1.125
+++ fc4	12 Jan 2006 10:56:26 -0000	1.126
@@ -1,11 +1,14 @@
-Up to date CVE as of CVE email 20060108
-Up to date FC4 as of 20060108
+Up to date CVE as of CVE email 20060111
+Up to date FC4 as of 20060111
 
 ** are items that need attention
 
 CVE-2006-0097 ignore (php) Windows only
+CVE-2006-0096 ignore (kernel) minor and requires root
 CVE-2006-0095 VULNERABLE (kernel)
 CVE-2006-0082 version (ImageMagick, not 6.2.2.0)
+CVE-2006-0035 VULNERABLE (kernel)
+CVE-2005-4639 VULNERABLE (kernel)
 CVE-2005-4635 backport (kernel, fixed 2.6.15) [since FEDORA-2006-013]
 CVE-2005-4618 verson (kernel, fixed 2.6.15) [since FEDORA-2006-013]
 CVE-2005-4605 backport (kernel) [since FEDORA-2006-013]
@@ -50,24 +53,24 @@
 CVE-2005-3631 version (udev)
 CVE-2005-3628 backport (xpdf) [since FEDORA-2005-1169]
 CVE-2005-3628 backport (tetex) [since FEDORA-2005-1126]
-CVE-2005-3628 backport (poppler) [since FEDORA-2005-1171]
+CVE-2005-3628 version (poppler, fixed 0.4.4) [since FEDORA-2005-026] was backport since FEDORA-2005-1171
 CVE-2005-3628 backport (kdegraphics) [since FEDORA-2005-1160]
 CVE-2005-3628 backport (cups) [since FEDORA-2005-1142]
-CVE-2005-3627 VULNERABLE (xpdf)
+CVE-2005-3627 backport (xpdf) [since FEDORA-2005-027]
 CVE-2005-3627 backport (kdegraphics) [since FEDORA-2005-1160]
 CVE-2005-3627 backport (cups) [since FEDORA-2006-010]
-CVE-2005-3627 VULNERABLE (poppler) bz#176873
-CVE-2005-3626 VULNERABLE (xpdf)
+CVE-2005-3627 version (poppler, fixed 0.4.4) [since FEDORA-2005-026]
+CVE-2005-3626 backport (xpdf) [since FEDORA-2005-027]
 CVE-2005-3626 backport (kdegraphics) [since FEDORA-2005-1160]
 CVE-2005-3626 backport (cups) [since FEDORA-2006-010]
-CVE-2005-3626 VULNERABLE (poppler) bz#176873
-CVE-2005-3625 VULNERABLE (xpdf)
+CVE-2005-3626 version (poppler, fixed 0.4.4) [since FEDORA-2005-026]
+CVE-2005-3625 backport (xpdf) [since FEDORA-2005-027]
 CVE-2005-3625 backport (kdegraphics) [since FEDORA-2005-1160]
 CVE-2005-3625 backport (cups) [since FEDORA-2006-010]
-CVE-2005-3625 VULNERABLE (poppler) bz#176873
-CVE-2005-3624 VULNERABLE (xpdf)
+CVE-2005-3625 version (poppler, fixed 0.4.4) [since FEDORA-2005-026]
+CVE-2005-3624 backport (xpdf) [since FEDORA-2005-027]
 CVE-2005-3624 backport (kdegraphics) [since FEDORA-2005-1160]
-CVE-2005-3624 VULNERABLE (poppler) bz#176873
+CVE-2005-3624 version (poppler, fixed 0.4.4) [since FEDORA-2005-026]
 CVE-2005-3624 backport (cups) [since FEDORA-2006-010]
 CVE-2005-3623 backport (kernel, fixed 2.6.14.5) [since FEDORA-2006-013]
 CVE-2005-3582 version (ImageMagick) gentoo only
@@ -107,17 +110,17 @@
 CVE-2005-3241 version (ethereal, fixed 0.10.13) [since FEDORA-2005-1011]
 CVE-2005-3193 backport (xpdf) [since FEDORA-2005-1169]
 CVE-2005-3193 backport (tetex) [since FEDORA-2005-1126]
-CVE-2005-3193 backport (poppler) [since FEDORA-2005-1171]
+CVE-2005-3193 version (poppler, fixed 0.4.4) [since FEDORA-2005-026] was backport since FEDORA-2005-1171
 CVE-2005-3193 backport (kdegraphics) [since FEDORA-2005-1160]
 CVE-2005-3193 backport (cups) [since FEDORA-2005-1142]
 CVE-2005-3192 backport (xpdf) [since FEDORA-2005-1169]
 CVE-2005-3192 backport (tetex) [since FEDORA-2005-1126]
-CVE-2005-3192 backport (poppler) [since FEDORA-2005-1171]
+CVE-2005-3192 version (poppler, fixed 0.4.4) [since FEDORA-2005-026] was backport since FEDORA-2005-1171
 CVE-2005-3192 backport (kdegraphics) [since FEDORA-2005-1160]
 CVE-2005-3192 backport (cups) [since FEDORA-2005-1142]
 CVE-2005-3191 backport (xpdf) [since FEDORA-2005-1169]
 CVE-2005-3191 backport (tetex) [since FEDORA-2005-1126]
-CVE-2005-3191 backport (poppler) [since FEDORA-2005-1171]
+CVE-2005-3191 version (poppler, fixed 0.4.4) [since FEDORA-2005-026] was backport since FEDORA-2005-1171
 CVE-2005-3191 backport (kdegraphics) [since FEDORA-2005-1160]
 CVE-2005-3191 backport (cups) [since FEDORA-2005-1142]
 CVE-2005-3186 backport (gtk2) [since FEDORA-2005-1088]


Index: fc5
===================================================================
RCS file: /cvs/fedora/fedora-security/audit/fc5,v
retrieving revision 1.35
retrieving revision 1.36
diff -u -r1.35 -r1.36
--- fc5	10 Jan 2006 15:35:28 -0000	1.35
+++ fc5	12 Jan 2006 10:56:26 -0000	1.36
@@ -1,4 +1,4 @@
-Up to date CVE as of CVE email 20060104
+Up to date CVE as of CVE email 20060111
 Up to date FC5 as of FC5-Test1-RC
 
 1. Removed packages with security issues that are no longer in FC5 
@@ -13,8 +13,11 @@
 ** are items that need attention
 
 CVE-2006-0097 ignore (php) Windows only
+CVE-2006-0096 ignore (kernel) minor and requires root
 CVE-2006-0095 VULNERABLE (kernel)
 CVE-2006-0082 version (ImageMagick, not 6.2.5.4)
+CVE-2006-0035 VULNERABLE (kernel)
+CVE-2005-4639 VULNERABLE (kernel)
 CVE-2005-4635 backport (kernel, fixed 2.6.15) [since FEDORA-2006-013]
 CVE-2005-4618 VULNERABLE (kernel, fixed 2.6.15)
 CVE-2005-4605 VULNERABLE (kernel) bz#176814
@@ -58,26 +61,26 @@
 CVE-2005-3632 version (netpbm)
 CVE-2005-3631 version (udev)
 CVE-2005-3628 VULNERABLE (xpdf)
-CVE-2005-3628 VULNERABLE (poppler)
+CVE-2005-3628 VULNERABLE (poppler, fixed 0.4.4)
 CVE-2005-3628 VULNERABLE (kdegraphics)
 CVE-2005-3628 VULNERABLE (cups)
 CVE-2005-3627 VULNERABLE (xpdf)
-CVE-2005-3627 VULNERABLE (poppler)
+CVE-2005-3627 VULNERABLE (poppler, fixed 0.4.4)
 CVE-2005-3627 VULNERABLE (kdegraphics)
 CVE-2005-3627 VULNERABLE (cups)
 CVE-2005-3627 VULNERABLE (cups)
 CVE-2005-3626 VULNERABLE (xpdf)
-CVE-2005-3626 VULNERABLE (poppler)
+CVE-2005-3626 VULNERABLE (poppler, fixed 0.4.4)
 CVE-2005-3626 VULNERABLE (kdegraphics)
 CVE-2005-3626 VULNERABLE (cups)
 CVE-2005-3626 VULNERABLE (cups)
 CVE-2005-3625 VULNERABLE (xpdf)
-CVE-2005-3625 VULNERABLE (poppler)
+CVE-2005-3625 VULNERABLE (poppler, fixed 0.4.4)
 CVE-2005-3625 VULNERABLE (kdegraphics)
 CVE-2005-3625 VULNERABLE (cups)
 CVE-2005-3625 VULNERABLE (cups)
 CVE-2005-3624 VULNERABLE (xpdf)
-CVE-2005-3624 VULNERABLE (poppler)
+CVE-2005-3624 VULNERABLE (poppler, fixed 0.4.4)
 CVE-2005-3624 VULNERABLE (kdegraphics)
 CVE-2005-3624 VULNERABLE (cups)
 CVE-2005-3623 VULNERABLE (kernel, fixed 2.6.14.5)
@@ -117,15 +120,15 @@
 CVE-2005-3241 version (ethereal, fixed 0.10.13)
 CVE-2005-3193 VULNERABLE (xpdf, fixed 3.0.1pl1)
 CVE-2005-3193 VULNERABLE (tetex)
-CVE-2005-3193 VULNERABLE (poppler)
+CVE-2005-3193 VULNERABLE (poppler, fixed 0.4.4)
 CVE-2005-3193 VULNERABLE (kdegraphics)
 CVE-2005-3192 VULNERABLE (xpdf, fixed 3.0.1pl1)
 CVE-2005-3192 VULNERABLE (tetex)
-CVE-2005-3192 VULNERABLE (poppler)
+CVE-2005-3192 VULNERABLE (poppler, fixed 0.4.4)
 CVE-2005-3192 VULNERABLE (kdegraphics)
 CVE-2005-3191 VULNERABLE (xpdf, fixed 3.0.1pl1)
 CVE-2005-3191 VULNERABLE (tetex)
-CVE-2005-3191 VULNERABLE (poppler)
+CVE-2005-3191 VULNERABLE (poppler, fixed 0.4.4)
 CVE-2005-3191 VULNERABLE (kdegraphics)
 CVE-2005-3186 version (gtk2, fixed 2.8.7 at least)
 CVE-2005-3186 backport (gdk-pixbuf)

More information about the fedora-extras-commits mailing list