fedora-security/audit fc4,1.316,1.317 fc5,1.231,1.232

Josh Bressers (bressers) fedora-extras-commits at redhat.com
Wed Jul 5 14:03:03 UTC 2006 

Author: bressers

Update of /cvs/fedora/fedora-security/audit
In directory cvs-int.fedora.redhat.com:/tmp/cvs-serv1418

Modified Files:
	fc4 fc5 
Log Message:
Sync with the mail archive.



Index: fc4
===================================================================
RCS file: /cvs/fedora/fedora-security/audit/fc4,v
retrieving revision 1.316
retrieving revision 1.317
diff -u -r1.316 -r1.317
--- fc4	5 Jul 2006 13:42:22 -0000	1.316
+++ fc4	5 Jul 2006 14:02:51 -0000	1.317
@@ -3,12 +3,12 @@
 
 ** are items that need attention
 
-CVE-2006-3242 VULNERABLE (mutt) #197152
+CVE-2006-3242 backport (mutt) #197152 [since FEDORA-2006-761]
 CVE-2006-3174 VULNERABLE (squirrelmail) #197369
 CVE-2006-3145 ** (netpbm)
 CVE-2006-3117 backport (openoffice.org, fixed 2.0.3) [since FEDORA-2006-764]
 CVE-2006-3085 version (kernel, fixed 2.6.16.21, fixed 2.6.17.1) [since FEDORA-2006-736]
-CVE-2006-3082 VULNERABLE (gnupg) #195946
+CVE-2006-3082 version (gnupg, fixed 1.4.4) #195946 [since FEDORA-2006-757]
 CVE-2006-3081 version (mysql, fixed 5.1.18) [since FEDORA-2006-703]
 CVE-2006-3057 version (dhcdbd, fixed 1.14) [since FEDORA-2006-435]
 CVE-2006-3018 ** (php, fixed 5.1.3)
@@ -80,8 +80,8 @@
 CVE-2006-2366 VULNERABLE (openobex) #192087
 CVE-2006-2362 ignore (binutils) minor crash (not exploitable)
 CVE-2006-2332 ignore (firefox) disputed
-CVE-2006-2314 version (postgresql, fixed 8.0.8) [since FEODRA-2006-579]
-CVE-2006-2313 version (postgresql, fixed 8.0.8) [since FEODRA-2006-579]
+CVE-2006-2314 version (postgresql, fixed 8.0.8) [since FEDORA-2006-579]
+CVE-2006-2313 version (postgresql, fixed 8.0.8) [since FEDORA-2006-579]
 CVE-2006-2276 VULNERABLE (quagga) #191377
 CVE-2006-2275 version (kernel, fixed 2.6.16.15) [since FEDORA-2006-573]
 CVE-2006-2274 version (kernel, fixed 2.6.16.15) [since FEDORA-2006-573]
@@ -206,7 +206,7 @@
 CVE-2006-1524 version (kernel, fixed 2.6.16.7) [since FEDORA-2006-423]
 CVE-2006-1523 version (kernel, fixed 2.6.16.4) [since FEDORA-2006-423]
 CVE-2006-1522 version (kernel, fixed 2.6.16.3) [since FEDORA-2006-423]
-CVE-2006-1518 ignore (mysql) 5.x only
+CVE-2006-1518 ignore (mysql) 5.x only [since FEDORA-2006-554]
 CVE-2006-1517 version (mysql, fixed 4.1.19) #190868 [since FEDORA-2006-554]
 CVE-2006-1516 version (mysql, fixed 4.1.19) #190866 [since FEDORA-2006-554]
 CVE-2006-1494 VULNERABLE (php) #189592
@@ -231,12 +231,12 @@
 CVE-2006-1056 version (kernel, fixed 2.6.16.9) [since FEDORA-2006-423]
 CVE-2006-1055 version (kernel, fixed 2.6.17-rc1) [since FEDORA-2006-423]
 CVE-2006-1052 version (kernel, fixed 2.6.16) [since FEDORA-2006-423] was backport since FEDORA-2006-245
-CVE-2006-1045 VULNERABLE (thunderbird)
+CVE-2006-1045 version (thunderbird, fixed 1.0.8) [since FEDORA-2006-489]
 CVE-2006-1015 ignore (php) safe mode isn't safe
 CVE-2006-1014 ignore (php) safe mode isn't safe
 CVE-2006-0996 VULNERABLE (php) #187511
 CVE-2006-0903 version (mysql, fixed 4.1.19) #183261 [since FEDORA-2006-554]
-CVE-2006-0884 ** thunderbird
+CVE-2006-0884 version (thunderbird, fixed 1.0.8) [since FEDORA-2006-489]
 CVE-2006-0836 version (thunderbird, 1.5 only)
 CVE-2006-0749 version (thunderbird, fixed 1.0.8) [since FEDORA-2006-489]
 CVE-2006-0749 version (mozilla, fixed 1.7.13) [since FEDORA-2006-488]
@@ -290,7 +290,7 @@
 CVE-2006-0297 version (firefox, 1.5 only)
 CVE-2006-0296 backport (mozilla) [since FEDORA-2006-075]
 CVE-2006-0296 backport (firefox) [since FEDORA-2006-076]
-CVE-2006-0296 VULNERABLE (thunderbird)
+CVE-2006-0296 version (thunderbird, fixed 1.0.8) [since FEDORA-2006-489]
 CVE-2006-0295 version (thunderbird, 1.5 only)
 CVE-2006-0295 version (mozilla, 1.8 branch only)
 CVE-2006-0295 version (firefox, 1.5 only)
@@ -302,7 +302,7 @@
 CVE-2006-0293 version (firefox, 1.5 only)
 CVE-2006-0292 backport (mozilla) [since FEDORA-2006-075]
 CVE-2006-0292 backport (firefox) [since FEDORA-2006-076]
-CVE-2006-0292 VULNERABLE (thunderbird)
+CVE-2006-0292 version (thunderbird, fixed 1.0.8) [since FEDORA-2006-489]
 CVE-2006-0254 VULNERABLE (tomcat5, fixed 5.5.16) #178178
 CVE-2006-0236 ignore (thunderbird) windows only flaw
 CVE-2006-0225 backport (openssh) #168167 [since FEDORA-2006-056]


Index: fc5
===================================================================
RCS file: /cvs/fedora/fedora-security/audit/fc5,v
retrieving revision 1.231
retrieving revision 1.232
diff -u -r1.231 -r1.232
--- fc5	5 Jul 2006 13:32:29 -0000	1.231
+++ fc5	5 Jul 2006 14:02:51 -0000	1.232
@@ -1,15 +1,17 @@
+CVE-2006-2480 **FIXME** (dia) [since FEDORA-2006-580]
+CVE-2006-2453 **FIXME** (dia) [since FEDORA-2006-580]
 Up to date CVE as of CVE email 20060627
 Up to date FC5 as of 20060627
 
 ** are items that need attention
 
-CVE-2006-3242 VULNERABLE (mutt) #197152
+CVE-2006-3242 backport (mutt) #197152 [since FEDORA-2006-760]
 CVE-2006-3174 VULNERABLE (squirrelmail) #197369
 CVE-2006-3145 VULNERABLE (netpbm)
 CVE-2006-3127 version (nss, only affected 3.11) [since FEDORA-2006-728]
 CVE-2006-3117 backport (openoffice.org, fixed 2.0.3) [since FEDORA-2006-770]
 CVE-2006-3085 version (kernel, fixed 2.6.16.21, fixed 2.6.17.1) [since FEDORA-2006-735]
-CVE-2006-3082 VULNERABLE (gnupg) #195946
+CVE-2006-3082 version (gnupg, fixed 1.4.4) #195946 [since FEDORA-2006-755]
 CVE-2006-3081 version (mysql, fixed 5.1.18) [since FEDORA-2006-702]
 CVE-2006-3057 version (dhcdbd, fixed 1.14) [since FEDORA-2006-609]
 CVE-2006-3018 VULNERABLE (php, fixed 5.1.3)
@@ -78,8 +80,8 @@
 CVE-2006-2366 VULNERABLE (openobex) #192087
 CVE-2006-2362 ignore (binutils) minor crash (not exploitable)
 CVE-2006-2332 ignore (firefox) disputed
-CVE-2006-2314 version (postgresql, fixed 8.1.4) [since FEODRA-2006-578]
-CVE-2006-2313 version (postgresql, fixed 8.1.4) [since FEODRA-2006-578]
+CVE-2006-2314 version (postgresql, fixed 8.1.4) [since FEODRA-2006-578] [since FEDORA-2006-578]
+CVE-2006-2313 version (postgresql, fixed 8.1.4) [since FEODRA-2006-578] [since FEDORA-2006-578]
 CVE-2006-2276 VULNERABLE (quagga) #191377
 CVE-2006-2275 version (kernel, fixed 2.6.16.15) [since FEDORA-2006-572]
 CVE-2006-2274 version (kernel, fixed 2.6.16.15) [since FEDORA-2006-572]
@@ -146,7 +148,7 @@
 CVE-2006-1737 version (firefox, fixed 1.5.0.2) [since FEDORA-2006-411]
 CVE-2006-1736 version (mozilla, fixed 1.7.13) [since FEDORA-2006-487]
 CVE-2006-1736 versions (firefox, fixed 1.5.0.2) [since FEDORA-2006-411]
-CVE-2006-1735 VULNERABLE (mozilla, fixed 1.7.13)
+CVE-2006-1735 version (mozilla, fixed 1.7.13) [since FEDORA-2006-487]
 CVE-2006-1735 version (thunderbird, fixed 1.5.0.2) [since FEDORA-2006-490]
 CVE-2006-1735 version (firefox, fixed 1.5.0.2) [since FEDORA-2006-411]
 CVE-2006-1734 version (mozilla, fixed 1.7.13) [since FEDORA-2006-487]
@@ -231,12 +233,12 @@
 CVE-2006-1056 version (kernel, fixed 2.6.16.9) [since FEDORA-2006-421]
 CVE-2006-1055 version (kernel, fixed 2.6.17-rc1) [since FEDORA-2006-421]
 CVE-2006-1052 version (kernel, fixed 2.6.16) [since FEDORA-2006-421] was patch-2.6.16-rc6 since FEDORA-2006-233
-CVE-2006-1045 VULNERABLE (thunderbird)
+CVE-2006-1045 version (thunderbird, fixed 1.5.0.2) [since FEDORA-2006-490]
 CVE-2006-1015 ignore (php) safe mode isn't safe
 CVE-2006-1014 ignore (php) safe mode isn't safe
 CVE-2006-0996 version (php, fixed 5.1.4) bz#187511 [since FEDORA-2006-289]
 CVE-2006-0903 version (mysql, 4.1.19) #183261 [since FEDORA-2006-553]
-CVE-2006-0884 VULNERABLE (thunderbird)
+CVE-2006-0884 version (thunderbird, fixed 1.5.0.2) [since FEDORA-2006-490]
 CVE-2006-0836 VULNERABLE (thunderbird)
 CVE-2006-0749 version (thunderbird, fixed 1.5.0.2) [since FEDORA-2006-490]
 CVE-2006-0749 version (mozilla, fixed 1.7.13) [since FEDORA-2006-487]
@@ -288,7 +290,7 @@
 CVE-2006-0297 version (thunderbird, fixed 1.5)
 CVE-2006-0297 version (mozilla, 1.8 branch only)
 CVE-2006-0297 version (firefox, fixed 1.5.0.1)
-CVE-2006-0296 version (thunderbird, fixed 1.5)
+CVE-2006-0296 version (thunderbird, fixed 1.5) [since FEDORA-2006-490]
 CVE-2006-0296 version (firefox, fixed 1.5.0.1)
 CVE-2006-0296 backport (mozilla) mozilla-1.7.12-CVE-2006-0296-XULDocument.persist.patch
 CVE-2006-0295 version (thunderbird, fixed 1.5)
@@ -300,7 +302,7 @@
 CVE-2006-0293 version (thunderbird, fixed 1.5)
 CVE-2006-0293 version (mozilla, 1.8 branch only)
 CVE-2006-0293 version (firefox, fixed 1.5.0.1)
-CVE-2006-0292 version (thunderbird, fixed 1.5)
+CVE-2006-0292 version (thunderbird, fixed 1.5) [since FEDORA-2006-490]
 CVE-2006-0292 version (firefox, fixed 1.5.1)
 CVE-2006-0292 backport (mozilla) mozilla-1.7.12-CVE-2006-0292-javascript-unrooted.patch
 CVE-2006-0254 backport (tomcat5, fixed 5.5.16) #178179 **check this

More information about the fedora-extras-commits mailing list