fedora-security/audit fc4,1.340,1.341 fc5,1.255,1.256

Mark Cox (mjc) fedora-extras-commits at redhat.com
Fri Jul 21 14:00:13 UTC 2006 

Author: mjc

Update of /cvs/fedora/fedora-security/audit
In directory cvs-int.fedora.redhat.com:/tmp/cvs-serv10375

Modified Files:
	fc4 fc5 
Log Message:
Clearup some unfinished issues



Index: fc4
===================================================================
RCS file: /cvs/fedora/fedora-security/audit/fc4,v
retrieving revision 1.340
retrieving revision 1.341
diff -u -r1.340 -r1.341
--- fc4	20 Jul 2006 10:51:42 -0000	1.340
+++ fc4	21 Jul 2006 14:00:10 -0000	1.341
@@ -1,11 +1,11 @@
-Up to date CVE as of CVE email 20060719
-Up to date FC4 as of 20060719
+Up to date CVE as of CVE email 20060720
+Up to date FC4 as of 20060720
 
 ** are items that need attention
 
-CVE-2006-3731 ** firefox
-CVE-2006-3694 ** ruby, fixed 1.8.5
-CVE-2006-3672 ** konqueror
+CVE-2006-3731 ignore (firefox) just a user complicit crash
+CVE-2006-3694 VULNERABLE (ruby, fixed 1.8.5) #199538 #199543
+CVE-2006-3672 ignore (konqueror) just a crash
 CVE-2006-3665 ignore (squirrelmail) don't enable register_globals!
 CVE-2006-3632 VULNERABLE (ethereal, fixed wireshark-0.99.2)
 CVE-2006-3631 VULNERABLE (ethereal, fixed wireshark-0.99.2)
@@ -15,9 +15,9 @@
 CVE-2006-3627 VULNERABLE (ethereal, fixed wireshark-0.99.2)
 CVE-2006-3626 VULNERABLE (kernel, fixed 2.6.17.6)
 CVE-2006-3486 ignore (mysql) not exploitable
-CVE-2006-3469 ** mysql
+CVE-2006-3469 VULNERABLE (mysql)
 CVE-2006-3468 VULNERABLE (kernel)
-CVE-2006-3467 ** freetype
+CVE-2006-3467 VULNERABLE (freetype)
 CVE-2006-3404 version (gimp, fixed 2.2.12) #198270 [since FEDORA-2006-795]
 CVE-2006-3403 version (samba, fixed 3.0.23) #198297 [since FEDORA-2006-808]
 CVE-2006-3378 ignore (shadow-utils) we don't ship passwd from shadow-utils


Index: fc5
===================================================================
RCS file: /cvs/fedora/fedora-security/audit/fc5,v
retrieving revision 1.255
retrieving revision 1.256
diff -u -r1.255 -r1.256
--- fc5	20 Jul 2006 10:51:42 -0000	1.255
+++ fc5	21 Jul 2006 14:00:10 -0000	1.256
@@ -1,11 +1,11 @@
-Up to date CVE as of CVE email 20060719
-Up to date FC5 as of 20060719
+Up to date CVE as of CVE email 20060720
+Up to date FC5 as of 20060720
 
 ** are items that need attention
 
-CVE-2006-3731 ** firefox
-CVE-2006-3694 ** ruby, fixed 1.8.5
-CVE-2006-3672 ** konqueror
+CVE-2006-3731 ignore (firefox) just a user complicit crash
+CVE-2006-3694 VULNERABLE (ruby, fixed 1.8.5) #199538 #199543
+CVE-2006-3672 ignore (konqueror) just a crash
 CVE-2006-3665 ignore (squirrelmail) don't enable register_globals!
 CVE-2006-3632 VULNERABLE (ethereal, fixed wireshark-0.99.2)
 CVE-2006-3631 VULNERABLE (ethereal, fixed wireshark-0.99.2)
@@ -15,9 +15,9 @@
 CVE-2006-3627 VULNERABLE (ethereal, fixed wireshark-0.99.2)
 CVE-2006-3626 VULNERABLE (kernel, fixed 2.6.17.6)
 CVE-2006-3486 ignore (mysql, fixed 5.0.23) not exploitable
-CVE-2006-3469 ** mysql
+CVE-2006-3469 VULNERABLE (mysql)
 CVE-2006-3468 VULNERABLE (kernel)
-CVE-2006-3467 ** freetype
+CVE-2006-3467 VULNERABLE (freetype)
 CVE-2006-3404 version (gimp, fixed 2.2.12) #198270 [since FEDORA-2006-794]
 CVE-2006-3403 version (samba, fixed 3.0.23) #198297 [since FEDORA-2006-807]
 CVE-2006-3378 ignore (shadow-utils) we don't ship passwd from shadow-utils
@@ -89,8 +89,6 @@
 CVE-2006-2613 ignore (firefox) This isn't an issue on FC
 CVE-2006-2607 backport (vixie-cron) #177476
 CVE-2006-2563 ignore (php) safe mode isn't safe
-CVE-2006-2480 ** (dia) [since FEDORA-2006-580]
-CVE-2006-2453 ** (dia) [since FEDORA-2006-580]
 CVE-2006-2452 version (gdm) [since FEDORA-2006-674]
 CVE-2006-2451 version (kernel, fixed 2.6.17.4) [since FEDORA-2006-806]
 CVE-2006-2449 backport (kdebase, fixed 3.5.4) #194659 [since FEDORA-2006-726]

More information about the fedora-extras-commits mailing list