fedora-security/audit README.extras,NONE,1.1 fe3,NONE,1.1
Dennis Gilmore (ausil)
fedora-extras-commits at redhat.com
Mon May 22 03:54:09 UTC 2006
Author: ausil
Update of /cvs/fedora/fedora-security/audit
In directory cvs-int.fedora.redhat.com:/tmp/cvs-serv3130
Added Files:
README.extras fe3
Log Message:
Add support for Fedora Extras 3 and Readme file for extras
--- NEW FILE README.extras ---
** Note that you must not put embargoed issues into this directory **
Process:
A. Each time Mitre sends out a CVE update
1. Look though the list for anything that might affect
a FE3, FE4 or FE5 package
2. Add the CVE names to the FE3, FE4 and/or FE5 file
B. Are FE3, FE4 or FE5 affected by the CVE name
1. Did we ship an upstream version that wasn't affected?
2. Did we ship a backported patch?
C. Each time a FE update comes out
1. Did the package move to a new upstream version? if so
are there any flaws listed for that package as "backported"?
if so did the new upstream version mean that the backported
fix is no longer required? Update the file if so
2. Did any new issues get fixed by upstream version or
backported? Update the file if so
3. Make sure we mark in the file since when it was fixed
(name the FEDORA update) so we can go back to any point of time
--- NEW FILE fe3 ---
** are items that need attention
CVE-2006-2489 version (nagios, fixed 2.3.1)
CVE-2006-2442 patch (kphone,fixed 4.2-9) bz#192202
CVE-2006-2427 ignore (clamav) not an issue bz#192076
CVE-2006-2237 backport (awstats, fixed 6.5-3) bz#190924
CVE-2006-2229 ** openvpn
CVE-2006-2169 ** rt3
CVE-2006-2162 version (nagios, fixed 2.3.1) bz#190614
CVE-2006-2093 version (nessus, fixed 2.2.7) bz#191053
CVE-2006-2017 version (dnsmasq, fixed 2.30)
CVE-2006-2016 version (phpldapadmin, fixed 0.9.8.1)
CVE-2006-1989 version (clamav, fixed 0.88.2)
CVE-2006-1945 backport (awstats, fixed 6.5-2) bz#190922 awstats-6.5-CVE-2006-1945.patch
CVE-2006-1900 ** version (amaya, fixed 9.5) bz#190324
CVE-2006-1711 ** version (plone, fixed 2.1.2) bz#188886
CVE-2006-1695 patch (fbida, fixed 2.03-6) bz#189721
CVE-2006-1630 version (clamav, fixed 0.88.1) bz#188286
CVE-2006-1629 version (openvpn, fixed 2.0.6) bz#188050
CVE-2006-1615 version (clamav, fixed 0.88.1) bz#188286
CVE-2006-1614 version (clamav, fixed 0.88.1) bz#188286
CVE-2006-1577 VULNERABLE (mantis) bz#191089
CVE-2006-1566 ignore (libtunepimp, Debian-specific problem)
CVE-2006-1539 ignore (bsd-games, Gentoo-specific problem)
CVE-2006-1390 ignore (nethack, Gentoo-specific problem) bz#187353
CVE-2006-1269 patch (zoo, fixed 2.10-7) bz#183109
CVE-2006-1251 ignore (exim-sa, configuration not vulnerable) bz#191082
CVE-2006-1079 VULNERABLE (thttpd) bz#191095
CVE-2006-1078 VULNERABLE (thttpd) bz#191095
CVE-2006-0855 patch (zoo, patched in OpenSUSE "upstream", fixed 2.10-7)
CVE-2006-0841 VULNERABLE (mantis) bz#191089
CVE-2006-0840 VULNERABLE (mantis) bz#191089
CVE-2006-0839 version (snort, fixed in 2.4.4) bz#183297
CVE-2006-0814 ignore (lighttpd, Windows-specific problem)
CVE-2006-0760 ** version (lighttpd, fixed 1.4.10))
CVE-2006-0665 VULNERABLE (mantis) bz#191089
CVE-2006-0664 VULNERABLE (mantis) bz#191089
CVE-2006-0645 ** version (libtasn1, fixed 0.3.0) bz#184097
CVE-2006-0458 ** version (irssi, fixed 0.8.10) bz#184509
CVE-2006-0162 version (clamav, fixed 0.88)
CVE-2006-0126 version (rxvt-unicode, fixed 7.5)
CVE-2006-0106 version (wine, fixed 0.9.10)
CVE-2006-0071 ignore (pinentry, Gentoo-specific problem)
CVE-2006-0047 version (freeciv, fixed 2.0.8) bz#184507
CVE-2005-4803 version (graphviz, fixed 2.2.1)
CVE-2005-0106 backport (perl-Net-SSLeay, fixed 1.26-3) bz#191351
More information about the fedora-extras-commits
mailing list