fedora-security/audit fc5,1.340,1.341 fc6,1.96,1.97
Mark Cox (mjc)
fedora-extras-commits at redhat.com
Fri Sep 29 08:51:24 UTC 2006
Author: mjc
Update of /cvs/fedora/fedora-security/audit
In directory cvs-int.fedora.redhat.com:/tmp/cvs-serv29485
Modified Files:
fc5 fc6
Log Message:
Last couple of days updates
Index: fc5
===================================================================
RCS file: /cvs/fedora/fedora-security/audit/fc5,v
retrieving revision 1.340
retrieving revision 1.341
diff -u -r1.340 -r1.341
--- fc5 28 Sep 2006 18:38:49 -0000 1.340
+++ fc5 29 Sep 2006 08:51:21 -0000 1.341
@@ -1,11 +1,13 @@
-p to date CVE as of CVE email 20060926
-Up to date FC5 as of 20060925
+p to date CVE as of CVE email 20060928
+Up to date FC5 as of 20060928
** are items that need attention
+CVE-2006-5052 VULNERABLE (openssh, fixed 4.4)
CVE-2006-5051 VULNERABLE (openssh, fixed 4.4) #208458
CVE-2006-4997 VULNERABLE (kernel, fixed 2.6.18)
CVE-2006-4980 VULNERABLE (python) #208166
+CVE-2006-4925 ** openssh
CVE-2006-4924 VULNERABLE (openssh) #207957
CVE-2006-4790 backport (gnutls, fixed 1.4.4) [since FEDORA-2006-974]
CVE-2006-4663 ignore (kernel) not a vulnerability
@@ -45,6 +47,7 @@
CVE-2006-4447 ignore (xorg) not a security issue
CVE-2006-4434 ignore (sendmail, fixed 8.13.8) not exploitable
CVE-2006-4380 version (mysql, fixed 4.1.13)
+CVE-2006-4343 backport (openssl, fixed 0.9.8d) [since FEDORA-2006-1004]
CVE-2006-4340 version (nss, fixed 3.11.3) [since FEDORA-2006-979]
CVE-2006-4339 backport (openssl) [since FEDORA-2006-953]
CVE-2006-4339 backport (openssl097a) [since FEDORA-2006-953]
@@ -122,8 +125,9 @@
CVE-2006-3743 backport (ImageMagick) #202193 [since FEDORA-2006-929]
CVE-2006-3742 backport (kdebase) #201507 [since FEDORA-2006-942]
CVE-2006-3741 ignore (kernel, fixed 2.6.18-rc7) ia64 only
-CVE-2006-3740 VULNERABLE (xorg-x11)
-CVE-2006-3739 VULNERABLE (xorg-x11)
+CVE-2006-3740 VULNERABLE (libXfont, fixed 1.2.2)
+CVE-2006-3739 VULNERABLE (libXfont, fixed 1.2.2)
+CVE-2006-3738 backport (openssl, fixed 0.9.8d) [since FEDORA-2006-1004]
CVE-2006-3731 ignore (firefox) just a user complicit crash
CVE-2006-3694 backport (ruby, fixed 1.8.5) #199538 #199543 [since FEDORA-2006-849]
CVE-2006-3677 version (firefox, fixed 1.5.0.5) [since FEDORA-2006-902]
@@ -181,6 +185,8 @@
CVE-2006-3011 VULNERABLE (php) (safe mode isn't)
CVE-2006-3005 ignore (libjpeg) not a vuln
CVE-2006-2941 VULNERABLE (mailman, fixed 2.1.9)
+CVE-2006-2940 backport (openssl, fixed 0.9.8d) [since FEDORA-2006-1004]
+CVE-2006-2937 backport (openssl, fixed 0.9.8d) [since FEDORA-2006-1004]
CVE-2006-2936 version (kernel, fixed 2.6.16.27, fixed 2.6.17.7) [since FEDORA-2006-906]
CVE-2006-2935 version (kernel, fixed 2.6.17.7) [since FEDORA-2006-906]
CVE-2006-2934 version (kernel, fixed 2.6.17.3) [since FEDORA-2006-772]
Index: fc6
===================================================================
RCS file: /cvs/fedora/fedora-security/audit/fc6,v
retrieving revision 1.96
retrieving revision 1.97
diff -u -r1.96 -r1.97
--- fc6 28 Sep 2006 18:38:49 -0000 1.96
+++ fc6 29 Sep 2006 08:51:21 -0000 1.97
@@ -1,12 +1,14 @@
-Up to date CVE as of CVE email 20060926
+Up to date CVE as of CVE email 20060928
Up to date FC6 as of Test3
Up to date dist-fc6 rawhide as of 20060925
** are items that need attention
+CVE-2006-5052 VULNERABLE (openssh, fixed 4.4)
CVE-2006-5051 VULNERABLE (openssh, fixed 4.4) #208459
CVE-2006-4997 VULNERABLE (kernel, fixed 2.6.18)
CVE-2006-4980 VULNERABLE (python)
+CVE-2006-4925 ** openssh
CVE-2006-4924 VULNERABLE (openssh)
CVE-2006-4790 VULNERABLE (gnutls, fixed 1.4.4) [backported to 1.4.1-2 in rawhide]
CVE-2006-4663 ignore (kernel) not a vulnerability
@@ -41,6 +43,7 @@
CVE-2006-4434 ignore (sendmail, fixed 8.13.8) not exploitable
CVE-2006-4433 version (php, fixed 5.1.4)
CVE-2006-4380 version (mysql, fixed 4.1.13)
+CVE-2006-4343 VULNERABLE (openssl, fixed 0.9.8d)
CVE-2006-4340 VULNERABLE (nss, fixed 3.11.3) bz#206608 [in rawhide]
CVE-2006-4339 backport (openssl, fixed 0.9.8c)
CVE-2006-4339 backport (openssl097)
@@ -108,6 +111,7 @@
CVE-2006-3741 ignore (kernel, fixed 2.6.18-rc7) ia64 only
CVE-2006-3740 VULNERABLE (libXfont, fixed 1.2.2) bz#206609 [in rawhide]
CVE-2006-3739 VULNERABLE (libXfont, fixed 1.2.2) bz#206609 [in rawhide]
+CVE-2006-3738 VULNERABLE (openssl, fixed 0.9.8d)
CVE-2006-3731 ignore (firefox) just a user complicit crash
CVE-2006-3694 version (ruby, fixed 1.8.5)
CVE-2006-3677 version (firefox, fixed 1.5.0.5)
@@ -163,6 +167,8 @@
CVE-2006-3011 ignore (php) safe mode isn't safe
CVE-2006-3005 ignore (libjpeg) not a vuln
CVE-2006-2941 VULNERABLE (mailman, fixed 2.1.9) bz#206607 [in rawhide]
+CVE-2006-2940 VULNERABLE (openssl, fixed 0.9.8d)
+CVE-2006-2937 VULNERABLE (openssl, fixed 0.9.8d)
CVE-2006-2936 version (kernel, fixed 2.6.17.7)
CVE-2006-2935 version (kernel, fixed 2.6.17.7)
CVE-2006-2934 version (kernel, fixed 2.6.17.3)
More information about the fedora-extras-commits
mailing list