fedora-security/audit fc5,1.340,1.341 fc6,1.96,1.97

Mark Cox (mjc) fedora-extras-commits at redhat.com
Fri Sep 29 08:51:24 UTC 2006 

Author: mjc

Update of /cvs/fedora/fedora-security/audit
In directory cvs-int.fedora.redhat.com:/tmp/cvs-serv29485

Modified Files:
	fc5 fc6 
Log Message:
Last couple of days updates



Index: fc5
===================================================================
RCS file: /cvs/fedora/fedora-security/audit/fc5,v
retrieving revision 1.340
retrieving revision 1.341
diff -u -r1.340 -r1.341
--- fc5	28 Sep 2006 18:38:49 -0000	1.340
+++ fc5	29 Sep 2006 08:51:21 -0000	1.341
@@ -1,11 +1,13 @@
-p to date CVE as of CVE email 20060926
-Up to date FC5 as of 20060925
+p to date CVE as of CVE email 20060928
+Up to date FC5 as of 20060928
 
 ** are items that need attention
 
+CVE-2006-5052 VULNERABLE (openssh, fixed 4.4)
 CVE-2006-5051 VULNERABLE (openssh, fixed 4.4) #208458
 CVE-2006-4997 VULNERABLE (kernel, fixed 2.6.18)
 CVE-2006-4980 VULNERABLE (python) #208166
+CVE-2006-4925 ** openssh
 CVE-2006-4924 VULNERABLE (openssh) #207957
 CVE-2006-4790 backport (gnutls, fixed 1.4.4) [since FEDORA-2006-974]
 CVE-2006-4663 ignore (kernel) not a vulnerability
@@ -45,6 +47,7 @@
 CVE-2006-4447 ignore (xorg) not a security issue
 CVE-2006-4434 ignore (sendmail, fixed 8.13.8) not exploitable
 CVE-2006-4380 version (mysql, fixed 4.1.13)
+CVE-2006-4343 backport (openssl, fixed 0.9.8d) [since FEDORA-2006-1004]
 CVE-2006-4340 version (nss, fixed 3.11.3) [since FEDORA-2006-979]
 CVE-2006-4339 backport (openssl) [since FEDORA-2006-953]
 CVE-2006-4339 backport (openssl097a) [since FEDORA-2006-953]
@@ -122,8 +125,9 @@
 CVE-2006-3743 backport (ImageMagick) #202193 [since FEDORA-2006-929]
 CVE-2006-3742 backport (kdebase) #201507 [since FEDORA-2006-942]
 CVE-2006-3741 ignore (kernel, fixed 2.6.18-rc7) ia64 only
-CVE-2006-3740 VULNERABLE (xorg-x11)
-CVE-2006-3739 VULNERABLE (xorg-x11)
+CVE-2006-3740 VULNERABLE (libXfont, fixed 1.2.2)
+CVE-2006-3739 VULNERABLE (libXfont, fixed 1.2.2)
+CVE-2006-3738 backport (openssl, fixed 0.9.8d) [since FEDORA-2006-1004]
 CVE-2006-3731 ignore (firefox) just a user complicit crash
 CVE-2006-3694 backport (ruby, fixed 1.8.5) #199538 #199543 [since FEDORA-2006-849]
 CVE-2006-3677 version (firefox, fixed 1.5.0.5) [since FEDORA-2006-902]
@@ -181,6 +185,8 @@
 CVE-2006-3011 VULNERABLE (php) (safe mode isn't)
 CVE-2006-3005 ignore (libjpeg) not a vuln
 CVE-2006-2941 VULNERABLE (mailman, fixed 2.1.9)
+CVE-2006-2940 backport (openssl, fixed 0.9.8d) [since FEDORA-2006-1004]
+CVE-2006-2937 backport (openssl, fixed 0.9.8d) [since FEDORA-2006-1004]
 CVE-2006-2936 version (kernel, fixed 2.6.16.27, fixed 2.6.17.7) [since FEDORA-2006-906]
 CVE-2006-2935 version (kernel, fixed 2.6.17.7) [since FEDORA-2006-906]
 CVE-2006-2934 version (kernel, fixed 2.6.17.3) [since FEDORA-2006-772]


Index: fc6
===================================================================
RCS file: /cvs/fedora/fedora-security/audit/fc6,v
retrieving revision 1.96
retrieving revision 1.97
diff -u -r1.96 -r1.97
--- fc6	28 Sep 2006 18:38:49 -0000	1.96
+++ fc6	29 Sep 2006 08:51:21 -0000	1.97
@@ -1,12 +1,14 @@
-Up to date CVE as of CVE email 20060926
+Up to date CVE as of CVE email 20060928
 Up to date FC6 as of Test3
 Up to date dist-fc6 rawhide as of 20060925
 
 ** are items that need attention
 
+CVE-2006-5052 VULNERABLE (openssh, fixed 4.4)
 CVE-2006-5051 VULNERABLE (openssh, fixed 4.4) #208459
 CVE-2006-4997 VULNERABLE (kernel, fixed 2.6.18)
 CVE-2006-4980 VULNERABLE (python)
+CVE-2006-4925 ** openssh
 CVE-2006-4924 VULNERABLE (openssh)
 CVE-2006-4790 VULNERABLE (gnutls, fixed 1.4.4) [backported to 1.4.1-2 in rawhide]
 CVE-2006-4663 ignore (kernel) not a vulnerability
@@ -41,6 +43,7 @@
 CVE-2006-4434 ignore (sendmail, fixed 8.13.8) not exploitable
 CVE-2006-4433 version (php, fixed 5.1.4)
 CVE-2006-4380 version (mysql, fixed 4.1.13)
+CVE-2006-4343 VULNERABLE (openssl, fixed 0.9.8d)
 CVE-2006-4340 VULNERABLE (nss, fixed 3.11.3) bz#206608 [in rawhide]
 CVE-2006-4339 backport (openssl, fixed 0.9.8c)
 CVE-2006-4339 backport (openssl097)
@@ -108,6 +111,7 @@
 CVE-2006-3741 ignore (kernel, fixed 2.6.18-rc7) ia64 only
 CVE-2006-3740 VULNERABLE (libXfont, fixed 1.2.2) bz#206609 [in rawhide]
 CVE-2006-3739 VULNERABLE (libXfont, fixed 1.2.2) bz#206609 [in rawhide]
+CVE-2006-3738 VULNERABLE (openssl, fixed 0.9.8d)
 CVE-2006-3731 ignore (firefox) just a user complicit crash
 CVE-2006-3694 version (ruby, fixed 1.8.5)
 CVE-2006-3677 version (firefox, fixed 1.5.0.5)
@@ -163,6 +167,8 @@
 CVE-2006-3011 ignore (php) safe mode isn't safe
 CVE-2006-3005 ignore (libjpeg) not a vuln
 CVE-2006-2941 VULNERABLE (mailman, fixed 2.1.9) bz#206607 [in rawhide]
+CVE-2006-2940 VULNERABLE (openssl, fixed 0.9.8d)
+CVE-2006-2937 VULNERABLE (openssl, fixed 0.9.8d)
 CVE-2006-2936 version (kernel, fixed 2.6.17.7)
 CVE-2006-2935 version (kernel, fixed 2.6.17.7)
 CVE-2006-2934 version (kernel, fixed 2.6.17.3)

More information about the fedora-extras-commits mailing list