fedora-security/audit fc6,1.226,1.227

Lubomir Kundrak (lkundrak) fedora-extras-commits at redhat.com
Thu Aug 2 09:39:08 UTC 2007 

Author: lkundrak

Update of /cvs/fedora/fedora-security/audit
In directory cvs-int.fedora.redhat.com:/tmp/cvs-serv10940

Modified Files:
	fc6 
Log Message:
Up to date CVE as of CVE email 20070801
Up to date FC6 as of 20070802



Index: fc6
===================================================================
RCS file: /cvs/fedora/fedora-security/audit/fc6,v
retrieving revision 1.226
retrieving revision 1.227
diff -u -r1.226 -r1.227
--- fc6	27 Jul 2007 12:57:04 -0000	1.226
+++ fc6	2 Aug 2007 09:39:05 -0000	1.227
@@ -1,7 +1,11 @@
-Up to date CVE as of CVE email 20061123
-Up to date FC6 as of 20061123
+# $Id$
 
-** are items that need attention
+# ** are items that need attention
+# *CVE are items that need verification for Fedora Core 6
+# (mozilla) = (firefox, seamonkey, thunderbird, yelp, devhelp, galeon, liferea. epiphany)
+
+# Up to date CVE as of CVE email 20070801
+# Up to date FC6 as of 20070802
 
 CVE-2007-4029 VULNERABLE (libvorbis) #245991
 CVE-2007-4168 VULNERABLE (libexif) #243892
@@ -14,19 +18,49 @@
 CVE-2007-3508 ignore (glibc) not an issue
 CVE-2007-3506 backport (freetype, fixed 2.3.4) #235479 [since FEDORA-2007-561]
 CVE-2007-3409 version (perl-Net-DNS, fixed 0.60) #245809
+CVE-2007-3393 version (wireshark, fixed 0.99.6) [since FEDORA-2007-628]
+CVE-2007-3392 version (wireshark, fixed 0.99.6) [since FEDORA-2007-628]
+CVE-2007-3391 version (wireshark, fixed 0.99.6) [since FEDORA-2007-628]
+CVE-2007-3390 version (wireshark, fixed 0.99.6) [since FEDORA-2007-628]
+CVE-2007-3389 version (wireshark, fixed 0.99.6) [since FEDORA-2007-628]
 CVE-2007-3378 ignore (php) safe mode escape
-CVE-2007-3377 version (perl-Net-DNS, fixed 0.60) #245614
+CVE-2007-3377 version (perl-Net-DNS, fixed 0.60) #245614 [since FEDORA-2007-609]
+CVE-2007-3304 backport (httpd) #244660 [since FEDORA-2007-615]
+CVE-2007-3257 backport (evolution) #244287 [since FEDORA-2007-594]
 CVE-2007-3126 ignore (gimp) just a crash
 CVE-2007-3106 VULNERABLE (libvorbis) #245991
+CVE-2007-2926 backport (bind, fixed 9.4.1) [since FEDORA-2007-647]
 *CVE-2007-2894 VULNERABLE (bochs) #241799
-CVE-2007-2876 version (kernel, fixed 2.6.21.5?) [since ?]
+CVE-2007-2876 version (kernel, fixed 2.6.21.5) [since FEDORA-2007-600]
+CVE-2007-2875 version (kernel) [since FEDORA-2007-600]
 *CVE-2007-2874 (wpa_supplicant) #242455
-CVE-2007-2873 version (spamassassin, fixed 3.1.9)
+CVE-2007-2873 version (spamassassin, fixed 3.1.9) [since FEDORA-2007-582]
+CVE-2007-2871 version (mozilla) #241840 [since FEDORA-2007-549]
+CVE-2007-2870 version (mozilla) #241840 [since FEDORA-2007-549]
+CVE-2007-2869 version (mozilla) #241840 [since FEDORA-2007-549]
+CVE-2007-2868 version (mozilla) #241840 [since FEDORA-2007-549]
+CVE-2007-2867 version (mozilla) #241840 [since FEDORA-2007-549]
+CVE-2007-2799 version (file, fixed 4.21) #241034 [since FEDORA-2007-538]
+CVE-2007-2453 version (kernel) [since FEDORA-2007-600]
+CVE-2007-2451 version (kernel, fixed 2.6.21.4) [since FEDORA-2007-600]
+CVE-2007-2445 backport (libpng) #239542 [since FEDORA-2007-529]
 CVE-2007-2438 VULNERABLE (vim) #238734
+CVE-2007-2242 version (kernel) [since FEDORA-2007-482]
+CVE-2007-2138 version (postgresql, fixed 8.1.9) [since FEDORA-2007-565]
+CVE-2007-2028 backport (freeradius) [since FEDORA-2007-499]
+CVE-2007-1995 version (quagga, fixed 0.99.7) [since FEDORA-2007-525]
+CVE-2007-1863 backport (httpd) #244660 [since FEDORA-2007-615]
+CVE-2007-1862 backport (httpd) #244660 [since FEDORA-2007-615]
+CVE-2007-1861 version (kernel) [since FEDORA-2007-482]
 CVE-2007-1856 VULNERABLE (vixie-cron) #235882
 CVE-2007-1841 VULNERABLE (ipsec-tools) #238052
+CVE-2007-1797 backport (ImageMagick) #235075 [since FEDORA-2007-413]
+CVE-2007-1667 backport (libX11) [since FEDORA-2007-426]
 CVE-2007-1565 ignore (konqueror) client crash
-CVE-2007-1564 vulnerable (konqueror) [#CVE-2007-1564]
+CVE-2007-1564 vulnerable (konqueror)
+CVE-2007-1562 version (mozilla) #241840 [since FEDORA-2007-549]
+CVE-2007-1558 backport (evolution) #235290 [since FEDORA-2007-484]
+CVE-2007-1536 backport (file, fixed 4.20) #233164 [since FEDORA-2007-391]
 CVE-2007-1475 ignore (php) unshipped ibase extension
 CVE-2007-1420 VULNERABLE (mysql, fixed 5.0.36) #232604
 CVE-2007-1413 ignore (php) Windows NT SNMP specific
@@ -34,14 +68,18 @@
 CVE-2007-1411 ignore (php) unshipped mssql extension
 CVE-2007-1401 ignore (php) unshipped cracklib extension
 CVE-2007-1396 ignore (php) feature, not a flaw
+CVE-2007-1362 version (mozilla) #241840 [since FEDORA-2007-549]
+CVE-2007-1357 version (kernel) [since FEDORA-2007-432]
 CVE-2007-1352 VULNERABLE (libXfont) #235265
 CVE-2007-1351 VULNERABLE (libXfont) #235265
+CVE-2007-1349 backport (mod_perl) [since FEDORA-2007-577]
 CVE-2007-1263 version (gnupg, fixed 1.4.7) [since FEDORA-2007-315]
+CVE-2007-1262 version (squirrelmail, fixed 1.4.10a) #239704 [since FEDORA-2007-505]
 CVE-2007-1218 backport (tcpdump) 232349 [since FEDORA-2007-347]
 CVE-2007-1006 version (ekiga, fixed 2.0.5) #229259 [since FEDORA-2007-322]
 CVE-2007-1004 VULNERABLE (firefox, ...)
-CVE-2007-1003 VULNERABLE (xorg-x11-server, fixed  > X11R7.2) #235263
-CVE-2007-1002 VULNERABLE (evolution) #233587
+CVE-2007-1003 backport (xorg-x11-server, fixed > X11R7.2) #235263 [since FEDORA-2007-425]
+CVE-2007-1002 backport (evolution) #233587 [since FEDORA-2007-393]
 CVE-2007-1000 version (kernel, fixed 2.6.20) [since FEDORA-2007-335]
 CVE-2007-0998 backport (xen) #230295 [since FEDORA-2007-343]
 CVE-2007-0981 VULNERABLE (firefox, ...)
@@ -54,10 +92,10 @@
 CVE-2007-0537 VULNERABLE (kdebase) #225420
 CVE-2007-0494 version (bind, fixed 9.3.4) #225268 [since FEDORA-2007-147]
 CVE-2007-0493 version (bind, fixed 9.3.4) #224443 [since FEDORA-2007-147]
-CVE-2007-0459 VULNERABLE (wireshark, fixed 0.99.5) #227140
-CVE-2007-0458 VULNERABLE (wireshark, fixed 0.99.5) #227140
-CVE-2007-0457 VULNERABLE (wireshark, fixed 0.99.5) #227140
-CVE-2007-0456 VULNERABLE (wireshark, fixed 0.99.5) #227140
+CVE-2007-0459 version (wireshark, fixed 0.99.5) #227140
+CVE-2007-0458 version (wireshark, fixed 0.99.5) #227140
+CVE-2007-0457 version (wireshark, fixed 0.99.5) #227140
+CVE-2007-0456 version (wireshark, fixed 0.99.5) #227140
 CVE-2007-0455 VULNERABLE (gd) #224610
 CVE-2007-0451 version (spamassassin, fixed 3.1.8) [since FEDORA-2007-241]
 CVE-2007-0248 version (squid, fixed 2.6.STABLE7) [since FEDORA-2007-073]
@@ -117,11 +155,12 @@
 CVE-2006-5864 VULNERABLE (evince) #217672
 CVE-2006-5823 version (kernel, fixed 2.6.19.2) [since FEDORA-2007-058] was backport since FEDORA-2006-1223
 CVE-2006-5794 backport (openssh, fixed 4.5) #214641 [since FEDORA-2006-1215]
-CVE-2006-5793 ignore (libpng, fixed 1.2.13) just a client crash
+CVE-2006-5793 backport (libpng, fixed 1.2.13) #215405 [since FEDORA-2007-529]
 CVE-2006-5783 ignore (firefox) disputed
 CVE-2006-5779 VULNERABLE (openldap, 2.3.29) #214768
 CVE-2006-5757 version (kernel, fixed 2.6.19) [since FEDORA-2007-058] was backport since FEDORA-2006-1223
 CVE-2006-5753 backport (kernel, fixed 2.6.20.1) [since FEDORA-2007-291]
+CVE-2006-5752 backport (httpd) #244660 [since FEDORA-2007-615]
 CVE-2006-5751 version (kernel, fixed 2.6.19, fixed 2.6.18.4) [since FEDORA-2006-1471]
 CVE-2006-5749 VULNERABLE (kernel, fixed 2.6.20-rc2)
 CVE-2006-5748 version (thunderbird, fixed 1.5.0.8) [since FEDORA-2006-1192]
@@ -169,7 +208,7 @@
 CVE-2006-5159 ignore (firefox) unverified
 CVE-2006-5158 version (kernel, fixed 2.6.15)
 CVE-2006-5072 backport (mono)
-CVE-2006-5052 VULNERABLE (openssh, fixed 4.4)
+CVE-2006-5052 backport (openssh, fixed 4.4) [since FEDORA-2007-394]
 CVE-2006-5051 backport (openssh, fixed 4.4)
 CVE-2006-4997 version (kernel, fixed 2.6.18)
 CVE-2006-4980 version (python, fixed 2.4.4 at least) [since FEDORA-2006-1050] was backport since GA

More information about the fedora-extras-commits mailing list