fedora-security/audit fc6,1.228,1.229
Lubomir Kundrak (lkundrak)
fedora-extras-commits at redhat.com
Thu Aug 2 15:19:35 UTC 2007
Author: lkundrak
Update of /cvs/fedora/fedora-security/audit
In directory cvs-int.fedora.redhat.com:/tmp/cvs-serv19784
Modified Files:
fc6
Log Message:
Updated the updated updates :)
Index: fc6
===================================================================
RCS file: /cvs/fedora/fedora-security/audit/fc6,v
retrieving revision 1.228
retrieving revision 1.229
diff -u -r1.228 -r1.229
--- fc6 2 Aug 2007 12:58:54 -0000 1.228
+++ fc6 2 Aug 2007 15:19:32 -0000 1.229
@@ -12,6 +12,7 @@
CVE-2007-3841 ignore (pidgin) ethically disclosed
CVE-2007-3820 ** (kdebase) #248537
CVE-2007-3799 ** (php)
+CVE-2007-3798 version (tcpdump, fixed 3.9.7) #250290 [since FEDORA-2007-654]
CVE-2007-3782 ** (mysql)
CVE-2007-3781 ** (mysql)
CVE-2007-3508 ignore (glibc) not an issue
@@ -22,8 +23,10 @@
CVE-2007-3391 version (wireshark, fixed 0.99.6) [since FEDORA-2007-628]
CVE-2007-3390 version (wireshark, fixed 0.99.6) [since FEDORA-2007-628]
CVE-2007-3389 version (wireshark, fixed 0.99.6) [since FEDORA-2007-628]
+CVE-2007-3381 version (gdm, fixed 2.18.4) #250277 [since FEDORA-2007-653]
CVE-2007-3378 ignore (php) safe mode escape
CVE-2007-3377 version (perl-Net-DNS, fixed 0.60) #245614 [since FEDORA-2007-609]
+CVE-2007-3741 version (gimp, fixed 2.2.16) #247567 [since FEDORA-2007-627]
CVE-2007-3304 backport (httpd) #244660 [since FEDORA-2007-615]
CVE-2007-3257 backport (evolution) #244287 [since FEDORA-2007-594]
CVE-2007-3126 ignore (gimp) just a crash
@@ -76,12 +79,12 @@
CVE-2007-1262 version (squirrelmail, fixed 1.4.10a) #239704 [since FEDORA-2007-505]
CVE-2007-1218 backport (tcpdump) 232349 [since FEDORA-2007-347]
CVE-2007-1006 version (ekiga, fixed 2.0.5) #229259 [since FEDORA-2007-322]
-CVE-2007-1004 VULNERABLE (firefox, ...)
+CVE-2007-1004 VULNERABLE (firefox) https://bugzilla.mozilla.org/show_bug.cgi?id=390627
CVE-2007-1003 backport (xorg-x11-server, fixed > X11R7.2) #235263 [since FEDORA-2007-425]
CVE-2007-1002 backport (evolution) #233587 [since FEDORA-2007-393]
CVE-2007-1000 version (kernel, fixed 2.6.20) [since FEDORA-2007-335]
CVE-2007-0998 backport (xen) #230295 [since FEDORA-2007-343]
-CVE-2007-0981 VULNERABLE (firefox, ...)
+CVE-2007-0981 version (mozilla)
CVE-2007-0823 ignore (xterm) feature, not a bug
CVE-2007-0822 ignore (util-linux) NULL dereference
CVE-2007-0772 version (kernel) [since FEDORA-2007-291]
@@ -130,7 +133,7 @@
CVE-2006-6144 ** krb5
CVE-2006-6143 ** krb5
CVE-2006-6142 backport (squirrelmail) #218297 [since FEDORA-2007-089]
-CVE-2006-6128 VULNERABLE (kernel, fixed **)
+CVE-2006-6128 VULNERABLE (kernel) #250625
CVE-2006-6107 VULNERABLE (dbus, fixed 1.0.2) #219665
CVE-2006-6106 version (kernel, fixed 2.6.19.2, fixed 2.6.20-rc5) [since FEDORA-2006-1471]
CVE-2006-6105 version (gdm, fixed 2.14.11) [since FEDORA-2006-1468]
@@ -138,8 +141,8 @@
CVE-2006-6097 backport (tar) [since FEDORA-2006-1393]
CVE-2006-6077 version (firefox, fixed 1.5.0.10) [since FEDORA-2007-293]
CVE-2006-6060 ignore (kernel, fixed 2.6.19-rc2) no NTFS support
-CVE-2006-6058 VULNERABLE (kernel, fixed **)
-CVE-2006-6057 VULNERABLE (kernel, fixed **)
+CVE-2006-6058 VULNERABLE (kernel) #250623
+CVE-2006-6057 version (kernel, fixed kernel-2_6_20-1_2924_fc6) [since FEDORA-2007-432]
CVE-2006-6056 version (kernel, fixed 2.6.19) [since FEDORA-2007-058] was backport since FEDORA-2006-1471
CVE-2006-6054 version (kernel, fixed fixed 2.6.19.2) [since FEDORA-2007-058]
CVE-2006-6053 version (kernel, fixed 2.6.19.2) [since FEDORA-2007-058] was backport since FEDORA-2006-1223
@@ -167,7 +170,7 @@
CVE-2006-5747 version (thunderbird, fixed 1.5.0.8) [since FEDORA-2006-1192]
CVE-2006-5747 version (firefox, fixed 1.5.0.8) [since FEDORA-2006-1191]
CVE-2006-5706 ignore (php, fixed 5.2.0) safe mode isn't safe
-CVE-2006-5701 VULNERABLE (kernel) squashfs is not included upstream
+CVE-2006-5701 version (kernel, fixed kernel-2_6_20-1_2927_fc6) #219534 [since FEDORA-2007-600]
CVE-2006-5633 ignore (firefox) just a client DoS
CVE-2006-5619 version (kernel, fixed 2.6.18.2, fixed 2.6.19-rc4) [since FEDORA-2006-1223]
CVE-2006-5595 version (wireshark, fixed 0.99.4) [since FEDORA-2006-1140]
@@ -199,7 +202,7 @@
CVE-2006-5214 version (xorg-x11-xdm)
CVE-2006-5214 ignore (kdebase) #212166 links to xinit Xsession
CVE-2006-5214 VULNERABLE (xorg-x11-xinit) #212167
-CVE-2006-5178 VULNERABLE (php) can't be fixed
+CVE-2006-5178 ignore (php) safe mode escape
CVE-2006-5174 ignore (kernel, fixed 2.6.19-rc1) s390 only
CVE-2006-5173 ignore (kernel, fixed 2.6.18) protected by exec-shield
CVE-2006-5170 version (nss_ldap, fixed 183)
@@ -240,10 +243,10 @@
CVE-2006-4566 version (firefox, fixed 1.5.0.7)
CVE-2006-4565 version (thunderbird, fixed 1.5.0.7)
CVE-2006-4565 version (firefox, fixed 1.5.0.7)
-CVE-2006-4561 VULNERABLE (firefox)
+CVE-2006-4561 ignore (firefox) An attacker needs to control DNS
CVE-2006-4538 version (kernel, fixed after 2.6.18-rc6)
CVE-2006-4535 version (kernel, fixed 2.6.18-rc6)
-CVE-2006-4519 VULNERABLE (gimp) #247567
+CVE-2006-4519 version (gimp, fixed 2.2.16) #247567 [since FEDORA-2007-627]
CVE-2006-4514 backport (libgsf) [since FEDORA-2006-1417]
CVE-2006-4507 ignore (libtiff) can't reproduce
CVE-2006-4486 version (php, fixed 5.1.6)
@@ -660,7 +663,7 @@
CVE-2006-0035 version (kernel, only 2.6.14 and 2.6.15)
CVE-2006-0019 version (kdelibs, fixed 3.5.1)
CVE-2005-4811 version (kernel, fixed 2.6.13)
-CVE-2005-4809 VULNERABLE (firefox)
+CVE-2005-4809 VULNERABLE (firefox) https://bugzilla.mozilla.org/show_bug.cgi?id=390630
CVE-2005-4808 ignore (binutils, gas fixed 20050714) this is a bug
CVE-2005-4807 ignore (binutils, gas fixed 20050721) this is a bug
CVE-2005-4798 version (kernel, not 2.6)
More information about the fedora-extras-commits
mailing list