fedora-security/audit fc6,1.247,1.248 fc7,1.80,1.81

Tomas Hoger (thoger) fedora-extras-commits at redhat.com
Tue Aug 28 07:21:55 UTC 2007 

Author: thoger

Update of /cvs/fedora/fedora-security/audit
In directory cvs-int.fedora.redhat.com:/tmp/cvs-serv15556/audit

Modified Files:
	fc6 fc7 
Log Message:
Mostly Fedora updates.



Index: fc6
===================================================================
RCS file: /cvs/fedora/fedora-security/audit/fc6,v
retrieving revision 1.247
retrieving revision 1.248
diff -u -r1.247 -r1.248
--- fc6	24 Aug 2007 13:06:22 -0000	1.247
+++ fc6	28 Aug 2007 07:21:53 -0000	1.248
@@ -5,7 +5,7 @@
 # (mozilla) = (firefox, seamonkey, thunderbird, yelp, devhelp, galeon, liferea. epiphany)
 
 # Up to date CVE as of CVE email 20070823
-# Up to date FC6 as of 20070823
+# Up to date FC6 as of 20070827
 
 CVE-2007-4357 ignore (firefox) status bar can be overwrittten
 CVE-2007-4255 ignore (php) msql extension not shipped
@@ -20,7 +20,7 @@
 CVE-2007-4168 backport (libexif) #243892 [since FEDORA-2007-614]
 CVE-2007-3962 ignore (gftp) multiple buffer overflows in fsplib, not on Linux
 CVE-2007-3961 ignore (gftp) off-by-one error in fsplib
-CVE-2007-3852 VULNERABLE (sysstat) #252296
+CVE-2007-3852 backport (sysstat) #252296 [since FEDORA-2007-675]
 CVE-2007-3847 VULNERABLE (httpd) #250756
 CVE-2007-3845 ignore (firefox) windows specific
 CVE-2007-3844 VULNERABLE (firefox) #250648 "fixed on next update"
@@ -77,7 +77,7 @@
 CVE-2007-1862 backport (httpd) #244660 [since FEDORA-2007-615]
 CVE-2007-1861 version (kernel) [since FEDORA-2007-482]
 CVE-2007-1856 backport (vixie-cron) #235882 [since FEDORA-2007-662]
-CVE-2007-1841 VULNERABLE (ipsec-tools) #238052 [sconklin] Developer busy -- next week.
+CVE-2007-1841 backport (ipsec-tools) #238052 [since FEDORA-2007-665]
 CVE-2007-1797 backport (ImageMagick) #235075 [since FEDORA-2007-413]
 CVE-2007-1667 backport (libX11) [since FEDORA-2007-426]
 CVE-2007-1565 ignore (kdebase) client crash
@@ -204,7 +204,7 @@
 CVE-2006-5469 version (wireshark, fixed 0.99.4) [since FEDORA-2006-1140]
 CVE-2006-5468 version (wireshark, fixed 0.99.4) [since FEDORA-2006-1140]
 CVE-2006-5467 backport (ruby) #212396 [since FEDORA-2006-1109]
-CVE-2006-5466 VULNERABLE (rpm) #212833
+CVE-2006-5466 version (rpm) #212833 [since FEDORA-2007-668]
 CVE-2006-5465 backport (php, fixed 5.2.0) #213732 [since FEDOA-2006-1169]
 CVE-2006-5464 version (thunderbird, fixed 1.5.0.8) [since FEDORA-2006-1192]
 CVE-2006-5464 version (firefox, fixed 1.5.0.8) [since FEDORA-2006-1191]


Index: fc7
===================================================================
RCS file: /cvs/fedora/fedora-security/audit/fc7,v
retrieving revision 1.80
retrieving revision 1.81
diff -u -r1.80 -r1.81
--- fc7	24 Aug 2007 13:06:22 -0000	1.80
+++ fc7	28 Aug 2007 07:21:53 -0000	1.81
@@ -6,8 +6,12 @@
 # A couple of first F7 updates were marked as FEDORA-2007-0001
 
 # Up to date CVE as of CVE email 20070823
-# Up to date FC7 as of 20070823
+# Up to date FC7 as of 20070827
 
+CVE-2007-4559 VULNERABLE (python) tarfile module - directory traversal
+CVE-2007-4543 version (bugzilla, 3.0.1) #256021 [since FEDORA-2007-1853]
+CVE-2007-4539 version (bugzilla, 3.0.1) #256021 [since FEDORA-2007-1853]
+CVE-2007-4538 version (bugzilla, 3.0.1) #256021 [since FEDORA-2007-1853]
 CVE-2007-4510 VULNERABLE (clamav, 0.91.2) #253780
 CVE-2007-4462 version (po4a) #253541 [since FEDORA-2007-1763]
 CVE-2007-4460 backport (id3lib) #253553 [since FEDORA-2007-1774]
@@ -27,7 +31,7 @@
 CVE-2007-4153 ignore (wordpress) "remote authenticated administrators"
 CVE-2007-4154 ignore (wordpress) "remote authenticated administrators"
 CVE-2007-4139 VULNERABLE (wordpress) #250751
-CVE-2007-4134 VULNERABLE (star, fixed 1.5a84) #254128
+CVE-2007-4134 version (star, fixed 1.5a84) #254128 [since FEDORA-2007-1852]
 CVE-2007-4131 VULNERABLE (tar) #253684
 CVE-2007-4029 backport (libvorbis) #245991 [since FEDORA-2007-1765]
 CVE-2007-3962 ignore (gftp) multiple buffer overflows in fsplib, not on Linux
@@ -124,7 +128,7 @@
 CVE-2007-3007 ignore (php) safe mode isn't safe
 *CVE-2007-2975 (openfire)
 CVE-2007-2958 VULNERABLE (claws-mail) #254121
-CVE-2007-2958 VULNERABLE (sylpheed) #254123
+CVE-2007-2958 backport (sylpheed) #254123 [since FEDORA-2007-1841]
 CVE-2007-2956 backport (qtpfsgui) #251674 [since FEDORA-2007-1581]
 CVE-2007-2949 version (gimp, fixed, 2.2.16) [since FEDORA-2007-0725]
 CVE-2007-2926 version (bind, fixed 9.4.1) [since FEDORA-2007-1247]

More information about the fedora-extras-commits mailing list