fedora-security/audit fc6,1.262,1.263 fc7,1.110,1.111

Tomas Hoger (thoger) fedora-extras-commits at redhat.com
Wed Sep 19 15:39:20 UTC 2007 

Author: thoger

Update of /cvs/fedora/fedora-security/audit
In directory cvs-int.fedora.redhat.com:/tmp/cvs-serv24650/audit

Modified Files:
	fc6 fc7 
Log Message:
Few more issues.



Index: fc6
===================================================================
RCS file: /cvs/fedora/fedora-security/audit/fc6,v
retrieving revision 1.262
retrieving revision 1.263
diff -u -r1.262 -r1.263
--- fc6	19 Sep 2007 13:24:50 -0000	1.262
+++ fc6	19 Sep 2007 15:39:17 -0000	1.263
@@ -7,7 +7,10 @@
 # Up to date CVE as of CVE email 20070914
 # Up to date FC6 as of 20070916
 
-CVE-2007-4897 VULNERABLE (ekiga, version 2.0.9 ?)
+CVE-2007-4965 VULNERABLE (python) imageop module heap overflow
+CVE-2007-4924 VULNERABLE (ekiga, version 2.0.10) really opal 2.2.10
+CVE-2007-4897 VULNERABLE (ekiga, version 2.0.9) really opal 2.2.8
+CVE-2007-4829 VULNERABLE (perl-Archive-Tar)
 CVE-2007-4826 VULNERABLE (quagga, fixed 0.99.9)
 CVE-2007-4752 VULNERABLE (openssh) #280471
 CVE-2007-4743 backport (krb5) incomplete CVE-2007-3999 fix [since FEDORA-2007-694]
@@ -21,6 +24,8 @@
 CVE-2007-4658 VULNERABLE (php, fixed 5.2.4) #278011
 CVE-2007-4657 VULNERABLE (php, fixed 5.2.4)
 CVE-2007-4565 backport (fetchmail) #260881 [since FEDORA-2007-689]
+CVE-2007-4559 VULNERABLE (python) tarfile module - directory traversal
+CVE-2007-4558 ignore (star, fixed 1.5a84) duplicate of CVE-2007-4134
 CVE-2007-4357 ignore (firefox) status bar can be overwrittten
 CVE-2007-4255 ignore (php) msql extension not shipped
 CVE-2007-4251 ignore (openoffice.org) just a crash


Index: fc7
===================================================================
RCS file: /cvs/fedora/fedora-security/audit/fc7,v
retrieving revision 1.110
retrieving revision 1.111
diff -u -r1.110 -r1.111
--- fc7	19 Sep 2007 13:24:50 -0000	1.110
+++ fc7	19 Sep 2007 15:39:17 -0000	1.111
@@ -11,11 +11,14 @@
 GENERIC-MAP-NOMATCH VULNERABLE (libsndfile) #296221
 GENERIC-MAP-NOMATCH VULNERABLE (duplicity) #293081
 GENERIC-MAP-NOMATCH VULNERABLE (nx) #293031
-CVE-2007-4897 version (ekiga, version 2.0.9 ?) 
+CVE-2007-4965 VULNERABLE (python) imageop module heap overflow
+CVE-2007-4924 VULNERABLE (ekiga, version 2.0.10) really opal 2.2.10
+CVE-2007-4897 version (ekiga, version 2.0.9) really opal 2.2.8
 CVE-2007-4894 version (wordpress, fixed 2.2.3) [since FEDORA-2007-2143]
 CVE-2007-4893 version (wordpress, fixed 2.2.3) [since FEDORA-2007-2143]
 CVE-2007-4841 ignore (mozilla suite) Windows only
 CVE-2007-4840 ignore (php)
+CVE-2007-4829 VULNERABLE (perl-Archive-Tar)
 CVE-2007-4828 (mediawiki, fixed 1.11.0, 1.10.2, 1.9.4) #287881
 CVE-2007-4826 VULNERABLE (quagga, fixed 0.99.9) in updates-testing
 CVE-2007-4752 VULNERABLE (openssh) #280461
@@ -36,7 +39,7 @@
 CVE-2007-4565 backport (fetchmail) #260861 [since FEDORA-2007-1983]
 CVE-2007-4560 version (clamav) #260583 [since FEDORA-2007-2050]
 CVE-2007-4559 VULNERABLE (python) tarfile module - directory traversal
-CVE-2007-4558 version (star, fixed 1.5a84) [since FEDORA-2007-1852]
+CVE-2007-4558 ignore (star, fixed 1.5a84) duplicate of CVE-2007-4134
 CVE-2007-4543 version (bugzilla, fixed 3.0.1) #256021 [since FEDORA-2007-1853]
 CVE-2007-4542 version (mapserver, fixed 4.10.3) #256561 [since FEDORA-2007-2018]
 CVE-2007-4539 version (bugzilla, fixed 3.0.1) #256021 [since FEDORA-2007-1853]

More information about the fedora-extras-commits mailing list