From fedora-security-commits at redhat.com Mon Dec 3 12:49:18 2007 From: fedora-security-commits at redhat.com (fedora-security-commits at redhat.com) Date: Mon, 3 Dec 2007 07:49:18 -0500 Subject: [Fedora-security-commits] fedora-security/audit f8, 1.29, 1.30 f9, 1.25, 1.26 fc7, 1.186, 1.187 Message-ID: <200712031249.lB3CnIGR024549@cvs-int.fedora.redhat.com> Author: thoger Update of /cvs/fedora/fedora-security/audit In directory cvs-int.fedora.redhat.com:/tmp/cvs-serv24527/audit Modified Files: f8 f9 fc7 Log Message: add second wesnoth cve id Index: f8 =================================================================== RCS file: /cvs/fedora/fedora-security/audit/f8,v retrieving revision 1.29 retrieving revision 1.30 diff -u -r1.29 -r1.30 --- f8 30 Nov 2007 12:18:11 -0000 1.29 +++ f8 3 Dec 2007 12:49:16 -0000 1.30 @@ -7,6 +7,7 @@ # Up to date CVE as of CVE email 20071030 # Up to date F8 as of 20071029 +CVE-2007-6201 VULNERABLE (wesnoth, fixed 1.2.8) CVE-2007-6183 VULNERABLE (ruby-gnome2) #405601 CVE-2007-6110 backport (htdig) [since FEDORA-2007-3958] CVE-2007-6100 version (phpMyAdmin, fixed 2.11.2.2) [since FEDORA-2007-3639] Index: f9 =================================================================== RCS file: /cvs/fedora/fedora-security/audit/f9,v retrieving revision 1.25 retrieving revision 1.26 diff -u -r1.25 -r1.26 --- f9 30 Nov 2007 12:18:11 -0000 1.25 +++ f9 3 Dec 2007 12:49:16 -0000 1.26 @@ -7,6 +7,7 @@ # Up to date CVE as of CVE email 20071030 # Up to date F9 as of 20071029 +CVE-2007-6201 version (wesnoth, fixed 1.2.8) [since wesnoth-1.2.8-3.fc9] CVE-2007-6183 VULNERABLE (ruby-gnome2) #405611 CVE-2007-6110 version (htdig) [since htdig-3.2.0b6-13.fc9] CVE-2007-6100 version (phpMyAdmin, fixed 2.11.2.2) @@ -30,7 +31,7 @@ GENERIC-MAP-NOMATCH VULNERABLE (nx) #293031 CVE-2007-5770 backport (ruby) #373401 [since ruby-1.8.6.111-1] CVE-2007-5751 version (liferea, fixed 1.4.6) #360641 [since liferea-1.4.6-3.fc9] -CVE-2007-5742 VULNERABLE (wesnoth, fixed 1.2.8) +CVE-2007-5742 version (wesnoth, fixed 1.2.8) [since wesnoth-1.2.8-3.fc9] CVE-2007-5712 version (Django, fixed 0.96.1) #362781 [since Django-0.96.1-1.fc9] CVE-2007-5708 version (openldap, fixed 2.3.39) #360091 [since openldap-2.3.39-1.fc9] CVE-2007-5707 version (openldap, fixed 2.3.39) #360091 [since openldap-2.3.39-1.fc9] Index: fc7 =================================================================== RCS file: /cvs/fedora/fedora-security/audit/fc7,v retrieving revision 1.186 retrieving revision 1.187 diff -u -r1.186 -r1.187 --- fc7 30 Nov 2007 12:18:11 -0000 1.186 +++ fc7 3 Dec 2007 12:49:16 -0000 1.187 @@ -8,6 +8,7 @@ # Up to date CVE as of CVE email 20071030 # Up to date FC7 as of 20071029 +CVE-2007-6201 VULNERABLE (wesnoth, fixed 1.2.8) CVE-2007-6183 VULNERABLE (ruby-gnome2) #405591 CVE-2007-6110 backport (htdig) [since FEDORA-2007-3907] CVE-2007-6100 version (phpMyAdmin, fixed 2.11.2.2) [since FEDORA-2007-3666] From fedora-security-commits at redhat.com Mon Dec 3 16:50:16 2007 From: fedora-security-commits at redhat.com (fedora-security-commits at redhat.com) Date: Mon, 3 Dec 2007 11:50:16 -0500 Subject: [Fedora-security-commits] fedora-security/manifest dist-f8-updates, 1.1, 1.2 dist-f9-build, 1.1, 1.2 dist-fc7-updates, 1.7, 1.8 Message-ID: <200712031650.lB3GoGgh005415@cvs-int.fedora.redhat.com> Author: lkundrak Update of /cvs/fedora/fedora-security/manifest In directory cvs-int.fedora.redhat.com:/tmp/cvs-serv5328 Modified Files: dist-f8-updates dist-f9-build dist-fc7-updates Log Message: Update View full diff with command: /usr/bin/cvs -f diff -kk -u -N -r 1.1 -r 1.2 dist-f8-updates Index: dist-f8-updates =================================================================== RCS file: /cvs/fedora/fedora-security/manifest/dist-f8-updates,v retrieving revision 1.1 retrieving revision 1.2 diff -u -r1.1 -r1.2 --- dist-f8-updates 2 Nov 2007 01:49:21 -0000 1.1 +++ dist-f8-updates 3 Dec 2007 16:50:14 -0000 1.2 @@ -2,11 +2,14 @@ ---------------------------------------- -------------------- ---------------- 915resolution-0.5.3-2.fc8 dist-f8 cweyl AGReader-1.2-4.fc8 dist-f8 oddsocks +AcetoneISO-6.7-4.fc8 dist-f8-updates spot AllegroOGG-1.0.3-3.fc8 dist-f8 jwrdegoede BackupPC-3.0.0-3.fc8 dist-f8 trasher BibTool-2.48-6.fc7 fe7-merge jkeating -CCfits-1.7-1.fc8.1 dist-f8 sergiopr -CGAL-3.3.1-2.fc8 dist-f8 rineau +BlockOutII-2.3-3.fc8 dist-f8-updates jwrdegoede +CCfits-1.8-1.fc8 dist-f8-updates sergiopr +CGAL-3.3.1-8.fc8 dist-f8-updates rineau +CTL-1.4.1-3.fc8 dist-f8-updates kwizart Canna-3.7p3-21.fc8 dist-f8 tagoh CastPodder-5.0-8.fc6 fe7-merge jkeating ClanLib-0.8.0-6.fc8 dist-f8 jwrdegoede @@ -16,7 +19,7 @@ DMitry-1.3a-2.fc8 dist-f8 sindrepb Democracy-0.9.5.1-11.fc8 dist-f8 jkeating DevIL-1.6.8-0.13.rc2.fc8 dist-f8 oddsocks -Django-0.96-1.fc7 fe7-merge jkeating +Django-0.96.1-1.fc8 dist-f8-updates salimma ElectricFence-2.2.2-23 dist-fc7 jkeating FlightGear-0.9.11-0.4.pre1.fc8 dist-f8 bellet GConf2-2.20.1-1.fc8 dist-f8 mclasen @@ -30,7 +33,7 @@ Hermes-1.3.3-13.fc8 dist-f8 jwrdegoede HippoDraw-1.21.1-2.fc8 dist-f8 pfkeb ImageMagick-6.3.5.9-1.fc8 dist-f8 nmurray -Inventor-2.1.5-30.fc8 dist-f8 corsepiu +Inventor-2.1.5-30.fc8.1 dist-f8-updates corsepiu Io-language-20070710-2.fc8 dist-f8 jwrdegoede JSDoc-1.10.2-4.fc8 dist-f8 mcepl KoboDeluxe-0.4-0.4.pre10.fc8 dist-f8 jwrdegoede @@ -40,18 +43,18 @@ Maelstrom-3.0.6-14 dist-f8 notting MagicPoint-1.11b-4.fc8 dist-f8 jwrdegoede MegaMek-0.30.11-2.fc8 dist-f8 fitzsim -Miro-0.9.8.1-7.fc8 dist-f8 alexlan +Miro-1.0-2.fc8 dist-f8-updates alexlan MochiKit-1.3.1-1.fc6 fe7-merge jkeating MyPasswordSafe-0.6.7-1.20061216.fc8 dist-f8 ertzing MySQL-python-1.2.2-4.fc8 dist-f8 tgl -NetworkManager-0.7.0-0.5.svn3030.fc8 dist-f8 dcbw +NetworkManager-0.7.0-0.6.6.svn3109.fc8 dist-f8-updates dcbw NetworkManager-openvpn-0.7.0-2.svn3047.fc8 dist-f8 timn NetworkManager-vpnc-0.7.0-0.4.svn3030.fc8 dist-f8 notting ORBit-0.5.17-22.fc8 dist-f8 pghmcfc ORBit2-2.14.10-2.fc8 dist-f8 ausil OpenEXR-1.6.0-5.fc8 dist-f8 rdieter OpenIPMI-2.0.11-3.fc8 dist-f8 pknirsch -OpenSceneGraph-2.0-7.fc8 dist-f8 corsepiu +OpenSceneGraph-2.0-9.fc8 dist-f8-updates corsepiu PerceptualDiff-1.0.1-6.fc8 dist-f8 kwizart Perlbal-1.59-1.fc8 dist-f8 ruben Pixie-2.2.2-4.fc8 dist-f8 kwizart @@ -60,41 +63,45 @@ Pound-2.4-0.1.d.fc8 dist-f8 ruben PyKDE-3.16.0-7.fc8 dist-f8 rdieter PyOpenGL-3.0.0-0.4.a6.fc8 dist-f8 jwrdegoede -PyQt-3.17.1-1.fc7 dist-fc7 jkeating -PyQt-qscintilla-3.17.1-3.fc8 dist-f8 rdieter -PyQt4-4.2-8.fc8 dist-f8 rdieter +PyQt-3.17.3-3.fc8 dist-f8-updates rdieter +PyQt4-4.3.1-1.fc8 dist-f8-updates rdieter PyRTF-0.45-5.fc8 dist-f8 jamatos -PySolFC-1.1-3.fc7 dist-fc7-updates firewing +PySolFC-1.1-4.fc8 dist-f8-updates firewing +PySolFC-cardsets-1.1-3.2 dist-fc7-updates firewing PySolFC-music-4.40-3 dist-fc7-updates firewing PyX-0.9-5.fc8 dist-f8 jamatos PyXML-0.8.4-7 dist-f8 laroche Pyrex-0.9.5.1a-1.fc8 dist-f8 mbarnes PythonCAD-0.1.36-2.fc8 dist-f8 kwizart QuantLib-0.8.1-4.fc8 dist-f8 spot -R-2.6.0-3.fc8.1 dist-f8 spot -R-BufferedMatrix-1.0.1-6.fc8 dist-f8 jkeating -R-DynDoc-1.14.0-5.fc8 dist-f8 pingou +R-2.6.1-1.fc8 dist-f8-updates spot +R-BufferedMatrix-1.2.0-1.fc8 dist-f8-updates pingou +R-DynDoc-1.17.0-1.fc8 dist-f8-updates pingou R-RScaLAPACK-0.5.1-10.fc8.1 dist-f8 spot +R-abind-1.1-1.fc8 dist-f8-updates spot +R-acepack-1.3-2.fc8.1 dist-f8-updates spot R-hdf5-1.6.6-2.fc8 dist-f8 spot R-mAr-1.1-11.fc8 dist-f8 jamatos R-multcomp-0.992-3.fc8 dist-f8 orion R-mvtnorm-0.8-3.fc8 dist-f8 orion +R-rlecuyer-0.1-3.fc8 dist-f8-updates pingou R-systemfit-0.8-6.fc8 dist-f8 orion +R-tkWidgets-1.16.0-1.fc8 dist-f8-updates pingou R-waveslim-1.6-4.fc8 dist-f8 jamatos R-wavethresh-2.2-7.fc8 dist-f8 jamatos -R-widgetTools-1.12.0-12.fc8 dist-f8 pingou +R-widgetTools-1.15.0-1.fc8 dist-f8-updates pingou Ri-li-2.0.0-2.fc8 dist-f8 jwrdegoede SDL-1.2.12-2.fc8 dist-f8 twoerner SDL_Pango-0.1.2-7 dist-f8 thias SDL_gfx-2.0.16-4.fc8 dist-f8 thias SDL_image-1.2.6-3.fc8 dist-f8 bpepple -SDL_mixer-1.2.8-4.fc8 dist-f8 wtogami +SDL_mixer-1.2.8-5.fc8 dist-f8-updates bpepple SDL_net-1.2.7-3.fc8 dist-f8 bpepple -SDL_sound-1.0.1-8.fc7 dist-fc7-updates jwrdegoede +SDL_sound-1.0.1-8.fc8 dist-f8-updates jwrdegoede SDL_ttf-2.0.9-3.fc8 dist-f8 bpepple SDLmm-0.1.8-5.fc8 dist-f8 jwrdegoede SIBsim4-0.15-2.fc8 dist-f8 c4chris -SILLY-0.1.0-3.fc8 dist-f8 oddsocks +SILLY-0.1.0-4.fc8 dist-f8-updates oddsocks SIMVoleon-2.0.1-7.fc8 dist-f8 corsepiu SOAPpy-0.11.6-6.fc7 fe7-merge jkeating ScientificPython-2.6-10.fc8 dist-f8 jspaleta @@ -102,7 +109,7 @@ SoQt-1.4.1-6.fc8 dist-f8 corsepiu Sprog-0.14-12.fc6 fe7-merge jkeating SteGUI-0.0.1-12.fc8 dist-f8 pingou -TeXmacs-1.0.6.11-3.fc8 dist-f8 gemi +TeXmacs-1.0.6.12-1.fc8 dist-f8-updates gemi Terminal-0.2.6-3.fc8 dist-f8 kevin Thunar-0.8.0-3.fc8 dist-f8 kevin TnL-070909-2.fc8 dist-f8 jwrdegoede @@ -111,13 +118,13 @@ VLGothic-fonts-20070901-1.fc8 dist-f8 ryo WindowMaker-0.92.0-14.fc8 dist-f8 awjb Xaw3d-1.5E-10.1 dist-fc6 jkeating -Zim-0.19-1.fc7 dist-f8 jkeating +Zim-0.21-1.fc8 dist-f8-updates cweyl a2ps-4.13b-69.fc8 dist-f8 twaugh aalib-1.4.0-0.13.rc5.fc8 dist-f8 garrick aasaver-0.3.2-1.fc8 dist-f8 oddsocks abcMIDI-20070106-1.fc7 fe7-merge jkeating abcde-2.3.99.6-4.fc8 dist-f8 scop -abcm2ps-5.5.2-1.fc8 dist-f8 gemi +abcm2ps-5.6.1-2.fc8 dist-f8-updates gemi abe-1.1-6.fc8 dist-f8 wart abicheck-1.2-15 dist-f8 mschwendt abiword-2.4.6-6.fc8 dist-f8 lkundrak @@ -125,14 +132,14 @@ abuse-0.7.0-5.fc8 dist-f8 jwrdegoede abyssinica-fonts-1.0-2.fc8 dist-f8 bernie ack-1.64-1.fc8 dist-f8 iburrell -acl-2.2.39-10.fc8 dist-f8 jmoskovc +acl-2.2.39-12.fc8 dist-f8-updates jmoskovc acpi-0.09-2.fc6 fe7-merge jkeating -acpid-1.0.6-3.fc8 dist-f8 zprikryl +acpid-1.0.6-4.fc8 dist-f8-updates zprikryl acpitool-0.4.7-1.fc8 dist-f8 pertusus adaptx-0.9.13-4jpp.3.fc8 dist-f8 spot adime-2.2.1-6.fc8 dist-f8 jwrdegoede adjtimex-1.21-3.fc8 dist-f8 mlichvar -adminutil-1.1.4-2.fc8 dist-f8 rmeggins +adminutil-1.1.5-1.fc8 dist-f8-updates rmeggins adns-1.2-6.fc8 dist-f8 rvokal adplay-1.6-2.fc8 dist-f8 snirkel adplug-2.1-2.fc8 dist-f8 snirkel @@ -152,7 +159,7 @@ aldrin-0.11-6.fc8 dist-f8 akahl alex-2.1.0-5.fc8 dist-f8 bos alex4-1.0-4.fc8 dist-f8 jwrdegoede -alexandria-0.6.1-3.fc8 dist-f8 mtasaka +alexandria-0.6.2-0.2.b2.fc8 dist-f8-updates mtasaka alfont-2.0.6-3.fc8 dist-f8 jwrdegoede alienblaster-1.1.0-3.fc8 dist-f8 jwrdegoede alleggl-0.4.2-0.2.rc1.fc8 dist-f8 jwrdegoede @@ -174,11 +181,12 @@ amarok-1.4.7-7.fc8 dist-f8 abompard amarokFS-0.5-1.fc7 fe7-merge jkeating amavisd-new-2.5.2-2.fc8 dist-f8 steve +amoebax-0.2.0-1.fc8 dist-f8-updates jwrdegoede amqp-0.8-2rhm.1.fc7 fe7-merge jkeating -amsn-0.96-7.fc7 fe7-merge jkeating +amsn-0.96-11.fc8 dist-f8-updates tjikkun amtterm-1.0-1.fc8 dist-f8 kraxel amtu-1.0.5-1.fc7 dist-fc7 jkeating -anaconda-11.3.0.50-1 dist-f8 katzj +anaconda-11.3.0.50-2 dist-f8 pjones anacron-2.3-56.fc8 dist-f8 mmaslano and-1.2.2-4.fc8 dist-f8 s4504kr angrydd-1.0.1-3.fc8 dist-f8 rafalzaq @@ -187,7 +195,7 @@ anjuta-gdl-0.7.3-1.fc7 fe7-merge jkeating ant-1.7.0-1jpp.2.fc8 dist-f8 pcheung ant-contrib-1.0-0.4.b2.fc6 fe7-merge jkeating -anthy-9100b-1.fc8 dist-f8 tagoh +anthy-9100d-1.fc8 dist-f8-updates tagoh antiword-0.37-4 dist-f8 adrian antlr-2.7.7-1jpp.6.fc8 dist-f8 dbhole ants-1.4-3.fc8 dist-f8 jwrdegoede @@ -266,7 +274,7 @@ aspell-pl-6.0_20061121-1.fc7 dist-fc7 jkeating [...2812 lines suppressed...] vorbisgain-0.36-2.fc8 dist-f8 bpepple -vpnc-0.5.1-1.fc8 dist-f8 tmraz +vpnc-0.5.1-2.fc8 dist-f8-updates tmraz vsftpd-2.0.5-19.fc8 dist-f8 jkeating vte-0.16.9-1.fc8 dist-f8 mclasen vtk-5.0.3-20.fc8 dist-f8 jkeating vtkdata-5.0.3-6.fc7 dist-fc7-updates athimm -vym-1.8.1-9.fc8 dist-f8 limb +vym-1.10.0-1.fc8 dist-f8-updates limb w3c-libwww-5.4.1-0.6.20060206cvs.fc8 dist-f8 awjb w3c-markup-validator-0.8.2-2.fc8 dist-f8 scop w3m-0.5.2-5.fc8 dist-f8 pnemade @@ -4500,7 +4610,7 @@ wallpapoz-0.4.1-2.fc8 dist-f8 mtasaka wammu-0.19-3.fc8 dist-f8 laxathom warzone2100-2.0.7-5.fc8 dist-f8 karlik -wavbreaker-0.8.1-4.fc8 dist-f8 jkeating +wavbreaker-0.9-2.fc8 dist-f8-updates dmaley wavpack-4.41-1.fc7 dist-fc7 peter wbxml2-0.9.2-9.fc8 dist-f8 rineau wcstools-3.7.0-1.fc8 dist-f8 sergiopr @@ -4511,7 +4621,7 @@ websec-1.9.0-4.1 dist-f8 thl weechat-0.2.5-1.fc8 dist-f8 stingray werken-xpath-0.9.4-0.beta.12jpp.2 dist-fc7 jkeating -wesnoth-1.2.7-1.fc8 dist-f8 bpepple +wesnoth-1.2.8-2.fc8 dist-f8-updates bpepple wfmath-0.3.6-3.fc8 dist-f8 wart wfut-1.1.0-4.fc8 dist-f8 wart wget-1.10.2-16.fc8 dist-f8 karsten @@ -4525,8 +4635,8 @@ wifiroamd-1.12-1.fc8 dist-f8 edhill wildmidi-0.2.2-3.fc8 dist-f8 jwrdegoede windowlab-1.34-4.fc7 fe7-merge jkeating -wine-0.9.47-1.fc8 dist-f8 awjb -wine-docs-0.9.47-1.fc8 dist-f8 awjb +wine-0.9.49-1.fc8 dist-f8-updates awjb +wine-docs-0.9.49-1.fc8 dist-f8-updates awjb wings-0.98.36-1.fc7 fe7-merge jkeating winpdb-1.2.2-1.fc8.1 dist-f8 spot wireless-tools-29-0.2.pre22.fc8 dist-f8 caillon @@ -4539,8 +4649,8 @@ wmctrl-1.07-2.fc6 fe7-merge jkeating wmix-3.1-1.fc6 fe7-merge jkeating wmweather+-2.9-5.fc8 dist-f8 awjb -wmx-6pl1-14.fc6 fe7-merge jkeating -wordpress-2.2.3-0.fc8 dist-f8 adrian +wmx-6pl1-16.fc8 dist-f8-updates somlo +wordpress-2.3.1-1.fc8 dist-f8-updates adrian words-3.0-12.fc7 dist-fc7 jkeating wordtrans-1.1-0.2.pre13.fc7 dist-fc7 jkeating workrave-1.8.4-4.fc8 dist-f8 tmraz @@ -4548,9 +4658,10 @@ worminator-data-3.0R2.1-4.fc8 dist-f8 jwrdegoede wormux-0.7.9-5.fc8 dist-f8 wart wp_tray-0.5.3-5.fc8 dist-f8 denis -wpa_supplicant-0.5.7-15.fc8 dist-f8 dcbw -wqy-bitmap-fonts-0.8.1-8.fc8 dist-f8 petersen +wpa_supplicant-0.5.7-16.fc8 dist-f8-updates dcbw +wqy-bitmap-fonts-0.9.9-2.fc8 dist-f8-updates fangq wqy-unibit-fonts-1.1.0-4.fc8 dist-f8 fangq +wqy-zenhei-fonts-0.2.16-0.2.20071031cvs.fc8 dist-f8-updates fangq ws-commons-util-1.0.1-6.fc8 dist-f8 overholt ws-jaxme-0.5.1-2jpp.1.fc7 fe7-merge jkeating wsdl4j-1.5.2-4jpp.2.fc8 dist-f8 dbhole @@ -4560,7 +4671,7 @@ wvdial-1.60-3.fc8 dist-f8 notting wvs-data-0.0.20020219-3 fe7-merge jkeating wxGTK-2.8.4-6.fc8 dist-f8 jwrdegoede -wxGlade-0.5-6.fc8 dist-f8 hellwolf +wxGlade-0.6.1-1.fc8 dist-f8-updates hellwolf wxMaxima-0.7.2-4.fc8 dist-f8 rdieter wxPython-2.8.4.0-2.fc8 dist-f8 jkeating wxdfast-0.6.0-3.fc8 dist-f8 drago01 @@ -4570,6 +4681,7 @@ x2vnc-1.7.2-6.fc7 fe7-merge jkeating x3270-3.3.6-2.fc8 dist-f8 karsten x86info-1.20-1.28.fc8 dist-f8 davej +xalan-c-1.10.0-2.fc8 dist-f8-updates lkundrak xalan-j2-2.7.0-6jpp.1 dist-fc6 jkeating xaos-3.2.3-1.fc7 fe7-merge jkeating xapian-bindings-1.0.2-4.fc8 dist-f8 drago01 @@ -4592,7 +4704,7 @@ xchat-2.8.4-6.fc8 dist-f8 kkofler xchat-gnome-0.18-5.fc8 dist-f8 bpepple xchm-1.13-1.fc8 dist-f8 pertusus -xcircuit-3.4.26-23.fc8 dist-f8 chitlesh +xcircuit-3.4.27-1.fc8 dist-f8-updates chitlesh xclip-0.10-1.fc8 dist-f8 spot xcompmgr-1.1.3-7.fc8 dist-f8 deji xdaliclock-2.23-3.fc6 fe7-merge jkeating @@ -4652,7 +4764,7 @@ xfce4-xmms-plugin-0.5.1-1.fc7 fe7-merge jkeating xfdesktop-4.4.1-3.fc8 dist-f8 kevin xferstats-2.16-14.1 dist-fc6 jkeating -xfig-3.2.5-2.fc8 dist-f8 than +xfig-3.2.5-5.fc8 dist-f8-updates jwrdegoede xforms-1.0.90-10.fc8 dist-f8 rdieter xfprint-4.4.1-2.fc8 dist-f8 kevin xfsdump-2.2.46-1.fc8 dist-f8 sandeen @@ -4660,7 +4772,7 @@ xfwm4-4.4.1-3.fc8 dist-f8 kevin xfwm4-themes-4.4.1-2.fc8 dist-f8 kevin xgalaxy-2.0.34-7.fc8 dist-f8 jwrdegoede -xgrav-1.2.0-4.fc7 dist-fc7-updates limb +xgrav-1.2.0-5.fc8 dist-f8-updates limb xgrep-0.06-3.fc8 dist-f8 brendt xhtml1-dtds-1.0-7.1.1 dist-fc6 jkeating xine-lib-1.1.8-4.fc8 dist-f8 scop @@ -4701,8 +4813,8 @@ xmms-sid-0.8.0-0.4.beta17.fc8 dist-f8 mschwendt xmms-skins-1.2.10-15 fe7-merge jkeating xmms-speex-0.9.1-11 dist-f8 thias -xmoto-0.3.3-2.fc8 dist-f8 limb -xmoto-edit-0.2.4-10.fc8 dist-f8 limb +xmoto-0.3.4-1.fc8 dist-f8-updates limb +xmoto-edit-0.2.4-11.fc8 dist-f8-updates limb xom-1.0-3jpp.4.fc7 fe7-merge jkeating xoo-0.7-7.fc8 dist-f8 pwouters xorg-sgml-doctools-1.1.1-1.fc7 dist-fc7 jkeating @@ -4715,7 +4827,7 @@ xorg-x11-drv-apm-1.1.1-7.fc8 dist-f8 ajax xorg-x11-drv-ark-0.6.0-6.fc8 dist-f8 ajax xorg-x11-drv-ast-0.81.0-6.fc8 dist-f8 ajax -xorg-x11-drv-ati-6.7.195-3.fc8 dist-f8 airlied +xorg-x11-drv-ati-6.7.196-1.fc8 dist-f8-updates airlied xorg-x11-drv-avivo-0.0.1-6.fc8 dist-f8 krh xorg-x11-drv-calcomp-1.1.0-4.fc8 dist-f8 ajax xorg-x11-drv-chips-1.1.1-5.fc8 dist-f8 ajax @@ -4746,8 +4858,10 @@ xorg-x11-drv-neomagic-1.1.1-4.fc8 dist-f8 ajax xorg-x11-drv-nsc-2.8.1-4.fc8 dist-f8 ajax xorg-x11-drv-nv-2.1.5-2.fc8 dist-f8 airlied +xorg-x11-drv-openchrome-0.2.900-7.fc8 dist-f8-updates xavierb xorg-x11-drv-palmax-1.1.0-4.fc8 dist-f8 ajax xorg-x11-drv-penmount-1.1.0-3.fc7 dist-fc7 jkeating +xorg-x11-drv-radeonhd-0.0.2-0.7.20071017git.fc8 dist-f8 ndim xorg-x11-drv-rendition-4.1.3-5.fc8 dist-f8 ajax xorg-x11-drv-s3-0.5.0-5.fc8 dist-f8 ajax xorg-x11-drv-s3virge-1.9.1-5.fc8 dist-f8 ajax @@ -4792,8 +4906,8 @@ xorg-x11-xtrans-devel-1.0.3-5.fc8 dist-f8 ajax xosd-2.2.14-10.fc8 dist-f8 kevin xournal-0.4.1-3.fc8 dist-f8 rvinyard -xpa-2.1.7-0.3.b2.fc8 dist-f8 sergiopr -xpdf-3.02-3.fc8 dist-f8 spot +xpa-2.1.8-2.fc8 dist-f8-updates sergiopr +xpdf-3.02-4.fc8 dist-f8-updates spot xpilot-ng-4.7.2-13.fc8 dist-f8 wart xplanet-1.2.0-2.1.fc8.2 dist-f8 mtasaka xpp2-2.1.10-6jpp.1.fc7 fe7-merge jkeating @@ -4803,12 +4917,12 @@ xsane-0.994-4.fc8 dist-f8 nphilipp xsc-1.5-2.fc8 dist-f8 limb xscorch-0.2.0-12.fc8 dist-f8 mgarski -xscreensaver-5.03-12.fc8 dist-f8 mtasaka +xscreensaver-5.04-1.fc8 dist-f8-updates mtasaka xsp-1.2.1-1.fc7 fe7-merge jkeating xsri-2.1.0-12.fc8 dist-f8 ajax xsupplicant-1.2.8-4.fc8.3 dist-f8 spot xterm-229-2.fc8 dist-f8 mlichvar -xtide-2.9.4-1.fc8 dist-f8 mtasaka +xtide-2.9.4-3.fc8 dist-f8-updates mtasaka xu4-1.1-0.2.cvs20070510.fc8 dist-f8 jwrdegoede xvattr-1.3-14 dist-f8 thias xwnc-0.3.3-3.fc7 fe7-merge jkeating @@ -4817,27 +4931,27 @@ yaboot-1.3.13-5.fc8 dist-f8 dcantrel yadex-1.7.0-8.fc8 dist-f8 wart yafc-1.1.1-9.fc8 dist-f8 jkeating -yafray-0.0.9-4.fc8 dist-f8 kwizart +yafray-0.0.9-5.fc8 dist-f8-updates kwizart yakuake-2.7.5-4.fc7 fe7-merge jkeating -yap-5.1.1-7.fc8 dist-f8 gemi +yap-5.1.1-8.fc8 dist-f8-updates gemi yasm-0.6.2-1.fc8 dist-f8 thias yaz-3.0.8-1.fc8 dist-f8 icon -yelp-2.20.0-2.fc8 dist-f8 katzj +yelp-2.20.0-6.fc8 dist-f8-updates caillon yp-tools-2.9-2 dist-f8 steved ypbind-1.20.4-2.fc8 dist-f8 steved ypserv-2.19-6.fc8 dist-f8 steved ytalk-3.3.0-9.fc8 dist-f8 mmcgrath -yum-3.2.7-1.fc8 dist-f8 skvidal +yum-3.2.7-2.fc8 dist-f8-updates skvidal yum-arch-2.2.2-2.fc7 fe7-merge jkeating yum-cron-0.6-1.fc8 dist-f8 habig yum-metadata-parser-1.1.2-1.fc8 dist-f8 skvidal yum-presto-0.4.2-1.fc8 dist-f8 jdieter yum-updatesd-0.7-1.fc8 dist-f8 katzj yum-utils-1.1.8-1.fc8 dist-f8 timlau -yumex-2.0.2-1.fc8 dist-f8 timlau +yumex-2.0.3-2.fc8 dist-f8-updates timlau z88dk-1.6-11.fc8.1 dist-f8 spot zabbix-1.4.2-3.fc8 dist-f8 sharkcz -zaptel-1.4.2.1-1.fc7 fe7-merge jkeating +zaptel-1.4.6-1.fc8 dist-f8-updates jcollie zasx-1.30-5.fc8 dist-f8 jwrdegoede zd1211-firmware-1.4-1 dist-f8 kwizart zenity-2.20.0-2.fc8 dist-f8 mclasen View full diff with command: /usr/bin/cvs -f diff -kk -u -N -r 1.1 -r 1.2 dist-f9-build Index: dist-f9-build =================================================================== RCS file: /cvs/fedora/fedora-security/manifest/dist-f9-build,v retrieving revision 1.1 retrieving revision 1.2 diff -u -r1.1 -r1.2 --- dist-f9-build 16 Oct 2007 15:30:45 -0000 1.1 +++ dist-f9-build 3 Dec 2007 16:50:14 -0000 1.2 @@ -1,24 +1,26 @@ Build Tag Built by ---------------------------------------- -------------------- ---------------- -915resolution-0.5.3-2.fc8 dist-f8 cweyl AGReader-1.2-4.fc8 dist-f8 oddsocks +AcetoneISO-6.7-4.fc9 dist-f9 spot AllegroOGG-1.0.3-3.fc8 dist-f8 jwrdegoede -BackupPC-3.0.0-3.fc8 dist-f8 trasher +BackupPC-3.1.0-1.fc9 dist-f9 trasher BibTool-2.48-6.fc7 fe7-merge jkeating -CCfits-1.7-1.fc8.1 dist-f8 sergiopr -CGAL-3.3.1-2.fc8 dist-f8 rineau -Canna-3.7p3-21.fc8 dist-f8 tagoh +BlockOutII-2.3-4.fc9 dist-f9 jwrdegoede +CCfits-1.8-1.fc9 dist-f9 sergiopr +CGAL-3.3.1-8.fc9 dist-f9 rineau +CTL-1.4.1-3.fc9 dist-f9 kwizart +Canna-3.7p3-22.fc9 dist-f9 tagoh CastPodder-5.0-8.fc6 fe7-merge jkeating -ClanLib-0.8.0-6.fc8 dist-f8 jwrdegoede -ClanLib06-0.6.5-8.fc8 dist-f8 jwrdegoede -Coin2-2.5.0-2.fc8 dist-f8 corsepiu -ConsoleKit-0.2.3-1.fc8 dist-f8 mclasen +ClanLib-0.8.0-7.fc9 dist-f9 jwrdegoede +ClanLib06-0.6.5-9.fc9 dist-f9 jwrdegoede +Coin2-2.5.0-3.fc9 dist-f9 corsepiu +ConsoleKit-0.2.3-2.fc9 dist-f9 mclasen DMitry-1.3a-2.fc8 dist-f8 sindrepb DevIL-1.6.8-0.13.rc2.fc8 dist-f8 oddsocks -Django-0.96-1.fc7 fe7-merge jkeating +Django-0.96.1-1.fc9 dist-f9 salimma ElectricFence-2.2.2-23 dist-fc7 jkeating FlightGear-0.9.11-0.4.pre1.fc8 dist-f8 bellet -GConf2-2.20.1-1.fc8 dist-f8 mclasen +GConf2-2.20.1-2.fc9 dist-f9 mclasen GREYCstoration-2.5.2-6.fc8 dist-f8 deebs GeoIP-1.4.3-1.fc8 dist-f8 mfleming Glide3-20050815-6.fc8 dist-f8 jwrdegoede @@ -29,80 +31,88 @@ Hermes-1.3.3-13.fc8 dist-f8 jwrdegoede HippoDraw-1.21.1-2.fc8 dist-f8 pfkeb ImageMagick-6.3.5.9-1.fc8 dist-f8 nmurray -Inventor-2.1.5-30.fc8 dist-f8 corsepiu -Io-language-20070710-2.fc8 dist-f8 jwrdegoede +Inventor-2.1.5-30.fc9.1 dist-f9 corsepiu +Io-language-20071010-1.fc9 dist-f9 jwrdegoede JSDoc-1.10.2-4.fc8 dist-f8 mcepl -KoboDeluxe-0.4-0.4.pre10.fc8 dist-f8 jwrdegoede +KoboDeluxe-0.4.1-1.fc9 dist-f9 jwrdegoede LabPlot-1.5.1.6-4.fc8 dist-f8 chitlesh MAKEDEV-3.23-1.2 dist-fc6 jkeating Macaulay2-0.9.95-8.fc8 dist-f8 rdieter Maelstrom-3.0.6-14 dist-f8 notting MagicPoint-1.11b-4.fc8 dist-f8 jwrdegoede MegaMek-0.30.11-2.fc8 dist-f8 fitzsim -Miro-0.9.8.1-6.fc8 dist-f8 jkeating +Miro-0.9.9.9-1.fc9 dist-f9 alexlan MochiKit-1.3.1-1.fc6 fe7-merge jkeating MyPasswordSafe-0.6.7-1.20061216.fc8 dist-f8 ertzing MySQL-python-1.2.2-4.fc8 dist-f8 tgl -NetworkManager-0.7.0-0.3.svn2970.fc8 dist-f8 dcbw -NetworkManager-openvpn-0.3.2-7.fc6 fe7-merge jkeating -NetworkManager-vpnc-0.7.0-0.2.svn2970.fc8 dist-f8 dcbw -ORBit-0.5.17-21.fc7 fe7-merge jkeating +NetworkManager-0.7.0-0.8.svn3109.fc9 dist-f9 katzj +NetworkManager-openvpn-0.7.0-3.svn3047.fc9 dist-f9 timn +NetworkManager-vpnc-0.7.0-0.6.3.svn3109.fc9 dist-f9 denis +ORBit-0.5.17-22.fc9 dist-f9 pghmcfc ORBit2-2.14.10-2.fc8 dist-f8 ausil -OpenEXR-1.6.0-4.fc9 dist-f9 rdieter +OpenEXR-1.6.0-5.fc8 dist-f8 rdieter OpenIPMI-2.0.11-3.fc8 dist-f8 pknirsch -OpenSceneGraph-2.0-7.fc8 dist-f8 corsepiu +OpenSceneGraph-2.2.0-3.fc9 dist-f9 corsepiu +PackageKit-0.1.4-1.fc9 dist-f9 rnorwood PerceptualDiff-1.0.1-6.fc8 dist-f8 kwizart Perlbal-1.59-1.fc8 dist-f8 ruben Pixie-2.2.2-4.fc8 dist-f8 kwizart PolicyKit-0.6-1.fc8 dist-f8 davidz -PolicyKit-gnome-0.6-1.fc8 dist-f8 davidz -Pound-2.4-0.1.d.fc8 dist-f8 ruben -PyKDE-3.16.0-7.fc8 dist-f8 rdieter +PolicyKit-gnome-0.6-2.fc9 dist-f9 mclasen +Pound-2.4-0.1.e.fc9 dist-f9 ruben +PyKDE-3.16.0-11.fc9 dist-f9 rdieter PyOpenGL-3.0.0-0.4.a6.fc8 dist-f8 jwrdegoede -PyQt-3.17.1-1.fc7 dist-fc7 jkeating -PyQt-qscintilla-3.17.1-3.fc8 dist-f8 rdieter -PyQt4-4.2-8.fc9 dist-f9 rdieter +PyQt-3.17.3-3.fc9 dist-f9 rdieter +PyQt4-4.3.1-3.fc9 dist-f9 rdieter PyRTF-0.45-5.fc8 dist-f8 jamatos +PySolFC-1.1-4.fc9 dist-f9 firewing +PySolFC-cardsets-1.1-3.2 dist-fc7-updates firewing +PySolFC-music-4.40-3 dist-fc7-updates firewing PyX-0.9-5.fc8 dist-f8 jamatos -PyXML-0.8.4-7 dist-f8 laroche +PyXML-0.8.4-8 dist-f9 laroche Pyrex-0.9.5.1a-1.fc8 dist-f8 mbarnes PythonCAD-0.1.36-2.fc8 dist-f8 kwizart -QuantLib-0.8.1-3.fc8 dist-f8 spot -R-2.6.0-1.fc9 dist-f9 spot -R-BufferedMatrix-1.0.1-6.fc8 dist-f8 jkeating -R-DynDoc-1.14.0-5.fc8 dist-f8 pingou +QuantLib-0.8.1-4.fc9 dist-f9 spot +R-2.6.1-1.fc9 dist-f9 spot +R-BufferedMatrix-1.2.0-1.fc9 dist-f9 pingou +R-DynDoc-1.17.0-1.fc9 dist-f9 pingou R-RScaLAPACK-0.5.1-10.fc8.1 dist-f8 spot +R-abind-1.1-1.fc9 dist-f9 spot +R-acepack-1.3-2.fc9 dist-f9 spot R-hdf5-1.6.6-2.fc8 dist-f8 spot R-mAr-1.1-11.fc8 dist-f8 jamatos +R-multcomp-0.992-3.fc8 dist-f8 orion R-mvtnorm-0.8-3.fc8 dist-f8 orion +R-rlecuyer-0.1-3.fc9 dist-f9 pingou R-systemfit-0.8-6.fc8 dist-f8 orion +R-tkWidgets-1.16.0-1.fc9 dist-f9 pingou R-waveslim-1.6-4.fc8 dist-f8 jamatos R-wavethresh-2.2-7.fc8 dist-f8 jamatos -R-widgetTools-1.12.0-12.fc8 dist-f8 pingou -Ri-li-2.0.0-2.fc8 dist-f8 jwrdegoede -SDL-1.2.12-2.fc8 dist-f8 twoerner +R-widgetTools-1.15.0-1.fc9 dist-f9 pingou +Ri-li-2.0.1-1.fc9 dist-f9 jwrdegoede +SDL-1.2.12-3.fc9 dist-f9 twoerner SDL_Pango-0.1.2-7 dist-f8 thias SDL_gfx-2.0.16-4.fc8 dist-f8 thias SDL_image-1.2.6-3.fc8 dist-f8 bpepple -SDL_mixer-1.2.8-3.fc8 dist-f8 bpepple +SDL_mixer-1.2.8-5.fc9 dist-f9 bpepple SDL_net-1.2.7-3.fc8 dist-f8 bpepple +SDL_sound-1.0.1-8.fc9 dist-f9 jwrdegoede SDL_ttf-2.0.9-3.fc8 dist-f8 bpepple -SDLmm-0.1.8-5.fc8 dist-f8 jwrdegoede -SIBsim4-0.15-2.fc8 dist-f8 c4chris -SILLY-0.1.0-3.fc8 dist-f8 oddsocks +SIBsim4-0.16-1.fc9 dist-f9 c4chris +SILLY-0.1.0-4.fc9 dist-f9 oddsocks SIMVoleon-2.0.1-7.fc8 dist-f8 corsepiu SOAPpy-0.11.6-6.fc7 fe7-merge jkeating ScientificPython-2.6-10.fc8 dist-f8 jspaleta SimGear-0.3.11-0.3.pre1.fc8.2 dist-f8 spot -SoQt-1.4.1-6.fc8 dist-f8 corsepiu +SoQt-1.4.1-7.fc9 dist-f9 corsepiu Sprog-0.14-12.fc6 fe7-merge jkeating SteGUI-0.0.1-12.fc8 dist-f8 pingou -TeXmacs-1.0.6.11-3.fc8 dist-f8 gemi +TeXmacs-1.0.6.12-2.fc9 dist-f9 gemi Terminal-0.2.6-3.fc8 dist-f8 kevin -Thunar-0.8.0-3.fc8 dist-f8 kevin -TnL-070909-2.fc8 dist-f8 jwrdegoede -TnL-data-070909-1.fc8 dist-f8 jwrdegoede -TurboGears-1.0.3.2-5.fc8 dist-f8 toshio +Thunar-0.9.0-1.fc9 dist-f9 kevin +TnL-071111-1.fc9 dist-f9 jwrdegoede +TnL-data-071111-1.fc9 dist-f9 jwrdegoede +TurboGears-1.0.3.2-6.fc9 dist-f9 lmacken VLGothic-fonts-20070901-1.fc8 dist-f8 ryo WindowMaker-0.92.0-14.fc8 dist-f8 awjb Xaw3d-1.5E-10.1 dist-fc6 jkeating @@ -112,19 +122,21 @@ aasaver-0.3.2-1.fc8 dist-f8 oddsocks abcMIDI-20070106-1.fc7 fe7-merge jkeating abcde-2.3.99.6-4.fc8 dist-f8 scop -abcm2ps-5.5.2-1.fc8 dist-f8 gemi +abcm2ps-5.6.1-2.fc9 dist-f9 gemi abe-1.1-6.fc8 dist-f8 wart abicheck-1.2-15 dist-f8 mschwendt abiword-2.4.6-6.fc8 dist-f8 lkundrak abook-0.6.0-0.2.pre2.fc8 dist-f8 rathann abuse-0.7.0-5.fc8 dist-f8 jwrdegoede abyssinica-fonts-1.0-2.fc8 dist-f8 bernie +accrete-1.0-2.fc9 dist-f9 mmahut ack-1.64-1.fc8 dist-f8 iburrell -acl-2.2.39-10.fc8 dist-f8 jmoskovc +acl-2.2.45-2.fc9 dist-f9 jmoskovc acpi-0.09-2.fc6 fe7-merge jkeating -acpid-1.0.6-2.fc8 dist-f8 zprikryl +acpid-1.0.6-4.fc9 dist-f9 zprikryl acpitool-0.4.7-1.fc8 dist-f8 pertusus -adaptx-0.9.13-4jpp.1.fc7 dist-fc7 jkeating +adanaxisgpl-1.2.4-1.fc9 dist-f9 southa +adaptx-0.9.13-4jpp.3.fc8 dist-f8 spot adime-2.2.1-6.fc8 dist-f8 jwrdegoede adjtimex-1.21-3.fc8 dist-f8 mlichvar adminutil-1.1.4-2.fc8 dist-f8 rmeggins @@ -147,33 +159,36 @@ aldrin-0.11-6.fc8 dist-f8 akahl alex-2.1.0-5.fc8 dist-f8 bos alex4-1.0-4.fc8 dist-f8 jwrdegoede -alexandria-0.6.1-3.fc8 dist-f8 mtasaka [...5410 lines suppressed...] +xmlgraphics-commons-1.2-1 dist-f9 langel xmlindent-0.2.17-8.fc8 dist-f8 adrian +xmlroff-0.5.2-4.fc9 dist-f9 ivazquez xmlrpc-2.0.1-3jpp.2 dist-fc7 jkeating xmlrpc-c-1.06.18-1.fc8 dist-f8 ensc xmlrpc3-3.0-1jpp.4.fc8 dist-f8 overholt xmlsec1-1.2.9-8.1 dist-fc6 jkeating xmlstarlet-1.0.1-4.fc7 fe7-merge jkeating xmltex-20020625-8 dist-fc6 jkeating -xmlto-0.0.18-17 dist-f8 ovasik +xmlto-0.0.19-1.fc9 dist-f9 ovasik xmlunit-1.0-4jpp.1.fc7 fe7-merge jkeating xmms-1.2.10-36.fc7 fe7-merge jkeating xmms-acme-0.4.3-8 dist-f8 thias @@ -4676,22 +4897,22 @@ xmms-scrobbler-0.3.8.1-3.fc7 fe7-merge jkeating xmms-sid-0.8.0-0.4.beta17.fc8 dist-f8 mschwendt xmms-skins-1.2.10-15 fe7-merge jkeating -xmms-speex-0.9.1-11 dist-f8 thias -xmoto-0.3.3-2.fc8 dist-f8 limb -xmoto-edit-0.2.4-10.fc8 dist-f8 limb +xmms-speex-0.9.1-12 dist-f9 thias +xmoto-0.3.4-1.fc9 dist-f9 limb +xmoto-edit-0.2.4-11.fc9 dist-f9 limb xom-1.0-3jpp.4.fc7 fe7-merge jkeating xoo-0.7-7.fc8 dist-f8 pwouters xorg-sgml-doctools-1.1.1-1.fc7 dist-fc7 jkeating xorg-x11-apps-7.3-1.fc8 dist-f8 ajax xorg-x11-docs-1.3-1.fc7 dist-fc7 jkeating -xorg-x11-drivers-7.2-9.fc8 dist-f8 ajax +xorg-x11-drivers-7.2-10.fc9 dist-f9 ajax xorg-x11-drv-acecad-1.1.0-5.fc8 dist-f8 ajax xorg-x11-drv-aiptek-1.0.1-5.fc8 dist-f8 ajax xorg-x11-drv-amd-0.0-22.20070625.fc8 dist-f8 dcbw xorg-x11-drv-apm-1.1.1-7.fc8 dist-f8 ajax xorg-x11-drv-ark-0.6.0-6.fc8 dist-f8 ajax xorg-x11-drv-ast-0.81.0-6.fc8 dist-f8 ajax -xorg-x11-drv-ati-6.7.195-3.fc8 dist-f8 airlied +xorg-x11-drv-ati-6.7.195-5.fc9 dist-f9 ajax xorg-x11-drv-avivo-0.0.1-6.fc8 dist-f8 krh xorg-x11-drv-calcomp-1.1.0-4.fc8 dist-f8 ajax xorg-x11-drv-chips-1.1.1-5.fc8 dist-f8 ajax @@ -4700,30 +4921,32 @@ xorg-x11-drv-cyrix-1.1.0-5.fc8 dist-f8 ajax xorg-x11-drv-digitaledge-1.1.0-4.fc8 dist-f8 ajax xorg-x11-drv-dmc-1.1.0-3.fc7 dist-fc7 jkeating -xorg-x11-drv-dummy-0.2.0-5.fc8 dist-f8 ajax +xorg-x11-drv-dummy-0.2.0-6.fc9 dist-f9 ajax xorg-x11-drv-dynapro-1.1.0-3.fc7 dist-fc7 jkeating xorg-x11-drv-elographics-1.1.0-4.fc8 dist-f8 ajax -xorg-x11-drv-evdev-1.1.2-5.fc8 dist-f8 ajax -xorg-x11-drv-fbdev-0.3.1-4.fc8 dist-f8 ajax +xorg-x11-drv-evdev-1.2.0-1.fc9 dist-f9 ajax +xorg-x11-drv-fbdev-0.3.1-4.20071113.fc9 dist-f9 ajax xorg-x11-drv-fpit-1.1.0-4.fc8 dist-f8 ajax xorg-x11-drv-glint-1.1.1-7.fc8 dist-f8 ajax xorg-x11-drv-hyperpen-1.1.0-5.fc8 dist-f8 ajax xorg-x11-drv-i128-1.2.1-1.fc8 dist-f8 ajax xorg-x11-drv-i740-1.1.0-5.fc8 dist-f8 ajax -xorg-x11-drv-i810-2.1.1-5.fc8 dist-f8 airlied +xorg-x11-drv-i810-2.2.0-1.fc9 dist-f9 ajax xorg-x11-drv-jamstudio-1.1.0-4.fc8 dist-f8 ajax -xorg-x11-drv-keyboard-1.2.2-2.fc8 dist-f8 ajax +xorg-x11-drv-keyboard-1.2.2-3.fc9 dist-f9 ajax xorg-x11-drv-magellan-1.1.0-4.fc8 dist-f8 ajax xorg-x11-drv-magictouch-1.0.0.5-5.fc8 dist-f8 ajax xorg-x11-drv-mga-1.4.6.1-6.fc8 dist-f8 ajax xorg-x11-drv-microtouch-1.1.0-2.fc7 dist-fc7 jkeating -xorg-x11-drv-mouse-1.2.2-1.fc8 dist-f8 ajax +xorg-x11-drv-mouse-1.2.3-3.fc9 dist-f9 ajax xorg-x11-drv-mutouch-1.1.0-5.fc8 dist-f8 ajax xorg-x11-drv-neomagic-1.1.1-4.fc8 dist-f8 ajax xorg-x11-drv-nsc-2.8.1-4.fc8 dist-f8 ajax -xorg-x11-drv-nv-2.1.5-2.fc8 dist-f8 airlied +xorg-x11-drv-nv-2.1.6-2.fc9 dist-f9 ajax +xorg-x11-drv-openchrome-0.2.900-7.fc9 dist-f9 xavierb xorg-x11-drv-palmax-1.1.0-4.fc8 dist-f8 ajax xorg-x11-drv-penmount-1.1.0-3.fc7 dist-fc7 jkeating +xorg-x11-drv-radeonhd-1.0.0-0.1.20071130git.fc9 dist-f9 ndim xorg-x11-drv-rendition-4.1.3-5.fc8 dist-f8 ajax xorg-x11-drv-s3-0.5.0-5.fc8 dist-f8 ajax xorg-x11-drv-s3virge-1.9.1-5.fc8 dist-f8 ajax @@ -4740,20 +4963,20 @@ xorg-x11-drv-ur98-1.1.0-4.fc8 dist-f8 ajax xorg-x11-drv-v4l-0.1.1-8.fc8 dist-f8 ajax xorg-x11-drv-vermilion-1.0.0-2.fc8 dist-f8 ajax -xorg-x11-drv-vesa-1.3.0-10.fc8 dist-f8 ajax +xorg-x11-drv-vesa-1.3.0-11.20071113.fc9 dist-f9 ajax xorg-x11-drv-vga-4.1.0-5.fc8 dist-f8 ajax xorg-x11-drv-via-0.2.2-4.fc8 dist-f8 ajax xorg-x11-drv-vmmouse-12.4.3-1.fc8 dist-f8 ajax xorg-x11-drv-vmware-10.15.2-1.fc8 dist-f8 ajax -xorg-x11-drv-void-1.1.1-6.fc8 dist-f8 ajax +xorg-x11-drv-void-1.1.1-7.fc9 dist-f9 ajax xorg-x11-drv-voodoo-1.1.1-1.fc8 dist-f8 ajax xorg-x11-filesystem-7.1-2.fc6 dist-fc6 jkeating xorg-x11-font-utils-7.2-2.fc8 dist-f8 ajax -xorg-x11-fonts-7.2-3.fc8 dist-f8 ajax -xorg-x11-proto-devel-7.3-3.fc8 dist-f8 ajax +xorg-x11-fonts-7.2-4.fc9 dist-f9 krh +xorg-x11-proto-devel-7.3-7.fc9 dist-f9 ajax xorg-x11-resutils-7.1-4.fc8 dist-f8 ajax -xorg-x11-server-1.3.0.0-30.fc8 dist-f8 ajax -xorg-x11-server-utils-7.3-1.fc8 dist-f8 ajax +xorg-x11-server-1.4.99.1-0.10.fc9 dist-f9 ajax +xorg-x11-server-utils-7.3-2.fc9 dist-f9 airlied xorg-x11-twm-1.0.3-1.fc8 dist-f8 airlied xorg-x11-util-macros-1.1.5-1.fc7 dist-fc7 jkeating xorg-x11-utils-7.3-1.fc8 dist-f8 ajax @@ -4768,65 +4991,67 @@ xorg-x11-xtrans-devel-1.0.3-5.fc8 dist-f8 ajax xosd-2.2.14-10.fc8 dist-f8 kevin xournal-0.4.1-3.fc8 dist-f8 rvinyard -xpa-2.1.7-0.3.b2.fc8 dist-f8 sergiopr -xpdf-3.02-3.fc8 dist-f8 spot +xpa-2.1.8-2.fc9 dist-f9 sergiopr +xpdf-3.02-4.fc9 dist-f9 spot xpilot-ng-4.7.2-13.fc8 dist-f8 wart xplanet-1.2.0-2.1.fc8.2 dist-f8 mtasaka xpp2-2.1.10-6jpp.1.fc7 fe7-merge jkeating xpp3-1.1.3.8-1jpp.1.fc7 fe7-merge jkeating xprobe2-0.3-9.fc8 dist-f8 lmacken xrestop-0.4-3.fc8 dist-f8 ajax -xsane-0.994-4.fc8 dist-f8 nphilipp +xsane-0.995-2.fc9 dist-f9 nphilipp xsc-1.5-2.fc8 dist-f8 limb xscorch-0.2.0-12.fc8 dist-f8 mgarski -xscreensaver-5.03-11.fc8 dist-f8 mtasaka +xscreensaver-5.04-2.fc9 dist-f9 mtasaka xsp-1.2.1-1.fc7 fe7-merge jkeating -xsri-2.1.0-12.fc8 dist-f8 ajax -xsupplicant-1.2.8-4.fc8.1 dist-f8 spot +xsri-2.1.0-13.fc9 dist-f9 ajax +xsupplicant-1.2.8-4.fc9.4 dist-f9 spot xterm-229-2.fc8 dist-f8 mlichvar -xtide-2.9.4-1.fc8 dist-f8 mtasaka +xtide-2.9.4-3.fc9 dist-f9 mtasaka xu4-1.1-0.2.cvs20070510.fc8 dist-f8 jwrdegoede +xulrunner-1.9-0.beta1.3.fc9 dist-f9 stransky xvattr-1.3-14 dist-f8 thias xwnc-0.3.3-3.fc7 fe7-merge jkeating xwrits-2.24-2.fc6 fe7-merge jkeating xzgv-0.8-6.fc8 dist-f8 terjeros -yaboot-1.3.13-5.fc8 dist-f8 dcantrel +yaboot-1.3.13-8.fc9 dist-f9 dwmw2 yadex-1.7.0-8.fc8 dist-f8 wart yafc-1.1.1-9.fc8 dist-f8 jkeating -yafray-0.0.9-4.fc8 dist-f8 kwizart +yafray-0.0.9-5.fc9 dist-f9 kwizart yakuake-2.7.5-4.fc7 fe7-merge jkeating -yap-5.1.1-7.fc8 dist-f8 gemi +yap-5.1.1-8.fc9 dist-f9 gemi yasm-0.6.2-1.fc8 dist-f8 thias yaz-3.0.8-1.fc8 dist-f8 icon -yelp-2.20.0-1.fc8 dist-f8 mbarnes +yelp-2.20.0-8.fc9 dist-f9 stransky yp-tools-2.9-2 dist-f8 steved ypbind-1.20.4-2.fc8 dist-f8 steved ypserv-2.19-6.fc8 dist-f8 steved ytalk-3.3.0-9.fc8 dist-f8 mmcgrath -yum-3.2.7-1.fc8 dist-f8 skvidal +yum-3.2.7-2.fc9 dist-f9 skvidal yum-arch-2.2.2-2.fc7 fe7-merge jkeating -yum-cron-0.5-1.fc8 dist-f8 habig -yum-metadata-parser-1.1.2-1.fc8 dist-f8 skvidal -yum-presto-0.4.2-1.fc8 dist-f8 jdieter +yum-cron-0.6-1.fc8 dist-f8 habig +yum-metadata-parser-1.1.2-2.fc9 dist-f9 pnasrat +yum-presto-0.4.3-1.fc9 dist-f9 jdieter yum-updatesd-0.7-1.fc8 dist-f8 katzj -yum-utils-1.1.7-1.fc8 dist-f8 timlau -yumex-2.0.2-1.fc8 dist-f8 timlau +yum-utils-1.1.8-1.fc8 dist-f8 timlau +yumex-2.0.3-2.fc9 dist-f9 timlau z88dk-1.6-11.fc8.1 dist-f8 spot -zabbix-1.4.2-3.fc8 dist-f8 sharkcz -zaptel-1.4.2.1-1.fc7 fe7-merge jkeating +zabbix-1.4.2-4.fc9 dist-f9 sharkcz +zaf-0-0.1.20071123svn.fc9 dist-f9 caolanm +zaptel-1.4.6-1.fc9 dist-f9 jcollie zasx-1.30-5.fc8 dist-f8 jwrdegoede zd1211-firmware-1.4-1 dist-f8 kwizart -zenity-2.20.0-2.fc8 dist-f8 mclasen +zenity-2.20.1-1.fc9 dist-f9 mclasen zeroinstall-injector-0.30-2.fc8 dist-f8 salimma zhcon-0.2.6-5.fc7 fe7-merge jkeating zidrav-1.2.0-3.fc8 dist-f8 rathann zile-2.2.19-1.fc6 fe7-merge jkeating -zip-2.31-3.fc7 dist-fc7 jkeating +zip-2.31-5.fc9 dist-f9 varekova zisofs-tools-1.0.8-2.fc8 dist-f8 harald -zlib-1.2.3-14.fc8 dist-f8 varekova +zlib-1.2.3-16.fc9 dist-f9 varekova zoneminder-1.22.3-9.fc8 dist-f8 mebourne zsh-4.3.4-4.fc8 dist-f8 james zvbi-0.2.25-2.fc8 dist-f8 oddsocks zynaddsubfx-2.2.1-17.fc8 dist-f8 green zziplib-0.13.49-4.fc8 dist-f8 thias -zzuf-0.9-2.fc8 dist-f8 scop +zzuf-0.10-1.fc9 dist-f9 scop View full diff with command: /usr/bin/cvs -f diff -kk -u -N -r 1.7 -r 1.8 dist-fc7-updates Index: dist-fc7-updates =================================================================== RCS file: /cvs/fedora/fedora-security/manifest/dist-fc7-updates,v retrieving revision 1.7 retrieving revision 1.8 diff -u -r1.7 -r1.8 --- dist-fc7-updates 2 Nov 2007 01:50:15 -0000 1.7 +++ dist-fc7-updates 3 Dec 2007 16:50:14 -0000 1.8 @@ -2,10 +2,12 @@ ---------------------------------------- -------------------- ---------------- 915resolution-0.5.3-1.fc7 fe7-merge jkeating AGReader-1.2-4.fc7 dist-fc7-updates oddsocks +AcetoneISO-6.7-4.fc7 dist-fc7-updates spot AllegroOGG-1.0.3-3.fc6 fe7-merge jkeating BackupPC-3.0.0-3.fc7 dist-fc7-updates trasher BibTool-2.48-6.fc7 fe7-merge jkeating -CCfits-1.7-1.fc7 dist-fc7-updates sergiopr +BlockOutII-2.3-3.fc7 dist-fc7-updates jwrdegoede +CCfits-1.8-1.fc7 dist-fc7-updates sergiopr CGAL-3.3.1-2.fc7 dist-fc7-updates rineau Canna-3.7p3-21.fc7 dist-fc7-updates tagoh CastPodder-5.0-8.fc6 fe7-merge jkeating @@ -16,7 +18,7 @@ DMitry-1.3a-2.fc7 dist-fc7-updates sindrepb Democracy-0.9.6-2.fc7 dist-fc7-updates tscherf DevIL-1.6.8-0.13.rc2.fc7 dist-fc7-updates oddsocks -Django-0.96-1.fc7 fe7-merge jkeating +Django-0.96.1-1.fc7 dist-fc7-updates salimma ElectricFence-2.2.2-23 dist-fc7 jkeating FlightGear-0.9.10-6.fc7 dist-fc7 bellet GConf2-2.18.0.1-2.fc7 dist-fc7 jkeating @@ -30,7 +32,7 @@ Hermes-1.3.3-12.fc6 fe7-merge jkeating HippoDraw-1.21.1-2.fc7 dist-fc7-updates pfkeb ImageMagick-6.3.2.9-3.fc7 dist-fc7 jkeating -Inventor-2.1.5-26.fc7 fe7-merge jkeating +Inventor-2.1.5-29.fc7.1 dist-fc7-updates corsepiu Io-language-20070710-2.fc7 dist-fc7-updates jwrdegoede JSDoc-1.10.2-4.fc7 dist-fc7-updates mcepl KoboDeluxe-0.4-0.3.pre10.fc7 fe7-merge jkeating @@ -40,7 +42,7 @@ Maelstrom-3.0.6-13 fe7-merge jkeating MagicPoint-1.11b-4.fc7 fe7-merge jkeating MegaMek-0.30.11-1.fc7 fe7-merge jkeating -Miro-0.9.8.1-4.fc7 dist-fc7-updates alexlan +Miro-1.0-2.fc7 dist-fc7-updates alexlan MochiKit-1.3.1-1.fc6 fe7-merge jkeating MyPasswordSafe-0.6.7-1.20061216.fc7 dist-fc7-updates ertzing MySQL-python-1.2.2-3.fc7 dist-fc7-updates tgl @@ -58,29 +60,33 @@ Pound-2.3-1.fc7 fe7-merge jkeating PyKDE-3.16.0-6.fc7 fe7-merge jkeating PyOpenGL-3.0.0-0.3.a6.fc7 fe7-merge jkeating -PyQt-3.17.1-1.fc7 dist-fc7 jkeating -PyQt-qscintilla-3.17.1-1.fc7 fe7-merge jkeating -PyQt4-4.2-8.fc7 dist-fc7-updates rdieter +PyQt-3.17.3-3.fc7 dist-fc7-updates rdieter +PyQt4-4.3.1-1.fc7 dist-fc7-updates rdieter PyRTF-0.45-4.fc7 fe7-merge jkeating -PySolFC-1.1-3.fc7 dist-fc7-updates firewing +PySolFC-1.1-4.fc7 dist-fc7-updates firewing +PySolFC-cardsets-1.1-3.2 dist-fc7-updates firewing PySolFC-music-4.40-3 dist-fc7-updates firewing PyX-0.9-4.fc7 fe7-merge jkeating PyXML-0.8.4-6 dist-fc7 jkeating Pyrex-0.9.4-4.fc7 dist-fc7 jkeating PythonCAD-0.1.36-2.fc7 dist-fc7-updates kwizart -QuantLib-0.8.1-3.fc7 dist-fc7-updates spot -R-2.6.0-1.fc7 dist-fc7-updates spot -R-BufferedMatrix-1.0.1-5.fc7 dist-fc7-updates pingou -R-DynDoc-1.14.0-5.fc7 dist-fc7-updates pingou +QuantLib-0.8.1-4.fc7 dist-fc7-updates spot +R-2.6.1-1.fc7 dist-fc7-updates spot +R-BufferedMatrix-1.2.0-1.fc7 dist-fc7-updates pingou +R-DynDoc-1.17.0-1.fc7 dist-fc7-updates pingou R-RScaLAPACK-0.5.1-9.fc7 fe7-merge jkeating +R-abind-1.1-1.fc7 dist-fc7-updates spot +R-acepack-1.3-2.fc7.1 dist-fc7-updates spot R-hdf5-1.6.6-1.fc7 dist-fc7-updates spot R-mAr-1.1-10.fc7 fe7-merge jkeating R-multcomp-0.992-3.fc7 dist-fc7-updates orion R-mvtnorm-0.8-2.fc7 dist-fc7-updates orion +R-rlecuyer-0.1-3.fc7 dist-fc7-updates pingou R-systemfit-0.8-6.fc7 dist-fc7-updates orion +R-tkWidgets-1.16.0-1.fc7 dist-fc7-updates pingou R-waveslim-1.6-3.fc7 fe7-merge jkeating R-wavethresh-2.2-6.fc7 fe7-merge jkeating -R-widgetTools-1.12.0-12.fc7 dist-fc7-updates pingou +R-widgetTools-1.15.0-1.fc7 dist-fc7-updates pingou Ri-li-2.0.0-1.fc7 fe7-merge jkeating SDL-1.2.12-1.fc7 dist-fc7-updates twoerner SDL_Pango-0.1.2-4.fc6 fe7-merge jkeating @@ -88,6 +94,7 @@ SDL_image-1.2.5-4.fc7 fe7-merge jkeating SDL_mixer-1.2.7-3.fc7 dist-fc7-updates bpepple SDL_net-1.2.6-2.fc6 fe7-merge jkeating +SDL_sound-1.0.1-8.fc7 dist-fc7-updates jwrdegoede SDL_ttf-2.0.8-2.fc6 fe7-merge jkeating SDLmm-0.1.8-4.fc7 fe7-merge jkeating SIBsim4-0.15-1.fc7 fe7-merge jkeating @@ -99,7 +106,7 @@ SoQt-1.4.1-5.fc7 fe7-merge jkeating Sprog-0.14-12.fc6 fe7-merge jkeating SteGUI-0.0.1-12.fc7 dist-fc7-updates pingou -TeXmacs-1.0.6.11-2.fc7 dist-fc7-updates gemi +TeXmacs-1.0.6.12-1.fc7 dist-fc7-updates gemi Terminal-0.2.6-3.fc7 dist-fc7-updates kevin Thunar-0.8.0-1.fc7 fe7-merge jkeating TnL-070909-2.fc7 dist-fc7-updates jwrdegoede @@ -114,7 +121,7 @@ aasaver-0.3.2-1.fc7 dist-fc7-updates oddsocks abcMIDI-20070106-1.fc7 fe7-merge jkeating abcde-2.3.99.6-2.fc6 fe7-merge jkeating -abcm2ps-5.5.2-1.fc7 dist-fc7-updates gemi +abcm2ps-5.6.1-2.fc7 dist-fc7-updates gemi abe-1.1-5.fc7 dist-fc7-updates wart abicheck-1.2-11.7 dist-fc7-updates mschwendt abiword-2.4.6-5.fc7 fe7-merge jkeating @@ -122,7 +129,7 @@ abuse-0.7.0-3.fc6 fe7-merge jkeating abyssinica-fonts-1.0-1.fc7 dist-fc7-updates bernie ack-1.64-1.fc7 dist-fc7-updates iburrell -acl-2.2.39-3.1.fc7 dist-fc7 jkeating +acl-2.2.39-6.fc7 dist-fc7-updates jmoskovc acpi-0.09-2.fc6 fe7-merge jkeating acpid-1.0.4-8.fc7 dist-fc7-updates zprikryl acpitool-0.4.6-2.fc6 fe7-merge jkeating @@ -146,8 +153,9 @@ alacarte-0.11.3-3.fc7 dist-fc7 jkeating alchemist-1.0.37-1 dist-fc7 jkeating aldrin-0.11-5.fc7 dist-fc7-updates akahl +alex-2.1.0-5.fc7 dist-fc7-updates bos alex4-1.0-3.fc7 fe7-merge jkeating -alexandria-0.6.1-3.fc7 dist-fc7-updates mtasaka +alexandria-0.6.2-0.2.b2.fc7 dist-fc7-updates mtasaka alfont-2.0.6-2.fc7 fe7-merge jkeating alienblaster-1.1.0-1.fc7 dist-fc7-updates jwrdegoede alleggl-0.4.0-1.fc7 fe7-merge jkeating @@ -168,6 +176,7 @@ amarok-1.4.7-5.fc7 dist-fc7-updates abompard amarokFS-0.5-1.fc7 fe7-merge jkeating amavisd-new-2.5.1-1.fc7 dist-fc7-updates steve +amoebax-0.2.0-1.fc7 dist-fc7-updates jwrdegoede amqp-0.8-2rhm.1.fc7 fe7-merge jkeating amsn-0.96-7.fc7 fe7-merge jkeating amtterm-1.0-1.fc7 dist-fc7-updates kraxel @@ -220,7 +229,7 @@ arptables_jf-0.0.8-8 dist-fc6 jkeating arpwatch-2.1a15-3.fc7 dist-fc7 jkeating arrows-0.6-4.fc7 dist-fc7-updates jwrdegoede -arts-1.5.7-1.fc7 dist-fc7-updates than +arts-1.5.8-4.fc7 dist-fc7-updates rdieter artwiz-aleczapka-fonts-1.3-5.fc6 fe7-merge jkeating asa-1.2-3.fc6 fe7-merge jkeating asc-1.16.4.0-1.fc7 fe7-merge jkeating @@ -260,7 +269,7 @@ aspell-pl-6.0_20061121-1.fc7 dist-fc7 jkeating aspell-pt-0.50-12.fc7 dist-fc7 jkeating aspell-ru-0.99f7-3.fc7 dist-fc7 jkeating -aspell-sk-0.52-3.fc7 dist-fc7-updates ondrejj +aspell-sk-2.00-3.fc7 dist-fc7-updates ondrejj aspell-sl-0.50-2.fc7 dist-fc7 jkeating aspell-sr-0.02-3.fc7 dist-fc7 jkeating aspell-sv-0.51-2.fc7 dist-fc7 jkeating @@ -269,7 +278,8 @@ astromenace-1.2-3.fc7 dist-fc7-updates limb astromenace-data-1.2-1.fc7 dist-fc7-updates limb astyle-1.21-5.fc7 dist-fc7-updates addutko -asylum-0.2.2-2.fc7 dist-fc7-updates oddsocks +asunder-0.9-2.fc7 dist-fc7-updates szpak +asylum-0.2.3-2.fc7 dist-fc7-updates oddsocks asymptote-1.32-1.fc7 dist-fc7-updates jpo at-3.1.10-13.fc7 dist-fc7-updates mmaslano at-spi-1.18.1-1.fc7 dist-fc7 jkeating @@ -283,12 +293,12 @@ atmel-firmware-1.3-2 dist-fc7-updates kwizart atomix-2.14.0-2.fc6 fe7-merge jkeating atomorun-1.1-0.3.pre2.fc7 fe7-merge jkeating -attr-2.4.32-2.fc7 dist-fc7 jkeating +attr-2.4.32-3.fc7 dist-fc7-updates zprikryl audacious-1.3.2-1.fc7 fe7-merge jkeating audacious-docklet-0.1.1-2.fc7 fe7-merge jkeating audacious-plugin-fc-0.2-1 dist-fc7-updates mschwendt audacious-plugins-1.3.5-2.fc7 dist-fc7-updates ertzing -audacity-1.3.2-14.fc7 fe7-merge jkeating +audacity-1.3.2-14.fc7.1 dist-fc7-updates mschwendt audio-convert-mod-3.45.2-2.fc7 dist-fc7-updates firewing audio-entropyd-1.0.0-2.fc7 dist-fc7-updates spot audiofile-0.2.6-6.fc7 dist-fc7 jkeating @@ -301,7 +311,7 @@ autoconf-2.61-8.fc7 dist-fc7 jkeating autoconf213-2.13-17.fc7 dist-fc7 jkeating autodir-0.99.9-2.fc7 dist-fc7 thias -autodownloader-0.2.0-2.fc7 dist-fc7 jwrdegoede +autodownloader-0.2.0-4.fc7 dist-fc7-updates jwrdegoede autofs-5.0.1-27 dist-fc7-updates iankent autogen-5.8.9-1.fc7 fe7-merge jkeating automake-1.10-5 dist-fc7 jkeating @@ -322,11 +332,12 @@ avr-libc-1.4.6-4.fc7 dist-fc7-updates jwrdegoede [...2322 lines suppressed...] valgrind-3.2.3-5.fc7 dist-fc7-updates jakub @@ -4346,7 +4458,7 @@ vte-0.16.9-1.fc7 dist-fc7-updates behdad vtk-5.0.3-18.2.fc7 dist-fc7-updates athimm vtkdata-5.0.3-6.fc7 dist-fc7-updates athimm -vym-1.8.1-8.fc7 fe7-merge jkeating +vym-1.10.0-1.fc7 dist-fc7-updates limb w3c-libwww-5.4.1-0.4.20060206cvs.fc6 fe7-merge jkeating w3c-markup-validator-0.7.4-1.fc7 fe7-merge jkeating w3m-0.5.2-1.fc7 dist-fc7-updates pnemade @@ -4354,7 +4466,7 @@ wallpapoz-0.4.1-1.fc7 dist-fc7-updates mtasaka wammu-0.23-1.fc7 dist-fc7-updates laxathom warzone2100-2.0.7-3.fc7 dist-fc7-updates karlik -wavbreaker-0.8.1-3.fc7 dist-fc7-updates dmaley +wavbreaker-0.9-1.fc7 dist-fc7-updates dmaley wavpack-4.41-1.fc7 dist-fc7 peter wbxml2-0.9.2-8.fc7 fe7-merge jkeating wcstools-3.7.0-1.fc7 dist-fc7-updates sergiopr @@ -4364,7 +4476,7 @@ websec-1.9.0-4 fe7-merge jkeating weechat-0.2.6-1.fc7 dist-fc7-updates stingray werken-xpath-0.9.4-0.beta.12jpp.2 dist-fc7 jkeating -wesnoth-1.2.7-1.fc7 dist-fc7-updates bpepple +wesnoth-1.2.8-2.fc7 dist-fc7-updates bpepple wfmath-0.3.6-1.fc7 dist-fc7-updates wart wfut-1.1.0-3.fc7 fe7-merge jkeating wget-1.10.2-15.fc7 dist-fc7 jkeating @@ -4378,8 +4490,8 @@ wifiroamd-1.11-1.fc6 fe7-merge jkeating wildmidi-0.2.2-1.fc7 dist-fc7-updates jwrdegoede windowlab-1.34-4.fc7 fe7-merge jkeating -wine-0.9.48-1.fc7 dist-fc7-updates awjb -wine-docs-0.9.48-1.fc7 dist-fc7-updates awjb +wine-0.9.49-1.fc7 dist-fc7-updates awjb +wine-docs-0.9.49-1.fc7 dist-fc7-updates awjb wings-0.98.36-1.fc7 fe7-merge jkeating winpdb-1.2.2-1.fc7.1 dist-fc7-updates spot wireless-tools-28-4.fc7 dist-fc7 caillon @@ -4393,7 +4505,7 @@ wmix-3.1-1.fc6 fe7-merge jkeating wmweather+-2.9-4.fc6 fe7-merge jkeating wmx-6pl1-14.fc6 fe7-merge jkeating -wordpress-2.2.3-0.fc7 dist-fc7-updates adrian +wordpress-2.3.1-1.fc7 dist-fc7-updates adrian words-3.0-12.fc7 dist-fc7 jkeating wordtrans-1.1-0.2.pre13.fc7 dist-fc7 jkeating workrave-1.8.4-3.fc7 fe7-merge jkeating @@ -4401,9 +4513,10 @@ worminator-data-3.0R2.1-3.fc6 fe7-merge jkeating wormux-0.7.9-3.fc7 fe7-merge jkeating wp_tray-0.5.3-4.fc7 dist-fc7-updates denis -wpa_supplicant-0.5.7-3.fc7 dist-fc7-updates caillon -wqy-bitmap-fonts-0.8.1-6.fc7 dist-fc7-updates fangq +wpa_supplicant-0.5.7-4.fc7 dist-fc7-updates dcbw +wqy-bitmap-fonts-0.9.9-0.fc7 dist-fc7-updates fangq wqy-unibit-fonts-1.1.0-4.fc7 dist-fc7-updates fangq +wqy-zenhei-fonts-0.2.16-0.2.20071031cvs.fc7 dist-fc7-updates fangq ws-commons-util-1.0.1-1.fc7 fe7-merge jkeating ws-jaxme-0.5.1-2jpp.1.fc7 fe7-merge jkeating wsdl4j-1.5.2-4jpp.1 dist-fc6 jkeating @@ -4413,8 +4526,8 @@ wvdial-1.54.0-5.2.2.1 dist-fc6 jkeating wvs-data-0.0.20020219-3 fe7-merge jkeating wxGTK-2.8.4-3.fc7 dist-fc7-updates mattdm -wxGlade-0.5-6.fc7 dist-fc7-updates hellwolf -wxMaxima-0.7.2-2.fc7 dist-fc7-updates rdieter +wxGlade-0.6.1-1.fc7 dist-fc7-updates hellwolf +wxMaxima-0.7.2-4.fc7.1 dist-fc7-updates rdieter wxPython-2.8.4.0-1.fc7 dist-fc7-updates mattdm wxdfast-0.6.0-3.fc7 dist-fc7-updates drago01 wxsvg-1.0-0.3.b7_3.fc7 dist-fc7-updates thias @@ -4423,6 +4536,7 @@ x2vnc-1.7.2-6.fc7 fe7-merge jkeating x3270-3.3.4p7-5.fc6 fe7-merge jkeating x86info-1.20-1.26.fc6 dist-fc6 jkeating +xalan-c-1.10.0-2.fc7 dist-fc7-updates lkundrak xalan-j2-2.7.0-6jpp.1 dist-fc6 jkeating xaos-3.2.3-1.fc7 fe7-merge jkeating xapian-bindings-1.0.2-3.fc7 dist-fc7-updates drago01 @@ -4432,7 +4546,7 @@ xarchon-0.50-3.fc6 fe7-merge jkeating xawtv-3.95-4.fc7 dist-fc7-updates buc xbae-4.60.4-5.fc7 fe7-merge jkeating -xbase-2.0.0-6.fc6 fe7-merge jkeating +xbase-2.0.0-8.fc7 dist-fc7-updates spot xbindkeys-1.8.0-1.fc7 fe7-merge jkeating xbiso-0.6.1-1.fc7 dist-fc7-updates spot xblast-2.10.4-2.fc7 fe7-merge jkeating @@ -4441,7 +4555,7 @@ xbsql-0.11-8.fc6 fe7-merge jkeating xca-0.6.1-1.fc7 fe7-merge jkeating xcdroast-0.98a15-14.fc7 dist-fc7-updates harald -xchat-2.8.4-5.fc7 dist-fc7-updates kkofler +xchat-2.8.4-6.fc7 dist-fc7-updates kkofler xchat-gnome-0.18-3.fc7 dist-fc7-updates bpepple xchm-1.10-2.fc7 fe7-merge jkeating xcircuit-3.4.27-1.fc7 dist-fc7-updates chitlesh @@ -4459,7 +4573,7 @@ xemacs-21.5.28-3.fc7 dist-fc7-updates scop xemacs-packages-base-20061221-1.fc7 fe7-merge jkeating xemacs-packages-extra-20061221-1.fc7 fe7-merge jkeating -xen-3.1.0-6.fc7 dist-fc7-updates clalance +xen-3.1.0-8.fc7 dist-fc7-updates berrange xerces-c-2.7.0-6.fc7 fe7-merge jkeating xerces-j2-2.7.1-7jpp.2 dist-fc6 jkeating xeuphoric-0.18.2-7.fc7 dist-fc7-updates oddsocks @@ -4504,11 +4618,11 @@ xfce4-xmms-plugin-0.5.1-1.fc7 fe7-merge jkeating xfdesktop-4.4.1-1.fc7 fe7-merge jkeating xferstats-2.16-14.1 dist-fc6 jkeating -xfig-3.2.5-1.fc7 dist-fc7 jkeating +xfig-3.2.5-5.fc7 dist-fc7-updates jwrdegoede xforms-1.0.90-8.fc6 fe7-merge jkeating xfprint-4.4.1-1.fc7 fe7-merge jkeating xfsdump-2.2.45-2.fc7 dist-fc7-updates sandeen -xfsprogs-2.8.21-1.fc7 dist-fc7-updates sandeen +xfsprogs-2.9.4-3.fc7 dist-fc7-updates sandeen xfwm4-4.4.1-1.fc7 fe7-merge jkeating xfwm4-themes-4.4.1-1.fc7 fe7-merge jkeating xgalaxy-2.0.34-5.fc6 fe7-merge jkeating @@ -4553,7 +4667,7 @@ xmms-sid-0.8.0-0.3.beta15.fc6 fe7-merge jkeating xmms-skins-1.2.10-15 fe7-merge jkeating xmms-speex-0.9.1-9.fc7 fe7-merge jkeating -xmoto-0.3.3-2.fc7 dist-fc7-updates limb +xmoto-0.3.4-1.fc7 dist-fc7-updates limb xmoto-edit-0.2.4-8.fc7 dist-fc7-updates limb xom-1.0-3jpp.4.fc7 fe7-merge jkeating xorg-sgml-doctools-1.1.1-1.fc7 dist-fc7 jkeating @@ -4595,7 +4709,8 @@ xorg-x11-drv-mutouch-1.1.0-3.fc7 dist-fc7 jkeating xorg-x11-drv-neomagic-1.1.1-2.1 dist-fc6 jkeating xorg-x11-drv-nsc-2.8.1-3.fc7 dist-fc7 jkeating -xorg-x11-drv-nv-2.0.96-2.fc7 dist-fc7-updates ajax +xorg-x11-drv-nv-2.1.3-1.fc7 dist-fc7-updates ajax +xorg-x11-drv-openchrome-0.2.900-7.fc7 dist-fc7-updates xavierb xorg-x11-drv-palmax-1.1.0-2.fc7 dist-fc7 jkeating xorg-x11-drv-penmount-1.1.0-3.fc7 dist-fc7 jkeating xorg-x11-drv-rendition-4.1.3-3.fc7 dist-fc7 ajax @@ -4641,8 +4756,8 @@ xorg-x11-xtrans-devel-1.0.3-2.1.fc7 dist-fc7-updates ajax xosd-2.2.14-9.fc7 fe7-merge jkeating xournal-0.3.3-5.fc7 dist-fc7-updates rvinyard -xpa-2.1.7-0.3.b2.fc7 dist-fc7-updates sergiopr -xpdf-3.02-3.fc7 dist-fc7-updates spot +xpa-2.1.8-2.fc7 dist-fc7-updates sergiopr +xpdf-3.02-4.fc7 dist-fc7-updates spot xpilot-ng-4.7.2-12.fc7 fe7-merge jkeating xplanet-1.2.0-2.1.fc6 fe7-merge jkeating xpp2-2.1.10-6jpp.1.fc7 fe7-merge jkeating @@ -4652,12 +4767,12 @@ xsane-0.994-3.fc7 dist-fc7 jkeating xsc-1.5-2.fc7 dist-fc7-updates limb xscorch-0.2.0-10.fc7 dist-fc7-updates mgarski -xscreensaver-5.03-12.fc7 dist-fc7-updates mtasaka +xscreensaver-5.04-1.fc7 dist-fc7-updates mtasaka xsp-1.2.1-1.fc7 fe7-merge jkeating xsri-2.1.0-10.fc6 dist-fc6 jkeating -xsupplicant-1.2.8-1.fc7.1 fe7-merge jkeating +xsupplicant-1.2.8-4.fc7.4 dist-fc7-updates spot xterm-227-1.fc7 dist-fc7-updates mlichvar -xtide-2.9.4-1.fc7 dist-fc7-updates mtasaka +xtide-2.9.4-3.fc7 dist-fc7-updates mtasaka xu4-1.1-0.1.20070510.fc7 dist-fc7 jwrdegoede xvattr-1.3-11.fc6 fe7-merge jkeating xwnc-0.3.3-3.fc7 fe7-merge jkeating @@ -4666,26 +4781,26 @@ yaboot-1.3.13-4.fc7 dist-fc7 jkeating yadex-1.7.0-7.fc7 dist-fc7-updates wart yafc-1.1.1-8.fc7 dist-fc7-updates xris -yafray-0.0.9-2.fc7 dist-fc7-updates kwizart +yafray-0.0.9-5.fc7 dist-fc7-updates kwizart yakuake-2.7.5-4.fc7 fe7-merge jkeating yap-5.1.1-8.fc7 dist-fc7-updates gemi yasm-0.6.0-1.fc7 fe7-merge jkeating yaz-2.1.54-1.fc7 fe7-merge jkeating -yelp-2.18.1-6.fc7 dist-fc7-updates caillon +yelp-2.18.1-8.fc7 dist-fc7-updates caillon yp-tools-2.9-1 dist-fc7-updates steved ypbind-1.19-9.fc7 dist-fc7 jkeating ypserv-2.19-6.fc7 dist-fc7-updates steved ytalk-3.3.0-6.fc6 fe7-merge jkeating -yum-3.2.7-1.fc7 dist-fc7-updates skvidal +yum-3.2.7-2.fc7 dist-fc7-updates skvidal yum-arch-2.2.2-2.fc7 fe7-merge jkeating yum-cron-0.6-1.fc7 dist-fc7-updates habig yum-metadata-parser-1.1.0-2.fc7 dist-fc7 katzj yum-presto-0.3.10-1.fc7 dist-fc7-updates jdieter -yum-utils-1.1.7-1.fc7 dist-fc7-updates timlau -yumex-2.0.2-1.fc7 dist-fc7-updates timlau +yum-utils-1.1.8-1.fc7 dist-fc7-updates timlau +yumex-2.0.3-2.fc7 dist-fc7-updates timlau z88dk-1.6-10.fc6 fe7-merge jkeating zabbix-1.4.2-2.fc7 dist-fc7-updates sharkcz -zaptel-1.4.2.1-1.fc7 fe7-merge jkeating +zaptel-1.4.6-1.fc7 dist-fc7-updates jcollie zasx-1.30-3.fc6 fe7-merge jkeating zd1211-firmware-1.3-4.fc7 fe7-merge jkeating zenity-2.18.2-1.fc7 dist-fc7-updates mclasen From fedora-security-commits at redhat.com Tue Dec 4 08:51:22 2007 From: fedora-security-commits at redhat.com (fedora-security-commits at redhat.com) Date: Tue, 4 Dec 2007 03:51:22 -0500 Subject: [Fedora-security-commits] fedora-security/audit f8, 1.30, 1.31 f9, 1.26, 1.27 fc6, 1.301, 1.302 fc7, 1.187, 1.188 Message-ID: <200712040851.lB48pMdq008865@cvs-int.fedora.redhat.com> Author: lkundrak Update of /cvs/fedora/fedora-security/audit In directory cvs-int.fedora.redhat.com:/tmp/cvs-serv8841 Modified Files: f8 f9 fc6 fc7 Log Message: httpd, zsh notabugs kernel core dump and xen Index: f8 =================================================================== RCS file: /cvs/fedora/fedora-security/audit/f8,v retrieving revision 1.30 retrieving revision 1.31 diff -u -r1.30 -r1.31 --- f8 3 Dec 2007 12:49:16 -0000 1.30 +++ f8 4 Dec 2007 08:51:19 -0000 1.31 @@ -7,6 +7,11 @@ # Up to date CVE as of CVE email 20071030 # Up to date F8 as of 20071029 +CVE-2007-6209 ignore (zsh) #409871 We don't ship the script +CVE-2007-6207 VULNERABLE (kernel) Xen cross-domain memory read +CVE-2007-6206 VULNERABLE (kernel) Core dump owner issue +CVE-2007-6203 ignore (httpd) #409831 User can't unput garbage before method name +CVE-2007-5938 VULNERABLE (kernel) #385861 iwlwifi CVE-2007-6201 VULNERABLE (wesnoth, fixed 1.2.8) CVE-2007-6183 VULNERABLE (ruby-gnome2) #405601 CVE-2007-6110 backport (htdig) [since FEDORA-2007-3958] Index: f9 =================================================================== RCS file: /cvs/fedora/fedora-security/audit/f9,v retrieving revision 1.26 retrieving revision 1.27 diff -u -r1.26 -r1.27 --- f9 3 Dec 2007 12:49:16 -0000 1.26 +++ f9 4 Dec 2007 08:51:19 -0000 1.27 @@ -7,6 +7,11 @@ # Up to date CVE as of CVE email 20071030 # Up to date F9 as of 20071029 +CVE-2007-6209 ignore (zsh) #409871 We don't ship the script +CVE-2007-6207 VULNERABLE (kernel) Xen cross-domain memory read +CVE-2007-6206 VULNERABLE (kernel) Core dump owner issue +CVE-2007-6203 ignore (httpd) #409831 User can't unput garbage before method name +CVE-2007-5938 VULNERABLE (kernel) #385861 iwlwifi CVE-2007-6201 version (wesnoth, fixed 1.2.8) [since wesnoth-1.2.8-3.fc9] CVE-2007-6183 VULNERABLE (ruby-gnome2) #405611 CVE-2007-6110 version (htdig) [since htdig-3.2.0b6-13.fc9] Index: fc6 =================================================================== RCS file: /cvs/fedora/fedora-security/audit/fc6,v retrieving revision 1.301 retrieving revision 1.302 diff -u -r1.301 -r1.302 --- fc6 26 Nov 2007 18:15:22 -0000 1.301 +++ fc6 4 Dec 2007 08:51:19 -0000 1.302 @@ -7,6 +7,11 @@ # Up to date CVE as of CVE email 20071030 # Up to date FC6 as of 20071029 + +CVE-2007-6209 ignore (zsh) #409871 We don't ship the script +CVE-2007-6207 VULNERABLE (kernel) Xen cross-domain memory read +CVE-2007-6206 VULNERABLE (kernel) Core dump owner issue +CVE-2007-6203 ignore (httpd) #409831 User can't unput garbage before method name CVE-2007-5938 VULNERABLE (kernel) #385861 iwlwifi CVE-2007-5937 backport (tetex) #379841 [since FEDORA-2007-750] Multiple dviljk buffer overflows CVE-2007-5936 backport (tetex) #379841 [since FEDORA-2007-750] dviljk uses insecure temporary file Index: fc7 =================================================================== RCS file: /cvs/fedora/fedora-security/audit/fc7,v retrieving revision 1.187 retrieving revision 1.188 diff -u -r1.187 -r1.188 --- fc7 3 Dec 2007 12:49:16 -0000 1.187 +++ fc7 4 Dec 2007 08:51:19 -0000 1.188 @@ -8,6 +8,11 @@ # Up to date CVE as of CVE email 20071030 # Up to date FC7 as of 20071029 +CVE-2007-6209 ignore (zsh) #409871 We don't ship the script +CVE-2007-6207 VULNERABLE (kernel) Xen cross-domain memory read +CVE-2007-6206 VULNERABLE (kernel) Core dump owner issue +CVE-2007-6203 ignore (httpd) #409831 User can't unput garbage before method name +CVE-2007-5938 VULNERABLE (kernel) #385861 iwlwifi CVE-2007-6201 VULNERABLE (wesnoth, fixed 1.2.8) CVE-2007-6183 VULNERABLE (ruby-gnome2) #405591 CVE-2007-6110 backport (htdig) [since FEDORA-2007-3907] From fedora-security-commits at redhat.com Tue Dec 4 08:52:05 2007 From: fedora-security-commits at redhat.com (fedora-security-commits at redhat.com) Date: Tue, 4 Dec 2007 03:52:05 -0500 Subject: [Fedora-security-commits] fedora-security/audit f8, 1.31, 1.32 f9, 1.27, 1.28 fc6, 1.302, 1.303 fc7, 1.188, 1.189 Message-ID: <200712040852.lB48q5WN008904@cvs-int.fedora.redhat.com> Author: lkundrak Update of /cvs/fedora/fedora-security/audit In directory cvs-int.fedora.redhat.com:/tmp/cvs-serv8880 Modified Files: f8 f9 fc6 fc7 Log Message: claws Index: f8 =================================================================== RCS file: /cvs/fedora/fedora-security/audit/f8,v retrieving revision 1.31 retrieving revision 1.32 diff -u -r1.31 -r1.32 --- f8 4 Dec 2007 08:51:19 -0000 1.31 +++ f8 4 Dec 2007 08:52:03 -0000 1.32 @@ -8,6 +8,7 @@ # Up to date F8 as of 20071029 CVE-2007-6209 ignore (zsh) #409871 We don't ship the script +CVE-2007-6208 ignore (claws) We don't ship the script CVE-2007-6207 VULNERABLE (kernel) Xen cross-domain memory read CVE-2007-6206 VULNERABLE (kernel) Core dump owner issue CVE-2007-6203 ignore (httpd) #409831 User can't unput garbage before method name Index: f9 =================================================================== RCS file: /cvs/fedora/fedora-security/audit/f9,v retrieving revision 1.27 retrieving revision 1.28 diff -u -r1.27 -r1.28 --- f9 4 Dec 2007 08:51:19 -0000 1.27 +++ f9 4 Dec 2007 08:52:03 -0000 1.28 @@ -8,6 +8,7 @@ # Up to date F9 as of 20071029 CVE-2007-6209 ignore (zsh) #409871 We don't ship the script +CVE-2007-6208 ignore (claws) We don't ship the script CVE-2007-6207 VULNERABLE (kernel) Xen cross-domain memory read CVE-2007-6206 VULNERABLE (kernel) Core dump owner issue CVE-2007-6203 ignore (httpd) #409831 User can't unput garbage before method name Index: fc6 =================================================================== RCS file: /cvs/fedora/fedora-security/audit/fc6,v retrieving revision 1.302 retrieving revision 1.303 diff -u -r1.302 -r1.303 --- fc6 4 Dec 2007 08:51:19 -0000 1.302 +++ fc6 4 Dec 2007 08:52:03 -0000 1.303 @@ -7,8 +7,8 @@ # Up to date CVE as of CVE email 20071030 # Up to date FC6 as of 20071029 - CVE-2007-6209 ignore (zsh) #409871 We don't ship the script +CVE-2007-6208 ignore (claws) We don't ship the script CVE-2007-6207 VULNERABLE (kernel) Xen cross-domain memory read CVE-2007-6206 VULNERABLE (kernel) Core dump owner issue CVE-2007-6203 ignore (httpd) #409831 User can't unput garbage before method name Index: fc7 =================================================================== RCS file: /cvs/fedora/fedora-security/audit/fc7,v retrieving revision 1.188 retrieving revision 1.189 diff -u -r1.188 -r1.189 --- fc7 4 Dec 2007 08:51:19 -0000 1.188 +++ fc7 4 Dec 2007 08:52:03 -0000 1.189 @@ -9,6 +9,7 @@ # Up to date FC7 as of 20071029 CVE-2007-6209 ignore (zsh) #409871 We don't ship the script +CVE-2007-6208 ignore (claws) We don't ship the script CVE-2007-6207 VULNERABLE (kernel) Xen cross-domain memory read CVE-2007-6206 VULNERABLE (kernel) Core dump owner issue CVE-2007-6203 ignore (httpd) #409831 User can't unput garbage before method name From fedora-security-commits at redhat.com Tue Dec 4 09:09:12 2007 From: fedora-security-commits at redhat.com (fedora-security-commits at redhat.com) Date: Tue, 4 Dec 2007 04:09:12 -0500 Subject: [Fedora-security-commits] fedora-security/audit f8, 1.32, 1.33 f9, 1.28, 1.29 fc6, 1.303, 1.304 fc7, 1.189, 1.190 Message-ID: <200712040909.lB499C7q017605@cvs-int.fedora.redhat.com> Author: lkundrak Update of /cvs/fedora/fedora-security/audit In directory cvs-int.fedora.redhat.com:/tmp/cvs-serv17581 Modified Files: f8 f9 fc6 fc7 Log Message: zabbix no claws in FC6 Index: f8 =================================================================== RCS file: /cvs/fedora/fedora-security/audit/f8,v retrieving revision 1.32 retrieving revision 1.33 diff -u -r1.32 -r1.33 --- f8 4 Dec 2007 08:52:03 -0000 1.32 +++ f8 4 Dec 2007 09:09:10 -0000 1.33 @@ -7,6 +7,7 @@ # Up to date CVE as of CVE email 20071030 # Up to date F8 as of 20071029 +CVE-2007-6210 VULNERABLE (zabbix) #407181 [since zabbix-1.4.2-4.fc8] CVE-2007-6209 ignore (zsh) #409871 We don't ship the script CVE-2007-6208 ignore (claws) We don't ship the script CVE-2007-6207 VULNERABLE (kernel) Xen cross-domain memory read Index: f9 =================================================================== RCS file: /cvs/fedora/fedora-security/audit/f9,v retrieving revision 1.28 retrieving revision 1.29 diff -u -r1.28 -r1.29 --- f9 4 Dec 2007 08:52:03 -0000 1.28 +++ f9 4 Dec 2007 09:09:10 -0000 1.29 @@ -7,6 +7,7 @@ # Up to date CVE as of CVE email 20071030 # Up to date F9 as of 20071029 +CVE-2007-6210 backport (zabbix) #407181 [since zabbix-1.4.2-4.fc9] CVE-2007-6209 ignore (zsh) #409871 We don't ship the script CVE-2007-6208 ignore (claws) We don't ship the script CVE-2007-6207 VULNERABLE (kernel) Xen cross-domain memory read Index: fc6 =================================================================== RCS file: /cvs/fedora/fedora-security/audit/fc6,v retrieving revision 1.303 retrieving revision 1.304 diff -u -r1.303 -r1.304 --- fc6 4 Dec 2007 08:52:03 -0000 1.303 +++ fc6 4 Dec 2007 09:09:10 -0000 1.304 @@ -8,7 +8,6 @@ # Up to date FC6 as of 20071029 CVE-2007-6209 ignore (zsh) #409871 We don't ship the script -CVE-2007-6208 ignore (claws) We don't ship the script CVE-2007-6207 VULNERABLE (kernel) Xen cross-domain memory read CVE-2007-6206 VULNERABLE (kernel) Core dump owner issue CVE-2007-6203 ignore (httpd) #409831 User can't unput garbage before method name Index: fc7 =================================================================== RCS file: /cvs/fedora/fedora-security/audit/fc7,v retrieving revision 1.189 retrieving revision 1.190 diff -u -r1.189 -r1.190 --- fc7 4 Dec 2007 08:52:03 -0000 1.189 +++ fc7 4 Dec 2007 09:09:10 -0000 1.190 @@ -8,6 +8,7 @@ # Up to date CVE as of CVE email 20071030 # Up to date FC7 as of 20071029 +CVE-2007-6210 VULNERABLE (zabbix) #407181 [since zabbix-1.4.2-3.fc7] CVE-2007-6209 ignore (zsh) #409871 We don't ship the script CVE-2007-6208 ignore (claws) We don't ship the script CVE-2007-6207 VULNERABLE (kernel) Xen cross-domain memory read From fedora-security-commits at redhat.com Wed Dec 5 16:59:09 2007 From: fedora-security-commits at redhat.com (fedora-security-commits at redhat.com) Date: Wed, 5 Dec 2007 11:59:09 -0500 Subject: [Fedora-security-commits] fedora-security/tools add-tracking-bugs, 1.3, 1.4 Message-ID: <200712051659.lB5Gx9wF028098@cvs-int.fedora.redhat.com> Author: thoger Update of /cvs/fedora/fedora-security/tools In directory cvs-int.fedora.redhat.com:/tmp/cvs-serv27800/tools Modified Files: add-tracking-bugs Log Message: bugzilla product versions were changed Index: add-tracking-bugs =================================================================== RCS file: /cvs/fedora/fedora-security/tools/add-tracking-bugs,v retrieving revision 1.3 retrieving revision 1.4 diff -u -r1.3 -r1.4 --- add-tracking-bugs 9 Nov 2007 09:32:57 -0000 1.3 +++ add-tracking-bugs 5 Dec 2007 16:59:07 -0000 1.4 @@ -56,15 +56,15 @@ # Valid versions my %versions = ( - 'f6', => 'fc6', - 'fc6', => 'fc6', - 'f7', => 'f7', - 'fc7', => 'f7', - 'f8', => 'f8', - 'fc8', => 'f8', - 'f9', => 'devel', - 'fc9', => 'devel', - 'devel', => 'devel', + 'f6', => '6', + 'fc6', => '6', + 'f7', => '7', + 'fc7', => '7', + 'f8', => '8', + 'fc8', => '8', + 'f9', => 'rawhide', + 'fc9', => 'rawhide', + 'devel', => 'rawhide', ); # RPC @@ -223,7 +223,11 @@ my @tracking_bugs; foreach my $version (@versions) { my %bug = %bug_tmpl; - $bug{'short_desc'} .= " [$versions{$version}]"; + if ($versions{$version} ne 'rawhide') { + $bug{'short_desc'} .= " [f$versions{$version}]"; + } else { + $bug{'short_desc'} .= " [$versions{$version}]"; + } $bug{'version'} = $versions{$version}; print Dumper (\%bug) if $debug; From fedora-security-commits at redhat.com Wed Dec 5 17:01:33 2007 From: fedora-security-commits at redhat.com (fedora-security-commits at redhat.com) Date: Wed, 5 Dec 2007 12:01:33 -0500 Subject: [Fedora-security-commits] fedora-security/audit f8, 1.33, 1.34 f9, 1.29, 1.30 fc7, 1.190, 1.191 Message-ID: <200712051701.lB5H1XN4003798@cvs-int.fedora.redhat.com> Author: thoger Update of /cvs/fedora/fedora-security/audit In directory cvs-int.fedora.redhat.com:/tmp/cvs-serv3776/audit Modified Files: f8 f9 fc7 Log Message: squid possible dos Index: f8 =================================================================== RCS file: /cvs/fedora/fedora-security/audit/f8,v retrieving revision 1.33 retrieving revision 1.34 diff -u -r1.33 -r1.34 --- f8 4 Dec 2007 09:09:10 -0000 1.33 +++ f8 5 Dec 2007 17:01:31 -0000 1.34 @@ -7,6 +7,7 @@ # Up to date CVE as of CVE email 20071030 # Up to date F8 as of 20071029 +CVE-2007-6239 VULNERABLE (squid, fixed 2.6.17) #412391 CVE-2007-6210 VULNERABLE (zabbix) #407181 [since zabbix-1.4.2-4.fc8] CVE-2007-6209 ignore (zsh) #409871 We don't ship the script CVE-2007-6208 ignore (claws) We don't ship the script Index: f9 =================================================================== RCS file: /cvs/fedora/fedora-security/audit/f9,v retrieving revision 1.29 retrieving revision 1.30 diff -u -r1.29 -r1.30 --- f9 4 Dec 2007 09:09:10 -0000 1.29 +++ f9 5 Dec 2007 17:01:31 -0000 1.30 @@ -7,6 +7,7 @@ # Up to date CVE as of CVE email 20071030 # Up to date F9 as of 20071029 +CVE-2007-6239 version (squid, fixed 2.6.17) [since squid-2.6.STABLE17-1.fc9] CVE-2007-6210 backport (zabbix) #407181 [since zabbix-1.4.2-4.fc9] CVE-2007-6209 ignore (zsh) #409871 We don't ship the script CVE-2007-6208 ignore (claws) We don't ship the script Index: fc7 =================================================================== RCS file: /cvs/fedora/fedora-security/audit/fc7,v retrieving revision 1.190 retrieving revision 1.191 diff -u -r1.190 -r1.191 --- fc7 4 Dec 2007 09:09:10 -0000 1.190 +++ fc7 5 Dec 2007 17:01:31 -0000 1.191 @@ -8,6 +8,7 @@ # Up to date CVE as of CVE email 20071030 # Up to date FC7 as of 20071029 +CVE-2007-6239 VULNERABLE (squid, fixed 2.6.17) #412381 CVE-2007-6210 VULNERABLE (zabbix) #407181 [since zabbix-1.4.2-3.fc7] CVE-2007-6209 ignore (zsh) #409871 We don't ship the script CVE-2007-6208 ignore (claws) We don't ship the script From fedora-security-commits at redhat.com Wed Dec 5 20:37:30 2007 From: fedora-security-commits at redhat.com (fedora-security-commits at redhat.com) Date: Wed, 5 Dec 2007 15:37:30 -0500 Subject: [Fedora-security-commits] fedora-security/audit f8, 1.34, 1.35 fc7, 1.191, 1.192 Message-ID: <200712052037.lB5KbUiX014263@cvs-int.fedora.redhat.com> Author: lkundrak Update of /cvs/fedora/fedora-security/audit In directory cvs-int.fedora.redhat.com:/tmp/cvs-serv14243 Modified Files: f8 fc7 Log Message: XFCE, rawhide seems fixed Index: f8 =================================================================== RCS file: /cvs/fedora/fedora-security/audit/f8,v retrieving revision 1.34 retrieving revision 1.35 diff -u -r1.34 -r1.35 --- f8 5 Dec 2007 17:01:31 -0000 1.34 +++ f8 5 Dec 2007 20:37:28 -0000 1.35 @@ -7,6 +7,9 @@ # Up to date CVE as of CVE email 20071030 # Up to date F8 as of 20071029 +GENERIC-MAP-NOMATCH VULNERABLE (libxfcegui4) #412761 +GENERIC-MAP-NOMATCH VULNERABLE (libxfce4util) #412761 +GENERIC-MAP-NOMATCH VULNERABLE (xfce-panel) #412761 CVE-2007-6239 VULNERABLE (squid, fixed 2.6.17) #412391 CVE-2007-6210 VULNERABLE (zabbix) #407181 [since zabbix-1.4.2-4.fc8] CVE-2007-6209 ignore (zsh) #409871 We don't ship the script Index: fc7 =================================================================== RCS file: /cvs/fedora/fedora-security/audit/fc7,v retrieving revision 1.191 retrieving revision 1.192 diff -u -r1.191 -r1.192 --- fc7 5 Dec 2007 17:01:31 -0000 1.191 +++ fc7 5 Dec 2007 20:37:28 -0000 1.192 @@ -8,6 +8,9 @@ # Up to date CVE as of CVE email 20071030 # Up to date FC7 as of 20071029 +GENERIC-MAP-NOMATCH VULNERABLE (libxfcegui4) #412751 +GENERIC-MAP-NOMATCH VULNERABLE (libxfce4util) #412751 +GENERIC-MAP-NOMATCH VULNERABLE (xfce-panel) #412751 CVE-2007-6239 VULNERABLE (squid, fixed 2.6.17) #412381 CVE-2007-6210 VULNERABLE (zabbix) #407181 [since zabbix-1.4.2-3.fc7] CVE-2007-6209 ignore (zsh) #409871 We don't ship the script From fedora-security-commits at redhat.com Thu Dec 6 16:16:20 2007 From: fedora-security-commits at redhat.com (fedora-security-commits at redhat.com) Date: Thu, 6 Dec 2007 11:16:20 -0500 Subject: [Fedora-security-commits] fedora-security/tools add-tracking-bugs, 1.2.2.2, 1.2.2.3 Message-ID: <200712061616.lB6GGKDv031950@cvs-int.fedora.redhat.com> Author: lkundrak Update of /cvs/fedora/fedora-security/tools In directory cvs-int.fedora.redhat.com:/tmp/cvs-serv31921/tools Modified Files: Tag: lkundrak-tools-ng add-tracking-bugs Log Message: new bugzilla versioning Index: add-tracking-bugs =================================================================== RCS file: /cvs/fedora/fedora-security/tools/add-tracking-bugs,v retrieving revision 1.2.2.2 retrieving revision 1.2.2.3 diff -u -r1.2.2.2 -r1.2.2.3 --- add-tracking-bugs 19 Nov 2007 09:10:37 -0000 1.2.2.2 +++ add-tracking-bugs 6 Dec 2007 16:16:18 -0000 1.2.2.3 @@ -59,15 +59,19 @@ # Valid versions my %versions = ( - 'f6', => 'fc6', - 'fc6', => 'fc6', - 'f7', => 'f7', - 'fc7', => 'f7', - 'f8', => 'f8', - 'fc8', => 'f8', - 'f9', => 'devel', - 'fc9', => 'devel', - 'devel', => 'devel', + '6', => '6', + 'f6', => '6', + 'fc6', => '6', + '7', => '7', + 'f7', => '7', + 'fc7', => '7', + '8', => '8', + 'f8', => '8', + 'fc8', => '8', + '9', => 'rawhide', + 'f9', => 'rawhide', + 'fc9', => 'rawhide', + 'devel', => 'rawhide', ); # RPC From fedora-security-commits at redhat.com Fri Dec 7 14:53:20 2007 From: fedora-security-commits at redhat.com (fedora-security-commits at redhat.com) Date: Fri, 7 Dec 2007 09:53:20 -0500 Subject: [Fedora-security-commits] fedora-security/audit fc6,1.304,1.305 Message-ID: <200712071453.lB7ErKrv012047@cvs-int.fedora.redhat.com> Author: lkundrak Update of /cvs/fedora/fedora-security/audit In directory cvs-int.fedora.redhat.com:/tmp/cvs-serv12004/audit Modified Files: fc6 Log Message: Goodbye Fedora Core! I've been pleased to meet you! Index: fc6 =================================================================== RCS file: /cvs/fedora/fedora-security/audit/fc6,v retrieving revision 1.304 retrieving revision 1.305 diff -u -r1.304 -r1.305 --- fc6 4 Dec 2007 09:09:10 -0000 1.304 +++ fc6 7 Dec 2007 14:53:17 -0000 1.305 @@ -7,6 +7,10 @@ # Up to date CVE as of CVE email 20071030 # Up to date FC6 as of 20071029 +# This list is no longer maintained by the Red Hat security +# response team as of 29th June 2007 (two months after the +# release date of Fedora 8) + CVE-2007-6209 ignore (zsh) #409871 We don't ship the script CVE-2007-6207 VULNERABLE (kernel) Xen cross-domain memory read CVE-2007-6206 VULNERABLE (kernel) Core dump owner issue From fedora-security-commits at redhat.com Fri Dec 7 14:53:20 2007 From: fedora-security-commits at redhat.com (fedora-security-commits at redhat.com) Date: Fri, 7 Dec 2007 09:53:20 -0500 Subject: [Fedora-security-commits] fedora-security/manifest dist-fc6-updates, 1.3, NONE Message-ID: <200712071453.lB7ErKro012052@cvs-int.fedora.redhat.com> Author: lkundrak Update of /cvs/fedora/fedora-security/manifest In directory cvs-int.fedora.redhat.com:/tmp/cvs-serv12004/manifest Removed Files: dist-fc6-updates Log Message: Goodbye Fedora Core! I've been pleased to meet you! --- dist-fc6-updates DELETED --- From fedora-security-commits at redhat.com Fri Dec 7 14:53:20 2007 From: fedora-security-commits at redhat.com (fedora-security-commits at redhat.com) Date: Fri, 7 Dec 2007 09:53:20 -0500 Subject: [Fedora-security-commits] fedora-security/tools generate-manifest, 1.4, 1.4.2.1 Message-ID: <200712071453.lB7ErKDG012058@cvs-int.fedora.redhat.com> Author: lkundrak Update of /cvs/fedora/fedora-security/tools In directory cvs-int.fedora.redhat.com:/tmp/cvs-serv12004/tools Modified Files: Tag: lkundrak-tools-ng generate-manifest Log Message: Goodbye Fedora Core! I've been pleased to meet you! Index: generate-manifest =================================================================== RCS file: /cvs/fedora/fedora-security/tools/generate-manifest,v retrieving revision 1.4 retrieving revision 1.4.2.1 diff -u -r1.4 -r1.4.2.1 --- generate-manifest 6 Nov 2007 15:39:24 -0000 1.4 +++ generate-manifest 7 Dec 2007 14:53:18 -0000 1.4.2.1 @@ -12,7 +12,6 @@ if [ -z "$@" ] then export TAGS=" - dist-fc6-updates dist-fc7-updates dist-f8-updates dist-f9-build From fedora-security-commits at redhat.com Mon Dec 10 14:31:36 2007 From: fedora-security-commits at redhat.com (fedora-security-commits at redhat.com) Date: Mon, 10 Dec 2007 09:31:36 -0500 Subject: [Fedora-security-commits] fedora-security/audit f8, 1.35, 1.36 f9, 1.30, 1.31 fc7, 1.192, 1.193 Message-ID: <200712101431.lBAEVaHs022254@cvs-int.fedora.redhat.com> Author: thoger Update of /cvs/fedora/fedora-security/audit In directory cvs-int.fedora.redhat.com:/tmp/cvs-serv22232/audit Modified Files: f8 f9 fc7 Log Message: fedora update Index: f8 =================================================================== RCS file: /cvs/fedora/fedora-security/audit/f8,v retrieving revision 1.35 retrieving revision 1.36 diff -u -r1.35 -r1.36 --- f8 5 Dec 2007 20:37:28 -0000 1.35 +++ f8 10 Dec 2007 14:31:34 -0000 1.36 @@ -7,19 +7,20 @@ # Up to date CVE as of CVE email 20071030 # Up to date F8 as of 20071029 +GENERIC-MAP-NOMATCH version (drupal, fixed 5.4) [since FEDORA-2007-4163] SA-2007-031 GENERIC-MAP-NOMATCH VULNERABLE (libxfcegui4) #412761 GENERIC-MAP-NOMATCH VULNERABLE (libxfce4util) #412761 GENERIC-MAP-NOMATCH VULNERABLE (xfce-panel) #412761 CVE-2007-6239 VULNERABLE (squid, fixed 2.6.17) #412391 -CVE-2007-6210 VULNERABLE (zabbix) #407181 [since zabbix-1.4.2-4.fc8] +CVE-2007-6210 backport (zabbix) #407181 [since FEDORA-2007-4176] CVE-2007-6209 ignore (zsh) #409871 We don't ship the script CVE-2007-6208 ignore (claws) We don't ship the script CVE-2007-6207 VULNERABLE (kernel) Xen cross-domain memory read CVE-2007-6206 VULNERABLE (kernel) Core dump owner issue CVE-2007-6203 ignore (httpd) #409831 User can't unput garbage before method name CVE-2007-5938 VULNERABLE (kernel) #385861 iwlwifi -CVE-2007-6201 VULNERABLE (wesnoth, fixed 1.2.8) -CVE-2007-6183 VULNERABLE (ruby-gnome2) #405601 +CVE-2007-6201 version (wesnoth, fixed 1.2.8) [since FEDORA-2007-3989] +CVE-2007-6183 backport (ruby-gnome2) #405601 [since FEDORA-2007-4216] CVE-2007-6110 backport (htdig) [since FEDORA-2007-3958] CVE-2007-6100 version (phpMyAdmin, fixed 2.11.2.2) [since FEDORA-2007-3639] CVE-2007-6061 VULNERABLE (audacity) #393251 @@ -43,26 +44,28 @@ CVE-2007-5770 backport (ruby) #373391 [since FEDORA-2007-2812] GENERIC-MAP-NOMATCH VULNERABLE (nx) #293031 CVE-2007-5751 backport (liferea, fixed 1.4.6) #360641 [since FEDORA-2007-2853] -CVE-2007-5742 VULNERABLE (wesnoth, fixed 1.2.8) +CVE-2007-5742 version (wesnoth, fixed 1.2.8) [since FEDORA-2007-3989] CVE-2007-5712 version (Django, fixed 0.96.1) #362771 [since FEDORA-2007-2788] CVE-2007-5708 version (openldap, fixed 2.3.39) #362991 [since FEDORA-2007-2796] CVE-2007-5707 version (openldap, fixed 2.3.39) #362991 [since FEDORA-2007-2796] CVE-2007-5690 version (zaptel) [since FEDORA-2007-2860] not really an issue -CVE-2007-5624 VULNERABLE (nagios, fixed 2.10) #362801 +CVE-2007-5624 version (nagios, fixed 2.10) #362801 [since FEDORA-2007-4145] CVE-2007-5623 backport (nagios-plugins, not fixed 1.4.10) #348731 [since FEDORA-2007-2876] nagios-plugins-1.4.8-9.fc8 CVE-2007-5589 version (phpMyAdmin, fixed 2.11.1.2) #333661 PMASA-2007-6 [since FEDORA-2007-3636] +CVE-2007-5501 version (kernel) [since FEDORA-2007-3837] +CVE-2007-5500 version (kernel) [since FEDORA-2007-3837] CVE-2007-5461 version (tomcat5) #363001 [since FEDORA-2007-3474] CVE-2007-5398 version (samba) [since FEDORA-2007-3403] CVE-2007-5395 version (link-grammar) #372351 [since FEDORA-2007-3235] CVE-2007-5393 backport (xpdf) #372471 [since FEDORA-2007-3014] CVE-2007-5393 backport (cups) [since FEDORA-2007-2982] -CVE-2007-5393 VULNERABLE (poppler) #372511 +CVE-2007-5393 version (poppler, fixed 0.6.2) #372511 [since FEDORA-2007-4031] CVE-2007-5393 backport (kdegraphics) #372571 [since FEDORA-2007-3001] CVE-2007-5393 backport (koffice) #372601 [since FEDORA-2007-3093] CVE-2007-5393 backport (tetex) #372661 [since FEDORA-2007-3308] CVE-2007-5392 backport (xpdf) #372471 [since FEDORA-2007-3014] CVE-2007-5392 backport (cups) [since FEDORA-2007-2982] -CVE-2007-5392 VULNERABLE (poppler) #372511 +CVE-2007-5392 version (poppler, fixed 0.6.2) #372511 [since FEDORA-2007-4031] CVE-2007-5392 backport (kdegraphics) #372571 [since FEDORA-2007-3001] CVE-2007-5392 backport (koffice) #372601 [since FEDORA-2007-3093] CVE-2007-5392 backport (tetex) #372661 [since FEDORA-2007-3308] @@ -83,6 +86,7 @@ CVE-2007-4829 VULNERABLE (perl-Archive-Tar, not fixed upstream) #364281 CVE-2007-4752 version (openssh, fixed 4.7) #280461 CVE-2007-4619 version (flac, fixed 1.2) #332581 +CVE-2007-4575 backport (openoffice.org, fixed 2.3.1) [since FEDORA-2007-4172] CVE-2007-4572 version (samba) [since FEDORA-2007-3403] CVE-2007-4568 version (xorg-x11-xfs, fixed 1.0.5) CVE-2007-4559 VULNERABLE (python, not fixed upstream) #315291 Upstream WONTFIX. See where we use the code. @@ -92,7 +96,7 @@ CVE-2007-4351 version (cups) #362971 [since FEDORA-2007-2982] CVE-2007-4352 backport (xpdf) #372471 [since FEDORA-2007-3014] CVE-2007-4352 backport (cups) [since FEDORA-2007-2982] -CVE-2007-4352 VULNERABLE (poppler) #372511 +CVE-2007-4352 version (poppler, fixed 0.6.2) #372511 [since FEDORA-2007-4031] CVE-2007-4352 backport (kdegraphics) #372571 [since FEDORA-2007-3001] CVE-2007-4352 backport (koffice) #372601 [since FEDORA-2007-3093] CVE-2007-4352 backport (tetex) #372661 [since FEDORA-2007-3308] Index: f9 =================================================================== RCS file: /cvs/fedora/fedora-security/audit/f9,v retrieving revision 1.30 retrieving revision 1.31 diff -u -r1.30 -r1.31 --- f9 5 Dec 2007 17:01:31 -0000 1.30 +++ f9 10 Dec 2007 14:31:34 -0000 1.31 @@ -43,20 +43,20 @@ CVE-2007-5712 version (Django, fixed 0.96.1) #362781 [since Django-0.96.1-1.fc9] CVE-2007-5708 version (openldap, fixed 2.3.39) #360091 [since openldap-2.3.39-1.fc9] CVE-2007-5707 version (openldap, fixed 2.3.39) #360091 [since openldap-2.3.39-1.fc9] -CVE-2007-5624 VULNERABLE (nagios, fixed 2.10) #362811 +CVE-2007-5624 version (nagios, fixed 2.10) #362811 [since nagios-2.10-3.fc9] CVE-2007-5623 backport (nagios-plugins, not fixed 1.4.10) #348731 CVE-2007-5589 version (phpMyAdmin, fixed 2.11.1.2) #333661 PMASA-2007-6 CVE-2007-5461 VULNERABLE (tomcat5, not fixed 5.5.25) #334531 CVE-2007-5395 version (link-grammar) #372361 [since link-grammar-4.2.5-1.fc9] CVE-2007-5393 backport (xpdf) #372481 [since xpdf-3.02-4.fc9] CVE-2007-5393 backport (cups) -CVE-2007-5393 VULNERABLE (poppler) #372521 +CVE-2007-5393 version (poppler, fixed 0.6.2) #372521 [since poppler-0.6.2-1.fc9] CVE-2007-5393 VULNERABLE (kdegraphics) #372581 CVE-2007-5393 VULNERABLE (koffice) #372611 CVE-2007-5393 version (tetex) #372671 [since tetex-3.0-48.fc9] CVE-2007-5392 backport (xpdf) #372481 [since xpdf-3.02-4.fc9] CVE-2007-5392 backport (cups) -CVE-2007-5392 VULNERABLE (poppler) #372521 +CVE-2007-5392 version (poppler, fixed 0.6.2) #372521 [since poppler-0.6.2-1.fc9] CVE-2007-5392 VULNERABLE (kdegraphics) #372581 CVE-2007-5392 VULNERABLE (koffice) #372611 CVE-2007-5392 version (tetex) #372671 [since tetex-3.0-48.fc9] @@ -72,6 +72,7 @@ CVE-2007-4999 version (pidgin, fixed 2.2.2) CVE-2007-4990 version (xorg-x11-xfs, fixed 1.0.5) CVE-2007-4829 VULNERABLE (perl-Archive-Tar, not fixed upstream) #364291 +CVE-2007-4575 version (openoffice.org, fixed 2.3.1) [since openoffice.org-2.3.1-9.1.fc9] CVE-2007-4752 version (openssh, fixed 4.7) #280461 CVE-2007-4619 version (flac, fixed 1.2) #332581 CVE-2007-4568 version (xorg-x11-xfs, fixed 1.0.5) @@ -80,7 +81,7 @@ CVE-2007-4400 VULNERABLE (konversation) #362931 Remove media script? CVE-2007-4352 backport (xpdf) #372481 [since xpdf-3.02-4.fc9] CVE-2007-4352 backport (cups) -CVE-2007-4352 VULNERABLE (poppler) #372521 +CVE-2007-4352 version (poppler, fixed 0.6.2) #372521 [since poppler-0.6.2-1.fc9] CVE-2007-4352 VULNERABLE (kdegraphics) #372581 CVE-2007-4352 VULNERABLE (koffice) #372611 CVE-2007-4352 version (tetex) #372671 [since tetex-3.0-48.fc9] Index: fc7 =================================================================== RCS file: /cvs/fedora/fedora-security/audit/fc7,v retrieving revision 1.192 retrieving revision 1.193 diff -u -r1.192 -r1.193 --- fc7 5 Dec 2007 20:37:28 -0000 1.192 +++ fc7 10 Dec 2007 14:31:34 -0000 1.193 @@ -8,19 +8,20 @@ # Up to date CVE as of CVE email 20071030 # Up to date FC7 as of 20071029 +GENERIC-MAP-NOMATCH version (drupal, fixed 5.4) [since FEDORA-2007-4136] SA-2007-031 GENERIC-MAP-NOMATCH VULNERABLE (libxfcegui4) #412751 GENERIC-MAP-NOMATCH VULNERABLE (libxfce4util) #412751 GENERIC-MAP-NOMATCH VULNERABLE (xfce-panel) #412751 CVE-2007-6239 VULNERABLE (squid, fixed 2.6.17) #412381 -CVE-2007-6210 VULNERABLE (zabbix) #407181 [since zabbix-1.4.2-3.fc7] +CVE-2007-6210 backport (zabbix) #407181 [since FEDORA-2007-4160] CVE-2007-6209 ignore (zsh) #409871 We don't ship the script CVE-2007-6208 ignore (claws) We don't ship the script CVE-2007-6207 VULNERABLE (kernel) Xen cross-domain memory read CVE-2007-6206 VULNERABLE (kernel) Core dump owner issue CVE-2007-6203 ignore (httpd) #409831 User can't unput garbage before method name CVE-2007-5938 VULNERABLE (kernel) #385861 iwlwifi -CVE-2007-6201 VULNERABLE (wesnoth, fixed 1.2.8) -CVE-2007-6183 VULNERABLE (ruby-gnome2) #405591 +CVE-2007-6201 version (wesnoth, fixed 1.2.8) [since FEDORA-2007-3986] +CVE-2007-6183 version (ruby-gnome2) #405591 [since FEDORA-2007-4229] CVE-2007-6110 backport (htdig) [since FEDORA-2007-3907] CVE-2007-6100 version (phpMyAdmin, fixed 2.11.2.2) [since FEDORA-2007-3666] CVE-2007-6061 VULNERABLE (audacity) #393251 @@ -44,7 +45,7 @@ CVE-2007-5795 backport (emacs) #367581 [since FEDORA-2007-3056] CVE-2007-5770 backport (ruby) #373381 [since FEDORA-2007-2685] CVE-2007-5751 backport (liferea, fixed 1.4.6) #360641 [since FEDORA-2007-2725] -CVE-2007-5742 VULNERABLE (wesnoth, fixed 1.2.8) +CVE-2007-5742 version (wesnoth, fixed 1.2.8) [since FEDORA-2007-3986] CVE-2007-5728 version (phpPgAdmin) seems to be fixed for some time CVE-2007-5715 backport (denyhosts) fixed long ago CVE-2007-5712 version (Django, fixed 0.96.1) #362761 [since FEDORA-2007-3157] @@ -52,7 +53,7 @@ CVE-2007-5707 backport (openldap, fixed 2.3.39) #360081 [since FEDORA-2007-3124] CVE-2007-5690 version (zaptel) [since FEDORA-2007-3094] not really an issue CVE-2007-5626 ignore (bacula) known, documented limitation -CVE-2007-5624 VULNERABLE (nagios, fixed 2.10) #362791 +CVE-2007-5624 version (nagios, fixed 2.10) #362791 [since FEDORA-2007-4123] CVE-2007-5623 backport (nagios-plugins) #348731 [since FEDORA-2007-2713] CVE-2007-5597 version (drupal, fixed 5.3) [since FEDORA-2007-2649] CVE-2007-5596 version (drupal, fixed 5.3) [since FEDORA-2007-2649] @@ -62,6 +63,8 @@ CVE-2007-5589 version (phpmyadmin, fixed 2.11.1.2) #333661 PMASA-2007-6 [since FEDORA-2007-2738] CVE-2007-5585 backport (rss-glx) #336331 [since FEDORA-2007-2652] CVE-2007-5585 backport (tempest) #336331 [since FEDORA-2007-2652] +CVE-2007-5501 version (kernel) [since FEDORA-2007-3751] +CVE-2007-5500 version (kernel) [since FEDORA-2007-3751] CVE-2007-5461 version (tomcat5) #334511 [since FEDORA-2007-3456] CVE-2007-5416 ignore (drupal) Vulnerability in PHP<5.1.3, we're safe CVE-2007-5398 version (samba) [since FEDORA-2007-3402] @@ -148,6 +151,7 @@ CVE-2007-4629 version (mapserver, fixed 4.10.3) #272081 [since FEDORA-2007-2018] CVE-2007-4631 version (qgit) #268381 [since FEDORA-2007-2108] CVE-2007-4619 version (flac, fixed 1.2) #332571 [since FEDORA-2007-2596] +CVE-2007-4575 backport (openoffice.org, fixed 2.3.1) [since FEDORA-2007-4120] CVE-2007-4573 version (kernel) [since FEDORA-2007-2298] CVE-2007-4572 version (samba) [since FEDORA-2007-3402] CVE-2007-4571 version (kernel) [since FEDORA-2007-2349] From fedora-security-commits at redhat.com Mon Dec 10 16:12:16 2007 From: fedora-security-commits at redhat.com (fedora-security-commits at redhat.com) Date: Mon, 10 Dec 2007 11:12:16 -0500 Subject: [Fedora-security-commits] fedora-security/audit f8, 1.36, 1.37 f9, 1.31, 1.32 fc7, 1.193, 1.194 Message-ID: <200712101612.lBAGCGgU011020@cvs-int.fedora.redhat.com> Author: thoger Update of /cvs/fedora/fedora-security/audit In directory cvs-int.fedora.redhat.com:/tmp/cvs-serv10991/audit Modified Files: f8 f9 fc7 Log Message: add samba Index: f8 =================================================================== RCS file: /cvs/fedora/fedora-security/audit/f8,v retrieving revision 1.36 retrieving revision 1.37 diff -u -r1.36 -r1.37 --- f8 10 Dec 2007 14:31:34 -0000 1.36 +++ f8 10 Dec 2007 16:12:14 -0000 1.37 @@ -24,6 +24,7 @@ CVE-2007-6110 backport (htdig) [since FEDORA-2007-3958] CVE-2007-6100 version (phpMyAdmin, fixed 2.11.2.2) [since FEDORA-2007-3639] CVE-2007-6061 VULNERABLE (audacity) #393251 +CVE-2007-6015 VULNERABLE (samba, fixed 3.0.28) CVE-2007-6035 version (cacti, fixed 0.8.7a) #391991 [since FEDORA-2007-3667] CVE-2007-5977 version (phpMyAdmin, fixed 2.11.2.1) #385901 [since FEDORA-2007-3636] CVE-2007-5976 version (phpMyAdmin, fixed 2.11.2.1) #385901 [since FEDORA-2007-3636] Index: f9 =================================================================== RCS file: /cvs/fedora/fedora-security/audit/f9,v retrieving revision 1.31 retrieving revision 1.32 diff -u -r1.31 -r1.32 --- f9 10 Dec 2007 14:31:34 -0000 1.31 +++ f9 10 Dec 2007 16:12:14 -0000 1.32 @@ -21,6 +21,7 @@ CVE-2007-6100 version (phpMyAdmin, fixed 2.11.2.2) CVE-2007-6061 VULNERABLE (audacity) #393251 CVE-2007-6035 version (cacti, fixed 0.8.7a) #392001 [since cacti-0.8.7a-1.fc9] +CVE-2007-6015 VULNERABLE (samba, fixed 3.0.28) CVE-2007-5977 version (phpMyAdmin) #385911 [since phpMyAdmin-2.11.2.2-1.fc9] CVE-2007-5976 version (phpMyAdmin) #385911 [since phpMyAdmin-2.11.2.2-1.fc9] CVE-2007-5960 version (mozilla, fixed ff 2.0.0.10, sm 1.1.7) Index: fc7 =================================================================== RCS file: /cvs/fedora/fedora-security/audit/fc7,v retrieving revision 1.193 retrieving revision 1.194 diff -u -r1.193 -r1.194 --- fc7 10 Dec 2007 14:31:34 -0000 1.193 +++ fc7 10 Dec 2007 16:12:14 -0000 1.194 @@ -26,6 +26,7 @@ CVE-2007-6100 version (phpMyAdmin, fixed 2.11.2.2) [since FEDORA-2007-3666] CVE-2007-6061 VULNERABLE (audacity) #393251 CVE-2007-6035 version (cacti, fixed 0.8.7a) #391981 [since FEDORA-2007-3683] +CVE-2007-6015 VULNERABLE (samba, fixed 3.0.28) CVE-2007-5977 version (phpMyAdmin, fixed 2.11.2.1) #385891 [since FEDORA-2007-3627] CVE-2007-5976 version (phpMyAdmin, fixed 2.11.2.1) #385891 [since FEDORA-2007-3627] CVE-2007-5960 version (mozilla, fixed ff 2.0.0.10, sm 1.1.7) [since FEDORA-2007-3952] From fedora-security-commits at redhat.com Mon Dec 10 18:10:09 2007 From: fedora-security-commits at redhat.com (fedora-security-commits at redhat.com) Date: Mon, 10 Dec 2007 13:10:09 -0500 Subject: [Fedora-security-commits] fedora-security/audit fc6,1.305,1.306 Message-ID: <200712101810.lBAIA9g7004829@cvs-int.fedora.redhat.com> Author: thoger Update of /cvs/fedora/fedora-security/audit In directory cvs-int.fedora.redhat.com:/tmp/cvs-serv4763/audit Modified Files: fc6 Log Message: note last FC6 updates that managed to get in before EOL fix EOL message Index: fc6 =================================================================== RCS file: /cvs/fedora/fedora-security/audit/fc6,v retrieving revision 1.305 retrieving revision 1.306 diff -u -r1.305 -r1.306 --- fc6 7 Dec 2007 14:53:17 -0000 1.305 +++ fc6 10 Dec 2007 18:10:07 -0000 1.306 @@ -5,16 +5,22 @@ # (mozilla) = (firefox, seamonkey, thunderbird, yelp, devhelp, galeon, liferea. epiphany) # Up to date CVE as of CVE email 20071030 -# Up to date FC6 as of 20071029 +# Up to date FC6 as of 20071207 -# This list is no longer maintained by the Red Hat security -# response team as of 29th June 2007 (two months after the +# This list is no longer maintained by the Red Hat Security Response +# Team as of 7th December 2007 (EOL date of FC6, ~one month after the # release date of Fedora 8) +# +# Zod's dead baby, Zod's dead... CVE-2007-6209 ignore (zsh) #409871 We don't ship the script CVE-2007-6207 VULNERABLE (kernel) Xen cross-domain memory read CVE-2007-6206 VULNERABLE (kernel) Core dump owner issue CVE-2007-6203 ignore (httpd) #409831 User can't unput garbage before method name +CVE-2007-6110 backport (htdig) [since FEDORA-2007-757] +CVE-2007-5960 backport (mozilla) [since FEDORA-2007-756] +CVE-2007-5959 backport (mozilla) [since FEDORA-2007-756] +CVE-2007-5947 backport (mozilla) [since FEDORA-2007-756] CVE-2007-5938 VULNERABLE (kernel) #385861 iwlwifi CVE-2007-5937 backport (tetex) #379841 [since FEDORA-2007-750] Multiple dviljk buffer overflows CVE-2007-5936 backport (tetex) #379841 [since FEDORA-2007-750] dviljk uses insecure temporary file @@ -26,6 +32,8 @@ CVE-2007-5770 backport (ruby) #373371 [since FEDORA-2007-738] CVE-2007-5708 backport (openldap) [since FEDORA-2007-741] CVE-2007-5707 backport (openldap) [since FEDORA-2007-741] +CVE-2007-5501 version (kernel) [since FEDORA-2007-759] +CVE-2007-5500 version (kernel) [since FEDORA-2007-759] CVE-2007-5461 VULNERABLE (tomcat5) #334521 CVE-2007-5398 backport (samba) [since FEDORA-2007-751] CVE-2007-5393 backport (cups) [since FEDORA-2007-746] @@ -52,12 +60,12 @@ CVE-2007-5162 version (ruby) #313801 [since FEDORA-2007-718] CVE-2007-5137 backport (tk, fixed 8.4.16) #332071 [since FEDORA-2007-728] CVE-2007-5135 backport (openssl, fixed 0.9.8d) [since FEDORA-2007-725] -CVE-2007-5116 VULNERABLE (perl) #378121 +CVE-2007-5116 backport (perl) #378121 [since FEDORA-2007-748] CVE-2007-5079 VULNERABLE (gdm) #363031 CVE-2007-5034 version (elinks) #297611 [since FEDORA-2007-710] CVE-2007-4995 backport (openssl, fixed 0.9.8f) [since FEDORA-2007-725] CVE-2007-4993 backport (xen) [since FEDORA-2007-713] -CVE-2007-4990 VULNERABLE (xorg-x11-xfs, fixed 1.0.5) #373321 +CVE-2007-4990 version (xorg-x11-xfs, fixed 1.0.5) #373321 [since FEDORA-2007-763] CVE-2007-4965 VULNERABLE (python) imageop module heap overflow #373281 CVE-2007-4924 VULNERABLE (opal, fixed 2.2.10) #297561 CVE-2007-4897 VULNERABLE (opal, fixed 2.2.8) #297561 @@ -78,10 +86,11 @@ CVE-2007-4658 backport (php, fixed 5.2.4) #278011 [since FEDORA-2007-709] CVE-2007-4657 ignore (php, fixed 5.2.4) arbitrary read not remotely triggerable CVE-2007-4619 backport (flac, fixed 1.2) #332581 [since FEDORA-2007-730] +CVE-2007-4575 backport (openoffice.org, fixed 2.3.1) [since FEDORA-2007-762] CVE-2007-4572 backport (samba) [since FEDORA-2007-751] CVE-2007-4571 version (kernel) [since FEDORA-2007-714] CVE-2007-4569 backport (kdebase) #299741 [since FEDORA-2007-716] -CVE-2007-4568 VULNERABLE (xorg-x11-xfs, fixed 1.0.5) #373251 +CVE-2007-4568 version (xorg-x11-xfs, fixed 1.0.5) #373251 [since FEDORA-2007-763] CVE-2007-4565 backport (fetchmail) #260881 [since FEDORA-2007-689] CVE-2007-4559 VULNERABLE (python, not fixed upstream) #315291 Upstream WONTFIX. See where we use the code. CVE-2007-4558 ignore (star, fixed 1.5a84) duplicate of CVE-2007-4134 From fedora-security-commits at redhat.com Mon Dec 10 19:23:32 2007 From: fedora-security-commits at redhat.com (fedora-security-commits at redhat.com) Date: Mon, 10 Dec 2007 14:23:32 -0500 Subject: [Fedora-security-commits] fedora-security/audit f8, 1.37, 1.38 f9, 1.32, 1.33 fc7, 1.194, 1.195 Message-ID: <200712101923.lBAJNWLA017203@cvs-int.fedora.redhat.com> Author: thoger Update of /cvs/fedora/fedora-security/audit In directory cvs-int.fedora.redhat.com:/tmp/cvs-serv17181/audit Modified Files: f8 f9 fc7 Log Message: note drupal cve id Index: f8 =================================================================== RCS file: /cvs/fedora/fedora-security/audit/f8,v retrieving revision 1.37 retrieving revision 1.38 diff -u -r1.37 -r1.38 --- f8 10 Dec 2007 16:12:14 -0000 1.37 +++ f8 10 Dec 2007 19:23:30 -0000 1.38 @@ -7,7 +7,7 @@ # Up to date CVE as of CVE email 20071030 # Up to date F8 as of 20071029 -GENERIC-MAP-NOMATCH version (drupal, fixed 5.4) [since FEDORA-2007-4163] SA-2007-031 +CVE-2007-6299 version (drupal, fixed 5.4) [since FEDORA-2007-4163] SA-2007-031 GENERIC-MAP-NOMATCH VULNERABLE (libxfcegui4) #412761 GENERIC-MAP-NOMATCH VULNERABLE (libxfce4util) #412761 GENERIC-MAP-NOMATCH VULNERABLE (xfce-panel) #412761 Index: f9 =================================================================== RCS file: /cvs/fedora/fedora-security/audit/f9,v retrieving revision 1.32 retrieving revision 1.33 diff -u -r1.32 -r1.33 --- f9 10 Dec 2007 16:12:14 -0000 1.32 +++ f9 10 Dec 2007 19:23:30 -0000 1.33 @@ -7,6 +7,7 @@ # Up to date CVE as of CVE email 20071030 # Up to date F9 as of 20071029 +CVE-2007-6299 version (drupal, fixed 5.4) [since drupal-5.4-1.fc9] SA-2007-031 CVE-2007-6239 version (squid, fixed 2.6.17) [since squid-2.6.STABLE17-1.fc9] CVE-2007-6210 backport (zabbix) #407181 [since zabbix-1.4.2-4.fc9] CVE-2007-6209 ignore (zsh) #409871 We don't ship the script Index: fc7 =================================================================== RCS file: /cvs/fedora/fedora-security/audit/fc7,v retrieving revision 1.194 retrieving revision 1.195 diff -u -r1.194 -r1.195 --- fc7 10 Dec 2007 16:12:14 -0000 1.194 +++ fc7 10 Dec 2007 19:23:30 -0000 1.195 @@ -8,7 +8,7 @@ # Up to date CVE as of CVE email 20071030 # Up to date FC7 as of 20071029 -GENERIC-MAP-NOMATCH version (drupal, fixed 5.4) [since FEDORA-2007-4136] SA-2007-031 +CVE-2007-6299 version (drupal, fixed 5.4) [since FEDORA-2007-4136] SA-2007-031 GENERIC-MAP-NOMATCH VULNERABLE (libxfcegui4) #412751 GENERIC-MAP-NOMATCH VULNERABLE (libxfce4util) #412751 GENERIC-MAP-NOMATCH VULNERABLE (xfce-panel) #412751 From fedora-security-commits at redhat.com Wed Dec 12 10:26:59 2007 From: fedora-security-commits at redhat.com (fedora-security-commits at redhat.com) Date: Wed, 12 Dec 2007 05:26:59 -0500 Subject: [Fedora-security-commits] fedora-security/audit f8, 1.38, 1.39 f9, 1.33, 1.34 fc7, 1.195, 1.196 Message-ID: <200712121026.lBCAQxes027261@cvs-int.fedora.redhat.com> Author: thoger Update of /cvs/fedora/fedora-security/audit In directory cvs-int.fedora.redhat.com:/tmp/cvs-serv27199/audit Modified Files: f8 f9 fc7 Log Message: fedora updates wordpress Index: f8 =================================================================== RCS file: /cvs/fedora/fedora-security/audit/f8,v retrieving revision 1.38 retrieving revision 1.39 diff -u -r1.38 -r1.39 --- f8 10 Dec 2007 19:23:30 -0000 1.38 +++ f8 12 Dec 2007 10:26:57 -0000 1.39 @@ -7,6 +7,7 @@ # Up to date CVE as of CVE email 20071030 # Up to date F8 as of 20071029 +CVE-2007-6318 VULNERABLE (wordpress) CVE-2007-6299 version (drupal, fixed 5.4) [since FEDORA-2007-4163] SA-2007-031 GENERIC-MAP-NOMATCH VULNERABLE (libxfcegui4) #412761 GENERIC-MAP-NOMATCH VULNERABLE (libxfce4util) #412761 @@ -24,7 +25,8 @@ CVE-2007-6110 backport (htdig) [since FEDORA-2007-3958] CVE-2007-6100 version (phpMyAdmin, fixed 2.11.2.2) [since FEDORA-2007-3639] CVE-2007-6061 VULNERABLE (audacity) #393251 -CVE-2007-6015 VULNERABLE (samba, fixed 3.0.28) +CVE-2007-6015 version (samba, fixed 3.0.28) [since FEDORA-2007-4275] +CVE-2007-6013 VULNERABLE (wordpress) CVE-2007-6035 version (cacti, fixed 0.8.7a) #391991 [since FEDORA-2007-3667] CVE-2007-5977 version (phpMyAdmin, fixed 2.11.2.1) #385901 [since FEDORA-2007-3636] CVE-2007-5976 version (phpMyAdmin, fixed 2.11.2.1) #385901 [since FEDORA-2007-3636] @@ -116,6 +118,7 @@ CVE-2007-3385 version (tomcat5) [since FEDORA-2007-3474] CVE-2007-3382 version (tomcat5) [since FEDORA-2007-3474] CVE-2007-3145 ignore (galeon) in 2.0.3 the truncation still occurs, but at reasonable length +CVE-2007-2807 backport (eggdrop) [since FEDORA-2007-4305] CVE-2007-2450 version (tomcat5) #363081 [since FEDORA-2007-3474] CVE-2007-2449 version (tomcat5) #363081 [since FEDORA-2007-3474] CVE-2007-2245 version (phpMyAdmin, fixed 2.10.1) #237882 @@ -135,7 +138,7 @@ CVE-2007-0653 backport (xmms) #233705 -//- CVE-2007-0537 version (kdebase, fixed 3.5.6) #225420 CVE-2007-0235 version (libgtop2, fixed 2.14.6) #222637 not sure, will triage -CVE-2007-0095 ignore (phpMyAdmin) #221694 "Reveals path" +CVE-2007-0095 backport (phpMyAdmin) #221694 "Reveals path" [since FEDORA-2007-4334] CVE-2006-6698 VULNERABLE (GConf2) #219280 CVE-2006-6128 version (kernel, fixed 2.6.19-1.2911.fc6) #250625 ReiserFS MOKB CVE-2006-6107 version (dbus, fixed 1.0.2) #219665 Index: f9 =================================================================== RCS file: /cvs/fedora/fedora-security/audit/f9,v retrieving revision 1.33 retrieving revision 1.34 diff -u -r1.33 -r1.34 --- f9 10 Dec 2007 19:23:30 -0000 1.33 +++ f9 12 Dec 2007 10:26:57 -0000 1.34 @@ -7,6 +7,7 @@ # Up to date CVE as of CVE email 20071030 # Up to date F9 as of 20071029 +CVE-2007-6318 VULNERABLE (wordpress) CVE-2007-6299 version (drupal, fixed 5.4) [since drupal-5.4-1.fc9] SA-2007-031 CVE-2007-6239 version (squid, fixed 2.6.17) [since squid-2.6.STABLE17-1.fc9] CVE-2007-6210 backport (zabbix) #407181 [since zabbix-1.4.2-4.fc9] @@ -23,6 +24,7 @@ CVE-2007-6061 VULNERABLE (audacity) #393251 CVE-2007-6035 version (cacti, fixed 0.8.7a) #392001 [since cacti-0.8.7a-1.fc9] CVE-2007-6015 VULNERABLE (samba, fixed 3.0.28) +CVE-2007-6013 VULNERABLE (wordpress) CVE-2007-5977 version (phpMyAdmin) #385911 [since phpMyAdmin-2.11.2.2-1.fc9] CVE-2007-5976 version (phpMyAdmin) #385911 [since phpMyAdmin-2.11.2.2-1.fc9] CVE-2007-5960 version (mozilla, fixed ff 2.0.0.10, sm 1.1.7) @@ -114,7 +116,7 @@ CVE-2007-0653 backport (xmms) #233705 -//- CVE-2007-0537 version (kdebase, fixed 3.5.6) #225420 CVE-2007-0235 version (libgtop2, fixed 2.14.6) #222637 not sure, will triage -CVE-2007-0095 ignore (phpMyAdmin) #221694 "Reveals path" +CVE-2007-0095 backport (phpMyAdmin) #221694 "Reveals path" [since phpMyAdmin-2.11.3-1.fc9] CVE-2006-6698 VULNERABLE (GConf2) #219280 CVE-2006-6128 version (kernel, fixed 2.6.19-1.2911.fc6) #250625 ReiserFS MOKB CVE-2006-6107 version (dbus, fixed 1.0.2) #219665 Index: fc7 =================================================================== RCS file: /cvs/fedora/fedora-security/audit/fc7,v retrieving revision 1.195 retrieving revision 1.196 diff -u -r1.195 -r1.196 --- fc7 10 Dec 2007 19:23:30 -0000 1.195 +++ fc7 12 Dec 2007 10:26:57 -0000 1.196 @@ -8,6 +8,7 @@ # Up to date CVE as of CVE email 20071030 # Up to date FC7 as of 20071029 +CVE-2007-6318 VULNERABLE (wordpress) CVE-2007-6299 version (drupal, fixed 5.4) [since FEDORA-2007-4136] SA-2007-031 GENERIC-MAP-NOMATCH VULNERABLE (libxfcegui4) #412751 GENERIC-MAP-NOMATCH VULNERABLE (libxfce4util) #412751 @@ -26,7 +27,8 @@ CVE-2007-6100 version (phpMyAdmin, fixed 2.11.2.2) [since FEDORA-2007-3666] CVE-2007-6061 VULNERABLE (audacity) #393251 CVE-2007-6035 version (cacti, fixed 0.8.7a) #391981 [since FEDORA-2007-3683] -CVE-2007-6015 VULNERABLE (samba, fixed 3.0.28) +CVE-2007-6015 version (samba, fixed 3.0.28) [since FEDORA-2007-4269] +CVE-2007-6013 VULNERABLE (wordpress) CVE-2007-5977 version (phpMyAdmin, fixed 2.11.2.1) #385891 [since FEDORA-2007-3627] CVE-2007-5976 version (phpMyAdmin, fixed 2.11.2.1) #385891 [since FEDORA-2007-3627] CVE-2007-5960 version (mozilla, fixed ff 2.0.0.10, sm 1.1.7) [since FEDORA-2007-3952] @@ -119,7 +121,7 @@ CVE-2007-4996 version (pidgin, fixed 2.2.1) [since FEDORA-2007-2368] CVE-2007-4995 backport (openssl, fixed 0.9.8f) [since FEDORA-2007-2530] CVE-2007-4993 backport (xen) [since FEDORA-2007-2270] -CVE-2007-4990 VULNERABLE (xorg-x11-xfs, fixed 1.0.5) #373331 +CVE-2007-4990 version (xorg-x11-xfs, fixed 1.0.5) #373331 [since FEDORA-2007-4263] CVE-2007-4974 backport (libsndfile) #296221 [since FEDORA-2007-2236] CVE-2007-4965 backport (python) imageop module heap overflow [since FEDORA-2007-2663] CVE-2007-4924 version (opal, fixed 2.2.10) #297551 [since FEDORA-2007-2245] @@ -157,7 +159,7 @@ CVE-2007-4572 version (samba) [since FEDORA-2007-3402] CVE-2007-4571 version (kernel) [since FEDORA-2007-2349] CVE-2007-4569 backport (kdebase) #299731 [since FEDORA-2007-2361] -CVE-2007-4568 VULNERABLE (xorg-x11-xfs, fixed 1.0.5) #373261 +CVE-2007-4568 version (xorg-x11-xfs, fixed 1.0.5) #373261 [since FEDORA-2007-4263] CVE-2007-4565 backport (fetchmail) #260861 [since FEDORA-2007-1983] CVE-2007-4560 version (clamav) #260583 [since FEDORA-2007-2050] CVE-2007-4559 VULNERABLE (python, not fixed upstream) #315291 Upstream WONTFIX. See where we use the code. @@ -337,6 +339,7 @@ CVE-2007-2843 ignore (konqueror) safari specific CVE-2007-2834 backport (openoffice.org, fixed 2.3) #293361 [since FEDORA-2007-2372] CVE-2007-2821 version (wordpress, fixed 2.2) #245211 [since FEDORA-2007-0894] +CVE-2007-2807 backport (eggdrop) [since FEDORA-2007-4325] CVE-2007-2799 version (file, fixed 4.21) #241034 [since FEDORA-2007-0836] CVE-2007-2798 version (krb5, fixed 1.6.1) [since FEDORA-2007-0740] CVE-2007-2797 version (xterm) fixed in fc5 and fc6 before f7 release @@ -602,7 +605,7 @@ CVE-2007-0106 version (wordpress, fixed 2.1-0) #223101 CVE-2007-0104 ignore (poppler) only client DoS CVE-2007-0104 ignore (kdegraphics) only client DoS -CVE-2007-0095 version (phpMyAdmin) #221694 +CVE-2007-0095 backport (phpMyAdmin) #221694 [since FEDORA-2007-4298] CVE-2007-0086 ignore (apache) not a security issue *CVE-2007-0080 ** (freeradius) *CVE-2007-0010 ** (gtk2) From fedora-security-commits at redhat.com Wed Dec 12 13:31:39 2007 From: fedora-security-commits at redhat.com (fedora-security-commits at redhat.com) Date: Wed, 12 Dec 2007 08:31:39 -0500 Subject: [Fedora-security-commits] fedora-security/audit f8, 1.39, 1.40 f9, 1.34, 1.35 fc7, 1.196, 1.197 Message-ID: <200712121331.lBCDVd82025221@cvs-int.fedora.redhat.com> Author: thoger Update of /cvs/fedora/fedora-security/audit In directory cvs-int.fedora.redhat.com:/tmp/cvs-serv25199/audit Modified Files: f8 f9 fc7 Log Message: autofs Index: f8 =================================================================== RCS file: /cvs/fedora/fedora-security/audit/f8,v retrieving revision 1.39 retrieving revision 1.40 diff -u -r1.39 -r1.40 --- f8 12 Dec 2007 10:26:57 -0000 1.39 +++ f8 12 Dec 2007 13:31:37 -0000 1.40 @@ -30,6 +30,7 @@ CVE-2007-6035 version (cacti, fixed 0.8.7a) #391991 [since FEDORA-2007-3667] CVE-2007-5977 version (phpMyAdmin, fixed 2.11.2.1) #385901 [since FEDORA-2007-3636] CVE-2007-5976 version (phpMyAdmin, fixed 2.11.2.1) #385901 [since FEDORA-2007-3636] +CVE-2007-5964 VULNERABLE (autofs) #409701 CVE-2007-5960 version (mozilla, fixed ff 2.0.0.10, sm 1.1.7) [since FEDORA-2007-3962] CVE-2007-5959 version (mozilla, fixed ff 2.0.0.10, sm 1.1.7) [since FEDORA-2007-3962] CVE-2007-5947 version (mozilla, fixed ff 2.0.0.10, sm 1.1.7) [since FEDORA-2007-3962] Index: f9 =================================================================== RCS file: /cvs/fedora/fedora-security/audit/f9,v retrieving revision 1.34 retrieving revision 1.35 diff -u -r1.34 -r1.35 --- f9 12 Dec 2007 10:26:57 -0000 1.34 +++ f9 12 Dec 2007 13:31:37 -0000 1.35 @@ -27,6 +27,7 @@ CVE-2007-6013 VULNERABLE (wordpress) CVE-2007-5977 version (phpMyAdmin) #385911 [since phpMyAdmin-2.11.2.2-1.fc9] CVE-2007-5976 version (phpMyAdmin) #385911 [since phpMyAdmin-2.11.2.2-1.fc9] +CVE-2007-5964 VULNERABLE (autofs) #421371 CVE-2007-5960 version (mozilla, fixed ff 2.0.0.10, sm 1.1.7) CVE-2007-5959 version (mozilla, fixed ff 2.0.0.10, sm 1.1.7) CVE-2007-5947 version (mozilla, fixed ff 2.0.0.10, sm 1.1.7) Index: fc7 =================================================================== RCS file: /cvs/fedora/fedora-security/audit/fc7,v retrieving revision 1.196 retrieving revision 1.197 diff -u -r1.196 -r1.197 --- fc7 12 Dec 2007 10:26:57 -0000 1.196 +++ fc7 12 Dec 2007 13:31:37 -0000 1.197 @@ -31,6 +31,7 @@ CVE-2007-6013 VULNERABLE (wordpress) CVE-2007-5977 version (phpMyAdmin, fixed 2.11.2.1) #385891 [since FEDORA-2007-3627] CVE-2007-5976 version (phpMyAdmin, fixed 2.11.2.1) #385891 [since FEDORA-2007-3627] +CVE-2007-5964 VULNERABLE (autofs) #421351 CVE-2007-5960 version (mozilla, fixed ff 2.0.0.10, sm 1.1.7) [since FEDORA-2007-3952] CVE-2007-5959 version (mozilla, fixed ff 2.0.0.10, sm 1.1.7) [since FEDORA-2007-3952] CVE-2007-5947 version (mozilla, fixed ff 2.0.0.10, sm 1.1.7) [since FEDORA-2007-3952] From fedora-security-commits at redhat.com Thu Dec 13 12:41:08 2007 From: fedora-security-commits at redhat.com (fedora-security-commits at redhat.com) Date: Thu, 13 Dec 2007 07:41:08 -0500 Subject: [Fedora-security-commits] fedora-security/audit f8, 1.40, 1.41 f9, 1.35, 1.36 fc7, 1.197, 1.198 Message-ID: <200712131241.lBDCf8LH006463@cvs-int.fedora.redhat.com> Author: thoger Update of /cvs/fedora/fedora-security/audit In directory cvs-int.fedora.redhat.com:/tmp/cvs-serv6435/audit Modified Files: f8 f9 fc7 Log Message: bind, roundcubemail Index: f8 =================================================================== RCS file: /cvs/fedora/fedora-security/audit/f8,v retrieving revision 1.40 retrieving revision 1.41 diff -u -r1.40 -r1.41 --- f8 12 Dec 2007 13:31:37 -0000 1.40 +++ f8 13 Dec 2007 12:41:06 -0000 1.41 @@ -4,14 +4,16 @@ # *CVE are items that need verification for Fedora 8 # (mozilla) = (gecko-libs dependent stuff) -# Up to date CVE as of CVE email 20071030 -# Up to date F8 as of 20071029 +# Up to date CVE as of CVE email 20071211 +# Up to date F8 as of 20071212 +CVE-2007-6321 VULENERABLE (roundcubemail) #423291 CVE-2007-6318 VULNERABLE (wordpress) CVE-2007-6299 version (drupal, fixed 5.4) [since FEDORA-2007-4163] SA-2007-031 GENERIC-MAP-NOMATCH VULNERABLE (libxfcegui4) #412761 GENERIC-MAP-NOMATCH VULNERABLE (libxfce4util) #412761 GENERIC-MAP-NOMATCH VULNERABLE (xfce-panel) #412761 +CVE-2007-6283 VULNERABLE (bind) #423071 CVE-2007-6239 VULNERABLE (squid, fixed 2.6.17) #412391 CVE-2007-6210 backport (zabbix) #407181 [since FEDORA-2007-4176] CVE-2007-6209 ignore (zsh) #409871 We don't ship the script Index: f9 =================================================================== RCS file: /cvs/fedora/fedora-security/audit/f9,v retrieving revision 1.35 retrieving revision 1.36 diff -u -r1.35 -r1.36 --- f9 12 Dec 2007 13:31:37 -0000 1.35 +++ f9 13 Dec 2007 12:41:06 -0000 1.36 @@ -4,11 +4,13 @@ # *CVE are items that need verification for Fedora 9 # (mozilla) = (gecko-libs dependent stuff) -# Up to date CVE as of CVE email 20071030 +# Up to date CVE as of CVE email 20071211 # Up to date F9 as of 20071029 +CVE-2007-6321 VULENERABLE (roundcubemail) #423301 CVE-2007-6318 VULNERABLE (wordpress) CVE-2007-6299 version (drupal, fixed 5.4) [since drupal-5.4-1.fc9] SA-2007-031 +CVE-2007-6283 VULNERABLE (bind) #423081 CVE-2007-6239 version (squid, fixed 2.6.17) [since squid-2.6.STABLE17-1.fc9] CVE-2007-6210 backport (zabbix) #407181 [since zabbix-1.4.2-4.fc9] CVE-2007-6209 ignore (zsh) #409871 We don't ship the script Index: fc7 =================================================================== RCS file: /cvs/fedora/fedora-security/audit/fc7,v retrieving revision 1.197 retrieving revision 1.198 diff -u -r1.197 -r1.198 --- fc7 12 Dec 2007 13:31:37 -0000 1.197 +++ fc7 13 Dec 2007 12:41:06 -0000 1.198 @@ -5,14 +5,16 @@ # (mozilla) = (firefox, seamonkey, thunderbird, yelp, devhelp, galeon, liferea. epiphany) # A couple of first F7 updates were marked as FEDORA-2007-0001 -# Up to date CVE as of CVE email 20071030 -# Up to date FC7 as of 20071029 +# Up to date CVE as of CVE email 200711211 +# Up to date FC7 as of 20071212 +CVE-2007-6321 VULENERABLE (roundcubemail) #423281 CVE-2007-6318 VULNERABLE (wordpress) CVE-2007-6299 version (drupal, fixed 5.4) [since FEDORA-2007-4136] SA-2007-031 GENERIC-MAP-NOMATCH VULNERABLE (libxfcegui4) #412751 GENERIC-MAP-NOMATCH VULNERABLE (libxfce4util) #412751 GENERIC-MAP-NOMATCH VULNERABLE (xfce-panel) #412751 +CVE-2007-6283 VULNERABLE (bind) #423061 CVE-2007-6239 VULNERABLE (squid, fixed 2.6.17) #412381 CVE-2007-6210 backport (zabbix) #407181 [since FEDORA-2007-4160] CVE-2007-6209 ignore (zsh) #409871 We don't ship the script From fedora-security-commits at redhat.com Thu Dec 13 17:01:12 2007 From: fedora-security-commits at redhat.com (fedora-security-commits at redhat.com) Date: Thu, 13 Dec 2007 12:01:12 -0500 Subject: [Fedora-security-commits] fedora-security/tools get-bodhi-update, NONE, 1.1.2.1 Message-ID: <200712131701.lBDH1C4d013976@cvs-int.fedora.redhat.com> Author: lkundrak Update of /cvs/fedora/fedora-security/tools In directory cvs-int.fedora.redhat.com:/tmp/cvs-serv12955 Added Files: Tag: lkundrak-tools-ng get-bodhi-update Log Message: We can talk to bodhi now ***** Error reading new file: [Errno 2] No such file or directory: 'get-bodhi-update' From fedora-security-commits at redhat.com Fri Dec 14 13:55:51 2007 From: fedora-security-commits at redhat.com (fedora-security-commits at redhat.com) Date: Fri, 14 Dec 2007 08:55:51 -0500 Subject: [Fedora-security-commits] fedora-security/audit f8, 1.41, 1.42 f9, 1.36, 1.37 fc7, 1.198, 1.199 Message-ID: <200712141355.lBEDtp8N029608@cvs-int.fedora.redhat.com> Author: thoger Update of /cvs/fedora/fedora-security/audit In directory cvs-int.fedora.redhat.com:/tmp/cvs-serv29581/audit Modified Files: f8 f9 fc7 Log Message: mysql cleanup Index: f8 =================================================================== RCS file: /cvs/fedora/fedora-security/audit/f8,v retrieving revision 1.41 retrieving revision 1.42 diff -u -r1.41 -r1.42 --- f8 13 Dec 2007 12:41:06 -0000 1.41 +++ f8 14 Dec 2007 13:55:49 -0000 1.42 @@ -9,6 +9,8 @@ CVE-2007-6321 VULENERABLE (roundcubemail) #423291 CVE-2007-6318 VULNERABLE (wordpress) +CVE-2007-6304 ignore (mysql, fixed 5.0.52) federated engine not built +CVE-2007-6303 VULNERABLE (mysql, fixed 5.0.52) #424931 CVE-2007-6299 version (drupal, fixed 5.4) [since FEDORA-2007-4163] SA-2007-031 GENERIC-MAP-NOMATCH VULNERABLE (libxfcegui4) #412761 GENERIC-MAP-NOMATCH VULNERABLE (libxfce4util) #412761 @@ -32,6 +34,8 @@ CVE-2007-6035 version (cacti, fixed 0.8.7a) #391991 [since FEDORA-2007-3667] CVE-2007-5977 version (phpMyAdmin, fixed 2.11.2.1) #385901 [since FEDORA-2007-3636] CVE-2007-5976 version (phpMyAdmin, fixed 2.11.2.1) #385901 [since FEDORA-2007-3636] +CVE-2007-5970 ignore (mysql, fixed 5.1.23) mysql 5.1+ only, affects partitioning +CVE-2007-5969 VULNERABLE (mysql, fixed 5.0.51) #424931 CVE-2007-5964 VULNERABLE (autofs) #409701 CVE-2007-5960 version (mozilla, fixed ff 2.0.0.10, sm 1.1.7) [since FEDORA-2007-3962] CVE-2007-5959 version (mozilla, fixed ff 2.0.0.10, sm 1.1.7) [since FEDORA-2007-3962] @@ -43,7 +47,7 @@ CVE-2007-5934 backport (php-pear-MDB2) #379101 [since FEDORA-2007-3376] CVE-2007-5934 backport (php-pear-MDB2-Driver-mysql) #379131 [since FEDORA-2007-3376] CVE-2007-5934 backport (php-pear-MDB2-Driver-mysqli) #379161 [since FEDORA-2007-3376] -CVE-2007-5925 ignore (mysql) Authenticated user can restart mysql. +CVE-2007-5925 VULNERABLE (mysql, fixed 5.0.54) #424931 CVE-2007-5907 VULNERABLE (xen) #390111 CVE-2007-5906 VULNERABLE (xen) #390111 CVE-2007-5795 backport (emacs) #367591 [since FEDORA-2007-2946] Index: f9 =================================================================== RCS file: /cvs/fedora/fedora-security/audit/f9,v retrieving revision 1.36 retrieving revision 1.37 diff -u -r1.36 -r1.37 --- f9 13 Dec 2007 12:41:06 -0000 1.36 +++ f9 14 Dec 2007 13:55:49 -0000 1.37 @@ -9,6 +9,8 @@ CVE-2007-6321 VULENERABLE (roundcubemail) #423301 CVE-2007-6318 VULNERABLE (wordpress) +CVE-2007-6304 ignore (mysql, fixed 5.0.52) federated engine not built +CVE-2007-6303 backport (mysql, fixed 5.0.52) [since mysql-5.0.45-6.fc9] CVE-2007-6299 version (drupal, fixed 5.4) [since drupal-5.4-1.fc9] SA-2007-031 CVE-2007-6283 VULNERABLE (bind) #423081 CVE-2007-6239 version (squid, fixed 2.6.17) [since squid-2.6.STABLE17-1.fc9] @@ -29,6 +31,8 @@ CVE-2007-6013 VULNERABLE (wordpress) CVE-2007-5977 version (phpMyAdmin) #385911 [since phpMyAdmin-2.11.2.2-1.fc9] CVE-2007-5976 version (phpMyAdmin) #385911 [since phpMyAdmin-2.11.2.2-1.fc9] +CVE-2007-5970 ignore (mysql, fixed 5.1.23) mysql 5.1+ only, affects partitioning +CVE-2007-5969 backport (mysql, fixed 5.0.51) [since mysql-5.0.45-6.fc9] CVE-2007-5964 VULNERABLE (autofs) #421371 CVE-2007-5960 version (mozilla, fixed ff 2.0.0.10, sm 1.1.7) CVE-2007-5959 version (mozilla, fixed ff 2.0.0.10, sm 1.1.7) @@ -39,7 +43,7 @@ CVE-2007-5934 version (php-pear-MDB2) #379111 [since php-pear-MDB2-2.4.1-2.fc9] CVE-2007-5934 version (php-pear-MDB2-Driver-mysql) #379141 [since php-pear-MDB2-Driver-mysql-1.4.1-3.fc9] CVE-2007-5934 version (php-pear-MDB2-Driver-mysqli) #379171 [since php-pear-MDB2-Driver-mysqli-1.4.1-3.fc9] -CVE-2007-5925 ignore (mysql) Authenticated user can restart mysql. +CVE-2007-5925 backport (mysql, fixed 5.0.54) [since mysql-5.0.45-6.fc9] CVE-2007-5907 VULNERABLE (xen) #390121 CVE-2007-5906 VULNERABLE (xen) #390121 CVE-2007-5795 backport (emacs) #367601 [since emacs-22.1-8.fc9] Index: fc7 =================================================================== RCS file: /cvs/fedora/fedora-security/audit/fc7,v retrieving revision 1.198 retrieving revision 1.199 diff -u -r1.198 -r1.199 --- fc7 13 Dec 2007 12:41:06 -0000 1.198 +++ fc7 14 Dec 2007 13:55:49 -0000 1.199 @@ -10,6 +10,8 @@ CVE-2007-6321 VULENERABLE (roundcubemail) #423281 CVE-2007-6318 VULNERABLE (wordpress) +CVE-2007-6304 ignore (mysql, fixed 5.0.52) federated engine not built +CVE-2007-6303 VULNERABLE (mysql, fixed 5.0.52) #424921 CVE-2007-6299 version (drupal, fixed 5.4) [since FEDORA-2007-4136] SA-2007-031 GENERIC-MAP-NOMATCH VULNERABLE (libxfcegui4) #412751 GENERIC-MAP-NOMATCH VULNERABLE (libxfce4util) #412751 @@ -22,7 +24,6 @@ CVE-2007-6207 VULNERABLE (kernel) Xen cross-domain memory read CVE-2007-6206 VULNERABLE (kernel) Core dump owner issue CVE-2007-6203 ignore (httpd) #409831 User can't unput garbage before method name -CVE-2007-5938 VULNERABLE (kernel) #385861 iwlwifi CVE-2007-6201 version (wesnoth, fixed 1.2.8) [since FEDORA-2007-3986] CVE-2007-6183 version (ruby-gnome2) #405591 [since FEDORA-2007-4229] CVE-2007-6110 backport (htdig) [since FEDORA-2007-3907] @@ -33,6 +34,8 @@ CVE-2007-6013 VULNERABLE (wordpress) CVE-2007-5977 version (phpMyAdmin, fixed 2.11.2.1) #385891 [since FEDORA-2007-3627] CVE-2007-5976 version (phpMyAdmin, fixed 2.11.2.1) #385891 [since FEDORA-2007-3627] +CVE-2007-5970 ignore (mysql, fixed 5.1.23) mysql 5.1+ only, affects partitioning +CVE-2007-5969 VULNERABLE (mysql, fixed 5.0.51) #424921 CVE-2007-5964 VULNERABLE (autofs) #421351 CVE-2007-5960 version (mozilla, fixed ff 2.0.0.10, sm 1.1.7) [since FEDORA-2007-3952] CVE-2007-5959 version (mozilla, fixed ff 2.0.0.10, sm 1.1.7) [since FEDORA-2007-3952] @@ -44,7 +47,7 @@ CVE-2007-5934 backport (php-pear-MDB2) #379091 [since FEDORA-2007-3369] CVE-2007-5934 backport (php-pear-MDB2-Driver-mysql) #379121 [since FEDORA-2007-3369] CVE-2007-5934 backport (php-pear-MDB2-Driver-mysqli) #379151 [since FEDORA-2007-3369] -CVE-2007-5925 ignore (mysql) Authenticated user can restart mysql. +CVE-2007-5925 VULNERABLE (mysql, fixed 5.0.54) #424921 CVE-2007-5907 VULNERABLE (xen) #390101 CVE-2007-5906 VULNERABLE (xen) #390101 CVE-2007-5846 backport (net-snmp) [since FEDORA-2007-3019] @@ -239,8 +242,8 @@ CVE-2007-3820 backport (kdelibs) [since FEDORA-2007-1699] CVE-2007-3820 backport (kdebase) #248537 [since FEDORA-2007-1700] CVE-2007-3799 ** (php) -CVE-2007-3781 version (mysql, fixed 5.0.44) [since FEDORA-2007-1197] CVE-2007-3782 version (mysql, fixed 5.0.44) [since FEDORA-2007-1197] +CVE-2007-3781 version (mysql, fixed 5.0.44) [since FEDORA-2007-1197] CVE-2007-3780 version (mysql, fixed 5.0.44) [since FEDORA-2007-1197] CVE-2007-3770 backport (terminal/xfce) [since FEDORA-2007-1620] CVE-2007-3738 version (mozilla) #248518 [since FEDORA-2007-1138] @@ -350,6 +353,9 @@ CVE-2007-2756 ignore (gd) DoS only CVE-2007-2754 backport (freetype) [since FEDORA-2007-0033] CVE-2007-2721 backport (jasper, fixed 1.900.1-2) #240397 +CVE-2007-2693 ignore (mysql, fixed 5.1.18) mysql 5.1+ only, requires partitioning +CVE-2007-2692 version (mysql, fixed 5.0.45) [since FEDORA-2007-1197] +CVE-2007-2691 version (mysql, fixed 5.0.45) [since FEDORA-2007-1197] CVE-2007-2683 backport (mutt) CVE-2007-2654 version (xfsdump) #240396 CVE-2007-2650 version (clamav, fixed 0.90.3) #240395 [since FEDORA-2007-1154] @@ -357,7 +363,7 @@ *CVE-2007-2637 backport (moin, fixed 1.5.7-2) CVE-2007-2627 version (wordpress, fixed 2.2.1) #239904 [since FEDORA-2007-0894] *CVE-2007-2589 ** (squirrelmail) -*CVE-2007-2583 ** (mysql) +CVE-2007-2583 version (mysql, fixed 5.0.41) CVE-2007-2519 ignore (php-pear) no trust boundary is crossed CVE-2007-2511 ignore (php) #239011 see the bug CVE-2007-2510 version (php, fixed 5.2.2) From fedora-security-commits at redhat.com Mon Dec 17 09:16:48 2007 From: fedora-security-commits at redhat.com (fedora-security-commits at redhat.com) Date: Mon, 17 Dec 2007 04:16:48 -0500 Subject: [Fedora-security-commits] fedora-security/audit f8, 1.42, 1.43 f9, 1.37, 1.38 fc7, 1.199, 1.200 Message-ID: <200712170916.lBH9GmC9020238@cvs-int.fedora.redhat.com> Author: thoger Update of /cvs/fedora/fedora-security/audit In directory cvs-int.fedora.redhat.com:/tmp/cvs-serv20201/audit Modified Files: f8 f9 fc7 Log Message: dosbox, e2fsprogs, squirrelmail, libexif, exiv2 Index: f8 =================================================================== RCS file: /cvs/fedora/fedora-security/audit/f8,v retrieving revision 1.42 retrieving revision 1.43 diff -u -r1.42 -r1.43 --- f8 14 Dec 2007 13:55:49 -0000 1.42 +++ f8 17 Dec 2007 09:16:46 -0000 1.43 @@ -7,7 +7,12 @@ # Up to date CVE as of CVE email 20071211 # Up to date F8 as of 20071212 -CVE-2007-6321 VULENERABLE (roundcubemail) #423291 +CVE-2007-6352 VULNERABLE (exiv2) #425923 +CVE-2007-6352 VULNERABLE (libexif) #425631 +CVE-2007-6351 VULNERABLE (libexif) #425631 +CVE-2007-6348 ignore (squirrelmail) trojaned version was not shipped +CVE-2007-6328 VULNERABLE (dosbox) design decision +CVE-2007-6321 VULNERABLE (roundcubemail) #423291 CVE-2007-6318 VULNERABLE (wordpress) CVE-2007-6304 ignore (mysql, fixed 5.0.52) federated engine not built CVE-2007-6303 VULNERABLE (mysql, fixed 5.0.52) #424931 @@ -64,6 +69,7 @@ CVE-2007-5589 version (phpMyAdmin, fixed 2.11.1.2) #333661 PMASA-2007-6 [since FEDORA-2007-3636] CVE-2007-5501 version (kernel) [since FEDORA-2007-3837] CVE-2007-5500 version (kernel) [since FEDORA-2007-3837] +CVE-2007-5497 VULNERABLE (e2fsprogs) #414581 CVE-2007-5461 version (tomcat5) #363001 [since FEDORA-2007-3474] CVE-2007-5398 version (samba) [since FEDORA-2007-3403] CVE-2007-5395 version (link-grammar) #372351 [since FEDORA-2007-3235] Index: f9 =================================================================== RCS file: /cvs/fedora/fedora-security/audit/f9,v retrieving revision 1.37 retrieving revision 1.38 diff -u -r1.37 -r1.38 --- f9 14 Dec 2007 13:55:49 -0000 1.37 +++ f9 17 Dec 2007 09:16:46 -0000 1.38 @@ -7,7 +7,12 @@ # Up to date CVE as of CVE email 20071211 # Up to date F9 as of 20071029 -CVE-2007-6321 VULENERABLE (roundcubemail) #423301 +CVE-2007-6352 VULNERABLE (exiv2) #425924 +CVE-2007-6352 VULNERABLE (libexif) #425641 +CVE-2007-6351 VULNERABLE (libexif) #425641 +CVE-2007-6348 ignore (squirrelmail) trojaned version was not shipped +CVE-2007-6328 VULNERABLE (dosbox) design decision +CVE-2007-6321 VULNERABLE (roundcubemail) #423301 CVE-2007-6318 VULNERABLE (wordpress) CVE-2007-6304 ignore (mysql, fixed 5.0.52) federated engine not built CVE-2007-6303 backport (mysql, fixed 5.0.52) [since mysql-5.0.45-6.fc9] @@ -33,7 +38,7 @@ CVE-2007-5976 version (phpMyAdmin) #385911 [since phpMyAdmin-2.11.2.2-1.fc9] CVE-2007-5970 ignore (mysql, fixed 5.1.23) mysql 5.1+ only, affects partitioning CVE-2007-5969 backport (mysql, fixed 5.0.51) [since mysql-5.0.45-6.fc9] -CVE-2007-5964 VULNERABLE (autofs) #421371 +CVE-2007-5964 backport (autofs) #421371 [since autofs-5.0.2-21] CVE-2007-5960 version (mozilla, fixed ff 2.0.0.10, sm 1.1.7) CVE-2007-5959 version (mozilla, fixed ff 2.0.0.10, sm 1.1.7) CVE-2007-5947 version (mozilla, fixed ff 2.0.0.10, sm 1.1.7) @@ -57,6 +62,7 @@ CVE-2007-5624 version (nagios, fixed 2.10) #362811 [since nagios-2.10-3.fc9] CVE-2007-5623 backport (nagios-plugins, not fixed 1.4.10) #348731 CVE-2007-5589 version (phpMyAdmin, fixed 2.11.1.2) #333661 PMASA-2007-6 +CVE-2007-5497 backport (e2fsprogs) #414591 [since e2fsprogs-1.40.2-14.fc9] CVE-2007-5461 VULNERABLE (tomcat5, not fixed 5.5.25) #334531 CVE-2007-5395 version (link-grammar) #372361 [since link-grammar-4.2.5-1.fc9] CVE-2007-5393 backport (xpdf) #372481 [since xpdf-3.02-4.fc9] Index: fc7 =================================================================== RCS file: /cvs/fedora/fedora-security/audit/fc7,v retrieving revision 1.199 retrieving revision 1.200 diff -u -r1.199 -r1.200 --- fc7 14 Dec 2007 13:55:49 -0000 1.199 +++ fc7 17 Dec 2007 09:16:46 -0000 1.200 @@ -8,7 +8,12 @@ # Up to date CVE as of CVE email 200711211 # Up to date FC7 as of 20071212 -CVE-2007-6321 VULENERABLE (roundcubemail) #423281 +CVE-2007-6352 VULNERABLE (exiv2) #425922 +CVE-2007-6352 VULNERABLE (libexif) #425621 +CVE-2007-6351 VULNERABLE (libexif) #425621 +CVE-2007-6348 ignore (squirrelmail) trojaned version was not shipped +CVE-2007-6328 VULNERABLE (dosbox) design decision +CVE-2007-6321 VULNERABLE (roundcubemail) #423281 CVE-2007-6318 VULNERABLE (wordpress) CVE-2007-6304 ignore (mysql, fixed 5.0.52) federated engine not built CVE-2007-6303 VULNERABLE (mysql, fixed 5.0.52) #424921 @@ -74,6 +79,7 @@ CVE-2007-5585 backport (tempest) #336331 [since FEDORA-2007-2652] CVE-2007-5501 version (kernel) [since FEDORA-2007-3751] CVE-2007-5500 version (kernel) [since FEDORA-2007-3751] +CVE-2007-5497 VULNERABLE (e2fsprogs) #414571 CVE-2007-5461 version (tomcat5) #334511 [since FEDORA-2007-3456] CVE-2007-5416 ignore (drupal) Vulnerability in PHP<5.1.3, we're safe CVE-2007-5398 version (samba) [since FEDORA-2007-3402] From fedora-security-commits at redhat.com Mon Dec 17 10:49:16 2007 From: fedora-security-commits at redhat.com (fedora-security-commits at redhat.com) Date: Mon, 17 Dec 2007 05:49:16 -0500 Subject: [Fedora-security-commits] fedora-security/audit f8, 1.43, 1.44 f9, 1.38, 1.39 fc7, 1.200, 1.201 Message-ID: <200712171049.lBHAnGbV028919@cvs-int.fedora.redhat.com> Author: thoger Update of /cvs/fedora/fedora-security/audit In directory cvs-int.fedora.redhat.com:/tmp/cvs-serv28883/audit Modified Files: f8 f9 fc7 Log Message: scponly fix exiv2 cve id typo Index: f8 =================================================================== RCS file: /cvs/fedora/fedora-security/audit/f8,v retrieving revision 1.43 retrieving revision 1.44 diff -u -r1.43 -r1.44 --- f8 17 Dec 2007 09:16:46 -0000 1.43 +++ f8 17 Dec 2007 10:49:13 -0000 1.44 @@ -7,9 +7,10 @@ # Up to date CVE as of CVE email 20071211 # Up to date F8 as of 20071212 -CVE-2007-6352 VULNERABLE (exiv2) #425923 +CVE-2007-6353 VULNERABLE (exiv2) #425923 CVE-2007-6352 VULNERABLE (libexif) #425631 CVE-2007-6351 VULNERABLE (libexif) #425631 +CVE-2007-6350 VULNERABLE (scponly) rsync vector only CVE-2007-6348 ignore (squirrelmail) trojaned version was not shipped CVE-2007-6328 VULNERABLE (dosbox) design decision CVE-2007-6321 VULNERABLE (roundcubemail) #423291 Index: f9 =================================================================== RCS file: /cvs/fedora/fedora-security/audit/f9,v retrieving revision 1.38 retrieving revision 1.39 diff -u -r1.38 -r1.39 --- f9 17 Dec 2007 09:16:46 -0000 1.38 +++ f9 17 Dec 2007 10:49:14 -0000 1.39 @@ -7,9 +7,10 @@ # Up to date CVE as of CVE email 20071211 # Up to date F9 as of 20071029 -CVE-2007-6352 VULNERABLE (exiv2) #425924 +CVE-2007-6353 VULNERABLE (exiv2) #425924 CVE-2007-6352 VULNERABLE (libexif) #425641 CVE-2007-6351 VULNERABLE (libexif) #425641 +CVE-2007-6350 backport (scponly) [since scponly-4.6-8.fc9] rsync support disabled CVE-2007-6348 ignore (squirrelmail) trojaned version was not shipped CVE-2007-6328 VULNERABLE (dosbox) design decision CVE-2007-6321 VULNERABLE (roundcubemail) #423301 Index: fc7 =================================================================== RCS file: /cvs/fedora/fedora-security/audit/fc7,v retrieving revision 1.200 retrieving revision 1.201 diff -u -r1.200 -r1.201 --- fc7 17 Dec 2007 09:16:46 -0000 1.200 +++ fc7 17 Dec 2007 10:49:14 -0000 1.201 @@ -8,9 +8,10 @@ # Up to date CVE as of CVE email 200711211 # Up to date FC7 as of 20071212 -CVE-2007-6352 VULNERABLE (exiv2) #425922 +CVE-2007-6353 VULNERABLE (exiv2) #425922 CVE-2007-6352 VULNERABLE (libexif) #425621 CVE-2007-6351 VULNERABLE (libexif) #425621 +CVE-2007-6350 VULNERABLE (scponly) rsync vector only CVE-2007-6348 ignore (squirrelmail) trojaned version was not shipped CVE-2007-6328 VULNERABLE (dosbox) design decision CVE-2007-6321 VULNERABLE (roundcubemail) #423281 From fedora-security-commits at redhat.com Tue Dec 18 14:16:48 2007 From: fedora-security-commits at redhat.com (fedora-security-commits at redhat.com) Date: Tue, 18 Dec 2007 09:16:48 -0500 Subject: [Fedora-security-commits] fedora-security/audit f8, 1.44, 1.45 f9, 1.39, 1.40 fc7, 1.201, 1.202 Message-ID: <200712181416.lBIEGmwP001778@cvs-int.fedora.redhat.com> Author: thoger Update of /cvs/fedora/fedora-security/audit In directory cvs-int.fedora.redhat.com:/tmp/cvs-serv1756/audit Modified Files: f8 f9 fc7 Log Message: imlib fedora update Index: f8 =================================================================== RCS file: /cvs/fedora/fedora-security/audit/f8,v retrieving revision 1.44 retrieving revision 1.45 diff -u -r1.44 -r1.45 --- f8 17 Dec 2007 10:49:13 -0000 1.44 +++ f8 18 Dec 2007 14:16:46 -0000 1.45 @@ -4,7 +4,7 @@ # *CVE are items that need verification for Fedora 8 # (mozilla) = (gecko-libs dependent stuff) -# Up to date CVE as of CVE email 20071211 +# Up to date CVE as of CVE email 20071215 # Up to date F8 as of 20071212 CVE-2007-6353 VULNERABLE (exiv2) #425923 @@ -16,13 +16,13 @@ CVE-2007-6321 VULNERABLE (roundcubemail) #423291 CVE-2007-6318 VULNERABLE (wordpress) CVE-2007-6304 ignore (mysql, fixed 5.0.52) federated engine not built -CVE-2007-6303 VULNERABLE (mysql, fixed 5.0.52) #424931 +CVE-2007-6303 backport (mysql, fixed 5.0.52) #424931 [since FEDORA-2007-4465] CVE-2007-6299 version (drupal, fixed 5.4) [since FEDORA-2007-4163] SA-2007-031 -GENERIC-MAP-NOMATCH VULNERABLE (libxfcegui4) #412761 -GENERIC-MAP-NOMATCH VULNERABLE (libxfce4util) #412761 -GENERIC-MAP-NOMATCH VULNERABLE (xfce-panel) #412761 +GENERIC-MAP-NOMATCH version (libxfcegui4) #412761 [since FEDORA-2007-4368] +GENERIC-MAP-NOMATCH version (libxfce4util) #412761 [since FEDORA-2007-4368] +GENERIC-MAP-NOMATCH version (xfce-panel) #412761 [since FEDORA-2007-4368] CVE-2007-6283 VULNERABLE (bind) #423071 -CVE-2007-6239 VULNERABLE (squid, fixed 2.6.17) #412391 +CVE-2007-6239 version (squid, fixed 2.6.17) #412391 [since FEDORA-2007-4170] CVE-2007-6210 backport (zabbix) #407181 [since FEDORA-2007-4176] CVE-2007-6209 ignore (zsh) #409871 We don't ship the script CVE-2007-6208 ignore (claws) We don't ship the script @@ -41,8 +41,8 @@ CVE-2007-5977 version (phpMyAdmin, fixed 2.11.2.1) #385901 [since FEDORA-2007-3636] CVE-2007-5976 version (phpMyAdmin, fixed 2.11.2.1) #385901 [since FEDORA-2007-3636] CVE-2007-5970 ignore (mysql, fixed 5.1.23) mysql 5.1+ only, affects partitioning -CVE-2007-5969 VULNERABLE (mysql, fixed 5.0.51) #424931 -CVE-2007-5964 VULNERABLE (autofs) #409701 +CVE-2007-5969 backport (mysql, fixed 5.0.51) #424931 [since FEDORA-2007-4465] +CVE-2007-5964 backport (autofs) #409701 [since FEDORA-2007-4532] CVE-2007-5960 version (mozilla, fixed ff 2.0.0.10, sm 1.1.7) [since FEDORA-2007-3962] CVE-2007-5959 version (mozilla, fixed ff 2.0.0.10, sm 1.1.7) [since FEDORA-2007-3962] CVE-2007-5947 version (mozilla, fixed ff 2.0.0.10, sm 1.1.7) [since FEDORA-2007-3962] @@ -53,7 +53,7 @@ CVE-2007-5934 backport (php-pear-MDB2) #379101 [since FEDORA-2007-3376] CVE-2007-5934 backport (php-pear-MDB2-Driver-mysql) #379131 [since FEDORA-2007-3376] CVE-2007-5934 backport (php-pear-MDB2-Driver-mysqli) #379161 [since FEDORA-2007-3376] -CVE-2007-5925 VULNERABLE (mysql, fixed 5.0.54) #424931 +CVE-2007-5925 backport (mysql, fixed 5.0.54) #424931 [since FEDORA-2007-4465] CVE-2007-5907 VULNERABLE (xen) #390111 CVE-2007-5906 VULNERABLE (xen) #390111 CVE-2007-5795 backport (emacs) #367591 [since FEDORA-2007-2946] @@ -126,6 +126,7 @@ CVE-2007-3919 backport (xen, fixed 3.1.0-13) #361991 CVE-2007-3844 version (firefox, fixed 2.0.0.6) CVE-2007-3843 version (kernel) #246595 No idea which version fixed this +CVE-2007-3568 VULNERABLE (imlib) CVE-2007-3544 VULNERABLE (wordpress, NOT fixed 2.2.1) #245211 Incomplete fix for CVE-2007-3543 CVE-2007-3387 version (poppler, fixed 0.5.91) #251512 CVE-2007-3386 version (tomcat5) [since FEDORA-2007-3474] Index: f9 =================================================================== RCS file: /cvs/fedora/fedora-security/audit/f9,v retrieving revision 1.39 retrieving revision 1.40 diff -u -r1.39 -r1.40 --- f9 17 Dec 2007 10:49:14 -0000 1.39 +++ f9 18 Dec 2007 14:16:46 -0000 1.40 @@ -7,9 +7,9 @@ # Up to date CVE as of CVE email 20071211 # Up to date F9 as of 20071029 -CVE-2007-6353 VULNERABLE (exiv2) #425924 -CVE-2007-6352 VULNERABLE (libexif) #425641 -CVE-2007-6351 VULNERABLE (libexif) #425641 +CVE-2007-6353 backport (exiv2) #425924 [since exiv2-0.16-0.3.pre1.fc9] +CVE-2007-6352 backport (libexif) #425641 [since libexif-0.6.15-5.fc9] +CVE-2007-6351 backport (libexif) #425641 [since libexif-0.6.15-5.fc9] CVE-2007-6350 backport (scponly) [since scponly-4.6-8.fc9] rsync support disabled CVE-2007-6348 ignore (squirrelmail) trojaned version was not shipped CVE-2007-6328 VULNERABLE (dosbox) design decision @@ -83,7 +83,7 @@ CVE-2007-5200 version (hugin) #362871 [since hugin-0.6.1-11.fc9] CVE-2007-5198 VULNERABLE (nagios-plugins, fixed 1.4.10) #362901 CVE-2007-5197 VULNERABLE (mono, fixed 1.2.5.1) #367551 -CVE-2007-5116 VULNERABLE (perl) #378151 +CVE-2007-5116 backport (perl) #378151 [since perl-5.8.8-31.fc9] CVE-2007-5079 VULNERABLE (gdm) #363041 Red Hat specific problem CVE-2007-5037 version (inotify-tools, fixed 3.11) #299771 CVE-2007-5007 version (balsa, before 2.3.20) #297601 @@ -110,6 +110,7 @@ CVE-2007-3919 backport (xen, fixed 3.1.0-13) #362011 CVE-2007-3844 version (firefox, fixed 2.0.0.6) CVE-2007-3843 version (kernel) #246595 No idea which version fixed this +CVE-2007-3568 VULNERABLE (imlib) CVE-2007-3544 VULNERABLE (wordpress, NOT fixed 2.2.1) #245211 Incomplete fix for CVE-2007-3543 CVE-2007-3387 version (poppler, fixed 0.5.91) #251512 CVE-2007-3145 ignore (galeon) in 2.0.3 the truncation still occurs, but at reasonable length Index: fc7 =================================================================== RCS file: /cvs/fedora/fedora-security/audit/fc7,v retrieving revision 1.201 retrieving revision 1.202 diff -u -r1.201 -r1.202 --- fc7 17 Dec 2007 10:49:14 -0000 1.201 +++ fc7 18 Dec 2007 14:16:46 -0000 1.202 @@ -5,7 +5,7 @@ # (mozilla) = (firefox, seamonkey, thunderbird, yelp, devhelp, galeon, liferea. epiphany) # A couple of first F7 updates were marked as FEDORA-2007-0001 -# Up to date CVE as of CVE email 200711211 +# Up to date CVE as of CVE email 200711215 # Up to date FC7 as of 20071212 CVE-2007-6353 VULNERABLE (exiv2) #425922 @@ -17,13 +17,13 @@ CVE-2007-6321 VULNERABLE (roundcubemail) #423281 CVE-2007-6318 VULNERABLE (wordpress) CVE-2007-6304 ignore (mysql, fixed 5.0.52) federated engine not built -CVE-2007-6303 VULNERABLE (mysql, fixed 5.0.52) #424921 +CVE-2007-6303 backport (mysql, fixed 5.0.52) #424921 [since FEDORA-2007-4471] CVE-2007-6299 version (drupal, fixed 5.4) [since FEDORA-2007-4136] SA-2007-031 -GENERIC-MAP-NOMATCH VULNERABLE (libxfcegui4) #412751 -GENERIC-MAP-NOMATCH VULNERABLE (libxfce4util) #412751 -GENERIC-MAP-NOMATCH VULNERABLE (xfce-panel) #412751 +GENERIC-MAP-NOMATCH version (libxfcegui4) #412751 [since FEDORA-2007-4385] +GENERIC-MAP-NOMATCH version (libxfce4util) #412751 [since FEDORA-2007-4385] +GENERIC-MAP-NOMATCH version (xfce-panel) #412751 [since FEDORA-2007-4385] CVE-2007-6283 VULNERABLE (bind) #423061 -CVE-2007-6239 VULNERABLE (squid, fixed 2.6.17) #412381 +CVE-2007-6239 version (squid, fixed 2.6.17) #412381 [since FEDORA-2007-4161] CVE-2007-6210 backport (zabbix) #407181 [since FEDORA-2007-4160] CVE-2007-6209 ignore (zsh) #409871 We don't ship the script CVE-2007-6208 ignore (claws) We don't ship the script @@ -41,8 +41,8 @@ CVE-2007-5977 version (phpMyAdmin, fixed 2.11.2.1) #385891 [since FEDORA-2007-3627] CVE-2007-5976 version (phpMyAdmin, fixed 2.11.2.1) #385891 [since FEDORA-2007-3627] CVE-2007-5970 ignore (mysql, fixed 5.1.23) mysql 5.1+ only, affects partitioning -CVE-2007-5969 VULNERABLE (mysql, fixed 5.0.51) #424921 -CVE-2007-5964 VULNERABLE (autofs) #421351 +CVE-2007-5969 backport (mysql, fixed 5.0.51) #424921 [since FEDORA-2007-4471] +CVE-2007-5964 backport (autofs) #421351 [since FEDORA-2007-4469] CVE-2007-5960 version (mozilla, fixed ff 2.0.0.10, sm 1.1.7) [since FEDORA-2007-3952] CVE-2007-5959 version (mozilla, fixed ff 2.0.0.10, sm 1.1.7) [since FEDORA-2007-3952] CVE-2007-5947 version (mozilla, fixed ff 2.0.0.10, sm 1.1.7) [since FEDORA-2007-3952] @@ -53,7 +53,7 @@ CVE-2007-5934 backport (php-pear-MDB2) #379091 [since FEDORA-2007-3369] CVE-2007-5934 backport (php-pear-MDB2-Driver-mysql) #379121 [since FEDORA-2007-3369] CVE-2007-5934 backport (php-pear-MDB2-Driver-mysqli) #379151 [since FEDORA-2007-3369] -CVE-2007-5925 VULNERABLE (mysql, fixed 5.0.54) #424921 +CVE-2007-5925 backport (mysql, fixed 5.0.54) #424921 [since FEDORA-2007-4471] CVE-2007-5907 VULNERABLE (xen) #390101 CVE-2007-5906 VULNERABLE (xen) #390101 CVE-2007-5846 backport (net-snmp) [since FEDORA-2007-3019] @@ -263,6 +263,7 @@ CVE-2007-3656 version (mozilla) #248518 [since FEDORA-2007-1138] CVE-2007-3642 version (kernel, fixed 2.6.22.1) [since FEDORA-2007-1130] CVE-2007-3628 version (php-pear-Structures-DataGrid-DataSource-MDB2, fixed 0.1.10) +CVE-2007-3568 VULNERABLE (imlib) CVE-2007-3555 version (moodle) #247528 [since FEDORA-2007-1445] CVE-2007-3546 ignore (nessus-core) Windows only CVE-2007-3528 version (dar, fixed 2.3.4) #246760 [since FEDORA-2007-0904] From fedora-security-commits at redhat.com Tue Dec 18 14:21:26 2007 From: fedora-security-commits at redhat.com (fedora-security-commits at redhat.com) Date: Tue, 18 Dec 2007 09:21:26 -0500 Subject: [Fedora-security-commits] fedora-security/audit f8, 1.45, 1.46 f9, 1.40, 1.41 fc7, 1.202, 1.203 Message-ID: <200712181421.lBIELQs7001860@cvs-int.fedora.redhat.com> Author: thoger Update of /cvs/fedora/fedora-security/audit In directory cvs-int.fedora.redhat.com:/tmp/cvs-serv1838/audit Modified Files: f8 f9 fc7 Log Message: httpd xss Index: f8 =================================================================== RCS file: /cvs/fedora/fedora-security/audit/f8,v retrieving revision 1.45 retrieving revision 1.46 diff -u -r1.45 -r1.46 --- f8 18 Dec 2007 14:16:46 -0000 1.45 +++ f8 18 Dec 2007 14:21:24 -0000 1.46 @@ -97,6 +97,7 @@ CVE-2007-5079 VULNERABLE (gdm) #363021 Red Hat specific problem CVE-2007-5037 version (inotify-tools, fixed 3.11) #299771 CVE-2007-5007 version (balsa, before 2.3.20) #297601 +CVE-2007-5000 VULNERABLE (httpd, fixed 2.2.7) CVE-2007-4999 version (pidgin, fixed 2.2.2) CVE-2007-4990 version (xorg-x11-xfs, fixed 1.0.5) CVE-2007-4841 version (thunderbird) [since FEDORA-2007-3414] windows only anyway Index: f9 =================================================================== RCS file: /cvs/fedora/fedora-security/audit/f9,v retrieving revision 1.40 retrieving revision 1.41 diff -u -r1.40 -r1.41 --- f9 18 Dec 2007 14:16:46 -0000 1.40 +++ f9 18 Dec 2007 14:21:24 -0000 1.41 @@ -87,6 +87,7 @@ CVE-2007-5079 VULNERABLE (gdm) #363041 Red Hat specific problem CVE-2007-5037 version (inotify-tools, fixed 3.11) #299771 CVE-2007-5007 version (balsa, before 2.3.20) #297601 +CVE-2007-5000 VULNERABLE (httpd, fixed 2.2.7) CVE-2007-4999 version (pidgin, fixed 2.2.2) CVE-2007-4990 version (xorg-x11-xfs, fixed 1.0.5) CVE-2007-4829 VULNERABLE (perl-Archive-Tar, not fixed upstream) #364291 Index: fc7 =================================================================== RCS file: /cvs/fedora/fedora-security/audit/fc7,v retrieving revision 1.202 retrieving revision 1.203 diff -u -r1.202 -r1.203 --- fc7 18 Dec 2007 14:16:46 -0000 1.202 +++ fc7 18 Dec 2007 14:21:24 -0000 1.203 @@ -130,6 +130,7 @@ CVE-2007-5034 version (elinks) #297981 [since FEDORA-2007-2224] CVE-2007-5007 version (balsa) #297601 [since FEDORA-2007-2302] GENERIC-MAP-NOMATCH VULNERABLE (nx) #293031 +CVE-2007-5000 VULNERABLE (httpd, fixed 2.2.7) CVE-2007-4999 version (pidgin, fixed 2.2.2) [since FEDORA-2007-2714] CVE-2007-4996 version (pidgin, fixed 2.2.1) [since FEDORA-2007-2368] CVE-2007-4995 backport (openssl, fixed 0.9.8f) [since FEDORA-2007-2530] From fedora-security-commits at redhat.com Wed Dec 19 13:59:41 2007 From: fedora-security-commits at redhat.com (fedora-security-commits at redhat.com) Date: Wed, 19 Dec 2007 08:59:41 -0500 Subject: [Fedora-security-commits] fedora-security/audit f8, 1.46, 1.47 f9, 1.41, 1.42 fc7, 1.203, 1.204 Message-ID: <200712191359.lBJDxfQF005090@cvs-int.fedora.redhat.com> Author: thoger Update of /cvs/fedora/fedora-security/audit In directory cvs-int.fedora.redhat.com:/tmp/cvs-serv5068/audit Modified Files: f8 f9 fc7 Log Message: clamav first set of wireshark cve ids Index: f8 =================================================================== RCS file: /cvs/fedora/fedora-security/audit/f8,v retrieving revision 1.46 retrieving revision 1.47 diff -u -r1.46 -r1.47 --- f8 18 Dec 2007 14:21:24 -0000 1.46 +++ f8 19 Dec 2007 13:59:39 -0000 1.47 @@ -32,6 +32,17 @@ CVE-2007-5938 VULNERABLE (kernel) #385861 iwlwifi CVE-2007-6201 version (wesnoth, fixed 1.2.8) [since FEDORA-2007-3989] CVE-2007-6183 backport (ruby-gnome2) #405601 [since FEDORA-2007-4216] +CVE-2007-6121 VULNERABLE (wireshark, fixed 0.99.7) +CVE-2007-6120 VULNERABLE (wireshark, fixed 0.99.7) +CVE-2007-6119 VULNERABLE (wireshark, fixed 0.99.7) +CVE-2007-6118 VULNERABLE (wireshark, fixed 0.99.7) +CVE-2007-6117 VULNERABLE (wireshark, fixed 0.99.7) +CVE-2007-6116 VULNERABLE (wireshark, fixed 0.99.7) +CVE-2007-6115 VULNERABLE (wireshark, fixed 0.99.7) +CVE-2007-6114 VULNERABLE (wireshark, fixed 0.99.7) +CVE-2007-6113 VULNERABLE (wireshark, fixed 0.99.7) +CVE-2007-6112 VULNERABLE (wireshark, fixed 0.99.7) +CVE-2007-6111 VULNERABLE (wireshark, fixed 0.99.7) CVE-2007-6110 backport (htdig) [since FEDORA-2007-3958] CVE-2007-6100 version (phpMyAdmin, fixed 2.11.2.2) [since FEDORA-2007-3639] CVE-2007-6061 VULNERABLE (audacity) #393251 @@ -59,6 +70,7 @@ CVE-2007-5795 backport (emacs) #367591 [since FEDORA-2007-2946] CVE-2007-5770 backport (ruby) #373391 [since FEDORA-2007-2812] GENERIC-MAP-NOMATCH VULNERABLE (nx) #293031 +CVE-2007-5759 VULNERABLE (clamav, fixed 0.92) #426212 CVE-2007-5751 backport (liferea, fixed 1.4.6) #360641 [since FEDORA-2007-2853] CVE-2007-5742 version (wesnoth, fixed 1.2.8) [since FEDORA-2007-3989] CVE-2007-5712 version (Django, fixed 0.96.1) #362771 [since FEDORA-2007-2788] Index: f9 =================================================================== RCS file: /cvs/fedora/fedora-security/audit/f9,v retrieving revision 1.41 retrieving revision 1.42 diff -u -r1.41 -r1.42 --- f9 18 Dec 2007 14:21:24 -0000 1.41 +++ f9 19 Dec 2007 13:59:39 -0000 1.42 @@ -29,6 +29,17 @@ CVE-2007-5938 VULNERABLE (kernel) #385861 iwlwifi CVE-2007-6201 version (wesnoth, fixed 1.2.8) [since wesnoth-1.2.8-3.fc9] CVE-2007-6183 VULNERABLE (ruby-gnome2) #405611 +CVE-2007-6121 version (wireshark, fixed 0.99.7) [since wireshark-0.99.7-1.fc9] +CVE-2007-6120 version (wireshark, fixed 0.99.7) [since wireshark-0.99.7-1.fc9] +CVE-2007-6119 version (wireshark, fixed 0.99.7) [since wireshark-0.99.7-1.fc9] +CVE-2007-6118 version (wireshark, fixed 0.99.7) [since wireshark-0.99.7-1.fc9] +CVE-2007-6117 version (wireshark, fixed 0.99.7) [since wireshark-0.99.7-1.fc9] +CVE-2007-6116 version (wireshark, fixed 0.99.7) [since wireshark-0.99.7-1.fc9] +CVE-2007-6115 version (wireshark, fixed 0.99.7) [since wireshark-0.99.7-1.fc9] +CVE-2007-6114 version (wireshark, fixed 0.99.7) [since wireshark-0.99.7-1.fc9] +CVE-2007-6113 version (wireshark, fixed 0.99.7) [since wireshark-0.99.7-1.fc9] +CVE-2007-6112 version (wireshark, fixed 0.99.7) [since wireshark-0.99.7-1.fc9] +CVE-2007-6111 version (wireshark, fixed 0.99.7) [since wireshark-0.99.7-1.fc9] CVE-2007-6110 version (htdig) [since htdig-3.2.0b6-13.fc9] CVE-2007-6100 version (phpMyAdmin, fixed 2.11.2.2) CVE-2007-6061 VULNERABLE (audacity) #393251 @@ -55,6 +66,7 @@ CVE-2007-5795 backport (emacs) #367601 [since emacs-22.1-8.fc9] GENERIC-MAP-NOMATCH VULNERABLE (nx) #293031 CVE-2007-5770 backport (ruby) #373401 [since ruby-1.8.6.111-1] +CVE-2007-5759 VULNERABLE (clamav, fixed 0.92) #426213 CVE-2007-5751 version (liferea, fixed 1.4.6) #360641 [since liferea-1.4.6-3.fc9] CVE-2007-5742 version (wesnoth, fixed 1.2.8) [since wesnoth-1.2.8-3.fc9] CVE-2007-5712 version (Django, fixed 0.96.1) #362781 [since Django-0.96.1-1.fc9] @@ -111,7 +123,7 @@ CVE-2007-3919 backport (xen, fixed 3.1.0-13) #362011 CVE-2007-3844 version (firefox, fixed 2.0.0.6) CVE-2007-3843 version (kernel) #246595 No idea which version fixed this -CVE-2007-3568 VULNERABLE (imlib) +CVE-2007-3568 backport (imlib) [since imlib-1.9.15-6.fc9] CVE-2007-3544 VULNERABLE (wordpress, NOT fixed 2.2.1) #245211 Incomplete fix for CVE-2007-3543 CVE-2007-3387 version (poppler, fixed 0.5.91) #251512 CVE-2007-3145 ignore (galeon) in 2.0.3 the truncation still occurs, but at reasonable length Index: fc7 =================================================================== RCS file: /cvs/fedora/fedora-security/audit/fc7,v retrieving revision 1.203 retrieving revision 1.204 diff -u -r1.203 -r1.204 --- fc7 18 Dec 2007 14:21:24 -0000 1.203 +++ fc7 19 Dec 2007 13:59:39 -0000 1.204 @@ -32,6 +32,17 @@ CVE-2007-6203 ignore (httpd) #409831 User can't unput garbage before method name CVE-2007-6201 version (wesnoth, fixed 1.2.8) [since FEDORA-2007-3986] CVE-2007-6183 version (ruby-gnome2) #405591 [since FEDORA-2007-4229] +CVE-2007-6121 VULNERABLE (wireshark, fixed 0.99.7) +CVE-2007-6120 VULNERABLE (wireshark, fixed 0.99.7) +CVE-2007-6119 VULNERABLE (wireshark, fixed 0.99.7) +CVE-2007-6118 VULNERABLE (wireshark, fixed 0.99.7) +CVE-2007-6117 VULNERABLE (wireshark, fixed 0.99.7) +CVE-2007-6116 VULNERABLE (wireshark, fixed 0.99.7) +CVE-2007-6115 VULNERABLE (wireshark, fixed 0.99.7) +CVE-2007-6114 VULNERABLE (wireshark, fixed 0.99.7) +CVE-2007-6113 VULNERABLE (wireshark, fixed 0.99.7) +CVE-2007-6112 VULNERABLE (wireshark, fixed 0.99.7) +CVE-2007-6111 VULNERABLE (wireshark, fixed 0.99.7) CVE-2007-6110 backport (htdig) [since FEDORA-2007-3907] CVE-2007-6100 version (phpMyAdmin, fixed 2.11.2.2) [since FEDORA-2007-3666] CVE-2007-6061 VULNERABLE (audacity) #393251 @@ -59,6 +70,7 @@ CVE-2007-5846 backport (net-snmp) [since FEDORA-2007-3019] CVE-2007-5795 backport (emacs) #367581 [since FEDORA-2007-3056] CVE-2007-5770 backport (ruby) #373381 [since FEDORA-2007-2685] +CVE-2007-5759 VULNERABLE (clamav, fixed 0.92) #426211 CVE-2007-5751 backport (liferea, fixed 1.4.6) #360641 [since FEDORA-2007-2725] CVE-2007-5742 version (wesnoth, fixed 1.2.8) [since FEDORA-2007-3986] CVE-2007-5728 version (phpPgAdmin) seems to be fixed for some time From fedora-security-commits at redhat.com Thu Dec 20 00:14:17 2007 From: fedora-security-commits at redhat.com (fedora-security-commits at redhat.com) Date: Wed, 19 Dec 2007 19:14:17 -0500 Subject: [Fedora-security-commits] fedora-security/audit f8, 1.47, 1.48 f9, 1.42, 1.43 fc7, 1.204, 1.205 Message-ID: <200712200014.lBK0EHln015645@cvs-int.fedora.redhat.com> Author: lkundrak Update of /cvs/fedora/fedora-security/audit In directory cvs-int.fedora.redhat.com:/tmp/cvs-serv15621 Modified Files: f8 f9 fc7 Log Message: syslog-ng, gnome-screensaver Index: f8 =================================================================== RCS file: /cvs/fedora/fedora-security/audit/f8,v retrieving revision 1.47 retrieving revision 1.48 diff -u -r1.47 -r1.48 --- f8 19 Dec 2007 13:59:39 -0000 1.47 +++ f8 20 Dec 2007 00:14:14 -0000 1.48 @@ -7,6 +7,8 @@ # Up to date CVE as of CVE email 20071215 # Up to date F8 as of 20071212 +GENERIC-MAP-NOMATCH VULNERABLE (syslog-ng) #426306 +CVE-2007-6389 VULNERABLE (gnome-screensaver) #426170 CVE-2007-6353 VULNERABLE (exiv2) #425923 CVE-2007-6352 VULNERABLE (libexif) #425631 CVE-2007-6351 VULNERABLE (libexif) #425631 Index: f9 =================================================================== RCS file: /cvs/fedora/fedora-security/audit/f9,v retrieving revision 1.42 retrieving revision 1.43 diff -u -r1.42 -r1.43 --- f9 19 Dec 2007 13:59:39 -0000 1.42 +++ f9 20 Dec 2007 00:14:14 -0000 1.43 @@ -7,6 +7,8 @@ # Up to date CVE as of CVE email 20071211 # Up to date F9 as of 20071029 +GENERIC-MAP-NOMATCH VULNERABLE (syslog-ng) #426307 +CVE-2007-6389 VULNERABLE (gnome-screensaver) #426171 CVE-2007-6353 backport (exiv2) #425924 [since exiv2-0.16-0.3.pre1.fc9] CVE-2007-6352 backport (libexif) #425641 [since libexif-0.6.15-5.fc9] CVE-2007-6351 backport (libexif) #425641 [since libexif-0.6.15-5.fc9] Index: fc7 =================================================================== RCS file: /cvs/fedora/fedora-security/audit/fc7,v retrieving revision 1.204 retrieving revision 1.205 diff -u -r1.204 -r1.205 --- fc7 19 Dec 2007 13:59:39 -0000 1.204 +++ fc7 20 Dec 2007 00:14:14 -0000 1.205 @@ -8,6 +8,8 @@ # Up to date CVE as of CVE email 200711215 # Up to date FC7 as of 20071212 +GENERIC-MAP-NOMATCH VULNERABLE (syslog-ng) #426305 +CVE-2007-6389 VULNERABLE (gnome-screensaver) #426169 CVE-2007-6353 VULNERABLE (exiv2) #425922 CVE-2007-6352 VULNERABLE (libexif) #425621 CVE-2007-6351 VULNERABLE (libexif) #425621 From fedora-security-commits at redhat.com Thu Dec 20 08:41:16 2007 From: fedora-security-commits at redhat.com (fedora-security-commits at redhat.com) Date: Thu, 20 Dec 2007 03:41:16 -0500 Subject: [Fedora-security-commits] fedora-security/audit f8, 1.48, 1.49 f9, 1.43, 1.44 fc7, 1.205, 1.206 Message-ID: <200712200841.lBK8fGvT014863@cvs-int.fedora.redhat.com> Author: thoger Update of /cvs/fedora/fedora-security/audit In directory cvs-int.fedora.redhat.com:/tmp/cvs-serv14841/audit Modified Files: f8 f9 fc7 Log Message: syslog-ng cve id, asterisk Index: f8 =================================================================== RCS file: /cvs/fedora/fedora-security/audit/f8,v retrieving revision 1.48 retrieving revision 1.49 diff -u -r1.48 -r1.49 --- f8 20 Dec 2007 00:14:14 -0000 1.48 +++ f8 20 Dec 2007 08:41:14 -0000 1.49 @@ -7,7 +7,8 @@ # Up to date CVE as of CVE email 20071215 # Up to date F8 as of 20071212 -GENERIC-MAP-NOMATCH VULNERABLE (syslog-ng) #426306 +CVE-2007-6437 VULNERABLE (syslog-ng) #426306 +CVE-2007-6430 version (asterisk, fixed 1.4.16) [since FEDORA-2007-4651] CVE-2007-6389 VULNERABLE (gnome-screensaver) #426170 CVE-2007-6353 VULNERABLE (exiv2) #425923 CVE-2007-6352 VULNERABLE (libexif) #425631 Index: f9 =================================================================== RCS file: /cvs/fedora/fedora-security/audit/f9,v retrieving revision 1.43 retrieving revision 1.44 diff -u -r1.43 -r1.44 --- f9 20 Dec 2007 00:14:14 -0000 1.43 +++ f9 20 Dec 2007 08:41:14 -0000 1.44 @@ -7,7 +7,8 @@ # Up to date CVE as of CVE email 20071211 # Up to date F9 as of 20071029 -GENERIC-MAP-NOMATCH VULNERABLE (syslog-ng) #426307 +CVE-2007-6437 VULNERABLE (syslog-ng) #426307 +CVE-2007-6430 version (asterisk, fixed 1.4.16) [since asterisk-1.4.16.1-1.fc9] CVE-2007-6389 VULNERABLE (gnome-screensaver) #426171 CVE-2007-6353 backport (exiv2) #425924 [since exiv2-0.16-0.3.pre1.fc9] CVE-2007-6352 backport (libexif) #425641 [since libexif-0.6.15-5.fc9] @@ -20,7 +21,7 @@ CVE-2007-6304 ignore (mysql, fixed 5.0.52) federated engine not built CVE-2007-6303 backport (mysql, fixed 5.0.52) [since mysql-5.0.45-6.fc9] CVE-2007-6299 version (drupal, fixed 5.4) [since drupal-5.4-1.fc9] SA-2007-031 -CVE-2007-6283 VULNERABLE (bind) #423081 +CVE-2007-6283 backport (bind) #423081 [since bind-9.5.0-21.b1.fc9] CVE-2007-6239 version (squid, fixed 2.6.17) [since squid-2.6.STABLE17-1.fc9] CVE-2007-6210 backport (zabbix) #407181 [since zabbix-1.4.2-4.fc9] CVE-2007-6209 ignore (zsh) #409871 We don't ship the script Index: fc7 =================================================================== RCS file: /cvs/fedora/fedora-security/audit/fc7,v retrieving revision 1.205 retrieving revision 1.206 diff -u -r1.205 -r1.206 --- fc7 20 Dec 2007 00:14:14 -0000 1.205 +++ fc7 20 Dec 2007 08:41:14 -0000 1.206 @@ -8,7 +8,8 @@ # Up to date CVE as of CVE email 200711215 # Up to date FC7 as of 20071212 -GENERIC-MAP-NOMATCH VULNERABLE (syslog-ng) #426305 +CVE-2007-6437 VULNERABLE (syslog-ng) #426305 +CVE-2007-6430 version (asterisk, fixed 1.4.16) [since FEDORA-2007-4593] CVE-2007-6389 VULNERABLE (gnome-screensaver) #426169 CVE-2007-6353 VULNERABLE (exiv2) #425922 CVE-2007-6352 VULNERABLE (libexif) #425621 From fedora-security-commits at redhat.com Thu Dec 20 09:40:03 2007 From: fedora-security-commits at redhat.com (fedora-security-commits at redhat.com) Date: Thu, 20 Dec 2007 04:40:03 -0500 Subject: [Fedora-security-commits] fedora-security/audit f8, 1.49, 1.50 f9, 1.44, 1.45 fc7, 1.206, 1.207 Message-ID: <200712200940.lBK9e3v9022673@cvs-int.fedora.redhat.com> Author: thoger Update of /cvs/fedora/fedora-security/audit In directory cvs-int.fedora.redhat.com:/tmp/cvs-serv22647/audit Modified Files: f8 f9 fc7 Log Message: clamav, ganglia Index: f8 =================================================================== RCS file: /cvs/fedora/fedora-security/audit/f8,v retrieving revision 1.49 retrieving revision 1.50 diff -u -r1.49 -r1.50 --- f8 20 Dec 2007 08:41:14 -0000 1.49 +++ f8 20 Dec 2007 09:40:01 -0000 1.50 @@ -7,6 +7,10 @@ # Up to date CVE as of CVE email 20071215 # Up to date F8 as of 20071212 +CVE-2007-6465 version (ganglia, fixed 3.0.6) [since FEDORA-2007-4562] +CVE-2007-6337 VULNERABLE (clamav, fixed 0.92) #426212 +CVE-2007-6336 VULNERABLE (clamav, fixed 0.92) #426212 +CVE-2007-6335 VULNERABLE (clamav, fixed 0.92) #426212 CVE-2007-6437 VULNERABLE (syslog-ng) #426306 CVE-2007-6430 version (asterisk, fixed 1.4.16) [since FEDORA-2007-4651] CVE-2007-6389 VULNERABLE (gnome-screensaver) #426170 @@ -73,7 +77,7 @@ CVE-2007-5795 backport (emacs) #367591 [since FEDORA-2007-2946] CVE-2007-5770 backport (ruby) #373391 [since FEDORA-2007-2812] GENERIC-MAP-NOMATCH VULNERABLE (nx) #293031 -CVE-2007-5759 VULNERABLE (clamav, fixed 0.92) #426212 +CVE-2007-5759 ignore (clamav, fixed 0.92) duplicate of CVE-2007-6335 CVE-2007-5751 backport (liferea, fixed 1.4.6) #360641 [since FEDORA-2007-2853] CVE-2007-5742 version (wesnoth, fixed 1.2.8) [since FEDORA-2007-3989] CVE-2007-5712 version (Django, fixed 0.96.1) #362771 [since FEDORA-2007-2788] Index: f9 =================================================================== RCS file: /cvs/fedora/fedora-security/audit/f9,v retrieving revision 1.44 retrieving revision 1.45 diff -u -r1.44 -r1.45 --- f9 20 Dec 2007 08:41:14 -0000 1.44 +++ f9 20 Dec 2007 09:40:01 -0000 1.45 @@ -7,6 +7,10 @@ # Up to date CVE as of CVE email 20071211 # Up to date F9 as of 20071029 +CVE-2007-6465 version (ganglia, fixed 3.0.6) [since ganglia-3.0.6-1.fc9] +CVE-2007-6337 VULNERABLE (clamav, fixed 0.92) #426213 +CVE-2007-6336 VULNERABLE (clamav, fixed 0.92) #426213 +CVE-2007-6335 VULNERABLE (clamav, fixed 0.92) #426213 CVE-2007-6437 VULNERABLE (syslog-ng) #426307 CVE-2007-6430 version (asterisk, fixed 1.4.16) [since asterisk-1.4.16.1-1.fc9] CVE-2007-6389 VULNERABLE (gnome-screensaver) #426171 @@ -69,7 +73,7 @@ CVE-2007-5795 backport (emacs) #367601 [since emacs-22.1-8.fc9] GENERIC-MAP-NOMATCH VULNERABLE (nx) #293031 CVE-2007-5770 backport (ruby) #373401 [since ruby-1.8.6.111-1] -CVE-2007-5759 VULNERABLE (clamav, fixed 0.92) #426213 +CVE-2007-5759 ignore (clamav, fixed 0.92) duplicate of CVE-2007-6335 CVE-2007-5751 version (liferea, fixed 1.4.6) #360641 [since liferea-1.4.6-3.fc9] CVE-2007-5742 version (wesnoth, fixed 1.2.8) [since wesnoth-1.2.8-3.fc9] CVE-2007-5712 version (Django, fixed 0.96.1) #362781 [since Django-0.96.1-1.fc9] Index: fc7 =================================================================== RCS file: /cvs/fedora/fedora-security/audit/fc7,v retrieving revision 1.206 retrieving revision 1.207 diff -u -r1.206 -r1.207 --- fc7 20 Dec 2007 08:41:14 -0000 1.206 +++ fc7 20 Dec 2007 09:40:01 -0000 1.207 @@ -8,6 +8,10 @@ # Up to date CVE as of CVE email 200711215 # Up to date FC7 as of 20071212 +CVE-2007-6465 version (ganglia, fixed 3.0.6) [since FEDORA-2007-4584] +CVE-2007-6337 VULNERABLE (clamav, fixed 0.92) #426211 +CVE-2007-6336 VULNERABLE (clamav, fixed 0.92) #426211 +CVE-2007-6335 VULNERABLE (clamav, fixed 0.92) #426211 CVE-2007-6437 VULNERABLE (syslog-ng) #426305 CVE-2007-6430 version (asterisk, fixed 1.4.16) [since FEDORA-2007-4593] CVE-2007-6389 VULNERABLE (gnome-screensaver) #426169 @@ -73,7 +77,7 @@ CVE-2007-5846 backport (net-snmp) [since FEDORA-2007-3019] CVE-2007-5795 backport (emacs) #367581 [since FEDORA-2007-3056] CVE-2007-5770 backport (ruby) #373381 [since FEDORA-2007-2685] -CVE-2007-5759 VULNERABLE (clamav, fixed 0.92) #426211 +CVE-2007-5759 ignore (clamav, fixed 0.92) duplicate of CVE-2007-6335 CVE-2007-5751 backport (liferea, fixed 1.4.6) #360641 [since FEDORA-2007-2725] CVE-2007-5742 version (wesnoth, fixed 1.2.8) [since FEDORA-2007-3986] CVE-2007-5728 version (phpPgAdmin) seems to be fixed for some time From fedora-security-commits at redhat.com Thu Dec 20 19:59:18 2007 From: fedora-security-commits at redhat.com (fedora-security-commits at redhat.com) Date: Thu, 20 Dec 2007 14:59:18 -0500 Subject: [Fedora-security-commits] fedora-security/audit f8, 1.50, 1.51 f9, 1.45, 1.46 fc7, 1.207, 1.208 Message-ID: <200712201959.lBKJxIrg016349@cvs-int.fedora.redhat.com> Author: thoger Update of /cvs/fedora/fedora-security/audit In directory cvs-int.fedora.redhat.com:/tmp/cvs-serv16327/audit Modified Files: f8 f9 fc7 Log Message: autofs Index: f8 =================================================================== RCS file: /cvs/fedora/fedora-security/audit/f8,v retrieving revision 1.50 retrieving revision 1.51 diff -u -r1.50 -r1.51 --- f8 20 Dec 2007 09:40:01 -0000 1.50 +++ f8 20 Dec 2007 19:59:16 -0000 1.51 @@ -28,7 +28,8 @@ GENERIC-MAP-NOMATCH version (libxfcegui4) #412761 [since FEDORA-2007-4368] GENERIC-MAP-NOMATCH version (libxfce4util) #412761 [since FEDORA-2007-4368] GENERIC-MAP-NOMATCH version (xfce-panel) #412761 [since FEDORA-2007-4368] -CVE-2007-6283 VULNERABLE (bind) #423071 +CVE-2007-6285 VULNERABLE (autofs) #426400 +CVE-2007-6283 backport (bind) #423071 [since FEDORA-2007-4655] CVE-2007-6239 version (squid, fixed 2.6.17) #412391 [since FEDORA-2007-4170] CVE-2007-6210 backport (zabbix) #407181 [since FEDORA-2007-4176] CVE-2007-6209 ignore (zsh) #409871 We don't ship the script Index: f9 =================================================================== RCS file: /cvs/fedora/fedora-security/audit/f9,v retrieving revision 1.45 retrieving revision 1.46 diff -u -r1.45 -r1.46 --- f9 20 Dec 2007 09:40:01 -0000 1.45 +++ f9 20 Dec 2007 19:59:16 -0000 1.46 @@ -25,6 +25,7 @@ CVE-2007-6304 ignore (mysql, fixed 5.0.52) federated engine not built CVE-2007-6303 backport (mysql, fixed 5.0.52) [since mysql-5.0.45-6.fc9] CVE-2007-6299 version (drupal, fixed 5.4) [since drupal-5.4-1.fc9] SA-2007-031 +CVE-2007-6285 VULNERABLE (autofs) #426401 CVE-2007-6283 backport (bind) #423081 [since bind-9.5.0-21.b1.fc9] CVE-2007-6239 version (squid, fixed 2.6.17) [since squid-2.6.STABLE17-1.fc9] CVE-2007-6210 backport (zabbix) #407181 [since zabbix-1.4.2-4.fc9] Index: fc7 =================================================================== RCS file: /cvs/fedora/fedora-security/audit/fc7,v retrieving revision 1.207 retrieving revision 1.208 diff -u -r1.207 -r1.208 --- fc7 20 Dec 2007 09:40:01 -0000 1.207 +++ fc7 20 Dec 2007 19:59:16 -0000 1.208 @@ -29,7 +29,8 @@ GENERIC-MAP-NOMATCH version (libxfcegui4) #412751 [since FEDORA-2007-4385] GENERIC-MAP-NOMATCH version (libxfce4util) #412751 [since FEDORA-2007-4385] GENERIC-MAP-NOMATCH version (xfce-panel) #412751 [since FEDORA-2007-4385] -CVE-2007-6283 VULNERABLE (bind) #423061 +CVE-2007-6285 VULNERABLE (autofs) #426399 +CVE-2007-6283 backport (bind) #423061 [since FEDORA-2007-4658] CVE-2007-6239 version (squid, fixed 2.6.17) #412381 [since FEDORA-2007-4161] CVE-2007-6210 backport (zabbix) #407181 [since FEDORA-2007-4160] CVE-2007-6209 ignore (zsh) #409871 We don't ship the script From fedora-security-commits at redhat.com Thu Dec 20 23:13:44 2007 From: fedora-security-commits at redhat.com (fedora-security-commits at redhat.com) Date: Thu, 20 Dec 2007 18:13:44 -0500 Subject: [Fedora-security-commits] fedora-security/tools add-cve-bug, 1.1.2.3, 1.1.2.4 Message-ID: <200712202313.lBKNDiPj014127@cvs-int.fedora.redhat.com> Author: lkundrak Update of /cvs/fedora/fedora-security/tools In directory cvs-int.fedora.redhat.com:/tmp/cvs-serv14108 Modified Files: Tag: lkundrak-tools-ng add-cve-bug Log Message: A couple of debugging statements Index: add-cve-bug =================================================================== RCS file: /cvs/fedora/fedora-security/tools/Attic/add-cve-bug,v retrieving revision 1.1.2.3 retrieving revision 1.1.2.4 diff -u -r1.1.2.3 -r1.1.2.4 --- add-cve-bug 19 Nov 2007 09:10:37 -0000 1.1.2.3 +++ add-cve-bug 20 Dec 2007 23:13:42 -0000 1.1.2.4 @@ -72,6 +72,8 @@ { my $component = shift; + print "Getting list of owners\n" if $debug; + # Call bugzilla my $call = $bugzilla_rpc->call('bugzilla.getCompInfo', $component); # print Dumper ($call) if $debug; # too verbose @@ -106,6 +108,9 @@ sub file_bug { return 0 if $dryrun; + + print "Creating a bug\n" if $debug; + my $call = $bugzilla_rpc->call('bugzilla.createBug', shift, $username, $password); @@ -123,6 +128,8 @@ my $desc; my $refs; + print "Getting a bug description from CVE\n" if $debug; + ($desc, $refs) = Libexig::CVE::cve ($cve); die 'Cannot fetch CVE description; re-run with --interactive' From fedora-security-commits at redhat.com Thu Dec 20 23:15:14 2007 From: fedora-security-commits at redhat.com (fedora-security-commits at redhat.com) Date: Thu, 20 Dec 2007 18:15:14 -0500 Subject: [Fedora-security-commits] fedora-security/tools check-updates, NONE, 1.1.2.1 get-bodhi-update, 1.1.2.1, NONE parse-audit, 1.1.2.1, NONE Message-ID: <200712202315.lBKNFEWc014185@cvs-int.fedora.redhat.com> Author: lkundrak Update of /cvs/fedora/fedora-security/tools In directory cvs-int.fedora.redhat.com:/tmp/cvs-serv14151 Added Files: Tag: lkundrak-tools-ng check-updates Removed Files: Tag: lkundrak-tools-ng get-bodhi-update parse-audit Log Message: Merge audit parser and bodhi update checker Move the logic parts into library ***** Error reading new file: [Errno 2] No such file or directory: 'check-updates' --- get-bodhi-update DELETED --- --- parse-audit DELETED --- From fedora-security-commits at redhat.com Thu Dec 20 23:15:17 2007 From: fedora-security-commits at redhat.com (fedora-security-commits at redhat.com) Date: Thu, 20 Dec 2007 18:15:17 -0500 Subject: [Fedora-security-commits] fedora-security/tools/Libexig Bodhi.pm, NONE, 1.1.2.1 Audit.pm, 1.1.2.1, 1.1.2.2 Message-ID: <200712202315.lBKNFHpM014207@cvs-int.fedora.redhat.com> Author: lkundrak Update of /cvs/fedora/fedora-security/tools/Libexig In directory cvs-int.fedora.redhat.com:/tmp/cvs-serv14151/Libexig Modified Files: Tag: lkundrak-tools-ng Audit.pm Added Files: Tag: lkundrak-tools-ng Bodhi.pm Log Message: Merge audit parser and bodhi update checker Move the logic parts into library ***** Error reading new file: [Errno 2] No such file or directory: 'Bodhi.pm' Index: Audit.pm =================================================================== RCS file: /cvs/fedora/fedora-security/tools/Libexig/Attic/Audit.pm,v retrieving revision 1.1.2.1 retrieving revision 1.1.2.2 diff -u -r1.1.2.1 -r1.1.2.2 --- Audit.pm 9 Nov 2007 06:42:18 -0000 1.1.2.1 +++ Audit.pm 20 Dec 2007 23:15:14 -0000 1.1.2.2 @@ -6,6 +6,32 @@ package Libexig::Audit; +# Get an entry hash and reconstruct its 'line' field +# (useful if something got changed) +sub update_entry +{ + my $entry = shift; + + $entry->{'line'} = join " ", ( + $entry->{'need_verif'}.$entry->{'cve'}, + $entry->{'status'}, + ($entry->{'version'} + ? "($entry->{'package'}, $entry->{'version'})" + : "($entry->{'package'})"), + ($entry->{'bug'} + ? "#$entry->{'bug'}" + : ()), + ($entry->{'since'} + ? "[since $entry->{'since'}]" + : ()), + $entry->{'comment'} + ); + + chomp $entry->{'line'}; + $entry->{'line'} .= "\n"; +} + +# Get line and return a hash sub parse_line { shift; @@ -15,16 +41,16 @@ 'line' => $_, }; } elsif (/^ - (\*?)* # Needs verification - (\S+-\S+-\S+)\s* # CVE - (\*\*|version|VULNERABLE|ignore|backport)\s* # Status + (\*?)* # Needs verification + (\S+-\S+-\S+)\s* # CVE + (\*\*|version|VULNERABLE|ignore|backport|fixed)\s* # Status \( - ([^\s,]+)\s* # Component - (,\s*(.*))?\s* # When fixed upstream + ([^\s,]+)\s* # Component + (,\s*(.*))?\s* # When fixed upstream \)\s* - (\#(\d+))?\s* # Bugzilla IS - (\[since\s+(\S+)\])?\s* # When fixed in Fedora - (.*) # Comment + (\#(\d+))?\s* # Bugzilla IS + (\[since\s+(\S+)\])?\s* # When fixed in Fedora + (.*) # Comment /x) { return { 'need_verif' => $1, From fedora-security-commits at redhat.com Thu Dec 20 23:16:44 2007 From: fedora-security-commits at redhat.com (fedora-security-commits at redhat.com) Date: Thu, 20 Dec 2007 18:16:44 -0500 Subject: [Fedora-security-commits] fedora-security/tools parse-announce, 1.1, 1.1.2.1 suidaudit, 1.1, 1.1.2.1 Message-ID: <200712202316.lBKNGiGf014270@cvs-int.fedora.redhat.com> Author: lkundrak Update of /cvs/fedora/fedora-security/tools In directory cvs-int.fedora.redhat.com:/tmp/cvs-serv14238 Modified Files: Tag: lkundrak-tools-ng parse-announce suidaudit Log Message: Get rid of a copule of useless statements Index: parse-announce =================================================================== RCS file: /cvs/fedora/fedora-security/tools/parse-announce,v retrieving revision 1.1 retrieving revision 1.1.2.1 diff -u -r1.1 -r1.1.2.1 --- parse-announce 5 Jul 2006 14:04:04 -0000 1.1 +++ parse-announce 20 Dec 2007 23:16:41 -0000 1.1.2.1 @@ -5,7 +5,6 @@ use strict; use Mail::Mbox::MessageParser; use Email::Simple; -use Data::Dumper; die "\nUsage: parse-announce mbox-file audit-file\n\n" if not defined($ARGV[1]); Index: suidaudit =================================================================== RCS file: /cvs/fedora/fedora-security/tools/suidaudit,v retrieving revision 1.1 retrieving revision 1.1.2.1 diff -u -r1.1 -r1.1.2.1 --- suidaudit 26 Oct 2007 20:07:19 -0000 1.1 +++ suidaudit 20 Dec 2007 23:16:41 -0000 1.1.2.1 @@ -9,7 +9,6 @@ use warnings; use RPM2; -use Data::Dumper; use Fcntl ':mode'; foreach my $rpm (@ARGV) { From fedora-security-commits at redhat.com Thu Dec 20 23:19:27 2007 From: fedora-security-commits at redhat.com (fedora-security-commits at redhat.com) Date: Thu, 20 Dec 2007 18:19:27 -0500 Subject: [Fedora-security-commits] fedora-security/audit f8,1.51,1.52 Message-ID: <200712202319.lBKNJRgu014349@cvs-int.fedora.redhat.com> Author: lkundrak Update of /cvs/fedora/fedora-security/audit In directory cvs-int.fedora.redhat.com:/tmp/cvs-serv14308 Modified Files: f8 Log Message: check-updates check. The 'fixed' keyword was intentional. Index: f8 =================================================================== RCS file: /cvs/fedora/fedora-security/audit/f8,v retrieving revision 1.51 retrieving revision 1.52 diff -u -r1.51 -r1.52 --- f8 20 Dec 2007 19:59:16 -0000 1.51 +++ f8 20 Dec 2007 23:19:25 -0000 1.52 @@ -15,8 +15,8 @@ CVE-2007-6430 version (asterisk, fixed 1.4.16) [since FEDORA-2007-4651] CVE-2007-6389 VULNERABLE (gnome-screensaver) #426170 CVE-2007-6353 VULNERABLE (exiv2) #425923 -CVE-2007-6352 VULNERABLE (libexif) #425631 -CVE-2007-6351 VULNERABLE (libexif) #425631 +CVE-2007-6352 fixed (libexif) #425631 [since FEDORA-2007-4667] +CVE-2007-6351 fixed (libexif) #425631 [since FEDORA-2007-4667] CVE-2007-6350 VULNERABLE (scponly) rsync vector only CVE-2007-6348 ignore (squirrelmail) trojaned version was not shipped CVE-2007-6328 VULNERABLE (dosbox) design decision @@ -90,7 +90,7 @@ CVE-2007-5589 version (phpMyAdmin, fixed 2.11.1.2) #333661 PMASA-2007-6 [since FEDORA-2007-3636] CVE-2007-5501 version (kernel) [since FEDORA-2007-3837] CVE-2007-5500 version (kernel) [since FEDORA-2007-3837] -CVE-2007-5497 VULNERABLE (e2fsprogs) #414581 +CVE-2007-5497 VULNERABLE (e2fsprogs) #414581 [since FEDORA-2007-4447] CVE-2007-5461 version (tomcat5) #363001 [since FEDORA-2007-3474] CVE-2007-5398 version (samba) [since FEDORA-2007-3403] CVE-2007-5395 version (link-grammar) #372351 [since FEDORA-2007-3235] @@ -148,7 +148,7 @@ CVE-2007-3844 version (firefox, fixed 2.0.0.6) CVE-2007-3843 version (kernel) #246595 No idea which version fixed this CVE-2007-3568 VULNERABLE (imlib) -CVE-2007-3544 VULNERABLE (wordpress, NOT fixed 2.2.1) #245211 Incomplete fix for CVE-2007-3543 +CVE-2007-3544 fixed (wordpress, NOT fixed 2.2.1) #245211 [since FEDORA-2007-0894] Incomplete fix for CVE-2007-3543 CVE-2007-3387 version (poppler, fixed 0.5.91) #251512 CVE-2007-3386 version (tomcat5) [since FEDORA-2007-3474] CVE-2007-3385 version (tomcat5) [since FEDORA-2007-3474] From fedora-security-commits at redhat.com Sat Dec 29 20:42:45 2007 From: fedora-security-commits at redhat.com (fedora-security-commits at redhat.com) Date: Sat, 29 Dec 2007 15:42:45 -0500 Subject: [Fedora-security-commits] fedora-security/audit epel4, 1.4, 1.5 epel5, 1.6, 1.7 Message-ID: <200712292042.lBTKgjjQ017201@cvs-int.fedora.redhat.com> Author: kevin Update of /cvs/fedora/fedora-security/audit In directory cvs-int.fedora.redhat.com:/tmp/cvs-serv17181 Modified Files: epel4 epel5 Log Message: Bring epel4/epel5 back up to date. Index: epel4 =================================================================== RCS file: /cvs/fedora/fedora-security/audit/epel4,v retrieving revision 1.4 retrieving revision 1.5 diff -u -r1.4 -r1.5 --- epel4 12 Nov 2007 20:59:39 -0000 1.4 +++ epel4 29 Dec 2007 20:42:43 -0000 1.5 @@ -3,9 +3,23 @@ # *CVE are items that need verification for EPEL-4 # (mozilla) = (firefox, seamonkey, thunderbird, yelp, devhelp, galeon, liferea. epiphany) -# Up to date CVE as of CVE email 20071112 -# Up to date EPEL4 as of 20071112 -# +# Up to date CVE as of CVE email 20071229 +# Up to date EPEL4 as of 20071229 + +CVE-2007-6337 version (clamav, fixed 0.92) #426213 +CVE-2007-6336 version (clamav, fixed 0.92) #426213 +CVE-2007-6335 version (clamav, fixed 0.92) #426213 +CVE-2007-6353 VULNERABLE (exiv2) #425924 +CVE-2007-6350 VULNERABLE (scponly) #418201 +CVE-2007-6328 VULNERABLE (dosbox) design decision +CVE-2007-6321 VULNERABLE (roundcubemail) #423301 +CVE-2007-6299 VULNERABALE (drupal, fixed 5.4) +CVE-2007-6210 backport (zabbix) #407181 [since zabbix-1.4.2-4] +CVE-2007-6208 ignore (claws) We don't ship the script +CVE-2007-6100 version (phpMyAdmin, fixed 2.11.2.2) +CVE-2007-6035 version (cacti, fixed 0.8.7a) #392001 [since cacti-0.8.7a-1.fc9] +CVE-2007-5977 version (phpMyAdmin) #385911 [since phpMyAdmin-2.11.2.2-1.fc9] +CVE-2007-5976 version (phpMyAdmin) #385911 [since phpMyAdmin-2.11.2.2-1.fc9] CVE-2007-5728 version (phpPgAdmin) seems to be fixed for some time CVE-2007-5715 backport (denyhosts) fixed long ago CVE-2007-5712 version (Django, fixed 0.96.1) #362761 @@ -30,12 +44,12 @@ *CVE-2007-4629 version (mapserver, fixed 4.10.3) #272081 [since FEDORA-2007-2018] CVE-2007-4631 version (qgit, fixed 1.5.7) #268381 *CVE-2007-4629 VULNERABLE (mapserver, fixed 4.10.3) #272081 -CVE-2007-4560 VULNERABLE (clamav) #260583 +CVE-2007-4560 version (clamav) #260583 *CVE-2007-4543 version (bugzilla, fixed 3.0.1) #256021 [since FEDORA-2007-1853] *CVE-2007-4542 VULNERABLE (mapserver, fixed 4.10.3) #256561 *CVE-2007-4539 version (bugzilla, fixed 3.0.1) #256021 [since FEDORA-2007-1853] *CVE-2007-4538 version (bugzilla, fixed 3.0.1) #256021 [since FEDORA-2007-1853] -CVE-2007-4510 VULNERABLE (clamav, fixed 0.91.2) #253780 +CVE-2007-4510 version (clamav, fixed 0.91.2) #253780 *CVE-2007-4462 version (po4a) #253541 [since FEDORA-2007-1763] *CVE-2007-4400 VULNERABLE (konversation) #253545 CVE-2007-4323 backport (denyhosts) #252291 @@ -50,28 +64,28 @@ CVE-2007-3209 ignore (mail-notification, shipped with SSL enabled) CVE-2007-3153 version (c-ares, fixed 1.4.0) #243591 CVE-2007-3152 version (c-ares, fixed 1.4.0) #243591 -CVE-2007-3123 VULNERABLE (clamav, fixed 0.90.3) #245219 -CVE-2007-3122 VULNERABLE (clamav, fixed 0.90.3) #245219 +CVE-2007-3123 version (clamav, fixed 0.90.3) #245219 +CVE-2007-3122 version (clamav, fixed 0.90.3) #245219 CVE-2007-3113 patch (cacti, fixed 0.8.7) #243592 CVE-2007-3112 patch (cacti, fixed 0.8.7) #243592 CVE-2007-3025 ignore (clamav, Solaris only) -CVE-2007-3024 VULNERABLE (clamav, fixed 0.90.3) #245219 -CVE-2007-3023 VULNERABLE (clamav, fixed 0.90.3) #245219 +CVE-2007-3024 version (clamav, fixed 0.90.3) #245219 +CVE-2007-3023 version (clamav, fixed 0.90.3) #245219 *CVE-2007-2958 VULNERABLE (claws-mail) #254121 *CVE-2007-2865 version (phpPgAdmin, fixed 4.1.2) #241489 CVE-2007-2721 patch (jasper, fixed 1.900.1-2) #240397 -CVE-2007-2650 VULNERABLE (clamav, fixed 0.90.3) #240395 +CVE-2007-2650 version (clamav, fixed 0.90.3) #240395 CVE-2007-2637 patch (moin, fixed 1.5.7-2) CVE-2007-2423 patch (moin, fixed 1.5.7-2) #238722 *CVE-2007-2413 version (perl-Imager, fixed 0.57) #238615 CVE-2007-2245 version (phpMyAdmin, fixed 2.10.1) #237882 *CVE-2007-2165 VULNERABLE (proftpd) #237533 -CVE-2007-2029 VULNERABLE (clamav, fixed 0.90.3) #245219 +CVE-2007-2029 version (clamav, fixed 0.90.3) #245219 CVE-2007-2016 ignore (phpMyAdmin, < 2.8.0.2 never shipped) -CVE-2007-1997 VULNERABLE (clamav, fixed in 0.90.2) +CVE-2007-1997 version (clamav, fixed in 0.90.2) CVE-2007-1870 version (lighttpd, fixed 1.4.14) #236489 CVE-2007-1869 version (lighttpd, fixed 1.4.14) #236489 -CVE-2007-1745 VULNERABLE (clamav, fixed in 0.90.2) #236703 +CVE-2007-1745 version (clamav, fixed in 0.90.2) #236703 CVE-2007-1614 version (zziplib, fixed 0.13.49) #233700 *CVE-2007-1558 version (claws-mail, fixed 2.9.1) #237293 CVE-2007-1547 version (nas, fixed 1.8a-2) #233353 @@ -89,8 +103,8 @@ *CVE-2007-1054 version (mediawiki, fixed 1.9.3) [since FEDORA-2007-1442] CVE-2007-0902 version (moin, fixed 1.5.7-2) #228764 CVE-2007-0901 version (moin, fixed 1.5.7-2) #228764 -CVE-2007-0898 VULNERABLE (clamav, fixed 0.90) #229202 -CVE-2007-0897 VULNERABLE (clamav, fixed 0.90) #229202 +CVE-2007-0898 version (clamav, fixed 0.90) #229202 +CVE-2007-0897 version (clamav, fixed 0.90) #229202 *CVE-2007-0894 version (mediawiki, fixed 1.8.4) #228763 CVE-2007-0857 version (moin, fixed 1.5.7) #228139 *CVE-2007-0619 version (chmlib, fixed 0.3.9) #225919 @@ -108,8 +122,8 @@ CVE-2006-6626 version (moodle, fixed 1.6.5) #220041 CVE-2006-6625 version (moodle, fixed 1.6.5) #220041 *CVE-2006-6563 backport (proftpd, fixed 1.3.0a-3) #219938 -CVE-2006-6481 VULNERABLE (clamav, fixed 0.88.7) -CVE-2006-6406 VULNERABLE (clamav, fixed 0.88.7) #219095 +CVE-2006-6481 version (clamav, fixed 0.88.7) +CVE-2006-6406 version (clamav, fixed 0.88.7) #219095 CVE-2006-6374 ** (phpMyAdmin) #218853 CVE-2006-6373 version (phpMyAdmin, fixed 2.9.1.1) #218853 CVE-2006-6301 version (denyhosts, fixed 2.6-2) #218824 Index: epel5 =================================================================== RCS file: /cvs/fedora/fedora-security/audit/epel5,v retrieving revision 1.6 retrieving revision 1.7 diff -u -r1.6 -r1.7 --- epel5 12 Nov 2007 20:59:39 -0000 1.6 +++ epel5 29 Dec 2007 20:42:43 -0000 1.7 @@ -3,14 +3,33 @@ # *CVE are items that need verification for EPEL-5 # (mozilla) = (firefox, seamonkey, thunderbird, yelp, devhelp, galeon, liferea. epiphany) -# Up to date CVE as of CVE email 20071112 -# Up to date EPEL5 as of 20071112 +# Up to date CVE as of CVE email 20071229 +# Up to date EPEL5 as of 20071229 # + +CVE-2007-6337 version (clamav, fixed 0.92) #426213 +CVE-2007-6336 version (clamav, fixed 0.92) #426213 +CVE-2007-6335 version (clamav, fixed 0.92) #426213 +CVE-2007-6353 VULNERABLE (exiv2) #425924 +CVE-2007-6350 VULNERABLE (scponly) #418201 +CVE-2007-6328 VULNERABLE (dosbox) design decision +CVE-2007-6321 VULNERABLE (roundcubemail) #423301 +CVE-2007-6318 VULNERABLE (wordpress) +CVE-2007-6299 VULNERABLE (drupal, fixed 5.4) +CVE-2007-6210 backport (zabbix) #407181 [since zabbix-1.4.2-4] +CVE-2007-6100 version (phpMyAdmin, fixed 2.11.2.2) +CVE-2007-6035 version (cacti, fixed 0.8.7a) #392001 [since cacti-0.8.7a-1] +CVE-2007-6013 VULNERABLE (wordpress) +CVE-2007-5977 version (phpMyAdmin) #385911 [since phpMyAdmin-2.11.2.2-1] +CVE-2007-5976 version (phpMyAdmin) #385911 [since phpMyAdmin-2.11.2.2-1] +CVE-2007-5934 version (php-pear-MDB2) #379111 [since php-pear-MDB2-2.4.1-2] +CVE-2007-5934 version (php-pear-MDB2-Driver-mysql) #379141 [since php-pear-MDB2-Driver-mysql-1.4.1-3] +CVE-2007-5934 version (php-pear-MDB2-Driver-mysqli) #379171 [since php-pear-MDB2-Driver-mysqli-1.4.1-3] CVE-2007-5728 version (phpPgAdmin) seems to be fixed for some time CVE-2007-5715 backport (denyhosts) fixed long ago CVE-2007-5712 version (Django, fixed 0.96.1) #362761 CVE-2007-5626 ignore (bacula) known, documented limitation -CVE-2007-5624 VULNERABLE (nagios, fixed 2.10) #362791 +CVE-2007-5624 version (nagios, fixed 2.10) #362791 CVE-2007-5623 backport (nagios-plugins) #348731 CVE-2007-5597 version (drupal, fixed 5.3) [since FEDORA-2007-2649] CVE-2007-5596 version (drupal, fixed 5.3) [since FEDORA-2007-2649] @@ -31,12 +50,12 @@ CVE-2007-4629 VULNERABLE (mapserver, fixed 4.10.3) #272081 CVE-2007-4631 version (qgit, fixed 1.5.7) #268381 CVE-2007-4629 VULNERABLE (mapserver, fixed 4.10.3) #272081 -CVE-2007-4560 VULNERABLE (clamav) #260583 +CVE-2007-4560 version (clamav) #260583 CVE-2007-4543 version (bugzilla, fixed 3.0.1) #256021 CVE-2007-4542 VULNERABLE (mapserver, fixed 4.10.3) #256561 CVE-2007-4539 version (bugzilla, fixed 3.0.1) #256021 CVE-2007-4538 version (bugzilla, fixed 3.0.1) #256021 -CVE-2007-4510 VULNERABLE (clamav, fixed 0.91.2) #253780 +CVE-2007-4510 version (clamav, fixed 0.91.2) #253780 *CVE-2007-4462 version (po4a) #253541 CVE-2007-4400 VULNERABLE (konversation) #253545 CVE-2007-4323 backport (denyhosts) #252291 @@ -54,27 +73,27 @@ CVE-2007-3209 ignore (mail-notification, shipped with SSL enabled) CVE-2007-3153 version (c-ares, fixed 1.4.0) #243591 CVE-2007-3152 version (c-ares, fixed 1.4.0) #243591 -CVE-2007-3123 VULNERABLE (clamav, fixed 0.90.3) #245219 -CVE-2007-3122 VULNERABLE (clamav, fixed 0.90.3) #245219 +CVE-2007-3123 version (clamav, fixed 0.90.3) #245219 +CVE-2007-3122 version (clamav, fixed 0.90.3) #245219 CVE-2007-3113 patch (cacti, fixed 0.8.7) #243592 CVE-2007-3112 patch (cacti, fixed 0.8.7) #243592 CVE-2007-3025 ignore (clamav, Solaris only) -CVE-2007-3024 VULNERABLE (clamav, fixed 0.90.3) #245219 -CVE-2007-3023 VULNERABLE (clamav, fixed 0.90.3) #245219 +CVE-2007-3024 version (clamav, fixed 0.90.3) #245219 +CVE-2007-3023 version (clamav, fixed 0.90.3) #245219 CVE-2007-2865 version (phpPgAdmin, fixed 4.1.2) #241489 CVE-2007-2721 patch (jasper, fixed 1.900.1-2) #240397 -CVE-2007-2650 VULNERABLE (clamav, fixed 0.90.3) #240395 +CVE-2007-2650 version (clamav, fixed 0.90.3) #240395 CVE-2007-2637 patch (moin, fixed 1.5.7-2) CVE-2007-2423 patch (moin, fixed 1.5.7-2) #238722 *CVE-2007-2413 version (perl-Imager, fixed 0.57) #238615 CVE-2007-2245 version (phpMyAdmin, fixed 2.10.1) #237882 CVE-2007-2165 VULNERABLE (proftpd) #237533 -CVE-2007-2029 VULNERABLE (clamav, fixed 0.90.3) #245219 +CVE-2007-2029 version (clamav, fixed 0.90.3) #245219 CVE-2007-2016 ignore (phpMyAdmin, < 2.8.0.2 never shipped) -CVE-2007-1997 VULNERABLE (clamav, fixed in 0.90.2) +CVE-2007-1997 version (clamav, fixed in 0.90.2) CVE-2007-1870 version (lighttpd, fixed 1.4.14) #236489 CVE-2007-1869 version (lighttpd, fixed 1.4.14) #236489 -CVE-2007-1745 VULNERABLE (clamav, fixed in 0.90.2) #236703 +CVE-2007-1745 version (clamav, fixed in 0.90.2) #236703 CVE-2007-1614 version (zziplib, fixed 0.13.49) #233700 CVE-2007-1547 version (nas, fixed 1.8a-2) #233353 CVE-2007-1546 version (nas, fixed 1.8a-2) #233353 @@ -97,8 +116,8 @@ *CVE-2007-1054 version (mediawiki, fixed 1.9.3) [since FEDORA-2007-1442] CVE-2007-0902 patch (moin, fixed 1.5.7-2) #228764 CVE-2007-0901 patch (moin, fixed 1.5.7-2) #228764 -CVE-2007-0898 VULNERABLE (clamav, fixed 0.90) #229202 -CVE-2007-0897 VULNERABLE (clamav, fixed 0.90) #229202 +CVE-2007-0898 version (clamav, fixed 0.90) #229202 +CVE-2007-0897 version (clamav, fixed 0.90) #229202 *CVE-2007-0894 version (mediawiki, fixed 1.8.4) #228763 CVE-2007-0857 version (moin, fixed 1.5.7) #228139 CVE-2007-0619 version (chmlib, fixed 0.3.9) #225919 @@ -117,8 +136,8 @@ CVE-2006-6626 version (moodle, fixed 1.6.5) #220041 CVE-2006-6625 version (moodle, fixed 1.6.5) #220041 CVE-2006-6563 backport (proftpd, fixed 1.3.0a-3) #219938 -CVE-2006-6481 VULNERABLE (clamav, fixed 0.88.7) -CVE-2006-6406 VULNERABLE (clamav, fixed 0.88.7) #219095 +CVE-2006-6481 version (clamav, fixed 0.88.7) +CVE-2006-6406 version (clamav, fixed 0.88.7) #219095 *CVE-2006-6374 ** (phpMyAdmin) #218853 CVE-2006-6373 version (phpMyAdmin, fixed 2.9.1.1) #218853 CVE-2006-6301 version (denyhosts, fixed 2.6-2) #218824