[Fedora-security-commits] fedora-security/audit f8, 1.44, 1.45 f9, 1.39, 1.40 fc7, 1.201, 1.202
fedora-security-commits at redhat.com
fedora-security-commits at redhat.com
Tue Dec 18 14:16:48 UTC 2007
- Previous message (by thread): [Fedora-security-commits] fedora-security/audit f8, 1.43, 1.44 f9, 1.38, 1.39 fc7, 1.200, 1.201
- Next message (by thread): [Fedora-security-commits] fedora-security/audit f8, 1.45, 1.46 f9, 1.40, 1.41 fc7, 1.202, 1.203
- Messages sorted by:
[ date ]
[ thread ]
[ subject ]
[ author ]
Author: thoger
Update of /cvs/fedora/fedora-security/audit
In directory cvs-int.fedora.redhat.com:/tmp/cvs-serv1756/audit
Modified Files:
f8 f9 fc7
Log Message:
imlib
fedora update
Index: f8
===================================================================
RCS file: /cvs/fedora/fedora-security/audit/f8,v
retrieving revision 1.44
retrieving revision 1.45
diff -u -r1.44 -r1.45
--- f8 17 Dec 2007 10:49:13 -0000 1.44
+++ f8 18 Dec 2007 14:16:46 -0000 1.45
@@ -4,7 +4,7 @@
# *CVE are items that need verification for Fedora 8
# (mozilla) = (gecko-libs dependent stuff)
-# Up to date CVE as of CVE email 20071211
+# Up to date CVE as of CVE email 20071215
# Up to date F8 as of 20071212
CVE-2007-6353 VULNERABLE (exiv2) #425923
@@ -16,13 +16,13 @@
CVE-2007-6321 VULNERABLE (roundcubemail) #423291
CVE-2007-6318 VULNERABLE (wordpress)
CVE-2007-6304 ignore (mysql, fixed 5.0.52) federated engine not built
-CVE-2007-6303 VULNERABLE (mysql, fixed 5.0.52) #424931
+CVE-2007-6303 backport (mysql, fixed 5.0.52) #424931 [since FEDORA-2007-4465]
CVE-2007-6299 version (drupal, fixed 5.4) [since FEDORA-2007-4163] SA-2007-031
-GENERIC-MAP-NOMATCH VULNERABLE (libxfcegui4) #412761
-GENERIC-MAP-NOMATCH VULNERABLE (libxfce4util) #412761
-GENERIC-MAP-NOMATCH VULNERABLE (xfce-panel) #412761
+GENERIC-MAP-NOMATCH version (libxfcegui4) #412761 [since FEDORA-2007-4368]
+GENERIC-MAP-NOMATCH version (libxfce4util) #412761 [since FEDORA-2007-4368]
+GENERIC-MAP-NOMATCH version (xfce-panel) #412761 [since FEDORA-2007-4368]
CVE-2007-6283 VULNERABLE (bind) #423071
-CVE-2007-6239 VULNERABLE (squid, fixed 2.6.17) #412391
+CVE-2007-6239 version (squid, fixed 2.6.17) #412391 [since FEDORA-2007-4170]
CVE-2007-6210 backport (zabbix) #407181 [since FEDORA-2007-4176]
CVE-2007-6209 ignore (zsh) #409871 We don't ship the script
CVE-2007-6208 ignore (claws) We don't ship the script
@@ -41,8 +41,8 @@
CVE-2007-5977 version (phpMyAdmin, fixed 2.11.2.1) #385901 [since FEDORA-2007-3636]
CVE-2007-5976 version (phpMyAdmin, fixed 2.11.2.1) #385901 [since FEDORA-2007-3636]
CVE-2007-5970 ignore (mysql, fixed 5.1.23) mysql 5.1+ only, affects partitioning
-CVE-2007-5969 VULNERABLE (mysql, fixed 5.0.51) #424931
-CVE-2007-5964 VULNERABLE (autofs) #409701
+CVE-2007-5969 backport (mysql, fixed 5.0.51) #424931 [since FEDORA-2007-4465]
+CVE-2007-5964 backport (autofs) #409701 [since FEDORA-2007-4532]
CVE-2007-5960 version (mozilla, fixed ff 2.0.0.10, sm 1.1.7) [since FEDORA-2007-3962]
CVE-2007-5959 version (mozilla, fixed ff 2.0.0.10, sm 1.1.7) [since FEDORA-2007-3962]
CVE-2007-5947 version (mozilla, fixed ff 2.0.0.10, sm 1.1.7) [since FEDORA-2007-3962]
@@ -53,7 +53,7 @@
CVE-2007-5934 backport (php-pear-MDB2) #379101 [since FEDORA-2007-3376]
CVE-2007-5934 backport (php-pear-MDB2-Driver-mysql) #379131 [since FEDORA-2007-3376]
CVE-2007-5934 backport (php-pear-MDB2-Driver-mysqli) #379161 [since FEDORA-2007-3376]
-CVE-2007-5925 VULNERABLE (mysql, fixed 5.0.54) #424931
+CVE-2007-5925 backport (mysql, fixed 5.0.54) #424931 [since FEDORA-2007-4465]
CVE-2007-5907 VULNERABLE (xen) #390111
CVE-2007-5906 VULNERABLE (xen) #390111
CVE-2007-5795 backport (emacs) #367591 [since FEDORA-2007-2946]
@@ -126,6 +126,7 @@
CVE-2007-3919 backport (xen, fixed 3.1.0-13) #361991
CVE-2007-3844 version (firefox, fixed 2.0.0.6)
CVE-2007-3843 version (kernel) #246595 No idea which version fixed this
+CVE-2007-3568 VULNERABLE (imlib)
CVE-2007-3544 VULNERABLE (wordpress, NOT fixed 2.2.1) #245211 Incomplete fix for CVE-2007-3543
CVE-2007-3387 version (poppler, fixed 0.5.91) #251512
CVE-2007-3386 version (tomcat5) [since FEDORA-2007-3474]
Index: f9
===================================================================
RCS file: /cvs/fedora/fedora-security/audit/f9,v
retrieving revision 1.39
retrieving revision 1.40
diff -u -r1.39 -r1.40
--- f9 17 Dec 2007 10:49:14 -0000 1.39
+++ f9 18 Dec 2007 14:16:46 -0000 1.40
@@ -7,9 +7,9 @@
# Up to date CVE as of CVE email 20071211
# Up to date F9 as of 20071029
-CVE-2007-6353 VULNERABLE (exiv2) #425924
-CVE-2007-6352 VULNERABLE (libexif) #425641
-CVE-2007-6351 VULNERABLE (libexif) #425641
+CVE-2007-6353 backport (exiv2) #425924 [since exiv2-0.16-0.3.pre1.fc9]
+CVE-2007-6352 backport (libexif) #425641 [since libexif-0.6.15-5.fc9]
+CVE-2007-6351 backport (libexif) #425641 [since libexif-0.6.15-5.fc9]
CVE-2007-6350 backport (scponly) [since scponly-4.6-8.fc9] rsync support disabled
CVE-2007-6348 ignore (squirrelmail) trojaned version was not shipped
CVE-2007-6328 VULNERABLE (dosbox) design decision
@@ -83,7 +83,7 @@
CVE-2007-5200 version (hugin) #362871 [since hugin-0.6.1-11.fc9]
CVE-2007-5198 VULNERABLE (nagios-plugins, fixed 1.4.10) #362901
CVE-2007-5197 VULNERABLE (mono, fixed 1.2.5.1) #367551
-CVE-2007-5116 VULNERABLE (perl) #378151
+CVE-2007-5116 backport (perl) #378151 [since perl-5.8.8-31.fc9]
CVE-2007-5079 VULNERABLE (gdm) #363041 Red Hat specific problem
CVE-2007-5037 version (inotify-tools, fixed 3.11) #299771
CVE-2007-5007 version (balsa, before 2.3.20) #297601
@@ -110,6 +110,7 @@
CVE-2007-3919 backport (xen, fixed 3.1.0-13) #362011
CVE-2007-3844 version (firefox, fixed 2.0.0.6)
CVE-2007-3843 version (kernel) #246595 No idea which version fixed this
+CVE-2007-3568 VULNERABLE (imlib)
CVE-2007-3544 VULNERABLE (wordpress, NOT fixed 2.2.1) #245211 Incomplete fix for CVE-2007-3543
CVE-2007-3387 version (poppler, fixed 0.5.91) #251512
CVE-2007-3145 ignore (galeon) in 2.0.3 the truncation still occurs, but at reasonable length
Index: fc7
===================================================================
RCS file: /cvs/fedora/fedora-security/audit/fc7,v
retrieving revision 1.201
retrieving revision 1.202
diff -u -r1.201 -r1.202
--- fc7 17 Dec 2007 10:49:14 -0000 1.201
+++ fc7 18 Dec 2007 14:16:46 -0000 1.202
@@ -5,7 +5,7 @@
# (mozilla) = (firefox, seamonkey, thunderbird, yelp, devhelp, galeon, liferea. epiphany)
# A couple of first F7 updates were marked as FEDORA-2007-0001
-# Up to date CVE as of CVE email 200711211
+# Up to date CVE as of CVE email 200711215
# Up to date FC7 as of 20071212
CVE-2007-6353 VULNERABLE (exiv2) #425922
@@ -17,13 +17,13 @@
CVE-2007-6321 VULNERABLE (roundcubemail) #423281
CVE-2007-6318 VULNERABLE (wordpress)
CVE-2007-6304 ignore (mysql, fixed 5.0.52) federated engine not built
-CVE-2007-6303 VULNERABLE (mysql, fixed 5.0.52) #424921
+CVE-2007-6303 backport (mysql, fixed 5.0.52) #424921 [since FEDORA-2007-4471]
CVE-2007-6299 version (drupal, fixed 5.4) [since FEDORA-2007-4136] SA-2007-031
-GENERIC-MAP-NOMATCH VULNERABLE (libxfcegui4) #412751
-GENERIC-MAP-NOMATCH VULNERABLE (libxfce4util) #412751
-GENERIC-MAP-NOMATCH VULNERABLE (xfce-panel) #412751
+GENERIC-MAP-NOMATCH version (libxfcegui4) #412751 [since FEDORA-2007-4385]
+GENERIC-MAP-NOMATCH version (libxfce4util) #412751 [since FEDORA-2007-4385]
+GENERIC-MAP-NOMATCH version (xfce-panel) #412751 [since FEDORA-2007-4385]
CVE-2007-6283 VULNERABLE (bind) #423061
-CVE-2007-6239 VULNERABLE (squid, fixed 2.6.17) #412381
+CVE-2007-6239 version (squid, fixed 2.6.17) #412381 [since FEDORA-2007-4161]
CVE-2007-6210 backport (zabbix) #407181 [since FEDORA-2007-4160]
CVE-2007-6209 ignore (zsh) #409871 We don't ship the script
CVE-2007-6208 ignore (claws) We don't ship the script
@@ -41,8 +41,8 @@
CVE-2007-5977 version (phpMyAdmin, fixed 2.11.2.1) #385891 [since FEDORA-2007-3627]
CVE-2007-5976 version (phpMyAdmin, fixed 2.11.2.1) #385891 [since FEDORA-2007-3627]
CVE-2007-5970 ignore (mysql, fixed 5.1.23) mysql 5.1+ only, affects partitioning
-CVE-2007-5969 VULNERABLE (mysql, fixed 5.0.51) #424921
-CVE-2007-5964 VULNERABLE (autofs) #421351
+CVE-2007-5969 backport (mysql, fixed 5.0.51) #424921 [since FEDORA-2007-4471]
+CVE-2007-5964 backport (autofs) #421351 [since FEDORA-2007-4469]
CVE-2007-5960 version (mozilla, fixed ff 2.0.0.10, sm 1.1.7) [since FEDORA-2007-3952]
CVE-2007-5959 version (mozilla, fixed ff 2.0.0.10, sm 1.1.7) [since FEDORA-2007-3952]
CVE-2007-5947 version (mozilla, fixed ff 2.0.0.10, sm 1.1.7) [since FEDORA-2007-3952]
@@ -53,7 +53,7 @@
CVE-2007-5934 backport (php-pear-MDB2) #379091 [since FEDORA-2007-3369]
CVE-2007-5934 backport (php-pear-MDB2-Driver-mysql) #379121 [since FEDORA-2007-3369]
CVE-2007-5934 backport (php-pear-MDB2-Driver-mysqli) #379151 [since FEDORA-2007-3369]
-CVE-2007-5925 VULNERABLE (mysql, fixed 5.0.54) #424921
+CVE-2007-5925 backport (mysql, fixed 5.0.54) #424921 [since FEDORA-2007-4471]
CVE-2007-5907 VULNERABLE (xen) #390101
CVE-2007-5906 VULNERABLE (xen) #390101
CVE-2007-5846 backport (net-snmp) [since FEDORA-2007-3019]
@@ -263,6 +263,7 @@
CVE-2007-3656 version (mozilla) #248518 [since FEDORA-2007-1138]
CVE-2007-3642 version (kernel, fixed 2.6.22.1) [since FEDORA-2007-1130]
CVE-2007-3628 version (php-pear-Structures-DataGrid-DataSource-MDB2, fixed 0.1.10)
+CVE-2007-3568 VULNERABLE (imlib)
CVE-2007-3555 version (moodle) #247528 [since FEDORA-2007-1445]
CVE-2007-3546 ignore (nessus-core) Windows only
CVE-2007-3528 version (dar, fixed 2.3.4) #246760 [since FEDORA-2007-0904]
- Previous message (by thread): [Fedora-security-commits] fedora-security/audit f8, 1.43, 1.44 f9, 1.38, 1.39 fc7, 1.200, 1.201
- Next message (by thread): [Fedora-security-commits] fedora-security/audit f8, 1.45, 1.46 f9, 1.40, 1.41 fc7, 1.202, 1.203
- Messages sorted by:
[ date ]
[ thread ]
[ subject ]
[ author ]
More information about the Fedora-security-commits
mailing list