[Fedora-security-commits] fedora-security/audit fc6, 1.283, 1.284 fc7, 1.154, 1.155

fedora-security-commits at redhat.com fedora-security-commits at redhat.com
Mon Oct 29 12:38:06 UTC 2007 

Author: thoger

Update of /cvs/fedora/fedora-security/audit
In directory cvs-int.fedora.redhat.com:/tmp/cvs-serv16700/audit

Modified Files:
	fc6 fc7 
Log Message:
xen issue
fedora updates



Index: fc6
===================================================================
RCS file: /cvs/fedora/fedora-security/audit/fc6,v
retrieving revision 1.283
retrieving revision 1.284
diff -u -r1.283 -r1.284
--- fc6	24 Oct 2007 12:25:12 -0000	1.283
+++ fc6	29 Oct 2007 12:38:04 -0000	1.284
@@ -5,7 +5,7 @@
 # (mozilla) = (firefox, seamonkey, thunderbird, yelp, devhelp, galeon, liferea. epiphany)
 
 # Up to date CVE as of CVE email 20071015
-# Up to date FC6 as of 20071017
+# Up to date FC6 as of 20071025
 
 CVE-2007-5340 VULNERABLE (mozilla) ff 2.0.0.8, tb 2.0.0.6, sm 1.1.5
 CVE-2007-5339 VULNERABLE (mozilla) ff 2.0.0.8, tb 2.0.0.6, sm 1.1.5
@@ -72,6 +72,7 @@
 CVE-2007-3962 ignore (gftp) multiple buffer overflows in fsplib, not on Linux
 CVE-2007-3961 ignore (gftp) off-by-one error in fsplib
 CVE-2007-3920 VULNERABLE (gnome-screensaver) #350271
+CVE-2007-3919 VULNERABLE (xen)
 CVE-2007-3852 backport (sysstat) #252296 [since FEDORA-2007-675]
 CVE-2007-3848 version (kernel) [since FEDORA-2007-679]
 CVE-2007-3847 version (httpd) #250756 [since FEDORA-2007-707]


Index: fc7
===================================================================
RCS file: /cvs/fedora/fedora-security/audit/fc7,v
retrieving revision 1.154
retrieving revision 1.155
diff -u -r1.154 -r1.155
--- fc7	25 Oct 2007 07:34:05 -0000	1.154
+++ fc7	29 Oct 2007 12:38:04 -0000	1.155
@@ -6,28 +6,29 @@
 # A couple of first F7 updates were marked as FEDORA-2007-0001
 
 # Up to date CVE as of CVE email 20071015
-# Up to date FC7 as of 20071017
+# Up to date FC7 as of 20071025
 
 CVE-2007-5626 ignore (bacula) known, documented limitation
 CVE-2007-5624 VULNERABLE (nagios, fixed 2.10) #349011
 CVE-2007-5623 VULNERABLE (nagios-plugins) #348731
-CVE-2007-5597 VULNERABLE (drupal, fixed 5.3)
-CVE-2007-5596 VULNERABLE (drupal, fixed 5.3)
-CVE-2007-5595 VULNERABLE (drupal, fixed 5.3)
-CVE-2007-5594 VULNERABLE (drupal, fixed 5.3)
-CVE-2007-5593 VULNERABLE (drupal, fixed 5.3)
+CVE-2007-5597 version (drupal, fixed 5.3) [since FEDORA-2007-2649]
+CVE-2007-5596 version (drupal, fixed 5.3) [since FEDORA-2007-2649]
+CVE-2007-5595 version (drupal, fixed 5.3) [since FEDORA-2007-2649]
+CVE-2007-5594 version (drupal, fixed 5.3) [since FEDORA-2007-2649]
+CVE-2007-5593 version (drupal, fixed 5.3) [since FEDORA-2007-2649]
 CVE-2007-5589 VULNERABLE (phpmyadmin, fixed 2.11.1.2) #333661 PMASA-2007-6
-CVE-2007-5585 (tempest) #336331
+CVE-2007-5585 backport (rss-glx) #336331 [since FEDORA-2007-2652]
+CVE-2007-5585 backport (tempest) #336331 [since FEDORA-2007-2652]
 CVE-2007-5416 ignore (drupal) Vulnerability in PHP<5.1.3, we're safe
 CVE-2007-5386 VULNERABLE (phpmyadmin, fixed 2.11.1.1) #333661 PMASA-2007-5
-CVE-2007-5340 VULNERABLE (mozilla) ff 2.0.0.8, tb 2.0.0.6, sm 1.1.5
-CVE-2007-5339 VULNERABLE (mozilla) ff 2.0.0.8, tb 2.0.0.6, sm 1.1.5
-CVE-2007-5338 VULNERABLE (mozilla) ff 2.0.0.8, tb 2.0.0.6, sm 1.1.5
-CVE-2007-5337 VULNERABLE (mozilla) ff 2.0.0.8, tb 2.0.0.6, sm 1.1.5
-CVE-2007-5335 VULNERABLE (mozilla) ff 2.0.0.8, does not affect ff1.5
-CVE-2007-5334 VULNERABLE (mozilla) ff 2.0.0.8, tb 2.0.0.6, sm 1.1.5
-CVE-2007-5269 VULNERABLE (libpng10) update pending
-CVE-2007-5269 VULNERABLE (libpng, fixed 1.2.21) #337461
+CVE-2007-5340 version (mozilla) ff 2.0.0.8, tb 2.0.0.6, sm 1.1.5 [since FEDORA-2007-2664]
+CVE-2007-5339 version (mozilla) ff 2.0.0.8, tb 2.0.0.6, sm 1.1.5 [since FEDORA-2007-2664]
+CVE-2007-5338 version (mozilla) ff 2.0.0.8, tb 2.0.0.6, sm 1.1.5 [since FEDORA-2007-2664]
+CVE-2007-5337 version (mozilla) ff 2.0.0.8, tb 2.0.0.6, sm 1.1.5 [since FEDORA-2007-2664]
+CVE-2007-5335 version (mozilla) ff 2.0.0.8, does not affect ff1.5 [since FEDORA-2007-2664]
+CVE-2007-5334 version (mozilla) ff 2.0.0.8, tb 2.0.0.6, sm 1.1.5 [since FEDORA-2007-2664]
+CVE-2007-5269 version (libpng10) [since FEDORA-2007-2521]
+CVE-2007-5269 version (libpng, fixed 1.2.21) #337461 [since FEDORA-2007-2666]
 CVE-2007-5268 ignore (libpng) shipped version too old and not affected
 CVE-2007-5267 ignore (libpng) shipped version too old and not affected
 CVE-2007-5266 ignore (libpng) shipped version too old and not affected
@@ -140,6 +141,7 @@
 CVE-2007-3948 version (lighttpd, fixed 1.4.16) #249162 [since FEDORA-2007-1299]
 CVE-2007-3947 version (lighttpd, fixed 1.4.16) #249162 [since FEDORA-2007-1299]
 CVE-2007-3946 version (lighttpd, fixed 1.4.16) #249162 [since FEDORA-2007-1299]
+CVE-2007-3919 VULNERABLE (xen)
 CVE-2007-3917 version (wesnoth, fixed 1.2.7) #324841 [since FEDORA-2007-2496]
 CVE-2007-3848 version (kernel) [since FEDORA-2007-1785]
 CVE-2007-3847 version (httpd) #250755 [since FEDORA-2007-2214]
@@ -169,7 +171,7 @@
 CVE-2007-3528 version (dar, fixed 2.3.4) #246760 [since FEDORA-2007-0904]
 CVE-2007-3544 VULNERABLE (wordpress, NOT fixed 2.2.1) #245211 Incomplete fix for CVE-2007-3543
 CVE-2007-3543 version (wordpress, fixed 2.2.1) #245211 [since FEDORA-2007-0894]
-CVE-2007-3511 VULNERABLE (mozilla) ff 2.0.0.8, tb 2.0.0.6, sm 1.1.5
+CVE-2007-3511 version (mozilla) ff 2.0.0.8, tb 2.0.0.6, sm 1.1.5 [since FEDORA-2007-2664]
 CVE-2007-3508 ignore (glibc) not an issue
 CVE-2007-3506 version (freetype, fixed 2.3.4) #235479 [since FEDORA-2007-0033]
 CVE-2007-3507 version (flac123, fixed 0.0.10) #246322 [since FEDORA-2007-1045]
@@ -290,7 +292,7 @@
 CVE-2007-2381 ignore (MochiKit) #238616
 *CVE-2007-2356 ** (gimp)
 *CVE-2007-2353 ** (axis)
-CVE-2007-2292 VULNERABLE (mozilla) ff 2.0.0.8, tb 2.0.0.6, sm 1.1.5
+CVE-2007-2292 version (mozilla) ff 2.0.0.8, tb 2.0.0.6, sm 1.1.5 [since FEDORA-2007-2664]
 *CVE-2007-2245 VULNERABLE (phpMyAdmin, fixed 2.10.1) #237882
 CVE-2007-2243 ignore (openssh, fixed 4.6) needs S/KEY support which is not shipped.
 CVE-2007-2241 backport (bind) [since FEDORA-2007-0300]
@@ -411,7 +413,7 @@
 *CVE-2007-1218 backport (tcpdump) 232349 [since FEDORA-2007-347]
 CVE-2007-1216 version (krb5, fixed 1.6-3) #231537
 *CVE-2007-1103 VULNERABLE (tor) #230927
-CVE-2007-1095 VULNERABLE (mozilla) ff 2.0.0.8, tb 2.0.0.6, sm 1.1.5
+CVE-2007-1095 version (mozilla) ff 2.0.0.8, tb 2.0.0.6, sm 1.1.5 [since FEDORA-2007-2664]
 CVE-2007-1092 version (seamonkey, fixed 1.0.8)
 CVE-2007-1055 version (mediawiki, fixed 1.8.3)
 CVE-2007-1054 version (mediawiki, fixed 1.9.3) [since FEDORA-2007-1442]
@@ -431,7 +433,7 @@
 CVE-2007-0996 version (seamonkey, fixed 1.0.8)
 CVE-2007-0995 version (seamonkey, fixed 1.0.8)
 CVE-2007-0988 version (php, fixed 5.2.1)
-CVE-2007-0981 VULNERABLE (mozilla)
+CVE-2007-0981 version (mozilla)
 CVE-2007-0981 version (seamonkey, fixed 1.0.8) #229253
 CVE-2007-0957 backport (krb5, fixed 1.6-3) #231528
 CVE-2007-0956 backport (krb5, fixed 1.6-3) #229782

More information about the Fedora-security-commits mailing list