[Fedora-security-commits] fedora-security/audit f8, 1.181, 1.182 f9, 1.171, 1.172 fc7, 1.337, 1.338

fedora-security-commits at redhat.com fedora-security-commits at redhat.com
Tue Apr 1 07:23:10 UTC 2008 

Author: thoger

Update of /cvs/fedora/fedora-security/audit
In directory cvs-int.fedora.redhat.com:/tmp/cvs-serv20565/audit

Modified Files:
	f8 f9 fc7 
Log Message:
add CVE ids for comix and phpMyAdmin
add mod_suphp
add bzip2 tracking bugs (it's also lib, crash in daemon app may matter)



Index: f8
===================================================================
RCS file: /cvs/fedora/fedora-security/audit/f8,v
retrieving revision 1.181
retrieving revision 1.182
diff -u -r1.181 -r1.182
--- f8	30 Mar 2008 23:13:52 -0000	1.181
+++ f8	1 Apr 2008 07:22:39 -0000	1.182
@@ -4,11 +4,12 @@
 # *CVE are items that need verification for Fedora 8
 # (mozilla) = (gecko-libs dependent stuff)
 
-402841 VULNERABLE (phpmyadmin, fixed 2.11.5.1) #402841
+439687 VULNERABLE (mod_suphp, fixed 0.6.3)
 293031 fixed (nx) #293031 [since FEDORA-2008-2258] 
-430635 VULNERABLE (comix) multiple issues tracked via #430635
 438382 fixed (libsilc) #438382 [since FEDORA-2008-2641] 
 249840 VULNERABLE (tor) 
+CVE-2008-1568 VULNERABLE (comix) multiple issues tracked via bz#430635
+CVE-2008-1567 VULNERABLE (phpmyadmin, fixed 2.11.5.1)
 CVE-2008-1515 VULNERABLE (otrs) #439724
 CVE-2008-1488 VULNERABLE (php-pecl-apc) #438847 
 CVE-2008-0806 fixed (wyrd) #433720 [since FEDORA-2008-1963] 
@@ -21,7 +22,7 @@
 CVE-2008-1467 VULNERABLE (centerim) #438871 
 CVE-2008-1394 ignore (plone) 
 CVE-2008-1390 fixed (asterisk, fixed 1.4.19-rc3) #438133 [since FEDORA-2008-2554] 
-CVE-2008-1372 ignore (bzip2) Just a crash
+CVE-2008-1372 VULNERABLE (bzip2, fixed 1.0.5) #439855
 CVE-2008-1360 VULNERABLE (nagios) #437850 
 CVE-2008-1353 ignore (zabbix) #437848 Needs authorization
 CVE-2008-1333 ignore (asterisk) not affected


Index: f9
===================================================================
RCS file: /cvs/fedora/fedora-security/audit/f9,v
retrieving revision 1.171
retrieving revision 1.172
diff -u -r1.171 -r1.172
--- f9	31 Mar 2008 12:32:21 -0000	1.171
+++ f9	1 Apr 2008 07:22:39 -0000	1.172
@@ -4,10 +4,11 @@
 # *CVE are items that need verification for Fedora 9
 # (mozilla) = (gecko-libs dependent stuff)
 
+439687 version (mod_suphp, fixed 0.6.3) [since mod_suphp-0.6.3-1.fc9]
 438382 VULNERABLE (libsilc) #438382 
-430635 VULNERABLE (comix) multiple issues tracked via #430635
-402841 VULNERABLE (phpmyadmin, fixed 2.11.5.1) #402841
 249840 VULNERABLE (tor) 
+CVE-2008-1568 VULNERABLE (comix) multiple issues tracked via bz#430635
+CVE-2008-1567 version (phpmyadmin, fixed 2.11.5.1) [since phpMyAdmin-2.11.5.1-1.fc9]
 CVE-2008-1515 VULNERABLE (otrs) #439725
 CVE-2008-1488 VULNERABLE (php-pecl-apc) #438848 
 CVE-2008-0806 VULNERABLE (wyrd) #433722 
@@ -19,7 +20,7 @@
 CVE-2008-1467 fixed (centerim) #438871
 CVE-2008-1394 ignore (plone) 
 CVE-2008-1390 version (asterisk, fixed 1.6.0-beta6) #438134 [since asterisk-1.6.0-0.6.beta6.fc9]
-CVE-2008-1372 ignore (bzip2) Just a crash
+CVE-2008-1372 version (bzip2, fixed 1.0.5) [since bzip2-1.0.5-1.fc9]
 CVE-2008-1360 VULNERABLE (nagios) #437852 
 CVE-2008-1353 ignore (zabbix) #437848 Needs authorization
 CVE-2008-1333 version (asterisk, fixed 1.6.0-beta6) #438134 [since asterisk-1.6.0-0.6.beta6.fc9]


Index: fc7
===================================================================
RCS file: /cvs/fedora/fedora-security/audit/fc7,v
retrieving revision 1.337
retrieving revision 1.338
diff -u -r1.337 -r1.338
--- fc7	30 Mar 2008 23:13:52 -0000	1.337
+++ fc7	1 Apr 2008 07:22:39 -0000	1.338
@@ -5,11 +5,12 @@
 # (mozilla) = (firefox, seamonkey, thunderbird, yelp, devhelp, galeon, liferea. epiphany)
 # A couple of first F7 updates were marked as FEDORA-2007-0001
 
-402841 VULNERABLE (phpmyadmin, fixed 2.11.5.1) #402841
+439687 VULNERABLE (mod_suphp, fixed 0.6.3)
 293031 fixed (nx) #293031 [since FEDORA-2008-2258] 
-430635 VULNERABLE (comix) multiple issues tracked via #430635
 438382 fixed (libsilc) #438382 [since FEDORA-2008-2641] 
 249840 version (tor, fixed 0.1.2.15) #249840 [since FEDORA-2007-1674] 
+CVE-2008-1568 VULNERABLE (comix) multiple issues tracked via bz#430635
+CVE-2008-1567 VULNERABLE (phpmyadmin, fixed 2.11.5.1)
 CVE-2008-1515 VULNERABLE (otrs) #439723
 CVE-2008-1488 VULNERABLE (php-pecl-apc) #438846 
 CVE-2008-0806 fixed (wyrd) #433721 [since FEDORA-2008-1986] 
@@ -22,7 +23,7 @@
 CVE-2008-1467 VULNERABLE (centerim) #438871 
 CVE-2008-1394 ignore (plone) 
 CVE-2008-1390 fixed (asterisk, fixed 1.4.19-rc3) #438132 [since FEDORA-2008-2620] 
-CVE-2008-1372 ignore (bzip2) Just a crash
+CVE-2008-1372 VULNERABLE (bzip2, fixed 1.0.5) #439855
 CVE-2008-1360 VULNERABLE (nagios) #437851 
 CVE-2008-1353 ignore (zabbix) #437848 Needs authorization
 CVE-2008-1333 ignore (asterisk) not affected

More information about the Fedora-security-commits mailing list