[Fedora-security-commits] fedora-security/audit f8, 1.194, 1.195 f9, 1.184, 1.185 fc7, 1.350, 1.351

fedora-security-commits at redhat.com fedora-security-commits at redhat.com
Tue Apr 15 07:47:26 UTC 2008 

Author: thoger

Update of /cvs/fedora/fedora-security/audit
In directory cvs-int.fedora.redhat.com:/tmp/cvs-serv27072/audit

Modified Files:
	f8 f9 fc7 
Log Message:
note libpng, m4



Index: f8
===================================================================
RCS file: /cvs/fedora/fedora-security/audit/f8,v
retrieving revision 1.194
retrieving revision 1.195
diff -u -r1.194 -r1.195
--- f8	14 Apr 2008 17:02:02 -0000	1.194
+++ f8	15 Apr 2008 07:46:56 -0000	1.195
@@ -8,6 +8,8 @@
 249840 VULNERABLE (tor) 
 CVE-2008-1729 ignore (drupal) 6.x only
 CVE-2008-1720 VULNERABLE (rsync, fixed 3.0.2) #441690 
+CVE-2008-1688 ignore (m4, fixed 1.4.11) not really a security issue
+CVE-2008-1687 ignore (m4, fixed 1.4.11) not really a security issue
 CVE-2008-1686 VULNERABLE (libfishsound, fixed 0.9.1) #441247 
 CVE-2008-1658 fixed (PolicyKit) #439995 [since FEDORA-2008-2987] 
 CVE-2008-1657 VULNERABLE (openssh, fixed 4.9) #440375
@@ -24,7 +26,6 @@
 CVE-2008-1552 fixed (libsilc, fixed 1.1.7) #438382 [since FEDORA-2008-2641] 
 CVE-2008-1532 version (Perlbal, fixed 1.70) #439056 [since FEDORA-2008-2778] 
 CVE-2008-1531 VULNERABLE (lighttpd) #439068 
-CVE-2008-1515 VULNERABLE (otrs) #439724
 CVE-2008-1488 VULNERABLE (php-pecl-apc) #438847 
 CVE-2008-1483 ignore (openssh) was alrady fixed by another patch
 CVE-2008-1482 fixed (xine-lib) #438670 [since FEDORA-2008-2849] 
@@ -33,6 +34,8 @@
 CVE-2008-1467 fixed (centerim) #438871 [since FEDORA-2008-2869] 
 CVE-2008-1394 ignore (plone) 
 CVE-2008-1390 fixed (asterisk, fixed 1.4.19-rc3) #438133 [since FEDORA-2008-2554] 
+CVE-2008-1382 VULNERABLE (libpng, fixed 1.2.27) minimal impact, affected api rarely used
+CVE-2008-1382 VULNERABLE (libpng10) minimal impact, affected api rarely used
 CVE-2008-1374 ignore (cups) only affects old cups versions in RHEL
 CVE-2008-1373 fixed (cups) #440040 [since FEDORA-2008-2131] 
 CVE-2008-1372 fixed (bzip2, fixed 1.0.5) #439855 [since FEDORA-2008-2970] 


Index: f9
===================================================================
RCS file: /cvs/fedora/fedora-security/audit/f9,v
retrieving revision 1.184
retrieving revision 1.185
diff -u -r1.184 -r1.185
--- f9	14 Apr 2008 17:02:02 -0000	1.184
+++ f9	15 Apr 2008 07:46:56 -0000	1.185
@@ -8,6 +8,8 @@
 249840 VULNERABLE (tor) 
 CVE-2008-1729 version (drupal, fixed 6.2) [since drupal-6.2-1.fc9]
 CVE-2008-1720 VULNERABLE (rsync, fixed 3.0.2) [since rsync-3.0.2-0.fc9]
+CVE-2008-1688 ignore (m4, fixed 1.4.11) not really a security issue
+CVE-2008-1687 ignore (m4, fixed 1.4.11) not really a security issue
 CVE-2008-1686 VULNERABLE (libfishsound, fixed 0.9.1) #441248 
 CVE-2008-1658 VULNERABLE (PolicyKit) #439996
 CVE-2008-1657 VULNERABLE (openssh, fixed 4.9) #440376
@@ -24,7 +26,6 @@
 CVE-2008-1552 version (libsilc, fixed 1.1.7) #438382 [since libsilc-1.1.7-1.fc9]
 CVE-2008-1532 version (Perlbal, fixed 1.70) [since Perlbal-1.70-1.fc9]
 CVE-2008-1531 VULNERABLE (lighttpd) #439069 
-CVE-2008-1515 VULNERABLE (otrs) #439725
 CVE-2008-1488 VULNERABLE (php-pecl-apc) #438848 
 CVE-2008-1483 ignore (openssh) was alrady fixed by another patch
 CVE-2008-1482 version (xine-lib) #438671 [since xine-lib-1.1.11.1-1.fc9]
@@ -33,6 +34,8 @@
 CVE-2008-1467 fixed (centerim) #438871
 CVE-2008-1394 ignore (plone) 
 CVE-2008-1390 version (asterisk, fixed 1.6.0-beta6) #438134 [since asterisk-1.6.0-0.6.beta6.fc9]
+CVE-2008-1382 VULNERABLE (libpng, fixed 1.2.27) minimal impact, affected api rarely used
+CVE-2008-1382 VULNERABLE (libpng10) minimal impact, affected api rarely used
 CVE-2008-1374 ignore (cups) only affects old cups versions in RHEL
 CVE-2008-1373 VULNERABLE (cups) #440041 
 CVE-2008-1372 version (bzip2, fixed 1.0.5) [since bzip2-1.0.5-1.fc9]


Index: fc7
===================================================================
RCS file: /cvs/fedora/fedora-security/audit/fc7,v
retrieving revision 1.350
retrieving revision 1.351
diff -u -r1.350 -r1.351
--- fc7	14 Apr 2008 17:02:02 -0000	1.350
+++ fc7	15 Apr 2008 07:46:56 -0000	1.351
@@ -9,6 +9,8 @@
 249840 version (tor, fixed 0.1.2.15) #249840 [since FEDORA-2007-1674] 
 CVE-2008-1729 ignore (drupal) 6.x only
 CVE-2008-1720 VULNERABLE (rsync, fixed 3.0.2) #441689 
+CVE-2008-1688 ignore (m4, fixed 1.4.11) not really a security issue
+CVE-2008-1687 ignore (m4, fixed 1.4.11) not really a security issue
 CVE-2008-1686 VULNERABLE (libfishsound, fixed 0.9.1) #441246 
 CVE-2008-1657 VULNERABLE (openssh, fixed 4.9) #280461
 CVE-2008-1652 version (Perlbal, fixed 1.70) [since FEDORA-2008-2788] 
@@ -33,6 +35,8 @@
 CVE-2008-1467 fixed (centerim) #438871 [since FEDORA-2008-2869] 
 CVE-2008-1394 ignore (plone) 
 CVE-2008-1390 fixed (asterisk, fixed 1.4.19-rc3) #438132 [since FEDORA-2008-2620] 
+CVE-2008-1382 ignore (libpng, fixed 1.2.27) minimal impact, affected api rarely used
+CVE-2008-1382 ignore (libpng10) minimal impact, affected api rarely used
 CVE-2008-1374 ignore (cups) only affects old cups versions in RHEL
 CVE-2008-1373 fixed (cups) #440042 [since FEDORA-2008-2897] 
 CVE-2008-1372 fixed (bzip2, fixed 1.0.5) #439855 [since FEDORA-2008-2970]

More information about the Fedora-security-commits mailing list