[Fedora-security-commits] fedora-security/audit f8, 1.204, 1.205 f9, 1.194, 1.195 fc7, 1.360, 1.361

fedora-security-commits at redhat.com fedora-security-commits at redhat.com
Thu Apr 24 15:12:34 UTC 2008 

Author: thoger

Update of /cvs/fedora/fedora-security/audit
In directory cvs-int.fedora.redhat.com:/tmp/cvs-serv26421/audit

Modified Files:
	f8 f9 fc7 
Log Message:
note mksh, fix up moin



Index: f8
===================================================================
RCS file: /cvs/fedora/fedora-security/audit/f8,v
retrieving revision 1.204
retrieving revision 1.205
diff -u -r1.204 -r1.205
--- f8	24 Apr 2008 08:48:13 -0000	1.204
+++ f8	24 Apr 2008 15:12:04 -0000	1.205
@@ -12,6 +12,7 @@
 CVE-2008-1923 version (asterisk) upstream fix incomplete, resulting in CVE-2008-1897
 CVE-2008-1897 VULNERABLE (asterisk, fixed 1.4.19.1) [since asterisk-1.4.19.1-1.fc8]
 CVE-2008-1878 VULNERABLE (xine-lib, fixed 1.1.12.1) #443055 nsf demuxer overflow
+CVE-2008-1845 version (mksh, fixed 33d) [since FEDORA-2008-3174] 
 CVE-2008-1837 ignore (clamav, fixed 0.93) unrar code not shipped
 CVE-2008-1836 VULNERABLE (clamav, fixed 0.93) #442363 
 CVE-2008-1835 ignore (clamav, fixed 0.93) unrar code not shipped


Index: f9
===================================================================
RCS file: /cvs/fedora/fedora-security/audit/f9,v
retrieving revision 1.194
retrieving revision 1.195
diff -u -r1.194 -r1.195
--- f9	24 Apr 2008 08:48:13 -0000	1.194
+++ f9	24 Apr 2008 15:12:04 -0000	1.195
@@ -11,6 +11,7 @@
 CVE-2008-1923 version (asterisk) upstream fix incomplete, resulting in CVE-2008-1897
 CVE-2008-1897 version (asterisk, fixed 1.6.0.beta3) [since asterisk-1.6.0-0.13.beta8.fc9]
 CVE-2008-1878 VULNERABLE (xine-lib, fixed 1.1.12.1) #443056 nsf demuxer overflow
+CVE-2008-1845 VULNERABLE (mksh, fixed 33d) [since mksh-33d-1.fc9] what is real impact on fedora?
 CVE-2008-1837 ignore (clamav, fixed 0.93) unrar code not shipped
 CVE-2008-1836 VULNERABLE (clamav, fixed 0.93) #442364 
 CVE-2008-1835 ignore (clamav, fixed 0.93) unrar code not shipped
@@ -106,8 +107,8 @@
 CVE-2008-1110 version (xine-lib, fixed 1.1.10) [since xine-lib-1.1.10-2.fc9]
 CVE-2008-1102 VULNERABLE (blender) #443937 
 CVE-2008-1100 VULNERABLE (clamav, fixed 0.93) #442364 
-CVE-2008-1099 VULNERABLE (moin) #438674 
-CVE-2008-1098 VULNERABLE (moin) #438674 
+CVE-2008-1099 version (moin, fixed 1.5.9) #438674
+CVE-2008-1098 version (moin, fixed 1.5.9) #438674
 CVE-2008-1078 VULNERABLE (am-utils) #437746
 CVE-2008-1072 version (wireshark, fixed 0.99.8) #435488 [since wireshark-1.0.0-2.fc9]
 CVE-2008-1071 version (wireshark, fixed 0.99.8) #435488 [since wireshark-1.0.0-2.fc9]


Index: fc7
===================================================================
RCS file: /cvs/fedora/fedora-security/audit/fc7,v
retrieving revision 1.360
retrieving revision 1.361
diff -u -r1.360 -r1.361
--- fc7	24 Apr 2008 08:48:13 -0000	1.360
+++ fc7	24 Apr 2008 15:12:04 -0000	1.361
@@ -13,6 +13,7 @@
 CVE-2008-1923 version (asterisk) upstream fix incomplete, resulting in CVE-2008-1897
 CVE-2008-1897 VULNERABLE (asterisk, fixed 1.4.19.1) [since asterisk-1.4.19.1-1.fc7]
 CVE-2008-1878 VULNERABLE (xine-lib, fixed 1.1.12.1) #443054 nsf demuxer overflow
+CVE-2008-1845 version (mksh, fixed 33d) [since FEDORA-2008-3070] 
 CVE-2008-1837 ignore (clamav, fixed 0.93) unrar code not shipped
 CVE-2008-1836 VULNERABLE (clamav, fixed 0.93) #442362 
 CVE-2008-1835 ignore (clamav, fixed 0.93) unrar code not shipped

More information about the Fedora-security-commits mailing list