[Fedora-security-commits] fedora-security/audit f8, 1.208, 1.209 f9, 1.198, 1.199 fc7, 1.364, 1.365
fedora-security-commits at redhat.com
fedora-security-commits at redhat.com
Fri Apr 25 13:24:59 UTC 2008
Author: thoger
Update of /cvs/fedora/fedora-security/audit
In directory cvs-int.fedora.redhat.com:/tmp/cvs-serv24140/audit
Modified Files:
f8 f9 fc7
Log Message:
check-updates
Index: f8
===================================================================
RCS file: /cvs/fedora/fedora-security/audit/f8,v
retrieving revision 1.208
retrieving revision 1.209
diff -u -r1.208 -r1.209
--- f8 25 Apr 2008 09:07:57 -0000 1.208
+++ f8 25 Apr 2008 13:24:29 -0000 1.209
@@ -11,7 +11,7 @@
CVE-2008-1926 VULNERABLE (util-linux-ng) [since util-linux-ng-2.13.1-2.fc8]
CVE-2008-1924 VULNERABLE (phpMyAdmin, fixed 2.11.5.2) [since phpMyAdmin-2.11.5.2-1.fc8] PMASA-2008-3
CVE-2008-1923 version (asterisk) upstream fix incomplete, resulting in CVE-2008-1897
-CVE-2008-1897 VULNERABLE (asterisk, fixed 1.4.19.1) [since asterisk-1.4.19.1-1.fc8]
+CVE-2008-1897 VULNERABLE (asterisk, fixed 1.4.19.1) [since asterisk-1.4.19.1-1.fc8]
CVE-2008-1878 VULNERABLE (xine-lib, fixed 1.1.12.1) #443055 nsf demuxer overflow
CVE-2008-1845 version (mksh, fixed 33d) [since FEDORA-2008-3174]
CVE-2008-1837 ignore (clamav, fixed 0.93) unrar code not shipped
@@ -33,11 +33,11 @@
CVE-2008-1657 VULNERABLE (openssh, fixed 4.9) #440375
CVE-2008-1652 version (Perlbal, fixed 1.70) [since FEDORA-2008-2778]
CVE-2008-1637 fixed (pdns-recursor, fixed 3.1.5) #440249 [since FEDORA-2008-3036]
-CVE-2008-1628 VULNERABLE (audit) [since audit-1.6.8-4.fc8]
+CVE-2008-1628 fixed (audit) [since FEDORA-2008-3012]
CVE-2008-1614 version (mod_suphp, fixed 0.6.3) [since FEDORA-2008-2868]
CVE-2008-1612 VULNERABLE (squid, fixed 2.6.STABLE19) [since FEDORA-2008-2740]
CVE-2008-1568 fixed (comix) improper shell escaping, bz#430635 [since FEDORA-2008-2981]
-CVE-2008-1567 VULNERABLE (phpmyadmin, fixed 2.11.5.1)
+CVE-2008-1567 fixed (phpMyAdmin, fixed 2.11.5.1) [since FEDORA-2008-2825]
CVE-2008-1563 fixed (wireshark, fixed 1.0) #435487 [since FEDORA-2008-3040]
CVE-2008-1562 fixed (wireshark, fixed 1.0) #435487 [since FEDORA-2008-3040]
CVE-2008-1561 fixed (wireshark, fixed 1.0) #435487 [since FEDORA-2008-3040]
@@ -56,7 +56,7 @@
CVE-2008-1382 VULNERABLE (libpng, fixed 1.2.27) minimal impact, affected api rarely used
CVE-2008-1382 VULNERABLE (libpng10) minimal impact, affected api rarely used
CVE-2008-1380 VULNERABLE (firefox, fixed 2.0.0.14)
-CVE-2008-1380 VULNERABLE (seamonkey, fixed 1.1.10) #442851
+CVE-2008-1380 fixed (seamonkey, fixed 1.1.10) #442851 [since FEDORA-2008-3264]
CVE-2008-1380 VULNERABLE (thunderbird, fixed 2.0.0.14) #442856
CVE-2008-1374 ignore (cups) only affects old cups versions in RHEL
CVE-2008-1373 fixed (cups) #440040 [since FEDORA-2008-2131]
@@ -197,7 +197,7 @@
CVE-2008-0404 fixed (mantis) #429552 [since FEDORA-2008-0796]
CVE-2008-0386 fixed (xdg-utils) #429513 [since FEDORA-2008-1015]
CVE-2008-0364 ignore (bittorrent) Windows only
-CVE-2008-0320 VULNERABLE (openoffice.org, fixed 2.4) #442846
+CVE-2008-0320 fixed (openoffice.org, fixed 2.4) #442846 [since FEDORA-2008-3251]
CVE-2008-0318 fixed (clamav, fixed 0.92.1) [since FEDORA-2008-1625]
CVE-2008-0314 VULNERABLE (clamav, fixed 0.93) #442363
CVE-2008-0304 version (seamonkey, fixed 1.1.8) [since FEDORA-2008-1459]
@@ -279,7 +279,7 @@
CVE-2007-6437 fixed (syslog-ng) #426306 [since FEDORA-2008-0523]
CVE-2007-6430 version (asterisk, fixed 1.4.16) [since FEDORA-2007-4651]
CVE-2007-6389 fixed (gnome-screensaver) #426170 [since FEDORA-2008-2872]
-CVE-2007-6353 VULNERABLE (exiv2) #425923
+CVE-2007-6353 fixed (exiv2) #425923 [since FEDORA-2007-4551]
CVE-2007-6352 fixed (libexif) #425631 [since FEDORA-2007-4667]
CVE-2007-6351 fixed (libexif) #425631 [since FEDORA-2007-4667]
CVE-2007-6350 fixed (scponly) #429731 [since FEDORA-2008-1728] rsync vector only
@@ -360,9 +360,9 @@
CVE-2007-5760 fixed (xorg-x11-server, fixed 1.4.1) #429126 [since FEDORA-2008-0760]
CVE-2007-5759 ignore (clamav, fixed 0.92) duplicate of CVE-2007-6335
CVE-2007-5751 backport (liferea, fixed 1.4.6) #360641 [since FEDORA-2007-2853]
-CVE-2007-5747 VULNERABLE (openoffice.org, fixed 2.4) #442846
-CVE-2007-5746 VULNERABLE (openoffice.org, fixed 2.4) #442846
-CVE-2007-5745 VULNERABLE (openoffice.org, fixed 2.4) #442846
+CVE-2007-5747 fixed (openoffice.org, fixed 2.4) #442846 [since FEDORA-2008-3251]
+CVE-2007-5746 fixed (openoffice.org, fixed 2.4) #442846 [since FEDORA-2008-3251]
+CVE-2007-5745 fixed (openoffice.org, fixed 2.4) #442846 [since FEDORA-2008-3251]
CVE-2007-5742 version (wesnoth, fixed 1.2.8) [since FEDORA-2007-3989]
CVE-2007-5712 version (Django, fixed 0.96.1) #362771 [since FEDORA-2007-2788]
CVE-2007-5708 version (openldap, fixed 2.3.39) #362991 [since FEDORA-2007-2796]
Index: f9
===================================================================
RCS file: /cvs/fedora/fedora-security/audit/f9,v
retrieving revision 1.198
retrieving revision 1.199
diff -u -r1.198 -r1.199
--- f9 25 Apr 2008 09:07:57 -0000 1.198
+++ f9 25 Apr 2008 13:24:29 -0000 1.199
@@ -38,7 +38,7 @@
CVE-2008-1614 version (mod_suphp, fixed 0.6.3) [since mod_suphp-0.6.3-1.fc9]
CVE-2008-1612 ignore (squid, fixed 2.6.STABLE19) 3.0 was not affected
CVE-2008-1568 fixed (comix) [since comix-3.6.4-6.fc9]
-CVE-2008-1567 version (phpmyadmin, fixed 2.11.5.1) [since phpMyAdmin-2.11.5.1-1.fc9]
+CVE-2008-1567 version (phpMyAdmin, fixed 2.11.5.1) [since phpMyAdmin-2.11.5.1-1.fc9]
CVE-2008-1563 version (wireshark, fixed 1.0) #435488 [since wireshark-1.0.0-2.fc9]
CVE-2008-1562 version (wireshark, fixed 1.0) #435488 [since wireshark-1.0.0-2.fc9]
CVE-2008-1561 version (wireshark, fixed 1.0) #435488 [since wireshark-1.0.0-2.fc9]
Index: fc7
===================================================================
RCS file: /cvs/fedora/fedora-security/audit/fc7,v
retrieving revision 1.364
retrieving revision 1.365
diff -u -r1.364 -r1.365
--- fc7 25 Apr 2008 09:07:57 -0000 1.364
+++ fc7 25 Apr 2008 13:24:29 -0000 1.365
@@ -12,7 +12,7 @@
CVE-2008-1926 VULNERABLE (util-linux)
CVE-2008-1924 VULNERABLE (phpMyAdmin, fixed 2.11.5.2) [since phpMyAdmin-2.11.5.2-1.fc7] PMASA-2008-3
CVE-2008-1923 version (asterisk) upstream fix incomplete, resulting in CVE-2008-1897
-CVE-2008-1897 VULNERABLE (asterisk, fixed 1.4.19.1) [since asterisk-1.4.19.1-1.fc7]
+CVE-2008-1897 VULNERABLE (asterisk, fixed 1.4.19.1) [since asterisk-1.4.19.1-1.fc7]
CVE-2008-1878 VULNERABLE (xine-lib, fixed 1.1.12.1) #443054 nsf demuxer overflow
CVE-2008-1845 version (mksh, fixed 33d) [since FEDORA-2008-3070]
CVE-2008-1837 ignore (clamav, fixed 0.93) unrar code not shipped
@@ -37,7 +37,7 @@
CVE-2008-1614 version (mod_suphp, fixed 0.6.3) [since FEDORA-2008-2815]
CVE-2008-1612 backport (squid, fixed 2.6.STABLE19) [since FEDORA-2008-2729]
CVE-2008-1568 fixed (comix) improper shell escaping, bz#430635 [since FEDORA-2008-2993]
-CVE-2008-1567 VULNERABLE (phpmyadmin, fixed 2.11.5.1)
+CVE-2008-1567 fixed (phpMyAdmin, fixed 2.11.5.1) [since FEDORA-2008-2874]
CVE-2008-1563 fixed (wireshark, fixed 1.0) #435485 [since FEDORA-2008-2941]
CVE-2008-1562 fixed (wireshark, fixed 1.0) #435485 [since FEDORA-2008-2941]
CVE-2008-1561 fixed (wireshark, fixed 1.0) #435485 [since FEDORA-2008-2941]
@@ -57,7 +57,7 @@
CVE-2008-1382 ignore (libpng, fixed 1.2.27) minimal impact, affected api rarely used
CVE-2008-1382 ignore (libpng10) minimal impact, affected api rarely used
CVE-2008-1380 VULNERABLE (firefox, fixed 2.0.0.14)
-CVE-2008-1380 VULNERABLE (seamonkey, fixed 1.1.10) #442850
+CVE-2008-1380 fixed (seamonkey, fixed 1.1.10) #442850 [since FEDORA-2008-3231]
CVE-2008-1380 VULNERABLE (thunderbird, fixed 2.0.0.14) #442855
CVE-2008-1374 ignore (cups) only affects old cups versions in RHEL
CVE-2008-1373 fixed (cups) #440042 [since FEDORA-2008-2897]
@@ -119,10 +119,10 @@
CVE-2008-1066 version (php-Smarty, fixed 2.6.19) #435812 [since FEDORA-2008-1928]
CVE-2008-1066 fixed (gallery2) #438059 [since FEDORA-2008-2650]
CVE-2008-1066 fixed (php-pear-PhpDocumentor) #438063 [since FEDORA-2008-2656]
-CVE-2008-1026 VULNERABLE (WebKit, fixed r31388) [since WebKit-1.0.0-0.8.svn31787.fc7]
+CVE-2008-1026 VULNERABLE (WebKit, fixed r31388) [since WebKit-1.0.0-0.8.svn31787.fc7]
**CVE-2008-1025 VULNERABLE (WebKit) may be fixed in SVN and hence in our packages
-CVE-2008-1011 VULNERABLE (WebKit) [since WebKit-1.0.0-0.8.svn31787.fc7]
-CVE-2008-1010 VULNERABLE (WebKit) [since WebKit-1.0.0-0.8.svn31787.fc7]
+CVE-2008-1011 VULNERABLE (WebKit) [since WebKit-1.0.0-0.8.svn31787.fc7]
+CVE-2008-1010 VULNERABLE (WebKit) [since WebKit-1.0.0-0.8.svn31787.fc7]
CVE-2008-0983 fixed (lighttpd) #435808 [since FEDORA-2008-2278]
CVE-2008-0947 fixed (krb5, fixed 1.6.4) #438022 [since FEDORA-2008-2637]
CVE-2008-0932 fixed (sword) #433725 [since FEDORA-2008-1951] why? diatheke.pl is not shipped...
More information about the Fedora-security-commits
mailing list