[Fedora-security-commits] fedora-security/audit f10, 1.30, 1.31 f11, 1.2, 1.3 f8, 1.249, 1.250 f9, 1.240, 1.241

fedora-security-commits at redhat.com fedora-security-commits at redhat.com
Thu Dec 4 13:06:16 UTC 2008 

Author: thoger

Update of /cvs/fedora/fedora-security/audit
In directory cvs1.fedora.phx.redhat.com:/tmp/cvs-serv7315/audit

Modified Files:
	f10 f11 f8 f9 
Log Message:
cups + bunch of updates



Index: f10
===================================================================
RCS file: /cvs/fedora/fedora-security/audit/f10,v
retrieving revision 1.30
retrieving revision 1.31
diff -u -r1.30 -r1.31
--- f10	3 Dec 2008 21:58:20 -0000	1.30
+++ f10	4 Dec 2008 13:05:45 -0000	1.31
@@ -6,12 +6,15 @@
 
 CVE-2008-5299 VULNERABLE (chm2pdf) #474459
 CVE-2008-5298 VULNERABLE (chm2pdf) #474459
+CVE-2008-5286 ignore (cups) libpng prevents this
 CVE-2008-5187 fixed (imlib2) #472579 [since FEDORA-2008-10364] 
+CVE-2008-5184 version (cups, fixed 1.3.8) 
+CVE-2008-5183 VULNERABLE (cups, fixed 1.3.10) [since cups-1.3.9-4.fc10] 
 CVE-2008-5153 VULNERABLE (moodle) #472120
 CVE-2008-5148 fixed (geda-gnetlist) #472116 [since FEDORA-2008-9730] 
 CVE-2008-5138 VULNERABLE (pam_mount) #472112
 CVE-2008-5113 VULNERABLE (wordpress) #471992
-CVE-2008-5110 VULNERABLE (syslog-ng)
+CVE-2008-5110 VULNERABLE (syslog-ng) [since syslog-ng-2.0.10-1.fc10] 
 CVE-2008-5101 version (optipng, fixed 0.6.2) [since optipng-0.6.2-1.fc10] 
 CVE-2008-5076 fixed (htop) [since FEDORA-2008-9944] 
 CVE-2008-5050 version (clamav, fixed 0.94.1) [since clamav-0.94.1-1.fc10] 
@@ -39,7 +42,7 @@
 CVE-2008-4776 version (libgadu, fixed 1.8.2) [since libgadu-1.8.2-1.fc10] 
 CVE-2008-4775 version (phpMyAdmin, fixed 3.0.1.1) [since phpMyAdmin-3.0.1.1-1.fc10] 
 CVE-2008-4769 version (wordpress) 
-CVE-2008-4690 VULNERABLE (lynx) [since FEDORA-2008-9952] 
+CVE-2008-4690 fixed (lynx) [since FEDORA-2008-9952] 
 CVE-2008-4641 VULNERABLE (jhead) 
 CVE-2008-4640 VULNERABLE (jhead) 
 CVE-2008-4639 version (jhead, fixed 2.84) [since jhead-2.84-1.fc10] 
@@ -57,8 +60,9 @@
 CVE-2008-4326 version (phpMyAdmin, fixed 2.11.9.2) [since phpMyAdmin-2.11.9.2-1.fc10] 
 CVE-2008-4325 version (viewvc, fixed 1.0.6) [since viewvc-1.0.6-1.fc10] 
 CVE-2008-4315 VULNERABLE (tog-pegasus) [since FEDORA-2008-10061] 
+CVE-2008-4314 fixed (samba, fixed 3.0.33,3.2.5) [since FEDORA-2008-10612] 
 CVE-2008-4313 VULNERABLE (tog-pegasus) [since FEDORA-2008-10061] 
-CVE-2008-4309 VULNERABLE (net-snmp, fixed 5.4.2.1) [since net-snmp-5.4.2.1-1.fc10] 
+CVE-2008-4309 fixed (net-snmp, fixed 5.4.2.1) [since FEDORA-2008-10451] 
 CVE-2008-4306 fixed (enscript) [since enscript-1.6.4-11.fc10] 
 CVE-2008-4298 version (lighttpd, fixed 1.4.20) [since lighttpd-1.4.20-0.1.r2303.fc10] 
 CVE-2008-4297 version (mercurial, fixed 1.0.2) [since mercurial-1.0.2-1.fc10] 


Index: f11
===================================================================
RCS file: /cvs/fedora/fedora-security/audit/f11,v
retrieving revision 1.2
retrieving revision 1.3
diff -u -r1.2 -r1.3
--- f11	3 Dec 2008 21:58:20 -0000	1.2
+++ f11	4 Dec 2008 13:05:45 -0000	1.3
@@ -6,18 +6,22 @@
 
 CVE-2008-5299 VULNERABLE (chm2pdf)
 CVE-2008-5298 VULNERABLE (chm2pdf)
+CVE-2008-5286 ignore (cups) libpng prevents this
+CVE-2008-5184 version (cups, fixed 1.3.8) 
+CVE-2008-5183 VULNERABLE (cups, fixed 1.3.10) 
 CVE-2008-5153 VULNERABLE (moodle)
 CVE-2008-5138 VULNERABLE (pam_mount)
 CVE-2008-5113 VULNERABLE (wordpress) #471992
-CVE-2008-5110 VULNERABLE (syslog-ng)
-CVE-2008-4863 VULNERABLE (blender) [blender-2.48a-4.fc10]
-CVE-2008-4690 VULNERABLE (lynx) [since lynx-2.8.6-18.fc10] 
+CVE-2008-5110 version (syslog-ng, fixed 2.0.10) [since syslog-ng-2.0.10-1.fc11]
+CVE-2008-4863 backport (blender) [blender-2.48a-4.fc10]
+CVE-2008-4690 backport (lynx) [since lynx-2.8.6-18.fc10] 
 CVE-2008-4641 VULNERABLE (jhead) 
 CVE-2008-4640 VULNERABLE (jhead) 
 CVE-2008-4437 VULNERABLE (bugzilla, fixed 3.0.5)
-CVE-2008-4315 VULNERABLE (tog-pegasus) [since FEDORA-2008-10061] 
-CVE-2008-4313 VULNERABLE (tog-pegasus) [since FEDORA-2008-10061] 
-CVE-2008-4309 VULNERABLE (net-snmp, fixed 5.4.2.1) [since net-snmp-5.4.2.1-1.fc10] 
+CVE-2008-4315 fixed (tog-pegasus) [since tog-pegasus-2.7.2-2.fc11] 
+CVE-2008-4314 version (samba, fixed 3.0.33,3.2.5) [since samba-3.2.5-0.23.fc11]
+CVE-2008-4313 fixed (tog-pegasus) [since tog-pegasus-2.7.2-2.fc11] 
+CVE-2008-4309 version (net-snmp, fixed 5.4.2.1) [since net-snmp-5.4.2.1-1.fc10] 
 CVE-2008-4242 VULNERABLE (proftpd) #464130 
 CVE-2008-4190 VULNERABLE (openswan) 
 CVE-2008-4130 VULNERABLE (gallery2, fixed 2.2.6)


Index: f8
===================================================================
RCS file: /cvs/fedora/fedora-security/audit/f8,v
retrieving revision 1.249
retrieving revision 1.250
diff -u -r1.249 -r1.250
--- f8	26 Nov 2008 09:50:09 -0000	1.249
+++ f8	4 Dec 2008 13:05:45 -0000	1.250
@@ -6,12 +6,15 @@
 
 rhbz293031 fixed (nx) #293031 [since FEDORA-2008-2258] 
 rhbz249840 version (tor, fixed 0.1.2.15) 
+CVE-2008-5286 ignore (cups) libpng prevents this
 CVE-2008-5187 fixed (imlib2) #472577 [since FEDORA-2008-10296] 
+CVE-2008-5184 version (cups, fixed 1.3.8) 
+CVE-2008-5183 VULNERABLE (cups, fixed 1.3.10) [since cups-1.3.9-2.fc8] 
 CVE-2008-5153 VULNERABLE (moodle) #472118
 CVE-2008-5148 fixed (geda-gnetlist) #472114 [since FEDORA-2008-9730] 
 CVE-2008-5138 VULNERABLE (pam_mount) #472110
 CVE-2008-5113 VULNERABLE (wordpress) #471990
-CVE-2008-5110 VULNERABLE (syslog-ng) #471985
+CVE-2008-5110 VULNERABLE (syslog-ng) #471985 
 CVE-2008-5101 fixed (optipng, fixed 0.6.2) [since FEDORA-2008-9639] 
 CVE-2008-5076 fixed (htop) [since FEDORA-2008-9791] 
 CVE-2008-5050 fixed (clamav, fixed 0.94.1) [since FEDORA-2008-9651] 
@@ -39,7 +42,7 @@
 CVE-2008-4776 fixed (libgadu, fixed 1.8.2) [since FEDORA-2008-9253] 
 CVE-2008-4775 fixed (phpMyAdmin, fixed 3.0.1.1) [since FEDORA-2008-9336] 
 CVE-2008-4769 version (wordpress) 
-CVE-2008-4690 VULNERABLE (lynx) #468549 [since FEDORA-2008-9597] 
+CVE-2008-4690 fixed (lynx) #468549 [since FEDORA-2008-9597] 
 CVE-2008-4641 VULNERABLE (jhead) 
 CVE-2008-4640 VULNERABLE (jhead) 
 CVE-2008-4639 fixed (jhead, fixed 2.84) [since FEDORA-2008-8941] 
@@ -57,6 +60,7 @@
 CVE-2008-4326 fixed (phpMyAdmin, fixed 2.11.9.2) [since FEDORA-2008-8286] 
 CVE-2008-4325 fixed (viewvc, fixed 1.0.6) [since FEDORA-2008-8270] 
 CVE-2008-4315 ignore (tog-pegasus) 
+CVE-2008-4314 fixed (samba, fixed 3.0.33,3.2.5) [since FEDORA-2008-10638] 
 CVE-2008-4313 ignore (tog-pegasus) 
 CVE-2008-4309 fixed (net-snmp, fixed 5.4.2.1) [since FEDORA-2008-9362] 
 CVE-2008-4306 fixed (enscript) [since FEDORA-2008-9351] 
@@ -318,7 +322,7 @@
 CVE-2008-2051 fixed (php, fixed 5.2.6) [since FEDORA-2008-3864] 
 CVE-2008-2050 ignore (php, fixed 5.2.6) 
 CVE-2008-2033 ignore (zoneminder) duplicate of CVE-2008-1381
-CVE-2008-2004 VULNERABLE (xen) disables format autodetection by default [since xen-3.1.2-3.fc8]
+CVE-2008-2004 VULNERABLE (xen) disables format autodetection by default [since xen-3.1.2-5.fc8]
 CVE-2008-2004 VULNERABLE (qemu) fix mostly useless without libvirt changes
 CVE-2008-2004 VULNERABLE (kvm) fix mostly useless without libvirt changes
 CVE-2008-2000 ignore (WebKit) browser DoS
@@ -331,7 +335,7 @@
 CVE-2008-1949 fixed (gnutls, fixed 2.2.4) #447510 [since FEDORA-2008-4183] 
 CVE-2008-1948 fixed (gnutls, fixed 2.2.4) #447510 [since FEDORA-2008-4183] 
 CVE-2008-1947 fixed (tomcat5, fixed 5.5.27) #460125 [since FEDORA-2008-8130] 
-CVE-2008-1944 VULNERABLE (xen, fixed 3.2) [since xen-3.1.2-3.fc8]
+CVE-2008-1944 fixed (xen, fixed 3.2) [since FEDORA-2008-6940] 
 CVE-2008-1943 VULNERABLE (xen) [since xen-3.1.2-3.fc8]
 CVE-2008-1937 ignore (moin, fixed 1.6.3) 1.6.x only
 CVE-2008-1930 ignore (wordpress, fixed 2.5.1) [since wordpress-2.5.1-1.fc8] only for wp 2.5.0


Index: f9
===================================================================
RCS file: /cvs/fedora/fedora-security/audit/f9,v
retrieving revision 1.240
retrieving revision 1.241
diff -u -r1.240 -r1.241
--- f9	26 Nov 2008 09:50:09 -0000	1.240
+++ f9	4 Dec 2008 13:05:46 -0000	1.241
@@ -5,12 +5,15 @@
 # (mozilla) = (gecko-libs dependent stuff)
 
 rhbz249840 version (tor, fixed 0.1.2.15)
+CVE-2008-5286 ignore (cups) libpng prevents this
 CVE-2008-5187 fixed (imlib2) #472578 [since FEDORA-2008-10287] 
+CVE-2008-5184 version (cups, fixed 1.3.8) 
+CVE-2008-5183 VULNERABLE (cups, fixed 1.3.10) [since cups-1.3.9-2.fc9] 
 CVE-2008-5153 VULNERABLE (moodle) #472119
 CVE-2008-5148 fixed (geda-gnetlist) #472115 [since FEDORA-2008-9730] 
 CVE-2008-5138 VULNERABLE (pam_mount) #472111
 CVE-2008-5113 VULNERABLE (wordpress) #471991
-CVE-2008-5110 VULNERABLE (syslog-ng) #471986
+CVE-2008-5110 VULNERABLE (syslog-ng) #471986 
 CVE-2008-5101 fixed (optipng, fixed 0.6.2) [since FEDORA-2008-9633] 
 CVE-2008-5076 fixed (htop) [since FEDORA-2008-9728] 
 CVE-2008-5050 fixed (clamav, fixed 0.94.1) [since FEDORA-2008-9644] 
@@ -38,7 +41,7 @@
 CVE-2008-4776 fixed (libgadu, fixed 1.8.2) [since FEDORA-2008-9293] 
 CVE-2008-4775 fixed (phpMyAdmin, fixed 3.0.1.1) [since FEDORA-2008-9316] 
 CVE-2008-4769 version (wordpress) 
-CVE-2008-4690 VULNERABLE (lynx) #468550 [since FEDORA-2008-9550] 
+CVE-2008-4690 fixed (lynx) #468550 [since FEDORA-2008-9550] 
 CVE-2008-4641 VULNERABLE (jhead) 
 CVE-2008-4640 VULNERABLE (jhead) 
 CVE-2008-4639 fixed (jhead, fixed 2.84) [since FEDORA-2008-8928] 
@@ -56,6 +59,7 @@
 CVE-2008-4326 fixed (phpMyAdmin, fixed 2.11.9.2) [since FEDORA-2008-8335] 
 CVE-2008-4325 fixed (viewvc, fixed 1.0.6) [since FEDORA-2008-8252] 
 CVE-2008-4315 VULNERABLE (tog-pegasus) [since FEDORA-2008-9688] 
+CVE-2008-4314 fixed (samba, fixed 3.0.33,3.2.5) [since FEDORA-2008-10518] 
 CVE-2008-4313 VULNERABLE (tog-pegasus) [since FEDORA-2008-9688] 
 CVE-2008-4309 fixed (net-snmp, fixed 5.4.2.1) [since FEDORA-2008-9367] 
 CVE-2008-4306 fixed (enscript) [since FEDORA-2008-9372]

More information about the Fedora-security-commits mailing list