[Fedora-security-commits] fedora-security/audit f8, 1.109, 1.110 f9, 1.100, 1.101 fc7, 1.265, 1.266
fedora-security-commits at redhat.com
fedora-security-commits at redhat.com
Mon Feb 4 11:45:57 UTC 2008
Author: thoger
Update of /cvs/fedora/fedora-security/audit
In directory cvs-int.fedora.redhat.com:/tmp/cvs-serv24341/audit
Modified Files:
f8 f9 fc7
Log Message:
fix SDL_image CVE ids
add openldap
note some updates
Index: f8
===================================================================
RCS file: /cvs/fedora/fedora-security/audit/f8,v
retrieving revision 1.109
retrieving revision 1.110
diff -u -r1.109 -r1.110
--- f8 1 Feb 2008 16:23:25 -0000 1.109
+++ f8 4 Feb 2008 11:45:26 -0000 1.110
@@ -8,11 +8,11 @@
# Up to date F8 as of 20080111
GENERIC-MAP-NOMATCH VULNERABLE (comix) multiple issues tracked via #430635
-GENERIC-MAP-NOMATCH VULNERABLE (SDL_image) #430694 ILBM overflow
GENERIC-MAP-NOMATCH version (xine-lib, fixed 1.1.10) [since FEDORA-2008-1043]
-GENERIC-MAP-NOMATCH VULNERABLE (deluge, fixed 0.5.8.3)
-GENERIC-MAP-NOMATCH VULNERABLE (rb_libtorrent)
+GENERIC-MAP-NOMATCH fixed (deluge, fixed 0.5.8.3) [since FEDORA-2008-1287]
+GENERIC-MAP-NOMATCH fixed (rb_libtorrent) [since FEDORA-2008-1198]
GENERIC-MAP-NOMATCH VULNERABLE (gnumeric, fixed 1.8.1) #431228 SA28725
+CVE-2008-0544 fixed (SDL_image) #430694 [since FEDORA-2008-1208] ILBM overflow
CVE-2008-0460 VULNERABLE (mediawiki) #430288
CVE-2008-0404 fixed (mantis) #429552 [since FEDORA-2008-0796]
CVE-2008-0386 fixed (xdg-utils) #429513 [since FEDORA-2008-1015]
@@ -41,6 +41,8 @@
CVE-2008-0006 fixed (libXfont) #429132 [since FEDORA-2008-0794]
CVE-2008-0005 VULNERABLE (httpd, fixed 2.2.7) #427982
CVE-2008-0003 fixed (tog-pegasus, fixed 2.7.0) #427829 [since FEDORA-2008-0572]
+CVE-2007-6698 version (openldap, fixed 2.3.36)
+CVE-2007-6697 fixed (SDL_image, fixed 1.2.7) #430241 [since FEDORA-2008-1208]
CVE-2007-6693 version (gallery2, fixed 2.2.4) [since FEDORA-2007-4778]
CVE-2007-6692 version (gallery2, fixed 2.2.4) [since FEDORA-2007-4778]
CVE-2007-6691 version (gallery2, fixed 2.2.4) [since FEDORA-2007-4778]
@@ -278,7 +280,6 @@
CVE-2006-5170 version (nss_ldap, fixed 183)
CVE-2006-4573 version (screen, fixed 4.0.3) #212057
CVE-2006-4561 ignore (firefox) Needs DNS spoofing; https is for this.
-CVE-2006-4484 VULNERABLE (SDL_image, fixed 1.2.7) #430241
CVE-2006-2894 version (firefox, fixed 2.0.0.8)
CVE-2006-2894 version (seamonkey, fixed 1.1.5) #194511
CVE-2006-0987 ignore (bind) example config file only
Index: f9
===================================================================
RCS file: /cvs/fedora/fedora-security/audit/f9,v
retrieving revision 1.100
retrieving revision 1.101
diff -u -r1.100 -r1.101
--- f9 1 Feb 2008 16:23:25 -0000 1.100
+++ f9 4 Feb 2008 11:45:26 -0000 1.101
@@ -8,11 +8,11 @@
# Up to date F9 as of 20071029
GENERIC-MAP-NOMATCH VULNERABLE (comix) multiple issues tracked via #430635
-GENERIC-MAP-NOMATCH backport (SDL_image) #430696 ILBM overflow [since SDL_image-1.2.6-5.fc9]
GENERIC-MAP-NOMATCH version (xine-lib, fixed 1.1.10) [since xine-lib-1.1.10-2.fc9]
GENERIC-MAP-NOMATCH version (deluge, fixed 0.5.8.3) [since deluge-0.5.8.3-1.fc9]
GENERIC-MAP-NOMATCH backport (rb_libtorrent) [since rb_libtorrent-0.12-3.fc9]
GENERIC-MAP-NOMATCH version (gnumeric, fixed 1.8.1) [since gnumeric-1.8.1-1.fc9] SA28725
+CVE-2008-0544 backport (SDL_image) #430696 ILBM overflow [since SDL_image-1.2.6-5.fc9]
CVE-2008-0460 VULNERABLE (mediawiki) #430289
CVE-2008-0404 fixed (mantis) #429552 [since mantis-1.1.1-1.fc9]
CVE-2008-0386 fixed (xdg-utils) #429513 [since xdg-utils-1_0_2-4_fc9]
@@ -41,6 +41,8 @@
CVE-2008-0006 backport (libXfont) #429133 [since libXfont-1.3.1-3.fc9]
CVE-2008-0005 VULNERABLE (httpd, fixed 2.2.7) #427984
CVE-2008-0003 version (tog-pegasus, fixed 2.7.0)
+CVE-2007-6698 version (openldap, fixed 2.3.36)
+CVE-2007-6697 backport (SDL_image, fixed 1.2.7) #430238 [since SDL_image-1.2.6-4.fc9]
CVE-2007-6693 version (gallery2, fixed 2.2.4) [since gallery2-2.2.4-1]
CVE-2007-6692 version (gallery2, fixed 2.2.4) [since gallery2-2.2.4-1]
CVE-2007-6691 version (gallery2, fixed 2.2.4) [since gallery2-2.2.4-1]
@@ -259,7 +261,6 @@
CVE-2006-5170 version (nss_ldap, fixed 183)
CVE-2006-4573 version (screen, fixed 4.0.3) #212057
CVE-2006-4561 ignore (firefox) Needs DNS spoofing; https is for this.
-CVE-2006-4484 backport (SDL_image, fixed 1.2.7) #430238 [since SDL_image-1.2.6-4.fc9]
CVE-2006-2894 version (firefox, fixed 2.0.0.8)
CVE-2006-2894 version (seamonkey, fixed 1.1.5) #194511
CVE-2006-0987 ignore (bind) example config file only
Index: fc7
===================================================================
RCS file: /cvs/fedora/fedora-security/audit/fc7,v
retrieving revision 1.265
retrieving revision 1.266
diff -u -r1.265 -r1.266
--- fc7 1 Feb 2008 16:23:25 -0000 1.265
+++ fc7 4 Feb 2008 11:45:26 -0000 1.266
@@ -9,11 +9,11 @@
# Up to date FC7 as of 20080111
GENERIC-MAP-NOMATCH VULNERABLE (comix) multiple issues tracked via #430635
-GENERIC-MAP-NOMATCH VULNERABLE (SDL_image) #430695 ILBM overflow
GENERIC-MAP-NOMATCH version (xine-lib, fixed 1.1.10) [since FEDORA-2008-1047]
-GENERIC-MAP-NOMATCH VULNERABLE (deluge, fixed 0.5.8.3)
-GENERIC-MAP-NOMATCH VULNERABLE (rb_libtorrent)
+GENERIC-MAP-NOMATCH fixed (deluge, fixed 0.5.8.3) [since FEDORA-2008-1198]
+GENERIC-MAP-NOMATCH fixed (rb_libtorrent) [since FEDORA-2008-1245]
GENERIC-MAP-NOMATCH VULNERABLE (gnumeric, fixed 1.8.1) #431228 SA28725
+CVE-2008-0544 fixed (SDL_image) #430695 [since FEDORA-2008-1208] ILBM overflow
CVE-2008-0460 VULNERABLE (mediawiki) #430287
CVE-2008-0404 fixed (mantis) #429552 [since FEDORA-2008-0796]
CVE-2008-0386 fixed (xdg-utils) #429513 [since FEDORA-2008-1015]
@@ -42,6 +42,8 @@
CVE-2008-0006 fixed (libXfont) #429131 [since FEDORA-2008-0891]
CVE-2008-0005 VULNERABLE (httpd, fixed 2.2.7) #427983
CVE-2008-0003 fixed (tog-pegasus, fixed 2.7.0) #427828 [since FEDORA-2008-0506]
+CVE-2007-6698 VULNERABLE (openldap, fixed 2.3.36) #431409
+CVE-2007-6697 fixed (SDL_image, fixed 1.2.7) #430239 [since FEDORA-2008-1231]
CVE-2007-6693 version (gallery2, fixed 2.2.4) [since FEDORA-2007-4777]
CVE-2007-6692 version (gallery2, fixed 2.2.4) [since FEDORA-2007-4777]
CVE-2007-6691 version (gallery2, fixed 2.2.4) [since FEDORA-2007-4777]
@@ -998,7 +1000,6 @@
CVE-2006-4485 version (php, fixed 5.1.5)
CVE-2006-4484 version (php, fixed 5.1.5)
CVE-2006-4484 ignore (gd)
-CVE-2006-4484 VULNERABLE (SDL_image, fixed 1.2.7) #430239
CVE-2006-4483 ignore (php) not linux
CVE-2006-4482 version (php, fixed 5.1.5)
CVE-2006-4481 ignore (php) safe mode isn't safe
More information about the Fedora-security-commits
mailing list